We start our contribution with a short section on the recent reforms to codify direct cooperation between law enforcement authorities and private actors (section II). After a discussion of the 2018 US CLOUD Act, we turn to the proposal of the European Union to facilitate cross-border access to electronic evidence, which was presented by the European Commission in April 2018 (e-evidence package) and the reform process at the Council of Europe to amend the 2001 Cybercrime Convention envisaging a similar mechanism and powers.The following section discusses the current MLA framework that regulates cooperation in criminal matters and exchange of evidence between the US and Europe (section III). The MLA system allows cooperation between enforcement authorities but does not foresee any basis for direct cooperation with private actors in other states. Nonetheless this practice was dubiously accepted by the regula- tory community on shaky interpretative grounds as permissible under Article 18 (on domestic production orders) and 32 (on extraterritorial data access relying on consent) of the Cybercrime Convention (see section IV).We then proceed in section V with the challenges this kind of relationship poses for state interests and for public international law and the individual concerned that is deprived by these informal practices of certain checks and guarantees built into the formal MLA system as stated above. This discussion includes issues surrounding data protection that arise from the kind of relationship that allows law enforcement authorities to have direct access to online evidence through cooperating directly with service providers and tech companies (see section VI). After a brief reflection on the weight of privacy and data protection in criminal law matters, we identify the relevant dos and don’ts in data protection law and clarify the relationship between our subject matter and the outcomes of the two Schrems judgments of the CJEU. In particular, the combination of the teachings of Schrems II (decided on 16 July 2020) about the deficiencies in US law with those of the German Federal Constitutional Court on the proportionality of domestic produc- tion orders (BVerfG, 27 May 2020) might add to the relevance of data protection as an argument against informal trans-border co-operations (section VII). Lastly, we summarise our discussion and provide recommendations for further study and discussion (section VIII).
|Title of host publication||Data Protection Beyond Borders. Transatlantic Perspectives on Extraterritoriality and Sovereignty|
|Editors||Federico Fabbrini, Edoardo Celeste, John Quinn|
|Publication status||Published - 2021|