Digital traces that people leave behind can be useful evidence in criminal courts. However, in many jurisdictions, the legal provisions setting the rules for the use of evidence in criminal courts were formulated long before these digital technologies existed, and there seems to be an increasing discrepancy between legal frameworks and actual practices. This chapter investigates this disconnect by analyzing the relevant legal frameworks in the EU for processing data in criminal courts, and comparing and contrasting these with actual court practices. The relevant legal frameworks are criminal and data protection law. Data protection law is mostly harmonized throughout the EU, but since criminal law is mostly national law, this chapter focuses on criminal law in the Netherlands. We conclude that existing legal frameworks do not appear to obstruct the collection of data for evidence, but that regulation on collection in criminal law and regulation on processing and analysis in data protection law are not integrated. We also characterize as remarkable the almost complete absence of regulation of automated data analysis – in contrast with the many rules for data collection.