EU to give police forces far reaching data collection powers

New proposals could see authorities bypassing member states to collect evidence

The European Union is planning to give police authorities the power to gather evidence directly from technology companies during investigations, even if that data is stored in a non-European country.

The European Commission is preparing to present three proposals to EU ministers, according to a report by Reuters, setting out three different potential scenarios for the collection of data.

The first, and least intrusive option, would see law enforcement authorities in one member state be allowed to approach IT providers in another member state directly, without having to secure permission from that state first.

Under current rules, police agencies in France would need to secure cooperation from German authorities to root out evidence on their behalf, which is typically time consuming and inefficient.

Advertisement - Article continues below

The second scenario would place an obligation on IT companies to turn over any evidence requested by law enforcement agencies from other member states. Yet forcing tech companies to turn over data stored in different member states has faced legal challenges in the past.

Microsoft famously won a court victory against the US Department of Justice in July 2016, after it attempted to force the company to hand over email repositories stored in Ireland. Somewhat ironically, the Commission supported Microsoft's position in that case, arguing that foreign authorities shouldn't be able to directly access data unless they have secured traditional cooperation.

IT Pro has approached Microsoft for comment on these latest proposals, but had yet to receive a response at the time of publication. 

The last, and most intrusive and widest reaching proposal, would grant police agencies the power to copy data directly from the cloud, useful for when it is unclear which country is holding onto the data.

Speaking to Reuters, EU Justice Commissioner Vera Jourova said: "I am sure that now in the shadow of recent terrorist attacks and increasing threats in Europe there will be more understanding among the ministers, even among those who come from countries where there has not been a terrorist attack."

"The third option is kind of an emergency possibility, which will require some additional safeguards protecting the privacy of people," she added. One of these safeguards, she suggested, could be a block on the mass collection of data for potential future investigations.

The exact scope of these proposals are due to be discussed on Thursday, according to the report, including precisely what data falls within the scope of the law.

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now

Most Popular

Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019

Raspberry Pi 4 owners complain of broken Wi-Fi when using HDMI

29 Nov 2019
Amazon Web Services (AWS)

What to expect from AWS Re:Invent 2019

29 Nov 2019
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019