In the context of the FORMOBILE project, which deals with the development of a complete forensic investigation chain targeting mobile devices, Timelex and Law and Internet Foundation have published a comprehensive legal report on the treatment of mobile forensic evidence under the national criminal procedure rules of the EU Member States.
The study deals with the whole lifecycle of mobile forensics, from the acquisition of data from a mobile device as evidence and its subsequent processing by law enforcement authorities, to the admissibility and presentation of said evidence in court.
The study
The study, which involved national experts from 30 countries (EU28 + Norway and Kyrgyzstan), aims to find out to what extent mobile forensics are allowed under the different national criminal procedure rules, what safeguards and guarantees for data protection and human rights (especially fair trial) are present and when mobile evidence is (in)admissible before the Court.
Findings during the study
Some of the main findings are the following:
- None of the examined countries had specific rules for mobile forensics, despite the potentially significant impact on the right to privacy and fair trial. Instead all of the examined countries applied general (and often outdated) criminal procedure to this type of evidence. This includes the rules on admissibility, which differ strongly amongst surveyed jurisdictions.
- Despite that finding, most countries reported that the use of mobile forensic tools is allowed and common in practice. Some countries reported restrictions based on the severity of the crime and general proportionality, or indicated that this was allowed only after seizure of the device.
- Because of this lack of specific rules, a significant number of the surveyed countries reported unwanted outcomes in the application of existing rules, in particular leading to an infringement of the presumption of innocence and the right to remain silent, the right to privacy (e.g. excessive intrusions without sufficient guarantees) and the right to a fair trial, despite all jurisdictions having general rules on proportionality and provision on human/fundamental rights, which are meant to prevent such outcomes.
- The majority of the countries differentiated between scenarios where the mobile device was seized and situations where this was not the case, applying different rules because of the divergent level of safeguards present in those distinct situations. In addition, most countries have judicial control ex ante, typically by means of judicial control over the seizure (at least in certain cases), and control ex post through a process of appeal of the seizure and/or through considerations of admissibility before the trial judge. Different views existed on whether it is possible to force someone to provide access to a device (e.g. by forced use of biometric data such as a fingerprint or eye scan).
- In most of the countries the right of access of the defendant to the raw data of the mobile evidence itself and to detailed information on the procedure through which the mobile forensic evidence was obtained is severely limited, hurting the defendant’s position and potentially infringing the right to a fair trial.
- Generally, there is a lack of comprehensive regulation or standardization on the topic of the procedure to be followed by Law Enforcement utilizing mobile forensics, with most countries having little to nothing in place. Such rules would for example relate to establishing a clear and verifiable chain of custody and comprehensive reporting, as well as making the raw evidence available to the defence and the court for examination, including by external expert witnesses where appropriate. Specific rules or the consistent application of predictable and comprehensive standards would serve to strengthen the position of the defendant.
- Generally, countries reported a digital divide and a strong lack of knowledge and training of lawyers and the judiciary on the topic of mobile forensics. This may be quite problematic as this may lead process parties to accept mobile forensic evidence as objective and accurate, without sufficient scrutiny, despite existing examples of fallibility.
- With regards to data acquisition in the Cloud, strongly contrasting national approaches are found in the EU when looking at the situation where the data in the Cloud is located in another jurisdiction, or when the location of the data cannot be determined (with sufficient certainty). Some countries maintain that mutual assistance is the only route in such cases, as is in principle foreseen by the Budapest convention, save where there is consent or the information is publicly available. Other countries however clearly allow the acquisition of data in the Cloud where this data is located in another country, albeit sometimes with limitations. Still another group of countries employs a legal fiction to qualify data in the Cloud as situated on the own territory in order to acquire it. A last group of countries deals with these questions largely ad hoc.
For more details, please refer to the main report and the different country reports, which can be found here.
If you have questions about this study or about legal aspects of mobile forensics, please contact a Timelex lawyer.