3.1 Transparency – Page 3 – European Area of Freedom Security & Justice

State Surveillance: the Venice Commission updates its 2007 Report

By Emilio DE CAPITANI

The Council of Europe’s, European Commission for Democracy Through Law (VENICE COMMISSION) during its 102nd Plenary Session (Venice, 20-21 March 2015) has updated its 2007 Report on the democratic Oversight of the security services and report on the democratic oversight of Signals Intelligence Agencies.
In a time where EU founding States such as France are discussing some very cotroversial rules on potential mass interception and the European Union is more and more attracted by the so called “intelligence led policing” the Venice Commission recommendations are particulary timely and worth reading.

Below the Executive Summary of the updated Venice Commission’s Report.

1. The scope of the study.
As a result of processes of globalization and of the creation of internet, internal and external security threats may not be easily distinguished anymore. Significant threats may come from non-state actors. Consequently, one of the most important developments in intelligence oversight in recent years has been that Signals Intelligence or SIGINT does not relate exclusively to military and external intelligence anymore, but also falls to some extent into the domain of internal security. Thus, signals intelligence now can involve monitoring “ordinary telecommunications” (it is “surveillance”) and it has a much greater potential of affecting individual human rights. Different states organize their signals intelligence function in different ways. The summary which follows discusses issues generally, and should not be seen as asserting that all states follow a particular model of signals intelligence, or regulate it in a particular way.

2. Is there a need for improved democratic control?
Strategic surveillance involves access both to internet and telecommunications content and to metadata (all data not part of the content of the communication). It begins with a task being given to the signals intelligence agency to gather intelligence on a phenomenon or a particular person or group. Very large quantities of content data, and metadata, are then collected in a variety of different ways. The bulk content is subjected to computer analysis with the help of “selectors”. These can relate to persons, language, key words concerning content (e.g. industrial products) and communication paths and other technical data.

3. Unlike “targeted” surveillance (covert collection of conversations by technical means (bugging), covert collection of the content of telecommunications and covert collection of metadata), strategic surveillance does not necessarily start with a suspicion against a particular person or persons. Signals intelligence aims to inform foreign policy generally and/or military/strategic security, not necessarily at investigating internal security threats. It has a proactive element, aiming at find or identify a danger rather than merely investigating a known threat. Herein lies both the value it can have for security operations, and the risks it can pose for individual rights.

4. Agencies engaged in signals intelligence tend to have the bulk of the intelligence budget, and produce most intelligence, but the systems of oversight over them have tended to be weaker. There are a variety of explanations for this.
First, it is argued that access to mere metadata does not seriously affect privacy, and nor does access to content data because this is done by computerized search programmes (“selectors”). However, metadata now can reveal much about private life, and the content selectors can be designed to collect information on specific human beings and groups.
Second, telecommunications used to be mainly by radio, with an ensuing lower level of privacy expectations; however, the vast bulk of telecommunications is now by fiber-optic cable.
Third, strategic surveillance being aimed at external communications, it was argued that it is the privacy of non-citizens or non-residents which is affected; however, leaving aside the issue of whether such a distinction is acceptable under the ECHR, for technical reasons there is an inevitable mixing of the internal and external communications, and an ensuing risk of circumvention of tougher domestic controls and oversight which might exist over “ordinary” surveillance. Fourthly, controls have been weaker on account of the technical complexity and rapid technological growth of the area. It should be borne in mind, however, that if this sector is left unregulated, it will be the intelligence agency itself instead of the legislature which carries out the necessary balancing of rights, with the risk of erring on the side of over-collecting intelligence. The fifth reason is that various factors – too rapid growth in the size of a signals intelligence agency, rapid growth in technology, loss in institutional memory, political pressure to secure quick results – may adversely impact the integrity and professionalism of the staff. Finally, signals intelligence is an international cooperative network, which creates specific oversight problems.

5. Strategic surveillance is not necessarily “mass” surveillance but can be when bulk data is collected and the thresholds for accessing that data are set low. Signals intelligence agencies tend to possess much more powerful computing facilities and thus have a greater potential to affect privacy and other human rights. They thus need proper regulation in a Rechtsstaat.

6. Jurisdiction.
The collection of signals intelligence may legitimately take place on the territory of another state with its consent, but might still fall under the jurisdiction of the collecting state from the view point of human rights obligations under the ECHR. At any rate, the processing, analysis and communication of this material clearly falls under the jurisdiction of the collecting State and is governed by both national law and the applicable human rights standards. There may be competition or even incompatibility between obligations imposed on telecommunications companies by the collecting state and data protection obligations in the territorial state; minimum international standards on privacy protection appear all the more necessary.

7. Accountability. Organization.
Signals intelligence is expensive and requires sophisticated technical competence. Hence, while all developed states nowadays require a defensive function – cyber security – only some have an offensive signals intelligence capacity, either in the form of a specialist signals intelligence agency or by allocating a signals intelligence task to the external intelligence agency.

8. Form of the mandate.
Most democratic states have placed at least part of the mandate of the signals intelligence function in primary legislation, as required by the ECHR. More detailed norms or guidelines are normally set out in subordinate legislation promulgated either by the executive (and made public) or by the Head of the relevant agency (and kept secret). There may be issues of quality of the law (foreseeability etc) in this respect.

9. Content of the mandate.
The mandate of a signals intelligence agency may be drafted in very broad terms to allow collection of data concerning “relevant” “foreign intelligence” or data of “relevance” to the investigation of terrorism. Such broad mandates increase the risk of over-collection of intelligence. If the supporting documentation is inadequate, oversight becomes very difficult.

10. Collection of intelligence for “the economic well-being of the nation” may result in economic espionage. Strategic surveillance however is useful in at least three areas of business activity: proliferation of weapons of mass destruction (and violation of export control conditions generally), circumvention of UN/EU sanctions and major money laundering. A clear prohibition of economic espionage buttressed by strong oversight and the prohibition for the intelligence agencies to be tasked by the government departments or administrative agencies involved in promoting trade would be useful prevention mechanisms.

11. Bulk transfers of data between states occur frequently.
In order to avoid circumvention of rules on domestic intelligence gathering, it would be useful to provide that the bulk material transferred can only be searched if all the material requirements of a national search are fulfilled, and this is duly authorized in the same way as searches of bulk material obtained through national searches.

12. Government control and tasking.
Taskers depend on the nature of the intelligence sought (diplomatic, economic, military and domestic). Taskers should not be regarded as external controls.

13. Network accountability.
Due to their different geographical location and to the nature of internet, states frequently collect data which is of interest to other states or have access to different parts of the same message. The links between allied states as regards signals intelligence may be very strong. The “third party” or “originator rule” may thus be a serious obstacle to oversight and should not be applied to oversight bodies.

14. Accountability and the case law of the European Court of Human Rights.
The ECHR consists of minimum standards, and it is only a point of departure for European States, which should aim to provide more extensive guarantees. The European Court of Human Rights has not defined national security but has gradually clarified the legitimate scope of this term. In its case-law on secret measures of surveillance, it has developed the following minimum safeguards to be set out in statute law in order to avoid abuses of power: the nature of the offences which may give rise to an interception order; definition of the categories of people liable to have their telephones tapped, a limit on the duration of telephone tapping; the procedure to be followed for examining, using and storing the data obtained; the precautions to be taken when communicating the data to other parties; and the circumstances in which recordings may or must be erased or the tapes destroyed.

15. The Court’s case law on strategic surveillance is so far very limited, although there is also national case law and oversight bodies practice based on the ECHR. Several of the standards related to ordinary surveillance have to be adapted to make them apply to strategic surveillance. The first safeguard (applicable only to states which allow the use of signals intelligence to investigate crimes) is that the offences which may be investigated through signals intelligence should be enumerated, and thus provision should be made for the destruction of data which might incidentally be gathered on other offences. The exception of transferring data to law enforcement should be narrowly defined and subject to oversight.

16. Another safeguard is a definition of the categories of people liable to have their communications intercepted. The power to contact chain (i.e. identify people in contact with each other) should be framed narrowly contact chaining of metadata should normally only be possible for people suspected of actual involvement in particularly seriously offences, such as terrorism. If the legislature nonetheless considers that such a widely framed contact-chaining power is necessary, then this must be subject to procedural controls and strong oversight.

17. As regards searches of content data, there are particular privacy implications when a decision is being considered to use a selector which is attributable to a natural person (e.g. his or her name, nickname, email address, physical address etc.). Strengthened justification requirements and procedural safeguards should apply, such as the involvement of a privacy advocate. The safeguard is also relevant as regards subsequent decisions to transfer intelligence obtained by strategic surveillance to internal security agencies, to law enforcement or to foreign services.

18. Interception of privileged communications by means of signals intelligence is particularly problematic as is use of signals intelligence against journalists in order to identify their sources. Methods must be devised to provide lawyers and other privileged communicants and journalists with some form of protection, such as requiring a high, or very high, threshold before approving signals intelligence operations against them, combined with procedural safeguards and strong external oversight.

19. The safeguard of setting out time limits is not as meaningful for strategic surveillance as it is for ordinary surveillance. Periods of surveillance tend to be long, and continually renewed. Retention periods also tend to be long: data originally thought to be irrelevant may, as a result of new data, come to be seen as relevant. Provision could be made for a requirement to make periodic internal reviews of the (continued) need to retain the data. To be meaningful, such a duty must be backed up by external oversight.

20. Two very significant stages in the signals intelligence process where safeguards must apply are the authorization and follow-up (oversight) processes. That the latter must be performed by an independent, external body is clear from the ECtHR’s case law. The question which arises here is whether even the authorization process should be independent.

21. Internal and governmental controls as part of overall accountability systems. For a number of reasons, It has been particularly tempting to rely primarily on internal controls in the area of strategic surveillance, but they are insufficient. Generally speaking, external oversight over signals intelligence needs to be strengthened considerably.

22. Parliamentary accountability.
There are a number of reasons why parliamentary supervision of strategic surveillance is problematic. First, the technical sophistication of signals intelligence makes it difficult for parliamentarians to supervise without the aid of technical experts. Second, the general problem of parliamentarians finding sufficient time for oversight along with all their other duties is particularly acute as regards strategic surveillance, where for controlling the dynamic process of refining the selectors (as opposed to a post-hoc scrutiny), some form of standing body is necessary. Thirdly, the high degree of network cooperation between certain signals intelligence agencies means an added reluctance to admit in parliamentary oversight, which can thus affect not simply one’s own agencies, but also those of one’s allies. In some states the doctrine of parliamentary privilege means that parliamentary committees cannot be security-screened, adding to an already-existing fear of leaks. The other, crucial, factor is that strategic surveillance involves an interference with individual rights. Supervision of such measures has traditionally been a matter for the judiciary. The constitutional principle of separation of powers can make it problematic for a parliamentary body to play such a quasi-judicial role.

23. A decision to use particular selectors, resembles, at least in some ways, a decision to authorize targeted surveillance. As such, it can be taken by a judicial body. As the decision involves considerable policy elements, knowledge of intelligence techniques and foreign policy are also desirable. Finding a group of people who combine all three types of competence is not easy, even for a large state. Thus, it is easier to create a hybrid body of judges and other experts. As regards follow-up (oversight) it is necessary to oversee decisions made by automated systems for deleting irrelevant data, as well as decisions by human analysts to keep the personal information collected, and to transfer it to other domestic and foreign agencies. This type of oversight is of a “data protection” character, most suitably assigned to an independent, expert administrative body. Neither of these types of decision is “political” in nature. What, by contrast, is more “political” is the prior decision taken, that somebody, or something, is of sufficient importance to national security to need intelligence about. This is the type of decision which would benefit from a (closed) discussion in a political body, where different spectrums of opinion are represented. Another type of policy-oriented issue is deciding the general rules regarding who, and under what circumstances, signals intelligence can be exchanged with other signals intelligence organisations. A third is making a general evaluation of the overall effectiveness and efficacy of signals intelligence measures. A fourth role for a political body is to engage in a continuous dialogue with whatever expert oversight body is established.

24. Judicial authorization.
A system of authorization needs to be complemented by some form of follow-up control that conditions are being complied with. This is necessary both because the process of refining selectors is dynamic and highly technical and because judges do not tend to see the results of the signals intelligence operations as these seldom lead to prosecutions. Thus the safeguards applying to a subsequent criminal trial do not become applicable.

25. Accountability to expert bodies.
The boundary line between parliamentary, judicial, and expert bodies is not hard and fast; in some states, oversight bodies are a mixture of the three. Expert bodies have a particular role to play in ensuring that signals intelligence agencies comply with high standards of data protection.

26. Complaints mechanisms.
Under the ECHR, a state must provide an individual with an effective remedy for an alleged violation of his or her rights. Notification that one has been subject to strategic surveillance is not an absolute requirement of Article 8 ECHR. If a state has a general complaints procedure to an independent oversight body, this can compensate for non-notification. There are certain requirements before a remedy can be seen as effective.

27. Concluding remarks.
States should not be content with the minimum standards of the ECHR. Signals intelligence has a very large potential for infringing the right to private life and other human rights. It can be regulated in a lax fashion, meaning that large numbers of people are caught up in a trawl and intelligence on them is retained, or relatively tightly, meaning that the actual infringement with private life and other human rights is kept down. The Swedish and German models have definite advantages over the other models studied from this perspective. In any event it is necessary to regulate the main elements in statute form and to provide for strong mechanisms of oversight. The national legislature must be given a proper opportunity to understand the area and draw the necessary balances.

The EU’s Maternity Leave Directive: The Council secretly rejects the EP’s olive branch

30.3.15 The Council’s refusal to accept the EP’s olive branch and even start negotiations on a possible compromise (however unlikely that might be) is petty and vindictive

by Steve Peers, Professor of Law, University of Essex (Twitter: @StevePeers)

Back in 2008, the Commission proposed a modest amendment to the EU’s existing maternity leave Directive. The European Parliament amended the proposal so that there would be a significant extension in the duration and cost of maternity leave – namely 20 weeks on full pay. This attracted very little interest in the Council, and negotiations were deadlocked for years.

The incoming Commission in 2014 indicated that the EP and the Council had a few months to reopen negotiations on the proposal, or it would withdraw it. It appears that the EP then made some overtures to the Council to open negotiations to this end, although the documents setting out this willingness to negotiate (referred to in the Council document) do not seem to be publicly available.

According to the attached LIMITE document (obtained by Statewatch) large number of Member States in the Council have clearly rejected this willingness to negotiate, raising not only procedural objections against the creation of an ad hoc form of committee (although the Council endlessly creates new ad hoc negotiating bodies for its own purposes) but also substantive objections to holding any discussions at all with the EP on this issue. Presumably the proposal is now doomed – unless there is some last-minute new political initiative.

Frankly, no one comes out of this saga well.

Whether the EP’s far-reaching amendments were a good idea or not, it was obvious for years that the Council would never adopt them, and the EP waited until the eleventh hour before showing any sign of flexibility. Its principled rigidity will lead to less generous maternity for many women, who might have benefited from more modest amendments that could possibly have been agreed years ago.

For the Council, the refusal to accept the EP’s olive branch and even start negotiations on a possible compromise (however unlikely that might be) is petty and vindictive.

For the Commission, the offer to wait for the Council and the EP appears like a cynical passing of the buck, letting the co-legislators take the blame for the failure of the talks.

Why not take an active stance, suggesting possible compromise positions and expending some political effort in trying to bring the other institutions together?

And more broadly, the EU legislative process has failed here. Not just in the obvious sense that there is a failure to do a deal, or that the EP overplayed its hand to an almost cartoonish degree. It failed because of the skulking secrecy that infected the dying months of these (non-)negotiations.

As far I can see from its website, the EP’s women’s committee did not hold any public hearing on this proposal since the Commission issued its ultimatum. Its chair’s letter to the Council is not public (or at any event, it cannot be easily found). Surely this an important enough issue to engage the public? And the Council’s rejection of the EP’s apparent offer to negotiate is only ‘public’ because this document has been leaked.

The basic principles of democratic accountability mean that the Member States should account in public for their refusal to negotiate, and the EP should have disclosed its position and debated it in public. Perhaps the proposed changes to the maternity leave directive were doomed whatever happened – but they should have died with a public bang, not a squalid backroom whimper.

Commission recent withdrawal of legislative proposals : Easter’s “house cleaning” or a growing threat to the EU institutional balance ?

by Emilio De Capitani

On March 7 the Commission published on the official journal a list of legislative proposals which it has decided to withdraw. (1) The immediate consequence is that legislative negotiations between the European Parliament and the Council on some of these texts can go no further (even if the co-legislators are still interested in finalizing their work). (2) As it would happen if a referee snatches the ball during a match of football , several parliamentary committees have loudly protested.(3)

The problem was not only that the game abruptly interrupted but also that no one could predict when it would start again (even after the Lisbon Treaty the European Parliament and the Council still lack the power to initiate new legislation and can play their legislative role only by amending, (as a general rule), a Commission legislative proposal.

This bizarre situation dates back to the first phase of the European Communities when the Commission was the only institution which could limit the risk that the members states through the Council could re-nationalise the powers conferred by the Treaties to the Community. Since then the rule has been that “…Union legislative acts may only be adopted on the basis of a Commission proposal, except where the Treaties provide otherwise” ( current art 17 p 2, first phrase TEU) and such a Commission’s monopoly of initiative has been further strengthened by two other elements: Member States can change the Commission proposal only by an unanimous vote and conversely the Commission can amend its own proposals all along the procedure “… As long as the Council has not acted(..)”(art. 294 TFEU). In the real world this means that the Commission has to modify its proposal when it shares a majoritarian position emerges in the Council ( so that unanimity is no more needed). To strengthen even more its power to influence the Council position the Commission has developed (in the silence of the treaties) a legal theory according to which the right of initiative not only cover the right to amend a text but also the rights to withdraw it when the Commission consider that its “power” of legislative initiative risks to be abused by the Council in a way which according to the Brussels’s executive is contrary to the EU interest.

In 2013 the beginning of an interinstitutional “Game of thrones” .. Continue reading “Commission recent withdrawal of legislative proposals : Easter’s “house cleaning” or a growing threat to the EU institutional balance ?”

The European Area of Freedom Security and Justice : still.. lost in transition ?

by Emilio De Capitani

More than five years ago the Lisbon Treaty entered into force carrying along great expectations for the transformation of the EU into a Freedom Security and Justice area. However even if some progress has been made on Schengen, asylum policies, procedural guarantees in criminal proceedings and judicial cooperation in civil matters the results are far lower than the initial expectations and of the ambitious objectives enshrined in the Stockholm Programme adopted by the European Council on December 10^th 2009.

That Programme has been criticized by some member states as it was a sort of “Christmas tree”. However what the European Council adopted in June last year is little more than a “dry bush” mainly focused on the need for …thorough reflections before adopting new EU legislation. Some commentators considered that this was a Machiavellian move of the European Council to pass the baton to the newly appointed President of the European Commission so that it could take the lead of this European policy as for any other “ordinary” policy.

A deceiving Commission..

In the following months this interpretation was confirmed by the appointment of the first Commission Vice President, in charge of the implementation of the rule of law, of the European Charter of fundamental rights and of better legislation. Moreover the creation of a specific portfolio for migration policy gave the impression of the Commission’s stronger political commitment “..to place the individual at the heart of its activities, by establishing the citizenship of the Union and by creating an area of freedom, security and justice” (European Charter Preamble)

However very soon these initial hopes had been deceived:

1 The rule of law mechanism which was suggested by the last “Barroso” Commission was soon forgotten

2 As far as the Charter is concerned the Commission has apparently been taken by surprise by the Court of Justice opinion 2/13 dealing with the EU accession to the ECHR and is still considering what to do. But the Juncker Commission also seems lost when the issue at stake is to transpose the EU Charter principles into new EU legislation. It will only take more than one year to evaluate what could be the impact of the CJEU ruling on data retention on the pending legislation such as the EU PNR, the entry-exit and the registered travel proposals (not to speak of its impact on EU legislation and agreements that are already in force..)

3 Migration and human mobility are still dealt with and financed by the same General Directorate which is in charge of internal security policy instead of being moved to social affairs policies which should have been a real holistic and individual-centred approach.

4 Last but not least the Commission’s legislative programme for 2015 is more than reticent and it appears more and more evident that for the time being most (if not all) of the Commission’s political energy will be focused on economic objectives so that the Freedom security and justice area related policies have to wait for a new season.

…but the situation between Member States is even worse..

The situation of FSJA policies is even more frustrating on the Member States side.

Not only some legislative procedures like the ones on consular protection, access to documents or the fight against discrimination remain blocked and others including the data protection reform will require a caesarean section to come to life, but day after day it appears clearer and clearer that there is still a majority of member states which do not want the modernisation of measures adopted before the Lisbon treaty (or even before the entry into force of the Amsterdam Treaty. This is notably the case of Germany which (as a rule) oppose any new measure which can have a financial impact or will change the former “unbalance” of power between the Council and the European Parliament. Take the case of the recent three Commission proposals (1) repealing FSJA measures dating back to the intergovernamental period. According to German delegation even a 1998 Schengen decision on the adoption of measures to fight illegal immigration should be preserved because “None of the (current) legal instruments include a similarly comprehensive approach to fight illegal migration and immigrant smuggling.” This is appalling : would it not be wiser to urge the Commission to submit a new proposal which could better comply with the EU Treaties and with the Charter by also associating the European Parliament to this endeavour ?

This case apart it is worth noting that all the pre-Lisbon measures dealing with police cooperation and judicial cooperation in criminal matters (2) have been legally “embalmed” by art 9 of Prot.36 according to which “The legal effects of the acts of the institutions, bodies, offices and agencies of the Union adopted on the basis of the Treaty on European Union prior to the entry into force of the Treaty of Lisbon shall be preserved until those acts are repealed, annulled or amended in implementation of the Treaties. The same shall apply to agreements concluded between Member States on the basis of the Treaty on European Union.”

A “Transitional” period ….until when ? Continue reading “The European Area of Freedom Security and Justice : still.. lost in transition ?”

The European Union and State Secrets: a fully evolving institutional framework…in the wrong direction (2).

By Emilio DE CAPITANI

In a passionate intervention before the Civil Liberties Committee of the European Parliament (LIBE) on January 8 the European Ombudsman has denounced the fact that: “For the first time in its twenty year history, the European Ombudsman was denied its right under Statute to inspect an EU institution document, even under the guarantee of full confidentiality, as part of an inquiry… This power to inspect documents is fundamental to the democratic scrutiny role of the Ombudsman and acts as a guarantor of certain fundamental rights to the EU citizen.”

The case concerned Europol’s refusal to give access to a Joint Surpervisory Body (JSB) report on the implementation of the EU-US Terrorist Finance Tracking Program (TFTP) Agreement (known as “SWIFT” agreement). The JSB consists of representatives of the data protection authorities of the Member States which should ensure that the storage, processing and use of the data held by Europol do not violate fundamental EU rights. To check if Europol was correctly applying EU law the Ombusdman has asked to inspect the JSB report. ”However”,as stated by Mrs O’Reilly,”..according to Europol, the “technical modalities” agreed between the Commission and the US under Article 4(9) of the TFTP Agreement required Europol to obtain the permission of the US authorities before allowing the Ombudsman, or any other entity, any access, including an Ombudsman confidential inspection, to the record. The US authorities have refused such permission to Europol.” Reportedly the US authorities refused this permission because the Ombudsman “need to know” requirement for having access to that classified document was not met.

Many LIBE members have considered this statement quite appalling because it allowed the US authorities to be the arbiters of whether or not the Ombudsman may exercise her statutory, democratic power to inspect the document at issue in conformity with EU law. It is worth recalling that art. 3 par. 2 of the Ombusdman statute states that : “The Community institutions and bodies shall be obliged to supply the Ombudsman with any information he has requested from them and give him access to the files concerned. Access to classified information or documents, in particular to sensitive documents within the meaning of Article 9 of Regulation (EC) No 1049/2001, shall be subject to compliance with the rules on security of the Community institution or body concerned.”

To shed some light on this controversy it could be worth recalling some elements which to my opinion have not been developed during the parliamentary debate and I had the occasion to recall in a previous post …five years ago.

The “Originator’s principle” in art. 9 of Regulation 1049/01

First of all it should be noted that art. 9 of Regulation 1049/01 cited in the Ombudsman Statute is the only EU legislative basis which allows the classification of “sensitive documents” which are “..documents are documents originating from the institutions or the agencies established by them, from Member States, third countries or International Organizations, classified as ‘TRÈS SECRET/TOP SECRET’, ‘SECRET’ or ‘CONFIDENTIEL’ in accordance with the rules of the institution concerned, which protect essential interests of the European Union or of one or more of its Member States in the areas covered by Article 4(1)(a), notably public security, defense and military matters.” According to paragraph 3 of the same article “Sensitive documents shall be recorded in the register or released only with the consent of the originator.”

However, according to Regulation 1049/01 the Originator’s consent is an exception to the general rule according to which an Institution when requested for access to a document should be driven by objective criteria and not by the will of the “originator” even when the latter it is an EU Member State (see art. 4 p.4-6 of Regulation 1049/01). The only obligation foreseen by the Regulation is to establish a fair dialogue with the “originator” and the final judge will remain the Court of justice which should assess if Regulation 1049/01 principles and rules have been violated. Not surprisingly this general rule was not easy to agree with the Member States but it was chosen as it was the only possible way out to preserve the autonomy of EU law against the risk of inconsistent decisions at EU level if taken following national standards which are still extremely diverse (think how different is the approach to transparency in Sweden or in Spain..).

Why then establish an exception in art. 9 ?

The main factor has been the Council reqyest to cover the first 2000 EU-NATO agreement on exchange of classified information which, like all similar international agreements was built on the “originator” principle and also because of this was challenged by the European Parliament before the Court of Justice. Mid 2001 a deal was then struck with the European Parliament which obtained that the exception of the “originator’s principle” should had been limited to the intergovernmental domains (at the time the internal and external security policies covered by art. 24 and 38 of the EU Treaty). The logic was that for these policies the Member States are mainly under the control of their national parliaments so that the European Parliament (as well as the Court of Justice) could not be considered co-responsible for violation of EU law.

On this basis the Council has progressively built an autonomous legal framework which can hardly be considered a simple implementation of Art.9 of Regulation 1049/01. Not only the Council has added another lower level of classified documents (“Restricted”) but it embodied the “originator’s principle”. The Council latest version of these security rules is the Decision 2013/488/EU and has been adopted by the Council on its internal organizational powers (art. 240 TFEU) and “without prejudice to Articles 15 and 16 of the Treaty on the Functioning of the European Union (TFEU) and to instruments implementing them”.(eg Regulation 1049/01 and the measures protecting personal data).

Notwithstanding this “disclaimer” this Council Decision has become “de facto” an harmonizing measure as it define the “principles” which should frame the European Union Classified Informations (EUCI). To comply with the rule of law and democratic principles these “principles” should had been adopted by the co-legislator as foreseen by art. 15 of the TFEU (1) and by the EU Charter. But the general application of these “internal rules” derives by the fact that they should be “copy and pasted” as such in all the EU Institutions agencies and bodies “internal” security rules if the latter want to share classified informations with the Council or between them.

Also in the international negotiations the Originator’s principle has been spread in dozen of international agreements even if since the entry into force of the Lisbon Treaty these agreements deals with the exchange of classified information linked with the common foreign and security policy” (art. 37 of the TEU) (2). When classified informations deals with Judicial and police cooperation in criminal matters they now require an internal legal basis as it happened for the Decision concluding the EU-US agreement on TFTP. The “mutual respect clause foreseen by art. 40 TEU (3) should be respected and the European Parliament approbation is required.

Quite rightly then the European Parliament Legal Service has considered that the “technical modalities” invoked by Europol to justify the refusal of access by the Ombusdman could not be considered a sound legal basis as they were simple “implementing measures” of the TFTP agreement and have been not part of the agreement itself.

Can the Ombusdman, the European Parliament and the Court of justice be considered simple “third parties” ?

However I am less convinced of the EP Legal Service reasoning when it justify the EUROPOL refusal to give the Ombusdman access to the JSB report because the originator’s principle is embodied in …the Europol internal Security Rules.

First of all I believe that in case of conflict between the Europol Security Rules (which mirror the Council Internal security rules which themselves are implementing measure of art. 9 of Regulation 1049/01) and the Ombudsman Statute the latter should prevail as the latter it is a direct implementation of the Treaty and is of legislative nature (as it has been adopted in codecision by the European Parliament and the Council).

Secondly (and more importantly) I consider that the question as highlighted by the Ombudsman is indeed more of constitutional nature and deals with the preservation of the principle of institutional balance in an autonomous legal order as it is the European Union (see the recent Court of Justice opinion 2/13 on the EU accession to the ECHR).

Under this perspective I think that the way how the Council has implemented the art 9 of Regulation 1049/01 is creating a sort of “executive privilege” which has no basis in the EU primary law and can which moreover is threatening the prerogatives of the other institutions.

I find also misleading (to say the least) the formula applied by the Council in the international agreements on the exchange of classified information (even if now limited to external security policy). The formula is the following :

“The EU institutions and entities to which this Agreement applies shall be: the European Council, the Council of the European Union (hereinafter ‘the Council’), the General Secretariat of the Council, the High Representative of the Union for Foreign Affairs and Security Policy, the European External Action Service (hereinafter ‘the EEAS’) and the European Commission. For the purposes of this Agreement, these institutions and entities shall be referred to as ‘the EU’..”

How can be considered complying with the EU founding values of democracy and of the rule of law as well as with the principle of legal certainty a formula which give the right to a third country such as Russia, Georgia, Turkey, (4) to decide that the Ombudsman, the European Parliament and the Court of Justice are “third parties which can be forbidden from acceding to classified information” even when their access is linked with the exercise of their constitutional prerogatives? (5)

Conclusions

For all these reasons I think that the Ombudsman should had challenged the Europol refusal before the Court of justice by giving to the Luxembourg Judges the possibility to better frame the scope of the originator’s principle and of the “third party” rule in the EU law.

In the meantime it could also be possible that the Commission (and notably its Vice president of Timmermans in charge of the Rule of law of the EU Charter) take on board the amendments to Regulation 1049/01 (and to art. 9) as voted by the European Parliament on December 2011.

Last but not least I think that also the European Parliament should take advantage of what he has learned in Ombudsman-Europol case in the current negotiations with the Council on the post-Lisbon EUROPOL decision. It could be worth amending some worrying articles of the Council “general approach” (Council Doc 10033/14 of May 28 2014) . For instance art.67 of rightly makes reference to Regulation 1049/01 but art. 69 makes reference to the Council Internal Security rules instead to art. 9 of Regulation 1049/01. I think it could also be wise to examine the content of the Europol adopted and pending international agreements as the Council “general approach” foresee that Europol International agreements “established on the basis of Decision 2009/371/JHA and agreements concluded by Europol as established by the Europol Convention before 1 January 2010 should remain in force”.

NOTES

(1) “General principles and limits on grounds of public or private interest governing this right of access to documents shall be determined by the European Parliament and the Council, by means of regulations, acting in accordance with the ordinary legislative procedure.” (art. 15 p 3 TFEU)

(2) See for example the 2011 agreement between the EU and Serbia on the exchange of classified information)

(3) Art 40 TEU. “The implementation of the common foreign and security policy shall not affect the application of the procedures and the extent of the powers of the institutions laid down by the Treaties for the exercise of the Union competences referred to in Articles 3 to 6 of the Treaty on the Functioning of the European Union.

Similarly, the implementation of the policies listed in those Articles shall not affect the application of the procedures and the extent of the powers of the institutions laid down by the Treaties for the exercise of the Union competences under this Chapter.”

(4) The third Countries with which the agreements have been concluded are : Australia, Bosnia and Herzegovina, Former Yugoslav Republic of Macedonia, Iceland, Israel, Liechtenstein, Montenegro, Norway, Serbia, Switzerland, Ukraine and United States of America. Agreements have also been signed with: Canada (Negotiating mandate approved by the Council on 21.10.2003 – Under negotiation), Turkey (Negotiated but not yet approved by the Council), Russian Federation (Agreement signed on 01.6.2010 and published in OJ L 155, 22.6.2010, p.57. Exchange of notes verbales following entry into force of the Lisbon Treaty . Negotiations on the implementing arrangements are ongoing), Albania Negotiating mandate approved by the Council on 20.01.2014 (Under negotiation), Georgia (Negotiating mandate approved by the Council on 20.01.2014.Under negotiation).

(5) The fact that the “third party rule” constitutes a guarantee for the third party to a certain extent, but it is not an absolute principle of law has been debated during the negotiations of the EU-Canada exchange of classified informations (with reference to Section 38 of the Canada Evidence Act).

The US Senate reveals the truth on renditions and torture, now it’s Europe’s turn.

NB Translated by Yasha Maccanico from an original italian version published on Europeanrights internet site.

by Armando Spataro[1]

On 9 December 2014, as had been announced the day before by Josh Earnest, the White House spokesman, the US Senate released a report of around 500 pages that officially acknowledged all sorts of torture (including water-boarding) and the practice of extraordinary renditions, enacted by the CIA for around a decade within the framework of an unacceptable strategy to fight international terrorism. Moreover, the report consists of a summarised review of an even wider study which is around 6,700 pages long, the rest of which will remain ‘classified’, as is said in jargon, and hence secret. The work by the Senate’s Intelligence Committee monitoring the secret services, on which the report is based, lasted for around five years and included analysis of around 6 million documents.

Thus, practically the whole world had official confirmation of what was already known to an extent and which, according to several commentators, constituted a practice enacted since the years that immediately preceded the 11 September [attacks], when the CIA was headed by George Tenet (from 1997 to 2004), and up until 2009 (hence, also at the time when Tenet’s role was assumed first by Porter Gross and then by Michael Hayden). In any case, these were methods developed with certainty – according to the report – after 11 September. Yet, the truly innovative element did not consist in this practice being revealed, but in its clear and unequivocal condemnation by the United States Senate.

The president of the Senate’s Intelligence Committee, the California Democrat Dianne Feinstein, who had already reported the violation of the computers of the Committee she presided over by the CIA[2] in March 2014, insisted for the immediate publication of this dossier. The senator, who overcame internal resistance even within her party by those who opposed the report’s publication, declared: “We have to divulge it because whoever reads it will act in order for it never to happen again”. The position taken by President Obama was no different, as he stated: “We were not worthy of our values… Torture has not even contributed to making us safer against terrorism. I will continue to use my presidential authority to guarantee that we will never use those methods again”[3]. Brutal and inefficient methods, whose only consequences were summed up by Harry Raid, leader of the outgoing Democratic majority in the Senate, in just a few words:“All of this has just muddied us”.

But the top echelons of the CIA immediately stated that they had done what was asked of them, assuring that everything was lawful.

Hence, it is worth reconstructing the route along which, at a certain point, governments, including European ones, political leaders and many jurists came to claim that acts of torture and the kidnapping of suspected terrorists had a juridical legitimation and, therefore, could be practised.

It all arises from an abstruse juridical theorisation, that of the war on terror, whereby war must be met with war, also because it is a way of producing democracy, so much so that “after the bombing of Falluja, the inhabitants of the destroyed city were happier and voted in great numbers”[4]. It was a theory that was drawn up in the wake of 11 September and had quickly become so popular as to be mentioned using an acronym: “W.o.T.”

In essence, acts of so-called international terrorism supposedly constitute acts of war that may be countered with similar techniques among which kidnappings and torture are included. Of course, it is true that acts of terrorism may also be carried out in times and zones of war, but it is likewise evident that this does not justify that kind of response in any way. In fact, everyone, and not just jurists, knows that in war situations the law for armed conflict situations is applicable as it is laid out in the Geneva Convention, its additional protocols and its further, more general purposes that are found in humanitarian law.

However, within the frame of the WoT principles become flexible, “grey areas” in which rights exist in a limited form become admissible, where any rule subsides or rules are often violated, starting from, for example, the very creation of the category of enemy combatants, that is, of illegal enemy combatants which, according to the view of those who created it, enables terrorist suspects who are “captured” in any part of the world to be denied their fundamental rights.

We owe the creation of this monstruous juridical category to John Woo from the US Department of Justice’s Legal Advice Office, the author of a 42-page memorandum in which Al Qaeda and the entire Taleban regime were included among the illegal enemy combatants, to whom the Geneva Conventions would not be applied.[5]

Moreover, John Yoo later complained (in 2008) in some press articles that the unveiling of his role as counsellor-strategist exposed him to the risk of reprisals, whereas he now claims, with renewed pride and following the publication of the Feinstein report, the authorship of that memorandum. Yoo recently published the book “Point Attack”, in which he redevelops that “emergency law” which was decisive – in his view – after 11 September[6].

Fears that were somewhat similar to those expressed by Woo prior to his more recent coming out, had been voiced by Matthew Waxman, professor at the Columbia Law School and a high ranking official in the staff of the US State Department between 2005 and 2007, who complained about[7] the worldwide release of the photographs that documented the inhumane treatment inflicted upon prisoners in Abu Ghraib and Guantánamo: «What image are we giving of the fight against terrorism?», he commented.

In reality, using the words of Antonio Cassese, this system constitutes a “juridical limbo”, which is enriched by ad hoc clauses and provisions directed at further legitimating it. Continue reading “The US Senate reveals the truth on renditions and torture, now it’s Europe’s turn.”

National security and secret evidence in legislation and before the courts: exploring the challenges

FULL STUDY DOWNLOADABLE HERE
Visit the European Parliament’s Studies website:

EXECUTIVE SUMMARY
This Study examines the way in which justice systems across a selection of EU Member States use and rely on intelligence information that is kept secret and not disclosed to the defendants and judicial authorities in the name of national security.
It analyses the laws and practices in place from the perspective of their multifaceted impact on the EU Charter of Fundamental Rights (in particular its provisions related to the rights of the defence and freedom of information and expression), as well as on wider ‘rule of law’ principles. The analysis is based on a comparative study of the legal regimes, interpretations by domestic and European tribunals as well as key developments and contemporary practices concerning the use of intelligence information as ‘evidence’ and the classification of information as ‘state secrets’ during trials in the name of ‘national security’ in the following seven EU Member States (EUMS): the United Kingdom, France, Germany, Spain, Italy, the Netherlands and Sweden.

The examination has highlighted a number of key research findings.

It first shows a wide variety of national legal systems and judicial practices embedded in domestic historical, political and constitutional trajectories characterising each Member State jurisdiction (see Section 1 of the Study and Annex 5 with detailed Country Fiches).
The United Kingdom and the Netherlands are the only two Member States examined with official legislation allowing for the formal use of classified intelligence information in judicial proceedings. The United Kingdom constitutes an ‘exception’ in the broader EU landscape due to the existence of the much-contested ‘Closed Material Procedures’ (CMPs) – secret court hearings where only the judge and security-cleared special advocates are given access to sensitive intelligence material. The Netherlands operates a system of ‘shielded witnesses’ in courts, allowing intelligence officials to be heard before a special examining magistrate (Sections 1.1. and 1.2 of this Study). Other EUMS analysed (Germany, Spain and Sweden) present indirect judicial practices in which certain evidence may be hidden from a party during trials under a number of conditions (Section 1.3).

Nevertheless, the Study demonstrates that secret evidence is not always legal evidence. In countries such as Germany, Italy or Spain the rights of the defence and the right to a fair trial cannot be ‘balanced’ against national security or state interests as this would directly contravene their respective constitutional frameworks (Section 1.4).

Yet, all EUMS under examination face a number of challenges as regards the difficult and often controversial declassification or disclosure of intelligence materials, which too often lacks proper independent judicial oversight and allows for a disproportionate margin of appreciation by state authorities (Section 1.5 of this Study).

Another issue resulting from the comparative investigation relates to the fuzziness and legal uncertainties inherent to the very term ‘national security’ (as evidenced in Section 1.6 and Annex 3).
While this notion is quite regularly part of political and legal debates in EU and national arenas, the Study reveals that a proper definition of what national security actually means is lacking across a majority of EUMS under investigation.
The few definitional features that appear in EUMS’ legal regimes and doctrinal practices fail to meet legal certainty and ‘rule of law’ standards, such as the “in accordance with the law” test (see below). This too often leads to a disproportionate degree of appreciation for the executive and over-protection from independent judicial oversight, which is further exacerbated in a context where some EUMS have bilateral systems of mutual respect of state secrets with third countries such as the US.
Moreover, the disparities and heterogeneous legal protection regimes among EUMS also mean that EU citizens who are suspects in judicial procedures are protected differently or to divergent degrees across the EU. There are variable ‘areas of justice’ in the EU when it comes to the rights of defence of suspects in cases dealing with national security and state secrets. This diversity is at odds with the ambition of developing a common AFSJ and achieving non discrimination between EU nationals when it comes to the delivery of fundamental rights.

A second key finding of the Study relates to a growing transnational exchange of intelligence and use of these intelligence materials before courts (as developed in Section 2 and Annex 1 of this Study).

The 2013 Snowden revelations provide the general context within which EUMS’ regimes and practices need to be analysed. There has been a growing expansion of intelligence cooperation across the world, which is mainly transatlantic and asymmetrical in nature due to the more prominent role played by the US.
This has strengthened the view that transnational threats require a more extensive sharing of raw data on individuals collected by internet or mobile devices. This trend poses a number of dilemmas from the perspective of judicial accountably and the rule of law (Section 2.1 of this Study). One relates to the difficulties in assessing the quality, lawfulness and accuracy of the information, and the extent to which this very information can be considered ‘evidence’ in trials (Section 2.2). The current reliance on intelligence information is, moreover, problematic in light of insufficient or deferential judicial oversight of executive decisions taken ‘in the name of national security’.
This is particularly also the case in respect of the ways in which the use of state secrets can disrupt government officials’ accountability in cases of alleged ‘wrongdoing’ (Section 2.3).

A third finding concerns an emerging set of European judicial standards from the European Court of Human Rights (ECtHR) and the Court of Justice of the European Union (CJEU) on issues related to intelligence information, national security and state secrets, in particular when these affect the rights of the defence (refer to Section 3, Annex 1 and Annex 2 of this Study).

One of the most important legal standards when assessing national security and intelligence information is the “in accordance with the law” principle. Continue reading “National security and secret evidence in legislation and before the courts: exploring the challenges”

Towards a Declaration of Internet Rights

by Professor Stefano RODOTA’ (FREE Group member) (*)

For many years there has been a wide discussion about the possibility of adopting an Internet Bill of Rights, and debates have produced a considerable number of proposals. The Berkman Centre at Harvard University counted 87 of such proposals, to which we can add the Internet Magna Charta that Tim Berners-Lee is working on, and lastly the Declaration of the Rights of Internet Rights that has been drafted by a Committee established by the President of the Italian Chamber of Deputies. The novelty of the latter is that for the first time the proposal of an Internet Bill of Rights has not been produced by scholars, associations, dynamic coalitions, enterprises, or groups of stakeholders, but by an institutional entity.

It is necessary to recall that the debate on this topic dates back to the World Summit on the Information Society organised in 2005 by the UN in Tunis, where the need for an International Convention on Internet rights was explicitly underlined. This subject was deepened in the following UN Internet Governance Forums. But the international debate was progressively turned into precise rules within the European Union, even before the issue of the Internet Bill of Rights appeared in the international arena. These are not, however, parallel situationsdestined not to meet at any point. The European Union progressively brought to light the constitutional basis of the protection of personal data, finding its full recognition in Article 8 (**) of its Charter of Fundamental Rights. Here a strong similarity with the Internet Bill of Rights is identified, and it concerns precisely the constitutional scope of rules.

We are going through a phase of deep change in the way in which we are facing the problems highlighted by the Internet dynamics, in the passage from Web 1.0 to Web 2.0 and now to Web 3.0. It is not just a matter of following technological changes by adjusting legal provisions to suit them. A new definition is being developed of the rationale driving actions in this area, through a radical U-turn as regards the dynamics of the latest phase. A possible historical turning point is ahead of us, whose/that’s opportunities must be seized.

It seemed that an approach had become consolidated, which left little room to rights. From Scott McNealy’s abrupt statement of 1999 – “You have zero privacy. Get over it” – up to the recent hasty conclusion by Mark Zuckerberg about the end of privacy as a “social rule”, a line characterised by the intertwining of two elements emerged: technological irresistibility and the primacy of the economic logic. On the one side, in fact, it was highlighted how technological innovations and the new social practices made it increasingly difficult, not to say impossible, the safeguard of one’s private life and of the public liberties; on the other side, the statement on the “death of privacy” had become the argument to state that personal information had to be considered as property of those who collected it.

These certainties were radically challenged by Edward Snowden’s disclosure on the magnitude of the National Security Agency’s Prism programme and by the judgements of the European Court of Justice on data retention and Google. The idea according to which the protection of fundamental rights shall give way to the interests of security agencies and enterprises was rejected.

A new hierarchy has been established, with the fundamental rights as the first and starting point. The US President had to admit the inadmissibility of the procedures provided for by the Prism program and the Court of Justice, with its decision of 8th April, that declared that the Directive on data retention was illegal. And in the Google case the same Court explicitly stated that “the fundamental rights under Articles 7 and 8 of the Charter (…) override, as a norm (…) the economic interest of the operator of the search engine”, in a perspective broadening the European Union’s jurisdiction beyond its borders.

We are faced with a true “resurrection of privacy” and, more generally, with the primacy of the need and legitimacy of rules effectively protecting the rights of Internet users. Making reference to article 8 of the Charter, the Court of Justice was acting as a true constitutional court, opening a new and wide perspective.

The Italian initiative

This is the framework within which the Italian initiative on the Declaration of Internet Rights was adopted. Its goal is not limited to having a text to be used for national debate only.

The establishment of the Committee that drafted the document, in fact, was preceded by an international conference gathering some of the authors of the Brazilian Marco Civil, the representatives of European Institutions, and several experts from different Countries.

The text drafted by the Committee was presented on 13th October during a meeting at the Chamber of Deputies with the Presidents of the Parliamentary Committees of Member Countries in charge of fundamental rights.

The present draft is now submitted to a four-month public consultation on the Internet, at the end of which the Committee will draft the final text. Such consultation, however, is also being carried out at a European and international level, as shown by the contacts with other European Parliaments and by the video conference that will be held at the beginning of December between the Italian and the French Committees. Consultations are also taking place with experts and associations from non-European Countries.

An ambitious target was set: drafting a text allowing a common international debate, accompanied by a constant monitoring by the Chamber of Deputies. The goal is not limited to working in the complex and remote perspective of an international convention. Short-term and feasible results can be achieved, concerning the strengthening of the European system, its developments and the relationships with other countries, and most of all the consolidation of a culture highlighting common dynamics in the different legal systems. In this way, the debate around a future Internet Bill of Rights may lead to the awareness that in the different legal systems several elements already exist that, once connected to one another, establish an informal Internet Bill of Rights. An evidence of such trend is found in the decisions of the Courts of the different Countries and in the choice of legislative models, as shown by the clear influence of the European model on the Brazilian Marco Civil.

The Italian Declaration is characterised by a fundamental choice. Differently from almost all the other ones, it does not contain a specific and detailed wording of the different principles and rights already stated by international documents and national Constitutions. Of course, these are generally recalled as an unavoidable reference. But the attempt of the Declaration, as a matter of fact, was to identify the specific principles and rights of the digital world, by underlining not only their peculiarities but also the way in which they generally contribute to redefining the entire sphere of rights.

The key words – besides the most well-known ones concerning the protection of personal data and the right to the informational self-determination – include access, neutrality, integrity and inviolability of IT systems and domains, mass surveillance, development of digital identity, rights and guarantees of people in Internet platforms, anonymity and right to be forgotten, interoperability, right to knowledge and education, and control over Internet governance. The importance of the needs linked to security and to the market is obviously taken into consideration, but the balancing of these interests with fundamental rights and freedoms cannot take place on equal terms, in the sense of ensuring first and foremost the full respect for rights and freedom according to the clear provisions of the Charter of Fundamental Rights and to European case law.

In particular, security needs shall not determine the establishment of a society of surveillance, control and social sorting. Economic needs are taken into consideration in the framework of the neutrality principle that, by guaranteeing the generative nature of the Internet, keeps the possibilities for innovation unchanged, and prevents strong subjects from creating conditions of exclusion of possible competitors. Furthermore, whenever Internet platforms provide public services that are essential for the life and the activities of people, it is necessary to guarantee the conditions for a suitable interoperability in compliance with the principle of competition and equal treatment of people.

Provided that not all the issues can be analysed in this document, it is suitable recalling the need to consider the access to the Internet as a fundamental right of individuals (Tim Berners-Lee compared it to the access to water), as an essential guarantee not only against any form of censorship, but also against indirect limitations, such as taxation as it is presently happening in Hungary. The set of rights recognised do not guarantee a general freedom on the Internet, but specifically aims at preventing the dependency of people from the outside, the expropriation of the right to freely develop one’s personality and identity as it may happen with the wide and increasing use of algorithms and probabilistic techniques. The autonomy in the management of personal data, therefore, shall also consider new rights as those not to be tracked and to keep silent the chip. This perspective requires a particular in-depth analysis, since a deeply interconnected society is being developed, with a passage to Internet of Things in forms that have suggested some people to speak of an Internet of Everything, which determines a digitalisation of day-to-day lives that is able to transform any person and their bodies.

People cannot be reduced to objects of external powers, they must recover the sovereignty on their digital person. Identity is a key issue. The free development of one’s personality must be safeguarded.

Starting from this set of references, it is necessary to thoroughly examine the issue of the transformation of copyright, whose analysis was postponed to the end of the consultation, since knowledge on the Internet appears as a shared asset that can be considered as a common global resource.

A broader perspective is therefore opened by the Italian draft Declaration, in consideration of the large amount of topics to be tackled and the debate between different points of view; and such Declaration is significantly in line with the European Union policy that particularly emphasises the Charter of Fundamental Rights. The unquestionable aspect is the need to fine-tune a constitutional policy for the Internet, whose users – presently amounting to three billion people – cannot rely on a freedom guaranteed by the absence of rules, as it is still presently stated.

The reality is very different, showing an interconnected network heavily regulated by private subjects that cannot be controlled and that have no democratic legitimation, as it happens – beyond any disputes – with the “Over the Top” operating on the Internet. Internet rights are denied by totalitarian regimes and, unfortunately, by democratic regimes as well. The perspective of a Declaration of Internet rights aims at developing – through procedures different from the ones of the past – the constitutional rules that are fundamental in order to allow the Internet to keep its main feature as a place of freedom and democracy, as the widest space of the history of mankind.

NOTE

(*) Intervention at the Friedrich-Ebert-Stiftung –FREE Group experts meeting on :
Internet: only a “single digital market” or also a space to promote fundamental rights – Towards a European “Marco Civil”? (November 12, 2014). The main idea of this experts’ conference has been to have a first look to the impact of the EU Digital Agenda on fundamental rights as framed by the Treaties, the EU Charter and the recent CJEU jurisprudence (Data retention, Google Case..). As stated by the Charter the individual should be at the center of all EU policies and this objective underpins the recent proposal for an Internet Bill Of Rights of the Italian Chamber of Deputies as well as other national examples (Brasilian “Marco Civil” and recent US initiatives at government, congress and civil society level).
Bearing in mind that EU is competent on most of the aspects dealing with Internet the question arises how to preserve and promote individual rights notably in the pending negotiations on legislative proposals notably on Data Protection, Net Neutrality and Network Security (NIS). Moreover what should be the future initiatives to be developed by the a new Commission’s legislative programme impacting on Internet ? How the future EU single digital market could preserve the principles of non-discrimination, and of informational self determination by strengthening the access to internet as a public common good ?
Together with Stefano Rodotà took also part to the Seminar
Claude Moraes Chairman of the European Parliament Civil liberties Committee (which adopted in 2009 a first Internet Bill of Rights resolution)
Jan Philipp Albrecht EP Rapporteur for the Data Protection Regulaiton and for the transatlantic “umbrella” Agreement
Paul Nemitz Director at the European Commission
Giovanni Buttarelli, Assistant European Data Protection Supervisor
Marc ROTENBERG Professor at the Georgetown University and Director of EPIC and Marie GEORGES expert at the Council of Europe
as well as Joe Mc Namee, Executive Director, European Digital Rights (EDRi).

(**) Article 8 Protection of personal data
1. Everyone has the right to the protection of personal data concerning him or her.
2. Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified.
3. Compliance with these rules shall be subject to control by an independent authority

Some questions to the would-be Commissioner for Better Regulation, Fundamental Rights and Rule of Law (Timmermans)

by Steve PEERS, Henri LABAYLE and Emilio DE CAPITANI

The would-be Commissioners for Better Regulation, Fundamental Rights and Rule of Law (Timmermans) will be questioned tomorrow by Members of the European Parliament (MEPs), to determine whether the EP should vote to confirm them in office. MEPs have already asked some written questions and the would-be Commissioner have replied. However, during the oral hearing will be an opportunity for MEPs to ascertain the Commissioners’ plans, and to secure important political commitments.
Rather strangely the hearing will not follow to the EP very detailed internal rules (of art.118 and Annex XVI (*) which require that hearing should take place before the Parliamentary committees Candidate Vice President Timmermans will instead be heard by the Conference of President of political Groups.

1.Rule of law / implementation of EU law
The confidence of all EU citizens and national authorities in the functioning of the rule of law in the Member States is vital to increase the mutual trust and to further develop the EU into “an area of freedom, security and justice without internal frontiers”.
In your written reply you strongly support the recent Commission proposal for a “common rule of law framework (COM(2014)158 as repeatedly advocated by the European Parliament (but criticized by the Council legal Service). However such an exercise risk which should cover all the EU member states, risk to be meaningless if the Commission does not strengthen the mechanisms which implement the principle of sincere cooperation with and between the MS. For instance there is no ground in the Treaty which justify confidential meetings between the Commission and the MS (even in the framework of the so called “EU Pilot mechanism”) when legal certainty on the exact scope of EU citizens rights and obligations are at stake.
As first steps to strengthen the rule of law would not then be appropriate :
– to update the way how the Commission on a daily basis debates with the Member states the implementation of EU legislation?
– make public the MS implementation plans as well as the table of correspondence between EU and national rules ?
– to implement, (five years after the Lisbon Treaty !), the art.70 mechanism on “objective and impartial evaluation of the implementation of the Union policies” in the FSJA by keeping informed the European and national parliaments ?
– to take stock every year of the ruling of the European Courts and of the measures taken at national level ?

2. Charter of Fundamental rights as “roadmap for the EU legislator ?
In a recent ruling the Court of Justice stroke down for the first time an EU Directive (the Data Retention Directive 2006/24) because “.., the EU legislature has exceeded the limits imposed by compliance with the principle of proportionality in the light of Articles 7, 8 and 52(1) of the Charter. ” According to the CJEU the Directive “..does not lay down clear and precise rules governing the extent of the interference with the fundamental rights enshrined in Articles 7 and 8 of the Charter” and moreover “does not require the data in question to be retained within the European Union, with the result that it cannot be held that the control, explicitly required by Article 8(3) of the Charter, by an independent authority of compliance with the requirements of protection and security, as referred to in the two previous paragraphs, is fully ensured…” In other terms from now on the Court of Justice will require a strict assessment of the proportionality and necessity of measures that constitute serious restrictions to fundamental rights, however legitimate the objectives pursued by the EU legislature.
On the basis of this landmark ruling do you not consider your priority to revise under the proportionality perspective the legislation falling in judicial and police cooperation in criminal matters adopted before the entry into force of the Charter and of the Treaty of Lisbon ?
Will you commit to develop a stronger and more transparent strategy to deal with infringements of EU law where the rights in the Charter are threatened by a Member State’s non-existent or incorrect implemenation of its EU law obligations?
Will not be sensible, taking in account your attachment to the REFIT exercise to review the legislation by establishing “sunset clauses” for measures limiting EU citizens rights? Moreover, by sticking on data protection aspects do you not consider that this ruling raise even bigger doubts on the compatibility with the proportionality principle of the EU-US agreements on PNR and TFTP and of the legislative proposals submitted by the Commission on the EU-PNR and the “Entry-Exit” (not to speak of the lack of compliance of the proposal on trusted traveller with the principle of non discrimination) ? Continue reading “Some questions to the would-be Commissioner for Better Regulation, Fundamental Rights and Rule of Law (Timmermans)”

Access to documents: the Council might not implement a key CJEU judgment

ORIGINAL PUBLISHED ON “EU LAW ANALYSIS”
by Professor Steve PEERS

Monday, 19 May 2014

The EU is often accused by critics of a lack of openness and transparency – and often such criticisms are justified. This is particularly the case as regards the EU legislative process. In principle, this process ought to resemble the open process seen in national legislatures, with full public access to the drafts of legislation that passes through the legislative chamber(s).

However, despite the adoption of a general Regulation on access to documents in 2001, this aspect (among others) of EU transparency is problematic.
The reason for this is that, within the Council, some Member States wish to keep their positions secret, at least while the negotiations are ongoing. Of course, this profoundly undermines the argument that citizens of each Member States, via national parliaments, can hold each individual government accountable for its action within the Council. For some Member States, though, accountability would bring embarrassment.

The CJEU, in accordance with its prior case law emphasising the importance of transparency in the EU legislative process, ruled in the Open Access Info judgment last year that the names of Member States in principle had to be released to the public.

This ruling would seem to be straightforward enough. But the Council is trying to wriggle out of it.

According to an internal Council document discussed by Member States’ EU ambassadors (Coreper) last week, the Council is considering three options:
– referring always to Member State positions;
– making no reference to Member State positions;
– or continuing an unsystematic approach to this issue.

The first option (full transparency) is rejected, because it sometimes this will not be ‘appropriate’, ie it might embarrass Member States. The second option is rejected, because it will be useful to have a record of Member States’ positions. So the suggestion is for the third option.

If this third option is chosen, what seems likely to result is that whenever a Member State believes that its position might be embarrassing, it will ask that there should be no listing of its name in the footnotes.

Moreover, the Council document does not foresee any active transparency, ie disclosing a document with Member States’ positions as soon as it is drawn up.

The new rules (when agreed) will only apply to documents when an individual requests a copy of them. By the time that the Council replies to such a request, discussions on a particular issue could have moved on and so there will not be an opportunity to have a public debate on whether a particular Member State’s position is justified.

So the whole process of challenging the Council in Court as regards this crucial aspect of EU legislative decision-making is ultimately likely to have only limited practical effect.

Perhaps the next step in this battle will have to be non-judicial: either a demand by the European Parliament that the Council open up its legislative proceedings further (or at the very least, that both institutions open up the secretive ‘trialogue’ process); or a complaint to the European Ombudsman that the Council should proactively make all its legislative documents public without individual request.
(NDR Emphasized by me)