Digital evidence has become the backbone of modern criminal investigations. From cybercrime and ransomware to fraud, child exploitation, and organized crime, nearly every investigation now relies on electronic evidence, much of it stored by technology companies. Yet despite its importance, law enforcement agencies continue to face significant barriers in locating, obtaining, and using that evidence efficiently.

Today, the Center for Cybersecurity Policy is releasing a new report, Digital Evidence in Europe: Persistent Challenges, Practical Solutions, that focuses on how these challenges play out in Europe. The report’s findings center around both the transformative opportunity — and challenges ahead — presented by the European Union's upcoming e-Evidence framework, which goes into effect in just a few weeks, on August 18, 2026.

Challenges and Approach

The report builds on the methodology used in a separate 2018 study on law enforcement access to data in the United States. Nearly a decade later, we applied that approach to the European Union, at a pivotal moment: the eve of implementation of the EU’s e-Evidence package.

We engaged with key EU policymakers; convened in-person roundtables with police, prosecutors, and officials from ministries of justice and interior in the Netherlands and Sweden; and held discussions with private sector stakeholders, civil society organizations, and academic experts. These conversations were supplemented by a survey of law enforcement officials, mostly at the managerial level, from seven European countries.

Some key findings from the survey — also supported by qualitative interviews:

• Locating relevant data sources and obtaining data once identified ranked as the two greatest hurdles in the survey of law enforcement officials.
• More than 85% of survey respondents indicated that they need digital evidence controlled by entities in other countries in almost all or some of their cases.
• Approximately 60% of cross-border requests involve other EU Member States and 25% involve the United States, according to survey respondents.
• More than one-third of respondents indicated that they did not feel adequately trained to confidently handle digital evidence.

Qualitative discussions similarly focused on the challenges in locating and obtaining data sources, along with the challenges with accessing data across borders and the need for increased training.

The Promise of the e-Evidence Package

These findings point to the importance — and promise — of the forthcoming implementation of the EU’s e-Evidence package. Under these new rules, which enter effect on August 18, 2026, law enforcement authorities in one EU Member State can issue preservation and production order certificates directly to a private-sector service provider located in another EU country, without having to go through the relevant country’s government officials. The new rules also require service providers that “offer services” in the EU to appoint a legal representative to receive and respond to such orders, even if they are not physically located in the EU. This marks a significant shift in the way European law enforcement can access digital evidence.

The new rules set very short deadlines for responses — 10 days for an initial response in most cases and eight hours for emergency responses. The new rules also set procedural and substantive requirements that requesting Member States must meet for all requests, including requests for subscriber information -- such as a user’s name and IP address. The reach of the new approach also is notably broad. U.S.-based service providers and other global companies that “offer services” to EU residents are subject to the same timelines and the same standards as EU-headquartered service providers.

Key Hurdles to Effective Implementation

If implemented successfully, the framework has the potential to standardize and strengthen the process by which European law enforcement officials access data held by third parties across their borders. But effective implementation is not automatic. To the contrary, it will require concerted, coordinated effort.

The report identifies some of the key challenges that require immediate attention:

• Technology and cybersecurity - The e-Evidence framework depends on the development of an entirely new decentralized IT system. The system is not yet operational across the EU. As with any new system, there will almost inevitably be cybersecurity and other technical challenges that need to be prioritized—to ensure the security of the data, the privacy of those involved, and the integrity of the system.
• National implementation - Each Member State was required to transpose the e-Evidence Directive into national law by mid-February. Fewer than a quarter of Member States have done so. Member States should prioritize enactment of national legislation. This is critical to ensure that the new system is on solid legal footing and fully enables the issuance and receipt of cross-border requests for data.
• Training and operational readiness - Law enforcement and judicial authorities across the EU, as well as service providers that offer services in the EU, will need to understand and apply entirely new standards, procedures, and systems. This is a significant undertaking that requires investment in training and centralized support systems.
• Ongoing conflict-of-law concerns - Given its broad reach, some providers will be subject to e-Evidence rules that compel production of data and competing U.S. rules that restrict disclosures of content to foreign entities. To address this potential conflict, the report urges European and U.S. officials to restart negotiations on a U.S.-EU CLOUD Act Agreement and clarify the respective obligations of those subject to both EU and U.S. law.

Looking Ahead

The e-Evidence package represents one of the most significant reforms to cross-border criminal investigations in Europe in decades. But its entry into force is just the beginning.

Its long-term success will depend on coordinated implementation, investment in secure technology, practical training, effective public-private partnerships, and continued investment in broader international cooperation. The coming months present a unique opportunity to do so—and modernize digital investigations in a way that improves efficiency while also preserving privacy, security, and the rule of law.

‍