Since January 2017, the European Commission (EC) has solicited views from interested parties about cross-border law enforcement access to electronic data for criminal investigations. The EC has engaged with European law enforcement agencies and prosecutors as well as industry groups, companies, and civil society organisations. The process has been open and inclusive, and the EC has taken a rational approach based on hard evidence and factual input. CDT has been engaged in this consultative process since its inception, and has also briefed EC officials bilaterally on key issues. It is our understanding that the EC intends to put forward a legislative proposal in 2018 in order to enable more efficient and expeditious access to electronic evidence, both through government/government exchange of data and through data requests or orders by law enforcement agencies to communications providers in other countries holding data. In our consultation response, filed on 27 Oct along with a short paper, we do not endorse any of the particular approaches that the EC is considering.
We recognise the concerns about difficulties in obtaining electronic data relevant for criminal investigations that motivates the EC’s initiative. We also recognise that, given the right privacy and due process safeguards, cooperation with communications providers may be enhanced, and that existing MLAT-processes may not always be able to scale with the volume of requests. Our overriding message is that as the EC considers its next step, it must ensure that protection of fundamental rights is front and centre. We refer to existing human rights principles on necessity and proportionality and ask that they be included in any initiative the EC puts forward. On one issue, ‘direct access’ (or government hacking) CDT urges extreme caution and highlights the risks to the security and integrity of digital infrastructure that are inherent to such measures.