외국의 정보통신 서비스 제공자에 대한 통신 자료 요청 방법과 형사법적 문제

As the majority of Koreans actively use the services of global IT companies in their daily lives, crimes taking advantage of their services have also become common. This means that obtaining communication data such as subscriber information and IP logs possessed by IT companies will be the key to the investigation of many cybercrimes as well as conventional crimes. In the case of domestic service providers, investigative authorities may obtain data through data production requests or warrants. However, if the data is possessed by a foreign service provider, how should our investigation authority obtain the data, and is the current practice appropriate under the criminal procedural law? This paper was intended to critically review the current practice of the National Police Agency's requests to foreign IT service providers and its issues. First, the general methods of acquiring foreign-based data, including Mutual Legal Assistance, are reviewed, among which is then reviewed more thoroughly how to request data directly to a foreign service provider. Facebook, Google, Twitter, and Apple were selected for U.S. service providers, while Telegram and Line were selected for non-U.S. service providers. As a legal issue related to the current practice of direct requests, search and seizure warrants presented to foreign service providers and the admissibility at the court of the data received are discussed. It is concluded that presenting warrants to foreign service providers is not a compulsory investigation based on criminal jurisdiction, and that the evidence obtained this way might be inadmissible at court, because there is no clear legal basis for such request and no measures to guarantee the integrity of the data received. The conclusion summarized the discussion by suggesting that the accession to the Cybercrime Convention can be a realistic alternative to overcome the challenges of current practices.