UPDATE : New EU Guidelines on the European Area of Freedom, Security, and Justice (2020-2024)

Foreword (by Emilio DE CAPITANI )

According to art.67.1 TFEU “The Union shall constitute an area of freedom, security and justice with respect for fundamental rights and the different legal systems and traditions of the Member States”. This objective is very high in the EU agenda as, since the entry into force of the Lisbon treaty, it is second only to the main EU aim of promoting peace, EU values and the well-being of EU peoples. According to art.3.2 of the TEU :“The Union shall offer its citizens an area of freedom, security and justice without internal frontiers, in which the free movement of persons is ensured in conjunction with appropriate measures with respect to external border controls, asylum, immigration and the prevention and combating of crime.”. Last but not least, the Preamble of the Charter of fundamental riughts hammers the same objective by stating that :“…the Union is founded on the indivisible, universal values of human dignity, freedom, equality and solidarity; it is based on the principles of democracy and the rule of law. It places the individual at the heart of its activities, by establishing the citizenship of the Union and by creating an area of freedom, security and justice”.

Notwithstanding all these big words, ten years after the entry into force of the Lisbon Treaty it is fair to say that we are still far from reaching this objective. The increasing tension with some Member States on the very issue of the EU founding values, the lack of solidarity which still jeopardise the EU asylum and migration policies, the persisting lack of trust in police and judicial cooperation in criminal matters, the increasing pressure on EU fundamental freedom of movement are all signs that the EU is losing his compass and in some cases has even taken the wrong direction.

The fact is that more than twenty years after the first Freedom Security and Justice Agenda adopted by the European Council in Tampere we have no more the same agenda . Also at the level of the EU Institutions it is increasingly difficult to hide the different approach followed by the Member States inside the Council, the different General Directorates of the Commission and the different political groups in the European Parliament itself. Looking from outside , if there was a Treaties’ “Google Maps” you may find the European Court of Justice in Lisbon the European Parliament in Amsterdam, the Council still in Maastricht (with some Member States willing to come back to the pre-Schengen era..) and the Commission still lost in between all these ..cities. Jokes apart it is quite obvious that the policies linked to the trasnformation of the EU in a Freedom, Security and Justice Area are the most difficult to manage also at national level so that it is not easy to build at suparanational level a consistent agenda where at the same time you may bring together a political vision, a solid legal framework, an efficient supranational administration, enough financial ressources, and a strong support by the european citizens.

The latest occasion when the EU has tried to square this circle was with the Amsterdam Programme adopted immediately after the entry into force of the Lisbon treaty on December 10th 2009. Unfortunately this courage disappeared five years later in 2014 when the European Council was unable in managing at the same time the financial crisis , the new wave of terrosist attacks and the emerging pressure on the EU external borders.. For this reason it limited itself to the very simple objective of .. implementing the decisions already taken and evaluate their impact. In the following years the emphasis was then turned to the operational aspects of the cooperation between Member States so that the main developments have been on the side of the European Agencies such as Frontex (now deemed to become an Agency with 10.000 officials!), or the creation of the first European Public Prosecutor and the creatoin of impressive interoperable networks managing a vast amount of data. In a way, fostered mainly by the pressure of the Interior Ministers and of the Commission it has been a massive investment on the creation of a supranational nervous system, on building some muscles but, unfortunately without a true…brain.

It is then to be welcome that now the Council is dealing with the next steps to be made to transform the EU in a freedom and Security and justice area . This is very timely as it happens at the same time when,

  • on one side the BREXIT has taken place and, there are no more the limits which obliged the EU to establish the Schengen Area formally as an enhanced cooperation as well as to conclude specific protocols answering to the specific requests of the UK. Needless to say it will remain the position of DK and IRL but these two countries may at any moment switch to the “ordinary regime” by so crating the conditions of a common stauts (in the FSJA) for all the EU citizens and the same level playing field for the national administrations;
  • on the other side the EU is launching an European Conference on the future of Europe which will inevitably require also to overcome the deadlock in the most sensitive FSJA policies (Asylum, Migration, Internal and external security…)

In this perspective it is quite unfortunate that the current definition of new “Guidelines” has been conducted until now by stealth under closed doors and without an honest and transparent assesment of the problems and weaknesses which have prevented until now a sound transformation of the EU in a Freedom Security and Justice Area. Moreover everything has been done without any exchange with the civil society as well as with the European and national parliaments. This sounds very strange in a period when the same European Council claim to search a dialogue with the EU Citizens and praise the sincere cooperation between the EU institutions and the national parliaments … This very fact alone can question the credibility, legitimacy and even the binding nature of the Guidelines if they not comply with the obligations arising from the Treaties and linked, on one side to the principles of participative democracy (artt. 10-12 TEU) and on the other side of implementing the principle of sincere cooperation between the EU institutions (notably when this “strategy” will require the adoption of legislative and budgetary measures…).

For the time being these Guidelines are deemed to be a corollary of gthe eneral Strategic Agenda 2019-2024 adopted in June 2019 to guide the European Union’s work in the next five yearsn. After a reflection process initiated by the Romanian Presidency and continued during the Finnish Presidency, which was wrapped up in December 2019.

The document below is the outcome of a first (not public) debate at the informal Justice and Home affairs Council on January 23rd/24th and will be again on the Coreper table on February 5th. It will then be submitted for endorsement to the Council (Justice and Home Affairs) on 12-13 March 2020 in view of the European Council meeting on 26-27 March 2020. The latter will probably adopt these “Guidelines” as required by the art.68 of the TFEU which states “The European Council shall define the strategic guidelines for legislative and operational planning within the area of freedom, security and justice.” (continue)

Emilio DE CAPITANI (02-02-20)

Draft Strategic Guidelines for legislative and operational planning within the area of freedom, security and justice

In the last five years, the EU was confronted with a serious migration and asylum crisis, a brutal wave of terrorist attacks and increased foreign interference.  We rose to these challenges as a Union, by putting together a solid set of initiatives and tools.  We also had our differences, often related to geographical or historical specificities.  Diverging views emerged that have an impact on mutual trust and hamper the Union’s ability to meet expectations.

Looking ahead, we need to overcome our differences on what to do, but we also have to focus our attention on how to organise our work, tools and structures to achieve our common objectives.

Values and rule of law

  1. As stated in Article 2. of the Treaty on European Union, the Union is founded on the values of respect for human dignity, freedom, democracy, equality, the rule of law and respect for human rights, including the rights of persons belonging to minorities. The respect for those values, and for the rule of law in particular, is key for the good functioning of the Union and its internal market, for the area of freedom, security and justice and for the protection of the fundamental rights of European citizens.
  2. EU institutions and Member States have a shared responsibility to ensure that respect for the rule of law is guaranteed and that effective tools are used and, as necessary, developed to this aim.
  3. In the Council, Justice Ministers will continue to deal with issues related to the rule of law.  The respect for the rule of law in all Member States will be examined by the General Affairs Council, through a yearly stocktaking exercise closely involving Member States.  This dialogue will help EU institutions and Member States identifying best practices that are worth disseminating, but also issues that deserve attention and demand corrective actions, including adequate support where capacity building is needed. This, in turn, will reinforce mutual trust.

Mutual trust

  • Mutual trust between Member States is the basis for the development of many policies in the field of justice and home affairs which rely on mutual recognition.  More attention should be devoted to ways in which mutual trust can be reinforced.

Implementing EU law

  • Time and again, the European Parliament, the Council and the Commission have stressed the need for EU legislation to be properly applied.  Yet, it is debatable whether enough resources are secured both at national and EU levels for turning these repeated calls into reality – starting, perhaps, with a critical examination of existing legislation to improve its quality and consistency.  For instance, as regards judicial cooperation in civil matters, clear added-value for citizens and businesses needs to be demonstrated before new legislative initiatives are presented that would affect well-functioning national legal frameworks.
  • Rather crucially, the Union lacks aggregated information on how key pieces of EU acquis are being applied by Member States, including whether Member States actually make use of some of those instruments.  This situation is not optimal when it comes to adapting EU legislation or producing new obligations.  The work led by the Commission for evaluating the Schengen acquis and by the Council for mutual evaluations on the implementation of criminal law, such as, quite recently, on environmental crime and now on legal instruments such as the European Arrest Warrant, clearly serves to improve efficiency in the implementation of those policies and related legislation.
  • To reinforce mutual trust, we need to do more by developing systematic and effective joint evaluation schemes as provided for by Article 70 TFEU.  And more resources at central level, including expertise, have to be made available to support Member States.  The support given by the Commission to encourage the implementation of the passenger name record directive (PNR) is a good practice that needs to be replicated in other areas, also to address uneven financial and absorption capacities in different Member States.

Encouraging convergence of law enforcement and judicial culture

  • Law enforcement and judicial communities operate in different environments, developing different cultures within and among Member States in a way which is not always adequate for consistent implementation of EU law across the EU.  Digitalisation offers opportunities for overcoming administrative divisions, but also challenges if departments reproduce and consolidate those divisions in the organisation of information.  At EU level, digitalisation can enhance trust between Member States through joint law enforcement and judicial training schemes that could be developed for instance with Erasmus-like training modules for law enforcement and judicial communities.  The Commission, EU JHA agencies and the European Judicial Training Network are uniquely placed to foster such developments.

The Schengen area – a matter of trust

  • As stated in the Strategic Agenda, we must ensure the integrity of our territory, also as a means of reaching the objective of the Treaty as regards the absence of internal border controls.
  • Control over who enters and travels in the European Union and the Schengen area will be reinforced through the full implementation of the rules recently adopted on systematic controls at the external Schengen borders, and through the greatest possible use of existing systems (SIS, VIS, EURODAC, PNR, Prüm, ECRIS, EIS), fed with quality data, and the rapid deployment of new systems (ETIAS, EES, ECRIS-TCN).
  • The effective implementation of interoperability solutions, opening the way for the integration of decentralised systems, customs databases and financial investigation tools, will also strengthen mutual trust – as will control over secondary movements of migrants and asylum seekers.

One Europe, One Space

  1. What the EU policies should be as regards border checks, asylum and immigration is well defined in the Treaties and has been widely debated over the last five years, in meetings of working parties, special committees, Coreper, Council and European Council.  Divergences have appeared over the reform of the common European asylum system but there is also a broad measure of agreement over the objectives of our common policies – including on the necessity to streamline the operation of our asylum system, from entry to either integration or return, so that decisions are taken in the most efficient and expedient way in the interest of all persons involved.  In developing a new pact on Migration and Asylum as announced by its President, the Commission will address all these issues.  To deliver on our objectives, however, organisation also matters.

Reaching out to third countries with appropriate means and resources

  1. The EU’s efforts to strengthen cooperation with countries of origin and transit have produced some results. But more needs to be done to prevent irregular migration, to protect refugees close to their homes, encourage returns, readmission and reintegration, and to offer legal pathways.  Incentives and leverages, with appropriate financial support, should be brought to bear in a reversible manner and with a thorough understanding of the difficulties faced by each country – whether through structured partnerships or more flexible arrangements.  The role of Member States is essential in reaching out to partners, building upon existing relations and making sure the messages conveyed by EU actors and by those Member States that are most involved are coherent.
  1. Expanding efforts towards third countries means bringing interaction between Member States and EU structures to a whole new level.  To engage properly with third countries in our complex institutional set-up, we need to identify much more clearly who is in charge of what on the basis of which information and with what leverage.  Securing returns of migrants who have no claim to remain on European soil is a difficult task, for which support from EU structures and institutions could make a real difference if conducted in a coordinated way, with appropriate consideration for the situation of countries of origin and with proper alignment of several policy areas, including visas, legal migration possibilities, development and trade.
  2. Streamlining the EU’s efforts in this manner, with political steer from the Council to define positions to be adopted towards third countries on migration issues, would help convince Member States to engage their political capital in a common approach, to be conveyed with adequate commitment and firmness by all EU institutions and services.

Facing migration and asylum crises – lessons learned

  1. Over these last years, much has been done to address difficult situations in Member States most affected by disproportionate migratory and asylum pressure.  The EU’s empirical response, developed with those Member States by the Commission and EU agencies, has yielded important results. This know-how will help the EU to deal with similar situations of various intensity which will occur in the future.  Hence the call for a structured migration management mechanism, with real-time monitoring, early warning and a single point of coordination and decision-making across the EU to mobilise structures, tools, human and financial resources as needed, across EU institutions and agencies and in cooperation with Member States. Robust intelligence coming from all actors, supported by adequate technology, can provide accurate situational pictures, with risk and threat assessments leading to preventive action to avert crisis situations before they arrive at the EU’s external borders or to handle such situations should they nevertheless occur.

From prevention to sentencing – strengthening the security chain

  1. Because of their importance or their geographical coverage, many security threats have to be addressed also at EU level – such as corruption or organised crime, which is a growing concern in all its dimensions.  A truly integrated approach to security means covering the entire security chain, with enhanced operational and interagency cooperation between police, border guards, customs, judiciary, immigration and asylum authorities.  Appropriate action at EU level, through the integration of tools and operational frameworks, would help overcome deep-rooted administrative divisions at national level, encouraging cooperation and synergies.  EU JHA agencies have an important role to play in an enhanced interagency approach and priority should be given to pooling and sharing equipment, specialised technical solutions, resources and expertise in areas where Member States lack sufficient capacities.
  1. Information management is a key enabler for these developments. Implementing properly EU legislation on interoperability requires a lot of attention at national and EU level, as demonstrated by the Commission’s current support to Member States in managing change.  At practical level, priority should also be given to the quality of data fed into EU information systems and to improving data analysis capacities, supported by common standards, structures, and technological tools. Developing artificial intelligence solutions and further automation in full compliance with data protection rules could help address the challenges posed by the processing of large data sets.
  2. In this context of digitalisation, it is not clear that the mandates and resources of relevant JHA agencies adequately cover current and future needs.  Adequate funding has to be secured for all JHA agencies and offices so that sound financial management can be combined with correct allocation of resources in view of the tasks they have to perform.  This evaluation will have to be made, also as regards the mandate of Europol and the possible extension of the mandate of eu-LISA to customs and judicial systems.

Mastering new technologies and artificial intelligence

  • The Strategic Agenda recalls that the EU must work on all aspects of the digital revolution and artificial intelligence, in a manner that embodies our societal values, promotes inclusiveness and remains compatible with our way of life.  This technological revolution calls for an ethical and regulatory framework to ensure the sound integration of new technologies – thereby making choices, ethical, political, economic and legal, to define the place of such technologies in human society.  Industry, professionals and citizens expect clarity, legal certainty and structured knowledge, including risk awareness.
  • This means developing standards and certification procedures for agents and systems based on, or integrating artificial intelligence, with protocols including ethical considerations, statistical validation and risk assessment.  There is also a need to deal with some specific characteristics of artificial intelligence, such as the opacity of the systems, to ensure the effective enforcement of existing laws and the protection of fundamental rights, and to avoid discrimination.  Current concepts of “civil liability” and “criminal liability” would need to be further developed.
  • Our regulatory framework has to address data protection issues in a big data environment, as well as security concerns related to automated decision-making and, more generally, to digital transformation.  This raises the issue of impact assessments, which, when available, do not seem to give enough priority to the implications of technological developments for internal security.
  • More generally, new technologies currently emerge in a loose regulatory environment, which is an issue in view of the disruption they are apt to cause to representative democracies.  One way of addressing this concern upfront is to encourage at EU level a preventive approach, involving dialogues with industry, research and academia and taking an active part in standard-setting instances. Synergies with relevant developments in defence industry should also be exploited to avoid duplications and optimise the use of resources.
  • All in all, the cross-cutting nature of these challenges calls for new ways of working between policy departments, both at national and EU levels.  Within the Council, presidencies will have to devote time and resources to ensure that the development of common policies is properly coordinated.

*

The implementation of those guidelines will be regularly monitored by the Council to ensure that, in particular, organisational issues are addressed in order to deliver on the priorities of the Strategic Agenda 2019-2024.


[1]             Article 68 TFEU reads as follows: “The European Council shall define the strategic guidelines for legislative and operational planning within the area of freedom, security and justice”.

Evaluation of the General Data Protection Regulation

by EIAD – European Academy for Freedom of Information and Data Protection. Europaische Akademie fur Informationsfreiheit und Datenschutz Academie europeenne pour la liberie d’information et la protection des donnees

Berlin, 27 January 2020

A. General remarks

Article 8 of the EU Charter of Fundamental Rights (EUCFR) guarantees the protection of personal data and requires independent data protection oversight. With the General Data Protection Regulation (GDPR), there has been one EU data protection law directly applicable in all Member States since 25 May 2018. The extent to which the goals of the GDPR have been achieved cannot yet be seriously assessed after only 18 months. According to Art. 97 GDPR, the European Commission is required to continuously review the application and effectiveness of the Regulation and to report on this for the first time on 25 May 2020 and, if necessary, to submit proposals for amending and further developing the Regulation.

There is no denying that the GDPR has advanced the harmonisation of European data protection law and its application compared to the largely fragmented previous legal situation. The regulation has also strengthened the data protection rights of individuals subject to the processing of their data. The GDPR also provided data protection supervisory authorities with effective means of enforcement. However, it has become apparent that there are still shortcomings in the areas described above which need to be remedied.

The GDPR has had a significant impact on the global debate on data protection issues.

Several non-European countries and federal states have now passed laws based on the model of the GDPR. Examples include the Californian Consumer Privacy Act (CCPA), which came into force on January 1, 2020, and the new Thai Data Protection Act. The US Congress has received several drafts for a federal data protection act. It is currently discussing them on a bipartisan basis.

In addition, the data protection agreement concluded between the European Union and Japan in early 2019 has created the world’s largest zone with a uniformly high level of data protection. This has improved the opportunities for the European economy to remain competitive in the face of ongoing digitization.

The present opinion is based on the experience gained so far and is therefore provisional in nature. It is focused on key areas of action in which further development of the legal framework already appears appropriate.

B. Proposals

1.     Harmonisation

The large number of opening and concretisation clauses in the GDPR urgently needs to be reviewed with a view to reducing them. As a result of the fact that the Member States have made use of national options in very different ways, a regulatory patchwork of the most diverse provisions continues to exist in many areas. This severely compromises the goal of harmonising data protection law in the EU as far as possible and the associated free movement of data. Moreover, fragmentation causes considerable practical and legal problems for legal practitioners.

1.1.     The opening clauses of the GDPR for processing by public authorities allow not only for more precise regulations in the law of the Member States, but also for clarification by Union law.

The legal requirements for such regulations, such as those in Article 6 (3) GDPR and Article 9 (2) GDPR, should be specified with regard to the particular relevance of data processing by public authorities to fundamental rights in such a way that the guarantees specified in the GDPR may only be deviated from in favour of the persons concerned. In addition, so far there are Europe-wide references, the EU legislator should make greater use of its power to specify in order to further develop the principles of the GDPR in a harmonised manner for the public sector.

1.2. The diversity of regulations is particularly serious in the research field. The application of the provisions on scientific research has shown the need for more integrated rules on processing for scientific purposes, in particular for European cross-border research. Art. 89 GDPR should be revised accordingly in order to ensure a uniformly high level of data protection throughout the EU.

1.3. A higher degree of harmonisation is also needed for the processing of personal data in the employment context. The requirements for employee data protection of Art. 88 GDPR should be designed as binding guidelines for the processing of employee data and not merely as an option for national legislators. Nevertheless, it should still be possible to specify the requirements in national law and collective agreements.

1.4. In view of the increasing importance of interactive, cross-border media, more binding and concrete criteria are needed for weighing up the relationship between data protection, free speech and freedom of information. Art. 85 GDPR should be further developed accordingly.

1.5. The cooperation of DPAs is crucial for the uniform application of data protection law. The principles set out in Chapter VII (Art. 60-78) GDPR must be made more effective. There is a need for legal remedies if a supervisory authority fails to take a decision pursuant to Art. 58 in cases of cross-border importance, delays it, or intends to refrain from taking a formal measure pursuant to Art. 58 (2) GDPR with a view to amicably resolving a dispute with the company. It must be ensured by corresponding changes in Art. 64-66 GDPR that the provisions on the coherence procedure also apply to such cases.

2. Profiling / Automated decisions

Greater attention must be paid to automated systems which make or prepare decisions important for the individual or for society. Of particular relevance in terms of data protection law is the compilation and evaluation of data for the purpose of assessing individuals (profiling) and the use of algorithmic decision making systems, for example in connection with the use of “artificial intelligence” (AI).

2.1.    Art. 22 GDPR should be adapted to cover all cases where the rights and freedoms of natural persons are significantly affected. Profiling must be regulated as such (and not just decisions based on it). It should be clarified that the rules for automated decision-making also apply to decisions that are essentially based on algorithmic systems (algorithmic decisions). In this respect, absolute limits must be defined, admissibility requirements must be standardised and the principle of proportionality must be specified. In doing so, the specific requirements for the use of sensitive data and for the use of data relating to children shall be taken into account. The transparency requirements of Art. 12 et seqq. for profiling and automated decisions should be formulated more specific. Persons affected must always be informed when profiling is carried out and what the consequences are. In the case of algorithmic and algorithm-based decision-making systems, the underlying data and their weighting for the specific case must be disclosed in a comprehensible form.

2.2.    With regard to the functioning and effects of algorithmic and algorithm-based decision systems, in particular to avoid discrimination effects, mechanisms of algorithm control should be implemented. The requirements for data protection impact assessment formulated in Art. 35 (7) GDPR should be specified accordingly.

3.     Data protection technology

In addition to written law, ensuring effective data protection is largely determined by the design of technical systems. The statement “Code is Law” (Lessig) applies more than ever in view of increasingly powerful IT systems and global processing. It is therefore all the more important to ensure that technical systems are designed in a way compatible with data protection, especially with regard to limiting the scope of personal data processed (data avoidance, data minimisation).

Anonymisation and the use of pseudonyms are effective techniques for limiting risks to the fundamental rights and freedoms of natural persons, without unduly restricting the knowledge that can be gained from the data processing. In view of the high speed of innovation, it is necessary to examine to what extent the legal requirements guarantee adequate protection.

3.1. The provisions on technological data protection (Art. 25 GDPR) should take into account the particular risks arising from the use of new technologies and business models (in particular artificial intelligence, data mining, platforms). Corresponding specifications for the design of such systems should be specified by the European Data Protection Board.

3.2. In view of the rapid technological development, the requirements for anonymisation and pseudonymisation in Art. 25 GDPR and for the use of anonymised data should be made more specific. This should be supplemented by prohibitions of de-anonymisation and the unauthorised dissolution of pseudonyms, with the possibility of criminal prosecution.

3.3.     The responsibility of the manufacturers of hardware and software should be increased, for example by extending the definition of the responsible person to include the natural or legal person, public authority, agency or other body marketing file systems or personal data processing services.

At the very least, they should be included as addressees of the rules on data protection by means of technology design and by means of privacy by default, Article 25, and security of processing, Article 32 GDPR, in addition to the controller and processor, with the consequence that providers of personal data processing systems and services are responsible and liable for the implementation of the requirements at the time of placing on the market. In particular, they are to be legally obliged to provide all information required for a data protection impact assessment prior to the conclusion of a contract and all information and means necessary for the implementation of the rights of the persons concerned, irrespective of company and business secrets. This could also make the provisions on certification under Art. 42 effective. Consideration should also be given to extending the regulations on liability and compensation (Art. 82 GDPR) and on sanctions (Art. 83 f) to manufacturers.

4.     Rights of data subjects / self-determination

Self-determination and the rights of the persons concerned by the processing are at the centre of the fundamental right to data protection and the fundamental right to informational self-determination established by the Federal Constitutional Court. Although the GDPR standardises the central possibilities of influence of the individual on the processing of his or her data and his or her rights vis-à-vis the responsible parties, the actual possibilities of influence of the data subjects are often very limited. This applies in particular to the practice of various powerful companies offering services in which data subjects are trapped by lock-in effects. The rights of those affected should therefore be further strengthened.

4.1. The rules on consent (Art. 7 GDPR) and the right of objection (Art. 21 GDPR) must be supplemented in such a way that the persons concerned can make use of technical systems to determine their data protection preferences when exercising their decision-making powers. Those responsible must be obliged to respect these specifications and the decisions based on them.

4.2. In Art. 12 ff GDPR it must be ensured that the information provided for the data subject relates to data processing actually intended. It should also be clarified that the controller must inform the data subject of all known recipients to whom personal data of the data subject are or have been disclosed. In addition, the person responsible must be obliged to record the transmission of the data and the recipients, so that he cannot evade his obligation to provide information on the grounds of “lack of knowledge”.

4.3. The transparency obligations pursuant to Art. 12 et seq. are to be specified with regard to the use of profiling techniques and algorithmic decision-making procedures (cf. point 1, 2nd indent above).

4.4. The right to restriction of processing (blocking) in Art. 18 GDPR should be extended to those cases in which the necessary deletion is not carried out because the data must be kept only for the purpose of complying with retention periods.

4.5. The right to data portability (Art. 20 GDPR) should be specified in such a way that the data must be made available to the data subject in an interoperable format. It should also be ensured that the right covers all data processed by automated means that the data subject has generated (including metadata) and not only those that he has deliberately entered into a system. Furthermore, companies and platforms with a high market penetration should be obliged to make their offerings interoperable by providing interfaces with open standards.

C. Evaluation of the legal framework

Article 97(1) of the DS-GVO provides for an evaluation of the GDPR after 25 May 2020 at four-year intervals. In view of the rapid technical development in the field of data processing, it appears necessary to shorten this evaluation interval to two years. Even if the legal framework is designed to be technologically neutral, it must react to technical developments as quickly as possible otherwise it will fast become obsolete.

EUROPEAN LAW BLOG : E-Evidence in the EU Parliament: Basic Features of Birgit Sippel’s Draft Report

ORIGINAL PUBLISHED HERE :https://europeanlawblog.eu/2020/01/21/e-evidence-in-the-eu-parliament-basic-features-of-birgit-sippels-draft-report/

21 JANUARY 2020/ BY THEODORE CHRISTAKIS

Discussions on E-Evidence are heating up at the EU Parliament

Taking into consideration the significant legal challenges from the globalization of criminal evidence and considering that traditional instruments for cross-border cooperation such as Mutual Legal Assistance Treaties (MLAT) are too slow and cumbersome, the European Commission proposed, on 17 April 2018, the “E-Evidence” legislative package (E-Evidence), which aims, to streamline cooperation with service providers and supply law enforcement and judicial authorities with expeditious tools to obtain e-evidence.

Despite difficult negotiations among EU Member States, the EU Council of Ministers succeeded in adopting on December 7, 2018 its “general approach” on E-Evidence. This led to a storm of reactions by NGOs, the industry, members of the European Parliament (MEPs) and at least seven EU States, including Germany, who opposed the Council’s draft. The Netherlands, for instance, denounced the Council’s text for being adopted “too fast” and stated that it “opened the way for abuse by EU countries that lack sufficient guarantees over the rule of law and fundamental rights”. In an article published a year ago and entitled E-Evidence in a Nutshell:  Developments in 2018, Relations with the Cloud Act and the Bumpy Road Ahead I presented an overview of the major features of the Council’s draft and the principal points of contention.

The months that followed showed the significant challenges that need to be addressed before a compromise is found at the EU on E-Evidence. The Civil Liberties, Justice and Home Affairs (LIBE) Committee of the European Parliament spent most of the year 2019 in drafting seven working documents on the topic. On 8 November 2019, however, an important development took place: the LIBE Committee’s Rapporteur MEP Birgit Sippel released her draft Report on the E-Evidence draft Regulation.

Sippel’s Report constitutes a huge departure from both the Council’s general approach and from the initial Commission’s proposal. It presents… 267 amendments to the Commission’s proposal aiming to modify not only every single article in the Commission’s and the Council’s drafts, but also some important mechanisms and pillars of these drafts.

While this time the NGOs’ and the industry’s first reactions have been generally positive, Sippel’s Report has provoked a strong reaction by the Commission which led to an unusual institutional confrontation at the EU. More precisely, the Commission was accused of circulating to a selective list of stakeholders and MEPs (but not to the E-Evidence Rapporteur herself) a Non-Paper highly critical of Sippel’s Report and claiming that the amendments suggested by the Rapporteur will have a major impact on the efficiency of E-Evidence. This, in turn, led to a strong reaction by the chairman of the Parliament’s LIBE Committee, Juan Fernando López Aguilar, and Birgit Sippel herself, who wrote to Justice Commissioner Věra Jourová to complain about the Commission’s Non-Paper: “From an EU institutional point of view, such a practice by the Commission … raises serious questions as to the principle of sincere cooperation between the institutions,” their letter read. They also protested about the lack of transparency on the Commission’s side and the inclusion in the Non-Paper of factual errors about the content of Sippel’s Report. Following this, the Rapporteur also addressed a letter to her MEP colleagues intending to “clarify” the “misunderstandings” appearing in the Non-Paper and to defend the efficiency of her approach.

It is against this “electric” background that the different political groups introduced a total of 841 amendments to the E-Evidence proposal and that the first meetings between the shadows and the Rapporteur took place during the month of January. The LIBE Committee is due to vote in February or March on this legislative proposal, but it has not yet been determined whether the vote will take place on a new compromise proposal from the committee or whether there will be a vote amendment-by-amendment. A full plenary vote of the European Parliament should take place afterwards.

The objective of this paper is to present briefly some among the major features and mechanisms of Sippel’s Report. This paper is based in a much longer study that I have just published with the Cross Border Data Forum (CBDF) analyzing in detail the extent to which the legal regime proposed by the Rapporteur could strike the right balance between necessary protections and efficiency (see: “Lost in Notification ? Protective Logic as Compared to Efficiency in the European Parliament’s E-Evidence Draft Report”). The conclusion of this study is that, while there are reasons for a number of modifications and adjustments, Sippel’s Report is the product of much work and thinking and includes important ideas and mechanisms that appear useful for the future negotiations on E-Evidence. Here are some among the basic features of Sippel’s Report.

1) Two in One? Merging the Regulation and the Directive

An important structural amendment is that the Report proposes to merge the two instruments proposed by the Commission (a Regulation and a Directive) into a single one. The Rapporteur advances several arguments to justify this, including the concern that by introducing a separate Directive (which will oblige service providers to designate a legal representative in the Union) the Commission might have the hidden intention to “also use it for other future instruments. “In that regard”, argues the Rapporteur, “the proposed Directive overreaches its goal and raises serious issues with its legal basis, namely the Articles 53 and 62 TFEU” (see Sippel’s Report, at 146).

According to my information, the Commission strongly opposed the suggested suppression of the proposed Directive, considering that this would deprive the whole E-Evidence package of its added value, especially as far as third country service providers are concerned. The Commission emphasized that the legal basis for the Regulation (Art. 82(1)) TFEU cannot be used to compel service providers from third States to designate a legal representative in the Union. As a result, a different legal instrument, with a different legal basis, is necessary.

2) A Double Notification Mechanism

By far the most important change proposed by Sippel’s Report is that it introduces a meaningful notification mechanism permitting EU Member States to exercise their traditional protective functions and ensure the respect of fundamental rights on their territory.

The Report provides for notification to both the “executing State” (i.e. the State of the service provider) and the State of residence (“affected State”), when the latter is known to be different from the “issuing” and the “executing” State.

The Notification mechanism is not toothless anymore (as in the Council’s version). The executing State can object with several grounds of refusal available, including protection of human rights, privileges and immunities.

The Report is not founded in ‘absolute’ mutual trust (as the Commission’s version) but on the idea that efficiency arguments should not override the need to protect fundamental rights. It claims, nonetheless, that efficiency will not be significantly affected because the timeframe proposed by the Commission can be respected with much stronger safeguards if each actor plays its own role.

In my CBDF study I analyze in detail the two proposed notification mechanisms and I assess the extent to which each one of them could strike the right balance between necessary protections and efficiency. My basic conclusions are the following.

A) Notification to the “Affected State”: High Protections with Low Burden

First, the introduction of a notification to the “affected State” (the Member State of permanent residence of the affected person) is undoubtedly the major single improvement introduced by Sippel’s Report. Notification to the “affected State” is highly protective. It has the great merit of bringing the targeted individual back into the equation. The Member State of residence would thus be able to exercise its traditional protective functions concerning the human rights of the targeted individual. It will have much more powerful incentives to proceed to such a control than the enforcing State (where the service provider is based) which, most often, has a weak link to a criminal case. Moreover, such a notification will permit to protect the sovereign prerogatives and fundamental interests of the Member State where the data subjects reside, such as the national security of the Member State of residence (if, for instance, the targeted person is an agent of the receiving Member State), trade secrets (if the target is a business executive) or other essential interests.

It is thus clear that the notification to the affected State will greatly enhance the human rights and other protections of E-Evidence. But what about efficiency? The Commission claimed that the system would be too burdensome. In my CBDF paper I explain in detail why the Commission is wrong, subject to the condition that notification to the affected State should only concern the most intrusive for human rights forms of data, namely content and transactional data. It would, however, be an error to introduce into the notification regime subscriber or access data, as the Rapporteur seems to suggest.

Indeed, notification of the affected State, where applicable, would remain entirely inside the timeframe (10 days) proposed by the Commission and the Council. Efficiency is affected much less than commonly assumed, because in most cases (93%) the investigating/issuing authority seeks data on its own residents. In contrast to a Mutual Legal Assistance Treaty request, which requires notice to a different country in 100 % of cases, the “affected state” provision would thus apply in less than 7% of cases. On the basis of the existing data, it seems reasonable to believe that the 20 smallest EU Member States would be notified as “affected State” no more than a few dozen times per year. The burden should thus be low and manageable for them. If one considers than during the year 2018 Facebook received and examined a total of 53,841 data requests, followed by 47,011 for Google, 43,480 for Apple and 22,919 for Microsoft (see here, at 12), it would be an insult to countries like Sweden or Austria to argue that they would be unable to examine a few dozen notifications per year in order to protect as “affected” States the human rights of their populations and their sovereign interests.

In my CBDF paper I also advance a series of arguments in order to rebut the Commission’s argument that “notification to the affected State will go far beyond what exists under current mutual recognition and legal assistance instruments”. In my view, the introduction in the E-Evidence package of the concept of the “affected State”, as Sippel suggests, will permit to “adapt” in an appropriate way in the digital world protections that already existed traditionally “in the physical world” under MLA systems. As a conclusion, while the burden for affected States should be low and the “protecting human rights/sovereign interests benefit” for them and their populations should be high, law enforcement people involved in the e-evidence negotiations do not always seem to realize the importance of this mechanism and do not necessarily declare themselves willing to ensure this “responsibility to protect” function envisioned for them by Sippel.

B) Notification to the “Executing State”: More Challenging but Could Become Feasible

Things are more challenging concerning the mechanism of notification to the executing State also put forward in Sippel’s Report.

While notification to the “affected State” (if the State of residence of the person whose data is sought is other than the issuing State) makes real sense for the reasons explained above, notification to the executing State seems less compelling. Imagine a crime committed in France. The victim is French, the suspect is a French person and resident. What is the point of obliging France to notify Ireland only because the service provider of the suspect is established in Ireland or has his legal representative there?

Despite the lesser relevance of notification to the executing State, whose link to a criminal case is often very weak, it seems that this idea is strongly imprinted in the mind of different stakeholders.

In Sippel’s Report there is no doubt that notification to the executing State, combined with notification to the “affected State”, offers important additional protections and guarantees. Among other things, such a notification permits to deal with a number of issues such as conflicts of laws concerns or rule of law problems in the issuing State – especially taking into consideration that 93% of all criminal investigations have an entirely “domestic” character and there will thus be no notification to an “affected State” for them. In Sippel’s mind, the involvement of the executing State is absolutely necessary not only in order to resolve such rule of law problems but also in order to give a solid legal basis to E-Evidence (Art. 82 TFEU, based on the notion of cooperation between two judicial authorities). She introduces the concept of the “executing” State (instead of “enforcing” State in the Commission’s draft) which will be automatically involved in all European Production Orders (EPOs) thanks to this system of notification and which will be considered as having recognized automatically the EPO Certificate unless if it raises a ground for refusal.

As I explain in my CBDF paper, there is a strong protective logic behind Sippel’s proposal, but the system, as it was introduced, would undoubtedly create a huge burden for the executing State and might make the future instrument unattractive to law enforcement authorities (LEAs). It seems to me that the only way to make this notification less burdensome would be not only to introduce some necessary amendments exposed in my CBDF paper but also to implement this system on the basis of the understanding that the executing authorities will not need to systematically examine each EPO but will only need to take action in some exceptional circumstances. The whole idea would thus be that there will be a “guardian of the Temple” in case of trouble, but this guardian will not need to check and clear all persons entering the Temple.

3) Enhanced Human Rights Protections

Numbers are not always relevant, but it is interesting to note that Sippel’s Report mentions Human Rights 31 times – up from 17 in the Council’s draft.

The meaningful notification system, explained above, is presented as the major step forward to allow that the rights of affected persons are guaranteed by the executing State and, where applicable, the affected State. Others pro-human rights amendments include:

  • Notice-by-default for persons targeted by orders issued under the Regulation (unless there is a non-disclosure order validated by a court to avoid jeopardizing the specified investigation – see amendment 164). This is in contrast with the downgrade operated by the Council and the lacuna in the Commission’s draft discussed here. It is interesting to note that the non-disclosure Court order is directly influenced by the US system of gag orders.
  • rejection of the new data categories introduced by the Commission (“access” and “transactional” data) and return to what is presented (see Report at 147) as “clear data categories (based on existing EU and national legislation and in line with CJEU case law)”, namely: “subscriber”, “traffic” and “content” data. The Commission, however, insisted that its proposed new category of “access data” (as opposed to traffic or transactional data) is extremely important in order to enable LEAs to identify the subscriber of a service at the early stages of the investigation – and should thus not be deleted as suggested by the Rapporteur.
  • Due regard for issues such as respect of ne bis in idem principledual criminality considerationsprivileges and immunities, including protections for medical and legal professions, freedom of press and freedom of expression.
  • Limitations to the use of data obtained, including rules on (in)admissibility of evidence & erasure of data obtained in breach of Regulation.
  • Much greater concern for effective legal remedies not only in the issuing but also in the executing State in accordance with national law, including the possibility to challenge the legality of the order.

4) A More Appropriate Role for Service Providers

The Report proposes a more appropriate role for service providers. The logic is that the responsibility of protecting human rights should not be shifted from States to service providers, but recognizes that the latter may be able to provide critical information relevant to the assessment of the necessity and proportionality of orders as long as they are not solely responsible for this process.

While logically providing for sanctions if service providers do not cooperate, the Report abandons the hugely punitive sanctions of the Council (“2% yearly turnover”) which could have a chilling effect on providers’ incentive to challenge abusive orders.

The Report also introduces an immunity from liability provision for service providers for any consequences resulting from compliance with an EPO, subject to other data protection obligations.

The Report seems to partially resolve a concern raised by service providers, academics and others, regarding when an EPO should be used instead of domestic procedures. Both the Commission and Council’s approaches created uncertainty and raised the possibility that Member States could resort to the use of domestic measures, potentially in cross-border scenarios, but Sippel’s Report seems to clarify that Union measures should always be used in cross-border scenarios. Service providers have expressed concern that, without clarifying language, the Commission and Council’s approach would have created a backdoor, allowing Member States the opportunity to simply ignore the E-evidence legislation altogether and use domestic measures which could lead to fragmentation and conflicts of law. Sippel’s amendment 83 would delete language preserving use of a domestic backdoor (“without prejudice to the powers of national authorities to compel service providers established or represented on their territory to comply with similar national measures”). However, there is no affirmative requirement that would require Member States to use the E-Evidence mechanisms over national measures in cross-border cases.

5) Other Features

At least four other important features of Sippel’s Report need to be mentioned:

  • Conflict of laws -– On conflict of laws, interestingly, the Report does not go back to the elaborated mechanism proposed by Commission and abandoned by the Council (explained here) but provides for a reasonable mechanism based on the appreciation of both the issuing and the executing State’s authorities.
  • A higher threshold for issuing production orders – Sippel’s report provides that European Production Orders requiring production of content or “traffic” data (which includes the “access” data category introduced by the Commission) “may only be issued for criminal offences punishable in the issuing State by a custodial sentence of a maximum of at least 5 years”. This is 2 years more than the threshold in the Commission’s and Council’s drafts (“3 years”) and means that, for these categories of data, EPOs can only be issued for the most serious crimes. It would be surprising if LEAs around Europe accepted such a high threshold.
  • Extension of timeline for application of the Regulation – Sippel’s Report extends the timeline for application of the draft Regulation from six months after its entry into force (provided in the Commission’s proposal) to three years. This means that, in the best case, E-Evidence will not be applicable until the end of 2023. While it makes a lot of sense to provide for the necessary time in order to implement a new and complex system as E-Evidence (the Council itself proposed a deadline of 24 months in its general approach), three years might appear too long for law enforcement people. This, in turn, raises the risks that some Member States might enact in the meantime national laws to enable access of their LEAs to e-evidence (through extraterritorial or data-localisation measures) leading to fragmentation and unwelcome complications.
  • “Independent” Prosecutors – The Report proposes to systematically replace the term “prosecutor” in the draft Regulation by the term “independent prosecutor”, defined as not be “exposed to the risk of being subject, directly or indirectly, to directions or instructions in a specific case from the executive, such as a Minister for Justice, in connection with the adoption of a decision”. This was done in order to reflect recent CJEU case law (see eg Minister for Justice and Equality v OG and PI, discussed in this Blog here). This means, in practice, that prosecutors that have been found by the CJEU not to respond to these “independent” requirements (such as German prosecutors) would not be able under the draft E-Evidence Regulation to request the production of subscriber data and the preservation of data. This would be a limitation to what these prosecutors can already do under domestic law. It would thus be surprising if LEAs all over Europe accepted such limitation. More generally, it should be important to think if CJEU (or European Court of Human Rights) judgments adopted under different circumstances are automatically transposable to other situations. The above-mentioned CJEU cases concerned the sensitive issue of which bodies are “issuing judicial authorities” capable of issuing European Arrest Warrants with a view to the arrest and surrender, by another Member State, of a requested person. One could argue that the particularly high threshold of independence of prosecutors required by the CJEU when the very right to liberty is at stake, should not necessarily be transposed automatically to the E-Evidence context, in relation with the bodies authorized to issue requests for the production of subscriber data and the preservation of data which are less intrusive measures for human rights than the ones envisioned by the original judgment.

Conclusion

Sippel’s version of E-Evidence is far more protective for human rights than the Commission’s or the Council’s drafts. Thanks to this protective approach Sippel succeeded in making the “paradigm shift” introduced by E-Evidence acceptable to fundamental rights experts (and likely very hard to challenge tomorrow in European courts).  NGOs and other stakeholders who were firmly opposed to E-Evidence, pleading instead for an improvement of MLA mechanisms (such as the European Investigation Order), suddenly seem to consider that E-Evidence could be compatible with strong human rights protections. “Has Sippel MEP been successful at repairing the unrepairable?”, asks for instance EDRi.

There is also little doubt about the fact that Sippel’s version of E-Evidence is much better for service providers than the Council’s or the Commission’s drafts. Sippel’s report provides a workable regime for service providers and legal certainty while relieving them from liability issues. Without transforming them to legal assessors of fundamental rights (as the Commission did), Sippel’s system gives the possibility to service providers to protect their customers and users and to flag eventual problems to States who remain, nonetheless, the traditional guardians of human rights. When the Council of the EU adopted its draft, the Business Software Alliance denounced a “disappointing text” that “risks undermining the protection of citizens and enterprise data across Europe”. In contrast, the BSA “welcomed” the European Parliament’s E-Evidence draft report, considering that it “introduces much clearer liability rules for companies complying with the Regulation, strengthens the fundamental rights protections of EU citizens, and ensures that cooperation between law enforcement agencies and technology providers is fostered and balanced”. Similarly, a recent joint industry/NGOs statement offered strong support to Sippel’s Report.

If Sippel’s Report is “good for human rights” and “good for service providers”, the big question is whether it might also become acceptable for law enforcement authorities. The double notification mechanism introduced by Sippel does not affect the timeframes proposed initially by the Commission and the Council for the production of data (10 days in normal situations, 6 hours – extended to 24h by Sippel – in cases of emergency). These notification mechanisms create nonetheless a bureaucratic burden and additional responsibilities for the issuing State, the executing State and the affected State. Some modifications and adjustments will be necessary in order to make this system less burdensome for the States concerned, and especially for the executing State. Still, it remains to be seen if these States will accept to play the “responsibility to protect” role envisioned for them by Sippel.

The author will like to thank all the persons who contributed comments to a previous draft of this article, and especially Karine Bannelier, Vanessa Franssen, Ken Propp and Peter Swire. The views expressed in this article are entirely the author’s.

VERFASSUNGSBLOG : 1460 Days Later: Rule of Law in Poland R.I.P. (Part I and II) Laurent Pech, Patryk Wachowiec Mi Jan 2020

SEE : Pech, Laurent; Wachowiec, Patryk: 1460 Days Later: Rule of Law in Poland R.I.P. (Part II), VerfBlog, 2020/1/15, https://verfassungsblog.de/1460-days-later-rule-of-law-in-poland-r-i-p-part-ii/.

On 13 January 2016, exactly four years ago today, the Commission activated its rule of law framework for the very first time with respect to Poland (for our previous 2-part post assessing the situation as of 13 January 2019 see here).

During this time, Poland has become the first EU Member State:

  • to be threatened with the payment of a penalty payment of at least €100,000 per day should it continue to ignore an interim order adopted by the ECJ in July 2017;
  • to be subject to the exceptional procedure laid down in Article 7(1) TEU in December 2017;
  • to have seen its newly “redesigned” National Council of the Judiciary suspended from the European Networks of Councils for the Judiciary for its lack of independence in August 2018;
  • to have seen its self-described “judicial reforms” provisionally suspended by the Court of Justice via two interim orders in October and December 2018;
  • to have been found by the Court of Justice to have failed to fulfil its Treaty obligations under the second subparagraph of Article 19(1) TEU not once but twice in June and November 2019;
  • to have been referred to the Court of Justice by the Commission for making it possible to subject ordinary court judges to disciplinary investigations, procedures and sanctions on the basis of the content of their judicial decisions, including the exercise of their right under Article 267 TFEU to request preliminary rulings from the Court of Justice.

As if to outdo itself when it comes to annihilating judicial independence, Poland’s ruling party has rushed an unprecedented piece of legislation last month. This bill “raises the question of whether Poland wants to remain in the EU” by forcing non-compliance with EU rule of law requirements and strengthening an arbitrary disciplinary regime which has already enabled a multitude of kangaroo disciplinary proceedings against any judge at any point in time for as long as needed from the point of view of the ruling party.

As recently and accurately observed, “no member state in the history of the EU has ever gone as far in subjugating its courts to executive control as the current Polish government. The Polish case has become a test whether it is possible to create a Soviet-style justice system in an EU member state; a system where the control of courts, prosecutors and judges lies with the executive and a single party”.

This (two-part) post will highlight the main developments, primarily from the point of view of EU law, which took place in 2019. The most noteworthy one is the Court of Justice’s two infringements rulings which have found Poland to have violated the principles of the irremovability of judges and judicial independence and the Court of Justice’s first preliminary ruling regarding the so-called “Disciplinary Chamber” of Poland’s Supreme Court. The latter ruling has proved particularly impactful as it has directly led a not-yet-captured chamber of Poland’s Supreme Court to find the Disciplinary Chamber not to constitute a court within the meaning of EU and Polish Law. These two rulings have led in turn Polish authorities to put forward what may be described as a “de facto Polexit bill”.

This means that the warning addressed to the new President of the European Commission last month by multiple NGOs and scholars remains more valid than ever: “The attacks on judicial independence we are witnessing in Poland are unprecedented in the history of the EU and legal chaos is bound to ensue and spread because Polish authorities are openly and purposefully ignoring their duties and obligations as a matter of Polish as well as EU law. If not promptly addressed through interim measures, we have no doubt this will mark the beginning of the end of the EU’s common and interconnected legal order.”

It is time for European and national actors to WAKE UP and realise we may soon reach a tipping point, with the EU’s interconnected legal ecosystem facing a medium-term risk of collapse due to the premeditated and ongoing “destruction of the independence of the judiciary” we are witnessing in Poland, a process which seems to be inspiring an increasing number of national governments with exhibit A being Orbán’s Hungary.

1. Going M.I.A. in 2019: The Council

Before outlining the Court of Justice’s decisive contribution in 2019, one may note the Council’s failure to organise any Article 7(1) TEU hearing in respect of Poland since it held one in December 2018. One should not understand the lack of any Article 7(1) hearing as meaning that the Commission’s Article 7(1) recommendations have been met. Indeed, not a single one of them has been fully implemented by Polish authorities. In fact, the situation is worse than ever, which is why the Commission had no choice but to conclude in February 2019 that due to “the cumulative effect of the recent changes affecting the judiciary”, which “are limiting its independence” and “infringing upon the separation of powers”, the executive and legislative powers can now “interfere throughout the entire structure and output of the justice system”.

You have read this correctly: Poland’s executive and legislative powers, de facto controlled by Poland’s de facto Great Leader, can now interfere at will with the functioning and outputs of Polish courts (one may note in passing that the Commission’s diagnosis confirms the ill-advised nature of the so-called Celmer test devised by the ECJ as we noted last year). This interference is now happening openly, through disciplinary charges or administrative measures, such as early dismissals from secondment or temporary suspension by captured presidents of courts, but also more indirectly by putting pressure on judges not to adjudicate in a certain way whenever the interests of the ruling party demand it.

What has the Council done to address the situation? Not much or rather, as little as possible. Two explanations may be advanced: the Romanian government, in charge of the rotating presidency of the Council, was too busy undermining the rule of law in Romania to organise a hearing while the otherwise very active Finnish Presidency did not want to be seen as interfering with Poland’s parliamentary elections of October 2019, which is why it prioritised the organisation of the first Article 7(1) TEU hearing held in respect of Hungary in September 2019 followed by another one in December 2019.

In concrete terms, this means we only saw the Commission give a few updates on the rule of law situation in Poland during the past 12 months: 

18 February 2019: The Commission provided the Council with an update on the latest developments regarding judicial reform in Poland. Member states considered that recent legislative changes concerning the Supreme Court law were a positive development and encouraged the Polish authorities to address the remaining issues raised by the Commission.

9 April 2019: The Commission provided an update on the state of play in relation to Poland.

18 July 2019: The Council took stock of the state of play as regards the rule of law in Poland in the light of recent developments, in particular the judgment of the European Court of Justice on Poland’s Supreme Court law.

16 September: The Commission updated ministers on the developments regarding the rule of law in Poland following the meeting of the General Affairs Council in July.

10 December 2019: The Commission updated ministers on the latest developments, including the recent judgments of the European Court of Justice concerning Polish rules on the retirement age of judges and public prosecutors and the new Disciplinary Chamber of the Polish Supreme Court.

Beyond the issue of the two rotating presidencies of the Council’s own priorities, it would appear that an additional pretext was used by some EU governments to justify their not untypical torpor: the alleged need to wait to see how Polish authorities would comply (or not) with the Court of Justice’s forthcoming infringement and preliminary rulings considering the increasing number of pending cases before the Court, and which directly or indirectly raise most of the issues highlighted in the Commission’s Article 7(1) reasoned proposal.

As we shall now see, Polish authorities have only publicly accepted to comply with the Court’s two infringement rulings to date primarily because these rulings did not prevent them from progressively capturing the Supreme Court from within. As soon as the Court of Justice provided an interpretation of EU law which led a not-yet-captured chamber of Poland’s Supreme Court to find unlawful two of the sham bodies established or captured by the ruling party (i.e. the “Disciplinary Chamber” of the Supreme Court and the ENCJ-suspended National Council of the Judiciary), a new bill was put forward to organise and legalise non-compliance with the judicial independence requirements established in EU law, in obvious breach of both the Polish Constitution and the EU Treaties.

2. The Court of Justice’s entrée en piste

As of today, two infringement rulings – Case C-192/18 and Case C-619/18 – and one preliminary ruling – joined Cases C-585/18, C-624/18 and C-625/18 – have been issued by the Court of Justice. In addition, one infringement case regarding Poland’s new disciplinary regime for judges (C-791/19) and, to the best of our knowledge, eighteen requests for a preliminary ruling raising judicial independence issues, are now pending before the Court.

The two infringement rulings previously mentioned went against Poland, which was not in the slightest surprising considering the obvious arbitrary nature of the changes pushed by Polish authorities regarding the retirement regime of Polish Supreme Court judges, Polish ordinary court judges and public prosecutors. These infringement rulings having been analysed elsewhere (see e.g. here and here), let us just emphasise how they show the lack of good faith of Polish authorities when it comes to the real reasons underlying their so-called “reforms”. Indeed, while members of Poland’s ruling party have been keen to constantly emphasise the need to “decommunise” the judiciary (even claiming that younger judges educated post 1989 would allegedly follow the behavioural patterns of their older, allegedly “communist”, colleagues), the justifications put forward before the Court to justify the retirement “reforms” were of a different nature. For instance, the lowering of the retirement age of Supreme Court judges to 65 was allegedly needed to standardise their regime “with the general retirement age applicable to all workers in Poland” while in the case of female ordinary court judges, Polish authorities explained the lowering of their retirement age to 60 (from 67) “on account of their particular social role connected with motherhood and child raising”.

With respect to the Supreme Court, the Court observed, in a highly unusual fashion but commensurate to the Polish government’s bad faith, that the “explanatory memorandum to the draft New Law on the Supreme Court contains information that is such as to raise serious doubts [our emphasis] as to whether the reform of the retirement age of serving judges of the Sąd Najwyższy (Supreme Court) was made in pursuance of such objectives, and not with the aim of side-lining a certain group of judges of that court [our emphasis]”. The Court therefore had no choice but to conclude that Polish authorities did not pursue a legitimate objective when they sought to lower the retirement age of the Supreme Court judges in post prior to the adoption of the law in dispute. Similarly, the Court of Justice found the new Polish rules relating to the retirement age of judges of ordinary courts and public prosecutors, adopted in July 2017, to be in violation inter alia of the principle of irremovability of judges, which is inherent in judicial independence.

In another seminal (preliminary) ruling (analysed e.g. here and here), the Court of Justice meticulously explained how the referring chamber of Poland’s Supreme Court can ascertain whether the so-called Disciplinary Chamber (hereinafter: DC) – which is also one of the problems highlighted by the Commission in its Article 7(1) reasoned proposal –  is sufficiently independent to constitute a court within the meaning of EU law. In the same preliminary ruling, the Court also explains how to ascertain the independence (or lack thereof) of the new National Council of the Judiciary (hereinafter: NCJ) – another body which has been highlighted as problematic by the Commission and many other organisations. Overall, the ECJ’s interpretation makes it implicitly obvious that neither the DC nor the NCJ satisfy the basic requirements of independence established by EU law, as previously made explicitly clear by Advocate General Tanchev.

Unsurprisingly, therefore, the referring court (the Labour and Social Security Chamber of the Supreme Court) subsequently found on 5 December 2019, on the basis of a meticulous and compellingly argued judgment, that the neo-NCJ does not offer a sufficient guarantee of independence from the legislative and executive authorities before ruling that the “Disciplinary Chamber” does not constitute a “court” within the meaning of EU law and therefore not a court within the meaning of Polish law as well.

With respect to the neo-NCJ, one may recall that it has been suspended from the ENCJ since August 2018 and that it was not merely established in breach of the Polish Constitution but also most likely unlawfully constituted on the basis of the 2017 (unconstitutional) law which changed the appointment procedure for the judicial members of the NCJ while also providing “for the early termination of the mandate of all judicial members on the Council”. To put it simply, it is likely that the judicial members of the NCJ were not supported by the required number of judges provided by the new (unconstitutional) law and/or only supported by each other or judges seconded to the Ministry of Justice. This is likely the reason why national authorities have openly ignored (you read that correctly) a final ruling from the Supreme Administrative Court ordering the Sejm to disclose the names of the judges supporting the NCJ candidates.

This blatant but far from unique violation of the most basic understanding of the rule of law by Polish authorities was rightly deplored by the Supreme Court in its judgment of 5 December 2019 which applied the ECJ preliminary ruling of 19 November 2019.

3. Problems left unaddressed by the Court of Justice’s rulings to date

Notwithstanding the seminal and welcome rulings issued this year by the Court of Justice, a number of important and urgent issues have been left unaddressed. This is not to say, however, that the Court of Justice is necessarily at fault as e.g. the Court cannot approve interim measures if it does not receive an application from the Commission as it did in the case relating to the independence of Poland’s Supreme Court and most recently in the case relating to the Disciplinary Chamber.

To begin with, the situation has not improved one iota as far as the (captured) Constitutional Tribunal (hereinafter: CT) is concerned. Despite a sharp decline in the number of cases submitted to it due to the widespread concerns about its lack of independence, the CT is fully operating and continuing to pretend to be a court. Last October, it even acted like a truly “European” court by declaring, for the first time, that a statute is not consistent with the TFEU (case P 1/18). This may be viewed positively at first sight but it should not be. Indeed, what we have here is a body masquerading as a court enforcing EU law (but only when it suits the ruling party) whereas according to the Commission itself, there is no longer any effective constitutional review in Poland following the failure of Polish authorities to take any steps with the view of restoring the independence of the CT. In addition to this damning diagnosis, one may refer to a series of letters to the (unlawfully appointed) “President” of the CT by a fellow judge. These letters offer multiple examples of obvious abuse of power such as an arbitrary allocation of cases to please the ruling party, an arbitrary make-up of judicial panels as well as an arbitrary (and unconstitutional) prohibition of dissenting opinions. To put it concisely, the time for an infringement action directly targeting the captured CT has come considering the damage it has done and its role when it comes to giving a veneer of legality to fellow sham bodies such as the Disciplinary Chamber (DC) and the National Council of the Judiciary (NCJ).

Speaking of the NCJ, people may be surprised (or not) to learn that it is continuing to function in a “business as usual” fashion notwithstanding the ruling of the Supreme Court of 5 December 2019 finding it to lack sufficient independence from legislative and executive authorities. In addition, some of its members have been busy spreading falsehoods about the content and binding nature of the ECJ preliminary ruling of 19 November 2019. Since its (unconstitutional) establishment on the back of the premature termination of the four-year term of office of its previous members, the neo-NCJ has recommended more than 650 individuals to be appointed as judges or for promotion. Its enthusiastic participation in the (unconstitutional) attempted purge and simultaneous court-packing of the Supreme Court has been well documented, not least by the European Commission. Furthermore, it was revealed last August that some NCJ members secretly took part in a smear campaign targeting judges, including the First President of the Supreme Court (alleged members of what has been described as a “troll form” have of course denied the allegations). As of today, we are still waiting for meaningful investigations and sanctions but how can one hope for any given that “it is clear that the alleged smear campaign was organised from within the Ministry, with the involvement of high ranking officials in the Ministry and National Council of Justice”, with the investigations undertaken by the NCJ and the prosecution service which is controlled by the Minister of Justice, the alleged main guilty party.

Similarly, the two captured chambers of Poland’s Supreme Court – the DC and the Extraordinary Control and Public Affairs Chamber – continue to function and continue to pretend to be independent judicial bodies. To give a veneer of legality to their existence, they have involved the captured CT by requesting it confirm the constitutionality of their status and deliberately referring cases to extended panels within them (7 “judges” or the whole chamber) in order to make their “judgments” more difficult to overrule as other benches, composed of 3 judges, normally need to refer cases to even bigger formation should they wish to override it. The “judges” belonging to the Disciplinary Chamber also did not shy away from self-certifying themselves. In April 2019, they adopted a resolution proclaiming that their appointment is lawful and that the ENCJ-suspended NCJ was similarly established in a lawful manner as confirmed by the ruling of the (unlawfully composed) panel of the CT. They must not be aware of the nemo judex in causa sua principle among other basic legal principles.

To complete our brief outline of the yet to be addressed issues by the ECJ (but a third infringement action is now pending before it), the overall operation of the new disciplinary system needs to be mentioned. While an alleged involvement in a smear campaign organised by the Ministry of Justice will not cause you any major inconvenience (disciplinary or otherwise), multiple judges have faced disciplinary charges for such “major crimes” as seeking to implement the Court of Justice ruling of 19 November 2019, being publicly critical about the so-called “judicial reforms” and “their effect on judicial independence”, or, even more alarmingly, for the content of the “decisions they have taken when adjudicating cases”. Yes, we are talking about a Member State of the EU in 2019 and not the Soviet Union. This is why, one may note in passing, that the analysis of Advocate General Tanchev in Miasto Łowicz and Others (C-558/18 and C-563/18) may appear excessively formalistic and disconnected from the reality on the ground. As noted in a recent and worth reading report by two members of the Council of Europe’s Parliamentary Assembly:

A key issue of concern is the fact that after prosecutors and judges have been informed by the Disciplinary Inspectors that a disciplinary investigation has been started against them, these investigations often continue indefinitely without formal disciplinary charges being brought [our emphasis] before the relevant disciplinary chambers … The Chairperson of the National Council of the Judiciary informed us that, in the last year and a half, 1174 disciplinary investigations were started. Only in 71 instances had disciplinary cases been opened … Irrespective of the small number of actual disciplinary cases opened, the large number of investigations started by disciplinary officers directly accountable to the Minster of Justice, and the time it takes to close these investigations, if at all, clearly has a chilling effect on the judiciary and affects their independence.

This is now the reality of the state of the rule of law in Poland. It is to be hoped that the ECJ will not exclusively focus on whether formal disciplinary charges have been brought but instead take full account of the overall context and the impact of the multiple (kangaroo) disciplinary investigations leaving judges and prosecutors the ruling party has targeted in a “precarious limbo” as they are being investigated without “being able to defend themselves”.

4. Going for broke: The “de facto Polexit” bill

Having initially reacted positively to the Court of Justice’s ruling of 19 November 2019 – according to the Minister of Justice/Prosecutor General, the Court’s ruling was a “great defeat for the extraordinary caste” – representatives of the ruling party and members of the bodies concerned by the Court’s judgment (the DC and NCJ) quickly changed tack when they finally understood that the Court’s reasoning had to lead the referring court to find both the DC and NCJ as lacking basic guarantees of independence.

Another important aspect of the Court of Justice’s ruling, not widely noted, is that “the EU test for the ‘appearances’ of independence can now be applied by ‘old’ Supreme Court judges also to assess the independence of the Chamber for Extraordinary Control and Public Affairs, the second chamber set up in the same way, from scratch, by the ruling parliamentary majority”.

This led the ruling party, following their usual modus operandi, to rush a new piece of legislation via some acquiescent MPs although the wording of the bill and the explanatory memorandum attached to it make it obvious that the bill was drafted in the Ministry of Justice. The purpose of this modus operandi is evident: to circumvent public consultation and prevent a meaningful parliamentary and public debate.

According to the initial version of the bill, it would be a disciplinary offence inter alia to disregard a provision of Polish law in a situation where its non-compliance with the Constitution (which has been violated on multiple occasions by members of the ruling party, not least the Polish President) has not been not confirmed by the (captured) CT. To put it bluntly, the ruling party “wants to force judges not to assess the conformity of the laws passed by the current authority on their own or through legal questions to the Supreme Court or the CJEU, with the Constitution or European law, under the threat of a penalty”.

Other provisions of the bill are similarly alarming. For instance, the proposal aims to prohibit judges from discussing “political matters” or engaging in activities or omissions which would allegedly undermine the functioning of the judiciary or more generally the functioning of Polish authorities and Poland’s constitutional bodies. This was defended inter alia on the ground that French law would similarly restrict the freedoms of expression and of association of French judges. As demonstrated here, this is pure, and deliberately misleading nonsense.

Another worth noting provision, which is so typical of the institutional capture strategy pursued by Poland’s ruling party, aims to secure the speedy replacement of the current First President of Poland’s Supreme Court when her term of office expires next April. According to the contemplated new three-step procedure, the General Assembly of Supreme Court judges, whose task is to present candidates for this post to the President of the Republic, must consist of at least 84 out of 110 judges. If this quorum is not met, the second meeting must be held with a presence of 75 judges while the third must include not less than 32 of them. The bill also gives each judge of the Supreme Court a right to propose one candidate for the said position.

Bearing in mind that at least 43 nominees of the (unlawfully operating) neo-NCJ are members of the Supreme Court, the new procedure virtually guarantees that the post will fall to one of (the ruling party’s) chosen ones. And should the said procedure fail, which is unlikely but better safe than sorry as the saying goes, the President of the Republic will be given an exclusive right to appoint an interim First President. In other words, it is only a matter of time before the ruling party captures the Supreme Court as a whole as it has already captured the CT and the NCJ, but also the Supreme Administrative Court. Indeed, and for the first time since the beginning of the rule of law crisis, the bill also targets the Supreme Administrative Court with the Polish President being given once again the exorbitant power to decide the new rules of procedure of that court.

The bill contains so many outrageous provisions and laughable claims – for instance the bill claims to be mindful of the need to protect the principle of irremovability of judges by which one should of course understand the irremovability of individuals whose appointments are legally tainted due to the unlawful character of the NCJ – it is difficult to be concise. Space constraints precluding further details here, we will refer readers to Professor Marcisz’s analysis:

The provisions in the bill are all designed as an assault on judicial independence. They aim at crushing the opposition against previous illegal reforms among the judiciary. No need to discuss their details: res ipsa loquitur. The bill is blatantly unconstitutional but without a functioning Constitutional Court it does not matter much. It is also contrary to EU law. Not only does it infringe the judicial independence … but also the principle of primacy of EU law.

It was good therefore to see Vice-President Jourová making clear her multiple concerns in a letter to the Polish authorities on 19 December 2019. However, if there is anything the last four years should have taught the Commission is that Polish authorities are never acting in good faith and will not shy away from deliberately and repeatedly violating the principle of loyal cooperation in order to create faits accomplis. The Commission should face up to this unfortunate reality and stop wasting time by repeatedly trying to “engage in a constructive dialogue” with a repeated offender.

What is needed from the Commission is strong leadership via concrete deeds. In this respect, European Commission Vice President Věra Jourová and the European Commissioner for Justice Didier Reynders must be commended for their leadership. The Commission’s decision “to ask the Court of Justice to impose interim measures on Poland, ordering it to suspend the functioning of the Disciplinary Chamber of the Supreme Court” on the back of the pending infringement case 791/19 was an absolutely essential step to take at this point in time. As accurately noted by the Commission, Polish authorities’ refusal to comply with the ECJ ruling of 19 November 2019 and the subsequent ruling of the Supreme Court of 5 December 2019 has created “a risk of irreparable damage for Polish judges and increasing the chilling effect on the Polish judiciary”.

In addition, the Commission should stand ready to launch a fourth infringement action modelled on the infringement action initiated against the attempted purge of the Supreme Court as soon as the pending bill is adopted (and to shorten pre-litigation stage as much as possible so as not to let Polish authorities capture the Supreme Court in the meantime). As for national governments who care about the rule of law, they should systematically join pending proceedings and should the Commission fail to act promptly, they should stand ready to put their money where their mouth is and initiate rule of law infringement actions on the basis of Article 259 TFEU.

5. A fictional country or an EU Member State in 2020?

Imagine a country where national authorities (non-exhaustive list below):

This country is not a fictional one. This country is now Poland under the Soviet-style moniker of the mislabelled “Law and Justice” party.

As accurately observed on 16 October 2019 by the First President of Poland’s Supreme Court: “The end result is that the rule of law in Poland is not simply at risk: it is being erased.” 

Writing a year ago, we warned that the situation in Poland “has deteriorated further to the point of threatening the functioning of the whole EU legal order and therefore, the future of the EU’s internal market itself.” This is no longer a mere threat but a clear and present danger. Poland should now be considered, to borrow an expression from the financial world, as a country in default from a rule of law point of view. EU institutions and EU Member States will soon have to decide on the nature of their losses: Sacrifice their good relations with Polish national authorities or sacrifice the EU legal order.

Stalling for time would be irresponsible. On current trajectory, it is only a matter of time before Poland’s rule of law default eventually triggers a knock-on process of legal disintegration.

Transforming the EU in a freedom security and justice area: first Council ideas for a Strategic Agenda (2019-2024)

This is a joint discussion paper for both justice and home affairs submitted by the Croatian Presidency to the other delegations and to be debated at the Informal JHA Council in Zagreb on January 23rd-24th

Working  Session  I.

Looking ahead to the area of freedom, security and justice

In June 2019, the European Council adopted the Strategic Agenda 2019-2024 to guide the European Union’s work in the next five years. Its first priority, ‘protecting citizens and freedoms’, is particularly relevant for Justice and Home Affairs, as is its second priority on the ‘economic base’ and the ‘European model for the future’.

As indicated in the concluding section of the Strategic Agenda, the Council is to integrate these priorities into its work.

The first step in the implementation of the Strategic Agenda in the field of JHA was a reflection process initiated by the Romanian Presidency and further developed by the Finnish Presidency.

Several important debates have taken place at preparatory and ministerial level on the basis of reflection papers covering a wide range of JHA topics.

The Finnish Presidency wrapped up this important work in December 2019.

The outcome of this extensive process and the numerous projects that emerged from it are reflected in various documents addressed to all Member States and the Commission by our Finnish colleagues.

The Croatian Presidency has inherited the results of this reflection process and considers it essential to continue looking ahead and start preparing the ground for strategic guidelines under Article 68 TFEU2 which will take forward the Strategic Agenda and facilitate its implementation.

The first topic mentioned in the Strategic Agenda refers to fundamental rights, the protection of our democratic and societal models and the rule of law. Hence, a priority for our future work should be values and the rule of law.

The Strategic Agenda also mentions our common values as ‘the foundation of European freedom, security and prosperity’. Debates within the Council have demonstrated a growing   concern that respect for these values is being challenged.

This hampers the proper application of EU law and instruments that are based on mutual recognition.

The second priority could therefore be to find ways of restoring mutual trust.

The third topic developed in the Strategic Agenda relates to the integrity of our territory, understood to mean control of our borders, the development of a functioning migration policy, and the fight against terrorism and cross-border crime.

A third area for consideration could thus be protecting the integrity of our common European space.

Finally, the first part of the Strategic Agenda mentions the need to protect our societies from malicious cyber activities and acknowledges the critical importance of more cooperation, more coordination, more resources and more technological capacities.

In addition, the second part, related to economic development, refers to the digital transformation and the need to shape our policy in a way that embodies our societal values, promotes inclusiveness and remains compatible with our way of life. We would therefore suggest that the fourth priority should be to find ways of mastering artificial intelligence and new technologies.

To inform our discussion, you will find attached a thematic annex which covers, for ease of reference, most of the policy areas explored in the reflection process conducted by previous presidencies.

As we try to identify possible ways forward in our policy field, the Croatian Presidency suggests organising our discussions around these four cross-cutting issues and focusing our attention on how to organise our work, tools and structures to achieve our common objectives.

Ministers are invited to discuss how these four cross-cutting issues (values and rule of law, mutual trust, protecting our common European space, and new technologies) can be best addressed in order to deliver on the Strategic Agenda and the priorities developed in the thematic annex.

ANNEX

Developments in the area of freedom, security and justice for the period 2019-2024

Introduction

Following the Treaty on the European Union (the Maastricht Treaty, signed in 1992), justice and home affairs became one of the three pillars of the European Union.

The Schengen Agreement (1995) and the Treaty of Amsterdam (1997) emphasised the importance of cooperation and exchange of information among Member States’ justice and law enforcement authorities with the aim of creating an area of freedom, security and justice.

Moreover, the Tampere Programme (European Council conclusions of 1999) and the Hague Programme laid the foundations of the common European Justice and Home Affairs policy, including the cornerstones of cooperation with third countries and the future European judicial area.

Following the institutional changes introduced by the Treaty of Lisbon in 2009, the Member States adopted the Stockholm Programme (2009-2014), which highlighted the significance of European policies for European citizens, particularly in the following areas: rights of citizens, rule of law and justice, internal security (combating terrorism, law enforcement and disaster management, management of the external border and visa policy, migration and asylum (including integration) and the external dimension of the area of freedom, security and justice).

In its conclusions of June 2014, the European Council established, on the basis of the values defined in the Stockholm Programme, the strategic guidelines for legislative and operational planning in the area of freedom, security and justice (for the period 2014-2019).

On 20 June 2019, the European Council adopted the new Strategic Agenda 2019-2024, which, among other goals, emphasises the importance of protecting citizens and freedoms and promoting European interests and values on the global stage.

Accordingly, the Croatian Presidency recognises the importance of the prompt adoption of the strategic guidelines through which the Member States will pave the way to the implementation of further policies in the field of justice and home affairs, with the aim of creating an environment of the European Union as an area of freedom, security and justice.

Looking ahead to the area of freedom, security and justice

Criminal justice

The Strategic Plan for the Union (2019-2024) clearly confirms the aim of strengthening the fight against terrorism and cross-border crime, as well as improving cooperation.

The emphasis in this area will be on improving the implementation of existing instruments and filling gaps in the legislative framework where they exist.

Also, in the coming period it will be necessary to work on strengthening mutual trust between the Member States, which is key to successful judicial cooperation, as well as on developing networks and fostering coordination and synergies between them.

In the coming period, it is important to work on improving the existing acquis in the area of substantive criminal law, and to develop it cautiously, where necessary.

The EU’s ability to develop new acquis in this area must enable common solutions to common challenges, based on the real needs of the EU.

This is relevant to the extension of the competence of the EPPO as well.

Further development of victims’ rights should be approached in a systematic and holistic manner, taking into account the need to secure and/or strengthen all aspects of their protection.

Civil justice

In the coming period, it is necessary to continue with development of judicial cooperation in civil matters, with a focus on citizens, enabling faster and cheaper justice for citizens and businesses in the EU. The implementation of European Union instruments needs to be strengthened to this end.

Legal certainty and prosperity of citizens and businesses must be a guiding principle for future legislative initiatives in civil and commercial law at EU level.

In this sense, effective access to justice is a precondition for economic growth and development, and thus the development of society in general.

Accordingly, all new legislative developments must be based on the practical needs of citizens and businesses, and on evidence of clear added value.

Work needs to be done to strengthen the single market, whose backbone is formed by    SMEs, and it is necessary to secure fair competition and promote fairness and legal certainty in business relations.

It is also necessary for the EU to continue to protect citizens and families in cross-border situations.

One of the aspects of modernisation of the judiciary, which must respond to the needs and trends of modern times, is the further development and application of alternative dispute resolution, including online, bearing in mind its effectiveness, speed and acceptability to the parties.

Judicial training

Judicial training was recognised as an important prerequisite for establishing a unified European judicial culture and for the proper application of EU law.

Therefore, in the forthcoming period, it will be necessary to continue to invest effort both in expanding the content of training and in improving the quality of learning about EU law through sustainable funding, consistent programmes, an enlarged scope to include all judicial professions as well as, for example, familiarisation with the practice of European courts through internships, and further use of modern learning techniques and further linguistic training.

A modern judiciary

The progress and modernisation of the judiciary must, in the coming period, be a particular focus of our activities and be in line with the progress of the European Union as a whole.

The modernisation of the judiciary will make it more effective and also facilitate access to justice for both natural and legal persons. Therefore, the modernisation of the judiciary should continue to be developed through the additional improvement of IT tools/systems, and the introduction of the use of digital technologies into the acquis as a shared standard in its application and thus a key component of efficient digitalised justice systems in the EU.

It will also be necessary to work on interconnection and interoperability between Member States’ systems. Particular emphasis in this respect should be placed on the development of artificial intelligence.

Protection and promotion of common values, including fundamental rights, the rule of law and democratic values

Ensuring continuity in protecting the fundamental values of the European Union – respect for human dignity and human rights, freedom, democracy, equality and the rule of law – will continue to be crucial to the democratic functioning of the European Union and the protection of all its citizens, as well as the reputation and acknowledgement of the European Union in the world.

In this context, the European Union, with the ongoing task of upholding and promoting these values, must be capable and respond to threats to them within the European Union, always in an effort to maintain the unity of the European Union and its Member States.

In addition, the phenomenon of hate speech and large-scale disinformation will have to be addressed, and further efforts should be made to protect vulnerable groups.

The external dimension of the judiciary

Co-operation with third countries and international organisations is important for a number of reasons. Namely, the European Union can, through the external dimension of the judiciary, contribute to a more uniform legal framework in the international setting, which contributes to the overall economic progress of the European Union, the successful fight against crime and terrorism, and also the protection of human rights.

Furthermore, the European Union can be an ‘exporter’ of its own values, many of which are reflected in the judiciary – for example, the independence of the judiciary. The latter is particularly important in relations with candidate countries for EU membership.

Efficient control of external borders and a return to the proper functioning of the Schengen area

Strong and reliable external border protection, efficient return of irregular migrants and strict implementation of other relevant tools contributing to successful and comprehensive migration management are the key prerequisites for a return to a properly functioning Schengen area and for the overall security of the European Union.

With the aim of meeting these goals, the Member States need to invest further efforts to establish a fully operational European Border and Coast Guard, which should reach its target capacity of 10 000 border guards as soon as possible, and at the latest by 2024.

In parallel, more determination is required in order to implement the status agreements in the countries of south-east Europe, which will enable the exercise of the Agencies’ external competences in this region.

Together with the full operationalisation of the European Border and Coast Guard and  efficient returns, Member States need to continue work on efficient and timely implementation of the interoperability legislative framework, ensuring that the synergy of all these measures will lead to well-protected external borders and subsequent restoration of a genuine Schengen area. In doing so, the Member States should strive to improve their cooperation with third countries and invest greater effort in restoring mutual trust.

A comprehensive and functional migration policy

Proactive migration management calls for comprehensive action-taking on all levels and a truly European approach based on responsibility and solidarity. The focus must be on all   migratory routes, particularly land routes, which directly influence the security of the EU external border.

Establishment of a functional, humane and resilient asylum system, as an inevitable part of a comprehensive migration policy, should be based on joint obligations and fair burden-sharing among the Member States. Such an approach is the only way for the Member States to fulfil their obligations towards those who are truly in need of international protection.

It is also crucial in this context to establish a system for the quick return of those who have no right to stay in the European Union. Thus, the list of safe third countries and the list of safe countries of origin should be urgently adopted.

Along with these measures, establishing pathways for legal migration to the European Union is becoming increasingly important. Legal manners of arrival, including resettlement, reduce the incentive to use smuggling routes to Europe, protect human life and dignity and have multiple benefits for our societies and economies.

Therefore, our cooperation with partner countries should be the main tool for tackling the root causes of illegal migration, providing assistance to refugees, managing mixed migration flows, combating smuggling and document fraud, ensuring efficient readmissions and providing tailor-made legal pathways.

A Europe that protects a safe Union

The security environment of the European Union has changed drastically in the past few years. Therefore, we need to aim to build an efficient and genuine Security Union, capable of responding to the threats of the new age and protecting our children, citizens and societies.

The main challenges we need to deal with are those of a cross-border nature, such as terrorism, organised crime and cybercrime, but also other forms of unacceptable behaviour that could undermine our common security and the values of our societies – child sexual abuse, hate speech, radicalisation leading to violent extremism and intolerance.

In the years to come, no efforts should be spared in tackling the dissemination of terrorist content and child sexual abuse material online, protecting public spaces and addressing the proliferating challenge of hybrid threats that attack the heart of our democracies and endanger our critical infrastructure.

Thus, along with the swift implementation of legislative acts in the field of border protection, exchange of data among law enforcement bodies, firearms, explosives, financing of terrorism and interoperability, we have to strive for adequate legal and technological solutions for the use of artificial intelligence and other new technologies that take into account the protection of personal data and privacy, meet the highest standards of security of information systems, and are defined by ethical boundaries.

Finding the right answers to such a wide spectrum of security challenges should also be complemented by efforts to increase the EU’s resillience against both natural and man-made disasters. Unfortunately, the European Union is facing a great number of frequent and complex disasters which cause loss of human lives and other adverse consequences for our citizens, economies, communities and environment.

It is therefore crucial to keep on building capacities at both national and EU level in order to prevent or to decrease the possibility of disasters. However, being aware that not all disasters can be prevented, we need to continue to work on strengthening our national and common EU reactive capacities in order to be able to save as many lives as possible and to recover from the consequences of various disasters in the shortest possible period.

Investing in our capacities to face the security challenges of the digital age

Responding properly and in a timely manner to such diverse and complex security challenges requires that our police, border, asylum and customs services are well-equipped, and that the legal framework in place provides for their successful mutual cooperation, as well as for cooperation with the relevant EU agencies.

Therefore, in the next five years, Member States will work hand in hand in order to successfully implement the adopted legal acts in a timely manner and to fill legal gaps where they exist. To this end, the swift adoption and implementation of the proposed Regulation on preventing the dissemination of terrorist content online is a key priority.

Furthermore, Member States will insist that sufficient EU funds within the next multiannual financial framework will be allocated to upgrading the technical capabilities, human resources and expertise of all relevant actors whom we expect to play a vital role in ensuring our security in the digital age. It is necessary to ensure practical uptake of the outcomes of research and innovation, and thus coordination between Horizon Europe and other European financial programmes. Due to the economies of scale and the need to provide all EU Member States with the same level playing field, it is advisable to opt for concentrated investments related to the innovation and development of artificial intelligence in the domain of security and migration to make the outcome accessible and available to all Member States.

Therefore, the JHA Agencies, in particular the European Innovation Lab within Europol, should play a central role, taking into account the concentrated knowledge, expertise and secure environment at their disposal. Furthermore, private business should be involved throughout the process, and public-private partnerships should be promoted.

Lutte contre la criminalité et le terrorisme : un meilleur accès aux preuves électroniques, mais à quelles conditions ?

La proposition de la Commission européenne sur la preuve électronique a pour effet de priver les autorités publiques des Etats membres de leurs prérogatives régaliennes et de doter les fournisseurs de services de compétences quasi-judiciaires

Dans une tribune parue dans le journal Le Monde le 27 novembre dernier un collectif de procureurs européens a appelé les législateurs nationaux à adopter la proposition de la Commission européenne relative à la preuve électronique (e-evidence).

Le souhait émis par les cosignataires de la tribune est totalement légitime, s’agissant de représentants du ministère public qui agissent au nom de l’État et défendent ainsi les intérêts de la société : le développement du monde numérique dans tous les aspects de nos vies quotidiennes impose des ajustements dans tous les domaines, y compris celui de la justice. L’accès aux informations électroniques est devenu une nécessité incontournable dans la plupart des affaires pénales, qu’elles soient liées au terrorisme ou non, et cet accès dépend du lieu d’établissement du fournisseur de services. 

Accéder plus facilement aux fournisseurs de services doit-il cependant conduire à une remise en cause des principes fondamentaux sur lesquels reposent nos systèmes judiciaires nationaux ? C’est ce que semble penser la Commission, qui envisage dans sa proposition de règlement une coopération directe en matière pénale entre les autorités compétentes d’un Etat membre et un fournisseur de services établi ou représenté dans un autre Etat membre, sans même devoir informer les autorités compétentes de l’Etat sur lequel est établi ou représenté ce fournisseur de services.

Aujourd’hui dans l’Union européenne, définir le droit et rendre la justice relèvent des fonctions régaliennes des Etats, ce qui naturellement n’empêche pas la coopération judiciaire entre eux. L’article 82 du Traité sur le fonctionnement de l’Union européenne prévoit explicitement une telle coopération et précisent que les deux colégislateurs de l’UE, le Parlement européen et le Conseil adoptent notamment les mesures visant « à faciliter la coopération entre autorités judiciaires ou équivalentes des Etats membres dans le cadre des poursuites pénales et de l’exécution des décisions ».

Il s’agit bien d’une coopération entre autorités judiciaires ou équivalentes des Etats membres, et non d’une coopération entre ces autorités et des opérateurs privés, dont les objectifs sont de nature commerciale.

Or, non seulement la Commission envisage sur la base de l’article 82 précité une telle coopération entre autorités compétentes d’un Etat membre et fournisseur de services d’un autre Etat membre, mais elle n’hésite pas, en outre, à investir ce fournisseur de services de compétences quasi-judiciaires. Ainsi, l’article 9 par. 5 de la proposition de règlement prévoit-il la possibilité de ne pas exécuter une injonction de production des preuves électroniques quand il apparaît, sur la base des seules informations contenues dans l’injonction, que celle-ci « enfreint manifestement la Charte des droits fondamentaux de l’Union européenne » ou qu’elle est manifestement abusive.

Le même fournisseur de services peut également ne pas exécuter l’injonction quand il considère que le respect de celle-ci « serait contraire aux lois applicables d’un pays tiers interdisant la divulgation de données concernées au motif que cela est nécessaire pour protéger les droits fondamentaux des personnes concernées ou les intérêts fondamentaux du pays tiers en matière de sécurité ou de défense nationales ».

Le fournisseur de services n’est donc plus simplement une entité commerciale, qui poursuit des intérêts qui lui sont propres, mais par la grâce de la proposition de la Commission, il devient un véritable auxiliaire de justice, doté de compétences juridiques lui permettant d’apprécier la validité de l’injonction qui lui a été adressée.

Un accès plus facile aux données électroniques pour les autorités policières et judiciaires justifie-t-il un tel abandon des compétences exclusives des autorités publiques en matière pénale, et une telle confusion entre intérêt public et intérêts privés ? N’y a-t-il pas d’autres moyens pour faciliter la coopération judiciaire dans l’espace européen de liberté, de sécurité et de justice, au sein duquel précisément est consacré le principe de confiance mutuelle ?

En premier lieu, il convient d’analyser les motifs des difficultés que rencontrent aujourd’hui les autorités policières et judiciaires des Etats membres : les fournisseurs de services sont fréquemment des compagnies régies par le droit américain, ce qui supposerait que les autorités des Etats de l’UE sollicitent une assistance auprès des autorités américaines, alors même que l’affaire pénale à traiter a le plus souvent un caractère national. La solution juridiquement correcte devrait être trouvée dans l’amélioration des traités d’assistance judiciaire mutuelle qui existant déjà : un tel traité a déjà été adopté entre les USA et l’UE en 2003.

Ces traités d’entraide judiciaire sont critiqués en raison de la lenteur des procédures mises en place. Toutefois, dans le cadre des négociations actuellement en cours au Conseil de l’Europe sur le deuxième protocole additionnel à la Convention de Budapest sur la cybercriminalité, a été provisoirement adoptée une disposition spécifique sur la « demandes d’entraide judiciaire urgente ». Cette disposition prévoit une procédure qui soit la plus rapide possible pour les demandes d’entraide effectuées en situation d’urgence, définie comme une situation « présentant un risque significatif et imminent pour la vie ou la sécurité d’une personne physique ». Parmi les exemples donnés dans le rapport explicatif figure notamment le cas où « la localisation de la victime peut être déterminée au moyen de données stockées par le fournisseur ».

 Il semble donc possible d’envisager l’amélioration du fonctionnement actuel des traités d’assistance judiciaire, qui sont les seuls instruments susceptibles de régler les épineux problèmes de conflits de lois. A cet égard, force est de constater que la proposition de la Commission ne permet pas de résoudre de tels conflits, lorsque le fournisseur de services saisi d’une injonction de production est également soumis à la loi applicable d’un pays tiers : elle prévoit en revanche un mécanisme complexe de saisine d’une juridiction de l’Etat dont dépend l’autorité émettrice de l’injonction, ce qui paraît pour le moins étonnant dans le cadre d’un conflit qui est un conflit de nature territoriale, entre la loi de l’Etat sur le territoire duquel est établi -ou représenté- le fournisseur de services, et la loi de l’Etat tiers applicable à ce même fournisseur de services.

En deuxième lieu, indépendamment d’une amélioration éventuelle des traités d’assistance judiciaire mutuelle, l’objectif visé par la Commission pourrait être atteint sans remise en cause des principes de base concernant les compétences souveraines des Etats membres : il suffit pour cela de rétablir le canal classique de coopération entre autorités judiciaires des Etats membres, en impliquant activement les autorités de l’Etat sur le territoire duquel se trouve le fournisseur de services (autorités d’exécution). Le rapport du Parlement européen, préparé par Mme Sippel, propose un mécanisme de notification de l’Etat sur le territoire duquel l’injonction devra être exécutée, simultanément à l’envoi de celle-ci au fournisseur de services. L’examen juridique de l’injonction et son exécution éventuelle relèveront de la seule appréciation de l’autorité d’exécution.  Le cas échéant, dans les cas-rares- où la personne concernée par la procédure ne réside ni sur le territoire de l’Etat d’émission, ni sur celui d’exécution de l’injonction, celle-ci devra être également adressée aux autorités du lieu de résidence de la personne, à condition naturellement que ce lieu de résidence soit connu.

Une telle notification, conforme aux prérogatives régaliennes des Etats membres aux dispositions de l’article 82 du TFUE, n’est pas antinomique avec la recherche d’efficacité de la procédure : le rapport du Parlement prévoit le même délai de 10 jours dans lequel les fournisseurs de services devront répondre aux demandes. Le respect de ce délai suppose bien entendu la pleine application du principe de confiance mutuelle, sur lequel se fonde précisément la coopération judiciaire dans l’espace européen. Une telle confiance ne peut concerner que les autorités publiques des Etats membres entre elles, et non avec des compagnies privées, que celles-ci soient vertueuses ou non.

La lutte contre la criminalité et le terrorisme à l’ère numérique peut et doit continuer à s’exercer dans un cadre juridique conçu pour assurer le plein respect des droits fondamentaux.

La nuova Guardia di frontiera e costiera europea (Regolamento (UE) 2019/1896): un primo esempio di amministrazione integrata nazionale/europea ?

(english version will follow)

di Emilio De Capitani

già Segretario (1998-2011) della Commissione Libertà Civili (LIBE) del Parlamento europeo

Premessa

Il 4 dicembre 2019 entra in vigore Regolamento (UE) 2019/1896 relativo alla guardia di frontiera e costiera europea, il cui snodo centrale è l’Agenzia europea comunemente nota come “Frontex”. Questa Agenzia aveva visto la luce nel 2004 ([1]) come semplice struttura di supporto ([2]) per gli Stati membri che contribuivano anche con uomini e mezzi quando si fosse reso necessario intervenire anche con team di rapido intervento ([3]) in aiuto di uno stato membro la cui frontiera esterna fosse sottoposta ad una forte pressione migratoria. Già all’entrata in vigore del Trattato di Lisbona il mandato dell’Agenzia venne esteso ([4]) da un lato prevedendo maggiori risorse e il distacco di personale degli Stati membri in modo più o meno permanente e dall’altro incaricando l’agenzia della gestione di un sistema europeo di sorveglianza delle frontiere (Eurosur) che poteva fare affidamento sulle informazioni provenienti dagli Stati membri, da Stati terzi e da altre agenzie europee e da satellite ([5]).

Anche dopo queste modifiche l’Agenzia rimaneva comunque una struttura con funzioni di intervento di emergenza come una sorta di compagnia dei vigili del fuoco (Fire Brigade) da attivare solo nel momento del bisogno e a richiesta degli stati interessati. Tuttavia a partire dal 2011 l’area di Schengen viene scossa da flussi migratori sempre più consistenti e per uscire dalla crisi l’Unione europea aggiorna nel 2013 il sistema di governance di Schengen con meccanismi di valutazione del controllo delle frontiere molto più stringenti [6] e modifiche al Codice delle frontiere Schengen () prevedendo procedure di emergenza che possono portare anche al ristabilimento dei controlli alle frontiere interne dell’area. In questo quadro il ruolo di Frontex diventa determinante e permanente per controllare la tenuta delle frontiere.

Nel 2014 il mandato di Frontex viene anche esteso[7] alla gestione degli interventi di search and rescue che dovessero rendersi necessari nel corso delle operazioni di sorveglianza anche nelle zone pre-frontiera (quindi anche nelle acque internazionali)

Il passaggio dal ruolo di “Fire Brigade” ad Agenzia quale snodo di un sistema che collega tra loro il livello nazionale con quello sovranazionale avviene con Regolamento (UE) 2016/1624 del 14 settembre 2016 relativo alla guardia di frontiera e costiera europea dove per la prima volta viene affrontato il tema della gestione integrata delle frontiere esterne cui fa riferimento il Trattato (art. 77 par. lett C).

Il Regolamento si rivela particolarmente ambizioso ma, come spesso avviene nel processo decisionale europeo, lascia diverse questioni in sospeso o a metà sia per quanto riguarda la ripartizione di competenze tra livello statale ed europeo, che per quanto riguarda il quadro strategico, il rispetto dei diritti fondamentali, e le risorse umane e finanziarie.

Per risolvere queste questioni nel Settembre 2018 la Commissione ha presentato una ambiziosa proposta che il Parlamento e il Consiglio hanno trattato a tempo di record ([8]) tanto da concludere un accordo in prima lettura su un testo di compromesso approvato dal Parlamento europeo il 17 aprile 2019, praticamente sul finire della legislatura.

Le innovazioni del Regolamento (UE) 2016/1896

I 124 articoli del nuovo Regolamento descrivono per la prima volta un quadro organico della prima forma di amministrazione integrata della protezione delle frontiere esterne dell’Unione a livello sovranazionale e nazionale, rispondendo per la prima volta in modo tutto sommato coerente alle critiche che erano state presentate ai testi legislativi precedenti e alle richieste della stessa Frontex. Dalla lettura del testo appare evidente che molte disposizioni sono state praticamente dettate da Frontex stessa, che ha così inteso darsi una base giuridica esplicita a livello di diritto secondario dell’Unione dotandosi di una specie di testo unico che le permette di rispondere al mandato conferitole.

I punti salienti della riforma sono i seguenti.

  1. Sono definite le componenti della gestione europea integrata delle frontiere (art. 3). Questa nozione è evocata dall’art.77 del TFUE ma ha preso forma nelle sue componenti essenziali nella riforma del 2016, confermata e resa più coerente dal testo in questione.
  2. Vengono integrati i livelli di amministrazione sovranazionale e nazionale: la guardia di frontiera e costiera europea sarà costituita dall’Agenzia e dalle autorità nazionali preposte alla gestione delle frontiere, ivi incluse le guardie costiere (nella misura in cui svolgono compiti di controllo di frontiera), così come dalle autorità nazionali responsabili dei rimpatri (art. 4). La gestione europea integrata delle frontiere è dunque una responsabilità condivisa tra l’Agenzia e le autorità nazionali preposte alla gestione delle frontiere. Quindi gli Stati membri mantengono la responsabilità primaria della gestione delle loro sezioni di frontiera esterna, ma il quadro di riferimento per l’azione nazionale è ora definito a livello europeo (art. 7).
  3. In coerenza con i due punti precedenti viene previsto un Ciclo politico strategico pluriennale per la gestione europea integrata delle frontiere. Nel Regolamento del 2016 si evocava una strategia tecnica adottata dal Consiglio di amministrazione di Frontex, che difficilmente avrebbe potuto essere considerata vincolante per i governi e parlamenti nazionali. Nel testo attuale la strategia pluriennale sarà adottata dalla Commissione (art. 8) con un qualche coinvolgimento del Parlamento europeo (e, si spera, almeno indirettamente dei Parlamenti nazionali) e ciò è conforme alla giurisprudenza “Meroni”, che richiede che le misure europee debbano essere adottate dalle istituzioni europee mentre le organizzazioni derivate come le agenzie possono legittimamente adottare solo misure che con comportano discrezionalità politica (quali sono, evidentemente le Strategie).
  4. Molto correttamente si prevedeche l’Agenzia risponda “del proprio operato al Parlamento europeo e al Consiglio”, cioè alle istituzioni che l’hanno creata e non alla sola Commissione come la maggior parte delle altre Agenzie europee. Mutatis mutandis, questo prefigura un rapporto simile a quello che negli Stati Uniti è previsto per le Agenzie federali, che sono chiamate a rispondere anche davanti al Congresso.
  5. L’interazione fra livello sovranazionale e nazionale è inquadrata dalle norme relative alla pianificazione integrata con piani di sviluppo delle capacità nazionali in modo da assicurare un livello di efficienza comparabile in tutte le sezioni di frontiera (art. 9) e, molto opportunamente, gli articoli 11 e 12 prevedono lo scambio tempestivo e completo di informazioni tra livello nazionale ed europeo come espressione del principio di cooperazione leale. Può sembrare ovvio ma questo tuttora non avviene o avviene in forma limitata in altri settori di cooperazione, come nel caso della cooperazione giudiziaria e di polizia in campo penale. 
  6. Lo scambio e il trattamento delle informazioni tra livello nazionale e sovranazionale è l’oggetto degli articoli da 11 a 23, dove è disciplinato anche il sistema informativo EUROSUR, che diviene ormai l’hub di riferimento di una rete tanto informatica quanto di corrispondenti che si può considerare il “sistema nervoso” della nuova Guardia di frontiera europea. Le norme possono sembrare troppo dettagliate ma sono di importanza fondamentale perché diventeranno il tessuto connettivo e l’inevitabile complemento di altri sistemi di informazione come il Sistema informativo Schengen e i sistemi ETIAS, VIS e EURODAC, che saranno resi progressivamente interoperabili. Non è quindi azzardato ritenere che la futura Guardia costiera e di frontiera europea e la stessa Frontex si candidano a diventare il “cervello” al quale dovranno affluire tutte le informazioni, facendone tra l’altro, au passage, il più efficiente centro di intelligence europeo (con buona pace di Europol, che pure è chiamato a cooperare con l’Agenzia).
  7. Questa vocazione della nuova Guardia di frontiera europea a divenire il primo sistema integrato di polizia delle frontiere e intelligence a livello europeo é confermato dagli articoli 24-28 sui “quadri situazionali” (europeo, nazionali e specifici) che saranno alimentati dai dati raccolti dai databases europei, da quelli nazionali e da altre fonti.
  8. Gli articoli da 29 e 35 prevedono le misure da prendere una volta identificati i rischi nelle diverse sezioni della frontiera esterna UE, che ciascun paese deve tenere sotto controllo nell’interesse proprio e degli altri paesi UE (oltre che dei paesi terzi limitrofi). Ogni sezione di frontiera viene classificata in funzione del livello di vulnerabilità e del possibile rischio che esso rappresenta e delle misure da prendere per fronteggiarlo. Da notare che le informazioni sono raccolte anche da funzionari dell’Agenzia (per ovviare a possibili deficienze a livello nazionale) e che, in caso di problemi, il Direttore può raccomandare misure da prendere d’urgenza dall’amministrazione nazionale. Se questa non collabora è già previsto un crescendo di pressioni anche a livello della Commissione e del Consiglio che possono portare anche al ripristino dei controlli alle frontiere interne e quindi di fatto all’isolamento del paese in questione. Questa misura è già prevista in casi estremi dal codice di frontiere Schengen e il fatto di averla parzialmente ripresa anche in questo Regolamento crea una oggettiva necessità di coordinamento fra i due testi legislativi e i corrispondenti sistemi di valutazione dei rischi.
  9. Gli articoli da 36 a 47 coprono le azioni congiunte dell’Agenzia con le amministrazioni dei paesi membri e, se del caso con paesi terzi. È importante notare il livello di dettaglio di queste norme, che sembrano dettate dall’esperienza sul campo e dal desiderio di Frontex di superare possibili intoppi e fraintendimenti sui ruoli rispettivi. Importante è il contenuto delle regole di ingaggio da concordare con gli stati membri interessati prima di ogni operazione anche perché tali regole indicano anche il quadro legislativo di riferimento, specie per le operazioni in acque internazionali.
  10. Gli articoli da 48 a 53 riguardano il ruolo dell’Agenzia nelle operazioni di rimpatrio condotte per conto degli Stati membri, che (viene ribadito più volte) sono i soli (?) a poter prendere queste decisioni. Resta da verificare il possibile impatto dei ripetuti riferimenti al rispetto delle norme a tutela delle persone derivanti dal diritto internazionale e dal diritto europeo (cioè dalla Carta e dal diritto secondario in materia di asilo/immigrazione irregolare) in un contesto nel quale molti paesi membri dell’UE non rispettano i diritti fondamentali e dunque Frontex non potrà fondare la propria azione su una presunzione assoluta di legittimità delle decisioni nazionali di rimpatrio.
  11. L’articolo 54, che definisce il volume e le caratteristiche del personale permanente operativo, è una delle innovazioni principali del nuovo Regolamento. Il personale permanente si distingue in quattro categorie: le guardie di frontiera, le scorte per i rimpatri, gli esperti in materia di rimpatrio e altro personale competente, facente parte del corpo permanente della guardia di frontiera e costiera europea.[9]
  12. Lo stesso art. 54, insieme all’art. 82, definisce anche le condizioni per l’esercizio di poteri operativi da parte di personale dell’Agenzia. Tale esercizio deve essere previamente autorizzato dallo Stato membro o dello Stato terzo interessato ma può riguardare anche attività sensibili (alcune delle quali possono richiedere il porto d’armi[10]). Per quanto riguarda il diritto applicabile nell’esercizio di queste attività da funzionari della Guardia di frontiera europea[11], l’art. 82 offre indicazioni generali, stabilendo che “Lo svolgimento dei compiti e l’esercizio dei poteri da parte dei membri delle squadre, in particolare quelli che richiedono poteri esecutivi, sono soggetti all’autorizzazione dello Stato membro ospitante sul suo territorio nonché al diritto dell’Unione, nazionale o internazionale applicabile, in particolare al regolamento (UE) n. 656/2014, quale descritto nel piano operativo di cui all’articolo 38. Nello svolgimento dei loro compiti e nell’esercizio delle loro competenze, i membri delle squadre assicurano pienamente il rispetto dei diritti fondamentali e osservano il diritto dell’Unione e quello internazionale, e la legislazione nazionale dello Stato membro ospitante”.
  13. Il fatto è che le norme vigenti in materia sono nazionali o comunque rivolte agli Stati membri e non anche alle istituzioni europee stesse, cosicché ci si potrebbe chiedere se non sia necessaria una disciplina specifica (come è il caso per la protezione dei dati o per le norme in campo penale applicabili dall’EPPO). La questione rischia di finire sul tavolo di un giudice anche perché molto opportunamente gli articoli 84 e 85 prevedono la responsabilità civile e penale dei funzionari nell’esercizio di queste funzioni.
  14. Il Regolamento prevede anche una serie articolata di norme in materia di risorse operative proprie dell’Agenzia, di formazione del proprio personale, di relazioni internazionali, di protezione dei dati che vengono a costituire una sorta di spazio amministrativo parallelo che non sarà semplice monitorare tanto da parte delle stesse istituzioni che dalla società civile e dagli stessi Parlamenti nazionali (che vengono per la prima volta citati in questo nuovo contesto come era auspicabile visto il ruolo che è loro riconosciuto dal Trattato in materia di controllo di Europol e Eurojust).
  15. Il richiamo ai diritti fondamentali è un tema ricorrente in tutto il Regolamento e in tutte le disposizioni di portata operativa con riferimento non solo ai principi riconosciuti dagli articoli 2 e 6 TUE e dalla Carta UE, ma più in particolare ai seguenti diritti: “il rispetto per la dignità umana, il diritto alla vita, la proibizione della tortura e di trattamenti o pene inumani o degradanti, la proibizione della tratta di esseri umani, il diritto alla libertà e alla sicurezza, il diritto alla protezione dei dati personali, il diritto di accesso ai documenti, il diritto di asilo, la protezione contro l’allontanamento e l’espulsione, il divieto di respingimento, il divieto di discriminazione e i diritti del minore”. A tutela di questi diritti il nuovo Regolamento va molto oltre quanto previsto nelle versioni del 2011 e del 2016, prevedendo una procedura di denuncia da parte di privati per eventuali violazioni all’Agenzia e un Responsabile della tutela dei diritti fondamentali, coadiuvato da almeno quaranta collaboratori con il compito di monitorare anche le singole operazioni dell’Agenzia e di provvedere a un reporting dettagliato.

Prime conclusioni

Il Regolamento (UE) 2019/1896 è certamente l’intervento più ambizioso e articolato approvato dai co-legislatori in materia di controllo delle frontiere nel corso degli ultimi anni. Nonostante la base giuridica prescelta siano gli articoli 77 e 79 (controllo delle frontiere e lotta all’immigrazione irregolare), la portata e le ambizioni del Regolamento sono molto più ampie e toccano anche la sicurezza interna e indirettamente quella esterna. Il passaggio di Frontex dagli attuali 1500 funzionari (nel 2004 erano 170) a 10 mila fa di questa Agenzia una struttura esecutiva assolutamente eccezionale e “fuori scala” rispetto agli altri organi esecutivi con compiti operativi dell’Unione, incluso il Servizio europeo esterno.

Se si pensa poi che la proposta della Commissione è stata accettata dal Consiglio europeo senza neppure una previa valutazione di impatto, non si può che rivolgere un plauso al Parlamento europeo, che nello spazio di pochi mesi ha reso il testo “presentabile”, colmando molte delle lacune della legislazione precedente (compreso il Regolamento del 2016). L’impresa era sulla carta molto ardua. Si può discutere sul fatto che alcune delle soluzioni proposte sotto forma di “vademecum”, “handbook” e “guidelines” siano sufficientemente solide dal punto di vista giuridico per superare il controllo del giudice a livello nazionale e europeo. Per questa ragione è probabile che nuovi interventi legislativi si renderanno necessari. Tuttavia, è molto difficile che si possa tornare indietro perché questo testo, secondo la migliore tradizione della cooperazione Schengen, risponde ad esigenze operative che decine di migliaia di funzionari nazionali in tutti i paesi membri ritengono necessarie e che saranno quindi difese da questi in sede nazionale ed europea come prima forma di effettiva solidarietà operativa e di amministrazione integrata a livello nazionale ed europeo. È auspicabile che un simile approccio, in grado di coniugare le ragioni operative e di solidarietà amministrativa con la tutela – almeno in principio – dei diritti fondamentali, faccia scuola e che venga assimilato dal nuovo Parlamento europeo e dai parlamenti nazionali, oltreché dalla società civile, in passato giustamente molto critica verso norme europee meno garantiste.

D’altro canto, proprio la società civile e i parlamenti sono chiamati a un compito di monitoraggio che si preannuncia tanto decisivo quanto impervio. Basti considerare quanto emerge dalla recentissima pronuncia del Tribunale nel caso Izuzquiza et al. c. Frontex, dove, da un lato, si rileva che l’Agenzia non si è ancora dotata di un registro dei documenti, pur richiesto dal Regolamento (CE) n. 1049/2001 e, dall’altro, si chiarisce che anche le informazioni dei database interni potranno essere oggetto di richieste d’accesso da parte dei cittadini. Il rischio è che le nuove competenze attribuite a Frontex amplino a dismisura la possibilità di invocare la confidenzialità delle informazioni per ragioni di sicurezza pubblica. L’effettività del controllo sulle operazioni di Frontex sarà, poi, ancora più problematica quando l’Agenzia parteciperà – come il nuovo Regolamento consente – a missioni condotte nel quadro della sicurezza esterna dell’Unione, giacché a quelle missioni si applica un regime giuridico particolarmente restrittivo, che preclude allo stesso Parlamento europeo l’accesso a talune informazioni. Si tratta di una tema che, per la sua sensibilità, richiederà analisi accurate, ma averlo evocato è sufficiente a rendere l’idea della complessità delle sfide giuridiche e istituzionali che ci attendono.


[1] Regolamento (CE) n. 2007/2004 del Consiglio del 26 ottobre 2004 che istituisce un’Agenzia europea per la gestione della cooperazione operativa alle frontiere esterne degli Stati membri dell’Unione europea.

[2] Già all’epoca vi era chi, nel Parlamento europeo, chiedeva la creazione di un corpo di guardie di frontiere europee e la questione era stata discussa in Consiglio sulla base di uno studio di fattibilità preparato dalla delegazione italiana, ma il progetto sembrava troppo ambizioso per quei tempi.

[3] Regolamento (CE) n. 863/2007 del Parlamento europeo e del Consiglio, dell’11 luglio 2007 che istituisce un meccanismo per la creazione di squadre di intervento rapido alle frontiere e modifica il regolamento (CE) n. 2007/2004 del Consiglio limitatamente a tale meccanismo e disciplina i compiti e le competenze degli agenti distaccati.

[4] Regolamento (UE) n. 1168/2011 del Parlamento europeo e del Consiglio del 25 ottobre 2011 recante modifica del regolamento (CE) n. 2007/2004 del Consiglio che istituisce un’Agenzia europea per la gestione della cooperazione operativa alle frontiere esterne degli Stati membri dell’Unione europea.

[5] Regolamento (UE) n. 1052/2013 del Parlamento europeo e del Consiglio del 22 ottobre 2013 che istituisce il sistema europeo di sorveglianza delle frontiere (Eurosur).

[6] Vedi REGOLAMENTO (UE) N. 1053/2013 DEL CONSIGLIO del 7 ottobre 2013 che istituisce un meccanismo di valutazione e di controllo per verificare l’applicazione dell’acquis di Schengen e che abroga la decisione del comitato esecutivo del 16 settembre 1998 che istituisce una Commissione permanente di valutazione e di applicazione di Schengen

[7] Vedi  REGOLAMENTO (UE) N. 656/2014 del 15 maggio 2014 recante norme per la sorveglianza delle frontiere marittime esterne nel contesto della cooperazione operativa coordinata dall’Agenzia europea per la gestione della cooperazione operativa alle frontiere esterne degli Stati membri dell’Unione europea

[8] I negoziati si sono tenuti in particolare nel corso di cinque riunioni interistituzionali (detti “triloghi”) il 27 Febbraio, il 12, 21, 26 e 28 marzo 2019.

[9] Le quattro categorie sono cosi’ descritte:

« a)         categoria 1: personale statutario impiegato come membri delle squadre nelle aree operative ai sensi dell’articolo 55, e personale responsabile del funzionamento dell’unità centrale ETIAS;

b)           categoria 2: personale distaccato a lungo termine presso l’Agenzia dagli Stati membri e facente parte integrante del corpo permanente ai sensi dell’articolo 56;

c)            categoria 3: personale degli Stati membri pronto per essere messo a disposizione dell’Agenzia per un impiego di breve durata quale parte integrante del corpo permanente ai sensi dell’articolo 57; e

d)           categoria 4: riserva di reazione rapida composta da personale degli Stati membri pronto per essere impiegato, ai sensi dell’articolo 58 ai fini di interventi rapidi alle frontiere ai sensi dell’articolo 39.”

[10] Art 82 “(8).   I membri delle squadre, compresi i membri del personale statutario, sono autorizzati per i pertinenti profili dallo Stato membro ospitante allo svolgimento di compiti durante l’impiego che richiedano l’uso della forza, inclusi il porto e l’uso delle armi di ordinanza, delle munizioni e dell’equipaggiamento, e sono soggetti al consenso dello Stato membro di appartenenza o, per il personale statutario, dell’Agenzia. L’uso della forza, compreso il porto e l’utilizzo di armi d’ordinanza, munizioni ed equipaggiamento, è esercitato ai sensi della legislazione nazionale dello Stato membro ospitante e in presenza delle guardie di frontiera dello Stato membro ospitante. Lo Stato membro ospitante può, con il consenso dello Stato membro di appartenenza o, se del caso, dell’Agenzia, autorizzare i membri delle squadre a usare la forza sul suo territorio in assenza di guardie di frontiera dello Stato membro ospitante.

Lo Stato membro ospitante può vietare il porto di determinate armi di ordinanza, munizioni ed equipaggiamento, a condizione che la sua normativa applichi il medesimo divieto alle proprie guardie di frontiera o al personale quando impegnato in compiti attinenti ai rimpatri. Prima dell’impiego dei membri delle squadre, lo Stato membro ospitante informa l’Agenzia in merito alle armi di ordinanza, alle munizioni e all’equipaggiamento autorizzati e alle relative condizioni d’uso. L’Agenzia mette tali informazioni a disposizione degli Stati membri.

(9).   Le armi di ordinanza, le munizioni e l’equipaggiamento possono essere usati per legittima difesa personale o per legittima difesa dei membri delle squadre o di altre persone ai sensi della legislazione nazionale dello Stato membro ospitante, in linea con i pertinenti principi del diritto internazionale in materia di diritti umani e con la Carta”.

[11] Secondo l’art. 54 queste sono:

« a)         verifica dell’identità e della cittadinanza delle persone, compresa la consultazione delle pertinenti banche dati nazionali e dell’Unione;

b)           autorizzazione all’ingresso, se le condizioni stabilite all’articolo 6 del regolamento (UE) 2016/399 sono soddisfatte;

c)            respingimento ai sensi dell’articolo 14 del regolamento (UE) 2016/399;

d)           apposizione di timbri sui documenti di viaggio ai sensi dell’articolo 11 del regolamento (UE) 2016/399;

e)            rilascio o rifiuto di visti alla frontiera ai sensi dell’articolo 35 del regolamento (CE) n. 810/2009 del Parlamento europeo e del Consiglio e inserimento dei corrispondenti dati nel Sistema di Informazione dei visti;

f)            sorveglianza di frontiera, compreso il pattugliamento tra valichi di frontiera, allo scopo di impedire l’attraversamento non autorizzato della frontiera, di lottare contro la criminalità transfrontaliera e di adottare misure contro le persone entrate illegalmente, ivi compresi l’intercettazione o il fermo;

g)           registrazione nell’Eurodac delle impronte digitali delle persone fermate in relazione all’attraversamento irregolare di una frontiera esterna, ai sensi del capo III del regolamento (UE) n. 603/2013 del Parlamento europeo e del Consiglio;

h)           contatti con i paesi terzi ai fini dell’identificazione e dell’acquisizione di documenti di viaggio per i rimpatriandi;

i) scorta di cittadini di paesi terzi cui si applicano procedure di rimpatrio forzato.”