Description
This research focused on evaluating the implementation and impact of the EU Law Enforcement Directive (LED), which governs the processing of personal data by competent authorities for law enforcement and public security purposes as a specialised framework complementing the GDPR. Since its entry into force in 2016 and transposition by Member States in 2018, the LED has introduced new data protection obligations for law enforcement authorities while maintaining operational flexibility. The European Commission’s 2022 review identified positive developments, such as increased awareness of data protection, greater investment in privacy-by-design measures, data minimisation, breach reporting, and support activities by supervisory authorities, while also highlighting challenges including inconsistent guidance, training, and approaches to data breach assessment across Member States. Building on this, this research aimed to support the Commission’s second evaluation of the Directive through qualitative research on the experiences, challenges, and best practices of competent authorities implementing the LED. The research also examined how the Directive affects the ability of law enforcement authorities to carry out their duties while safeguarding fundamental rights, including privacy, data protection, access to justice, and the rights of crime victims.