EU to give police forces far reaching data collection powers

New proposals could see authorities bypassing member states to collect evidence

The European Union is planning to give police authorities the power to gather evidence directly from technology companies during investigations, even if that data is stored in a non-European country.

The European Commission is preparing to present three proposals to EU ministers, according to a report by Reuters, setting out three different potential scenarios for the collection of data.

The first, and least intrusive option, would see law enforcement authorities in one member state be allowed to approach IT providers in another member state directly, without having to secure permission from that state first.

Under current rules, police agencies in France would need to secure cooperation from German authorities to root out evidence on their behalf, which is typically time consuming and inefficient.

Advertisement - Article continues below
Advertisement - Article continues below

The second scenario would place an obligation on IT companies to turn over any evidence requested by law enforcement agencies from other member states. Yet forcing tech companies to turn over data stored in different member states has faced legal challenges in the past.

Microsoft famously won a court victory against the US Department of Justice in July 2016, after it attempted to force the company to hand over email repositories stored in Ireland. Somewhat ironically, the Commission supported Microsoft's position in that case, arguing that foreign authorities shouldn't be able to directly access data unless they have secured traditional cooperation.

IT Pro has approached Microsoft for comment on these latest proposals, but had yet to receive a response at the time of publication. 

The last, and most intrusive and widest reaching proposal, would grant police agencies the power to copy data directly from the cloud, useful for when it is unclear which country is holding onto the data.

Speaking to Reuters, EU Justice Commissioner Vera Jourova said: "I am sure that now in the shadow of recent terrorist attacks and increasing threats in Europe there will be more understanding among the ministers, even among those who come from countries where there has not been a terrorist attack."

"The third option is kind of an emergency possibility, which will require some additional safeguards protecting the privacy of people," she added. One of these safeguards, she suggested, could be a block on the mass collection of data for potential future investigations.

Advertisement - Article continues below

The exact scope of these proposals are due to be discussed on Thursday, according to the report, including precisely what data falls within the scope of the law.

Featured Resources

What you need to know about migrating to SAP S/4HANA

Factors to assess how and when to begin migration

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

Testing for compliance just became easier

How you can use technology to ensure compliance in your organisation

Download now

Best practices for implementing security awareness training

How to develop a security awareness programme that will actually change behaviour

Download now

Most Popular

data governance

Brexit security talks under threat after UK accused of illegally copying Schengen data

10 Jan 2020
cyber security

If not passwords then what?

8 Jan 2020
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020
Policy & legislation

GDPR and Brexit: How will one affect the other?

9 Jan 2020