"They protect the law while breaking it": Inside Europol's Shadow IT System
16 hours ago
- #data protection
- #Europol
- #shadow IT
- Europol operated a 'shadow IT' system with vast sensitive data, lacking security and data protection safeguards required by EU law.
- The system included 'Pressure Cooker,' a tool used to bypass EU laws, and the Computer Forensic Network (CFN), which stored 99% of operational data without proper controls.
- Internal warnings in 2019 highlighted grave security vulnerabilities, such as ineffective access controls and insufficient logging, risking unauthorized data access and modification.
- The European Data Protection Supervisor (EDPS) ordered Europol to delete non-compliant data, but monitoring revealed ongoing issues, with 15 key recommendations unresolved by 2026.
- Europol's mandate and budget are set to expand, raising concerns about past irresponsible use of powers and potential hidden systems despite reforms.