From:PresidencyTo:DelegationsSubject:Encryption of data- QuestionnaireOver lunch during the informal meeting of the Justice Ministers (Bratislava, 8 July 2016) the issueof encryption was discussed in the context of the fight against crime. Apart from an exchange on thenational approaches, and the possible benefits of an EU or even global approach, the challengeswhich encryption poses to criminal proceedings were also debated. The Member States' positionsvaried mostly between those which have recently suffered terrorist attacks and those which havenot. In general, the existence of problems stemming from data/device encryption was recognised aswell as the need for further discussion.To prepare the follow-up in line with the Justice Ministers' discussion, the Presidency has prepareda questionnaire to map the situation and identify the obstacles faced by law enforcement authoritieswhen gathering or securing encrypted e-evidence for the purposes of criminal proceedings.On the basis of the information be gathered from Member States' replies, the Presidency willprepare the discussion that will take place in the Friends of the Presidency Group on Cyber Issuesand consequently in CATS in preparation for the JHA Council in December 2016.Delegations are kindly invited to fill in the questionnaire as set out in the Annex and return it byto the following e-mail address:12368/16MK/ecDGD2Bo almost alwaysoften (in many cases)o rarely (in some cases)o neverPlease provide other relevant information:IN MANY CASE, SIZED COMPUTER OR MEDIA WERE ENCRYPTED BY THECRIMINALS DUE TO MAKE DATA PROTECTED AND UNAVAIBLE TO FORENSICSACTIVITYIf you have different experiences in cross-border cases, please specify:o online encryptiono e-mail (PGP/GPG)o SFTPHTTPSo SSH TunnellingTORo P2P / I2Po e-data stored in the cloudo e-communications (through applications such as Skype, WhatsApp, Facebook, etc.)others? Please specify:o offline encryptionencrypted digital devices (mobile phone / tablet /computer)o encrypting applications (TrueCrypt / VeraCrypt / DiskCryptor, etc)o others? Please specify:Please provide other relevant information:MANY ONLINE SERVICES (90%) ARE NOW AVAILABLE ON HTTPS PROTOCOL,DEVICE HAVE NATIVE ENCRYPTED APPLICATIONS.AS FOR ONLINE ENCRYPTION, ONE MAIN PROBLEM IS THE LACK OFTRACEABILITY OF TOR CONNECTIONS AND BITCOIN TRANSACTIONS. AS FOROFFLINE ENCRYPTION, ONE MAIN PROBLEM IS WITH ONE OF THE MAJORDEVICES COMPANY.If you have different experiences in cross-border cases, please specify:12368/16MK/ecANNEXDGD2Bo yesnoPlease specify:yeso noPlease specify:INTERNET SERVICE PROVIDER, UNDER COURT ORDER ARE OBLIGED TOPROVIDE ANY AVAILABLE INFORMATION REGARDING THEIR CUSTOMERUNDER INVESTIGATIONS.yeso noPlease specify:A COURT ORDER IS ABSOLUTELY REQUIREDIN IN CASE OF INTERCEPTION ORMONITOR ENCRYPTED DATA FLOW.WIRETAPPING ACTIVITIES ON ENCRYPTED DATA FLOW ARE ALLOWED BYMEANS OF THE SO CALLED “TROJAN INOCULATION” TECHNIQUE. A JUDICIALORDER FROM A JUDGE IS REQUIRED.12368/16MK/ecANNEXDGD2BPlease specify:THERE ARE DIFFERENT TECNIQUE ADOPTED CASE BY CASE IN ORDER THE TRY TODECRYPT THE INTERCEPTED DATA. ALSO USING THIRD PARTIES (PRIVATEINDUSTRIES/COMPANIES) RESOURCES.IN ADDITION THE MAIN IUSSES OFTEN CONCERN THE DIFFICULTY IN REMOTELYINSTALLING THE “WIRETAP TROJAN” ONTO SUSPECTS’ DEVICE, ESPECIALLY WITHREGARD TO ONE OF THE MAJOR BRAND.If you have different experiences in cross-border cases, please specify:Please specify:IN MANY CASE AUTHORITHIES CAN USE THE JUDICAL OR POLICE COOPERATIONAGREEMENTS DUE TO BE HELPED TO DECRYPT (ALSO WITH FOREIGN COMPANIES)ENCRYPTED DATA.If you have different experiences in cross-border cases, please specify:yeso noPlease specify:SEE ALSO QUESTION/REPLY NUMBER 4.IN GENERAL TERMS, NATIONAL LEGISLATIONS COULD BE MORE EFFECTIVE IF ANOBLIGATION FOR THE SUSPECTS OR ACCUSED TO PROVIDE LAW ENFORCEMENTAUTHORITIES WITH ENCRYPTION KEYS/PASSWORDS WERE REQUIRED.12368/16MK/ecANNEXDGD2Bfinancialo personaltechnicalo legal/legislativeo othersDescribe in more detail the issues identified above:FORENSICS ANALISYS OFTEN REVEAL THAT ENCRYPTED DATA CONTAIN FINACIALAND PERSONAL DATA.ALSO ANY OTHER KIND OF INFORMATION WERE FOUND IN SIZED ENCRYPTEDDATA.THE MAIN IUSSES RESULT FROM THE TECHNICAL IMPOSSIBILITY OF DECRYPTINGONE OF THE MAJOR BRAND’S DEVICES.If you have different experiences in cross-border cases, please specify:o no EU measures are necessarydedicated new legislationpractical (e.g. development of practical tools for police and judicial authorities)improve exchange of information and best practices between police and judicial authoritieso create conditions for improving technical expertise at EU levelimprove the (legislative) conditions of communication with service providers, includingthrough the establishment of a legislative framework.o otherPlease give examples:A LEGAL COMMON FRAMEWORK IS DESIRABLE AND MAY BE ARE EFFECTIVE INCYBER CASE INVESTIGATIONS.JOINT EFFORTS AT EU LEVEL AIMED AT DEVELOPING DECRYPTIONTOOLS/TECHNIQUES WOULD BE WELCOME.12368/16MK/ecANNEXDGD2B