Brussels, Wednesday 05 September 2012
Today, the European Data Protection Supervisor (EDPS) adopted his opinion on the amended Commission proposal for a Regulation of the European Parliament and of the Council on the establishment of 'EURODAC' for the comparison of the fingerprints of asylum seekers.
A significant addition to this amended proposal is the access to EURODAC data by law enforcement authorities. While the EDPS understands that the availability of a database with fingerprints could be a useful additional tool in combating crime, this amendment is a serious intrusion into the rights of a vulnerable group of people in need of protection and he asks if such access is really necessary.
For instance, if a fingerprint is found at a crime scene, asylum seekers can potentially be identified through EURODAC data while other individuals cannot because similar data is not available for all other groups of society.
The EDPS points out that a number of legal instruments already exist which allow one Member State to consult fingerprints and other law enforcement data held by another Member State. The Commission has not provided evidence that these instruments are insufficient, nor demonstrated any other substantive reason why accessing data on asylum seekers is necessary.
Peter Hustinx, EDPS, says: “Just because the data has already been collected, it should not be used for another purpose which may have a far-reaching negative impact on the lives of individuals. To intrude upon the privacy of individuals and risk stigmatising them requires strong justification and the Commission has simply not provided sufficient reason why asylum seekers should be singled out for such treatment."
The EDPS strongly urges the Commission to provide solid evidence and reliable statistics for the need to access EURODAC data. If such a need is supported by evidence, then the EDPS advocates that any access be subject to strict, appropriate safeguards. The EDPS recommends, among other things:
that law enforcement access to EURODAC data be subject to specific and clearly defined criteria such as a substantiated suspicion that the perpetrator of a terrorist or other serious criminal offence has applied for asylum
clearly highlight that the transfer of data to third countries is prohibited
a request for access for law enforcement purposes should be verified by an independent authority or, preferably, submitted for prior judicial authorisation.
clearly outline the need for direct access by Europol (the EU law enforcement agency) to EURODAC data and also ensure that the same strict safeguards apply as for relevant national authorities.
EURODAC was established by Regulation (EC) No 2725/2000 on 11 December 2000 concerning the establishment of 'EURODAC' for the comparison of the fingerprints of asylum seekers for the effective application of the Dublin Convention. This Regulation still contains specific safeguards that data is not used for other purposes.
On 30 May 2012, the Commission adopted a proposal concerning a recast of the EURODAC Regulation that also provides for access to EURODAC data by Member States' law enforcement authorities and Europol for law enforcement purposes (COM(2012)254 final).
The European Data Protection Supervisor (EDPS) is an independent supervisory authority devoted to protecting personal data and privacy and promoting good practice in the EU institutions and bodies. He does so by:
monitoring the EU administration's processing of personal data;
advising on policies and legislation that affect privacy;
cooperating with similar authorities to ensure consistent data protection.
EDPS - The European guardian of data protection
Follow us on Twitter: @EU_EDPS