EU to give police access to cloud data in wake of terror attacks

The EU could soon give police direct access to cloud data in relation to terror attacks. In a bid to make it easier for police forces across Europe, the EU has proposed new legislation to speed up the process.Described as an ‘extraordinary measure for extraordinary threats’, the direct data access would give police the ability to obtain crucial data stored on sites such as Facebook and Google – even when it is stored in another EU member state.

EU Justice Commissioner Vera Jourova said: “I am sure that now in the shadow of the recent terrorist attacks and increasing threats in Europe there will be more understanding among the ministers, even among those who come from countries where there has not been a terrorist attack.” 

In total the EC is set to propose three options that will form the basis of future legislation.The least intrusive of the three proposals, allows police forces in one member state to ask an IT provider in another member state to turn over electronic evidence, without having to ask that member state’s government first. 

The second option would see the companies obliged to turn over data if requested by law enforcement agencies in other member countries. 

And the third and most intrusive option allows law enforcement direct access to the cloud, without the need of a middleman.“This third option is kind of an emergency possibility which will require some additional safeguards protecting the privacy of people,” Jourova said. “You simply cannot massively collect some digital data for some future use. “My preference is to go for this as an extraordinary measure for extraordinary threats, for high gravity criminal offences such as terrorism and there I am in favour of enabling the use of personal data.”

All three measures are somewhat less drastic than Tory calls to put a back door into end-to-end encryption services, or to remove them altogether. Both security experts and technology firms hit back at Amber Rudd’s suggestion saying she would both be wasting time and money by banning end-to-end encryption.

Check Also

Feature: Why it’s time to remove local admin rights for the safety of organisations

By Andrey Pozhogin, Endpoint product manager at CyberArk.   The idea of removing local admin …