SOURCE: Chiara Castro at Techradar
The EU Commission unveiled the first step in its security strategy to ensure “lawful and effective” law enforcement access to data
- The EU Commission presented a Roadmap on how it intends to ensure that law enforcement has effective and lawful access to citizens’ data
- Politicians seek to establish a precedent for the decryption of private data
- The Roadmap is part of the ProtectEU strategy, first unveiled in April 2025
EU law enforcement bodies could be capable of decrypting your private data by 2030.
This is one of the ambitious goals the EU Commission presented in its Roadmap on June 24, 2025. A plan on how the bloc intends to ensure police officers’ “lawful and effective” access to citizens’ data.
The Roadmap is the first step forward in the ProtectEU strategy, first unveiled in April 2025 – but privacy experts have already begun raising the alarm.
How the EU plans to achieve lawful access to data
ProtectEU represents the EU Commission’s internal strategy to bolster the security of the European bloc in the years to come.
It stems from the work of the High-Level Group (HLG) carried on under the so-called Going Dark initiative. The group was tasked, by the EU Council in June 2023, to develop a strategic plan “on access to data for effective law enforcement.”
Specifically, the group’s final report, published in March 2025, referred to end-to-end encryption as “the biggest technical challenge” to the investigative work of law enforcement agencies, explicitly targeting the use of the best VPN services, encrypted messaging apps, and similar tools.
The Roadmap marks a key part of the strategy, providing more detail on how lawmakers plan to address what they refer to as “the growing challenges of accessing critical digital evidence” during criminal investigations.
The plan focuses on six key areas:
- Data retention. The EU Commission is expected to carry out an impact assessment with the aim of extending the EU’s data retention obligations and reinforcing cooperation between service providers and authorities.
- Lawful interception. Lawmakers seek to explore measures aimed at improving cross-border cooperation for lawful interception of data by 2027.
- Digital forensics. The goal here is to develop technical solutions that allow authorities to analyze and preserve digital evidence stored on electronic devices.
- Decryption. Next year, the EU Commission is set to present a Technology Roadmap on encryption to identify and evaluate decrypting solutions. These technologies are expected to equip Europol officers from 2030.
- Standardisation. The Commission is said to be committed to working alongside Europol, industry stakeholders, experts, and law enforcement practitioners to standardize the new approach to internal security.
- AI solutions for law enforcement. Lawmakers also seek to promote the development and deployment of AI tools by 2028. These solutions will enable authorities to lawfully and effectively process large volumes of seized data.