Protection of personal data at the European Unions Judicial Cooperation Unit Eurojust - PowerPoint PPT Presentation


PPT – Protection of personal data at the European Unions Judicial Cooperation Unit Eurojust PowerPoint presentation | free to view - id: 147d7b-OGQzO


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation

Protection of personal data at the European Unions Judicial Cooperation Unit Eurojust


European Arrest Warrant. Observation of Time Limits. Identifying Blockages. Resolving competing warrants. Special Areas. Drugs Trafficking. Trafficking in Human Beings ... – PowerPoint PPT presentation

Number of Views:66
Avg rating:3.0/5.0
Slides: 21
Provided by: Broug6


Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Protection of personal data at the European Unions Judicial Cooperation Unit Eurojust

Protection of personal data at the European
Unions Judicial Cooperation Unit (Eurojust)
  • Diana Alonso Blas, LL.M.
  • Data Protection Officer
  • October 2008

Topics covered
  • What is Eurojust
  • DP rules at Eurojust
  • The EJ case management system (CMS)
  • DP requirements to set up agreements with third
  • Work of the DPO at EJ
  • Q and A

  • What Is Eurojust?Eurojust is a new European
    Union body established in 2002 to enhance the
    effectiveness of the competent authorities within
    Member States when they are dealing with the
    investigation and prosecution of serious
    cross-border and organised crime.What Is
    Eurojust Doing? Eurojust stimulates and improves
    the co-ordination of investigations and
    prosecutions between competent authorities in the
    Member States. Eurojust improves co-operation
    between the competent authorities of the Member
    States, in particular by facilitating the
    execution of international mutual legal
    assistance and the implementation of extradition
    requests. Eurojust supports the competent
    authorities of the Member States in order to
    render their investigations and prosecutions more
    effective when dealing with cross border crime.

Who is who in Eurojust?
  • The College of Eurojust is now composed of 27
    National Members, one nominated by each EU Member
    State. The national members are senior,
    experienced prosecutors or judges some national
    members are supported by Deputies and Assistants.
  • The College is supported by an administrative
    team, led by the Administrative Director.

DP rules applicable to Eurojust
  • Eurojust decision contains detailed provisions on
    data protection (articles 13-27)
  • Revised Eurojust Decision being presently
    finalised in Brussels
  • Rules of procedure on data protection (Council
    24/2/2005) Provisional application from 21/10/04.
  • Additional rules defining some specific aspects
    of the application of the rules on the processing
    and protection of personal data at Eurojust to
    non-case-related operations (June 2006)
  • Other European instruments apply as well
  • Treaty of the EU (article 6)
  • ECHR (article 8)
  • CoE convention 108 (benchmark for Eurojust)
  • Charter EU (articles 7 and 8)

The Case Management Systemat Eurojust and the
protection of personal data
The Case Management System
  • Background
  • Eurojust Decision Art. 14 24
  • Eurojust Decision Art.14 16
  • Index Temporary Work Files
  • Cross-referencing of information (Art.16.1,a)
  • Data Protection (Art. 14 and following EJ
    Decision and article 23 of the DP rules)
  • General Aims
  • Support Casework
  • Enable overview and cross-reference
  • Data Protection Tool

Specific Areas
  • Terrorism
  • Casework
  • Council Decision
  • European Arrest Warrant
  • Observation of Time Limits
  • Identifying Blockages
  • Resolving competing warrants
  • Special Areas
  • Drugs Trafficking
  • Trafficking in Human Beings

Current Version
  • Operational since 15 October 2004
  • Normal level of operational problems
  • Moved to secure network on 16.2.2005
  • Takes into account the data protection
    requirements of the Eurojust Decision and the
    rules of procedure on DP adopted unanimously by
    the College of Eurojust on the 21st October 2004
    and by the Council in Brussels on 24th February

Data Protection features arising from the DP
rules of procedure
  • Data subjects rights management, ensuring
    appropriate procedure and consultation
  • Procedure for the exceptional registration of
    sensitive data, ensuring appropriate procedure
  • Restrictions concerning personal data to be
    included in the index (preventive approach)
  • Accuracy of data ensuring mutual information
    when information is modified
  • Choice on the position of personal data record by
    record (TWF-private or shared part, index)

Data Protection features arising from the DP
rules of procedure II
  • Log file review possibility by DPO
  • Monitoring of respect of data time limits
  • Automatic notifications to the DPO
  • Processing of sensitive data
  • Incoming data subjects rights requests
  • Creation of new TWFs
  • Provision of data to third parties (in the
  • Reviews on personal data time limits

DP requirements to set up agreements with third
  • Only one type of agreements
  • Use of model agreement
  • Article 27 exchange of info with partners
  • Possibility to sign agreements including
    provisions on DP., approved by Council after
    consultation of JSB
  • EJ Decision and RoP refer to 3 conditions
  • the ratification of CoE convention 108
  • the ratification subsequent amendments to this
    convention (Additional protocol on transborder
    data flows and existence of an independent data
    protection authority)
  • the principle of adequate protection in the
    third country

State of play third countries/parties agreements
  • Procedure Team-College-JSB-Council (different
    from Europol)
  • Europol secure connection
  • Norway liaison magistrate review
  • Iceland
  • (Romania)
  • USA liaison magistrate
  • OLAF agreement on arrangements signed on 24/9/08

Being negotiated/talks ongoing
  • Croatia signed but not entered into force yet
  • Switzerland negotiations concluded internal
    procedure in Switzerland ongoing
  • Former Yugoslav Republic of Macedonia
    negotiations concluded final checks on
    compliance with requirements
  • Ongoing discussions
  • Russian Federation
  • Ukraine
  • IBERred (MoU)
  • ICC (MoU)
  • Discussions planned to start with Montenegro,
    Moldova, Cape Verde and Liechtenstein

System of supervision
  • Internal control DPO (article 17 EJ Decision).
    Especially appointed member of the staff under
    responsibility of College. Independence.
  • Tasks ensuring compliance and lawfulness in
    independent manner, records of transmission under
    security conditions (art. 22), ensuring
    information to data subjects
  • Access to all data and all premises
  • Procedure in case of non-compliance
  • External control Joint Supervisory Body (art.
    23) Full access to all files where personal data
    are processed. Members are judges or equal level
    of independence. JSB monitors the correct
    application of the rules.

General approach to DP 4 areas of work for DPO EJ
  • Development of legislative framework
  • Privacy-compliant/enhancing technological
  • Awareness
  • Enforcement/ compliance monitoring
  • Simultaneous work

Balance of work done
  • Structure is in place including all
    administrative requirements and main procedures
    (procedure for individuals to exercise rights,
    notifications, registers and so forth)
  • Emphasis has been put on first area
  • drafting of DP rules of procedure (approved
    unanimously by College EJ October 2004 and
    Council February 2005)
  • Additional DP rules for non-case-related
    operations (June 2006)
  • Security rules (June 2006 definitive adoption in
    June 2007)
  • Involvement in third country-agreements Norway,
    (Romania), Iceland, USA, OLAF More being
  • Input given in discussion review EJ Decision

Balance of work done II
  • Close involvement in technological issues
    development of Case Management System fully
    compliant with rules (parallel development
    including automatic compliance with some rules)
    and involved in secure network developments. Part
    of security committee advising on most technical
  • Awareness as key-issue full information on the
    Intranet, induction session for newcomers,
    additional sessions for certain groups, sessions
    with administration involvement in College
    teams, advice on specific issues (on request or

Balance of work done III
  • Compliance/monitoring present priority.
  • In the first years ad hoc checks in CMS but now
    weekly checks with reports produced
  • Pilot checks previous to 1st JSB inspection in
    2005, full annual survey in 2006, 2007 and 2008
  • Regular reviews and meetings with persons
    responsible for main processing operations within
  • Several data subject rights requests and
    enquiries dealt with. Procedures fully in place

Thanks for your attention!
  • Questions? Comments?
  • Diana ALONSO BLAS, LL.M.
  • Data Protection Officer
  • Eurojust
  • Maanweg 174
  • NL-2516 AB The Hague
  • Tel 31 70 412 5510
  • Fax 31 70 412 5505