European law enforcement and US data companies: A decade of cooperation free from law

Angela Aguinaldo; Paul de Hert

European law enforcement and US data companies: A decade of cooperation free from law

Angela Aguinaldo, Paul de Hert

TILT

Research output: Chapter in Book/Report/Conference proceeding › Chapter › Scientific › peer-review

Abstract

We start our contribution with a short section on the recent reforms to codify direct cooperation between law enforcement authorities and private actors (section II). After a discussion of the 2018 US CLOUD Act, we turn to the proposal of the European Union to facilitate cross-border access to electronic evidence, which was presented by the European Commission in April 2018 (e-evidence package) and the reform process at the Council of Europe to amend the 2001 Cybercrime Convention envisaging a similar mechanism and powers.The following section discusses the current MLA framework that regulates cooperation in criminal matters and exchange of evidence between the US and Europe (section III). The MLA system allows cooperation between enforcement authorities but does not foresee any basis for direct cooperation with private actors in other states. Nonetheless this practice was dubiously accepted by the regula- tory community on shaky interpretative grounds as permissible under Article 18 (on domestic production orders) and 32 (on extraterritorial data access relying on consent) of the Cybercrime Convention (see section IV).We then proceed in section V with the challenges this kind of relationship poses for state interests and for public international law and the individual concerned that is deprived by these informal practices of certain checks and guarantees built into the formal MLA system as stated above. This discussion includes issues surrounding data protection that arise from the kind of relationship that allows law enforcement authorities to have direct access to online evidence through cooperating directly with service providers and tech companies (see section VI). After a brief reflection on the weight of privacy and data protection in criminal law matters, we identify the relevant dos and don’ts in data protection law and clarify the relationship between our subject matter and the outcomes of the two Schrems judgments of the CJEU. In particular, the combination of the teachings of Schrems II (decided on 16 July 2020) about the deficiencies in US law with those of the German Federal Constitutional Court on the proportionality of domestic produc- tion orders (BVerfG, 27 May 2020) might add to the relevance of data protection as an argument against informal trans-border co-operations (section VII). Lastly, we summarise our discussion and provide recommendations for further study and discussion (section VIII).

Original language	English
Title of host publication	Data protection beyond borders
Subtitle of host publication	Transatlantic perspectives on extraterritoriality and sovereignty
Editors	Federico Fabbrini, Edoardo Celeste, John Quinn
Publisher	Bloomsbury Publishing
Chapter	10
Pages	157-172
Number of pages	16
ISBN (Electronic)	9781509940677
ISBN (Print)	9781509940660
Publication status	Published - Feb 2021

Regulating Socio-Technical Change
Bex, F. (Researcher), Bijlmakers, S. (Researcher), Borowicz, K. (Researcher), Broer, T. (Researcher), Cuijpers, C. (Researcher), Delimatsis, P. (Researcher), Geradin, D. (Researcher), Goossens, J. (Researcher), Graef, I. (Principal Investigator), Groenleer, M. (Researcher), Hancher, L. (Researcher), Kaufmann, W. (Researcher), Kempeneer, S. (Researcher), Keymolen, E. (Researcher), Koops, B.-J. (Researcher), Kosta, E. (Researcher), Krupiy, T. (Researcher), Lavrijssen, S. (Researcher), Leenes, R. (Researcher), Martin, A. (Researcher), Monti, G. (Researcher), Noorman, M. (Researcher), Partiti, E. (Researcher), Pierce, R. (Researcher), Purtova, N. (Researcher), Reins, L. (Researcher), Ruiz Feases, A. (Researcher), Schellekens, M. (Researcher), Stuurman, K. (Researcher), Taylor, L. (Researcher), Wolswinkel, J. (Researcher), Zhao, B. (Researcher), de Hert, P. (Researcher), van der Sloot, B. (Researcher), Mendis, S. (Researcher), Pernot-LePlay, E. (Researcher), Tombal, T. (Researcher), Kamara, I. (Researcher), Dalla Corte, L. (Researcher), de Souza, S. (Researcher), Baumgart, M. (Researcher), Meyers, G. (Researcher), Prins, C. (Researcher), Moerel, L. (Researcher), van Maanen, G. (Researcher), Bassini, M. (Researcher) & Bostoen, F. (Researcher)
1/01/19 → 31/12/23
Project: Research project

Cite this

@inbook{9939e1fbdbb9475bba50efce3d0d9bdd,

title = "European law enforcement and US data companies: A decade of cooperation free from law",

abstract = "We start our contribution with a short section on the recent reforms to codify direct cooperation between law enforcement authorities and private actors (section II). After a discussion of the 2018 US CLOUD Act, we turn to the proposal of the European Union to facilitate cross-border access to electronic evidence, which was presented by the European Commission in April 2018 (e-evidence package) and the reform process at the Council of Europe to amend the 2001 Cybercrime Convention envisaging a similar mechanism and powers.The following section discusses the current MLA framework that regulates cooperation in criminal matters and exchange of evidence between the US and Europe (section III). The MLA system allows cooperation between enforcement authorities but does not foresee any basis for direct cooperation with private actors in other states. Nonetheless this practice was dubiously accepted by the regula- tory community on shaky interpretative grounds as permissible under Article 18 (on domestic production orders) and 32 (on extraterritorial data access relying on consent) of the Cybercrime Convention (see section IV).We then proceed in section V with the challenges this kind of relationship poses for state interests and for public international law and the individual concerned that is deprived by these informal practices of certain checks and guarantees built into the formal MLA system as stated above. This discussion includes issues surrounding data protection that arise from the kind of relationship that allows law enforcement authorities to have direct access to online evidence through cooperating directly with service providers and tech companies (see section VI). After a brief reflection on the weight of privacy and data protection in criminal law matters, we identify the relevant dos and don{\textquoteright}ts in data protection law and clarify the relationship between our subject matter and the outcomes of the two Schrems judgments of the CJEU. In particular, the combination of the teachings of Schrems II (decided on 16 July 2020) about the deficiencies in US law with those of the German Federal Constitutional Court on the proportionality of domestic produc- tion orders (BVerfG, 27 May 2020) might add to the relevance of data protection as an argument against informal trans-border co-operations (section VII). Lastly, we summarise our discussion and provide recommendations for further study and discussion (section VIII).",

author = "Angela Aguinaldo and {de Hert}, Paul",

year = "2021",

month = feb,

language = "English",

isbn = "9781509940660",

pages = "157--172",

editor = "Federico Fabbrini and Edoardo Celeste and John Quinn",

booktitle = "Data protection beyond borders",

publisher = "Bloomsbury Publishing",

}

European law enforcement and US data companies: A decade of cooperation free from law. / Aguinaldo, Angela; de Hert, Paul.
Data protection beyond borders: Transatlantic perspectives on extraterritoriality and sovereignty. ed. / Federico Fabbrini; Edoardo Celeste; John Quinn. Bloomsbury Publishing, 2021. p. 157-172.

Research output: Chapter in Book/Report/Conference proceeding › Chapter › Scientific › peer-review

TY - CHAP

T1 - European law enforcement and US data companies

T2 - A decade of cooperation free from law

AU - Aguinaldo, Angela

AU - de Hert, Paul

PY - 2021/2

Y1 - 2021/2

N2 - We start our contribution with a short section on the recent reforms to codify direct cooperation between law enforcement authorities and private actors (section II). After a discussion of the 2018 US CLOUD Act, we turn to the proposal of the European Union to facilitate cross-border access to electronic evidence, which was presented by the European Commission in April 2018 (e-evidence package) and the reform process at the Council of Europe to amend the 2001 Cybercrime Convention envisaging a similar mechanism and powers.The following section discusses the current MLA framework that regulates cooperation in criminal matters and exchange of evidence between the US and Europe (section III). The MLA system allows cooperation between enforcement authorities but does not foresee any basis for direct cooperation with private actors in other states. Nonetheless this practice was dubiously accepted by the regula- tory community on shaky interpretative grounds as permissible under Article 18 (on domestic production orders) and 32 (on extraterritorial data access relying on consent) of the Cybercrime Convention (see section IV).We then proceed in section V with the challenges this kind of relationship poses for state interests and for public international law and the individual concerned that is deprived by these informal practices of certain checks and guarantees built into the formal MLA system as stated above. This discussion includes issues surrounding data protection that arise from the kind of relationship that allows law enforcement authorities to have direct access to online evidence through cooperating directly with service providers and tech companies (see section VI). After a brief reflection on the weight of privacy and data protection in criminal law matters, we identify the relevant dos and don’ts in data protection law and clarify the relationship between our subject matter and the outcomes of the two Schrems judgments of the CJEU. In particular, the combination of the teachings of Schrems II (decided on 16 July 2020) about the deficiencies in US law with those of the German Federal Constitutional Court on the proportionality of domestic produc- tion orders (BVerfG, 27 May 2020) might add to the relevance of data protection as an argument against informal trans-border co-operations (section VII). Lastly, we summarise our discussion and provide recommendations for further study and discussion (section VIII).

AB - We start our contribution with a short section on the recent reforms to codify direct cooperation between law enforcement authorities and private actors (section II). After a discussion of the 2018 US CLOUD Act, we turn to the proposal of the European Union to facilitate cross-border access to electronic evidence, which was presented by the European Commission in April 2018 (e-evidence package) and the reform process at the Council of Europe to amend the 2001 Cybercrime Convention envisaging a similar mechanism and powers.The following section discusses the current MLA framework that regulates cooperation in criminal matters and exchange of evidence between the US and Europe (section III). The MLA system allows cooperation between enforcement authorities but does not foresee any basis for direct cooperation with private actors in other states. Nonetheless this practice was dubiously accepted by the regula- tory community on shaky interpretative grounds as permissible under Article 18 (on domestic production orders) and 32 (on extraterritorial data access relying on consent) of the Cybercrime Convention (see section IV).We then proceed in section V with the challenges this kind of relationship poses for state interests and for public international law and the individual concerned that is deprived by these informal practices of certain checks and guarantees built into the formal MLA system as stated above. This discussion includes issues surrounding data protection that arise from the kind of relationship that allows law enforcement authorities to have direct access to online evidence through cooperating directly with service providers and tech companies (see section VI). After a brief reflection on the weight of privacy and data protection in criminal law matters, we identify the relevant dos and don’ts in data protection law and clarify the relationship between our subject matter and the outcomes of the two Schrems judgments of the CJEU. In particular, the combination of the teachings of Schrems II (decided on 16 July 2020) about the deficiencies in US law with those of the German Federal Constitutional Court on the proportionality of domestic produc- tion orders (BVerfG, 27 May 2020) might add to the relevance of data protection as an argument against informal trans-border co-operations (section VII). Lastly, we summarise our discussion and provide recommendations for further study and discussion (section VIII).

M3 - Chapter

SN - 9781509940660

SP - 157

EP - 172

BT - Data protection beyond borders

A2 - Fabbrini, Federico

A2 - Celeste, Edoardo

A2 - Quinn, John

PB - Bloomsbury Publishing

ER -

European law enforcement and US data companies: A decade of cooperation free from law

Abstract

Fingerprint

Projects

Regulating Socio-Technical Change

Cite this