A Guardian investigation reveals that Europol, the EU police body, has been accused of unlawfully holding information and aspiring to become an NSA-style mass surveillance agency.
An article co-authored by Apostolis Fotiadis, Ludek Stavinoha, Giacomo Zandonini, and Daniel Howden reveals that Europol will be forced to delete much of a vast store of personal data that it has been found to have amassed unlawfully by the bloc’s data protection watchdog.
The unprecedented finding from the European Data Protection Supervisor (EDPS) targets what privacy experts are calling a “big data ark” containing billions of points of information.
Sensitive data in the ark has been drawn from crime reports, hacked from encrypted phone services, and sampled from asylum seekers never involved in any crime.
According to internal documents seen by the Guardian, Europol’s cache contains at least 4 petabytes – equivalent to 3m CD-Roms or a fifth of the entire contents of the US Library of Congress.
Among the quadrillions of bytes held are sensitive data on at least a quarter of a million current or former terror and serious crime suspects and a multitude of other people with whom they came into contact.
It has been accumulated from national police authorities over the last six years, in a series of data dumps from an unknown number of criminal investigations.