Today, the seizure and search of electronic data stored on ISP/CP servers is no longer considered as a specific type of investigative measure and is typically performed in the early stages of an investigation, like accessing data stored on the personal storage devices. In the former case, it violates the principle of fair trial and proportionality that the right to participate, which is an effective control over excessive information collection by the Supreme Court of Korea, can be excluded from the outset by the investigating authority not by an objective and independent third party. In text, the Constitutional Court of Korea is in a position that this defect of procedural guarantee can be sufficiently compensated through protesting against the exclusion of illegally obtained evidence or filing an appeal. However, it is questionable whether this is justifiable considering the extensive seizure and search, the objections after indictment-related dispositions, and the trial procedures that have already been initiated. Meanwhile, the seizure and search of third-party archive data and the notification of the accused, i.e. the individuals affected by the data, have been disputed over the past ten years, also in Germany, along with discussions on the openness/confidentiality of measures. Especially in the area of security crime, the general provisions of the seizure and search of StPO should be considered as directory provisions for effective investigation. And this violation is neither illegal nor revoked. Therefore, the investigative agencies argued that they could confidentially execute the seizure and search based on this court order under the general regulations. However, the BGH and the BVerfG clearly rejected this opinion. The BVerfG explained as follows: If the seizure and search of electronic data stored on the ISP/CP’s server is carried out openly, it may be based on the general regulations, just like the seizure and search of the data stored in the personal storage devices, while if such an action is carried out confidentially, it should be accompanied by enhanced procedural control. In 2021, the German parliament made § 95a StPO, a legal basis for allowing searches and seizures under the general regulations to be carried out confidentially, which means without knowing the person affected by the data, i.e. the suspect. The rule allows deferral of notification at the same level as ensuring Procedures in Telecommunications Surveillance. In today's information technology conditions, there is no reason to treat the data differently whether it is stored on a server or on a personal data storage device when investigative agencies access electronic data. Therefore, in both cases, the procedural guarantee to protect fundamental rights and their exclusion should be permissible under the same requirements according to the rule of law and the principle of proportionality. It must be taken into account here that secret coercive measures need to be tapped into strengthened procedural controls as they are more invasive than open coercive measures.
Read full abstract