EU data protection authority launches probe into Frontex for breaches
The watchdog is investigating whether the European Union's border and coast guard agency has collected information on migrants that it is not legally entitled to.
The European Union’s border and coast guard agency has been collecting information from migrants that could end up identifying vulnerable people seeking sanctuary from persecution in their homelands, according to a report by the EU’s data protection watchdog.
The European Data Protection Supervisor, or EDPS, also announced on Thursday that it is launching an investigation into whether Frontex gathered information that it is not entitled to collect and illegally provided those details about migrants to the EU’s police agency Europol.
Frontex said that it conducts “debriefing interviews” with migrants entering Europe without authorisation “on a voluntary and anonymous basis.” It said the interviews aim to collect information about migratory routes and cross-border crime and help to plan its operations.
But in a report submitted to Frontex last week, the EDPS said that some debriefings reveal “a combination of distinguishing features about that individual and their journey that would be sufficient to render those individuals identifiable.”
The data protection supervisor said this means the information gathered would amount to “personal data” under EU laws, and it has “serious doubts” about whether the debriefings respect the regulations relating to such data.
The EDPS said Frontex’s interview process “does not take sufficient account of the high vulnerability of the individuals targeted for data collection.”
It also insisted that Frontex “cannot guarantee the voluntary nature of the interview as they are conducted in a situation of deprivation (or limitation) of liberty and are aimed at identifying suspects on the basis of the interviewee’s testimony.”
Potential enforcement actions
The EDPS claimed Frontex debriefings “may result in the interviewee providing a self-incriminating testimony,” although the body “may not systematically, proactively and on its own collect any kind of information about suspects of any cross-border crimes.”
Only Europol, the EU’s justice agency, and the 27 member countries can do that. But the audit report accused Frontex of “automatically exchanging the debriefing reports with Europol without assessing the strict necessity of such exchange.”
The EDPS said it has decided to open an investigation into the data exchanges with the EU’s police agency “which may result in the exercise of enforcement actions.”
The data protection supervisor is demanding that Frontex address many of its concerns by the end of this year.
“The EDPS will carry out a close follow-up. If need be, enforcement powers may be exercised,” it said in an executive summary to the audit report posted on its website.
Frontex welcomed the report “as a contribution to further improve the agency’s activities in line with data protection regulations and fundamental rights.” It said it would try “to comply with the recommendations and develop an action plan to implement the necessary changes in our operations.”
In recent years, Frontex has been repeatedly accused of taking part in illegal pushbacks of migrants and other abuses — allegations it denies.
A new director was appointed in January after his predecessor resigned and promised a new era of transparency at the agency.
The new director, Hans Leijtens, said that “there is nothing secret about Frontex” and that he would promote a nothing-to-hide approach and put an end to “defensive attitudes.” Leijtens said: “We can’t do our work when we are not trusted.”
Pushbacks — forcing people away from a border before they can exercise their right to apply for asylum — are considered violations of international refugee protection agreements.
Under those rules, people should not be expelled or returned to a country where their life and safety might be in danger due to their race, religion, nationality, or membership of a social or political group.