4 November
17th meeting of the Joint Parliamentary Scrutiny Group (JPSG) on Europol with the delegates of the Sejm (day two)
On 4 November, (Tuesday), the 17th meeting of the Europol Joint Parliamentary Scrutiny Group (JPSG) continued at the European Parliament in Brussels. Despite the end of its presidency, Poland leads the work in the Group, as Denmark – the current presidency of the Council of the European Union as of the second half of 2025 – had invoked an opt-out clause in the area of justice and home affairs.
By the decision of Speaker of the Sejm Szymon Hołownia, the members of the Sejm’s delegation to the JPSG are Konrad Frysztak, Deputy Chairman of the Administration and Internal Affairs Committee and member of the European Union Affairs Committee, who also serves as the head of the Sejm delegation, and Deputy Paweł Śliz, Chairman of the Justice and Human Rights Committee. The Senate delegation also participates in the work of the JPSG. It comprises Senator Kazimierz Michał Ujazdowski (chairman of the delegation) and Senator Grzegorz Fedorowicz.
The second day of the Group’s debates was focused on the future of Europol, data protection, Europol’s actions concerning the ongoing war in Ukraine and the protection of fundamental rights. Two debates were also held as part of the scrutiny sessions, which revolved around the issue of organised environmental crime, including the illegal trade in waste and protected animal species, as well as the issue of lawful data access for law enforcement.
The future of Europol
In the part of the meeting concerning the future of Eurpol, speeches were given by Olivier Onidi, Deputy Director-General for Schengen and Internal Security at the European Commission’s Directorate-General for Migration and Home Affairs, and Jürgen Ebner, Deputy Executive Director of Europol.
Olivier Onidi pointed out that following a major reform of Europol aimed at strengthening the role of the agency as the European information centre in the fight against crime, which came into force in June 2022 , the European Union is now gearing up for another revision of the Europol regulation. As he pointed out, the goal is not to focus excessively on legal changes, but instead to capture the natural outcome of the increasing added value Europol brings when it comes to the internal security of the EU. Police heads and policymakers alike recognise that the agency has become a key support tool in the fight against growing and increasingly complex cross-border crime.
The new revision of the regulation aims to further strengthen Europol’s operational capabilities so that it can support European investigations and court proceedings more effectively and enable the sharing of expertise and modern tools, including digital forensics and data analytics. Onidi also pointed out that the agency would not be given new executive powers – its task would remain focused on supporting the state authorities, rather than replacing them outright.
In his view, one of the key tasks is to improve the exchange of information between member states and the Europol in order to make full use of the agency’s analytical potential. It will also be important to further develop operational capabilities and support states in carrying out active investigations, especially through so-called task forces. The revision is also intended to align Europol’s activities with the different needs of states, among others by enabling temporary secondments of experts in the context of national proceedings in cases requiring additional resources or expertise.
Onidi also pointed out the importance of investing in new technologies – the development of artificial intelligence, decryption and biometric analysis tools, which are essential for effective investigations today. He also highlighted the need for Europol to work more closely with Eurojust and the European Public Prosecutor’s Office (EPPO) to strengthen the protection of the European Union’s financial interests. Another important aspect concerns increasing the agency’s recruitment flexibility so that it can attract and retain highly skilled professionals whose competences often exceed the capabilities of the national authorities.
The Deputy Director General highlighted that the review process is being conducted in a thoughtful and consultative manner. The European Commission is currently conducting extensive consultations and preparing a comprehensive evaluation of Europol’s operations based on the provisions in force. The results of this assessment, together with an analysis of the impacts and possible options for reform, will feed into a new legislative proposal, which the Commission plans to present next June.
Jürgen Ebner began his speech with an analysis of the current situation, pointing out that the criminal world has been undergoing a radical change in recent years. Ten years ago, criminal activity was more structured and easier to predict, whereas today it is characterised by comprehensive digitalisation, decentralisation and cross-border operations. Criminals recruit, communicate and fund each other across borders, their targets range from individuals to hospitals and sea ports, and evidence – in the form of data, logs and metadata – is not permanent and often disappears before the authorities can manage to secure it.
In view of these changes, Ebner pointed out that Europol’s future should be based on three pillars: a new approach to law and processes, building a network of partnerships with key data holders, and developing digital tools and technologies. The goal should be to create a strategy that is not just a set of declarations, but a tangible plan for the development of the organisation. Europol should become a more executive agency – supporting the activities of the member states without taking over their competences. As Ebner pointed out, the agency is not seeking executive powers, but rather aims to strengthen its supporting role under the Treaty on the Functioning of the European Union.
Europol’s future development should focus on information, innovation and interoperability. The modernised Europol will no longer be just an intermediary in the process of data transfer between countries, but a hub for large-scale data collection, processing and analysis. Facilitating lawful access to data, including biometric data and data from private parties such as ISPs, financial institutions or cryptocurrency exchanges, will be key to success. Such a model is intended to enable Europol to work efficiently with data in real time, and to quickly support investigations.
Ebner also pointed out the importance of cooperation with other institutions as part of the EU’s internal security framework. Europol should deepen its coordination with partners such as Eurojust, the European Public Prosecutor’s Office (EPPO), ENISA, eu-LISA and Frontex to eliminate redundancies and ensure that all operations are complementing each other. As he pointed out, the principle should be based on the motto of ‘one case, one team, multiple mandates, no redundancy.’ He also pointed out the need to strengthen cooperation with Schengen associated states and Latin American states to better counter global criminal threats.
With regards to technology and innovation, Ebner announced further development of the Europol Innovation Lab, the construction of an artificial intelligence lab and the development of secure technology infrastructure, including European cloud for law enforcement. He pointed out that it is not about technology per se, but about providing state authorities with access to secure, state-of-the-art analytical tools. He added that Europol should reduce its reliance on technology from outside the European Union.
In conclusion, Director Jürgen Ebner pointed out that the implementation of these plans depends on adequate financial resources and trust from democratic institutions. He expressed his gratitude to the European Parliament for its support and stressed that Europol was using the allocated resources effectively. He thanked the national parliaments and the EP for their scrutiny of the agency’s activities. He also welcomed the European Commission’s proposal to double the agency’s budget and increase investment in technological innovation. As he pointed out, these measures are necessary to maintain Europol’s operational and technical capabilities at a level that meets today’s security challenges.
Data protection
A briefing on data protection was presented by Wojciech Wiewiórowski, European Data Protection Supervisor, and Daniel Drewer, Data Protection Supervisor at Europol. The presentation was commented on by Jürgen Ebner, Deputy Executive Director of Europol.
In his speech, Wojciech Wiewiórowski, who is the European Data Protection Supervisor, highlighted the growing importance of the role of the European Data Protection Supervisor (EDPS) in the oversight of Europol’s activities. He presented key findings from the oversight activities, drawing attention to the importance of personal data protection in the context of the new tasks assigned to Europol in recent years. He pointed out that his office has to ensure that all the activities of this agency are fully compliant with EU data protection rules, which is crucial not only for the protection of citizens’ rights, but also for the credibility and effectiveness of Europol itself.
Wiewiórowski noted that Europol has been given the power to process large and complex data sets, to retrieve publicly available information – including from social media – as well as to develop and use artificial intelligence tools for operational purposes and to cooperate directly with national police forces and private entities. These new competences are intended to increase the agency’s operational capabilities, but at the same time involve significant risks for citizens’ fundamental rights. As he pointed out, Europol’s directors are aware of these challenges and strive to ensure the conformity of its operations with data protection legislation.
The EDPS pointed out that the full implementation of the safeguards resulting from the amendment of the Europol regulation is still not complete. He highlighted the need to properly use the legislation on the so-called data unconnected to specific categories of individuals, as well as the underutilisation of the possibility of processing personal data for research and innovation purposes. Wiewiórowski emphasised that this is where the EDPS plays an important role, thanks to prior consultations, which enable assessing the impact of new data processing on individuals’ rights in advance.
As he pointed out, Europol has doubled the number of such consultations with the EDPS in the last year, which confirms the growing awareness of the importance of data protection in operational activities. Examples of actions consulted included the analysis of cryptocurrency data to track money laundering and terrorism funding, the development of artificial intelligence tools, the extraction of information from open sources and the use of biometric data in EU databases.
Wiewiórowski noted the importance of an ongoing dialogue with Europol, which enables data protection issues to be quickly detected and discussed. He also pointed out that effective supervision requires close cooperation with national data protection authorities. One of the key tools of oversight are joint audits conducted by the EDPS and national experts, which concern the use of facial recognition technology, Europol’s access to the Schengen Information System and the transfer of data to third states.
The EDPS pointed out that, in addition to its advisory role, the EDPS also has corrective and investigative powers to rectify irregularities and deal with complaints from data subjects whose data are processed by Europol. Such proceedings often require cooperation with state data protection authorities, especially where Europol’s decisions concern data provided by those states. In this context, together with the national authorities, the EDPS has developed a new coordination model within the framework of the so-called Coordinated Supervision Committee, with the aim of ensuring a uniform and high level of oversight.
In conclusion, Wojciech Wiewiórowski emphasised that as Europol’s competence expands, the system of oversight over its activities has to develop in parallel. The EDPS noted that he does not comment on political decisions on the role of Europol, but has an obligation to adapt its activities to the new operational reality. In this context, he also pointed out the preparations for the role of the market supervisory body for artificial intelligence systems under the EU AI Act. These activities are based on three pillars: governance, risk management and oversight, and they aim to ensure effective and trusted scrutiny over the technologies used by the European Union institutions, including Europol.
In his speech, Daniel Drewer, Data Protection Officer at Europol, covered his unit’s activity report, highlighting its key role in ensuring the conformity of the processing of personal data with the provisions of the law and data protection principles in force at Europol. He explained that as an internal auditor and advisor, his role is to independently ensure the conformity of the agency’s activities with data protection legislation and to support its improvement. His team works at the heart of Europol’s headquarters, collaborating closely with the operational directors and the Executive Board, which strengthens the culture of data protection in the agency’s day-to-day work.
Drewer pointed out that effective data protection is not possible in isolation. As the DPS, he is a member of Europol’s Security Committee and AI Alignment Committee, participates in the meetings of the agency’s Eecutive Board and has direct access to the top directors. He also maintains close working relations with Europol’s operational teams and with external institutions – including the European Data Protection Supervisor (EDPS) and national data protection authorities. He regularly participates in working groups of data protection officers of the Justice and Home Affairs agencies, as well as in meetings of representatives of all EU institutions.
He pointed out that the growing interest of national data protection authorities in Europol’s activities is reflected in joint audits and enhanced coordination within the Coordinated Supervision Committee and the European Data Protection Board. He noted that the oversight of Europol was further strengthened by the activity of the Inspector of Fundamental Rights and by parliamentary scrutiny, represented by the JPSG.
Among the most important achievements of the last period, Drewer mentioned the adoption of new Data Protection Officer Implementing Rules by the Europol Executive Board. As he pointed out, these represent the most detailed regulations of their kind in the entire EU public administration. This document covers all the duties and obligations stemming from various operational and administrative data protection laws, creating a ‘one-stop shop’ for data protection. Drewer thanked the EDPS for his constructive comments, which further strengthened the role of his office within the framework of Europol.
A significant part of the DPS work concerns oversight with regard to the processing of operational data, including consultations with the EDPS. Since the introduction of the requirement to undergo the so-called prior consultations, Europol has received a total of 31 EDPS opinions – the highest number among all law justice and security agencies in the EU. In specific, urgent cases, Europol can start processing data even before the EDPS has issued their opinion – under close oversight of the Data Protection Officer, which has been applied for the first time in the fight against cybercrime.
Drewer also addressed the issue of citizen data access requests, pointing out that any such request is treated with the utmost care and often requires consultations with Member States or third states holding the data in question, as well as with the relevant Europol operational units.
He also pointed out that the protection of personal data at Europol does not only concern operational data, but also administrative data, including information on staff, visitors or the agency’s medical and human resources activities.
In conclusion, Daniel Drewer highlighted that Europol’s mandate is broad, complex and constantly evolving, so ensuring conformity with data protection laws is not a one-off exercise, but an ongoing commitment. It requires close cooperation between operational teams, directors, supervisory authorities and the community of data protection professionals across the European Union. He assured that his office would continue to support Europol in the effective implementation of its mission, while protecting the fundamental rights and freedoms of citizens. He also stressed the key role of parliamentary scrutiny in ensuring transparency, accountability and trust in Europol’s activities.
Jürgen Ebner, Deputy Executive Director of Europol, responded to the speeches by W. Wiewiórkowski and D. Drewer. He highlighted the importance of developing a data protection culture at Europol, based on cooperation and open dialogue with experts from across the European Union. He pointed out that Europol does not consider itself to be the institution that knows best when it comes to data protection, which is why it is building platforms for sharing experiences with more than 40 data protection officers from various EU institutions to jointly seek the best solutions to emerging challenges. He stated that Europol has invested significant resources in building a strong data protection culture, with some 25 people working exclusively on issues in this area, demonstrating the importance of this matter to the agency.
Ebner also highlighted Europol’s good cooperation with the European Data Protection Supervisor (EDPS). He noted that of the 237 recommendations made by EDPS to Europol, 87% had been implemented to date. Although not all recommendations have yet been implemented – mainly for technological reasons – Europol takes them seriously and is constantly working on them. Regular meetings between the heads and staff of the Europol and the representatives of the EDPS enable discussion of the most pressing issues and the development of joint solutions that enable effective operational activities while respecting citizens’ rights.
With regard to Data Subject Access Requests, Ebner reported that the number of such questions was steadily increasing, with more than 3,700 received by Europol, with 15 complaints recorded, of which in six cases the EDPS issued warnings for delays in responses. In his view, the increase in the number of requests puts a significant burden on the data protection team, which has to review each request with due diligence.
Ebner also highlighted the need to further develop the concepts of data protection by design and data protection by default. In his view, it is necessary to introduce regular checkpoints in the processes of design and use of technology tools to ensure continuous monitoring of their conformity with data protection regulations.
In conclusion, Director Jürgen Ebner pointed out that the future of data protection in the context of Europol’s activities should not be based solely on increasing scrutiny and growing number of requirements, but above all on increasing the quality and effectiveness of oversight. He stated that the consultation and oversight processes should be simplified and accelerated, as the current procedures often take longer than the lifecycle of new technologies – especially in the area of artificial intelligence, where innovations occur every few months. He highlighted that only close cooperation between Europol and the EDPS and other supervisory authorities would enable the agency’s technological development to continue, while fully respecting data protection principles and citizens’ rights.
Europol’s action with regard to the war in Ukraine
The issue of Europol’s response to the war in Ukraine were discussed by Jean-Philippe Lecouffe, Europol’s Deputy Executive Director for Operations. He provided detailed information on Europol’s cooperation with Ukraine, which he assessed as exceptionally good and intensive. He stated that Ukraine remains a reliable, committed and trustworthy partner for Europol and EU Member States, despite the ongoing war. There are two Ukrainian police liaison officers based at Europol headquarters in The Hague, who ensure constant and smooth contact with partners in Kyiv.
Lecouffe pointed out that Ukraine is a very active participant in the operational activities of the EMPACT programme, participating in 202 operational activities and in all 15 action plans, which includes leading an operation against Russian-speaking criminal networks. Since the start of the war, the number of questions and information exchanges between Ukraine and Europol has increased significantly, with the number of messages and applications sent through SIENA almost tripling and the total volume of data exchange increasing by around 15%. There was also an increase in the number of joint criminal cases, both initiated by the Ukrainian side and by EU partners – by around 12%.
Europol has produced six special threat analyses on the consequences of Russian aggression against Ukraine for the internal security of the European Union. These documents have been forwarded to the member states. The agency also provides training and capacity-building for Ukrainian officers, which include strategic analysis, combating illegal drug production, cybercrime, cryptocurrencies, data decryption, computer forensics and training on accessing electronic evidence. Ukraine is also an important partner in the Eastern Partnership TOPCOP project.
Lecouffe reported that Europol has maintained a strong operational commitment since the start of the war. On average, 18 Europol guest officers support countries bordering Ukraine in terms of border control at the borders with Ukraine and Belarus. Europol also supports war crimes investigations, with over 630 suspects, thousands of photographs and witness statements currently in its databases. The agency participates in hundreds of investigations carried out by Ukraine and other states, collecting and analysing data on war crimes.
In the area of arms trafficking, Europol cooperates with the Ukrainian services by collecting information on lost and stolen weapons – more than 660,000 such cases have been registered so far and 14,000 weapons seized and listed in the agency’s databases. This data makes it possible to identify possible links between these weapons found in the EU and equipment originating from Ukraine. Europol also supports combating cyberthreats, including takedowns of channels on Telegram, and assists with investigations into financial crimes and evading sanctions.
As an example of effective cooperation, Lecouffe pointed to a joint operation in July 2020, carried out by the French police, French Attorney General and Ukrainian authorities, with the support of Europol. The operation led to the arrest of the administrator of one of the largest Russian-language cybercrime platforms, operating for 20 years and with more than 50,000 users exchanging stolen data and hacking tools.
In concludion, Director Lecouffe emphasised that Ukraine, despite the ongoing conflict and enormous challenges, remains an extremely committed partner in the fight against organised crime, cyberthreats and arms trafficking. Europol continues to monitor emerging threats arising due to the war, including the movement of criminal groups, the risk of arms trafficking, cyberattacks, circumvention of sanctions and hybrid warfare. Cooperation with Ukraine remains one of the key pillars of security for the entire European Union.
Safeguarding fundamental rights
Dirk Allaerts, Inspector for Fundamental Rights at Europol, reported on the protection of fundamental rights. He started by pointing out the importance of cooperation with the JPSG Consultative Forum, stating that this was the third time he has reported on his activities since taking office in 2023. The most important event in the past period was the ‘Fundamental Rights at the Heart of Policing’ conference, held in February at Europol headquarters. It was attended by representatives of security authorities, supervisory institutions and academia from 35 countries, as well as representatives of EU agencies and international organisations. The high attendance and participant feedback proved the great need for such initiatives.
He pointed out that his tasks are based on close cooperation with the different Europol departments. In particular, he welcomed the dialogue with the European Centre for Counter-Terrorism, which he had previously identified as an area of greatest risk of violations of fundamental rights, but the activities carried out confirmed their transparency and commitment to the protection of democratic values. He also works actively with the legal department and the Innovation Lab, and the training provided raises awareness among employees. An on-line training module is also being developed to cover a wider group of officers.
In his 2024 report, Allaerts stated that no violations of fundamental rights were detected, even though the report included some preventive and transparency-focused comments. There were no such issues in 2025 either, although the changing geopolitical situation and diverging values of some partner states lead to emerging and growing challenges. He continues to analyse cooperation with third states and private entities, pointing out the need for caution in order not to increase the risk of infringement. He has been involved in the development of procedures for evaluating such partnerships and supports the process of negotiating new agreements. He also visits Europol officers abroad, which enables direct verification of the conformity of actions with the laws and principles for the protection of fundamental rights.
One challenging area is the rapid development of tools based on artificial intelligence. The Innovation Lab consults all new developments with Allaerts, and he evaluates their conformity with fundamental rights and AI Act provisions. He also participates in Europol’s AI Alignment Board, which enables him to confirm that prohibited tools have not been used to date.
Allaerts has developed a wide network of partnerships with European and international institutions, including the Council of Europe, the EU Agency for Fundamental Rights, CEPOL and the academia. In his view, the processing of personal data is not only a matter of privacy, but also a matter of respecting broader human rights, which the entire law enforcement community must bear in mind.
In conclusion, Dirk Allaerts assessed the risk of violations by Europol staff as low, but pointed to the need for constant vigilance. Geopolitical tensions and the development of technology, especially AI, will require a balance between operational effectiveness and full respect for fundamental rights. At the same time, he assured that Europol remains fully committed to protecting these values.
Organised environmental crime. Illegal trade in waste and protected animal species
The JPSG was briefed on organised environmental crime, particularly in the area of illegal trafficking of waste and protected animal species. The briefing was presented by Jean-Philippe Lecouffe, Europol Deputy Executive Director for Operations, and Cezary Luba, Commander of the Central Bureau of Investigation of the Police.
Jean-Philippe Lecouffe pointed out the growing importance of crime against the environment, which poses a threat not only to nature but also to the economy. He explained that this issue mainly covers two types of activities – pollution and illegal waste trafficking offences, as well as wildlife crime. He pointed out that illegal trade in waste is increasing, becoming more complex and often involves shipments of waste both within and outside the European Union. Criminals forge documents, give bribes and exploit loopholes in the law, and the line between legal and illegal activity in this industry is becoming increasingly blurred.
In terms of wildlife crime, Lecouffe stated that while the scale of the practice remains relatively stable, it continues to bring enormous profits to criminals. Europe acts as a source, destination market and transit hub for the illegal trade in protected species. European eel smuggling remains the most lucrative, bringing in profits of €2.5-3 billion a year. What is more, traffickers are also trading in species which are not included in international registers to avoid detection. Europol is also involved in the fight against illegal timber trafficking and fishing, with tangible results in these areas.
Lecouffe pointed out that prosecuting environmental crimes is particularly difficult due to their cross-border nature and the complexity of the criminal networks. The perpetrators often run legitimate business activities that they use to launder money. They use new technologies, including encrypted communications, cryptocurrencies and online trading platforms. Despite the increasing number of reported cases, the level of prosecution still remains low, mainly due to the lack of specialised prosecutors and officers.
A step in the right direction was the new Environmental Crimes Directive adopted in 2024, which introduces new types of criminal offences, tougher sanctions and an obligation to develop national training strategies, giving Europol a greater role in strengthening cross-border cooperation. Lecouffe cited several examples of operational activities: the LAKE operation on eel trafficking, which saw more than 850 arrests and the securing of 200 tonnes of illegal merchandise; Operation Custos Viridis, targeting illegal waste trafficking, involving 72 states and 18 international organisations; and a joint operation by Italy, France and Spain against a criminal network that made a €16 million profit from waste trafficking over three years.
In conclusion, Director Jean-Philippe Lecouffe pointed out the need to raise public awareness of environmental crime, improve information exchange and harmonise legislation between states. He also called for the creation of specialised investigative and prosecuting units to more effectively prosecute the perpetrators of such crimes.
Commander Cezary Luba, speaking on behalf of the Polish Police, emphasised that crime against the environment is one of the most serious challenges of modern times. He pointed out that at a time of dynamic industrial and technological development, environmental protection should be a priority for every state in the European Union. The effects of this type of crime often become apparent years later, affecting the health and lives of citizens and future generations. Luba pointed out that the perpetrators of these crimes become victims themselves as they destroy the common good – the environment.
The data of the Polish Police shows that the grey market in waste management accounts for around 30-40% of the total market, representing losses of around €1.5 billion a year. The main areas of environmental crime include illegal waste trading, trade in protected species and illegal logging. These activities are extremely lucrative, as well as had to detect and prosecute, which is why they are attractive to organised crime groups. Environmental crime is often combined with economic crime, corruption, document forgery, fraudulently obtaining grants and money laundering.
He outlined the most common methods used by criminals in Poland, including setting up fictitious waste companies that disappear with the owner once the warehouses are filled, illegal dumping of waste in unsuitable locations, misuse of land reclamation permits, illegal shipment of waste from abroad, and deliberately starting fires at illegal landfills. There is also an increasing use of forged documents in the BDO system.
According to the data, some 13,000 illegal landfills, including more than 300 particularly hazardous ones, were removed in Poland in 2024 alone. By November 2025, more than 360 criminal investigations had already been started regarding waste offences, with as many as 1,800 charges in one ongoing investigation. Luba pointed out that in the majority of cases, we are dealing with organised crime, which calls for increased international cooperation, especially regarding the transportation of waste across state borders.
The Polish Police made tackling environmental crime a priority in 2021. The Police works with the Environmental Protection Inspectorate and the National Revenue Administration, which helps with detecting tax crimes and money laundering linked to fictitious waste trading. Other important factors include the implementation of a directive of the European Parliament and the Council on the protection of the environment through criminal law in 2024, which introduced new types of offences and harsher penalties.
Commander Luba highlighted the important role of international cooperation, especially with Europol, Interpol, the World Customs Organisation and other EU agencies. This cooperation makes it possible to conduct joint operations, share data and experience and recover criminal assets more effectively. Poland actively participates in a number of international operations, including Thunder, Silver Axe, Custos Viridis and Demeter, as well as in the European Multidisciplinary Platform Against Criminal Threats (EMPACT), whose priorities include combating environmental crime.
One of the main challenges is the cost of waste disposal – in just one investigation, it reached 110 million euro, which necessitates financial support from EU and national funds. Luba also pointed to the importance of training courses and conferences on the subject, as well as guidelines for officers, describing the process following the discovery of illegal landfills.
In conclusion, Commander Cezary Luba pointed out that only joint, coordinated action by national and international authorities can effectively reduce the scale of environmental crime. He stated that this phenomenon will continue to evolve, which is why it is crucial to maintain readiness and be able to respond to new forms of threats in order to protect the common good – the environment.
Lawful access to data for law enforcement purposes
The second of the scrutiny sessions of the 17th JPSG meeting was devoted to the issue of lawful access to data for law enforcement purposes. A briefing on the subject was given by Jürgen Ebner, Deputy Executive Director of Europol and Olivier Onidi, Deputy Director-General for Schengen and Internal Security at the European Commission’s Directorate-General for Migration and Home Affairs.
Director Jürgen Ebner stated that virtually all forms of organised crime, as well as terrorism, have a digital dimension. It is becoming increasingly challenging for law enforcement to access digital data, especially in the context of end-to-end encryption, encrypted devices and the absence of a data retention obligation. This issue is growing at an unprecedented rate and affects all types of crime.
Director Ebner pointed out that encrypted communications technologies, originally developed to protect privacy and security, have become a key tool in the hands of criminal groups, enabling them to coordinate their activities, avoid detection and expand their criminal operations. This also concerns terrorist and extremist organisations that use these technologies for propaganda and inciting violence.
According to Ebner, there has been a marked change in recent years, with criminals abandoning dedicated criminal platforms (such as EncroChat and Sky ECC) in favour of widely available commercial instant messaging applications with end-to-end encryption. These platforms offer a large user base, allow criminals to hide in the crowd and are easily accessible, making them particularly attractive.
This results in a significant reduction of the effectiveness of standard investigative tools, including the ability to legally wiretap and obtain evidence. This hinders investigations and prosecution of criminals, and as such can lead to discontinuation of proceedings due to lack of access to key data. As a result, criminals use encrypted messaging to organise drug trafficking, human trafficking, arms smuggling and sexual abuse of children.
Ebner also highlighted the phenomenon of recruiting minors for criminal activities – often through targeted communication and the promise of small amounts of money in exchange for committing serious criminal acts.
He pointed out that the police forces are not calling for the abolition of encryption, which remains necessary in a democratic society, but are calling for mechanisms to allow access to data in strictly defined situations – solely on the basis of a court decision, in accordance with the principles of proportionality and necessity.
In conclusion, Director Jürgen Ebner compared the situation to a physical reality in which the police – with the consent of the court – can enter a house to collect evidence or prevent a crime. In his view, the lack of an analogous capability in the digital world upsets the balance between privacy and public safety. He pointed out that the boundary between the real world and the digital world no longer exists, which is why the tools that enable effectively protecting citizens should also work in the virtual sphere. He concluded by stating that the problem is not abstract or technical – it has real impact on safety, since it prevents the identification of children abused online and curbing the growth of drug crime.
Olivier Onidi, Deputy Director-General for Schengen and Internal Security at the European Commission, pointed out that one of the most important and still unresolved issues in the area of internal security is the issue of access to electronic data, which is nowadays a fundamental element of evidence in almost every criminal investigation. He pointed out that these days the majority of hard evidence in criminal cases is digital – it is collected from phones, computers, instant messaging apps and social media, which are commonly used by criminals, whether for contact, trafficking in illegal goods, recruiting accomplices or grooming children.
Onidi identified three main challenges in this area. The first concerns the availability of data, namely the lack of a uniform European framework which obliges digital service providers to store basic data, such as IP addresses and location data that enable identifying perpetrators. Current laws vary between states and mainly cover traditional telecommunications operators, leaving out new entities – the so-called OTT (over the top) services, such as instant messaging platforms. Onidi announced that the European Commission is working on a proposal for a new legal framework that will introduce data retention obligations for a limited time, subject to the principles of proportionality, necessity and full judicial oversight.
The second challenge concerns the availability of data in practice, namely the ability to obtain it from vendors. Although the EU already has a system in place to regulate the process for obtaining data (e-Evidence), legal conflicts still arise, especially in relations with entities registered outside the EU, mainly in the United States. Such legal conflicts often prevent the transfer of data required for investigations. Onidi highlighted the need to develop new international agreements and strengthen the obligation of digital platforms operating in the European market to work with law enforcement.
The third and most complex problem is the readability of the data, namely the ability to decrypt it. Encrypted data is useless to law enforcement, and despite heavy investment in analytical tools and technical capacity – even Europe’s state-of-the-art laboratories, including Europol, are only able to handle a small number of cases per year. Onidi pointed out that as of today, the authorities are often forced to exploit vulnerabilities in IT systems, which is an undesirable and dangerous solution.
He pointed out that he is not calling for weakening encryption, which is crucial for privacy and cybersecurity, but about creating a legal and transparent path to access encrypted data in well-defined, legitimate cases. To this end, the European Commission has appointed a group of experts – computer scientists, experts in fundamental rights and criminal law – to develop innovative and lawful solutions to enable authorities to access encrypted data while respecting citizens’ privacy within a year.
In the concluding part of the 17th meeting of the JPSG, Konrad Frysztak, Chair of the Sejm delegation to the JPSG, mentioned the special role of members of parliaments in terms of democratic oversight of institutions that may violate citizens’ fundamental rights. He stated that through their activities in countries, parliaments and electoral districts, they have the opportunity to promote security-friendly behaviour. He stressed that the members of the Joint Parliamentary Scrutiny Group on Europol should therefore look closely at the implementation of police cooperation, not only to assess its legitimacy, but also to actively inspire local communities in terms of crime prevention and to strengthen educational activities on the basis of best practices. In his view, we should turn our attention to the growing sophistication of criminals and the diversity of their areas of operation. Referring to Commander Luba’s speech, he pointed out that not only is the scale of the social threats posed by criminal activity increasing, but that the social costs associated with these crimes are also growing, particularly in terms of environmental risks. He noted that both the Joint Parliamentary Scrutiny Group and Europol itself should step up their activities in this area. Concluding the meeting, he thanked the members of parliaments for their participation in the event and expressed his gratitude for all the efforts over the past year, during which the members of Polish parliament co-chaired the Group’s work. In his opinion, it was a challenge, which required more effort, but also brought great satisfaction. He noted that through this joint effort, the Group has managed to hold meetings on important matters and provide the members of parliaments with valuable information to familiarise themselves with Europol’s ongoing work. He expressed particular satisfaction with the election of candidates to the Consultative Forum on Fundamental Rights. He also thanked all the moderators of debates and sessions with whom he had worked during Poland’s one-year chairmanship of the JPSG. He also wished the Cypriot delegation great satisfaction with its upcoming presidency.
The next meeting of the Joint Parliamentary Scrutiny Group on Europol will take place on 4-5 February 2026 in Nicosia, as part of the parliamentary dimension of the Cypriot Presidency.
More information:
https://ipexl.europarl.europa.eu/IPEXL-WEB/conferences/jpsg/event/8a8629a897c426d30197c5263765001a
