Technology companies could be ordered to release vital electronic data, such as emails and text messages, to law enforcement agencies in as little as six hours under proposed European Union law.
The proposed law is aimed at pushing tech giants such as Google, Microsoft and Facebook to help speed up access to electronic evidence on crimes such as terrorist plots.
It would require tech companies to turn over data such as emails, text messages and pictures stored online in another country, within 10 days or as little as six hours in urgent cases.
The European Union executive says the proposed law, which would apply to data stored inside and outside the bloc, is necessary because current legal procedures between countries to obtain such electronic evidence can drag on for months, Reuters reported.
“Electronic evidence is increasingly important in criminal proceedings,” said European Commission Vice-President Frans Timmermans.
“We cannot allow criminals and terrorists to exploit modern and electronic communication technologies to hide their criminal actions and evade justice.”
Digital borders are a growing global issue in an era where big companies operate so-called cloud networks of giant data centres, which mean that an individual’s data can reside anywhere.
Technology companies have found themselves torn between protecting consumers’ privacy while cooperating with law enforcement. The political pressure has intensified after Islamist-inspired attacks across Europe in recent years.
According to Reuters, the proposal will apply only in cases where crimes carry a minimum jail sentence of three years. In cases of cybercrime there will be no minimum penalty requirement.
Where companies find themselves in a conflict-of-law situation because the country where data is stored forbids them from handing it over to a foreign authority, they will be able to challenge the seizure request.
However, such extraterritorial rules are fraught with complexity, legal and privacy experts warn.
In the US, for example, certain companies are prohibited from disclosing information to foreign governments, while in Europe consumers’ data privacy is strictly protected and companies are restricted in how they can transfer data outside the bloc.
In the report, Maryant Fernandez Perez, senior policy adviser at campaign group European Digital Rights, said, “The Commission is proposing dangerous shortcuts to allow national authorities to obtain people’s data directly from companies, basically turning them into judicial authorities.