Back to content

Cross-border access to data: NGO position delivered to the Council of Europe

 Today Access Now, as part of a global coalition of civil society organisations, submitted to the Council of Europe its comments on to how protect human rights when developing new rules on cross-border access to electronic evidence (“e-evidence”). The Council of Europe is currently preparing an additional protocol to the Cybercrime Convention. EDRi’s executive director, Joe McNamee, handed the comments over to Mr. Alexander Seger, Executive Secretary of the Cybercrime Convention Committee (T-CY) of the Council of Europe.

The Budapest or Cybercrime Convention is an international treaty that aims to ensure a common set of rules and policies on crimes committed via the internet and other computer networks such as copyright infringement and child pornography.

The submission proposed that the new additional protocol, if adopted, must include and respect three basic principles:

  1. Enforcement of jurisdiction by a State or State agency on the territory of another State cannot happen without the knowledge and agreement of the targeted State.
  2. State-parties must comply with human rights principles and requirements, including under any powers granted or envisaged in or under the Cybercrime Convention and the proposed additional protocol.
  3. Unjustified forced data localisation should be banned. Data transfers between jurisdictions should not occur in the absence of clear data protection standards.

Similar conversations at the EU level

In a parallel process, the European Commission has also recognised the need to address the flaws in the MLAT system and it has launched its own investigation into cross-border access to “e-evidence” both within and beyond the EU, with a goal to simplify and optimise the malfunctioning process.

As a part of this investigation, the Commission has published a detailed technical paper and a shorter non-paper, in which they explain their findings and outline next steps — both practical and legislative. The Commission is conducting regular meetings with stakeholders, including civil society, with impressive frequency. At the moment there is an ongoing public consultation, under which the Commission is accepting submissions until 27 October. Access Now submitted a brief paper that highlights the human rights implications of their current thinking; in it we argue for greater legal clarity, consideration of the existing European Investigation Order, a need to address the human right implications of government hacking, and more.

Further reading on cross border access from Access Now: