The increasing reliance of societies on ICT is accompanied by increasing offences against and by means of computer systems. Cybercrime violates the rights of individuals and, therefore, governments have the positive obligation to protect society against crime, among other things, through effective law enforcement.

A primary goal of law enforcement is to secure evidence. In relation to cybercrime but also many other types of crime, this takes the form of electronic evidence. Electronic evidence is volatile and may be stored in multiple or unknown jurisdictions. While the primary means to secure electronic evidence stored in another State is mutual legal assistance, unilateral access to data may also be necessary in certain situations.

The Budapest Convention on Cybercrime – through Article 32 – allows for transborder access to data in very limited circumstances.

In order to address the issues raised by transborder access to data, the Cybercrime Convention Committee (T-CY) decided to establish an ad-hoc sub-group on jurisdiction and transborder access to data and data flows” (“Transborder Group”) tasked to develop an instrument – such as an amendment to the Convention, a Protocol or Recommendation – to further regulate the transborder access to data and data flows, as well as the use of transborder investigative measures on the Internet and related issues, and to present a report containing its findings to the Committee.

In December 2014, the T-CY, at its 12th Plenary, decided:

to adopt the report on Options for further action by the T-CY

to set up a working group on criminal justice access to evidence stored in the cloud, including through mutual legal assistance (“Cloud evidence group”):

  • the main task of the Cloud evidence group is to explore solutions on criminal justice access to evidence stored on servers in the cloud and in foreign jurisdictions, including through mutual legal assistance.

 In 2014

Following the public hearing held on 3 June 2013, the report of the Transborder Group for 2013 and the decision of the 10th Plenary of the Cybercrime Convention Committee (T-CY), the dialogue with relevant stakeholders continued in 2014.

A conference on Article 15 safeguards and criminal justice access to data was held on 19-20 June 2014, in Strasbourg.

The aim of the conference was to identify solutions allowing law enforcement to obtain electronic evidence not only in an effective manner but also in a manner consistent with rule of law and data protection requirements.

The conference was part of a dialogue of the T-CY with other multiple stakeholders on the question of transborder access to data. It brings together some 100 cybercrime experts as well as data protection authorities, civil society, industry and academia.

triangle12th T-CY Plenary (2-4 December 2014, Strasbourg)
 T-CY 13 (Plenary 15-16 June 2015, Strasbourg)

  Guidance Note on Transborder Access (adopted)
Draft elements of an Additional Protocol to the Budapest Convention
Transborder report
Transborder Group final report for 2013
Transborder access to
data and jurisdiction: Options for further action by the T-CY




The Convention
The Convention in other languages
The Explanatory Report
The Protocol on Xenophobia and Racism (ETS 189)
The Protocol in other languages