The Council adopted today two mandates authorising the Commission to negotiate on behalf of EU an agreement with the US facilitating access to e-evidence for the purpose of judicial cooperation in criminal matters and to participate in the negotiations in the Council of Europe on a second additional protocol to the Cybercrime Convention, respectively.

Both would aim to facilitate the access to e-evidence, such as e-mails or documents located on the Cloud, to be used in criminal proceedings. If later concluded, they will complement the EU framework on access to e-evidence currently being discussed by the EU institutions and on which the Council has adopted its position in December 2018 and March 2019.

Criminals don't stop at Europe's borders. Nowadays, the use fast and modern technologies to organise their illegal activities and erase their path afterwards. A lot of the data needed to track down these criminals is stored in the U.S. or by U.S. companies. An EU-US agreement to speed up the access of our law enforcement authorities to e-evidence is therefore of outmost importance. This will make Europe a safer place but, at the same time, it must do so while protecting our citizens' data, privacy and procedural rights. Ana Birchall, Romanian Vice Prime Minister, Minister for Justice ad-interim

As part of the negotiating mandates, the Council emphasised the need for the agreements to be compatible with the EU legislation on access to e-evidence currently being discussed. The Council also underlined its wish to be closely involved in the preparation and conduct of these negotiations.

Background

EU-US agreement on facilitating access to e-evidence

The conclusion of an EU-US agreement would put in place a framework of cooperation with the US, including for direct cooperation with services providers. This would ensure timely access to e- evidence by shortening the time period for supplying the requested data to 10 days while it currently takes on average 10 months. It would also ensure strong safeguards for the protection of fundamental rights.

Currently, U.S. based service providers cooperate with European law enforcement authorities on a voluntary basis and are not always allowed, under U.S. law, to provide the requested data directly to European authorities following requests for access to electronic evidence.

2nd additional protocol to the Budapest Convention

In September 2017, the Council of Europe undertook to prepare a second additional protocol to the Budapest Convention on Cybercrime. The objective of the protocol is to lay down provisions for a more effective and simplified mutual legal assistance (MLA) regime, allowing direct cooperation with service providers in other state parties to the Convention and for searches to be extended across borders. It is to be equipped with strong safeguards and data protection requirements. The advantage of such an agreement is its potential to be of application across the globe. Currently, 63 countries are party to the Convention, including 26 member states.

Next steps

The Commission is expected to start negotiations with the US authorities shortly. With regards the protocol to the Budapest Convention, the negotiations between all the parties are already ongoing.