European Area of Freedom Security & Justice

(reblogged from Queen Mary Law University of London – School of Law).

Original text published on 26 May 2020 here

Author: Valsamis Mitsilegas, Professor of European Criminal Law and Global Security at Queen Mary University of London

The purpose of this analysis is to focus on the multi-level challenges that, regardless of its form, what is in effect a post-Covid system of mass surveillance poses on well-established principles of law, rights, trust and citizenship

Surveillance has been at the heart of the development of state responses to Covid-19. Responses have focused on the surveillance of movement and mobility, including cross-border mobility in the context of re-opening the closed Covid-19 borders in Europe and beyond; and on the surveillance of citizens and populations deemed to have developed Covid-19 symptoms, and those they may have come in contact with, under systems of tracking and tracing.

Technology plays a key role in the development of these responses. In the context of population tracing, a variety of responses based on the introduction of tracking apps have been put forward, ranging from centralised systems such as the one proposed in the UK whereby data are gathered in central state database, to decentralised approaches developed by the private sector whereby data are retained in the actual devices and not forwarded to centralised state databases.

The purpose of this analysis is to focus on the multi-level challenges that, regardless of its form, what is in effect a post-Covid system of mass surveillance poses on well-established principles of law, rights, trust and citizenship. The analysis will evaluate critically these challenges, drawing attention to the perils of watering down fundamental principles underpinning democratic societies in normalising what can be currently seen as a securitised state of emergency.

Surveillance and Privacy

The collection of everyday and sensitive personal data of large numbers of populations under tracing systems poses fundamental challenges to privacy and data protection.

Concerns arise in particular regarding the collection of a wide range of personal data not necessarily related to the purposes for which this data has been collected, lengthy retention and storage periods and the erosion of the purpose limitation principle including allowing access to these data to a wide range of state authorities.

It has been documented that these challenges are acute in centralised tracing systems and databases but these challenges arise also in the operation of decentralised systems based on private sector designed apps.

Respect of the principle of proportionality is key in this context: mass surveillance and generalised tracing and tracking systems should only be introduced if they are proportionate to the objective sought and designed to comply with fundamental rights and the principle of proportionality.

Privacy invasive measures constituting interference with fundamental rights may deem to be proportionate to avert an imminent health threat, but less so if they are justified on the grounds of generating scientific knowledge for future use- in any case, detailed, evidence-based justification of the introduction of mass surveillance is essential in this context.

Surveillance, Citizenship and Trust

The introduction of mass surveillance systems on the basis of tracing apps is fully dependent on citizen uptake and participation, which in turn is an issue of trust.

There has been a debate on whether participation to these systems should be voluntary or mandatory.

Even if participation remains voluntary, it is important to note that any consent given by citizens to take part in mass tracing systems- centralised or decentralised- must be meaningful: the European Court of Justice has noted that such consent would be undermined if citizens did not have a real choice of objecting to the processing of their persona data (C-291/12 Michael Schwarz v Stadt Bochum: for further analysis see this European Law Blog).

In this context, it is paramount that governmental pressure to participate in the system does not lead to discrimination, stigmatisation and dangerous distinctions between ‘good’ and ‘bad’ citizens in the eyes of the state- with current discourse on ‘civic duties’ of ‘saving lives’ exacerbating the potential of stigmatisation.

A push towards uncritical mass surveillance may lead to a two-way erosion of trust between citizens and the state.

On the one hand, the generation of mistrust from the state to citizens who do not participate in tracing systems either by choice or by lack of access to technology may lead to the exclusion of and discrimination against these citizens in key areas of everyday life, including commerce, work and travel.

On the other hand, the potential of the trust of citizens towards the state being eroded is significant. Citizens will not participate in a system which they do not trust in terms of both its effectiveness and its handling by state –and private- authorities.

Moreover, the introduction of systems of generalised, ongoing population tracing may lead to citizens having the feeling of constantly being watched and being under suspicion- concerns which have been raised already in the context of the introduction of mass surveillance via duties of mobile phone and telecommunications companies to retain the data of their customers in a generalised manner.

Surveillance, privatisation and the role of technology

Surveillance-led responses to Covid-19 have been largely based on the extraction of personal data stemming from public-private partnerships. The privatisation of surveillance, whereby the private sector is requested to collect and retain personal data and allow access of this data to state authorities, is not new- it has been a key component to emergency responses to terrorism since 9/11.

In the digital era, the role and powers of the private sector, and in particular of the tech giants, in this privatised surveillance paradigm becomes even more prominent. This is clearly the case in managing Covid-19, where tech giants have essentially become gatekeepers of fundamental rights protection and of the reconfiguration of the relationship between the citizen and the state.

Reliance on the private sector in the development of public-private partnerships in this context raises a number of challenges of transparency, accountability and the rule of law. These challenges are compounded by the related reliance on technology (developed largely by the private sector) in providing credible solutions to very complex problems. The uncritical belief in the infallibility of technology may have profound fundamental rights and rule of law implications.

Surveillance systems based on automatic algorithmic assessments and decision-making leave little – if any- room for challenging their results and for providing an effective remedy to affected individuals.

In addition to the erosion of the rule of law this situation would entail, over-reliance on technology may also lead to the depoliticisation of the debate on the multiple challenges surveillance responses to Covid-10 pose to democratic societies.

These concerns become more acute in the current push to interconnect national Covid-19 surveillance systems irrespective of their nature under the banner of  ‘interoperability.’ 

Interoperability has appeared in the realm of EU law as a mechanism of interconnecting primarily a number of EU immigration databases- presented as a technical solution, it presents a number of profound fundamental rights and rule of law challenges (http://www.migrationpolicycentre.eu/interoperability-as-a-rule-of-law-challenge/ )

In responses to Covid-19, these fundamental rights and rule of law challenges extend to the surveillance of mobility, including the cross-border movement and mobility, of citizens within the EU and beyond. With ongoing surveillance of mobility based on technology and interoperability, one wonders whether movement within Europe’s Area of Freedom, Security and Justice is really free.

After Covid-19: Securitisation, mission creep and the normalisation of the state of emergency

Surveillance-led responses to Covid-19 have been based on the securitsation of health, treating Covid-19 as an emergency threat justifying emergency measures. Here, a number of lessons can be learned from global responses to other phenomena deemed to be existential threats, and in particular terrorism after 9/11.

Counter-terrorism responses have led to the introduction of a series of measures challenging fundamental legal and constitutional principles and justified on the basis of the state of emergency. It has taken years for courts to push back against some of these measures, but with every new terrorist attacks emergency legislation has returned and proliferated- leading in many instances in the normalisation of the state of emergency in democratic societies.

A similar danger arises regarding the responses to Covid-19. As Harari observes, temporary measures have a nasty habit of outlasting emergencies, especially as there is always a new emergency lurking on the horizon. Vigilance is required so that any current measures justified by governments as emergency measures remain temporary and time-limited, and are accompanied by robust independent judicial oversight.

Moreover, the framing of Covid-19 surveillance responses as emergency measures must be critically scrutinised on a case-by-case basis, in order to avoid mission creep and to ensure that any new measures comply fully with legality and proportionality.

We are writing in response to the European Commission call for “feedback” on the implementation of the General Data Protection Regulation (GDPR) (see https://ec.europa.eu/info/law/better-regulation/have-your-say/initiatives/12322-Report-on-the-application-of-the-General-Data-Protection-Regulation)

Fundamental Rights European Experts (FREE) is a group of experts on European human rights and data protection law.[1] Although focussed on issues relating to the EU Area of  Freedom Security and Justice, we also take an interest in broader issues of fundamental rights protection in the EU, in particular in relation to data protection law under the EU General Data Protection Regulation (GDPR), the Law Enforcement Data Protection Directive (LEDPD), the rules relating to EU FSJ-related databases, and the links between these areas.

Presumably, the above call relates to the mandatory European Commission’s review of the operation of the GDPR under Article 97 of that regulation which stipulates that:

1. By 25 May 2020 and every four years thereafter, the Commission shall submit a report on the evaluation and review of this Regulation to the European Parliament and to the Council. The reports shall be made public.
2. In the context of the evaluations and reviews referred to in paragraph 1, the Commission shall examine, in particular, the application and functioning of:
3. Chapter V on the transfer of personal data to third countries or international organisations with particular regard to decisions adopted pursuant to Article 45(3) of this Regulation and decisions adopted on the basis of Article 25(6) of Directive 95/46/EC;
4. Chapter VII on cooperation and consistency.

However, the review required under Article 97(1) is manifestly broader than the report mentioned in the call – which oddly does not mention Article 97 but which, it says on the website, will cover (only) international transfers of personal data to non-EU countries and the cooperation mechanism between national data protection authorities, i.e., the two topics mentioned in Article 97(2)(a) and (b). There are in fact a range of other, and wider, issues relating to the practical implementation and effect of the GDPR.

The Commission’s reference to “feedback” is also strange, given that there is as yet nothing to provide feedback on – such as a draft or provisional Commission report under Article 97(1) (see below).

We also note in this context that, in carrying out the above-mentioned evaluations and reviews, the Commission “may request information from Member States and supervisory authorities” (Article 97(3)); is required to “take into account the positions and findings of the European Parliament, of the Council, and of other relevant bodies or sources” (Article 97(4)); may, if it deems this necessary, “submit appropriate proposals to amend this Regulation, in particular taking into account of developments in information technology and in the light of the state of progress in the information society” (Article 97(5)). The Commission may also more generally, if it deems this appropriate, “submit legislative proposals with a view to amending other Union legal acts on the protection of personal data, in order to ensure uniform and consistent protection of natural persons with regard to processing” including in particular – but not limited to – “the rules relating to the protection of natural persons with regard to processing by Union institutions, bodies, offices and agencies and on the free movement of such data” (Article 98).

Under Article 97(1), the Commission is supposed to submit its report on the evaluation and review of all of the GDPR to the European Parliament and to the Council, and make it public, by 25 May this year, i.e., in a few weeks’ time and less than a month after the deadline for “feedback”. This should not be limited to the two topics selected.

We are deeply concerned that the Commission’s call for “feedback” seriously fails to meet the requirements of Article 97(1), (3), (4) and (5), and Article 98 – and even in relation to the two selected issues (Article 97(2)) is inadequate:

1. the call for “feedback” on two issues is not broad enough to meet the requirements of Article 97(1);
2. the deadline is much too short; there is as yet nothing to provide feedback on; and there are unacceptable limits on wordcount – in no way can this short, limited call be said to allow the Commission to “take into account the positions and findings of the European Parliament, of the Council, and of other relevant bodies or sources” even on the two selected topics, let alone on the whole of the GDPR and its practical implementation (Article 97(4));
3. while we do not believe the text of the GDPR should be reopened, there is no indication of the Commission’s thinking on this matter, or on the approach it will take to that under Article 97(5)); and
4. there is also no indication of the Commission’s thinking on the need for amendments – or new rules – of other Union legal acts in this area (Article 98) – which we believe should include its considerations in relation to the (stalled) E-Privacy Regulation. Although the review of various legal acts under Article 98 need not coincide with the review of the GDPR under Article 97(1), it would in our view make sense to link the two, at least in relation to (a) the proposed e-Privacy Regulation and (b) the complex relationships between the different EU data protection regimes (GDPR, Law Enforcement Data Protection Directive, Regulation 2018/1725 – and various other instruments, e.g., in relation to the CSFP – in particular as concerns transfers of personal data from one regime to another (e.g., making available of PNR data by private sector entities to law enforcement- or border agencies; compulsory retention of or access to e-communications data held by private sector entities by law enforcement agencies – and the elephant in the room: access to private sector and law enforcement data by the Member States national security agencies).

In the circumstances, we strongly suggest that the Commission’s report, based on the unduly limited “call for feedback”, planned for submission to Parliament and the Council in the near future, should take the form of a draft (or interim or provisional) report with special attention to the two selected issues, but with the Commission making explicitly clear that this is only the start of the work, i.e., confirming that it will still seriously examine still-to-be-provided input from Parliament, the Council, and others such as ourselves and other civil society organisations, both on the two issues mentioned in Article 97(2) and on all other issues that arise in relation to the GDPR, with a view to a wider, comprehensive report in the not-too-distant future (although perhaps after the summer) that will properly take those views into account and address all issues under the GDPR.[2]

In the meantime, thanks to the contribution of Professor Douwe KORFF, we have limited ourselves to merely listing, in the attachment, a wide range of important issues that we strongly believe the Commission’s full review under Article 97(1) should cover, with very brief comments. We would be happy to expand on each of those issues, or indeed on why we selected them, if asked to do so (and given enough time).

We wish the Commission and its members good health in these difficult times.

Yours sincerely –

Emilio De Capitani

(FREE-Group Executive Director)

Attachment:   List of main issues to be addressed in the full Article 97(1) review

Attachment  List of main issues to be addressed in the full Article 97(1) review (Author Professor DOUWE Korff)

1. Preliminary issues:The need for full involvement of the bodies mentioned in Article 97(4), in particular of European Parliament and civil society:

This should allow for full and substantial input from European Parliament and from genuine civil society organisations (as distinct from lobbyists for corporate interests and soi-disant “independent” think-tanks that are a mere front for such interests) , with sufficient time for preparation and proper consultations and discussions.

1. The question of whether, in general and in respect of the two main issues for review (Chapters V and VII), there is a need to amend the text of the GDPR itself (Article 97(5))

The GDPR (for all its defects) is a great achievement. We strongly oppose re-opening (amending) the text of the GDPR for the time being, as this will merely allow for a repeat of the extensive negative lobbying aimed at reducing protection we saw in the extended adoption process, create prolonged uncertainty and undermine the “golden standard” status of the GDPR.

1. The question of whether there is a need to submit legislative proposals for amendments to other data protection legal acts (Article 98)

It is crucial that a strong ePR is adopted as a matter of urgency which does not anywhere or in any way undercut or undermine the principles, rules and high level of protection of the GDPR.

1. Mapping the operation of the GDPR in its wider contexts

On the basis also of requests for information from the MSs and the SAs (Article 97(3)), the Commission should map out in detail the operation of the GDPR in its own terms and in relation to the other EU data protection regimes – and in relation to national security, covering at least the following:

1. Lack of harmonisation, partly due to the “further specification” clauses.^[3]

The Commission should map and assess:

1. the extent to which the divergencies caused by the “further specification” clauses pose obstacles to the free flow of personal data within the Union, especially also in relation to the digital environment (and thus potentially to the Digital Single Market), but also:
2. whether the divergent legal rules adopted by the MSs under the “further specification” clauses (including but not limited to Articles 8, 9, 10, 23, 85, 86, 87, 88 and 89) really offer the “appropriate”/“suitable” safeguards and comply with the fundamental rule-of-law requirements (“law”, legitimate aim, necessity and proportionality) required of them by the GDPR.The relationship between the GDPR and other data protection regimes in the EU and in the EU Member States.[4]

The Commission should map and assess:

1. Links and transfers of personal data processed subject to the GDPR (in particular, by private-sector entities) to entities in the MSs that process the data after transfer outside of any EU data protection rules, i.e., the MSs’ national security agencies (the elephant in the room)The application of the GDPR to non-EU/EEA controllers and processors under Article 3(2)(a) and (b) GDPR (as also expressly called for by the LIBE Committee of the EP)

The Commission should map and assess the extent to which:

1. non-EU/EEA companies that offer goods or services to individuals in the EU (in a targeted way), or that monitor the behaviour of such individuals (in particular, through online tracking tools):

(aa)      are aware of the fact that they must comply with the GDPR; and

(ab)      have actually taken any steps to ensure that they do comply (especially beyond merely creating a separate Privacy and Consent page for EU citizens);

and

1. the extent to which the MSs’ SAs and/or the EDPB  have taken any information and enforcement actions in this respect and the outcomes of such actions.
   • The specific issues mentioned in Article 97(2)
     • International transfers of personal data to non-EU countries, including the question of adequacy (Chapter V)

The current arrangements are not fit for purpose:

1. Re adequacy decisions:

(aa)      Adequacy decisions should not be political, executive decisions but legal ones. Ideally, the provisions in the GDPR relating to such decisions should be amended to ensure the decisions are subject to proper expert and democratic scrutiny by the EDPB and the European Parliament (rather than just taken with the EDPB being consulted). However, since we feel the text should not be re-opened (section 1.ii, above), we cannot recommend that. But it is still entirely possible to develop a practice under which the opinion of the EDPB is given full weight and in practice always followed, and under which draft adequacy decisions are presented to and discussed in Parliament before being formally adopted. If there is going to be a review of the text (now or in four years’ time), this is an issue that deserves more formal attention.

(ab)      adequacy decisions are largely reached in secrecy, with very limited, essentially ex post facto and non-binding input from the EDPB, and none from civil society including civil society groups in the third countries concerned;

(ac)       there is pressure to grant adequacy decisions to trading partners to facilitate trade, even if there is no really “essentially equivalent” protection and insufficient enforcement in the third country;

(ad)      access to personal data by third countries’ national security agencies remains an almost totally obscure(d) issue;

(ae)      there is no open, ongoing, regularly published monitoring of the situation in third countries that have been declared adequate; such monitoring should be continuous and include input from civil society groups in the third countries concerned, with regular, public reviews;

(af)       contrary to the CJEU’s requirement, there is no serious continuous supervision and assessing of the situation in third countries by the MSs’ SAs.

1. Re other grounds for transfer:

On the basis also of requests for information from the MSs and the SAs (Article 97(3)), the Commission should map out in detail and assess:

(ba)      the “legally binding and enforceable instrument between public authorities or bodies” in the EU and corresponding public authorities and bodies in third countries mentioned in Article 46(2)(a). At the moment, no-one has any idea of the nature, scope and detail of such arrangements – let alone whether they really contain the required “appropriate safeguards”; and

(bb)      all the BCRs that have been approved by the MSs’ SAs and the groups of companies to which they relate (Article 46(2)(b) j^o Article 47) and the extent to which they (i) actually provide on paper the required “appropriate safeguards” including “enforceable rights [granted to] data subjects with regard to the processing of their personal data” (Article 47(1)(b) and (ii) have actually ever been invoked by data subjects and (iii) the outcome of such actions and whether that has led to any reviews of the BCRs.

Moreover:

(bc)       the standard data protection clauses for transfers between controllers in the EU and controllers and processors in third countries were drawn up under the 1995 Data Protection Directive and are not fit for purpose under the GDPR; among many other issues, they do not properly address transfers made to controllers who are subject to the GDPR under Article 3(2).[5]

(bd)      there are no standard clauses for processor to processor transfers;

(be)      no codes of conduct have as yet been approved under the GDPR; the process is unacceptably slow;

(bf)       no certification mechanisms have as yet been approved either at MS level or at EU level;

(bg)      to the best of our knowledge, no ad hoc transfer clauses have ever been approved by any MS SA – and they are not to be encouraged either.

1. Weaknesses in the GDPR enforcement mechanisms including in the cooperation mechanism between national data protection authorities (Chapter VII)

The MSs’ SAs remain weak and fatally under-funded and under-resourced, especially when it comes to supervision over the digital environment and the “Internet Giants”. We note in this respect the findings by the search engine Brave which showed that:[6]

1. only five of the EU’s 28 SAs have more than 10 tech specialists.
2. The EU’s SAs do not have the capacity to investigate Big Tech.
3. Half of the EU SAs have small budgets (under €5 million).
4. EU governments have not given their SAs the capacity to defend their decisions against ‘big tech’ companies in court on appeal.
5. The UK Government’s privacy watchdog is Europe’s largest and most expensive to run. But only 3% of its 680 staff is focussed on tech privacy problems.
6. The Irish Data Protection Commission is Google and Facebook’s ‘lead authority’ GDPR regulator in Europe. But while the number of complaints it deals with is accelerating, increases to its budget and headcount are decelerating.
7. European governments have failed to equip their national SAs with sufficient powers and resources to enforce the GDPR.
8. Almost a third of the EU’s tech specialists work for one of Germany’s Länder (regional) or federal DPAs. All other EU countries are far behind Germany.

We support Brave’s call on the European Commission to launch an infringement procedure against EU Member State Governments for failing to implement Article 52(4) of the GDPR.

In addition, we note that the cooperation and consistency mechanisms in the GDPR do not function appropriately or adequately. The SAs and the EDPB do not at present effectively supervise compliance with the GDPR by entities with establishments in the EU, let alone by entities not established in the EU but who are subject to the GDPR by virtue of Article 3(2) GDPR, and they do not effectively enforce the GDPR.

In our view, it would have been much more sensible  to follow the EU Competition legal framework model where cases having cross border impact can be resolved by a truly central EU authority with decisional and sanctioning powers.

However, we would not want to open up the text of the GDPR on this issue – that would inevitably lead to other parts of the regulation also being opened for change – which would likely lead to a lessening of protection (see issue 1.ii, above). If there is going to be a review of the text (now or in four years’ time), this is another – perhaps even the most important – issue that deserves more formal attention.

We are asking the Commission and the EDPB to find ways of making the consultation, cooperation- and consistency mechanisms in the GDPR efficient and truly effective, so as to create credible means to face giant global corporations such as Google or Facebook. We urge the EU and the MSs to provide extensive further resources in terms of money, staff (especially technical experts) and other support to the EDPB and to any joint operations of supervisory authorities under Article 62 GDPR, so that they can seriously, speedily and effectively supervise and investigate major, especially international, corporations; and the SAs to make much greater use of the new powers they have been granted under the GDPR, and to impose real, serious dissuasive and punitive sanctions on wrongdoers. Until now, weak and utterly ineffective supervision and enforcement has been the sad hallmark of the system.

We also urge the Commission to encourage MSs to provide for actions by not-for–profit bodies representing data subjects under Article 80(2) GDPR. We believe such class (or quasi-class) actions can contribute significantly to compliance with the GDPR by major corporations whose actions affect millions of individuals. If NGOs representing those many individuals can effectively secure proper (and where appropriate, exemplary) payments to compensate for violations of the Regulation to each of the individuals affected, that would act as a proper deterrent. We note that in some MSs courts have awarded individuals several thousand Euros each for data breaches, without the need to show further specific damages. If tens or hundreds of thousands of data subjects could secure such payments through such actions, this could, we believe, affect a sea-change in the GDPR compliance environment.

(We note the recent US$5billion fine imposed by the US FTC on Facebook – which dwarfs the fines imposed under the GDPR to anyone to date.)[7]

1. Other important issues:Codes of Conduct & Certification mechanisms

Codes of conduct and certification mechanisms can in principle be useful means to assist controllers and processors in demonstrating their compliance with the GDPR. However, they have to be strong and properly managed.

The Commission and the EU MSs have signally failed to make progress towards the creation of proper frameworks for codes of conduct and for the accreditation of strong certification schemes – in spite of having had four years to work on these. We call on the Commission to urgently make progress on these issues.

1. Artificial Intelligence

Automated decision-making, profiling, machine learning, self-learning algorithms – and now “Artificial Intelligence” (AI) pose grave threats to data protection and other fundamental rights (including the right to an effective remedy and to a fair trial, equality, freedom from discrimination, etc.).[8] The GDPR contains the kernels of part of the solutions – they should be explored and nurtured. The Commission and the EDPB should urgently clarify how the GDPR can and should be used to protect our rights.

1. Brexit

The United Kingdom’s trade and security arrangements, and the data flows that accompany those, were closely integrated with the other EU Member States and the relevant EU institutions before “Brexit”. There will be significant pressure on the Commission to declare the UK an “adequate” country for the purposes of the GDPR (and in relation to security). However, the UK has also made clear that it wants to be free to diverge from the EU rules including the EU data protection rules (GDPR and LEDPD). It is reported that “The British government is making impossible demands over access to Europol databases in the negotiations over the future relationship with the EU”. Similar issues arise in relation to personal data that are processed by EU controllers and processors under the GDPR – not least in relation to possible access to such data once transferred to the UK (after the post-Brexit transition period) by the UK national security agencies – an issue that has wrongly excluded from discussion while the UK was still an EU MS (see above, at 2.ii(b), above) – and in relation to onward transfers to US national security agencies.

We are urging the Commission to address all these elephants in the room: access to data by MSs’ national security agencies, access to data by UK national security agencies after the post-Brexit transition period, and transfers of personal data by the MSs and by the UK to US (and other “5EYES”) national security agencies.

– o – O – o –

---

[1]             See: FREE – Group “About” and FREE- Group “Members” on the internet homepage

[2]             While preparing our submission we heard from usually well-informed sources that the Commission has in fact already written the report on the above-mentioned two issues in near-final form. If that is true, it would make a mockery of the call for “feedback”. We assume that the Commission will actually still be looking for real and serious submissions, and take those properly into account.

[3]             See The DPO Handbook, produced in the EU-funded “T4DATA” project in 2019 by FREE experts Douwe Korff and Marie Georges, Part II, The General Data Protection Regulation, section 2.2, Status and approach of the GDPRE: direct applicability with “specification clauses”, pp. 102 – 109, available at:

[4]             For a list of those different regimes and the issues arising, see Douwe Korff and Marie Georges, The DPO Handbook, (previous footnote), Part I, section 1.4.6, Transmissions of personal data between different EU data protection regimes, pp. 89 – 91.

[5]             See the letter sent by FREE Group member Professor Douwe Korff to the EDPB on this latter issue on 19 February 2020.

[6]             See: https://brave.com/dpa-report-2020/ (Summary, quoted above with edits)

https://brave.com/wp-content/uploads/2020/04/Brave-2020-DPA-Report.pdf (full report)

[7]             https://www.ftc.gov/news-events/press-releases/2019/07/ftc-imposes-5-billion-penalty-sweeping-new-privacy-restrictions

[8]             Yves Poulet, L’intelligence artificielle et le RGPD, 2020, For an earlier discussion, see Douwe Korff and Marie Georges, Passenger Name Records, data mining & data protection: the need for strong safeguards, report prepared for the Consultative Committee of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (T-PD) of the Council of Europe, 2015, section I.iii The dangers inherent in data mining and profiling, available at:

https://rm.coe.int/16806a601b

Laurent Pech Do 9 Apr 2020

1. The third order granting interim measures against Poland on rule of law grounds

The European Court of Justice’s order in Case C-791/19 R is the third time the Court has granted the interim measures applied for by the Commission so as to preserve the rule of law from being seriously and irreparably harmed by Polish authorities. 

The first time the Court had to noticeably step in was when Polish authorities openly disobeyed a previous order of the Court to stop their (unlawful) logging in the Białowieża forest. In an unprecedented step, the Court granted the Commission’s request to impose a penalty payment of at least €100,000 per day of non-compliance within the framework of an application for interim relief. 

The second time the Court was forced to make history happened at the time of the Polish authorities’ attempt to purge Poland’s Supreme Court, in obvious breach of both the Polish Constitution and EU law. The Court then ordered the immediate suspension of the application of the legislation which retroactively lowered the retirement age for Supreme Court judges. This meant that Polish authorities had to restore the Supreme Court to its situation prior to the entry into force of the law being challenged by the Commission. 

In the present and third instance, which is the subject of this post, the Court of Justice has just ordered the immediate suspension of the activities of the so-called “disciplinary chamber” as regards disciplinary cases concerning judges. The Court’s order is particularly significant to the extent that this “disciplinary chamber”, a modern “star chamber”, is for all intents and purposes the stepping stone on which the arbitrary new disciplinary regime put in place by Poland’s ruling party is built. 

2. The third infringement action against Poland on rule of law grounds

The Court’s order is connected to Case C-791/19, which is itself the third infringement action launched by the Commission on the basis of Article 19(1) TEU in order to protect Polish judges from the ruling party’s political control. This is also the third infringement action which brings to the Court’s attention issues the Commission had repeatedly raised with Polish authorities as part of the Rule of Law Framework and subsequently as part of the Article 7(1) procedure. 

In this case, the main subject-matter of the action is the so-called “disciplinary chamber” established in 2017 and whose own “judges”, it may be worth recalling, adopted a resolution in April 2019 whereby they held themselves to have been appointed properly (nemo judex in causa sua, anyone?).

Be that as it may, the lack of independence and impartiality of the “disciplinary chamber” has been an issue repeatedly raised by multiple bodies and experts specialising in rule of law matters. In this context, it is also worth noting that for the very first time, the European Commission simultaneously raised a violation of Article 267 TFEU to the extent that the new disciplinary regime would create “a chilling effect for making use of this mechanism”.

3. A belated application for interim measures 

Considering the threat of political control over Polish judges alleged by the Commission, one could find it difficult to comprehend why the Commission did not apply for interim measures when it decided to refer Poland to the Court of Justice on 10 October 2019 (with case effectively lodged on 25 October) although the Commission did request the Court to expedite the proceedings. By contrast, in the case relating to the independence of Poland’s Supreme Court, the Commission requested both interim measures and expedited proceedings. In light of the pattern of systemic violation of judicial independence and multiple instances where rulings of the Court of Justice or national courts were preceded by threats of non-compliance or just openly ignored, not to mention the more recent examples of targeted harassment of national judges seeking to apply Article 19(1) TEU, the Commission’s failure to apply for interim measures could leave one seriously perplexed. 

When this stance faced renewed public criticism following Polish authorities’ defiant refusal to comply with the ruling of the Labour and Social Security Chamber of Poland’s Supreme Court which found the “disciplinary chamber” not to constitute a court within the meaning of EU and Polish law by application of the AK preliminary ruling of the Court of Justice, the European Commission belatedly decided to apply for interim measures on 14 January 2020 (with the application effectively lodged with the Court on 23 January 2020). As correctly noted by the Commission itself, “despite the judgments, the Disciplinary Chamber continues to operate, creating a risk of irreparable damage for Polish judges and increasing the chilling effect on the Polish judiciary”.

The Court’s order deals with this aspect, which was predictably raised by the Polish government at the stage of the examination of the urgency of the Commission’s request for interim measures. Instructively, the Court makes clear the Commission’s rationale (paras 97-98). In a nutshell, the Commission decided not to apply for interim measures because it expected the A.K. and others preliminary ruling (joined cases C-585/18, C-6224/18 and C-625/18) to deal with the issue of the disciplinary chamber. While the Court found the Commission’s rationale to be “reasonable”, one may not find it neither coherent nor judicious. As the Court of Justice itself explained in a not so subliminal message to the Commission in the cases of Miasto Łowicz and Prokurator Generalny (Joined Cases C558/18 and C563/18), “the task of the Court must be distinguished according to whether it is requested to give a preliminary ruling or to rule on an action for failure to fulfil obligations” (para. 47, analysis here). Speaking plainly, the Commission’s deferment has meant more months of additional harassment for Polish judges than would have been the case had the Commission apply for interim measures from the start of its infringement action. 

In this context, it is also difficult to understand why the Commission did not follow the same path as in the case relating to the independence of Poland’s Supreme Court and requested the Court that it provisionally grants the requested interim measures before the submission by Poland of its observations and until such time as an order is made closing the interim proceedings. Considering the repeated threats of non-compliance with ECJ rulings and current Polish authorities’ track record of non-compliance with rulings of Polish courts, the Commission’s failure to ask the Court to impose a penalty payment in case of non-compliance is also surprising, to say the least. The least the Commission could do was to reserve the right to submit an additional request seeking that payment of a fine be ordered in case of non-compliance in full with the interim measures ordered following its request for interim relief, which the Commission did.

4. Key aspects of the Court’s order

Leaving the issue of likely future non-compliance aside, and to keep this analysis as brief as possible, the Court’s order most significant aspects will be highlighted. 

To begin with, following the line of case law developed since its seminal “Portuguese judges” ruling, the Court makes clear that the obligation for every Member State to respect and maintain the independence of their national courts or tribunals (which may apply or interpret EU law) includes an obligation to comply with the principle of independence of judges as far as disciplinary proceedings against judges are concerned. This means inter alia that EU law precludes the setting up of disciplinary bodies which fail themselves to satisfy the guarantees inherent in effective judicial protection, including that of independence. In answer to the tired argument of the Polish government that the Court would lack jurisdiction to review its “reforms”, the Court refers the Polish government to its recent ruling in the cases of Miasto Łowicz and Prokurator Generalny. In this ruling, loudly praised by Poland’s Ministry of Justice as the preliminary ruling requests were found inadmissible, the Court yet again reiterated that “although the organisation of justice in the Member States falls within the competence of those Member States, the fact remains that, when exercising that competence, the Member States are required to comply with their obligations deriving from EU law and, in particular, from the second subparagraph of Article 19(1) TEU” (para. 36). 

Secondly, by including unusual developments outlining how its own A.K. ruling and connected rulings issued by the Polish Supreme were disregarded by Polish authorities and in particular the “disciplinary chamber” at the beginning of its order (paras 18-24), the Court implicitly but unmistakeably indicates its disapproval at the disciplinary chamber’s defiant and persistent refusal to obey both EU and Polish law. This was bound to legally matter when the Court had to decide whether the Commission had correctly established that the granting of the requested interim measures satisfied the condition in relation to the existence of fumus boni juris (para. 52 et seq.). Unsurprisingly, having first meticulously recalled what it had previously decided in A.K. as regards the scope of the requirements of independence and impartiality, the Court concludes that the Commission’s claim regarding the lack of a guarantee as to the independence and impartiality of the “disciplinary chamber” appears, prima facie, not unfounded. 

Thirdly, as regards urgency, the Court, in line with its previous case law, strongly emphasises how the so-called “judicial reforms” pushed by Poland’s ruling party threaten to damage the independence of Polish courts and as such, simultaneously threaten to damage the decentralised and interconnected legal order organised by the EU Treaties. In an unprecedented step (to the best of our knowledge), the Court finds that a body such as the “disciplinary chamber” pauses a threat of serious and irreparable harm to the EU legal order due to the scope of its disciplinary jurisdiction as regards Polish judges and the fact that its lack of independence and impartiality cannot be, prima facie, ruled out. The Court’s holistic approach, which looks at the broader and systemic impact the seemingly lack of independence of the disciplinary chamber could have on ordinary courts and the Supreme Court as a whole, may be viewed as both warranted and compelling. Particularly significant is the Court’s observation (para. 90) that the “mere prospect” for Polish judges to “face the risk of a disciplinary procedure”, which could bring them before a body whose independence would not be guaranteed, is likely to affect their independence regardless of how many proceedings may have been initiated or the outcomes of these proceedings to date. 

Fourthly, the Court has suspended, again for the first time to the best of our knowledge, the activity of a body masquerading as a court. With its usual chutzpah, the Polish government claimed that the Commission was asking the Court to take measures which would violate the “fundamental structural principles of the Polish state” (para. 106) having previously claimed a violation of the principle of irremovability of judges (para. 43), which they already been found to have violated twice by the Court in two previous unprecedented rulings (analysed e.g. here and here). Without having to examine the Polish government’s well established track record when it comes to violating the Polish Constitution and annihilating judicial independence, the Court of Justice patiently explained that its order does not in fact require the dissolution of the disciplinary chamber nor the suspension of its administrative and financial services or the dismissal of the individuals appointed – unlawfully one may add – to this body which, let us not forget, was already found not to constitute a court by Poland’s Supreme Court prior to the Court of Justice’s order. The eventual budgetary as well as the limited practical consequences of the suspension of (arbitrary) cases pending before the non-court entity known as the disciplinary chamber (see e.g. the pending kangaroo proceedings against Judge Tuleya), cannot in any event prevail over the general interest of the EU in the proper functioning of its legal order. 

Accordingly, and unsurprisingly, the Court granted the Commission’s application for interim measures. A number of weak spots can be identified from this otherwise compellingly reasoned and, on all points, fully convincing Grand Chamber order. These weak spots are all connected to the limited scope of the Commission’s application for interim relief in a situation where the Commission is furthermore yet to act against the “muzzle law”. Very briefly: (i) Not asking for a penalty payment from the start of the action beggars belief considering the track record of Polish authorities, which the Court itself noted as regards its AK ruling, which means Polish authorities will have all the time in the world to ignore the Court’s order until their capture process is completed; (ii) What about prosecutors who have been similarly harassed and subject to Kafkaesque proceedings and arbitrary sanctions; (iii) How long before we see Polish authorities switching to criminal proceedings against judges to achieve their (autocratic) goals?; (iv) What about the procedural defects characterising the arguably unlawful appointment process of the basis of which additional “judges” were appointed to the Supreme Court by the Polish President?

5. Still Too little, still too late? 

Polish authorities have not only been “actively and purposely organising non-compliance with the ruling of the Court of Justice of 19 November 2019 and the judgment of the Supreme Court of 5 December”, they have since also refused to acknowledge, let alone comply with the resolution adopted by three chambers of Poland’s Supreme Court on 23 January 2020 and which reiterated that the “disciplinary chamber” is not a court due to its lack of independence and therefore its “decisions” shall be considered null and void irrespective of when they were issued as they “deserve no protection”.

Viewed in light of this dictatorial pattern and the Soviet-style disciplinary developments witnessed over the past five years, culminating with a suspension and a pay cut of 40% imposed on Juge Juszczyszyn for seeking to apply the Court’s preliminary ruling of 19 November 2019, and the intervention of the “cardboard cut-out Constitutional Tribunal” to (illegally) neutralise the application of the Supreme Court resolution of 23 January 2020 notwithstanding the Constitutional Tribunal’s obvious lack of competence to do so, the Court of Justice was left with no choice but disable a body whose lack of independence and impartiality has been for a long time obvious to all but Poland’s autocratic party and associates.  

What else to do when according to the First President of Poland’s Supreme Court – herself one of the targets of the law which sought to retroactively lower the retirement regime of Supreme Court judges later found in breach of Article 19(1) TEU – the EU is faced with a situation where a Member State “no longer have independent courts or a third branch of government, independent of the executive.”

Let that sink in: Poland has no longer independent courts according the President of Poland’s (not-yet-but-soon-to-be-captured) Supreme Court. 

To contain this clear and present danger to the rule of law, the von der Leyen Commission must wake up from its current torpor and initiate infringement actions against the “muzzle law”; the ENCJ-suspended “National Council for the Judiciary”; the sham “Extraordinary Control and Public Affairs Chamber”; and last but not least, the captured “Constitutional Tribunal” whose intervention the Polish PM announced a few hours after the ECJ’s order. 

The Polish PM’s latest ploy is just the latest edition of a trick they previously used to disregard a binding resolution of the not-yet-captured chambers of the Poland’s Supreme Court to save the new “National Council for the Judiciary” which was established on the back of yet another obvious breach of the Polish Constitution. The Commission should remove their rose-tinted glasses and face up the harsh reality: They are dealing with rogue officials who have recurrently violated the EU principle of loyal cooperation while repeatedly showing their readiness to break all national rules, constitutional or otherwise, whenever convenient for the party. National governments should similarly stop wasting time with heart-warming rhetoric/no action statements when they have in fact the power to do something about Poland’s descent into authoritarianism by bringing infringements actions directly on the basis of Article 259 TFEU (on this note, we should however be grateful to the governments of Belgium, Denmark, the Netherlands, Finland and Sweden for supporting the Commission’s application. This is the least other governments should do). 

Dialogue wasn’t, isn’t and will NEVER be an effective way forward when dealing with bad faith actors engaged in an obvious constitutional coup d’etat. Failing to face up reality will only result in the Commission winning several legal battles, which, no matter how significant, will not prevent it from losing the broader one, similarly to what happened a few years ago in relation to Hungary. To put it concisely, and looking beyond the Commission’s interim relief victory, the von der Leyen Commission must now decide between swiftly pursuing difficult and no doubt controversial infringement actions or accepting the consolidation of a second autocracy within the EU. 

an interview of Ezio PERILLO (Former judge at the General Court of the European Union)

Why are all these legal skirmishes still going on in the European Union Headquarters?
It’s true. Given the present situation, everyone would expect a Union with a human face and less technical attitudes. Instead, even at times like these, the Union seems to get entangled in legal harness and, above all, to suffer the diktats put forward by certain States which claim to be entitled to keep control, at least indirectly through the ESM’s condionality, on the expenses of the others Member States.
This was not the spirit with which in 1952, in the aftermath of the end of a horrible war,  the first European community was born. In the preamble to the ECSC Treaty (1952), the six founding States sought the establishment the “ of a broader and deeper community between peoples for a long time divided by bloody conflicts, and to lay the foundations for institutions – and I like to emphasise this passage – which will give direction to a destiny henceforward shared».

What is needed today?
We must regain these common aims. The ECB, the EIB and the Commission are certainly making massive efforts to tackle the current health emergency and a recession that is already upon us.They do so, however, with the resources and means they normally have, without daring, instead, to take the vital step that is required to face exceptional circumstances, in particular when they are caused by natural terrible factors.Public opinion cares very little about the technicalities of the ESM or the news that the provisions on the euro-stability have been suspended for some time, a suspension, by the way, which makes superfluous the possible ESM bailouts.
On other continents, also affected by the corona virus, nobody cares about the stability of the US dollar, the Chinese yuan or the Japanese yen. What really matters is to introduce as soon as possible the appropriate instruments to tackle the present situation, instruments that everyone can see and understand, citizens as businesses. 

Are you referring to European bonds?
Yes, but not to « eurobonds”, that where those designed only to ensure the stability of the euro. Today, European securities are needed exclusively to ensure the stability of the economy of the whole Union, in order to avoid the economic recession also in the area of non-euro Member States , such as Denmark, Sweden or Poland .Instruments that, like most of the bonds of this kind, will create fresh liquidity to be put in to the different circuits of the production and the trade. In short, securities in order to revive the economy of an entire continent and which we could therefore call, with true community sense, European Renaissance Bonds.

But, to issue them don’t we need the agreement of all the Member States?
Not at all. If Germany, like any other Member State, cannot help without the Union, the Union, on the other hand, does not always and necessarily need Germany or Holland to go ahead, certainly not in order to establish European debt securities.
The EIB, which has the legal and technical competences to issue securities of this type, takes its decisions by qualified majority.
Moreover, the Lisbon Treaty (2009) provides for the possibility, for nine Member States, the possibility to create, between them, an enhanced cooperation,  which  « shall aim to further the objectives of the Union, protect its interests and reinforce its integration » and which can be established quite rapidly. It is sufficient that the nine Heads of State or Government, the same as those who signed the letter of 25 March last, agree to submit a request accordingly. The authorisation is then granted by the Council, subject to the approval of the European Parliament, a condition which therefore legitimises the democratic basis for the issuance of these securities. Germany and Holland would obviously be welcome but, at this point, it would be up to them alone to decide whether or not to get on the train of European anti-recession solidarity.

But, funds will still be needed to secure these European bonds. Who puts them on?Certainly, the States affected by the pandemic cannot be asked to make other financial contributions to the Union for this purpose. For this same reason, the European budget does not appear to be the right financial support either. It is in fact an expenditure budget, largely made up of financial contributions provided by the States.

Could the funds from the ESM then be used?

First of all, let me recall that the ESM is not an EU body but an intergovernmental organization created by the euro area States.The ESM, however, is not the only instrument aimed to protect the stability of the euro. In fact, Article 136 TFEU provides that euro area States « can »  establish a stability mechanism, which means that they do not have the exclusive prerogative.
In any case, in order to change the operating conditions of the ESM (in particular that of a “strict conditionality” to which the granting of any financial assistance by the ESM must in any case be subject in any case) it is necessary to modify the said article of the Treaty, a procedure which requires the unanimity of the Governments involved and then the subsequent ratification by all the States concerned. In short, biblical times, compared to the emergency of a recession now at the doors.
Of course, every State, as it joined the ESM, can also unilaterally withdraw from it, taking back the money it paid to this fund. However, I am convinced that facing the European public opinion, Germany will not want to reach this latest ratio, so to oblige the nine States to leave the Mechanism. A Mechanism, in hindsight, which is by now not so useful and functional to the stability of the euro and to the recovery of deficits. Under the terrible blows of the coronavirus storm, which forced us all to stay on the same boat with equal rights and equal duties, the time has perhaps come to “scrap” this obsolete intergovernmental financial vehicle, in order to change it, as the European Parliament already wished in 2011,  into « a mechanism of the Union », structured upon community criteria  and operating through community procedures and on whose board the ECB and the Commission are not just, as now, simple « observers » .

When Adenauer went to the Bundestag immediately after the signing of the Treaties of Rome (1957) he said to the elected members of that assembly: « in Rome we signed a treaty not to make a German Europe but to move towards a European Germany » .

The problem of bonds aimed at revitalise the European single market and its economic  is undoubtedly also a political problem. In this perspective, I am also convinced that, as already widely voiced by many political figures, Germany is and will remain European. As Commissioner Gentiloni has rightly said, we still have to «bet »  on Germany. France, like Italy, Spain and the other signatory States of the letter of March 25, will do their part in this regard.
The path of enhanced cooperation, legally practicable also in this delicate matter, as it has already been for the creation, currently underway, of the European Public Prosecutor, seems to be the only one that is the most adequate and the quickest to effectively combat the looming recession. With the creation of the ECSC, the six founding States de facto abandoned the Marshall Plan’s method, to walk faster on the path of their economic recovery, and with their own legs.
All Member States, meeting in the European Council, could then instruct the Commission to submit to the Parliament and the Council a legislative proposal based on Article 5 TFEU, concerning the complementary competences of the Union in the field of close coordination of the economic policies of the Member States (articles 119, 121 and 136.1, TFEU), in order to create, on the pattern of the old one, a new European Union Stability Mechanism, completed by specific and distinct actions in the field of coordination of employment policies (Articles 145 and 149 TFEU) and social policies (article 155 and following TFEU) of the Member States in response to the pandemic crisis 2020.
Virtus unita, fortior.

EU LAW ANALYSIS : ORIGINAL POST HERE

Professor Steve Peers, University of Essex

The EU has now adopted its negotiation mandate for future relationship talks with the UK (discussed here). The UK has now done the same. Lots of commentators have looked in detail at the two sides’ approach to the future relationship on economic issues: this blog post aims to do the same on justice and home affairs issues (immigration, asylum, civil cooperation, judicial and police cooperation).
I’ve reproduced the full text of both sides’ positions side-by-side, thematically, with detailed commentary – plus links to relevant treaties and legislation.
Warning: this blog post criticises both sides where warranted. Supporters of Brexit probably already have my photo pinned to a dartboard; cheerleaders for every position the EU takes might now wish to do the same. In particular, the latter group of people really need to stop claiming that the UK must accept the CJEU’s jurisdiction for any treaty in this field, given that the EU has never insisted on any such thing for any other non-EU country.
In particular, the EU negotiation position for these talks is that in the event of disputes between the parties relating to EU law, the CJEU has to be the final arbiter. The EU has taken that position because the CJEU requires it – but we can find ways to avoid the situationsin which the CJEU requires it, in particular by not referring to EU law as such, and/or avoiding a dispute settlement system which includes arbitrators that might be called on to interpret it. Indeed, the EU and other non-EU countries have found ways to do just that many times before, in all the areas covered by this blog post. If the EU doesn’t trust the UK, it will have the possibility to terminate or suspend the treaty if its concerns are confirmed in practice.
In some ways, this is an update of a previous blog post I wrote on the possibility of a security treaty between the two sides post-Brexit – although obviously events have moved on since then, which I have fully taken account of. Another background source is the House of Lords committee report on a future UK/EU security treaty (which I was a special adviser to).
Note that the withdrawal agreement already provides for the details of winding up the UK’s participation in these issues at the end of the transition period. In the event of future treaties on these issues, arguably the agreement’s Joint Committee can amend these provisions to suit (see Article 164(5)(d), giving it the power to amend the agreement ‘to address situations unforeseen when this Agreement was signed’).
Since there is a significant possibility that the UK/EU negotiations on economic relations will be about as successful as the recent Cats movie, a lot turns on whether there will be a separate treaty on this issue. This is an explicit demand by the UK side, although the EU position is vague. We can only speculate at this point whether a collapse of the economic talks would anyway scupper other negotiations on separate treaties for political reasons.
To ease comparison, the EU position is in italics throughout. The UK position is underlined. My commentary is in ordinary text. I have marked each point by a traffic light system to indicate my assessment of the likelihood of agreement as things stands: Green is more likely than not; Amber is possible, but complicated; Red is unlikely.
In an alternate universe, there’s an alternative Professor Peers, who has the technical ability to do more exciting things with a text; but we are all stuck in this universe.  

Civil cooperation59. In areas not covered by existing international family law instruments and taking into account the United Kingdom’s intention to accede to the 2007 Hague Maintenance Convention, the Parties should explore options for enhanced judicial cooperation in matrimonial, parental responsibility and other related matters.64. The UK proposes continuing to work together with the EU in the area of civil judicial cooperation through multilateral precedents set by the Hague Conference on Private International Law and through the UK’s accession as an independent contracting party to the Lugano Convention 2007.
Amber. The Hague Conference is an international process to draft treaties (among other things) facilitating civil judicial cooperation worldwide. The EU as such is a member alongside its Member States, and has signed up to some of the relevant treaties, including the 2007 Hague Maintenance Convention. (the UK’s ratification is planned for the end of the transition period: see these declarations).  The EU has gone further than the Hague Conference on some civil law issues, by adopting legislation going into more detail on civil jurisdiction (which country’s court has jurisdiction over a cross-border dispute), conflict of law (which country’s law applies in a cross-border dispute; this does not necessarily match the court with jurisdiction), and recognition of judgments as between countries (ie how an American judgment might be enforced in Japan). The Lugano Convention is a treaty copying the text of general EU law on civil jurisdiction and recognition of judgments as it stood in 2007 (it was amended in 2012) and extending it to Norway, Iceland, and Switzerland.
The EU refers specifically to family law, apparently contemplating specific arrangements, while the UK refers generally to the Hague Conference and more precisely to the Lugano Convention. There’s a specific process for signing up to that Convention, in Articles 70 and 72. For a country not part of the EU and EFTA, as the UK will be, it needs the unanimous consent of the existing Contracting Parties. The EFTA States have already supported the UK’s accession; it remains to be seen what view the EU will take. The existing parties ‘shall endeavour to consent’ to the request for accession within a year after they agree to it. As part of the accession request, the applicant country must, among other things, supply ‘information on the appointment and independence of judges’.
Note that although the Lugano Convention copies an EU law text, it does not give the CJEU jurisdiction over the treaty as regards non-EU signatories. Rather Protocol 2 to the Convention says that the parties shall give ‘due account’ to each other’s court’s judgments, including the judgments of the CJEU. There is a system for discussing divergences in interpretation of the Convention, but this does not include any binding dispute settlement – therefore no arbitrators who might be called upon to ask the CJEU how to interpret EU law. Note that the UK’s intention to sign up to the Convention indicates that this does not violate the UK’s ‘red line’ objections to CJEU jurisdiction, presumably because it does not involve jurisdiction for the CJEU or provide for arbitrators to refer questions to the CJEU in the event of a dispute. Equally we can deduce it doesn’t violate EU ‘red line’ objections either – given that the EU signed up to the Convention already.
There’s also no ‘dynamic alignment’, ie no obligation to keep up with changes in EU law. Indeed, the 2012 amendment of EU law did not affect the Convention, which still reflects the EU law on this issue adopted in 2001.
In order to move things forward, the UK would have to apply as soon as possible to sign up to the Lugano Convention. If the EU wants to continue cooperation on family law it should table a text soon. Copying the existing EU law texts into a separate treaty, following the format of the Lugano Convention, would be the easiest way forward. As explained above, the Lugano Convention does not breach the UK’s red lines. 
Immigration and asylum145. The envisaged partnership should envisage cooperation to tackle irregular migration of nationals other than those of the Parties, including its drivers and consequences, whilst recognising both the need to protect the most vulnerable and the United Kingdom’s future status of a non-Schengen third country that does not provide for the free movement of persons. This cooperation should cover: a) cooperation with Europol to combat organised immigration crime in line with arrangements for the cooperation with third countries set out in the relevant Union legislation; b) a dialogue on shared objectives and on cooperation, including in third countries and international fora, to tackle irregular migration upstream.54. The UK has made a specific commitment to seek to negotiate a reciprocal agreement for family reunion of unaccompanied children seeking asylum in either the EU or the UK, with specified family members in the UK or the EU, where this is in the child’s best interests.
55. Beyond this, the UK is open to an agreement regulating asylum and migrant returns between the UK and the EU, or alternatively with individual Member States, underpinned by data sharing, to help counter illegal migration and deter misuse of our asylum systems.
Red. The EU seems to be interested in operational cooperation in this area, while the UK wants to negotiate on unaccompanied children seeking asylum, and is also open to a broader arrangement on ‘asylum and migrant returns’ either with the whole EU or individual Member States. The CJEU has not clarified whether this is an issue within EU exclusive competence (ie Member States can’t sign treaties with non-EU countries) or not. The European Parliament also supported the idea of a treaty in this field (para 61 of its resolution on the future relationship), but it is not the negotiator.
In order to move this issue forward, the UK should table a text in this area as soon as possible. If the EU is not interested, the UK should adapt that text into a model treaty with individual Member States and table it to them. NGOs interested in asylum issues should do their best to encourage interest on the EU side.
It is sometimes suggested that the EU should only sign treaties on asylum responsibility with non-EU countries which have signed up to Schengen. But as discussed below, the ‘signed up to Schengen’ rule is not consistently applied by the EU in these negotiations. And frankly, it is not defensible to prioritise an arbitrary and incoherent ‘rule’ above the family unity of vulnerable unaccompanied children seeking asylum.
Note that the EU’s treaties in this field do not require the non-EU country to accept CJEU jurisdiction. For instance the treaty with Norway and Iceland refers to an exchange of case law, political dispute settlement, and the possible termination of the treaty.
56. Mobility arrangements, including on visa-free travel for short-term stays, in the envisaged partnership should be based on non-discrimination between the Union Member States and full reciprocity.57. The envisaged partnership should aim at setting out conditions for entry and stay for purposes such as research, study, training and youth exchanges.58. The envisaged partnership should address social security coordination.60. Any provisions should be without prejudice to the Common Travel Area (CTA) arrangements as they apply between the United Kingdom and Ireland, as referred to in Article 38(2) of the Withdrawal Agreement and in Article 3 of the Protocol on Ireland/Northern Ireland.17. Social security coordination can remove barriers and support mobility of labour between countries. Arrangements that provide healthcare cover for tourists, short-term business visitors and service providers, that allow workers to rely on contributions made in two or more countries for their state pension access, including uprating principles, and that prevent dual concurrent social security contribution liabilities, could be good for business and support trade. These arrangements could benefit UK nationals and EU citizens travelling or moving between the UK and the EU in future.
18. The UK is ready to work to establish practical, reciprocal provisions on social security coordination. Any agreement should be similar in kind to agreements the UK already has with countries outside the EU and respect the UK’s autonomy to set its own social security rules. These arrangements should support mobility by easing the process for those working across borders, including underpinning the reciprocal arrangements on the temporary entry and stay for business purposes (‘Mode 4’ provisions).
Green (social security, visas, CTA); Red (students etc). The two sides both seem interested in negotiating a social security treaty. The UK does not reply to the EU’s visa point, but the relevance of that is limited because the EU has already waived short-term visitor visa requirements for UK citizens unilaterally, as discussed here. The UK also does not reply to the EU’s points about researchers and students, although both sides have their own legislation on admission of these groups of people already (the EU law is discussed here). Nor does the UK refer to the Common Travel Area, but the withdrawal agreement refers to it already.
Police and criminal law: General115. With a view to the Union’s security and the safety of its citizens, the Parties should establish a broad, comprehensive and balanced security partnership. This partnership will take into account geographic proximity and evolving threats, including serious international crime, organised crime, terrorism, cyber-attacks, disinformation campaigns, hybrid-threats, the erosion of the rules-based international order and the resurgence of state-based threats.116. The envisaged partnership should reaffirm the Parties’ commitment to promoting global security, prosperity and effective multilateralism, underpinned by their shared principles, values and interests. The security partnership should comprise law enforcement and judicial cooperation in criminal matters, foreign policy, security and defence, as well as thematic cooperation in areas of common interest.27. The safety and security of our citizens is the Government’s top priority. The UK already has world leading law enforcement capabilities. At the end of the transition period, we will fully recover our sovereign control over our borders and immigration system, which will further enhance our security capabilities.
28. Against this background, the UK stands ready to discuss an agreement on law enforcement and judicial cooperation in criminal matters, to the extent that this is in both parties’ interests. It should include: arrangements that support data exchange for law enforcement purposes; operational cooperation between law enforcement authorities; and judicial cooperation in criminal matters.
29. The agreement should facilitate police and judicial cooperation between the UK and EU Member States; equip operational partners on both sides with capabilities that help protect the public and bring criminals to justice; and promote the security of all our citizens.
Both sides support motherhood. And puppies. Lots of puppies. Other than the international criminal puppies.
Police and criminal law: Red Lines117. The security partnership should provide for close law enforcement and judicial cooperation in relation to the prevention, investigation, detection and prosecution of criminal offences, taking into account the United Kingdom’s future status of a non-Schengen third country that does not provide for the free movement of persons. The security partnership should ensure reciprocity, preserve the autonomy of the Union’s decision-making and the integrity of its legal order and take account of the fact that a third country cannot enjoy the same rights and benefits as a Member State.30. This should be a separate agreement with its own appropriate and proportionate governance mechanism. The agreement must not constrain the autonomy of the UK’s legal system in any way. It should not provide any role for the CJEU in resolving UK-EU disputes, which is consistent with the EU’s approach to cooperation with third countries on law enforcement and judicial cooperation in criminal matters, including between the EU and neighbouring non-EU countries on tools such as the Second Generation Schengen Information System (SIS II) and Prüm.
Both sides emphasising the importance of the ‘autonomy’ of their own legal order here – but emphasising different examples of what their ‘red line’ is in that context. For the UK, it’s no ‘role for the CJEU in resolving UK-EU disputes’. (The UK doesn’t – and couldn’t seriously – object to a role for the CJEU in interpreting the treaty on the EU side; see, for instance, the CJEU judgment on the EU/US extradition treaty, discussed here).  The UK government correctly points out that in practice the EU has consistently agreed treaties with non-EU countries on these issues without requiring jurisdiction for the CJEU to settle disputes. For the treaties it refers to, see for instance the Schengen association agreement with Norway and Iceland (review of the case law; political dispute settlement; termination if dispute is not settled), and the Prüm agreement with the same countries (review of the case law; political dispute settlement).
Having said that, the EU has not made any specific demand on the CJEU issue – besides the general position that if arbitrators are called upon to settle a dispute involving interpretation of EU law, they must ask the CJEU. But the EU makes no mention of how it thinks dispute settlement should work in this specific area. There is no reason why arbitrators must always be involved in settling disputes about interpretation of a treaty, and the EU has never insisted on it before in this field.
The EU’s specific ‘red line’ is ‘taking into account the United Kingdom’s future status of a non-Schengen third country that does not provide for the free movement of persons.’ That correctly describes the UK’s future status; but as we will see, the EU applies this test inconsistently, objecting to the UK continuing to participate in the second-generation Schengen Information System (SIS II), but supporting the UK continuing to participate in some other EU measures only extended to non-EU Schengen associates, or not extended to non-EU countries at all.
Police and criminal law: human rights and data protection118. The envisaged partnership should be underpinned by commitments to respect fundamental rights including adequate protection of personal data, which is a necessary condition for the envisaged cooperation. In this context, the envisaged partnership should provide for automatic termination of the law enforcement cooperation and judicial cooperation in criminal matters if the United Kingdom were to denounce the European Convention of Human Rights (ECHR). It should also provide for automatic suspension if the United Kingdom were to abrogate domestic law giving effect to the ECHR, thus making it impossible for individuals to invoke the rights under the ECHR before the United Kingdom’s courts. The level of ambition of the law enforcement and judicial cooperation envisaged in the security partnership will be dependent on the level of protection of personal data ensured in the United Kingdom. The Commission will work toward an adequacy decision to facilitate such cooperation, if applicable conditions are met. The envisaged partnership should provide for suspension of the law enforcement and judicial cooperation set out in the security partnership, if the adequacy decision is repealed or suspended by the Commission or declared invalid by the Court of Justice of the European Union (CJEU). The security partnership should also provide for judicial guarantees for a fair trial, including procedural rights, e.g. effective access to a lawyer. It should also lay down appropriate grounds for refusal of a request for cooperation, including where such request concerns a person who has been finally convicted or acquitted for the same facts in a Member State or the United Kingdom.31. Cooperation will be underpinned by the importance attached by the UK and the EU to safeguarding human rights, the rule of law and high standards of data protection. The agreement should not specify how the UK or the EU Member States should protect and enforce human rights and the rule of law within their own autonomous legal systems.
32. The agreement should include a clause that allows either party to suspend or terminate some or all of the agreement. This should enable either the UK or the EU to decide to suspend – in whole or in part – the agreement where it is in the interests of the UK or the EU to do so.
33. In line with precedents for EU third country agreements on law enforcement and judicial cooperation in criminal matters, the agreement should not specify the reasons for invoking any suspension or termination mechanism.
Amber. Both sides express their concern about data protection and human rights, but diverge on what that might mean in practice – although that divergence is not so broad that compromise is impossible.  The EU wants to suspend or terminate the treaty for reasons related to human rights or data protection, while the UK accepts the possibility that the treaty could be suspended or terminated, but does not want the treaty to specify the reasons why it might be suspended or terminated. The obvious compromise is that the treaty provides for its suspension or termination if either party decides, without mentioning the grounds, while the EU provides in its own law that it will automatically trigger these clauses for specified human rights or data protection reasons. (This approach could apply equally to divergences from case law: the UK could hardly object to the EU terminating a treaty on those grounds, having accepted that either side should be able to terminate the treaty on grounds they may choose).
The UK refrains from responding to the EU’s implied concern about human rights protection in the UK, but a neutral observer concerned with this issue might well call for a plague on both their houses: the disturbing attacks on judicial independence in Poland being matched by British politicians and commentators who slaver to follow this example. Once the British establishment fantasised that it was Greece to America’s Rome; now it aspires to be Mini-Me to Poland’s Dr. Evil.  
Data exchange119. The envisaged partnership should establish arrangements for timely, effective, efficient and reciprocal exchanges between Passenger Information Units of Passenger Name Record (PNR) data and of the results of processing such data stored in respective national PNR processing systems. It should also provide a basis for transfers of PNR data by air carriers to the United Kingdom for the flights between the United Kingdom and a Member State. Such arrangements should comply with the relevant requirements, including those set out in the Opinion 1/15 of the CJEU.40. The agreement should provide for reciprocal transfers of PNR data to protect the public from serious crime and terrorism.
41. The transfer of Passenger Name Record data from airlines to the UK or EU Member State competent authorities is an important law enforcement capability. It enables law enforcement and security agencies to identify known and otherwise unknown individuals involved in terrorism related activity and serious crime, and track criminal networks from their patterns of travel.
42. The agreement should be based on, and in some respects go beyond, precedents for PNR Agreements between the EU and third countries – most recently, the mandate for the EU-Japan Agreement.
Green. Both sides agree to negotiate on passenger name data, with no big conflict between their positions – although it’s not clear what the UK seeks by ‘going beyond’ the usual EU treaties. On this issue, the EU has a record of agreeing treaties with non-EU countries (including non-Schengen countries), as the UK points out. There’s no CJEU jurisdiction required for the non-EU countries: see the EU/US PNR treaty, for instance (political dispute settlement).
The EU side refers to a 2017 CJEU judgment (discussed here), which criticised the EU/Canada PNR agreement on data protection grounds, but did not rule out the EU agreeing such treaties if there were stronger safeguards. Note that a further CJEU challenge is pending, on the EU’s own PNR legislation; this might have implications for the EU’s external treaties on this issue too. The EU cannot simply negotiate away these safeguards, as the CJEU rulings are based on EU primary law (the EU Charter of Fundamental Rights).
120. The envisaged partnership should provide for arrangements between the Parties ensuring reciprocal access to data available at the national level on DNA and fingerprints of suspected and convicted individuals as well as vehicle registration data (Prüm).38. The agreement should provide for the fast and effective exchange of national DNA, fingerprint and vehicle registration data between the UK and individual EU Member States to aid law enforcement agencies in investigating crime and terrorism.
39. The agreement should provide similar capabilities to those currently delivered through the Prüm system, drawing on the precedent for such cooperation between the EU, Norway and Iceland as well as between the EU and Switzerland and Liechtenstein. These precedents include a political dispute resolution mechanism with no jurisdiction in those third countries for the CJEU.
Green. Both sides agree to negotiate on this particular form of exchange of data, with no conflict between their positions. The UK correctly points out that the EU has already signed agreements with Schengen associates linking them to the EU legislation on this exchange of information, with no CJEU jurisdiction for the non-EU countries and political dispute settlement.
121. Without prejudice to the exchange of law enforcement information through Interpol, Europol, bilateral and international agreements, the envisaged partnership should provide for alternatives for simplified, efficient and effective exchanges of existing information and intelligence between the United Kingdom and Member States law enforcement authorities, in so far as is technically and legally possible, and considered necessary and in the Union’s interest. This would include information on wanted and missing persons and objects.43. The agreement should provide a mechanism for the UK and EU Member States to share and act on real-time data on persons and objects of interest including wanted persons and missing persons. This capability is currently provided by the Second Generation Schengen Information System II (SIS II), making alerts accessible to officers on the border as well as to front-line police officers in the UK.44. SIS II is used by EU and non-EU Schengen members (Switzerland, Norway, Iceland and Liechtenstein). The UK will continue to use SIS II until the end of 2020.
45. The agreement should provide capabilities similar to those delivered by SIS II, recognising the arrangements established between the EU and non-EU Schengen countries (Switzerland, Norway, Iceland and Liechtenstein). The EU’s agreements with these non-EU Schengen countries include a political dispute resolution mechanism with no jurisdiction in those third countries for the CJEU.
Red. The UK seeks something ‘similar’ to SIS II, while the EU rules out the UK’s participation in SIS II as such. This is not explicit in the EU position, but is set out unambiguously in the Q and As published by the Commission. Currently the UK participates in the criminal and police information exchange in SIS II, not the immigration aspects of the database, as discussed here. There’s another law known informally as the ‘Swedish Framework Decision’, but it concerns exchange of information in specific cases, not a database. So while both sides are willing to negotiate something, it’s not clear what that might be.
122. The envisaged partnership should provide for cooperation between the United Kingdom and Europol and Eurojust in line with arrangements for the cooperation with third countries set out in relevant Union legislation.46. The agreement should provide for cooperation between the UK and Europol to facilitate multilateral cooperation to tackle serious and organised crime and terrorism. The UK is not seeking membership of Europol. Europol already works closely with a number of non-EU countries, including the US, through dedicated third country arrangements.
47. The agreement could go beyond existing precedents given the scale and nature of cooperation between the UK and Europol. For example, the UK was the highest contributor of data to Europol for strategic, thematic and operational analysis in 2018.
49. The agreement should provide for cooperation between the UK and Eurojust. Eurojust is an EU agency which brings together prosecutors, magistrates and law enforcement officers to assist national authorities in investigating and prosecuting serious cross-border criminal cases. The UK is not seeking membership of Eurojust.
50. Eurojust already works closely with a number of non-EU countries, including the US, through dedicated third country arrangements. The agreement should follow these precedents to enable ongoing cooperation between the UK and Eurojust.
Green. Both sides are broadly in agreement here, and both correctly point out that there is a framework for Europol and Eurojust to cooperate with non-EU countries (already being applied, as the UK points out).  The UK’s goal of going beyond precedent as regards Europol might not be reciprocated by the EU side. Cooperation with non-EU countries does not go as far as being a Member State. Contrary to the popular belief that ‘cooperation with Europol means CJEU jurisdiction yada yada yada’, there’s no such requirement for non-EU states: see the Europol agreements with the USA, for instance.
Criminal justice cooperation123. The envisaged partnership should establish effective arrangements based on streamlined procedures subject to judicial control and time limits enabling the United Kingdom and Union Member States to surrender suspected and convicted persons efficiently and expeditiously, with the possibilities to waive the requirement of double criminality for certain offences, and to determine the applicability of these arrangements for political offences and to own nationals, including the possibility for the Union to declare, on behalf of any of its Member States, that nationals will not be surrendered, as well as to allow for the possibility to ask for additional guarantees in particular cases.51. The UK is not seeking to participate in the European Arrest Warrant as part of the future relationship. The agreement should instead provide for fast-track extradition arrangements, based on the EU’s Surrender Agreement with Norway and Iceland which came into force in 2019, but with appropriate further safeguards for individuals beyond those in the European Arrest Warrant.
Amber. Both sides agree on a fast-track extradition system in place of the European Arrest Warrant, which has only ever been applied between EU countries. The UK explicitly refers to the precedent with Norway and Iceland, which is very similar to the EAW with certain exceptions (from the ‘red line’ perspective, there’s no CJEU jurisdiction for the non-EU countries, exchange of case law and political dispute settlement). The only other EU extradition treaty is with the USA. The UK refers to ‘further safeguards’, while the EU refers to ‘additional guarantees’: similar in principle, but the devil will be in the details.
As for those details, the EU position that some Member States might refuse to extradite their own citizens already applies in the withdrawal agreement transition period and in the EU/Norway/Iceland agreement. It’s derived from long-standing national constitutional rules, not a vengeful tantrum by the EU: Barnier did not travel back in time to tell Member States’ constitution drafters and constitutional court judges to punish the UK for leaving the EU decades in the future.
I pointed out that this would happen before the referendum, and was told this was ‘Project Fear’; nobody has had the humility or integrity to apologise for their ignorance on this issue. It’s almost as if not everybody knew what they were voting for after all. And the sight of people who wanted the UK to become a non-EU country becoming upset because the UK is now being treated as a non-EU country is…unappealing.
The EU refers to the possibility of waiving ‘dual criminality’ – the usual rule of extradition law that an act or omission must be a crime in both the State requesting extradition and the State being requested to hand over a fugitive for extradition to apply. The European Arrest Warrant waives that rule as regards 32 crimes; the EU/Norway/Iceland treaty makes the waiver only optional. As a whole, the EU/Norway/Iceland treaty copies most of the EAW legislation, with several other exceptions.
124. To ensure effective and efficient practical cooperation between law enforcement and judicial authorities in criminal matters, the envisaged partnership should facilitate and supplement, where necessary, the application of relevant Council of Europe conventions, including by imposing time limits and providing for standard forms. It should also cover necessary supplementary forms of mutual legal assistance and arrangements appropriate for the United Kingdom future status, including on joint investigation teams and the latest technological advancements, with a view to delivering capabilities that, in so far as is technically and legally possible and considered necessary and in the Union’s interest, approximate those enabled by the Union instruments.52. The agreement should provide for arrangements delivering fast and effective mutual legal assistance in criminal matters including asset freezing and confiscation. These arrangements should build and improve on those provided by relevant Council of Europe Conventions including the 1959 Council of Europe Convention on Mutual Legal Assistance and its Protocols, for example by providing for streamlined and time limited processes.
Amber. Both sides are willing to supplement the Council of Europe treaties on mutual assistance (the rules on transferring evidence cross-border). The EU has previously negotiated mutual assistance treaties with Norway and Iceland, the USA and Japan. Internal EU law (the European Investigation Order, discussed here), has aimed to replace the Council of Europe measures with a fast-track system too. The details of what is contemplated are not clear, however. The UK refers explicitly to freezing and confiscation (the subject of separate EU and Council of Europe measures), but the EU does not; the reverse is true for joint investigation teams.
125. Supplementing and facilitating the application of the European Convention on Mutual Legal Assistance in Criminal Matters of 20 April 1959 and its Additional Protocols, the envisaged partnership should put in place arrangements on exchange of information on criminal records appropriate to the United Kingdom’s future status with the view of delivering capabilities that, in so far as technically and legally possible and considered necessary and in the Union’s interest, approximate those enabled by the Union instrument.35. The agreement should provide for the fast and effective exchange of criminal records data between the UK and individual EU Member States, recognising that this is an important tool for investigations, prosecutions and sentencing, as well as for wider community safety.
36. To that end, the agreement should provide for capabilities similar to those provided by the European Criminal Records Information System (ECRIS). ECRIS is a secure, automated, electronic system providing for exchange of criminal records information held on countries’ own national databases within specific deadlines.
37. These arrangements should draw on precedents for similar networks of national databases for law enforcement purposes between the EU and third countries (see Prüm below).
Green. Both sides agree in principle to exchange of criminal records on a similar basis to existing EU law (ECRIS was initially set up on the basis of two EU laws: a Framework Decision and a Decision. These laws were amended and replaced by a Regulation and Directive). The details remain to be worked out, however. Note that the EU has not previously agreed to such measures with any non-EU country – even the Schengen associates.
Other issues126. The envisaged partnership should include commitments to support international efforts to prevent and fight against money laundering and terrorist financing, particularly through compliance with Financial Action Task Force (FATF) standards. The provisions in the envisaged partnership should go beyond the FATF standards on beneficial ownership information, among others by providing for the existence of public registers for beneficial ownership information for companies and semi-public registers of beneficial ownership information for trusts and other legal arrangements.53. The agreement should establish effective and reciprocal arrangements to transfer prisoners between the UK and EU Member States, enabling prisoners to be moved closer to home and be rehabilitated in the community to which they will be released. These should build and improve on arrangements provided by the 1983 Council of Europe Convention on the Transfer of Sentenced Persons and its Protocols, and could include time limited processes.
Red. The UK wants to go beyond the Council of Europe rules on the transfer of prisoners, although it does not explicitly refer to the EU law on this issue. There is no matching interest in negotiating this from the EU. On the other hand, the UK does not match the EU interest in negotiating on money laundering (again, there’s no explicit reference to EU law on money laundering) – although in this case, the EU position is almost word for word what the UK agreed with the EU in the political declaration on the future relationship (para 89, discussed here). It’s fair to say, as noted above, that the UK refers to freezing and confiscation of assets, which are part of this issue – but the banking law aspects are part of it too.

(European Parliament Research Service – EPRS- Authors
IVANA KIENDL KRISTOWouter VAN BALLEGOOIJ )

Executive summary

EU Member States have been extraditing suspects and sentenced persons to each other for many decades on the basis of bilateral and multilateral conventions. Those arrangements were, however, slow and thwarted by exceptions based on national sovereignty. As EU integration has progressed, the Member States have agreed to base their cooperation on the principle of mutual recognition of judicial decisions, moving away from a system in which decisions on extradition were ultimately taken at government level. This principle was implemented in the Framework Decision on the European Arrest Warrant and Surrender Procedures (FD EAW), adopted in 2002 on the basis of rapid negotiations following the 9/11 terrorist attacks.

This paper is the first of two publications on the implementation of the European arrest warrant that EPRS will prepare for the LIBE committee.

It provides a framework for analysis as well as preliminary findings on the implementation of the above-mentioned legislation in practice. This paper will be followed by a study (due in April 2020) that will present a comprehensive assessment of the implementation of the FD EAW and tentative recommendations on how to address shortcomings identified.

The FD EAW, adopted in 2002 and implemented since 2004, is generally recognised as a successful instrument. The data available show that it has led to a considerable simplification and speeding up of handover procedures, including for some high-profile cases of serious crime and terrorism. In 2017, the average time between the arrest and surrender of people who did not consent to surrender was 40 days, a remarkable reduction compared to the one year average under the pre­existing extradition regime.

Notwithstanding these achievements a number of challenges remain. More specifically, reports by EU institutions, case law and contributions by practitioners, academics and non-governmental organisations (NGOs) point to a number of challenges in the issuance and execution of EAWs. Those challenges relate back to core debates concerning judicial independence, the nature of mutual recognition and its relationship with international norms, primary EU law and values, including fundamental rights, and (the need for) additional harmonisation measures. In particular, they concern the following matters:

the definition of issuing judicial authorities and their independence from government, which excludes police officers and organs of the executive, but can include public prosecutors in accordance with certain conditions (Section 2.1.1);

the proportionality of a number of EAWs issued for ‘minor crimes’ and before the case was ‘trial ready’, also in view of other possible judicial cooperation measures, where the European Parliament’s call for legislative reform has been answered through guidelines in a Commission Handbook (Section 2.1.2)

the verification of double criminality by executing judicial authorities, leading to a lively academic debate on the compatibility of this requirement with the principle of mutual recognition and potential further questions to be raised with the CJEU; and the lack of approximation of certain offences for which verification is no longer allowed (Section 2.2.1);

EAWs for nationals and residents of the executing Member State and their interplay with the Framework Decision on the Transfer of Prisoners with the dual aim of social rehabilitation and the prevention of impunity (Section 2.2.2);

EAWs based on decisions following proceedings at which the person concerned was not present (in absentia) raising practical problems caused by non-implementation, differences concerning implementation, or incorrect implementation or application of the legislation implementing the Framework Decision on in absentia (Section 2.2.3);

and the role of the executing judicial authority in safeguarding the fundamental rights of the requested person as developed in the CJEU’s case law both as regards EAWs where there are concerns relating to poor detention conditions and broader concerns relating to the right to a fair trial, including an independent and impartial tribunal (Section 2.2.4).

Finally, requested persons have also faced difficulties in effectively exercising their procedural rights in the issuing as well as the executing Member State based on the specific provisions relating to the EAW in the various directives approximating the rights of suspected and accused persons within the EU (Section 2.3).

LINK TO THE FULL TEXT OF THE STUDY https://www.europarl.europa.eu/RegData/etudes/IDAN/2020/621814/EPRS_IDA(2020)621814_EN.pdf

by Emilio DE CAPITANI (Former Secretary of the European Parliament Civil Liberties Committee – LIBE) 18/02/20

Foreword

1. Asking for transparency in a public organization where most of the members are bureaucrats, diplomats and politicians has always been a challenge because each one of these categories will try to preserve and expand its power without being accountable to anyone. This kind of secrecy that ancient Romans called “Arcana Imperii” remains even today the main temptation of power holders who only recently have reluctantly accepted the checks and balances preventing the concentration of powers. Needless to say such checks and balances can prevent abuses only if rule of law is preserved and legislation is adopted with transparent debates and votes as it should be in a democratic society where citizens may play a role when choosing their representatives (representative democracy) but are also associated to the willing to definition of the public policies (participative democracy).

The evolution of transparency in the first phase of the European Communities

2. Transparency (and fundamental rights) where not cited by the founding treaties of the European Economic Community which was mainly focused on the establishment of the internal market and of the four freedoms, but become unavoidable when the ambition of the ECC became more clearly political at the end of the Seventies in the perspective of an “ever closer” Union of the peoples of these member States. It is therefore not surprising that this change of perspective triggered also a change of practices and administrative culture on the side of bureaucrats, diplomats and politicians working in the European institutions.

Suffice it to say that still in the mid-1970s, decision-making and administrative transparency were limited to some essential aspects such as the introductory justifications of each  European Community measure and the mandatory publication of most (but not all) of the EC acts on the Official Journal ( which at the time was only printed in less than 20,000 copies).

3. It is only after the first direct European Parliament elections and its association to the decision-making process even if only as a consultative body that the Commission decided (notwithstanding the opposition of some Member States in the Council) to publish its proposals and, in accordance with the case law of the Court, to better describe in the preamble of the draft acts the essential elements of the procedure as well as the legal basis justifying their adoption.[1]

4. Even if the legislative nature of certain Community measures was already recognised in the case-law of the Court ([2]) the word “legislative” was a penumbral concept in the Institution’s practices and appeared only indirectly in the mid-1980s, first in the practices of the institutions after the Single European Act (entered into force in 1987) with the establishment of a “legislative program” whose aim was to describe notably the “cooperation procedures” requiring two successive readings by the European Parliament.

5. Finally the notion of a more transparent European legislation (both for the content as well as for the adoption procedure) appeared in the Conclusions of the European Council meeting in Birmingham on October 16, 1992 ([3]) as a political response of the EU institutions to the first negative referendum in Denmark ta the time of the ratification of the Maastricht Treaty.

Thanks to this Referendum and to the Maastricht Treaty a radical change of approach has been triggered notably inside the Council marking the new EU’s ambition to upgrade its economic mission to a more political one and, consequently, to make its decision-making process more democratic (with the codecision procedure) and transparent. (see the Declaration attached to the Maastricht treaty)

Legislative and not legislative transparency  

6. This approach will be reinforced with the Amsterdam Treaty which entered into force on May 1, 1999 and which provides for the first time at the level of primary law in Article 255 of the EC Treaty (TEC) the fundamental right of citizens to access European Parliament and Council Commission documents. In addition to this article art. 207 p. 3 of the TEC gave the Council the right to determine “..the cases in which it must be regarded as acting in its capacity as legislator in order to allow better access to documents in these cases, while preserving the efficiency of its process of decision making… “.

7. In application of art. Art 255 TCE the European Parliament and the Council subsequently framed with Regulation 1049/2001 the principles as well as the exceptions ([4]) to the right of access to documents which was considered an essential element of participative democracy.

Unfortunately Regulation 1049/01 was not able to make a clear distinction between legislative and not legislative activity because it mirrored the definition given by the Council internal procedures according to which were “legislative” all the EU measures “binding in and for the Member States” even if  most of these measures were administrative and not legislative so that a lower level of transparency could had been justified .

The stalemate after the Lisbon Treaty

8. The entry into force on 1^st December 2009 of the Lisbon Treaty and of the Charter of fundamental Rights was deemed to mark a new era for the European Union and for its Citizens because since then most of the pre-existing problems at Constitutional level were adressed: the Unanimity rule in the Council is now the exception (and no more the rule), the European Parliament has been transformed in a full-fledged co-legislator (also in domains previously jealously controlled by the Member States such as the judicial and police cooperation in criminal matters) and the Court of Justice has been recognised fully competent on almost all the European Policies.

9. Moreover the preamble of the European Charter has proclaimed a sort of Copernican Revolution by announcing that the EU was placing “.. the individual at the heart of its activities, by establishing the citizenship of the Union and by creating an area of freedom, security and justice’  and this announcement is now mirrored in the new Title II of the TEU, dealing with democratic principles which now stipulates that ‘the Union shall observe the principle of the equality of its citizens, who shall receive equal attention from its institutions’ (Article 9) and that ‘every citizen shall have the right to participate in the democratic life of the Union. Decisions shall be taken as openly and as closely as possible to the citizen’ (Article 10(3))[5].

10. Participative democracy is now hammered in the art. 11.1 [6]and 2 TEU according to which the EU institution shall“..give citizens and representative associations the opportunity to make known and publicly exchange their views in all areas of Union action‘ and  ‘maintain an open, transparent and regular dialogue with representative associations and civil society”.

11. But the main rule for participative democracy (along the right to submit legislative initiatives to the attention of the Commission) is the Art 15 of the TFEU whose opening words are the following :” In order to promote good governance and ensure the participation of civil society, the Union’s institutions, bodies, offices and agencies shall conduct their work as openly as possible.” This general obligation is clearly linked to the article 41 of the Charter which promote the principle of good administration inside the EU and the art. 298 of the same Treaty which states that “In carrying out their missions, the institutions, bodies, offices and agencies of the Union shall have the support of an open, efficient and independent European administration.” [7]

12. The second paragraph states of art 15 that “The European Parliament shall meet in public, as shall the Council when considering and voting on a draft legislative act.” Public debates and votes may look quite a basic rule when enacting a legislation, but this was not the case in the European Union before the Lisbon treaty. Even if Council votes were public, this was not the case of legislative debates unlike what was happening in the European Parliament where debates were and still are public at committees and Plenary level. This situation of half transparency notably when the legislation is enacted in co-decision by the European Parliament and by the Council is clearly unacceptable for the EU citizens and even the national Parliaments which in principle should have the right to know and to follow the EU decision-making process no matter if debates are in the Parliament or in the Council.

13. Moreover after Lisbon there is no more ambiguity between legislative and non legislative procedures because the Treaty itself :

• consider as legislative the measures adopted following the “ordinary” or the “special” procedure
• foresee the explicit announcement in the draft agendas of the Council the legislative debates/votes
• makes no more reference to the need of protecting the efficiency of decision making process.

14. It is worth noting that in cases of non legislative procedures the General Court and the Court of Justice have already accepted before the enry into force of the Lisbon Treaty a lower level of transparency than for legislative procedures by recognising a general presumption of non access ([8]) to five this kinds of non legislative documents.

This jurisprudence has been on my opinion rightly criticised by the doctrine [9] because Regulation 1049/01 does not make any reference to this kind of presumption. Quite the opposite the Regulation require an examination on each relevant document by also imposing a dialogue with the person who is asking the access. Moreover the presumption of confidentiality for the documents exchanged between the Commission and a Member States during the transposition of EU law in national law is prejudicial not only for the european citizens but also for the European Parliament. [10]

15 As far as legislative procedures were concerned the European Parliament in December 2011 voting on the revision of Regulation 1049/01 has decided to delete the reference in art 4 to the “efficiency of the decision making process” for the legislative procedures. But this vote has not been followed by the Council which is obviously more than happy to continue in its pre-Lisbon practices thanks to the survival of this exception in Regulation 1049/01 (which is still into force). Unfortunately the European Commission has also until now been supportive of the exception of the protection of the “efficiency of the decision making process” because it has found it very useful when confronted to requests for documents linked to the competition policy or dealing with its relations with the Member States when transposing EU law.

16. It is worth noting that this exception which until today is still the main reason for refusing the access to documents also for legislative procedures is not justified with the necessity to avoid a possible danger for the EU (which may justify even the creation of “classified” documents) but quite simply with the need of the Member States representatives to change their negotiating position without having to explain the real motivation to their national citizens or even …to their national parliaments.

17. When legislative procedures are at stake the Court of Justice has tried to reverse the Council and Commission position with several groundbreaking rulings such as the “Hautala” ([11])  the  “Turco” ([12] ) and Access Info ([13]) cases but the impact on the Council and Commission behaviour has been very limited.  Even two very interesting recent rulings in 2018 of  the Court of Justice and of the General Court have received until now a limited impact on the EU legislative transparency.

18. The first “Client Heart” case [14] is significant insofar as it clarifies the scope of the concept of ‘legislative documents’, which requires a wider threshold of openness. Deciding as Grand  Chamber the Court of Justice found that also documents drawn up in the context of an impact assessment qualify as legislative documents even if as outcome of the this analysis the Commission decide of not launching a legislative procedure.

The second “De Capitani v European Parliament” Ruling regarding the exception for the protection of the decision-making process, is Case T-540/15 where the General Court clarified that the negotiations between the European Parliament and the Council in presence of the Commission (so called “Trilogues”) are an essential phase of the legislative work (no matter if described as “informal”) so that the documents exchanged during these meeting and notably the multicolumn documents should be accessible even if they are evolving and provisional.

How change everything to..change nothing

19. Unfortunately two years after these two rulings the institutions have not changed their behaviour, (even if in some cases they accept specific requests on a case by case basis).

The Council is routinely marking most of the internal legislative documents debated in the working groups or at Coreper level as LIMITE and covered by “professional secrecy” even when they are transmitted to the National Parliaments (which prevent them from debating publicly) and the European Parliament still does not consider trilogues related documents as of legislative (preparatory) nature ! ([15])  Now the point is that if “Trilogues” are an essential phase of the legislative procedure the documents debated during these meetings should be proactively published as required by art. 15 TFEU([16]) and art. 12 par 2  of Regulation 1049/01 ([17]).

20. The “trilogue” procedure is already per se an extraordinry way to foster the EU decision making process and this can explain why now almost all the legislative procedures are negotiated in this framework. That having been said, pretending that this procedure should remain confidential is a blatant violation of the principle lf legislative transparency now embedded in the Treaties and in the Charter. It will be an exception on an already exceptional procedure where, moreover, the provisional texts exchanged when accessible are in only one language and where once a compromise is reached there is no real possibility for amendments!

Why making access to information simple when you can make it complex ?

21. To make things even worse, 18 years after the entry into force of Regulation 1049/01 the EU institutions are still quarelling on the the way how the EU citizens can have a simplified access to the documents negotiated under a specific legislative procedure.

The idea of a common “portal” was debated already debated in 2002 and some pilot projects have been tested since then in the Commission and more recently in the Office of EU publication who is in charge of the production of EURLEX. It may be surprising but institutions who spend millions of euro for the production and diffusion of their internal documents are not able of agreeing common exchange format for the most important EU activity which is to legislate for half billion people.. Such situation in the era of Google and Facebook is frankly unacceptable and in my opinion should trigger soon or later an enquiry by the Ombusdman or even by the Court of Auditors having regard to the social and economic impact of this EU institutions failure.

---

[1] Il s’agit notamment de la base juridique justifiant dans les traités l’adoption de la mesure, ainsi que les institutions  consultés ainsi que un argumentaire permettant de comprendre le problème que la mesure était censé résoudre.

[2] Voir le point 33 de l’arret “Isoglucose”, SA Roquette Freres v Counseil [Case 138/79, 1980]) selon lequel la consultation « .. est LE MOYEN QUI PERMET AU PARLEMENT DE PARTICIPER EFFECTIVEMENT AU PROCESSUS LEGISLATIF DE LA COMMUNAUTE . CETTE COMPETENCE REPRESENTE UN ELEMENT ESSENTIEL DE L ‘ EQUILIBRE INSTITUTIONNEL VOULU PAR LE TRAITE . ELLE EST LE REFLET , BIEN QUE LIMITE , AU NIVEAU DE LA COMMUNAUTE , D ‘ UN PRINCIPE DEMOCRATIQUE FONDAMENTAL , SELON LEQUEL LES PEUPLES PARTICIPENT A L ‘ EXERCICE DU POUVOIR PAR L ‘ INTERMEDIAIRE D ‘ UNE ASSEMBLEE REPRESENTATIVE »

[3] Voir les Conclusions du Conseil européen ( https://www.consilium.europa.eu/media/20501/1992_october_-_birmingham__eng_.pdf) et la Resolution du conseil du 8 juin 1993 relative à la qualité rédactionnelle de la législation communutaire (https://eur-lex.europa.eu/legal-content/FR/TXT/?uri=CELEX%3A31993Y0617%2801%29 )

[4] Exceptions qui doivent être interprétées et appliquées strictement (arrêt du 13 juillet 2017, Saint-Gobain Glass Deutschland/Commission, C‑60/15 P, EU:C:2017:540, point 63 et jurisprudence citée).

[5] [5] Comme reconnu par la Cour la possibilité, pour les citoyens, de contrôler et de connaître l’ensemble des informations qui constituent le fondement de l’action législative de l’Union est une condition de l’exercice effectif par ces derniers de leurs droits démocratiques, reconnus notamment à l’article 10, paragraphe 3, TUE (voir, en ce sens, arrêts du 1^er juillet 2008, Suède et Turco/Conseil, C‑39/05 P et C‑52/05 P, EU:C:2008:374, point 46, ainsi que du 17 octobre 2013, Conseil/Access Info Europe, C‑280/11 P, EU:C:2013:671, point 33).

[6] [6] Article 11,  TEU

1. The institutions shall, by appropriate means, give citizens and representative associations the opportunity to make known and publicly exchange their views in all areas of Union action.

2. The institutions shall maintain an open, transparent and regular dialogue with representative associations and civil society.

3. The European Commission shall carry out broad consultations with parties concerned in order to ensure that the Union’s actions are coherent and transparent.

4.Not less than one million citizens who are nationals of a significant number of Member States may take the initiative of inviting the European Commission, within the framework of its powers, to submit any appropriate proposal on matters where citizens consider that a legal act of the Union is required for the purpose of implementing the Treaties.

The procedures and conditions required for such a citizens’ initiative shall be determined in accordance with the first paragraph of Article 24 of the Treaty on the Functioning of the European Union.

[7]It is a disgrace that notwithstanding repeated formal requests of the European Parliament the European Commission do not intend to present a legislative proposal covering this objective.

[8] À ce jour, la Cour a reconnu l’existence de présomptions générales de confidentialité au bénéfice de cinq catégories de documents, à savoir les documents d’un dossier administratif afférent à une procédure de contrôle des aides d’État, les mémoires déposés devant les juridictions de l’Union au cours d’une procédure juridictionnelle tant que celle-ci est pendante, les documents échangés entre la Commission et les parties ayant procédé à une notification ou des tiers dans le cadre d’une procédure de contrôle des opérations de concentration entre entreprises, les documents se rapportant à une procédure précontentieuse en manquement, y inclus les documents échangés entre la Commission et l’État membre concerné dans le cadre d’une procédure EU Pilot, et les documents afférents à une procédure d’application de l’article 101 TFUE (voir, en ce sens, arrêt du 16 juillet 2015, ClientEarth/Commission, C‑612/13 P, EU:C:2015:486, point 77 ainsi que jurisprudence citée ; s’agissant des mémoires déposés devant les juridictions de l’Union, voir, en ce sens, arrêt du 18 juillet 2017, Commission/Breyer, C‑213/15 P, EU:C:2017:563, point 41 et jurisprudence citée ; s’agissant des documents échangés dans le cadre d’une procédure EU Pilot, voir arrêt du 11 mai 2017, Suède/Commission, C‑562/14 P, EU:C:2017:356, point 51). Dans chacun de ces cas, le refus d’accès en cause portait sur un ensemble de documents clairement circonscrits par leur appartenance commune à un dossier afférent à une procédure administrative ou juridictionnelle en cours (arrêt du 16 juillet 2015, ClientEarth/Commission, C‑612/13 P, EU:C:2015:486, point 78 ; voir, également, arrêt du 11 mai 2017, Suède/Commission, C‑562/14 P, EU:C:2017:356). »

[9] See notably “Beware of Courts Bearing Gifts: Transparency and the Court of Justice of the European Union

Marios Costa^* & Steve Peers^**

[10] For instance in case of Directives the obligations or the advantages for the national citizens arise mainly from the national measure transposing the Directive. Make transparent the informations exchanged during this phase is clearly more interesting for the Citizens than the access to the information in the “Brussels” phase. Under this perspective the national transposition phase is still an “european phase” and it would be bizarre that an EU institution hide these information. As far as the European Parliament is concerned this confidentiality during the transposition phase for codecision measure is contrary to common sens the EP being the co-author of the measures concerned.

Under this perspective the EP should had challenged this Commission practice since year as contrary to the principle of loyal cooperation.

[11]Case C-353/99 P, Council of the European Union v. Heidi Hautala, Judgment of the European Court of Justice of 6 December 2001

[12] Joined Cases C-39/05 P and C-52/05 P Sweden and Turco v Council 4

[13] See e.g. C-280/11 P Council v Access Info Europe

[14] Judgment of 4 September 2018, C‑57/16  ‘ClientEarth’ .

[15] See the EP Bureau Decision of 2010 listing the documents of legislative nature which should be proactively published and which does not foresee trilogues related documents.  https://www.europarl.europa.eu/RegData/PDF/rev_801268_1_EN.pdf

[16] Art.15,3par 5subparagraph TFEU : “The European Parliament and the Council shall ensure publication of the documents relating to the legislative procedures under the terms laid down by the regulations referred to in the second subparagraph”.

[17] Art 12. 2 Regulation 1049/01 “ In particular, legislative documents, that is to say, documents drawn up or received in the course of procedures for the adoption of acts which are legally binding in or for the Member States, should, subject to Articles 4 and 9, be made directly accessible.

by Constantin Hruschka (Fr 7 Feb 2020)

The discussion on human rights obligations and potential human rights violations has been part of the history of Frontex ever since the agency´s foundation in 2004. Yet, the focus of the human rights discourse on Frontex is on the protection against human rights violations ‘committed by Frontex’. Much less attention, though, is paid to the duty of Frontex to respect and protect human rights in its operations. The call for streamlining fundamental rights protection into all Frontex operations is, obviously, less likely to gain public attention than a law suit against an EU agency. Mindful of this important gap in the current human rights debate surrounding Frontex, this blogpost will look at both levels of human rights protection and suggest a way forward in light of the agency’s extended tasks and competencies.

I. The tension between human rights and efficient border controls

As its name suggests, the main aim of Frontex is to avoid irregular border crossings of the external borders. At the same time, the mandate of Frontex clearly states that ‘it is necessary to act in full respect of fundamental rights’ (Recital 1 of the 2019 Regulation). There is thus an obvious tension between a control logic and a human rights based approach to the European migration policy (see also Recital 1 of the 2011 Regulation). This tension became especially visible with regard to Frontex operations in the Mediterranean Sea. In 2008, the former Frontex director, Ilka Laitinen, stated that Operation Nautilus had failed, because it actually facilitated irregular entries of persons rescued at sea. By its mere presence (and adherence to human rights standards) Frontex was portrayed as a smuggler agency by its own director. Nevertheless, Laitinen admitted in 2013 that Frontex had been involved in push backs at the external borders. Against this backdrop, fundamental rights protection became a topical issue regarding the work of Frontex as a whole.

II. Embedded of fundamental rights protection?

II. 1. Enhanced fundamental rights protection over time

Looking at the question both from a temporal and a numerical point of view, the protection of fundamental rights plays an increasing role in the legal basis for the work of Frontex. In 2004, only Recital 22 of Regulation No. 2007/2004 referred to fundamental rights protection in an affirmative way when stating the (politically) necessary, namely that ‘[t]his Regulation respects the fundamental rights and observes the principles recognized by Article 6(2) of the Treaty on European Union and reflected in the Charter of Fundamental Rights of the European Union.’ In contrast, the 2011 amendment called in its Recital 1 more generally for the ‘development of a forward-looking and comprehensive European migration policy based on human rights’ and made reference to ‘fundamental rights’ over 30 times. More substantially, the 2011 overhaul introduced the obligation of Frontex to develop a Fundamental Rights Strategy and a Code of Conduct as well as to install a Fundamental Rights Officer and a respective Consultative Forum. Moreover, the 2011 mandate revision foresaw a possibility to cooperate with the Fundamental Rights Agency (FRA) and ordered that the first evaluation report on the new Regulation includes ‘a specific analysis on the way the Charter of Fundamental Rights was complied with in the application of this Regulation.’ Following the trend, in the 2016 Regulation the term ‘fundamental rights’ is used over 100 times and in the Regulation (EU) 2019/1896 the term features over 230 times. This development shows increased attention for the protection of fundamental rights but also hints to the fact that this protection remains an unsolved issue within the work of Frontex.

II. 2. Challenging role and the need for control

The importance and relevance of human rights for Frontex’s mandate was highlighted by the CJEU in a judgment of 5 September 2012. The Court annulled Decision 2010/252/EU, which concerned the introduction of additional rules governing border surveillance at the external maritime borders, because it was not taken in accordance with the ordinary legislative procedure. The rules regarding the way Frontex may exercise its powers in such operations were, according to the CJEU, inappropriately labeled as an additional implementing measure under Article 12(5) of the 2006 Schengen Borders Code. Consequently, the CJEU pointed out (in para. 77) ‘that provisions on conferring powers of public authority on border guards […] mean that the fundamental rights of the persons concerned may be interfered with to such an extent that the involvement of the European Union legislature is required.’

In 2019, reports by the Fundamental Rights Officer (March 2019) and the Consultative Forum (March 2019) still suggest that the mechanisms aiming at safeguarding human rights, including the complaint mechanism as well as the incorporation of a fundamental rights component in the training modules, have not been sufficiently effective to guarantee the respect for fundamental rights in all Frontex operations. The same seems to be less the case for return operations, most probably because of the existing system of forced-return monitors, the specific Code of Conduct for Return Operations, and the implementation of forced return monitoring projects carried out in cooperation with other actors.

In light of the persisting human rights protection deficiencies, the European legislator saw the need to stress underlying legal obligations that are rooted inter aliain Public International Law and EU law including but not limited to the Charter of Fundamental Rights. Consequently, recital 24 of the 2019 Regulation states that ‘[t]he extended tasks and competence of the Agency should be balanced with strengthened fundamental rights safeguards and increased accountability and liability, in particular in terms of the exercise of executive powers by the statutory staff’.

But even if the need for human rights protection is being widely accepted, including by the Frontex Regulation itself, an apparent implementation gap persists, and, what is more, legal remedies often lack effectiveness and efficiency. The complaint mechanism (now Article 111 of the 2019 Regulation) is institutionally weak and seldom used as it does not constitute an independent and effective legal remedy. What is more, the unsettled question of competency and effective control makes it difficult to assess against whom and in which forum to seek redress in the context of operations conducted by Frontex and Member States. The attribution and redress issue might become even more complicated if Frontex cooperates more extensively and out of its own competency with third countries. In order to avoid confusion and ineffectiveness of legal remedies, it would be necessary to establish a clear legal remedy scheme for all types of operations in which Frontex is involved. Lehnert has convincingly argued for a choice of the persons concerned regarding the addressee of a potential lawsuit in order to facilitate the effectiveness of legal remedies ‘against Frontex’, at least as long as the EU has not joined the ECHR.

II. 3. The relevance of human rights protection: returns and border controls

Fundamental rights protection is most acute in relation to returns and border controls. Concerning the first issue, namely returns, two levels are of particular importance: individual protection and independent monitoring. Regarding the former, the protection against refoulement (Article 19 CFR) and the protection of human dignity (Article 1 CFR) form the non-negotiable basis of fundamental rights protection. Yet, other consideration may equally play an important role, including vulnerabilities, the right to family union, or the best interests of children (as stated in Article 5 of the Returns Directive). The issue of return monitoring features prominently in the 2016 and the 2019 Regulations. However, the independence of the return monitoring is at risk given its full incorporation into the legal framework of Frontex and the constitution of the pool of forced-return monitors (Article 51 of the 2019 Regulation). This monitoring task deriving from Article 8(6) of the Returns Directive would be better placed with the Fundamental Rights Agency (FRA) in order to ensure independent monitoring.

When it comes to the second issue, namely border controls, the controls themselves have of course to abide by fundamental rights standards. This includes the dissemination of information on protection procedures and potential immediate returns that might follow a non-application (see also ECHR, Hirsi). Moreover, the surveillance of sea borders may inevitably lead to search and rescue activities. In this context, the agency’s Integrated Border Management (IBM) gains increasing attention including regarding the cooperation with and work in third countries. From a human rights perspective, the extraterritorial dimension of IBM lacks clear and workable fundamental rights protection standards. As operations in or with third countries are often coupled with the fight against cross-border crimes (smuggling and trafficking of human beings feature prominently in this area), information is mostly not readily available. In a relatively deferential judgment, the CJEU has on 27 November 2019 declined access to such information for security reasons (Case T-31/18), which makes it even more complicated to assess and address fundamental rights concerns in these operations.

Moreover, the respect for and protection of fundamental rights should be included into Frontex’s work related to risk management, migration management at large, all training activities (not only in specialized courses), and data exchange. As a matter of fact, data protection considerations are heavily underdeveloped in Frontex operations.

III. What Frontex has to say about fundamental rights protection

The 2018 activity report of Frontex suggests that fundamental rights protection is key to the agency’s work: Fundamental rights play an important role in the agency’s training curriculum and are currently also one of the 14 strategic action areas of Frontex. Yet, the main reference to the protection of fundamental rights and sensitivity towards potential human rights violations is efficiency: Protecting fundamental rights is presented as a means to enhance efficiency in the fight against cross border crimes as it facilitates the detection and identification of victims of trafficking.

Another observation concerns the language used by Frontex in its reports. The aim of respecting fundamental rights is presented as a balancing act between efficiency and (full) human rights protection. For example, ‘vulnerabilities’ may concern both borders—a ‘vulnerability assessment’ of borders is mandatory according to Article 32 of the 2019 Regulation—and persons—inter alia with the aim of identifying vulnerable persons according to Article 3(1)(a) of the 2019 Regulation. On a more general note, the use of this language appears to provide borders with personality and they also seem to have some kind of ethical standing and a right to be free from the risk of being violated. Moreover, this personalization is embedded into a security rhetoric that suggests a permanent threat by ‘irregular migration and cross-border crimes’ at the external borders and is often used in order to justify the use of technology and force.

The only exception to this efficiency-based approach to human rights protection is the principle of non-refoulement. This principle is presented as a non-negotiable key component of all Frontex measures. In practice, this principle also plays a vital role in shaping Frontex operations. Its relevance is further supported by the fact that in 2018, all three admissible complaints under Article 72 of the 2016 Regulation had at least a non-refoulement component. Looking at the Frontex reports, the main issue brought up by the Consultative Forum seems to be also the main challenge for fundamental rights in the agencies’ daily work: Are fundamental rights (just) one strategic action area or is the protection of fundamental rights a cross-cutting issue that needs to be mainstreamed into all action areas?

IV. Operationalizing fundamental rights protection—the way forward

In order to operationalize the respect for and the protection of fundamental rights the Consultative Forum has put forward some institutional considerations: On the EU level, the Consultative Forum suggests to enhance the involvement of the intra-Frontex human rights protections institutions (like the Fundamental Rights Officer and the Consultative Forum) and the intensification of intra-EU-cooperation, which in turn includes an important role for Fundamental Rights Agency as the competent EU agency in this area. On the international level, enhanced cooperation with IOM and UNHCR is mentioned as an additional safety and potentially supervisory net with regard to the adherence to international human rights standards.

It is argued in this blogpost that this cooperation should be formalized by cooperation agreements with the external institutions, especially in light of the agency’s new remit and geographical scope. From a human rights protection perspective, the cooperation with third countries must be accompanied by a monitoring component as well as a mechanism safeguarding the access to remedies. In a similar vein, it is recommended that impact assessments on fundamental rights should be mandatory for each of these measures as well as for return operations and physical border controls. Yet, formalizing these cooperation schemes requires some profound changes to the way Frontex operates with regard to the independence of monitors, the access to operational data, and the transparency of the operations in general. For the time being, though, strong and functioning legal remedies are underrepresented in most of Frontex activities, as is a fundamental rights friendly mindset.

Therefore, as long as the protection of fundamental rights is seen as an obstacle on the way to efficient and speedy procedures, persons subject to the effective control by Frontex are left with no other choice but to rely on national as well as European courts to bring claims. In the long run, the protection of fundamental rights can only be effectively guaranteed through appropriate procedures if the perceived contradiction of effective border management and rights protection is dissolved and replaced by a different mindset that is less fixated on controls and sanctions.

To conclude, operational practice has significantly enhanced the role of human rights in Frontex operations. While the 2019 Regulation reinforces this development on the regulatory level, the current human rights protection framework remains incomplete, in particular in light of weak or lacking complaint mechanisms. It is difficult to foresee whether the increase of human rights obligations for Frontex keeps up with the agency’s ever stronger institutional independence. Currently, the fundamental rights protection framework seems to lack the necessary mechanism for enforcement on different levels, in particular monitoring. As monitoring is a key component to supervise and implement human rights protection, it needs to be coupled with an effective and efficient complaint mechanism which is currently not the case: Human rights standards as well as ‘ethical standards’ for Frontex operations are (partly) blurred, and enforceable legal protection is lacking not least because the complaint mechanism of the Frontex Regulation that should provide for enhanced protection of fundamental rights is difficult to access and not fully independent as it is administered by the Frontex Fundamental Rights Officer.

Additionally, and even more importantly, a human rights culture needs to be fully established as outlined in the introduction to Frontex 2019 – in brief: ‘We also aim for Frontex to comply with the best EU standards for sound administrative and financial management and EU legal and ethical standards, which include fundamental rights.’ While strengthening the complaint mechanism to further the role of human rights may serve as a crutch for the distressed protection of fundamental rights, it will never be more than a lame duck if this protection is not fully embedded in the agency’s working culture. So although structural changes remain key to the (future) protection of fundamental rights, a mentality shift within Frontex will make all the difference.

by Catharina Ziebritzki Mi 5 Feb 2020

‘The EU hotspot approach as implemented in Greece is the single most worrying fundamental rights issue that we are confronting anywhere in the European Union’. This quote by the head of the EU Agency for Fundamental Rights (FRA) might sound drastic. Yet, it is not far-fetched. EU bodies, national institutions, international organisations including the Council of Europe, and NGOs, have, during the past four years, continuously documented that the asylum processing centres at the EU external borders lead to fundamental rights violations on a daily basis. The EU hotspot administration indeed jeopardises the respect for fundamental rights and the rule of law as enshrined in Article 2 TEU.

Usually, when something is going wrong, a first step towards improvement is to ask: who is responsible? And yet, with regard to EU hotspots, this question is still subject to debate. Responsibilities are effectively blurred by the sheer number of actors operating in those centres combined with a lack of legal clarity. On the political level, this leads to responsibility-shifting between the European Commission, Greece and local municipalities. On the legal level, so far, only Greece as the host Member State is considered responsible, namely under the ECHR. The considerable involvement of the Commission and EU agencies—in particular Frontex and the European Asylum Support Office (EASO)— however suggests to look to EU law and to examine whether and to what extent the European Union is legally responsible.

It is argued here that EU public liability law—more specifically: an action for damages against the Union or its agencies Frontex and EASO—has a particular potential in this context. First, it would help secure the right to an effective remedy to concerned individuals. Second, it would thereby serve to address systemic deficiencies in the EU hotspot administration. Third, it could ultimately provide an answer to the crucial question of whether the Union is responsible for fundamental rights violations in EU hotspots.

1 – The violation of fundamental rights in EU hotspots—systemic deficiencies

In 2015, the Commission put forward the EU hotspot approach as part of the European Agenda on Migration. While the approach is implemented both in Italy and Greece, this contribution focuses on the latter. Each of the five EU hotspots in Greece, located on Aegean islands, consist of a refugee camp, an administrative complex, and, in some cases, a pre-removal detention facility. In March 2016, with the implementation of the EU-Turkey Statement, the EU hotspots were transformed into return centres meaning that the asylum procedure and the reception conditions were adapted to the aim of return. Currently, about 41,000 persons are staying in those camps.

The approach of ‘processing asylum claims at borders, particularly when these centres are located in relatively remote locations, creates fundamental rights challenges that appear almost unsurmountable’. This assessment by FRA seems plausible given the empirical evidence provided by the already four-years long ‘hotspot experiment’. More specifically, FRA finds fundamental rights risks with regard to, inter alia, Articles 1, 4, 5(3), 6, 7, 18 and 19, 20 and 21, 24, 25 and 26, 41 and 47 of the EU Charter on Fundamental Rights (ChFR). Two aspects deserve particular attention.

First, the reception conditions are far from complying with any standard of EU secondary law and wholly inadequate for human beings: Shelter is insufficient (if there is any), there exists exposure to extreme weather conditions, a high risk of sexual, gender-based and other forms of violence, a lack of medical services despite widespread physical and severe psychological health issues, insufficient and inadequate sanitary facilities, and a lack of access to education or social services. Taken as a whole, the reception conditions arguably amount to a violation of Article 4 ChFR prohibiting inhuman or degrading treatment, at least insofar as vulnerable persons are concerned. This follows from the standards established by the CJEU from N.S. to Jawo, taking into account the case law of the ECtHR from M.S.S. to Tarakhel. Concerning EU hotspots specifically, the ECtHR seems to slowly change its jurisprudence: In contrast to earlier decisions concerning the situation in March 2016, a violation of Article 3 ECHR was found in more recent interim measures concerning vulnerable persons. Even if one assumes that a violation of Article 4 ChFR can be found only for vulnerable persons, this still affects a considerable number of people.

Second, a deportation to Turkey, at least in the vast majority of cases, would be in breach of the Asylum Procedures Directive, since Turkey cannot be considered as safe third country or first country of asylum. This is, despite the differing decision of the Greek Council of State, in line with the view of the Greek administration (and the Administrative Court of Munich). Considering the situation in Turkey, it seems that, at least for the vast majority of persons, the deportation would amount to a violation of the non-refoulement principle as enshrined in Articles 4, 18, 19(2) ChFR. This follows from the minimum standards established by the ECtHR in Ilias and Ahmad with regard to Article 3 ECHR. (The CJEU has not yet established the constitutional standards following from Articles 4, 18, 19(2) ChFR: The decision in Alheto concerns a specific case, and the decision in LH  remains to be awaited). With regard to the situation in Turkey specifically, an individual complaint before the ECtHR is pending.

Those two aspects speak in favour of describing the implementation of the EU hotspot as systemically deficient. Both a breach of Article 4 ChFR as well as breach of the non-refoulement principle as enshrined in Article 4, 18, 19(2) ChFR meet the threshold of being relevant for Article 2 TEU. Further, both breaches are systemic in the sense of widespread or inherent to the situation: An arguable limitation to the sub-group of vulnerable persons does not hinder the qualification as systemic. Due to the design of EU hotspots as return centres, the question whether deportations to Turkey violate the non-refoulement principle is, despite the relatively low numbers of returns, of structural relevance.

2 – The considerable involvement of the Union in the EU hotspot administration

Against this background, it is worthwhile to have a closer look at the involvement of the Union in the EU hotspot administration. From the perspective of EU administrative law, the distinctive characteristic of EU hotspots, in comparison to other asylum processing centres at EU external borders, is the close administrative cooperation between Union bodies and national authorities. This becomes clear already from Article 2(23) Frontex Regulation defining a ‘hotspot area’ as an area ‘in which the host Member State, the Commission, relevant Union agencies and participating Member States cooperate, with the aim of managing an existing or potential disproportionate migratory challenge characterised by a significant increase in the number of migrants arriving at the external borders’.

The EU hotspot administration can hence be described as the paradigm example for advanced vertical administrative cooperation within the integrated European asylum administration. This means that several EU agencies—such as Frontex, EASO, Europol, and Eurojust—cooperate with several national authorities—such as asylum service, reception service, police, and army. In practice, international organisations such as UNHCR and IOM, several NGOs, and a private security company operate in those centres in addition.

The operational level—the role of Frontex and EASO

On the operational level, migration management support teams (MMST) deployed by the EU agencies support the Greek authorities. The distinctive feature of the MMST lies, inter alia, in the close inter-agency cooperation. While Frontex supports in particular by registering applicants and escorting deportations to Turkey, EASO supports notably by conducting asylum interviews and drafting legal opinions recommending the acceptance or rejection of the concerned individual’s claim for international protection.

With a view to EU public liability law, it should be kept in mind that the responsibility to issue administrative decisions lies with the host Member State. The role of Frontex and EASO is to provide non-formally binding administrative support. However, the line between formally-binding and non-formally binding is not that easy to draw: Non-formally binding administrative conduct can have de facto binding effects on national authorities, as illustrated by EASO’s involvement in the assessment of asylum claims. And non-formally binding administrative conduct can have quite significant effects on individuals, in particular since the reformed Frontex Regulation does not exclude the use of force by Frontex MMST staff.

The coordination and monitoring level—the role of the Commission and the EURTF

On the coordination and monitoring level, responsibility lies with the European Commission, who is supported by Frontex, EASO, and the other relevant EU agencies in this respect. Article 40(3) Frontex Regulation provides that the ‘Commission, in cooperation with the host Member State and the relevant Union bodies, offices and agencies (…) shall be responsible for the coordination of the activities of the migration management support teams.’ The Commission performs this task within the framework of the EU Regional Task Force (EURTF). The EURTF is a coordination structure which has been established without a clear legal basis and operates under non-public ‘terms of cooperation’ and ‘rules of procedure’.

With a view to EU public liability law, it should be noted that the Commission’s mandate includes the supervisory obligation to ensure that the EU hotspot approach is implemented in line with EU law. This becomes clear already from Article 40(3) Frontex Regulation, read in light of its Article 1 and recitals. Further, and more importantly, this follows from Article 17(1) TEU, as interpreted by the CJEU in Ledra, as well as from Article 51 ChFR.

3 – The Potential of EU Public Liability Law—enforcing EU law from below

The Commission, Frontex, and EASO are hence closely involved in the EU hotspot administration which is systemically deficient, and leads to fundamental rights violations in individual cases. This gives rise to the crucial question: Can the Union be held responsible? A legal regime which could provide an answer to this question would ideally grant the right to an effective remedy to the concerned individual and enforce the rule of EU law more generally, while at the same time allowing for the attribution of responsibility among the involved actors.

It is argued here that EU public liability law has a particular potential in this context due to its subjective and objective legal protection function combined with its attribution function. More specifically, the particular potential lies in the action for damages against the Union or its agencies—as codified in Article 340(2) TFEU respectively Article 97(4), 98 Frontex Regulation, and Article 45(3) EASO Regulation. In the latter case, the agency would be liable under its founding Regulation in a first degree, and the Union, since it cannot exclude its liability under Article 340(2) TFEU by adopting secondary law, in a second degree.

To begin with, it seems that, among the approaches addressing systemic deficiencies by enforcing EU law, one can distinguish between top-down procedures, initiated by the Commission as guardian of the treaties, and bottom-up procedures, initiated by individuals. Both the preliminary reference procedure, as the standard mechanism in the internal market, as well as procedures in which individuals claim their rights directly before the CJEU, as standard mechanism in competition or state aid law, form part of the latter.

In the case of EU hotspots, any procedure depending on the Commission’s initiative seems unsuitable to enforce EU law due to the Commission’s involvement in the EU hotspot administration. The preliminary reference procedure is moreover of little use already because an action for damages against the Union cannot be brought before national courts. What remains are the procedures granting the individual direct access to the CJEU.

The action for damages is the most suitable procedure in this context. Notably, it could grant the right to an effective remedy, enshrined in Article 47 ChFR, in a particularly challenging context. The increasingly integrated European administration more generally raises challenges as to how to guarantee the right to an effective remedy. In the case of EU hotspots, the challenge arises, inter alia, because the relevant administrative conduct is of non-formally binding nature and consists in omissions to comply with supervisory obligations. While the action for annulment does not provide a remedy in those cases, the action for damages does. This is indeed the reason why the action of damages has become the main action ensuring the right to an effective remedy—as examined in particular by Timo Rademacher, and as analysed with regard to Frontex in particular by Melanie Fink. Finally, EU public liability law has an attribution function: an action for damages against the Union would not exclude liability of the host Member State or the other Member States under the case law following Francovich. Quite to the contrary, EU public liability law allows to assess each contribution, and the Union and the Member States can be held jointly liable.

Against this background, one might wonder: If the situation in the EU hotspots is really so bad, and if EU public liability law really has such potential, why did nobody file an action for damages against the Union yet? To be sure, the CJEU’s dismissal of the action for annulment against the EU-Turkey Statement, which was in essence directed against the implementation of the return policy in the EU Hotspots, does not preclude an action for damages against the Union based on the systemically deficient EU hotspot administration: The CJEU’s finding, namely that the Union did not conclude the EU Turkey Statement, is not relevant to the question of whether the Union is liable due to its administrative involvement in the EU hotspot administration. Rather, practical obstacles such as insufficient capacity of legal aid may provide the reasons: The few lawyers working under extreme pressure in the EU hotspots might come to the conclusion that it is simply not feasible to invest a considerable amount of time and resources in a procedure with uncertain outcome.

4 – The critical question of who is responsible—holding the Union liable?

Now, assumed that a person succeeded in filing an action against the Union before the CJEU, and that he or she claimed damages invoking the dire living conditions in the EU hotspot or his or her deportation to Turkey: Would the Union indeed be held liable?

Finding an answer to this question requires a close analysis of the extensive case law on EU public liability law. According to the CJEU’s jurisprudence, non-contractual liability under Article 340(2) TFEU arises if unlawful conduct of a Union body, qualifying as a sufficiently serious breach of a rule conferring rights on individuals, has caused a damage. Liability under Articles 97(4), 98 Frontex Regulation and respectively Article 45(3) EASO Regulation arises under the same conditions. Given the scope of this post, the argument here is limited to considering on the basis of which administrative conduct liability might arise, and shortly outlining two crucial legal issues.

Frontex could incur liability based on its registration of applicants in the EU hotspots and based on its escorting of deportations to Turkey. The former contributes, at least insofar as vulnerable persons are concerned, to keeping applicants in conditions incompatible with Article 4 ChFR, and the latter, at least in most cases, to a violation of the non-refoulement principle as enshrined in Articles 4, 18, 19(2) ChFR. Both could be in breach of Frontex’s obligation to respect fundamental rights under Articles 1, 36(2), 44(3), 48 Frontex Regulation, Article 51 ChFR. Further, the conclusion of the relevant Operating Plan, or the omission to withdraw from the administrative cooperation despite knowledge about systemic fundamental rights violations could be in breach of Articles 1, 36(2), 46(4) Frontex Regulation, Article 51 ChFR. (On supervisory obligations conferring rights upon individuals see the CJEU’s case law, notably Ledra.) In the same vein, EASO could incur liability based on its conducting of asylum interviews, drafting legal opinions, and adopting the relevant Operating Plan and the Standard Operating Procedures, which could be in breach of EASO’s obligations to respect fundamental rights. Finally, the Commission could incur liability based on its failure to adequately exercise its supervisory obligations. The failure to ensure the implementation of the EU hotspot approach in compliance with EU law could amount to a breach of Article 40(3) Frontex Regulation, Article 17(1) TEU, Article 51 ChFR. (On administrative omission see the CJEU’s case law, Kampffmeyer, and more recently Ledra, which confirms that the Commission’s omission to effectively ensure that Member States act in compliance with EU law may incur liability.)

To be sure, several legal issues would need to be resolved. Notably, the question arises to which entity administrative conduct of staff seconded to the EU agencies must be attributed. To give an example, the question is whether the conduct of a German officer seconded to Frontex and deployed to Greece as part of an MMST is to be considered as an act of Germany, of Greece, or of Frontex. Existing doctrinal analysis mainly suggests attribution to the host Member State due to the internal decision-making structure. However, one could also argue that the external appearance of the conduct towards a reasonable addressee must be taken into account in addition—which means that the appearance of the seconded staff’s conduct as conduct of the agency speaks in favour of attribution to the latter. The CJEU’s decision in A.G.M.-COS.MET as well as the right to a remedy, which cannot be effectively exercised if the individual is required to analyse the agency’s internal decision-making structure in order to know against whom to file an action, suggest such a reading.

Another legal issue arises in the context of causation, namely: whether non-formally binding administrative conduct may incur liability. The question is whether the ‘sufficiently direct link’ required for causation is ‘broken’ by the administrative decision of the host Member State. In contrast to its earlier jurisprudence, the CJEU in KYDEP and similar cases acknowledged that even a telefax by the Commission may, in principle, incur liability of the Union. It remains to be discussed whether later case law again overturned the KYDEP doctrine. Another approach, proposed by Melanie Fink, is to transfer the differentiation between primary and attributed responsibility, based on the Draft Articles on State Responsibility, into EU public liability law. A further discussion of those issues would go far beyond the scope of this contribution.

Whether the Union actually is liable for fundamental rights violations in EU hotspots hence remains to be answered. In other words, the potential of EU public liability law in the context of EU hotspots remains to be unfolded. And this, to begin with, requires a closer doctrinal analysis of the CJEU’s case law.

5 – EU public liability law as a limit to externalisation policies

Current EU migration and asylum policy relies, not fully, but to an important extent, on externalising the challenge of dealing with enhanced forced migration towards Europe. The challenge is often either put on third countries, or, where this is not possible, on Member States located at the EU external border. This approach leads to large scale fundamental rights violations—despite the difficulties of ECHR and EU law to address situations characterised by extraterritorialisation and outsourcing.

EU hotspots can be described as a paradigm example in this regard. As externalisation has an ‘out of sight, out of mind’ effect, it seems possible to forget about daily fundamental rights violations at the EU’s external borders. EU constitutional law however calls into question whether mere externalisation to Member States located at the EU external border is really sufficient to wash the Union’s and the other Member States’ hands of responsibility. This would indeed be quite strange, not only in light of the noble values enshrined in Article 2 TEU, but also given that the European Asylum System is conceived as a Common one.

3 FEBRUARY 2020/ BY CHLOÉ BRIÈRE

On January 31^st, 2020, the United Kingdom withdrew from the European Union, and their mutual relationship entered in a phase of transition. After 47 years of membership, the withdrawal led to a series of changes in various policy areas, in which the UK, as an EU Member State, cooperated with its counterparts. This notably concerns police and judicial cooperation in criminal matters, and the consequences of Brexit in this particular field will be our focus.

Police and judicial cooperation in criminal matters is not necessarily the most discussed areas of mutual cooperation between EU Member States. Yet the instruments elaborated in this field are often relied upon in the background of highly visible cases, among which the emission of European arrest warrants (EAWs) against Catalan politicians, like Carlos Puigdemont, or the creation of a joint investigation team between France and Belgium after the Paris attacks in November 2015. These instruments are also frequently relied upon by British authorities, such as in the course of the investigations that were launched after the macabre discovery of 39 bodies in the “Essex Lorry”. The investigators retraced its movement from Bulgaria to the UK, through Belgium, notably with the assistance of one of the EU specialized agencies, Europol, and EAWs were issued against a person residing in Ireland suspected to have been involved in the criminal operation.

The UK’s withdrawal from the EU will have an impact on its participation in such cooperation. To understand the consequences of Brexit in this field, the present contribution will retrace the role of the UK in the development of the EU area of criminal justice (1). It will then discuss the regime applicable during the transition period, and pinpoint some of the identifiable shortcomings (2). It will finally address the possible future modalities of cooperation between the UK and the EU (3).

1. The role of the United Kingdom in the development of the EU area of criminal justice

The role of the United Kingdom in this field is inextricably linked to its attitude towards an increased cooperation between EU Member States in criminal justice, a field very close to the powers of the State to ensure and preserve national security, and thus also very close to the States’ sovereignty. The UK’s attitude in this regard would be best summarized as “it’s complicated”.

At first, the United Kingdom may have appeared as a state with a certain reluctance to develop EU instruments supporting cooperation in criminal matters. With the entry into force of the Lisbon Treaty the country extended the specific opt-out regime that applied previously to measures regarding visa, asylum and immigration. By virtue of this opt-out, provided for in Protocol No 21, the UK, together with Ireland, was not bound by measures adopted in the framework of the Area of Freedom, Security and Justice, nor by international agreements concluded in this field, or by judgments of the Court of justice of the EU. This opt-out regime was accompanied with a discretionary opt-in, which offered to the country the possibility to participate in new EU instruments whenever this was considered relevant. The UK exercised that possibility regularly, either from the moment an instrument was proposed, like for the Directive on the European Investigation Order (EIO), or after its adoption, like for the Europol Regulation.

In addition of this opt-out / opt-in regime, the UK also obtained a specific transitional regime concerning the 130 EU criminal justice instruments adopted before the entry into force of the Lisbon Treaty. Among these, were included for instance the Council Framework Decision of 13 June 2002 on the European arrest warrant and the surrender procedures between Member States (2002/584/JHA), or Framework Decisions on the Transfer of Prisoners (2008/909/JHA) or on the recognition of probation measures and alternative sanctions (2008/9457/JHA). The Lisbon Treaty foresaw a specific legal regime for these instruments (Protocol No 36, Article 10), which remain in force and are for some still applicable today. From 2009 to 2014, their previous regime would continue to apply (optional jurisdiction of the CJEU and no infringement proceedings) and since December 2014, these instruments would be subject to the ordinary EU law regime (full jurisdictions of the CJEU and infringement proceedings). The United Kingdom was the only Member State that was recognized the possibility to withdraw from these instruments before the end of the transitional period, and the possibility to notify its intention to participate again in these instruments. In application of this Protocol, in 2014, a first cliff-edge scenario took place, as the UK withdrew from all these 130 instruments, and only chose to “opt-back-in” in 35 of them.

This specific regimes allowed for the UK’s participation “à la carte” in the EU area of criminal justice, and this was particularly noticeable when comparing the UK’s participation in instruments favouring a more effective cooperation, like the EIO Directive, and the UK’s non-participation in other key instruments, such as the Directive on the right of access to a lawyer.

Yet, the United Kingdom has also been a driving force in the establishment of the EU area of criminal justice. The principle of mutual recognition was first put forward by Home Secretary Jack Straw at the Cardiff European Council in 1998, and later proclaimed in the Tampere European Council conclusions of 1999. This principle is since then considered as the cornerstone for judicial cooperation in criminal matters, and it constitutes the basis of many instruments of judicial cooperation. The UK has also strongly supported and used very frequently certain EU criminal law instruments, such as the EAW. As an illustration, according to the National Crime Agency, from 2004 to 2016, the the UK surrendered almost 10,000 individuals to other EU Member States and more than 1,400 requested people were returned to the UK. Furthermore, the United Kingdom has had a significant weight in the development of Europol and Eurojust, the two European agencies, competent to support and assist cross-border cooperation between police and judicial authorities. The United Kingdom is for instance known as the second largest contributor to Europol information systems, and British nationals have exercised strategic positions in these agencies. Two out of the five presidents of Eurojust were British, and Sir Rob Wainwright has been the director of Europol from 2009 to 2018.

The United Kingdom has thus played a contrasted but essential role in the development of the EU area of criminal justice. The specific regimes it obtained did not prevent it from becoming a key partner, with whom EU Member States developed a strong and well-established cooperation in criminal matters.

2. The regime applicable during the transition period

With the UK’s withdrawal from the EU, the modalities of its cooperation with other EU Member States in criminal matters are bound to change. In this section, we will focus on the Withdrawal Agreement, which defines the legal regime governing police and judicial cooperation in criminal matters during the transition period. The relevant provisions were marginally modified during the negotiations which led to the conclusion of a revised withdrawal agreement on October 17^th, 2019.

The agreement foresees various scenarios regarding the UK’s participation in the EU area of criminal justice. In sum, the Withdrawal Agreement allows for the preservation of most of the modalities of cooperation in criminal matters between the EU and the UK for the duration of the transition period.

The general provisions have an impact on the UK’s participation in the work of the two EU criminal justice agencies. As from February 1^st, as EU law remains applicable until the end of the transition period, the UK remains an active participant to the activities of Europol and Eurojust, but it does no longer participate in their management bodies (Art. 7). The UK also retains until the end of the transition period its access to the databases, networks and databases managed by Europol and Eurojust (Art. 8). In other areas of criminal justice cooperation, the UK’s withdrawal has a limited  impact, provided that the requests for cooperation are made before the end of the transition period. This is for instance the case regarding ongoing judicial cooperation proceedings. According to Article 63 of the Withdrawal Agreement, only a series of instruments of judicial cooperation, 12 in total, continue to apply. As the UK had previously tailored its participation in pre- and post-Lisbon EU criminal law instruments, these 12 instruments represent the main ones for judicial cooperation in criminal matters. Are for instance included the Framework Decision on the EAW, or the EIO Directive. The same can be said regarding instruments on law enforcement cooperation and exchange of information, as the main ones will remain applicable (Art. 63). The UK authorities also retain the possibility to continue their participation in joint investigation teams, and to share and request information from Eurojust. The main change concerns the participation in new EU criminal law measures, in respect of which two options apply. For proposals amending, replacing or building upon measures in which the UK previously opted in, the UK has the possibility to opt in. However, for new proposals, the UK does not have the right to opt in, and it may only be invited to cooperate with the EU Member States under the modalities foreseen for third countries.

However, already in this legal regime, doubts arise, especially regarding the continuous execution of EAWs issued by the United Kingdom. Prior to the UK’s withdrawal from the EU, a person subjected to an EAW issued by UK authorities attempted to use a “Brexit argument” to prevent his surrender to the UK. He argued that the uncertainty of the law applicable in the UK after its withdrawal from the EU could not guarantee that he continues to benefit from the right he enjoys under EU law. The CJEU had the opportunity in the case RO (C-327/18 PPU, 18 September 2018) to dismiss this argument. The Court considered that there was a presumption that the UK will apply the substantive content of the rights derived from the EAW Framework Decision, relying notably on the incorporation into British national law of provisions of the European Convention on Human Rights and the European Convention on Extradition (para. 61). The Court nevertheless indicated the possibility to refuse to execute an EAW only if there is concrete evidence to the contrary (ibid.), in line with its case law since its judgment in the case Aranyosi and Căldăraru (Joined Cases C‑404/15 and C‑659/15 PPU, 5 April 2016),regarding the risk of fundamental rights’ violations in the execution of EAWs. This judgment is to keep in mind when considering the execution of EAWs during the transition period, which would continue, unless a real and individual risk of violation can be demonstrated.

Furthermore, some Member States decided to make use of the possibility provided for in Article 185 of the Withdrawal Agreement. This provision allows Member States, due to reasons related to fundamental principles of their national law, to declare that, during the transition period, their national executing judicial authorities may refuse to surrender its nationals to the United Kingdom pursuant to an EAW. This refers to the constitutional limits regarding the extradition to nationals outside the EU, which is for instance foreseen in Germany, where the Constitution limits the extradition of nationals to situations in which the request comes from an EU Member State and/or an international court. Only three Member States, namely Germany, Austria and Slovenia, made such notification by January 28^th, and the United Kingdom has now one month to notify whether its executing judicial authorities may refuse to surrender its nationals to those Members States. The practical impact of such notifications may be limited, considering that Germany, Austria and Slovenia are not, according to the National Crime Agency’s statistics, the EU Member States sending the highest numbers of EAWs to the UK. These notifications are nonetheless particularly symbolic, and mark as of February 1^st, a decrease in the intensity of cooperation in criminal matters between the UK and the EU.

3. Possible future modalities of cooperation between the UK and the EU

As in many other policy areas, the discussions regarding the future relationship between the UK and the EU will be crucial in the coming months, and this is also true for their cooperation in criminal matters.

Both parties share a mutual interest in maintaining a close cooperation. This was already mentioned in the negotiating guidelines adopted by the European Council in March 2018, and it was taken on in the revised Political Declaration of  October 17^th, 2019. The future ambitious, broad, deep and flexible partnership between the EU and the UK “will provide for comprehensive, close, balanced and reciprocal law enforcement and judicial cooperation in criminal matters” (para. 80). The latter should notably be “underpinned by long-standing commitments to the fundamental rights of individuals, including continued adherence and giving effect to the ECHR, and adequate protection of personal data, (…) and to the transnational ne bis in idem principle and procedural rights” (para. 81). However, these elements of the Political Declaration remain vague and their concrete substance is left to the negotiations between the UK and the EU. As of February 1^st, a lot of uncertainty remains. The European Commission has still to present its recommendation for a negotiating mandate, which shall be released on Monday 3^rd February, and adopted on February 25^th, 2020.  The British Prime Minister Boris Johnson is also expected to make on February 3^rd, a speech setting out his red lines on the future EU-UK relationship. This would outline the positions of the two parties before the first round of negotiations scheduled for early March. These events would allow us to know more about the envisaged future relationship between the UK and the EU, including regarding their cooperation in criminal matters.

In that field, the main point of discussion would most probably be whether the UK should be treated like other third countries which are not part of the Schengen area and do not apply free movement of persons; or whether it should, as a former EU Member State and a privileged partner, benefit from specific arrangements. From the perspective of the European Commission (and as further supported by the slides released in January 2020), existing forms of cooperation in criminal matters with Denmark and third countries participating to the Schengen area constitute the basis (and the potential limit) for developing the future cooperation between the UK and the EU. As an example, regarding the access to Europol’s databases after the end of the transition period, the cooperation agreement signed between Denmark and the agency has been referred to as a form of cooperation that the future EU-UK cooperation would not be able to provide for. Under this text, Denmark benefits from the most advanced cooperation agreement, but under a regime which is not equivalent to that of a Member State. The country has an observer status, which is subject to a series of conditions, including the jurisdiction of the CJEU. Danish authorities have no direct access to Europol databases and liaison officers only have indirect access to the data. A future cooperation agreement between the UK and Europol will most likely contain lesser forms of cooperation (e.g. access to Secure Information Exchange Network Application (SIENA, a secure platform for the exchange of sensitive and restricted data), but not to the databases managed by Europol, etc.).

More generally, the possibility remains that by the end of the transition period, and without an extension, an agreement with detailed provisions on cooperation in criminal matters may not yet be finalised or ratified. It is important to stress that even in the absence of agreement, the cooperation in criminal matters between the EU and the UK would not be interrupted overnight. Rather, such cooperation would be conducted on alternative basis, such as regional instruments elaborated within the Council of Europe. This was notably foreseen in case of a no-deal Brexit, in preparation of which transitional arrangements were elaborated for existing EAWs, in order to ensure continuity in proceedings for cases where an arrest has been made prior to exit day. It was also provided that EAWs issued by EU Member States would be treated as requests for extradition under the 1957 European Convention on Extradition, which may have potentially resulted in longer procedures, but not necessarily in refusals to extradite the person requested.

To conclude, the future of cooperation in criminal matters between the UK and the EU will be as complex to build and analyze as their future cooperation in other policy areas. Common standards, notably on data protection and procedural safeguards for suspects and accused persons, will be an essential pre-requisite, and past experiences with third countries demonstrate their importance. The EU may keep as a reference point the modalities of cooperation elaborated with third countries, especially those which have accepted to participate in the Schengen area.  Flexibility and the possibility to design specific arrangements might then be limited.TOPICS:AFSJ / BREXIT