The EU police agency is to process more “big data” and receive personal data from private companies. Preventive cooperation with third countries will be expanded, this also concerns secret services.
On 9 December last year, the EU Commission presented a proposal to extend Europol’s mandate. The police agency could therefore initiate investigations itself without waiting for an initiative from a member state. This should also be possible if only one country is involved. Up to now, Europol’s competence has been limited to cases involving two or more member states.
In addition to improved cooperation with the European Public Prosecutor’s Office (EuPPO) and the European Anti-Fraud Office (OLAF), cooperation with third countries for the “prevention” of criminal offences is to be expanded.
In the context of investigations, Europol is also to exchange data with private parties. This is justified by the improvement of instruments in the area of offences against the sexual self-determination of children. Europol also receives mass data when the agency coordinates investigations in which companies are affected by a cyber attack. In the Commission’s proposal, this is referred to as “big data”. These are searched by software for so-called cross matches. Europol hopes that this search for connections between crimes or perpetrators will lead to new investigative approaches. The European Data Protection Supervisor has criticised the fact that data on innocent contacts will also be processed (“non-criminal personal data”) and pointed out that there is no legal basis for such a dragnet search.
The regulation should also make it possible to use the extensive personal data for the “development, training, testing and validation” of algorithms. This should also include “AI-based tools”. Artificial intelligence is therefore one of the focal points of the newly established “innovation laboratory” in The Hague, with which the agency intends to coordinate EU security research in various fields. Europol also acts as an observatory on “risks, threats and opportunities” of new technologies.
The police agency is moreover to be given the possibility to enter its own alerts in the Schengen Information System (SIS II). For this reason, the Commission had attached a further proposal to amend the SIS Regulation to the draft legislation. A separate category is to be set up in SIS II for Europol searches. The underlying information supposedly comes from intelligence services from third countries, and these are mainly alerts for covert checks. Europol is to receive such lists and compare them with already existing national SIS II alerts.
The Commission estimates the additional costs of the new Europol Regulation at 178 million Euros until 2027, the agency would receive 160 new posts. Control will hardly be strengthened with the increase, but Europol is to provide more reports to the Joint Parliamentary Control Committee for Europol (JPSG).
The regulations will be discussed in the Council’s Law Enforcement Working Group (LEWP). Until March, the member states were given time for comments; on 7 and 8 June, the Justice and Home Affairs Council is to decide on a general approach. Then the plans will be dealt with in the trilogue with Parliament and the Commission.