Judgment of the General Court Eighth Chamber of 27 April 2022, Veen v Europol, T-436/21
Date | 27 April 2022 |
Year | 2022 |
57
6. POLICE COOPERATION
Judgment of the General Court (Eighth Chamber) of 27 April 2022, Veen v Europol, T -436/21
Non-contractual liability – Cooperation of the police authorities and other law enforcement agencies of
the Member States – Fight against crime – Communication of information by Europol to a Member State –
As part of an investigation following the seizure of 1.5 tonnes of methamphetamine, the Slovak police
sought the assistance of Europol,
105
stating that Mr Veen was suspected of involvement in trafficking
of that substance.
On the basis of information supplied by the Member States, Europol drew up a report, which was
communicated to only France, the Netherlands, Slovakia and the United States. The report states that
Mr Veen had been involved in several investigations in the Netherlands and had also been reported in
the context of investigations in Sweden and Poland.
Mr Veen considered that he had suffered harm as a result of the inaccurate statement that he had
been the subject of investigations in Sweden and Poland. He therefore brought an action before the
General Court on the basis of the Europol Regulation
106
seeking compensation for the non-material
harm he claimed to have suffered as a result of the alleged unlawful processing of his personal data
by Europol.
The Court dismisses the action and, for the first time, applies the specific and autonomous regime for
the protection of personal data in the context of Europol’s actions.
Findings of the Court
First of all, the Court points out that the inclusion of personal information about an individual in a
Europol report does not in itself constitute an unlawful act such as to incur liability on Europol’s part.
Europol’s task is, inter alia, to collect, store, process, assess and exchange information, including
criminal intelligence, and to notify the Member States without delay of any information and
connections between criminal offences concerning them.
To that end, the Europol Regulation authorises Europol to process information, including personal
data, inter alia through cross-checking aimed at identifying connections between information related
to different categories of data subjects.
107
Europol must, however, comply with the data protection
safeguards provided for in that regulation.
108
That protection is therefore autonomous and adapted
to the specificity of the processing of personal data in a law enforcement context.
Against that background, the Europol Regulation specifies how responsibility in personal data
protection matters is to be attributed between, inter alia, Europol and the Member States.
Accordingly, Europol assumes responsibility for compliance with the general principles of data
protection, with the exception of the requirement for data to be accurate and up to date, and
responsibility for all data processing operations that it carries out. Meanwhile, the Member States are
105
European Union Agency for Law Enforcement Cooperation.
106
Article 50(1) of Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for
Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/934/JHA, 2009/935/JHA,
2009/936/JHA and 2009/968/JHA (OJ 2016 L 135, p. 53; ‘the Europol Regu lation’).
107
Article 18(1) and (2) of the Europol Regulation.
108
In accordance with Article 18(4) of the Europol Regulation.
To continue reading
Request your trial