Databases for EU Internal Security Cooperation – Challenges for the Rule of Law

In 2019 the European Parliament and the Council passed Regulations (EU) 2019/817 and 818 seeking new strategies for identifying dangerous individuals who use false or multiple identities. This interoperability approach establishes interconnections between the AFSJ databases for policing and migration purposes. This constitutes a paradigm shift for purpose limitation as a core element of data protection and a challenge for the rule of law in this area. The paper discusses the interoperability approach in the context of existing and newly established AFSJ databases. The legal framework for data protection in the EU has developed considerably with the General Data Protection Regulation (GDPR) 2016/679 and with Directive 2016/680 for policing and criminal justice. The European Data Protection Board, a multilevel accountability forum in which European and national data protection authorities cooperate, has been established. From a trans-disciplinary legal, public administration, and public policy perspective, this paper analyses the political context and the regulatory patterns, as well as the institutional settings, established for the upcoming interoperability of databases for policing and migration.