Europol Cannot Use Citizen Data Without Criminal Background
Europol has been known to have collected and stored personal data of innocent citizens, something that is a gross violation of their human rights. The European Union’s police agency has now been asked to get rid of all such sensitive personal data and retain only those records which pertain to individuals with any criminal record.
This automatically covers any kind of such data that does not comply with safeguards on the length of time that sensitive information can be stored. According to official rules, such data should now only be stored for six months if no criminal activity can be proven.
According to the European Data Protection Supervisor (EDPS), Europol was actually notified about this order on 3 January following a 2019 inquiry. Further, the EDPS added that it indeed had reprimanded Europol two years ago “for the continued storage of large volumes” of such data that “poses a risk to individuals’ fundamental rights.”
The watchdog said Europol has since introduced some measures but that it has not complied with requests to set an appropriate data retention period. “This means that Europol was keeping this data for longer than necessary,” the EDPS said. The police agency now has 12 months to remove data that has not been destroyed by 3 January. Europol did not immediately respond to the decision.
In October, Europol was ordered to adopt to a new mandate given by the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE) becoming the final steps for Europol to broaden its competencies. With this, the 2019 controversy would be put to rest and Europol would get a broader mandate, legitimizing data processing practices.