Author: Nyman Gibson Miralis
Subject: INTERPOL data processing
Keywords: INTERPOL data processing reforms, National Central Bureau (NCB), Commission for the Control of INTERPOL’s Files (CCF), Red Notices
As an International Police Organisation, INTERPOL processes vast amounts of highly sensitive data on a daily basis. It is important for INTERPOL’s 190 member countries to have confidence and trust in exchanging data through INTERPOL’s systems, and therefore data protection principles such as transparency, accountability and data quality are of primary importance.
Notable reforms to INTERPOL’s data processing rules were introduced in 2016.
What were the changes?
Definition of responsibility
The amendments more clearly defined the allocation of responsibilities at the various levels of involvement in information handling, including responsibilities of the:
- National Central Bureaus (NCBs) – for the data they send
- General Secretariat – for the use and storage of this information
- Member countries – for data received and for keeping their national databases up to date
INTERPOL data protection officer
The creation of an INTERPOL data protection officer position allowed for enhanced internal oversight, with the responsibilities of this position including:
- Compliance monitoring
- Liaising with other INTERPOL departments and the CCF
- Coordinating the work of national data protection officers at NCBs
- Providing advice and sharing expertise with data protection offices at other international organisations
Commission for the Control of INTERPOL’s files (CCF)
The Commission for the Control of INTERPOL’s Files (CCF) is an independent, impartial body, officially responsible for ensuring that the processing of data (such as names, fingerprints and DNA profiles) complies with the applicable INTERPOL rules.
The 2016 reforms also impacted the structure and procedures of the CCF, which was restructured into two departments to more effectively carry out its main functions:
- A Supervisory and Advisory department – to ensure processing of personal data is in compliance with INTERPOL’s rules, and to provide advice on activities involving the processing of personal data
- A Requests department – to examine and decide on requests for access to data, and/or for the correction or deletion of data
Red Notices and wanted persons diffusions
INTERPOL has come under scrutiny in the past regarding instances in which Red Notices have been misused. This issue was addressed in Fair Trials International’s 2013 report Strengthening Respect for Human Rights, Strengthening INTERPOL.
In 2016, INTERPOL established a dedicated task force to review all data processing concerns, particularly in relation to Red Notices and wanted persons diffusions, to ensure compliance with the INTERPOL constitution and rules.
Significant reforms to the ways in which INTERPOL processes and manages data have been introduced to allow for a clearer definition of responsibility, a more effective structure and a greater focus on human rights. The reforms however will need to be carefully monitored.
Nyman Gibson Miralis have expertise in INTERPOL-related criminal investigations, including having Red Notices successfully removed. If you require assistance, contact one of our expert criminal defence lawyers