As INTERPOL has evolved over the years, it has developed varying bodies of rules to address the issues that arise when a small network of information-sharing law enforcement agencies becomes a massive international entity with control over sensitive information originating from every corner of the globe.
One of the most current matters relating to INTERPOL's internal governance is its adoption of the Rules on the Processing of Data (RPD), which become effective on July 1, 2012. While the new RPD do not completely replace all existing INTERPOL rules, they do serve to consolidate, clarify, and update three sets of current rules, titled as follows:
1. The Rules of Processing Information for the Purpose of International Police Co-operation
2. The Implementing Rules for the Rules of Processing Information for the Purposes of International Police Co-operation
3. The Rules Governing Access by Intergovernmental Organizations to INTERPOL Telecommunications Network and Databases.
(Let us pause a moment to recognize the irony of the above-referenced, typical government-issue titles, given INTERPOL's jealously guarded non-governmental status.)
As INTERPOL has groomed itself into an increasingly effective information-sharing entity, with an increasing number of member countries, its responsibilities have also grown. For example, while INTERPOL has always acknowledged its responsibility to protect the personal data of individuals, the components of that responsibility have changed as INTERPOL's tools have become more widely available and more automated.
In the next post will be a continued discussion of these related topics: the focus of new rules; NCB's additional responsibilities; and the creation of distance between INTERPOL and NCB's.
As always, thoughts and comments are welcomed.