The digitisation of society has significantly increased the ability of investigative authorities to gather data. After all, many files that can serve as evidence are on digital data carriers, such as phones, computers and servers. Through hacks - whether or not through the intervention of foreign investigative authorities - the prosecution has gained access to a huge bulk of encrypted messages. Consider the modus operandi regarding Ennetcom, Encrochat and SkyECC.\u00a0<\/p>\n\n\n\n
A key position of the legal profession against this method of investigation is well known. As long as the OM continues to hide behind the interstate principle of trust, the legitimacy and reliability of the messages gathered cannot be tested. Nor can it be tested whether it actually concerns a foreign investigation and, if not, whether the criteria laid down in, among others, the Computer Crime Act III and the Decree on Research in an Automated Workplace have been met. The last word has not yet been said on this.\u00a0<\/p>\n\n\n\n
On 25 October this year, researchers from Radboud University in Nijmegen published a number of recommendations regarding the use of digital investigative powers and highlights another important point, namely the method of\u00a0processing\u00a0<\/em>of data. Processing begins after the bulk is obtained. Processing should be understood as analysing data for criminal offences and identifying users. It is clear that data processing affects fundamental civil rights, such as the right to privacy and the right to free communication. According to the researchers, these civil rights are currently not well safeguarded. Among other things, the Code of Criminal Procedure does not properly align with the Police Data Act, which contains regulations for the police regarding the processing of personal data.\u00a0\u00a0<\/p>\n\n\n\n The researchers argue that the legislator should develop a normative framework applicable to the processing of data during the exercise of digital investigative powers. The law should then at least express that, prior to the data investigation, the purpose of that investigation must be recorded; that data that are not relevant for this purpose must be removed or made inaccessible, as the case may be; in which cases and subject to which safeguards data can be used for a purpose other than the purpose of collection; as well as. all actions that must be logged (in a logbook) in the context of this investigation.\u00a0<\/p>\n\n\n\n The researchers also say the legislator should create a specific normative framework for criminal investigation of bulk data. A statutory regulation could be envisaged. Article 8 ECHR and Article 7 HGEU (or right to privacy) already state that entire process of bulk data processing should be standardised. Better consideration should also be given to provisions allowing data to be used for purposes other than those for which it was obtained, such as in another criminal investigation. Proportionality does not seem to be adequately ensured in all cases that allow purpose-divergent use.\u00a0<\/p>\n\n\n\n Supervision of the processing of data for criminal justice purposes should also be strengthened by setting up a police and prosecution oversight committee. This would better meet the requirements from European law, according to the researchers. The requirement of effective supervision follows both from a directive and the case law of the ECtHR and the CJEU. This is particularly true if data processing is done covertly, as is common in investigation. A newly established supervisory body could also provide a wider audience with an insight into what new questions arise in the changing field of investigation, so that social and political debate can also take place about them.\u00a0<\/p>\n\n\n\n These recommendations indicate that in the current system, fundamental rights such as privacy, as well as the right to a fair trial, are insufficiently guaranteed. Bulk data are also processed too easily in the criminal process and are not sufficiently verifiable. In itself, having a body to oversee the whole process of processing personal data is a good thing. But are data processed without such oversight usable in court? The report again provides a number of arguments against using bulk data as evidence in a criminal case.<\/p>\n\n\n\n Mr. D.M. Penn<\/p>","protected":false},"excerpt":{"rendered":" De digitalisering van de maatschappij heeft de mogelijkheid tot het vergaren van gegevens door de opsporingsautoriteiten aanzienlijk vergoot. Veel bestanden die als bewijs kunnen dienen bevinden zich immers op digitale gegevensdragers, zoals op telefoons, computers en servers. Via hacks -al dan niet door tussenkomst van buitenlandse opsporingsautoriteiten- heeft het OM de beschikking gekregen over een […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,12],"tags":[],"class_list":["post-6435","post","type-post","status-publish","format-standard","hentry","category-strafrecht","category-homepage"],"_links":{"self":[{"href":"https:\/\/penn.nl\/en\/wp-json\/wp\/v2\/posts\/6435","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/penn.nl\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/penn.nl\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/penn.nl\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/penn.nl\/en\/wp-json\/wp\/v2\/comments?post=6435"}],"version-history":[{"count":0,"href":"https:\/\/penn.nl\/en\/wp-json\/wp\/v2\/posts\/6435\/revisions"}],"wp:attachment":[{"href":"https:\/\/penn.nl\/en\/wp-json\/wp\/v2\/media?parent=6435"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/penn.nl\/en\/wp-json\/wp\/v2\/categories?post=6435"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/penn.nl\/en\/wp-json\/wp\/v2\/tags?post=6435"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}