The European Council has approved a new EU law establishing a digital platform that will facilitate exchanging information between prosecutors and judges working together to bring criminals to justice.

Gunnar Strömmer, Swedish Minister of Justice, believes that criminal activities do not stop at borders and cross-border investigations are essential to reduce crime.

This digital platform should make it easier for law enforcement and judicial authorities to share information and evidence and communicate with colleagues in other countries.

The platform is designed to facilitate the coordination and daily management of joint research teams (JIT). It will also allow the exchange and temporary storage of information and operational evidence, guaranteeing secure communication and enabling the traceability of evidence.

The platform will be connected to the IT tools used by the authorities participating in the JITs. Institutions will strongly recommend the use of the platform, although its use will be voluntary.

Eu-LISA, the European Union’s agency for the operational management of large-scale IT systems in the area of freedom, security and justice, will be responsible for designing, developing and operating the platform.

Joint investigation teams bring together, for a limited period of time, authorities from two or more EU and possibly third countries for specific cross-border criminal investigations. The members of these teams will be able to exchange evidence directly with each other, without the need for traditional judicial cooperation procedures.

JITs have been in place since 2002 but have been faced with a number of technical difficulties related, for example, to the secure electronic exchange of information and evidence and to secure electronic communication.

The new regulation will enter into force on the twentieth day following its publication in the Official Journal of the European Union and will be directly applicable to all European Union countries.

The platform’s operational start date shall be, at the latest, two and a half years after the entry into force of the regulation.

_____

Aquest apunt en català / Esta entrada en español / Post en français

The ambassadors of the European Union member states have confirmed the agreement reached between the presidency of the Council and the European Parliament on the draft regulation and the draft directive regarding cross-border access to electronic evidence. The agreed texts will allow competent authorities to address electronic evidence warrants directly to service providers in another Member State.

The agreement responds to a key request from law enforcement, as more and more crimes are planned or committed online, and authorities need the tools to prosecute them as they do for offline crimes. The new rules will allow judges and prosecutors to act quickly, accessing the evidence they need, regardless of where it is stored, before it disappears.

The regulation on European orders for the production and preservation of electronic evidence in criminal proceedings aims to introduce an alternative mechanism to existing international cooperation and mutual legal assistance tools. It specifically addresses the problems arising from the volatile nature of electronic evidence and the aspect of loss of location by establishing new procedures for fast, efficient and effective cross-border access.

The regulation creates European production and preservation orders that can be issued by judicial authorities in order to obtain or preserve electronic evidence regardless of where the data is located. These orders can cover any category of data, including subscriber, traffic and content data. A threshold has been set for traffic data (except for data requested for the sole purpose of identifying the user) and for content data. They may only be requested for offences punishable in the issuing country by a maximum prison sentence of at least three years, or for specific offences related to cybercrime, child pornography, counterfeiting of non-cash means of payment or terrorism.

There is a mandatory 10-day deadline to respond to a production order. In duly established cases of urgency, the period may be reduced to eight hours. Service providers may face penalties if they fail to comply with an order. Financial penalties of up to 2% of their total annual worldwide turnover for the previous year may be imposed.

Except in cases where the issuing authority considers that the crime has been committed or is likely to be committed in the issuing country or the person whose data is requested resides in its own territory, a notification system will be set up for traffic data and content data. The purpose of this notification is to inform the executing state and give it the opportunity to assess and, if necessary, raise one or more of the grounds for refusal provided by law, such as the requested data being protected. The executing state will have 10 days or, in emergency situations, 96 hours, to lift the grounds for denial. If this occurs, the service provider must stop the execution of the order and not transfer the data and the issuing authority shall withdraw the order.

The directive on the designation of establishments and appointment of legal representatives for the collection of electronic evidence in criminal proceedings will be an essential instrument for the implementation of the regulation. The rules applicable to the appointment of the legal representatives of service providers or to the designation of their designated establishments responsible for receiving and responding to these orders are established. This is necessary due to the lack of a general legal requirement for non-EU service providers to be physically present in the Union. In addition, legal representatives or establishments designated under this directive could also participate in national procedures.

_____

Aquest apunt en català / Esta entrada en español / Post en français

The Internet and digital communications have forever changed the way we live, work and do business. These technological advances have undoubtedly improved many aspects of our lives. However, they were also adopted and exploited by criminals, terrorists and other dangerous parties. Australian laws have struggled to keep up, creating significant challenges for agencies with a legitimate need to exercise electronic surveillance powers.

Law enforcement agencies, including anti-corruption bodies, and the Australian Security Intelligence Organisation (ASIO) sometimes require access to specific information.

The objective of this electronic surveillance reform is to develop a new single law that:

• better protects people’s information and data, including reflecting what it means to communicate in the 21st century;
• ensures that law enforcement agencies and ASIO have the powers they need to investigate serious crimes and security threats;
• is transparent and usable for operational agencies and supervisory bodies, as well as for the industry that must comply with the obligations of the framework;
• modernises and streamlines as much as technologically possible, by updating key concepts and clearly identifying the agencies that may request access to this information;
• contains adequate thresholds and robust, effective and consistent controls, limits, safeguards and oversight on the use of these intrusive powers;
• protects the community from serious crimes and threats.

Without access to this information, law enforcement would not be able to prevent and prosecute the most serious criminal activities, such as child sexual abuse, organised crime and cybercrime. For ASIO, accessing this information and data is crucial to protect Australia from serious national security threats, such as terrorism or foreign interference in Australian democratic institutions.

The protection of and access to this information and data is governed by a number of laws:

• the Telecommunications (Interception and Access) Act of 1979 (TIA Act)
• the Surveillance Devices Act of 2004 (SD Act)
• parts of the Australian Security Intelligence Organisation Act of 1979 (ASIO Act)
• parts of the Telecommunications Act of 1997 (Telecommunications Act)
• discrete parts of other Commonwealth and state and territory laws.

These laws protect various types of information and data of individuals from unauthorised access and only allow government agencies to lawfully access information and data under limited circumstances. The laws also require companies that own telecommunications to provide services to protect this information and to help government agencies access it in certain situations.

The reform bill aims to repeal the TIA Act, the SD Act and the relevant parts of the ASIO Act and replace the current patchwork of laws with a single, streamlined and technologically neutral law.

The development of the new framework will be Australia’s largest reform of national security laws in more than four decades. The new framework will be developed in line with the principles and values that underline Australia’s liberal democratic society. It is therefore essential that the policy underpinning the new framework is informed by the views of those involved, stakeholders and Australian society.

https://www.homeaffairs.gov.au/reports-and-publications/submissions-and-discussion-papers/reform-of-australias-electronic-surveillance-framework-discussion-paper

Click to access electronic-surveillance-framework-discussion-paper.pdf

_____

Aquest apunt en català / Esta entrada en español / Post en français

On January 25, Colombian President Ivan Duque passed the Citizen Security Law, a regulation that was presented after the protests of 2021 and which he considers a triumph of legality despite having been a source of controversy, since it opens the door to the use of weapons in self-defence.

One of the main criticisms that the law receives is that it opens the possibility to the use of weapons as long as it is in self-defence against an unjust aggression, without any subsequent criminal responsibility.

As explained by the website dw.com, in an act that took place in the Casa de Nariño and in which different representatives of the Administration were present, the president passed three emblematic laws: a new disciplinary statute for the National Police, the Transformation and Professionalisation of the National Police and a National Security Law. The Colombian government considers that these three regulations contribute principles such as human rights, protecting life and defending citizens’ property.

Specifically, they consider that the Citizen Security Law gives peace of mind to the people, especially the peasantry and the business community, as it will prevent anyone from forcibly taking away their property, which can only be claimed by a competent authority. Likewise, the President believes that this is a new and necessary regulation that closes the gaps in criminality.

Ministers such as those of the Interior – Daniel Palacios – or of Justice – Wilson Ruiz – consider that the laws are desired and expected, guaranteeing rights and freedoms, and aimed at fighting crime and protecting citizens.

From now on, soldiers and policemen, according to the Government, will have a law that represents them and with a disciplinary regime that allows them to be protected, but requires them to act with excellence.

The Citizen Security Law is described by the opposition as an initiative that criminalises protest. In fact, this law was presented after the demonstrations that took place in Colombia in 2021, which began because of a tax reform proposal and lasted about two months, during which there were reports of serious human rights violations, especially abuse of police force, episodes of vandalism and armed civilians shooting at demonstrators.

One of the main criticisms of the law is that it provides for privileged self-defence when the victim defends himself or herself against whoever illegally enters their home or vehicle.

It also amends the Penal Code to increase the penalties for those who commit crimes against members of the security forces or human rights defenders, while the penalties for those who interfere with infrastructures intended for citizen security, mass transportation or military or police facilities will be from 48 to 144 months.

_____

Aquest apunt en català / Esta entrada en español / Post en français

In March 2021, the European Council adopted conclusions on the EU’s cybersecurity strategy for the digital decade. This strategy was presented by the Commission and the High Representative for Foreign Affairs in December 2020. It outlines the framework for EU action to protect citizens and businesses from cyber threats, promote secure information systems and protect a global, open, free and secure cyberspace.

The conclusions note that cybersecurity is essential for building a resilient, green and digital Europe. They set as a key objective achieving strategic autonomy while preserving an open economy. This includes reinforcing the ability to make autonomous choices in the area of cybersecurity, with the aim of strengthening the EU’s digital leadership and strategic capacities.

In its conclusions, the Council highlights a number of areas for action in the coming years, including:

– The plans to create a network of security operation centres across the EU to monitor and anticipate signals of attacks on networks.

– The definition of a joint cyber unit which would provide a clear focus for the EU’s cybersecurity crisis management framework.

– Its strong commitment to applying and swiftly completing the implementation of the EU 5G toolbox measures and to continuing efforts to guarantee the security of 5G networks and the development of future network generations.

– The need for a joint effort to accelerate the uptake of key internet security standards, as they will be instrumental for increasing the overall level of security and openness of the global internet while increasing the competitiveness of EU industry.

– The need to support the development of strong encryption as a means of protecting fundamental rights and digital security while at the same time ensuring the ability of law enforcement and judicial authorities to exercise their powers both online and offline.

– Increasing the effectiveness and efficiency of the cyber diplomacy toolbox paying particular attention to preventing and countering cyberattacks with systemic effects that could affect supply chains, critical infrastructure and essential services, democratic institutions and processes and undermine economic security.

– The proposal on the possible establishment of a cyber intelligence working group to strengthen the EU’s dedicated capacity in this domain.

– The importance of strengthening cooperation with international organisations and partner countries in order to advance the shared understanding of the cyber threat landscape.

– The proposal to develop an EU external cyber capacity building agenda to increase cyber resilience and capacities worldwide.

In order to ensure the development, implementation and monitoring of the proposals presented in the cybersecurity strategy, the Council encourages the Commission and the High Representative to establish a detailed implementation plan. The Council will also monitor the progress in the implementation of the conclusions through an action plan which will be regularly reviewed and updated.

_____

Aquest apunt en català / Esta entrada en español / Post en français

Norway’s government has submitted a bill to Parliament to decriminalise the possession of small amounts of drugs for personal use, a measure aimed at replacing punishment with treatment. The approach is identical to the one proposed in Portugal, for example.

The use and possession of illicit drugs will continue to be illegal, but instead of sanctions, people who are found in possession of small quantities will be referred to a mandatory municipal counselling service, where they will receive information about the risks and the negative consequences of drug use and be offered help, treatment and follow-up.

The Norwegian executive -led by the Conservative Party of current Prime Minister Erna Solberg along with the Liberal Party- argues that changing the policy is justified because several decades of criminalisation have proved unsuccessful, and prosecuting consumers only contributes to stigmatisation and social exclusion, dissuading them from seeking help for fear of being sanctioned.

According to the latest official data, in 2018, 286 people died from a drug overdose in Norway, whose rate of drug-related deaths is much higher than the European average.

Given that many drug addicts use multiple types of narcotics, the bill says that a person may have up to three different substances at any time, as long as neither exceeds the specified threshold. By contrast, the possession of higher quantities or any other type of involvement with illegal drugs, such as importation, manufacture or sale, will continue to be a punishable offence.

Norway’s debate on decriminalising drug use began in 2016; its proposal for the reform of its drug policy is based on a report prepared by an expert committee which was set up by Parliament two years ago, although the final bill reduces the permitted amounts so as not to facilitate trafficking and access. The Liberal-Conservative government only controls a minority in the Norwegian Parliament, so it will need support from the opposition to push the reform through, and, as yet, not all the parties have made their position on the matter clear. Opponents of the move include the Christian Democrats, who form part of the ruling coalition. However, they are expected to vote in favour of the bill out of loyalty.  

_____

Aquest apunt en català / Esta entrada en español / Post en français

The EU is working to stop terrorists from using the internet to radicalise, recruit and incite violence. The Council has adopted a regulation on the dissemination of terrorist content online.

The legislation aims to facilitate the swift removal of online terrorist content and establish one common instrument for all member states to this effect. The rules will apply to hosting service providers offering services in the EU, regardless of whether their head office is located in one of the member states or not.

Radicalisation and incitement to violence through social networks, video platforms and the live streaming of attacks have become ever more frequent factors in recent terrorist attacks. With the new rules adopted by the Council, law enforcement authorities will have an effective instrument to tackle this threat.

Voluntary cooperation with the hosting service providers will continue, but the legislation will provide additional tools for member states to enforce the rapid removal of terrorist content where necessary.

Competent authorities in the member states will have the power to issue removal orders to the service providers in order to remove terrorist content or disable access to it in all member states. The service providers will then have to remove or disable access to the content within one hour.

Hosting service providers exposed to terrorist content will need to take specific measures to address the misuse of their services and protect them from being used as a platform for disseminating terrorist content. The decision on which measure to use remains with the hosting service provider.

The legislation also provides a clear scope and a clear uniform definition of terrorist content to ensure fundamental rights are fully respected. Equally, it includes effective remedies for both users whose content has been removed and for service providers to submit a complaint.

The adoption of the Council’s position at first reading follows a provisional agreement on the text reached between the Council presidency and the European Parliament on the 10th of December 2020. The legal act now needs to be adopted by the European Parliament at second reading before being published in the EU Official Journal. The regulation will come into force on the twentieth day following its publication and start applying one year later.

_____

Aquest apunt en català / Esta entrada en español / Post en français

A few weeks ago, lawmakers in Mexico approved a bill to legalise recreational marijuana, a milestone for the country, which is in the throes of a drug war and could become the world’s largest cannabis market, leaving the United States between two marijuana-selling neighbours.

The 316-to-129 vote in the Chamber of Deputies came more than two years after the Mexican Supreme Court ruled that the country’s ban on recreational marijuana was unconstitutional and more than three years after the country legalised medicinal cannabis.

The measure would allow adults to smoke marijuana and, with a permit, grow a small number of cannabis plants at home. It would also grant licenses for producers — from small farmers to commercial growers — to cultivate and sell the crop.

If enacted, Mexico will join Canada and Uruguay in a small but growing list of countries that have legalised marijuana in the Americas, adding further momentum to the legalisation movement in the region. In the United States, Democrats in the Senate have also promised to scrap federal prohibition of the drug this year.

Security experts agree that the law’s practical impact on violence will likely be minimal: with 15 American states having now legalised marijuana, they argue, the crop has become a relatively small part of the Mexican drug trafficking business, with cartels focusing on more profitable products like fentanyl and methamphetamines.

Proponents of legalising marijuana contend that the bill is too limited in scope, even if it represents a symbolic breakthrough in the push to end a drug war that has cost an estimated 150,000 lives.

The bill mandates that small farmers and indigenous people be given priority in licensing, but stipulates only that these vulnerable groups can be granted more than one license.

With more than 120 million people, Mexico would represent the largest marijuana market in the world by population. The crop could become big business in Mexico, a potential financial lift for an economy badly battered by the coronavirus crisis.

Some activists fear that the law will overly favour large corporations, giving them access to the entire marijuana supply chain, from seed to sale, while leaving small-scale producers and vendors locked out of the lucrative market.

The bill in Mexico would allow individual users to carry up to 28 grams of marijuana and grow six cannabis plants at home. Cannabis could also be purchased by adults over 18 at authorised businesses and grown at a larger scale by licensed groups. Medical marijuana, which Mexico legalised in 2017, would be regulated separately by the Health Ministry.

Local activists say the restrictions on possession will limit the bill’s impact, particularly for low-income consumers, who may fall prey to extortion from the police, a regular occurrence in Mexico.

_____

Aquest apunt en català / Esta entrada en español / Post en français

Oregon became the first US state to decriminalise the possession of all drugs on the 3rd of November 2020.

Measure 110, a ballot initiative funded by the Drug Policy Alliance, a non-profit advocacy group, passed with more than 58% of the vote. Possessing heroin, cocaine, methamphetamine and other drugs for personal use is no longer a criminal offence in Oregon.

These drugs are still against the law, as is selling them. But possession is now a civil – not criminal – violation that may result in a fine or court-ordered therapy, not jail. Marijuana, which Oregon legalised in 2014, remains fully legal.

There are three main arguments for this major drug policy reform.

1. Drug prohibition has failed

The ostensible rationale for harshly punishing drug users is to deter drug use. But decades of research have found the deterrent effect of strict criminal punishment to be small, if it exists at all. This is especially true among young people, who account for the majority of drug users.

The United States has the world’s highest incarceration rate and among the highest rates of illegal drug use. Roughly 1 in 5 incarcerated people in the United States is serving time for a drug offence.

Because criminalising drugs does not really prevent drug use, decriminalising does not really increase it. Portugal, which decriminalised the personal possession of all drugs in 2001 in response to high illicit drug use, has much lower rates of drug use than the European average.

2. Decriminalisation puts money to better use

Arresting, prosecuting and imprisoning people for drug-related crimes is expensive.

The Harvard economist Jeffrey Miron estimates that total government drug prohibition-related expenditures were US$47.8 billion nationally in 2016. Oregon spent about $375 million on drug prohibition in that year.

Oregon will now divert some of the money previously used on drug enforcement to pay for a dozen new drug prevention and treatment centres statewide, which has been found to be a significantly more cost-effective strategy. Some tax revenue from recreational marijuana sales, which exceeded $100 million in 2019, will also go to addiction and recovery services.

3. The drug war targets people of colour

Another aim of decriminalisation is to mitigate the significant racial and ethnic disparities associated with drug enforcement.

Illegal drug use is roughly comparable across race in the US. But people of colour are significantly more likely to be searched, arrested and imprisoned for a drug-related offence. Drug crimes can incur long prison sentences.

_____

Aquest apunt en català / Esta entrada en español / Post en français

In December 2020, the European Council approved conclusions that acknowledge the increased use of consumer products and industrial devices connected to the internet and the related risks for privacy, information security and cybersecurity.

It believes connected devices, including machines, sensors and networks that make up the Internet of Things (IoT), will play a key role in further shaping Europe’s digital future.

The conclusions set out priorities to address this crucial issue and to boost the global competitiveness of the EU’s IoT industry by ensuring the highest standards of resilience, safety and security.

They also underline the importance of assessing the need for horizontal legislation in the long term to address all relevant aspects of the cybersecurity of connected devices, such as availability, integrity and confidentiality. This would include specifying the necessary conditions for placement on the market.

Some of the conclusions reached are:

• That the European Union and its Member States need to ensure their digital sovereignty and strategic autonomy, while preserving an open economy.
• That in addition to ensuring a high level of security of connected devices, it is equally important to increase consumer awareness of their potential privacy and security risks.
• That there is a need to establish cybersecurity norms, standards or technical specifications for connected devices and efforts undertaken by European Standards Organisations in this matter should be strengthened.
• That cybersecurity and privacy must be an essential part of product innovation, production and development processes, including the design phase, and must be guaranteed throughout a product’s entire life cycle and across its supply chain.

Lastly, cybersecurity certification, as defined under the Cybersecurity Act, will be essential for raising the level of security within the digital single market. The EU Agency for Cybersecurity, ENISA , is already working on cybersecurity certification schemes, and the conclusions invite the Commission to consider a request for candidate cybersecurity certification schemes for connected devices and related services.

_____

Aquest apunt en català / Esta entrada en español / Post en français