Lawful Intelligence Disclosure, Simplified.
The REX platform by Subtonomy empowers telecom operators to automate lawful requests, ensure compliant data management, quick data freeze and deliver secure disclosure intelligence — all while ensuring network performance and ETSI compliance in Sweden, the EU and beyond.
Lawful disclosure & high-precision location intelligence for Telecom Operators
Subtonomy REX is purpose-built for telecom operators, including mobile network operators (MNOs), broadband providers (ISPs), and communications service providers (CSPs), who must comply with lawful data access and disclosure obligations.
It ensures:
-
Full compliance with EU and national laws, including e-evidence, GDPR, ePrivacy, EECC, and lawful interception directives.
-
On-premise deployment under operator control ensures complete data sovereignty.
-
Audited, privacy-centric access to sensitive telecom data.
Proven in real-world deployments, REX consistently demonstrates compliance with relevant legislation and is ISO/IEC 27001:2013 certified, aligning with the highest standards for information security and GDPR.
Whether supporting law enforcement or assisting in SAR, REX makes compliance secure, traceable, and fast.
Built to solve your core compliance and intelligence challenges
From lawful telecom data disclosure, data freeze and intercept to high-precision location intelligence, EU e-evidence readiness and case management, REX provides a secure, ETSI-aligned platform to fulfil every lawful request with speed and precision.
One platform for total lawful intelligence
REX is designed to directly address the challenges with timely, accurate data retrieval. The often fragmented data, is collected from numerous systems, pre-analyzed into one user-friendly tool, saving time and reducing costs and minimizing the risk of human error.
HOLISTIC
DATA INTEGRATION
REX breaks down data silos by collecting and processing everything from billing CDRs and passive probes (XDRs) to complex NAT logs. Our platform efficiently maps all network activity, giving you one unified and complete view
ENRICHED INTELLIGENCE,
DEEPER INSIGHTS
We transform raw data into actionable intelligence. By enriching network records with geolocation, CRM data, and cell inventory, REX provides the crucial context needed to understand the 'who, what, where, and when' of any investigation
CONTROLLED ACCESS FOR
SECURE COLLABORATION
Provide authorized third parties, like lawful authorities, with secure access to the exact data they need, both real-time and historical. Every search is logged, ensuring a fully auditable trail for complete compliance and integrity.
Featured Security & Compliance content
The technical path to EU e-Evidence compliance
Learn how operators can meet the 2026 deadline with a consolidated data architecture, automated case management, and standardized reporting via e-CODEX. Includes workflow diagrams, ETSI alignment guidance and a full breakdown of the 8-hour SLA requirements.
Preparing for EU e-evidence
& e-CODEX
TRUSTED BY LEADING OPERATORS FOR LAWFUL COMPLIANCE
Reports we previously had to wait several hours for are now generated in minutes or even seconds.
TERJE RUDIN |
Product Manager Police Responce Center & NOC @Telenor Norway
Latest news, blog articles and updates
We'd love to hear from you
Have questions about our products, features, or pricing? Need a demo? Want to meet? Our teams are ready to help. Let's connect!
Asterisk (*) indicates required field.
Frequently Asked Questions (FAQ) on EU e-Evidence & e-CODEX Compliance
Your Questions, Answered.
We understand that data retention involves complex technical, legal, and security details. To provide clarity, we've gathered straightforward answers to the most common questions about the REX platform, its capabilities, and its compliance.
The primary challenge is the combination of extreme speed and mandatory technical integration. The regulation demands a response to emergency requests within just 8 hours, a deadline that is impossible to meet with traditional, manual processes. Furthermore, all communication must go through the secure e-CODEX platform, not email or portals. Most telecom operators' current workflows are fragmented across multiple systems (billing, network, CRM), creating bottlenecks that represent a direct and costly compliance risk.
Most existing data retention or lawful intercept (LI) systems were designed for national requirements, not for the specific demands of this new EU regulation. The e-Evidence framework introduces new complexities they weren't built for: the 8-hour emergency deadline, the cross-border nature of orders, and the mandatory, complex technical integration with the e-CODEX infrastructure. Attempting to "bolt on" an e-CODEX interface to a legacy system will not solve the underlying bottleneck — it cannot automate and accelerate the data consolidation needed to meet the 8-hour SLA.
e-CODEX is far more than a portal; it is a decentralized, secure digital infrastructure that acts as the mandatory channel for all cross-border judicial data exchange in the EU. For an operator, a compliant telecom data retention solution must integrate natively with this architecture. This involves using e-CODEX "Gateways" and "Connectors" to create a fully automated, end-to-end workflow — from securely receiving a European Production Order (EPO) to validating it, executing the query, and delivering the secure report back through the e-CODEX channel.
The only viable way is through automation. Meeting this deadline requires a fundamental shift from reactively searching for data to having it proactively prepared. An automated lawful request processing platform, like Subtonomy REX, continuously ingests and indexes data from all relevant sources (signaling, billing, IP records, CRM) before a request arrives. When an order is received via e-CODEX, the system can execute automated queries in seconds, compiling and delivering the report without human intervention, ensuring the 8-hour deadline is met every time
This is critical. Compliance requires integrity, not just speed. A modern platform must be "audit-proof by design". This is achieved with strict safeguards, such as mandatory search justification, where no query can be run without a valid, logged case number. Every action, from an authorized user's login to the final data delivery, must be recorded in a comprehensive, unalterable audit trail. This provides a defensible, step-by-step evidentiary chain for every request, proving to regulators that the data is accurate and was handled lawfully.
While August 2026 is the final implementation date, the timeline to readiness is long and complex. Key deadlines, like appointing a legal representative, are much earlier (February 2026). The procurement, integration, and testing of a new EU telecom data solution across multiple, complex data sources can take many months. Starting now is the only way to de-risk the project, run simulations, and ensure you have a robust, tested, and fully compliant platform operational before the deadline arrives and penalties of up to 2% of global turnover apply.