A brief outline of The EVIDENCE project

Similar documents
Q. What do the Law Commission and the Ministry of Justice recommend?

2. What are the main types of encryption mostly encountered during criminal investigations in cyberspace?

INVESTIGATION OF ELECTRONIC DATA PROTECTED BY ENCRYPTION ETC DRAFT CODE OF PRACTICE

EXAM TTM2 Information security, advanced. Technical Tools/Aid: None Duration: (3 hours) Contact person: Svein Willassen, ph.

Submission to the Joint Committee on the draft Investigatory Powers Bill

DEPARTMENT OF JUSTICE CANADA MINISTÈRE DE LA JUSTICE CANADA

INVESTIGATORY POWERS BILL EXPLANATORY NOTES

Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

14480/1/17 REV 1 MP/mj 1 DG D 2B LIMITE EN

I. REGULATION OF INVESTIGATORY POWERS BILL

Testimony of Kevin S. Bankston, Policy Director of New America s Open Technology Institute

The Supreme Court, Civil Liberties, and Civil Rights

Law Commission Review of the Search and Surveillance Act 2012

SUMMARY OF THE IMPACT ASSESSMENT

Laurel Police Department - General Order Chapter 4, Section 100, Order 115 Video Recording of Police Activity August 12, 2012

Final Report Task 2. November P O Box 159 Sevenoaks Kent TN14 5WT United Kingdom

Reply by the Federal Republic of Germany

~ 1 ~ Noting that states share sovereignty in cyberspace and have a common interest in its regulation and protection;

Aspects of Criminal Procedural Law in Argentina.

Seminar 4: Collecting evidence throughout the European Union II: The European Evidence Warrant and New Instruments in this Field

HAUT-COMMISSARIAT AUX DROITS DE L HOMME OFFICE OF THE HIGH COMMISSIONER FOR HUMAN RIGHTS PALAIS DES NATIONS 1211 GENEVA 10, SWITZERLAND

Considerations on the use of technical surveillance in criminal proceedings

Investigatory Powers Bill Briefing

European Cross-Border Bribery Taskforce Conference - Breaking the Chains of Corruption

Investigatory Powers Bill

National Report Japan

1 June Introduction

Data protection and privacy aspects of cross-border access to electronic evidence

Inquiry into Comprehensive Revision of the Telecommunications (Interception and Access) Act 1979

REQUESTS FOR MUTUAL LEGAL ASSISTANCE IN CRIMINAL MATTERS. Guidance for Authorities Outside of Kenya

COMMUNICATION FROM THE COMMISSION. On the global approach to transfers of Passenger Name Record (PNR) data to third countries

Preparatory Colloquium September 2013, Antalya (Turkey) Section III: Information Society and Penal Law NATIONAL REPORT ITALY

WORKING DOCUMENT. EN United in diversity EN

Tertiary Education Quality and Standards Agency Act 2011

LEGISLATIVE CONSENT MEMORANDUM INVESTIGATORY POWERS BILL

Strengthening aspects of the presumption of innocence and the right to be present at trial in criminal proceedings

Covert Human Intelligence Sources Code of Practice

A Modern European Data Protection Framework Safeguarding Privacy in a Connected World

2nd WORKING DOCUMENT (B)

Legislative Brief The Information Technology (Amendment) Bill, 2006

ECC Report 194. Extra-Territorial Use of E.164 Numbers. 17 April 2013

A Modern European Data Protection Framework. Bruno Gencarelli DG JUSTICE and CONSUMERS

UNITED STATES AIR FORCE COURT OF CRIMINAL APPEALS

Emerging Technology and the Fourth Amendment

RULES OF EVIDENCE LEGAL STANDARDS

Statement for the European Parliament, Temporary Committee on the ECHELON interception system, meeting of Thursday, 22 March, 2001, Brussels.

Surveillance Devices Act 2007 No 64

APPENDIX. 1. The Equipment Interference Regime which is relevant to the activities of GCHQ principally derives from the following statutes:


Law Enforcement Disclosure Report. Legal Annexe June Vodafone Power to you

OTrack Data Processing Terms

REGULATION OF INVESTIGATORY POWERS BILL SECOND READING BRIEFING

Article 1. Federal Data Protection Act (BDSG)

process will save judges, sheriffs, clerks, and attorneys' time and money.

Implementation of GDPR and control mechanisms of data protection institutions in Germany

General Meeting, absentee Ballots and Proxy Voting

EU Data Protection Law - Current State and Future Perspectives

Cross Border recognition of authentication methods/electronic signatures

REGULATORY IMPACT STATEMENT IMMIGRATION ACT: COMPLIANCE AND ENFORCEMENT

Use of Pre-Charge Bail

Opinion of the European Data Protection Supervisor

Can consent to cookies be expressed through web browser settings or other applications?

L 350/72 Official Journal of the European Union

Telecommunications (Interception Capability and Security) Bill

The information contained in this table should be updated on a yearly basis.

Conducting surveillance in a public place

IC Chapter 5. Search and Seizure

COUNTERING TERRORIST FIGHTERS LEGISLATION BILL Human Rights Commission Submission to the Foreign Affairs, Defence and Trade Committee 27 November 2014

Statewatch briefing on the European Evidence Warrant to the European Parliament

Conference report Privacy, security and surveillance: tackling dilemmas and dangers in the digital realm Monday 17 Wednesday 19 November 2014 WP1361

Free and Fair elections GUIDANCE DOCUMENT. Commission guidance on the application of Union data protection law in the electoral context

Annual General Meeting, absentee Ballots

Surveillance Devices Act 2007

Bowie City Police Department - General Orders

ARTICLE 29 DATA PROTECTION WORKING PARTY WORKING PARTY ON POLICE AND JUSTICE

LIBE Committee Inquiry on electronic mass surveillance of EU citizens. Public Hearing, Strasbourg, 7 October 2013 Contribution of Peter Hustinx (EDPS)

Regulation of Interception of Act 18 Communications Act 2010

LAW ENFORCEMENT ASSISTANCE VODAFONE GLOBAL POLICY STANDARD

The public consultation consisted of four different questionnaires targeting respectively:

EUROPEAN UNION. Brussels, 3 February 2006 (OR. en) 2005/0182 (COD) PE-CONS 3677/05 COPEN 200 TELECOM 151 CODEC 1206 OC 981

29 October 2015 Conference of the Independent Data Protection Authorities of the Federation and the Federal States

Protection of Freedoms Act 2012

VIDEO RECORDING OF POLICE ACTIVITY. Date Published. By Order of the Police Commissioner

First Session Tenth Parliament Republic of Trinidad and Tobago REPUBLIC OF TRINIDAD AND TOBAGO. Act No. 11 of 2010

Statewatch Scoreboard on post-madrid counter-terrorism plans

Vademecum on European Standardisation

David Anderson QC Independent Reviewer of Terrorism Legislation Brick Court Chambers 7-8 Essex Street London WC2R 3LD

Report on Interception of Communication and Intrusive Surveillance 1. (Best Practice Survey No. 3)

COUNCIL OF THE EUROPEAN UNION. Brussels 2 September /11 CRIMORG 124 COPEN 200 EJN 100 EUROJUST 122

Cross-Border Internal Investigations: Data Protection and Employee Issues. June 11, 2014

Archival Legislation in Singapore

REPORT FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT AND THE COUNCIL

Schengen Joint Supervisory Authority Activity Report January 2004-December 2005

Cybercrime Convention Committee (T-CY) Report of the Transborder Group for 2013

Chapter 1: Computer Forensics and Investigations as a Profession

Bitkom views on EDPB Guidelines 3/2018 on the territorial scope of the GDPR (Article 3)

Cell Site Simulator Privacy Model Bill

Report on the findings by the EU Co-chairs of the ad hoc EU-US Working Group on Data Protection

MUTUAL LEGAL ASSISTANCE ACT

Meijers Committee standing committee of experts on international immigration, refugee and criminal law

Transcription:

This project has received funding from the European Union s Seventh Framework Programme for research, technological development and demonstration under Legal Notice: The views expressed in the course of this research are the sole responsibility of the author and do not necessarily reflect the views of European Commission.

A brief outline of The EVIDENCE project 2

About EVIDENCE Project co-ordinator: Institute of Legal Information Theory and Techniques of the National Research Council (CNR-ITTIG) Funded by the FP7 programme EU funding: 1,924,589.00 Project duration: 30 month 01/03/2014 31/08/2016 9 project partners involved 3

Scope legal proceedings rely on the production of evidence electronic data may be easier to manipulate than traditional data Legislation on criminal procedures in many European countries was enacted before current technologies appeared Lack of harmonisation throughout Europe Criteria for collection, use, exchange and admissability are different and partly uncertain across the European Union 4

Analysis of status quo Analysis of impact and testing Methodology Review the legal, ethical and societal implications of the desired options, test selected approaches (case studies) Finding a way forward Create a Road Map and guidelines that would enable the setup of a Common European Framework for the regulation and standardisation of electronic evidence gathering and exchange. 5

The EVIDENCE impact Offer a forum for stakeholders, bring together experts Governments, law enforcement agencies Judges and magistrates, prosecutors and lawyers Experts in digital forensics Companies dealing with security issues Research and academia Media and civil society Final goal: the EVIDENCE road map Positively influence the (legal)handling of digital evidence 6

A short overview on General issues related to electronic/digital evidence 7

What is electronic evidence? Lack of legal definition in most (all?) member states Possible Definition: Any information of potential or tangible probative value that is generated through, stored on or transmitted by any electronic device. 8

What is electronic evidence? Any information of potential or tangible probative value that is generated through, stored on or transmitted by any electronic device. Is this too broad? If evidence is only transmitted electronically (e.g. Fax), does this include the same increased risk of (intentional or unintentional) alteration as for evidence collected/stored electronically? 9

What is electronic evidence? Any information of potential or tangible probative value that is generated through, stored on or transmitted by any electronic device. Is this too broad? Should the scope be limited to digital (as opposed to electronic evidence? Non-digital electronic evidence (e.g. VHS-Video) may be similar rather to conventional evidence in terms of risks 10

Lacking legal framework (I) rule of law requires legal basis for any measure impacting fundamental rights such legal basis is required to provide for the precise conditions under which a measure can be taken, e.g. only to investigate serious crimes only if other, less intrusive measures appear to be less effective the safeguards to be taken, e.g. judicial warrant approval of head of authority, or even superior ministry clearly defined proceedings, incl. rules to guarantee originality the limitations, e.g. certain special departments and specially trained officers limited period of time of the measure (e.g. interception) to guarantee proportionality of the measure 11

Lacking legal framework (II) Lack of particular provisions serving as legal basis leads to fallback to general clauses Missing particular and appropriate safeguards or to legal bases stemming from the age of physical evidence Existing safeguards may be insufficient or inefficient to grant the protection needed to encounter the risks stemming from the digital nature of particular evidence 12

Rule of Law - Proportionality what may be proportionate for averting a grief danger (Gefahrenabwehr), may not be proportionate for criminal investigations (or only under stricter pre-conditions) E.g. 20k BKAG but is this same all over Europe? (questionable) SIS often hold the most powerful legal competences to access data of targets can such data later be used as digital evidence in criminal proceedings? in Germany forbidden by law! (Proportionality!) but in other countries? 13

Some examples for Particular issues related to electronic/digital evidence 14

15

16

Unclear Jurisdiction in Cross-Border Scenarios Example: cloud services Suspect may access the cloud from anywhere in the world the data may be stored anywhere in the world compentece of German authorities, if the German suspect uploads data out of Philipines through an Indian cloud provider to a data center in Brazil? 17

Lawful Interception on a Terminal Device (Quellen-TKÜ) Lawful interception on a terminal device means the practice of monitoring the communication directly on the suspect s device (avoiding encryption of data in transfer, e.g. on Skype) Issues: General regulation for lawful interception in 100a StPO applicable and providing for sufficient safeguards? Does not 20l I BKAG systematically imply that already for averting dangers such measure requires high safeguards? Should this not apply the more for measures taken for criminal investigations? How about the rest of Europe? 18

Computer-Assisted Search This project has received funding from the European Computer-assisted search means the practice of secretly getting access to data that is stored on a suspect s device. Mellowbow, flickr 19

Issues: Computer-Assisted Search Legal Basis in Germany only for averting dangers by BKA ( 20k BKAG) Situation across Europe? Can a fundamental right to Integrity and Privacy of IT- Systems be recognised on a European level (or in other member states)? Implications for statutory law! 20

Issues: Seizure of Data Can data be seized in a technical sense, as it is not physical? Are the existing provisions really sufficient? Is seizure of a computer really comparable to seizure of e.g. a knife used to commit a crime? Seizing a knife means a minor impact on the fundamental right to property (only) Seizing a computer will most likely have an impact on the fundamental rights to privacy and (possibly) telecommunications privacy in addition! Seizing a computer may have serious economic and other consequences 21

Data retention CherryX, Wikipedia 22

Data retention Are member states free to establish (unharmonized) rules for data retention (as before the directive went into force in 2006)? Possible counter argument: 2002/58/EC will need to be interpreted in line with the ECJ ruling, which may prevent any form of data retention However, not all member states may follow this approach... 23

Thank you! Thank you for your kind attention! stoklas@iri.uni-hannover.de 24

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback