EXECUTIVE SUMMARY : FULL REPORT AVAILABLE HERE
Recent revelations of mass surveillance underscore the importance of mechanisms that help prevent fundamental rights violations in the context of intelligence activities.
This FRA report aims to evaluate such mechanisms in place across the European Union (EU) by describing the current legal framework related to surveillance in the 28 EU Member States. The report first outlines how intelligence services are organised, describes the various forms surveillance measures can take and presents Member States’ laws on surveillance. It then details oversight mechanisms introduced across the EU, outlines the work of entities set up thereunder, and presents various remedies available to individuals seeking to challenge surveillance efforts.
The report does not assess the implementation of the respective laws, but maps current legal frameworks. In addition, it provides an overview of relevant fundamental rights standards, focusing on the rights to privacy and data protection.
In June 2013, media worldwide began publishing the ‘Snowden documents’, describing in detail several surveillance programmes being carried out, including by the United States’ National Security Agency (NSA) and by the United Kingdom’s Government Communications Headquarters (GCHQ). These brought to light the existence of extensive global surveillance. Details of these programmes, which set up a global system of digital data interception and collection, have been widely publicised 1 and critically assessed.2
Neither the US nor the British authorities questioned the authenticity of the revelations,3 and in some cases confirmed them.4 However, the media’s interpretation of the programmes was sometimes contested – for example, by the UK Intelligence and Security Committee of Parliament 5 and academia.6
Since most of the Snowden revelations have not been recognised by the British government, the Investigatory Powers Tribunal, in hearing challenges to the legality of the programmes, took the approach of hearing cases on the basis of hypothetical facts closely resembling those alleged by the media.7 For the Austrian Federal Agency for State Protection and Counter Terrorism (BVT), the Snowden revelations represented a “paradigm shift”: “Up until a few years ago, espionage was largely directed at state or business secrets, and not, for the most part, at people’s privacy, which can now be interfered with extensively by intelligence services since they possess the necessary technical resources to do so”. 8
The Snowden revelations were not the first to hint at the existence of programmes of large-scale communication surveillance set up in the aftermath of the 11 September 2001 attacks.9
But the magnitude of the revelations was unprecedented, potentially affecting the entire world.
The revelations triggered an array of reactions.10 In the intelligence community, and in particular among the specialised bodies in charge of overseeing the work of intelligence services, dedicated inquiries were conducted.11 The European Union reacted strongly.
The European Commission (EC), the Council of the European Union and the European Parliament (EP) reported on the revelations, expressing concern about mass surveillance programmes, seeking clarification from US authorities, and working on “rebuilding trust” in light of the damage created by the revelations.12
On 12 March 2014, the EP adopted a resolution on the US NSA surveillance programme, surveillance bodies in various Member States and their impact on EU citizens’ fundamental rights, and transatlantic cooperation in Justice and Home Affairs (the Resolution).13
The resolution drew on the in-depth inquiry that the EP tasked the Civil Liberties, Justice and Home Affairs Committee (LIBE) to conduct during the second half of 2013, shortly after the revelations on mass surveillance were published in the press.14
The wide-reaching resolution launched a “European Digital Habeas Corpus”, aimed at protecting fundamental rights in a digital age while focusing on eight key actions. In this context, the EP called on the EU Agency for Fundamental Rights (FRA) “to undertake in-depth research on the protection of fundamental rights in the context of surveillance, and in particular on the current legal situation of EU citizens with regard to the judicial remedies available to them in relation to those practices”.15
Scope of the analysis
This report constitutes the first step of FRA’s response to the EP request. It provides an overview of the EU Member States’ legal frameworks regarding surveillance. FRA will further consolidate its legal findings with fieldwork research providing data on the day-to-day implementation of the legal frameworks. A socio-legal report based on an empirical study, to be published at a later stage, will expand on the findings presented ere.
While the EP requested the FRA to study the impact of ‘surveillance’ on fundamental rights, given the context in which the resolution was drafted, it is clear that ‘mass surveillance’ is the main focus of the Parliament’s current work. During the data collection phase, FRA used the Parliament’s definition to delineate the scope of FRA net’s research.
The EP resolution refers to “far-reaching, complex and highly techno-logically advanced systems designed by US and some Member States’ intelligence services to collect, store and analyse communication data, including content data, location data and metadata of all citizens around the world, on an unprecedented scale and in an indiscriminate and non-suspicion-based manner” (Paragaph 1).
This definition encompasses two essential aspects: first, a reference to a collection technique, and second, the distinction between targeted and untargeted collection.
The report does not analyse the surveillance techniques themselves, but rather the legal frameworks that enable these techniques. For Member States that carry out signals intelligence, the focus of the analysis is on this capacity, and not on other intrusive capabilities the services may have (such as wiretapping).
This report covers the work of intelligence services. It does not address the obligations of commercial entities which, willingly or not, provide intelligence services with the raw data that constitute Signals Intelligence (SIGINT), and are otherwise involved in the implementation of the surveillance programmes.16 The private sector’s role in surveillance requires a separate study.
While the premise of this report is the existence of an interference, since the “secret monitoring of communications” interferes with privacy rights from a fundamental rights point of view,17 the report focuses on analysing the legal safeguards in place in the EU Member States’ legal frameworks, and therefore on their approaches to upholding fundamental rights.
“Assuming therefore that there remains a legal right to respect for the privacy of digital communications (and this cannot be disputed (see General Assembly Resolution 68/167)), the adoption of mass surveillance technology undoubtedly impinges on the very essence of that right.” UN, Human Rights Council, Emmerson, B. (2014), para. 18
The report’s analysis of EU Member States’ legal frameworks tries to keep law enforcement and intelligence services separate. By doing so, the report excludes the work of law enforcement from its scope, while recognising that making this division is not always easy.
As stated by Chesterman, “Governments remain conflicted as to the appropriate manner of dealing with alleged terrorists, the imperative to detect and prevent terrorism will lead to ever greater cooperation between different parts of government”.18 The EP resolution recognises this and called on the Europol Joint Supervisory Body (JSB) to inspect whether information and personal data shared with Europol have been lawfully acquired by national authorities, particularly if the data were initially acquired by intelligence services in the EU or a third country.19
The Snowden revelations have also shed light on cooperation between intelligence services. This issue, important for the oversight of intelligence services’ activities, has been addressed by the EP resolution (Paragraph 22), by oversight bodies,20 by the Venice Commission,21 and by academia.22
This aspect, however, proved impossible to analyse in a comparative study, since, in the great majority of cases, cooperation agreements or modalities for transferring data are neither regulated by law nor public. This in itself creates a fundamental rights issue linked to the rule of law and, more particularly, regarding the importance of the existence of a law that is accessible to the public, as well as regarding the rules governing the transfer of personal data to third countries.
Though this report could not deal with this aspect beyond referencing the lack of proper control by over-sight bodies, it does raise important questions under relevant legal standards.
Fundamental rights and safeguards
Given the scope of the EP request, the FRA decided to focus its research on privacy and data protection, because surveillance measures acutely encroach on these fundamental rights.
According to the Council of Europe Commissioner for Human Rights, “[i]t is not only the actual use of these measures against given individuals that infringes the right to privacy but also their potential use and/or the mere existence of legislation permitting their use”.23
This in no way means that other fundamental rights are not equally affected.
The EP resolution highlighted this when referring to other affected fundamental rights, in particular “freedom of expression, of the press, of thought, of conscience, of religion and of association, […] the presumption of innocence and the right to a fair trial and non-discrimination”.24
A fundamental right must be properly safeguarded to be effectively exercised.
This report analyses, as per the EP request, the remedies at an individual’s disposal to uphold his or her rights to privacy and data protection. Past FRA research provides important findings on how data protection remedies work in practice. While recognising the specificity of surveillance measures, this report draws on key conclusions elaborated on in the 2014 FRA report on access to data protection remedies, which carefully assessed the practical role of national data protection authorities.25 This report also examines the crucial role specialised bodies play in overseeing the work of security and intelligence services.
International and European standards applicable to surveillance have been exhaustively developed and commented on by multiple organisations, so this report will merely refer to them to avoid duplicating already existing work.
The United Nations (UN) has set standards in this area for decades. Its various expert bodies and human rights procedures were forthright in their condemnations of mass surveillance practices following the Snowden revelations.26 In March 2015, the Human Rights Council of the UN decided to create the post of Special Rapporteur on the Right to Privacy, who will be in charge of monitoring privacy rights in the UN context.27
The European Court of Human Rights (ECtHR) has over the years also developed standards, based on Article 8 of the ECHR (right to respect for private and family life) – including its procedural aspects28 – and Article 13 of the ECHR (right to an effective remedy).29
Its case law has reviewed various forms of surveillance, but issues related to the Snowden revelations have not yet been adjudicated.30
ECtHR standards have triggered legislative reforms at national level;31 narrowed the scope of the term ‘national security’ and required that the threat to national security have some reasonable basis in facts;32 and clarified procedural rules such as legal standing in the area of surveillance,33 the extent to which an individual can have an “expectation of privacy”,34 and the minimum safeguards that should be in place during surveillance.35
Moreover, the ECtHR has cited 1981 Council of Europe data protection Convention (Convention 108) principles when examining personal data processing within the scope of the ECHR and the concept of private life.36 According to the Venice Commission, the ECHR standards should be considered as minimum human rights standards.37 They are often used as a benchmark when assessing legislation or a surveillance practice.38
European Union Law
At the EU level, the rights to privacy and data protection are enshrined in Articles 7 and 8 of the Charter of Fundamental Rights of the European Union (the Charter). The right to data protection is also laid down in Article 16 of the Treaty on the Functioning of the European Union (TFEU), and in Article 39 of the Treaty on the European Union (TEU).
In addition, secondary legislation adopted earlier than the Charter and the TFEU protect this right. Relevant legal instruments include the Data Protection Directive 95/46/EC, the e-Privacy Directive 2002/58/EC and the Framework Decision 2008/977/JHA on the protection of personal data processed in the framework of police and judicial cooperation in criminal matters.
These instruments ensure, amongst others, that in their respective scope of application, the processing of personal data is carried out lawfully and only to the extent necessary for the fulfilment of the legitimate aim pursued. These rights extend to all persons, whether they are EU citizens or third-country nationals. According to Article 52 (1) of the Charter, any limitation to this right must be necessary and proportionate, genuinely meet objectives of general interest recognised by the Union, be provided by law, and respect the essence of such rights.
Applicability of these instruments in the feld of secu-rity is, however, subject to the specifc legal and policy framework in the area and particularly to the national security exemption. Article 4 (2) of the TEU provides that “national security remains the sole responsibility of each EU Member State”. This exemption is reiterated both in Article 3 (2) of the Data Protection Directive and in Article 1 (4) of Framework Decision 2008/977/JHA, which excludes “essential national security interests and specifc intelligence activities in the feld of national security” from the rules applicable to ‘regular’ law enforcement action.
The limits of the national security exemption are subject to debate, including in relation to the activities of intelligence services.39 Although international guidelines 40 exist, there is no uniform understanding of ‘national security’ across the EU. The concept is not further defined in EU legislation or in CJEU case law, although the CJEU has stated that exceptions to fundamental rights must be interpreted narrowly and justified.41 The CJEU has also stated that the mere fact that a decision concerns state security does not render EU law inapplicable.42
The lack of clarity on the precise scope of the national security exemption goes hand in hand with the varied and seldom clearly drawn line between the areas of law enforcement and national security in individual Member States. This is particularly true with counter-terrorism, since terrorism is generally considered a threat to both national security and to law and order. As a result, the division of competences amongst intelligence and law enforcement authorities varies throughout the EU Member States, as do the modalities of their infor-mation exchanges.
It falls outside the scope of this report to analyse in great detail the extent of EU competence in this feld. However, the current situation is relevant not only to surveillance and the rights of privacy and personal data protection, but also to efforts at the EU level in the area of internal security, in accordance with Article 4 (2) (j) of the TFEU, which defnes the area of freedom, security and justice as an area of shared competences between the EU and the Member States. At present, the lack of a clear delimitation between ‘public order’ and ‘national security’ – the protection of the latter being left to the Member States without interference from the EU, in accordance with Article 4 (2) of the TFEU – infuences the ongoing debate on the renewal of the EU Internal Security Strategy regarding the exchange and use of existing intelligence for countering terrorist threats.43
Although a dedicated mechanism within EU struc-tures (the EU Intelligence Analysis Centre, INTCEN, and to some extent also the EU Satellite Centre) exists, information exchanges between national intelligence authorities take place on a voluntary and ad hoc basis, and largely outside the EU legal framework.44 What is known about information exchanges in this feld is nec-essarily limited, as much of it is shielded from public scrutiny. Coordinated action at the EU level is there-fore limited to enhancing law enforcement informa-tion exchanges, with emphasis on better utilising the potential of the European Police Offce (Europol) and, to some extent, the European Agency for the Manage-ment of Operational Cooperation at the External Borders of the Member States of the European Union (Frontex).
The national security exemption provides a methodological challenge because of a lack of a clear delineation between surveillance activities conducted for law enforcement and for national security purposes, and the resulting variety in the involvement and competence of actors.
This unclear delineation of ‘national security’ also has repercussions for the applicability of EU law, which depends both on the interpretation of the national security exemption’s scope and on the specific characteristics of the various surveillance programmes carried out by intelligence services. Although the existence of such programmes remains largely unknown, even in light of the Snowden revelations, some contain elements that can justify the full applicability of EU law. For instance, when EU companies transfer data to intelligence services, including those of third countries,45 they are considered under the Data Protection Directive as data controllers who collect and process data for their own commercial purposes. Any subsequent data processing activities, such as the transfer of personal data to intelligence services for the purpose of the protection of national security, will therefore fall within the scope of EU law.46
Any limitations of the rights to privacy and personal data protection should be examined according to Article 13 of the Data Protection Directive and Article 15 of the e-Privacy Directive, as well as Article 52 (1) of the Charter.
Such limitations are to be treated as exceptions to the protection of personal data, and thus subject to narrow interpretation and requiring proper justification.47
The essence of the right to privacy and protection of personal data shall at any rate be respected. The ‘national security’ exception thus cannot be seen as entirely excluding the applicability of EU law.
As the UK Independent Reviewer of Terrorism Legislation recently put it,
“National security remains the sole responsibility of each Member State: but subject to that, any UK legislation governing interception or communications data is likely to have to comply with the EU Charter because it would constitute a derogation from the EU directives in the field.”48
Finally, even when EU law does not apply, other international instruments do, notably the ECHR and Convention 108 49 and its 2001 Additional Protocol.50 The CJEU refers to Member States’ international obligations under the ECHR when a subject matter falls outside EU law.51
This report draws on data provided by the agency’s multidisciplinary research network FRAnet, which were collected through desk research in all 28 EU Member States, based on a questionnaire submitted to the network.52
Additional information was gathered through desk research and exchanges with key partners, including a number of FRA’s national liaison officers in the Member States and individual experts. These include Ian Cameron, Professor of International law, Uppsala University, and Member of the Venice Commission; Douwe Korff, Emeritus Professor of International Law, London Metropolitan University and Oxford Martin Associate, Oxford Martin School, University of Oxford; Andreas Krisch, managing partner, mksult GmbH, Vienna, Austria; Ian Leigh, Professor of Law, Durham University; Carly Nyst, Legal Director, Privacy Inter-national, London; Peter Schaar, Chair of the European Academy for Freedom of Information and Data Protection and former German Federal Commissioner for Data Protection and Freedom of Information (2003-2013); and Martin Scheinin, Professor at the European University Institute, coordinator of the FP7 project SURVEILLE (Surveillance: Ethical Issues, Legal Limitations, and Efficiency), and former United Nations Special Rapporteur on human rights and counter-terrorism.
FRA expresses its gratitude for these valuable contributions. The opinions and conclusions in this report do not necessarily represent the views of the organisations or individuals who helped develop the report.
While this report maps the EU-28 legal frameworks, the FRA findings also draw on existing reports and publications aimed at supporting national legislators in setting up legal frameworks for the intelligence services and their democratic oversight.53 The findings refer in particular to the compilation of good practices issued by Scheinin as Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism.54
The mapping of legal frameworks in the EU in this report follows the structure the ECtHR suggests for surveillance cases.
So far, most of the cases brought before the Strasbourg judges have focused on the legality of interferences with the right to privacy – in other words, whether the secret surveillance was “in accordance with the law”.
Contrary to its other jurisprudence, the ECtHR has added to the legality test stricto sensu requirements for other specific safeguards that surveillance laws should have. As stated by Cameron, “[A] law, or legal mechanism, which is regarded as deficient in formulation (e.g. because it is imprecise) may nonetheless be corrected by a safeguard (e.g. because it compensates for the risk of abuse caused by the imprecision)”.55
This relates to the approval mechanism of the measure and the oversight mechanism controlling its implementation, as well as to available remedies.
Following this approach, after providing overviews of the intelligence services and surveillance laws in the EU Member States (Chapter 1), this report presents the safeguards in place (Chapter 2), and the available rem-edies (Chapter 3).
2 See, for example, France, Urvoas, J.-J., Parliamentary Delegation on Intelligence (2014), p. 129 and following.
3 See Belgium, Standing Intelligence Agencies Review Committee (Standing Committee I) (2014), p. 135. The Belgian oversight body has not yet found any indication that the slides revealed were not authentic, and would tend to conclude that they are truthful. See also Standing Committee I (2015), p. 11.
4 The Guardian (2013).
5 See United Kingdom, Intelligence and Security Committee of Parliament (2013).
6 Cayford, M. et al., P. H. A. J. M. (2015), p. 646.
7 United Kingdom, Investigatory Powers Tribunal (2014/2015). The UK government adopted, for security reasons, a general policy of neither confrming nor denying allegations made in respect of surveillance activities in other cases. See also ECtHR, Liberty and Others v. the United Kingdom, No. 58243/00, 1 July 2008, para. 47.
8 Austria, Federal Agency for State Protection and Counter Terrorism (Bundesamt für Verfassungsschutz und Terrorismusbekämpfung) (2014), p .57.
9 See, for example, European Parliament (2001); Chesterman, S. (2011); Lowenthal, M. (2015), p. 124.
10 Wright, D. and Kreissl, R. (2015).
11 See, for example, Germany, Federal Parliament (2013), p. 10 and following; Italy, COPASIR (2014), p. 18 and following; Belgium, Standing Committee I (2014), p. 132 and following; Belgium, Standing Committee I (2015), p. 8 and following, pp.67–68, and its recommendations, p. 115 and following; The Netherlands, CTIVD (2014a), p. 8 and following.
12 FRA (2014a), p. 81 and following; FRA (2015).
13 European Parliament (2014).
14 See FRA (2014a).
15 European Parliament (2014), paras. 132 and 35.
16 See Bigo, D. et al. (2013), p. 41.
17 ECtHR, Weber and Saravia v. Germany, No. 54934/00, 29 June 2006, para. 78.
18 See Chesterman, S. (2011), p. 237.
19 European Parliament (2014), para. 84; Europol Joint Supervisory Body (2014).
20 The Belgian Standing Committee I, for example, refers to Germany and the Netherlands, whose laws organise data transfer; see Belgium, Standing Committee I (2014), pp. 4–5. The Dutch Review Committee has conducted a number of investigations on cooperation between Dutch and foreign services. Its latest investigation addresses this issue, as well, and additional investigations are expected to be published; see The Netherlands, CTIVD (2014b), pp. 13 and 148 and following; The Netherlands, CTIVD (2014a), p. 29 and following. See also The Netherlands, CTIVD (2010), p. 47 and following. However, CTIVD recognises the limits of its power in this context; see The Netherlands, CTIVD (2015), p. 35.
21 See Venice Commission (2015).
22 See Born, H. et al. (eds.) (2011); Born, H. et al. (2015); Bigo, D. et al. (2013), pp. 24 and 39; Cousseran, J,-C. and Hayez, P. (2015), p. 133 and following.
23 Council of Europe Commissioner for Human Rights (2015), p. 21.
24 European Parliament (2014), para. T. See also United Nations (UN) General Assembly (GA) (2014b); UN, Human Rights Council, Kaye, D. (2015); UN Special Rapporteur on Freedom of Opinion and Expression, the Organization for Security and Co-operation in Europe (OSCE) (2015); ECtHR, Telegraaf Media Nederland Landelijke Media B.V. and Others v. the Netherlands, No. 39315/06, 22 November 2012, para. 88, in which the ECtHR acknowledges that the surveillance methods interfered with the applicant’s freedom of expression; Council of Europe Commissioner for Human Rights (2015); Raab, C. et al. (2015).
25 FRA (2014c).
26 See UN, GA (2014a); UN, GA (2014b); UN, Human Rights Council, Scheinin, M. (2009); UN, Offce of the High Commissioner for Human Rights (OHCHR) (2014); UN, Human Rights Council, Emmerson, B. (2014); UN, Human Rights Committee (2014) and UN, Human Rights Committee (2015a).
27 UN, Human Rights Council (2015).
28 ECtHR, M.N. and Others v. San Marino, No. 28005/12, 7 July 2015, para. 83.
29 For a discussion of the ECtHR case law, see European Commission for Democracy through Law (Venice Commission) (2007); Venice Commission (2015).
30 See the pending case: ECtHR, Big Brother Watch and Others v. the United Kingdom, No. 58170/03, communicated on 9 January 2014.
31 ECtHR, Malone v. the United Kingdom, No. 8691/79, 2 August 1984; ECtHR, Kruslin v. France, No. 11801/85, 24 April 1990.
32 ECtHR, Klass and Others v. Germany, No. 5029/71, 6 September 1978, paras. 45–46; ECtHR, Janowiec and Others v. Russia [GC], Nos. 55508/07 and 29520/09, 21 October 2013, paras. 213–214; ECtHR, C.G. and others v. Bulgaria, No. 1365/07, 24 April 2008, para. 40.
33 ECtHR, Klass and Others v. Germany, No. 5029/71, 6 September 1978, para. 34. See also ECtHR, Liberty and Others v. the United Kingdom, No. 58243/00, 1 July 2008, para. 56.
34 ECtHR, Copland v. the United Kingdom, No. 62617/00, 3 April 2007, para. 42.
35 ECtHR, Weber and Saravia v. Germany, No. 54934/00, 29 June 2006, para. 95.
36 ECtHR, Z. v. Finland, No. 22009/93, 25 February 1997, paras. 95–97; ECtHR, Amann v. Switzerland, No. 27798/95, 16 February 2000, para. 65; ECtHR, Rotaru v. Romania, No. 28341/95, 4 May 2000, para. 43; ECtHR, S. and Marper v. The United Kingdom, Nos. 30562/04 and 30566/04, 4 December 2008, paras. 41, 66–69, 76, 103–104, 107; ECtHR, Uzun v. Germany, No. 35623/05, 2 September 2010, paras. 43–48; ECtHR, Bernh Larsen Holding AS and Others v. Norway, No. 24117/08, 8 July 2013, paras. 76–78; ECtHR, Khelili v. Switzerland, No. 16188/07, 8 March 2012, paras. 20–21; ECtHR, M.M. v. the United Kingdom, No. 24029/07, 29 April 2013, paras. 122–124.
37 Venice Commission (2015), p. 24.
38 See, for example, the work of the Dutch Review Committee for the Intelligence and Security Services (CTIVD).
39 See, for example, Peers, S. (2013), pp. 2–3, on the distinction between national security and law enforcement functions of intelligence services.
40 See especially Article 19 (1996), Johannesburg Principles on national security, freedom of expression and access to information; UN, Human Rights Council, Scheinin, M. (2010).
41 See CJEU, C-387/05, European Commission v. Italian Republic, 15 December 2009, para. 45, and Article 29 Working Party (2014b), p. 24.
42 See CJEU, C-300/11, ZZ v. Secretary of the State of Home Department, 4 June 2013, para. 38.
43 This relates particularly to the debate on whether more effective exchanges of intelligence within and between Member States could prevent terrorist attacks by persons already known to national authorities, as was allegedly the case with perpetrators of the 2014 Brussels and 2015 Paris attacks.
44 For instance through the Club de Berne and the derived Counter Terrorist Group, an intelligence-sharing forum that specifcally focuses on counterterrorism intelligence and encompasses all EU Member States, as well as Norway and Switzerland.
45 See Article 29 Working Party (2014c), Section 5 on data transfers to non-EU countries.
46 CJEU, C-362/14, Maximillian Schrems v. Data Protection Commissioner, 6 October 2015.
47 CJEU, C-387/05, European Commission v. Italian Republic, 15 December 2009, para. 45.
48 Anderson, D., Independent Reviewer of Terrorism Legislation (2015), p. 71.
49 Council of Europe, Convention 108; CJEU, C-387/05, European Commission v. Italian Republic, 15 December 2009, para. 45.
50 Council of Europe, Convention 108, Additional Protocol.
51 CJEU, C-127/08, Metock v. Minister of Justice, Equality and Law Reform, 25 July 2008, paras. 74–79.
52 See FRA (2014b).
53 See, for example, Venice Commission (2007); Venice Commission (2015); or Born, H. and Wills, A. (eds.) (2012).
54 UN, Human Rights Council, Scheinin, M. (2010).
55 See Cameron, I. (2013), p. 164.