Feeds

EU proposes greater data sharing between police forces

One body to rule them all

Secure remote control for conventional and virtual desktops

The German Presidency of the European Union wants police forces across Europe to be able to share data more freely and wants a single body to be in charge of overseeing the process.

The changes are contained in a framework decision proposed by the Presidency to the European Commission designed to outline the protections citizens can expect when their personal data is handled by police and judicial authorities. The agreement augments the Data Protection Directive 95/46/EC and deals with the so called "third pillar", which relates to law and order matters.

The suggested framework decision proposes greater police cooperation on data sharing and the legalisation of more sharing of information on individuals between national forces and between those forces and Europol.

"Common action in the field of police cooperation and common action on judicial cooperation in criminal matters [both under the Treaty on European Union] imply the necessity of the processing of relevant information which should be subject to appropriate provisions on the protection of personal data," says the proposed framework decision.

The proposal suggests allowing personal data gathered in one state and shared with another to be transferable to a third EU Member State, or even outside of the EU. "Personal data received from or made available by the competent authority of another Member State may be transferred to third States or international bodies only if the competent authority of the Member States which transmitted the data has given its consent to transfer in compliance with its national law," it said.

The proposal does not extend to national security matters which have always been seen as the prerogative of member states. This is made clear in the document. In section four of Article 1 of the proposal, it states: "Authorities or other offices dealing specifically with matters of national security do not fall within the scope of this Framework Decision."

The document also proposes centralising regulatory power in Europe, with a new body taking on oversight duties currently handled by a number of bodies. "The Framework Decision aims to combine the existing data protection supervisory bodies, which have hitherto been established separately for the Schengen Information System, Europol, Eurojust, and the third-pillar Customs Information System, into a single data protection supervisory authority," said the document.

"A single supervisory authority should be created, which could, where appropriate, also act in an advisory capacity. A single supervisory authority allows the improvement in third-pillar data protection to be taken a decisive step further."

"This step is to be welcomed because there are a diverse number of data protection authorities for each system, each with their own data protection foibles," said Dr Chris Pounder, a privacy specialist at Pinsent Masons, the law firm behind OUT-LAW. "Unification of the approach is long overdue".

The document gives citizens rights of access to personal data held and transferred on them, though it also says that information about surveillance or data transfer can be withheld if telling the individual concerned would undermine the purpose behind the transfer in the first place.

"It seems the German Presidency is adopting a twin track approach," said Pounder. "First in the short term it is pursuing the Prün Treaty which is allowing Germany, France and the Benelux counties to share criminal, DNA and vehicle data without waiting for agreement on the framework decision. Second it is pursuing the framework agreement as a longer term objective of trying to make Europe's police forces to agree to binding data sharing".

Meanwhile, US authorities have been reprimanded by oversight body the Government Accountability Office (GAO) for not taking enough account of privacy when conducting investigations.

"As it develops and participates in important homeland security activities, the Department of Homeland Security (DHS) faces challenges in ensuring that privacy concerns are addressed early, are reassessed when key programmatic changes are made, and are thoroughly reflected in guidance on emerging technologies and uses of personal data," said a GAO report.

"GAO's reviews of DHS programs have identified cases where these challenges were not fully met. For example, increased use by federal agencies of data mining – the analysis of large amounts of data to uncover hidden patterns and relationships – has been accompanied by uncertainty regarding privacy requirements and oversight of such systems."

The body also found some privacy failures in relation to an airline passenger screening system called SecureFlight. "GAO reported that TSA had not fully disclosed uses of personal information during testing of Secure Flight, as required by the Privacy Act of 1974," it said.

"One of the problems facing the Americans is that most of Europe's Data Protection Commissioners are worried about the standard of privacy protection in the USA," said Pounder. "The fact that two GAO reports suggest that the USA authorities are having difficulties with respect to basic privacy obligations does not engender confidence in the USA's approach to privacy."

Copyright © 2007, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

New hybrid storage solutions

More from The Register

next story
Hey, Scots. Microsoft's Bing thinks you'll vote NO to independence
World's top Google-finding website calls it for the UK
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
OECD lashes out at tax avoiding globocorps' location-flipping antics
You hear that, Amazon, Google, Microsoft et al?
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.