The proposed e-evidence package in light of the Council’s General Approach
As the voice of the digital technology industry in Europe, DIGITALEUROPE represents many companies that provide a range of digital services to enterprises and consumers across the EU. The European Commission’s proposal on cross-border access to electronic evidence in criminal matters (hereafter the ‘e-evidence package’) presents an important opportunity to rectify legal uncertainty and establish harmonised substantive and procedural safeguards for both citizens and businesses who rely on our members’ services to store and process some of their most sensitive and private information. A more robust and rights-protecting e-evidence framework in Europe will also better position Europe to improve international cooperation with the US and other third countries that better meets the needs of all stakeholders.
Our members take their responsibility to maintain the safety, security and privacy of millions of users in the EU seriously and invest heavily in technologies and processes designed to protect the security and confidentiality of stored data. In light of this, we have reservations about the General Approach issued by the Council of the European Union in December 2018 (E-evidence Regulation) and again in March 2019 (E-evidence Directive), which would scale back several important safeguards in the Commission’s original proposal and erode protections for users of digital services across Europe.
We urge the European Parliament not only to improve the Commission’s original proposal but also to remove changes introduced by Council. In this paper, we summarise the changes we believe are necessary to improve the e-evidence package to better reflect European values and meet the needs of citizens and business.
DIGITALEUROPE looks forward to engaging in a constructive discussion with policymakers and stakeholders on all key points in the proposals.
- Executive summary
- Table of contents
- Scope
– Material scope
– Exclusive use of Union instruments for cross-border situations
– Jurisdiction - Strong protections for users’ rights
- Notice to the user and transparency
- Member State notification
- Demands for enterprise data
- Necessity of immunity for good-faith compliance
- Time limits for responses
- Ability for service providers to intervene with orders
- Sanctions
- Clear rules on handling conflicts with foreign law
- Provider participation in conflict-of-law evaluations
- Mechanism to address conflicts with Member State laws
- Legal representative
- GDPR main establishment analysis
- Double criminality
- Conclusion
Below please find summaries of the key focus areas detailed within the Position Paper:
