The European Commission is expected to present a roadmap on access to electronic evidence by autumn 2017. A legislative proposal is also expected to follow at the beginning of 2018.
The conclusions adopted during the European Summit on 22-23 June state “that effective access to electronic evidence is essential to combating serious crime and terrorism” (see EUROPE 11815) and that, “subject to appropriate safeguards, the availability of data should be secured”. Earlier in the month, a majority of justice ministers said that they needed to leverage EU legislative action as part of the direct cooperation with service providers for setting out common minimum conditions and guarantees in the EU on direct data access by the authorities through an information system. A Parliamentary resolution put forward by Elissavet Vozemberg-Vrionidi (EPP, Greece) expected for autumn 2017 is also expected to deliver this message.
Two connected dossiers on data encryption and retention
According to our information, the Commission does not intend to legislate on encrypted electronic communications or introduce backdoors (introducing a breach in code sources in order to allow decryption).
In February 2017, Germany and France, however, called for service providers’ obligations to be regulated (see EUROPE 11731). According to the Euractiv website, Croatia, Italy, Lithuania, Poland and Hungary also called for legislation on encryption.
According to our information, there is a division between the Ministers of the Interior in different member states and the other ministers. This ambivalence is also reflected in the conclusions of the most recent European Summit, which calls “for addressing the challenges posed by systems that allow terrorists to communicate in ways that competent authorities cannot access, including end-to-end encryption, while safeguarding the benefits these systems bring for the protection of privacy, data and communication”.
An interpretation document published after the EU 28 meeting supports greater cooperation with the information technology industry in developing new automatic tools for detecting and withdrawing content that is an incitement to committing terrorist acts, accompanied, “if necessary”, by legislative measures.
One thing is certain, neither the Estonian Presidency of the Council of the EU nor Vice President Andrus Ansip are in favour of legislative measures on compulsory backdoors. During the Digital Summit in Valetta, Mr Ansip, said that he was not in favour of backdoors, “because we cannot be sure of misuse” (see EUROPE 11810).
Finally, on the question of data retention, the European Commission is expected to publish guidelines on the Télé2 judgement stipulating that member states cannot impose a general obligation to conserve data from electronic communication service providers, unless it is targeted (see EUROPE 11756). This subject is on the agenda of the informal justice ministers meeting on Friday 7 July. (Original version in French by Sophie Petitjean)