Europol has expressed serious concern regarding the impact of home routing on the ability of law enforcement agencies to obtain crucial evidence, stating that criminals are using this practice to evade the law.
Home routing is a service that allows customers abroad to route their calls, messages, and data through their home network rather than the network of the country they are in. This makes it difficult for foreign service providers to transfer data to law enforcement agencies, creating a loophole for criminals.
The process of home routing works as follows:
- Travel: When a customer with a home SIM card travels to another country, their mobile device connects to a local network, but the data transfer is directed through their home network.
- Data processing: Calls, messages, and internet traffic are processed through the servers of the home provider as if the customer were still in their home country.
- Feedback: Information about calls, messages, and other data is sent back through the local network to the customer.
When home routing is in play, suspects using foreign SIM cards are difficult to intercept. This poses a problem both when foreigners use their SIM cards in another country and when citizens use foreign SIM cards in their own country. The only exception is when the “home” provider has an agreement with a foreign provider that disables home routing.
Criminals are aware of this loophole and actively exploit it to avoid law enforcement. In cases involving home routing, national warrants do not apply internationally for interception, requiring police to rely on European orders for investigations that can take up to 120 days. In emergency situations, this delay is too long.
Europol has launched a position paper, stating that relying on voluntary cooperation from foreign service providers for investigative actions is not ideal. A solution must be found to allow authorities to legally intercept suspect communications on their territory without compromising the right to secure communications.
While Europol describes this as a technical issue, it contributes to broader debates on privacy rights in the EU. Controversial proposals for mass scanning of encrypted messenger services like Signal and WhatsApp are seen as ways to identify harmful materials, but critics raise concerns about creating vulnerabilities for hackers or third-party interference.