Back to EUR-Lex homepage

EUR-Lex Access to European Union law

Back to EUR-Lex homepage

This document is an excerpt from the EUR-Lex website

Use quotation marks to search for an "exact phrase". Append an asterisk (*) to a search term to find variations of it (transp*, 32019R*). Use a question mark (?) instead of a single character in your search term to find variations of it (ca?e finds case, cane, care).
Search tips
Need more search options? Use the Advanced search
You are here

Summaries of EU Legislation

Electronic evidence in criminal proceedings – production and preservation orders

 

SUMMARY OF:

Regulation (EU) 2023/1543 on European Production and Preservation Orders for electronic evidence in criminal proceedings and for the execution of custodial sentences following criminal proceedings

WHAT IS THE AIM OF THE REGULATION?

It aims to facilitate and speed up access to electronic evidence used to investigate and prosecute criminal offences, regardless of where the data is located.

A judicial authority in one European Union (EU) Member State may require the designated establishment of a service provider, or its appointed legal representatives, in another Member State to:

  • produce electronic evidence, such as subscriber data, internet protocol (IP) addresses needed to identify a user, emails, texts and in-app messages;
  • preserve specified data pending a future request.

KEY POINTS

Electronic evidence (e-Evidence), refers to data stored by or on behalf of a service provider, in an electronic form, that is used to investigate and prosecute criminal offences, including subscriber data, data used for identifying the user, traffic data and content data.

For the purposes of the regulation, a service provider is anyone providing one or more of the following categories of services (except for financial services):

  • electronic communication services, such as:
    • internet access services,
    • interpersonal communications services;
  • internet domain name and IP numbering services, such as IP address assignment, domain name registries, and related privacy and proxy services;
  • other information society services enabling users to communicate with each other, or that store or process data on behalf of the user, such as social networks, online marketplaces and other hosting service providers.

European production order

  • The European production order allows a judicial authority in one Member State to obtain electronic evidence (such as emails, text or messages in apps, along with information to identify a perpetrator as a first step) directly from a service provider, or its legal representative, in another Member State.
  • If the electronic evidence includes content data or traffic data, except for data requested for the sole purpose of identifying the user, a court or judge must issue or review the order, and the judicial authority must notify the competent authority of the Member State in which the designated establishment is located, or the legal representative resides. This authority of another Member State can stop the production of data in specific circumstances, based on four grounds for refusals.

European preservation order

The European preservation order allows a judicial authority in one Member State to request that the designated establishment of a service provider, or its legal representative, in another Member State, preserve specified data prior to a subsequent request to produce the data.

European production and preservation order certificates

European production or preservation orders are transmitted through a European Production Order Certificate (EPOC) or a European Preservation Order Certificate (EPOC-PR).

Additional points

  • When an EPOC is received, the requested data must be transmitted directly to the issuing authority or the law enforcement authorities within 10 days, or in cases of emergency within 8 hours. In cases where a notification is required, the enforcing authority has 96 hours to raise a ground for refusal.
  • When an EPOC-PR is received, the data requested must be preserved without delay for a period of 60 days (which can be extended for another 30 days by the issuing authority), unless there has been a subsequent request for the data to be produced. If preserving the data is no longer necessary, the issuing authority must inform the addressee without delay.
  • The issuing authority has 5 days to provide clarification or correction when the addressee cannot comply with the order because it is incomplete or contains manifest errors.
  • The addressee must contact the issuing authority without undue delay if they cannot comply because of factors beyond their control, notably where the person whose data is requested is not their customer, or the data has been deleted before receiving the order.
  • The issuing authority must inform the person whose data is being requested without undue delay.
  • Service providers must ensure the confidentiality, secrecy and integrity of the EPOC or the EPOC-PR and of the data produced or preserved.

Penalties

  • Member States must ensure that pecuniary penalties of up to 2% of the service provider’s total worldwide annual turnover can be imposed.
  • Service providers are not held liable in Member States for any prejudice to their users or third parties exclusively resulting from compliance with an EPOC or an EPOC-PR in good faith.

Remedies

Individuals subject to a European production order have the right to:

  • information,
  • effective remedies, including during criminal proceedings.

Decentralised IT system

Written communication between authorities and designated establishments or legal representatives of service providers under this regulation must be carried out through a secure and reliable decentralised IT system.

FROM WHEN DOES THE REGULATION APPLY?

The regulation applies from 18 August 2026.

BACKGROUND

The regulation is part of a package that includes a directive on the designation of establishments and appointment of legal representatives of service providers for the purpose of gathering evidence in criminal proceedings (see summary).

For further information, see:

MAIN DOCUMENT

Regulation (EU) 2023/1543 of the European Parliament and of the Council of 12 July 2023 on European Production Orders and European Preservation Orders for electronic evidence in criminal proceedings and for the execution of custodial sentences following criminal proceedings (OJ L 191, 28.7.2023, pp. 118–180).

RELATED DOCUMENTS

Directive (EU) 2023/1544 of the European Parliament and of the Council of 12 July 2023 laying down harmonised rules on the designation of designated establishments and the appointment of legal representatives for the purpose of gathering electronic evidence in criminal proceedings (OJ L 191, 28.7.2023, pp. 181–190).

Council Decision (EU) 2023/436 of 14 February 2023 authorising Member States to ratify, in the interest of the European Union, the Second Additional Protocol to the Convention on Cybercrime on enhanced cooperation and disclosure of electronic evidence (OJ L 63, 28.2.2023, pp. 48–53).

Council Decision (EU) 2022/722 of 5 April 2022 authorising Member States to sign, in the interest of the European Union, the Second Additional Protocol to the Convention on Cybercrime on enhanced co-operation and disclosure of electronic evidence (OJ L 134, 11.5.2022, pp. 15–20).

Regulation (EU) 2018/1727 of the European Parliament and of the Council of 14 November 2018 on the European Union Agency for Criminal Justice Cooperation (Eurojust), and replacing and repealing Council Decision 2002/187/JHA (OJ L 295, 21.11.2018, pp. 138–183).

Successive amendments to Regulation (EU) 2018/1727 have been incorporated into the original text. This consolidated version is of documentary value only.

Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA (OJ L 135, 24.5.2016, pp. 53–114).

See consolidated version.

Consolidated version of the Treaty on the Functioning of the European Union – Part Three – Union policies and internal actions – Title V – Area of freedom, security and justice – Chapter 4 – Judicial cooperation in criminal matters – Article 82 (ex Article 31 TEU) (OJ C 202, 7.6.2016, pp. 79–80).

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, pp. 1–88).

See consolidated version.

Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA (OJ L 119, 4.5.2016, pp. 89–131).

See consolidated version.

Directive 2014/41/EU of the European Parliament and of the Council of 3 April 2014 regarding the European Investigation Order in criminal matters (OJ L 130, 1.5.2014, pp. 1–36).

See consolidated version.

Council Framework Decision 2002/465/JHA of 13 June 2002 on joint investigation teams (OJ L 162, 20.6.2002, pp. 1–3).

See consolidated version.

Council Act of 29 May 2000 establishing in accordance with Article 34 of the Treaty on European Union the Convention on Mutual Assistance in Criminal Matters between the Member States of the European Union (OJ C 197, 12.7.2000, pp. 1–2).

Recommendation for a Council Decision authorising the opening of negotiations in view of an agreement between the European Union and the United States of America on cross-border access to electronic evidence for judicial cooperation in criminal matters ((2019) 70 final).

last update 30.05.2023

Top