In large part, the new Data Protection Directive for Police and Criminal Justice Authorities has played second fiddle to the pending General Data Protection Regulation (GDPR) in the EU, but the Directive is now getting increasing scrutiny and support in the wake of last week’s Paris attacks. Like the GDPR, the Directive is currently in trilogue, moving toward a conclusion at the end of the year. Further, all three law-making bodies—Commission, Council and Parliament—have indicated they feel the Directive and GDPR are a package deal.
Many feel there's no passing one without the other, as they deal, respectively, with the public and private sectors, putting into place new side-by-side regimes for the handling of personal data that all parties feel should be in concert.
Does this new focus on law-enforcement data sharing following the Paris attacks represent a potential slowdown in negotiations?
The European People’s Party, with 216 members in Parliament, would like to see a halt entirely. On Monday, just days after the events in Paris, German MEP Alex Voss, who acts as shadow rapporteur to the Directive on behalf of the EPP, called for the Directive trilogue to be suspended. "The Paris terrorist attacks have shown that the security of our citizens has to prevail over bureaucracy!,” Voss exclaimed in a statement. “These negotiations are going in the wrong direction and we have to stop them now and call on the European Commission to come forward with a modified proposal which reflects reality!"
The EPP argues that the Directive would place “major bureaucratic burdens” on law enforcement bodies and would “basically turn them into data protection officers.”
In response, fellow German MEP Jan Philipp Albrecht, rapporteur for the Directive for the Greens, told The Parliament Magazine that it is now “even more important and urgent that we conclude the planned EU data protection directive for police and justice. Only with common standards on the exchange of information, especially on suspicious individuals, will we be able to improve security across the EU.”
He also implored, taking a jab at Voss, politicians to take their jobs seriously in these matters of security and “not make this a symbolic party political fight.”
Similarly, EU Commissioner Vera Jourová said in a press conference Friday the Law Enforcement Directive is one of the four pillars needed to respond to terrorist violence, alongside funding to avoid radicalization, an expansion of the European Criminal Record Information System (ECRIS) and fast-traced implementation of the recently passed Anti-Money Laundering Directive. “To increase the cooperation between law enforcement authorities,” she said, “we need to finalize the Data Protection Directive for Police and Criminal Justice Authorities. This directive will ensure the free flow of personal data necessary to investigate and prevent terrorism based on common rules for the protection of personal data.”
No other parties to the trilogue negotiations seem to be in agreement with Voss that the trilogue timeline needs to be reassessed.
Nor is the Law Enforcement Directive the only privacy-related directive getting new attention. The long-debated Passenger Name Record (PNR) Directive was specifically highlighted in conclusions released after a meeting Friday of the Council of the EU and the Member States. Luxembourg Deputy Prime Minister Etienne Schneider spoke of the “urgency and importance” of passing the PNR Directive before the end of the year. “We have to negotiate,” she said, “an effective and operational directive which should include internal flights and a reasonable data retention period, and which should not be limited to crimes of a transnational nature. That is the negotiating mandate which was confirmed today by the Council.”
Final trilogue meetings on PNR are currently scheduled for December 2 and 15. These issues of internal flights being included and the length of the data retention period are likely to be the hot-buttons in the negotiations. The Council’s call for an “ambitious” EU PNR may indicate a renewed intractability on their part.
Finally, it is notable that the Council is calling specifically for “a targeted revision of the Schengen Borders Code,” and is looking for biometric data to be verified “as external borders of the Schengen area, making full use of technical solutions in order not to hamper the fluidity of movement.” This may also trigger privacy concerns in the EU.
If you want to comment on this post, you need to login.