In particular, the police agency must separate from data transmitted by the European Union member countries on individuals suspected of criminal activities.
Le Monde with AFP
This is a new step after the warning sent in September 2020. The European Data Protection Constable announced, Monday, January 10, have ordered the Europol police agency to remove from its files A large number of information that does not respect the erected careguards, particularly over the storage time of sensitive elements.
This concerns data transmitted by the member countries of the European Union (EU) on individuals suspected of criminal activities, said in a statement The EDPS (for European Data Protection Supervisor – “European Protection Controller Data “), an agency responsible for controlling all organizations and EU institutions in this area of personal data management.
According to internal documents consulted by the Guardian , the volume of information held by Europol contains” at least 4 petabytes, either the equivalent of 3 million CD-ROMs or one-fifth of the entire content of the US Congress Library “.
Six months’ delay
If, within six months after receipt of these data, the link with a criminal activity could not be proved, it is forbidden to keep them. For the head of the EDPS, Wojciech WiewioRowski:
“A six-month period for preanalysis and filtering large datasets should enable Europol to respond to the operational queries of the EU Member States which require technical and analytical support, while reducing at least the risks for the rights and freedoms of people. “
At the end of a survey opened in 2019, the European Data Protection Supervisor thus accuses Europol for violating its own regulations while retaining “longer than necessary” certain data. It specifies that it has notified January 3 to Europol the “order to delete data on individuals without a link established with a criminal activity”.
For Europol, the decision of the EDPS, which reacted Monday in a statement, is likely to hinder its activities:
“This will have an impact on our ability to analyze vast and complex datasets at the request of the law enforcement.”
The decision concerns data held by States and provided to Europol for “terrorism, cybercrime, international drug trafficking, among others”, in which the intervention of Europol “frequently covers periods greater than six months,” she argues.
Twelve months as of January 3, 2022
From now, Europol has twelve months to erase problematic data that has not yet been eradicated as of January 3, 2022.
The European Commission welcomed this period offered “as a derogation” by the EDPS, considering that this would give “sufficient time” in Europol to comply with the decision. Then in the European Parliament and the Council (which represents the 27 EU countries) to “provide an appropriate solution and legal clarity on the treatment of BIG DATAS by Europol”, also noted the European Executive in a statement.
The European Police Agency Europol, established in The Hague, the Netherlands, attends and supports the 27 EU countries in the fight against organized crime (drugs, weapons, etc.) and terrorist networks . With a thousand employees and 220 liaison officers around the world, she claims, on her website, help more than 40,000 international surveys per year.