Revista CIDOB d'Afers Internacionals (Dec 2015)
The limits of European data protection law in EU border control
Abstract
In the 1980s, the EU began collecting the personal data of people arriving from third countries in order to control migratory flows within the EU. However, since the 9/11 attacks function creep has led to this information, which was originally collected for EU border management, being used by police authorities. Information systems such as SIS, VIS, CIS and Eurodac have been amending their own regulations to permit access by police authorities from the member states and Europol. This paper analyses the potential conflict arising from these practises and the fundamental right to data protection in the EU. First, general and sectoral data protection rules applicable to the data processed by SIS, VIS, CIS and Eurodac will be examined. After that, this study will assess whether allowing law enforcement authorities to access such EU information systems could violate the EU principles of necessity and purpose limitation.
