On the lawfulness of the EncroChat and Sky ECC-operations
| Published date | 01 September 2023 |
| DOI | http://doi.org/10.1177/20322844231159576 |
| Author | Georgios Sagittae |
| Date | 01 September 2023 |
| Subject Matter | Analysis & Opinion |
Analysis & Opinion
New Journal of European Criminal Law
2023, Vol. 14(3) 273–293
© The Author(s) 2023
Article reuse guidelines:
sagepub.com/journals-permissions
DOI: 10.1177/20322844231159576
journals.sagepub.com/home/nje
On the lawfulness of the
EncroChat and Sky
ECC-operations
Georgios Sagittae
Abstract
Over the last years, cryptodatacommunications have become an important piece of evidence in
criminal procedures all across the European continent. Especially due to the EncroChat- and Sky-
operations, prosecution authorities were able to arrest and charge a large number of suspected
criminals that probably would have remained unnoticed without the data acquired. As a result, the
legality of the use of EncroChat- and Sky-data is increasingly being disputed in multiple courtrooms
in various European countries. This article will therefore dive into European case law relevant in this
respect and will on that basis discuss the lawfulness of both operations.
Keywords
EncroChat, Sky ECC, cryptodatacommunication, principle of mutual trust, retention of data, overall
fairness, presumption of innocence
Introduction
In July 2020, the French and Dutch authorities in a joint statement at Eurojust disclosed that the
France-based EncroChat-servers had successfully been dismantled.
1
Prior to that, the French
authorities had succeeded in intercepting live EncroChat-data. By doing so, the French authorities
had been able to obtain more than 100 million messages that were deemed to be encrypted by
EncroChat and its users. Less than a year later, the French, Belgian and Dutch authorities fur-
thermore disclosed that another platform for encrypted communication, Sky ECC, had also been
successfully infiltrated and, sometime later, taken down. It is generally estimated that Dutch na-
tionals formed the largest group of users of these platforms. Both operations turned out to be
a goldmine for Dutch prosecution authorities. According to several Dutch courts, the comm uni-
cation conducted related to criminal offences only
2
or almost exclusively.
3
Earlier, the dismantling
of the Ennetcom- and PGPSafe-servers had also proven to be of high value in combatting organised
1. This article is written by an individual working in the Dutch criminal justice system. Due to safety concerns, the author of
this article uses a pseudonym.
2. E.g. District Court of North Holland 4 May 2022, ECLI:NL:RBNHO:2022:3833.
3. E.g. District Court of Rotterdam 11 April 2022, ECLI:NL:RBROT:2022:2674.
crime. As a result, legal issues concerning cryptodatacommunication (hereinafter: cryptodata) have
dominated Dutch case law over the past years. So far all Dutch courts have nevertheless upheld the
lawfulness of all operations and unanimously admitted cryptodata in evidence in Dutch criminal
proceedings.
Most of the legal issues raised concerned European law. The defence in particular focused on
articles 6 and 8 of the Convention and ECtHR case law about bulk interception of communications.
As it is likely that courts in various other European countries are confronted with or later will be
confronted with similar legal issues, an insight into the relevant Dutch case law and its interpretation
of ECHR- and EU-law could provide for a useful guidance. This becomes even less superfluous
since the first EncroChat related case applications have meanwhile been received by the ECtHR.
4
Consequently, the ECtHR has raised several questions pertaining to EncroChat that have been
comprehensively addressed already in Dutch criminal proceedings. Of course, the prevalence of
European court rulings over Dutch case law is not up for debate. In that mere sense an overview of
Dutch case law might seem irrelevant. However, an analysis of judgments that frequently refer to
ECtHR and CJEU-case law, is not. This article will examine whether ECHR- and EU-law was
rightly applied by Dutch courts and if so, how that might assist other European courts in cryptodata
cases. This will foster the debate on cryptodata, as it is still relatively uncharted territory. As it is
highly likely that Dutch cryptodata case applications will sooner or later also be lodged with the
ECtHR, this article will also entail a look into the future.
Over the last couple of months, the judicial debate around cryptodata has intensified in courts of law
all across Europe. As the stakes are high, the defence constantly seems to seek new methods and
arguments to dispute the admission of, in particular, EncroChat-data in evidence. This resulted in an
unprecedented unification of several lawyers from seven European countries. In February 2022, an
‘open letter of concern’was sent to the EU’s main governing bodies by those lawyers, citing concern
about a lack of transparency and the absence of a fair trial. Among other things, a moratorium on
EncroChat-prosecutions and an inquiry committee pursuant to Article 226 of the Treaty on the
Functioning of the EU were therefore demanded.
5
In my opinion, the basis for this kind of far-reaching
proposals ought to be thoroughly tested before being taken in serious consideration.Since the arguments
as set out in the letter of concern do not de facto differ from the defence in Dutch EncroChat-cases, this
article will also include a first impetus towards a much needed elaborate discuss ion of that letter.
This article is structured as follows. First a brief overview of the factual circumstances of the
cryptodata operations relevant for this article will be given. After that, it is examined whether there
has been an interference with a right protected by Article 8 and, if so, whether that interference was
justified. The essential question whether the interception of EncroChat- and Sky-data did constitute
the bulk interception of data will be discussed in that context as well as the importance of the
principle of mutual trust. I will then shortly address the (ir)relevance of the part of EU-law that is
frequently referred to by the Dutch defence in these cases. Finally, the overall fairness of Dutch
EncroChat- and Sky-procedures will be assessed on the basis of ECtHR case law.
4. A.L. v. France (app no. 44715/20) and E.J. v. France (app no. 47930/21).
5. ‘Open Letter of Concern’(Fair Trials, 18 February 2022) https://www.fairtrials.org/app/uploads/2022/02/EnroChat_
LetterofConcern.pdf. last accessed on 3 August 2022.
274 New Journal of European Criminal Law 14(3)
To continue reading
Request your trial