Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore the resurgence of data retention policies and cross-border data access mechanisms in this 40-minute conference talk from the 39th Chaos Communication Congress. Examine the renewed push for data retention implementation across the EU and Germany, despite previous legal challenges and discontinuation in many jurisdictions. Learn about the parallel development of cross-border access to stored data through EU "e-evidence" legislation and its planned extension to over 90 countries under the EU cybercrime convention. Understand how these initiatives work in tandem, as data access fundamentally depends on data availability. Analyze recent developments including harmonized "minimum" approaches to data retention under Polish and Danish EU presidencies, new German legislation under consideration, and implementations in Belgium and Denmark. Discover how law enforcement access to stored data has been revolutionized through new legislation that undermines existing national safeguards and business-implemented cybersecurity protections. Investigate the practical mechanics of cross-border information requests, including which data types can be requested by whom and who maintains responsibility for remaining safeguards. Examine the threat model and potential "side channel" attacks that could enable cybercriminals to access virtually all data stored by service providers. Gain insights into upcoming international release mechanisms under e-evidence legislation, the 2nd protocol to the EU cybercrime convention, and future threats from the UN cybercrime convention.
