Cross-border access to data: EDRi delivers international NGO position to Council of Europe

By EDRi · September 18, 2017

Today, 18 September 2017, a global coalition of civil society organisations, led by European Digital Rights (EDRi), submitted to the Council of Europe its comments on how to protect human rights when developing new rules on cross-border access to electronic evidence (“e-evidence”). The Council of Europe is currently preparing an additional protocol to the Cybercrime Convention. EDRi’s Executive Director Joe McNamee handed the comments over to Mr. Alexander Seger, the Executive Secretary of the Cybercrime Convention Committee (T-CY) of the Council of Europe.

Joe McNamee, Executive Director of EDRi presents Alexander Seger with his contribution on the forthcoming Cybercrime Protocol. (Photo: Candice Imbert / Council of Europe)

Over the next two and a half years, the work on the new protocol needs to incorporate the civil society principles presented today,

said Joe McNamee, Executive Director of European Digital Rights.

Global civil society is engaging in this process to ensure that any harmonisation in this crucial policy area is up to the highest human rights standards, in line with the ethos of the Council of Europe,

he added.

We are a group of 14 civil society organisations from around the world. We submitted our comments and suggestions on the Terms of Reference for drafting a Second Protocol to the Cybercrime to the Council of Europe. Our aim is to make sure that human rights are fully respected in the preparation of the new protocol. In this global submission, we emphasise the importance of an inclusive, open and transparent drafting process. To facilitate the Council of Europe’s and the State-Parties’ work, we have elaborated key principles that will serve to guide the work of the Drafting group and allow us to engage constructively in the coming two and a half years.

It is vital that the new protocol, if adopted, include and respect three basic principles:

  1. Enforcement of jurisdiction by a State or State agency on the territory of another State cannot happen without the knowledge and agreement of the targeted State.
  2. State-parties must comply with human rights principles and requirements, including under any powers granted or envisaged in or under the Cybercrime Convention and the proposed additional protocol.
  3. Unjustified forced data localisation should be banned. Data transfers between jurisdictions should not occur in the absence of clear data protection standards.

We remain open to work with other civil society organisations in integrating these principles.

Background information:

Electronic evidence (“e-evidence”) refers to digital or electronic evidence, such as contents of social media, emails, messaging services or data held in the “cloud”. Access to these data is often required in criminal investigations. Since in the digital environment the geographical borders are often blurred, investigations require cross-border cooperation between public authorities and between public authorities and the private sector.

The new optional protocol aims to address three areas of activity:

  1. the direct gathering of electronic evidence online by law enforcement agencies in one State, from ICT infrastructure and devices in another State;
  2. closer cooperation between designated bodies in different states in relation to cross-border investigations and transnational collecting of evidence;
  3. the direct requesting and obtaining of possibly highly sensitive personal information by law enforcement agencies in one State from private sector companies in another State, without the knowledge or consent of the latter country, bypassing its laws and potentially violating its sovereignity.

Read more:

New legal tool on electronic evidence: Council of Europe welcomes civil society opinion (18.09.2017)

Global Civil Society Submission to the Council of Europe: Comments and suggestions on the Terms of Reference for drafting a Second Optional Protocol to the Cybercrime Convention (08.09.2017)

Access to e-evidence: Inevitable sacrifice of our right to privacy? (14.06.2017)

EDRi position paper on the Cybercrime Convention – cross-border access to electronic evidence (17.01.2017)

EDRi letter to the Council of Europe on the report of the T-CY Cloud Evidence Group (2016)5 (10.11.2016)

Professor Douwe Korff’s comments on the T-CY report (2016)5 (09.11.2016)