Public consultation on improving cross-border

access to electronic evidence in criminal matters

Vodafone contribution
27.10.2017
Vodafone welcomes the opportunity to contribute to the European Commissions public
consultation on cross-border access to electronic evidence in criminal matters. The present
document complements Vodafones answers provided in the questionnaire.

Vodafone is a true pan-European electronic communications provider present in 12 EU Member

States serving more than 125 million customers. At the core of our principles is the right of our
customers to privacy; a right that is enshrined in the EU Charter of Fundamental Rights,
international human rights law and standards, and enacted through national laws. Respecting that
right is one of our highest priorities. However, in every country in which we operate, we have to
abide by the laws of those countries that require us to disclose information about our customers
to law enforcement agencies or other government authorities. Those laws are designed to protect
national security and public safety or to prevent or investigate crime and terrorism. Our Law
Enforcement Disclosure Report provides a detailed insight into the legal frameworks and our
governance principles in this area.

Vodafone is therefore well placed to address the challenges posed by cross-border access to
electronic evidence by law enforcement. Our answers to the questionnaire follow six main
objectives:

Ensure the right of our customers to privacy; a right that is enshrined in the EU Chart of
Fundamental Rights;
Improve harmonisation and thereby reduce unjustified data localisation measures by EU
Member States, which is complementary to the Commissions proposal for a Regulation to
prohibit any data localisation requirements at national level and promote the free flow of
data in the EU in the Data Economy Package1;
Ensure legal certainty and reduce the potential for conflicts of laws on jurisdiction over
data to which businesses active in the Single Market like Vodafone are increasingly subject
Ensure on-going engagement and dialogue with all parties to further define possible
solutions arising out of this consultation;
Ensure a broader understanding and acknowledgement of the operational costs and
procedures that would need to be introduced to support any new frameworks;
Ensure proposals respect the wider principles we set out in page 11 of our Law
Enforcement Disclosure Statement.

1
https://ec.europa.eu/info/law/better-regulation/initiatives/com-2017-495_en Article 5 of the proposed
Regulation in particular needs to be scrutinised alongside this consultation as there is potential for regulatory
inconsistency or overlap.
In this consultation the Commission considers three methods of achieving cross-border access to
e-evidence. Vodafone would like to make the following high level points on each:

Method 1 Improve existing mechanisms of formal cross border cooperation such as MLATs or
EIOs
We would strongly encourage practical measures to improve the operation of the existing
legal frameworks within which we operate;
Any initiative should address key issues such as a standard form to be used internationally
by law enforcement authorities requesting disclosure of data. This would improve legal
certainty, protection of individuals and their fundamental rights, and expedite appropriate,
lawful requests.

Method 2 Introduce new measures providing for direct cross-border cooperation between a
service provider and law enforcement authority either via mandatory orders or discretionary
requests served by the authority on a service provider
If improperly designed, such measures could cause significant damage to all parties
involved, most of all the privacy of our customers;
Any initiative will need to ensure there is no legal uncertainty and not give rise to a conflict
of laws;
We strongly encourage a system that works on mandatory compliance, rather than
discretionary co-operation. Business is ill-equipped, and it is indeed not their role, to assess
whether a request for data is necessary and proportionate, or for a legitimate purpose as
we will not understand the full context of the request.

Method 3 Introduce measures to allow direct access to data by law enforcement authorities,
cross border
We strongly oppose any method of direct access that enables agencies and authorities to
access an operators communications infrastructure without the knowledge and direct
control of the operator. Direct access risks introducing security risks, a loss of customer
privacy and confidentiality of communications, and a rise in law enforcement access to
data with no accountability or transparency on interference with fundamental rights, such
as privacy.

***