Europol has been ordered by the European Data Protection Supervisor (EDPS) to remove any information related to people with no link to crime.
According to Security Week, the EDPS – the European Union’s data protection watchdog – notified Europol of the order on January 3 this year following an inquiry that began in 2019.
The EDPS said that as a part of the investigation, it reprimanded Eurpol two years ago due to continued storage of large volumes of such data ‘which poses a risk to individuals fundamental rights’.
Since then, it was found that Europol had introduced some measures but had not fully compiled with the requests to establish an appropriate data retention period – meaning Europol was keeping the data for longer than necessary.
The EDPS noted it imposed a six-month period for the assessment of new datasets and determine whether the information can be kept. It has given Europol a 12-month delay in order to comply with the decision for data it received before January 4 this year.
EDPS supervisor Wojciech Wiewiórowski said, “A 6-month period for pre-analysis and filtering of large datasets should enable Europol to meet the operational demands of EU Member States relying on Europol for technical and analytical support, while minimizing the risks to individuals’ rights and freedoms.”
Copyright © 2022 RegTech Analyst
Copyright © 2018 RegTech Analyst