The Criminal Justice and Data Protection (Protocol No. 36) Regulations 2014 implement the UK’s post-Lisbon Treaty obligations relating to police and criminal-justice data protection standards. The Regulations ensure continuity of EU-level data-protection rules for law-enforcement purposes, particularly in relation to information sharing, processing of criminal-offence data, and cooperation mechanisms between UK authorities and EU member states. They apply mainly to policing bodies, law-enforcement agencies, judicial authorities, and organisations processing criminal-offence information on behalf of such bodies.
The Regulations were introduced under Protocol No. 36 (Transitional Provisions) to maintain UK compliance with EU police- and criminal-justice-related data-protection standards after the entry into force of the Lisbon Treaty. They incorporate specific safeguards on the collection, processing, sharing and retention of criminal-offence and law-enforcement data, ensuring consistency with EU instruments that remained applicable. Organisations must apply rigorous controls to protect personal data in law-enforcement contexts.
Benefits of compliance:
