Explanatory Memorandum to COM(2018)226 - Harmonised rules on the appointment of legal representatives for the purpose of gathering evidence in criminal proceedings

Please note

This page contains a limited version of this dossier in the EU Monitor.

dossier COM(2018)226 - Harmonised rules on the appointment of legal representatives for the purpose of gathering evidence in criminal proceedings.
source COM(2018)226 EN
date 17-04-2018


1. CONTEXTOFTHEPROPOSAL

Reasons for and objectives of the proposal

Online service providers such as electronic communications services or social networks, online marketplaces and other hosting service providers are important drivers of innovation and growth in the digital economy. They facilitate an unprecedented access to information and make it easier for individuals to communicate with one another. These services connect hundreds of millions of users and provide innovative services to individuals and businesses. They generate significant benefits for the digital single market and the economic and social wellbeing of users across the Union and beyond. The growing importance and presence of the internet and of communication and information society services in our daily lives and societies are reflected in the exponential growth of usage. However, these services can also be misused as tools to commit or facilitate crimes, including serious crimes such as terrorist attacks. When that happens, these services and applications (‘apps’) often are the only place where investigators can find leads to determine who committed a crime and to obtain evidence which can be used in court.

Given the borderless nature of the internet, such services can in principle be provided from anywhere in the world and do not necessarily require a physical infrastructure, corporate presence or staff in Member States where the services are offered or in the internal market as a whole. The cross-border offering of such services is encouraged and supported within the EU in particular by the freedom to provide services.

Service providers active in the internal market can be divided into three main categories: (1) service providers headquartered in a Member State offering services in the territory of only that Member State; (2) service providers headquartered in a Member State offering services in several Member States; and (3) service providers headquartered outside the EU offering services in one or several EU Member States, with or without an establishment in one or more of these Member States.

In the absence of a general requirement for service providers to ensure a physical presence within the territory of the Union, Member States have taken steps at national level to ensure compliance with national legal obligations that they consider to be essential and in line with Art. 3 i of Directive 2000/31/EC on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market1 (e-Commerce Directive). Such steps include requiring access to evidence or other types of information when requested by judicial authorities in criminal matters. These national approaches vary widely across Member States and include measures ranging from expanded enforcement jurisdiction2 to the obligation to designate a legal representative on the relevant Member State’s territory for certain service providers offering services within that territory. For example, Germany has recently passed the ‘Network Enforcement Act’3, obliging providers of social networks4 to designate a person

2.

Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal


aspects of information society services, in particular electronic commerce, in the Internal Market (OJ L

178, 17.7.2000, p.

1).

The term ‘enforcement jurisdiction’ refers to the competence of the relevant authorities to undertake an

investigative measure.

www.bmjv.de/DE/Themen/FokusThemen/NetzDG">www.bmjv.de/DE/Themen/FokusThemen/NetzDG.

The Act applies ‘to telemedia service providers which, for profit-making purposes, operate internet

3.

platforms which are designed to enable users to share any content with other users or to make such


2

4.

in Germany authorised to receive law enforcement requests. The law imposes sanctions of up


to EUR 500 000 for failure to name a representative or to respond to requests for information

when acting as the person authorised to receive service. Discussions on similar measures are under way in Italy5. Other Member States, such as Belgium, do not require local representation but instead seek to enforce national obligations directly against providers based abroad through domestic proceedings .

Member States also apply a number of different connecting factors to assert ju ri sd icti on over a service provider, such as its main seat, the place where services are offered, the location of the data or a combination of factors. In addition, there are disparate cooperation mechanisms and informal agreements between the authorities of some Member States and some service providers. Some of the larger service providers estimated, for the purposes of the impact assessment, that their annual costs of compliance with national legal obligations are in the high seven digits. The cost of complying with diverging national requirements, while presumably proportionate to market presence, can prove prohibitive to smaller service provi ders.

When it comes to the enforceability of requests sent in the context of such arrangements, there are differences between Member States as to whether service providers are under an obligation to cooperate or not. The sanctions and enforcement in case of non-compliance are also fragmented. Even in cases where the service provider complies with the order imposing the sanction, it is still difficult to enforce the original order to provide the data.

Member States have highlighted these challenges as key issues to be tackled joi ntly on several occasions:

On 22 March 2016, a joint statement of Ministers of Justice and Home Affairs and representatives of the EU institutions on the terrorist attacks in Brussels , stressed the need, as a matter of priority, to find ways to secure and obtain electronic evidence more quickly and effectively by intensifying cooperation with third countries and with service providers that are active on European territory, in order to enhance

compliance with EU and Member States’ legislation.

In Council Conclusions adopted on 9 June 20168, the Member States reiterated their determination to act to uphold the rule of law in cyberspace and called on the Commission to develop a common EU approach on improving criminal justice in cyberspace as a matter of priority.

A two-fold legislative approach is necessary to address these challenges. This proposal lays down rules on the legal representation in the Union of certain service providers for the purposes of gathering evidence in criminal proceedings. In addition, an instrument adopted on the basis of Article 82(1) TFEU, is needed to provide for the direct serving of orders on the service provider in cross-border situations. Thus, the foregoing challenges are dealt with

content available to the public (social networks)(...) The same shall apply to platforms which are designed to enable individual communication or the dissemination of specific content.’ www.publicpolicy.it/wp-content/uploads/2016/03">www.publicpolicy.it/wp-content/uploads/2016/03.

Court of Appeals of Antwerp, judgment of 15 November 2017,

www.lesoir.be/124825/article/2017-11-17">www.lesoir.be/124825/article/2017-11-17.

Joint statement of EU Ministers for Justice and Home Affairs and representatives of EU institutions on the terrorist attacks in Brussels on 22 March 2016. Conclusions of the Council of the European Union on improving criminal justice in cyberspace,

ST9579/16.

5

6

8

through a combination of these two proposals. But it is important to keep in mind that this proposal clearly and foremost aims to identify the addressee of the orders of Member States’ authorities to obtain evidence in criminal matters held by service providers. Therefore, this proposal aims to remove some of the obstacles to addressing the service providers by offering a common, EU-wide solution for addressing legal orders to service providers by way of a legal representative. This removes the need for individualised and uncoordinated national approaches and provides legal certainty at EU level. To that end, this proposal sets obligations for the Member States to ensure that service providers designate empowered legal representatives legally responsible for complying with judicial orders and decisions on behalf of these service providers.

In addition, a harmonised approach creates a level playing field for all companies offering the same type of services in the EU, regardless of where they are established or act from, while respecting the country of origin principle set out in Art. 3 of the e-Commerce Directive. That principle applies only to providers of information society services which are established in the EU and is moreover subject to a number of exceptions and possible exemptions. Harmonised rules at EU level are not only necessary to eliminate obstacles to the provision of services and to ensure a better functioning of the internal market but also to ensure a more coherent approach to criminal law in the Union. A level playing field is also necessary for other fundamental premises for the good functioning of the internal market, such as the protection of fundamental rights of citizens and the respect of sovereignty and public authority when it comes to the effective implementation and enforcement of national and European legislation.

Consistency with existing EU legal

framework in the policy area

The obligation to designate a legal representative for service providers not established in the EU but offering services in the EU already exists in certain acts of EU law applicable in particular fields. This is the case, for instance, in the General Data Protection Regulation (EU) 2016/679 (Article 27)9 and in Directive (EU) 2016/1148 concerning measures for a high common level of security of network and information systems across the Union (Article 18)10. The Commission proposal for an ePrivacy Regulation also contains such an obligation (Article 3)11.

As noted above, this proposal is consistent with the e-Commerce Directive and in particular with the country of origin principle laid down in the Directive’s Article 3. It leaves the provisions of that Directive, including the requirements on providing information pursuant to Article 5, unaffected.

Summary of the proposed Directive (how it improves current framework)

There are currently varying approaches across Member States when it comes to obligations imposed on service providers, especially in criminal proceedings. Fragmentation has appeared in particular in electronic evidence, as certain service providers store information that can be relevant for the investigation and prosecution of criminal offences. This fragmentation creates

9

10

5.

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the


protection of natural persons with regard to the processing of personal data and on the free movement of

such data, and repealing Directive 95/46/EC (OJ L 119, 4.5.2016, p.

1).

6.

Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning


measures for a high common level of security of network and information systems across the Union (OJ

L 194, 19.7.2016, p.

1).

7.

Proposal for a Regulation of the European Parliament and of the Council concerning the respect for


private life and the protection of personal data in electronic communications and repealing Directive

2002/58/EC (Regulation on Privacy and Electronic Communications), COM(2017) 10 final.


11

legal uncertainty for those involved and can put service providers under different and sometimes conflicting obligations and sanctioning regimes in that regard, depending on whether they provide their services nationally, cross-border within the Union or from outside the Union. To reduce obstacles to the freedom to provide services, this Directive makes it mandatory for service providers to designate a legal representative in the Union to receive, comply with and enforce decisions aimed at gathering evidence by competent national authorities in criminal proceedings. The ensuing reduction of obstacles would ensure a better functioning of the internal market in a way which is coherent with the development of a common area of freedom, security and justice.

The obligation of designating a legal representative for all service providers that are operating in the Union would ensure that there is always a clear addressee of orders aiming at gathering evidence in criminal proceedings. This would in turn make it easier for service providers to comply with those orders, as the legal representative would be responsible for receiving, complying with and enforcing those orders on behalf of the service provider.

2. LEGALBASIS, SUBSIDIARITYAND PROPORTIONALITY

Legal basis

The legal basis to support action in the field is found in Articles 53 and 62 of the Treaty on the Functioning of the European Union, which provide for the adoption of measures to coordinate the provisions laid down by law, regulation or administrative action in Member States on establishing and providing services.

In the present case, an obligation to appoint a legal representative in the Union would help in particular to eliminate obstacles to the freedom to provide services enshrined in Article 56 Treaty on the Functioning of the European Union, as outlined above.

Choice

of the instrument

Under Articles 53 and 62 of the Treaty on the Functioning of the European Union, the Commission can propose directives and non-binding instruments such as recommendations. Given the need to provide legal certainty and remove obstacles to the free provision of services, which cannot be achieved by adopting a non-binding instrument, the form of a directive was chosen.

Subsidiarity

This proposal covers service providers offering services in the EU, regardless of their place of establishment, which may be in the EU or outside the EU. In the absence of a common EU approach, uncoordinated national solutions related to the receipt of, compliance with or the enforcement of decisions for gathering evidence in criminal proceedings are liable to lead to fragmentation, creating a patchwork of diverse and possibly conflicting national obligations for service providers active in several markets. This hampers the provision of services across the EU. Given the diversity of legal approaches and the large range of stakeholders, Union-level legislation is the most appropriate means to address the identified problems.

Proportionality

The proposal seeks to put forward a harmonised approach to remove existing and emerging obstacles to the provision of services as regards the issue of the receipt of, compliance with or the enforcement of decisions for gathering evidence in criminal proceedings. The chosen approach is considered proportionate to the burden imposed. In view of the increasing


importance and presence of the internet and information society services, there are a number of possible options to address the current obstacles. Of these options, as discussed in more detail in the Impact Assessment12 accompanying the legislative proposal, the mandatory appointment of a legal representative for certain service providers active in the EU achieves the objective of providing an effective mechanism to allow legal orders to be served without imposing an undue burden on service providers.

The obligation to designate a legal representative represents a higher burden for companies not established in the EU, as they could not rely on an existing corporate presence in the EU. On the other hand, this legal representative could be a third party, which could be shared between several service providers, in particular small and medium-sized businesses (‘SMEs’), and the legal representative may accumulate different functions (e.g. the General Data Protection Regulation or ePrivacy representatives in addition to the legal representative provided for by this instrument). It will only apply to SMEs who offer their services in the EU, and not in case of occasional data processing in the EU.

3. RESULTS OF EX-POST EVALUATIONS, STAKEHOLDER

Contents

1.

CONSULTATIONS


ANDIMPACTASSESSMENTS

Stakeholder consultations

Over a year and a half the Commission consulted all relevant stakeholders to identify problems and ways forward, including on the possibilities for improvement in the channels for interaction between authorities and service providers. This was done through surveys, ranging from an open public consultation to targeted surveys with the relevant public authorities. Group expert meetings and bilateral meetings were also organised to discuss the potential effects of EU legislation. Conferences discussing cross-border access to electronic evidence were also used to gather feedback on the initiative.

Through a targeted survey to public authorities in the Member States, it was revealed that there was no common approach on obtaining cross-border access to electronic evidence, as each Member State has its own domestic practice. Service providers also react differently to requests from foreign law enforcement authorities, and response times vary depending on the requesting Member State. This creates legal uncertainty for all stakeholders involved.

Throughout the consultation, service providers and some civil society organisations indicated the need to ensure legal certainty in direct cooperation with public authorities and to avoid conflicts of law. Key issues highlighted by public authorities included the lack of reliable cooperation with service providers, lack of transparency, and legal uncertainty surrounding jurisdiction for investigative measures. Some civil society organisations considered that EU-level legislation in this area was not desirable and indicated a preference for limiting EU action to improving mutual legal assistance procedures, which will be taken forward in parallel.

12

Commission Staff Working Document – Impact Assessment accompanying the Proposal for a Regulation on European Production and Preservation Orders for electronic evidence in criminal matters and the Proposal for a Directive laying down harmonised rules on the appointment of legal representatives for the purpose of gathering evidence in criminal proceedings, SWD(2018) 118.

Impact assessment

The Regulatory Scrutiny Board issued a positive opinion on the impact assessment13 and made various suggestions for improvement14. Following this opinion, the impact assessment was amended to further discuss fundamental rights issues associated with the cross-border sharing of data, in particular the links between the various measures that are part of the preferred option. The assessment was also modified to better reflect the views of stakeholders and Member States and how they were taken into account. Moreover, the policy context was reviewed to include additional references to various aspects, such as discussions in expert groups, which helped shape the initiative. The complementarity between different measures was clarified in terms of scope, timing and depth, and the baseline scenario was revised to better reflect developments that are likely to occur independently from the adoption of the proposed measures. Finally, flowcharts were added to better describe the workflows for data sharing.

Four main policy options were considered besides the baseline scenario (Option O): a number of practical measures to improve both judicial cooperation procedures and direct cooperation between public authorities and service providers (Option A: non-legislative); an option combining the practical measures of Option A with international solutions (Option B: legislative); an option combining the previous measures contained in Option B with a European Production Order and a measure to improve access to databases (Option C: legislative); and an option combining all previous measures contained in Option C with legislation on direct access to remotely stored data (Option D: legislative). The Impact Assessment also identified the need for service providers offering services in the EU to nominate a legal representative in the Union , and this was included in Options C and D.

The Impact Assessment revealed that options including the legal representative (C and D) would add clear value compared to the other options. Although service providers would have to incur in additional costs in the short term due to the appointment of a legal representative, a harmonised framework at EU level is likely to reduce the burden on those providers currently responding to requests for data from law enforcement on a voluntary basis, which have to assess them under the different laws of all Member States. The cost model established and validated in cooperation with relevant service providers indicated that the initiative would generate significant savings in the medium and long term and remove obstacles to the internal market. Furthermore, legal certainty and standardisation of procedures should also have a positive impact on SMEs, since they would alleviate administrative burden. Overall, the initiative is also expected to generate savings for them.

Fundamental rights

The obligation to appoint a legal representative seeks to eliminate obstacles to and hence facilitate the exercise of the freedom to provide services. In particular, the proposal allows service providers established in the Union to designate an existing establishment as its legal

14

Commission Staff Working Document – Impact Assessment accompanying the Proposal for a Regulation on European Production and Preservation Orders for electronic evidence in criminal matters and the Proposal for a Directive laying down harmonised rules on the appointment of legal representatives for the purpose of gathering evidence in criminal proceedings, SWD(2018) 118. European Commission Regulatory Scrutiny Board – Opinion on the Impact Assessment – Proposal for a Regulation on European Production and Preservation Orders for electronic evidence in criminal matters and the Proposal for a Directive laying down harmonised rules on the appointment of legal representatives for the purpose of gathering evidence in criminal proceedings, SEC(2018) 199.

3

representative, with an exception only when this establishment is in a Member State not participating in judicial cooperation instruments adopted under Title V of the Treaty. This exception is meant to address the particular situation created by Title V of the Treaty, which needs to be taken into account.

4. BUDGETARYIMPLICATIONS

The legislative proposal does not have an impact on the Union budget.

5. OTHERELEMENTS

Implementation plans and monitoring, evaluation and reporting arrangements

The Directive has to be implemented by the Member States. The Commission will support this implementation process by creating a contact committee to ensure a harmonised and coherent implementation and avoid different systems for service providers. The Commission will, if necessary, issue guidance for service providers. The Commission will submit a report on its application, building on a detailed review of its functioning, to the European Parliament and the Council at the latest 5 years after the entry into application. If necessary, the report will be accompanied by proposals adapting this Directive.

Detailed explanation of the specific provisions of the proposal

Article 1 Subject matter and scope

Article 1 establishes the subject matter of the Directive, which is to lay down rules on the legal representation in the Union of certain service providers for the purpose of gathering evidence in criminal proceedings.

The type of obligations requested from service providers may take several forms, such as receiving an order in criminal proceedings from a prosecutor or a judge with legal consequences, providing data needed in those criminal proceedings, taking certain measures for data preservation in criminal proceedings or being addressed with an enforcement procedure in case of non-compliance. Due to their commercial and territorial policies, service providers may have difficulty in complying with these different types of increasingly frequent requests. On the other hand, competent authorities need to know whom and how to address service providers established or offering services on the territory of the Union.

Member States shall not put additional obligations to those deriving from this Directive on service providers under the scope of this Directive, such as obliging them to establish a legal representative in their own territory instead of anywhere in the Union where they offer services.

Harmonised rules on legal representation should not limit the powers given under Union and national law to competent authorities to address service providers established on their territory. In such cases, if national authorities decide to address their orders directly to the establishment of the service provider, the responsibility of the legal representative as set out in this Directive does not apply.

Article 2 Definitions

Article 2 sets out definitions which apply in this instrument.

The legal representative can be a legal or natural person designated by the service provider to act on its behalf to comply with any decisions of competent law enforcement and judicial authorities for the purpose of gathering evidence in criminal matters. Service providers should

be able to choose to designate an existing establishment in a Member State, including their main seat or headquarters, and also to designate several legal representatives.

The following types of service providers fall under the scope of the Directive: providers of electronic communications services, providers of information society services that store data as part of the service provided to the user, including social networks, online marketplaces and other hosting service providers, and providers of names and numbering services for the internet.

The scope of this Directive covers providers of electronic communication services, as defined [in the Directive establishing the European Electronic Communications Code]. Traditional telecommunication services, consumers and businesses increasingly rely on new internet-based services enabling inter-personal communications such as Voice over IP, instant messaging and email services, instead of traditional communications services. These services, along with social networks, such as Twitter and Facebook, which allow users to share content, are therefore covered by this proposal.

In many cases, data is no longer stored on a user’s device but is made available on a cloud-based infrastructure allowing in principle access from anywhere. Service providers do not need to be established or to have servers in every jurisdiction but rather use centralised systems to provide their services. To take into account this development, the definition covers cloud services that provide a variety of computing resources such as networks, servers or other infrastructure, storage, apps and services that make it possible to store data for different purposes. The instrument also applies to digital marketplaces that allow consumers and/or traders to conclude transactions via online sales or service contracts with traders. Such transactions are made either on the online marketplace’s website or on a trader’s website that uses computing services provided by the online marketplace. It is therefore this marketplace that is usually in possession of electronic evidence that may be needed in the course of criminal proceedings.

Services for which the storage of data is not a defining component are not covered by the proposal. Although most services delivered by providers nowadays involve some kind of storage of data, especially where they are delivered online at a distance, services for which the storage of data is not a main characteristic and is thus only of an ancillary nature may be discerned, including legal, architectural, engineering and accounting services provided online at distance.

Data held by providers of internet infrastructure services, such as domain name registrars and registries and privacy and proxy service providers, or by regional internet registries for internet protocol addresses, may be of relevance for criminal proceedings as they can provide traces allowing for identification of an individual or entity possibly involved in criminal activity.

For the purposes of defining those service providers falling into the ambit of application of this Directive, there should be a sufficient link between the provider and the Union. In that regard it should be assessed whether the service provider enables legal or natural persons in the Union to use its services. However, the mere accessibility of the service (which could also derive from the accessibility of the service provider’s or an intermediary’s website or of an email address and of other contact details) should not be a sufficient condition for applying this Directive. Therefore, a substantial connection to the Union should be required. Such a substantial connection would certainly exist where the service provider has an establishment in the Union. In the absence of an establishment in the Union, the criterion of a substantial connection to the Union should be assessed on the basis of the existence of a significant number of users in one or more Member States, or the targeting of activities towards one or

more Member States. The targeting of activities towards one or more Member States can be determined on the basis of all relevant circumstances, including factors such as the use of a language or a currency generally used in that Member State, or the possibility of ordering goods or services. The targeting of activities towards a Member State could also be derived from the availability of an app in the relevant national app store, from providing local advertising or advertising in the language used in a Member State, from making use of any information originating from persons in Member States in the course of its activities or from the handling of customer relations such as by providing customer service in the language generally used in a Member State. A substantial connection is also to be assumed where a service provider directs its activities towards one or more Member States as set out in Article 17(1)(c) of Regulation 1215/2012 on jurisdiction and the recognition and enforcement of judgements in civil and commercial matters.

Article 3 Legal representative

Article 3(1) and (2) establish the obligation that has to be imposed upon service providers providing services in the Union to designate a legal representative in the Union. In principle, service providers should be free to choose in which Member State they designate their legal representative, and in accordance with Article 1(2), Member States may not restrict this free choice, for example by imposing an obligation to designate the legal representative on their territory. However, Article 3(1) to (3) contains certain restrictions with regard to this free choice of service providers, notably that the legal representative should be established in a Member State where the service provider provides services or is established. This restriction, which requires a pre-existing connection between the service provider and the Member State where the legal representative is to be designated, limits the possibility of service providers to select the Member State based on considerations which would run counter to the aims of this Directive, such as the level of fines. Article 3(1) to (3) also defines which Member States are responsible for imposing the obligation to service providers.

Article 3(1) applies to service providers established in the Union. They have to designate at least one legal representative in the Union, more specifically in a Member State where they offer services or are established. The Member States where service providers are established are responsible for imposing this obligation.

Article 3(2) applies to service providers that are not established in the Union. In that case, they should designate a legal representative in one of the Member States where they offer services. The Member States where the service provider offers services are responsible for imposing this obligation.

Article 3(3) applies in both cases covered by Article 3(1) and 3(2) and imposes additional requirements to address the problem inherent to the interplay between an internal market instrument and judicial cooperation instruments adopted under Title V of the Treaty. A legal representative designated in a Member State not participating in a relevant judicial cooperation instrument would not fully fulfil its role, as it could not be addressed with an order under this instrument. This is why Article 3(3) requires service providers offering services in Member States participating in such instruments to designate a legal representative in one of them. As a result, a service provider establishing a legal representative in a Member State participating in a judicial cooperation instrument under Title V would fulfil its obligations both under paragraph 1 or 2, depending on the case, and under paragraph 3. On the other hand, a service provider designating a legal representative in a Member State not participating in a judicial cooperation instrument under Title V would thereby fulfil its obligation under paragraph 1 or 2, but in order to also fulfil its obligation under paragraph 3, it would have to nominate another legal representative in one of the Member States participating

in a judicial cooperation instrument under Title V. The Member States taking part in a relevant instrument and where the service provider offers services are responsible for imposing this obligation.

Because of the ‘variable geometry’ that exists in the area of criminal law, with Denmark not participating in any Union legislation under Title V, and a right to opt-in for the United Kingdom and Ireland, there are currently different instruments that apply in the relationships between Member States when gathering evidence in criminal proceedings. These instruments include the Directive regarding the European Investigation Order and the 2000 Mutual Legal Assistance Convention. The European Production Order will add to this multifaceted legal regime. The resulting complexity is likely to lead to an increased risk that the Member States participating in the Regulation on European Production Orders may develop uncoordinated national solutions, which would in turn lead to further fragmentation and legal uncertainty for all stakeholders concerned. This is why all Member States should be required to ensure that service providers not established in the Union but offering services in the Union designate a legal representative in the Union, which would be the addressee of direct requests in crossborder situations, and of requests based on judicial cooperation between judicial authorities. In addition, to avoid the risk of weakening the effectiveness of the EU legal instruments adopted under Title V, Chapter 4, of the Treaty on the Functioning of the EU for gathering evidence in criminal matters, to which only some Member States participate, a legal representative should be designated in one of those Member States taking part in those legal instruments.

Service providers should be free to designate one of their establishments within the Union, including their main seat or headquarters, as their legal representative, subject to the conditions set out in the Directive.

Article 3(6) clarifies that Member States have to ensure in national law that a designated legal representative can be held liable for non-compliance, without prejudice to the liability of service provider itself. Service providers should not be able to claim they are not responsible for example for the non-compliance of their legal representative. Neither can they exculpate themselves due to missing or ineffective internal procedure, as they are responsible for providing the necessary resources and powers to guarantee compliance with orders and national decisions. Nor should the legal representative be able to exculpate himself by claiming for example he is not empowered to deliver data.

Article 4 Notifications and languages

Article 4 sets out the obligation for Member States to ensure that service providers designate one or more legal representatives and provide their contact details.

The notification should also include information on the language(s) in which the service provider can be addressed. The official language of the Member State in which the legal representative is located will be the one used by default. If there are several official languages, the service provider can choose one or more of them. Moreover, service providers will be able to choose additional official languages of the Union to be addressed in by competent authorities of all Member States. This will allow service providers to choose a language used, for example, in internal communications with headquarters or which is currently frequently used in requests and thus bring about more consistency and certainty for both competent authorities and service providers.

Where a service provider designates several legal representatives, they may also notify considerations to determine which one should be addressed. These are not binding for Member States’ authorities, but should be followed except in duly justified cases.

The service providers are responsible for making this information publicly available, e.g. on their website, and for keeping this information up to date. Additionally, the Member States should make available the relevant information on dedicated websites to help judicial authorities identify the correct addressee.

Article 5 Sanctions

For the cases where service providers covered by this Directive do not comply with the national provisions adopted pursuant to this Directive, Member States should provide in their national law effective, proportionate and dissuasive sanctions which can be imposed on service providers for not establishing a legal representative as set out in this Directive and not providing the necessary powers, resources and conditions such as infrastructure for the legal representative for generally complying with decisions by national authorities and deliver the requested evidence.

Penalties or fines for the non-compliance by the legal representative with a specific decision such as an order in concrete proceedings, on the other hand, are the matter of other specific instruments, such as the Regulation on European Production and Preservation Orders for electronic evidence in criminal matters or the national law.

Article 6 Coordination mechanism

To ensure a coherent approach, the Directive provides for a coordination mechanism on the basis of central authorities designated by Member States. This coordination mechanism will enable Member States to exchange information, provide for assistance and cooperate in their enforcement approach, e.g. by identifying the most appropriate Member State to take action in a given case of non-compliance.

Articles 7, 8, 9 and 10

These Articles contain further provisions on transposition by Member States, review by the Commission, entry into force of the Directive and the addressees of the Directive. The proposed Directive will enter into force the twentieth day after its publication in the Official Journal. Member States will have 6 months to transpose the provisions of the proposed Directive into national law. The Commission shall carry out an evaluation of this Directive in line with the Commission's Better Regulation Guidelines and pursuant to paragraph 22 of the Interinstitutional Agreement of 13 April 201615.

15 Interinstitutional Agreement between the European Parliament, the Council of the European Union and

the European Commission on Better Law-Making of 13 April 2016; OJ L 123, 12.5.2016, p. 1–14.