Council and Parliament negotiations: EU laws on „E-Evidence“ reportedly on the home straight

Internet service providers are to facilitate the work of law enforcement agencies with orders to preserve and hand over their users‘ data. With an additional directive, companies must designate legal representation and establish points of contact.

Negotiations on the EU proposals on „electronic evidence“ („e-evidence“) could be concluded this year. This is according to a note from the then French Presidency of the Council distributed to delegations of EU member states on June 16. The British civil rights organization Statewatch, which published the document, therefore speaks of an „end game“.

According to France, the second political trialogue between the Council and Parliament on June 14 was a „turning point.“ The two legislative bodies disagreed mainly on the question of whether a state may oppose another country’s order to hand over „electronic evidence“. „Council and Parliament negotiations: EU laws on „E-Evidence“ reportedly on the home straight“ weiterlesen

What’s the problem with the EU regulation on the release of electronic evidence?

The EU Parliament has accommodated the member states on crucial points, but now demands special attention to fundamental rights. The controversial question is how a state in which a company is based can object to an order.

The French EU Presidency wants to get things moving on the so-called E-Evidence dossier and has scheduled several meetings of the relevant Council working groups since January. However, the Member States and the Parliament have not yet been able to agree on essential points. Today, the issue is once again on the agenda of the meeting of Justice Ministers in Brussels.

Four years ago, the European Commission proposed a Regulation on European Production and Preservation Orders for electronic evidence in criminal matters. The law enforcement authorities of the member states want to oblige internet service providers that are not located in their own country to directly transmit data of their users. These direct contacts between states and companies would bypass the usual legal process. The regulation concerns inventory, traffic and content data. It also covers companies that are based in third countries but offer their services in the EU. For this purpose, they are to designate a „point of contact“ in an EU member state. „What’s the problem with the EU regulation on the release of electronic evidence?“ weiterlesen

Planned regulation: EU Commission postpones mandatory screening of encrypted chats

Providers of messengers and cloud services will be allowed to voluntarily screen for child abuse content worthy of prosecution, which is to become mandatory across the EU. The Council and Commission are pushing for an extension to other crime areas. Next week, the EU interior ministers will publish a declaration on this.

On 1 December, the European Commission planned to present its proposal for a regulation for „detection, removal and reporting of illegal content online“ in the area of child sexual abuse. It would require providers of messenger services or chat programmes to automatically scan private communications for such material.

But the already delayed bill is now being postponed again. This emerges from a comparison of the Commission’s agendas. The latest version, dated 26 October, no longer includes the legislative proposal. Originally, the Commission wanted to present the EU regulation already in spring. So far, there is no new date. „Planned regulation: EU Commission postpones mandatory screening of encrypted chats“ weiterlesen

EU Council and Commission: New roadmap for access to encryption

The Portuguese Presidency is calling for an EU-wide regulation on access to encrypted content by police and judiciary. This should also affect device manufacturers. Failure to comply could result in companies being banned from doing business in the EU.

The European Union is to adopt a legal framework on decryption in the near future so that authorities can access „lawfully relevant data“. This was written by the Portuguese EU Council Presidency in a Communication which also presents a roadmap for this purpose. An important milestone is a proposal for „way forward“, which the EU Commission will prepare by 2022.

The paper from Portugal has been coordinated with the previous German and the upcoming Slovenian EU Presidencies. The German Ministry of the Interior had taken a new initiative against end-to-end encryption at the start of this so-called trio presidency and adopted a Resolution and Conclusions on the implementation of decryption capabilities. It states that the member states themselves should decide on the methods they use. „EU Council and Commission: New roadmap for access to encryption“ weiterlesen

German Ministry of the Interior plans EU declaration against encryption

Since 2016, the Council and Commission of the European Union have been working on ways to decrypt digital content. After setting up a department at Europol, the Internet companies are now being urged to cooperate more. They are to provide police and secret services with decrypted data on request.

Within the framework of its EU Council Presidency, the German government wants to achieve a declaration on encrypted communication on the Internet. This common line taken by all member states should put pressure on service providers to introduce appropriate solutions for decrypting. According to a Council document published yesterday by the British Civil Liberties Organization, the individual governments are to send their position to an e-mail address of the German Ministry of the Interior by October 7. After that, the Standing Committee on Operational Cooperation on Internal Security (COSI) will decide on how to proceed. There, the national interior ministries are coordinating among themselves. „German Ministry of the Interior plans EU declaration against encryption“ weiterlesen

Europol Study: Disclosure of electronic evidence often fails due to incompetence of authorities

The planned EU e-Evidence regulation is intended to force Internet service providers to cooperate more with police and judicial authorities. However, a survey shows that the companies already comply with their requests voluntarily. But they are often incorrect and thus rejected.

The police from Germany, France and Great Britain request by far the most data from Internet service providers. This is the result of a study by the SIRIUS project, which Europol has published on its website. 38% of all requests (67,991) come from German authorities. Although the so-called G6 countries (Germany, France, the UK, Poland, Spain and Italy) represent half of the EU population, their authorities are responsible for around 90% of crossborder internet surveillance activities.

The SIRIUS platform located at the police agency Europol in The Hague is intended to facilitate the exchange of knowledge on electronic evidence. Via a secure connection, authorities in all EU member states can obtain information on how to query Internet service providers. This applies to traffic, user and content data, which are released in different ways. SIRIUS also contains instructions for „Open Source Internet Searches“ (OSINT) and for conducting queries on user data from various service providers. This enables the persons behind IP addresses or mail accounts to be determined. „Europol Study: Disclosure of electronic evidence often fails due to incompetence of authorities“ weiterlesen

EU surveillance state

The EU is increasing the surveillance in its Member States. US authorities could soon also wiretap legally in Europe

The new European Parliament is to be constituted in September, after which the EU Commission will be re-elected. The governments of the member states use this phase to put far-reaching surveillance measures on track. This week the Justice and Home Affairs Ministers debated this on their Council meeting in Luxembourg.

Data retention is right at the top of the agenda. EU-wide, Internet and telephone providers are to be forced to store data on customers and their communications for years. If necessary, these could later be queried by police authorities or secret services. Although the European Union adopted a corresponding directive in 2006, it was declared invalid ten years later by the European Court of Justice (ECJ). As a result, many member states issued national regulations that differ in the depth of intervention or storage period. „EU surveillance state“ weiterlesen

US authorities want to legally intercept telecommunications in Europe

The FBI could soon demand sensitive communication data from European Internet service providers. It would also be possible to have the data retrieved in real time. With this, the European Union wants to make the Trump administration weigh the possibility of being able to query „electronic evidence“ on Facebook & Co.

The EU Commission wants to negotiate an agreement with the US government that forces Internet providers based in the European Union to cooperate more with US authorities. The companies would have to grant police forces and secret services from the USA access to the communication of their users. European prosecutors would then also be able to issue an identical order directly to Facebook, Apple and other Internet giants. The legal process via the judicial authorities that has been customary up to now is to be dropped. „US authorities want to legally intercept telecommunications in Europe“ weiterlesen

European Commission wants to facilitate access to servers in third states

Police and judicial authorities are to have easier access to cloud data in the USA. To this end, a decree of the US government will also apply in the EU member states. As part of the „Budapest Convention“, US authorities could also knock directly on the door of European Internet companies.

The European Commission has today submitted two negotiating mandates for easier data retrieval from Internet companies. Their purpose is to facilitate access to „electronic evidence“ in the US. This is also possible via the EU-US Mutual Legal Assistance Agreement or bilateral mutual recognition procedures. However, this existing international legal process takes up to 10 months. But allegedly, the EU member states only make use of this laborious procedure in around 4,000 cases a year. „European Commission wants to facilitate access to servers in third states“ weiterlesen

Project SMILE: Interface for European telecommunications interception

The European Investigation Order in criminal matters allows judicial authorities in all EU Member States to instruct each other to collect evidence. It also sets forth provisions for cross-border telecommunications surveillance. The European standardisation institute ETSI is consequently working on interfaces for the hand-over of intercepted phone calls.

By May 22nd, the Member States of the European Union have to transpose the European Investigation Order in criminal matters (EIO) into national law. The Directive defines cross-border cooperation between judicial authorities including courts, investigating judges and public prosecutor’s offices. In the future, an “issuing State” can oblige an “executing State” to gather evidence in criminal proceedings. This entails inter alia conducting investigations.

It also sets forth provisions for the “temporary transfer of persons held in custody”, hearings by video or telephone conference or the use of the European arrest warrant to transfer people (including temporarily) to courts of another state. There is a dedicated chapter on telecommunications surveillance and the transfer of the “electronic evidence” gathered during such. „Project SMILE: Interface for European telecommunications interception“ weiterlesen