Encrochat: The hacker with a warrant and fair trials?

Abstract

This paper introduces the Encrochat operation as an example of the technological, cross-border, and cross-disciplinary complexity of one contemporary digital investigation. The use of encryption for large-scale criminal activity and organized crime requires law enforcement to act pro-actively to secure evidence, to rely on cross-border evidence exchange, and to use more efficient digital forensic techniques for decryption, data acquisition, and analysis of volumized evidence.The Encrochat investigation also poses the question whether the traditional fair trial principle can still ensure minimum state intrusion and upholding of legitimacy in the new ubiquitous investigation process, where digital forensics methods and tools for hacking and data acquisition are used to identify and arrest thousands of suspects and collect evidence in real-time during criminal activity. The operation is examined through the lens of the right to a fair trial, as codified in Art. 6 ECHR, in order to exemplify three challenging aspects. Firstly, in cross-border investigations there are no binding digital forensics standards in criminal proceedings or forensic reports exchange policy which demands reliability and compliance with Art. 6 ECHR-based evidence rules. Secondly, the defense's stand is not sufficiently addressed in current digital evidence legislation or mutual trust-based instruments at the EU level. Finally, the judicial process lacks scalable procedures to scrutinize digital evidence processing and reliability and is exposed to technology dependences. The identified gaps and their practical impact require a novel approach to digital evidence governance.