Data protection: the European Parliament still fighting on two fronts

by Luca Boniolo

Data protection remains a hot issue in parliamentary works…

On November 11th the European Parliament Civil Liberties, Justice and Home Affairs Committee (LIBE) held its 9th hearing on Electronic Mass Surveillance of EU Citizens in the framework of its enquiry on the so-called “PRISM” case.[1] In a rather exceptional move even a Member of the US Congress was among the speakers; Microsoft, Google and Facebook representatives were also heard by the Brussels lawmakers during the same hearing.

Exceptional presence: US Congressman Rep. Jim Sensenbrenner

Representative Jim Sensenbrenner, Chair of the US Congress Subcommittee on Crime, Terrorism, Homeland Security, and Investigations, member of the Republican Party and co-author of the Patriot Act, stated: “I hope that we have learned our lesson and that oversight will be a lot more vigorous”, adding that abuses by the NSA could had been carried out outside congressional authority.

In a previous statement Rep. Jim Sensenbrenner said that the intelligence community could had also misused its powers by collecting telephone records also on Americans citizens, and claimed the time has come “to put their metadata program out of business”  (section 215 of the Patriot Act). Consistently with this position he worked on a bipartisan bill, the “Uniting and Strengthening America by Fulfilling Rights and Ending Eavesdropping, Dragnet-Collection and Online Monitoring Act” (named for its acronym: the “USA Freedom Act”), which should constrain NSA abuses. However this bipartisan initiative is still far from making unanimity; the democratic Senator Dianne Feinstein, Chair of Selected Committee on Intelligence in the US Senate, for instance, tabled a bill, the “FISA Improvements Act of 2013”, which is attracting plenty of critics because it is considered as a way to enshrine the current NSA data collection activities into law by granting formal Congressional approval to these widespread surveillance programs. “The Feinstein bill puts what the NSA has been doing into law and says it’s Ok… To me, that’s scary”, stated Sensenbrenner and added: They’ve [senators] become cheerleaders for whatever the intelligence agencies want”.

Facebook, Google and Microsoft declared their innocence

Then executives from three of the world’s biggest IT firms – Facebook, Google and Microsoft – took centre stage at the hearing. The three companies, as well as Apple, AOL, PalTalk and Yahoo, have been accused by the press, on the basis of files leaked by whistleblower Edward Snowden,[2] to give direct access to personal data and/or to routinely hand over these data to the US’ National Security Agency (NSA). Even if this happens in compliance with US subpoenas ordered by the so-called Fisa (Foreign Intelligence Surveillance Act) Court, it has to be noted that the works and jurisprudence of this Court are not public and doubts can be raised on the efficiency of its oversight if, according to official figures, FISA Court approved 99.95% of warrants filed by security services between 2001 and 2012. Moreover, from other Snowden’s files it appears that NSA and GCHQ,[3] might have hacked Google servers and tapped undersea cables, (which carry 90% of internet and phone data between America and Europe).

Facebook Director Richard Allan and Microsoft VicePresident Ms Dorothee Belz, both in charge of of Europe, Middle East and Africa (EMEA) and Google Director Nicklas Lundblad, in charge of Public Policy and Government Relations, all denied in strong terms giving US intelligence services “unfettered” access to people’s private data. According to them only specific information on individual suspects have been subpoenaed by US intelligence and police services. Mr Allan noted that in the six months ending 31 December 2012, US agencies made between 11,000 and 12,000 queries, while EU countries made another 10.000, but they affected only “a tiny fraction of 1% of all Facebook accounts. The three representatives also denied having any knowledge of the PRISM programme: “We do not know PRISM, we do not take part in it, and we do not give the government access to our data”, reiterated Ms Belz. Nevertheless all the three declared that they would reveal more on the content and scope of US intelligence requests, but the FISA Court banned them from diffusing this kind of information. The speakers also appeared worried about the new European draft Regulation on Data Protection (Rapporteur Mr Jan ALBRECHT, DE, Greens) notably   on the limits surrounding international transfers of personal data, which could lead to real conflict of law and to legal insecurity that “we will not be able to resolve”.

The EP is pushing for the suspension of the transatlantic “SWIFT” agreement…

The LIBE Committee Inquiry has in the meantime on Electronic Mass Surveillance is a response to the US National Security Agency’s alleged tapping of EU citizens’ bank data as shared in the framework of the EU-USA transatlantic agreement on the Terrorist Finance Tracking Program (TFTP).[4] On the basis of the elements already emerged during the Committee inquiry, the European Parliament plenary has already voted on October 23rd a request of suspension of that agreement.[5]

To grant the protection of EU citizens’ privacy, MEPs believe that it has to be clarified whether NSA has had direct access to financial messaging data managed by Swift beyond the allowed cases, in other words if there has been a violation of the agreement. The non-binding resolution, tabled by the S&D, ALDE and Greens/EFA groups, was approved by 280 votes to 254, with 30 abstentions, only a slightly majority. These groups believe that is impossible to maintain the agreement as it stands, while EPP group proposed a resolution demanding clarifications too, but without mentioning the suspension of the agreement.

The European Parliament does not legally have the power to suspend an international agreement such as SWIFT and this action remains simple symbolic, committing the Council and Commission to nothing. However paragraph 11 of the Resolution states: «Considers that, although Parliament has no formal powers under Article 218 TFEU to initiate the suspension or termination of an international agreement, the Commission will have to act if Parliament withdraws its support for a particular agreement; points out that, when considering whether or not to give its consent to future international agreements [such as the much bigger EU-US free trade agreement currently under negotiations], Parliament will take account of the responses of the Commission and the Council in relation to this Agreement», followed by article 12: «Asks the Commission, in the light of the above, to suspend the Agreemen. Moreover EU Parliament asks the Council and the Member States to authorise an investigation by the Europol Cybercrime Centre into the allegations of unauthorised access to financial payment data governed by the Agreement.

…however the Commission is reluctant…

European Commissioner for Home Affairs Cecilia Malström stated already during a plenary in Strasbourg at the beginning of October, that in the framework of previous consultations the US side has provided detailed explanations and assurances: the agreement had not been violated. On Thursday 23 October the answer of the Commission was the same, i.e. negative; in a press release Commissioner Malström stated: “We will follow up our request for written assurance with the US without delay and keep the European Parliament fully informed. In the meantime, the provisions of the TFTP Agreement that clearly regulate the transfer of personal data, and that provide effective safeguards to protect the fundamental rights of Europeans, will remain in place”. The Commission appeared to be satisfied with the US assurances, deciding, for the time being, not to take in account the EP request. Considering that EP’s approval was necessary for the entry into force of the TFTP agreement, and that the Agreement do not require even a specific wrongdoing justifyng the suspension,  this position of the Brussels executive looks quite inappropriate.

In the meantime the EU Data Protection general reform.. Continue reading “Data protection: the European Parliament still fighting on two fronts”

Access to a Lawyer : a new EU-wide procedural right in criminal proceedings

by Gabriella Arcifa

With the publication (OJ L 294 on 6 November 8, 2013) of Directive 2013/48/EU of 22 October 2013another important achievement has been recently reached – not without controversy -along the road towards the implementation in the European Union of the principle of mutual recognition, in the field of procedural rights in criminal proceedings.

According to the European Commission there are over 8 million criminal proceedings in the European Union every year and even if the right of defense for anyone suspected of a crime is widely recognised as a basic element of a fair trial conditions under which suspects can consult a lawyer differ between Member States1.

The new Directive will guarantee these rights in practice, by:

· providing access to a lawyer from the first stage of police questioning and throughout criminal proceedings;

· allowing adequate, confidential meetings with the lawyer for the suspect to effectively exercise their defence rights;

· allowing the lawyer to play an active role during questioning;

· making sure that, where a suspect is arrested, somebody such as a family member is made aware of that arrest and that there is an opportunity for the suspect to communicate with their family;

· allowing suspects abroad to be in contact with their country’s consulate and receive visits;

· offering people subject to a European Arrest Warrant the possibility of legal advice in both the country where the arrest is carried out and the one where it was issued.

The general context of the new Directive

It is worth recalling that the right to a fair trial and defense are now set out in Articles 47 and 48 of the EU Charter of Fundamental Rights as well as in Article 6 of the European Convention on Human Rights (ECHR). The right to communicate with a third party is one of the important safeguards against ill treatment prohibited by Article 3 of the ECHR. However these principles are too generals to overcome the differences between the national legal systems notably when implementing an European Arrest Warrant.

The “Access to lawyer” Directive is the third step of a Roadmap2adopted by the Council of the European Union on 30th of November 2009 and mirrored in the Stockholm Programme3, by which the European Council immediately after the entry into force of the Lisbon Treaty and of the European Charter of Fundamental rights has defined the strategic legislative e operational objectives for the EU in the period 2010-2014.  Development of fundamental rights, as they are guaranteed by the Charter (articles 47-50) and by the European Convention on Human Rights (and the related case law), and – more in general – by the article 6 of the TEU is the keystone of the EU program.

Mutual recognition and harmonization of procedural rights

Indeed, the path towards harmonization of fundamental procedural rights has begun over 10 years ago, when in its Tampere Conclusions4, for the first time, the European Council endorsed the principle of mutual recognition, mentioned as “the cornerstone” of judicial co-operation2. Aware that mutual recognition could cause a lowering of the procedural safeguards of the individual the Heads of State and Government asked Council and the Commission to adopt, by December 2000, a programme of measures to implement the principle of mutual recognition, taking in account those aspects of procedural law on which common minimum standards are considered necessary.

The crux of the problem was how to accept that a decision taken by an authority in one state could be adopted as such in another state, “even though a comparable authority may not even exist in that state, or could not take such decisions, or would have taken an entirely different decision in a comparable case”5.

Aware of the differences among the national laws , a primary attention was paid to the protection of procedural rights that have to be granted to the suspects or accused persons in criminal proceedings.

Under the Amsterdam Treaty, the legal base for the mutual recognition was the article 31 TUE, that foresaw to ensure compatibility in rules applicable in the Member States, in a restrictive sense, only as may be necessary to improve such cooperation (lett. c).

The Framework Decision on the European Arrest Warrant n. 2002/584 has been the first case of implementation of this principle and one of the most controversial measures for its insufficient consideration for fundamental rights, (although just in the preamble the MS declare that the decision respects them). In fact, the EAW doesn’t mentioned among the grounds for mandatory or optional non-execution of the European arrest warrant the risk of fundamental rights violation, even if some MS have inserted this ground in their EAW implementing legislation.

However, in the absence of uniformity in the protection of procedural rights it was not surprising that mutual trust between MS could be lacking. To counter this trend, the European Commission after a few acts of address6, in 2004, the Commission draw up a proposal about “certain procedural rights”(COM(2004)328)7.

The proposal was ambitious, due to the fact that it included – at the same time – several procedural rights such as: a) access to legal advice, both before the trial and at trial, b) access to free interpretation and translation, c) ensuring that persons who are not capable of understanding or following the proceedings to receive appropriate attention, d) the right to communicate with family or persons assimilated, with consular authorities in the case of foreign suspects, and e) the obligation to notify persons suspected of their rights, by giving them a written “Letter of Rights “.

Regrettably, after three years of debates, the Council Presidency had to acknowledge that it was impossible to reach the unanimity required at that time by the EU Treaty. It was notably debated whether the Union was competent to legislate also for domestic proceedings (at least 21 Member States shared this view) or whether the legislation should be only devoted to cross-border cases. The Member States opposing the Commission proposal considered that the legal base (art 31 of the TEU before Lisbon) could not cover domestic situations without breaching the principle of attribution and of subsidiarity.

However this has been only a temporary stop.  As it often happens when a legislative objective is too ambitious the EU institutions pass to the piece-meal approach . The works on the procedural rights have been resumed in 2009, when the Council took the decision of starting a “step-by-step approach”, to be implemented by taking advantage of the new legal context for the European Union.

Thanks to the new Lisbon Treaty, the judicial cooperation and the consequent harmonization of the MS’ law can be better implemented thanks to the new ordinary legislative procedure: the previous system, based on the need of unanimity of the Council was abandoned in favor of qualified majority and the association of the European Parliament with the same weight of the Council (Codecision procedure).

Moreover the principle of mutual recognition of judgments and judicial decisions as well as the power to approximate national laws is now explicitly grounded at Treaty level also for the Area of freedom, security and justice (article 82 TFEU) by so strengthening the judicial cooperation in criminal matters. The power to harmonize national laws is now clearly defined and the legislative instrument of the directive will be useful to improve the mutual trust8 allowing to judicial acts to move “as such in a unique space, without borders between the national state”9.

After the first Directive on the right of interpretation and translation10 and the second one on the right of information11, that has to be granted to a suspected or accused person, involved in a criminal proceedings, the Council and the Parliament have recently found a compromise on the Proposal of the Commission on the access to lawyer and to communicate upon arrest COM2011(326)

The “access to lawyer” directive
Continue reading “Access to a Lawyer : a new EU-wide procedural right in criminal proceedings”