Tutanota signs Open Letter to improve e-evidence.

2019-11-27
The EU commission has drafted a proposal for e-evidence that would allow authorities to request data from communication providers across borders. The draft in its current form is considered as way too broad by data protection professionals. Tutanota now has signed an Open Letter to the EU Parliament to include important restrictions and add a better legal oversight to the draft.
SIGN UP

Why e-evidence is problematic

The Commission’s e-evidence proposal threatens the competitive advantage European tech businesses have over their American counterparts. It breaks with the long-standing rule that only trusted national judicial authorities can order companies to hand over customer data for criminal investigations. Instead, the Commission’s e-evidence proposal would allow any foreign law enforcement agency from across the EU to force us to hand out customer data without our own authorities doublechecking the foreign order.

How to fix it

Rapporteur Birgit Sippel has published a draft report to fix several issues of e-evidence. This is a very good first step, but further improvements need to be done to protect European citizens and their data.

The Rapporteur’s draft report contains a number of crucial improvements that deserve support:

  • It suggests to involve national judicial authorities whenever foreign data requests come in (amendments 127, 141, 142, 161);

  • It fixes the Commission’s failed attempt to define workable data categories (amendments 90-97); and

  • It enables online service providers such as ourselves to inform our customers about foreign data requests having taken place as long as that does not obstruct an ongoing investigation (amendments 163 and 164).

We strongly encourage you to support the above-mentioned amendments. In addition, the following provisions should be improved:

  • The reimbursement of costs incurred from data access requests by the issuing authority should be mandatory (as proposed by MEP Sippel’s amendment 168) but the reimbursed amount should also be proportionate to the amount of data requested. This would help preventing fishing campaigns without suspicion where a law enforcement agency demands large amounts of data in the hope of finding unrelated evidence.

  • The draft report should mandate a secure way of authentication and of exchanging information between companies and law enforcement agencies. Currently, too often tech companies receive requests for data via fax machine or unsecured emails, putting the data that is transmitted in both directions at risk. It is particularly crucial for companies to be able to authenticate with absolute certainty the foreign authority they are communicating with in order to avoid the leakage of customer data to malicious actors.

Read the full open letter by Privacy Tech Europe.

SIGN UP
Author
Black and white picture of Arne in a fighting for privacy pose.
Arne is co-founder and developer of Tuta email, calendar, and contacts services. He is an expert on email protocols, including spam handling, encryption technologies, and software development. He fights for privacy because it's the cornerstone of freedom and democracy.
Top posts
Threat Modeling In 2024: Your Guide For Better Security
10 Best Private Email Services in 2024
Google Pays 1150 Times More for Its Search Monopoly Than for Lobbying in the EU & US
Why Use A Password Manager - And Our Top 3!
Anonymous email: Create an email address without a phone number.
The Illusion Of "Swiss Privacy" Being The Best
10 best free email accounts in 2024
Latest posts
Google Search Is A Problem: How Google Is Crushing Tuta.
The XZ Backdoor and the importance of Open Source Software
Apple is finally giving you the choice: Take it and install a private browser right now!
The Russian Hacker Group Sandworm is Back: New Kapeka Malware Secretly Infecting Systems Since 2022

No comments available

Terminate subscription
Company
Community
Team
Jobs
Terms
Privacy
Legal notice
Development
Changelog
Roadmap
Security
Encryption
Open Source
GitHub
Features
Secure Email
Encrypted Calendar
Business
Support
Forum
Press
Support
Language
English
Translate