1. Where EU public bodies such as Europol exchange DNA, fingerprint, and other biometric data (such as facial biometrics), what encryption and hashing algorithms are currently used to protect the confidentiality and integrity of this data in transit, and with what key lengths?

2. Council Decision 2008/616/JHA stipulates, with regard to the exchange of DNA data, that ‘the encryption algorithm AES (Advanced Encryption Standard) with 256‑bit key length and RSA with 1 024‑bit key length’ and ‘the hash algorithm SHA‑1 shall be applied.’ However, the SHA‑1 hash algorithm has effectively been broken since 2017, while 1 024‑bit RSA encryption is vulnerable to brute force attacks by more powerful modern computers. When will the legal provisions stipulated in that decision be updated to ensure that cryptographic protection for cross-border transfers is based on up-to-date technical guidance?

3. More generally, where there is cross-border cooperation on criminal or police matters, is there an obligation to apply cryptographic mechanisms for data confidentiality and data integrity to personal data exchanged? If so, where are the appropriate levels of protection specified, and on the basis of what technical advice?