Criminal justice on the Internet – identifying common solutions – WS 4 2017

From EuroDIG Wiki
Jump to: navigation, search

7 June 2017 | 11:00 - 12:30 | Ballroom I, Swissotel, Tallinn, Estonia | video record
Programme overview wiki | Programme overview EuroDIG web site

Session teaser

Digital investigations are not all about cybercrime or internet enabled crime anymore. Almost every real life criminal act from shoplifting, robbery, car theft leave digital traces. Law enforcement has short arms: collecting electronic evidence is getting increasingly complex in a cross-border environment with many unregulated intermediaries. Criminal justice in cyberspace depends on the development of working solutions to the problem of digital evidence collection, but different stakeholders are still struggling not only to find those solutions, but even to speak the same language.

During this session we will bring together various stakeholders: law enforcement, legislators, civil society and private sector to discuss possible solutions to the challenge of criminal justice in cyberspace. Our goal is make us walking in each others' shoes and understand each other's concerns. Join us and contribute to the discussion!


cybercrime, digital investigations, law enforcement, digital evidence, electronic evidence, criminal justice

Session description

When it comes to the Internet, law enforcement is not operating in a lawless land. However, digital investigations are problematic because of the patchwork of national laws, slow mutual legal assistance system and the need to cooperate with intermediaries located in foreign jurisdictions. Furthermore, criminal procedural law is subject of strict safeguards and must always respect human rights. What are the legal and ad-hoc solutions for solving the problem of obtaining digital evidence? How do law enforcement cooperate - and would like to do so in the future - with intermediaries? What can we do to improve this cooperation? What are the best practices? The session will discuss some of the problems, particular existing solutions and the way to improve the cooperation between law enforcement and other stakeholders without compromising on human rights and safeguards. The issues to be discussed, among others are: Practical solutions to existing challenges. e.g. Carrier-grade NATs issue.

  • Clear frameworks for cooperation between intermediaries and law enforcement.
  • Current and future solutions for jurisdictional problems in obtaining digital evidence.
  • Human rights and safeguarding privacy.


All the participants to engage in the discussion. The panellists invited to the workshop are the resource persons for the discussion, and the co-moderators will ensure that the workshop is interactive with everyone contributing. The main goal of this session is to ensure that stakeholders are aware of each other’s problems and are ready to discuss and work towards a common solution.

The moderators will open the floor for everyone’s questions and comments during the whole session making sure the discussion remain on the topic.

Further reading

Until 30 April 2017. Links to relevant websites, declarations, books, documents. Please note we cannot offer web space, so only links to external resources are possible. Example for an external link: Main page of EuroDIG


Focal Point:

  • Richard Leaning, RIPE NCC

Subject Matter Expert (SME):

  • Tatiana Tropina (Max Planck Institute)

Key Participants

  • Gregory Mounier, Head of Outreach at European Cybercrime Centre (EC3), Europol
  • Catrin Bauer-Bulst, Deputy Head of Unit, DG HOME, European Commission
  • Konstantinos Komaitis, ISOC
  • Christian Borggreen, Director, CCIA Europe


  • Richard Leaning, RIPE NCC
  • TBC

Remote Moderator

  • Fotjon Kosta, ‎Head of ICT at Ministry of Energy and Industry, Albania

Organising Team (Org Team)

  • Christian Borggreen
  • Fotjon Kosta
  • Jens-Henrik Jeppesen
  • Matthias Spielkamp
  • Konstantinos Komaitis
  • Desara Dushi


  • Tatiana Tropina, Max Planck Institute for Foreign and International Criminal Law

Video record


  • Practical ad hoc solutions to the digital evidence problem will not solve legal “wild west”. There is a need for structured solutions, including modifying existing legal standards.
  • The possible solutions can involve – along with changing the legislation – standardisation of forms, capacity building and training, the establishment of channels for facilitating requests (like online portals).
  • The structured solutions, while harmonising procedures in different countries and facilitating requests, should respect safeguards and human rights and be transparent.
  • It is important that all stakeholders take part in the discussion on the solutions development.
  • There is a need for capacity building not only for law enforcement to process requests in criminal investigations but also for both law enforcement and intermediaries to create a common understanding in processing requests – sending high-quality drafted requests and responding to them – in a cross-border environment.
  • In addition to improving mechanisms of international cooperation in criminal matters, there is a need to engage with electronic service providers to gradually reduce the use of technologies that prevent online criminal attribution such as Carrier Grade NAT / LSNAT.


Provided By: Caption First, Inc., P.O. Box 3066, Monument, CO 80132, Phone: 1 877 825 5234, +001 719 481 9835,

This text is being provided in a rough draft Format. Communication Access Realtime Translation (CART) or captioning are provided in order to facilitate communication accessibility and may not be a totally verbatim record of the proceedings.

>> RICHARD LEANING: Okay. Good morning. It's 5 past 11. Could someone shut the doors for me? Thanks.

My name is Richard Leaning, I'm from the RIPE NCC which is the regional Internet registry from Europe, all the way up to Russia and down to the Middle East. And we look after the ministry, IP addresses. I'm the moderator and my co-moderate is Nina from ELSA. And this is on criminal justice. Just to give you a bit of background and I'm sorry if I'm walking around. But I can't see because that light is right in my eyes. That's better.

Today's session is going to basically be on the challenges that law enforcement, in particular, have when they are investigating criminal offenses that have a presence on the Internet. And I phrase it that way because are cybercrime as we all hear, is not just what law enforcement need evidence for. All crime, from theft of articles, theft of cars, burglary, murders, rapes, terrorist offenses, et cetera, et cetera, all have a presence on the Internet. And therefore, criminal justice, for it to proceed, needs law enforcement's ability to gather e-evidence. Evidence that's on the Internet that will help them in their investigations on Internet offenses. It's not cybercrimes. Get that out of your heads. It's all crime has a presence on the Internet.

So on the panel today, we have Greg Mounier who is from the Europol, the European Cybercrime Center; Konstantinos Komaitis, who is from ISOC; Christian Borggreen who is the CCIA; and Catrin Bauer-Bulst who is the deputy head of the cybercrime unit with DG HOME.

So we will start with Greg, who is going to talk about things called carrier grade NAT. It's one of the challenges where you have 1,000 people one IP address at the time. And the challenges that that poses for law enforcement. And they we'll build the conversation up from there. So we'll start with Greg. Please.

>> GREGORY MOUNIER: Good morning, everyone. Thank you very much, Dick for the introduction and Tatiana for putting the panel together and EuroDIG to invite Europol.

I'm representing the Europol, the European police agency and I'm working for the cyber division. We have many challenges to investigate crime online, when we say crime online, it's really as Dick said, any type will criminal activities which is using technology and access to the Internet. It doesn't have to be cybercrime, malware and the rest. It can be just somebody has a phone on that person, and you need to track that person down, for instance. And you will face problems to investigate that crime, because of specific issues.

So I'm just going to very briefly go through three main challenges and then I spend a bit more on the CGN problem afterwards. So the first maybe problems and I will get it out of way straightaway, it's encryption. Encryption is great. It's sustaining our digital society. We need encryption for having -- for protecting privacy. We need strong encryptions for protecting our economy, for everything. It underpins our connected society. That's no problem.

But, of course, encryption is being misused, and used by individuals for criminal purposes. It is a fact that you have less and less warrant or request from weren't from police to the judges to wire tap phones nowadays because most of the time criminals, be them terrorists or traffickers, any type of criminals, they will be using signals, communication apps because it's more convenient, like you would do, they actually do it as well.

Plus, it is encrypted and we don't have access to the content. So that's an issue. As a society, I think we need to find a solution. It's one the challenges that nowadays the law enforcement community has to investigate crime online. Another aspect is access to electronic evidence. In the past when you would come if you are on homicide, you would start gathering clues, and it can be a fingerprint, a footprint, and the weapon that has been used, maybe still lying on the floor. You will take a number of physical evidence in order to build your case, and potentially identify a suspect, and all -- or dismiss that suspect which might have done anything.

Even if it's a local crime, most of evidence will be on the scene. Nowadays even if you have a local crime, like somebody gets on to a bank network and steals some money, it's a local bank but most of your evidence will be stored somewhere on a server not in your jurisdictions. So straightaway even if it's a local type of cybercrime, you have to rely on heavy and cumbersome, traditional justice corporation instruments, international instruments such as the legal system treaty and so there's a crime and tools we are using. Of course, electronic evidence are very volatile. Being be deleted very quickly and moved from one country to another, very quickly.

And so if you need to veg quickly the type of crime, you need to rely on cumbersome and lengthy international tools.

So that's another challenge.

The third challenge, I want to talk about is data retention. You are aware about a series of rulings that the European code of justice has given last year in curtailing and limiting the rights and the obligations of the electronic service providers to log data. From a law enforcement perspective, I think it has to be made very, very clear, without historical data, you cannot investigate crimes related to the Internet. You cannot. If you are investigating a crime, you can say, please log on all the information that's related to this and that, devices, communication devices used by the group.

But most in times when the police, then you have to look in the past in order to be able to identify those people and would did the crime. If you limit the data retention obligations too much, then you are unable to investigate crime online.

That's really the message.

Last but not least, I want to spend a let more on carrier grade NAT. It's adopted by Internet access providers, Internet access providers, fixed line being mobile.

This is due to the limited IPv4. They adopt these transition mechanisms to do the transitions and five years later, we are in a situation where 90% of the mobile Internet access providers, for IP V4. What is a NAT. You can have potentially -- in theory, you can have up to 65,000 users using exactly the same IP address, public IP address.

Most of the time, if you are investigating -- if you manage this IP and go to the Internet access providers they will give you a list between hundreds and thousands of users using exactly same IP address at the same time. From the law enforcement perspective, this is a nightmare, of course, because we know that IP addresses are not the only identifiers and it's not because you get the name and the address that you get to the device, that you get your suspect. It's a vast array of evidence that leads you through normal traditional police work to identify with the suspect but still in 80% of your investigations you will start with an IP address. You will start with an email address and you need to get subscriber information, otherwise you can't start investigating.

So we are in a situation now, five years later, 2017, where most of the Internet access providers in the world are using carrier grade NAT or launched large scale net to mutualize IPv4, which is IPv4 and IPv6 for everyone, so you can go everywhere on the Internet even if you have traditional legacy.

Of course, v6 is growing very slowly but not fast enough. And so what does that mean in terms of investigations? As I just said, if you have an IP address and you go to an Internet service provider with the IP, you get a huge list of potential suspects. So if it's -- let's say that somebody is selling an AK-47 and this is a proper case on -- on the public web, on an advertisement website, and that gets reported to the French police because that's a French case recently. As an investigator, if you see that the AK-47 is being sold on the Internet, you have alarm bells ringing. It's either because it might be used in tracking violent hands or something, to rivals or for a mass shooting in Paris.

Over the last two years, that's the only times when AK-47s have been used.

If someone is selling an AK-47 on the Internet, it may not be an offense but the consequences may be super high. You get to the platform and you say, please give me the information of the person who posted that ad. You go to the Internet service provider and you say who is behind? And then they will tell you and that's what happens. They will tell you, well, I can give you a list of 100 people who have been using this IP address at the same time. What do you do? You drop the case, simple, because you don't have the ability to investigate them.

The other cases of terrorism and drug trafficking might be really severe.

I give you another case. Child abuse case. Somebody is uploading information. It's a UK address. The police request the IP address. We get the time stamp. We go back to the Internet access providers, no, sorry, we have 50 or 100 users. What do you do? It means that if somebody is actually uploading new images on the platform, that means a kid is violated and raped. In the severity, you will investigate every single people on that list. CGN is pushing the judiciary and the law enforcement community to use privacy invasive investigation methods whereas if everyone was to be moving to IPv6, and phase out CGN, then we would find one potential suspect and we could do our normal work and follow the work and do our investigative work.

I will probably end here. There are alternative solutions. In Belgium, for instance, the police and the prosecution, they agreed on a voluntary agreement whereby they are limiting the number of people they are putting behind each IPv4, which means when the Belgium police request the subscriber information behind an IPv4, they get four suspects.

In France and Germany, they will probably get 50. That's a massive difference in terms of investigation. There's an alternative. We need to push and solve that issue.

Thank you.

>> RICHARD LEANING: Thank you very much. I think it was important to set the framework for this discussions, the challenges that law enforcement are having in this arena.

I'm also conscious that some of the technical people will use terminology that not everyone will understand. If they say something, that you don't understand, otherwise we will go down technical jargon that only a few of us will ever understand.

So now that we know what the challenges are, we have some other panelists say what is happening to try and lessen those challenges, try and help law enforcement do what they do. And do you we have Catrin from DG HOME. Can you hear us, Catrin.

>> CATRIN BUAER-BULST: Yes, hello, everyone. I hope you can hear me.


>> CATRIN BUAER-BULST: So, yes, I'm Catrin Bauer-Bulst, I'm here at DG HOME with the European Commission and we have been doing a little work, in particular, on one of the issues that Greg has just introduced on access to electronic evidence. I think Greg made it very clear what the challenges are that law enforcement and judiciary face in investigating cases nowadays that involve electronic evidence, and these are compounded that many times the relevant information will not be located in the same jurisdiction where the investigation is taking place.

So just to build a simple case, you have an incident where -- where criminals conspiracy to commit a terrorist attack together, and they communicate amongst one another, using gmail or a telegram or another email or messaging service.

Now, even if all of the facts of case -- so the actual terrorist incident, all the persons participating in the plotting, all the victims are located in the same jurisdiction, the simple fact that these terrorists were using messaging service, that may be storing its data elsewhere, that may be run by a company that's headquartered or established elsewhere, creates a cross border element in the case, that otherwise is purely national in scope. And this cross border element creates additional challenges in the law enforcement and the judiciary because the tools they work with are designed for their local jurisdiction. As Greg was already saying in these cases, the police and the judiciary have to rely on instruments for cooperation, mutual legal assistance is the main one of these instruments and our main destination for mutual assistance requests these days is the United States.

And just under one of the conventions that we have the EU, US mutual assistance convention, we have something like 4,000 requests from the EU Member States to mutual legal assistance to the US. Now, these procedures take quite a long time. So on average, it takes about ten months before a response can be provided and that provides -- that creates significant challenges for investigations.

Now, granted if there are situations such as terrorist cases, or other incidents that require an emergency response, there is an emergency mechanism that is foreseen, but for every normal investigation, and that includes even those that Greg was highlighting on child sexual abuse, you are stuck with this ten month deadline -- well, with this ten month average. It can be faster. On occasion, welcome it is take a lot longer. So that's really the average.

This was identified as a major problem as all of the 28EU Member States and they adopted some conclusions last summer, in June of last year in jurisdiction on cyberspace and asked the European Commission to take a look at whether there was a pay to improve the existing situation and they asked us to focus, in particular on three specific areas. First of all, they wanted us to look at what we can do to improve direct cooperation between law enforcement or the judiciary, and service providers located in another Member States or outside the EU in particular in the US.

Now, as you may know, under US law, service providers based in the US can voluntarily cooperate with law enforcement from other states, including EU Member States for access to non-content data. So if law enforcement as in the case that Greg was explaining, needs subscriber information to identify who is behind a certain action or who is behind an account, that subscriber information under US law can be revealed also upon request by foreign law enforcement.

And the same is true for metadata. That's not the case for content data which has to be requested through mutual assistance at the moment.

So that's first channel that the Member States asked us to improve. The sick channel that they want us to look at is mutual assistance. So how can we bring that ten month time frame down? What can with do to improve the way that the ex U and the US, in particular, but also other third country partners work together on mutual legal assistance and what can we do to speed up the mutual assistance which have been replaced by the European investigation order in large part.

The third part, excuse me, that the Member States asked us to look at is jurisdiction in cyberspace more generally. So what other measures are relevant and what can be done to improve the framework for these measures?

Now, we in, response to this, with the commission launched an expert process that included stakeholders from the Member States, the judiciary, the ministries, law enforcement, from civil society, because of course the service providers are very much concerned by these measures. And then also from academia, to make sure that we have all the relevant expertise to be able to propose new ways forward. And that's what we have been doing over a large part of this past year. We have been trying to pull together first of all the problem definition on what exactly it is that we are talking about and what the challenges are. And some of the main issues that we have identified surround issues such as the transparency of the process, the lack of accountability of stakeholders in the process, depending on the legal framework that was being applied, the cumbersome bureaucracy that was behind some of these procedure that dates back when these were few and far between and when most cases were national in nature. And the burden on the service providers to be able to respond to requests from law enforcement, which often requires them to assess the legitimacy of a request that was made under foreign law and hence requires them to gather or build expertise on how that foreign law works.

And all of the -- this is just a snapshot of the problem definition that these problems were summarized in a December progress report to the stakeholders which is published on our website. So if you go to the European Commission website, you will find a dedicated subsite on electronic evidence, where everything I talk about today is explained in more detail and where you will find all the relevant documents.

After we establish the problem definition, we worked a bit more on possible options to address these issues and we're, in fact, reporting back to the ministers of justice of all the EU Member States tomorrow, which is also why I'm not participating in person but was asked to stay here in Brussels just in case there's any last-minute hiccup. Our big process is coming to a conclusion tomorrow for first phase of it. And in preparation of that we published two weeks ago two papers that summarized the expert process and I want to tell you briefly about now. You will also find them on the website.

We have summarized a number of practical measures and also proposed some legislative options for improving the situation and access to electronic evidence across borders. So first of all, in terms of the practical measures, we looked at what we can do in particular to improve the cooperation between the law enforcement and the service providers because that's where the largest volume of requests is currently being shared.

So if you look at the statistics there's more than 100,000 requests going from law enforcement in all 28EU Member States to service providers just in the United States and that shows the significance and the importance of this process which again applies just to non-content data so that subscriber data and metadata. And for this process, we have proposed a number of options just through a number of practical measures to improve the way it works now, to improve the quality and reliability of the process, we have proposed in particular to establish single points of contact on both sides. So to have -- to have within the Member States a single point of contact that can provide expertise and different policies of the service providers and that can make sure that the requests that are outgoing from that Member States meet certain quality standards.

We have also proposed to the service providers to consider streamlining their policies because as the US legislation does not provide any particular guidance on what procedures should apply, each service provider has been left to come up with their own policies hasn't that creates significant challenges for the Member States. We are trying to standardize the number of forms and we made available 1 million Euros funding for training for law enforcement and the judiciary on how to cooperate with -- with service providers and also on how to use the US mutual assistance procedures.

We are also looking at establishing an online portal at the EU level to provide information on the applicable rules and to facilitate the making of requests. And to improve the functioning of mutual assistance of the European investigation order within the EU, we are making available an online portal and standardized form so judiciary cooperation between the EU is -- is fit for the modern age and is swift enough to respond to the needs.

Now, perhaps even more interestingly for this discussion, we have also proposed a number of legislative options at the request of the ministers who have asked us to set out the practical measures and the legislative possibilities. And the options that we have set out in the paper on the basis of expert process fall into two different categories. So one part is designed for situations where you have intermediary. Who you can request to provide information. So a service provider is your counterpart.

The second category, applies in a situation where there's no intermediary, where there is, for example, a situation of an open search, where somebody with a warrant is searching a device of a suspect that is -- that has data stored. The so-called remote or direct access. For the first category where we have an intermediary, we proposed a number of different options that will be considered by the ministers tomorrow that relate to production requests or production orders. And in particular, we looked at possibility to standardize the procedures that the Member States apply when requesting access to information across borders, and we are looking at possibilities of doing this within the EU, beyond what is already possible in the European investigation order and also possibly beyond the ex U, in particular when it comes to the US and non-content data.

And we're looking at both mandatory forms and involuntary forms so that there would just be a standardized procedure without the resulting voluntary request being mandatory for the service provider.

And on a direct or remote access, we have been looking with experts at possibilities to mitigate the cross border effects that access can have. And in particular on whether there are ways to standardize the safeguards and minimum conditions that the Member States apply in choosing to use these measures which at the moment are very different across the different EU Member States and we are also looking at the possibilities of introducing a notification solution so that when law enforcement is enabled on usually the judicial order to take access to remotely store data directly.

But if law enforcement discovers where this data is stored the relevant country is noted by. And these measures we're presenting to the ministers of justice tomorrow at the justice council in Luxembourg for their further guidance on how to proceed.

And in the ministers tell us that they want us to take forward these legislative options for further consideration, then we will look at developing legislative proposals for the EU in the months to come, and we'll continue our expert process. So today and tomorrow are very exciting days for us. So we will have to see how things continue, and on that basis, we may continue our work.

And now I will stop here and leave room for further discussion.

>> RICHARD LEANING: Thank you very much.

We have a question for you Catrin.

>> AUDIENCE MEMBER: Excuse me, for intervening into the panel floor. I would like to ask Catrin, are you talking about remote forensic software for the purpose of interception and so on, because it's different than the remote access to the stored data. Basically the commission is requesting both or possible notification for other country. So it's not captured in realtime. It's access to -- am I right? Am I getting it right?

>> CATRIN BUAER-BULST: It is to be further defined. So the Member States currently differ on what they permit, and one of the options that the experts established does not actually intervene if what Member States currently do. It just says that if Member States exercise the legal options available to them under their national law, and discover in the process -- because usually they are in situations where the location of the data cannot be established and where cooperation with another state is difficult or impossible.

So if during the course of investigation under their national legal instruments they do take access to such data and if in the data they find clues where the data may be hosted, then one option that we have put forward for consideration is that at that point, the Member States that is found to possibly be hosting data should be involved by means of a notification procedure that could extend from the mere notification to a possibility for the Member States to refuse the use of the data for evidentiary purposes in a major proceeding.

At this point the options are still open. We haven't limited the scope of the possible measures and are awaiting the reaction of the ministers to this.

>> RICHARD LEANING: Okay. Thank you. Data response, but I think it's important to say what the commission and the legislators are doing in this field, just to get a base and you will probably never get a more detailed briefing on what's going on than what you have now. Thank you, Catrin. We will got private industry debate for Christian. What are the service providers are doing.

>> CHRISTIAN BORGGREEN: My name is Christian Borggreen, and I'm with the CCIA. This ambiguity is also a problem for our members who are international.

I want to quickly touch upon the points that we heard from Europol to carrier grade NATs and the new players and the discussions that the European ministers will be hearing tomorrow.

So in terms of carrier grade NATs. This is a temporary solution. It's only a temporary solution as we all migrate from IPv4 to IPv6. Our members prefer a one-to-one, so one address to one user entity and all of our members such as Google, Facebook and NetFlix are all IPv6 enabled. So their traffic use, IPv6 where that is possible to deliver to end users.

So we obviously acknowledge that there are some problems with carrier grade NATs for law enforcement and I think it's important to have the discussion and I think you are having that also with broadband service providers and maybe there are some of them here in the room who can explain a little bit some of the practical measures, some the voluntary solutions which could include locking the source point for these broadband providers.

And also maybe limiting the number of users who will be using the same IP address. So we will welcome that discussion.

But, of course, the long-term solution is, of course, the rapid migration to IPv6. In terms of what we heard from the commission here. So we have a CCA. We have been taking part in the stakeholder discussions together also with civil society that the European Commission has been holding this year, and we welcome this dialogue. I think it's very important that all states are taking part in these discussions and I think it's great that Catrin is participating, doing remotely. I think it's a good sign of engagement with stakeholders.

We want to provide more clarity for users, Internet service, service providers, law enforcement and I think everyone will benefit from more clarity. And law enforcement must go hand in hand with safeguarding user rights, mainly privacy. I have think that's a baseline for this entire discussion, of course.

In terms of what our companies are already doing, some of the practical measures we are already doing in terms of training for law enforcement authorities, it is in our interest that a law enforcement officer in Tallinn or Romania is able to identify how to get in contact with Facebook or have a single point of contact and that they use -- they are able to craft high quality requests for information, which we can actually evaluate and if it's lawful that we can respond to and to help them. So that's already something we are doing.

In terms of commission's practical solutions which they will presenting tomorrow to ministers, I think they are all -- I think they all look very, very good. I take over the criticism that maybe some, especially US providers, may be interpret a little bit differently the national laws and maybe we should be looking a little bit and compare a little bit of notes so we give the same response back to law enforcement when we request data that we have the same interpretation of the rules.

Especially the European framework is a jumble of a bunch of national rules. And more clarification would be helpful.

In terms of standardization that law enforcement greats, that would be great, that Europol would help us provide that. And more training for law enforcement officers, especially when it relates to US providers because we have a different legal obligations that the US members have to adhere to. And then I think having one online portal with all the legal requirements created by the commission, I think that will be helpful as well. So everybody is sort of on the same page.

Now on the legislative parts, approve the commission proposal, because obviously all the practical solutions do not solve this legal jungle that we are faced with, in Europe, so even though the practical solutions are great, we proudly acknowledge that there's a need to look at this from a legal perspective. I think the idea of trying to give law enforcement the opportunities to more directly require data from another EU Member States is useful on a voluntary basis. And we can only do this if we are volunteered to do. So.

And the EU instrument which defines the common conditions and the minimum safeguards, including notifications, I think that would be probably a good idea. I have one question. Tatiana was very, very quick in asking the first question. It was my question in terms of the direct access. I'm still a fussy about what that will include. Make Catrin will include that in the press release after the discussion with the Member States. That's what I'm a little built about the user safeguards in terms of right to a fair trial, right to defense, privacy, data protection, ensuring a judicial redress for uses. I want to make sure that that's fully thought out. I'm sure it is, but maybe Catrin can give us more clarity.

So sum up on carrier grade NATs it should be a temporary solution. It's migrating to IPv6 but it's great to have discussion with the broad band providers and provide some interim solutions. In terms of commission's work and their presentation tomorrow to ministers, I think it's a great discussion to have an all stakeholders have been involved. We welcome the practical measures that have been outlined, including those which requires a bit of work on our side. And we have a few questions related to the direct access option because it's only an option that ministers might go for or not.

We want to make sure that it respects the safeguard for users that lead to privacy. Thank you.

>> RICHARD LEANING: Thank you very much, Christian and the last panelist, Konstantinos Komaitis to given your view on the discussion so far.

>> KONSTANTINOS KOMAITIS: Thanks. So I think it's safe to say from what we heard so far that the environment is not surprisingly very complex and things are a little bit messy. And there are two issues here. We have a technical issue with carrier grade NATs and then there's the more legal issue that move into the IMlets. I work for an organization called the Internet Society. I'm in the public policy team. For those of you who are not very familiar with what we do.

We provide -- we do a lot of things, policy, technology and development for the Internet. But one of our core functions is to provide a home to the Internet Engineering Task Force. This is the organization that makes the standards and make the Internet and have made the Internet to what it is today. Which brings me to the whole discussion about the carrier grade NATs. The ITF creates the IPv4 suit and suite of addresses and it's been realized that they were issues with exhaustion and it's -- by the time they realized that, they started working on IPv6. And for the past too many years there are a lot of Working Groups and a lot of engineers that are working and trying to make sure that IPv6 is deployed throughout the Internet, because of the problem that we're facing with IPv4 addresses.

I think that both Greg and Christian have alluded to the fact that IPv4 is supposed to be a temporary solution. The deployment of IPv6 is not as fast as the engineers, the ITF and also companies have hoped for. But we see more and more deployment happening. I was actually very interested to hear that Belgium that has deployed most of the IPv6 addresses. Actually, 80%, if I remember the number directly are Belgian services and companies surrounding with IPv6 services. So it's not a surprise that there is this requirement with carrier grade NATs and this is one of the incentives that governments can create in order to overcome this issue. Because whether we like it or not, there are serious privacy considerations. There's the need for -- and there is a balancing act here. There is the very tangible and real need for law enforcement to be able and get access to those criminals and those -- and identify who is behind the address, the specific address that's engaging in criminal activity.

There again, there's the privacy component that says if you have hundreds of people behind the same address and you expose them to -- to law enforcement just because you are trying to find one person, where do you draw the line?

Which brings me sort of to the -- to this whole idea of, you know, the IMlets and the cooperation that's happening. First of all, IMlets system, it's an old system. I think it was put to go around the 1940s. The only process that ties together the laws on both the receiving and the request country, right, making it legally robust at all levels.

Here come the Internet, and the IMlets. They are proving to be extremely slow and this can have a huge detrimental effect on the way the requests are being processed. And the way -- and it can nationalize the creation of new data for data to be held in a country. Thus in a way, contributing to data localization with all of its harmful impacts. So the unique challenges for IMlets in the context of the Internet, we can summarize them in two big buckets. The first one is that in, many cases, IMlets are based on dual criminality. So they pose a general dual criminality requirement which means that the conduct criminalized should be criminalized in both countries or they require the dual criminality standard to be met for some kind of assistance and this does not always happen when it comes to the Internet because you have too many jurisdictions occasionally involved.

Then there's the complexity of managing electronic evidence requests. IMlets -- the IMlet process is time consuming and this makes it very difficult to capture electronic data effectively. And there are too many levels of the bureaucratic process before it's -- and transmitted to the requesting authority. Now until all that happens, electronic evidence can be lost, can be altered, can be altered. So we have a system that used to work. It's a very good system that because it's based on cooperation, and this cooperation needs to be happening between jurisdictions, law enforcement requests, but at the same time, he doesn't appear to be fit for purpose.

So what do we do? I do not have the answer yet to that. But I -- you know, I would be really interested to hear from you how we can overcome the -- the slowness and the time consuming issue of IMlets but not abandoning the whole rationale behind them.


>> RICHARD LEANING: Thank you very much, Konstantinos Komaitis.

Now we are just opening it up to the floor and I will start off because I have one question and I will say this as a RIPE NCC person, and I will ask this to Christian, why are the providers not using IPv6. Why aren't they using IPv6?

>> CHRISTIAN BORGGREEN: You are talking about the broadband providers. We represent the Internet companies. I cannot respond on the broadband providers but there are a number of -- to my understanding, there are a number of costs, a number of different obstacles related to that.

So I don't know, maybe there's someone in the audience who has a better view on that. I think the point is exactly we need to all migrate to IPv6 and in the interim, if there are some challenges related to that, we should be discussing exactly the example from Belgium, maybe there's interim solutions to be found.

>> RICHARD LEANING: The reason -- I will finish the carrier grade NATs. V4 doesn't speak to v6. That's why we have it. There has to be a box in the middle that allows the two to speak to each other and there will be a mathematical reason why they don't speak which I know because v4 is that size and v6 is that size.

So thanks very much to the panelists. Do we have -- anyone has any -- yes, we have already a question. Good. Thank you.

Please stand up and let me know who you are.

>> AUDIENCE MEMBER: My name is Alexander. I would also like to briefly inform you about the developments made to the Council of Europe with regard to cross border collection of electronic evidence. So within the Council of Europe cybercrime division, the TCY, which is cybercrime commission committee that represents the 55 parties to the Budapest convention, it's on cybercrime and electronic evidence, cybercrime that you mentioned. So the TCY identified that it became more and more challenging for criminal justice authorities to obtain cross border electronic evidence within their criminal justice investigation.

So two years and a half ago, the TCY established a Working Group, to look into these challenges and provide some solutions to address these challenges. The group after having comprehensive meetings with all important stakeholders, on this topic, with data protection organization, with international organization, with private sector, with academia, to the end of 2016, proposed some -- some solutions to address this legal challenges. And this solution went from practical and legal solutions domestic level to make mutual legal assistance more effective. Also comprised a draft guidance note -- or guidance note is a common understanding of all parties to the Budapest convention with regard to one article, and this article, Article 18.1b regards the possibility ever criminal justice authorities to the Budapest Convention to request data, subscriber information only, from service provider which is not established in that country, but is offering the services towards that country.

And in February, this guidance note was adopted and once implemented in the domestic law of the parties, it will give the possible for criminal justice authorities to ask subscriber information from service providers which are not established in the territory of that country but direct services towards that country.

Another proposed solution to the TCY was the differentiating the rules and procedures regarding subscriber information, traffic data and content data. So to make it possible for criminal justice authorities to obtain subscriber information, more easily than traffic data or content data. And the last solution, proposed by the group, and I may say that these are not alternative solutions but are community solutions which can be taken gradually, is the negotiation and the future adoption of an additional protocol to the Budapest convention to address all of these mentioned challenges. And since today and until the 9th of June, the TCY will help its plenary and discuss the terms of reference with regards to this additional protocol. So Council of Europe is working towards identifying solutions and we have tried to address this solution, if feasible with the help of an additional protocol to the Budapest Convention.

Thank you.

>> RICHARD LEANING: Thank you. Any comments on that or any -- Tatiana.

>> TATIANA TROPINA: Thank you very much. I actually have a couple -- one question and a couple of interventions. My first question after listening to Alexander from Council of Europe is, European Commission and Council of Europe, are you any how coordinating your efforts? Do you have channels -- I mean, it looks to me like sometimes you are duplicating the efforts and I understand that the Budapest Convention is like much more than European Commission. It's outside of the region. It's really like striving to become a global solution and a golden standard and in a way it is.

So my question to both of you, are you communicating anyhow?

My second, how to say rather intervention, about legal solutions because when I hear about legal solutions, I'm just wondering if European Commission or anyone will propose legal solutions, how they are going to be sustained and who is going to watch implementation?

Because if I think about gathering evidence like, for example, and I look at the EU convention, or you document mutual legal assistance from 2000, for example, Article 18 and 19, there a provision of entire data transfer in the interception which goes to digital investigation and it exists for 16 years already, but there are two countries who might know, who can actually directly transfer data because while these norm wonderfully exists on paper and has been existing for 16 years there's no technical implementation and no standards on this.

So Council of Europe and European Commission, would that matter?

If you propose any legislative changes, you also push for technical implementation of this, where we have next steps or will it just be recommendation?

Thank you very much.

>> RICHARD LEANING: Okay. Catrin, do you want to respond to that?

>> CATRIN BUAER-BULST: Yes, I think these Tatiana, these are extremely relevant points and thank you for raising them.

On the first part about the coordination between the work of Council of Europe and the European Commission. As you know, the European Commission is firmly behind the Budapest Convention and, in fact, most of the funding we dedicated to capacity building is channeled through the Council of Europe and has the aim of ensuring that the Budapest Convention is the global gold standard for cybercrime legislation, and is, if not adopted by all countries at least taken as a model by those who consider that those principles can also apply in their frameworks.

So in practice, what we have done is that we are actively following the work of the cloud evidence group and we have had an observer from our task force participate in the meetings. My colleague is now at the Council of Europe plenary at the Budapest Convention which we attend every time and we have had a representative from the TCY, from the bureau in all of the expert meetings that we held on the discussions on access -- the cross border access to evidence.

And, in fact, the discussion just as by way of historical reference, the discussion on the cross border access to evidence was launched by the Netherlands which at the time also held the chairmanship at the TCY, in the hopes of coming to a solid agreement within the EU could help catalyze progress within the larger group of the Council of Europe Member States by having a solution that's at least regionally agreed, but the second reason for why we are working in parallel within the European Union is that within the European Union, we have closer possibilities for cooperation that don't extend across all the Council of Europe participants by mere virtue of commonly agreed standards, for example, on the protection of victims, on the protection of the rights of the defense and other such issues that have been agreed between all the EU Member States and that allow us an even closer cooperation than is sometimes possible with the states.

So we are hopeful that we can come to coordinated and not necessarily overlapping but complimentary solutions within the EU and the broader context of Europe.

Of course, for any solutions that go beyond the ex U, the ideal basis is lateral and multilateral, we want a framework in the EU and all the partner companies that come together in the framework of the Budapest convention.

And so that's -- in terms of cooperation and the convention, and Tatiana, remind me of your second question. Sorry.

>> TATIANA TROPINA: Yes, the second question, if you advising to make any legislative change of how to ensure that they don't exist on paper only and just look wonderful.

>> CATRIN BUAER-BULST: Oh, yes. So what we are trying to -- I mean, the MLA convention is a convention. And so it's the Member States deciding. If the Member States were to agree to put forward -- for us to put forward legislative proposals, then that would become EU legislation. So it's on a bit of a different level and we are seeing a different level of motivation, especially among the Member States.

As you may know the European investigation orderer was designed on the Member States initiative. And we are seeing a lot more interest from the Member States and having workable solutions. While that may not be of the same relevance to each and every Member States for the largest part we do see an interest in all the Member States in having a solution. And having -- or having existing solutions that function better and as I said before, at the moment, we do see requests from all 28 EU Member States to service providers located abroad and we had pretty much universal complains about the way the current system functions.

And also the comment that Konstantinos Komaitis to have mutually assistance tools, I couldn't agree more. A lot of that comes down to practical measures. People need to understand the requirements of the two legal systems that need to be respected. But also in terms of improving the speed of the Peoria, the US has taken some important measures to make things more efficient so they have created a little task force of their own within the office that deals with mutual legal assistance requests to focus on electronic evidence in particular and to work on improving the speed of response, in particular to those electronic evidence requests because as Konstantinos Komaitis rightly pointed out, the data might just disappear in the meantime, especially if the -- if this was no request made and the US has also got the legislation to enable the Department of Justice officials from that office to basically plead the cases in DC regardless where in the country the electronic evidence is being requested from, which is a change in the previous system.

It enables the person who dealing the case in the office of international affairs to deal with the matter also in front of the judge to my understanding. So I fully agree. There's more to be done to make mutual legal assistance more efficient and we are looking at replacing it for additional measures for situations where the full administrative procedure of mutual legal assistance is not deemed to be necessary by both sides.

>> RICHARD LEANING: Thank you very much, Catrin. The gentleman in the blue.

>> AUDIENCE MEMBER: I have a bit of a technical question. My name is Raul, I'm a student and also practice digital forensic.

I was listening to the eye-opening network address translation issue and I was wondering if technical side, a better solution or option would be looking to net flow or logging of let's say, layer three devices in the networks or whatever equivalent is in the mobile networks where network address translating takes place and enable logging of public IPv4 addresses to whatever private IP addresses are inside those mobile networks.

Also, even though I do not -- I have now no knowledge about specifics about mobile networks, I have seen that in my own SmartPhone, the -- those private and public IP addresses stay the same like if not always for a very long time.

So my second idea or thought would be if it is possible legally to track those users for extended time, it would be also possible to identify.

I don't know why the private IP address stays the same for long time. Is it because a smart phone is never switched off and IP gets renewed all the time for the same IP address. Would either of those two be a little better solution than limiting the -- the amount of -- the number of private IP addresses connected to the network?

Thank you.

>> RICHARD LEANING: Okay. I was hoping someone would answer that.

>> GREGORY MOUNIER: Thank you very much for your question. There are many alternative technical solutions to improve the situations. One of those is the one you just described. We can ask the content providers the platforms to log more information. If all the websites were to log source book numbers, that the TCP/IP, then you would be able to turn back with an IP address, a time stamp and then you can discriminate between the many uses of the same IP addresses. But we're talking about more logging. We are talking about more costs and we are talking about solutions to a problem which is supposed to be temporary.

So I don't want to find a solution which increases the logging, plus is just perpetuating a situation which is bad. We need to find solutions that are providing incentive to the Internet access to switch to modernity and stop using IPv4.

So they are saying we need to use CGN because there's a huge legacy infrastructure that's using v4, some phone available only on v4 and some websites are still only available on v4 and the Internet access providers don't want to take the risk to switch to technology completely and have their customers only able to access some parts of the web that are only v6. So the Belgium solution of voluntarily limiting the number of users behind each IPv4 address is good because ISPs and Internet access providers make the strategic decision which will change their environment, their commercial environment. It's becoming less financially interesting to spend many on CGN boxes provided by Cisco and juniper than on investing in upgrading your software and hardware to allow v6 because you don't make much money out of an IPv4, if you have four people behind rather than 200 customers.

We need to find a market-friendly consumption. An intended consequence of that voluntary agreement established in 2012 is that nowadays Belgium has the highest IPv6 adoption rate in the world. So mechanically, that voluntary agreement has led to a situation where Belgium is leading the trend and it's 49% of v6 native in Belgium. So you can say -- and some providers are saying Belgium is a specific case. It's a small country.

I don't buy this.

There was a voluntary decision made by the government in conjunction with the industry to move on together to a different solution. And I think we should do the same at the European level and we need to put the pressure on the content providers to give their content available to v6 and the Internet access providers to provide IPv6 IP natives. If nobody raised the issue, then they are in their comfort zone. They are used to as a company to spend every year on CGN boxes that grow the network and they buy new technologies and all the applications are working. This is okay.

No, it's not okay. We need to put a little bit of pressure so they feel the heat we give the incentives to move to IPv6.

>> RICHARD LEANING: I think we need to move to remote.

>> KONSTANTINOS KOMAITIS: We released a report that we have identified. Although there's an increase of IPv6, the enterprises are still reluctant and the companies are reluctant to adopt a full suite of IPv6 addresses. The only benefits in actually transitioning to IPv6 and this needs to happen, the sooner the better, because at some point, it will inevitably happen. There are no IPv4 addresses. It's as simple as that.

I know that you are -- you know, you are sort of disagreeing with that, but there is -- there -- the ITF has made a clear point that there's a clear technology, the IPv6 addresses need to be adopted in order to move things forward.

>> CHRISTIAN BORGGREEN: CGN technologies have become so advanced that for some Internet providers -- there's no technical reason for some big Internet access providers to switch to IPv6 at all. The carrier grade NATs there are sitting on a pile of v4 and they are mutualize and everything is working fine. Obviously there's no incentive for many, many providers and I have many arguments why CGN is not good. It's not good tore security. It's not good for privacy and we need to move to v6.

>> RICHARD LEANING: And before we go to the remote, I think the reason that this is an interesting topic regarding evidence is because if we -- if law enforcement or anyone who is trying to attribute an individual to criminal activity can't do it, then they can't get the evidence. That's the -- that's the crux of the issue here.

I think we have got a remote question.

>> AUDIENCE MEMBER: I'm sorry to disappoint. I want to make a point personally. There's no remote interaction going on, but, of course we have a wonderful speaker. I will just get up to speak. My name is Michael Ogia and I do a lot of work in the Internet Governance community. One of the things I had been doing for two years is being involved with the IPv6 Best Practice Forum through Internet Governance Forum. We came up with a lot of really interesting stories from around the world when it comes to IPv6 deployment. I want to follow up and add to what Greg was saying about -- and what you had mentioned about carrier grade NAT. I think it's very much a double edged sword and in terms of having -- started using it from the get-go for many of the reasons that we are using now. It's often become a replacement for IPv6 or something along those lines.

I want to share with you an anecdote that a friend of mine who works for a large German -- I'm sorry, a large German bank. He works it the technology department, and I was asking him once to contribute to this research that we were doing about IPv6. And he said, and I quote, the Internet will be fine without IPv6.

This is a technologist. He's working in a large public institution or private institution. The point is if he thinks that, then I'm really worried about what other people any as well, because this is clearly something that needs to be implemented if we are going to continue function in the future.

My mind is blown, I never thought about the idea of having, for instance, law enforcement agencies or -- and those kinds of stakeholders to advocate for IPv6.

Whenever we are doing so within the technical community, I have never thought about that kind of cooperation, that kind of collaboration, that kind of multistakeholder pushing for it. So I think more we can encourage, that I think the more we would all benefit from IPv6 adoption.

>> RICHARD LEANING: Isn't EuroDIG a wonderful thing?

>> AUDIENCE MEMBER: It exemplifies it.

>> RICHARD LEANING: Getting all the different stakeholders. It's not law enforcement. It's not just law enforcement, law enforcement and governments. They are involved in the bottom up, multistakeholder, for the ITF, ICANN, and the IRR communities. And so they are paying particular interest to this.

Do we have any other questions? Please someone ask a question or else I will pick someone out?


>> AUDIENCE MEMBER: Thank you very much. My name is Gugi. I work at the Council of Europe as well but the Bucharest office which ask managing the projects which the generous funding from the EU when it comes to the eastern aspect.

So it seems that there is less readiness when it comes to the private sector to do the countries outside of the EU. We addressed this issue many times to multinational providers and got refusals to actually come to events that we will prearrange for them, and so this is something to look into, but also the second point very quickly with regard to the mutual legal assistance, because it need not to be very inefficient process because in one of the countries which is Georgia, it's between one to two months which is insanely fast in terms of the legal assistance and talking about nonlegal. If the case is particularly complicated within two months. So there's still the life in that whole concept. You have to implement it properly.

>> RICHARD LEANING: Okay. Thank you very much.

I'm just looking at the time. We have 15 minutes. What I would like to do. I think Nina you may have an intervention and then we will go quickly around the panel to sum up. And then the report in the last two tore three minutes.


>> AUDIENCE MEMBER: A question rather than a comment. But I was wondering from all we heard so far, maybe a question to all of you. Do you believe that the existing mechanisms and the legal frameworks that we have are sufficient or is there really a need for something new? I understand the existing frameworks, for instance, there's problems with admissibility of evidence or some other countries or some countries forbid that the service providers give information to other countries. So my question is: Is this any room for improvement to what exists or is there a need for new legislation.

>> RICHARD LEANING: Okay. So maybe who wants to say that one?

>> CHRISTIAN BORGGREEN: This is related to carrier grade NATs but also in terms of e-evidence and how countries that work together with the very complex environments and, you know, we are actually in Europe, first in class, I think, both what's happens at ex U level but also at Council of Europe. Council of Europe is actually much bigger than Europe, it's more global and involves more countries including outside of the EU membership.

I think it could provide discussions for other countries around the world, where a country says we want that date, so you better store that data in our country or we will find a way to hack our way into that data and we don't care if the company has to break the laws of another country because our country is the one that abides.

So I think what the EU is doing is trying to do what is happening in the Council of Europe. I think to Michael point earlier, IPv6 is just fine. I don't think so. You see, when Cerf, sorry, it's not working. We are running out of IP, the solution is to go as quickly as possible to IPv6. And, you know, so he now works for Google. They have done the transition. I think the bottleneck is with the broadband providers who need to find some temporary solutions but not spend all the time doing that so they have too much time to do very little with the real problem which is the migration.

>> RICHARD LEANING: Anyone else want to comment?

>> AUDIENCE MEMBER: Very briefly in IMlets, in 2016, the future looks very bright. We fell we were really alone and nobody -- and when we were complaining about difficulty to investigate crime online, people would say also the IMlet problem but nobody really cared and now we have a massive initiative from the Council of Europe is which is bearing fruits. And we have initiatives such as the Internet and jurisdiction project. We are moving in the right directions. We have many different alternatives. We need to find a compromise and move forward. That's good.

On carrier grade NAT aspect, I think so far the discuss has been high teched by the technologists and the network operators an and the rest. And from a technological CGN is solving the depletion, the IPv4 depletion. But you condition lead with it. We have to make the argument that CGN is bad for privacy and bad for security and bad for innovation. Maybe you don't know but many apps are breaking behind the CGN. If you have a banking app and you need to put in the IP address for authentication, it will break behind a CGN. So every ISP is using a different type of CGN. You will see ISP, my app doesn't work. Let's do a software solution. It costs money. You pay for it.

Your customers move to a different country, change providers and it breaks again. So from an innovation perspective, it's really bad. Of course, NetFlixs, global, they can come up with solution with most of the ISPs because video streaming is also breaking behind CGN. Skype is also breaking behind CGN. Nobody talks about it. You find technical solutions but that's costly. And if you are a small innovation person with a new app, then you don't have the opinion to find solutions for each of those. I think we need to make the public policy arguments. I'm happy with the voluntary solution but if it doesn't break, we have to of move into regulation.

>> RICHARD LEANING: While we are talking about the different foras. There will be -- this is a proposal to have this type of discussion at the IGF in Geneva in December.

>> KONSTANTINOS KOMAITIS: Just very briefly. Answering directly to your question. I am a little bit skeptical with creating something new. I don't think so that we have actually exhausted the tools that we have in order to be able to address those issues -- those complex issues. Having said that, the issue of jurisdiction, I remember discussing it 20 years ago. And -- but you mentioned they are still discussing and it attends to the challenges that are out there, because, you know, jurisdictional challenges was always the case. Now with the Internet where you have multiple jurisdictions imagine that the level of complexity is increasing. I agree with totally with you, there are cases where the IMlets are working. For me, the way I see them, these are exceptions. But this indicates that the system can provide answers. It's just that we need to update our understanding and our requirements because in particular, when it comes to e-evidence, there are issues that need to be dealt in a very fast manner. And occasionally they get stuck into bureaucracy of the system and there is where -- whereas there is a willingness for cooperation, it doesn't go as far to provide those answers that law enforcement agencies need in order to process the cases.

For IPv6, I think that has made the point that, yes, as far as we are concerned, there's not an option then. The companies need to move and actually they need to lead by example because at this stage, this suite is in place for the past 20 years. I was reading the report we released. It was in place for 20 years and by now we should have had literally almost full adoption to IPv6.

So companies -- and the big companies, because there are costs associated with it need to lead by example, and they need to be able to say that this is -- because we need to deploy IPv6. It is more secure. It is more efficient and it will solve a lot of problems we hear coming from law enforcement other governmental agencies.

>> RICHARD LEANING: Catrin, I don't know if you can see me.


So a couple of minutes, please, just to sum up before we go to Tatiana.

>> CATRIN BUAER-BULST: Right. No. I think the question that Nina posed is actually extremely relevant. To what extent do we need to move to a new system if we have rules that may benefit from improvement?

I think -- I think mutual legal assistance is really here to stay and will remain relevant for a number of situations where it is appropriate. However, countries have decided that they do not want mutual legal assistance requests to them for everything.

A practical example, the US is actively encouraging other countries to use channels beyond mutual legal assistance for data that they consider to be less privacy invasive, subscriber information and traffic data. And the fact of the matter is at the moment while they encourage this use, there is no formalized channel to deal with this -- with the requests that come outside the convention of the mutually legal assistance process and that from the points of view of the criminal procedure in the minds of experts of our process, creates certain challenges, including on the accountability of the actors that participate in the process on the transparency of the process and that's why at least in our expert process, the experts were very much in favor and that's goes for all the stakeholders.

You heard Christian say it. This opinion is shared about the judiciary and the practitioners, by academia, and by civil society that it would be beneficial to come to a reliable legislative solution on these issues. Now, it remains to be seen what the ministers think of this, but what we are seeing already is that a number of countries are developing unilateral solutions and this debate is getting more heated as the different approaches for this topic multiply and that obviously doesn't facilitate things.

I think on the basis of this process, it would be -- at least, on the basis of the expert conclusions, it's difficult to say that we can just move on with the existing system without any legislative notifications. And that's my summary.

>> RICHARD LEANING: Thanks. As you can see, this topic, we could go on for days and days and days and we are only just scratching the surface and we haven't gone into the big encryption debate and many other challenges that governments and law enforcement have in keeping the public safe because all we're talking about is keeping the public safe.

And at the recent events in my Hometown, you can see why that's really important. Can we give everyone a clap for coming here. Well done, people.


And Tatiana.

>> AUDIENCE MEMBER: Thank you very much. I'm trying it to show myself. I wanted to make a remark about mutual legal assistance before wrapping up.

No way? No way?

So as a reporter for this session, I would like to provide a few conclusions as a wrap-up for this discussion. So the first one is practical ad hoc solutions to the digital evidence problem will not solve legal wild west. We need structure solution which can include modifying existing legal standards.

The second conclusion is the possible legal solutions can involve along with changing the legislation, standardization of forms, capacity building and training, establishment of channels for facilitating assistance requests like online portals.

The structured solution while harmonizing procedures in different countries and facilitating requests should respect human rights, have safeguards and be transparent. It is important that all stakeholders stake part in the discussion on the solutions development. And the last one, there is a need for capacity building, not only for law enforcement to process requests and criminal investigations, but also for both law enforcement and intermediaries to create a common understanding how the requests are to be sent and processed in a cross body environment.

>> RICHARD LEANING: Okay. Thank you very much. And by my watch, we are two minutes early. So please thank you very much for coming and attending. These guys will be around for the rest of the day. I will be as well. So please come and speak to us if you want to have a bit more information.

Obviously, it would be hard for Catrin, but I can give you her personal phone number if you want to phone her direct. Unless anyone has anything to say, we can all go for a nice lunch and thank you very much for coming. Thank you.

This text is being provided in a rough draft Format. Communication Access Realtime Translation (CART) or captioning are provided in order to facilitate communication accessibility and may not be a totally verbatim record of the proceedings.