Data protection for European law enforcement: taking stock of the relationship between privacy rights and effective policing in a challenging technological landscape

  • Panel
  • Class Room
  • Thursday 22.05 — 11:50 - 13:05

Organising Institution

Europol Data Protection Experts Network (EDEN)

Europe

The EDEN network Founded in 2015, the Europol Data Protection Experts Network (EDEN) is a collaboration platform that brings together stakeholders from diverse backgrounds. It provides a forum for sharing knowledge, best practices, events, and projects related to data protection within a law enforcement context. EDEN is an invitation-only network and is not suitable for the exchange of operational personal data or classified information. Each year, EDEN organises a conference featuring speakers and participants from law enforcement, the data protection community, private industries, NGOs, academia, and other interested sectors. To date, eight large-scale EDEN events have been held in The Hague (2016, 2018, 2020, 2022, 2024), Copenhagen (2019), Rome (2021), and Madrid (2023). Additionally, EDEN has hosted panels at the International Conference on Computers, Privacy, and Data Protection (CPDP) in Brussels every year since 2020.
  • Academic 1
  • Business 3
  • Policy 2
Law Enforcement DPOs face a myriad of challenges in their efforts to uphold privacy rights while ensuring effective policing. Some of the most pressing challenges include ensuring that only necessary data is collected for legitimate law enforcement purposes, and establishing protocols for the retention and deletion of data to prevent unnecessary storage and potential misuse. Balancing the need to share data between law enforcement agencies for effective collaboration and intelligence-sharing while safeguarding against unauthorized access, data breaches, and potential violations of privacy laws forms part of the DPO portfolio as well as assessing the ethical and legal implications of using advanced surveillance technologies such as facial recognition, drones, and biometric systems, including ensuring transparency, accountability, and compliance with privacy.

Questions to be answered

  1. How can DPOs protect law enforcement databases and systems from cyber threats, hacking attempts, and data breaches, which could compromise sensitive information and undermine public trust in law enforcement agencies?
  2. How can DPOs contribute to upholding the rights of individuals, including the right to privacy, freedom of expression, and due process, while enabling operational colleagues to successfully pursue criminal investigations?
  3. What are concrete steps to demonstrating accountability, transparency, and adherence to ethical standards?
  4. How can DPOs keep abreast of evolving legal and regulatory frameworks?

Moderator

Jekaterina Macuka

Director of the Data State Inspectorate (DPA) of Latvia - Latvia

Jekaterina Macuka is the Director of the Data State Inspectorate (DPA) of Latvia since 2020. Prior to this she worked for the Latvian Ministry of Justice Heading the Unit of Policy Development and Religious Affairs. In this capacity she advised in the EU Twinning Project with Moldova, working to raise data protection standards. She obtained her Master of Laws at the University of Latvia.

Speaker

Daniel Drewer

Europol Data Protection Experts Network (EDEN) - Europe

Daniel Drewer is Data Protection Officer and Head of the Data Protection Function at Europol. He holds a Master of Law from the University of Hamburg. Daniel Drewer followed his further professional training at the Hanseatic Court for Intellectual Property Law, at the Data Protection Authority of the City of Hamburg, at the international corporate law firm Heuking as well as at the German Desk at Eurojust. He worked as a contract lawyer for one of Europe’s largest advertising agencies. Daniel Drewer joined the Legal Service of Europol in 2003. He set up the Confidentiality Desk and went on to become Confidentiality Officer with responsibilities in the area of data security. He served as Secretary to the Europol Security Committee. In 2007 he was selected as Head of Unit, responsible for data protection and data security compliance in the newly established Information Integrity Unit. In 2010 the Management Board appointed Daniel Drewer as Europol’s first ever Data Protection Officer. Daniel Drewer is founder of the Europol Data Protection Experts Network (EDEN), a community that includes more than 800 members stemming from law enforcement, industries, academia and non-governmental organisations aiming at exploring cutting-edge topics at the intersection of law enforcement and emerging technologies. Daniel Drewer contributes as a speaker to international data protection conferences, including CPDP, IAPP and Privacy Symposium. He is co-founder of the Certification Course for Data Protection Officers at the European Institute for Public Administration (EIPA) and lecturer at the Summer schools on criminal and data protection law at the Academy for European Law (ERA). Daniel Drewer is Senior Fellow of the European Centre on Privacy and Cybersecurity at the Law Faculty of the University Maastricht. He is member of the CEPOL Expert Group on Fundamental Rights and of the AI alignment committee at Europol. Daniel Drewer completed his military service at the German Ministry of Defence in Bonn.

Speaker

Michael Armstrong

An Garda Síochána - Ireland

Michael Armstrong is a civil servant, working as Data Protection Officer for An Garda Síochána (AGS) since 2021. Prior to this role he worked as Head of the AGS Data Protection Unit, and previously in a number of roles in the Northern Ireland Civil Service, including policy development roles in the Department for Employment and Learning (now the Department for the Economy) and the Department for Infrastructure, as well as other roles in the Northern Ireland Audit Office and the Office of the Northern Ireland Executive in Brussels.

Speaker

Anna Pouliou

CERN - Switzerland

Anna Pouliou is an internationally recognized data protection expert and university lecturer of privacy and AI law with over 15 years of experience in this field. She is a qualified attorney and has held leading roles in major global corporations but also worked as a partner in the Big4, offering data protection advisory services to private and public sectors alike. In February 2024, she was appointed Chair of the Data Protection Commission at CERN, the data protection supervisory authority of the European Organization for Nuclear Research. She is one of the four finalists for the 2025-2030 EDPS term.