‘EU is working on law to demand data from companies outside the EU in criminal cases’

According to sources from the Reuters news agency, the European Union is working on legislation that should make it possible to request data from companies outside the EU in certain criminal cases. This should be possible as long as the companies are active in the region.

The news agency reports that the EU had previously indicated that it wants access to data stored in the 28 member states, but that the scope of the new rules extends beyond EU borders, according to the sources. This concerns data that can serve as evidence in criminal cases for crimes with a minimum sentence of three years in prison, although this is currently still under discussion. This could also include data from non-EU citizens, as long as they are part of a European investigation, one of the sources said. The EU wants to present the rules in March, after which it could be years before they finally come into force.

Under the draft rules, European prosecutors could force companies to hand over data without using existing agreements, known as MLAs. Reuters asked questions to European Commissioner Věra Jourová, who said that existing resources “work very slowly and inefficiently” and that investigative services must be able to act faster than criminals. Google has criticized the current system in the past.

According to Reuters sources, the draft rules are a move by the EU to gain a better negotiating position in talks with the US about a settlement. Currently, the issue of access to data is outside its own jurisdiction in a case involving the handing over of e-mails stored in Ireland to the US by Microsoft. The U.S. Supreme Court this week will consider whether a U.S. judge should have ruled in 2016 that Microsoft does not have to hand it over, according to The Wall Street Journal.