3. Fundamental rights – Charter – Page 16 – European Area of Freedom Security & Justice

“Searching for Solidarity in EU Asylum and Border Policies”

Programme and information leaflet for the Odysseus Network’s First Annual Conference: “Searching for Solidarity in EU Asylum and Border Policies”

The Odysseus Academic Network is proud to present the programme for the Network’s First Annual Policy Conference, “Searching for Solidarity in EU Asylum and Border Policies”, in cooperation with the Migration Policy Centre of the European University Institute.
For more information, and to download a PDF of this leaflet, go to http://odysseus-network.eu/omnia-annual-policy-conference/

The Dublin Regulation: Is the End Nigh? Where should unaccompanied children apply for asylum?

ORIGINAL PUBLISHED ON EU LAW ANALYSIS (Thursday, 21 January 2016)

by Steve Peers*

Two recent developments have raised controversy as regards the EU’s Dublin III Regulation, the set of rules which determines in which Member State asylum-seekers must make their asylum application. First of all, a British judgmentyesterday stated that the UK was responsible for the asylum claims by unaccompanied children in France (in particular the Calais ‘Jungle’), who have a family member in the UK. Secondly, a press report indicated that the Commission is planning to propose a fundamental overhaul of the Dublin rules in the near future. Both developments have alarmed some commentators, but thrilled others. I will examine the legal and political context of each of them in turn.

Unaccompanied minors

Many describe the Dublin III Regulation as allocating responsibility to the ‘first Member State’ which an asylum-seeker entered. This is true for most asylum-seekers; technically it’s the first Member State which they entered without authorisation which has responsibility, but this amounts to the same thing. However, there are exceptions. In particular, since the very first version of the Dublin rules (the Dublin Convention), there have been special rules which apply where the asylum-seeker has a family member in one Member State. These were expanded in the Dublin II Regulation, among other things to add special rules where the asylum-seeker is an unaccompanied minor. Those rules were altered a little further in the Dublin III Regulation.

What are the rules for unaccompanied children? The priority is to place them in the same Member State as a family member. First of all, the Regulation gives responsibility to a Member State where they have a ‘family member’ (defined as a parent, spouse or child) or a ‘sibling’ who is ‘legally present’. Secondly, it gives responsibility to a Member State where they have a ‘relative’ (defined as an adult aunt, uncle or grandparent) who is ‘legally present’. In this second case, there are further conditions: there must be an individual examination to check that the relative is able to take care of the child, and the allocation of responsibility must be in the best interests of the child.

In the absence of a family member or relative, an unaccompanied minor – unlike any other asylum-seeker – in effect has a choice of which Member State to apply in. The CJEU has confirmed (in the case of MA) that this applies even after the child has already applied in one Member State. A subsequent proposal to confirm and extend this rule (which I discussed here) seems to be blocked for now. But this rule was not at issue in yesterday’s judgment.

Despite the consternation it caused in some quarters, that judgment is primarily straightforward. Once it’s clear that the asylum-seeker is a child who has family or relatives as defined by the EU rules in a particular Member State, the child must be transferred to that Member State to apply for asylum there. Sometimes it’s hard to prove the age of the child or the link to family or relatives, but it doesn’t seem like that was the case here (it’s hard to be certain, since the full text of the judgment is not reported yet).

One of the asylum-seekers in the case was not a child, but was dependent on a younger brother due to the effects of trauma suffered in Syria. His situation was covered by a separate clause in the Dublin III Regulation which says that ‘dependent persons’ should stay with a child, sibling or parent who can take care of them. This is a binding rule (‘shall normally keep or bring together’), as established in the CJEU judgment in K and confirmed in the preamble to the Dublin III Regulation.

Why was the judgment controversial? First of all, there is a particular legal point: the rules in the Regulation only take effect for those who have applied for asylum, following which the Member State where they have applied is obliged to contact the responsible Member State and arrange for the transfer to that State. The judgment appears to circumvent that process, simply requiring the UK to admit the four plaintiffs despite the absence of any action by the French authorities. It appears from press reports that at least one of the applicants did have some proof of having applied for asylum in France, but it is not clear if all of them did. This will probably be the basis of an appeal which the UK government might make – although the applicants will be allowed into the UK in the meantime.

On the face of it, this is a valid legal objection: the proper procedures were not followed. Having said that, the judgment is indisputably consistent with the substantive intention of the drafters of the law: to ensure that children (and dependent persons) who apply for asylum are with people who can look after them. Since all the plaintiffs are Syrian, there seems little doubt that they intend to apply for asylum (and perhaps had done already) – or that their application will be successful (the refugee recognition rate for Syrians being over 90%).

More fundamentally, the plaintiffs alleged that the French government did not (or would not) process their asylum applications. If this is true, the French government is in breach of EU law, and it is arguable that its breach should not be allowed to stand in the way of applying the rules on asylum responsibility. But this line of argument raises complex legal questions about how to prove such fault and who has the burden of proving it – and whether such a fault justifies a procedural shortcut at all. It would be best if these issues are sent to the CJEU to clarify (it can use an emergency procedure to decide on cases involving children). That would also make it more obvious that these issues do not just concern the UK and France: there may be unaccompanied children seeking asylum in Greece who seek to join family or relatives in Sweden, for instance.

Secondly, there are political objections on the grounds that UK immigration law has been infringed. It should be noted that the UK chose to opt in to the Dublin III Regulation – while it opted out of almost every other EU immigration and asylum law of the last twelve years. The attraction for the UK was the possibility that some asylum-seekers could be sent back to other Member States – which they are. But the rules are reciprocal: sometimes they are bound to mean that the UK has to accept asylum-seekers from other Member States. In practice, most or all such cases will involve family members. And quite frankly, anyone who argues that in principle an unaccompanied child who is seeking asylum from war or persecution should remain in squalor in Calais or Dunkirk, rather than join a family member legally in the UK who can look after him or her, is devoid of basic humanity.

What is the impact of the ruling? It cannot affect anyone who has not got family members in the UK, subject to the conditions mentioned above. In some cases, it will be hard to prove that the applicant is a child, or that the person they seek to join is a family member. The procedural aspects still need to be clarified. But for anyone else, as I discussed last summer, the French government quite rightly remains responsible for dealing with their asylum applications and providing humane living conditions, or for returning those who have not applied for asylum or whose applications have failed to their country of origin.

Plans to amend the Regulation

The key feature in the reported plans to amend the Regulation is the intention to replace the ‘first country’ rule with a set of criteria allocating responsibility to Member States based on some kind of ‘fair shares’ principle. Presumably some rules allocating responsibility based on family members will remain, perhaps with amendments. No further details are known, and it should not be forgotten that the Commission proposal would have to be agreed by both the European Parliament and the Council. But I will focus on two key issues: the feasibility of the new system, and the impact on the UK.

First, the feasibility has to be assessed in light of the EU’s existing rules on ‘relocation’ of some asylum-seekers who reached Greece or Italy. Two measures were adopted in September, and I discussed them in detail at the time. Four months on, there are significant problems applying these rules in practice, as the Commission’s regular reports indicate (see also the UNHCR’s assessment). A tiny fraction of the asylum-seekers have been relocated, due to the slow development of ‘hotspots’ for registering applications in Greece and Italy, as well as the reluctance of most Member States to receive asylum-seekers. Some Member States have flat-out refused to apply the system, and Slovakia and Hungary have challenged its legality (see the analysis of Slovakia’s challenge by Zuzana Vikarska here). The ‘hotspots’ are arguably not properly considering the asylum applications of many asylum-seekers who are not due for relocation (see analysis by Frances Webberhere). While the Commission has proposed already to amend the Dublin III Regulation to make emergency relocation rules permanent, the Member States are objecting to this (see the leaked record of discussions here).

Overall, then, the relocation system is manifestly not working. It is therefore hard to see why the Commission could imagine that it could somehow work if it became thegeneral rule, rather than the exception as at present (the relocation Decisions only apply to 160,000 asylum-seekers over two years, a small minority of the numbers that might be expected over that time).

Secondly, the UK, as already noted, has an opt-out from EU immigration and asylum law. This opt-out applies also to amendments to legislation that the UK already takes part in. Indeed, the UK has opted out of most of the ‘second phase’ of EU asylum legislation, even though it opted in to all the ‘first phase’ measures. So it is flagrantly not true to say that the UK could be ‘forced to accept more refugees’ under any new proposal. It could simply opt out.

However, that opt out could have consequences. The Protocol on the UK opt out says that if the opt out from an amendment to an existing law in which the UK participates makes the existing law ‘inoperable for other Member States or the Union’, that existing law can be revoked as regards the UK. This is a high threshold, and this clause has never been invoked to date. The UK was able to opt out of the relocation decisions, and of the recent proposal to amend Dublin III to add a permanent emergency system, without triggering this clause (as I discussed here). However, a complete overhaul of the Dublin system, replacing the core rules on the allocation of asylum responsibility, is likely to trigger it.

In that case, the UK would face a choice: (a) opt in to the new rules, and face more asylum-seekers as a result, or (b) opt out of the new rules, and face more asylum-seekers because the existing Dublin rules would be terminated for the UK. For those (like the UK government) who would not like to see more asylum-seekers, neither option is appealing. But it is likely that there would be a far smaller increase in asylum-seekers if the UK opts out. Recent statistics collated by Open Europesuggest that the UK only returns about 700 asylum-seekers a year to other Member States pursuant to the current Dublin Regulation in recent years; and yesterday’s ruling may mean that this may have to be offset against flows in the other direction. On the other hand, one estimate in The Independent suggests that a ‘fair shares’ rule could mean that the UK is responsible for 85,000 asylum-seekers a year.

Finally, what would be the impact of ‘Brexit’ on asylum-seeker numbers? Since the current Dublin rules are internal EU legislation (they ceased to take the form of a ‘Convention’ back in 2003), the UK would no longer be covered by them as from Brexit Day. The EU could sign a ‘Dublin’ treaty with the UK, but I rather doubt it would do so, for the reasons I discussed here). So Brexit would increase the numbers of asylum-seekers in the UK, assuming that the current Dublin rules are then still in force, and still result in a net removal of asylum-seekers from the UK. If there are new Dublin rules, and the UK has opted out of them, then Brexit would have no effect. Brexit would only reduce the number of asylum-seekers if the Dublin rules are still in force and have resulted in a net inflow of asylum-seekers to the UK. In any event, Brexit would mean that unaccompanied children seeking asylum are left alone in other Member States rather than joining parents or other family members who are legally in the UK and able to look after them.

*Disclosure: I have done some work as a sub-contractor for a contractor advising on the evaluation of the Dublin III Regulation and the impact assessment on its replacement. However, while I am bound to confidentiality as regards that work, I was paid for my independent advice and remain free to express my views on the current or future Dublin system.

The European Social Charter in the context of implementation of the EU Charter of Fundamental Rights

EXECUTIVE SUMMARY OF A STUDY FOR THE CONSTITUTIONAL AFFAIRS COMMITTEE OF THE EUROPEAN PARLIAMENT (FULL VERSION AVAILABLE HERE )

by Olivier DE SCHUTTER

The European Social Charter, initially adopted in 1961 within the framework of the Council of Europe as the counterpart to the European Convention on Human Rights, has gained increased relevance and visibility since its ‘revitalization’ in the 1990s, particularly with the entry into force of the Additional Protocol on Collective Complaints in 1998 which, by the end of 2015, 14 EU Member States had accepted. The interactions with the EU have also become more common: EU secondary legislation inspired a number of provisions that were included in the 1988 Additional Protocol to the European Social Charter and in the 1996 Revised European Social Charter, which updated and extended the list of guarantees included in the original instrument; moreover, the European Committee of Social Rights (ECSR), the expert body tasked with supervising compliance with the European Social Charter, routinely is led to assess whether national measures implementing EU law comply with the requirements of the European Social Charter.

It is therefore surprising that even the more recent developments concerning the protection of fundamental rights in the EU legal order have largely ignored the European Social Charter. Although the European Social Charter is referred to in the EU treaties, the Convention which drafted the EU Charter of Fundamental Rights in 1999-2000 borrowed only selectively from the Council of Europe Social Charter as a source of inspiration for its social provisions. The impact assessments accompanying legislative proposals of the European Commission, although they refer to the EU Charter of Fundamental Rights since 2005, do not refer directly to the European Social Charter. The Court of Justice of the European Union has not compensated for this: although it has occasionally referred to the European Social Charter as providing guidance for the interpretation of EU law, it has until now refused to align the European Social Charter with that of the European Convention on Human Rights as a source of inspiration for the development of fundamental rights as general principles of law that it ensures respect for, in accordance with Article 6(3) of the EU Treaty.

This is unsustainable. The current lack of coordination creates the risk of conflicting obligations imposed on the EU Member States, respectively as members of the EU and as States parties to the European Social Charter: for instance, the ECSR found the legislative reforms introduced by Sweden in order to comply with the 2007 Laval decision of the Court of Justice to be in violation with the requirements of the European Social Charter. The failure to take into account the European Social Charter is also the source of tensions that result from the prescriptions addressed to the Euro Area Member States, under the European semester or for Euro Area Member States under financial assistance: thus, the ECSR has found that a number of measures adopted by Greece following the bailouts of 2010 and 2012 were in violation of that country’s undertakings under the European Social Charter.

In order to move beyond the current impasse, four options are explored. First, the Court of Justice could acknowledge more explicitly the role of the European Social Charter in the development of fundamental rights in the EU legal order. At a minimum, it could do so by interepreting the provisions of the EU Charter of Fundamental Rights that correspond to rights of the European Social Charter in accordance with the interpretation given to this latter instrument by the European Committee of Social Rights, which is specifically tasked with the task of assessing from a legal viewpoint the legislation and policies of the States parties. In addition however, the Court of Justice could seek inspiration from the Charter to develop the fundamental rights that are included among the general principles of EU law, thus aligning the status of the European Social Charter with that of the European Convention on Human Rights. As the Court itself has acknowledged, the European Social Charter has been ratified by all EU Member States (whether in its original version of 1961 or in its revised form of 1996), and thus provides a particularly authoritative list of social rights that are consensual across the EU-28.

Second, the European Social Charter could play a greater role in impact assessments accompanying the legislative proposals of the European Commission: such impact assessments could include explicit references to the European Social Charter in the guidelines for impact assessments of legislative proposals prepared by the European Commission. This would go a long way towards ensuring that EU law shall develop in a way that is fully consistent with the obligations of the member States in international law, thus reducing the risk that they may be faced with conflicting international obligations. It would also fulfil the mandate of the Treaty on the Functioning of the European Union, which commits the EU to ‘take into account requirements linked to the promotion of a high level of employment, the guarantee of adequate social protection, the fight against social exclusion, and a high level of education, training and protection of human health’ in defining and implementing its policies and activities (art. 9 TFEU).

Third, the EU Member States could be encouraged to align the range of their undertakings under the European Social Charter, in order to improve the uniform application of EU law. For the moment, the à la carte system of the European Social Charter results in a situation in which the undertakings of the EU Member States under the Charter remain highly uneven, as they have not all accepted to be bound by the same provisions of the Charter. The European Commission could list the provisions that are most closely connected with EU secondary legislation, and which, if accepted by all EU Member States, would strengthen the effectiveness and the uniform application of EU law.

Finally, the process of accession of the EU to the European Social Charter could be initiated. Such accession has been envisaged on various occasions, ever since the “Spinelli” Treaty on the European Union of 1984, and the European Parliament has unequivocally expressed itself in favor. Considering the large number of areas covered by the European Social Charter in which the EU has been attributed certain powers by the Member States, as well as the potential for further legislative instruments to be adopted in these areas, the EU could accede to the European Social Charter on the basis of Article 216(1) TFEU: the relationship of the EU to this instrument would be very similar to that it has developed with the UN Convention on the Rights of Persons with Disabilities, which the EU acceded to in 2009. Moreover, the objections raised by the Court of Justice of the European Union in Opinion 2/13 concerning the accession of the Union to the European Convention on Human Rights would not apply to the accession to the European Social Charter, at least if such accession does not extend to the Union joining the mechanism provided for by the Additional Protocol on Collective Complaints. Even if it were envisaged to allow the Union to join that Protocol, many of the concerns raised by the Court of Justice in Opinion 2/13, concerning the autonomy and the specific characteristics of EU law, either would not apply at all (due to the differences between the control mechanism established by the ECHR and the collective complaints mechanism), or could be met by the insertion of appropriate stipulations in the agreement providing for the accession of the Union to the European Social Charter. ….(continue here)

The draft EU Directive on Combating Terrorism: Much Ado About What?

ORIGINAL PUBLISHED ON EU LAW ANALYSIS (on Sunday, 17 January 2016)

by Cian C. Murphy, (*)

The slow strangulation of the transnational public sphere continues. The publication last month of a draft EU Directive on Combating Terrorism is the Union’s initial (legislative) response to recent murders by Islamic State fighters in Europe and elsewhere. The draft Directive will recast the Framework Decision on Combating Terrorism, first adopted in 2002 and amended in 2008, and will further broaden the impact of EU law in national criminal law as regards terrorism.

The Directive may be of more significance in terms of constitutional law in this field than criminal law. The majority of the Directive’s content can already be found in the Framework Decision (as amended) and, as such, will not require much by way of transposition by those Member States that have been fastidious in their transposition of the Framework Decision (although such Member States may be fewer than one would expect).

The draft Directive does have certain rule of law strengths. As a measure to be adopted upon the legal bases of Article 83(1) and Article 82(2) TFEU it will enjoy the full enforcement mechanisms and procedures that the European Commission and the Court of Justice of the EU can bring to bear. This is in contrast to the Framework Decision which, as a (former) third pillar measure, did not (at first) benefit from the application of these enforcement mechanisms. The extent to which these rule of law strengths are virtuous might, however, be open to discussion. The content of the Directive is rather broad and it is not absolutely clear what faithful transposition of some measures would entail.

Nevertheless, for those Member States to whom the adopted Directive applies, there will be the prospect of enforcement in the case of tardy or inaccurate transposition. It remains to be seen as to which Member States the adopted Directive will apply. The list will not include Denmark, which does not participate in these measures, but it may include Ireland or the United Kingdom. Either Member State may elect to participate in the measure – either before or after its adoption. The United Kingdom’s opt-out from former third pillar measures (discussed here) included an opt-out from the Framework Decision on Combating Terrorism – a somewhat absurd decision given the emphasis the UK places on action in this field (at national, EU, and international levels).

Even if none of the three Member States participate in the Directive, two of them (Ireland and Denmark) will continue to be bound by the Framework Decision. Because the majority of the two texts are identical there may not be much variance in the ‘variable geometry’ in this field – although the different powers of enforcement for the European Commission and Court of Justice merit restatement. The example of the Framework Decision and Directive demonstrate how increasingly complex this field of EU law is at a constitutional level – a complexity that is not helpful from either the point of view of operational effectiveness or the protection of civil liberties.

Insofar as there is new content in the Directive it largely derives from recent ‘international standards’ in the field of counter-terrorism finance and travel by ‘foreign terrorist fighters’. Chief amongst these standards is UN Security Council resolution 2178 – adopted in 2014 to address the threat from Islamic State – and much of the resolution is to be found in the Directive. (See also the recent Council of Europe Protocol on this issue) Key amongst these initiatives are Articles 9 and 10, which require Member States to create offences of travelling abroad for terrorism and of organising or facilitating such travel. Member States must ‘take the necessary measures’ to punish such action ‘as a criminal offence when committed intentionally’. Article 8 provides a new offence – to receive training for terrorism – that aims to capture those individuals that may ‘self-radicalise’ and train themselves using materials available on the internet or elsewhere.

The draft Directive also contains some language of interest to victims of terrorism. Article 22 provides for the protection of, and provision of assistance to, victims of terrorism. Of particular note is the requirement to provide ‘emotional and psychological support, such as trauma support and counselling’. It is unclear how Member States are to ensure that the services are ‘confidential, free of charge, and easily accessible to all victims of terrorism’. This clause would appear to include what could be quite a significant commitment of resources for Member States’ mental health services – one that is entirely commendable but the funding of which may prove a challenge.

A further point of note is that the structure of certain clauses in the Directive, for example setting out the definition of terrorism, have been subject to alteration in comparison with the Framework Decision. It is not clear, however, that anything turns on these syntax changes. Indeed, it seems unlikely that Member States which have already spent legislative time on the implementation of the Framework Decision would now look to revise their national measures merely to update the language of the definition (if, indeed, nothing does turn on the differences).

Certain substantive discrepancies do exist between the Framework Decision and the draft Directive. One example is Article 1(2) of the Framework Decision. The Article provides that the Framework Decision does ‘not have the effect of altering the obligation to respect fundamental rights and fundamental legal principles as enshrined in Article 6 of the Treaty on European Union’. In terms of the application of the law this clause was always redundant – legislation cannot alter a Treaty rule. However, it is easy to read the omission of the clause from the draft Directive as a shift in emphasis – and the failure to address the admission in the proposal document makes this criticism easier to make.

Taken as a whole, the Directive continues the ongoing restriction of various mobilities – of finance, information, and people – in the name of counter-terrorism. This restriction has been the hallmark of international efforts since 11 September 2001. There is an inevitable risk for critiques of such action: on the one hand it appears to be restrictive of civil liberties across Europe and on the other hand its operational usefulness is unclear. Can such a law be both draconian and ineffective? Undoubtedly. As with any EU measure the proof will be in the transposition and implementation.

(*) The Dickson Poon School of Law, King’s College London

Is Workplace Privacy Dead? Comments on the Barbulescu judgment

ORIGINAL PUBLISHED ON EU LAW ANALYSIS

by Steve Peers

When can an employer read an employee’s e-mails or texts, or track her use of the Internet? It’s an important question for both employers and employees. A judgment this week in Barbulescu v Romania addressed the issue, but unfortunately has been greeted by press headlines such as ‘EU court allows employers to read all employee e-mails’. This is wrong on two counts: it’s not a judgment of an EU court, but of the separate European Court of Human Rights; and the ruling does not allow employers to read all employee e-mails without limitation.

So what exactly did the judgment decide? And would the ruling have been any different if an EU court had decided it?

Background

The European Court of Human Rights (ECtHR) has jurisdiction only to interpret the European Convention on Human Rights (ECHR) and its protocols. TheBarbulescu case concerns the right to privacy under Article 8 ECHR, which can be limited on certain grounds according to Article 8(2). It follows on from, and further develops, previous rulings on similar issues.

In Halford v UK, a well-known case concerning a policewoman suing her local force for sex discrimination, the ECtHR ruled that Article 8 was breached when the police force intercepted calls from a separate work telephone which they had provided for her to contact her lawyers. The key points of the judgment were that Article 8 can apply to workplaces, depending on whether there was a ‘reasonable expectation of privacy’. Ms. Halford had such an expectation since the police force had made a particular point of providing her with a separate telephone and assuring her that she could use it to discuss the litigation privately.

Obviously, situations like that are rare. It’s far more common that an employee might use a computer or phone provided by the employer in the ordinary course of work in order to have some private communication. Yet Article 8 can also protect employees in those cases too. In Copland v UK, the ECtHR ruled that Article 8 was breached when an employee’s phone calls, e-mails and Internet use from work were monitored by her boss. The crucial point was that there was ‘no warning that her calls [or e-mail or Internet use] would be liable to monitoring’.

The new judgment

How is Barbulescu different from Copland? The answer is that the facts are quite different. In the newer case, the employer had an absolute ban on employee’s use of work equipment for private reasons. Barbulescu’s boss suspected that he was not complying with this policy, and informed him of its suspicions, on the basis of monitoring his account. The employee denied non-compliance, so the employer presented him with a transcript of his Yahoo Messenger communications, which included personal communications. He sued his employer in the Romanian courts and lost, so he brought his compliant to the ECtHR.

The Court ruled that the complaint was admissible, but the majority rejected his Article 8 claim on the merits. While Article 8 was applicable, his employer was simply trying to enforce its absolute ban on private use of work equipment, and he had breached his employment contract. The employer had only accessed the account to check whether he was using it just for professional purposes, given that he had claimed that he did not use it for private reasons. The use of the transcript of his communications was limited, since the identity of the other parties to the communication was not disclosed. Other documents stored on his computer were not checked, and he did not have a convincing reason for using work equipment for private purposes.

One dissenting judge argued in detail that the majority was quite wrong on the merits, arguing for more stringent control of employers’ monitoring of employees’ private Internet use (primarily by means of detailed notification requirements). It should be noted that Mr. Barbulescu can still ask the Grand Chamber of the ECtHR to review this judgment, since it was issued by a Chamber of judges.

Impact

The Court is clearly not overturning its prior case law: it distinguishes Halford andCopland, rather than reversing them. So Barbulescu definitely does not give employers carte blanche to put their employees under surveillance. There remain – as there were before this judgment – cases where such surveillance is justified, and cases where it is not. The importance of Barbulescu is some clarification on where the dividing line falls between those two categories.

Legally speaking, that line is determined by the degree of ‘reasonable expectation of privacy’ that employees have at the workplace. They have such an expectation where the employer has expressly allowed them to use a phone or computer for private purposes (Halford), or where it was tolerated (Copland). In this case, the crucial difference is that the employer banned such use.

Moreover, the Court also mentions other specific factors, as listed above: access to the communications followed a denial by the employee; use of the transcript of the communications was limited; other documents stored on the computer were not checked; and there was no convincing reason for using work equipment for private purposes. The Court also emphasised the fact that the employee brought an employment law claim, rather than a criminal law or data protection law claim. Arguably, all of these factors are relevant and must be considered in addition to the employer’s ban on private use of work equipment.

In any event, the ruling is questionable authority, for two reasons. First of all, it’s possible that the Grand Chamber of the ECtHR will review it and overturn it. This would be richly deserved because – with the greatest respect – it’s a very poorly reasoned judgment. Secondly, it’s arguable that EU law sets higher standards. Let’s examine these two points in turn.

Comments

What are the flaws in reasoning? First of all, the majority in Barbulescu purport to distinguish the prior judgment in Copland, but in fact they contradict that previous ruling. They describe it as a case where employee use of the employer’s Internet was ‘tolerated’. That’s true, but it’s not all. As can be seen from the quote above, the crucial point of that judgment was that the employee was not told about the employer’s surveillance. That’s a crucial distinction because it’s not clear whether the employee knew about the surveillance in this case (the point was disputed between the parties, and the ECtHR decided not to address it). Of course, the point has much broader relevance: there may be many other employers in Europe which have a blanket ban on employee use of the Internet, but which have not informed their employees about surveillance. Is that failure to inform crucial (Copland), or (apparently) not (Barbulescu)? Or is it only crucial where the private use of employer equipment is not banned?

Secondly, there are internal contradictions in the reasoning. The Court places great stress on the fact that the employer only subjected the employee to surveillance when he claimed that his use of the messaging service was for work reasons only. So it had no reason to expect to find personal data in those messages, when it checked them to see if he was lying (para 57). That sounds reasonable. But in the presentation of the facts (at para 7), the accusation that the employee was using work equipment for personal reasons was based on placing him under surveillance. In other words, he was put under surveillance first. This isn’t a minor quibble, because it raises an important question of whether employers which impose a general ban on the private use of work equipment have a general prerogative to place their employees under surveillance, or whether there must be some specific reason (such as the employee’s denial of an accusation to that effect) to do so.

The Court also asserts that the identities of other people were not disclosed in the transcripts of private messages. But the judgment refers to the applicant’s brother and fiancée. Anyone who knows him knows who they are. Indeed, if Barbulescu has a social media presence, I could probably find out who they are myself – with a bit of help from Google Translate. (I haven’t actually tried this).

Finally, the Court accepts that the Article 8 right to privacy is affected, but (as the dissenting judge points out) it doesn’t properly apply Article 8(2). This means that the Court doesn’t identify what interests justify the breach of the right to privacy, whether the breach was in accordance with the law, or whether it was proportionate and necessary. While the employer interest in enforcing its policy on work equipment should fall within the scope of ‘the rights and freedoms of others’ as a justification, it’s far from clear that the employer’s actions were clear and foreseeable (part of the ‘in accordance with the law’ test) or proportionate.

EU law

As noted at the outset, the judgment was issued by the European Court of Human Rights, not an ‘EU court’. (I’ll be sending every journalist who got this wrong a batch of pork pies specially seasoned by David Cameron). But there is a substantive EU law element here, as briefly noted by the ECtHR. Data protection law is one of the two main areas where EU law and human rights law frequently overlap (the other area is asylum law).

There are several reasons to distinguish between EU law and the ECHR. First of all, EU law applies to 28 states, while the ECHR applies to 47. This distinction is blurred a little in data protection law, since some non-EU states (Schengen associates) have agreed to apply EU data protection law; that law also applies to some companies based outside the EU (Google Spain); and non-EU countries are judged by the EU on whether their law is ‘adequate’ from the EU’s perspective, meaning it has to be quite similar to EU law (Schrems).

Secondly, the procedure and remedies are different. EU law is usually developed by means of a national court pausing its proceedings, asking the CJEU some questions and then reopening the case at national level and applying the answers it gets. It can then apply the remedies available in national law, which can sometimes be affected by EU law too (see Vidal-Hall and Benkharbouche). In this case, the Romanian courts noted the EU law points, but decided against the applicants on the merits without asking the CJEU questions. Arguably the final national court should have sent questions to the CJEU, and its failure to do so is itself an ECHR breach (see Daniel Sarmiento’s discussion here), but Mr. Barbulescu didn’t raise that point. If he had won in the ECHR, the only remedies he could get would be a declaration, costs and damages.

EU law can also be applied against private parties, subject to the limited ability to apply it in the case of Directives. That limitation will soon disappear when the upcoming data protection Regulation comes into force. The ECHR cannot apply to private parties as such, which is why this case had to be brought against the Romanian state, not Barbulescu’s employer, although the ECtHR swept aside that distinction by referring to the doctrine of positive obligations (ie the State must ensure that human rights are protected in private relationships).

The biggest issue is whether substantive EU law would give greater protection. While the ECtHR noted that this case involved Mr. Barbulescu’s ‘personal data’ within the meaning of EU law, it did not examine the EU legislation (the current data protection Directive) further. The dissenting judge did so, taking into account also ‘soft law’ of the EU’s ‘Article 29 working party’. This body of national data protection supervisors frequently meets to adopt detailed policy statements taking a very assertive view of how to interpret EU data protection law. Then they return home, and fail to enforce the policies they agreed to.

Under the EU Directive, can his employer justify collecting Barbulescu’s personal data? He did not consent to the collection of that data, so the employer would either have to argue that it was ‘necessary for the performance of a contract’, or for its ‘legitimate interests’. In the latter case, those interests could be outweighed by his rights. There’s no clear answer from this wording whether the CJEU would decide this case the same way, interpreting the Directive: it’s arguable (as the national courts held) that it was ‘necessary’ to monitor the employee’s communications in order to enforce the rule against private use of communications, or that the factors referred to by the ECtHR were enough to give precedence to the employer’s interests over the worker’s rights. But the overall pro-privacy tone of recent CJEU rulings on data protection (Digital Rights, Google Spain, Rynes, Schrems) suggest that the CJEU would be more likely to rule that some prior notification of surveillance was required.

Another issue is that some of the data concerned the employee’s health and sex life. EU law prohibits processing this, and other ‘sensitive’ personal data. But this prohibition is a legal fiction, as in fact a number of grounds for processing sensitive data are permitted. In practice, it’s more accurate to say that it’s harder to justify processing such data. Applying that rule to this case, the Directive states that such data can be processed if ‘necessary’ to carry out the employer’s obligations and rights ‘in the specific field of employment law’, if that is ‘authorized by national law providing for adequate safeguards’. It’s hard to know if these criteria were met in this case. (These rules will not change much under the future Regulation. There will be a new clause allowing Member States to have special rules for employment issues, but there’s no specific mention of employer surveillance).

Given that Romania is bound by the EU Directive, should the ECtHR have looked further at the EU law issues? It’s an awkward point, since the ECtHR doesn’t have jurisdiction as such to rule on EU law. But interferences with the right to privacy must be ‘in accordance with the law’. So there should at least have been a cursory examination of whether the national law, and the national court’s interpretation of it, appeared to be consistent with the relevant EU law. The ECtHR avoided doing this, because (very unusually for a privacy case) it ignored the ‘in accordance with the law’ test entirely.

Conclusion

Altogether, this judgment is not the ECtHR’s finest hour. But it may not be the final word on this important issue either. It remains to be seen whether the Grand Chamber might review this case, or whether the CJEU or national courts, perhaps excited by the new Regulation, might insist that higher standards apply in national law. For the time being, though, employers should be aware that there is still a fine line between acceptable and unacceptable monitoring of their employees.

The Discreet Charm of Passenger Data: Big Data Surveillance Coming Home

Posted HERE on January 14, 2016

by Rocco Bellanova & filed under Security.

Several governments see in the mass-surveillance of passenger data the key tool of counter-terrorism. These data are generally known as PNR – Passenger Name Records, and their potential for law enforcement has been discussed at least since the 1990s. Now European Union (EU) debates about the creation of a European PNR scheme seem settled once and for all. Others have already provided legal analyses of the measure to come. Here the goal is different: I aim to show how urgent it is to start researching the political dimensions of this security program right when all politics fade away.

Example of a PNR.

PNR-584x438

PHOTO: Edward Hasbrouck, The Practical Nomad.

While PNR were part of my PhD research and as such a big chunk of my everyday world, I often have quite a hard time to explain what PNR are beyond a quite small circle of geeks. It was even difficult to explain colleagues how this kind of topic may be relevant for international and EU studies. Blame it on my lack of training or competence in the vulgarization of scientific research. Blame it on my choice of a theme considered either a technicality or something for ‘legal scholars only’.

Since November 2015, things (might) have changed. The surveillance of air passengers has become a trumpeted European priority in the revamped War on Terror, while before it was largely considered an expert-only business. Several political declarations voice the need to create a system able to identify potential ‘returning jihadists’ and better track their travels within and outside of Europe, and the EU institutions seem closer than ever to adopt legislation on the matter. But, what are we speaking about when we speak about PNR? And what are the challenges ahead for researchers, advocates and institutions alike?

The many lives of PNR

First things first: PNR are a set of information that is generated at the booking of a travel, especially when it comes to flights (for a more critical presentation: here). PNRs include widely different data, from the name of the passenger and the method of payment used, to frequent flyer numbers and travel itineraries. PNRs can also show whether the reservation includes other persons, where the ticket was bought and which changes have occurred. In other words, every time you fly – better: every time you or somebody else books a flight for you – chances are that you get a PNR.

Through the last decades, PNR have become the backbone of airline reservation systems and, to make a long story short, are now presented as a key element for carrying out intelligence-led policing. Following the Paris attacks in January and November 2015, several institutional actors, from the French Interior Minister to the EU Counter-Terrorism Coordinator, have insisted on the need for the EU to set up a PNR scheme. Actually the idea was looming around since a while, and the Commission had already tabled twice a legislative proposal, in 2007 and in 2009. However, the draft had been put on hold after a negative vote in the European Parliament (EP) Committee for Civil Liberties, Justice and Home Affairs (LIBE) in April 2013.

Some countries have already developed quite comprehensive security systems that rely on the processing of PNR, notably the United States (US) and Canada, but also the UK within the EU. Generally speaking, PNR systems could be used for both more traditional investigative work and for profiling-based surveillance. It is mostly this second aspect that has attracted the attention of critical security researchers and law scholars, and it is this profiling potential that makes it a very tempting security measure for its proponents. So, when we speak about PNR we speak about many controversial topics: the deployment of mass-surveillance measures, a far-reaching interference into the private life of millions of passengers, the potential risk of discrimination, a shift towards pre-emptive security, the role of private actors in the creation of security measures, etc. Hence, PNR is also the name of the new concerns that surveillance raises in contemporary liberal societies.

At EU level, most of the debates revolve(d) around the impact on privacy and, notably, the possible role for data protection. Actually, the text that was recently agreed among representatives of the Commission, the Council and the Parliament – the new ‘EU PNR directive’ as it is called in EU jargon – abounds of references to data protection law, principles, and organizational tools. It seems to have a two-fold purpose: to facilitate the processing of passenger data and to protect the same data. Notably, the Members of the European Parliament made compulsory the appointment of Data Protection Officers within each of the national units that will collect, store and process data, and the powers of national data protection authorities have been further clarified. From this perspective, the PNR is the name of the tentative efforts to govern big data.

Les jeux sont faits (?)

Taking into account both these safeguards and the perceived need to use PNR as a crucial means in the fight against terrorism, the LIBE Committee has green-lighted the compromise version of the EU PNR Directive. The next legislative step is a vote in a plenary, then the adoption from the Council and a few other ‘technical’ steps. All resistance is coming to an end: controversies seem settled and the EU will have its common EU PNR scheme. After close to 8 years of debates among EU institutions, and more than a decade at international level, EU countries will finally have their own PNR-based security systems, and stop gazing with envy at other countries’ systems (notably the mighty US program). From this perspective, PNR is the name of a properly working EU – which delivers what is a needed at the right time – and will be remembered as a milestone in the creation of a common policy response in the field of counter-terrorism.

Then, what does remain to be done now that institutional politics are settled? Research-wise, the next step is just taking the time to submit a paper to a major peer-reviewed journal – now with the EU PNR Directive written down in the EU Official Journal and no more surprises and twists. Let’s finally call PNR with its due research name: one more case study to show the added-value of one or another theory of EU studies.

Then I read the leaked text. I read also the tough criticism by the European Data Protection Supervisor (EDPS – an EU institution focusing on data protection). And I started to think again about all of the above.

The EU PNR Directive foresees the capture of PNR of all passengers on EU-bound flights, departing or arriving from a third country. As the EDPS notes, this measure introduces mass-surveillance by security authorities on European scale. A huge amount of data will be stored for 5 years: 6 months with all personal information immediately available, and 4.5 years partially “masked”, in a depersonalized format that can be still reversed into the original in specific cases. All these data will be processed by run against given databases or specific lists, against specific profiling criteria, and in response to specific queries of security services. These data will also be used to create or update new profiling benchmarks. Not even the Data Retention Directive had such an outreach, because in that case traffic and location data of telecommunication remained stored with the providers, and not automatically and systematically transmitted to law enforcement authorities. As such, PNR is also the name of big data surveillance coming to Europe.

The future of PNR

Surely, the EU PNR Directive sounds quite robust in terms of data protection safeguards. As discussed elsewhere, I kind of ‘love’ data protection and I am confident that data protection safeguards and institutions will contribute to the governing of PNR. And yet, there is still too much of passenger data, despite all guarantees provided by data protection. From this troubling perspective, PNR is also the name of the limits of data protection.

Moreover, despite the fact we’ve seen so much of PNR for so long, there are very few PNR security systems already operational in Europe. Apparently, only the UK eBorders system is up and running (and has recently gone through a storm of criticism), and few others have been slowly launched but not fully implemented. Experience is that this kind of large-scale high-tech systems will be difficult to set up in Europe. For example, this has been the case with the new Schengen Information System (SIS2), whose difficult implementation even delayed for several member states the full enjoyment of a series of Schengen related advantages. The political impact of high-tech security systems was generally discussed – mostly in terms of respect of privacy, data protection and other fundamental rights – until their adoption, but then politics always seem to fade away. PNR becomes the name of the already obliterated future of the politics of high-tech security.

Keeping the pace of PNR

Yet, I believe that it is worth speaking of PNR today and keep looking for the upcoming controversies precisely because of this tendency to obliterate the future political implications of high-tech security. Unless popular TV series decides to show fewer drones and more passenger data, the current attention on PNR is probably the biggest societal exposure that the theme will ever get.

The challenge now is to keep the pace of so much of PNR. To follow how the EU PNR scheme will be set in place – how this mass-surveillance measure will be implemented, which kinds of problems will emerge and how actors will fix them. Notably, the challenge is to keep feel interested in PNR (and other very diverse security systems, such the EUROSUR program for border controls, the European Cybercrime Centre at EUROPOL, etc.) and better understand the ways in which national or European institutions, private companies, individuals or collectives may find leverages of political action through, or against, them.

This is a challenge for research, and in particular for the kind of research approach I tend to ascribe myself to. Several voices within studies on critical security and governmentality have emphasized the need to get closer to the everyday making of security and surveillance. But this is also a challenge for policy makers as well as concerned users and advocates. The deployment of a technology is not a linear process of implementation, but rather a successive enchainment of controversies and arrangements.

Strasbourg Court: Hungarian legislation on secret anti-terrorist surveillance does not have sufficient safeguards against abuse

Press release accessible here

In January 12 Chamber judgment¹ in the case of Szabó and Vissy v. Hungary (application no. 37138/14) the European Court of Human Rights held, unanimously, that there had been:

a violation of Article 8 (right to respect for private and family life, the home and correspondence)
of the European Convention on Human Rights, and
no violation of Article 13 (right to an effective remedy) of the European Convention.

The case concerned Hungarian legislation on secret anti-terrorist surveillance introduced in 2011.

The Court accepted that it was a natural consequence of the forms taken by present-day terrorism that governments resort to cutting-edge technologies, including massive monitoring of communications, in pre-empting impending incidents.

However, the Court was not convinced that the legislation in question provided sufficient safeguards to avoid abuse. Notably, the scope of the measures could include virtually anyone in Hungary, with new technologies enabling the Government to intercept masses of data easily concerning even persons outside the original range of operation. Furthermore, the ordering of such measures was taking place entirely within the realm of the executive and without an assessment of whether interception of communications was strictly necessary and without any effective remedial measures, let alone judicial ones, being in place.

Principal facts

The applicants, Máté Szabó and Beatrix Vissy, are Hungarian nationals who were born in 1976 and 1986 respectively and live in Budapest. At the relevant time they worked for a non-governmental watchdog organisation (Eötvös Károly Közpolitikai Intézet) which voices criticism of the Government.

A specific Anti-Terrorism Task Force was established within the police force as of 1 January 2011. Its competence is defined in section 7/E of Act no. XXXIV of 1994 on the Police, as amended by Act no. CCVII of 2011. Under this legislation, the task force’s prerogatives in the field of secret intelligence gathering include secret house search and surveillance with recording, opening of letters and parcels, as well as checking and recording the contents of electronic or computerised communications, all this without the consent of the persons concerned.

In June 2012 the applicants filed a constitutional complaint arguing that the sweeping prerogatives in respect of secret intelligence gathering for national security purposes under section 7/E (3) breached their right to privacy. The Constitutional Court dismissed the majority of the applicants’ complaints in November 2013. In one aspect the Constitutional Court agreed with the applicants, namely, it held that the decision of the minister ordering secret intelligence gathering had to be supported by reasons. However, the Constitutional Court held in essence that the scope of national security-related tasks was much broader than the scope of the tasks related to the investigation of particular crimes, thus the differences in legislation between criminal secret surveillance and secret surveillance for national security purposes were not unjustified.

Complaints, procedure and composition of the Court

Relying on Article 8 (right to respect for private and family life, the home and the correspondence), the applicants complained that they could potentially be subjected to unjustified and disproportionately intrusive measures within the Hungarian legal framework on secret surveillance for national security purposes (namely, “section 7/E (3) surveillance”). They alleged in particular that this legal framework was prone to abuse, notably for want of judicial control. They also complained that their exposure to secret surveillance without judicial control or remedy breached their rights under Article 6 § 1 (right to a fair hearing/ access to court) and Article 13 (right to an effective remedy) read in conjunction with Article 8.

The application was lodged with the European Court of Human Rights on 13 May 2014.

Privacy International and the Center for Democracy & Technology, both non-governmental organisations, were given permission to make written submissions as third parties.

Judgment was given by a Chamber of seven judges, composed as follows:

Vincent A. de Gaetano (Malta), President,
András Sajó (Hungary),
Boštjan M. Zupančič (Slovenia),
Nona Tsotsoria (Georgia),
Paulo Pinto de Albuquerque (Portugal),
Krzysztof Wojtyczek (Poland),
Iulia Antoanella Motoc (Romania),
and also Fatoş Aracı, Deputy Section Registrar.

————————————————-
Decision of the Court

Article 8 (privacy rights)

Firstly, the Court noted that the Constitutional Court, having examined the applicants’ constitutional complaint on the merits, had implicitly acknowledged that they had been personally affected by the legislation in question. In any case, whether or not the applicants – as staff members of a watchdog organisation – belonged to a targeted group, the Court considered that the legislation directly affected all users of communication systems and all homes. Moreover, the domestic law does not apparently provide any possibility for an individual who suspected that their communications were being intercepted to lodge a complaint with an independent body. Considering these two circumstances, the Court was of the view that the applicants could therefore claim to be victims of a violation of their rights under the European Convention. Furthermore, the Court was satisfied that the applicants had exhausted domestic remedies by bringing to the attention of the national authorities – namely the Constitutional Court – the essence of their grievance.

The Court found that there had been an interference with the applicants’ right to respect for private and family life as concerned their general complaint about the rules of section 7/E (3) (and not as concerned any actual interception of their communications allegedly taking place). It was not in dispute between the parties that that interference’s aim was to safeguard national security and/or to prevent disorder or crime and that it had had a legal basis, namely under the Police Act of 1994 and the National Security Act. Furthermore, the Court was satisfied that the two situations permitting secret surveillance for national security purposes under domestic law, namely the danger of terrorism and rescue operations of Hungarian citizens in distress abroad, were sufficiently clear to give citizens an adequate indication as to the circumstances in which and the conditions on which public authorities were empowered to resort to such measures.

However, the Court was not convinced that the Hungarian legislation on “section 7/E (3) surveillance” provided safeguards which were sufficiently precise, effective and comprehensive in as far as the ordering, execution and potential redressing of such measures were concerned.

Notably, under “section 7/E”, it is possible for virtually any person in Hungary to be subjected to secret surveillance as the legislation does not describe the categories of persons who, in practice, may have their communications intercepted. The authorities simply have to identify to the government minister responsible the name of the individual/s or the “range of persons” to be intercepted, without demonstrating their actual or presumed relation to any terrorist threat.

Furthermore, under the legislation, when requesting permission from the Minister of Justice to intercept an individual’s communications, the anti-terrorism task force is merely required to argue that the secret intelligence gathering is necessary, without having to provide evidence in support of their request. In particular, such evidence would provide a sufficient factual basis to apply such measures and would enable an evaluation of their necessity based on an individual suspicion regarding the targeted individual. The Court reiterated that any measure of secret surveillance which did not correspond to the criteria of being strictly necessary for the safeguarding of democratic institutions or for the obtaining of vital intelligence in an individual operation would be prone to abuse by authorities with formidable technologies at their disposal.

Another element which could be prone to abuse is the duration of the surveillance. It was not clear from the wording of the law whether the renewal of a surveillance warrant (on expiry of the initial 90 days stipulated under the National Security Act) for a further 90 days was possible only once or repeatedly.

Moreover, these stages of authorisation and application of secret surveillance measures lacked judicial supervision. Although the security services are required, when applying for warrants, to outline the necessity of the secret surveillance, this procedure does not guarantee an assessment of whether the measures are strictly necessary, notably in terms of the range of persons and the premises concerned. For the Court, supervision by a politically responsible member of the executive, such as the Minister of Justice, did not provide the necessary guarantees against abuse. External, preferably judicial control of secret surveillance activities offers the best guarantees of independence, impartiality and a proper procedure.

As concerned the procedures for redressing any grievances caused by secret surveillance measures, the Court noted that the executive did have to give account of surveillance operations to a parliamentary committee. However, it could not identify any provisions in Hungarian legislation permitting a remedy granted by this procedure to those who are subjected to secret surveillance but, by necessity, are not informed about it during their application. Nor did the twice yearly general report on the functioning of the secret services presented to this parliamentary committee provide adequate safeguards, as it was apparently unavailable to the public. Moreover, the complaint procedure outlined in the National Security Act also seemed to be of little relevance, since citizens subjected to secret surveillance measures were not informed of the measures applied. Indeed, no notification – of any kind – of secret surveillance measures is foreseen in Hungarian law. The Court reiterated that as soon as notification could be carried out without jeopardising the purpose of the restriction after the termination of the surveillance measure, information should be provided to the persons concerned.

In sum, given that the scope of the measures could include virtually anyone in Hungary, that the ordering was taking place entirely within the realm of the executive and without an assessment of whether interception of communications was strictly necessary, that new technologies enabled the Government to intercept masses of data easily concerning even persons outside the original range of operation, and given the absence of any effective remedial measures, let alone judicial ones, the Court concluded that there had been a violation of Article 8 of the Convention.

Other articles

Given the finding relating to Article 8, the Court considered that it was not necessary to examine the applicants’ complaint under Article 6 of the Convention.
Lastly, the Court reiterated that Article 13 could not be interpreted as requiring a remedy against the state of domestic law and therefore found that there had been no violation of Article 13 taken together with Article 8.

Article 41 (just satisfaction)

The Court held that the finding of a violation constituted in itself sufficient just satisfaction for any non-pecuniary damage sustained by the applicants. It awarded 4,000 for costs and expenses.

Separate opinion

Judge Pinto de Albuquerque expressed a separate opinion which is annexed to the judgment. The judgment is available only in English.

Under Articles 43 and 44 of the Convention, this Chamber judgment is not final. During the three-month period following its delivery, any party may request that the case be referred to the Grand Chamber of the Court. If such a request is made, a panel of five judges considers whether the case deserves further examination. In that event, the Grand Chamber will hear the case and deliver a final judgment. If the referral request is refused, the Chamber judgment will become final on that day.

Once a judgment becomes final, it is transmitted to the Committee of Ministers of the Council of Europe for supervision of its execution. Further information about the execution process can be found here: www.coe.int/t/dghl/monitoring/execution.

Press contacts

echrpress@echr.coe.int | tel.: +33 3 90 21 42 08
Tracey Turner-Tretz (tel: + 33 3 88 41 35 30)
Nina Salomon (tel: + 33 3 90 21 49 79) Denis Lambert (tel: + 33 3 90 21 41 09) Inci Ertekin (tel: + 33 3 90 21 55 30)

The European Court of Human Rights was set up in Strasbourg by the Council of Europe Member States in 1959 to deal with alleged violations of the 1950 European Convention on Human Rights.

Police et justice à l’échelle de l’Union européenne, du désamour au divorce ? La Sécurité intérieure européenne contre l’Espace pénal européen

par Pierre Berthelet (*)

La police et la justice se portent un « amour réciproque » affirme le Professeur Labayle non sans ironie. Il suffit de se rappeler les relations parfois tendues entre les forces de sécurité intérieure d’un côté, et l’autorité judiciaire de l’autre. Il suffit aussi de se remémorer les relations de temps à autre houleuses entre le ministre de l’Intérieur et le Garde des Sceaux, et ce, quelle que soit d’ailleurs la couleur politique du gouvernement.

Même si la rivalité police-justice demeure une question toujours délicate à évoquer, elle est somme toute assez banale en France et dans bon nombre d’États membres de l’Union. Un élément reste néanmoins remarquable, ayant trait, en l’occurrence, à un déplacement à l’échelle européenne de cet affrontement existant au niveau national.

D’emblée, le déplacement de la problématique des rapports difficiles entre la police et la justice à l’échelon de l’Union peut sembler surprenant en raison du fait qu’il n’existe pas d’autorité judiciaire pénale européenne, du moins avant la création d’un Parquet européen dont les statuts sont encore actuellement en négociation.

Il n’y a pas non plus de police européenne. L’office européen de police, Europol, ne possède pas de pouvoirs coercitifs et le traité de Lisbonne de 2007 l’a clairement précisé, enterrant, s’il en est, les derniers espoirs d’un FBI européen.

Ensuite, les questions relatives aux rapports entre la police et la justice ont été abordées au niveau européen sous l’angle de la coopération. En effet, les États souverains ont accepté de mettre en commun certaines de leurs compétences dans ce domaine. Néanmoins, étant donné la sensibilité des matières évoquées (liées intimement aux prérogatives régaliennes du droit de punir et du droit de protéger), ils ont consenti uniquement à la création de mécanismes destinés à faciliter l’entraide entre services policiers d’États différents, de même qu’entre autorités judiciaires.

Pour ces deux raisons, un affrontement police-justice peut paraître en décalage avec le regard porté sur l’Union européenne en tant que projet politique et sur son action dans le domaine des politiques pénales et de sécurité. Elle l’est d’autant plus que police et justice cohabitent sous le même toit, c’est-à-dire dans le cadre d’un même projet, à savoir l’Espace de liberté, de sécurité et de justice (ELSJ) qui, comme son nom l’indique, associe étroitement la sécurité à la liberté et à la justice.

Reste que depuis la création de la « justice et affaires intérieures » (JAI) par le traité de Maastricht de 1992 et l’instauration de cet ELSJ par le traité d’Amsterdam de 1997, beaucoup d’eau a coulé. En premier lieu, le cadre institutionnel a changé et même fondamentalement.

Le traité de Lisbonne a substitué la méthode communautaire à la méthode intergouvernementale. L’ELSJ relève, à présent, du mécanisme de procédure législative ordinaire : le Parlement européen est co-législateur avec le Conseil de l’UE et la Commission européenne dispose d’un quasi-monopole d’initiative législative, tandis que la Cour de justice de Luxembourg peut statuer pleinement sur les actes adoptés.

En deuxième lieu, et ce point mérite d’être souligné, police et justice ont noué des rapports de concurrence depuis le début. La JAI était déjà marquée par des tensions entre les avancées de la coopération policière et les retards de la coopération judiciaire.

La création d’Europol en 1995 a été l’un des éléments justifiant, à côté du souci de ne laisser aucune zone d’impunité aux délinquants au sein du territoire européen, la création d’Eurojust en 2002. Cependant, cette compétition prenait les atours d’une émulation : l’intégration en matière policière s’accompagnait d’une intégration dans le domaine judiciaire.

À l’heure actuelle, la situation est différente. La concurrence se transforme en rivalité et l’émulation en séparation. En effet, l’action de l’Union européenne en matière policière et judiciaire s’organise autour de deux projets distincts : l’Espace pénal européen et la Sécurité intérieure européenne. L’objectif de cette contribution est de montrer que le développement de ces deux projets n’est pas complémentaire et que ceux-ci sont sous-tendus par des logiques distinctes, promus par des communautés rivales, chacune essayant d’imposer ses conceptions à l’autre concernant le rapport liberté/sécurité.

Deux projets différents

Prenant le relais de la Justice et des Affaires intérieures (JAI), l’Espace de liberté, de sécurité et de justice (ELSJ) connecte étroitement diverses problématiques : lutte contre le terrorisme et les formes graves de la criminalité (criminalité organisée, blanchiment, drogue, corruption, traite des êtres humains, etc.), gestion des migrations et des frontières de l’UE, entraide policière et judiciaire civile et pénale.

Cet espace a constitué le terreau sur lequel sont nés plusieurs projets dont le degré de maturation est variable, notamment l’Espace pénal européen et la Sécurité intérieure européenne, chacun d’eux étant mu par des logiques distinctes, l’un tendant à accorder une place de plus en plus prioritaire à la « liberté », alors que l’autre offre clairement une place prééminente à la « sécurité ».

L’Espace pénal européen est bien connu des pénalistes et même au-delà. Il dérive des travaux menés en matière de collaboration judiciaire européenne, initiés dans le cadre du Conseil de l’Europe et prolongés dans celui l’Union européenne à partir du traité de Masstricht. Les actions menées par l’Union consistent à améliorer les dispositifs d’entraide entre les autorités judiciaires nationales. L’objectif de cet Espace pénal européen vise, à travers différents mécanismes, tels que la reconnaissance mutuelle des décisions judiciaires nationales et le rapprochement des législations pénales des États membres, à faire émerger une solidarité judiciaire à l’échelle européenne.

Au-delà de l’idée d’un renforcement de l’arsenal pénal destiné à mieux lutter contre la criminalité et à faire en sorte que les frontières entre États membres ne soient plus un obstacle pour les autorités judiciaires des différents pays, le projet d’Espace pénal revêt un caractère politique au sens où il s’agit d’un projet d’intégration tendant vers l’émergence d’une justice pénale européenne. Les projets menés, dont le plus emblématique est, sans nul doute le mandat d’arrêt européen, ont pour but de conférer aux autorités judiciaires nationales un sentiment d’appartenance à un ensemble supranational. L’Espace pénal européen a une dimension à la fois juridique (à travers divers outils mis en place pour lutter contre la criminalité transnationale) et symbolique (en référence à l’adhésion aux valeurs communes, en premier lieu la justice entendue comme un idéal).

La Sécurité intérieure européenne est, quant à elle, plus récente. Mentionnée ponctuellement dans les textes adoptés dans la foulée des attentats du 11 septembre 2001, elle émerge formellement seulement quelques années plus tard. Envisagée par le programme de Stockholm, en tant que document directeur de l’Espace de liberté, de sécurité et de justice pour la période 2009-2014, elle repose sur un document que le Conseil de l’UE a approuvé les 25 et 26 février 2010. Il s’agit en l’occurrence de la stratégie européenne de sécurité intérieure qui énonce les menaces et les risques pesant sur l’Union et ses États membres.

Cette stratégie détermine les orientations d’une action européenne dans le domaine de la sécurité intérieure et structure la réponse à donner. Elle est un document politique préconisant une approche transversale et intégrée. Il s’agit d’apporter une réponse qui dépasse les politiques de l’UE existantes. À côté de cette dimension intersectorielle, la stratégie entend également transcender les clivages culturels et/ou nationaux. Il est question de mettre en commun les connaissances et les savoir-faire d’acteurs émanant d’horizons différents. Elle vise donc à inclure les organismes publics et privés, à caractère lucratif ou non, de même que les organisations non gouvernementales. Enfin, la stratégie entend développer une approche fondée sur l’information, et ce, sur un mode proactif, le but étant d’intervenir de manière précoce à l’encontre des menaces et des risques identifiés.

La Commission européenne a réalisé, à plusieurs reprises, un bilan de l’action menée. Dans tous les cas de figure, elle a considéré que les avancées étaient conséquentes et que la Sécurité intérieure européenne prenait forme.

Des projets aux logiques distinctes

La stratégie européenne de sécurité intérieure est fondée essentiellement sur l’idée d’un monde dangereux, l’objectif étant de mieux protéger l’Union et ses citoyens, et de préserver plus efficacement ses États membres vis-à-vis de menaces évolutives dans une Europe en pleine mutation. Les préoccupations sont donc de parer les menaces et de faire face aux risques en évitant que des attaques ou des catastrophes surviennent et, lorsque celles-ci ont lieu, de gérer les conséquences.

L’Espace pénal européen repose sur une logique différente. Historiquement, le droit pénal européen tire sa légitimité de cette conception « épée » (sur cette image, voir les travaux d’Anne Weyembergh), de nombreux instruments ayant été adoptés en ce sens au cours des années 1990 et 2000. Les rapports entre répression et droits de l’homme sont incarnés par deux images, d’un côté, le glaive de la justice, figurant l’imperium et la sévérité de la réponse pénale à l’égard des auteurs d’infraction, et de l’autre côté, le bouclier, représentant une justice faisant preuve de modération dans la fixation des peines, se montrant proportionnée dans la détermination du quantum de la santion au regard de la gravité des actes, et surtout protectrice des droits dont jouissent ces mêmes auteurs dans la procédure pénale.

Répression et protection sont en tension, mais dans un État de droit, le souci d’une sanction efficace est toujours contrebalancé par une volonté de respecter les règles définissant avec minutie le cadre procédural à respecter et octroyant un ensemble de droits à la personne mise en cause.

Cela étant dit, les attentats du 11 septembre 2001 ont accentué la dimension répressive du droit pénal. Le mandat d’arrêt européen, dont le projet a été approuvé dans le sillage des attaques, est une illustration du phénomène selon lequel, selon la formule de Thierry Balzacq, la « sécurité » a conquis la « justice ».

Néanmoins, un mouvement inverse s’est opéré en réaction aux mesures sécuritaires prises après les attaques de New York. En germe avec l’adoption de la Charte européenne des droits fondamentaux proclamée au cours du Conseil européen de Nice, le 7 décembre 2000, ce mouvement s’est développé au cours des années 2000 et il s’est prolongé au début des années 2010. Une mobilisation des pénalistes a eu lieu à compter de l’adoption de ces mesures sécuritaires, manifestant une critique des effets d’une vision trop répressive jugée néfaste à la préservation des libertés. Elle résulte aussi de la prise de conscience, avec l’adoption du texte instituant le mandat d’arrêt européen en 2002, de l’impact du droit pénal européen sur le droit national.

Une opposition autour de deux communautés sectorielles

Sécurité intérieure européenne et Espace pénal européen associent chacun des acteurs aux origines multiples. Le projet de Sécurité intérieure européenne permet, à travers la dimension « sécurité » de l’Espace de liberté, de sécurité et de justice, d’associer les services nationaux variés allant des services de renseignement aux gardes-frontières en passant par la police judiciaire, cette dernière étant amenée progressivement à modifier ses techniques d’enquête, au nom de la lutte contre la menace dans une « Europe des insécurités », autour d’une approche davantage proactive.

Le projet d’Espace pénal européen contribue, quant à lui, à mettre à l’agenda la protection des droits fondamentaux. Il rassemble les acteurs mettant l’accent sur la dimension « liberté » et « justice » de l’Espace de liberté, de sécurité et de justice.

Les communautés sectorielles promouvant respectivement la Sécurité intérieure européenne et l’Espace pénal européen se caractérisent par leur forte hétérogénéité.

Il y a d’un côté des magistrats, certains universitaires, notamment des pénalistes favorables à la sauvegarde des droits fondamentaux, des hauts fonctionnaires nationaux et des membes des cabinets de la Justice, la direction générale « Justice » (DG Justice) pour la Commission européenne, des ONG défendant les droits de l’Homme, dans une certaine limite la commission des libertés civiles du Parlement européen (LIBE), le Contrôleur européen à la protection des données soucieux de préserver les citoyens européens de toute atteinte à la vie privée, la Cour de justice de l’Union (CJUE), gardienne de l’État de droit et garante du respect du droit de l’Union européenne, en particulier les dispositions de la Charte européenne des droits fondamentaux, et l’Agence des droits fondamentaux de l’Union européenne (FRA) dont la mission est de protéger à l’échelle de l’Union, aux côtés de la Cour de justice, les libertés des citoyens européens.

Il y a de l’autre, les « sécuritaires », à savoir les services de sécurité des États membres (services de renseignement, garde-frontières, police, douane), des hauts fonctionnaires nationaux et des membres du cabinet de l’Intérieur, la direction générale « Affaires intérieures » (DG HOME) pour la Commission européenne, les agences de sécurité (Europol et Frontex) et le secteur privé (en particulier l’industrie de la sécurité et notamment, les entreprises spécialisées dans le data mining, de même que les sociétés productrices de nouvelles technologies de surveillance des frontières).

Sécurité versus liberté et justice

Les divergences de vues entre les partisans de la Sécurité intérieure européenne et ceux de l’Espace pénal européen constituent une opposition de principe sur les rapports entre la liberté et la sécurité. Elle procède de l’affrontement d’acteurs aux cultures professionnelles distinctes, aux logiques d’action différentes et aux conceptions divergentes, voire antagonistes.

Il existe d’un côté, la conception des participants à l’élaboration de l’Espace pénal européen auquel appartiennent les magistrats, du moins ceux qui se considèrent comme protecteurs des droits fondamentaux et comme gardiens de l’État de droit, et pour qui l’entraide policière doit s’intégrer dans le projet d’Espace pénal européen. Cet espace doit déboucher à long terme, sur l’édification d’une justice pénale européenne organisée autour d’un parquet européen, et reposant sur un ensemble juridique composé de normes pénales européennes harmonisées. L’intervention de l’Union préconisée par les partisans de l’Espace pénal européen repose sur un ensemble de principes d’action tels qu’« il faut lutter contre la criminalité dans le respect des garanties offertes aux mis en cause », « la sécurité ne doit pas constituer une atteinte excessive aux libertés fondamentales », « l’Espace de liberté, de sécurité et de justice est un espace de droit ».

Il existe de l’autre côté, les acteurs appartenant à la Sécurité intérieure européenne estimant peu ou prou que l’entraide policière s’intègre dans un vaste ensemble organisé autour de la lutte contre les diverses formes d’insécurité identifiées. Cet ensemble se développe autour de principes d’action tels que « la manière de faire la sécurité doit se renouveler face à l’hybridation des menaces transnationales », « la réponse doit être globale à l’égard d’un monde de plus en plus mondialisé où les différentes formes de criminalité sont interconnectées », avec, en toile de fond, la nécessité de protéger l’Union vis-à-vis d’un ensemble de menaces et de risques : les réseaux de passeurs de clandestins, les trafiquants de drogue, les organisations criminelles venant notamment de Russie et des Balkans occidentaux, certaines formes particulières de radicalisation et de terrorisme comme les « loups solitaires ». Il s’agit aussi de se doter des moyens permettant de dépister de manière précoce le crime, devenu une question stratégique au même titre que le terrorisme ou la cybermenace, et ce, à partir de techniques permettant de travailler en amont des réalités criminelles. Il est question également d’améliorer le cycle de gestion de catastrophes en renforçant la collaboration entre États membres et en optimisant les différentes phases du cycle à travers des processus plus élaborés, par exemple dans le domaine de la protection des infrastructures critiques.

L’absence d’opposition rigide et monolithique

Les acteurs des communautés sectorielles s’affrontent par projets spécifiques. Néanmoins, l’opposition entre deux pôles antagonistes est en recomposition constante. Il n’y a pas en effet deux blocs figés et homogènes. Ainsi, le pôle des « sécuritaires » est loin de former un tout cohérent. L’élaboration de la Sécurité intérieure européenne est un enjeu entre participants, qu’il s’agisse des agences européennes, des États membres par l’entremise des représentants des cabinets ministériels, des hauts fonctionnaires nationaux et des services de police, de douane, de renseignement ou de surveillance des frontières, ou encore des entreprises privées désireuses de nourrir un marché européen de la sécurité en pleine croissance.

Quant aux promoteurs de la protection des libertés, tous ne sont pas sur la même ligne. Si les pénalistes sont soucieux de la préservation des garanties procédurales lors du procès pénal, le Contrôleur européen à la protection des données est plus attaché à la défense de la vie privée contre diverses formes d’atteintes, et ce, indépendamment de la dimension pénale de celles-ci.

De leur côté, les hauts fonctionnaires et les membres de cabinets de la Justice des États membres ont une sensibilité diverse concernant l’amplitude de la protection des libertés à accorder, liée notamment aux différences culturelles, en particulier selon que leur tradition juridique s’inscrit dans le champ de la Common law ou de la Civil law.

Le Parlement européen est, de son côté, préoccupé par la défense des droits fondamentaux, mais également par ses prérogatives de colégislateur, et il arrive qu’il doive arbitrer entre ces deux types de préoccupation, parfois au détriment de la sauvegarde des libertés. Quant à la Cour de justice de l’Union de Luxembourg, elle doit parvenir à s’imposer dans un domaine, la sauvegarde des droits fondamentaux, dans lequel la Cour européenne des droits de l’Homme de Strasbourg a dégagé une jurisprudence abondante depuis des décennies, notamment concernant les garanties procédurales.

(*) Cet article est une version allégée et simplifiée de l’article publié dans les Cahiers de la sécurité et de justice, n° 31, 2015, pp 39-49. Voir aussi alias securiteinterieure.fr

The Paris Terrorist Attacks : Failure of the EU’s Area of Freedom, Security and Justice?

Original published on the CDRE site on 8 JANVIER 2016

by P. de Bruycker et D. Watt (Odysseus Omnia), H. Labayle (CDRE), A. Weyembergh et C. Brière (Eclan)

In the immediate aftermath of the terrorist attacks in Paris on Friday 13th November, the French President declared a state of emergency and announced the introduction of a number of measures to “mobilise all possible forces in order to neutralise the terrorists and to guarantee the security of all the areas which could be concerned”. These measures included the reintroduction of controls by France at its internal borders with other Schengen States in the interest of preventing both the entry into the territory of dangerous individuals seeking to carry out terrorist attacks, and to thwart the escape of the attackers.

Nonetheless, Salah Abdeslam, a suspect believed to be one of the masterminds of the attacks, managed to escape by crossing the border between France and Belgium during the night from Friday to Saturday without being apprehended and has still not been arrested since, despite significant effort on the part of the Belgian and French police forces. More surprising, although relatively ignored by the media is that he was checked by French police in the border region (around the city of Cambrai) but not apprehended. How can this have happened in the heart of the EU where border guards, police, judges and intelligence services use modern technology to trace such people?

Before putting the area of freedom, security and justice on trial – as some politicians have done – it is certainly important to objectively examine the manner in which the workings of this beast have been confronted by the reality of terrorism. Whether it has to do with controls carried out at borders (Section 1 of this article), or cooperation between national police forces (Section 2), it must be noted that the primary responsibility in this case does not rest with the mechanisms created by the European Union. In contrast, the failure to prevent the rather predictable attacks now creates the question of sharing intelligence between the competent national intelligence agencies, a matter which does not fall within the Union’s competences (Section 3).

1. The pending questions about border policy

Knowing what we know today about the Paris attacks and the background of the perpetrators, a distinction needs to be made between the matter of terrorists crossing internal and external borders of the Schengen Area.

a. The crossing of internal borders

The Schengen Borders Code (SBC) regulates the crossing of the borders of the concerned EU Member States. As outlined in an article by Evelien Brouwer on this blog, Schengen States can, on the basis of Article 23 of the SBC, temporarily reintroduce controls at their internal borders if there is clear justification on the grounds of a threat to public policy or internal security. The existence of such a threat is obviously not in question here.

Schengen States have certain instruments at their disposal to guarantee effective border management in the Schengen Area. The Schengen Information System (SIS) is a database for storing and sharing information about certain individuals who should not enter or travel within the Schengen Area. The second generation – “SIS II” – was established to include the new Member States after the 2004 enlargement by Regulation 1987/2006, which also sets out rules on its operation and use.

There are several reasons a person may be registered in the SIS. Firstly, alerts may be issued in order to refuse entry or stay to third-country nationals either because they are criminals or because their entry has been banned due to non-respect of the immigration rules (Article 24 of Regulation 1987/2006). Secondly, alerts may be issued in order to arrest third-country nationals or EU citizens on the basis of a European arrest warrant (EAW) or extradition. This type of alert applies to missing individuals, persons sought to assist with a judicial procedure, and for the purpose of discreet or specific checks (see Council Decision 2007/533).

As Salah Abdeslam is French and not a third-country national, he could not, by definition, be the object of an alert related to the immigration policy. When he was checked by the French police during the night of 13 to 14 November, he was not known to the French authorities apparently because, despite being French, he was living in Belgium. He was also not the object of an alert for the purpose of arrest as the EAW was only issued by Belgium after the attacks, on Sunday. He had however been signalled in the SIS by the Belgian authorities as a person to be the object of a “discreet or specific check”. Following Article 36 of Council Decision 2007/533, such an alert may be issued for the purposes of prosecuting criminal offences and for the prevention of threats to public security, “in particular where an overall assessment of a person, in particular on the basis of past criminal offences, gives reason to suppose that that person will also commit serious criminal offences in the future”.

Given the stated goals of the closure of French borders – to stop the escape of those who carried out the attacks – one might begin to question how it can be that the check conducted by the French police did not lead to the arrest of Salah Abdeslam. Even if he was not mentioned in the SIS for the purpose of arrest, a signal for a discreet or specific check should have attracted the attention of the police and could have lead to his arrest. One can rightly wonder what happened: was the information stored in the SIS not precise enough? In this case, did the French police use the SIRENE system to get more information from the Belgian authorities? If not, why? We are used to Schengen-bashing and recently to Belgium-bashing, could it be fair to say that this time there should be some France-bashing?

It would be interesting to get an answer to those questions in order to understand what was indeed the problem. In any case, even if there had been a problem with the SIS and not with the actions of the French Police, it is clear that such transnational criminality can only be addressed at the international level. In any case, the answer lies perhaps in a better SIS or a better use of the SIS by Member States. The answer is certainly not less Schengen.

b. The crossing of external borders

The attacks in Paris have brought a significant amount of attention to the issue of border controls, in particular since it has been confirmed that at least one of the terrorists, holding a Syrian passport, entered the EU through Greece via a route used by refugees. It is also suggested that the Paris attackers, themselves EU citizens, had left the EU to fight in Syria and returned to carry out the attacks in Paris, and that one of them, Salah Abdeslam, could even have managed to flee to Syria after the attacks. This is the phenomenon of so-called “Foreign Fighters”: EU citizens who become radicalised and leave their home in the EU to join the war in Syria before returning to Europe. The European Union’s Counter-Terrorism Coordinator, Gilles de Kerchove, has been warning Member States for many months about the need for strong action to be taken in this area, though his warnings have not been heeded. The main concern here is that such individuals are extremely difficult to detect, including when they enter or leave the Schengen Area by crossing its external borders.

The Schengen Borders Code provides in Article 7(2) that European citizens and other people enjoying the right to free movement in the EU, such as the family members of these groups, who cross the Schengen external border shall only be subject to minimum checks. This concerns the travel documents presented by those persons at the external border, such as an identity card or passport. On the contrary, third-country nationals are subject to thorough checks following Article 7(3) that foresees under point (a)(vi) “the direct consultation of the data and alerts on persons and, where necessary, objects included in the SIS and in national data files”. Such checks are sometimes described as being about persons instead of about documents.

Although Border Guards may consult relevant databases such as the SIS to ensure, among other things, that European citizens crossing the external borders do not represent a serious threat to internal security, a systematic consultation of these databases is not permitted. The EU and its Member States have been struggling with this prohibition of systematic checks of persons for some years now. It is clear that absolutely all EU citizens cannot be checked against databases at one crossing point of the external borders as this would directly contravene this provision. The Commission considers that this does not prevent conducting systematic checks of persons selected on the basis of a risk assessment, for instance some category of persons embarking on flights going to or coming from the vicinity of a conflict zone. TheHandbook for Border Guards was modified on 15 June 2015 to include that interpretation.

Nonetheless, Member States in the Council have been calling for the revision of the SBC regarding the systematic consultation of databases for persons enjoying free movement since the beginning of the year, motivated in large part by the Charlie Hebdo attacks in Paris in January 2015. The concerns about the threat of foreign fighters crossing back into the EU undetected are also the basis for a list of Common Risk Indicators (CRI’s), which has been drawn up by the Commission. However, it appears that these confidential CRI’s are too general and too vague in nature, leading to their ineffective implementation by Border Guards. Indeed, a Council document from 5 October from the EU Counter-Terrorism Coordinator explains that “challenges remain in the proper implementation of CRI’s at the external border”. No doubt the ineffectiveness of CRI’s is a contributing factor to the Council’s renewed call for revision of the SBC, as expressed by the Ministers for Justice and Home Affairs on 20 November. Meeting in the wake of the Paris attacks, the Council stated that Member States shall “undertake to implement immediately the necessary systematic and coordinated checks at external borders, including on individuals enjoying the right of free movement”.

One can hardly deny that such checks can be necessary, in particular at the external borders of some areas that foreign fighters are believed to cross more often than others. The current provision of the Schengen Borders Code seems inappropriate by forbidding systematic checks and this explains why the European Commission finally decided on 15 December 2015 to present a proposal to amend Article 7 of the SBC that will, once adopted, not only allow but oblige border guards to verify that an EU citizen is not “considered to be a threat to the internal security, public policy, international relations of any of the Member States or to public health, including by consulting the relevant Union and national databases, in particular the SIS”.

Does this contravene the freedom of movement that EU citizens enjoy on the basis of the EU treaties? The answer seems at first look negative, because freedom of movement concerns a priorimovement within the borders of the European Union and not the crossing of its external borders. Nevertheless, Directive 2004/38 implementing freedom of movement also contains provisions recognising the right of EU citizens to enter and to leave the territory of the Member States that could be considered part of the freedom of movement. Article 4 on the right of exit and Article 5 of the right of entry exist “without prejudice to the provisions on travel documents applicable to national border controls”. If this provision, interpreted narrowly, does not explicitly cover the consultation of databases, one should not forget that Article 27 of the same Directive allows Member States to restrict the freedom of movement and residence of Union citizens on the grounds of public policy, public security or public health. There is no doubt that the consultation of databases for security purposes like the SIS falls under the exception of public security. The conclusion is that the Commission proposal is in line with freedom of movement enjoyed by EU citizens.

Even if one may consider that a proposal to modify Article 7 of the SBC could have been presented earlier by the Commission without wasting time to discuss its possible interpretation with Member States, the Schengen acquis will be clarified to allow the systematic control of the movement of foreign fighters at the external borders of the EU. The sooner the better, so that the Council of Ministers and the European Parliament must now prove that when necessary, they can amend existing EU rules in a period of time comparable to that within which Member States with a Parliament made of two chambers can operate.

2. The effectiveness of police and judicial cooperation in criminal matters after the attacks

The Paris attacks and their subsequent developments, such as the flight of the suspected terrorist, Salah Abdeslam, to Belgium by car, trigger the application of mechanisms of police and judicial cooperation in criminal matters. These mechanisms have been extensively developed since the mid-1990’s, and particularly after the entry into force of the Amsterdam Treaty. Today a vast array of instruments, actors and databases are at the disposal of national authorities in charge of investigating and prosecuting terrorism. The anti-EU discourse that followed the attacks, which so often focusses on inaction during grave events, should have been balanced by an analysis of what happened in reality.

In the field of police cooperation, the importance of Europol should be underlined, both in terms of exchange and analysis of information and in terms of support for operational actions. The adoption of the compromise text on the Commission’s original proposal for a Europol Regulation, which was approved by the Council on 4 December 2015, should contribute to the improvement of cross-border police cooperation, as it should increase the agency’s capacity to act as “a hub for information exchange between the law enforcement authorities of the Member States”. One “Focal Point Travellers » has especially been set up in 2014, in which “foreign fighters” are recorded, even though it is for the Member States to make the focal point a reality by providing the content. The so-called 2008 “Prüm Decision” should be mentioned here as well. It aims particularly at mandating the exchange of DNA, fingerprint and vehicle registration data (VRD) amongst the Member States.

In terms of judicial cooperation in criminal matters, Christiane Taubira, French Minister for Justice, insisted after the JHA Council of 20 November 2015, that we do have instruments to address this type of crime and they have worked well for the cooperation with the Member States affected by the investigations.

On the morning following the attacks, requests for mutual assistance in judicial matters were issued and sent to Belgium and Germany. They were addressed very quickly on the basis of the 2000 Convention on Mutual Assistance in Criminal Matters between the Member States of the European Union.

Among the other instruments specific to the EU legal order which have been used in this context, theFramework Decision 2002/584/JHA on the European Arrest Warrant (EAW) is to be mentioned. Adopted in the aftermath of 9/11, the EAW, which is considered the “success story” of the EU area for criminal justice, organises faster and simplified surrender procedures, directly conducted by judicial authorities, without political involvement and with a limited number of grounds for refusal. One or more EAWs have been issued since the Paris attacks against suspects, which implies that competent law enforcement authorities located on the EU territory have the duty to arrest them. On the request of the issuing judicial authority, the issuance of an EAW can be coupled with its transmission via an alert in the Schengen Information System and/or in the Interpol database.

The European Criminal Records Information System (ECRIS), based on a 2009 Council Decision, which is to be read with the Framework Decision on the organisation and the content of the exchange of information extracted from the criminal record between Member States, has also been mobilised and proved its added value for the collection of information on the past convictions of the terrorist suspects. Operational since 2012, this system couples the principle of centralising convictions in the criminal records of the Member State of nationality with an interconnection of the criminal records of the Member States, enabling electronic exchange of standardised information.

Finally, joint investigation teams (JITs), belonging both to police cooperation and judicial cooperation, have a clear added-value. A JIT has been set up between France and Belgium, for which the Ministries of Justice of each country gave their agreement on 16 November. The setting up of a JIT allows the constitution of a team consisting of judges, prosecutors and law enforcement authorities, established for a fixed period and a specific purpose, to carry out criminal investigations in one or more of the involved States. One of the advantages of such JITs is the exchange of information and evidence obtained, without having to go through requests for mutual legal assistance.

Despite these positive elements, cooperation between authorities of the EU Member States can still be improved:

Firstly, some of the abovementioned instruments, such as the 2008 Prüm Decision or the JITs Framework Decision, have not or have not correctly been transposed by Member States. The importance of correct implementation at the national level has been frequently underlined, for instance by the European Council Strategic Guidelines of June 2014 and by the conclusions of the JHA Council of 20 November. In this respect the end of the transitional period on the 1^st December 2014 should push the recalcitrant Member States to conform with EU law as they may be subject to enforcement proceedings for non implementation of acts adopted before the entry into force of the Lisbon Treaty.
Secondly, some difficulties are also being witnessed at the level of implementation in practice. There is, for instance, a considerable shortfall between, on the one hand, the information available at national level and, on the other hand, the information transmitted to and shared with the competent authorities of other Member States. Besides, the information transmitted to Europol is not always sufficient, hampering the completion of its mandate. In this context, on 20 November 2015, the JHA Council announced the establishment of the European Counter-Terrorism Centre (ECTC) on 1 January 2016, which is envisaged as a platform by which Member States can increase information sharing and operational cooperation with regard to the monitoring and investigation of foreign terrorist fighters, the trafficking of illegal firearms and terrorist financing. A similar centre, the EC3, was set up a few years ago in the field of cybercrime, and it has proven to be a useful tool. The utility of the ECTC will largely depend upon the willingness of Member States to share their information, which has been insufficient to date, as shown by the example of the “Focal Point Travellers” of Europol about foreign fighters following a discussion paper of the EU Counter-Terrorism Coordinator.
Thirdly, some of the abovementioned instruments suffer from certain limits. ECRIS works efficiently only with regard to EU citizens. Concerning third country nationals, it is still necessary to consult all Member States’ criminal records to know about their past convictions. For years, the possibility of establishing a European index for convicted third country nationals has been discussed. In its conclusions of 20 November, the JHA Council welcomed the intention of the Commission to submit an ambitious proposal for the extension of ECRIS to cover third country nationals by January 2016.
Finally, further new legislative measures should be proposed shortly, for instance in the field of the approximation of substantive criminal law, particularly the criminalisation of terrorist offences. Indeed, according to the Council conclusions of 20 November, the Commission should present a proposal for a directive updating the 2002 and 2008 Framework Decisions on Combating Terrorism . This revision will implement in EU law the UNSC Resolution 2178 (2014) and the additional Protocol to the Council of Europe Convention on Foreign Terrorist Fighters. This will especially aim to oblige Member States to criminalise offences linked to travelling abroad for the purpose of terrorism.

In conclusion, the recent tragic terrorist attacks have shown that national police and judicial authorities are aware of the tools at their disposal in the field of police cooperation and judicial cooperation in criminal matters. They do not hesitate to rely on them. However there is still room for improvement. The transnational elements of the recent attacks clearly illustrate the need for cross-border cooperation in the criminal field. Member States should realise that the solution encompasses more cooperation and that reflexes of national sovereignty are vain and detrimental to the identification and prosecution of terrorist suspects. In such a move forward, the EU must ensure the right balance between the different interests at stake and not sacrifice fundamental rights at the altar of security as underlined by Stefan Braum in a recent paper published on the blog of the GDR/ELSJ.

3. The failure of intergovernmental cooperation in the field of intelligence

In the days following the attacks, criticisms were voiced against the deficiencies in the cooperation between national intelligence services. It was for instance reported that the Belgian services had information about the danger represented by the Abdeslam brothers, but never shared this information with their French colleagues.

It is important to make a preliminary remark distinguishing cooperation in the field of police information on the one hand and intelligence in the sense of renseignements in French on the other hand.

Whereas police information sharing is subject to EU legislation, adopted under the EU competences in police cooperation in criminal matters, as described above, intelligence sharing does not fall within the EU competences, and the EU is prevented from taking any action in this regard. In the current legal framework, in force since the adoption of the Treaty of Lisbon, no less than three provisions insist on the lack of competence for the EU in matters of national security. Article 4(2) TEU provides that the EU shall respect the essential State functions of its Member States, including safeguarding national security. InArticles 72 and 73 TFEU, it is stated that the Title of the Area of Freedom, Security and Justice shall not affect the exercise of the responsibilities incumbent upon Member States with regard to the safeguarding of internal security, and it is open to the Member States to organise between themselves and upon their responsibility such form of cooperation and coordination as they deem appropriate between the competent departments of their administration responsible for safeguarding national security. In other words, cooperation between national intelligence services in charge of safeguarding national security is left in the hands of the Member States, and is thus conducted on an intergovernmental basis.

As a consequence, blaming the EU for the lack of intelligence sharing between France and Belgium is an unjustified criticism. The idea of creating a European Intelligence Agency has been mentioned by some observers but was promptly rejected on Friday 20 November by the JHA Council, as it appears to be outside of the scope of EU competences in the current state of the EU treaties. Moving forward in this field in the institutional framework of the EU would clearly imply a revision of the treaties. The feasibility of such revision is of course questionable because of its extremely high sensitivity in terms of national sovereignty. It shall indeed not be forgotten that intelligence is, by definition, extremely sensitive data, which national authorities may be reluctant to share, for instance in order to safeguard the safety of their informants. Furthermore, even cooperation within each Member State is sometimes problematic, as intelligence service might be reluctant to cooperate extensively with law enforcement, judicial or other authorities.

The absence of EU competences does not imply that there is a complete absence of European multilateralisation of cooperation in the field of the intelligence. In this regard, the EU Intelligence and Situation Centre (EU INTCEN) is to be mentioned. However, this centre has a limited mandate, which is to provide intelligence analysis, early warning and situational awareness to the High Representative and to the EEAS, in the fields of security, defence and counter-terrorism. This agency is the successor of the EU Situation Centre (SITCEN), created to answer the need of timely and accurate intelligence analysis to support EU policymaking. Despite its title, this agency is not a European Intelligence Agency. It has no operational powers, nor powers in the field of cooperation between national intelligence services. Its core mandate consists of publishing intelligence assessments, reports and summaries, as well as threat assessments for EU personnel, on the basis of open sources and analytical reports transferred from national intelligence authorities. Another initiative to mention is the so-called ‘Club de Berne’, which is an intelligence-sharing forum between the intelligence services of the EU Member States, Norway and Switzerland, within which a counter-terrorism group was established in 2001. It works outside the EU institutional framework but entertains some relations with it, especially via the participation of the INTCEN.

Conclusion

In conclusion, the shock generated by the Paris attacks should push the EU and its Members to engage in a much deeper reflection than their many working meetings have provoked. They must reflect firstly on the criminal motivations which led EU citizens, both French and Belgian, to commit such abominations. To stubbornly insist to the public that these criminals were not the product of our own societies is a grave error which prevents us from considering the causes and therefore inhibits us from conceiving of the appropriate response. They must further reflect on the multiple failures and responsibilities relating to the events in Paris. Rather than exploiting them to justify criticism of the EU, it should be realised that a more integrated and coordinated area of freedom and security is the only possible solution.

This is true on two conditions. The first condition is that there must be real responsibility in its administration, which is far from the case in current border management and intelligence sharing. The second condition is that, above all, there must be an agreement on the values which make up this area, in both the central role of the judicial institution and its fundamental guarantees.

Standing up for children? The Directive on procedural safeguards for children suspected or accused in criminal proceedings

Original published on Tuesday, 22 December 2015 on EU LAW ANALYSIS

“If we don’t stand up for children, then we don’t stand for much.”

by Marian Wright Edelman (*)

Effective human rights protection is fundamental to any concept of fairness in the criminal justice system. Fairness, however, is relative: it may require different levels of protection in different circumstances.

Children require special measures of protection to take account of their particular vulnerability and needs (UN CRC Committee, General Comment 10, para 10). International standards confirm state obligations in this regard (e.g. UN Convention on the Rights of the Child (CRC),UN Standard Minimum Rules for the Administration of Juvenile Justice, the Council of EuropeGuidelines of the Committee of Ministers of the Council of Europe on child-friendly justice.). The need for extra protection has also been confirmed by the ECtHR which has stated that the right to a fair trial under Article 6 requires that: “a child charged with an offence is dealt with in a manner which takes full account of his age/level of maturity and intellectual and emotional capacities and that steps are taken to promote his ability to understand and participate in the proceeding”(T v. UK, No. 24724/94, 16 December 1999, at [84]).

The Commission states that approximately 1 million children face criminal justice proceedings in the EU each year (around 12% of the total) (Commission Staff Working Document 2013). It has gathered data on child justice and its reports shows wide variability in practice and procedure between States. The EU has now agreed the text of a Directive to establish specific procedural safeguards for child suspects. This is the fifth in a series of six EU-specific standards, all in the form of Directives, which have been agreed under a Roadmap for strengthening the procedural rights in criminal proceedings (on the fourth measure, on presumption of innocence, see discussion here; on the sixth proposal, on legal aid, see discussion here). The Directives attempt to promote consistency in procedural protection within the criminal justice systems of EU Member States. Measure E of the Roadmap requires special safeguards to be created for vulnerable suspects. A Recommendation setting out procedural safeguards for vulnerable persons has already been published. This post deals with the recently agreed Directive on child suspects.

THE DIRECTIVE Continue reading “Standing up for children? The Directive on procedural safeguards for children suspected or accused in criminal proceedings”