top of page
  • Writer's pictureThe DigitalBank Vault

The Hacking Scandal of #Encrochat: possible violation of EU law


Two years ago, French and Dutch law enforcement authorities, with the support of Europol and Eurojust, succeeded in infiltrating the encrypted phone network provided by the enterprise EncroChat. The law enforcement authorities were thus able to read the chat messages of thousands of users in real time, including those who used the network for criminal activities.

This action led to numerous follow-up investigations in many European countries. In Germany, the Higher Regional Courts and the Federal Court of Justice backed the approach taken by the police forces and judicial authorities and confirmed the admissibility in German criminal proceedings of the evidence collected by means of the infiltration (→ eucrim 1/2021, 22-23 and eucrim 1/2022, 36-37). By contrast, NGOs, defence lawyers, and several academics voiced deep concerns over the rule of law and infringements of the right to a fair trial by the action.

In its decision of 19 October 2022, the Regional Court of Berlin (Landgericht Berlin) suspended a trial against a defendant who was being prosecuted for drug trafficking on the basis of the skimmed EncroChat data. The Berlin court is the only German court that deviates from the upper German courts, and it had already taken a decision in 2021 that advocated the inadmissibility of the collected EncroChat data in criminal proceedings (→ eucrim 2/2021, 106). Now, the same court has referred several questions to the CJEU on interpretation of the Directive regarding the European Investigation Order in criminal matters.

The Regional Court wishes to clarify whether the receipt of the data by the German authorities from their French counterpart via a European Investigation Order (EIO) was lawful and can thus serve as a valid basis for criminal proceedings against EncroChat users in Germany. The questions particularly concern:

  • The admissibility of the EIO pursuant to Art. 6(1) EIO Directive;

  • Interpretation of Art. 31 EIO Directive, which regulates the surveillance of telecommunications without the technical assistance of a Member State;

  • The consequences of a possible infringement of EU law for the national criminal proceedings.

In total, the judges in Berlin posed 14 questions to the CJEU. They include, for instance, the question of whether the German EIO was proportionate and necessary, considering that it related to the receipt of all EncroChat data of users on German territory without individual suspects having been specified beforehand.

Furthermore, they are in doubt as to whether the German EIO was compatible with Art. 6(1)(b) EIO Directive, because the investigative measure could not have been authorised in a similar case in Germany.

Regarding the consequences generated by a possible violation of EU law, the Regional Court believes that the Union principles of effectiveness and equivalence (which limit the procedural autonomy of the Member States in evidence-related issues) as interpreted by previous CJEU case law result in the inadmissibility of evidence in the case at issue. In this context, the court highlighted the lack of transparency on the part of the law enforcement authorities: first, due to non-disclosure of the technical approach by France, the integrity of the required data could not be assessed; second, the EU agencies’ and German law enforcement authorities’ refusal to hand over parts of the file to the defence made the investigation of facts even more difficult in the trial.

Lastly, according to the Regional Court of Berlin, other German courts erred when they attached higher importance to the objectives of criminal law enforcement than to the infringements of the individuals’ fundamental rights. According to the referring judges, the reasoning of the CJEU’s case law prohibiting the general and indiscriminate retention of data - even for purposes of combating serious crimes (→ eucrim 3/2020, 184-186) - must also apply here and result in the inadmissibility of evidence.


Offline “ Air Gapped” Super Encryption Mobile Machines.

Ultra Encrypted Text Messaging with No Cellular or Internet Connection. No Servers.

Encryption Keys generated offline by the user , never exchanged with third parties and erased permanently after each session.

More Secure than a Face To Face Meeting.

More details?

Consult with our

Cyber Defense Experts at :


Offline “ Air Gapped” Super Encryption Mobile Machines.


Offline “ Air Gapped” Super Encryption Mobile Machines.

Full technical details:

ENCRYGMA Mobile Encryption Machine Specs
Download PDF • 1.76MB

Cyber War Grade, Mathematically UnCrackable, Quantum Safe, Air Gapped (Offline) Encryption Machines More details ? Click here: .

“ If you need to communicate top classified information or you need to store secret data and be absolutely sure that no state-sponsored hackers, no foreign Governments , no intelligence agencies will be ever able to decipher the files, you need an Above Military Level Offline SuperEncryption System” 


Rule number 1 ☝🏼:

EncroChat evidences has been collected from the storage on the devices seized . A real military grade encryption device can’t be ever accessed by any digital forensic tools such as Cellebrite.

Rule number 2 :

Never 👎 use encryption services that are server based . Servers can be hacked easily and all data passing through them can be intercept. Servers also store the messages so that also this cloud based storage can be accessed and used as evidence.

Rule number 3:

Never , ⛔️ ever trust their party encryption services. The moment you trust a third party for generating your encryption keys, manage and store them for you , it’s game over . It’s like giving the keys of your bank vault to a total stranger .

Rule number 4 :

Stop 🛑 trusting cheap online encrypted phone suppliers! ⚠️ The garbage online are fake encrypted phones based on a $ 50 USD cheap Android cellphone bought in China and installed with a very low level security end to end encrypted messaging app.

Work like a pro, like intelligence agencies do ! Stop being scammed by online marketers selling you security illusions .

Need absolute privacy? Consult with our cyber defense advisors at info@DigitalBank.Capital or visit

Cyber War Ultra Encrypted Communications.

This is an encrypted text message, that has been encrypted with an OTP cipher (quantum safe encryption- mathematically unbreakable) , on a DBV “ Air Gapped “ Offline SuperEncryption Machine. The Encrypted message is then exported from the offline device by visual means( no connections , not even physical) by scanning the QR code with an online device for then sending it safely online.

The QR code at is arrival, is scanned by the second DBV offline encryption machine , directly from the receiving online device. Afterwards , it’s deciphered safely offline. This form of super encrypted offline communications is safer than a face to face meeting .

More details? Consult with our cyber defense advisors at or visit

20 views0 comments


bottom of page