"Europol, the European Union’s (EU) police agency, operated a shadow data repository containing vast amounts of sensitive personal information and used it for years beyond its lawful scope, according to internal documents and whistleblower accounts.
-
"Europol, the European Union’s (EU) police agency, operated a shadow data repository containing vast amounts of sensitive personal information and used it for years beyond its lawful scope, according to internal documents and whistleblower accounts.
Described by former officials as a “shadow IT environment”, the system lacked basic security or data protection safeguards required under EU law. It was used to store and analyse highly sensitive data – phone records, identity documents and geolocation information – including details of people who were not suspected of a crime.
This investigation by Solomon, Correctiv and Computer Weekly, based on leaked emails, internal reports and testimonies from former officials, found that in practice, the system became the agency’s primary environment for large-scale data analysis, despite lacking essential controls over who could access or modify the data.
For the first time in the agency’s history, several former high-ranking officials have come forward to reveal that the use of this shadow environment to store vast amounts of data – and the use of a clandestine intelligence tool known internally as the “Pressure Cooker” – had been concealed from the EU’s top privacy watchdog until 2019.
“They protect the law while breaking it,” one former senior official said of Europol."
‘They protect the law while breaking it’: Inside Europol’s shadow IT system | Computer Weekly
Under pressure to deliver in the fight against serious cross-border crime, Europol built and operated a shadow data analysis platform containing large volumes of sensitive information, which operated without key legal and technical safeguards.
ComputerWeekly.com (www.computerweekly.com)
-
R relay@relay.infosec.exchange shared this topic
