Legislative Observatory
European Parliament
Please fill in this field to find a procedure

European Union Agency for Law Enforcement Cooperation (Europol)

2013/0091(COD)

PURPOSE: to establish a European Union Agency for Law Enforcement Cooperation and Training based on the European Police Office (EUROPOL).

LEGISLATIVE ACT: Regulation (EU) 2016/794 of the European Parliament and of the Council on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA.

BACKGROUND: the European Police Office (EUROPOL) started as an intergovernmental body regulated by a Convention concluded between the Member States, which entered into force in 1999. By virtue of a Council Decision adopted in 2009, EUROPOL became an EU agency funded by the EU budget. Its role is to provide support to national law enforcement services’ action and their mutual cooperation in the prevention of and fight against serious crime and terrorism.

In view of the increase in large-scale criminal and terrorist networks, it is considered vital to amend the legal framework for Europol and create an EU Agency for Law Enforcement Cooperation, with clear tasks regarding the exchange of information between Member States, analysis and investigation at Union level, and also strengthened supervision by the European Parliament and the national parliaments of Member States.

NB: Europol, as established by this Regulation, replaces Europol established by Decision 2009/371/JAI, which is repealed.

CONTENT: the Regulation establishes a European Union Agency for Law Enforcement Cooperation (Europol) with a view to supporting cooperation among law enforcement authorities in the Union.

Tasks: Europol shall support and strengthen action by the competent authorities of the Member States and their mutual cooperation in preventing and combating serious crime affecting two or more Member States, terrorism and forms of crime which affect a common interest covered by a Union policy (as listed in Annex I).

In this context, Europol shall perform the following tasks:

collect, store, process, analyse and exchange information, including criminal intelligence;

  • notify Member States of any information and connections between criminal offences concerning them;
  • coordinate, organise and implement investigative and operational actions to support and strengthen actions by the competent authorities of the Member States, that are carried out: (i) jointly with the competent authorities of the Member States; or (ii) in the context of joint investigation teams and, where appropriate, in liaison with Eurojust;
  • provide information and analytical support to Member States in connection with major international events;
  • prepare threat assessments, strategic and operational analyses and general situation reports;
  • support Member States' cross-border information exchange activities, operations and investigations, as well as joint investigation teams, including by providing operational, technical and financial support;
  • provide specialised training and assist Member States in organising training, in coordination with CEPOL;
  • support Member States' actions in preventing and combating forms of crime which are facilitated, promoted or committed using the internet.

Participation in joint investigation teams: the Regulation provides a general framework for joint investigation teams dealing with crime falling within Europol's objectives. Europol will be able to request Member States to initiate, conduct or coordinate criminal investigations in specific cases where cross-border cooperation would add value.

Europol national units: each Member State shall designate a national unit, which shall be the liaison body between Europol and the competent authorities of that Member State. These units will supply Europol with the information necessary for it to fulfil its objectives. Each national unit shall designate at least one liaison officer to assist in the exchange of information between Europol and their Member State, and the liaison officers of other Member States, third countries and international organisations (particularly Interpol).

Organisation of Europol: a Chapter of the Regulation deals with the internal organisation of Europol, and particular the powers and competences of:

  • the Management Board;
  • the Executive Director
  • consultative bodies set up by the Management Board.

The role and duties of the Executive Directive are set out in the Regulation.

Data processing: a Chapter of the Regulation defines the scope and procedures for data processing by Europol. It is clearly specified that Europol shall only process information that has been provided to it: (i) by Member States in accordance with their national law; (ii) by Union bodies, third countries and international organisations; (iii) by private parties and private persons in accordance with rules set out in the Regulation.

Europol may directly retrieve and process information, including personal data, from publicly available sources, including the internet and public data.

With regard to data from Union, international or national information systems, Europol may retrieve and process information, including personal data, in so far as Europol is entitled under Union, international or national legal instruments to gain computerised access to such data. Access to such information systems shall be granted only to duly authorised staff of Europol and only in so far as this is necessary and proportionate for the performance of their tasks.

The Regulation sets out further rules on access to data, as well as rules on the determination of the purpose of, and restrictions on, the processing of information by Europol, including data processing by automated or other means. Personal data may only be processed for:

  • cross-checking aimed at identifying connections or other relevant links between information related to: (i) persons who are suspected of having committed or taken part in a criminal offence in respect of which Europol is competent, or who have been convicted of such an offence; (ii) persons regarding whom there are factual indications or reasonable grounds to believe that they will commit criminal offences in respect of which Europol is competent;
  • analyses of a strategic or thematic nature, and operational analyses;
  • facilitating the exchange of information between Member States, Europol, other Union bodies, third countries and international organisations.

Categories of personal data and categories of data subjects whose data may be collected and processed for each purpose are listed in Annex II.

A general framework for the transfer and exchange of personal data is also set out, particularly provisions regarding the exchange of information with third countries and international organisations. There are also provisions regarding the duration of data storage.

Furthermore, the Regulation sets out rules for exchange of information with OLAF and Eurojust; and the legal framework for relations with partners, including Union bodies, the authorities of third countries, international organisations and private parties. Under tightly defined circumstances, Europol may process personal data obtained from private parties and may transfer personal data to such parties where it is strictly necessary.

The Regulation contains provisions on:

  • processing of special categories of personal data and of different categories of data subjects;
  • the designation of a Data Protection Officer;
  • effective supervision of Europol by the EDPS, who must closely cooperate with national supervisory authorities on specific issues requiring national involvement and ensure the consistent application of the Regulation throughout the Union;
  • provision for access to data in terms of the type of data processed.

Joint Parliamentary scrutiny: the scrutiny of Europol's activities shall be carried out by the European Parliament together with national parliaments, together constituting a specialised Joint Parliamentary Scrutiny Group (JPSG), to politically monitor Europol's activities in fulfilling its mission, including as regards the impact of those activities on the fundamental rights and freedoms of natural persons.

In this context, the European Parliament will have access to sensitive non-classified information processed by or through Europol, upon the European Parliament's request, and in accordance with the rules set out to in the Regulation.

General provisions: the Regulation sets out rules for the establishing Europol’s budget and implementation, Europol’s legal status, the privileges and immunities of its staff, etc. there are transitional provisions to ensure orderly and seamless transition between Europol and its successor.

Evaluation: by 1 May 2022 and thereafter every five years, the Commission shall ensure that an evaluation assessing, in particular, the impact, effectiveness and efficiency of Europol and of its working practices is carried out. 

ENTRY INTO FORCE: the Regulation enters into force on 13.6.2016. It is applicable from 1.5.2017.