Regulation 2016/794 - Europol

1.

Summary of Legislation

2.

European Union Agency for Law Enforcement Cooperation (Europol)

SUMMARY OF:

Regulation (EU) 2016/794 on the European Union Agency for Law Enforcement Cooperation (Europol)

WHAT IS THE AIM OF THE REGULATION?

KEY POINTS

Objectives

Europol’s objectives are to support and strengthen:

  • action by law enforcement authorities in the European Union (EU) Member States;
  • mutual cooperation among Member States in preventing and combating terrorism, serious crime affecting two or more Member States and forms of crime that affect a common interest covered by EU policy.

Tasks

The regulation sets out a number of specific tasks in order to meet those objectives, including:

  • collecting, storing, processing, analysing and sharing information including criminal intelligence;
  • notifying Member States, via Europol national units, of any information and connection between criminal offences concerning them;
  • coordinating, organising and implementing investigative and operational actions to support and strengthen actions by Member States’ authorities;
  • preparing threat assessments, strategic and operational analyses and general situation reports;
  • participating in joint investigation teams;
  • developing EU centres of specialised expertise for combating certain types of crime, for example the European Cybercrime Centre;
  • supporting Member States in combating crime enabled, promoted or committed using the internet.

Scrutiny

Europol’s powers are accompanied by data protection safeguards, democratic oversight and accountability mechanisms to ensure that the agency’s activities and tasks are carried out in full compliance with fundamental rights and freedoms, as enshrined in the Charter of Fundamental Rights.

  • The European Data Protection Supervisor (EDPS) supervises Europol’s processing of personal data and there is a clear procedure for citizens to address requests under EU law.
  • Europol’s work is overseen by a Joint Parliamentary Scrutiny Group, with members from both the European Parliament and national parliaments.

Amending Regulation (EU) 2022/991

The amending regulation:

  • strengthens Europol’s operational capacity for cooperation with private parties (rules on exchanging personal data with private parties and analysing these data);
  • allows Europol to share personal data with certain private parties to prevent the dissemination of:
    • online content related to terrorism or violent extremism in crisis situations, and
    • online child sexual abuse material;
  • sets out rules on analysing big data (datasets that are too large or complex to be dealt with by traditional data-processing application software) in line with Europol’s operational needs and in compliance with fundamental rights, including a new legal basis for Europol to process big data in support of an ongoing criminal investigation;
  • reinforces Europol’s external supervision by the EDPS and Europol’s internal supervision by its data protection function, and introduces the new role of fundamental rights officer;
  • gives Europol new powers:
    • to propose the initiation of a criminal investigation in a Member State for crimes affecting a common interest covered by an EU policy, without the requirement of a cross-border dimension of the crime concerned – however, the Member State in question is not required to inform Europol if it decides not to take up the proposal,
    • to propose that Member States enter information alerts into the Schengen information system;
  • enhances cooperation with the European Public Prosecutor’s Office (EPPO) by introducing a hit / no-hit system that enables the EPPO to have indirect access to Europol data relating to offences within the EPPO’s mandate;
  • in relation to research and innovation, introduces rules on using emerging technologies, exploring new approaches and developing common technological solutions – including with regard to the development, training, testing and validation of algorithms;
  • in relation to the data protection framework applicable to Europol, incorporates into the regulation the relevant rules in Regulation (EU) 2018/1725 (see summary) on the protection of natural persons with regard to the processing of operational personal data;
  • increases parliamentary oversight and accountability with the participation, as observers, of two members of the Joint Parliamentary Scrutiny Group in Europol Management Board meetings to discuss non-operational matters, and enhances Europol reporting obligations;
  • offers Europol the possibility to transfer personal data to non-EU countries in specific and duly justified situations and where appropriate safeguards exist.

EDPS legal action, September 2022

In September 2022, the EDPS requested that the Court of Justice of the European Union annul Articles 74a and 74b of the Europol regulation (Regulation (EU) 2016/794, as newly amended by Regulation (EU) 2022/991), which clarify that the new rules set by the co-legislators for the processing of big data apply to all data that Europol held legally at the moment of application of the amending regulation (i.e. 28 June).

These articles remain valid until a decision has been made by the Court of Justice.

Repeal

The regulation repeals and replaces the former Europol decision, Decision 2009/371/JHA.

FROM WHEN DOES THE REGULATION APPLY?

It has applied since 1 May 2017, except for some rules which have applied since 13 June 2016:

  • legal agreements and contracts concluded under Decision 2009/371/EU – Article 71,
  • transitional arrangements concerning the management board) – Article 72 and
  • transitional arrangements concerning staff – Article 73.

Changes introduced by amending Regulation (EU) 2022/991 have applied since 28 June 2022.

BACKGROUND

For further information, see:

MAIN DOCUMENT

Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA (OJ L 135, 24.5.2016, pp. 53–114).

Successive amendments to Regulation (EU) 2016/794 have been incorporated into the original text. This consolidated version is of documentary value only.

RELATED DOCUMENTS

Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, pp. 39–98).

Council Regulation (EU) 2017/1939 of 12 October 2017 implementing enhanced cooperation on the establishment of the European Public Prosecutor’s Office (‘the EPPO’) (OJ L 283, 31.10.2017, pp. 1–71).

See consolidated version.

Council Framework Decision 2002/465/JHA of 13 June 2002 on joint investigation teams (OJ L 162, 20.6.2002, pp. 1–3).

last update 18.01.2023

This summary has been adopted from EUR-Lex.

3.

Legislative text

Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA