The Europol Information System (EIS) is Europol’s central criminal information and intelligence database. It covers all of Europol’s mandated crime areas, including terrorism.
Launched in 2005 and available in 22 languages, the EIS contains information on serious international crimes, suspected and convicted persons, criminal structures, and offences and the means used to commit them. It is a reference system that can be used to check whether information on a certain person or an object of interest (such as a car, a telephone or an e-mail message) is available beyond national or organisational jurisdictions.
The EIS is used by Europol officials, Member State liaison officers, and seconded national experts stationed at Europol headquarters, as well as staff in the Europol National Units and in competent authorities in the Member States. In addition, some of Europol’s cooperation partners can store and query data via Europol’s operational centre.
The data in the EIS is stored within different online “entities” corresponding to actual objects such as cars and identity documents, and to people. The online “entities” can be linked to each other in different ways so as to create a structured picture of a criminal case. The system also allows the storage and automatic cross-checking of biometrics (DNA) and cybercrime-related data.
In 2015, 24 countries and organisations began using the EIS to share lists of foreign terrorist fighters (FTFs), and by the end of that year, around 20 counter-terrorism units had direct access to it. The list of FTFs it contained had grown to over 7 800 contributed by 24 countries, by December 2016. Positive identifications in the system have led to a number of joint law enforcement actions involving various countries.
The data inserted into the EIS remains under the full control of the inputting entity (the data owner) and cannot be altered in any way by Europol or another Member State. The owner is responsible for:
Security and data protection are of paramount importance for the EIS. Users’ right of access to the data stored in it depends on their user profiles and on the restrictions defined by the data owner. As a general rule, users at Europol and in the Europol National Units have direct access to all data stored in the system, but the data owner may limit that right on a case-by-case basis.
Users in designated authorities in the Member States may run searches in the system. If their searches turn up initial results, users may request more information through their Europol National Unit. The EIS interfaces with SIENA, Europol’s message-exchange system, for the follow-up to searches and hits found.
For example, an investigator in country X wishes to share data via the EIS but, due to the sensitivity of the case, wants to limit direct access to it. The investigator applies the restriction by means of a handling code, which makes the data invisible to users in other countries, even though it remains searchable. In practice, this means that a user looking for this data will get a response indicating whether it is present in the system, but will not be able to view any details. Meanwhile, the owner of the data will get a notification that a search has been done for it, and can contact that user. These features enhance the security of the system without sacrificing the ability to coordinate efforts.