8. Judicial cooperation – Page 18 – European Area of Freedom Security & Justice

Steven PEERS : Pirates of the Indian Ocean: Legal Base and Democratic Debate

Source : http://eulawanalysis.blogspot.co.uk/2014/01/pirates-of-indian-ocean-legal-base-and.html#more

Thursday, 30 January 2014

Despite their central role in the world of EU law, legal base disputes often confound those outside the fairy-tale duchy of Luxembourg and the Brussels beltway, in particular when everyone agrees as to the substance of the issue concerned. And indeed, everyone agrees that the pirates in the Indian Ocean are a bad thing (except, presumably, the pirates themselves), and that the EU should establish (as it has done) a military action to combat them.

But what happens if the EU force catches the pirates? No-one wants the pirates coming to Europe to be tried, and it wouldn’t do to send them to Guantanamo. It would certainly be ironic if they could be forced to walk the plank, but that would violate their right to life. So they must be handed over to nearby countries in East Africa, for prosecution in those states, and everyone agrees that the EU must negotiate agreements to this end with the countries concerned.

One such treaty is between the EU and Mauritius, and the European Parliament (EP) has challenged the Council’s decision to conclude it on two separate grounds: the wrong legal base, and a failure to inform the EP sufficiently (Case C-658/11). The Advocate-General’s opinion, delivered today, is worthy of detailed analysis.

The legal base issue: foreign policy, or development and judicial cooperation?

The Council believes that the treaty with Mauritius concerns the EU’s Common Foreign and Security Policy (CFSP) alone, while the EP believes that the treaty concerns also judicial cooperation and development. In this case, the choice of legal base has far greater consequences than usual. Either way, the treaty had to be agreed unanimously by the Council, since both parties agree that it concerns foreign policy at least in part. But if the Council is right, and the treaty only concerns foreign policy, then: the EP did not even have to be consulted; the treaty had to be negotiated by the EU foreign policy High Representative; and the CJEU has no jurisdiction (except the jurisdiction to rule on whether the Council used the right Treaty base, as in this case: see Article 275 TFEU).
If the EP is right, then: the EP had the power of consent over the treaty; the treaty had to be negotiated by the Commission; and the CJEU has its full usual jurisdiction.

The Advocate-General first of all examines the EP’s arguments based on the precise wording of Article 218 TFEU, which specifies that the EP must consent to or be consulted about all treaties to which the EU will become a party, unless those treaties ‘relate exclusively’ to the CFSP. In his view, this rule simply echoes the legal distinction between the ‘legal bases’ of the CFSP and other EU policies, and so does not create a separate rule relating to the conclusion of external treaties.

Then the Advocate-General turns to the heart of the issue: which legal base applies? In his view, taking account of the overall legal context, including Security Council Resolutions addressing the threat to international security posed by the pirates and the EU’s military action to combat them, the treaty is a CFSP measure.
In particular, the CFSP measure providing for the military action contains rules on the possible transfer of the pirates to third States, including human rights protection. That EU measure would not be effective without treaties with third States regulating the transfer of those pirates.

Also, the treaty falls within the scope of the CFSP due to its objectives, which include (from the EU’s general external relations objectives) the requirements that the EU act in order to: ‘safeguard its values, fundamental interests, security, independence and integrity’; ‘consolidate and support democracy, the rule of law, human rights and the principles of international law’; ‘preserve peace, prevent conflicts and strengthen international security’; and ‘promote an international system based on stronger multilateral cooperation and good global governance’ (Article 21(2) TEU). In the Advocate-General’s view, these ‘are among those [objectives] that are traditionally assigned to the CFSP’ and ‘essentially correspond’ to the CFSP objectives as they were set out in the Treaties before the Treaty of Lisbon. The activity of transferring pirates also falls within the scope of the defence policy provisions of Articles 42 and 43 TEU, which refer to the use of ‘civilian and military’ assets.

The Advocate-General also rejected the use of the EU’s powers concerning criminal judicial cooperation.
In his view, the external use of the EU’s justice and home affairs powers must ‘have a close link with freedom, security and justice within the Union’, namely ‘a direct link between the aim of the internal security of the Union and the judicial and/or police cooperation which is developed outside the Union’.This was distinct from a CFSP measure which had the objective of, ‘first and foremost, peace, stability and democratic development in a region outside the Union’. In this case, transferring pirates to East African states was too far removed from the development of the EU’s justice and home affairs policies. Finally, the Advocate-General rejected the use of the EU’s development policy powers, since the assistance which the EU gives to Mauritius is linked only to the application of the rules on the transfer of pirates, which constitute (in his view) a CFSP measure.

Is this first part of the opinion convincing? Some parts are more convincing than others. Certainly, the treaty should not have a legal base relating to development policy, since the assistance being provided is purely ancillary to the transfer of pirates. But this begs the question of the legal base which should apply to the transfer of pirates.
It makes sense to apply the same legal base rules to the conclusion of international treaties as apply to the adoption of internal legislation, since the Treaty drafters have forged a strong link between those two facets of EU decision-making. On the other hand, while it is true to say that a treaty containing rules on the transfer of pirates is necessary to ensure the effectiveness of the military operation which catches them, it does not necessarily follow that it has the same legal base.
For example, for the EU’s patent legislation to be effective, there need to be rules on patent translation and the creation of a patent court. But the patent translation rules were adopted pursuant to a different decision-making rule, and the patent court will be established pursuant to a treaty between Member States. The legal base of the treaty with Mauritius should depend only on the content of the specific rules in the treaty with Mauritius.

Here, the arguments are finely balanced. The Advocate-General makes a persuasive case that EU military operations can use civilian assets, and that the EU’s justice and home affairs powers can be used externally only where there is a sufficient link to the EU’s internal rules in this area. Incidentally, this line of argument strangles at birth the idea (floated, as it were, by Italy) that an EU foreign policy measure could establish a military action in the Mediterranean to control immigration towards the EU. The link between such an action and the EU’s immigration, asylum and border control powers is blindingly obvious.

On the other hand, with great respect, the Advocate-General’s analysis of the EU’s general external relations objectives is not fully convincing. Continue reading “Steven PEERS : Pirates of the Indian Ocean: Legal Base and Democratic Debate”

Steven Peers : Jailing the bankers: the new EU Directive on criminal penalties for market abuse

Source: http://eulawanalysis.blogspot.co.uk/2014/02/jailing-bankers-new-eu-directive-on.html

Tuesday, 4 February 2014

It must come as a relief to EU politicians to find that there is still one group in society which is much less popular than they are: the bankers. Indeed, bankers’ unpopularity has only grown as the austerity caused by the global financial crisis has an ever-greater impact on ordinary people in many Member States. No politician ever lost an election because he or she demonised unpopular groups of persons, and so the EU institutions have duly agreed on legislation which would lead to jail terms for particular types of bad behaviour by bankers.

Context of the Directive

The new Directive (for the text, see the links below) was approved by the European Parliament today, and will likely be formally adopted by the Council in March. It will apply in parallel alongside a Regulation on market abuse, which requires administrative sanctions to be applied for certain behaviour by bankers. Member States will have to apply the Directive by two years after its adoption.

The ‘legal base’ for the Directive is Article 83(2) of the TFEU, which allows the EU to adopt legislation setting out ‘minimum rules’ for the ‘definition of criminal offences and sanctions’ if this ‘proves essential to ensure the effective implementation of a Union policy in an area which has been subject to harmonisation measures’. Clearly this area has been subject to harmonisation measures, and the preamble to the new Directive sets out the reasons why, in the EU legislature’s view, it was ‘essential’ to adopt an EU measure concerning criminal liability on this issue. Basically, the Council and European Parliament were convinced by information that Member States imposed weak and diverse sanctions to enforce the previous EU legislation on this subject (Directive 2003/6, on market abuse).
Article 83(2) requires the criminal law rules to be adopted by the same legislative method as was used to adopt the main legislation that the criminal law Directive is supplementing. In this case, the market abuse Regulation was adopted on the basis of the EU’s internal market powers, ie the ordinary legislative procedure. So the market abuse criminal law Directive was adopted by the same method. This meant that the European Parliament could have a significant influence on the text, as detailed below.

Substance of the Directive

The Directive requires Member States to criminalise three types of activity, as further defined in detail therein: insider dealing; unlawful disclosure of inside information; and market manipulation. The first of these offences also extends to recommending or inducing another person to engage in insider trading. Member States must also criminalise inciting, aiding and abetting and attempting most of these offences. In each case criminalisation is only required where the acts were committed intentionally and ‘in serious cases’. The European Parliament had also wanted to oblige Member States to criminalise reckless acts which entailed market manipulation, but the Council resisted this. Also, the Council insisted on limiting Member States’ obligations to ‘serious cases’. The preamble to the Directive lists certain factors which should indicate whether the case is ‘serious’, such as the impact on market integrity and the profit derived or loss avoided.

On the other hand, the European Parliament successfully insisted that specific rules for criminal penalties for natural persons appear in the Directive. Member States must ensure that bankers guilty of insider dealing or market manipulation could potentially be subject to a maximum penalty of at least four years, and those guilty of unlawful disclosure of inside information could potentially be subject to a maximum penalty of at least two years. The Directive also includes standard rules on liability for legal persons, but this need not be criminal liability, in deference to those Member States which do not impose criminal liability on legal persons.

The European Parliament also insisted that the Directive include rules on criminal jurisdiction. Member States must criminalise the relevant behaviour where an act was committed on a Member State’s territory, or where the act was committed by a Member State’s citizen outside its territory, at least if the act was criminal in the country where it was committed. Furthermore, the European Parliament convinced the Council to add a provision on training judges, prosecutors et al about the relevant crimes. However, the European Parliament did not convince the Council to add provisions on investigative techniques and media coverage of the relevant crimes.

Comments

This is the first time that the EU has used the legal powers conferred by Article 83(2) TFEU, which was added to the Treaties by the Treaty of Lisbon. Previously, it has used only Article 83(1) TFEU as regards substantive criminal law. Article 83(1), also added to the Treaties by the Treaty of Lisbon, lists ten crimes which are deemed to have such sufficient cross-border impact that the EU can legislate upon them. The EU has used this power to adopt legislation on cyber-crime, sexual offences against children and trafficking in persons, and negotiations on legislation concerning counterfeiting currency are underway. The Commission has also suggested criminal law rules on fraud against the EU budget on the basis of Article 325, a legal base dealing with that specific issue, but the Council (and probably the European Parliament, when it defines its position) believe that Article 83(2) will again have to be used in order to adopt that legislation.

Prior to the Treaty of Lisbon, the EU’s Court of Justice, in a controversial line of case law, ruled that European Community law (as it was then) could be used to adopt criminal law measures closely related to the environment (Cases C-176/03 and C-440/05). The EU then adopted Directives to that end (Directive 2008/99 and Directive 2009/123), as well as a Directive imposing criminal liability for employing illegal immigrants (Directive 2009/52). But the CJEU ruled that prior to the Treaty of Lisbon, such European Community measures could not specify criminal penalties. In practice, those measures did not contain jurisdiction rules either. So the market abuse Directive breaks new ground on these issues.

The Directive also breaks new ground by imposing criminal liability in a new area. All of the other post-Lisbon substantive criminal law Directives or proposals (referred to above) simply replace pre-Lisbon measures on the same subjects, but there was no pre-Lisbon measure imposing criminal liability for market abuse. The market abuse Directive is also particularly detailed when compared to the EU’s other substantive criminal law measures, no doubt because it is enmeshed within the broader EU legislative framework imposing highly detailed regulation on the financial sector.
Will the Directive be effective at curbing bad behaviour by bankers? First of all, as with any crime, perpetrators have to be caught and punished, and the behaviour concerned is technically complex.

Secondly, it must be borne in mind that the two-year and four-year sentences referred to in the Directive must merely be on the books; there is no obligation to impose them in any particular situation. So even if bankers commit the activities criminalised by the Directive, and are caught and convicted, their sentences might be lighter (or indeed heavier: Member States can set a higher potential maximum penalty if they wish). And it is hard to imagine that many bankers will spend much jail time inside the unpleasant institutions where (say) burglars and muggers are incarcerated – even if the bankers’ crimes were far more lucrative and had a much bigger impact upon the economy.

More profoundly, the United Kingdom, the home of the largest proportion of the EU’s financial industry, has opted out of this Directive – although the UK is subject to the parallel Regulation (Denmark is in the same situation). And even if a French national (for instance) commits the acts criminalised by the Directive while working in the City of London, it must be recalled that Member States are only obliged to criminalise the acts concerned if committed by their citizens in a State which also criminalises that activity. So it is up to the UK to decide whether to criminalise some or all of the acts referred to in the Directive, and only if it does so are other Member States obliged to criminalise the acts of their citizens when committed in the UK.

Links Continue reading “Steven Peers : Jailing the bankers: the new EU Directive on criminal penalties for market abuse”

Data protection: the European Parliament still fighting on two fronts

by Luca Boniolo

Data protection remains a hot issue in parliamentary works…

On November 11^th the European Parliament Civil Liberties, Justice and Home Affairs Committee (LIBE) held its 9th hearing on Electronic Mass Surveillance of EU Citizens in the framework of its enquiry on the so-called “PRISM” case.[1] In a rather exceptional move even a Member of the US Congress was among the speakers; Microsoft, Google and Facebook representatives were also heard by the Brussels lawmakers during the same hearing.

Exceptional presence: US Congressman Rep. Jim Sensenbrenner

Representative Jim Sensenbrenner, Chair of the US Congress Subcommittee on Crime, Terrorism, Homeland Security, and Investigations, member of the Republican Party and co-author of the Patriot Act, stated: “I hope that we have learned our lesson and that oversight will be a lot more vigorous”, adding that abuses by the NSA could had been carried out outside congressional authority.

In a previous statement Rep. Jim Sensenbrenner said that the intelligence community could had also misused its powers by collecting telephone records also on Americans citizens, and claimed the time has come “to put their metadata program out of business” (section 215 of the Patriot Act). Consistently with this position he worked on a bipartisan bill, the “Uniting and Strengthening America by Fulfilling Rights and Ending Eavesdropping, Dragnet-Collection and Online Monitoring Act” (named for its acronym: the “USA Freedom Act”), which should constrain NSA abuses. However this bipartisan initiative is still far from making unanimity; the democratic Senator Dianne Feinstein, Chair of Selected Committee on Intelligence in the US Senate, for instance, tabled a bill, the “FISA Improvements Act of 2013”, which is attracting plenty of critics because it is considered as a way to enshrine the current NSA data collection activities into law by granting formal Congressional approval to these widespread surveillance programs. “The Feinstein bill puts what the NSA has been doing into law and says it’s Ok… To me, that’s scary”, stated Sensenbrenner and added: “They’ve [senators] become cheerleaders for whatever the intelligence agencies want”.

Facebook, Google and Microsoft declared their innocence

Then executives from three of the world’s biggest IT firms – Facebook, Google and Microsoft – took centre stage at the hearing. The three companies, as well as Apple, AOL, PalTalk and Yahoo, have been accused by the press, on the basis of files leaked by whistleblower Edward Snowden,[2] to give direct access to personal data and/or to routinely hand over these data to the US’ National Security Agency (NSA). Even if this happens in compliance with US subpoenas ordered by the so-called Fisa (Foreign Intelligence Surveillance Act) Court, it has to be noted that the works and jurisprudence of this Court are not public and doubts can be raised on the efficiency of its oversight if, according to official figures, FISA Court approved 99.95% of warrants filed by security services between 2001 and 2012. Moreover, from other Snowden’s files it appears that NSA and GCHQ,[3] might have hacked Google servers and tapped undersea cables, (which carry 90% of internet and phone data between America and Europe).

Facebook Director Richard Allan and Microsoft VicePresident Ms Dorothee Belz, both in charge of of Europe, Middle East and Africa (EMEA) and Google Director Nicklas Lundblad, in charge of Public Policy and Government Relations, all denied in strong terms giving US intelligence services “unfettered” access to people’s private data. According to them only specific information on individual suspects have been subpoenaed by US intelligence and police services. Mr Allan noted that in the six months ending 31 December 2012, US agencies made between 11,000 and 12,000 queries, while EU countries made another 10.000, but they affected only “a tiny fraction of 1% of all Facebook accounts”. The three representatives also denied having any knowledge of the PRISM programme: “We do not know PRISM, we do not take part in it, and we do not give the government access to our data”, reiterated Ms Belz. Nevertheless all the three declared that they would reveal more on the content and scope of US intelligence requests, but the FISA Court banned them from diffusing this kind of information. The speakers also appeared worried about the new European draft Regulation on Data Protection (Rapporteur Mr Jan ALBRECHT, DE, Greens) notably on the limits surrounding international transfers of personal data, which could lead to real conflict of law and to legal insecurity that “we will not be able to resolve”.

The EP is pushing for the suspension of the transatlantic “SWIFT” agreement…

The LIBE Committee Inquiry has in the meantime on Electronic Mass Surveillance is a response to the US National Security Agency’s alleged tapping of EU citizens’ bank data as shared in the framework of the EU-USA transatlantic agreement on the Terrorist Finance Tracking Program (TFTP).[4] On the basis of the elements already emerged during the Committee inquiry, the European Parliament plenary has already voted on October 23^rd a request of suspension of that agreement.[5]

To grant the protection of EU citizens’ privacy, MEPs believe that it has to be clarified whether NSA has had direct access to financial messaging data managed by Swift beyond the allowed cases, in other words if there has been a violation of the agreement. The non-binding resolution, tabled by the S&D, ALDE and Greens/EFA groups, was approved by 280 votes to 254, with 30 abstentions, only a slightly majority. These groups believe that is impossible to maintain the agreement as it stands, while EPP group proposed a resolution demanding clarifications too, but without mentioning the suspension of the agreement.

The European Parliament does not legally have the power to suspend an international agreement such as SWIFT and this action remains simple symbolic, committing the Council and Commission to nothing. However paragraph 11 of the Resolution states: «Considers that, although Parliament has no formal powers under Article 218 TFEU to initiate the suspension or termination of an international agreement, the Commission will have to act if Parliament withdraws its support for a particular agreement; points out that, when considering whether or not to give its consent to future international agreements [such as the much bigger EU-US free trade agreement currently under negotiations], Parliament will take account of the responses of the Commission and the Council in relation to this Agreement», followed by article 12: «Asks the Commission, in the light of the above, to suspend the Agreement». Moreover EU Parliament asks the Council and the Member States to authorise an investigation by the Europol Cybercrime Centre into the allegations of unauthorised access to financial payment data governed by the Agreement.

…however the Commission is reluctant…

European Commissioner for Home Affairs Cecilia Malström stated already during a plenary in Strasbourg at the beginning of October, that in the framework of previous consultations the US side has provided detailed explanations and assurances: the agreement had not been violated. On Thursday 23 October the answer of the Commission was the same, i.e. negative; in a press release Commissioner Malström stated: “We will follow up our request for written assurance with the US without delay and keep the European Parliament fully informed. In the meantime, the provisions of the TFTP Agreement that clearly regulate the transfer of personal data, and that provide effective safeguards to protect the fundamental rights of Europeans, will remain in place”. The Commission appeared to be satisfied with the US assurances, deciding, for the time being, not to take in account the EP request. Considering that EP’s approval was necessary for the entry into force of the TFTP agreement, and that the Agreement do not require even a specific wrongdoing justifyng the suspension, this position of the Brussels executive looks quite inappropriate.

In the meantime the EU Data Protection general reform.. Continue reading “Data protection: the European Parliament still fighting on two fronts”

Access to a Lawyer : a new EU-wide procedural right in criminal proceedings

by Gabriella Arcifa

With the publication (OJ L 294 on 6 November 8, 2013) of Directive 2013/48/EU of 22 October 2013another important achievement has been recently reached – not without controversy -along the road towards the implementation in the European Union of the principle of mutual recognition, in the field of procedural rights in criminal proceedings.

According to the European Commission there are over 8 million criminal proceedings in the European Union every year and even if the right of defense for anyone suspected of a crime is widely recognised as a basic element of a fair trial conditions under which suspects can consult a lawyer differ between Member States¹.

The new Directive will guarantee these rights in practice, by:

· providing access to a lawyer from the first stage of police questioning and throughout criminal proceedings;

· allowing adequate, confidential meetings with the lawyer for the suspect to effectively exercise their defence rights;

· allowing the lawyer to play an active role during questioning;

· making sure that, where a suspect is arrested, somebody such as a family member is made aware of that arrest and that there is an opportunity for the suspect to communicate with their family;

· allowing suspects abroad to be in contact with their country’s consulate and receive visits;

· offering people subject to a European Arrest Warrant the possibility of legal advice in both the country where the arrest is carried out and the one where it was issued.

The general context of the new Directive

It is worth recalling that the right to a fair trial and defense are now set out in Articles 47 and 48 of the EU Charter of Fundamental Rights as well as in Article 6 of the European Convention on Human Rights (ECHR). The right to communicate with a third party is one of the important safeguards against ill treatment prohibited by Article 3 of the ECHR. However these principles are too generals to overcome the differences between the national legal systems notably when implementing an European Arrest Warrant.

The “Access to lawyer” Directive is the third step of a Roadmap ²adopted by the Council of the European Union on 30^th of November 2009 and mirrored in the Stockholm Programme ³, by which the European Council immediately after the entry into force of the Lisbon Treaty and of the European Charter of Fundamental rights has defined the strategic legislative e operational objectives for the EU in the period 2010-2014. Development of fundamental rights, as they are guaranteed by the Charter (articles 47-50) and by the European Convention on Human Rights (and the related case law), and – more in general – by the article 6 of the TEU is the keystone of the EU program.

Mutual recognition and harmonization of procedural rights

Indeed, the path towards harmonization of fundamental procedural rights has begun over 10 years ago, when in its Tampere Conclusions ⁴, for the first time, the European Council endorsed the principle of mutual recognition, mentioned as “the cornerstone” of judicial co-operation². Aware that mutual recognition could cause a lowering of the procedural safeguards of the individual the Heads of State and Government asked Council and the Commission to adopt, by December 2000, a programme of measures to implement the principle of mutual recognition, taking in account those aspects of procedural law on which common minimum standards are considered necessary.

The crux of the problem was how to accept that a decision taken by an authority in one state could be adopted as such in another state, “even though a comparable authority may not even exist in that state, or could not take such decisions, or would have taken an entirely different decision in a comparable case”⁵.

Aware of the differences among the national laws , a primary attention was paid to the protection of procedural rights that have to be granted to the suspects or accused persons in criminal proceedings.

Under the Amsterdam Treaty, the legal base for the mutual recognition was the article 31 TUE, that foresaw to ensure compatibility in rules applicable in the Member States, in a restrictive sense, only as may be necessary to improve such cooperation (lett. c).

The Framework Decision on the European Arrest Warrant n. 2002/584 has been the first case of implementation of this principle and one of the most controversial measures for its insufficient consideration for fundamental rights, (although just in the preamble the MS declare that the decision respects them). In fact, the EAW doesn’t mentioned among the grounds for mandatory or optional non-execution of the European arrest warrant the risk of fundamental rights violation, even if some MS have inserted this ground in their EAW implementing legislation.

However, in the absence of uniformity in the protection of procedural rights it was not surprising that mutual trust between MS could be lacking. To counter this trend, the European Commission after a few acts of address⁶, in 2004, the Commission draw up a proposal about “certain procedural rights”(COM(2004)328)⁷.

The proposal was ambitious, due to the fact that it included – at the same time – several procedural rights such as: a) access to legal advice, both before the trial and at trial, b) access to free interpretation and translation, c) ensuring that persons who are not capable of understanding or following the proceedings to receive appropriate attention, d) the right to communicate with family or persons assimilated, with consular authorities in the case of foreign suspects, and e) the obligation to notify persons suspected of their rights, by giving them a written “Letter of Rights “.

Regrettably, after three years of debates, the Council Presidency had to acknowledge that it was impossible to reach the unanimity required at that time by the EU Treaty. It was notably debated whether the Union was competent to legislate also for domestic proceedings (at least 21 Member States shared this view) or whether the legislation should be only devoted to cross-border cases. The Member States opposing the Commission proposal considered that the legal base (art 31 of the TEU before Lisbon) could not cover domestic situations without breaching the principle of attribution and of subsidiarity.

However this has been only a temporary stop. As it often happens when a legislative objective is too ambitious the EU institutions pass to the piece-meal approach . The works on the procedural rights have been resumed in 2009, when the Council took the decision of starting a “step-by-step approach”, to be implemented by taking advantage of the new legal context for the European Union.

Thanks to the new Lisbon Treaty, the judicial cooperation and the consequent harmonization of the MS’ law can be better implemented thanks to the new ordinary legislative procedure: the previous system, based on the need of unanimity of the Council was abandoned in favor of qualified majority and the association of the European Parliament with the same weight of the Council (Codecision procedure).

Moreover the principle of mutual recognition of judgments and judicial decisions as well as the power to approximate national laws is now explicitly grounded at Treaty level also for the Area of freedom, security and justice (article 82 TFEU) by so strengthening the judicial cooperation in criminal matters. The power to harmonize national laws is now clearly defined and the legislative instrument of the directive will be useful to improve the mutual trust⁸ allowing to judicial acts to move “as such in a unique space, without borders between the national state”⁹.

After the first Directive on the right of interpretation and translation¹⁰ and the second one on the right of information¹¹, that has to be granted to a suspected or accused person, involved in a criminal proceedings, the Council and the Parliament have recently found a compromise on the Proposal of the Commission on the access to lawyer and to communicate upon arrest COM2011(326)

The “access to lawyer” directive
Continue reading “Access to a Lawyer : a new EU-wide procedural right in criminal proceedings”

After “Prism” (and US Patriot Act section 215): EDRI and FREE submission to US and EU Institutions.

Submission

the European Digital Rights Initiative (EDRi) &

Fundamental Rights European Experts Group

(FREE Group)

the United States Congress,

the European Parliament and Commission

& the Council of the European Union,

& the Secretary-General & the Parliamentary Assembly

of the Council of Europe

the surveillance activities of the United States and certain European States’ national security and “intelligence” agencies

August 2013

Note on the choice of addressees:

EDRi and FREE are submitting this appeal to the addressees mentioned on the cover page for the following reasons:

– The US Congress is ultimately responsible for providing democratic oversight over the activities of the US Executive. It has established a Privacy and Civil Liberties Oversight Board (PCLOB) consultation on FISA and the PATRIOT Act. However, while we are sending a copy of this submission to that consultation, this document is addressed to the Speaker of the House of Representatives and the President pro tempore of the Senate because we argue that the issues raised can only be addressed properly by the establishment of a special investigation committee of Congress, with appropriate support and powers. We also wish to stress that, whatever the defects in the scope of protection afforded to non-US citizens under the US Constitution, the USA, as parties to the UN International Covenant on Civil and Political Rights and the Council of Europe Cybercrime Convention, are bound under international law to extend privacy protection to non-US citizens and to observe the principles of legality, necessity and proportionality also in their surveillance activities.

– The European Parliament is responsible for providing democratic oversight over the activities of the European Union, and has taken a keen interest in the issues raised, as has the European Commission, which forms the executive branch of the EU. However, the European Council (representing the governments of the EU Member States) has been less demanding. We are calling for all of them to seek to establish the full truth about the relevant laws and practices, in both Europe and the USA. We are aware of the “national security” exemptions in the main EU treaties, but these are not and should not be absolute, or seen as granting Member States total exemption from scrutiny in this regard. The EU Charter on Fundamental Rights, which has fundamental status in the EU (even in relation to UN Security Council decisions) and explicitly demands full protection of personal data, cannot be simply ignored in this context. Ultimately, it is for the European Court of Justice to determine the scope of the exemption, but we already note that the US’ NSA’s activities are manifestly not limited to national security as defined in international law. We are therefore urging the EU bodies to address the issues to the fullest extent possible within their legal competences.

– The Council of Europe (CoE), as the oldest, broadest European institution, has the main responsibility for upholding human rights and the rule of law throughout the territory of its 47 Member States. Its mandate, in particular in relation to human rights and the upholding of the European Convention on Human Rights, does not exclude matters relating to national security. On the contrary, the standards that we cite in our submission have been mainly developed by the European Court of Human Rights in its case-law under the Convention. All European States are legally obliged to “secure” full protection of these rights and freedoms. Within the Council of Europe, responsibility for the upholding of these standards is shared between the Secretary-General and the Committee of Ministers (representing the CoE Member States), the Parliamentary Assembly of the Council of Europe (PACE), and the Court.

Effective action on the issues addressed in this submission will require the involvement of all of the above. For that reason, we address this submission to all of them.

I. General:

1. The activities of national security agencies in Europe and the USA, and the arrangements under which they cooperate, have been outside the scope of effective democratic oversight and outside clear legal frameworks for too long; they must be brought under the Rule of Law.

2. For Europe, that means those activities must be made to comply, in law and in practice, with the relevant minimum European human rights standards developed by the European Court of Human Rights under the European Convention on Human Rights (ECHR) summarised below, at II, and in Attachment 1. At present, it appears that several European States are not complying with these standards.

3. These European constitutional standards are in line with the global (UN) standards enunciated by the Human Rights Committee acting under the UN International Covenant on Civil and Political Rights (ICCPR) and others, briefly noted in Attachment 2. All European States and the USA are parties to the ICCPR in particular.

4. For the USA, this means that it, too, should bring its activities in line with these standards. As a first step, US surveillance law and practice (in relation to surveillance of both US citizens and non-US/European citizens) must be made totally clear, and any divergence from those standards must be made public. Only that will allow for sensible discussions on how to bring those activities into line with international standards. Current US law as far as currently known is summarised below, at IV, and in Attachment 3.

II. European requirements:

(For more detail, see Attachment 1)

5. If an agency of any European State is given powers under the laws of that State to gather information on (the communications- or other data of) anyone, be that within Europe or not, then that activity must be regarded as being done “within the jurisdiction” of the State concerned.^{^[1]} This means that, in relation to any surveillance activity by any European State, on anyone, wherever they are, the State in question must comply with the minimum European standards, set out in Attachment 1, which are directly derived from the ECHR case-law.

6. Moreover, from a European perspective, any spying on Europeans and non-Europeans living in Europe, by any non-European State, anywhere in the world, should meet the same minimum European-constitutional and the similar UN standards, set out in Attachment 2.

7. Non-European national security agencies should not seek or gain direct access to any personal data held in Europe (e.g., by asking US companies to “pull” data from their Europe-based servers, or to allow US agencies to query the data in Europe, and hand over the results): that infringes the sovereignty of the relevant European States (PCIJ, Lotus judgment, pp. 18-19).[2] Instead, they should seek such access through bi- or multilateral assistance treaties, under arrangements similar to Mutual Legal Assistance Treaties (MLATs) for law enforcement agencies; and those treaties should in substance and process conform to the minimum European-constitutional and international standards.

8. Failure of a European State to prevent improper spying by non-European countries constitutes a breach of that country’s “positive obligations” under the ECHR. Active support for, complicity in, or even passive condoning of such spying would breach the State’s primary obligations under the ECHR.

9. In addition, European States and the European Union should ensure that personal data on Europeans and non-Europeans living in Europe, if held on US-based “cloud” servers, will be accessible to the US national security agencies only on the basis of clear and published provisions of treaty arrangements that also meet those European-constitutional and international standards.

III. USA requirements:

(For more detail, see Attachment 3)

10. The First and Fourth Amendments to the US Constitution in principle guarantee the right to free speech and freedom from unreasonable searches to US citizens. However, even domestically, this protection is weakened by the “third party” doctrine on personal data and the relaxed “pen/trap” rules on searches. Secret rulings of the FISA Court reportedly further erode these rights, arguably in unconstitutional ways. Those rulings are being challenged in the US courts. Here, we may note that current US law and practice, even with regard to spying on US citizens, falls short of European and international standards.

11. Moreover, it has become clear that non-US citizens outside the USA do not enjoy even the limited protections of the First and Fourth Amendments: they can be spied upon arbitrarily by US agencies, without any meaningful substantive or procedural limitations, in clear breach of international standards on privacy generally, and on privacy and freedom of expression on the Internet in particular. Under international human rights law, those guarantees should be afforded to “everyone” affected by the measures.

IV. How to address the issues: our demands

12. The ultimate aim should be for both the US and the European legal systems to offer high-level privacy/data protection to “everyone”, in line with the established European minimum standards (set out in Attachment 1), that are also in line with UN standards (set out in Attachment 2); and for those standards to be adhered to in practice by the USA, all European States, and the EU, whether acting independently or jointly.

To this end, we demand urgent action from both the US and the European institutions.

Demands for review and redress from the USA:

i. Clarity about the law, and honesty about practice:

13. We demand complete transparency in relation to the scope and detail of US spying activities, and of the bi- and multilateral arrangements between the USA and other States and international organisations, in particular “5EYES”[3], Atlantic and/or European ones, relating to this activity, under which data on the communications and Internet activities of European citizens are intercepted, held, recorded and/or monitored and analysed.

14. We demand complete clarity about the limitations of the US legal system, and in particular as concerns the apparent fact that it provides insufficient protection to US citizens, and effectively none to non-US citizens. Following such a full clarification, urgent measures should be taken to bring the US surveillance system fully into line with international human rights- and privacy/data protection standards.

ii. The way to achieve this:

15. While we appreciate the establishment of the PCLOB consultation, we do not believe that this is the appropriate forum or process to achieve the required full transparency, or that it will lead to US law and practice being brought fully into line with the requirements of international law.

16. To be more specific: we are joining US civil liberty organisations in calling on the US Congress to establish a properly staffed special investigatory committee, on the lines of the 1970s CHURCH Commission, with the power to subpoena witnesses and documents; and to make arrangements to ensure that European institutions, States and NGOs can fully participate in the investigation carried out by this special committee, and indeed in the drawing up of the mandate for this committee.

iii. The changes to be made

17. Senior European politicians have called for the extension of US legal protections afforded under US constitutional and federal law to (communications) data on US citizens, to (communications) data on European citizens held in the USA or accessed from the USA by US agencies, just as data on US citizens, held in Europe, is already protected under European human rights- and data protection law.

18. Reciprocity is indeed an important element in international relations. However, in the present context, this fails to recognise that while, in respect of their data, Europeans currently enjoy hardly any protection under US laws, the protection accorded to US citizens under those laws is also deficient, and falls below European and wider international minimum requirements. Raising the level of US legal protection for data on Europeans to the level of protection of data on US citizens therefore still leaves European citizens and US citizens subject to a regime that falls short of international standards. That is not enough.

19. We are joining civil liberty organisations in the USA in calling for fundamental changes in US law, to ensure proper protection under the law against non-transparent and undemocratic surveillance. New laws must be introduced at federal level to provide much stricter rules, open judicial warrants and rulings, and full democratic control, in accordance with international human rights and privacy/data protection standards. Specifically, we demand that when such laws are in place, they should afford equal protection to US and non-US citizens.

20. Until this is achieved, the USA cannot be said to offer “adequate” protection to data, in relation to any of the areas for which the European Commission has (wrongly) held it to offer such protection: the “Safe Harbor”, the disclosure of PNR data, and the making available of SWIFT data (see below, para. 29).

Demands for review and redress from Europe:

i. Clarity about the law, and honesty about practice:

21. European States are not blameless when it comes to surveillance: in spite of a much stronger legal regime on paper (under the ECHR), it appears that practice in some (perhaps many) European States also fall seriously short of the European-legal (ECHR) requirements. Several States, in particular the UK, also seem to have worked closely with the USA (in particular, in ECHELON) in establishing a global surveillance network that appears to blatantly violate European and international law. We need complete clarity about the laws in the EU- and Council of Europe Member States, and complete clarity about the treaties entered into by European States, and full, honest disclosure about the practices of the national security agencies and –bodies of the EU- and Council of Europe Member States too.

ii.

The way to obtain this: EU:

22. The European Parliament has a crucial role to play. We welcome the European Parliament’s decision to establish a committee of enquiry within the Civil Liberties Committee, and urge it to be broad, to encompass all the threats posed to the rights of European citizens by foreign and EU Member States’ surveillance activities.

23. We also – but very cautiously and with serious reservations – note the establishment of an EU-US “expert group” to look at these matters. However, we oppose the excessively limited mandate of this group, and demand full transparency about its composition and activities. We demand civil society involvement and complete openness for the work of this group. Without that, its findings and the arrangements it might propose are likely to be incomplete, will lack credibility and, consequently, will be unacceptable.

24.

Although this should be obvious, for the avoidance of any doubt, the EU should make clear, as a matter of urgency, that any disclosure of data on European citizens that is subject to European data protection law (such as financial or airline data, or Europol/Eurojust/etc. data) to, or any access to such data by, national Member States’ national security agencies (NSAs), and a fortiori by third country agencies, is subject to the European data protection rules governing the processing of such data.

Council of Europe

25. We note the fact that the Council of Europe, which Europe’s main human rights guarantor, is not excluded from addressing matters relating to national security that may affect the human rights of European citizens and indeed of “everyone” affected by measures of CoE Member States. On the contrary, the European standards set out in Attachment 1 have been developed by the European Court of Human Rights in what is now established case-law, applicable to all Council of Europe Member States (which includes all EU Member States), and indeed to the EU itself (albeit, for now, still indirectly, through “general principles of Union law” and the EU Charter).

26. Specifically, we call on the Secretary-General of the Council of Europe to exercise his power under Article 52 ECHR to demand of all CoE Member States full disclosure of “the manner in which [their] internal law[s] ensure[s] the effective implementation of” Article 8 of the ECHR in relation to surveillance of electronic communications- and Internet data by their national security agencies; and on the CoE Commissioner of Human Rights, PACE, and NGOs to be fully involved in this enquiry.

iii. The changes to be made

27. Until the full truth has been established, and full, appropriate remedial action has been taken to bring the activities of all relevant US agencies in line with international standards, there can be no close cooperation between US and European agencies, or between US and European State’s agencies on the previous, essentially unregulated basis.

28. Immediate changes: Given that, as noted above, in para. 20, in the light of the recent revelations, the USA cannot be said to offer “adequate” protection to data in relation to the “Safe Harbor”, the disclosure of PNR data, and the passing on of SWIFT data, the current arrangements are in clear and blatant breach of the primary law of the European Union and, consequently, the EU is legally obliged to immediately suspend all US-related European data protection “adequacy” decisions.

29. Changes to the General Data Protection Regulation: Pending adoption of adequate legislation in the USA, European data protection law should ensure that European citizens are clearly warned that, if they provide data to US companies, or to global Internet companies that have links to the USA, use servers in the USA, or are otherwise subject to US FISA and other surveillance orders, their data will not be safe from arbitrary, intrusive surveillance by US agencies. This is already proposed by senior EU officials and legislators in relation to the General Data Protection Regulation currently in the process of being adopted. We endorse that proposal.

30. New treaty arrangements on cooperation between national security agencies: The post-WWII treaties and arrangements on “national security” and “intelligence” cooperation (including the definitions of these matters) are totally outdated. We need a complete overhaul of the national and inter-State arrangements on “national security” and “intelligence” cooperation. The old treaties – UKUSA, 5EYES, NATO and others – should be openly discussed and reviewed, and fundamentally changed to bring them into line with the international standards we have adduced. Without that, we do not live in the free and democratic societies we are made to believe we live in.

– o – O – o –

EDRi and FREE are grateful to Professor Douwe Korff of London Metropolitan University for drafting this paper.

Rue Belliard 20, B-1040 Brussels,

Tel:+32 2 274 25 70

E-Mail: brussels@edri.org, http://www.edri.org

European Digital Rights (EDRi)

European Digital Rights is an association of 35 digital civil rights organisations from 21 European countries. We work together to defend civil rights in the information society.

11 Rue Darwin
1190 Bruxelles

E-Mail: edecapitani@gmail.com
http://www.eafsj.org

The Fundamental Rights European Experts Group (FREE Group)

The Fundamental Rights European Expert Group is an NGO whose focus is on monitoring, teaching and advocating in the European Union freedom security and justice related policies.

Attachment 1:

SUMMARY OF EUROPEAN HUMAN RIGHTS STANDARDS ON NATIONAL SECURITY SURVEILLANCE:

The case-law of the European Court of Human Rights under the European Convention on Human Rights (ECHR) shows the following considerations and requirements of European human rights law relating to surveillance:[4]

– A system of secret surveillance for the protection of national security may undermine or even destroy democracy under the cloak of defending it.

– The mere existence of legislation which allows a system for the secret monitoring of communications entails a threat of surveillance for all those to whom the legislation may be applied.

– In view of these risks, there must be adequate and effective guarantees against abuse.

– The first of these guarantees is that such systems must be set out in statute law, rather than in subsidiary rules, orders or manuals. The rules must moreover be in a form which is open to public scrutiny and knowledge. Secret, unpublished rules in this context are fundamentally contrary to the Rule of Law; surveillance on such a basis would ipso facto violate the Convention.

The following are the “minimum safeguards” that should be enshrined in such (published) statute law, and adhered to in practice:

· the offences and activities in relation to which surveillance may be ordered should be spelled out in a clear and precise manner;

· the law should clearly indicate which categories of people may be subjected to surveillance;

· there must be strict limits on the duration of any ordered surveillance;

· there must be strict procedures to be followed for ordering the examination, use and storage of the data obtained through surveillance;

· there must be strong safeguards against abuse of surveillance powers, including strict purpose/use-limitations (e.g., preventing the too-easy disclosure of intelligence data for criminal law purposes) and strict limitations and rules on when data can be disclosed by NSAs to LEAs, etc.;

· there must be strict rules on the destruction/erasure of surveillance data to prevent surveillance from remaining hidden after the fact;

· persons who have been subjected to surveillance should be informed of this as soon as this is possible without endangering national security or criminal investigations, so that they can exercise their right to an effective remedy at least ex post facto; and

· the bodies charged with supervising the use of surveillance powers should be independent and responsible to, and be appointed by, Parliament rather than the Executive.

Under the ECHR, these principles must be applied to anyone who is affected by surveillance measures taken by any Council of Europe Member State under domestic law.

In addition, European States have a “positive obligation” to protect their citizens from surveillance contrary to the above, perpetrated by any other State. A fortiori, they are under a legal obligation not to actively support, participate or collude in such surveillance by a non-European State.

– o – O – o –

Attachment 2:

BRIEF NOTE ON WIDER UNITED NATIONS/INTERNATIONAL STANDARDS ON NATIONAL SECURITY SURVEILLANCE:

Attachment 1 above summarises the European Court of Human Rights’ standards set for “national security” surveillance. Here, we briefly note that the same standards are also reflected in law and guidance issued at the global level by the United Nations, and by other international organisations, albeit not always in the same detail.

The primary instrument in this respect is the UN International Covenant on Civil and Political Rights (ICCPR or “the Covenant”), the most important binding global human rights treaty, to which all European States and the USA (indeed, almost all UN Member States) are parties. It is applied and interpreted by the Human Rights Committee, which has issued important relevant guidance.

Further important guidance has been provided in the 1996 Johannesburg Principles on National Security, Freedom of Expression and Access to Information (drafted by Article 19 and other NGOs but endorsed by the UN Special Rapporteur on Freedom of Opinion and Expression) and more recently in statements and reports by that Special Rapporteur and special rapporteurs from other international organisations. Also relevant is the guidance issued by the Organisation for Security and Co-operation in Europe (the OSCE), to which again all European countries and the USA (and Canada) are parties.

Here, it may suffice to note that all of these stress the same core principles as are stressed by the European Court of Human Rights:

– – “national security” must be defined narrowly (see the “Tenth Anniversary Joint Declaration” by the UN Special Rapporteur on Freedom of Opinion and Expression, together with the OSCE Representative on Freedom of the Media, the Organization of American States (OAS) Special Rapporteur on Freedom of Expression and the African Commission on Human and Peoples’ Rights (ACHPR) Special Rapporteur on Freedom of Expression and Access to Information; also the Johannesburg Principles, Principle 2(a) as well as Principle 1.2);

– – any interference with the freedom to seek, receive and impart information by any medium (including the Internet), including e-communications- and Internet surveillance, must be based on “law”, i.e., on clear and specific, published legal rules (and published legal interpretations of the rules): an interference with privacy and communications can be “arbitrary” – and thus in breach of international human rights law, including the ICCPR – even if it is in accordance with domestic law;

– – the law must limit any such the interference to what is “necessary” and “reasonable” or “proportionate”; and

– – the law must provide for an “accessible and effective remedy” against the interference.

On all of the above, see General Comment 16 on Article 17 ICCPR, paras. 3 and 4; General Comment 31 on General Legal Obligations Imposed on States Parties to the Covenant, para. 15ff.; and the reports by the Special Rapporteur passim).

– – the requirements of “law”, “necessity” and “proportionality” also apply in relation to measures taken to protect national security (Johannesburg Principles, Principles 1.1.(a) & (b), 2(a) & (b)).

Moreover, in assessing the questions of “necessity” and “proportionality” in particular, the Human Rights Committee and the UN Special Rapporteurs will take into account exactly the same kinds of factors as are listed in the case-law of the European Court of Human Rights.

Two related matters deserve special mention in the present context: the application of international human rights law to the extraterritorial accessing (or “pulling”) of data from servers in another country; and the duty to extend the rights enshrined in the ICCPR to all individuals without distinction as to nationality or other status. Specifically:

– Article 2(1) of the ICCPR requires all States Parties “to respect and to ensure to all individuals within its territory and subject to its jurisdiction the rights recognized in the present Covenant, without distinction of any kind, such as race, colour, sex, language, religion, political or other opinion, national or social origin, property, birth or other status.”

– In the view of the Human Rights Committee:

This means that a State party must respect and ensure the rights laid down in the Covenant to anyone within the power or effective control of that State Party, even if not situated within the territory of the State Party. … [T]he enjoyment of Covenant rights is not limited to citizens of States Parties but must also be available to all individuals, regardless of nationality or statelessness, such as asylum seekers, refugees, migrant workers and other persons, who may find themselves in the territory or subject to the jurisdiction of the State Party. (General Comment 31, emphasis added)

– Although the Committee has not yet issued any further views or general comments on the matter, it must be assumed that if a State gives itself legal powers to access (or “pull”) data on individuals, when those data are situated outside its physical territory, that State is “exercising jurisdiction” (to be specific: “enforcement jurisdiction”) extra-territorially, in the State where those data are located. As noted in the body of this paper with reference to the Lotus case, if this happens without the consent of the other State, it violates the sovereignty of that other State. Here, it should be noticed that that aside, such extra-territorial action by the first State would also mean that that State is asserting “jurisdiction” over those data. In respect of their data, the individuals concerned are made to be “subject to [the State’s] jurisdiction”.

– In any such extra-territorial cross-border accessing (or “pulling”) of data, the State in question must therefore comply with all the general requirements of the Covenant (clear, foreseeable “law”; “legitimate aim”, “necessity” and “proportionality”), and with the requirement of Article 2(1), that it affords the protection of Article 17 to the persons affected irrespective of their nationality or other status.

In sum: The UN standards are fully concordant with the European ones set out in Attachment 1.

– o – O – o –

Attachment 3:

SUMMARY OF UNITED STATES STANDARDS ON NATIONAL SECURITY SURVEILLANCE:

In the USA, communications data and personal information on US citizens (and on some minor categories of non-US citizens living in the USA) are in principle granted protection under the First and Fourth Amendments to the US Constitution, providing protection of free speech and freedom from unreasonable searches.

However:

1. There is no general, cohesive, broadly-applicable federal privacy law. Rather, there is only a largely incoherent and sectorally-based patchwork for federal and state laws, which provide serious privacy protection only in certain areas and respects. See: Chris Hoofnagle, Country Study on the USA, prepared for a wider EU study on New Challenges to Data Protection, at:

http://ec.europa.eu/justice/policies/privacy/docs/studies/new_privacy_challenges/final_report_country_report_B1_usa.pdf

2. The Electronic Communications Privacy Act (ECPA) allows for the monitoring of communications “meta” data (data on the devices involved in the communications, time, duration, location, etc., but not the contents of communications) on the basis of a “pen register or trap and trace device” warrant, that will be issued on the basis of simple certification by a government attorney that such information is “relevant” to an “ongoing criminal investigation”; there is no need to show “probable cause”, and there is no meaningful judicial oversight. This is because in Smith v. Maryland, the Supreme Court ruled that use of a pen register does not constitute a search, and is thus not protected under the Fourth Amendment. The surveillance carried out under ECPA, even on US citizens, is extensive and includes massive amounts of e-communications data. For further details, see: Douwe Korff, Presentation on behalf of EDRi at the EU – USA Privacy Conference, Washington DC, 19 March 2012, available at:

http://edri.org/files/korff120319.pdf

3. The PATRIOT Act and FISA Acts allow even more extensive surveillance over US citizens. Even on their face, the rules in these Acts fall far short of international-legal requirements. However, the rules have been even further weakened, to the extent that they now reportedly provide hardly any constraint at all, even in respect of US citizens, in relation to national security and “foreign intelligence” matters, by means of secret rulings by the secretive FISA Court. See: New York Times, 6 July 2013, In secret, court vastly broadens powers of NSA, at:

http://www.nytimes.com/2013/07/07/us/in-secret-court-vastly-broadens-powers-of-nsa.html?nl=todaysheadlines&emc=edit_th_20130707&_r=1&

4. The constitutionality of these secret FISA Court rulings is doubtful, and they are being challenged in the US courts. See: http://www.aclu.org/national-security/fix-fisa-end-warrantless-wiretapping and http://epic.org/privacy/terrorism/fisa. 5.

In any case, and most worrying to Europeans, the First Amendment does not protect the relevant rights of non-US citizens not in the USA (so-called “excludable aliens”): “[T]he interests in free speech and freedom of association of foreign nationals acting outside the borders, jurisdiction, and control of the United States do not fall within the interests protected by the First Amendment.”

(DKT Memorial Fund Ltd. v. Agency for Int’l Dev., 1989, quoted in Chevron Corporation v. Steven Donziger et al., U.S. District Judge Kaplan order of June 25, 2013).

6. Non-US citizens not resident in the USA similarly do not benefit from the protection of the Fourth Amendment, which does no apply if the person affected by a “search” does not have a “significant voluntary connection with the United States (US v. Verdugo-Urquidez, 1979). Like the First Amendment, the Fourth Amendment only protect “the people”, i.e., US citizens and some eligible (US-resident) aliens.

7. Finally, the FISAA §1881a allows US agencies, including in particular the NSA, to capture and trawl through any data, including e-communications and Internet data, of or on any non-US citizen with essentially no constraints. All that is required is that the capturing and trawling does not inadvertently relate for more than 50% to US citizens, and that the data that are being looked for are “of interest” to “foreign affairs matters” of the USA: the exercise of these essentially arbitrary powers is not limited to serious offences or terrorism, or to threats to US (or US allies’) national security. See the report by Caspar Bowden et al. to the European Parliament, Fighting Cybercrime and Protection Privacy in the Cloud, 2012, and the subsequent article by him and Judith Rauhofer, Protecting their own: Fundamental rights implications for EU data sovereignty in the cloud, 2013, available at, respectively:

http://www.europarl.europa.eu/committees/en/studiesdownload.html?languageDocument=EN&file=79050

http://ssrn.com/abstract=2283175

In sum: The US Constitutional Amendments’ protections (as applied) and US Federal and State laws fall short of international standards. Under ECPA and the PATRIOT and FISA Acts, as further weakened by the secret rulings of the FISA Court, even US citizens enjoy little protection against widespread and intrusive surveillance by US national security agencies in relation to over-broadly-defined “intelligence” matters, in particular in relation to “meta” communications data and Internet data. In relation to US citizens, this may be unconstitutional. But non-US citizens outside the USA enjoy not even the (already too low) protection accorded to US citizens: they can effectively be spied upon arbitrarily, without any meaningful substantive or procedural limitations. Moreover, the US surveillance activities under FISAA in particular do not appear to be limited to matters of “national security”, properly (restrictively) defined, for neither US citizens or non-US citizens.

– o – O – o –

[1] Note that this is the case, even if the exercise of that jurisdiction would violate the sovereignty of another State, e.g., because it concerned data in another country (cf. the Lotus case, referred to in para. 7): the fact that the act was contrary to international law of course does not mean that the State perpetrating the act is not bound by its human rights obligations; that would be perverse. The point we make here is that in the circumstances described, the State is bound to comply with the European Convention on Human Rights, because the acts concerned are “within its jurisdiction”. While generally territorial in nature, this concept also covers acts carried out by State bodies within their home country (or territories of the State overseas) under domestic legislation that affects individuals in other countries.

[2] This is also the view of the vice-president of the European Commission, Viviane Reding, who issued a statement on 25 July 2013, saying: “The [EU’s new General Data Protection Regulation] will also provide legal clarity on data transfers outside the EU: when third country authorities want to access the data of EU citizens outside their territory, they have to use a legal framework that involves judicial control. Asking the companies directly is illegal. This is public international law.” See: http://techcrunch.com/2013/07/25/ireland-prism/ (emphasis added)

[3] The alliance of intelligence operations between the USA, UK, Australia, Canada and New Zealand.

[4] See the cases of Klass v. Germany (Judgment of 6 September 1978), Weber and Saravia v. Germany (Admissibility Decision of 29 June 2006), Liberty and Others v. the UK (Judgment of 1 July 2008), and Kennedy v. the UK (Judgment of 18 May 2010). See in particular the summaries in Weber and Saravia, paras. 93 – 95, and in Kennedy, paras. 151 – 154 (which quote Weber and Saravia, paras 93 – 95, thus reemphasising that the approach there summarised is now regarded as settled case-law).

NEW!! : subscribe to the first summer school on the EAFSJ…

Roma, 8-11 July
Sala conferenze Fondazione Basso – via della Dogana Vecchia, 5 – Roma

The European Area of Freedom Security and Justice (EAFSJ): scope, objectives, actors and dynamics.

Aim: to take stock of the current state of EAFSJ and of its foreseeable evolution within the next multiannual program 2015-2019 (to be adopted under Italian Presidency at the beginning of the next legislature).
Lenght: 4 one day modules
Subscriptions: on line on the Fondazione Basso internet site : http://www.fondazionebasso.it
Participation fees:
Euro 480,00 (ORDINARY FEE).
Euro 200,00 (FOR STUDENTS / RESEARCHERS) .
(Bank Account of Fondazione Lelio e Lisli Basso – Banca Nazionale del Lavoro Ag. Senato Palazzo Madama: IBAN IT18I0100503373000000002777 ).
Subscriptions should be submitted before June 15th.The Summer School will take place only if a minimum number of subscribers is reached !For further information : tel. 0039.06.6879953 – basso@fondazionebasso.it
Languages: lessons will be mainly in Italian (some lessons will be in English and French), teaching material will be in Italian and/or English, French.
English/Italian translation will be available.
The programme is on the web-site of Fondazione Basso (www.fondazionebasso.it -Tel. 06.6879953 – email: basso@fondazionebasso.it)

July 8th
A Constitutional and Institutional perspective
09h00 am – 06h30 pm

Opening speeches:
Valerio Onida: Freedom, Security and Justice related policies from a constitutional perspective and in relation with international and supranational dimensions
Stefano Manservisi: After the Stockholm Programme : how to preserve the specificity of the European Area of freedom security and Justice related policies by integrating them in the general EU governance and legal framework?

Debate

Freedom Security and Justice as the core of the common constitutional european heritage
Protecting fundamental rights: the impact of the accession of the EU to the ECHR. A common European Constitutional Heritage arising from the Council of Europe and European Union European Courts. What can be expected from the Strasbourg Human Rights Court in areas related to the FSJ?.
Speaker: Giuseppe Cataldi

Freedom Security and Justice as the core of the common constitutional european heritage
Promoting fundamental rights: the European Charter and its impact on EU policies. Even if the Charter does not extend the EU competencies it is now a constitutional parameter to be taken in account not only by the European judges but also by the EU legislature, even for policies designed with a more limited scope.
Speaker:Ezio Perillo

Debate

Evolution and transformation of the principle of Primacy of EU law. Dialogue and mutual influence of European and national Constitutional Courts.
Fifty years after the landmark case of Van Gend en Loos and four years after the Lissabon-Urteil (Bundesverfassungsgericht judgment of 30.6.2009), the tensions between EU “limits” and national “counter-limits” could arise again notably in the EAFSJ area.
Speaker: Oreste Pollicino

The EAFSJ a cross road of European and national founding values (art. 2), as well as for fundamental and European citizenship rights. How manage the indivisibility of rights and a Member States differentiated integration ?
(Opt-in Opt-out Countries). How far can the EU impact on Member States internal legislation (Towards a “reverse Solange” mechanism)? How the EU and Council of Europe can influence national fundamental rights related policies
Speaker: Nicoletta Parisi

The EAFSJ as supranational constitutional area of democracy. From National State to the European Union: what kind of relation between national and european legal orders ?
Sixty years of EU integration have changed the concept of democracy and sovereignty. There is a metamorphosis in National State’ s traditional role and its constitutional elements such as territory, citizenship and sovereign power. The Kantian vision of a peaceful cosmopolitan project mirrors the category of EU citizenship arising in the EAFSJ. Today Habermas developed the concept of “Constitutional patriottism”, underlying a “constitutionalisation” of the European supranational area. What are the pro and cons of this EU perspective ? The post-Lisbon Treaty stressed that the EAFSJ is becoming the embryo of a European public sphere as well as of a first example of supranational democracy.
Speaker: Francesca Ferraro

Debate

July 9th
Institutional dynamics and EU practices
09h30 am – 06h30 pm

The EAFSJ before Lisbon. The intergovernmental cooperation. From “TREVI” via “Schengen” to Amsterdam. The first phase.
How formerly excluded EAFSJ related policies have been integrated into the EU framework. TREVI cooperation, the Schengen agreement (1985) and its 1990 Implementing Convention as well as the Dublin Convention on Asylum.
The emerging notion of supranational space in the Single European Act (1986). The mutual recognition principle in the Internal Market and in EAFSJ-related policies. The Schengen Acquis in the EU legal framework from Amsterdam to Lisbon. Opt-in and Opt-out Countries: the impact of differentiated integration. Schengen relevance and ECJ jurisprudence on the preservation of the Schengen system consistency. From cooperation to integration.
Speaker: Dino Rinoldi

Debate

The EAFSJ after Lisbon (1). How the EAFSJ specificity has been preserved by progressively integrating it in the ordinary EU (communitarized) legal institutional framework. The impact on the EU institutions and on the MS.
Dynamics and the role of the Institutions in promoting, negotiating and implementing the EAFSJ-related policies. European Council, European Parliament, Council of the European Union, Commission and Court of Justice interplaying in the EAFSJ. The preparatory work conducted behind the scene by the Commission Directorates General, the Council working bodies – COREPER, CATS, COSI – and the EP parliamentary committees
Speaker: Antonio Caiola

The EAFSJ after Lisbon (2) How democratic principles are fulfilled in the EAFSJ. The impact of the EP on legislative procedures.
The interparliamentary dialogue and the way how the EP and national parliaments play their role when verifying the subsidiarity and proportionality principles in the EAFSJ policies. The emerging role at EU level of “political families” represented at national European and international level (European political parties, EP political groups, national parties).
Speaker: Emilio De Capitani

Debate

The EAFSJ after Lisbon (3). How EU policies are framed and implemented at national level. How cooperation, mutual recognition and harmonisation are implemented
How EAFSJ policies are implemented at national level. Problems and opportunities arising notably when implementing the mutual recognition of other EU countries’ measures. How intertwined are the EU and national administration in the EAFSJ related policies. Is there complementarity between EU and National strategies? The EU financial levy as a facilitator of mutual EU-national coordination. The emerging role of EU Authorities and Agencies as a support and meeting space also for national administrations (Ombudsman, FRA, EDPS, FRONTEX, EASO, EMCDDA, EUROPOL, OLAF, CEPOL, EUROJUST, …).
Speaker: Lorenzo Salazar

Debate

July 10th
An European space of freedom and rights
09h30 am- 06h30 pm

The EAFSJ after Lisbon (4) Placing the individuale at the heart of EU activities
How EU legislation implements the principles of equality and non-discrimination. The ECJ jurisprudence and the phenomenon of reverse discrimination. EU citizenship-related jurisprudence. Judicial action at national and European level founded on the EU Charter. Infringement of EU founding values and fundamental rights as possible exceptions to the mutual recognition obligations? Fundamental Rights Agency.
Speaker: Valentina Bazzocchi

The EU evolving framework of Transparency, access to documents, principle of good administration, and of classified information
After Lisbon a more transparent independent and efficient EU administration can be founded on Arts 15 and 298 of the TFEU as well as Arts 41 and 42 of the European Charter. However the close intertwining of the EU and the Member States has created a hybrid system of European Classified Information (EUCI), which is particularly relevant in the EAFSJ policies. How do European and national institutions implement the EU principles? How is the principle of good administration secured? What role should the EU Ombudsman play?
Speaker: Deirdre Curtin

Protection of Personal Data. The EU reform.
After the Lisbon Treaty and the merger of the so-called first and third pillars, protection of personal data can be framed in a globally consistent manner. Informational self determination, protection against possible abuses by the private sector as well as by public sector (law enforcement authorities) can now be framed at European level by taking stock of the lessons learned at national and international level (Council of Europe, OECD). How to preserve the role of national authorities and of the new coordinating body.
Speaker: Vanna Palumbo

Freedom of movement border integrated management
Freedom of movement of European citizens as well as of third country nationals in the EU remains a central and controversial issue. The integrated external border management is progressively framed at legislative level (borders, visas..) and implemented at operational level also thanks to the emerging role of Frontex and of the new European networks (SIS II – VIS). New opportunities as well as risks emerge in the definition of the EU-Member State management of internal and external borders
Speaker: Luisa Marin

Debate

European Migratory policies
Objectives, legal framework and operational setting of the EU-Member State policies. Five years after the European Pact on Asylum and Migration (2008), what lessons can be drawn for the next (2015-2019) multiannual programme? What improvements can be foreseen for the EU migration governance at central and national level? How are the Member States implementing the EU legislation? What are the main external aspects of the EU migration policy?
Speaker: Henry Labayle

The European common asylum system (and of EASO and EURODAC)
After the first generation of EU “minimum” rules the EU has now established the Common European Asylum System foreseen by Art. 18 of the Charter and Art 78 of the TFEU by taking account of the jurisprudence of the Luxembourg and Strasbourg Courts. At national level high standards should be granted to avoid the problems found for instance with Greece when implementing the Dublin system. The principle of solidarity still seems to be underexploited. Attention should be paid to the new role of EASO (Reg. (EU) No 439/2010) as well as to the implementation of the EURODAC system.
Speaker: Patricia Van de Peer

Debate

July 11
An European space of security and justice
09h30 am -06h30 pm

Judicial cooperation in civil matters; complement of the freedom of movement?
Judicial cooperation in civil matters has been one of the most dynamic domains after the entry into force of the Lisbon Treaty. Enhanced cooperation took place in matrimonial matters and intellectual property. Special attention will be reserved for the recently revised Brussels I Regulation (which abolished the “exequatur” procedure) as well as for the new Regulations on succession and wills and on mutual recognition of protection measures in civil matters.
Speaker: Filomena Albano

Internal security strategy: crisis prevention and management.
Special attention will be paid to the implementation of the 2010 European Internal Security Strategy and its impact on the cooperation between the EU institutions and agencies as framed by the “Policy Cycle” for the 2013-2017 period. There will also be a presentation of the implementation of PRUM cooperation and of the “availability principle” as well as the way how security- and intelligence-related information is exchanged notably within the framework of the so-called “Swedish Initiative”. The role played by COSI, Europol and of the internal security fund will be presented and debated together with the impact of the up-coming “Lisbonisation” of EU measures adopted before the entry into force of the Lisbon Treaty
Speaker: Sandro Menichelli

Debate

Judicial Cooperation in criminal matters
How judicial cooperation in criminal matters has been developed between countries of different legal traditions (civil and common law). Problems and opportunities arising at each level of cross-border cooperation (open coordination, mutual recognition, legislative harmonisation). The European jurisprudence (Strasbourg and Luxembourg Courts) as well as the impact of the EU Charter. The implementation of the first post-Lisbon measures and impact of the Lisbonisation of former third pillar measures in this domain. Preserving the independence of the judiciary: towards European-wide judiciary quality evaluation systems.
Speaker: Luca De Matteis

The European Public Prosecutor: a pattern also for Member States?
The OLAF Reform and the Eurojust “Lisbonisation” are intermediate phases towards the creation of the European Public Prosecutor’s office (EPPO) (Art. 86 TFEU). The latter will be empowered to bring action also before national courts. The European legislation will determine the general rules applicable to the European Public Prosecutor’s Office, the conditions governing the performance of its functions, the rules of procedure applicable to its activities, as well as those governing the admissibility of evidence, and the rules applicable to the judicial review of procedural measures taken by it in the performance of its functions. What will be the impact, the risks and opportunities arising from the creation of this new European Institution?
Speaker: Claudia Gualtieri

How to empower the EU citizens when EAFSJ are shaped and implemented ?
Round Table with the Intervention of Paul Nemitz, Antonie Cahen, Robert Bray Tony Bunyan

Final Debate

PRESENTATION OF THE COURSE

The Treaty of Lisbon and the Charter of Fundamental Rights of the European Union, which entered into force on 1 December 2009, constituted an important step both at the legal level and at the political level in the evolution of the European Union. The aim of the EU now is not only “… to promote peace, its values and the well-being of its peoples”, having presided over, since the end of the Second World War, the longest ever period of peace between European States, but also to achieve “… an area of freedom, security and justice with respect for fundamental rights and the different legal systems and traditions of the Member States.”

After the Treaty of Lisbon, the policies already provided for in the Maastricht Treaty within the framework of the so-called “third pillar” and originally focused mainly on intergovernmental cooperation and cooperation between administrations, are now to evolve into European “common policies” directly towards the interests of the individual, who is placed “at the heart of European integration.”

It is a Copernican revolution in so far as the Union is called not only to offer “… its citizens an area of freedom, security and justice without internal frontiers, in which the free movement of persons is ensured in conjunction with appropriate measures with respect to external border controls, asylum, immigration and the prevention and combating of crime” (Art. 3 TEU and Title V TFEU) but also to promote (and not only protect) fundamental rights and prevent all forms of discrimination (Art. 10 TFEU) and strengthen EU citizenship (Arts 18-25 TFEU) and with it the democratic principles on which it is based (Title II TEU).

The fact that the competences related to the ASFJ are now “shared” with the Member States (Art. 4 TEU) and are to be focused on the rights of the person brings about a daily interaction between the national and the European level, bringing into play national and European values, rights and objectives.

The process of reciprocal hybridization between the nascent European model and traditional national models is anything but politically painless, as the experience of almost thirty years of Schengen cooperation shows.

The aim of this Summer School is to assess the progress and difficulties encountered by the European institutions and the Member States in implementing the Charter of Fundamental Rights and the objectives set by the European Council in the “Stockholm Programme” of 10 December 2009.

Based on this evaluation, we intend to shed light on the possible priority bearing in mind that:
– it will be necessary to adjust the secondary legislation of the European Union in the light of the values and principles which are now enshrined in the Lisbon Treaty and the Charter of Fundamental Rights (“Lisbonisation”);
– we shall be in the final phase of the accession of the EU to the European Convention on Human Rights;
– at the beginning of the next legislature, we will be entering into a new phase in the European judicial area with the negotiations on the establishment of the European Public Prosecutor and the transition to the ordinary legislative procedure with regard to measures of police and judicial cooperation in criminal matters adopted before the entry into force of the Treaty (the transitional arrangements end on 1 December 2014);
– Member States which have hitherto enjoyed special treatment (Ireland, Denmark and the United Kingdom in particular) should have clarified their position with respect to the new phase of the ASFJ and the Schengen cooperation.

In the course of the next legislature it will also be necessary to promote greater consistency between European and national strategies related to the European area of freedom, security and justice. Just as in the economic sphere, the divergence of national public policies has put at risk the credibility of the common currency, the diversity of standards for the protection of the rights in Member States is straining mutual trust, the application of the principle of mutual recognition and the very credibility of the nascent “European model”. The strengthening of the operational solidarity between Member States’ administrations – which is being developed for example within the framework of Schengen cooperation – must be accompanied by legislative, operational and financial measures that implement solidarity between European citizens and third-country nationals on the territory of the Union.

In this perspective, Italy may play an important role as the new multi-annual programme for 2015-2019 is to be adopted by the second half of 2014 under the Italian Presidency.

Speakers:

Academics:
Valerio Onida, Former President of the Italian Constitutional Court
Giuseppe Cataldi, Pro-rettore Università L’Orientale (Napoli)
Oreste Pollicino, Public comparative law Professor (Università Bocconi – Milano)
Nicoletta Parisi, EU Law Professor (Università Catania)
Francesca Ferraro, Visiting Professor (Università L’Orientale – Napoli)
Dino Rinoldi, International Law Professor (Università Cattolica – Piacenza)
Valentina Bazzocchi, PHD EU Law (Alma Mater Università Bologna)
Deirdre Curtin, Professor of European Law (University of Amsterdam – NL),
Luisa Marin, Assistant Professor of European Law (University of Twente – NL)
Henri Labayle, Professeur de Droit international et européen (Université de Pau et des
pays de l’Adour – France)

Representatives and officials of European and national administrations:
Ezio Perillo (European Civil Service Tribunal)
Stefano Manservisi DG of the Commission DG Home
Paul Nemitz Director at the Commission DG Justice
Antoine Cahen, Patricia Van Den Peer, Claudia Gualtieri (European Parliament)
Filomena Albano, Luca De Matteis, Lorenzo Salazar (Italian Justice Ministery)
Sandro Menichelli (UE Italian Permanent Representation )
Vanna Palumbo (Garante Privacy IT)

Representatives of Civil Society:
Tony Bunyan, Director of Statewatch,Emilio De Capitani, FREE Group Secretary and Visiting Professor (Università L’Orientale – Napoli)

Terrorism and “Intelligence-led policing”: the German Constitutional Court draws its “red lines”..

On April 23rd, shortly after the European Union started working on the new Europol legal framework which is deemed to align the main intelligence led policy Agency with the Lisbon Treaty and with the European Charter the German Constitutional Court (BVG) decided to impose a strict separation between the work of the police and intelligence services. As in several other cases where the BVG jurisprudence has influenced also the European legislature this ruling will be probably thouroughly analysed also in Brussels even if the BVG maintain that the issue falls under the national exclusive competence. Therefore it will be more than likely that the principles outlined in this ruling would be taken in account in the EU draft legislation on data protection when these data are collected for security purposes.

According to the BVG press release (emphasis added) “…For the Karlsruhe based court, the exchange of data between the Federal Office for the Protection of the Constitution, intelligence services, military counter-intelligence and the police amounts to — a severe infringement of the rights of those concerned, which is why it can only be allowed in exceptional cases. The judges did, however, authorise an “anti-terrorist” listing, while declaring another “secret service contact” listing unconstitutional. Initiated in 2006, the second database contains information on 18,000 potential terrorists, supplied by 38 intelligence services.
The counter-terrorism database is in its fundamental structures compatible with the Basic Law. However, it does not meet the constitutional requirements regarding specific aspects of its design.
This is what the First Senate of the Federal Constitutional Court decided in a judgment that was issued on April 23. Under certain conditions, the unconstitutional provisions can continue to be applied until new regulation has been enacted, but no later than until 31 December 2014.

The Decision is Essentially Based on the Following Considerations: Continue reading “Terrorism and “Intelligence-led policing”: the German Constitutional Court draws its “red lines”..”

European Data Protection : legislative negotiations soon to be started …

Three years after the entry into force of the Lisbon treaty the long awaited legislative negotiations on the future European Union legal framework on data protection will now start between the European Parliament and the Council of the European Union. The competent parliamentary Committee LIBE will now debate two reports dealing respectively with
– a first report on the draft EU regulation covering the cases where possible the private sector is involved
– a second report on the draft EU Directive covering the cases where public authorities are involved.

The procedure

On the procedural side the two reports will in the coming months be debated and amendments will soon be submitted by all the political groups so that everyone will have the chance to take position on the main aspects of the proposed EU legislation. A first “orientation” vote will then take place and a majority will arise inside the parliamentary commitee and this majoritarian position will be the basis for the dialogue with the Council. The latter will also try to build its own majority between the national delegations. If successful a “general approach” will be endorsed by the Committee of Permanent Representatives (COREPER) and by the Council and this will be the Council alternative text to the parliamentary Committee “orientation”. The dialogue between the two institutions will then take place with the aim to reach a possible compromise.
If a compromise is reached it will be voted by the parliamentary committee and then by the plenary. The same will happen on the Council side and the procedure could then be considered closed (according to the practice of the so called “first reading agreement” an interinstitutional practice which has become the rule in the legislative negotiations at European Union level).

Will this procedure be successful for the data protection “package” ?

It is still possible but not granted as the issue of data protection is extremely sensitive and impact on fundamental interests in the public and private sphere. The end of the legislature is not so far (mid-2014) and there is not much time to close the negotiations in time if no “first reading” agreement is out of view in the coming months.
The pressure exist on both sides as Ireland, which is now chairing the Council Presidency, is the country where giants like GOOGLE and Facebook have their european seat, and is interested more than others in clarifying the new legal framework to avoid all the possible problems which could arise from a still unclear legal situation.
On the other side also the European Parliament is strongly committed in reaching an agreement because data protection has been at the centre of a more then a decade long “saga” with the other institutions (suffice to remember the controversial Plenary votes on the international agreements with the USA on Safe Harbor, PNR, SWIFT, and enquiry on the ECHELON system..).

However because of this pressure on both side the risk of stalemate could not also be excluded.

The evolution of the EU constitutional framework

On the Content side there are several new elements to be taken in account.
First of all since the entry into force of the Treaty of Lisbon the constitutional framework for data protection is radically changed.

Before this Treaty Protection of personal data was not an autonomous EU objective but a condition to be fulfilled as a corollary of other public objectives such as sharing data in the framework of the single market or collecting data to prevent transnational crime and terrorism. The legal basis for legislating in this domain where the articles of the treaties empowering the EU institutions for building the internal market (art.95 of the European Community Treaty) or to grant an hig level of security (art.29 of the Treaty of the European Union).

It is worth recalling that notwhitstanding its original focus on internal market the Community draft legislation (Com (90)0314 – C3-0323/Syn 287; OJ No. C277, 5.1.1990, p3) became the most advanced standard setting legal text on Data protection principles taking stock of the previous works in international fora such as the Council of Europe (Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, adopted on 28 January 1981) and in the OECD (OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal data, adopted on 23 September 1980). The legal framework for data protection by law enforcement authorities were before Lisbon much more sparse, confuse and vague because at that time protection of public security at EU level was dealt at intergovernamental level and there was no real will to harmonize the existing national (diverging) standards.
Only because of the pressure of the European Parliament and after the signature of the Lisbon Treaty (!) an intergovenramental Framework Decision on the protection of personal data processed in the framework of police and judicial cooperation in criminal matters has been published on 30 December 2008. However the Framework Decision which is still into force cover only transnational transfert of data so that it does not establish a common level of privacy protection nor cover the EU institutions and agencies (Schengen information system included) which continue even today to consider as reference the Council of Europe Convention of …1981 and a Recommendation of 1987 .

The lack of a legal general framework for data protection together with a lack of Member States political will have probably been the main cause of the interinstitutional conflicts of the last fifteen years as well as of the growing tensions with the USA. As it happens often in case of interinstitutional stalemate the only progresses made came from the jurisprudence of national and european judges.()

After the entry into force of the Treaty of Lisbon everything is changed because data protection has been recognised as a fundamental right as well as a self standing objective of the European Union.

On the first aspect the art. 8 of the EU Charter is crystal clear:
“(1) Everyone has the right to the protection of personal data concerning him or her.
(2) Such data must be processed fairly for specified purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected concerning him or her, and the right to have it rectified.
(3) Compliance with these rules shall be subject to control by an independent authority. “

In short, protecting personal data is like protecting not only the image of an individual but also his ability to act in a given society without external public and private interference (the so-called right to “self-determination” which has been shaped already in 1983 by the jurisprudence of the German Constitutional Court. According to the “Census” judgment:“A social and legal order in which the citizen can no longer know who knows what when about him and in which situation, is incompatible with the right to informational self-determination. A person who wonders whether unusual behaviour is noted each time and thereafter always kept on record, used or disseminated, will try not to come to attention in this way. A person who assumes, for instance, that participation in a meeting or citizen initiative is officially recorded, and may create risks for him, may well decide not to use the relevant fundamental rights ([as guaranteed in] Articles 8 and 9 of the Constitution). This would not only limit the possibilities for personal development of the individual, but also the common good, because self-determination is an essential prerequisite for a free and democratic society that is based on the capacity and solidarity of its citizens”.
To protect personal data amounts not only to protect the liberty of the individual and, his dignity but even a more general good of the democratic society itself.

However such beautiful principles would be meaningless if not reflected in a binding legislation and in the daily life. To reach this objective art. 16 of the Treaty on Functioning of the European Union (TFEU) makes clear that personal data should be protected by “Union institutions, bodies, offices and agencies, and by the Member States when carrying out activities which fall within the scope of Union law, and the rules relating to the free movement of such data.”

This will not be an easy task because EU law cover now all the main aspects of a person’s daily life in a global world where personal data have become the blood of the information society.
Massive data collection, on-line tracking and profiling not only by private companies but also by public authorities have become so widespread that many people consider that the protection of personal data itself do not exist any more. It seems that it has been killed
– by widespread invasive relatively low-cost technology
– by individual’s naïve behaviour in the social network
– by big private societies which are making an incredible amount of money from on-line advertising built on the exploitation of personal data (obtained for free)
– and last but not least by public authorities which, in a borderless world, having the facto lost the control of their territories try to prevent crime and terrorism by profiling potential dangerous people and collect everywhere massive amounts of personal data.

The post-Lisbon legislative data protection package

Confronted with the challenge of defining the new post-Lisbon data protection framework the Commission after thorough comparative studies has decided to maintain a twin track approach by submitting a Draft Regulation for protecting personal data in the civil domain and a Draft Directive adressed to public authorities when collecting personal data for security purposes. This choice has not been appreciated by the data protection authorities and by the European Parliament not only for the risk of inconsistencies but also for the risk of grey areas for activities which can fall in between.

CALL FOR A TRUE EUROPEAN AREA OF FREEDOM SECURITY AND JUSTICE

By the “Fundamental Rights European Experts Group” (FREE Group) (see below)
“Let’s be driven by our values and not by our fears”

1. Three years after Lisbon the objective of an EAFSJ is still far away…

Three years after the entry into force of the Lisbon Treaty and of the European Charter of fundamental rights one can wonder if the European Union and its Member States are really committed to the objective of building the European Freedom Security and Justice Area. It is worth recalling that this objective dates back to 1997 when the Amsterdam Treaty was signed, but it has since then been substantially upgraded by the Lisbon Treaty.

After years of hard negotiations between the MS the EAFSJ has been tightly linked to a newly binding Charter of fundamental rights and some of the previous political, legal and democratic flaws have been solved. For three years the qualified majority voting has been the normal Council decision-making rule, the EP is a full co-legislator and the Commission and the European Court of Justice can fully play their role.

2. A deceiving outcome on quantitative and qualitative terms..

However notwithstanding these undeniable constitutional advances, the EU recent activity is quite deceptive both in quantitative as in qualitative terms. The EU and its MS seem still in a transitional and survival phase than in the long awaited building phase of true EAFSJ.

On quantitative aspects suffice it to note that since the beginning of the legislative term less than fifty legislative proposals have been submitted and only twenty have until now been adopted (1). If this trend continues one can wonder if the European Parliament and the Council will be able to adopt in the last 18 months of this legislature all the texts currently on the table not to speak of the proposals that the Commission has announced notably from the second half of 2013.

But much more concerning are the qualitative aspects of the institutional activity in a domain which is deemed to be now the core of the European public space.

To start with some positive aspects it is more than likely that the new Common European Asylum System foreseen by the art. 78 TFEU (and by the art.18 of the Charter) will be adopted before the end of this year (2). Progress has also been achieved with the adoption of the first measures dealing with the suspect’s rights in criminal proceedings (3) as well as in the judicial cooperation in civil matters (4) and on the establishment of new Agencies (5).

These decisions have often been taken after lengthy and painful negotiations and have been accompanied by the conclusion of international agreements as happened with the EU-US TFTP and PNR agreements. However a positive assessment on the latter is not obvious and the risks has been denounced that the final outcome could still not comply with the European Charter as well as of the European Convention of Human rights standards (6). The EP rejection of the ACTA agreement (7) has confirmed that the EU institutions often do not share the same vision of the balance to be struck between freedom and security.
Continue reading “CALL FOR A TRUE EUROPEAN AREA OF FREEDOM SECURITY AND JUSTICE”

The European Arrest Warrant and the EU area of justice

The European Arrest Warrant has come under much discussion in the UK media following the arrest of Julien Assange, the founder of Wikileaks. Main arguments against the EAW surround the topic of the quantity of EAW’s being issued to the UK in comparison to the number received by other Members States and the apparent lack of judicial authority to decide on the proportionality of the crime.

The European Arrest Warrant was established after the “Tampere European Council of 15-16 October 1999 called on Member States to make the principle of mutual recognition the cornerstone of a true European law-enforcement area.” The EAW replaced the extradition system that was in place and required that “each national judicial authority” recognised requests for the “surrender of a person made by the judicial authority of another Member State” with minimum formalities.

However, Member States are still able to form bilateral or multilateral agreements with other Member States in order to simply or facilitate the process further.

There are also judicial safeguards to EAW. Each Member State may refuse to execute a European arrest warrant if:

• final judgment has already been passed by a Member State upon the requested person in respect of the same offence (ne bis in idem principle);

• the offence is covered by an amnesty in the executing Member State;

• the person concerned may not be held criminally responsible by the executing State owing to his/her age.

In relation to the current case of Julian Assange, refusal to extradite him could take place on the grounds that the motive for the EAW is purely a political one.

The UK has refused extradition in the past on these grounds. These examples are not exhaustive of the qualifying grounds to refuse extradition under an EAW, however, in each case the grounds for refusal have to be given.

The European Arrest Warrant allows for the enhanced ability to pursue justice in the European Union. The EU has progressively decreased its internal borders and facilitated the free movement of European citizens. However it is simultaneously easier for criminals to operate across the Member States . Therefore, in order to give the criminal and law agencies sufficient power, their actions must be coordinated across the EU.

In order to better tackle this challenge of international crime, the EU is progressing toward a single area of justice.

The Amsterdam Treaty officially states that the creation of a common area of freedom, security and justice is an aim of the EU. EU Member States have agreed to “approximate the definition of offences and the level of sanctions for certain type of offences” and ensure “mutual recognition of decisions taken by national judges” . These actions are enabling the EU to be perceived as a specific partner on judicial cooperation in the international scene.

“While developing its activities in those directions, the EU has carefully insisted on ensuring a high protection of individual’s rights which characterise highly demanding democracies. ”

The European Arrest Warrant, a step in the direction of an EU area of justice, has recently been discussed widely in the UK media and at least citizens are becoming aware of the topic. However there are severe, basic misunderstandings in the reports. What is needed now is journalism that is more informed. Criticism and accountability is needed, however, real accountability can only be achieved when the citizens are given the right information to truly understand the EAW. The information is already there; it needs to be coherently and accurately communicated.