STUDIO
LEGALE
Avv.
STEFANO COMELLINI
Via Bocca di Lupo, 19
- 40123 BOLOGNA
Home
Page | Reati ed illeciti informatici
COUNCIL
OF EUROPE
COMMITTEE OF MINISTERS
RECOMMENDATION
No. R (95) 13
OF THE COMMITTEE OF MINISTERS TO MEMBER STATES
CONCERNING PROBLEMS OF CRIMINAL PROCEDURAL LAW
CONNECTED WITH INFORMATION TECHNOLOGY
(Adopted by the Committee of Ministers on 11 September
1995
at the 543rd meeting of the Ministers' Deputies)
The Committee of Ministers, under the terms
of Article 15.b of the Statute of the Council of Europe,
Considering
that the aim of the Council of Europe is to achieve a greater unity between its
members;
Having
regard to the unprecedented development of information technology and its
application in all sectors of modern society;
Realising
that the development of electronic information systems will speed up the
transformation of traditional society into an information society by creating a
new space for all types of communications and relations;
Aware
of the impact of information technology on the manner in which society is
organised and on how individuals communicate and interrelate;
Conscious
that an increasing part of economic and social relations will take place
through or by use of electronic information systems;
Concerned
at the risk that electronic information systems and electronic information may
also be used for committing criminal offences;
Considering
that evidence of criminal offences may be stored and transferred by these
systems;
Noting
that criminal procedural laws of member states often do not yet provide for
appropriate powers to search and collect evidence in these systems in the
course of criminal investigations;
Recalling
that the lack of appropriate special powers may impair investigating
authorities in the proper fulfilment of their tasks in the face of the ongoing development of information technology;
Recognising
the need to adapt the legitimate tools which investigating authorities are
afforded under criminal procedural laws to the specific nature of
investigations in electronic information systems;
Concerned
by the potential risk that member states may not be able to render mutual legal
assistance in an appropriate way when requested to collect electronic evidence
within their territory from electronic information systems;
Convinced
of the necessity of strengthening international co-operation and achieving a
greater compatibility of criminal procedural laws in this field;
Recalling
Recommendation No. R (81) 20 on the harmonisation of laws relating to the
requirement of written proof and to the admissibility of reproductions of documents
and recordings on computers, Recommendation No. R (85) 10 on letters rogatory for the interception of telecommunications,
Recommendation No. R (87) 15 regulating the use of personal data
in the police sector and Recommendation No. R (89) 9 on computer-related
crime,
Recommends
the governments of member states:
i. when reviewing their internal legislation and
practice, to be guided by the principles appended to this recommendation; and
ii. to
ensure publicity for these principles among those investigating authorities and
other professional bodies, in particular in the field of information
technology, which may have an interest in their application.
Appendix to Recommendation No. R (95) 13
concerning problems of criminal procedural law connected
with information technology
I. Search and
seizure
1. The
legal distinction between searching computer systems and seizing data stored
therein and intercepting data in the course of transmission should be clearly
delineated and applied.
2. Criminal
procedural laws should permit investigating authorities to search computer
systems and seize data under similar conditions as under traditional powers of
search and seizure. The person in charge of the system should be informed that
the system has been searched and of the kind of data that has been seized. The
legal remedies that are provided for in general against search and seizure
should be equally applicable in case of search in computer systems and in case
of seizure of data therein.
3. During
the execution of a search, investigating authorities should have the power,
subject to appropriate safeguards, to extend the search to other computer
systems within their jurisdiction which are connected by means of a network and
to seize the data therein, provided that immediate action is required.
4. Where
automatically processed data is functionally equivalent to a traditional
document, provisions in the criminal procedural law relating to search and
seizure of documents should apply equally to it.
II. Technical surveillance
5. In view of the convergence of information technology
and telecommunications, laws pertaining to technical surveillance for the
purposes of criminal investigations, such as interception of
telecommunications, should be reviewed and amended, where necessary, to ensure
their applicability.
6. The
law should permit investigating authorities to avail themselves of all
necessary technical measures that enable the collection of traffic data in the
investigation of crimes.
7. When
collected in the course of a criminal investigation and in particular when
obtained by means of intercepting telecommunications, data which is the object
of legal protection and processed by a computer system should be secured in an
appropriate manner.
8. Criminal
procedural laws should be reviewed with a view to making possible the
interception of telecommunications and the collection of traffic data in the
investigation of serious offences against the confidentiality, integrity and
availability of telecommunication or computer systems.
III.
Obligations to co-operate with the investigating authorities
9. Subject
to legal privileges or protection, most legal systems permit investigating
authorities to order persons to hand over objects under their control that are
required to serve as evidence. In a parallel fashion, provisions should be made
for the power to order persons to submit any specified data under their control
in a computer system in the form required by the investigating authority.
10. Subject
to legal privileges or protection, investigating authorities should have the
power to order persons who have data in a computer system under their control
to provide all necessary information to enable access to a computer system and
the data therein. Criminal procedural law should ensure that a similar order
can be given to other persons who have knowledge about the functioning of the
computer system or measures applied to secure the data therein.
11. Specific
obligations should be imposed on operators of public and private networks that
offer telecommunication services to the public to avail themselves of all
necessary technical measures that enable the interception of telecommunications
by the investigating authorities.
12. Specific
obligations should be imposed on service-providers who offer telecommunication
services to the public, either through public or private networks, to provide
information to identify the user, when so ordered by the competent
investigating authority.
IV. Electronic
evidence
13. The
common need to collect, preserve and present electronic evidence in ways that
best ensure and reflect their integrity and irrefutable authenticity, both for
the purposes of domestic prosecution and international co-operation, should be
recognised. Therefore, procedures and technical methods for handling electronic
evidence should be further developed, and particularly in such a way as to
ensure their compatibility between states. Criminal procedural law provisions
on evidence relating to traditional documents should similarly apply to data
stored in a computer system.
V. Use of
encryption
14. Measures
should be considered to minimise the negative effects of the use of cryptography
on the investigation of criminal offences, without affecting its legitimate use
more than is strictly necessary.
VI. Research,
statistics and training
15. The
risks involved in the development and application of information technology with
regard to the commission of criminal offences should be assessed continuously.
In order to enable the competent authorities to keep abreast of new phenomena
in the field of computer-related offences and to develop appropriate
counter-measures, the collection and analysis of data on these offences,
including modus operandi and technical aspects, should be furthered.
16. The
establishment of specialised units for the investigation of offences, the
combating of which requires special expertise in information technology, should
be considered. Training programmes enabling criminal justice personnel to avail
themselves of expertise in this field should be furthered.
VII.
International co-operation
17. The
power to extend a search to other computer systems should also be applicable
when the system is located in a foreign jurisdiction, provided that immediate
action is required. In order to avoid possible violations of state sovereignty
or international law, an unambiguous legal basis for such extended search and
seizure should be established. Therefore, there is an urgent need for
negotiating international agreements as to how, when and to what extent such
search and seizure should be permitted.
18. Expedited
and adequate procedures as well as a system of liaison should be available
according to which the investigating authorities may request the foreign
authorities to promptly collect evidence. For that purpose the requested
authorities should be authorised to search a computer system and seize data with
a view to its subsequent transfer. The requested authorities should also be
authorised to provide trafficking data related to a specific telecommunication,
intercept a specific telecommunication or identify its source. For that
purpose, the existing mutual legal assistance instruments need to be
supplemented.