Explanatory Memorandum to COM(2021)177 - Authorisation of the opening of negotiations for a cooperation agreement with the International Criminal Police Organisation (ICPO-INTERPOL)

Please note

This page contains a limited version of this dossier in the EU Monitor.

dossier COM(2021)177 - Authorisation of the opening of negotiations for a cooperation agreement with the International Criminal Police Organisation ...
source COM(2021)177 EN
date 14-04-2021


1. CONTEXTOFTHE RECOMMENDATION

Terrorism and serious and organised crime are now increasingly dynamic, globalised, and complex phenomena that require a robust and coordinated response by the European Union’s law enforcement authorities. In addition, terrorism and serious crime are becoming increasingly mobile, transnational and cross-border phenomena. This requires engaging in deeper and more effective cooperation with international bodies, such as Interpol, that can provide a bridge between the EU and international law enforcement communities.

Context of the current EU-Interpol cooperation

The International Criminal Police Organisation (Interpol)1 is the largest global criminal police inter-governmental organisation, with 194 member countries. It facilitates law enforcement cooperation, for example by enabling the sharing of and access to law enforcement-related data. Interpol has multiple cooperation agreements with a range of international organisations, in areas of mutual interest. All EU Member States are members of Interpol.

Since the adoption of its first Rules of Processing of Police Information in 1983, Interpol has updated its procedures over the years under the principle that respect for the privacy of individuals is core to information sharing in the context of law enforcement. Interpol’s current rules on processing personal data were recently updated in 2019.2

The EU and Interpol already have long-standing and deep cooperation in a range of law enforcement-related areas. Interpol is a key partner for the EU in the field of internal and external security, including countering terrorism and organised crime, as well as in integrated border management.

For instance, Council Common Position 2005/69/JHA3 calls on Member States to take the measures necessary to improve cooperation between their competent law enforcement authorities and between them and such authorities in third countries by exchanging passport data4 with Interpol in order to prevent and combat serious and organised crime, including terrorism.

Interpol also participates actively in the operational implementation of the EU policy cycle/EMPACT5 by supporting the operational actions of the Member States in cooperation with EU Justice and Home Affairs Agencies6, which work closely with Interpol based on a

Constitution of the ICPO-Interpol [I/CONS/GA/1956 (2017)]. Interpol’s Rules on the Processing of Data [III/IRPD/GA/2011 (2019)].

Council Common Position 2005/69/JHA of 24 January 2005 on exchanging certain data with Interpol, OJ L 27, 29.1.2005, p. 61.

Data on issued and blank passports that are stolen, lost or misappropriated and formatted for integration in a specific information system. Passport data entered in the Interpol database will consist only of the passport number, country of issuance and document type [Article 2(1) of Council Common Position 2005/69/JHA]. The multi-annual EU policy cycle aims to tackle the most important threats posed by organised and serious international crime to the EU in a coherent and methodological manner by improving and strengthening cooperation between the relevant services of the Member States, EU institutions and EU agencies as well as third countries and organisations, including the private sector where relevant.

Justice and Home Affairs Agencies are EU agencies established on the basis of Title V Area of freedom, security and justice of the TFEU. The European Union Agency for Law Enforcement Cooperation (Europol), the European Border and Coast Guard Agency (Frontex), the European Union Agency for Criminal Justice Cooperation (Eurojust), the European Monitoring Centre for Drugs and Drug Addiction (EMCDDA), the European Union Agency for Law Enforcement Training (CEPOL) and the European

4

5

6

number of agreements or arrangements7. When the European Public Prosecutor’s Office (the EPPO)8 was set up in 2017, a further EU body was created in the area of cross-border investigation and prosecution. Cooperation between the EPPO and Interpol needs to be set up and regulated, as the EPPO is due to become operational shortly.

Lastly, the EU is one of the largest donor of funds to Interpol. These funds are allocated to projects implemented by Interpol, or where Interpol is a project partner. In particular they are for information exchange, law enforcement, including border management cooperation and capacity building activities, and projects and programmes targeting a range of terrorism and serious crime areas, with a regional focus mostly on Africa, Asia and Latin America.

The need for a cooperation agreement between the EU and Interpol

The 2020 EU Security Union strategy9 calls on the Member States to step up cooperation between the EU and Interpol, as essential to enhance cooperation and information exchange. The strategy recognises that Interpol, one of the largest inter-governmental criminal police organisations, has an important role to play in this respect. The Commission will therefore look at ways to step up cooperation with Interpol, including possible access to Interpol databases and strengthening operational and strategic cooperation. Furthermore, the 2020 EU Counter Terrorism Agenda10 acknowledges that Interpol is a key partner on counterterrorism, for example due to their expertise in foreign terrorist fighters, that there are areas where cooperation should be set up or increased, and that several EU bodies are faced with the operational need to have access to Interpol databases to perform their tasks.

Despite existing cooperation with Interpol, there are areas where cooperation could and should be stepped up or even set up in new areas to address a series of indispensable operational needs and to implement existing legal acts, the aim being to better support Member States in preventing and combating terrorism and organised crime. These operational needs require concluding a cooperation agreement with Interpol.

The following paragraphs specify these needs in detail.

First there is a need for a new cooperation agreement between the European Union Agency for Law Enforcement Cooperation (Europol11) and Interpol. Europol already has a cooperation agreement with Interpol that provides for the exchange of personal data,

Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom,

Security and Justice (eu-LISA) are JHA agencies.

Contents

1.

The cooperation agreement between Interpol and Europol was signed on 05-11-2001. The memorandum of


understanding on cooperation between Eurojust and Interpol was signed on 15-07-2013. The working

arrangement between Interpol and Frontex was signed on 27-05-2009. The working arrangement between

CEPOL and the General Secretariat of Interpol was signed on 06-12-2017. The cooperation agreement

between Interpol and EMCDDA was signed on 25-09-2001.

2.

Council Regulation (EU) 2017/1939 of 12 October 2017 implementing enhanced cooperation on the


establishment of the European Public Prosecutor’s Office (‘the EPPO’), OJ L283, 31.10.2017, p.1.

3.

Communication from the Commission to the European Parliament, the European Council, the Council, the


European Economic and social Committee and the Committee of the Regions on the EU Security Union

Strategy, Brussels, 24.7.2020, COM(2020) 605 final.

4.

Communication from the Commission to the European Parliament, the European Council, the Council, the


European Economic and Social Committee and the Committee of the Regions. A Counter-Terrorism

Agenda for the EU: Anticipate, Prevent, Protect, Respond. Brussels, 9.12.2020 COM(2020) 795 final.

5.

Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 on the European


Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions

2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA. OJ L 135, 24.5.2016, p.

53.

8

9

10


concluded in 200112, well before the Europol Regulation came into force on 1 May 2017. However, this agreement does not give direct or indirect access by Europol to information and Interpol’s databases, in particular its Notices containing information on terrorists.13 In addition, the Agency only exchanges information with Interpol and accesses Interpol’s databases for the performance of the Agency’s tasks through Interpol’s Liaison Officer at Europol or the Agency’s Liaison Officer at Interpol. A new agreement14 governing relations between the Agency and Interpol is therefore needed both to take into account the latest developments in combating terrorism and cross-border and transnational serious organised crime and to manage present-day operational needs, Europol’s mandate15, and the EU’s latest data protection regime16.

Second, there is a need to ensure interoperability. The EU and Interpol have held exploratory talks on the need to enter into a cooperation agreement following the adoption of regulations17 on interoperability between EU information systems in the fields of borders and

12

13

14

The agreement was supplemented later by several cooperation-related documents agreed or concluded between the organisations, for instance on cooperation through Liaison Officers and the establishment, implementation and operation of a secure communication line for the exchange of information.

Interpol Notices are international requests for cooperation or alerts allowing law enforcement to share critical crime-related information, including information on terrorism. Notices include warnings about persons’ criminal activities -where these people are considered to be a potential threat to public safety-, warnings of events, people, objects or processes representing a serious and imminent threat to public safety, as well as information on modus operandi, objects, devices and concealment methods used by criminals. Article 25 of the Europol regulation provides that the Commission must assess the provisions contained in cooperation agreements concluded before the entry into force of the Europol regulation, such as the agreement with Interpol. The Commission must inform the European Parliament and the Council about the outcome of that assessment, and may, if appropriate, submit to the Council a recommendation for a decision authorising the opening of negotiations to conclude international agreements pursuant to Article 218 TFEU, adducing adequate safeguards with respect to the protection of privacy and fundamental rights and freedoms of individuals.

Since the conclusion of the cooperation agreement between Europol and Interpol, Europol’s mandate has changed twice, in 2009 and then in 2017 (Council Decision 2009/371/JHA, Regulation (EU) 2016/794). On 9 December 2020 the Commission proposed extending the mandate for Europol [Brussels, 09.12.2020, COM(2020) 796 final].

Since the entry into force of the 2001 cooperation agreement between Europol and Interpol, the EU data protection regime has significantly changed. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, OJ L 119, 4.5.2016, p.

1), Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39), Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA (OJ L 119, 4.5.2016, p. 89) (Data Protection Law Enforcement Directive). It should be also noted that data protection provisions in Europol’s mandate have been updated since the entry into force of the 2001 cooperation agreement between Europol and Interpol.

Regulation (EU) 2019/817 of the European Parliament and of the Council of 20 May 2019 on establishing a framework for interoperability between EU information systems in the field of borders and visa and amending Regulations (EC) No 767/2008, (EU) 2016/399, (EU) 2017/2226, (EU) 2018/1240, (EU) 2018/1726 and (EU) 2018/1861 of the European Parliament and of the Council and Council Decisions 2004/512/EC and 2008/633/JHA (OJ L 135, 22.5.2019, p. 27) and Regulation (EU) 2019/818 of the European Parliament and of the Council of 20 May 2019 on establishing a framework for interoperability between EU information systems in the field of police and judicial cooperation, asylum and migration and amending Regulations (EU) 2018/1726, (EU) 2018/1862 and (EU) 2019/816 (OJ L 135, 22.5.2019, p. 85).

5

6

7

visa and of police and judicial cooperation, asylum and migration, and the Regulation on the European Travel Information Authorisation System (ETIAS)18.

The interoperability and European Travel Information Authorisation System Regulations provide controlled access to two Interpol databases19 by an EU Member State or an EU agency, via the European Search Portal (ESP). The two Interpol databases are the Stolen and Lost Travel Documents (SLTD) and the Travel Documents Associated with Notices (TDAWN) databases. These databases contain a large volume of data on third-country nationals’ travel documents. Using the databases can minimise information gaps, maximise positive matches and subsequently improve the operational results of the European Travel Information Authorisation System.

The above two regulations state that queries of Interpol databases must be carried out in a way that no information is revealed to the owner of the Interpol alert. A cooperation agreement with Interpol will provide the required legal basis, including data protection safeguards and guarantees, and authorising the European Search Portal to connect with Interpol databases. A cooperation agreement will also provide scope to establish a secure connection of the European Search Portal and the European Travel Information Authorisation System with Interpol’s IT infrastructure, enabling access to Interpol’s databases. The aim is to help prevent and investigate terrorist offences.

In the same context, the Commission issued a proposal20 in 2018 to revise the Visa Information System Regulation21, which – similarly to the European Travel Information Authorisation System – will authorise automated queries of EU systems for border management and security, and of Interpol databases. In December 2020 the European Parliament and the Council reached a political agreement on this proposal; the formal adoption will follow in the coming months. The political agreement includes a similar provision as the provision contained in the European Travel Information Authorisation System Regulation. The revision of the Visa Information System regulation should therefore also be taken into account in the negotiations with Interpol for the conclusion of a cooperation agreement. This will also help prevent and investigate terrorist offences.

Third, law enforcement and judicial authorities need up-to-date information on criminals and crimes. Interpol manages a wide range of databases containing this information at a global scale, contributed by Interpol’s 194 member countries. Interpol’s 18 databases22

19

6.

20 21


Regulation (EU) 2018/1240 of the European Parliament and of the Council of 12 September 2018

establishing a European Travel Information and Authorisation System (ETIAS) and amending Regulations

(EU) No 1077/2011, (EU) No 515/2014, (EU) 2016/399, (EU) 2016/1624 and (EU) 2017/2226 (OJ L 236,

19.9.2018, p.

1).

In the context of interoperability and ETIAS Regulations [Article 4(17) of Regulations (EU) 2019/817 and

(EU) 2019/818 and Article 12 of Regulation (EU) 2018/1240], ‘Interpol Databases’ means only the

7.

Interpol Stolen and Lost Travel Document database (SLTD database) and the Interpol Travel Documents


Associated with Notices database (TDAWN database).

COM (2018) 302 final, 16.5.2018.

8.

Regulation (EC) No 767/2008 of the European Parliament and of the Council of 9 July 2008 concerning the


Visa Information System (VIS) and the exchange of data between Member States on short-stay visas (VIS

Regulation), OJ L 218, 13.8.2008, p. 60.

9.

Notices (details are stored in Interpol Criminal Information System-ICIS); Nominal data; International


Child Sexual Exploitation image database; Fingerprints, DNA profiling and Face Recognition; Stolen and

Lost Travel Documents (SLTD); Stolen Administrative Documents (SAD); Counterfeit documents; Edison;

Stolen Motor Vehicles (SMV), Vessels and Works of Art (WOA), Interpol Firearms Reference Table,

10.

Interpol illicit Arms Records and tracing Management System (iARMS), Interpol Ballistic Information


Network (IBIN), Organized crime networks and Maritime Piracy.

8

22

contain over 100 million law enforcement records with information on individuals such as names and fingerprints, stolen property such as passports and vehicles, weapons and firearms.

This information is valuable for Europol, Frontex23, Eurojust and the EPPO to carry out their tasks in line with their mandates. It increases their effectiveness by providing operational added value, especially when supporting Member States in detecting, preventing and combating terrorism and other serious crimes. These sources of information enable the agencies and the EPPO to improve the accuracy and quality of information already available to them, to identify connections or other links between information, to close information gaps and thus to provide holistic and unified intelligence to the Member States. However, although the databases are directly accessible by EU Member States as member countries of Interpol, Frontex, Eurojust and the EPPO currently do not have access in line with their mandates (either direct access or on a hit/no-hit basis), due to the lack of an agreement with Interpol24.

Agency-specific issues are detailed below.

Europol

The Agency currently exchanges information with Interpol and accesses Interpol databases to carry out its tasks via Interpol’s Liaison Officer at Europol or the Agency’s Liaison Officer at Interpol, as part of the cooperation agreement in force between Europol and Interpol25. However, practice has shown that this procedure should be improved, accelerated and streamlined to facilitate swift access to this information, especially information in Interpol databases related to countering terrorism, notably its Notices containing information on terrorists. This would allow the operational support provided by Europol to the Member States – especially its analytical capability – to draw on information held by Interpol. Access to Interpol databases, either direct or indirect, would therefore improve operational cooperation, whilst duly taking into account of the restrictions imposed by the data owners.

Frontex

Frontex has the mandate to ensure integrated border management at the EU’s external borders, with a view to managing those borders efficiently and in full compliance with fundamental rights26. One of the components of the European integrated border management border control includes measures to facilitate legitimate border crossings and, where appropriate, measures related to preventing and detecting cross-border crime at external borders, in particular terrorism, migrant smuggling and trafficking in human beings27. In this context, there is an operational need for category 1 staff (statutory staff28) of the Frontex

23

24

25

11.

26 27 28


Frontex refers to the European Border and Coast Guard Agency. Regulation (EU) 2019/1896 of the European Parliament and of the Council of 13 November 2019 on the European Border and Coast Guard and repealing Regulations (EU) No 1052/2013 and (EU) 2016/1624 (OJ L 295, 14.11.2019, p. 1–131). According to Articles 6(2) and 27 of Interpol’s Rules on the Processing of Data [III/IRPD/GA/2011 (2019)], for international entities to access Interpol’s information system there is a need for an agreement with Interpol.

Article 3 of the 2009 Memorandum of Understanding as mentioned in Article 4(1) of the 2001 Agreement between Interpol and Europol foresees that the Liaison Officer to the other party is responsible for facilitating the practical exchange of information. Article 1 of Regulation (EU) 2019/1896. Article 3(1)(a) of Regulation (EU) 2019/1896.

According to Article 54 of Regulation (EU) 2019/1896, the European Border and Coast Guard standing corps must be composed of four categories of operational staff. Category 1 includes statutory staff deployed as members of the teams in operational areas in accordance with Article 55 of this Regulation. The Agency must contribute members of its statutory staff (category 1) to the standing corps to be deployed in operational areas as members of the teams with the tasks and powers provided for in Article 82 of this Regulation. Their tasks include countering cross-border crime and terrorism.

standing corps to access Interpol databases to perform their tasks. More specifically, Article 82(1) of Regulation (EU) 2019/1896 provides that the members of category 1 teams must have the authority to perform tasks and exercise powers for border control29 provided for in Regulation (EU) 2016/39930 (Schengen Borders Code). This includes checking third-country nationals against Interpol databases (in particular the Stolen and Lost Travel Documents database) at the external borders, under Article 8(3), subparagraph (a), point (i)31, 8(3), subparagraph (a), point (ii)32 and 6(1), point (e)33 of the Schengen Borders Code. This will help prevent and investigate terrorist offences, especially in border checks at the external EU borders.

Eurojust

The Agency has an essential operational need to step up cooperation with Interpol34 and acquire the legal basis to exchange personal data in order to perform its tasks35. More specifically, there is a need for structured and structural involvement of Interpol in Eurojust cases, including coordination meetings, coordination centres and joint investigation teams36. Especially when Eurojust’s support is sought to coordinate the implementation of judicial measures and individuals have to be arrested in third countries, the involvement of Interpol would bring added value, speed up the judicial process and facilitate the work of Eurojust37.

29

30

35

12.

Under Article 8(1) of Regulation (EU) 2016/399, cross-border movements at external borders must be


subject to checks by border guards. The checks may also cover the means of transport and objects in the

possession of the persons crossing the border.

13.

Regulation (EU) 2016/399 of the European Parliament and of the Council of 9 March 2016 on a Union


Code on the rules governing the movement of persons across borders (Schengen Borders Code), OJ L 77,

23.3.2016, p. 1–52, consolidated version, as amended by Regulations (EU) 2016/1624, (EU) 2017/458 and

(EU) 2019/817.

14.

On entry and exit, third-country nationals must be subject to thorough checks, which includes verifying the


identity and the nationality of the third-country national and of the authenticity and validity of the travel

document for crossing the border. This involves consulting the relevant databases, in particular (but not

only) Interpol’s SLTD database.

15.

The above check includes verifying that the travel document is accompanied, where applicable, by the


requisite visa or residence permit.

16.

The entry conditions of the third-country nationals include that they are not considered to be a threat to


public policy, internal security, public health or the international relations of any of the Member States, in

particular where no alert has been issued in Member States’ national databases for the purposes of refusing

entry on the same grounds.

17.

Recital (46) of Regulation (EU) 2018/1727 provides that it is appropriate to strengthen cooperation between


the EU and Interpol by promoting an efficient exchange of personal data while ensuring respect for

fundamental rights and freedoms regarding the automatic processing of personal data. Where operational

personal data are transferred from Eurojust to Interpol, and to countries that have delegated members to

Interpol, Regulation (EU) 2018/1727, in particular the provisions on international transfers, should apply.

18.

Under Article 2(1), (3) of Regulation (EU) 2018/1727, Eurojust must support and strengthen coordination


and cooperation between national investigating and prosecuting authorities in relation to serious crime

which Eurojust is competent to deal with, where that crime affects two or more Member States, or requires

prosecution on common bases, on the basis of operations conducted and information supplied by the

Member States’ authorities, by Europol, by the EPPO and by OLAF. Eurojust must carry out its tasks at the

19.

request of the competent authorities of the Member States, on its own initiative or at the request of the


EPPO, within the scope of the EPPO’s competence.

20.

Under Article 4(1) of Regulation (EU) 2018/1727, Eurojust must assist the competent authorities of the


Member States in ensuring the best possible coordination of investigations and prosecutions, provide

operational and technical support to Member State cross-border operations and investigations, including to

joint investigation teams, and support Member State action in combating forms of serious crime for which

the Agency is competent.

21.

According to Article 2(2), subparagraph (b) of Regulation (EU) 2018/1727, Eurojust must facilitate the


execution of requests for, and decisions on, judicial cooperation, including requests and decisions based on

instruments that give effect to the principle of mutual recognition.

3

32

33

34

36

37

There is also a need for Eurojust to exchange information with Interpol on suspected foreign terrorist fighters38, in particular taking into account the Counter Terrorism Register39 at Eurojust. Interpol channels are already used to transmit extradition requests40 and may soon be available for transmitting requests for mutual legal assistance41.

EPPO

The EPPO is an independent EU body responsible for investigating, prosecuting and bringing to judgment the perpetrators of, and accomplices to, criminal offences affecting the financial interests of the EU. It has the authority to undertake investigations, implement prosecution orders and exercise the functions of prosecutor in the competent courts of the Member States. In this context, the operational needs of the EPPO in terms of cooperation with Interpol are the same as those of any national investigatory and prosecutorial authorities in the Member States, which includes access to information held in Interpol databases42 and exchanging information with Interpol and third countries via Interpol. This need has become even greater, given the cross-border nature of crimes for which the EPPO is competent and the need to cooperate with third countries. Moreover, the EPPO is expected to require the assistance of Interpol to facilitate information exchange, especially in relation to mutual legal assistance. Cooperation between the EPPO and Interpol has yet to be set up and regulated, in line with the provisions of EPPO’s mandate on cooperation with international organisations, in so far as necessary for it to carry out its tasks43.

38

42

43

Foreign Terrorist Fighters (FTFs) are defined as ‘individuals who travel to a State other than their State of residence or nationality for the purpose of the perpetration, planning or preparation of, or participation in, terrorist acts or the providing or receiving of terrorist training, including in connection with armed conflict’ [United Nations Security Council Resolution 2178(2014)].

The Counter-Terrorism Register (CTR) was launched in 2019 at Eurojust to reinforce the judicial response in Member States to terrorist threats and to improve security for citizens. The CTR centralises key judicial information to establish links in proceedings against suspects of terrorist offences. The CTR is managed by Eurojust in The Hague on a 24-hour basis and provides proactive support to national judicial authorities. This centralised information will help prosecutors to coordinate more actively and to identify the suspects or networks being investigated in specific cases with potential cross-border implications.

The General Assembly of Interpol adopted the legal instrument governing the use of the e-Extradition system (the e-Extradition Rules) at its 83rd session (Monaco, 3-7 November 2014, Resolution AG-2014-RES-20).

The e-MLA initiative aims to develop an Interpol tool for the secure electronic transmission of mutual legal assistance (MLA) exchanges. Resolution GA-2018-87-RES-04 (Dubai, United Arab Emirates, 18-21 November 2018) tasked the General Secretariat, in consultation with Interpol member countries, to report on the technical development of the e-MLA System and, to submit an appropriate set of rules governing the use of this new Interpol capability to the General Assembly for approval at a future session, should adequate funding be guaranteed.

For instance notices on individuals, which are especially relevant in corruption and fraud cases, the SLTD database, the Dial-Doc database, which shares new forms of document counterfeiting, the various databases on stolen property for investigative and asset recovery purposes.

Articles 99(3) and 104 of the EPPO Regulation (EU) 2017/1939 provide for cooperation between the EPPO and international organisations, such as Interpol, in so far as necessary for the performance of EPPO’s tasks. Recital (96) of the EPPO Regulation stipulates: ‘All Member States of the European Union are affiliated to the International Criminal Police Organisation (Interpol). To fulfil its mission, Interpol receives, stores and circulates personal data to assist competent authorities in preventing and combating international crime. It is therefore appropriate to strengthen cooperation between the Union and Interpol by promoting an efficient exchange of personal data whilst ensuring respect for fundamental rights and freedoms regarding the automatic processing of personal data. Where operational personal data are transferred from the EPPO to Interpol, and to countries that have delegated members to Interpol, this Regulation, in particular the provisions on international transfers, should apply.’ Moreover, according to recital (97) of the EPPO Regulation, ‘When the EPPO transfers operational personal data to an authority of a third country or to an international organisation or Interpol by virtue of an international agreement

39

40

4

The need for a cooperation agreement is also recognised and confirmed by Interpol and its members. The 88th Interpol General Assembly adopted in October 2019 Resolution 5, authorising Interpol’s General Secretariat to enter into negotiations with the EU to conclude a cooperation agreement.

Other forms of cooperation

In parallel, there is a need to cover other forms of cooperation with Interpol, which the Commission in cooperation with the High Representative for CFSP aspects will aim to maintain, on behalf of the EU, as part of a separate instrument with Interpol, based on Article 220 TFEU. This cooperation will be in line with Article 220(2) TFEU in terms of outlining the overall cooperation framework and setting up a framework for structured dialogue at senior and technical level, between the EU and Interpol. This cooperation will also provide the security services of the Commission, the European External Action Service, the Council and Parliament access to specific Interpol databases for background security checks, inquiries and internal investigations on third-country nationals, and authorising the Commission to enter and to issue controlled notifications of lost, stolen and revoked EU laissez-passers in Interpol’s Stolen and Lost Travel Documents database.

2. THEENVISAGEDCOOPERATIONAGREEMENT

The envisaged EU-Interpol cooperation agreement will pursue the following aims.

– Regulate cooperation between Europol and Interpol, taking into account the latest

developments in combating terrorism, cross-border and transnational serious, organised crime, the current operational needs, Europol’s mandate, and the EU’s latest data protection regime.

– Provide the safeguards and guarantees needed to give controlled access to Interpol’s

Stolen and Lost Travel Document (SLTD) and Travel Document Associated With Notices (TDAWN) databases via the European Search Portal, by EU Member States and EU agencies, as necessary to carry out their tasks, in line with their access rights, with EU or national law covering such access and in full compliance with EU data protection requirements and with fundamental rights.

– Provide the necessary safeguards and guarantees to enable EU Member States and

Frontex (its European Travel Information and Authorisation System Central Unit) to access Interpol databases via the European Search Portal in compliance with EU data protection requirements and with fundamental rights.

– Provide the necessary safeguards and guarantees to implement a revised Visa

Information System Regulation enabling EU Member States to access Interpol Stolen and Lost Travel Documents (SLTD) and the Travel Documents Associated with Notices (TDAWN) databases through the European Search Portal when examining applications for visas or residence permits, in full compliance with EU data protection requirements and with fundamental rights.

– Set up and regulate cooperation between the European Public Prosecutor’s Office

(‘the EPPO’), as established by Regulation (EU) 2017/1939 and Interpol, in line with

concluded pursuant to Article 218 TFEU, appropriate safeguards for the protection of privacy and the fundamental rights and freedoms of individuals should ensure that the data protection provisions of this Regulation are complied with.’

their mandates, and in full compliance with EU data protection requirements and with fundamental rights.

– Provide the legal basis to authorise Europol, Frontex category 1 staff (statutory staff

of the standing corps) and EPPO to access relevant Interpol databases44 to carry out their tasks, in full compliance with EU data protection requirements and with fundamental rights.

– Provide the legal basis to authorise Eurojust and EPPO to exchange operational

information with Interpol, in full compliance with EU data protection requirements and with fundamental rights.

All the aims listed above must fully comply with the EU data protection regime45.

3. EUCOMPETENCE

Article 3(2) TFEU provides that the EU has exclusive competence “for the conclusion of an international agreement ... in so far as its conclusion may affect common rules or alter their scope.” An international agreement may affect common rules or alter their scope where the area covered by the agreement overlaps with EU legislation or is covered to a large extent by EU law. The European Union has adopted common rules based on Articles 16, 77, 79, 85, 86, 87(1),(2) and 88 of the Treaty on the Functioning of the European Union on the aspects to cover in the cooperation agreement.

The current European Union legal framework includes:

– Regulations (EU) 2016/794, (EU) 2019/1896, (EU) 2018/1727, (EU) 2017/1939 on

Europol, Frontex, Eurojust and the EPPO, respectively, including provisions for cooperation with international organisations such as Interpol;

– Regulations (EU) 2019/817, (EU) 2019/818 and (EU) 2018/1240, which provide for

controlled access to Interpol Stolen and Lost Travel Documents and the Travel Documents Associated with Notices databases by an EU Member State or EU agency;

– Regulation (EU) 2017/458 amending Regulation (EU) 2016/399 (Schengen Borders

Code), aiming at increasing the checks against relevant databases at external borders includes Interpol Stolen and Lost Travel Documents as one of the databases to be consulted;

22.

This Recommendation is


4. LEGAL BASIS

consistent with the provisions of the above-mentioned legal acts.

The objective of this Recommendation is to obtain authorisation from the Council for the Commission to negotiate the future EU-Interpol cooperation agreement on behalf of the EU. The legal basis for the Council to authorise the opening of negotiations is Article 218(3) and i TFEU.

In addition to access to SLTD and TDAWN through ESP, the Interpol databases that the EU will negotiate with Interpol for Europol, Frontex, Eurojust and the EPPO to have access to, will be further specified in line with the respective mandates of those bodies and with their operational needs. Regulation (EU) 2018/1725, Regulation (EU) 2018/1725 and Directive (EU) 2016/680.

44

45

5. THE NEGOTIATIONS

In line with Article 218 TFEU, the Commission will be nominated as the EU negotiator for the cooperation agreement between the EU and Interpol.

The Commission will conduct the negotiations in line with the negotiating directives set out in the annex to the decision and in consultation with a special committee appointed by the Council.

The Commission will keep the European Parliament fully informed of the negotiations in a timely manner.

23.

Recommendation for a


COUNCIL DECISION

authorising the opening of negotiations for a cooperation agreement between the European Union and the International Criminal Police Organisation (ICPO-INTERPOL)

24.

THE COUNCIL OF THE EUROPEAN UNION


Having regard to the Treaty on the Functioning of the European Union (TFEU), and in particular Articles 218(3) and i thereof,

Having regard to the recommendation from the European Commission,

Whereas:

Negotiations should be opened with a view to concluding a cooperation agreement (‘the Agreement’) between the Union and Interpol. The agreement will aim to regulate cooperation between the Union and Interpol in the area of law enforcement in accordance with Articles 87 and 88 TFEU, judicial cooperation in criminal matters in accordance with Article 82, 85 and 86 TFEU, and in the area of border security (as part of border management) in accordance with Article 77 TFEU.

The Agreement should regulate the cooperation between the European Union Agency for Law Enforcement Cooperation (‘Europol’) and Interpol, taking into account the latest developments in combating terrorism, cross-border and transnational serious, organised crime, current operational needs and Europol’s mandate.

The Agreement should provide the necessary safeguards and guarantees to authorise controlled access to Interpol’s Stolen and Lost Travel Document (‘SLTD’) and Travel Document Associated With Notices (‘TDAWN’) databases via the European Search Portal (‘ESP’), by Union Member States and Union agencies, in so far this is necessary for the performance of their tasks, in line with their access rights, with Union or national law covering such access.

The Agreement should provide the necessary safeguards and guarantees to authorise Union Member States and the Central Unit of the European Travel Information and Authorisation System (‘ETIAS’) of the European Border and Coast Guard Agency (‘Frontex’) to access Interpol’s Stolen and Lost Travel Documents and the Travel Documents Associated with Notices databases via the European Search Portal.

The Agreement should provide the safeguards and guarantees needed to implement a revised Visa Information System Regulation that authorises Union Member States to access Interpol’s databases via the European Search Portal when examining applications for visas or residence permits.

The Agreement should facilitate establishing and regulating cooperation between the European Public Prosecutor’s Office (‘the EPPO’) and Interpol.

The Agreement should provide the legal basis to authorise Europol, Frontex statutory staff of the standing corps (category 1 staff) and the European Public Prosecutor’s Office to access relevant Interpol databases for the performance of their tasks.

The Agreement should provide the legal basis to authorise the European Union Agency for Criminal Justice Cooperation (‘Eurojust’) and the European Public Prosecutor’s Office to exchange operational information with Interpol.

Article 23(1), (2) and (5) of Regulation (EU) 2016/794 of the European Parliament and of the Council1 provide for the exchange of personal data between Europol and international organisations, to the extent necessary for the accomplishment of Europol’s tasks, as defined in Article 4 of Regulation (EU) 2016/794.

In accordance with Article 5(9) of Regulation (EU) 2019/817 of the European

Parliament and of the Council2, Article 5(9) of Regulation (EU) 2019/818 of the

European Parliament and of the Council3 and Article 12 of Regulation (EU)

2018/1240 of the European Parliament and of the Council4, queries of Interpol

25.

databases should be performed in such a way that no information is revealed to the


owner of the Interpol alert. In accordance with Article 65 of Regulation (EU)

2018/1240 personal data shall not be transferred or made available to a third country,

26.

to an international organisation or to any private parties, with the exception of


transfers to Interpol for the purpose of carrying out automated processing against

Interpol Stolen and Lost Travel Documents and Travel Documents Associated with

Notices databases, and provides that such transfers are subject to Regulation (EU) 2018/17255.

Articles 80, 99 and 104 of Council Regulation (EU) 2017/19396 set out in particular the relations and provide for the exchange of information between the European Public Prosecutor’s Office and international organisations.

In view of recital 33 of Regulation (EU) 2016/794 and recital 46 of Regulation (EU) 2018/1727 of the European Parliament and of the Council7, it is appropriate to

27.

Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 on the European


Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions

2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA (OJ L 135, 24.5.2016, p.

53).

28.

Regulation (EU) 2019/817 of the European Parliament and of the Council of 20 May 2019 on establishing a


framework for interoperability between EU information systems in the field of borders and visa and

amending Regulations (EC) No 767/2008, (EU) 2016/399, (EU) 2017/2226, (EU) 2018/1240, (EU)

29.

2018/1726 and (EU) 2018/1861 of the European Parliament and of the Council and Council Decisions


2004/512/EC and 2008/633/JHA (OJ L 135, 22.5.2019, p. 27).

30.

Regulation (EU) 2019/818 of the European Parliament and of the Council of 20 May 2019 on establishing a


framework for interoperability between EU information systems in the field of police and judicial

cooperation, asylum and migration and amending Regulations (EU) 2018/1726, (EU) 2018/1862 and (EU)

2019/816 (OJ L 135, 22.5.2019, p. 85).

31.

Regulation (EU) 2018/1240 of the European Parliament and of the Council of 12 September 2018


establishing a European Travel Information and Authorisation System (ETIAS) and amending Regulations

(EU) No 1077/2011, (EU) No 515/2014, (EU) 2016/399, (EU) 2016/1624 and (EU) 2017/2226 (OJ L 236,

19.9.2018, p.

1)

32.

Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the


protection of natural persons with regard to the processing of personal data by the Union institutions,

33.

bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No


45/2001 and Decision No 1247/2002/EC, OJ L 295, 21.11.2018, p. 39.

34.

Council Regulation (EU) 2017/1939 of 12 October 2017 implementing enhanced cooperation on the


establishment of the European Public Prosecutor’s Office (‘the EPPO’) (OJ L 283, 31.10.2017, p.

1).

35.

Regulation (EU) 2018/1727 of the European Parliament and of the Council of 14 November 2018 on the


European Union Agency for Criminal Justice Cooperation (Eurojust), and replacing and repealing Council

Decision 2002/187/JHA (OJ L 295, 21.11.2018, p. 138).

2

3

4

5

6

strengthen cooperation between Europol and Interpol, and Eurojust and Interpol respectively, by promoting the efficient exchange of personal data.

Article 68(1) of Regulation (EU) 2019/1896 of the European Parliament and of the Council8 provides for the possibility of Frontex to cooperate with international organisations, which specifically include Interpol. In accordance with Article 82(1) of Regulation (EU) 2019/1896 the members of teams from the standing corps of Frontex must have the capacity to perform tasks and exercise powers for border control set out in Regulation (EU) 2016/399 of the European Parliament and of the Council9 (the Schengen Borders Code). Pursuant to Article 8(3)(a)(i)10, Article 8(3)(a)(ii)11 and Article 6(1)(e)12 of Regulation (EU) 2016/399, this includes checking third-country nationals against Interpol databases (in particular Interpol’s Stolen and Lost Travel Documents database) at the external borders of the Member States and third countries associated with the implementation, application and development of the Schengen acquis in relation to control on persons at the external borders.

Article 47(1), Article 47(5 and 6), Article 52 and Article 56 of Regulation (EU) 2018/1727 set out the relations, and provide for the exchange of personal data, between Eurojust and international organisations.

In view of recital 96 of Council Regulation (EU) 2017/1939, it is appropriate to strengthen cooperation between the Union and Interpol by promoting an efficient exchange of personal data.

Article 94 of Regulation (EU) 2018/1725 of the European Parliament and of the Council13, sets out the conditions for the transfers of operational personal data to international organisations.

The Agreement should be in full compliance with European Union provisions on data protection set out in Regulation (EU) 2016/679 of the European Parliament and of the Council14, Regulation (EU) 2018/1725 and Directive 2016/68015 of the European Parliament and of the Council.

12

36.

Regulation (EU) 2019/1896 of the European Parliament and of the Council of 13 November 2019 on the


European Border and Coast Guard and repealing Regulations (EU) No 1052/2013 and (EU) 2016/1624 (OJ

L 295, 14.11.2019, p.

1).

37.

Regulation (EU) 2016/399 of the European Parliament and of the Council of 9 March 2016 on a Union


Code on the rules governing the movement of persons across borders (Schengen Borders Code) (OJ L 77,

23.3.2016, p.

1).

38.

On entry and exit, third-country nationals shall be subject to thorough checks, which includes verifying the


identity and the nationality of the third-country national and of the authenticity and validity of the travel

document for crossing the border. This involves consulting the relevant databases, in particular (but not

only) Interpol’s SLTD database.

39.

The above check includes verifying that the travel document is accompanied, where applicable, by the


requisite visa or residence permit.

40.

The entry conditions of the third-country nationals include that they are not considered to be a threat to


public policy, internal security, public health or the international relations of any of the Member States, in

particular where no alert has been issued in Member States’ national databases for the purposes of refusing

entry on the same grounds.

41.

Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the


protection of natural persons with regard to the processing of personal data by the Union institutions,

42.

bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No


45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39).

43.

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the


protection of natural persons with regard to the processing of personal data and on the free movement of

8

9

10

11

3

4

The Agreement should fully respect the fundamental rights and observe the principles recognised by the Charter of Fundamental Rights of the European Union (‘the Charter’), in particular the right to a private and family life, recognised in Article 7 of the Charter, the right to the protection of personal data, recognised in Article 8 of the Charter and the right to effective remedy and fair trial recognised by Article 47 of the Charter. The Agreement should be applied in line with all the rights and principles enshrined in the Charter.

The Commission should consult the European Data Protection Supervisor during the negotiation of the agreement or, in any event, before the agreement is concluded.

The Commission should be nominated as the Union negotiator.

HAS ADOPTED THIS DECISION:

Article 1

The Commission is hereby authorised to negotiate, on behalf of the European Union an Agreement between the European Union and the International Criminal Police Organization on cooperation and coordination in preventing and combating terrorism and serious crime and in ensuring a European integrated border management at the external borders of the Member States and third countries associated with the implementation, application and development of the Schengen acquis in relation to control on persons at the external borders, including on the necessary safeguards for the protection of personal data.

Article 2 The negotiating directives are set out in the Annex.

Article 3

The negotiations shall be conducted in consultation with the [name of the special committee to be inserted by the Council].

Article 4 This Decision is addressed to the Commission.

Done at Brussels,

For the Council The President

such data, and repealing Directive 95/46/EC (General Data Protection Regulation, OJ L 119, 4.5.2016, p.

1).

44.

Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection


of natural persons with regard to the processing of personal data by competent authorities for the purposes

of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal

penalties, and on the free movement of such data, and repealing Council Framework Decision

2008/977/JHA (OJ L 119, 4.5.2016, p. 89) (Data Protection Law Enforcement Directive).

5