Transmission of personal data by Europol
The European Union's fight against organised crime is supported by Europol, the European police office, whose task it is to improve cooperation between the relevant departments of the Member States. This Act enables Europol to transmit personal data to third States and bodies and thereby to contribute effectively to combating organised crime.
Council Act of 12 March 1999 adopting the rules governing the transmission of personal data by Europol to third States and third bodies [Official Journal C 88 of 30.03.1999] [See amending acts].
This act defines certain key terms relating to the transmission of personal data, including "third States", "third bodies", "agreement" and "competent authorities". In particular, "personal data" is defined as any information relating to an identified or directly or indirectly identifiable natural person (identification number or data concerning his/her physical, physiological, mental, economic or cultural/social identity). "Processing of personal data" is defined as any operation performed upon personal data, whether or not by automatic means, such as collection, recording, organisation, retaining, disclosure, alteration, consultation, use and adaptation.
Europol may transmit personal data:
- following the conclusion of an agreement with third States or third bodies;
- exceptionally, in order to safeguard the essential interests of a Member State or to prevent imminent danger.
Agreements concluded between Europol and third States or bodies must contain provisions concerning the recipient of the data, the type of data to be transmitted and the purposes for which the data are to be transmitted. They must also contain provisions on liability in the event of unauthorised or incorrect data processing. Once Europol's Management Board and Joint Supervisory Authority have given their opinion and with Council approval, the Director of Europol is required to enter into negotiations on these agreements
Data transmission within third States is restricted to the competent authorities responsible for preventing and combating criminal offences. Moreover, Europol must refuse to transmit any data requested without any indication of the purpose to which they will be put.
However, onward transmission of data by a third body that has concluded an agreement with Europol is allowed:
- with the prior consent of Europol or,
- after authorisation by the Director of Europol if he considers that such action is absolutely necessary to safeguard the essential interests of the Member States concerned within the scope of Europol's objectives or in the interests of preventing imminent danger associated with crime.
No onward transmission of data communicated to Europol by a Member State is allowed without the consent of the Member State concerned.
The transmission of personal data revealing racial origin, political opinions or religious or other beliefs, or concerning health and sexual life, is limited to absolutely necessary cases.
The authority receiving the data must ensure that they will be used solely for the purposes indicated when the request was made. The same authority is responsible for correcting or deleting data in the event that errors appear. It must also delete data where they are no longer necessary for the purposes indicated in the request.
These rules entered into force the day following their adoption. As from 1 January 2005, they will be evaluated under the supervision of the Management Board, which must obtain the opinion of the Joint Supervisory Body.
|Act||Entry into force||Deadline for transposition in the Member States||Official Journal|
|Council Act of 12 March 1999||13.03.1999||-||Official Journal C 88 of 30.03.1999|
|Amending act(s)||Entry into force||Deadline for transposition in the Member States||Official Journal|
|Council Act of 28 February 2002||01.03.2002||-||Official Journal C 58 of 05.03.2002|