Legislative Observatory
European Parliament
Please fill in this field to find a procedure

European Union Agency for Law Enforcement Cooperation (Europol)

2013/0091(COD)

The Committee on Civil Liberties, Justice and Home Affairs adopted the report by Agustín DÍAZ DE MERA GARCÍA CONSUEGRA (EPP, ES) on the proposal for a regulation of the European Parliament and of the Council on the European Union Agency for Law Enforcement Cooperation and Training (Europol) and repealing Decisions 2009/371/JHA and 2005/681/JHA

The committee recommended that the position of the European Parliament adopted in first reading following the ordinary legislative procedure should amend the Commission proposal as follows:

1) Rejecting the merger of Europol and Cepol: Members considered that Europol should not merge with the European Police College (CEPOL), since these two organisations had very different objectives and tasks when it came to cooperation in the European area of freedom, security and justice. Accordingly, a series of amendments keeping this position in mind appeared throughout the text and references to CEPOL were deleted.

2) Europol’s tasks: Members re-defined these tasks. The Agency shall support and strengthen action by the competent authorities of the Member States and their mutual cooperation in preventing and combating organised crime, terrorism and other forms of serious crime, in such a way to require a common approach by Member States taking in account the scale, significance and consequences of the offences.

-EUROPOL’s investigations: Members also re-defined the framework of joint investigation teams. Accordingly, whenever a cooperation between Europol and Member States has been established regarding a specific investigation, clear provisions should be drawn up between Europol and those Member States involved, outlining the specific tasks to be carried out, the degree of participation with the investigative or judicial proceedings of the Member states, and the division of responsibilities and the applicable law for the purposes of judicial oversight.

Europol shall not apply coercive measures and Europol officers shall not take part in the application of coercive measures.

 3) Data protection: generally, Members clarified the data to which EUROPOL might have access, stressing that the principles of relevance and proportionality must be observed with regard to personal data processing. They call for, inter alia:

·        Europol’s power to exchange personal data with other Union bodies to be restricted so that the data concerns only those persons who have committed or who are thought likely to commit offences in respect of which Europol has competence;

·        the exchange of personal data with third countries and international organisations to strike an appropriate balance between the need for effective enforcement and personal data protection;

·        data protection rules at Europol to be strengthened and aligned with other relevant data protection instruments applicable to processing of personal data in the area of police cooperation in the Union to ensure a high level of protection of individuals with regard to processing of personal data and to respect the principles of accountability and transparency;

·        strengthening oversight of EUROPOL so that the European Data Protection Supervisor may use the expertise and experience of national data protection authorities in carrying out his duties, including the performance of audits and on-site inspections.

-Use, management and purpose of data: apart from provisions on data protection, Members set out a new framework regarding EUROPOL’s use of data:

·        personal data may only be processed for specific purposes and limited to the minimum necessary, and the report contains provisions on purpose limitation (such as specific analysis);

·        personal data may be processed by only those duly authorised staff who need them for the performance of their tasks;

·        Europol shall keep detailed records of all hits and information accessed and the EDPS must play an active role to ensure that the Agency respects its obligations regarding data protection;

·        Europol should be able to exchange personal data with law enforcement authorities of third countries and with international organisations such as Interpol to the extent necessary and proportionate for the accomplishment of its tasks. 

·        Europol shall make publicly available a document setting out in an intelligible form the provisions regarding the processing of personal data and the means available for the exercise of the rights of data subjects.

The report contains provisions on: (i) notification of a personal data breach to the European Data Protection Supervisor; (ii) communication of a personal data breach to the data subject.

Prior to any set of processing of personal data, Europol shall carry out an impact assessment containing at least a general description of the envisaged processing operations, an assessment of the risks to the rights and freedoms of data subjects, and the measures envisaged to address those risks.

-Transfer of data to third parties: personal data shall only be transferred by Europol to Union bodies, third countries and international organisations, if this is necessary for preventing and combating crime and if the recipient gives an explicit undertaking that the data will be used solely for the purpose for which they were transmitted. 

Any information that has been obtained by a third country, international organisation or private party in violation of fundamental rights, as enshrined in the EU Charter of Fundamental Rights, shall not be processed.

Europol shall make publicly available a regular updated list of international and cooperation agreements it has with third countries and international organisations, by posting this list on its website, and it shall consult the EDPS.

The transfer will be authorised if it is necessary to safeguard legitimate interests of the data subject where the law of the Member State or third country transferring the personal data so provides or is essential for the prevention of an immediate and serious threat to public security of a Member State or a third country.

Derogations may not be applicable to systematic, massive or structural transfers.

3) Increasing Parliamentary oversight: Members propose creating a Joint Parliamentary Scrutiny Group, comprising members of European Parliament and national parliaments. The Chairperson of the Management Board, the Executive Director and a representative of the Commission shall appear before the Group at its request to discuss matters relating to Europol, and fundamental rights on data protection.

Other institutional provisions: Members introduced new provisions on:

·        the EDPS to strengthen the latter’s role regarding Europol;

·        executive board: the Commission’s text proposed the creation of such a Board, but the committee deleted such references since it felt it was not necessary to have such a Board to guarantee that Europol is run transparently and democratically.

·        mandates of the President and Vice-President: these will go from 4 to 5 years.

Members also set up a prior notification and red-flag-mechanism whereby the Commission shall activate a warning system if it has serious concerns that the Management Board may be about to take decisions which would not comply with Europol's mandate.

Single National unit: Europol shall liaise with a single national unit in each Member State, to be established or designated. There are several new provisions clarifying the tasks of the Unit.

Report: lastly, Members want the annual activity report, the work programmes and the evaluation reports to be presented to the Joint Parliamentary Scrutiny Group, which may request any relevant document necessary for the fulfilment of its tasks, subject to Regulation (EC) No 1049/2001 as well as rules governing the treatment of confidential information by the European Parliament.