You are here: Parliament home page > Parliamentary business > Publications and Records > Committee Publications > All Select Committee Publications > Lords Select Committees > European Union > European Union
Select Committee on European Communities Twenty-Ninth Report


APPENDIX 4

 ARTICLE 20: CORRECTION AND DELETION OF DATA

  1.  If it emerges that data held by Europol which have been communicated to it by third States or third bodies or which are the result of its own analyses are incorrect or that their input or storage contravenes this Convention, Europol shall correct or delete such data.

  2.  If data that are incorrect or that contravene this Convention have been passed directly to Europol by Member States, they shall be obliged to correct or delete them in collaboration with Europol. If incorrect data are transmitted by another appropriate means or if the errors in the data supplied by Member States are due to faulty transmission or have been transmitted in breach of the provisions of this Convention or if they result from their being entered, taken over or stored in an incorrect manner or in breach of the provisions of this Convention by Europol, Europol shall be obliged to correct them or delete them in collaboration with the Member States concerned.

  3.  In the cases referred to in paragraphs 1 and 2, the Member States which are recipients of the data shall be notified forthwith. The recipient Member States shall also correct or delete those data.

  4.  Any person shall have the right to ask Europol to correct or delete incorrect data concerning him.

  Europol shall inform the enquirer that data concerning him have been corrected or deleted. If the enquirer is not satisfied with Europol's reply or if he has received no reply within three months, he may refer the matter to the joint supervisory body.

ARTICLE 21: TIME LIMITS FOR THE STORAGE AND DELETION OF DATA FILES

  1.  Data in data files shall be held by Europol only for as long as is necessary for the performance of its tasks. The need for continued storage shall be reviewed no later than three years after the input of data. Review of data stored in the information system and its deletion shall be carried out by the inputting unit. Review of data stored in other Europol data files and their deletion shall be carried out by Europol. Europol shall automatically inform the Member States three months in advance of the expiry of the time limits for reviewing the storage of data.

  2.  During the review, the units referred to in the third and fourth sentences of paragraph 1 above may decide on continued storage of data until the next review if this is still necessary for the performance of Europol's tasks. If no decision is taken on the continued storage of data, those data shall automatically be deleted.

  3.  Storage of personal data relating to individuals as referred to in point 1 of the first subparagraph of Article 10(1) may not exceed a total of three years. Each time limit shall begin to run afresh on the date on which an event leading to the storage of data relating to that individual occurs. The need for continued storage shall be reviewed annually and the review documented.

  4.  Where a Member State deletes from its national data files data communicated to Europol which are stored in other Europol data files, it shall inform Europol accordingly. In such cases, Europol shall delete data unless it has further interest in them, based on intelligence that is more extensive than that possessed by the communicating Member State. Europol shall inform the Member State concerned of the continued storage of such data.

  5.  Deletion shall not occur if it would damage the interests of the data subject which require protection. In such cases, the data may be used only with the consent of the data subject.

ARTICLE 22: CORRECTION AND STORAGE OF DATA IN PAPER FILES

  1.  If it emerges that an entire paper file or data included in that file held by Europol are no longer necessary for the performance of Europol's tasks, or if the information concerned is overall in contravention of this Convention, the paper file or data concerned shall be destroyed. The paper file or data concerned must be marked as not for use until they have been effectively destroyed.

  Destruction may not take place if there are grounds for assuming that the legitimate interests of the data subject would otherwise be prejudiced. In such cases, the paper file must bear the same note prohibiting all use.

  2.  If it emerges that data contained in the Europol paper files are incorrect, Europol shall be obliged to correct them.

  3.  Any person covered by a Europol paper file may claim the right vis-a-vis Europol to correction or destruction of paper files or the inclusion of a note. Article 20(4) and Article 24(2) and (7) shall be applicable.

ARTICLE 23: NATIONAL SUPERVISORY BODY

  1.  Each Member State shall designate a national supervisory body, the task of which shall be to monitor independently, in accordance with its respective national law, the permissibility of the input, the retrieval and any communication to Europol of personal data by the Member State concerned and to examine whether this violates the rights of the data subject. For this purpose, the supervisory body shall have access at the national unit or at the liaison officers' premises to the data entered by the Member State in the information system and in the index system in accordance with the relevant national procedures.

  For their supervisory purposes, national supervisory bodies shall have access to the offices and documents of their respective liaison officers at Europol.

  In addition, in accordance with the relevant national procedures, the national supervisory bodies shall supervise the activities of national units under Article 4(4) and the activities of liaison officers under Article 5(3), points 1 and 3 and Article 5(4) and (5), insofar as such activities are of relevance to the protection of personal data.

  2.  Each individual shall have the right to request the national supervisory body to ensure that the entry or communication of data concerning him to Europol in any form and the consultation of the data by the Member State concerned are lawful.

  This right shall be exercised in accordance with the national law of the Member State to the national supervisory body of which the request is made.

ARTICLE 24: JOINT SUPERVISORY BODY

  1.  An independent joint supervisory body shall be set up, which shall have the task of reviewing, in accordance with this Convention, the activities of Europol in order to ensure that the rights of the individual are not violated by the storage, processing and utilization of the data held by Europol. In addition, the joint supervisory body shall monitor the permissibility of the transmission of data originating from Europol. The joint supervisory body shall be composed of not more than two members or representatives (where appropriate assisted by alternates) of each of the national supervisory bodies guaranteed to be independent and having the necessary abilities, and appointed for five years by each Member State. Each delegation shall be entitled to one vote.

  The joint supervisory body shall appoint a chairman from among its members.

  In the performance of their duties, the members of the joint supervisory body shall not receive instructions from any other body.

  2.  Europol must assist the joint supervisory body in the performance of the latter's tasks. In doing so, it shall, in particular:

    (1)  supply the information it requests, give it access to all documents and paper files as well as access to the data stored in the system; and

    (2)  allow it free access at any time to all its premises;

    (3)  carry out the joint supervisory body's decisions on appeals in accordance with the provisions of Articles 19(7) and 20(4).

  3.  The joint supervisory body shall also be competent for the examination of questions relating to implementation and interpretation in connection with Europol's activities as regards the processing and utilization of personal data, for the examination of questions relating to checks carried out independently by the national supervisory bodies of the Member States or relating to the exercise of the right to information, as well as for drawing up harmonized proposals for common solutions to existing problems.

  4.  Each individual shall have the right to request the joint supervisory body to ensure that the manner in which his personal data have been collected, stored, processed and utilized by Europol is lawful and accurate.

  5.  If the joint supervisory body notes any violations of the provisions of this Convention in the storage, processing or utilization of personal data, it shall make any complaints it deems necessary to the Director of Europol and shall request him to reply within a time limit to be determined by it. The Director shall keep the Management Board informed of the entire procedure. In the event of any difficulty, the joint supervisory body shall refer the matter to the Management Board.

  6.  The joint supervisory body shall draw up activity reports at regular intervals. In accordance with the procedure laid down in Title VI of the Treaty on European Union, these shall be forwarded to the Council; the Management Board shall first have the opportunity to deliver an opinion, which shall be attached to the reports.

  The joint supervisory body shall decide whether or not to publish its activity report, and, if it decides to do so, determine how it should be published.

  7.  The joint supervisory body shall unanimously adopt its rules of procedure, which shall be submitted for the unanimous approval of the Council. It shall set up internally a committee comprising one qualified representative from each Member State with entitlement to a vote. The commitee shall have the task of examining the appeals provided for in Articles 19(7) and 20(4) by all appropriate means. Should they so request, the parties, assisted by their advisers if they so wish, shall be heard by the committee. The decisions taken in this context shall be final as regards all the parties concerned.

  8.  It may also set up one or more other committees.

  9.  It shall be consulted on that part of the budget which concerns it. Its opinion shall be annexed to the draft budget in question.

  10.  It shall be assisted by a secretariat, the tasks of which shall be defined in the rules of procedure.

TITLE V

LEGAL STATUS, ORGANISATION AND FINANCIAL PROVISIONS

ARTICLE 28: MANAGEMENT BOARD

  1.  Europol shall have a Management Board. The Management Board:

    (1)  shall take part in the extension of Europol's objective (Article 2(2));

    (2)  shall define unanimously liaison officers' rights and obligations towards Europol (Article 5);

    (3)  shall decide unanimously on the number of liaison officers the Member States may send to Europol (Article 5);

    (4)  shall prepare the implementing rules governing data files (Article 10);

    (5)  shall take part in the adoption of rules governing Europol's relations with third States and third bodies within the meaning of Article 10(4) (Articles 10, 18 and 42);

    (6)  shall unanimously decide on details concerning the design of the index system (Article 11);

    (7)  shall approve by a two-thirds majority orders opening data files (Article 1 2);

    (8)  may deliver opinions on the comments and reports of the joint supervisory body (Article 24);

    (9)  shall examine problems which the joint supervisory body brings to attention (Article 24(5));

    (10)  shall decide on the details of the procedure for checking the legal character of retrievals in the information system (Article 16);

    (11)  shall take part in the appointment and dismissal of the Director and Deputy Directors (Article 29);

    (12)  shall oversee the proper perfomance of the Director's duties (Articles 7 and 29);

    (13)  shall take part in the adoption of staff regulations (Article 30);

    (14)  shall take part in the preparation of agreements on confidentiality and the adoption of provisions on the protection of confidentiality (Articles 18 and 31);

    (15)  shall take part in the drawing up of the budget including the establishment plan, the auditing and the discharge to be given to the Director (Articles 35 and 36);

    (16)  shall adopt unanimously the five-year financing plan (Article 35);

    (17)  shall appoint unanimously the financial controller and oversee the performance of his duties (Article 35);

    (18)  shall take part in the adoption of the financial regulation (Article 35);

    (19)  shall unanimously approve the conclusion of the headquarters agreement (Article 37);

    (20)  shall adopt unanimously the rules for the security clearance of Europol officials;

    (21)  shall act by a two-thirds majority in disputes between a Member State and Europol or between Member States concerning compensation paid under the liability for unauthorised or incorrect processing of data (Article 38);

    (22)  shall take part in any amendment of this Convention (Article 43);

    (23)  shall be responsible for any other tasks assigned to it by the Council particularly in provisions for the implementation of this Convention.

  2.  The Management Board shall be composed of one representative of each Member State. Each member of the Management Board shall have one vote.

  3.  Each member of the Management Board may be represented by an alternate member; in the absence of the full member, the alternate member may exercise his right to vote.

  4.  The Commission of the European Communities shall be invited to attend meetings of the Management Board with non-voting status. However, the Management Board may decide to meet without the Commission representative.

  5.  The members or alternate members shall be entitled to be accompanied and advised by experts from their respective Member States at meetings of the Management Board.

  6.  The Management Board shall be chaired by the representative of the Member State holding the Presidency of the Council.

  7.  The Management Board shall unanimously adopt its rules of procedure.

  8.  Abstentions shall not prevent the Management Board from adopting decisions which must be taken unanimously.

  9.  The Management Board shall meet at least twice a year.

  10.  The Management Board shall adopt unanimously each year:

    (1)  a general report on Europol's activities during the previous year;

    (2)  a report on Europol's future activities taking into account Member States' operational requirements and budgetary and staffing implications for Europol.

  These reports shall be submitted to the Council in accordance with the procedure laid down in Title VI of the Treaty on European Union.

ARTICLE 29: DIRECTOR

  1.  Europol shall be headed by a Director appointed by the Council, acting unanimously in accordance with the procedure laid down in Title VI of the Treaty on European Union after obtaining the opinion of the Management Board, for a four-year period renewable once.

  2.  The Director shall be assisted by a number of Deputy Directors as determined by the Council and appointed for a four-year period renewable once, in accordance with the procedure laid down in paragraph 1. Their tasks shall be defined in greater detail by the Director.

  3.  The Director shall be responsible for:

    (1)  performance of the tasks assigned to Europol;

    (2)  day-to-day administration;

    (3)  personnel management;

    (4)  proper preparation and implementation of the Management Board's decisions;

    (5)  preparing the draft budget, draft establishment plan and draft five-year financing plan and implementing Europol's budget;

    (6)  all other tasks assigned to him in this Convention or by the Management Board.

  4.  The Director shall be accountable to the Management Board in respect of the performance of his duties. He shall attend its meetings.

  5.  The Director shall be Europol's legal representative.

  6.  The Director and the Deputy Directors may be dismissed by a decision of the Council, to be taken in accordance with the procedure laid down in Title VI of the Treaty on European Union by a two-thirds majority of the Member States, after obtaining the opinion of the Management Board.

  7.  Notwithstanding paragraphs 1 and 2, the first term of office after entry into force of this Convention shall be five years for the Director, four years for his immediate Deputy and three years for the second Deputy Director.

ARTICLE 31: CONFIDENTIALITY

  1.  Europol and the Member States shall take appropriate measures to protect information subject to the requirement of confidentiality which is obtained by or exchanged with Europol on the basis of this Convention. To this end the Council shall unanimously adopt appropriate rules on confidentiality prepared by the Management Board and submitted to the Council in accordance with the procedure laid down in Title VI of the Treaty on European Union.

  2.  Where Europol has entrusted persons with a sensitive activity, Member States shall undertake to arrange, at the request of the Director of Europol, for security screening of their own nationals to be carried out in accordance with their national provisions and to provide each other with mutual assistance for the purpose. The relevant authority under national provisions shall inform Europol only of the results of the security screening, which shall be binding on Europol.

  3.  Each Member State and Europol may entrust with the processing of data at Europol, only those persons who have had special training and undergone security screening.

TITLE VII

FINAL PROVISIONS

ARTICLE 42: RELATIONS WITH THIRD STATES AND THIRD BODIES

  1.  In so far as is relevant for the performance of the tasks described in Article 3, Europol shall establish and maintain cooperative relations with third bodies within the meaning of Article 10(4), points 1 to 3. The Management Board shall unanimously draw up rules governing such relations. This provision shall be without prejudice to Article 10(4) and (5) and Article 18(2); exchanges of personal data shall take place only in accordance with the provisions of Titles 11 to IV of this Convention.

  2.  In so far as is required for the performance of the tasks described in Article 3, Europol may also establish and maintain relations with third States and third bodies within the meaning of Article 10(4), points 4, 5, 6 and 7. Having obtained the opinion of the Management Board, the Council, acting unanimously in accordance with the procedure laid down in Title VI of the Treaty on European Union, shall draw up rules governing the relations referred to in the first sentence. The third sentence of paragraph 1 shall apply mutatis mutandis.

ARTICLE 45: ENTRY INTO FORCE

  1.  This Convention shall be subject to adoption by the Member States in accordance with their respective constitutional requirements.

  2.  Member States shall notify the depositary of the completion of their constitutional requirements for adopting this Convention.

  3.  This Convention shall enter into force on the first day of the month following the expiry of a three-month period after the notification, referred to in paragraph 2 by the Member State of the European Union on the date of adoption by the Council of the act drawing up this Convention, by the last Member State to fulfill that formality.

  4.  Without prejudice to paragraph 2, Europol shall not take up its activities under this Convention until the last of the acts provided for in Articles 5(7), 10(1), 24(7), 30(3), 31(1), 35(9), 37 and 41(1) and (2) enters into force.

  5.  When Europol takes up its activities, the activities of the Europol Drugs Unit under the joint action concerning the Europol Drugs Unit of 10 March 1995 shall come to an end. At the same time, all equipment financed from the Europol Drugs Unit joint budget, developed or produced by the Europol Drugs Unit or placed at its disposal free of charge by the headquarters State for its permanent use, together with that Unit's entire archives and independently administered data files shall become the property of Europol.

  6.  Once the Council has adopted the act drawing up this Convention, Member States, acting either individually or in common, shall take all preparatory measures under their national law which are necessary for the commencement of Europol activities.

 
previous page contents next page

House of Lords home page Parliament home page House of Commons home page search page enquiries
© Parliamentary copyright 1998