The Article 29 Data Protection Working Party (Working Party) sent a letter to the Council of Europe discussing its first assessment of several cybercrime scenarios presented at the 2014 Cybercrime@Octopus conference (Conference). The scenarios that sought to create “discussion on the consequences of data protection legislation and principles when obtaining such data in a criminal investigation” include such situations as cyberstalkers, investigations into fraudulent activity, and missing persons.

In the letter, the Working Party highlights how many delegations during the Conference mentioned that “mutual legal assistance procedures in practice do not always function in a satisfactory way”, and offers to improve or insert data protection clauses in mutual legal assistance agreements to ensure compliance with data protection safeguards.

The Working Party emphasised the need to comply with the eight data protection principles for transfers of data outside the EEA. The letter sent by the Working Party to the Council of Europe provides a useful assessment of various cybercrime scenarios in relation to transborder access to personal data.