Lene Wacher Lentz: Secret Police Investigations on the Internet

Lene W. Lentz successfully defended her PhD dissertation titled Secret Police Investigations on the Internet (Lentz, 2019b). The dissertation is 276 pages and consists of four parts. Unlike many other Danish PhD dissertations in law, the author decided to publish a number of articles instead of the typical monograph. This proved to be worthwhile, and the six articles contained in the dissertations Part II is where most readers will likely find the most essential conclusions and thought-provoking arguments made. The six articles are very much worth the read, but some readers will find that the author does not quench the thirst for future legislative guidance that she creates in them. The underlying critical view on the existing Danish legal framework for online police investigations is a welcome contribution to the field.

The first article is titled Hacking and the Right to Privacy (Lentz, 2018a) and concerns hacking and the right to privacy. Based on two examples, the author questions when the Danish criminal code section 263, para. 2, the so-called hacking section, has been violated. Relying on the wording of the hacking section and a number of court decisions the author develops to archetype examples as a tool of analysis. She concludes that the scope of section 263, para. 2 is unclear and support that the scope should lie somewhere between the act of merely establishing a security flaw and the act of accessing and exploring the technical setup of a system. The author expresses a desire for further guidance from the legislature, suggests that the use of archetype examples may be a useful tool to distinguish between violations of the criminal code, infringement of data protection frameworks, and breach of private law rules. The article is 13 pages long.

The second article is titled Logging Cell Phone Tower Data in Light of the Tele2 Decision (Lentz, 2017a) and has the logging of cell phone tower data in light of the so-called Tele2 decision by the European Court of Justice as its focal point. The author details how the court in the Tele2 decision, not only concluded that a general obligation for cell phone service providers to log cell phone tower data is illegal, it also had to strike a balance between the right to privacy and the fight against crime. She argues that Danish regulation on logging of cell phone tower data will have to change and does so bases on a comparison between Danish and Swedish law. However, the author does admit that due to the Danish reservations in the EU, any effect of the Tele2-decision outside the cell phone service sector will happen through informal means. It is concluded that while a change in Danish regulation is to be expected, a burden is also placed on the legislature to secure a more stringent, coherent, and practically relevant regulation of the storage and access to cell phone tower data. The article is 9 pages long.

The third article is titled The Police’ Access to Cell Phone Tower Data According to the Danish Administration of Justice Act (Lentz, 2017b) and deals with yet another aspect of the ECJ Tele2 data decision. The author describes how the decision raises doubt as to how new regulation targeting cell phone tower data logging may co-exist with the existing regulation in the Danish Administration of Justice Act (Retsplejeloven). By systematically going through the current rules on the police’ access to cell phone tower data, following from the Danish Administration of Justice Act concerning, the preparatory works, and relevant court practice, the author shows how the Tele2 decision raises two questions. First, whether one should implement one or two frameworks for regarding access to data. And second, how one defines grave crime. The author finds it an inappropriate reaction to the Tele2 decision to merely create a new section in the criminal code. Instead, she sees a need for careful consideration of the risks that may follow from a change in the legal frameworks, including for example a possibility to forum shop, and that seemingly similar situations may not be subject to similar requirements. The article is 10 pages.

The fourth article is titled The Legal Basis for the Police to do Hacking as a Forensic Tool (Lentz, 2018b). It deals with the police access to do so-called hacking as part of an investigation. In the absence of express regulation, the author finds a possible legal basis for the police to access private data in an IT system in the existing rules regarding intrusion, access to data, and examination of letters and records. The article discusses the borderline between search and intrusion of the right to privacy, as well as the scope of the access to private data and the ambiguous basis for continued access to seized items. It is concluded that hacking may currently fit the definitions of both secret search, access to data, and intrusion of the right to privacy. The author is of the position that such a situation is not sustainable and that a more express regulation of hacking as a forensic tool is needed, also to protect the rights of the citizen. The article is 8 pages long.

The fifth article is titled Police Infiltration on Digital Platforms – Seen in a Human Rights Perspective (Lentz, 2019c) and concerns online undercover police infiltration in light of human rights. The author questions whether infiltration by the police can remain unregulated in a digital age or whether the protection of the citizens’ rights demands a change. A distinction between types of infiltration is made, including baiting and agents. The author explains that drawing a line between definitions is difficult as the distinction between public and private is not a clear one, especially in a digital environment. The author relates the issue to the European Convention on Human Rights article 6(1) and article 8 on the right to fair trail and the right to private and family life, his home and his correspondence respectively. The author again argues that a clearer legal framework for police infiltration is desirable and adds that a similar legal situation exists in Norway and Sweden. The article is 23 pages long, not including bibliography and list of court decisions.

The sixth article is titled Police Agents in a Human Rights Perspective (Lentz, 2019a). It deals with the police use of agents in a human rights perspective. The article lists a number of undesirable characteristics of the current legal framework in regard to the right to counsel and the duration of the use of an agent. The author concludes that the more than 30-year-old legal framework should be reconsidered to ensure the use legal use of agents. Should the lapsed proposal for a new regulation be reintroduced, it is argued that the rules of the European Convention on Human Rights, as well as the decisions of the European Court of Human Rights, be taken into consideration. The author points out that the Danish legislature seems to have a hands-off approach to international conventions and that this approach leaves too much of an interpretive task with the executive authorities when they need to ensure alignment with said conventions. The article is 27 pages long.

The preceding Part I of the dissertation mostly contains the author’s considerations regarding method and sources of law. These considerations are useful to anyone with an academic interest in the field. The same goes for Part III, in which the author draws some more generally valid conclusions for which the preceding six articles could not fully develop. Finally, in Part IV the author reiterates her conclusions and draws perspectives to challenges as a consequence of digitalization, future technology neutral legislation, tendencies in Danish and international criminal law, evidence, and the trustworthiness of the police and the penal system.