S.I. No. 748/2024 - European Union (Information Exchange between Law Enforcement Authorities) Regulations 2024
Notice of the making of this Statutory Instrument was published in | ||
“Iris Oifigiúil” of 3rd January, 2025. | ||
The Minister for Justice, in exercise of the powers conferred on her by section 3 of the European Communities Act 1972 (No. 27 of 1972) and for the purpose of giving effect to Directive (EU) 2023/977 of the European Parliament and of the Council of 10 May 20231 , hereby makes the following regulations: | ||
1. (1) These Regulations may be cited as the European Union (Information Exchange between Law Enforcement Authorities) Regulations 2024. | ||
(2) These Regulations come into operation on the 20th day of December 2024. | ||
2. (1) In these Regulations – | ||
“Act of 2018” means the Data Protection Act 2018 (No. 7 of 2018); | ||
“Directive” means Directive (EU) 2023/977 of the European Parliament and of the Counsel of 10 May 20231 on the exchange of information between the law enforcement authorities of Member States and repealing Council Framework Decision 2006/960/JHA; | ||
“Europol” means the body established under Article 1(1) of Regulation (EU) 2016/794; | ||
“Regulation (EU) 2016/794” means Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 20162 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA, as amended from time to time; | ||
“Single Point of Contact” means the Single Point of Contact designated under Regulation 5; | ||
“single point of contact” means, in relation to a Member State other than the State, the single point of contact established or designated by that Member State for the purposes of Article 14; | ||
(2) A word or expression that is used in these Regulations and that is also used in the Directive has, unless the context otherwise requires, the same meaning in these Regulations as it has in the Directive. | ||
(3) In these Regulations, unless otherwise indicated, a reference to an Article is a reference to an Article of the Directive. | ||
3. These Regulations apply to exchanges of information to which the Directive applies. | ||
4. Exchanges of information to which these Regulations apply, and the performance of functions under these Regulations, shall be done in accordance with the principles specified in Article 3. | ||
5. (1) The Garda Síochána is designated for the purposes of Article 14 as the Single Point of Contact. | ||
(2) The Single Point of Contact shall be responsible for coordinating and facilitating the exchange of information under the Directive and these Regulations and – | ||
(a) shall receive and evaluate requests for information submitted in accordance with Article 4 in the languages notified pursuant to Article 11(2), | ||
(b) shall channel requests for information to the relevant competent law enforcement authorities and, where necessary, coordinate among them the processing of such requests and the provision of information pursuant to such requests, | ||
(c) shall coordinate the analysis and structuring of information with a view to providing it to the single points of contact of, and where applicable to the competent law enforcement authorities of, other Member States, | ||
(d) shall provide, on request or on its own initiative, information to other Member States in accordance with Articles 5 and 7 and these Regulations, | ||
(e) may refuse to provide information in accordance with Article 6, and, where necessary, request clarification or specifications in accordance with Article 6(3) and these Regulations, | ||
(f) shall send requests for information to the single points of contact of other Member States in accordance with Article 4 and, where necessary, provide clarification or specifications in accordance with Article 6(3) and these Regulations, and | ||
(g) may perform any other function of a Single Point of Contact for the purposes of the Directive or these Regulations. | ||
6. The Single Point of Contact shall comply with Article 4 when submitting a request for information to which that Article refers to the single point of contact of another Member State. | ||
7. (1) When information has been requested from the Single Point of Contact in accordance with Article 4 and Regulation 6, it shall, subject to Article 6, this Regulation and Regulation 8, provide that information in accordance with Article 5. | ||
(2) The Single Point of Contact shall, in accordance with Article 6(1), assess whether the request for information referred to in paragraph (1) is in accordance with the requirements set out in Article 4, in particular as to whether there is a manifest breach of fundamental rights. | ||
(3) The Single Point of Contact, where it provides requested information to the designated law enforcement authority of another Member State, shall not be required to send a copy of the requested information to the single point of contact of that other Member State where, in the circumstances of the case, to do so would jeopardise one or more of the following: | ||
(a) an ongoing highly sensitive investigation for which the processing of information requires an appropriate level of confidentiality; | ||
(b) terrorism cases not involving emergency or crisis management situations; | ||
(c) the safety of an individual. | ||
8. (1) The Single Point of Contact may only refuse to provide information requested in accordance with Article 4 in the circumstances, and to the extent, specified in Article 6(1). | ||
(2) Article 6 shall apply in relation to refusals by the Single Point of Contact of requests for information requested in accordance with Article 4, the giving of reasons for such refusals, and, where applicable, requests by the Single Point of Contact for clarification or specifications needed to process a request for information that otherwise would have to be refused. | ||
9. (1) The Single Point of Contact or a competent law enforcement authority in the State may, on its own initiative, provide information available to it to the single point of contact or to a competent law enforcement authority of another Member State where there are objective reasons to believe that such information could be relevant to that other Member State for the purpose of preventing, detecting or investigating criminal offences. | ||
(2) Subject to paragraph (3), the Single Point of Contact or a competent law enforcement authority in the State shall, on its own initiative, provide information available to it to the single point of contact or a competent law enforcement authority of another Member State where there are objective reasons to believe that such information could be relevant to that other Member State for the purpose of preventing, detecting or investigating serious criminal offences. | ||
(3) Paragraph (2) shall not apply in so far as one or more of the following applies in respect of the information concerned: | ||
(a) the judicial authorisation required under the law of the State in accordance with Article 9 was refused; | ||
(b) there are objective reasons to believe that the provision of the requested information would do one or more of the following: | ||
(i) be contrary to or would harm the essential interests of the national security of the State; | ||
(ii) jeopardise the success of an ongoing investigation of a criminal offence or the safety of an individual; | ||
(iii) unduly harm the protected important interests of a legal person. | ||
(4) Subject to paragraph (5), the Single Point of Contact or a competent law enforcement authority in the State shall provide information under paragraph (1) or (2) in accordance with Article 7(3). | ||
(5) A competent law enforcement authority in the State, where it, under paragraph (1) or (2), provides information to another Member State, shall not be required to send a copy of the requested information to the Single Point of Contact or, where applicable, to the single point of contact of that other Member State where to do so would jeopardise one or more of the following: | ||
(a) an ongoing highly sensitive investigation for which the processing of information requires an appropriate level of confidentiality; | ||
(b) terrorism cases not involving emergency or crisis management situations; | ||
(c) the safety of an individual. | ||
10. (1) Subject to paragraph (2), the Single Point of Contact and a competent law enforcement authority in the State shall, when the circumstances referred to in those paragraphs apply, comply with paragraphs 1 and 2 of Article 8. | ||
(2) The Single Point of Contact or competent law enforcement authority in the State shall not be required to comply with paragraph (1) where, in the circumstances of the case, to do so would jeopardise one or more of the following: | ||
(a) an ongoing highly sensitive investigation for which the processing of information requires an appropriate level of confidentiality; | ||
(b) terrorism cases not involving emergency or crisis management situations; | ||
(c) the safety of an individual. | ||
11. (1) Subject to paragraph (2), the Single Point of Contact and the competent law enforcement authorities in the State shall, from 12 June 2027, use SIENA to do any of the following: | ||
(a) send requests for information; | ||
(b) provide information pursuant to such requests; | ||
(c) provide information on its or their own initiative, as the case may be, | ||
in accordance with Chapter II or III of the Directive or Article 12. | ||
(2) The Single Point of Contact and the competent law enforcement authorities in the State shall not be required to use SIENA for the purposes referred to in paragraph (1) where one or more of the following applies: | ||
(a) the exchange of information requires the involvement of third countries or international organisations or there are objective reasons to believe that such involvement will be required at a later stage, including through the Interpol communication channel; | ||
(b) the urgency of the request for information requires the temporary use of another communication channel; | ||
(c) an unexpected technical or operational incident prevents the Single Point of Contact or the competent law enforcement authorities from using SIENA to exchange the information. | ||
(3) In this Regulation, “SIENA” means the Europol Secure Information Exchange Network Application that is commonly known as “SIENA”. | ||
12. (1) Where the Single Point of Contact or a competent law enforcement authority in the State – | ||
(a) sends requests for information, | ||
(b) provides information pursuant to such requests, or | ||
(c) provides information on its own initiative, | ||
under Chapter II or III of the Directive, it shall also – | ||
(i) assess, on a case-by-case basis, and subject to Article 7(7) of Regulation (EU) 2016/794 and paragraph (2), whether it is necessary to send a copy of the request for information or of the information provided to Europol, in so far as the information to which the communication relates concerns criminal offences falling within the scope of the objectives of Europol set out in Article 3 of Regulation (EU) 2016/794, and | ||
(ii) in so far as it is assessed to be necessary under subparagraph (i) and subject to paragraph (2), send a copy of the request for information or of the information provided to Europol, and duly communicate to Europol the purposes of the processing of the information and any possible restrictions to that processing pursuant to Article 19 of Regulation (EU) 2016/794. | ||
(2) Information initially obtained from another Member State or a third country shall only be sent to Europol pursuant to this Regulation where that other Member State or third country has given its consent. | ||
13. (1) Where the Single Point of Contact or a competent law enforcement authority in the State provides information under Chapter II or III of the Directive and these Regulations that constitutes personal data, it shall – | ||
(a) ensure that the personal data are accurate, complete and up to date, in accordance with section 74(3)(a) of the Act of 2018, | ||
(b) ensure that the categories of personal data provided by category of data subject are limited to those listed in Section B of Annex II to Regulation (EU) 2016/794 and are necessary for and proportionate to achieving the purpose of the request, and | ||
(c) provide, at the same time and in so far as possible, in accordance with section 74(3)(c) of the Act of 2018, the information necessary to enable the single point of contact of, or the competent law enforcement authority of, the other Member State to assess the degree of accuracy, completeness and reliability of the personal data and the extent to which the personal data are up to date. | ||
(2) This Regulation shall not be construed as limiting the applicability of any enactment or rule of law relating to data protection in so far as it applies to the provision of the information referred to in paragraph (1). | ||
14. The Commissioner of the Garda Síochána shall ensure compliance with Articles 14(3)(a), 15 and 16. | ||
15. (1) The provision under Chapters II and III of the Directive and these Regulations of information to the single point of contact or to the competent law enforcement authority of another Member State shall not require a judicial authorisation where such authorisation is not required under the law of the State for the provision of such information within the State. | ||
(2) Where the provision of information to the single point of contact or to a competent law enforcement authority of another Member State requires, in accordance with paragraph (1), judicial authorisation, the Single Point of Contact or the competent law enforcement authority in the State from whom the information was requested shall immediately take all the necessary steps, in accordance with the law of the State, to seek to obtain such a judicial authorisation as soon as possible. | ||
| ||
GIVEN under the Official Seal of the Minister for Justice, | ||
20 December, 2024. | ||
HELEN MCENTEE, | ||
Minister for Justice. | ||
1 OJ No. L 134, 22.5.2023, p.1. |
