New EU law could give police direct access to user data

In the wake of recent terrorist attacks, European Union justice ministers met in Brussels on Thursday to discuss a regulatory proposal that would allow police and law enforcement to retrieve electronic evidence from US tech firms to intercept future attacks faster and more efficiently.

The new legislation would speed up transfer of critical data between member states, currently a cumbersome process hampered by rules preventing law enforcement from directly accessing data.

The Guardian offers an example of German authorities having to ask their Irish counterparts to request the data for them. The new law would let police directly approach an IT firm, for example Facebook, asking it to hand over data that can be used in a timely fashion to prevent misconduct.

The European Commission has three proposals that will form the basis of the new legislation, each more intrusive than the last, but EU Justice Commissioner Vera Jourova assures EU member states that everything will be done to keep user data safe, even under the most radical measures – such as enabling direct access to cloud data. The three options on which the new legislation will be established are:

  • Allow law enforcement agencies in one member state to directly ask an IT firm (like Facebook or Google) to hand over electronic evidence, eliminating the need to enlist the help of the state’s government
  • Companies turn over data in other member countries, if requested by law enforcement agencies
  • Allow law enforcement agencies direct access to information in the cloud if authorities do not know the location of the server, or there is a risk of data loss

“I am sure that now in the shadow of the recent terrorist attacks and increasing threats in Europe there will be more understanding among the ministers, even among those who come from countries where there has not been a terrorist attack,” Jourova said.

“This third option is kind of an emergency possibility which will require some additional safeguards protecting the privacy of people. You simply cannot massively collect some digital data for some future use,” the commissioner added. “My preference is to go for this as an extraordinary measure for extraordinary threats, for high gravity criminal offences such as terrorism and there I am in favour of enabling the use of personal data.”

No decision has yet been made as to whether all options will be included in the new legislation.

It will be interesting to see how the public reacts to such news, as computer and smartphone users are already skeptical of their governments peeking into their digital lives.

Amid recent leaks in the United States, there is also the matter of trusting law enforcement agencies with the data, once they obtain it from IT giants. While user data is (typically) safe with the likes of Facebook, Google and Apple, the same cannot be said about governmental agencies like the United States’ National Security Agency (NSA), whose ability to hold on to sensitive data has been less than stellar.

Leave a Reply