In line with Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 (the Europol Regulation), the EDPS -the independent EU data protection authority - has the task to supervise the lawfulness of personal data processing by Europol since 1 May 2017.
Europol is the EU body actively cooperating with law enforcement authorities of the EU Member States to combat serious international crime and terrorism. Europol also works with many non-EU partner States and international organizations in particular in the fight against terrorism, cybercrime and people smuggling.
The Europol Regulation provides any individual the right to obtain information (Art. 36) on whether or not personal data relating to him or her are processed by Europol, to ask for rectification, erasure and restriction (Art. 37) of such data and, more in general, that his or her data are processed in accordance with data protection principles (Art. 28), notably in a fairly and lawful way.
At the same time, the Europol Regulation further reinforces the police cooperation in criminal matters in the area of Freedom, Security and Justice (AFSJ).
Taking over the data protection supervision of Europol, the EDPS - in full synergy and cooperation with national supervisory authorities - will ensure that the right balance is found between data protection rights and the key public interest of security.
The EDPS is committed to exercise his supervisory role, reinforcing safeguards in a practical and modern way in line with the new challenges for law enforcement.
To perform this supervision work, the EDPS implements different duties, also taking into account the cross-border dimension (at European and international level) of the data processing:
As mentioned, an essential aspect of this supervision is the cooperation with national supervisory authorities, in particular within the newly established Europol Cooperation Board, a forum with advisory function for discussion of common issues, working together to develop, for instance, guidelines and best practices.
As part of the annual report, the EDPS will publish an annual report on the supervisory activities on Europol including information on complaints, inquiries, inspections, transfers of personal data to third countries and international organizations, as well as prior consultations.
The EDPS is also accountable, for his or her supervision activity, before the Joint Parliamentary Scrutiny Group (JPSG), composed of representatives of the European and of national Parliament, established under the Europol Regulation.