European Data Protection Supervisor (EDPS) Peter Hustinx, who advises EU bodies on data privacy issues, said that making systems interoperable with one another could lead to police databases being used for different purposes for which they were originally established. This would run counter to EU data protection laws, he said.
Under EU data protection laws, personal data must be "processed fairly and lawfully" and be collected for "specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes".
"Although the introduction of interoperability will not lead to new databases, it will necessarily introduce a new use of existing databases by providing new possibilities of access to those databases," Hustinx said in a new opinion. (11-page / 111KB PDF) "In that respect, the EDPS would like to point at the basic data protection principle of purpose limitation, which requires that personal data may not be used for purposes which are incompatible with the purpose for which the data were originally collected, unless this would be specifically allowed under certain strict conditions."
Hustinx was commenting on the Commission's plans to improve information-sharing practices between law enforcement bodies across the trading bloc. The Commission has outlined plans for a new European Information Exchange Model (EIXM), but Hustinx has raised concerns about the prospect of information channels being used for collecting personal data for purposes that are not compatible with the purposes for which those channels were designed.
"The use of a channel designed for a specific purpose should not lead to the possible use or collection of the data transiting on this channel for other purposes," he said. "This poses the risk of what is often described as 'function creep', namely, a gradual widening of the use of a system or database beyond the purpose for which it was originally intended."
Hustinx said that the Commission's favoured "communication tool", developed by Europol for exchanging information between authorities in member states, may not be "appropriate for the exchange of information in a different context and for different purposes". He said the Commission should "justify more clearly the choice of this channel, and to assess whether this choice is in compliance with the principle of privacy by design".