1. Key Policy Questions and Expectations:
More and more countries are unilaterally adopting new criminal procedural laws granting law enforcement powers to obtain users’ data to prevent, detect, investigate, and prosecute crimes, regardless of the location of data or the users’ place of residence.
- What are the policy and legal implications of such unilateral assertions of state jurisdiction for users, companies and state actors?
- How do we reconcile the obligations of criminal justice authorities and users’ rights?
- How can we prevent or minimise the conflicts of law for companies?
Responses to these questions are currently being developed by different organisations and in different fora. The workshop is to feed into these processes and offers an opportunity for multiple stakeholders on the panel and in the audience to share their views.
2. Summary of Issues Discussed:
There was broad support for bilateral and, ideally, multilateral solutions for law enforcement to access data across borders. There was unequivocal support for the on-going negotiations on a draft 2nd protocol to the CoE Cybercrime Convention. Several speakers highlighted that substantive and procedural safeguards are equally important as the definition and scope of law enforcement investigatory powers in cross-border cases. All speakers were skeptic about a UN-led process; experience has shown that it is very difficult to achieve consensus on a meaningful UN treaty on this subject. Not all speakers agreed that existing bilateral frameworks (e.g. the U.S. Cloud) were fit for purpose.
3. Policy Recommendations or Suggestions for the Way Forward:
- In cross-border cases, consensus on procedural and substantive safeguards is as important as the scope and definition of law enforcement investigatory powers
- Follow-up on any developments expected next yea, including the finalisation of the draft protocol to the Budapest Convention, adoption of EU's e-Evidence rules, EU-U.S. bilateral negotiations, enforcement of the U.S.-UK bilateral agreement, possible start of negotiations on a UN cybercrime treaty.
4. Other Initiatives Addressing the Session Issues:
- Council of Europe draft 2nd protocol to the cybercrime convention
- EU's e-Evidence package
- U.S. CLOUD Act
- Internet & Jurisdiction Policy Network's multistakholder engagement (Berlin Roadmap)
- A possible UN-led cybercrime treaty
5. Making Progress for Tackled Issues:
See response under section 1.
6. Estimated Participation:
- Onsite and online participants: between 100 and 75 (2/3 and half the room)
- Between 30 and 40% of the audience were women
- Speakers: 3 women, 2 men
- Moderators: 1 woman, 1 man
7. Reflection to Gender Issues:
Gender issues were not addressed during this session.