Skip to main content

Rethinking Criminal Justice in Cyberspace: The EU E-evidence Framework as a New Model of Cross-Border Cooperation in Criminal Matters

Part of the Advanced Sciences and Technologies for Security Applications book series (ASTSA)

Abstract

This chapter analyses the recently proposed EU legal framework on cross-border access to e-evidence for criminal justice purposes. The analysis is placed within the broader context of transformations that the use of technology brings not only on the socio-economic aspects of life but also the increasing challenges posed for the criminal justice in dealing with new forms of crime and globalisation of evidence. This study aims to contribute to the ongoing debate through an analysis of the specific provisions of the E-evidence framework, recommending amendments that would help achieve a balanced approach between efficient criminal investigations and the protection of fundamental rights. At the same time this study addresses what has not received sufficient attention: the challenges posed to traditional principles of cross-border cooperation in the EU and beyond, mutual recognition and mutual trust, the concept of jurisdiction and territoriality, dual criminality, the concept of privacy in the digital age, personal data protection and procedural rights of suspects in criminal proceedings. Through the lens of E-evidence this chapter aims to reflect on these challenges and offer new perspectives.

Keywords

  • Electronic evidence
  • Cross border access
  • Data protection
  • Criminal proceedings
  • European production order
  • European preservation order
  • CLOUD Act

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-50613-1_1
  • Chapter length: 58 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   109.00
Price excludes VAT (USA)
  • ISBN: 978-3-030-50613-1
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   149.00
Price excludes VAT (USA)
Hardcover Book
USD   149.99
Price excludes VAT (USA)
Fig. 1

Notes

  1. 1.

    These are referred to as cyber dependant crimes, also known as computer related crimes. These are offences that can only be committed by using a computer, computer networks, or other forms of information and communications technology (ICT). See Home Office (2013) Cybercrime: A review of the evidence Research Report 75, ISBN 978 1 78246 245 3, p. 4 available at https://www.gov.uk/government/publications/cyber-crime-a-review-of-the-evidence.

  2. 2.

    Cyber-enabled crimes are traditional crimes facilitated by the use of ICT. Unlike cyber-dependent crimes, they can still be committed without the use of ICT. Ibid.

  3. 3.

    See below the discussion of different type of data. See European Commission (2018) “Commission Staff Working Impact Assessment” p. 13. Available at https://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1524129550845&uri=SWD:2018:118:FIN.

  4. 4.

    For instance there are no mandatory data retention rules in the US (which is of importance given that the key SPs operating in the EU are US based) nor in the EU, since The Data Retention Directive 2006/24/EC was declared invalid by CJEU in case C-293/12 Digital Rights Ireland Ltd v Minister of Communications ECLI:EU:C:2014:238.

  5. 5.

    Data minimisation is enshrined in the General Data Protection Regulation (GDPR): The processing of personal data must be adequate, relevant and limited to what is necessary—Article 5(1)(c). Data minimisation requirements force service providers to delete data more quickly, increasing the number of cases where data will no longer be available when LEA’s request reaches the service provider.

  6. 6.

    This problem is well recognised. See for instance Eurojust and Europol (2019) Common challenges in combating Cybercrime Joint Report, available at https://www.europol.europa.eu/publications-documents/common-challenges-in-combating-cybercrime See also European Commission (2018) “Commission Staff Working Impact Assessment” p. 19.

  7. 7.

    European Commission (2018) “Commission Staff Working Impact Assessment” p. 13.

  8. 8.

    Ibid p. 35.

  9. 9.

    Ibid p. 14 See also data, albeit partial, on crimes that cannot be effectively investigated or prosecuted. The same report also found that “Less than half of all the requests to service providers are fulfilled” p. 15 According to the Commission a request could remain unfulfilled for several reasons, including that the request is sent to a provider who does not hold the data, it is excessively broad or unclear, it fails to specify an (existing) account or sought information, it does not have a valid legal basis or the data sought no longer exists—p. 17.

  10. 10.

    Ibid at p. 17 This is partly due to lack of timely access i.e. leads disappear or lack of access i.e. access denied.

  11. 11.

    See Eurojust and Europol (2019) Common challenges in combating Cybercrime Joint Report.

  12. 12.

    Data nationalism refers to measures taken by some countries to require that data be stored, processed, or handled within their borders in an attempt (or rather justification) to protect privacy and security and to promote economic growth. Russia, China, India and other countries, have enacted laws that require such data localization. https://www.itic.org/public-policy/SnapshotofDataLocalizationMeasures7-29-2016.pdf.

  13. 13.

    Robert Morgus, Jocelyn Woolbright, & Justin Sherman The Digital Deciders: How a group of often overlooked countries could hold the keys to the future of the global internet, October 2018, available at https://www.newamerica.org/cybersecurity-initiative/reports/digital-deciders/.

  14. 14.

    Ibid. Every jurisdiction has sought to exercise certain degree of control from the early days of the internet, see e.g. Lessig and Resnick [38] ‘Zoning speech on the internet: a legal and technical model’ Michigan Law Review, Vol. 98, No. 2 (Nov., 1999), pp. 395–431.

  15. 15.

    European Commission “Proposal for a Regulation of the European Parliament and of the Council on European Production and Preservation Orders for electronic evidence in criminal matters” Strasbourg, 17.4.2018 COM (2018) 225 final, 2018/0108(COD) available at https://ec.europa.eu/info/policies/justice-and-fundamental-rights/criminal-justice/e-evidence-cross-border-access-electronic-evidence_en.

  16. 16.

    European Commission “Proposal for a directive of the European Parliament and of the Council laying down harmonised rules on the appointment of legal representatives for the purpose of gathering evidence in criminal proceedings” Strasbourg, 17.4.2018, COM(2018) 226 final, 2018/0107(COD) available at https://ec.europa.eu/info/policies/justice-and-fundamental-rights/criminal-justice/e-evidence-cross-border-access-electronic-evidence_en.

  17. 17.

    Council of the EU “Regulation of the European Parliament and of the Council on European production and preservation orders for electronic evidence in criminal matters—general approach” (10206/19) Brussels, 11 June 2019 available at https://data.consilium.europa.eu/doc/document/ST-10206-2019-INIT/en/pdf.

  18. 18.

    During 2018–2019 EU Parliament has been advancing very slowly. E-evidence has been assigned to the LIBE Committee. Partly due to the European 2019 elections, LIBE is still to adopt its report, which would then be submitted to the Plenary of the Parliament for adoption.

  19. 19.

    It is expected that the framework will be approved by 2020 and will come into force in 2022.

  20. 20.

    European Parliament “DRAFT REPORT on the proposal for a Regulation of the European Parliament and of the Council on European Production and Preservation Orders for electronic evidence in criminal matters (COM(2018)0225—C8-0155/2018—2018/0108(COD))” Committee on Civil Liberties, Justice and Home Affairs, November 2019, Rapporteur: Birgit Sippel Available at https://www.europarl.europa.eu/doceo/document/LIBE-PR-642987_EN.pdf.

  21. 21.

    See European Data Protection Board (EDPB) (2018) “Opinion 23/2018 on Commission proposals on European Production and Preservation Orders for electronic evidence in criminal matters” available at https://edpb.europa.eu/sites/edpb/files/files/file1/eevidence_opinion_final_en.pdf; European Data Protection Supervisor (EDPS) (2019) “EDPS Opinion on Proposals regarding European Production and Preservation Orders for electronic evidence in criminal matters” Opinion 7/2019, November 2019 available at https://edps.europa.eu/sites/edp/files/publication/opinion_on_e_evidence_proposals_en.pdf; European Criminal Bar Association ECBA (2019) ECBA Opinion on the European Commission’s Proposals, available at http://www.ecba.org/extdocserv/20190213-ECBAonEPOsEPROs_Final.pdf; Statement of Article 29 Working Party (2017) “Data protection and privacy aspects of cross-border access to electronic evidence” Brussels 29 November 2017 available at https://www.hldataprotection.com/files/2018/02/20171129-Art.-29-WP-e-Evidence_Statement.pdf; The Council of Bars and Law Societies of Europe (CCBE) (2019) CCBE recommendations on the establishment of international rules for cross-border access to electronic evidence 28/02/2019; The Council of Bars and Law Societies of Europe (CCBE) (2018) CCBE position on the Commission proposal for a Regulation on European Production and Preservation Orders for electronic evidence in criminal matters 19/10/2018; Theodore Christakis (2019) “E-evidence in a Nutshell: Developments in 2018, Relations with the Cloud Act and the Bumpy Road Ahead” Cross-border Data Forum available at https://www.crossborderdataforum.org/e-evidence-in-a-nutshell-developments-in-2018-relations-with-the-cloud-act-and-the-bumpy-road-ahead/.

  22. 22.

    See inter alia V. Mitsilegas (2016) EU Criminal Law after Lisbon: Rights, Trust and the Transformation of Justice in Europe, Oxford/Portland: Hart Publishing; S. Peers (2016) EU Justice and Home Affairs Law, Vol II. Oxford University Press; Bermann PS (2018) “Legal Jurisdiction and the Deterritorialization of Data” Vanderbilt Law Review, Vol. 71: 11; J. Daskal (2015) “The Un-Territoriality of Data” Yale Law Journal, Vol. 125 (2), 326; C. Janssens (2013) The principle of Mutual Recognition in EU Law, Oxford University Press;.

  23. 23.

    Clarifying Lawful Overseas Use of Data Act—CLOUD Act provides the legal basis for the United States government to conclude agreements with foreign governments on access to data held by United States service providers and vice-versa.

  24. 24.

    Available at https://www.gov.uk/government/publications/ukusa-agreement-on-access-to-electronic-data-for-the-purpose-of-countering-serious-crime-cs-usa-no62019?utm_source=b4d391f0-3d36-4077-8793-d5b2b06944c1&utm_medium=email&utm_campaign=govuk-notifications&utm_content=immediate.

  25. 25.

    The Canadian Association of Chiefs of Police has passed a resolution calling for negotiation of an executive agreement with the U.S. under the CLOUD Act. See https://www.cacp.ca/resolution.html?asst_id=1694.

  26. 26.

    Council of the EU “Decision authorising the opening of negotiations with a view to concluding an agreement between the European Union and the United States of America on cross-border access to electronic evidence for judicial cooperation in criminal matters” (9114/19) Brussels, 21 May 2019, available at https://data.consilium.europa.eu/doc/document/ST-9114-2019-INIT/en/pdf.

  27. 27.

    Council of the EU “Decision authorising the European Commission to participate, on behalf of the European Union, in negotiations on a Second Additional Protocol to the Council of Europe Convention on Cybercrime” (CETS No. 185) Brussels, 21 May 2019 available at https://data.consilium.europa.eu/doc/document/ST-9116-2019-INIT/en/pdf In June 2017, the 61 parties to the Budapest Convention on Cybercrime agreed to launch the preparation of an additional Second Protocol to the Convention to help law enforcement secure evidence on servicers in foreign, multiple or unknown jurisdictions. This Second Protocol is expected to be agreed by the end of 2020. See Council of Europe (2019) available at https://rm.coe.int/summary-towards-a-protocol-to-the-budapest-convention/1680972d07.

  28. 28.

    As noted by the Cybercrime Convention Committee (T-CY) “close coordination in the drafting of the Additional Protocol to the Budapest Convention and the preparation of relevant legal instruments by the European Union should be pursued”. Ibid.

  29. 29.

    On 18 November 2019, the Third Committee of the United Nations General Assembly adopted the resolution “Countering the use of information and communications technologies for criminal purposes” favouring a state control over the internet and data nationalism model. The resolution was backed by Russia and sponsored by a coalition of 45 countries including China, Cuba, North Korea, Nicaragua, Syria, Venezuela, and passed 88–58 with 34 abstentions. It is reported that a committee of experts will meet to draft the treaty in August 2020. Ahead of the adoption, a coalition of countries with the United States in the lead encouraged opposition to the resolution with the argument that it would increase state-backed control over the internet. It was also reported that Russia has presented the resolution as an alternative to the Budapest Convention, ratified in 2001 by 64 member states but which has never been adopted by Russia. For a critique see the US position available at https://usun.usmission.gov/statement-on-agenda-item-107-countering-the-use-of-information-and-communications-technologies-for-criminal-purposes/.

  30. 30.

    See for instance The Council of Bars and Law Societies of Europe (CCBE) (2019) CCBE recommendations on the establishment of international rules for cross-border access to electronic evidence 28/02/2019; The Council of Bars and Law Societies of Europe (CCBE) (2018) CCBE position on the Commission proposal for a Regulation on European Production and Preservation Orders for electronic evidence in criminal matters 19/10/2018.

  31. 31.

    The MLA treaties are generally broadly worded to allow for cooperation on a wide range of law enforcement issues including locating and extraditing individuals, freezing assets, requesting searches and seizures etc. They are a necessary tool in combating transnational crime such as money laundering and human trafficking and in prosecuting criminals who attempt to evade domestic law enforcement by operating abroad. See for example the European Convention on Mutual Assistance in Criminal Matters For an account see Steve Peers (2016) EU Justice and Home Affairs Law, Vol II. Oxford University Press.

  32. 32.

    See Council of EU Non Paper (15072/16) available at http://data.consilium.europa.eu/doc/document/ST-15072-2016-INIT/en/pdf.

  33. 33.

    Ibid para 2.2.1 See also Council of Europe T-CY report (2013) available at https://rm.coe.int/16802e726c.

  34. 34.

    Council of EU Non Paper (15072/16) available at http://data.consilium.europa.eu/doc/document/ST-15072-2016-INIT/en/pdf.

  35. 35.

    Such as European Convention on Mutual Assistance in Criminal Matters of 20 April 1959.

  36. 36.

    Council of Europe Convention on Cybercrime of 23 November 2001. To date the Cybercrime Convention has been ratified by most EU MSs (except for Ireland and Sweden) and several non-European countries including the US. See the chart of signatures and ratifications https://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/185/signatures?p_auth=w8r6xLCC.

  37. 37.

    The list of measures covers not only investigative powers (Art. 18 ff. CCC), but also provisional measures aimed at the preservation of electronic evidence (Art. 16, 17 CCC). The powers are subject to conditions and safeguards that seek to balance the requirements of law enforcement with the protection of human rights (Art. 15(1) CCC) and include both procedural (judicial or other independent supervision) and substantial (proportionality, limitation of certain measures to serious offences) requirements in accordance with the principles of the respective national criminal justice system (Art. 15(2) CCC).

  38. 38.

    Cybercrime Convention Committee (T-CY), Terms of Reference for the Preparation of a Draft 2nd Additional Protocol to the Budapest Convention on Cybercrime, approved by the 17th Plenary of the T-CY on 8 June 2017, T-CY (2017)3, p. 3 available at https://rm.coe.int/summary-towards-a-protocol-to-the-budapest-convention/1680972d07.

  39. 39.

    Directive 2014/41/EU of the European Parliament and of the Council of 3 April 2014 regarding the European Investigation Order in criminal matters, O.J. L 130/1.

  40. 40.

    See article 12 of EIO Directive for time limits.

  41. 41.

    See EU Commission (2018) “Impact Assessment” p. 24. Even though the EIO Directive allows for shorter time-limits where necessary “due to procedural deadlines, the seriousness of the offence or other particularly urgent circumstances” (Art. 12(2)) and article 32(2) provides for a 24 h deadline to decide on provisional measures, arguably these shorter deadlines cannot address the specific needs of e-Evidence: the first is an exception rather than the general rule, requiring reasons for urgency in every case, and the second is specifically aimed at preservation of the data only which in itself is insufficient as timely access need be provided not only preservation of data.

  42. 42.

    Ibid p. 26 “Voluntary” means that there is a domestic legal title which cannot be enforced directly in the recipient country. This legal instrument may be an ‘order’ or ‘request’ hence, in the absence of a clear legal framework, the distinction between voluntary and mandatory cooperation is not always easy to establish and causes disagreements between LEAs and SPs.

  43. 43.

    E.g. more than 120 000 in 2016, based on the 2016 transparency reports by Google, Facebook, Microsoft, Twitter and Apple. Ibid. p. 26.

  44. 44.

    On EU Communication Framework see https://ec.europa.eu/digital-single-market/en/policies/telecom-laws.

  45. 45.

    See EU Commission (2018) Impact assessment.

  46. 46.

    ECPA prohibits SPs to give access to content data on a voluntary basis, except in cases of emergency.

  47. 47.

    EU Commission (2018) Impact assessment pp. 25–28.

  48. 48.

    Eg. Art. 46 of the Belgian Code of Criminal Procedure; for the application to foreign providers see the judgment of the Hof van Cassatie [Belgian Court of Cassation], Judgment of 1 December 2015, P. 13.2082.N, Yahoo. See European Parliament Policy Department for Citizens' Rights and Constitutional Affairs (2018) Report.

  49. 49.

    Member States have different approaches to direct access and the data storage location—see section 2.2.3 EU Commission (2018) Impact Statement.

  50. 50.

    Ibid p. 32.

  51. 51.

    See Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions: The European Agenda on Security, COM (2015) 185 final; Communication on delivering on the European Agenda on Security to fight against terrorism and pave the way towards an effective and genuine Security Union, COM/2016/0230 final; Conclusions of the Council of the European Union on improving criminal justice in cyberspace, ST9579/16; Council of the EU, Final report of the seventh round of mutual evaluations on “The practical implementation and operation of the European policies on prevention and combating Cybercrime”, ST 12711 2017 INIT, 2 October 2017. In October 2017 the European Parliament adopted the Resolution of 3 October 2017 on the fight against Cybercrime (2017/2068(INI) calling on the Commission to put forward a European legal framework for electronic evidence.

  52. 52.

    EU Commission (2018) Impact study; EU Commission “Security Union: Facilitating Access to Electronic Evidence” Factsheet, April 2018 available at https://ec.europa.eu/info/sites/info/files/placeholder_2.pdf.

  53. 53.

    As it will be discussed below the authorities of the host country will only be involved in cases where there are specific legal concerns or where the Order needs to be enforced.

  54. 54.

    Article 3(3) draft Regulation.

  55. 55.

    Article 4(b) EIO Directive.

  56. 56.

    Article 23 draft Regulation.

  57. 57.

    See for example EDPB Opinion 23/2018.

  58. 58.

    Ibid.

  59. 59.

    In response to this criticism it is worth noting that several alternatives were considered by the Commission in its Impact assessment (2018).

  60. 60.

    EDPB opinion 23/2018 pp. 5–6.

  61. 61.

    EU Commission (2018) Impact assessment p. 20.

  62. 62.

    The standard time limit for the provision of data is 10 days—which could still be long in terms of data volatility and/or the progress of investigation. Furthermore, the proposed framework does not provide for ongoing investigations and live data collection through surveillance—see the discussion further below.

  63. 63.

    See Art. 37 of the EIO Directive; EDPB 23/2018 Opinion; EU Parliament, Policy Department for Citizens' Rights and Constitutional Affairs (2018) Report.

  64. 64.

    According to EIO Directive, the executing authority has 30 days to take its decision on the recognition of the request and then should execute the order within 90 days see Art. 12(3) and (4) EIO Directive. See also Art. 6 EIO Directive.

  65. 65.

    See recital 59 of the draft Regulation.

  66. 66.

    Article 1(1) draft Regulation.

  67. 67.

    Article 25 ff. CCC.

  68. 68.

    Article 2(4) draft Regulation.

  69. 69.

    Article 3(4) draft Regulation.

  70. 70.

    See Cybercrime Convention Committee (T-CY), Ad-hoc Sub-group on Jurisdiction and Transborder Access to Data, Transborder access and jurisdiction: What are the options?, Report of the Transborder Group, adopted by the T-CY on 6 December 2012, T-CY (2012), p. 32. According to Belgian law, any provider of electronic communication services active in Belgium must, upon request of the public prosecutor, disclose identification data irrespective of whether or not the data is stored within Belgian territory. The Belgian Court of Cassation held that criminal sanctions for a failure to comply with such a request does not violate international law because the sanction and the request refer to a conduct within Belgian territory and, therefore, do not affect the territorial sovereignty of another state. (Art. 46 bis of the Belgian Code of Criminal Procedure; for the application to foreign providers see the judgment of the Hof van Cassatie [Belgian Court of Cassation], Judgment of 1 December 2015, P. 13.2082.N, Yahoo.). Similarly, the Irish Supreme Court found that an Irish court, if certain conditions were met, had the power to order the production of documents from an Irish company even if the required objects were located on foreign territory. (Supreme Court of Ireland, 25 January 2013, Walsh v. National Irish Bank, Appeal No. 267/2007, [2013] 1 ESC 2, para. 9.3.). Similarly the German legislator has adopted the Network Enforcement Act (“Netzwerkdurchsetzungsgesetz”) that establishes a mandatory cooperation regime for service providers whose services can be accessed from German territory. Network Enforcement Act of 1 September 2017, Bundesgesetzblatt 2017, part I, p. 3352.

  71. 71.

    The first part of the CLOUD Act mooted the Supreme Court case of United States v. Microsoft Corp., 584 U.S. ___ (2018). Microsoft argued that the U.S. warrant had no legal force because the emails being sought were stored outside the United States, in Ireland. The United States argued that Microsoft could access the data from within the United States and thus the place where the data happened to be stored did not matter. The CLOUD Act resolved the legal issue, providing that the kind of compelled disclosure orders at issue in the Microsoft Ireland case apply “regardless of whether such communication, record, or other information is located within or outside of the United States”.

  72. 72.

    See Art. 3, in particular (2) and Art. 27 GDPR.

  73. 73.

    See J. Daskal (2015) “The Un-Territoriality of Data”, in Yale Law Journal, Vol. 125, p. 326;

    Bermann (2018) “Legal Jurisdiction and the Deterritorialization of Data”, Vanderbilt Law Review, Vol. 71, p. 11.

  74. 74.

    D. Johnson and D. Post (1996) “Law And Borders—The Rise of Law in Cyberspace” Stanford Law Review Vol. 48, p. 1367.

  75. 75.

    EU Parliament, Policy Department for Citizens' Rights and Constitutional Affairs (2018) Report p. 33. As in the proposed E-evidence framework, a territorial link can be based on other connecting factors such as the place where the service provider is established or where its services are offered.

  76. 76.

    Article 2(4) draft Regulation, Art. 2(3) draft Directive.

  77. 77.

    According to the Cybercrime Committee’s guidance note.

  78. 78.

    Article 2(4) draft Directive.

  79. 79.

    Recital (13) draft directive.

  80. 80.

    Recital (13) draft directive, referring to Regulation (EU) 2018/302 of the European Parliament and of the Council of 28 February 2018 on addressing unjustified geo-blocking and other forms of discrimination based on customers' nationality, place of residence or place of establishment within the internal market, O.J. L 60 I/1.

  81. 81.

    Article 3(3) draft Regulation.

  82. 82.

    EU Parliament, Policy Department for Citizens' Rights and Constitutional Affairs (2018) Report.

  83. 83.

    See EU Parliament, Policy Department for Citizens' Rights and Constitutional Affairs (2018); European Data Protection Board (EDPB) Opinion 23/2018; Statement of Article 29 Working Party (2017) “Data protection and privacy aspects of cross-border access to electronic evidence” Brussels 29 November 2017 available at https://www.hldataprotection.com/files/2018/02/20171129-Art.-29-WP-e-Evidence_Statement.pdf.

  84. 84.

    See the Preamble of the draft Regulation.

  85. 85.

    C. Janssens (2013) The principle of Mutual Recognition in EU Law, Oxford University Press, p. 152.

  86. 86.

    Case 1/15, 27 July 2017, §103: “As the Advocate General has observed in point 108 of his Opinion, none of the provisions of the envisaged agreement refer to facilitating such cooperation. As for the Canadian Competent Authority, that authority does not constitute a judicial authority, nor does it constitute an equivalent authority”. Although the issues at stake differ to some extent and the reasoning of the Court in one cannot be fully transposed to the other, some have drawn a parallel with the compatibility issues that arose in Case 1/15 on the EU-Canada PNR agreement. (WP29 p. 1); see also E. Sellier and A. Weyenbergh, “Criminal procedural laws across the European Union—A comparative analysis of selected main differences and the impact they have over the development of EU legislation”, study Commissioned by the European Parliament’s Policy Department for Citizens’ Rights and Constitutional Affairs at the request of the LIBE Committee, PE 604.977, August 2018, p. 31. https://www.europarl.europa.eu/RegData/etudes/STUD/2018/604977/IPOL_STU(2018)604977_EN.pdf.

  87. 87.

    Article 14(2) draft Regulation.

  88. 88.

    See EU Parliament, Policy Department for Citizens' Rights and Constitutional Affairs (2018) p. 34; European Data Protection Board (EDPB) Opinion 23/2018.

  89. 89.

    See C. Janssens (2013) The principle of Mutual Recognition in EU Law, Oxford University Press, p. 171.

  90. 90.

    EU Commission (2018) “Impact assessment” part 3.1, p. 37.

  91. 91.

    Article 36(1) Regulation (EU) No. 1215/2012 of the European Parliament and of the Council of 12 December 2012 on Jurisdiction and the Recognition and Enforcement of Judgments in Civil and Commercial Matters, O.J. L 351/1.

  92. 92.

    EU Parliament, Policy Department for Citizens' Rights and Constitutional Affairs (2018) p. 36.

  93. 93.

    This is the case for final judicial decisions imposing, for instance, a custodial sentence (Framework Decision 2008/909/JHA) or a fine (Framework Decision 2005/214/JHA), but also for decisions relating to the investigation such as a European arrest warrant (Framework Decision 2002/584/JHA) or a European investigation order (Directive 2014/41/EU—‘EIO Directive’).

  94. 94.

    European Parliament “DRAFT REPORT on the proposal for a Regulation of the European Parliament and of the Council on European Production and Preservation Orders for electronic evidence in criminal matters (COM(2018)0225—C8-0155/2018—2018/0108(COD))” Committee on Civil Liberties, Justice and Home Affairs, November 2019, Rapporteur: Birgit Sippel Available at https://www.europarl.europa.eu/doceo/document/LIBE-PR-642987_EN.pdf.

  95. 95.

    Note that under the E-evidence Directive all SPs offering their services in the EU will be obliged to nominate and establish a legal representative in the EU irrespective of where they are established.

  96. 96.

    In the United States, for example, the Stored Communications Act (SCA), in Title II of the Electronic Communications Privacy Act (ECPA), is a blocking statute that prohibits US-based providers from turning over the content of communications to foreign governments.

  97. 97.

    The CLOUD act created a new “comity” provision for addressing possible conflicts between U.S. law and the laws of other countries, albeit applicable in limited situations. The second major part of the CLOUD Act creates a new mechanism for other countries to access the content of communications held by U.S. service providers. The CLOUD Act enables the bypassing of access restrictions in specified circumstances, based on the adoption of “executive agreements” between the U.S. and other countries, and subject to a number of baseline substantive and procedural requirements. The CLOUD Act authorizes these executive agreements only for countries meeting human rights and rule of law requirements, and only with a long list of requirements for each request.

  98. 98.

    See European Data Protection Board (EDPB) Opinion 23/2018 pp. 17–18.

  99. 99.

    See the interventions during the Council’s meeting are available under the E-evidence tab (below the video) here: https://video.consilium.europa.eu/en/webcast/2e938e2f-a272-420f-81b9-a058d9da74a8.

  100. 100.

    Otherwise known as the "Umbrella Agreement" which entered into force on 1 February 2017.

  101. 101.

    The Commission believes that an EU-US Agreement with the E-evidence proposals as the baseline could help settle any conflicting obligations for service providers and would allow them to deliver content data directly to law enforcement and judicial authorities in the EU or the United States, as the case may be. See https://ec.europa.eu/commission/presscorner/detail/en/MEMO_19_863 See also https://ec.europa.eu/info/policies/justice-and-fundamental-rights/criminal-justice/e-evidence-cross-border-access-electronic-evidence_en.

  102. 102.

    See Theodore Christakis (2019) “E-evidence in a Nutshell: Developments in 2018, Relations with the Cloud Act and the Bumpy Road Ahead” Cross-border Data Forum available at https://www.crossborderdataforum.org/e-evidence-in-a-nutshell-developments-in-2018-relations-with-the-cloud-act-and-the-bumpy-road-ahead/.

  103. 103.

    European Parliament “DRAFT REPORT on the proposal for a Regulation of the European Parliament and of the Council on European Production and Preservation Orders for electronic evidence in criminal matters (COM(2018)0225—C8-0155/2018—2018/0108(COD))” Committee on Civil Liberties, Justice and Home Affairs, November 2019, Rapporteur: Birgit Sippel Available at https://www.europarl.europa.eu/doceo/document/LIBE-PR-642987_EN.pdf.

    The draft report is to be presented to the European Parliament after being amended and voted in the LIBE committee during February-March 2020.

  104. 104.

    Ibid. See amendment 173 proposing a new article 14. Note the role to be played by the executing authority.

  105. 105.

    See recitals 12 and 14 of the draft Regulation.

  106. 106.

    See the draft Regulation.

  107. 107.

    According to the original Commission’s proposal.

  108. 108.

    This provision was further modified by the Council into limiting the enforcing MS’s intervention for transactional data, specifying that it applies where issuing MS has ‘reasonable grounds to believe’ that the person whose data is sought does not reside on the territory of the issuing MS and that data is subject in that MS to rules on determination and limitation of criminal liability relating to freedom of press and freedom of expression in other media’.

  109. 109.

    The debates are available, listed by country, under the E-evidence tab (below the video) here: https://video.consilium.europa.eu/en/webcast/ffa13ca3-8e18-4bc1-9c80-8fdaa18265ac.

  110. 110.

    See for example EU Parliament, Policy Department for Citizens' Rights and Constitutional Affairs (2018) part 4.1.3, p. 34.

  111. 111.

    See Recital 11 of the draft Regulation.

  112. 112.

    CJEU, Opinion 2/13 of the Court on Accession of the European Union to the European Convention for the Protection of Human Rights and Fundamental Freedoms, 18 December 2014, para 191.

  113. 113.

    V. Mitsilegas (2016) EU Criminal Law after Lisbon: Rights, Trust and the Transformation of Justice in Europe, Oxford/Portland: Hart Publishing, p. 124.

  114. 114.

    Programme of measures to implement the principle of mutual recognition of decisions in criminal matters, OJ C 12, 15 Jan. 2001, p. 1 available at http://www.ecba.org/extdocserv//CriminalJustice/OtherEUdocs/Programmeofmeasuresimplementprinciplemutualrecogofdecisions.pdf.

  115. 115.

    Ibid.

  116. 116.

    S. Peers, EU Justice and Home Affairs Law, Oxford: Oxford University Press, 2016 p. 160.

  117. 117.

    In July 2018, the European Commission launched legal action against the Polish government over allegations that the changes regarding the way judges are appointed in the country undermine the independence of its Courts. In October 2018 the European Court of Justice ordered the Polish government to suspend “immediately” changes to the country’s Supreme Court. In September 2018, the EU Parliament asked EU Member States to determine, in accordance with Treaty Article 7, whether Hungary is at risk of breaching the EU´s founding values. See https://ec.europa.eu/commission/presscorner/detail/en/IP_17_5367 See also https://ec.europa.eu/info/policies/justice-and-fundamental-rights/upholding-rule-law/rule-law/initiative-strengthen-rule-law-eu_en on the Commission’s 2019 initiative to strengthen the Rule of Law in the EU.

  118. 118.

    The debates are available, listed by country, under the E-evidence tab (below the video) here: https://video.consilium.europa.eu/en/webcast/ffa13ca3-8e18-4bc1-9c80-8fdaa18265ac.

  119. 119.

    Ibid.

  120. 120.

    See T. Christakis (2019) “E-evidence in a Nutshell: Developments in 2018, Relations with the Cloud Act and the Bumpy Road Ahead” Cross-border Data Forum available at https://www.crossborderdataforum.org/e-evidence-in-a-nutshell-developments-in-2018-relations-with-the-cloud-act-and-the-bumpy-road-ahead/ See also European Parliament “DRAFT REPORT on the proposal for a Regulation of the European Parliament and of the Council on European Production and Preservation Orders for electronic evidence in criminal matters (COM(2018)0225—C8-0155/2018—2018/0108(COD))” Committee on Civil Liberties, Justice and Home Affairs, November 2019, Rapporteur: Birgit Sippel Available at https://www.europarl.europa.eu/doceo/document/LIBE-PR-642987_EN.pdf.

  121. 121.

    According to Art. 7a the notified authority “may as soon as possible (and no later than 10 days) inform the issuing authority” of any eventual problems that concern situations where content data requested is protected by (i) immunities and privileges granted under the law of the enforcing State, or (ii) impacting fundamental interests of this enforcing State such as national security and defence, or (iii) affecting special legal protections in the enforcing State related to freedom of press and freedom of expression (but not other human rights).

  122. 122.

    European Parliament “DRAFT REPORT on the proposal for a Regulation of the European Parliament and of the Council on European Production and Preservation Orders for electronic evidence in criminal matters (COM(2018)0225—C8-0155/2018—2018/0108(COD))” Committee on Civil Liberties, Justice and Home Affairs, November 2019, Rapporteur: Birgit Sippel p. 146 Available at https://www.europarl.europa.eu/doceo/document/LIBE-PR-642987_EN.pdf.

  123. 123.

    Ibid. Amendments 5, 6, 8 (and overall) seems to take away the very justification and basis for this instrument provided in the original Commission’s proposal. Taken together with the other changes proposed by the rapporteur, it is likely that the framework is to be considered superfluous. See amendment 13, 42, 43, 46 and 48, regarding the receiving MS’s power to execute and refuse orders.

  124. 124.

    See EU Parliament, Policy Department for Citizens' Rights and Constitutional Affairs (2018) p. 41.

  125. 125.

    Article 13 of the Council’s draft.

  126. 126.

    Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC.

  127. 127.

    Directive 2016/680 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and the free movement of such data, and repealing Council Framework Decision 2008/977/JHA.

  128. 128.

    These differences have been dealt with in depth elsewhere, see O.Sallavaci (2014) The impact of scientific evidence on the criminal trial, Routledge. More generally on the meaning of evidence see for example P. Roberts and R. Zuckerman (2010) Criminal Evidence, Oxford University Press Chap. 1; see also D. Nicolson (2019) Evidence and Proof in Scotland: Context and Critique, Edinburgh University Press Chap. 1.

  129. 129.

    As highlighted by the European Economic and Social Committee Brussels, 2 August 2018, 11533/18 (points 1.3 and 3.3) available at http://data.consilium.europa.eu/doc/document/ST-11533-2018-INIT/en/pdf.

  130. 130.

    The conditions for an investigative measure relating to data gathered in real time, continuously and over a certain period of time are outlined in Article 28 EIO. As regards the content data for interception of telecommunications, Articles 30 and 31 EIO apply. These articles define an additional non-recognition ground for these type of data in addition to the the general non-recognition grounds, namely “if the execution of the investigative measure concerned would not be authorised in a similar domestic case”.

  131. 131.

    E.g. Tele2 Sverige AB and Watson see also Frank Verbruggen, Sofie Royer, and Helena Severijns (2018) “Reconsidering the blanket-data-retention-taboo, for human rights’ sake?” available at https://europeanlawblog.eu/2018/10/01/reconsidering-the-blanket-data-retention-taboo-for-human-rights-sake/.

  132. 132.

    For instance it is not always clear whether data produced via emails or chat services are in transmission or already stored. See Vanessa Franssen https://europeanlawblog.eu/2018/10/12/the-european-commissions-e-evidence-proposal-toward-an-eu-wide-obligation-for-service-providers-to-cooperate-with-law-enforcement/.

  133. 133.

    Regulation concerning the respect for private life and the protection of personal data in electronic communications (e-Privacy Regulation).

  134. 134.

    Recital 14 e-Privacy Regulation.

  135. 135.

    See LIBE’s rapporteur Draft Report (2019) amendments 25–27 and 91–97 for an alternative classification of data, to be discussed further below.

  136. 136.

    Recital 23 E-evidence Regulation.

  137. 137.

    Ibid.

  138. 138.

    See the Explanatory Memorandum to the draft Regulation as proposed by the Commission.

  139. 139.

    Recital 35c of the Council’s General Approach.

  140. 140.

    Available at http://curia.europa.eu/juris/liste.jsf?num=C-203/15.

  141. 141.

    CASE OF BIG BROTHER WATCH AND OTHERS v. THE UNITED KINGDOM (Applications nos. 58170/13, 62322/14 and 24960/15) available at https://hudoc.echr.coe.int/eng#{"itemid":["001-186048"]}.

  142. 142.

    CASE OF BENEDIK v. SLOVENIA (Application no. 62357/14) available at https://hudoc.echr.coe.int/eng#{"fulltext":["benedik"],"documentcollectionid2":["GRANDCHAMBER","CHAMBER"],"itemid":["001-182455"]}.

  143. 143.

    Recital 23 E-evidence Regulation.

  144. 144.

    See Art. 10(2) and 11(2) EIO.

  145. 145.

    Due to the fact that not all Member States are part of these two instruments, that some service providers are not covered and that the deadlines might be quite long with regard to the volatile nature of e-evidence, both the EIO and the Budapest Convention have limitations that the e-evidence framework seeks to address.

  146. 146.

    According to recital 21 of the Commission’s proposal “Access data is pursued for the same objective as subscriber data… to identify the underlying user and the level of interference with fundamental rights is similar to that of subscriber data. Access data is typically recorded as part of a record of events… to indicate the commencement and termination of a user access session to a service. It is often an individual IP address (static or dynamic) or other identifier that singles out the network interface used during the access session. If the user is unknown, it often needs to be obtained before subscriber data related to that identifier can be ordered from the service provider”.

  147. 147.

    See recitals 24 and 56 on necessity and proportionality; regarding the Specialty principle see Art. 12 b of the Council’s draft.

  148. 148.

    European Parliament “DRAFT REPORT on the proposal for a Regulation of the European Parliament and of the Council on European Production and Preservation Orders for electronic evidence in criminal matters (COM(2018)0225—C8-0155/2018—2018/0108(COD))” Committee on Civil Liberties, Justice and Home Affairs, November 2019, Rapporteur: Birgit Sippel Available at https://www.europarl.europa.eu/doceo/document/LIBE-PR-642987_EN.pdf.

    See Amendment 25, 91–97 which change the classification of data into subscriber data, traffic data and content data; amendment 26 distinguishes subscribed data only as a less sensitive category of data then others—note the difference with Commission’s categorisation of access vs subscriber data; amendment 27 equalises transactional data with traffic data.

  149. 149.

    Ibid explanatory notes.

  150. 150.

    Note that as per recital 30, judicial authority comprises either a judge or a prosecutor.

  151. 151.

    In the UK see Investigatory Powers Act 2016 Schedule 4.

  152. 152.

    Digital Rights Ireland Ltd (C‑293/12) available at http://curia.europa.eu/juris/document/document.jsf?text=%2522charter%2Bof%2Bfundamental%2Brights%2522&docid=150642&pageIndex=0&doclang=EN&mode=req&dir=&occ=first&part=1&cid=16565#ctx1.

  153. 153.

    At para 62.

  154. 154.

    Ibid.

  155. 155.

    Tele2 Sverige AB (Case C-203/15) available at http://curia.europa.eu/juris/document/document.jsf?text=charter%2Bof%2Bfundamental%2Brights&docid=186492&pageIndex=0&doclang=en&mode=lst&dir=&occ=first&part=1&cid=230304#ctx1.

  156. 156.

    Ibid at para 120.

  157. 157.

    Roman Zakharov v Russia (Application no. 47143/06) at para 261 available at http://statewatch.org/news/2015/dec/echr-russian-secret-surveillance-judgment.pdf.

  158. 158.

    Szabó and Vissy v. Hungary (Application no. 37138/14) at para 77 available at http://www.statewatch.org/news/2016/jan/echr-case-SZAB-%20AND-VISSY-v-%20HUNGARY.pdf.

  159. 159.

    See recitals 31 and 32 of the draft Regulation.

  160. 160.

    See ECBA Opinion on European Commission Proposals (2019) available at http://www.ecba.org/extdocserv/20190213-ECBAonEPOsEPROs_Final.pdf.

  161. 161.

    See European Data Protection Board (EDPB) (2018) “Opinion 23/2018 on Commission proposals on European Production and Preservation Orders for electronic evidence in criminal matters” available at https://edpb.europa.eu/sites/edpb/files/files/file1/eevidence_opinion_final_en.pdf.

  162. 162.

    For the actual harmonisation achieved in both the substantive and procedural criminal law see Steve Peers (2016) EU Justice and Home Affairs Law, Vol II. Oxford University Press.

  163. 163.

    See Art. 3(2) and 5(2).

  164. 164.

    See EDPB Opinion 23/2018 above.

  165. 165.

    Ibid. ECBA (2019) Opinion on European Commission’s Proposals above.

  166. 166.

    See Steve Peers (2016) EU Justice and Home Affairs Law, Vol II. Oxford University Press.

  167. 167.

    See C. Janssens (2013) The principle of Mutual Recognition in EU Law, Oxford University Press, p. 170, 176–179.

  168. 168.

    See Art. 10(2) and 11(2) EIO.

  169. 169.

    At para 121.

  170. 170.

    At para 234.

  171. 171.

    Regulation (EU) 2016/679.

  172. 172.

    Directive (EU) 2016/680.

  173. 173.

    See CCBE Recommendations of 28/2/19 and CCBE Position of 19/10/18.

  174. 174.

    It has been also suggested that the confidentiality restrictions should be subject to independent judicial approval see CCBE recommendations of 28/2/19 and position of 19/10/18.

  175. 175.

    See A. Kargopulos (2014) ‘Ne bis in idem in criminal proceedings’ in European Police and Criminal Law Co-operation, M. Bergstrom and A. Jonsson Cornell eds. Hart Publishing pp. 86–126.

  176. 176.

    Article 25 ff. CCC.

  177. 177.

    Article 3(4) draft Regulation.

Abbreviations

AFSJ:

Area of Freedom, Security and Justice

Art.:

Article/Articles

CCC:

Convention on Cybercrime

CFR:

Charter of Fundamental Rights of the European Union

CJEU:

Court of Justice of the European Union

GDPR:

General Data Protection Regulation

ECHR:

European Convention on Human Rights

EIO:

European Investigation Order

EPOC:

European Production Order (Certificate)

EPOC-PR:

European Preservation Order (Certificate)

EU:

European Union

JHA:

Justice and Home Affairs

LEA/LEAs:

Law Enforcement Authority/Authorities

MLA:

Mutual Legal Assistance

MS/MSs:

Member State/Member States

TEU:

Treaty on the European Union

TFEU:

Treaty on the Functioning of the European Union

US:

United States of America

References

  1. Bermann PS (2018) Legal Jurisdiction and the deterritorialization of data. Vanderbilt Law Rev 71:11

    Google Scholar 

  2. Canadian Association of Chief Police Officers (2018) Resolution #02–2018 reasonable law to facilitate cross-border access to data related to Canadian criminal offences or held by Canadian Providers available at https://www.cacp.ca/resolution.html?asst_id=1694

  3. Christakis T (2019) E-evidence in a Nutshell: developments in 2018, relations with the cloud act and the bumpy road ahead. Cross-border Data Forum available at https://www.crossborderdataforum.org/e-evidence-in-a-nutshell-developments-in-2018-relations-with-the-cloud-act-and-the-bumpy-road-ahead/

  4. CJEU (2014) Opinion 2/13 of the court on accession of the European Union to the European Convention for the protection of human rights and fundamental freedoms, 18 December 2014 available at https://www.europeansources.info/record/opinion-2-13-accession-european-union-european-convention-protection-human-rights-fundamental-freedoms/

  5. Council of Europe “Enhanced international cooperation on Cybercrime and electronic evidence: Towards a Protocol to the Budapest Convention” 5 September 2019 available at https://rm.coe.int/summary-towards-a-protocol-to-the-budapest-convention/1680972d07

  6. Council of Europe “Preparation of the 2nd additional protocol to the Budapest Convention on Cybercrime: state of play” available at https://rm.coe.int/t-cy-2019-19-protocol-tor-extension-chair-note-v3/16809577ff

  7. Council of Europe “T-CY assessment report: The mutual legal assistance provisions of the Budapest Convention on Cybercrime” December 2014 available at https://rm.coe.int/16802e726c

  8. Council of the EU “Decision authorising the opening of negotiations with a view to concluding an agreement between the European Union and the United States of America on cross-border access to electronic evidence for judicial cooperation in criminal matters” (9114/19) Brussels, 21 May 2019, available at https://data.consilium.europa.eu/doc/document/ST-9114-2019-INIT/en/pdf

  9. Council of the EU “Decision authorising the European Commission to participate, on behalf of the European Union, in negotiations on a second additional protocol to the Council of europe Convention on Cybercrime” (CETS No. 185) Brussels, 21 May 2019 available at https://data.consilium.europa.eu/doc/document/ST-9116-2019-INIT/en/pdf

  10. Council of the EU “Regulation of the European Parliament and of the Council on European production and preservation orders for electronic evidence in criminal matters—general approach” (10206/19) Brussels, 11 June 2019 available at https://data.consilium.europa.eu/doc/document/ST-10206-2019-INIT/en/pdf

  11. Council of the EU (2018) Opinion of the European Economic and social committee, Brussels, 2 August 2018 (11533/18) available at http://data.consilium.europa.eu/doc/document/ST-11533-2018-INIT/en/pdf

  12. Council of the EU, Final report of the seventh round of mutual evaluations on “The practical implementation and operation of the European policies on prevention and combating Cybercrime”, ST 12711 2017 INIT, 2 October 2017 available at http://data.consilium.europa.eu/doc/document/ST-8178-2017-REV-1-DCL-1/en/pdf

  13. Council of the EU “Non-paper: Progress Report following the Conclusions of the Council of the European Union on Improving Criminal Justice in Cyberspace” Brussels, 2 December 2016 (15072/16) available at http://data.consilium.europa.eu/doc/document/ST-15072-2016-INIT/en/pdf

  14. Council of the EU “Conclusions of the Council of the European Union on improving criminal justice in cyberspace” ST9579/16 available at https://ec.europa.eu/home-affairs/sites/homeaffairs/files/what-we-do/policies/organized-crime-and-human-trafficking/council_conclusions_on_improving_criminal_justice_in_cyberspace_en.pdf

  15. Cybercrime Convention Committee (T-CY), Ad-hoc Sub-group on Jurisdiction and Transborder Access to Data, Transborder access and jurisdiction: What are the options?, Report of the Transborder Group, adopted by the T-CY on 6 December 2012, T-CY (2012)

    Google Scholar 

  16. Daskal J (2015) The un-territoriality of data. Yale Law Journal 125(2):326

    Google Scholar 

  17. European Commission (2018) “Commission Staff Working Document: IMPACT ASSESSMENT Accompanying the document ‘Proposal for a Regulation of the European Parliament and of the Council on European Production and Preservation Orders for electronic evidence in criminal matters’ and ‘Proposal for a Directive of the European Parliament and of the Council laying down harmonised rules on the appointment of legal representatives for the purpose of gathering evidence in criminal proceedings’ Brussels, 17. 4. 2018, SWD (2018) 118 final available at https://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1524129550845&uri=SWD:2018:118:FIN

  18. European Commission “Proposal for a Regulation of the european parliament and of the Council on European production and preservation orders for electronic evidence in criminal matters” Strasbourg, 17.4.2018 COM(2018) 225 final, 2018/0108(COD) available at https://ec.europa.eu/info/policies/justice-and-fundamental-rights/criminal-justice/e-evidence-cross-border-access-electronic-evidence_en

  19. European Commission “Proposal for a directive of the european parliament and of the Council laying down harmonised rules on the appointment of legal representatives for the purpose of gathering evidence in criminal proceedings” Strasbourg, 17. 4. 2018, COM (2018) 226 final, 2018/0107(COD) available at https://ec.europa.eu/info/policies/justice-and-fundamental-rights/criminal-justice/e-evidence-cross-border-access-electronic-evidence_en

  20. European Commission “Recommendation for a COUNCIL DECISION authorising the opening of negotiations in view of an agreement between the European Union and the United States of America on cross-border access to electronic evidence for judicial cooperation in criminal matters” 05 February 2019 available at https://ec.europa.eu/info/policies/justice-and-fundamental-rights/criminal-justice/e-evidence-cross-border-access-electronic-evidence_en

  21. European Commission “Recommendation for a COUNCIL DECISION authorising the participation in negotiations on a second Additional Protocol to the Council of Europe Convention on Cybercrime (CETS No. 185) 05 February 2019, available at https://ec.europa.eu/info/policies/justice-and-fundamental-rights/criminal-justice/e-evidence-cross-border-access-electronic-evidence_en

  22. European Commission “Security Union: Facilitating Access to Electronic Evidence” Factsheet, April 2018 available at https://ec.europa.eu/info/sites/info/files/placeholder_2.pdf

  23. European Commission (2016) “Communication on delivering on the European Agenda on Security to fight against terrorism and pave the way towards an effective and genuine Security Union”, COM/2016/0230 final available at https://ec.europa.eu/commission/presscorner/detail/en/IP_16_1445

  24. European Commission (2015) “Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions: The European Agenda on Security” COM(2015) 185 final available at https://ec.europa.eu/home-affairs/sites/homeaffairs/files/e-library/documents/basic-documents/docs/eu_agenda_on_security_en.pdf

  25. European Data Protection Board (EDPB) (2018) “Opinion 23/2018 on Commission proposals on European Production and Preservation Orders for electronic evidence in criminal matters” available at https://edpb.europa.eu/sites/edpb/files/files/file1/eevidence_opinion_final_en.pdf

  26. European Data Protection Supervisor (EDPS) (2019) “EDPS Opinion on Proposals regarding European Production and Preservation Orders for electronic evidence in criminal matters” Opinion 7/2019, November 2019 available at https://edps.europa.eu/sites/edp/files/publication/opinion_on_e_evidence_proposals_en.pdf

  27. European Parliament “DRAFT REPORT on the proposal for a Regulation of the European Parliament and of the Council on European Production and Preservation Orders for electronic evidence in criminal matters (COM(2018)0225 - C8-0155/2018—2018/0108(COD))” Committee on Civil Liberties, Justice and Home Affairs, November 2019, Rapporteur: Birgit Sippel Available at https://www.europarl.europa.eu/doceo/document/LIBE-PR-642987_EN.pdf

  28. European Parliament, Policy Department for Citizens’ Rights and Constitutional Affairs (2018) “An assessment of the Commission’s proposals on electronic evidence” (external author Martin Bosse) available at https://www.europarl.europa.eu/thinktank/en/document.html?reference=IPOL_STU(2018)604989

  29. European Parliament, Policy Department for Citizens’ Rights and Constitutional Affairs (2018b) Criminal procedural laws across the European Union: A comparative analysis of selected main differences and the impact they have over the development of EU legislation available at http://www.europarl.europa.eu/thinktank/en/document.html?reference=IPOL_STU(2018)604977

  30. European Parliament Resolution of 3 October 2017 on the fight against Cybercrime (2017/2068(INI) available at http://www.europarl.europa.eu/doceo/document/TA-8-2017-0366_EN.html?redirect

  31. Eurojust and Europol (2019) Common challenges in combating Cybercrime Joint Report, available at https://www.europol.europa.eu/publications-documents/common-challenges-in-combating-cybercrime

  32. European Criminal Bar Association ECBA (2019) ECBA Opinion on the European Commission’s Proposals, available at http://www.ecba.org/extdocserv/20190213-ECBAonEPOsEPROs_Final.pdf

  33. Frank Verbruggen, Sofie Royer, and Helena Severijns (2018) “Reconsidering the blanket-data-retention-taboo, for human rights’ sake?” available at https://europeanlawblog.eu/2018/10/01/reconsidering-the-blanket-data-retention-taboo-for-human-rights-sake/

  34. Home Office (2013) Cybercrime: A review of the evidence Research Report 75, ISBN 978 1 78246 2453 available at https://www.gov.uk/government/publications/cyber-crime-a-review-of-the-evidence

  35. Janssens C (2013) The principle of Mutual Recognition in EU Law, Oxford University Press

    Google Scholar 

  36. Johnson D, Post D (1996) “Law and Borders—the rise of law in cyberspace. Stanford law review Vol 48, 1367

    Google Scholar 

  37. Kargopulos A (2014) Ne bis in idem in criminal proceedings. In: Bergstrom M, Jonsson A (eds) Cornell European police and criminal law co-operation, Hart Publishing, pp 86–126

    Google Scholar 

  38. Lessig L, Resnick P (1999) Zoning speech on the internet: a legal and technical model. Michigan Law Rev 98(2):395-431

    Google Scholar 

  39. Mitsilegas V (2016) Eu criminal law after lisbon: rights, trust and the transformation of Justice in Europe. Hart Publishing, Oxford/Portland

    Google Scholar 

  40. Morgus R, Woolbright J, Sherman J (2018) The digital deciders: how a group of often overlooked countries could hold the keys to the future of the global internet, October 2018, available at https://www.newamerica.org/cybersecurity-initiative/reports/digital-deciders/

  41. Nicolson D (2019) Evidence and proof in Scotland: context and critique. Edinburgh University Press

    Google Scholar 

  42. Peers S (2016) EU justice and home affairs law. Vol II. Oxford University Press

    Google Scholar 

  43. Programme of measures to implement the principle of mutual recognition of decisions in criminal matters, OJ C 12, (15 January 2001) available at http://www.ecba.org/extdocserv//CriminalJustice/OtherEUdocs/Programmeofmeasuresimplementprinciplemutualrecogofdecisions.pdf

  44. Roberts P, Zuckerman R (2010) Criminal evidence. Oxford University Press

    Google Scholar 

  45. Sallavaci O (2014) The impact of scientific evidence on the criminal trial. Routledge

    Google Scholar 

  46. Statement of Article 29 Working Party (2017) Data protection and privacy aspects of cross-border access to electronic evidence. Brussels 29 November 2017 available at https://www.hldataprotection.com/files/2018/02/20171129-Art.-29-WP-e-Evidence_Statement.pdf

  47. The Council of Bars and Law Societies of Europe (CCBE) (2019) CCBE recommendations on the establishment of international rules for cross-border access to electronic evidence 28/02/2019

    Google Scholar 

  48. The Council of Bars and Law Societies of Europe (CCBE) (2018) CCBE position on the Commission proposal for a Regulation on European Production and Preservation Orders for electronic evidence in criminal matters 19/10/2018

    Google Scholar 

  49. Vanessa Franssen (2018) The European Commission’s e-evidence proposal available at https://europeanlawblog.eu/2018/10/12/the-european-commissions-e-evidence-proposal-toward-an-eu-wide-obligation-for-service-providers-to-cooperate-with-law-enforcement/

Legislation

  1. Directive 2014/41/EU of the European Parliament and of the Council of 3 April 2014 regarding the European Investigation Order in criminal matters, O.J. L 130/1

    Google Scholar 

  2. Directive 2016/680 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and the free movement of such data, and repealing Council Framework Decision 2008/977/JHA (LED)

    Google Scholar 

  3. Electronic Communications Privacy Act (ECPA) US

    Google Scholar 

  4. European Convention on Mutual Assistance in Criminal Matters

    Google Scholar 

  5. European Convention on Cybercrime (Budapest Convention) available at https://rm.coe.int/CoERMPublicCommonSearchServices/DisplayDCTMContent?documentId=0900001680081561

  6. Proposal for a Regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications) COM/2017/010 final—2017/03 (COD)—Draft e-Privacy Regulation available at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52017PC0010

  7. Regulation (EU) No. 1215/2012 of the European Parliament and of the Council of 12 December 2012 on Jurisdiction and the Recognition and Enforcement of Judgments in Civil and Commercial Matters, O.J. L 351/1

    Google Scholar 

  8. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (GDPR)

    Google Scholar 

  9. UK/USA: Agreement on Access to Electronic Data for the Purpose of Countering Serious Crime [CS USA No.6/2019] available at https://www.gov.uk/government/publications/ukusa-agreement-on-access-to-electronic-data-for-the-purpose-of-countering-serious-crime-cs-usa-no62019

Download references

Acknowledgements

The author wishes to thank Sabine Michalowski and Donald Nicolson for their comments on an earlier draft.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Oriola Sallavaci .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this chapter

Verify currency and authenticity via CrossMark

Cite this chapter

Sallavaci, O. (2020). Rethinking Criminal Justice in Cyberspace: The EU E-evidence Framework as a New Model of Cross-Border Cooperation in Criminal Matters. In: Jahankhani, H., Akhgar, B., Cochrane, P., Dastbaz, M. (eds) Policing in the Era of AI and Smart Societies. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-030-50613-1_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-50613-1_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-50612-4

  • Online ISBN: 978-3-030-50613-1

  • eBook Packages: Law and CriminologyLaw and Criminology (R0)