Center for Data Innovation – “Law enforcement authorities have a problem: Evidence from crimes is often digital, such as emails or documents in the cloud, but investigators cannot easily access data stored in another country. While this issue is global, it is particularly acute within the EU. According to the European Commission, nearly two-thirds of crimes involving e-evidence held in another member state cannot be properly investigated because of lengthy delays by which time the evidence may be destroyed. To address this problem, the European Union should adopt new rules to streamline the process for obtaining and preserving e-evidence within its territory. While the European Commission has made an initial proposal on reforming the rules for e-evidence, the proposal has largely missed the mark by making the process more cumbersome for companies and shifting the burden of vetting requests to the private sector. In addition, the proposed rules threaten high fines—up to 2 percent of their global turnover—for compliance violations, which will make companies focus more on avoiding penalties rather than working cooperatively with investigators.
The purpose of new rules should be to expedite law enforcement access to data stored by providers in another EU member state. Updated rules should accomplish three main goals. First, they should standardize the process for how EU law enforcement agencies request that a company preserve or provide access to data in cross-border situations. For example, there should be common rules on when a court order is necessary, what type of information may be requested, and how long companies have to respond to a request. Requests from other EU member states should also be vetted through a domestic government agency, so that companies do not have to deal with multiple foreign government authorities. Creating an EU standard will greatly simplify compliance for companies because it will make it easier for them to determine the authenticity and lawfulness of the requests they receive. If companies can more easily determine the validity of a request, then they can respond faster…”