Digital Forensics In Austrian Courts

22 Dec 2025 --
0 Comments

I. What is Digital Forensics?

Digital forensics is the process of identifying, collecting, analyzing, and presenting digital evidence from electronic devices such as computers, mobile phones, servers, or storage devices.

In Austrian criminal law, digital forensics is used to:

Investigate crimes such as fraud, cybercrime, and possession of illegal material

Authenticate digital evidence in court

Reconstruct timelines and suspect actions

Key principles:

Lawful seizure of digital devices

Preservation and integrity of evidence (chain of custody)

Proportionality — the search must relate to the alleged crime

Admissibility — evidence must comply with Austrian criminal procedure and privacy protections

II. Legal Framework

Austrian Criminal Code (StGB) – governs criminal offenses that can involve digital evidence, such as fraud, theft, or child exploitation.

Criminal Procedure Code (StPO) – regulates the collection and use of evidence, including digital evidence.

Constitutional safeguards – Austrian Constitutional Court requires judicial authorization before accessing private digital data.

Data protection principles – limit forensic analysis to relevant data.

III. Important Case Law in Austrian Digital Forensics

1. Constitutional Court G 352/2021

Facts:
Authorities seized a suspect’s mobile phone without a specific judicial order. The phone contained emails, chat messages, and personal files.

Issue:
Is warrantless seizure and examination of mobile devices lawful?

Judgment:

The court ruled that mobile phones and digital devices contain highly private information, so general seizure rules are insufficient.

Authorities must obtain a judicial order specifying the scope of data access.

Principle:

Digital evidence requires stronger protection than physical evidence.

Any evidence obtained without judicial authorization may be inadmissible.

2. OGH 14 Os 107/24b

Facts:
Evidence was obtained from a “crypto-phone” that was decrypted by foreign authorities and shared with Austrian prosecutors.

Issue:
Can evidence obtained abroad using methods not permitted under Austrian law be used in Austrian courts?

Judgment:

Evidence obtained in violation of Austrian procedural rights may be inadmissible.

However, if the foreign investigation did not violate Austrian rights and was shared lawfully, evidence could be admitted.

Principle:

Austrian courts scrutinize foreign digital evidence for compliance with domestic rights.

3. Nemanja Popovic Case

Facts:
The defendant was convicted in Austria for drug trafficking using intercepted communications obtained by a foreign law enforcement agency.

Issue:
Whether evidence collected abroad without Austrian judicial oversight is admissible.

Judgment:

Evidence was admitted because Austrian authorities did not participate in the illegal interception.

Foreign-collected evidence can be used if it does not violate core Austrian rights.

Principle:

Austrian courts distinguish between evidence collected by foreign authorities and unlawful domestic surveillance.

4. Vienna Regional Court – Child Exploitation Case (2023)

Facts:
A suspect possessed tens of thousands of illegal files on multiple digital devices.

Digital Forensics Role:

Experts examined phones, laptops, and USB drives.

Metadata, timestamps, and file ownership were used to link the files to the suspect.

Judgment:

Digital evidence was central to proving possession and access.

The defendant was sentenced to a suspended term with therapy.

Principle:

Digital forensics can objectively link suspects to electronic crimes.

5. Vienna Regional Court 332 HR 369/23 m (Unpublished Case)

Facts:
Investigators accessed devices beyond the necessary scope of the alleged crime, analyzing irrelevant personal data.

Judgment:

The court emphasized proportionality.

Data that was not relevant to the crime could not be used.

Principle:

Forensic analysis must be limited to relevant evidence.

6. Austrian Supreme Court (OGH 11 Os 129/24s)

Facts:
A defendant was accused of financial cybercrime using servers located abroad.

Issue:
Whether evidence obtained from foreign servers could be admitted.

Judgment:

Evidence admissible if Austrian authorities did not violate domestic rights during collection.

The authenticity and integrity of the digital evidence had to be proven.

Principle:

Austrian courts require verification of chain of custody and integrity of digital evidence.

7. General Principle from Multiple Cases

From all Austrian case law on digital forensics:

Judicial Authorization is essential for seizing phones, computers, or servers.

Proportionality — the search and analysis must relate to the alleged crime.

Foreign Evidence can be admitted if Austrian procedural rights are not violated.

Digital Evidence Authentication — metadata, logs, timestamps, and file ownership are crucial.

Privacy Protection — irrelevant personal data must be ignored or deleted.

IV. Summary Table of Key Cases

Case	Year	Key Issue	Digital Evidence Used	Outcome / Principle
G 352/2021	2021	Mobile phone seizure	Emails, chats, files	Judicial authorization required
OGH 14 Os 107/24b	2024	Crypto-phone evidence	Decrypted communications	Foreign-obtained evidence admissible if legal
Nemanja Popovic	2015	Intercepted communications	Emails, chats	Evidence from foreign authorities can be used
Vienna Regional Court – Child Exploitation	2023	Possession of illegal files	Metadata, device logs	Forensic analysis links suspect to devices
Vienna Regional Court 332 HR 369/23 m	2023	Scope of data search	Device logs	Only relevant data admissible
OGH 11 Os 129/24s	2024	Foreign servers	Server logs, backups	Integrity and chain of custody crucial