In the wake of the appalling attacks in Paris two days ago, it only took 24 hours for the EU Commission to state that it would propose a new wave of EU anti-terrorist measures in a month’s time. It’s not yet known what the content of this law will be; but the very idea of new legislation is a profound mistake.
Of course, it was right for the EU institutions to express sympathy for the victims of the attack, and solidarity as regards defence of free speech. Equally, it would not be problematic to use existing EU anti-terrorism laws if necessary, in order (for instance) to surrender the suspects in this crime on the basis of a European Arrest Warrant (EAW), in the event that they fled to another Member State.
The question is whether the EU needs more such laws.
For the EU has already reacted to prior terrorism offences, first as regards 9/11 and then to the atrocities in Madrid and London in 2004 and 2005.
The result is a huge body of anti-terrorism law, catalogued here by the SECILE project. This comprises not only measures specifically concerning terrorism (such as substantive criminal law measures, adopted in 2002 and amended in 2008), but many other measures which make it easier to cooperate as regards terrorism as well as other criminal offences, such as the EAW, the laws on exchange of police information and transmission of evidence across borders, and so on.
Moreover, there are proposals already under discussion which would apply to terrorism issues (among others), such as a new law on Europol, the EU’s police intelligence agency (discussed here), and proposed EU legislation on the transfer of airlines’ passenger name records (PNR).
So what new laws is the Commission likely to propose? It may suggest a new version of the data retention Directive, the previous version of which was struck down by the Court of Justice of the European Union (CJEU) last spring, in the Digital Rights judgment (discussed here). Other ideas under discussion, according to leaked documents (see here and here) are new laws strengthening mandatory checks at borders .
Are any of these laws really necessary? Member States can already adopt laws on retention of communications data, pursuant to the EU’s e-privacy directive.
As the European Parliament’s legal service has confirmed (see its advice here), if Member States adopt such measures, they will be subject to the constraints of the Digital Rights judgment, which bans mass surveillance carried out in the absence of safeguards to protect privacy. Equally, Member States are free to establish their own PNR systems, in the absence of any EU-wide measure (besides EU treaties with the USA, Canada and Australia on PNR). The question of whether mass surveillance is as such compatible with human rights has already been sent to the CJEU by the European Parliament, which has asked the Court to rule on this issue in the context of the EU/Canada PNR treaty (see discussion here).
It would be possible to adopt new laws calling for systematic border checks in specific cases. In practice, this would likely mean checks on Muslims who are returning after travel to places like Syria. It is questionable whether asking detailed further questions at the external borders will, by itself, really do a lot to prevent terrorism. After all, in the Paris attacks, it unfortunately proved impossible to prevent an apparent terrorist attack despite extensive anti-terrorist legislation on the books, and bodyguards protecting the staff of a known terrorist target.
There’s also a question of principle here.
The Paris attacks were directed at free speech: the foundation of liberal democracy. Of course efforts should be stepped up to prevent such attacks from happening again; but existing laws allow for targeted intelligence gathering and sharing already, The Commission’s immediate response reeks of panic. And the direct attack on fundamental democratic principles this week in Paris is precisely the wrong context to consider that new legislation curtailing other fundamental freedoms is limited.