The Committee on Civil Liberties, Justice and Home Affairs adopted the report by Birgit SIPPEL (S&D, DE) on the proposal for a regulation of the European Parliament and of the Council on European Production and Preservation Orders for electronic evidence in criminal matters.
As a reminder, the Commission proposed two instruments, this proposal for a Regulation on European Production and Preservation Orders for electronic evidence in criminal matters and a proposal for a Directive laying down harmonised rules on the appointment of legal representatives for the purpose of gathering evidence in criminal proceedings.
The committee recommended that the European Parliament’s position adopted at first reading under the ordinary legislative procedure should amend the Commission proposal.
Subject matter
The proposed Regulation aims to lay down the rules under which an authority of a Member State, in a criminal proceeding, may order a service provider offering services in the Union and established or, if not established, legally represented in another Member State to produce or preserve electronic information that may serve as evidence, regardless of the location of data.
Authorities of the Member States should not issue domestic orders with extraterritorial effects for the production or preservation of electronic information that could be requested on the basis of this Regulation. The issuing of a European Production or Preservation Order could also be requested on behalf of a suspected or accused person, within the framework of applicable defence rights in accordance with national criminal procedures.
Scope
Members stipulated that this Regulation should apply to Member States and service providers, offering services in one or more Member States bound by this Regulation and established or legally represented in one of these Member States.
This Regulation should not apply to proceedings initiated by the issuing authority for the purpose of providing mutual legal assistance to another Member State or a third country.
Conditions for issuing European Preservation and Production Orders
The European Preservation and Production Orders may be issued if they are necessary and proportionate. They should only be issued if they could have been ordered under the same conditions in a similar domestic case in the issuing State, where there are sufficient reasons to believe that a crime has been committed, where it is grave enough to justify the cross-border preservation of the data and where the requested information is relevant for that investigation.
If the issuing authority has reasons to believe that data requested is protected by immunities and privileges granted under the law of the Member State where the service provider is addressed, or its preservation may impact fundamental interests of that Member State such as national security and defence, the issuing authority should seek clarification before issuing the European Preservation Order, including by consulting the competent authorities of the Member State concerned, either directly or via Eurojust or the European Judicial Network in criminal matters.
Where the issuing authority finds that the requested data is protected by such immunities and privileges or its preservation would impact fundamental interests of the other Member State, the issuing authority should not issue the European Preservation Order.
Common European exchange system
The Commission should establish a common European exchange system with secure channels for the handling of authorised cross-border communication, authentication and transmission of the Orders and of the requested data between the competent authorities and service providers.
Execution of an EPOC for subscriber data and IP addresses for the sole purpose of identifying a person
An EPOC for subscriber data and IP addresses, for the sole purpose of identifying a person, should be addressed directly and simultaneously: (i) to the main establishment of the service provider or, where applicable, where its legal representative is established; and (ii) to the executing authority.
Upon receipt of an EPOC for subscriber data or IP addresses for the sole purpose of identifying a person, the service provider should ensure that the requested data is transmitted to the issuing authority at the latest within 10 days upon receipt of the EPOC and within 16 hours in emergency cases.