EuroISPA Letter to the European Commission on e-Evidence

/in ,

In this letter to the European Commission, EuroISPA shares some key concerns, open questions and requests for clarification on the implementation of the e-Evidence Regulation and Directive, in anticipation of the upcoming implementing acts and the operationalisation of the decentralised IT system.

  • Clarify legal scope and applicability: EuroISPA calls for clear guidance on how the Regulation and Directive apply to service providers operating only within one Member State, especially to ensure legal certainty for smaller companies.
  • Ensure technical security and process integrity: Mandatory end-to-end encryption (E2EE), verified authentication of issuing authorities and provider-specific input fields are essential to safeguard data and streamline operations.
  • Define realistic implementation timelines: EuroISPA stresses the need for a clear roadmap, adequate lead times and technical support to avoid delays and operational disruptions during the transition to the decentralised IT system.
  • Provide fair and transparent cost reimbursement: The framework should cover both initial and ongoing compliance costs, with harmonised, accessible mechanisms for service providers to recover expenses and enforce payment.
  • Anticipate and manage request volumes: The Commission should publish request volume forecasts and engage continuously with ISPs to prepare for potential surges in legal data access requests.
  • Uphold fundamental rights: Strong safeguards, data minimisation, procedural clarity and full transparency must be upheld throughout implementation, especially to prevent over-reliance on emergency measures.

Read the full letter to the European Commission here.

Contact details

EuroISPA

38, Rue de la Loi
1000 Brussels

+32 2 789 6618

[email protected]

General contact information | Privacy policy

EuroISPA Contribution to the Cybersecurity Act Review