As the supervisory authority for Europol, the EDPS is responsible for providing Europol with advice on all matters concerning the processing of personal data. This includes proposals for internal rules or administrative measures relating to the protection of the fundamental rights of individuals or the transfer and exchange of personal data. In 2017 Europol published its first Europol Opinion, which concerned Europol’s Integrated Data Management Concept (IDMC) Guidelines.
The IDMC Guidelines were provisionally adopted by Europol on 1 May 2017, pending EDPS approval. They specify:
- the conditions under which personal data might be teporarily processed in order to determine whether it is relevant to Europol’s tasks;
- the procedures for processing personal information;
- the requirements for processing personal information for cross-checking, strategic or thematic analysis, operational analysis or for facilitating the exchange of information.
The guidelines therefore provide the procedures according to which Europol must carry out all future processing of personal data under the Europol Regulation.
In our Opinion, we made 16 recommendations. Our main concern was the need to further clarify the different purposes for which Europol can process personal data. This issue is important because different data protection safeguards apply depending on the purpose for which data is processed, as this purpose determines the different types of intelligence services that Europol is able to provide to the national law enforcement authorities.
Implement the recommendations made by the EDPS
Europol promptly implemented the recommendations made by the EDPS and adopted a revised version of the IDMC Guidelines on 13 December 2017. Europol has expressed a commitment to continuing its work to clearly define and streamline their procedures with their respective data protection safeguards, such as the implementation of data retention periods for each type of analysis product or service they produce. The objective of this exercise is to implement more efficient rules for data processing and reviewing, leading to improved data quality, the deletion of unnecessary data (noise reduction) and improved intelligence products.
Source: https://edps.europa.eu/
