Feeds

EU proposes greater data sharing between police forces

One body to rule them all

Boost IT visibility and business value

The German Presidency of the European Union wants police forces across Europe to be able to share data more freely and wants a single body to be in charge of overseeing the process.

The changes are contained in a framework decision proposed by the Presidency to the European Commission designed to outline the protections citizens can expect when their personal data is handled by police and judicial authorities. The agreement augments the Data Protection Directive 95/46/EC and deals with the so called "third pillar", which relates to law and order matters.

The suggested framework decision proposes greater police cooperation on data sharing and the legalisation of more sharing of information on individuals between national forces and between those forces and Europol.

"Common action in the field of police cooperation and common action on judicial cooperation in criminal matters [both under the Treaty on European Union] imply the necessity of the processing of relevant information which should be subject to appropriate provisions on the protection of personal data," says the proposed framework decision.

The proposal suggests allowing personal data gathered in one state and shared with another to be transferable to a third EU Member State, or even outside of the EU. "Personal data received from or made available by the competent authority of another Member State may be transferred to third States or international bodies only if the competent authority of the Member States which transmitted the data has given its consent to transfer in compliance with its national law," it said.

The proposal does not extend to national security matters which have always been seen as the prerogative of member states. This is made clear in the document. In section four of Article 1 of the proposal, it states: "Authorities or other offices dealing specifically with matters of national security do not fall within the scope of this Framework Decision."

The document also proposes centralising regulatory power in Europe, with a new body taking on oversight duties currently handled by a number of bodies. "The Framework Decision aims to combine the existing data protection supervisory bodies, which have hitherto been established separately for the Schengen Information System, Europol, Eurojust, and the third-pillar Customs Information System, into a single data protection supervisory authority," said the document.

"A single supervisory authority should be created, which could, where appropriate, also act in an advisory capacity. A single supervisory authority allows the improvement in third-pillar data protection to be taken a decisive step further."

"This step is to be welcomed because there are a diverse number of data protection authorities for each system, each with their own data protection foibles," said Dr Chris Pounder, a privacy specialist at Pinsent Masons, the law firm behind OUT-LAW. "Unification of the approach is long overdue".

The document gives citizens rights of access to personal data held and transferred on them, though it also says that information about surveillance or data transfer can be withheld if telling the individual concerned would undermine the purpose behind the transfer in the first place.

"It seems the German Presidency is adopting a twin track approach," said Pounder. "First in the short term it is pursuing the Prün Treaty which is allowing Germany, France and the Benelux counties to share criminal, DNA and vehicle data without waiting for agreement on the framework decision. Second it is pursuing the framework agreement as a longer term objective of trying to make Europe's police forces to agree to binding data sharing".

Meanwhile, US authorities have been reprimanded by oversight body the Government Accountability Office (GAO) for not taking enough account of privacy when conducting investigations.

"As it develops and participates in important homeland security activities, the Department of Homeland Security (DHS) faces challenges in ensuring that privacy concerns are addressed early, are reassessed when key programmatic changes are made, and are thoroughly reflected in guidance on emerging technologies and uses of personal data," said a GAO report.

"GAO's reviews of DHS programs have identified cases where these challenges were not fully met. For example, increased use by federal agencies of data mining – the analysis of large amounts of data to uncover hidden patterns and relationships – has been accompanied by uncertainty regarding privacy requirements and oversight of such systems."

The body also found some privacy failures in relation to an airline passenger screening system called SecureFlight. "GAO reported that TSA had not fully disclosed uses of personal information during testing of Secure Flight, as required by the Privacy Act of 1974," it said.

"One of the problems facing the Americans is that most of Europe's Data Protection Commissioners are worried about the standard of privacy protection in the USA," said Pounder. "The fact that two GAO reports suggest that the USA authorities are having difficulties with respect to basic privacy obligations does not engender confidence in the USA's approach to privacy."

Copyright © 2007, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Build a business case: developing custom apps

More from The Register

next story
Munich considers dumping Linux for ... GULP ... Windows!
Give a penguinista a hug, the Outlook's not good for open source's poster child
UK fuzz want PINCODES on ALL mobile phones
Met Police calls for mandatory passwords on all new mobes
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Yes, but what are your plans if a DRAGON attacks?
Local UK gov outs most ridiculous FoI requests...
Detroit losing MILLIONS because it buys CHEAP BATTERIES – report
Man at hardware store was right: name brands DO last longer
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
UK government accused of hiding TRUTH about Universal Credit fiasco
'Reset rating keeps secrets on one-dole-to-rule-them-all plan', say MPs
Caught red-handed: UK cops, PCSOs, specials behaving badly… on social media
No Mr Fuzz, don't ask a crime victim to be your pal on Facebook
EU justice chief blasts Google on 'right to be forgotten'
Don't pretend it's a freedom of speech issue – interim commish
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.