Answer given by Ms Johansson on behalf of the European Commission
1.9.2022
The Commission provides the following answers assuming that the questions of the Honourable Member refer to media reports related to European Border and Coast Guard Agency (Frontex) Management Board (MB) Decisions[1].
1. In line with its mandate, Frontex may process data on criminal networks to help national authorities fight cross-border crime but does not collect personal data on migrants. Any data-sharing framework with Europol will fully comply with MB Decision 69/2021. This decision and Decision 68/2021 are not yet in place and are being redrafted following the opinions of the European Data Protection Supervisor (EDPS) received after the adoption of these decisions. The Commission, which has two representatives in the MB, will ensure the continued protection of fundamental rights and necessary data protection safeguards. As for the Europol Regulation[2], personal data may be processed under strict conditions and in compliance with the safeguards outlined in the regulation. It does not require the MB to adopt specific additional decisions.
2. The EBCG Regulation[3] defines specific cases for which Frontex must seek prior consultation of the EDPS. These sets of internal Frontex rules do not face this mandatory requirement. As regards involving the Data Protection Officer (DPO), the Commission expressed support for her strong role in the drafting process of the rules. The independent position of the DPO was also ensured with MB Decision 56/2021 of 15 October 2021[4].
3. As the adoption of internal rules falls within the remit of the Agency, the Commission has asked Frontex to provide a reply to this question, which the Commission will transmit to the Honourable Member as soon as possible.
See annexes : Annex 1, Annex 2
- [1] Management Board Decision 68/2021 on processing personal data and Decision 69/2021 on processing operational personal data approved by the Frontex MB in December 2021, https://prd.frontex.europa.eu/
- [2] Article 18 of Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA, OJ L 135, 24.5.2016, p. 53.
- [3] Regulation (EU) 2016/1624 of the European Parliament and of the Council of 14 September 2016 on the European Border and Coast Guard and amending Regulation (EU) 2016/399 of the European Parliament and of the Council and repealing Regulation (EC) No 863/2007 of the European Parliament and of the Council, Council Regulation (EC) No 2007/2004 and Council Decision 2005/267/EC, OJ L 251, 16.9.2016, p. 1.
- [4] MB Decision 56/2021 of 15 October 2021 adopting implementing rules on the application of Regulation (EU) 2018/1725 concerning the tasks, duties and powers of the Data Protection Officer as well as rules concerning Designated Controllers in Frontex.