Stepping up cross-border cooperation (Prüm Decision)
This decision aims to step up cross-border cooperation between European Union (EU) countries’ police and judicial authorities to combat terrorism and cross-border crime more effectively. The provisions concern in particular the automated exchanges of information with regard to major events and for the purpose of fighting terrorism, as well as regarding other forms of cross-border police cooperation.
Council Decision 2008/615/JHA of 23 June 2008 on the stepping up of cross-border cooperation, particularly in combating terrorism and cross-border crime.
The purpose of this decision is to step up cross-border police and judicial cooperation between European Union (EU) countries in criminal matters. In particular, it aims to improve the exchanges of information between the authorities responsible for the prevention and investigation of criminal offences. The decision sets out provisions with regard to:
- the automated access to DNA profiles *, dactyloscopic data * and certain national vehicle registration data;
- supply of data in relation to major events;
- supply of information in order to prevent terrorist offences;
- other measures for stepping up cross-border police cooperation.
Establishment of national databases and automated access to data
EU countries are to establish national DNA analysis files for the purpose of investigating criminal offences. Reference data, consisting of the non-coding part of the DNA * and of a reference number that does not enable an individual to be identified, must be made available to other EU countries to carry out automated searches *. These searches are performed via national contact points by comparing DNA profiles, but only on the basis of individual cases and in a hit/no-hit * manner. If the search provides a match, the national contact point carrying out the search receives the reference data in an automated manner. If no profile is found for a particular individual who is under investigation or against whom criminal proceedings have been brought, the requested EU country may be obliged to establish a DNA profile for that individual.
EU countries must also make available reference data from the national automated fingerprint identification systems (AFIS). For this purpose, the reference data will consist only of dactyloscopic data and a reference number. The searches are carried out by comparing dactyloscopic data and, similarly to DNA searches, only in individual cases on a hit/no-hit basis. Confirmation of the match is conducted by the national contact point of the requesting EU country. Supply of further available personal data for matching DNA or dactyloscopic data and other information relating to the reference data is governed by national law, including the mutual legal assistance (MLA) in the requested EU country.
The national contact points shall also be given access to certain national vehicle registration data via automated online searches. These searches may only be conducted with a full chassis or registration number.
Supply of data in relation to major events
In relation to any major events that have a cross-border dimension, EU countries must provide each other non-personal data via their national contact points, as required for the purpose of preventing criminal offences and maintaining public order and security. Personal data may be supplied only if the data subjects are considered a threat to public order and security or if it is believed that they will commit criminal offences at the events. However, this data may only be used in relation to the event it was provided for and must be deleted once it has served its purpose, but no later than a year after it was supplied.
Supply of information to fight terrorism
For the purpose of preventing terrorist offences, but only in individual cases and to the extent required by the conditions leading to the supposition that criminal offences will be committed, EU countries may provide the following data to each other via the national contact points:
- surname and first names;
- date and place of birth;
- description of the conditions leading to the supposition that criminal offences will be committed.
The country providing this data may impose certain binding conditions on the receiving country for the data usage.
Other measures for enhancing cross-border police cooperation
EU countries may effectuate joint patrols and other joint operations to prevent criminal offences and to maintain public order and security on a given EU country’s territory. In such cases, designated officers and officials from the seconding country participate in the hosting country’s operations. The seconding officers may be conferred executive powers, or they may be allowed to exercise their executive powers, but only under the guidance and in the presence of the host officers. The competent authority of the host country is responsible for the command and actions of the seconding officers.
With regard to mass gatherings and other comparable major events, disasters and serious accidents, EU countries are to provide mutual assistance to each other. This assistance should consist of information exchanges, coordination of police measures and contribution of material and physical resources.
An EU country must provide assistance and protection to the other country’s officers on duty, which is equivalent to that provided for its own officers.
Provisions on data protection
EU countries must guarantee that personal data processed according to this decision is protected by their national laws. Only the relevant competent authorities may process personal data. They must ensure the accuracy and current relevance of the data. Steps must be taken to rectify or delete incorrect data or data that was supplied when it should not have been. Personal data must be deleted if no longer needed for the purpose it was made available or if the storage time, as provided by national law, has expired.
The relevant authorities must take technical and organisational measures to protect personal data against destruction, loss, unauthorised access, alteration or disclosure. For the purpose of verifying the permissibility of the non-automated processing of personal data, this processing must be logged. Similarly, the automated processing of personal data must be recorded. The independent data protection authorities in EU countries are responsible for the legal examinations of the processing of personal data.
Any individual has the right to information on the data that has been processed in relation to his/her person, including information on the origin of the data, the recipients of the data and the purpose and legal basis for the processing of the data. The individual may request corrections to or the deletion of inaccurate or unlawfully processed data. If the individual’s rights with regard to data protection have been violated, he/she may lodge a complaint with an independent court or a tribunal and claim for damages or other legal compensation.
The conclusions of the Tampere European Council of October 1999 asserted the need to enhance the exchange of law enforcement information between EU countries, which was further confirmed by the Hague Programme of November 2004.
The Prüm Treaty of 27 May 2005 on the stepping up of cross-border cooperation, particularly on combating terrorism, cross-border crime and illegal migration, signed between Belgium, Germany, Spain, France, Luxembourg, the Netherlands and Austria, lays down procedures for more efficient exchanges of information in the framework of criminal investigations. This decision aims to incorporate the provisions of that Treaty into the EU legal framework.
|Act||Entry into force||Deadline for transposition in the Member States||Official Journal|
OJ L 210 of 6.8.2008
- The European Commission Directorate-General for Home Affairs website on the Prüm Decision