With the collection and processing of data at the centre of Europol’s work and the corresponding means in place, it is implicit that large amounts of personal data are stored in Europol’s files, analysed by its experts and exchanged between the Europol units, EU Member States and even third parties. To some, this image might give cause for concern.

Nowadays, we cannot even take part in a lottery or become member of a gym without someone gaining access to our personal data and potentially using it for commercial purposes. A multi-national law enforcement agency with the power to collect and analyse large amounts of data might make even more extensive use of our personal information. Are we heading for ‘1984’ reloaded?

It is obvious that in the area of law enforcement, the highest standards of data protection and security are of utmost importance. The unparalleled means of collecting and analysing data available in our day and age bring with them an obligation to respect each individual’s right to have their personal data duly protected. To live up to this responsibility, it is essential to minimise the danger of abuse and the risk of data leaks, whether intentional or unwitting.

The popular principle that ‘whatever is not forbidden is allowed’ does not apply in the context of data protection. In so far as it is necessary for the achievement of Europol’s objectives, the organisation may process information, including personal data, only for special purposes as laid down in its legal framework.