Europol is preparing to collect large amounts of data on European citizens after MEPs voted to expand its police powers.
The European Parliament has voted to expand the role of Europol, legalize the processing of big data containing personal information, including no suspicion of crime, and approve research on predictive policing technology.
The MPs voted on May 4 to extend Europol’s mandate to collect personal data from technology companies, including telecommunications and internet providers and social media companies, and to collect and analyze data from countries outside the European Union.
The proposals give Europol the green light to develop algorithms and artificial intelligence systems that enable automated decision-making and the development of predictive policing models.
In effect, the parliament’s draft regulation overturned a decision by the European Data Protection Supervisor (EDPS) in January 2020 that required Europol to delete the amount of personal data collected and processed illegally.
MEPs voted 480 to significantly expand Europol’s role, with 142 and 20 abstaining, a move that would expand Europol’s use of big data and artificial intelligence in criminal investigations.
The proposed regulations introduce privacy protections for individuals, including the appointment of a fundamental rights officer at Europol and the independent oversight of EDPS.
The decision has been criticized by civil society groups and some MEPs, who believe it is a “massive and uncontrolled expansion” of Europol’s powers and could be the first step towards creating a GCHQ or a European version of US national security. Agency.
“Europol will be allowed to collect and share data left, right and center without much restriction or scrutiny,” said Chloe Barthelemy, political rights adviser at European Digital Rights (EDRi), a network of European civil and human rights organizations.
The bill would allow Europol to share data with financial institutions and companies, including online platforms – which may include IP addresses, URLs and contact content.
Europol may also receive data from Internet service and technology companies, including Google and Facebook, including customer, traffic and content data that may be useful for criminal investigations.
The bill mandates Europol to research innovative technologies, including AI and algorithmic decision-making, which can be used, for example, to predict which individuals may be involved in criminal activity.
Europol will be able to legally train algorithms in datasets containing the personal information of individuals who are not suspected of crime, in a move lawmakers have described as necessary to eliminate bias from algorithms trained on purely criminal information.
Critics point out that MEPs’ approval of Europol’s use of automated decision-making is in conflict with the European Parliament’s approval of a ban on the use of algorithms for predictive policing.
The draft law is a partial response to the growing demand for Europol to analyze increasingly large and complex datasets to identify crimes committed in multiple countries inside and outside the European Union.
An example is the operation conducted by French and Dutch police in 2020 to hack encrypted encrypted telephone networks, recovering text messages from thousands of telephones, as well as details of contacts, notes, videos and messages. Voice, their pseudonym and the unique identifier of their telephone.
The text must now be officially adopted by the Council before it can be published in the EU’s official journal and before it can take effect.