Geneva – Regardless of repeated warnings from their own data protection watchdogs, the European Border and Coast Guard Agency (Frontex) and the EU Commission are proceeding with the expansion of a highly intrusive surveillance program. Designed to target people on the move, the program includes the collection of genetic data, political and religious beliefs, and information concerning sexual orientation, which is unlawful, groundless, and very dangerous, Euro-Med Human Rights Monitor warned in a statement today.
A recent investigation conducted by journalists Luděk Stavinoha, Apostolis Fotiadis, and Giacomo Zandonini revealed that Frontex and the European Commission sidelined their own data protection watchdogs in order to proceed with the expansion of the biased system of data collection from people on the move in collaboration with Europol, which will cross-check and store the information within its criminal databases.
This mass surveillance project, nicknamed PeDRA (Processing of Personal Data for Risk Analysis), originated in 2016 with the collaboration of Frontex and Europol, the EU police body. The two agencies’ original aim was to exchange data more easily following the November 2015 terror attacks in Paris, France, in an effort to prevent further attacks from occurring. Just like back then—when the refugee crisis in the Mediterranean was at its peak and the fight against terrorism went hand in hand with the fight against “irregular” migration—European bodies continue to link migration flows to crimes, with no evidence at all.
Through the launching of PeDRA, Frontex was able to gather information on newly-arrived migrants suspected of cross-border crimes such as terrorism, human trafficking, and people smuggling, and to transmit the data to Europol; the expanded program would also target the witnesses and victims of alleged crimes. Eventually anyone could be targeted at the discretion of Frontex border guards, and their sensitive personal data collected without restrictions. On the premise of curbing human trafficking and terrorism, the collection of information will include genetic and biometric data such as DNA, fingerprints or photographs, political and religious beliefs, and sexual orientation.
Despite repeated warnings from Frontex’s own Data Protection Officer Nayra Perez about the proposed expansion, the Frontex Management Board, which is composed of representatives of the 26 EU Member States and two members of the European Commission, gave it the green light in December of 2021.
On the Commission’s side, it wanted the new intrusive measures adopted with such urgency that it was deemed unnecessary to consult the European Data Protection Supervisor (EDPS), probably because it would have halted PeDRA’s expansion. Indeed, when in January the EDPS ordered Europol to delete data concerning individuals with no links to crime—data therefore collected unlawfully—EU Member States and the Commission itself enabled the agency to bypass the order.
“The fact that Frontex and the Commission have deliberately chosen to ignore the EU’s leading data protection authority, and even Frontex’s own Data Protection Officer, to approve this mass surveillance program already proves the degree to which this plan is unlawful, biased, groundless, and dangerous for people on the move”, said Michela Pugliese, Migration and Asylum Researcher at Euro-Med Monitor. “The expansion of PeDRA will further criminalize innocent people and collect their most sensitive personal data in order to impede their right to seek asylum, facilitate the procedures for their expulsion and repatriation, and nurture the misconception that migration and terrorism go hand in hand”.
Euro-Med Human Rights Monitor calls on the European Commission to halt the expansion of such a biased and unlawful program with no concrete effectiveness in combating serious cross-border crime; to introduce procedural safeguards in any program concerning people’s sensitive data, especially when regarding people on the move, and to include the requirement of justifying reasons of processing such personal data; and to ensure that any processing of migrants and asylum seekers’ personal data fully respects their human dignity and fundamental rights, particularly the right of respect for one’s private life and the right to the protection of personal data.