Brexit: the Prime Minister sets the wrong course

ORIGINAL PUBLISHED ON EU LAW ANALYSIS

by Steve Peers

Today’s speech by Prime Minister Theresa May gave a number of indications as to the government’s intentions as regards implementing Brexit. Overall, while the speech contained some welcome parts, it made fundamentally the wrong decision about the country’s future.

Welcome parts of the speech

The welcome parts of the speech include the argument that it ‘remains overwhelmingly and compellingly in Britain’s national interest that the EU should succeed’. Indeed, any ‘unravelling’ of the Union between these neighbouring states is not in the economic or security interests of the UK. Her suggestions about what the EU should do next contain much common sense – although it is doubtful that the remaining EU is very interesting in listening to the leader of a country that is intending to leave. In particularly, her complaints about too much ‘uniformity’ and not enough ‘diversity’ will strike some as bizarre – coming from a country with opt-outs on the single currency, Schengen, justice and home affairs (and previously social policy) plus a budget rebate.

The commitment to retain status for EU citizens in the UK is not new, but still welcome. It is disappointing however that there was no commitment to entrench their rights unilaterally, as recently proposed by a group of Leave and Remain supporters in a British Future report. There could be compromise ways to address this: publishing a draft Bill to this effect, or entrenching the rights in law conditional on EU reciprocity. One can only hope that the issue will be addressed at an early stage of the negotiations.

The interest in continued collaboration on research, police cooperation and foreign policy is also welcome, since the UK still has joint interests with other Member States in these fields. But it is content-free: what exactly would the UK like to participate in? How does this square with her assertion that the UK will not be involved with ‘bits’ of the EU?

Single market and customs union

The Prime Minister declared her opposition to ‘partial membership of the European Union, associate membership of the European Union, or anything that leaves us half-in, half-out.’ But there is no such thing as ‘partial’ or ‘associate’ membership of the EU. May is slaying straw dragons in her own imagination here.

She goes on to confirm her opposition to single market membership (as distinct from single market access) for the UK, for several reasons. It is striking that she makes no assertion that the UK will be better off out of the single market economically. Indeed, the IFS has estimated that the UK will lose 4% of GDP if it leaves the single market without a free trade deal, due to the loss of market access that this entails. While May goes on to say that she seeks a free trade deal, this is bound to entail less trade between the UK and the EU than single market membership, as free trade deals do not remove as many non-tariff barriers as the single market rules.

So what are her reasons? One is control of immigration – and free movement of persons is a non-negotiable condition of the EU for participation in the single market.  Here she fails to consider that the European Economic Area (EEA) treaty includes a safeguard on free movement which could be invoked in order to control it. May’s description of free movement includes overstated claims about its effect on public services, ignoring the impact of limited government funding of health and education in recent years – while she cannot bring herself to mention the overall economic benefit derived from EU migrants.

Another is budget contributions. She rules out any budget contributions except for participation in individual programmes. There is no consideration of whether the EEA option – giving money directly to poorer EU countries, with more control over the spending by the contributor – would be desirable in return for increased market access.

Next, there is the role of the ECJ. May states that single market membership ‘would mean accepting a role for the European Court of Justice that would see it still having direct legal authority in our country.’ Let’s not mince words: this is not true. The EEA states are not subject to the ECJ at all, but to the separate EFTA Court. That court has less jurisdiction than the ECJ, and a large number of its rulings are not binding at all. It is only obliged to follow ECJ rulings delivered before 1991.

More broadly, May states that this ‘would to all intents and purposes mean not leaving the EU at all.’ Again, this is not really true. EEA members are not subject to EU rules on agriculture, foreign policy, fisheries, justice and home affairs (except via separate treaties, in part) or trade with non-EU countries – the very issue which May devotes a large part of her speech to.

This brings me to a false dichotomy on which her speech rests: that there is some sort of choice to be made between EU membership and ‘Global Britain’. In fact, barriers to trade with non-EU countries have been coming down, both due to EU membership of the WTO and due to bilateral trade deals between the EU and non-EU countries. The share of UK trade with non-EU countries has therefore been rising – as Leavers are often quick to point out. Many other EU countries trade more that the UK does with non-EU states – as May herself pointed out last year. So it’s not EU membership that significantly holds back trade with non-EU states.

It is true that inside the EU’s customs union, the UK cannot sign its own trade deals with non-EU states. But the UK could seek to remain in the single market (like Norway) but leave the customs union. Indeed, Norway and other EEA countries have a number of their own trade agreements. In effect, this would be the best of both worlds – maintaining the maximum possible access to the EU’s internal market via means of full participation, while simultaneously having the freedom to sign additional trade deals with non-EU countries.

She also argues that both sides in the referendum made clear it was about the single market. But the single market was not on the ballot paper and was not often mentioned. When it was mentioned, some Leavers, like Dan Hannan, expressly declared that single market membership would not be affected. I recall well a common cut-and-paste statement from Leave supporters in Facebook posts beginning ‘The UK will not be leaving the EEA…’. Although David Cameron stated that leaving the EU meant leaving the single market, why should anyone be bound by his falsehood? And why should one claim made during the campaign be treated as politically binding, while others – notably those which appeared on the side of a bus – are not?

As for the customs union, May proposes a ‘have your cake and eat it’ version – a special deal simplifying border crossings, while being free to sign the UK’s separate international trade deals. Time will tell if this idea interests the EU.

A transitional deal

The Prime Minister accepts that the UK cannot switch immediately to a new arrangement, but cannot bring herself to support a transitional deal, saying ‘[i]nstead, I want us to have reached an agreement about our future partnership by the time the 2-year Article 50 process has concluded’. Such an arrangement would then be phased in. This time frame is unlikely, given that she wants a bespoke deal, involving special arrangements on customs and comprehensive free trade.  So what happens if the Brexit Fairy does not deliver by this deadline?

The role of parliament

Early on in the speech, May states that ‘the principle of Parliamentary Sovereignty is the basis of our unwritten constitutional settlement’. Unfortunately, these are empty words. A Martian reading this would assume that she had gone to court to try to ensureparliamentary involvement in the triggering of Article 50 – rather than to block it.

Furthermore, her speech comes in place of any white paper or any other public consultation on the best course to follow after Brexit. She ‘concedes’ that parliament will vote on the final deal, but this is not much of a choice – a free trade deal or nothing – unless there is an option to negotiate a different deal (not enough time) or to stay in the EU on the basis of another referendum on the exit terms (ruled out by the government).  In any event, it’s not a real concession: the Constitutional Reform and Governance Actof 2010 makes a form of parliamentary control a legal requirement in principle for most treaties. She made no commitment for a full Act of Parliament to approve the final deal – even though one is required for even minor changes to EU Treaties, and even for the approval of some EU legislation.

So May seeks credit for doing something she was anyway legally required to do. In fact, she deserves blame for previously threatening to ignore the law, and even now involving Parliament as little as possible and planning to offer it a fait accompli.

As for EU legislation converted to UK law, by the future Great Repeal Bill, she states that it will only be changed ‘after full scrutiny and proper Parliamentary debate’. This sounds nice superficially, but falls short of a commitment to use Acts of Parliament on key issues. Rather it sounds like an intention to use Statutory Instruments, which can’t usually be amended by Parliament and are rarely blocked. Without a commitment to use Acts of Parliament, her guarantee to uphold workers’ rights derived from EU law is worth rather less than she suggests; and there is no such commitment as regards environmental law.

The devolved administrations

The Prime Minister states that ‘we will put the preservation of our precious Union at the heart of everything we do’ and that she will ‘strengthen our precious Union’. However, her plan necessarily rejects the detailed suggestions of the Scottish government from December (discussed here) for the future EU/UK trade relationship.  So not only is the Scottish (and Northern Irish) public’s view on the desirability of Brexit is overridden, but also the Scottish government’s later views on how Brexit should take place are ignored. The Scottish government paper can hardly be ‘considered’ if it has already been overruled.

There’s a pledge not to weaken existing powers of devolved bodies, but there will surely be battles ahead over which level of government should exercise powers over devolved competences returned from the EU.  Conversely, there’s no suggestion of any granting any additional devolved powers, which might have been appropriate to address the obviously highly divergent views of Scotland, Northern Ireland and the rest of the UK. There’s another pledge to maintain the Common Travel Area between Northern Ireland and the Republic of Ireland, but this is content-free.

In short, there’s nothing here to ‘strengthen’ the Union at all. Its ‘preservation’ depends solely upon the continued argument that Scotland would be worse off outside the UK’s economic union – while simultaneously maintaining that the UK is better off outside the European version of the same.

Unity and Brexit

The Prime Minister declares that the referendum ‘victors have the responsibility to act magnanimously’, and the losers to accept the result. But she has not shown the slightest magnanimity in her speech today. She dismisses the arguments for staying in the single market made by those – like the Scottish government – who sought to remain in the EU but who believe that single market membership would be a reasonable compromise for a badly divided country.

More broadly, her emollient tone today cannot erase the memory of her conference speech in October – full of sneering references to ‘citizens of the world’ and the dreaded ‘liberal elites’ (cue the Star Wars Imperial March music). It’s a strange world in which Alexander Boris de Pfeffel Johnson – graduate of Eton and Balliol College – dismisses people like me – the grandson of a miner, the son and stepson of factory workers – as part of the ‘elite’.

Still less can her speech erase the memory of her Lord Chancellor failing in her statutory duty to defend the independence of the judiciary from screeching headlines about the ‘Enemies of the People’. And if she really believed in magnanimity in concrete terms, she could have announced a unilateral decision to let EU citizens stay in the UK.

Conclusion

Some of the Prime Minister’s speech is valuable – setting the right overall tone on relations with the EU, implicitly rejecting the more harmful ‘WTO-only’ option, and eschewing (hopefully genuinely) future derision of the 48% who took a different point of view in the referendum. But ultimately she has made the wrong decision on single market participation, putting politics ahead of the country’s economic interests. And key parts of the speech are vague, incorrect, misleading, hypocritical or fantasist. Perhaps we were better off with ‘Brexit means Brexit’.

TELE2 SVERIGE AB AND WATSON ET AL: CONTINUITY AND …RADICAL CHANGE

ORIGINAL PUBLISHED ON EUROPEAN LAW BLOG  (JANUARY 12, 2017)
By Orla Lynskey

 

Introduction

The CJEU delivered its judgment in Tele2 Sverige AB and Watson on 21 December 2016. The Court had been asked by a Swedish and British court respectively to consider the scope and effect of its previous judgment in Digital Rights Ireland (discussed here). The judgment reflects continuity in so far as it follows in the line of this, and earlier judgments taking a strong stance on data protection and privacy. Yet, the degree of protection it offers these rights over competing interests, notably security, is radical. In particular, the Court unequivocally states that legislation providing for general and indiscriminate data retention is incompatible with the E-Privacy Directive, as read in light of the relevant EU Charter rights. While the judgment was delivered in the context of the E-Privacy Directive, the Court’s reasoning could equally apply to other EU secondary legislation or programmes interpreted in light of the Charter. This judgment will be a game-changer for state surveillance in Europe and while it offered an early Christmas gift to privacy campaigners, it is likely to receive a very mixed reaction from EU Member States as such. While national data retention legislation has been annulled across multiple Member States (Bulgaria, Czech Republic, Cyprus, Germany and Romania), this annulment has been based on an assessment of the proportionality of the relevant measures rather than on a finding that blanket retention is per se unlawful. For those familiar with the facts and findings, skip straight to the comment below.

Facts

The preliminary ruling stems from two Article 267 TFEU references regarding the interpretation of the Court’s judgment in Digital Rights Ireland (henceforth DRI). The first, Tele2 Sverige AB, was a Swedish reference resulting from the refusal by Tele2 Sverige (a Swedish electronic communications provider) to continue to retain electronic communications data following the finding in DRI that the Data Retention Directive was invalid. A dispute regarding the interpretation of DRI ensued and the Swedish Justice Minister commissioned a report to assess the compatibility of Swedish law with EU law and the ECHR. This report concluded that DRI could not be interpreted as prohibiting general and indiscriminate data retention as a matter of principle, or as establishing criteria – all of which must be fulfilled – in order for legislation to be deemed proportionate. Rather, it held that it was necessary to conduct an assessment of all the circumstances in order to determine the compatibility of Swedish legislation with EU law. Tele2 Sverige maintained that the report was based on a misinterpretation of DRI. Given these differing perspectives, the referring court asked the Court to give ‘an unequivocal ruling on whether…the general and indiscriminate retention of electronic communications data is per se incompatible with Articles 7 and 8 and 52(1) of the Charter’ [50].

The second preliminary reference (Watson) arose before the Court of Appeal in the context of applications for judicial review of the UK’s Data Retention and Investigatory Powers Act (DRIPA) on the grounds that this Act was incompatible with the EU Charter and the ECHR. It was disputed before the national court whether DRI laid down ‘mandatory requirements of EU law’ that national legislation for communications data retention and access must respect. The domestic referring court suggested that it was appropriate to distinguish between legislation governing retention, and legislation governing access. DRI was confined to an assessment of the former as it assessed the validity of the Data Retention Directive, which excluded provisions relating to data access. The latter, provisions on data access, must be subject to a distinct validity assessment in light of their differing context and objectives, according to the referring court. The Court of Appeal did not however deem the answer to this question obvious, given that six courts in other EU Member States had declared national legislation to be invalid on the basis of DRI. It therefore asked the Court to consider whether, firstly, DRI lays down mandatory requirements of EU law that would apply to the regime governing access to retained data at national level. It also asked whether DRI expands the scope of the Charter rights to data protection and privacy beyond the scope of Article 8 ECHR. The Watson reference was dealt with pursuant to the expedited procedure provided for in Article 105(1) of the Court’s Rules of Procedure and joined to the Tele2 Sverige reference for oral arguments and judgment.

Findings of the Court

The Scope of the E-Privacy Directive

The Court examined, as a preliminary point, whether national legislation on retention and access to data fell within the scope of the E-Privacy Directive. Article 15(1) of that Directive provides for restrictions to certain rights it provides for when necessary for purposes such as national security and the prevention, investigation, detection and prosecution of criminal offences. Article 15(1) also allows for the adoption of data retention legislation by Member States. However, Article 1(3) of that Directive states that the Directive will not apply to, amongst others, ‘activities concerning public security, defence, State security (…) and the activities of the State in areas of criminal law’. There is thus an apparent internal inconsistency within the Directive.

To guide its findings, the Court had regard to the general structure of the Directive. While the Court acknowledged that the objectives pursued by Articles 1(3) and 15(1) overlap substantially, it held that Article 15(1) of the Directive would be deprived of any purpose if the legislative measures it permits were excluded from the scope of the Directive on the basis of Article 1(3) [73]. Indeed, it held that Article 15(1) ‘necessarily presupposes’ that the national measures referred to therein fall within the scope of that directive ‘since it expressly authorizes the Member States to adopt them only if the conditions laid down in the directive are met’. [73]. In order to support this finding, the Court suggests that the legislative measures provided for in Article 15(1) apply to providers of electronic communications services [74] and extend to measures requiring data retention [75] and access to retained data by national authorities [76]. It justifies this final claim – that the E-Privacy Directive includes data access legislation – on the (weak) grounds that recital 21 of the directive stipulates that the directive’s aim is to protect confidentiality by preventing unauthorised access to communications, including ‘any data related to such communications’ [77]. The Court emphasises that provisions on data access must fall within the scope of the Directive as data is only retained for the purpose of access to it by competent national authorities and thus national data retention legislation ‘necessarily entails, in principle, the existence of provisions relating to access by the competent national authorities to the data retained’ [79]. The Court also noted that the Directive requires providers to establish internal procedures for responding to requests for access based on the relevant provisions of national law [80].

The compatibility of ‘general and indiscriminate’ data retention with EU law

The Court then moved on to consider the most important substantive point in the judgment: the compatibility of ‘general and indiscriminate’ data retention with the relevant provisions of EU law. It began by recalling that the E-Privacy Directive’s overarching aim is to offer users of electronic communications services protection against the risks to fundamental rights brought about by technological advances [83]. It emphasised, in particular, the general principle of confidentiality of communications in Article 5(1) of the Directive and the related safeguards for traffic data and location data (in Articles 6 and 9 respectively), [85-87]. While the Court acknowledged that Article 15(1) of the Directive allows for exceptions to these principles by restricting their scope, it held that this provision must be interpreted strictly. It clearly stated that Article 15(1) cannot permit the exception to the Directive’s confidentiality obligation to become the rule, as this would render the confidentiality obligation meaningless [89].

The Court also emphasised that according to Article 15(1)’s wording it must be interpreted in light of general principles of EU law, thus including the fundamental rights in the EU Charter [91]. The Court noted, with reference to its previous case-law, the importance of the fundamental rights engaged in the current context, namely the right to privacy (Article 7), the right to data protection (Article 8) and the right to freedom of expression (Article 11) ([92]-[93]). The limitations on the exercise of these Charter rights are echoed in the E-Privacy Directive, recital 11 of which states that measures derogating from its principles must be ‘strictly’ proportionate to the intended purpose, while Article 15(1) itself specifies that data retention should be ‘justified’ by reference to one of the  objectives stated in Article 15(1) and be for a ‘limited period’ [95]. In considering whether national legislation complies with these requirements of strict necessity, the Court observed that ‘the legislation provides for a general and indiscriminate retention of all traffic and location data of all subscribers and registered users relating to all means of electronic communication’ and that the retention obligation on providers is ‘to retain the data systematically and continuously, with no exceptions’ [97].

Having established the scope of the retention obligation, the Court emphasised the revealing nature of this data and recalled its finding in DRI that the data ‘taken as a whole, is liable to allow very precise conclusions to be drawn concerning the private lives of the persons whose data has been retained’ [98]. The Court also stated that the data provides the means of profiling the individual concerned and – importantly – that the information is ‘no less sensitive having regard to the right to privacy, than the actual content of the communications’ [99]. The Court held that general and indiscriminate data retention legislation entailed a particularly serious interference with the rights to privacy and data protection and that the user concerned is, as a result, likely to feel that their private lives are the subject of constant surveillance [100]. It could also, according to the Court, affect the use of means of electronic communication and thus the exercise by users of their freedom of expression [101]. The Court therefore held that only the objective of fighting serious crime could justify national data retention legislation [102].

While the Court acknowledged that the fight against serious crime may depend on modern investigative techniques for its effectiveness, this objective cannot in itself justify the finding that general and indiscriminate data retention legislation is necessary for this fight against crime [103]. It noted in particular that such legislation applies to persons for whom ‘there is no evidence capable of suggesting that their conduct might have a link, even an indirect or remote one, with serious criminal offences’ and that no exception is made for those whose communications are subject to professional secrecy [106]. As a result of these failings, the Court held that the national legislation exceeds the limits of what is strictly necessary and cannot be considered justified under Article 15(1), read in light of the Charter [107].

The Court did not go so far as to deem all data retention unlawful however. It highlighted that Article 15(1) does not prevent a Member State from introducing legislation that would facilitate targeted retention of traffic and location data for the preventive purpose of fighting serious crime. Such legislation must however be limited to what is strictly necessary in terms of the categories of data retained; the means of communication affected, the persons and the period of time concerned [108]. In particular, such legislation should indicate ‘in what circumstances and under which conditions’ a data retention measure could be adopted as a preventive measure [109]. The Court also emphasised that while the precise contours may vary, data retention should meet objective criteria that establish a connection between the data to be retained and the objective pursued [110]. The national legislation must therefore be evidence-based: this objective evidence should make it possible to ‘identify a public whose data is likely to reveal a link, at least an indirect one, with serious criminal offences’ [111].

Mandatory Requirements of DRI?

Having established the incompatibility of generalised data retention legislation with EU law, the Court then went on to consider whether EU law precludes national data retention and access legislation if that legislation:

  • does not restrict access solely to the objective of fighting serious crime;
  • does not require access to be subject to prior review by a court or independent body
  • and, if it does not require that the data should be retained within the EU [114].

The Court reiterated an early finding that access to retained data must be for one of the exhaustive objectives identified in Article 15(1) of the E-Privacy Directive, and that only the objective of fighting serious crime would justify access to retained data [115]. Such legislation must also set out clear and precise rules indicating when and how competent national authorities should be granted access to such data [117]. The Court also held that national legislation must set out the substantive and procedural conditions governing access based on objective criteria [118-119]. Such access can, ‘as a general rule’ be granted only ‘to the data of individuals suspected of planning, committing or having committed a serious crime or of being implicated in one way or another in such a crime’ [119]. Access to the data of others might exceptionally be granted where, for instance, vital national interests are threatened by terrorist activities, if there is objective evidence to reflect the effective contribution access to such data could make [119]. As a result, access to retained data should, with the exception of cases of validly established urgency, be subject to a prior review by a court or an independent administrative authority at the request of the competent national authorities [120]. These competent national authorities must also notify the persons affected by the data access, under the applicable national procedures, as soon as such notification no longer jeopardises the investigations. The Court highlighted that such notice is necessary to enable these individuals to exercise their right to a legal remedy pursuant to the Directive and EU data protection law [121].

On the issue of data security, the Court held that Article 15(1) does not allow Member States to derogate from the Directive’s data security provisions, which require providers to take appropriate technical and organisational measures to ensure the effective protection of retained data. The Court held that a particularly high level of data security was appropriate given the quantity and nature of the data retained and the riskiness of this operation. It therefore held that the national legislation must provide for the data to be retained within the EU, and for the irreversible destruction of the data at the end of the data retention period [122]. Member States must also ensure that an independent authority reviews compliance with EU law, as such independent control of data protection compliance is an essential element of the right to data protection set out in Article 8(3) Charter. The Court emphasised the link between such independent supervision and the availability of a legal remedy for data subjects [123]. The Court therefore concluded that national legislation that did not comply with these conditions would be precluded pursuant to Article 15(1) as read in light of the Charter [125]. However, it was for the relevant national courts to examine whether such conditions were satisfied in the present case [124].

Finally, in relation to the UK Court of Appeal’s query regarding the relationship between the EU Charter rights to data protection and privacy and Article 8 ECHR, the Court held that the answer to this question would not affect the interpretation of the E-Privacy Directive and thus matter in these proceedings [131]. It recalled its settled case-law that the preliminary reference procedure serves the purpose of effectively resolving EU law disputes rather than providing advisory opinions or answering hypothetical questions [130]. This did not however prevent it from offering a sneak preview of its thinking on this matter. It emphasised that, while the EU has not acceded to the ECHR, the ECHR does not constitute a formally incorporated element of EU law. It did however note that Article 52(3) seeks to ensure consistency between the Charter and the ECHR without adversely affecting the autonomy of EU law. EU law is not therefore precluded from providing more extensive protection than the ECHR. The Court added that Article 8 of the Charter concerns a fundamental right which is distinct from that enshrined in Article 7 and which has no equivalent in the ECHR. Therefore, while the Court did not answer the question of which offered a wider scope of protection, it did confirm the distinctiveness of these two rights.

Comment

The Tele2 judgment represents a rupture with the past in one very significant way: the Court, for the first time, unequivocally states that blanket data retention measures are incompatible with EU law, read in light of the Charter. This radical finding is likely to receive a mixed reaction. For instance, in the UK some will lament that this judgment comes too late to have influenced the passage into law of the UK’s new data retention legislation, the Investigatory Powers Act, 2016. This legislation – which allows for bulk interception and hacking, amongst other things – should now be found to be incompatible with EU law, with all of the post-Brexit implications for ‘adequacy’ this may entail (also here). Others, such as the UK’s Independent Reviewer of Terrorism Legislation – David Anderson QC – have expressed regret. Anderson QC suggests that:

‘Precisely because suspects are often not known in advance, data retention which is not universal in its scope is bound to be less effective as a crime reduction measure.  In addition, a person whose data has not been retained cannot be exonerated by use of that data (e.g. by using location data to show that the person was elsewhere).’

The Advocate General (here; and commentary here) had similarly noted that data retention could help competent authorities ‘examine the past’ [AG, 178]. He had refused to declare general retention measures per se unlawful, preferring instead to assess the compatibility of data retention legislation against strict proportionality requirements [AG, 116]. His approach could therefore be said to be more nuanced and systematic than that of the Court. While examining proportionality stricto sensu he concluded that it would be for national courts to weigh the benefit of ‘examining the past’ with the potential it would provide for authorities to abuse this power by using metadata to catalogue entire populations, noting that evidence of abuses had been put before the Court [AG, 259-260]. This evidence before the Court might help to refute the critique that the Court should have focused on the actual harm of communications metadata retention ‘and sought to avoid assertions based on theory or informal predictions of popular feeling’.

Blanket retention was not the only important point on which the Court and the Advocate General departed. The Advocate General explicitly claimed that DRI set out mandatory requirements [AG, 221] while the Court did not. The Advocate General was also more stringent than the Court by requiring that data is retained in the relevant Member State [AG, 241] while the Court opted for the marginally more realistic requirement that data is retained in the EU. The Advocate General did not, however, consider Article 15(1) a derogation to the E-Privacy Directive (and therefore not a provision that required strict interpretation). The Court did not however engage with his elaborate reasoning on this point [AG, 106-115]. The Court did however confirm that competent national authorities must notify persons affected by data access as soon as such notification no longer jeopardises the investigation [121]. This significant procedural right is likely to play an important role in acting as a check on abusive access requests.

Perhaps the only fly in the ointment for the digital rights groups that intervened before the Court is the Court’s seemingly uncritical endorsement of geographic and group profiling. It does this when it emphasises that there should be relationship between the data retained and the threat, for instance when the data pertains to a ‘geographic area’ [108]. The ethical and social issues such profiling may entail would require further consideration. The Court appears to recognise this by suggesting that such profiling would need to be strictly evidence-based ([111]). Should generalised retention measures be replaced by ad hoc location-based retention measures, the legality of the latter would itself be the subject of much controversy.

Verfassungsblog :The Hungarian Constitutional Court and Constitutional Identity

 ORIGINAL PUBLISHED HERE

by 

  1. Independently from this procedure, the Hungarian government, right after its Slovakian counterparts’ submission also challenged the quota decision before the European Court of Justice. This procedure is still pending, but the ECJ in its decision won’t take into account neither the text of the Hungarian constitution, nor the domestically binding interpretation of it by the Constitutional Court.
  2. Case C-208/09, Sayn-Wittgenstein, para 86.
  3. See for instance Case C-135/08, Janko Rottmann (2009) OJ C 113, 1.5.2010.
  4. See these matters mentioned in P. Faraguna, ’Taking Constitutional Identities Away from the Courts’, Brook. J. Int’l L. Vol. 41:2. 2016. 491, at 506-508.
  5. In May 2015, a few days after many hundreds of refugees have drowned in the Mediterranean Viktor Orbán announced that ‘We need no refugees’.
  6.  Some critics of the historical constitution even raise the possibility that the Court might consider the Hungarian Jewish laws, first of such acts in Europe outside of Germany, as part of it.
  7.  See I. Császár, B. Majtényi, ’Hungary: The Historic Constitution as the Place of Memory’, M. Suksi, K. Agapiou-Josephides, J-P. Lehners, M. Nowak (eds.) First Fundamental Rights Documents in Europe, Cambridge: Intersentia, 2015. 57-69.

 

THE POWER TO CONCLUDE THE EU’S NEW GENERATION OF FTA’S: AG SHARPSTON IN OPINION 2/15

ORIGINAL PUBLISHED ON EUROPEAN LAW BLOG 

By Laurens Ankersmit

To say that the EU’s new generation of trade agreements (such as CETA and TTIP) is politically controversial is becoming somewhat of an understatement. These free trade agreements (FTA), going beyond mere tariff reduction and facilitating hyperglobalization, have faced widespread criticism from civil society, trade unions, and academics. It may come as no surprise therefore that the legal issue over who is competent to conclude such agreements (the EU alone, or the EU together with the Member States) has received considerable public attention, ensuring that the Advocate General Sharpston’s response to the Commission’s request for an Opinion (Opinion 2/15) on the conclusion of the EU-Singapore FTA (EUSFTA)  has made the headlines of several European newspapers.

The Opinion of Advocate General Sharpston in Opinion 2/15, delivered on 21 December, is partly sympathetic to the Commission’s arguments on EU powers, but ultimately refutes the most outlandish of the Commission’s claims to EU power vis-à-vis that of its constituent Member States. The Opinion is of exceptional length (570 paragraphs, to my knowledge the longest Opinion ever written), and contains an elaborate discussion on the nature of the division of powers between the EU and the Member States and detailed reasoning on specific aspects of the EUSFTA such as transport services, investment protection, procurement, sustainable development, and dispute settlement.

Given the breadth of the AG’s conclusions, the aim of this post is to discuss the Opinion only in relation to investment protection and to reflect upon some of the consequences for the Commission’s investment policy, perhaps the most controversial aspect of this new generation of trade agreements.

A short history of the EU’s powers in the field of investment protection

The EU’s powers in the field of investment are relatively new. Only with the Treaty of Lisbon did the scope of the common commercial policy (CCP) extend to cover ‘foreign direct investment’ (FDI), thereby putting at least part of current international investment policies within EU exclusive competence. The history of the inclusion and decades long push by the Commission to extend the EU’s trade policy to cover investment is quite interesting (see this excellent and informative contribution by Robert Basedow).

From the 1970s onwards, the Commission’s push for extending the EU’s trade powers to cover investment met with resistance from the Member States. However, in the context of the Iraq war and the constitutional momentum of the Laeken convention, delegates of the convention focussed on the reform of EU foreign policy and ignored the proposed addition of FDI to the CCP by Irish liberal-conservative MP John Bruton (Bruton was shortly thereafter appointed EU ambassador to the United States). During the subsequent Intergovernmental Conference (IGC), Member States chose not to spend their political capital on the ‘technical issue’ of FDI.

As a result, the Commission was able to claim a major victory with the entry into force of the Lisbon Treaty with the extension of EU trade powers to foreign direct investment. A direct consequence of this addition was that the EU now needed to be formally involved in the negotiation and conclusion of investment agreements covering foreign direct investment. This triggered the Commission’s investment policy which resulted in the inclusion of investment protection chapters in agreements such as the EUSFTA and CETA.

Leading up to the conclusion of the first new generation of trade agreements, the Commission decided it did not get enough with its extensive foot in the door in international investment policy and claimed the entirety of these investment chapters as EU-only in its request for an Opinion. As a result, the ECJ will now be required to interpret the term ‘foreign direct investment’ for the first time and clarify whether the EU’s powers in the area of portfolio investment (as opposed to foreign direct investment) also fall within the EU’s (implied) exclusive powers.

The AG’s Opinion

The nuanced Opinion of the Advocate General is certainly sympathetic to some of the Commission’s arguments, but rejects the Commission’s proposition that the EU has exclusive competence over all matters related to investment protection in the EUSFTA. I will discuss the three main issues discussed, namely:

  • The meaning and scope of ‘foreign direct investment’ in Article 207 TFEU;
  • The issue of portfolio investments as an implied exclusive power;
  • Termination of prior bilateral investment agreements by the EU.

The meaning and scope of ‘foreign direct investment’ in Article 207 TFEU

On the first issue, the Advocate General had to give meaning to the term ‘foreign direct investment’ in article 207 TFEU that has not yet been interpreted by the ECJ. The Advocate General took a contextual approach to the meaning of FDI, using the concept of ‘direct investment’ in the case-law of the ECJ in interpreting the free movement of capital provisions and OECD, IMF, and UNCTAD definitions. Accordingly, foreign direct investment is to be understood as a foreign investment ‘which serve[s] to establish or maintain lasting and direct links, in the form of effective participation in the company’s management and control, between the person providing the investment and the company to which that investment is made available in order to carry out an economic activity.’ (para. 322) The Advocate General subsequently suggested a threshold of at least 10% of the voting power as ‘evidentiary guidance’ of effective participation in the company’s management and control.

In relation to the scope of Article 207 TFEU and ‘foreign direct investment’, the AG, siding with the Commission, found that the term also covered issues that regulated the ‘post[-]establishment’ phase of investment and not merely market access of foreign direct investment.  Applying the Daichi Sankyo-test, the AG concluded that the CCP ‘covers the regulation of the protection of foreign direct investment in so far as the availability of that protection has a direct and immediate effect on whether to carry out the foreign direct investment and on the enjoyment of the benefits of that investment.’ (paras 323-336) The regulation of the post-establishment phase could not be excluded because the effectiveness of rules permitting market access of investment could be subsequently undermined if there was regulation of the post-establishment phase.

The issue of portfolio investments as an implied (exclusive) power

After having sided with the Commission, the Advocate General nonetheless rejected the Commission’s arguments in relation to portfolio investments. The Commission did not argue that portfolio investments came within the scope of Article 207 TFEU, but came up with a rather adventurous interpretation of Article 3 (2) TFEU. That article codifies the ECJ’s case-law on implied exclusive treaty-making powers, and in particular the AETR doctrine which establishes such competence if the conclusion of the agreement in question ‘may affect common rules or alter their scope’. It is commonly understood that the reference to ‘common rules’ refers to EU secondary legislation, but in the absence of any common rules in the area of portfolio investment, the Commission argued that the Treaty rules on the free movement of capital themselves could also be considered ‘common rules’ in the sense of Article 3 (2) TFEU.

The Advocate General rejected this interpretation, inter alia, because this would risk leading to exclusive competences of the EU merely because of the existence of Treaty provisions. For the AG, Article 3 (2) TFEU lays down additional grounds for EU exclusive competence other than the express exclusive powers in Article 3 (1) TFEU and therefore that ‘competence must […] stem from some other basis than the Treaties themselves’ (para. 353). Indeed, one may wonder why the Treaty drafters would have not explicitly granted the EU exclusive treaty-making powers in the field of free movement of capital if the Commission’s reasoning would be followed.

Moreover, as the AG pointed out, this would amount to allowing the EU to change the Treaties via the conclusion of an international agreement. For the AG, the purpose of Article 3 (2) cannot be to entitle the EU ‘to “affect” rules of primary EU law or to ”alter their scope” by concluding an international agreement. […] Primary law can be changed only by amending the Treaties in accordance with Article 48 TEU.’ (para. 354).

Lastly, however, the Advocate General accepted the existence of implied shared powers between the EU and the Member States in the field of portfolio investment on the basis of the free movement of capital provisions (paras. 363-370, again siding with the Commission). She based her finding on the fact that this was necessary to achieve one of the objectives of the Treaties (second ground in article 216 (1) TFEU). For the AG, it was not necessary that the EU was competent to adopt secondary legislation, but it was sufficient that the issue fell within the scope of EU law (which according to the AG it did because of Article 63 TFEU).

I am personally a bit puzzled by this finding. In my opinion, the competence to adopt secondary legislation is a prerequisite, not least in order to determine the appropriate procedure to be followed for the adoption of an international agreement (see article 218 (6-8) TFEU). After all, the doctrine of implied powers rests on the proposition that the implied powers derive from a legal basis permitting the adoption of rules without explicitly mentioning international agreements. In that sense, only article 352 TFEU would potentially be a conceivable legal basis. Article 64 (2) TFEU, for instance, provides that the EU may adopt measures ‘on the movement of capital to or from third countries involving direct investment – including investment in real estate – establishment, the provision of financial services or the admission of securities to capital markets.’ Article 64 (2) TFEU therefore relates to direct investment, not portfolio investment. While article 64 (2) TFEU covers financial services and securities to capital markets and thus may relate to portfolio investment, it does not cover all portfolio investments.

Termination of prior bilateral investment agreements by the EU

The third and last issue the Advocate General addressed was the question whether the EU has the power to terminate prior Member State investment agreements with Singapore. At first glance, this question may seem a bit absurd, as the Member States and not the EU have concluded these agreements. However, the Commission had argued that such competence exists on the basis of the EU law theory of succession, according to which the EU assumes the responsibilities of the Member States for international agreements concluded by them that now fall entirely within the exclusive competence of the EU. Of course, the ECJ would only be faced with this question if it indeed follows the arguably stretched argumentation of the Commission on implied exclusive powers in the first place.

The Advocate General held that only the Member States had such powers to terminate prior BITs and that accordingly the EUSFTA should be a mixed agreement. Her argument is based on both EU and international law. In relation to EU law, Article 351 TFEU requires Member States to take all appropriate measures to eliminate any incompatibilities between pre-accession agreements (eg the Poland-Singapore 1993 BIT) and the Treaties. For the AG, Article 351 TFEU confirms that Member States remain party to such agreements and bear the responsibility for eliminating any incompatibilities. (paras. 378-389) In relation to international law, the AG could not find any legal argument that would suggest that the EU automatically succeeds to an international agreement concluded by the Member States. (paras. 391-398)

Comments

If the Advocate General’s Opinion is followed by the ECJ, the powers to conclude agreements covering investment are for all intents and purposes shared between the EU and the Member States. This may be to the dismay of proponents of agreements such as TTIP and CETA who would like to see a ‘swift’ ratification process, but one may wonder whether pushing through such controversial agreements at EU level is politically desirable for the EU in the first place. In any event, it seems plain that the issue of mixity should be guided by the constitutional principle of conferral and not by political expediency in the eyes of the proponents of such trade deals.

A final issue that is worth noting is the Advocate General’s comments on the compatibility of Investor-State Dispute Settlement (ISDS) in the EUSFTA with the Treaties. As I mentioned before, the Commission did not ask the ECJ to resolve this question in addition to the competence question, despite the fact that it requested this Opinion after the Court delivered its Opinion 2/13 on the draft accession agreement to the ECHR. This may suggest that the Commission’s request was borne out of political expediency seeking to expand its powers only and avoiding any legal issues that may constrain its powers. Astonishingly, however, the Commission seems to be turning the issue on its head. In his comments before the European Parliament, the Commission’s chief CETA negotiator Mauro Pettriccione’s suggests that if the ECJ does not object to ISDS in Opinion 2/15, we can assume that the ECJ considers the mechanism compatible with the Treaties (see at 12:30:30).

Advocate General Sharpston, however, was pretty clear on this issue (para. 85):

It is also important to bear in mind that the Commission’s request does not concern the material compatibility of (any part of) the EUSFTA with the Treaties. Thus, the Court is not asked to consider, for example, the compatibility of an ISDS mechanism with the Treaties. That type of dispute resolution appears not only in the EUSFTA but also in other trade and investment agreements currently negotiated or in the course of negotiation by the European Union. In the present proceedings, the issue as regards the ISDS mechanism (and other forms of dispute resolution for which the EUSFTA provides) is only the question ‘who may decide’. My analysis in this Opinion is therefore without prejudice to such issues (if any) as there may be concerning the material compatibility of the EUSFTA, including the provisions regarding the ISDS mechanism, with the Treaties.

The Commission seems all to willing to have its cake and eating it. Nonetheless, the Court’s views in this Opinion could have implications for a future request for an Opinion on the compatibility of ICS in CETA or any other FTA. If the Court takes an even wider view than the Advocate General on EU competence, this may facilitate the conclusion of agreements such as CETA as ‘EU-only’. This in turn will sideline Member States ability to make a request for an Opinion, not least because a swift ratification will ensure that the Court can no longer express itself on the issue.

Data retention and national law: the ECJ ruling in Joined Cases C-203/15 and C-698/15 Tele2 and Watson (Grand Chamber)

ORIGINAL PUBLISHED ON EU LAW ANALYSIS

Lorna Woods, Professor of Internet Law, University of Essex

Introduction

Today’s judgment in these important cases concerns the acceptability from a human rights perspective of national data retention legislation maintained even after the striking down of the Data Retention Directive in Digital Rights Ireland (Case C-293/12 and 594/12) (“DRI”) for being a disproportionate interference with the rights contained in Articles 7 and 8 EU Charter of Fundamental Rights (EUCFR).  While situated in the context of the Privacy and Electronic Communications Directive (Directive 2002/58), the judgment sets down principles regarding the interpretation of Articles 7 and 8 EUCFR which will be applicable generally within the scope of EU law. It also has possible implications for the UK’s post-Brexit relationship with the EU.

Background and Facts

The Privacy and Electronic Communications Directive requires the confidentiality of communications, including the data about communications to be ensured through national law. As an exception it permits, under Article 15, Member States to take measures for certain public interest objectives such as the fight against terrorism and crime, which include requiring public electronic communications service providers to retain data about communications activity. Member States took very different approaches, which led to the enactment of the Data Retention Directive (Directive 2006/24) within the space for Member State action envisaged by Article 15.  With that directive struck down, Article 15 remained the governing provision for exceptions to communications confidentiality within the field harmonised by the Privacy and Electronic Communications Directive.  This left questions as to what action in respect of requiring the retention of data could be permissible under Article 15, as understood in the light of the EUCFR.

The cases in today’s judgment derive from two separate national regimes. The first, concerning Tele2, arose when – following the DRI judgment – Tele2 proposed to stop retaining the data specified under Swedish implementing legislation in relation to the Data Retention Directive. The second arose from a challenge to the Data Retention and Investigatory Powers Act 2014 (DRIPA) which had been enacted to provide a legal basis in the UK for data retention when the domestic regime implementing the Data Retention Directive fell as a consequence of the invalidity of that directive.  Both sets of questions referred essentially asked about the impact of the DRI reasoning on national regimes, and whether Articles 7 and 8 EUCFR constrained the States’ regimes.

The Advocate General handed down an opinion in July (noted here) in which he opined that while mass retention of data may be possible, it would only be so when adequate safeguards were in place.  In both instances, the conditions – in particular those identified in DRI – were not satisfied.

Judgment

Scope of EU Law

A preliminary question is whether the data retention, or the access of such data by police and security authorities, falls within EU law.  While the Privacy and Electronic Communications Directive regulated the behaviour of communications providers generally, Article 1(3) of that Directive specifies that matters covered by Titles V and VI of the TEU at that time (e.g. public security, defence, State security) fall outside the scope of the directive, which the Court described as relating to “activities of the State” . Further Article 15(1) permits the State to take some measures resulting in the infringement of the principle of confidentiality found in Art 5(1) which again “concern activities characteristic of States or State authorities, and are unrelated to fields in which individuals are active” [para 72]. While there seems to be overlap between Article 1(3) and Article 15(1), this does not mean that matters permitted on the basis of Article 15(1) fall outside the scope of the directive as “otherwise that provision would be deprived of any purpose” [para 73].

In the course of submissions to the Court, a distinction was made between the retention of data (by the communications providers) and access to the data (by police and security services).  Accepting this distinction would allow a line to be drawn between the two, with retention as an activity of the commercial operator regulated by the Privacy and Electronic Communications Directive within its scope and the access, as an activity of the State lying outside it. The Court rejected this analysis and held that both retention and access lay within the field of the Privacy and Electronic Communications Directive [para 76]. It argued that Article 5(1) guarantees confidentiality of communications from the activities of third parties whether they be private actors or state authorities. Moreover, the effect of the national legislation is to require the communications providers to give access to the state authorities which in itself is an act of processing regulated by the Privacy and Electronic Communications Directive [para 78]. The Court also noted that the sole purpose of the retention is to be able to give such access.

Interpretation of Article 15(1)

The Court noted that the aim of the Privacy and Electronic Communications Directive is to ensure a high level of protection for data protection and privacy. Article 5(1) established the principle of confidentiality and that “as a general rule, any person other than the user is prohibited from storing, without the consent of the users concerned, the traffic data”, subject only to technical necessity and the terms of Article 15(1) (citing Promusicae) [para 85].  This requirement of confidentiality is backed up by the obligations in Article 6 and 9 specifically dealing with restrictions on the use of traffic and location data. Moreover, Recital 30 points to the need for data minimisation in this regard [para 87]. So, while Article 15(1) permits exceptions, they must be interpreted strictly so that the exception does not displace the rule; otherwise the rule would be “rendered largely meaningless” [para 89].

As a result of this general orientation, the Court held that Member States may only adopt measures for the purposes listed in the first sentence of Article 15(1) and those measures must comply with the requirements of the EUCFR.  The Court, citing DRI (at paras 25 and 70), noted that in addition to Articles 7 and 8 EUCFR, Article 11 EUCFR – protecting freedom of expression – was also in issue. The Court noted the need for such measures to be necessary and proportionate and highlighted that Article 15 provided further detail in the context of communications whilst Recital 11 to the Privacy and Electronic Communications Directive requires measures to be “strictly proportionate” [para 95].

The Court then considered these principles in the light of the reference in Tele2 at paras 97 et seq of its judgment. Approving expressly the approach of the Advocate General on this point, it  underlined that communications “data, taken as a whole, is liable to allow very precise conclusions to be drawn concerning the private lives of the persons whose data has been retained” and that such data is no less sensitive that content [para 99]. The interference in the view of the Court was serious and far-reaching in relation to Articles 7, 8 and 11.  While Article 15 identifies combatting crime as a legitimate objective, the Court – citing DRI – limited this so that only the fight against serious crime could be capable of justifying such intrusion.  Even the fight against terrorism “cannot in itself justify that national legislation providing for the general and indiscriminate retention of all traffic and location data should be considered necessary” [para 103].  The Court stressed that the regime provides for “no differentiation, limitation or exception according to objectives pursued” [para 105].  The Court did confirm that some measures would be permissible:

… Article 15(1) of Directive 2002/58, read in the light of Articles 7, 8 and 11 and Article 52(1) of the Charter, does not prevent a Member State from adopting legislation permitting, as a preventive measure, the targeted retention of traffic and location data, for the purpose of fighting serious crime, provided that the retention of data is limited, with respect to the categories of data to be retained, the means of communication affected, the persons concerned and the retention period adopted, to what is strictly necessary. [para 108]

It then set down some relevant conditions:

Clear and precise rules “governing the scope and application of such a data retention measure and imposing minimum safeguards, so that the persons whose data has been retained have sufficient guarantees of the effective protection of their personal data against the risk of misuse” [para 109].

while “conditions may vary according to the nature of the measures taken for the purposes of prevention, investigation, detection and prosecution of serious crime, the retention of data must continue nonetheless to meet objective criteria, that establish a connection between the data to be retained and the objective pursued” [110].

The Court then emphasised that there should be objective evidence supporting the public whose data is to be collected on the basis that it is likely to reveal a link, even an indirect one, with serious criminal offences, and thereby contribute in one way or another to fighting serious crime or to preventing a serious risk to public security. The Court accepted that geographical factors could be one such ground, on the basis that “that there exists, in one or more geographical areas, a high risk of preparation for or commission of such offences” [para 111].

Conversely,

…Article 15(1) of Directive 2002/58, read in the light of Articles 7, 8 and 11 and Article 52(1) of the Charter, must be interpreted as precluding national legislation which, for the purpose of fighting crime, provides for the general and indiscriminate retention of all traffic and location data of all subscribers and registered users relating to all means of electronic communication [para 112].

Acceptability of legislation where (1) the measure is not limited to serious crime; (2) where there is no prior review; and (3) where there is no requirement that the data stays in the EU.

This next section deals with the first question referred in the Watson case, as well as the Tele 2 reference.

As regards the first point, the answer following the Court’s approach at paragraphs 90 and 102 is clear: only measures justified by reference to serious crime would be justifiable.  As regards the second element, the Court noted that it is for national law to law conditions of access so as to ensure that the measure does not exceed what is strictly necessary.  The conditions must be clear and legally binding. The Court argued that since general access could not be considered strictly necessary, national legislation must set out by reference to objective criteria the circumstances in which access would be permissible.  Referring to the European Court of Human Rights (ECtHR) judgment in Zakharov, the Court specified:

access can, as a general rule, be granted, in relation to the objective of fighting crime, only to the data of individuals suspected of planning, committing or having committed a serious crime or of being implicated in one way or another in such a crime [para 119].

It then distinguished the general fight against crime from the fight against terrorism to suggest that in the latter case:

access to the data of other persons might also be granted where there is objective evidence from which it can be deduced that that data might, in a specific case, make an effective contribution to combating such activities [para 119].

The conditions set down must be respected. The Court therefore held that, save in cases of genuine emergency, prior review by an independent body must be carried out on the basis of a reasoned request by the investigating bodies. In making this point, the Court referred to the ECtHR judgment in Szabó and Vissy v. Hungary, as well as its own previous ruling in DRI. Furthermore, once there was no danger to the investigation by so doing, individuals affected should be notified, so as to those affected people the possibility to exercise their right to a remedy as specified in Article 15(2) read with Article 22 of the Data Protection Directive (Directive 95/46).

Article 15(1) permits derogation only in relation to specified provisions in the directive; it does not permit derogation with regard to the security obligations contained in Article 4(1) and 4(1a). the Court noted the quantity of data as well as its sensitivity to suggest that a high level of security measures would be required on the part of the electronic communications providers. Following this, the Court then stated:

…, the national legislation must make provision for the data to be retained within the European Union and for the irreversible destruction of the data at the end of the data retention period (see, by analogy, in relation to Directive 2006/24, the Digital Rights judgment, paragraphs 66 to 68) [para 122].

The Court noted that as a separate obligation from the approval of access to data, that States should ensure that independent review of compliance with the required regulatory framework was carried out by an independent body. In the view of the Court, this followed from Article 8(3) EUCFR. This is an essential element of individuals’ ability to make claims in respect of infringements of their data protection rights, as noted previously in DRI and Schrems.

The Court then summarised the outcome of this reasoning, that Article 15 and the EUCFR:

must be interpreted as precluding national legislation governing the protection and security of traffic and location data and, in particular, access of the competent national authorities to the retained data, where the objective pursued by that access, in the context of fighting crime, is not restricted solely to fighting serious crime, where access is not subject to prior review by a court or an independent administrative authority, and where there is no requirement that the data concerned should be retained within the European Union. [para 125]

Relationship between the EUCFR, EU law and the ECHR

The English Court of Appeal had referred a question about the impact of the ECHR on the scope of the EUCFR in the light of Article 52 EUCFR. While the Court declared the question inadmissible, it –like the Advocate General – took the time to point out that the ECHR is not part of EU law, so the key issue is the scope of the EUCFR; and in any event Article 52(3) does not preclude Union law from providing protection that is more extensive than the ECHR. As a further point, the Court added that Article 8 EUCFR, which provides a separate right to data protection, does not have an exact equivalent in the ECHR and that there is therefore a difference between the two regimes.

Comment

Given the trend of recent case law, the outcome in this case is not surprising.  There are some points that are worth emphasising.

The first relates to the scope of EU law, which is a threshold barrier to any claim based on the EUCFR.  The Advocate General seemed prepared to accept a distinction between the retention of data and the access thereto (although conditions relating to the latter could bear on the proportionality of the former).  The Court took a different approach and held that the access also fell within the scope of the Directive/EU law, because the national regime imposed an obligation on the communications service provider to provide access to the relevant authorities. Given this was an obligation on the service provider, it fell within the regulatory schema.  This approach thus avoids the slightly unconvincing reasoning which the Advocate General adopted.  It also possibly enlarges the scope of EU law.

In general terms, the Court’s reasoning looks at certain provisions of the Privacy and Electronic Communications Directive.  While the reasoning is set in that context, it does not mean that the Court’s interpretation of the requirements deriving from the EUCFR is limited only to this set of surveillance measures.  The rules of interpretation of particularly Articles 7 and 8 could apply more generally – perhaps to PNR data (another form of mass surveillance) – and beyond.  It is also worth noting that according to a leaked Commission document, it is proposed to extend the scope of the Privacy and Electronic Communications Directive to other communications service providers not currently regulated by the directive, but who may be subject to some data retention requirements already.

Whilst the Court makes the point that Articles 7 and 8 EUCFR are separate and different, and that data retention implicates also Article 11 EUCFR, in its analysis of the impact of national measures providing for retention it does not deal with Articles 7 and 8 separately (contrast DRI where a limited consideration was given to this). Having flagged Article 11 EUCFR, it takes that analysis no further.  This is the leaves questions as to the scope of the rights, and particularly how Article 11 issues play out.

Note that the Court does not state that data retention itself is impermissible; indeed, it specifies circumstances when data retention would be acceptable. It challenges the compatibility of mass data retention with Articles 7 and 8 EUCFR, however, even in the context of the fight against terrorism.  In this, it is arguable that the Court has taken a tougher stance than its Advocate General on this point of principle.  In this we see a mirror of the approach in DRI, when the Court took a different approach to its Advocate General.  In that case too, the Advocate General focussed on safeguards and the quality of law, as has the Advocate General here. For the Court here, differentiation – between people and between types of offences and threats – based on objective, evidenced grounds is central to showing that national measures are proportionate and no more than – in the terms of the directive – strictly necessary. This seems to go close to disagreeing with the Opinion of the Advocate General that in DRI, the Court ‘did not, however, hold that that absence of differentiation meant that such obligations, in themselves, went beyond what was strictly necessary’ (Opinion, para 199). The Advocate General used this point to argue that DRI did not suggest that mass surveillance was per se unlawful (see Opinion, para 205). Certainly, in neither case did the Court expressly hold that mass surveillance was per so unlawful, so the question still remains. What is clear, however, is that the Court supports the retention of data following justified suspicion – even perhaps generalised suspicion – rather than using the analysis of retained data to justify suspicion.

In its reasoning, the Court did not –unlike the Advocate General – specifically make a ruling on whether or not the safeguards set down in DRI, paras 60-68, should be seen as mandatory – in effect creating a 6 point check list. Nonetheless, it repeatedly cited DRI approvingly. Within this framework, it highlighted specific aspects – such as the need for prior approval; the need for security and control over data; a prohibition on transferring data outside the EU; the need for subjects to be able to exercise their right to a remedy. Some of these points will be difficult to reconcile with the current regime in the United Kingdom regarding communications data.

It did not, however, touch on acceptable periods for retention (even though it – like its Advocate General – referred to Zakharov). More generally, the Court’s analysis – by comparison with that of the Advocate General – was less detailed and structured, particularly about the meaning of necessity and proportionality. It did not directly address the points the Advocate General made about lawfulness, with specific reference to reliance on codes (an essential feature of the UK arrangements); it did in passing note that the conditions for access to data should be binding within the domestic legal system. Is this implicit agreement with the Advocate General on this point? It certainly agreed with him that the seriousness of the interference meant that data retention of communications data should be restricted to ‘serious crime’ and not just any crime.

One final issue relates to the judicial relationship between Strasbourg and Luxembourg.  Despite emphasising that the ECHR is not part of EU law, the Court relies on two recent cases from the ECtHR, perhaps seeking to emphasis the consistency in this area between the two courts – or perhaps seeking to put pressure on Strasbourg to hold the line as it faces a number of state surveillance cases on its own docket, many against the UK. The position of Strasbourg is significant for the UK. While many assume that the UK will maintain the GDPR after Brexit in the interests of ensuring equivalence, it could be that the EUCFR will no longer be applicable in the UK post-Brexit. For UK citizens, the ECHR then is the only route to challenge state intrusion into privacy. For those in the EU, data transfers to the UK post-Brexit could be challenged on the basis that the UK’s law is not sufficiently adequate compared to EU standards. Today’s ruling – and the UK’s response to it, if any – could be a significant element in arguing that issue.

Brexit and the Future of Human Rights Law in the UK

Original published on EU LAW ANALYSIS

by Steve Peers

*The following is adapted from my comments at the launch of Conor Gearty’s book On Fantasy Island: Britain, Europe and Human Rights last week

What’s the future for human rights law in the UK after Brexit? The starting point in the debate is what happens to the Human Rights Act – the subject of Professor Gearty’s new book On Fantasy Island. It has a thorough grasp of detail, but also makes the case for the Act in its social, political and historical context. It has a command of the whole subject, but also demonstrates the importance of human rights cases to the individuals concerned.

In particular, On Fantasy Island demolishes the myth of a glorious past for human rights as part of the common law (see also his blog post on this theme). As Professor Gearty notes, it’s true that the Salvation Army had the right to march joylessly to demand that people endure grinding poverty with tedious sobriety. But many others were unsuccessful asserting such rights – or were subject to wrongful convictions which sometimes either turned into wrongful executions or would have done so if the death penalty were still applied.

The book also punctures the misunderstandings of the Human Rights Act (HRA) that portray it as entrenching excessive judicial power constraining elected politicians – pointing out that the courts (in the UK, or the European Court of Human Rights) cannot overturn Acts of Parliament on human rights grounds.

Indeed, in light of this conscious compromise between parliamentary sovereignty and human rights protection – comparable to that in ‘poster child’ common law Commonwealth states Canada and New Zealand – coupled with British involvement in drawing up the ECHR, it could be said that the UK’s human rights system is already so ‘red, white and blue’ that even Pavlov’s bulldogs should salivate at the mention of its name.

Of course, the public perception of the UK’s human rights system does not see it as closely linked to our legal heritage, despite several provisions of the ECHR and HRA that resemble Magna Carta. I’ll return to that problem below.

The Brexit context

There’s a substantive dimension to the links between Brexit and the Human Rights Act, as well as a broader political and advocacy dimension. Substantively, human rights are protected as a matter of EU law whenever the issue in the particular case is linked to EU law, for example in areas such as data protection, discrimination and asylum law. In that case, the EU Charter of Rights applies – with rights corresponding to the ECHR as well as some rights drawn from other sources. There’s also a stronger system for protecting those rights: UK courts at any level can set aside an Act of Parliament if necessary to that end, as seen in Vidal-Hall and Benkharbouche.

After Brexit, such protection will be governed by the detailed rules in the planned ‘Great Repeal Act’, which will convert EU law into UK law until individual measures are amended or repealed. This raises issues similar to the ‘post-HRA’ scenario discussed in On Fantasy Island. In particular: will CJEU case law still apply? Will the Charter of Rights still apply? What will the legal effect of the Act be, as a matter of domestic law? Will it be considered a ‘constitutional statute’, with a form of privileged status compared to other Acts of Parliament? How easy will be for the executive to repeal ex-EU laws (an issue discussed further here).

As for the political dimension, there is some overlap between the debate over the Human Rights Act and Brexit, but some differences too. Most notably, the dynamics of a referendum do not apply to the debate over the HRA.

And yet, the debate over HRA repeal will take place in Brexit Britain – a country which, to update Dean Acheson’s famous phrase, has now lost its post-war role but cannot refound its empire. Frustrated by this unavoidable fact, it is unlikely the critics of all things ‘European’ will feel full after Brexit. The Human Rights Act looks likely to be their next snack.

There is, however, a theoretical possibility – canvassed in Professor Gearty’s book – that a new British Bill of Rights or somesuch could be fashioned, while avoiding the weak points in the common law system for the protection of human rights. Frankly, while this might (with perfect hindsight) have been the best way to establish ‘constitutional patriotism’ for the Human Rights Act from the outset, this seems unlikely to happen in the current political context.

First of all, leaked government plans indicated the intention was to remove effective remedies while handing the constitutional equivalent of a ‘bung’ to tabloid newspaper editors.

More broadly, the level of public debate since the referendum vote has been diabolically poor. One side basically repeats ‘You lost. Shut up!’ while the other repeats ‘We won’t. You lied!’ ad infinitum. This ‘debate’ has been punctuated by political murder, escalating threats of violence, and a large part of government and media opinion showing visceral contempt for the rule of law and parliamentary democracy.

Towards a new defence of the Human Rights Act

So there’s a strong case for retaining the Human Rights Act; but if we want to retain it, we have to defend it. It’s important to think of the best way to defend it, however. As lawyers or law professors we have to teach and practice human rights law technically – to understand deadlines for filing better than the Home Secretary, for instance. I’ve been called ‘forensic’ so many times that I should probably have my own CSI spin-off.

Moreover, some of the argument in defence of the HRA is defensive. As I pointed out already, Professor Gearty’s book rightly argues that the Act doesn’t allow the Courts to overrule Parliament. But reading arguments like these reminds me of the EU referendum arguments that the UK can overrule major changes to the EU, or that ‘unelected bureaucrats’ do not make all EU laws. Perfectly accurate arguments – but they did not win the day.

It’s also necessary to focus on a more positive case for the Act (including the ECHR more broadly). Some claimants are undeniably hard to love. But human rights law also helped a gay man kicked out of his home because the love of his life died. It protected the elderly in care homes left in their own filth. It safeguards children beaten so badly by their parents that they need to visit the hospital. It offers justice to grieving family members trying to find out why their loved one died. And it exposed wrongdoing leading to the tragic fate of many children whose mothers took the thalidomide drug.

This is the rational but passionate, reasoned yet humane, case that we have to make for the preservation of the Act.

Bargaining Chips No More: The Status of EU and UK citizens after Brexit

ORIGINAL PUBLISHED ON EU LAW ANALYSIS 

by Steve Peers

Introduction

Today, the results of an inquiry into the status of EU citizens in the UK after Brexit, set up by the NGO British Future, are released. I was a member of the panel of that inquiry, which sought to bring together supporters of both the Leave and the Remain side, from different political parties and from outside Parliament as well.

This blog post has three related objectives: a) to set out and defend the main recommendations of the inquiry regarding EU citizens in the UK after Brexit; b) to set out my own recommendations for what should happen to UK citizens in the EU after Brexit; and c) to discuss the idea (floated recently) of ‘associate citizenship’ of the EU for UK citizens after Brexit. Just to make clear, the second and third points were outside the remit of the British Future inquiry – but I think it makes sense to look at those issues in parallel today. Obviously, the comments here on the latter two points are mine alone, and my views on them are not necessarily shared by any of the other people on the panel.

Results of the Inquiry: Recommendations on EU citizens in the UK

The basic starting point of the inquiry is that EU citizens who were in the UK exercising rights on the basis of EU law before a cut-off date should retain their rights after Brexit. This was the explicit position of many senior people on the Leave side during the referendum campaign, and necessarily also reflects the views of those on the Remain side, who were advocating the continued application of EU free movement law to the UK.

It is also consistent with the international law principle of ‘acquired rights’ in international law. It’s unlikely that this principle could, by itself, ensure enforceable protection of specific individual rights in British law, for the reasons explained by Professor Douglas-Scott. However, the UK certainly ought to act to give practical effect to this principle. Equally, the proposal takes account of the barriers to expelling many EU citizens imposed by human rights law, discussed by Matthew White here.

Quite apart from legal considerations and political promises, it would give effect to basic ethical principles of humanity and fairness: it would be morally wrong to disrupt the lives of people who came to the UK legally and have contributed a great deal to it. Their anxiety and uncertainty about the future should be alleviated as soon as possible.

Our recommendation would in effect create a special ‘ex-EU’ status for EU citizens who were resident in the UK before the cut-off date. Those who were already entitled topermanent residence status as of the cut-off date would keep that status (or their entitlement to apply for it). Those who were resident in the UK as of the cut-off date, but who had not yet earned entitlement to permanent residence status could still obtain it over the next five years. Those who first arrive after the cut-off date would be entitled to invoke EU free movement law in the UK until Brexit Day, after which point they would switch to ‘ordinary’ UK immigration law status, whatever that might be. (It remains to be seen whether the EU and the UK negotiate some agreement on immigration issues, which might entail a preferential status falling short of free movement of people, after Brexit).

Ex-EU status for EU citizens in the UK would entail keeping all the same rights they would have had if the UK had stayed in the EU, in terms of access to employment and equal treatment. There are several advantages to this approach.

First of all, this approach would be easy to reciprocate on the EU side, for UK citizens living in the EU (more on that below). Secondly, it would be easier to administer: forcing all EU citizens in the UK to apply for a completely new distinctly British status would cost a fortune, and it would take years to process all the applications. Having said that, there will be some difficulties of implementation in practice, although some complications are unavoidable no matter what approach is taken to this issue. The report of the inquiry makes some detailed suggestions about how implementation could work.

Thirdly, the proposed approach would come with built-in legal clarity, since the rules governing EU free movement law are already the subject of EU legislation and many court judgments. Finally, it would be consistent with the government’s plans for a ‘Great Repeal Act’, which will keep EU law on the British statute book until Parliament (or, if given power, the executive) decides to amend or repeal it.

We chose a cut-off date of the official start of the process of leaving the EU. This is earlier than Brexit Day, on the basis that people that come after the notification date cannot expect to enjoy EU free movement rights in the UK indefinitely after Brexit Day. However, it is later than the referendum date, on the basis that EU citizens who arrived before the process of leaving the EU officially began should not be prejudiced.

Finally, why recommend that the UK act unilaterally, before the EU guarantees the status of UK citizens in the EU? Firstly, because of the principles of humanity and fairness discussed above: EU citizens in the UK should be regarded as ends and not means, and certainly not as bargaining chips. Secondly, because a principled position taken unilaterally by the UK could reduce the political tension on this issue, and make it easier to reach a bilateral agreement once talks start. If it adopts our recommendations as regards the position of EU citizens in UK law, the UK government could and should point out that it expects the EU side to agree to the same principles, particularly given that our recommendation would be easy for them to reciprocate.

UK citizens in the EU

So far, the EU has refused to negotiate on the status of EU and UK citizens post-Brexit, because the UK has not yet officially notified its intention to leave the EU. While it is unfortunate that negotiations have not already started, those who condemn the EU for its position but who also voted Leave should reflect that it was their vote that threatened the status of the people concerned in the first place.

Once Brexit negotiations begin, hopefully the negotiators will tackle this issue first and aim to reach early agreement on it, so that the people affected can make firm decisions about their future and administrations can prepare to implement the rules in practice. In principle, it should be easy to reach agreement, if both sides aim for a reciprocal ‘ex-EU’ status. Since the issue logically falls within the scope of Article 50 TEU, as an issue to be agreed as part of the Brexit process, it should not be necessary to get unanimous agreement of Member States or to subject the deal to national ratification by Member States (the Article 50 deal can be approved by a qualified majority of Member States in the EU Council).

As I suggested on the day after the referendum, it would be best to have rules in the withdrawal treaty on this issue which are legally binding, define the exact scope of the rule, can be supplemented by further joint measures if needed, and must be fully applied in further detail in national law. I suggested some wording for the Article 50 treaty (now amended to make clear that non-EU family members of UK and EU citizens are covered):

  1. Any citizens of the UK residing in the EU as of [Brexit Day] and their family members, and any EU citizens residing in the UK as of that date and their family members, shall retain any rights which they acquired pursuant to EU free movement law before that date. They shall also continue to acquire rights which were in the process of acquisition as of that date.
  1. The parties shall give full effect to this principle in EU or national law, as the case may be.
  1. The EU/UK Joint Committee may adopt further measures to implement this rule.

The British Future report describes how the UK could implement such a legal obligation in its law. The EU side could best implement its corresponding legal obligation in the form of a short Regulation or Directive setting out general rules on ex-EU status, making consequential amendments to other EU laws. Later EU laws can then cross-refer to this basic law and/or the Article 50 deal.

Associate EU citizenship  Continue reading