Skip to content
Easchi

Law Enforcement Guidelines

Last Updated: August 5, 2024

Effective Date: August 5, 2024

These Law Enforcement Guidelines (hereinafter referred to as “these Guidelines”) are intended to clarify to law enforcement agencies, judicial authorities, and prosecutorial organs of all sovereign countries and regions globally (hereinafter collectively referred to as “Law Enforcement Personnel”) the legal compliance boundaries, Standard Operating Procedures (SOPs), and technical execution limits of the software operator (hereinafter referred to as “the Operator” or “we/us”) when cooperating with criminal investigations, civil evidence discovery, or other statutory mutual legal assistance requests.

We respect the law and resolutely maintain a lawful operating environment for the platform. As the operator of the full-link ciphertext protection service and the “asymmetric key escrow mechanism under statutory obligations,” we are strictly bound by applicable laws, the jurisdictions agreed upon in the User Agreement, and international treaties regarding “data security” and “cross-border data transmission.”

I. Basic Principles and Formal Judicial Procedures

Section titled “I. Basic Principles and Formal Judicial Procedures”

When receiving any request for evidence, the Operator must evaluate it under the premise of ensuring no violation of applicable data protection laws (such as cross-border data transmission restrictions).

  • Strict Procedural Compliance: We can only cooperate with lawful investigations through formal local judicial processes or international mutual legal assistance mechanisms (such as the Mutual Legal Assistance Treaty, or MLAT).
  • Jurisdictional Defense: The Operator does not directly receive, evaluate, or execute any direct letters, emails, or verbal requests for evidence from external law enforcement agencies that have not been reviewed, forwarded, or confirmed by the competent authorities of the jurisdiction corresponding to the account involved.

II. Routing and Verification Process for Judicial Investigations

Section titled “II. Routing and Verification Process for Judicial Investigations”

If a law enforcement department in a certain jurisdiction initiates an investigation into an account or encrypted data associated with this platform, the standard routing and verification process for legal documents is as follows:

  1. Issuance of Documents by External Judicial Authorities: The judicial department of the investigating party, relying on formal and legally effective legal documents (such as search warrants or subpoenas), contacts the counterpart judicial or diplomatic authorities of the jurisdiction corresponding to where the involved account was paid for/migrated.
  2. Review and Forwarding by the Jurisdiction’s Authorities: The judicial authorities of that jurisdiction conduct compliance, formal, and substantive reviews of the documents in accordance with their local laws or international treaties.
  3. Formal Service to the Operator: After being confirmed and legally forwarded or issued as an enforcement assistance document by the competent authority of that jurisdiction, it is formally served to the Operator.
  4. Strict Scope Verification: Upon receiving the documents, the Operator’s legal compliance department will strictly verify their authenticity and jurisdictional boundaries. Any data request that exceeds the scope of legal authorization of that jurisdiction will be directly rejected in accordance with the law.

III. Statutory Channels for Cross-Jurisdictional Data Acquisition

Section titled “III. Statutory Channels for Cross-Jurisdictional Data Acquisition”

Core Risk Warning: If the initiating party of the judicial investigation and the jurisdiction to which the involved account belongs are not within the same judicial jurisdiction, any action requiring the Operator to directly transmit plaintext data across countries/jurisdictions will expose the Operator and the platform to risks of legal charges and administrative penalties under illegal contexts. Therefore, under such circumstances, the Operator will absolutely not provide direct cross-border cooperation.

For data acquisition involving cross-judicial jurisdictions, external law enforcement agencies must and can only proceed through the following lawful channels:

  • Channel A (International Mutual Legal Assistance Path): The investigating party must submit an application to the competent authority of the jurisdiction to which the involved account belongs through the Mutual Legal Assistance Treaty (MLAT) or equivalent multilateral/bilateral mutual legal assistance channels. The competent authority of that jurisdiction will then legally forward a mandatory enforcement order to the Operator.
  • Channel B (Territorial Recognition and Enforcement Path): The initiating party of the judicial investigation directly applies to the court of the jurisdiction to which the involved account belongs for a ruling to recognize and enforce its external legal documents, thereby obtaining a local enforcement order issued by the court of that jurisdiction.

IV. Technical Execution Mechanism for Data Extraction and Offline Decryption

Section titled “IV. Technical Execution Mechanism for Data Extraction and Offline Decryption”

Only when all the aforementioned external legal documents, multi-layered verifications, and jurisdictional compliance paths are fully satisfied, and the Operator receives a mandatory mutual legal assistance order from a specific jurisdiction, will we initiate internal technical assistance procedures:

  1. Manual Ciphertext Download: The Operator’s security engineers will, within the authorized scope, manually retrieve and download specific cloud-based fully encrypted data blocks (Ciphertext Blocks) directly related to the involved account from the servers.
  2. Offline Device Deployment: The extracted ciphertext data will be transferred to a dedicated offline security device (Air-Gapped Device) that is completely disconnected from the network and physically isolated.
  3. Key Extraction and Decryption: In accordance with the “Asymmetric Key Escrow under Statutory Obligations” mechanism described in the Technical Whitepaper, the Operator will invoke the offline master private key (Offline Master Private Key) of the corresponding jurisdiction through a strict internal audit process, performing targeted single-use decryption of the specific encrypted data blocks involved in a completely offline environment.
  4. Secure Transfer: The decrypted plaintext evidence will be directly handed over by the Operator via encrypted physical media to the local competent judicial authority that issued the assistance order, following legal procedures.

V. Statement of Technical Limits and Service of Process

Section titled “V. Statement of Technical Limits and Service of Process”
  • Statement of Technical Limits: The Operator can only assist in decrypting online synchronized data covered under the escrow mechanism. If a user uses purely local encrypted files that are generated solely on local devices without going through the cloud, the Operator cannot assist in acquiring the user’s data since it does not pass through the servers.
  • Service of Process: All formal legal documents, subpoenas, and court orders must be served in writing by the competent authorities of the jurisdiction to which the involved account belongs, in accordance with statutory procedures. The Operator does not accept, and will directly reject in accordance with the law, any requests for direct cross-border mailing or on-site service by foreign/external law enforcement agencies. Foreign investigating parties must strictly follow the international mutual legal assistance process (such as MLAT) described in Section III of these Guidelines, to have the documents served through the local competent authorities. To prevent telecom fraud and phishing, this platform does not support the submission of any evidence discovery requests via email under any circumstances.