
The EU e-Evidence Compliance Guide for Telecom Operators
What every operator must do to navigate the new regulatory landscape. Includes the 5 operational weaknesses most operators have right now, a full compliance checklist across legal, technology, security, and operational readiness, and a blueprint for a compliant architecture.
Includes: Compliance Checklist | Key Deadlines | 5 Compliance Traps to Avoid
Why e-Evidence matters
The 2026 compliance deadline
From 18 August 2026, all telecom operators in the EU must comply with the new e-Evidence Regulation (EU 2023/1543) and Directive (EU 2023/1544).
New rules for cross-border lawful requests
Law enforcement authorities will be able to issue direct cross-border orders for subscriber or traffic data. Operators must respond within 10 days — or within 8 hours in urgent cases — and all requests must be handled through the EU’s e-CODEX platform. Failure to comply can lead to fines of up to 2% of global turnover.

Four Compliance Challenges for Telecom Service Providers.
One Deadline.
STRICT DEADLINES AND EMERGENCY CASES
Manual processes can't meet an 8-hour clock. Compliance requires full automation and 24/7 readiness — no exceptions.
MANDATORY E-CODEX COMMUNICATION
Email and local portals are out. Every lawful data exchange must flow through e-CODEX. If you're not integrated, you're non-compliant.
LEGAL REPRESENTATIVE AND ACCOUNTABILITY
The regulation requires a designated legal representative with authority, resources, and cross-team integration. This role must be defined and operational before the deadline.
AUDITABILITY, GDPR AND DATA PROTECTION
Every disclosure must be logged, traceable, and GDPR-aligned. Speed without integrity isn't compliance — it's a liability.
How REX Meets Every Requirement
REX is purpose-built for this regulation — consolidating mirrored data, automating case management, and connecting natively to e-CODEX so you meet every deadline, every time.
E-CODEX READY &
SEAMLESS INTEGRATIONS
REX is fully E-CODEX-ready, ensuring compliance with the EU’s mandatory digital platform. It is built on open APIs, enabling seamless integration with all your existing OSS, BSS, CRM, billing, and storage systems — removing silos and minimizing deployment complexity.
EXTREME SPEED TO MEET
8-HOUR DEADLINES
REX consolidates subscriber, network, and billing data into a single platform, delivering accurate results in minutes or seconds — well inside the 8-hour emergency window.
CASE MANAGEMENT FOR END-TO-END CONTROL
To further streamline compliance, REX Case Management automatically pre-populates incoming requests, assigns unique case IDs, prioritizes and manages them through to completion. It ensures every step is traceable, integrates with billing, and provides a defensible audit trail — reducing manual workload while strengthening compliance integrity.
CENTRALIZED, SECURE AND AUDIT-PROOF
Every request handled in REX is fully logged and traceable. The platform enforces strict access controls, GDPR alignment, and security standards, ensuring lawful requests are processed with accuracy, speed, and transparency.
Partner with Subtonomy for
e-Evidence Compliance
Subtonomy already supports operators across Europe in handling lawful data requests securely and efficiently. With a 100% satisfied client base, REX is proven in real-world deployments.
TRUSTED BY LEADING EUROPEAN OPERATORS
REX gives us a completely different workday in terms of easiness of use and query response time. Reports we previously had to wait several hours for are now generated in minutes or even seconds.
TERJE RUDIN
Product Manager Police Response Center & NOC @Telenor Norway
Frequently Asked Questions (FAQ) on EU e-Evidence & e-CODEX Compliance
Your Questions, Answered.
We understand that data retention involves complex technical, legal, and security details. To provide clarity, we've gathered straightforward answers to the most common questions about the REX platform, its capabilities, and its compliance.
The primary challenge is the combination of extreme speed and mandatory technical integration. The regulation demands a response to emergency requests within just 8 hours, a deadline that is impossible to meet with traditional, manual processes. Furthermore, all communication must go through the secure e-CODEX platform, not email or portals. Most telecom operators' current workflows are fragmented across multiple systems (billing, network, CRM), creating bottlenecks that represent a direct and costly compliance risk.
Most existing data retention or lawful intercept (LI) systems were designed for national requirements, not for the specific demands of this new EU regulation. The e-Evidence framework introduces new complexities they weren't built for: the 8-hour emergency deadline, the cross-border nature of orders, and the mandatory, complex technical integration with the e-CODEX infrastructure. Attempting to "bolt on" an e-CODEX interface to a legacy system will not solve the underlying bottleneck — it cannot automate and accelerate the data consolidation needed to meet the 8-hour SLA.
e-CODEX is far more than a portal; it is a decentralized, secure digital infrastructure that acts as the mandatory channel for all cross-border judicial data exchange in the EU. For an operator, a compliant telecom data retention solution must integrate natively with this architecture. This involves using e-CODEX "Gateways" and "Connectors" to create a fully automated, end-to-end workflow — from securely receiving a European Production Order (EPO) to validating it, executing the query, and delivering the secure report back through the e-CODEX channel.
The only viable way is through automation. Meeting this deadline requires a fundamental shift from reactively searching for data to having it proactively prepared. An automated lawful request processing platform, like Subtonomy REX, continuously ingests and indexes data from all relevant sources (signaling, billing, IP records, CRM) before a request arrives. When an order is received via e-CODEX, the system can execute automated queries in seconds, compiling and delivering the report without human intervention, ensuring the 8-hour deadline is met every time
This is critical. Compliance requires integrity, not just speed. A modern platform must be "audit-proof by design". This is achieved with strict safeguards, such as mandatory search justification, where no query can be run without a valid, logged case number. Every action, from an authorized user's login to the final data delivery, must be recorded in a comprehensive, unalterable audit trail. This provides a defensible, step-by-step evidentiary chain for every request, proving to regulators that the data is accurate and was handled lawfully.
While August 2026 is the final implementation date, the timeline to readiness is long and complex. Key deadlines, like appointing a legal representative, are much earlier (February 2026). The procurement, integration, and testing of a new EU telecom data solution across multiple, complex data sources can take many months. Starting now is the only way to de-risk the project, run simulations, and ensure you have a robust, tested, and fully compliant platform operational before the deadline arrives and penalties of up to 2% of global turnover apply.
EU e-evidence:
The compliance guide for telecom operators

WHAT EVERY TELECOM OPERATOR MUST DO TO NAVIGATE THE NEW REGULATORY LANDSCAPE.
August 18, 2026. That's your deadline.
Prefer to talk to us directly? Contact Subtonomy here.
Explore the Full Subtonomy REX Platform
While REX ensures your E-Evidence compliance, it's designed to solve challenges across your entire operation. See what else our unified platform can do for your business.

Telecom Data Retention Solution –
comply with national and EU regulations
Subtonomy REX is the industry’s most advanced platform for handling lawful telecom data retention requests, enabling secure, automated, and lightning-fast responses that are fully compliant with GDPR and upcoming national regulations.


