Europol Cooperation Council
The Joint Supervisory Body of Europol was set up pursuant to Article 34 of Council Decision 2009/371/JHA of 6 April 2009 establishing the European Police Office (Europol) with the aim to review the activities of Europol in order to ensure that the rights of the individual are not violated by the storage, processing and use of the data held by Europol and to monitor the permissibility of the transmission of data originating from Europol. The Joint Supervisory Body is composed of a maximum of two members or representatives of each of the national data protection supervisory authorities.
In line with Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 (the Europol Regulation), the European Data Protection Supervisor (EDPS) has the task of supervising the lawfulness of personal data processing by Europol as of 1 May 2017.
Europol is an EU body which actively cooperates with the law enforcement authorities of the EU Member States to combat serious international crime and terrorism. Europol also works with many non-EU partner States and international organisations, particularly regarding the fight against terrorism, cybercrime and people smuggling.
The Europol Regulation applies to the processing of operational data, namely data processed by Europol to support the Member States in preventing and combating serious crime and terrorism.
Taking over the data protection supervision of Europol, the EDPS will ensure that the right balance is found between data protection rights and the key public interest of security. The EDPS exercises its supervisory role, reinforcing safeguards in a practical and modern way in line with the new challenges for law enforcement.
An essential aspect of this supervision is the cooperation with national supervisory authorities, in particular within the newly established Europol Cooperation Board, a forum with advisory function for discussion of common issues, working together to develop guidelines and best practices, for example. In order to monitor compliance with the Europol Regulation, the EDPS cooperates with the Data Protection Officer appointed in Europol.
As part of its annual report, the EDPS publishes a summary of its supervisory activities on Europol including information on complaints, inquiries, inspections, transfers of personal data to third countries and international organisations, as well as prior consultations.
Regulation (EU) 2018/1725 applies to Europol’s processing of administrative data, which includes data on staff and visitors, for example.
Website for the protection of personal data in Europol
Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA
Council Decision of 6 April 2009 establishing the European Police Office (Europol)
Regulation (EU) 2018/1725 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data
Activity reports: (Links provided to reports of the EDPS, the body responsible for controlling Europol`s personal data processing activities)
Annual report 2016
Annual report 2017
Annual report 2018
Annual report 2019
Annual report 2020