EU data protection chief launches Frontex investigation
-
People arriving and seeking refuge in Europe may be end up being grilled by Frontex agents to divulge possibly incriminating information (Photo: Freedom House)
Warsaw-based Frontex is likely violating rights by data dumping migrant testimonies with the EU's police agency Europol, according to a data protection authority.
Such testimonies are collected by Frontex agents seeking to figure out how and to what extent asylum seekers crossing an EU border receive outside help.
Join EUobserver today
Become an expert on Europe
Get instant access to all articles — and 20 years of archives. 14-day free trial.
Choose your plan
... or subscribe as a group
Don't miss out on
Our exclusive news stories and investigations. Influential. Investigative. Independent.
Why join?
Watch our founder Lisbeth Kirk explain the reasons in this 30-second video.
Already a member?
Although Frontex redacts names, identifiable personal data is still being shared with Europol to crack down on smuggling and other criminal activities, said Wojciech Wiewiórowski, the EU's data protection supervisor (EDPS).
The Frontex-Europol data exchange, known as Pedra or 'Processing of Personal Data for Risk Analysis', has in the past generated controversy for possibly incriminating innocent people.
In an eight-page summary of a larger audit report published Wednesday (31 May), Wiewiórowski said the EPDS would now open an investigation into Frontex.
It faulted the agency for "automatically exchanging the debriefing reports with Europol without assessing the strict necessity of such exchange."
Wiewiórowski says this breaches several EU data protection rules, as well as Frontex's own rule book when it comes to exchanging personal data with Europol.
The EDPS has given the agency until the end of the year to sort the problems.
Similar findings were revealed last year by Balkan Insight, a media outlet. It said Frontex had sidelined its own data protection officer, who had warned of mission creep over Pedra.
The latest EDPS investigation appears to back that assessment.
Some of those people interviewed, often detained or deprived of liberty, may feel threatened into divulging information that goes beyond what is needed by Europol.
Last month, EUobserver revealed that this may include NGOs, posing additional questions to what extent the agencies are possibly helping criminalise the work by civil society in the field of asylum and migration.
Linked to that, Wiewiórowski says Frontex is unable to process requests by someone who wants to know what personal data the agency has collected on them.
"It impedes the efficiency of handling data subject requests, and risks the accuracy of the outcome of searches performed for this purpose," he said.
The Frontex overreach raises other serious compliance issues, says the EDPS.
This is partly due to the high vulnerability of those being interviewed, some of whom may inadvertently incriminate themselves, as well as the low reliability of the information gathered.
The same information is then used for Frontex risk analysis reports.
The EDPS says this also has implications for certain groups "who may be unduly targeted or represented in the output of risk analysis products."
In total, the EDPS audit found 36 problems with Frontex and issued 32 recommendations for follow-up.
For its part, Frontex said it welcomed the EDPS' audit report and its recommendations as a contribution to improve the agency's activities in line with data protection regulations and fundamental rights.
"The agency will strive to comply with the recommendations and develop an action plan to implement the necessary changes in our operations. Frontex continues to fully collaborate with the EDPS," it said, in an email.
