Europol seeks a new director to 'shape the agency's future'
Topic
Country/Region
14 April 2026
Europol is in the process of hiring a new director to replace Catherine de Bolle. At the same time, the former executive director of Frontex faces a French court for complicity in crimes against humanity. Both agencies have a history of acting beyond the law to prevent people from migrating to Europe, with little to no repercussions. If Europol's new director follows suit, the recent reform to the Europol regulation will likely shield them from adequate oversight.
Support our work: become a Friend of Statewatch from as little as £1/€1 per month.
Images: “EU2024BE_240124_Launch of the European Ports Alliance_Havenhuis_JNZT_0095” by Belgian Presidency of the Council of the EU 2024, CC BY 2.0; "Europol building" by OSeveno - Own work, CC BY-SA 3.0
A new police chief
Catherine de Bolle is stepping down as the executive director of Europol, the EU policing agency, after two terms in office. Since she took the job in 2018, the agency has significantly expanded its resources and the amount of data it processes. It is the second-fastest-growing agency, behind Frontex, the EU border agency.
To live up to their predecessors, it would seem the new police chief will need to be willing to lead the agency as it knowingly breaks the law. Lucky for them, ignoring these violations will be even easier since the 2022 reform of the Europol regulation weakened the oversight mechanisms responsible for monitoring the agency’s respect for fundamental rights.
However, it seems that accountability for EU agency leadership is not entirely lost. Only recently, a French court announced it was opening an investigation into the former executive director of Frontex. This is the first national investigation into a former EU chief for complicity in crimes against humanity and in acts of torture.
The big data case
A year after her appointment, Catherine de Bolle wrote to the European Data Protection Supervisor (EDPS), which monitors Europol’s compliance with data protection, with concerns about “major compliance issues with the Europol Regulation.” She referred to those issues as the agency’s “big data challenge.”
After the 2015 terrorist attacks in Paris, law enforcement authorities across Europe started sending large datasets to Europol. With such massive amounts of information, the agency had to accept the data before it could determine whether it fell within its data processing mandate. The mandate at the time restricted this to data relating to serious crimes.
In September 2020, the EDPS admonished the agency and outlined the changes it needed to make to comply with the law. Despite the admonishment, Catherine de Bolle seemed not to take any action, and Europol failed to meet these requirements.
In response, the EDPS issued a deletion order at the beginning of 2022. In response, European legislators decided to change the law to legalise Europol’s existing practices.
In September 2022, the EDPS filed a legal case against the Parliament and the Council seeking to annul the relevant parts of the legislation. It noted that “the co-legislators have decided to retroactively make this type of data processing legal,” contrary to the EDPS order to delete the data in question.
The EDPS said that the changes to the law undermined “the independent exercise of powers by supervisory authorities.” The EDPS legal action sought to ensure that legislators could not “unduly ‘move the goalposts’ in the area of privacy and data protection.” However, the Court of Justice of the EU found the complaint inadmissible. An appeal is pending.
New role at the border
At the height of the EU’s migration crisis in 2016, Europol established a new unit in the agency to address smuggling and trafficking. By no coincidence, Frontex had negotiated an agreement to share data between the agencies only a year earlier. This was initiated by its then executive director, Fabrice Leggeri.
Frontex had started operating in a new role through the Processing of Personal Data for Risk Analysis (PeDRA) programme. The programme assists member states at the EU’s external borders in conducting debriefing interviews with migrants to collect information on smugglers.
Up until 2023, all data collected from interviews was shared with Europol. That is, until the EDPS reprimanded Frontex for unlawfully sending data about individuals who were not suspected of being smugglers. This included those merely mentioned in the interview.
Once again, the Commission came to the rescue, bending to the (self- assessed) agency’s urgent operational need for data. At the end of 2023, EU legislators discussed a new reform of the Europol regulation to strengthen Europol’s role in investigating smuggling. It included the automated exchange of all information relating to smuggling investigations from Member States to Europol.
Between 2019 and 2023, Frontex shared 4397 debriefing reports with Europol. NGOs working at the borders appeared in 505 of those reports.
PICUM, an NGO which monitors the criminalisation of migrants and people helping migrants, reported in 2024 that 142 people faced judicial proceedings in the EU for helping migrants and that at least 91 people in Italy, Greece and Spain were criminalised for the sole act of crossing borders irregularly. In both Italy and Greece, shipwreck survivors were prosecuted as smugglers.
In December 2023, we warned that the new Europol regulation surveillance measures would not be limited to smuggling. Other human rights experts have expressed similar concerns.
Magnus Brunner, the European Commissioner for Internal Affairs and Migration, recently presented the agency's key priorities, which include making information sharing the “default option” and doubling the agency's budget.
With great power comes great liability
The investigation into the former Frontex director examines his complicity in pushbacks by Greek authorities, as well as his alleged support for interceptions and pullbacks by the Libyan coast guard.
The new executive director of Europol will likely play a similar role in preventing people from migrating to or seeking asylum in Europe.
Given Europol’s propensity to break the law—not to mention its continued support to countries both in and outside the EU that do so—it surely cannot be long before their director, too, ends up on the list of the 122 European officials suspected of Crimes Against Humanity against ‘migrants’ on the Central Mediterranean route.
Our work is only possible with your support.
Become a Friend of Statewatch from as little as £1/€1 per month.
Further reading
Behind closed doors: Europol’s opaque relations with tech companies
As part of its research into the expanding—and largely unchecked—use of AI by EU security agencies, Statewatch delves into largely uncharted territory: Europol’s links with the private sector. A survey of this landscape reveals conflicts of interests, secrecy and opacity, and a whole array of intrusive and invasive technologies that Europol would like to adopt, and make more widely available to European police forces.
Empowering the police, removing protections: the new Europol Regulation
This report examines the new powers granted to EU policing agency Europol by legal amendments approved in June 2022. It finds that while the agency's tasks and powers have been hugely-expanded, in particular with regard to acquiring and processing data, independent data protection oversight of the agency has been substantially reduced.
Spotted an error? If you've spotted a problem with this page, just click once to let us know.