Intelligence Law and Policies in Europe: A Handbook 9781509926169, 9781509926176

Citation preview

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/03_Preface.3d from 30.09.2019 13:44:20 3B2 9.1.580; Page size: 160.00mm  240.00mm

Preface Intelligence Cooperation in Europe is of fundamental and growing importance in view of the various common risks and threats that the European continent and the EU, in particular, are facing. They range from threats by terrorists as well as organised crime, to espionage, sabotage and cyber-attacks by third parties and countries. Most of the latter aim at undermining the democratic systems and shared values of European societies, the European Union and its Member States. Furthermore, the Common Foreign and Security political approach of the European Union requires a functioning cooperation between European intelligence agencies. At the same time – particularly following the Snowdon revelations – European citizens expect intelligence activities to be in line with values of democracy, the rule of law and human rights. So far, there existed no extensive, deep analysis of intelligence work encompassing Europe under these aspects. This book aims to close this gap and offer a solid background for further objective, cross border European discussions. It takes into account the various facets of intelligence activities in Europe in a problem- and taskoriented way. It, thus, spans from general operational chapters on intelligence operations to intelligence cooperation within different policies in Europe, inside the EU but also on a bigger scale (e.g. NATO), to its legal frameworks including its organisational limits as well as those drawn by competence rules and fundamental rights and to expositions of the structures of several selected national intelligence communities. We have been fortunate to win a number of eminent experts from relevant administrations, academia and civil society as authors for different chapters of our book. We are very grateful for their preparedness to take on the research for and drafting of chapters in their field of expertise. European citizens may expect intelligence services of Europe – and particularly within the European Union – to cooperate as much as possible and necessary, in order to counter threats that are becoming increasingly difficult to tackle for each state on her own. It would contribute to jointly defend our democracies, the rule of law and fundamental rights as achievements on which Europe is built. Hence, we submit that European intelligence plays a substantial role. Sincere thanks are due to Dr. Wolfgang Czerny of C.H. Beck Publishers, without whose help and patience the project would not have been completed. Additional help was given by Johannes Sieber and Maximilian Trapp. We are most grateful to them. Jan-Hendrik Dietrich Berlin

Satish Sule Brussels

November 2018

VII

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/03_Preface.3d from 30.09.2019 13:44:20 3B2 9.1.580; Page size: 160.00mm  240.00mm

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/04_About-the-Contrib.3d from 30.09.2019 13:44:23 3B2 9.1.580; Page size: 160.00mm  240.00mm

About the Contributors Felia Allum is senior lecturer in Politics and Italian in the Department of Politics, Languages and International Studies at the University of Bath, UK. Iain Cameron is professor in international law at Uppsala University and director of Uppsala University’s centre for Police Research. Mai’a K. Davis Cross is the Edward W. Brooke Professor of Political Science and Associate Professor of Political Science and International Affairs at Northeastern University, Boston. Jan-Hendrik Dietrich is a Professor of Security Law at Federal University of Administrative Sciences and co-director of the Centre for Intelligence and Security Studies at the University of the German Federal Armed Forces in Munich. Florent Le Divelec is a data protection compliance officer, former Academic Assistant at the College of Europe. Jana Gajdošová is Head of the Programme Justice, Security and Digital Society at the European Union Agency for Fundamental Rights (FRA). Stan Gilmour is a serving police officer and a visiting Policy Fellow in the Institute for Policy Research at the University of Bath, UK. Michael S. Goodman is Professor of Intelligence and International Affairs in the Department of War Studies, King’s College London. He is also Visiting Research Professor at the Norwegian Defence Intelligence School and Visiting Professor at Sciences Po, Paris. Christiane Höhn Dr., LL. M. (Harvard), is the Principal Adviser to the EU CounterTerrorism Coordinator, Council of the European Union. Frederic Ischebeck-Baum is a Fellow of the Sir Michael Howard Centre for the History of War at King’s College London, and former Assistant Director of the latter’s Centre for Defence Studies. He is a Visiting Lecturer at Cambridge University and has worked with the Changing Character of War Centre at Oxford University. Gilles de Kerchove is the EU Counter-Terrorism Coordinator (since 2007), Council of the European Union. He holds an LL.M. from Yale Law School and teaches European law at several Belgian universities. Eric King is a Visiting Lecturer at Queen Mary, University London where he teaches surveillance law. Previously, he was Director of the NGO campaign Don’t Spy On Us, and the Deputy Director at Privacy International. Ian Leigh is Professor of Law at Durham University. Carlo Masala holds a Chair for International Politics at Bundeswehr University Munich. Carly Nyst is a human rights lawyer and independent consultant working on technology and human rights. She was previously the legal director of Privacy International.

IX

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/04_About-the-Contrib.3d from 30.09.2019 13:44:24 3B2 9.1.580; Page size: 160.00mm  240.00mm

About the Contributors

Nicolas von zur Mühlen is head of the section for information law and legal informatics at the Max Planck Institute for Foreign and International Criminal Law in Freiburg. Sir David Omand is Visiting Professor in the War Studies Department King’s College London and at PSIA Sciences-Po Paris. He is a former UK Security and Intelligence Coordinator, Permanent Secretary of the Home Office and Director of the UK signals intelligence and cyber security agency, GCHQ. José-Miguel Palacios is a lecturer of intelligence studies at the College of Europe (Bruge) and the Universidad Rey Juan Carlos/Universidad Carlos III (Madrid). Between 2011 and 2015 he was the Head of the Analysis Division, EU Intelligence Analysis Centre. Christian Rauwolf, Lieutenant Colonel (GS), is currently posted as the German Defence Attaché in Bogotá, Colombia. From 2012 to 2015 he served in the EU Military Staff’s Intelligence Directorate. Alessandro Scheffler Corvaja is a PhD-Student at Bundeswehr University Munich. He has gained much of his professional experience in multinational settings such as the NATO Defense College and the George C. Marshall European Center for Security Studies. Steven J. Ryder is working at the European Union Law Enforcement Agency for Law Enforcement Cooperation (Europol) as a legal officer (Specialist) in EU & International Law. Stefanie Schmahl Dr., LL.M. (Barcelona) is full professor of German and Foreign Public Law, International Law and European Law at the Julius-Maximilians-University of Würzburg. Satish Sule is an official (legal officer) in the Security Directorate of the Directorate General of Human Resources and Security of the European Commission. Tatiana Tropina is senior researcher in the section for information law and legal informatics at the Max Planck Institute for Foreign and International Criminal Law in Freiburg.

X

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/05_Abbreviations.3d from 30.09.2019 13:44:53 3B2 9.1.580; Page size: 160.00mm  240.00mm

Abbreviations and Acronyms ACH ...................................... AD ......................................... ADDNI ................................. AFSJ ....................................... AGI ........................................ AIPAC ................................... Aman ..................................... AOR ....................................... ARA ....................................... ARC ....................................... ATSA ..................................... AWF ...................................... BC .......................................... BfV ......................................... BND ....................................... BoF ......................................... BRIXMIS .............................. BW ......................................... CBRN .................................... CBW ...................................... CCA ....................................... CCP ....................................... CDA ...................................... CEO ....................................... CFSP ...................................... CI ........................................... CIA ........................................ CIARDS ................................ CIG ........................................ CIRAM ................................. CIS ......................................... CJEU ...................................... CMA ...................................... CMC ...................................... CMS ....................................... CNA ...................................... CNE ....................................... COI ........................................ COMINT .............................. COO ...................................... CoOL ..................................... COREPER ............................ COREU ................................. COS ....................................... COSI ...................................... COSPOL ............................... CPC ....................................... CRS ........................................ CRS ........................................ CSDP ..................................... CSIS ....................................... CSRS ...................................... CW ......................................... CYBERINT .......................... D&D ......................................

Alternative competing hypothesis Anno Domini Assistant deputy director of national intelligence Area of Freedom, Security and Justice Advanced geospatial intelligence American Israel Public Affairs Committee Agaf ha-Modi’in (Directorate of Military Intelligence, Israel) Area of responsibility Annual Risk Assessment Analytic Resources Catalog Aviation and Transportation Security Act Analysis Work File Before Christ Bundesamt fuer Verfassungsschutz (Federal Office for the Protection of the Constitution, Germany) Bundesnachrichtendienst (Federal Intelligence Service, Germany) Bits of Freedom British Commander-In-Chief ‘s Mission to the Soviet Forces in Germany Biological weapons Chemical, biological, radiological and nuclear Chemical and biological weapons Crisis Coordination Arrangements Consolidated Cryptographic Program Congressionally directed action Chief executive officer Common Foreign and Security Policy Counterintelligence Central Intelligence Agency CIA Retirement and Disability System Central Intelligence Group Common Integrated Risk Analysis Model Custom Information System Court of Justice of the European Union Community Management Account Central Military Commission (China) Case management system Computer network attack Computer network exploitation Coordinator of information Communications intelligence Chief operating officer Consular Online Committee of Permanent Representatives Correspondence Européenne Chief of station Standing Committee on Operational Cooperation on Internal Security Comprehensive Operational Strategic Planning for the Police Central Point of Contact Congressional Research Service Crisis Response System Common Security and Defence Policy Canada’s Security Intelligence Service (Canada) Counter Surveillance Reconnaissance System Chemical weapons Cyber intelligence Denial and deception

XI

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/05_Abbreviations.3d from 30.09.2019 13:44:54 3B2 9.1.580; Page size: 160.00mm  240.00mm

Abbreviations and Acronyms DARP .................................... DC .......................................... DCI ........................................ DCIA ..................................... DCP ....................................... DDNI .................................... DEFCON .............................. DG ......................................... DGIAP .................................. DGSE ..................................... DHI ........................................ DHS ....................................... DI ........................................... DIA ........................................ DICP ...................................... DIS ......................................... DISTP .................................... DITP ...................................... DNI ........................................ DO ......................................... DOD ...................................... DOE ....................................... DPSD ..................................... DRM ...................................... DS&T .................................... DST ........................................ EC .......................................... EC3 ........................................ ECHO .................................... ECHR .................................... ECIM ..................................... ECTC ..................................... ECtHR ................................... EDA ....................................... EDSP ..................................... EEAS ...................................... EEC ........................................ EIN ........................................ EJN ......................................... ELINT ................................... ENISA ................................... EO .......................................... EOD ....................................... EPC ........................................ ESDP ..................................... ESS ......................................... ETA ....................................... EU INTCEN ........................ EU SITCEN ......................... EU .......................................... EUMS INT ........................... EUMS .................................... EUROPOL ........................... EUROSUR ............................ EUSR ..................................... EXCOM ................................ FAPSI .................................... FASP ......................................

XII

Defence Airborne Reconnaissance Program Deputies Committee (NSC) Director of central intelligence Director of the Central Intelligence Agency Defence Cryptologic Program Deputy director of national intelligence Defence Condition Directorate-General Defense General Intelligence and Applications Program Direction Générale de la Sécurité Extérieure, French Foreign Intelligence Service Defense human intelligence Department of Homeland Security Directorate of Intelligence Defense Intelligence Agency Defense Intelligence Counterdrug Program Defence Intelligence Staff (Britain) Defense Intelligence Special Technologies Program Defense Intelligence Tactical Program Director of national intelligence Directorate of Operations (CIA) Department of Defense Department of Energy Directoire de la Protection et de la Sécurité de la Défense (Directorate for Defense Protection and Security, France) Directoire du Renseignement Militaire (Directorate of Military Intelligence, France) Directorate of Science and Technology (CIA) Direction de la surveillance du territoire (Directorate of Territorial Surveillance, France) European Community European Cybercrime Centre European Community Humanitarian Office European Convention on Human Rights European Criminal Intelligence Model European Counter Terrorism Center European Court of Human Rights European Defence Agency European Defense and Security Policy European External Action Service European Economic Community European Intelligence Communication Network European Judicial Network Electronic intelligence European Union Agency for Network and Information Security Electro-optical; Executive order Entry on duty European Political Cooperation European Security and Defence Policy European Security Strategy Euskadi Ta Askatasuna (Basque terrorist organisation) European Union Intelligence and Situation Centre European Union Situation Centre European Union Intelligence Directorate of the EU Military Staff European Union Military Staff European Agency for Law Enforcement Cooperation European Border Surveillance System European Union Special Representative Executive Committee Fedederalnoe Agenstvo Pravitelsvennoi Svyazi I Informatsii (Federal Agency for Government Communications and Information, Russia) Foreign affairs and security policy

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/05_Abbreviations.3d from 30.09.2019 13:44:55 3B2 9.1.580; Page size: 160.00mm  240.00mm

Abbreviations and Acronyms FBIS ....................................... FCIP ...................................... FIA ......................................... FIPR ....................................... FISA ....................................... FISINT .................................. FRAN .................................... Frontex .................................. FSB ......................................... FSJ .......................................... GAO ...................................... GCHQ ................................... GDIP ..................................... GDP ....................................... GDR ....................................... GEOINT ............................... GESTAPO ............................ GMES .................................... GNP ....................................... GRU ....................................... GSC ........................................ HCLU .................................... HSC ....................................... HSINT ................................... HUMINT ............................. I&W ....................................... IAEA ...................................... IGO ........................................ IMINT ................................... INR ........................................ INTCEN ............................... INTDIV ................................ INTs ....................................... IPCR ...................................... IRA ........................................ IRTPA ................................... ISAA ...................................... ISB .......................................... ISG ......................................... ISR ......................................... ISS .......................................... ISTAR .................................... IT ............................................ IWG ....................................... JCS ......................................... JHA ........................................ JIC .......................................... JICC ....................................... JIOC ....................................... JMIP ...................................... JTAC ...................................... JTTF ...................................... KGB ....................................... KJs .......................................... LIBE ....................................... LQDN ................................... MASINT ............................... MD ......................................... MEP ....................................... MI5 ........................................ MI6 ........................................ MIC .......................................

Foreign Broadcast Information Service Foreign Counterintelligence Program (DOD) Future Imagery Architecture Foundation for Information Policy Reserch Foreign Intelligence Surveillance Act Foreign instrumentation intelligence Frontex Risk Analysis Network Frontières extérieures (European Border and Coast Guard Agency) Federal’naya Sluzba Besnopasnoti (Federal Security Service, Russia) Freedom, security and justice Government Accountability Office Government Communications Headquarters (Great Britain) General Defense Intelligence Program Gross domestic product German Democratic Republic geospatial intelligence Geheime Staatspolizei (Secret State Police, Nazi Germany) Global Monitoring for Environment and Security Gross national product Glavnoye Razedyvatelnoye Upraveline (Main Intelligence Directorate, Russia) General Secretariat of the Council Hungarian Civil Liberties Union Homeland Security Council Homeland security intelligence Human intelligence Indications and warning International Agency for Atomic Energy Intergovernmental Organisation Imagery intelligence Bureau of Intelligence and Research (Department of State) Intelligence Analysis Centre Intelligence Division of the European Union Staff Collection disciplines (HUMIN, IMINT, MASINT, OSINT, SIGINT) Integrated Political Crisis Response Irish Republican Army Intelligence Reform and Terrorism Prevention Act Integrated Situational Awareness and Analysis Intelligence Steering Board Iraq Survey Group Intelligence, surveillance, and reconnaissance Internal Security Strategy Intelligence, surveillance, target acquisition and reconnaissance Information technology Intelligence Working Group Joint Chiefs of Staff Justice and home affairs Joint Intelligence Committee (Britain) Joint Intelligence Community Council Joint intelligence operations center Joint Military Intelligence Program Joint Terrorism Analysis Center (Britain) Joint Terrorism Task Force Komittet Gosudarstvennoi Bezopasnosti (Committee for State Security, Soviet Union) Key Judgments Committee on Civil Liberties, Justice and Home Affairs La Quadrature du Net Measurement and signatures intelligence VII Department for Crisis Response and Operational Coordination Member of European Parliament Military Intelligence Section 5 (Security Service, Great Britain) Military Intelligence Section 6 (Secret Intelligence Service, Great Britain) Monitoring and Information Centre

XIII

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/05_Abbreviations.3d from 30.09.2019 13:44:56 3B2 9.1.580; Page size: 160.00mm  240.00mm

Abbreviations and Acronyms MIP ........................................ MMT ..................................... Mossad .................................. MS .......................................... NAC ...................................... NATO ................................... NCC ....................................... NCIX ..................................... NCPC .................................... NCS ....................................... NCTC .................................... NFIP ...................................... NGA ...................................... NGO ...................................... NHAI .................................... NIC ........................................ NIE ........................................ NILO ..................................... NIM ....................................... NIMA .................................... NIO ........................................ NIP ........................................ NIPF ...................................... NKVD ................................... NOC ...................................... NRO ...................................... NRP ....................................... NSA ....................................... NSC ....................................... NSL ........................................ NSPD ..................................... NTA ....................................... NTM ...................................... OCTA .................................... ODNI .................................... OLAF ..................................... OPHQ ................................... OPS WAN ............................ ORCON ................................ OSC ....................................... OSCE ..................................... OSD ....................................... OSINT ................................... OSS ........................................ P&E ........................................ PC .......................................... PDB ....................................... PFIAB .................................... PHOTINT ............................ PIAB ...................................... PIOB ...................................... PIR ......................................... PLO ........................................ PNR ....................................... PPEWU ................................ PROTINT ............................. PSC ........................................ QFR ....................................... RAU ....................................... RELEX ................................... RESINT ................................. RIPA ......................................

XIV

Military intelligence program Mission monitoring team Ha-Mossad Le-Modin Ule Tafkidim Meyuhadim (Institute for Intelligence and Special Tasks, Israel) Member State North Atlantic Council North Atlantic Treaty Organisation National Coordination Centre National Counterintelligence Executive National Counterproliferation Center National Clandestine Service National Counterterrorism Center National Foreign Intelligence Program National Geospatial-Intelligence Agency Non-Governmental Organisation National High Authority of Intelligence National Intelligence Cell; National Intelligence Council National intelligence estimate National Intelligence Liaison Officer National Intelligence Manager National Imagery and Mapping Agency National intelligence officer National Intelligence Program National Intelligence Priorities Framework People’s Commissariat for Internal Affairs Nonofficial cover National Reconnaissance Office National Reconnaissance Program National Security Agency National Security Council National security letters National security policy directive New Transatlantic Agenda National technical means Organised Crime Threat Assessment Office of the Director of National Intelligence European Anti-Fraud Office Operational Headquarters Operations Wide Area Network Origination controlled Open Source Center Organisation for Security and Co-operation in Europe Office of the Secretary of Defense Open-source intelligence Office of Strategic Services Processing and exploitation Principals Committee (NSC) President’s daily brief President’s Foreign Intelligence Advisory Board Photo intelligence President’s Intelligence Advisory Board President’s Intelligence Oversight Board Prioritised intelligence requirements Palestine Liberation Organization Passenger name record Policy Planning and Early Warning Unit Protected information intelligence Political and Security Committee Question for the record Risk Analysis Unit External Relations Research-originating intelligence Regulation of Investigatory Powers Act

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/05_Abbreviations.3d from 30.09.2019 13:44:57 3B2 9.1.580; Page size: 160.00mm  240.00mm

Abbreviations and Acronyms RG .......................................... RUSI ...................................... RMA ...................................... SALT ..................................... SAR ........................................ SAS ......................................... SATCEN ............................... SBSS ....................................... SCAN .................................... SCUD .................................... SGAC .................................... SGHR .................................... SHAPE .................................. Shin Bet ................................ SIAC ...................................... SIGINT ................................. SIOP ...................................... SIS .......................................... SITCEN ................................. SITINT .................................. SitRoom ................................ SNIE ...................................... SNV ....................................... SOCINT ................................ SOCMINT ............................ SOCTA ................................. SOE ........................................ SOF ........................................ SPA ........................................ SSCI ....................................... START .................................. STASI .................................... SVR ........................................ SWIFT ................................... TECHINT ............................ TEK ........................................ TELINT ................................ TE-SAT ................................. TEU ....................................... TFEU ..................................... TFTP ..................................... TIARA ................................... TOR ....................................... TWP ...................................... U2 .......................................... UAV ...................................... UK .......................................... UN ......................................... UNSCOM ............................. USA ....................................... USDI ...................................... VIH ........................................ VIS ......................................... VoIP ...................................... WAAS ................................... WEU ...................................... WKC ..................................... WMD .................................... WWII ....................................

Reseignements Generaux (Central Directorate of General Intelligence, France) Royal United Services Institute Revolution in Military Affairs Strategic Arms Limitation Talks Synthetic aperture radar Special Air Service EU Satellite Centre Space-based surveillance satellite Scanning, analysis and notification Soviet-made ballistic missile Senate Governmental Affairs Committee Secretary General/High Representative of the EU Supreme Headquarters Allied Forces in Europe (NATO) Sherut ha-Bitachon ha-Klali (General Security Sevice, Israel) Single Intelligence Analysis Capacity Signals intelligence Select Intelligence Oversight Panel Secret Intelligence Service (Great Britain); Schengen Information System Situation Centre Situational intelligence EU Situation Room Special national intelligence estimate Stiftung Neue Verantwortung Socio-cultural intelligence Social media intelligence Serious and Organised Crime Threat Assessment Special Operations Executive Special Operations Forces Special political action Senate Select Committee on Intelligence Strategic Arms Reduction Treaty Staatssicherheit (Ministry for State Security, German Democratic Republic) Sluzhba Vneshnei Razvedki (Foreign Intelligence Service, Russia) Society for Worldwide Interbank Financial Telecommunication Technical intelligence Hungarian Anti-Terrorism Task Force Telemetry intelligence Terrorism Situation and Trend Report Treaty on European Union Treaty on the Functioning of the European Union Terrorist Finance Tracking Program Tactical Intelligence and Related Activities Terms of reference Terrorism Working Party US built spy plane Unmanned Aerial Vehicle United Kingdom United Nations United Nations Special Commission United States of America Undersecretary of defense for intelligence Virtual intelligence hub Visa Information System Voice-over-Internet Protocol Wide area airborne surveillance Western European Union Watch-Keeping Capability Weapon of mass destruction Second World War

XV

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/05_Abbreviations.3d from 30.09.2019 13:44:57 3B2 9.1.580; Page size: 160.00mm  240.00mm

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:23 3B2 9.1.580; Page size: 160.00mm  240.00mm

PART 1 INTRODUCTION Chapter 1 Intelligence in Modern European History Michael S. Goodman/Frederic Ischebeck-Baum Outline A. Introduction ...................................................................................................................... B. Intelligence in ancient Europe ...................................................................................... C. Intelligence in World War One.................................................................................... D. Intelligence in World War Two ................................................................................... E. Intelligence in the Cold War ......................................................................................... F. European Intelligence after the Cold War ................................................................. G. Intelligence, Europe and 9/11........................................................................................ H. The Post-9/11 Era ............................................................................................................ I. European Politics, Edward Snowden, and Spying on Friends............................... J. Intelligence and the European Union ......................................................................... K. Conclusion .........................................................................................................................

mn. 1 4 17 27 46 104 106 114 118 126 138

Bibliography: Adkins, Nelson’s Trafalgar, 2006; Ahmad, The Road to Iraq: The Making of a Neoconservative War, 2008; Aldrich (ed.), British intelligence, strategy and the Cold War 1945–51, 1992; Aldrich, The Hidden Hand – Britain, America and Cold War Secret Intelligence, 2002; Aldrich, GCHQ: The Uncensored Story of Britain’s Most Secret Intelligence Agency, 2011; Aldrich/Cormac, The Black Door – Spies, Secret Intelligence and British Prime Ministers, 2016; Aldrich/Cormac/Goodman, Spying on the World – The Declassified Documents of the Joint Intelligence Committee 1936–2013, 2014; Andrew/Aldrich/Wark (eds.), Secret Intelligence – A Reader, 2009; Andrew, Secret Service: The Making of the British Intelligence Community, 1985; Andrew, KGB – The Inside Story Of Its Foreign Operations from Lenin to Gorbachev, 1990; Andrew, The Defence of the Realm – The Authorized History of MI5, 2010; Andrew, The Sword and the Shield – The Mitrokhin Archive and the secret history of the KGB, 1999; Andrew, The World was going our way: The KGB and the Battle for the Third World, 2005; Andrew, The Secret World – A History of Intelligence, 2018; Bascomb, The Winter Fortress: The Epic Mission to Sabotage Hitler’s Atomic Bomb, 2016; Bassett, Hitler’s Spy Chief: The Wilhelm Canaris Betrayal, 2013; Behling, Spione in Uniform – Die Alliierten Militärmissionen in Deutschland, 2004; Behling/Jüttermann, Berlin Teufelsberg: Outpost in the Middle of Enemy Territory, 2012; Bellany (ed.), Terrorism and Weapons of Mass Destruction – Responding to the Challenge, 2007; Bennett, The Battle of Trafalgar, 2004; Betts/Mahnken (eds.), Paradoxes of Strategic Intelligence – Essays in Honor of Michael I. Handel, 2008; Blake, No other choice – An Autobiography, 1990; Boghardt, The Zimmerman Telegram: Intelligence, Diplomacy, and America’s Entry into World War I, 2012; Born/Leigh/Wills (eds.), International Intelligence Cooperation and Accountability, 2011; Bracken/ Bremmer/Gordon, Managing Strategic Surprise – Lessons from Risk Management and Risk Assessment, 2008; Budiansky, Her Majesty’s Spymaster – Sir Francis Walsingham and the Birth of Modern Espionage, 2005; Bundesnachrichtendienst, Mitteilungen der Forschungs- und Arbeitsgruppe Geschichte des BND, Der Bundesnachrichtendienst und die Kuba-Krise, Nr. 3, Band I, 12. Oktober 2012.1; Bundesnachrichtendienst, Der Bundesnachrichtendienst und der „Prager Frühling“ 1968, http://www.bnd.bund.de/DE/Organisation/ Geschichtsaufarbeitung/MFGBND_Uebersicht/MFGBND_Mitteilungen/Mitteilung_9_node.html (accessed 13 June 2017); Bungert et al (eds). Secret Intelligence in the Twentieth Century, 2003; Chopin, Intelligence Reform and the transformation of the State: the end of a French exception, in Schmitt (ed.), Myths and Realities of the French Way of War, Journal of Strategic Studies, Vol. 40, Issue 4 2017, pp. 532–553; Coll, Directorate S: The C.I.A. and America’s Secret Wars in Afghanistan and Pakistan, 2001–2016, 2018; Corera, The Art of Betrayal – Life and Death in the British Secret Service, 2011; Cradock, Know Your Enemy – How the Joint Intelligence Committee Saw the World, 2002; D’Andrea, Civic Christianity in Renaissance Italy: The Hospital of Treviso 1400–1530, Rochester, 2007; Dover/Goodman (eds.), Learning from the Secret Past – Cases in British Intelligence History, 2011; Drogin, Curveball: Spies, Lies and the Con Man who Caused a

Goodman/Ischebeck-Baum

1

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:24 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction War, 2007; Duyvenstein/de Jong/van Reijn (eds.), The Future of Intelligence – Challenges in the 21st century, Studies in Intelligence Series, Routledge 2015; Deutscher Bundestag, Beschlussfassung und Bericht des 1. Untersuchungsausschusses nach Art. 44 des Grundgesetzes – 23.06.2017, http://dip21.bundestag.de/ dip21/btd/18/128/1812850.pdf (accessed on 1st August 2018); Dylan, Defence Intelligence and the Cold War – Britain’s Joint Intelligence Bureau 1945–1964, 2014; Fernandez, Los servicios des intelligencia espanoles, Desde la Guerra civil el 11-M – Historia de una transicion, 2006.; Financial Times, Angela Merkel eyes place for Germany in US intelligence club, 25th October 2013, https://www.ft.com/content/e2492a3a-3d7a-11e39928-00144feab7de (accessed 1st August 2018); Ferris, The British Army and Signals Intelligence in the Field During the First World War, in: Intelligence and National Security 3:4 (2008), pp. 23–48; Foot, An Outline History of the Special Operations Executive, 1940–1946, 1999; Gehlen, Der Dienst – Erinnerungen 1942–1971, 1971; Geraghty, Brixmis – The untold exploits of Britain’s most daring Cold War spy mission, 1997; Gorge/Bruce (eds.), Analysing Intelligence – Origins, Obstacles, and Innovations, 2008; Goodman, The Official History of the Joint Intelligence Committee, Volume I: From the Approach of the Second World War to the Suez Crisis, 2016; Goodman, Spying on the Nuclear Bear – Anglo-American intelligence and the Soviet bomb, 2007; Gibson, The Last Mission behind the Iron Curtain, Sutton Publishing Limited 1997; Gieseke (4th ed.), Die Stasi 1945–1990, 2011; Gill/Marrin/Phythian (eds.), Inteligence Theory – Key Questions and Debates, 2009; Gioe/Scott/Andrew (eds.), An International History of the Cuban Missile Crisis – A 50-year Retrospective, 2014; Glees, The Stasi Files: East Germany’s Secret Operations against Britain, 2003; Grant (ed.), The British Way in Cold Warfare – Intelligence, Diplomacy and the Bomb 1945–1975, 2009; Haslam, Near and Distant Neighbours – A New History of Soviet Intelligence, 2015; Haswell, Spies and Spymasters: A Concise History of Intelligence, 1977; Hennessy, The Secret State – Preparing for the worst 1945–2010, 2010; Hennessy/Jinks, The Silent Deep – The Royal Navy Submarine Service since 1945, 2015; Herman/Hughes (eds.), Intelligence in the Cold War: What Difference did it Make?, 2013; Hermiston, The Greatest Traitor – The Secret Lives of Agent George Blake, 2014; Hess, The British Baltic Fishery Protection Service (BBFPS) and the Clandestine Operations of Hans Helmut Klose 1949–1956, Journal of Intelligence History Vol. 1, no. 2 (Winter 2001); Hess, Intelligence Cooperation in Europe, 1990 to the Present in: The Journal of Intelligence History. Vol 1, no 1 (Summer 2003); Hinsley, British Intelligence in the Second World War, 1993; Independent, The spy who stayed out in the cold: George Blake at 90, http://www.independent.co.uk/news/world/europe/thespy-who-stayed-out-in-the-cold-george-blake-at-90-8290141.html (accessed 12 June 2017); Ischebeck-Baum, Anglo-German intelligence relations and Brexit, in: Journal of Intelligence History, Volume 16, Issue 2, 2017, pp. 95–99; https://www.tandfonline.com/doi/abs/10.1080/16161262.2017.1333694 (accessed 23 February 2018); Jones/Petersen (eds.), Israel’s Clandestine Diplomacies, 2013; Jones, Able Archer 83: The Secret History of the NATO/Exercise that almost Triggered Nuclear War, 2016; Kahn, Hitler’s Spies, 2000; Kalugin, Spymaster – My thirty-two years in intelligence and espionage against the West, 2009; Klein, Striking Back – The 1972 Munich Olympics Massacre and Israel’s Deadly Response, 2005; Keegan, Intelligence in War – Knowledge about the enemy from Napoleon to Al Qaeda, London, 2004; Lord Butler of Brockwell, The Review of Intelligence on Weapons of Mass Destruction, 2004; Laqueur, A World of Secrets – The Uses and Limits of Intelligence, 1985; Larsen, Intelligence in the First World War, in: Intelligence and National Security 29:2 (2012), pp. 282–302; Lewis, Changing Direction: British Military Planning for Post-War Strategic Defence, 1942–7, 2008; Machiavelli, The Prince, 2013; Masterman, The Double-Cross System: The Incredible True Story of How Nazi Spies Were Turned into Double Agents, 2000; May (ed.), Knowing One’s Enemies: Intelligence Assessment Before the Two World Wars, 1996; Miard-Delacroix, Willy Brandt: Life of a Statesman, 2016; Murphy, What Stalin Knew: The Enigma of Barbarossa, 2005; Mußnug, Alliierte Militärmissionen in Deutschland 1946–1990, 2001; Omand, Securing the State, 2010; Scott/Jackson (eds.), Understanding Intelligence in the Twenty-First Century – Journeys and Shadows, 2004; Philby, My Silent War – The Autobiography of a Spy, 2002; Schecter/Deriabin, The Spy who saved the world – How a Soviet Colonel changed the course of the Cold War, 1995; Piffner/Pythian (eds.), Intelligence and national security policymaking on Iraq – British and Amercian perspectives, 2008); Plougin, Russian Intelligence Services: Volume I: The Early Years, 2000; Pillar, Intelligence and US Foreign Policy: Iraq, 9/11 and Misguided Reform, 2011; Porch. The French Secret Services: From the Dreyfus Affair to the Gulf War, 1995; Rankin, Churchill’s Wizards: The British Genius for Deception, 2009; Reuters, Berlin tells CIA station chief to leave in spy scandal, 10th July 2014, https://www.reuters.com/article/us-germany-usaspy-official/berlin-tells-cia-station-chief-to-leave-in-spy-scandal-idUSKBN0FF1GU20140710 (accessed 1st August 2018); Richelson. Foreign Intelligence Organizations, 1988; Rizzo, Company Man – Thirty Years of Controversy in the CIA, 2014; Schecter/Deriabin, The Spy who Saved the World – How a Soviet Colonel changed the course of the world, 1995; Shrimpton, Spyhunter: The Secret History of German Intelligence, 2014; Smith, Royalist Agents, Conspirators and Spies: Their Role in the British Civil Wars, 1640–1660, 2011; Spiegel Online, Key Partners – Secret Links between Germany and the NSA, http://www.spiegel.de/international/world/german-intelligence-worked-closely-with-nsa-on-data-surveillance-a-912355.html (accessed 12 June 2017); Spiegel Online, Snowden Claims: NSA Ties Put German Intelligence in Tight Spot, http://www.spiegel.de/international/world/whistleblower-snowden-claims-german-intelligence-in-bed-withnsa-a-909904.html (accessed 29th July 2018); Spiegel Online, The NSA’s Secret Spy Hub in Berlin, 27th October 2018, http://www.spiegel.de/international/germany/cover-story-how-nsa-spied-on-merkel-cell-

2

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:25 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History phone-from-berlin-embassy-a-930205.html (accessed 1st August 2018); Spiegel Online, Spionage für USA und Russland – Ex-BND Mitarbeiter zu acht Jahren Haft verurteilt, http://www.spiegel.de/politik/deutschland/spionage-ex-bnd-mitarbeiter-zu-acht-jahren-haft-verurteilt-a-1082796.html (accessed 1st August 2018); Telegraph, Russian Spy Agency reveals Philby memorial plaque, http://www.telegraph.co.uk/news/ worldnews/europe/russia/8191989/Russian-spy-agency-unveils-Kim-Philby-memorial-plaque.html (accessed 12 June 2017); Tenet, At the Center of the Storm – the CIA during America’s time of crisis, 2007; Thucydides, The Peloponesian War, a new translation by Martin Hammond, 2009; Trahair/Miller (eds.), Cold War Espionage, Spies, and secret operations, 2012; United Nations Secretary-General: Ruling on the Rainbow Warrior Affair between France and New Zealand, International Legal Affairs, Vol. 26, No. 5 (September 1987), pp. 1346–1373; United States National Commission on Terrorist Attacks, 9/11 Commission Report – Final Report of the National Commission on Terrorist Attacks upon the United States, 2004; Wagner/Uhl, BND contra Sowietarmee – Westdeutsche Militärspionage in der DDR, 2007; Weiße, NATOIntelligence – Das militärische Nachrichtenwesen im Supreme Headquarters Allied Powers Europe (SHAPE) 1985–1989, 2013; Waller, Disciples: The World War II Missions of the CIA Directors Who Fought for Wild Bill Donovan, 2015; Wark, The Ultimate Enemy: British Intelligence and Nazi Germany, 1987; Wolf, Spionagechef im Kalten Krieg – Erinnerungen, 1998; Wolton, KGB en France, 1987.

A. Introduction As much as it is practiced in other parts of the world, intelligence has always been a 1 European profession too. While most modern intelligence services and systems have their origins in the twentieth century, the theory and practice has far deeper roots. To understand the systems of the twenty-first century in Europe, however, it is first necessary to consider the historical underpinnings of the European approach to intelligence. It is only natural that due to the obviously vast number of examples and case-studies, as well as due to the limited scope of this chapter, by far not everything will be covered. In fact, the reader will experience an occasional focus on Anglo-American intelligence as far as Europe is concerned. Such is owed to the fact that intelligence studies as a subject has for long been thought a necessary academic discipline in the United Kingdom and the United States. As a consequence, primary and secondary sources are made accessible in a manner seen in no other countries, the leading example being de-classified governmental material available in the respective national or institutional archives. Based on this there is a vast market of secondary literature, which, again, is not seen in these quantities throughout the rest of the world. Moreover, some things in the history of intelligence simply remain secret. Governments choose to keep some information or background hidden from the public for an indefinite period of time. Hence, the – public – history of intelligence is not linear, which may be irritating at times. It is simply the nature of the subject.1 Still, there is a trend to be observed. Many other governments by now seem to have 2 understood the necessity and importance of historical research into their intelligence machinery. This not only supports academia as such, i. e. research and teaching, but most of all helps provide a public awareness of the subject and creates an understanding of why intelligence services exist, why they do, what they do, and how a government or any other such entity uses intelligence for early warning and decision-making. The point is not to reveal any tradecraft, which, in the public domain, is most of the time left to de-classified autobiographies or fictional writing; in fact, tradecraft is of relatively little interest for the study of intelligence from an academic viewpoint. Here, the higher echelons between intelligence and policy are much more interesting and beneficial. That said, this chapter will give an overview over what can be considered “European 3 Intelligence” as such, i. e. either relating to European Governments, or, at a later point in time, to the European Union (EU). The prime intention is taking the reader through 1

Andrew, The Secret World – A History of Intelligence, 2018, Introduction, p. 4.

Goodman/Ischebeck-Baum

3

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:26 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

historically structured stages of wherever and whenever intelligence played a role. Many of those case-studies or examples are still important for the respective governments, may that be in the form of success or failure.

B. Intelligence in ancient Europe We know from classical times that espionage and intelligence were active parts of both warfare and statecraft. A prime example goes back to the fifth century BC, when the ancient empires of Athens and Sparta found themselves in a conflict. The Peloponnesian War, as it became known, was a ferocious contest, lasting on and off for over twenty-five years. At the heart of the war was a naval contest, ultimately decided by the destruction of the Athenian fleet in 404 BC. In his account of the war Thucydides recreates the battle for naval supremacy. In doing so he refers to “intelligence” being gathered, not only in terms of the locations of the enemy ships, but in terms of the composition and nature of the boats themselves.2 5 During the reign of Julius Caesar in the first century BC it became increasingly important to be able to deliver military messages securely, so that even if the messenger was intercepted and captured, the contents of the message would not be revealed. The rather ingenious solution to this problem was the creation of the “Caesar cipher”. Details come from a Roman historian called Suetonius, writing in the first century AD. In his biography of Caesar he describes the process.3 It was, by all accounts, remarkably straightforward, but given that most individuals were illiterate at that time it was potentially quite successful. The ciphering used a simple substitution code where letters were shifted either to the right or left by a number of places, so A became D, B became E and so on. While the encrypted result might look like gibberish, for anyone who knew the code it was quick to decipher. 6 With the fall of the Roman Empire intelligence, like a great many modern features of its statecraft, vanished. Indeed, it would not be until the sixteenth century that an effective intelligence process was re-established. In the millennia in between, intelligence had often been employed in localised conflicts or in the form of messengers and informers, but these were sporadic and barely resembled an organised system. Notable examples included the role played by informers in events like the Spanish Inquisition, or the way in which influential figures like Machiavelli wrote about the role of intelligence in protecting statecraft.4 7 In the fourteenth century, the Council of Ten was created in the Republic of Venice.5 A hugely secretive organisation, whose role was to protect the Doge (the Venetian leader) and the Republic through the collection of information on potential threats and enemies. To this end, all over Europe, intelligence increasingly became important when, in the mid-sixteenth century the role of the State Inquisitor was created and the crime of treason became punishable by death. At broadly the same time in Elizabethan England, Lord Burghley (Sir William Cecil) and Sir Francis Walsingham were the first to understand that a successful intelligence machinery needed a successful network of field-agents, operating at home and overseas. Different types of intelligence gathering were employed, verbal and in writing, and in Walsingham’s position, officially the 4

2

See Thucydides, The Peloponnesian War, a new translation by Martin Hammond, 2009. Suetonius, The Twelve Caesars, 2007. 4 See Machiavelli, The Prince, 2013. 5 D’Andrea, Civic Christianity in Renaissance Italy: The Hospital of Treviso 1400–1530 Rochester, 2007, p. 136. 3

4

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:26 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

Queen’s Principal Secretary, intelligence was combined with statecraft, which meant it was held against State interest – in other words: strategy.6 Following this period, it would be the never-ending succession of wars in Europe that would highlight the value of intelligence, both in a national and international context. In the English Civil War both the Roundheads and the Cavaliers employed spies to provide details of what the other side was plotting. This period coincided with the creation of the post of “Chief Cryptographer to Parliament and the Court”. Though a short-lived position, its first incumbent was John Wallis (who occupied it from 1643–89), who was a noted mathematician and who used his skills to both create codes and decipher enemy transmissions.7 Despite, or maybe because of, his military genius, the famous British admiral Horatio Nelson (1758–1805) made plenty of use of intelligence too.8 In an age without radar or any electronic communication systems whatsoever, knowledge of the enemy’s position, capability and intent would by no means be less important than today. In the maritime environment, this in fact continues to be a challenge of particular nature, however, during Nelson’s time, dealing with the vastness of the oceans required a long breath and a good amount of patience. Smaller reconnaissance ships were being used to cover long distances swifter than, for example, large, heavy frigates; visual communication systems based on flags made of different colour and shape, being held up or waved in a particular order, were the only option to communicate in daylight. This was replaced by lanterns or torches to signal others at night. Today, in most navies, every sailor has to study and learn the above two methods of communication in case all technology fails, may it be state-of-theart or not.9 The same applies to reading the stars for navigation or forecasting the weather. The weather is in fact an important factor in military campaigns, particularly in naval warfare, and is nowadays considered a discipline in military intelligence in most armies. Intelligence helped Nelson find the French Fleet after he had lost them in the vastness of the sea during the run-up to the Battle of the Nile between 1st and 3rd August 1798.10 The French expeditionary forces under the overall command of Napoleon Bonaparte were on the way to Egypt, and were headed further east in order to conquer the British in the Middle East and India. The Royal Navy was not going to let this happen, and Nelson had order from the Admiralty in London to decisively engage them. However, the French managed to escape Nelson on their way towards Africa. He found himself blind and deaf sailing into nowhere. Through the acquisition and good use of intelligence – what would be called tactical intelligence today – he finally managed to make contact with the French again, being able to engage them in Egypt.11 After all, Nelson did well commanding his ships, defeating Napoleon’s fleet in the Battle of the Nile, and sometime later, on the 21st of October 1805, ultimately engaging them decisively in Trafalgar.12 What Nelson could not know, however, was that London had tried to communicate with him a great deal for some time, wanting to inform him about the whereabouts, capacity and destination of the French. In very simple terms, while Nelson was getting frustrated over having lost his target, Whitehall had managed to acquire and piece together intelligence on the French through British field agents, sophisticated networks 6 For a full account, see Budiansky, Her Majesty’s Spymaster – Sir Francis Walsingham and the Birth of Modern Espionage, 2005. 7 See Smith, Royalist Agents, Conspirators and Spies: Their Role in the British Civil Wars, 1640–1660, 2011. 8 Keegan, Intelligence in War – Knowledge about the enemy from Napoleon to Al Qaeda, 2004, pp. 40–50. 9 Ibid, p. 32. 10 Ibid, pp. 50–51; Ibid, pp. 53–57. 11 Ibid, p. 53. 12 For more information on the Battle of Trafalgar, see Adkins, Nelson’s Trafalgar, 2006; Bennett, The Battle of Trafalgar, 2004.

Goodman/Ischebeck-Baum

5

8

9

10

11

12

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:27 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

13

14

15

16

in France, diplomatic personnel, and not least through open sources such as newspapers or public announcements.13 Today, it can be established that the most accurate intelligence on the French Fleet came from a British businessman who worked in Italy at the time. His professional network reached across the northern Mediterranean, and when he learned about the destination, capability and intention of the French, he passed it through the resident British consul on to Whitehall. This had to be done by courier via Germany and then from Hamburg by boat across the channel to the Admiralty in London. It is estimated today that the delivery took a total of up to five weeks. This meant, that shortly before the battle, the intelligence picture for Nelsons superiors in the Admiralty was much clearer than for Nelson himself. But there was no way that this intelligence could reach him in time. Timeliness is a timeless requirement in intelligence. It must be understood, however, that, what ultimately led to the defeat of the French Fleet, was not intelligence, although Nelson seemed to handle it well.14 It was brute force, combined with Nelson’s ability to lead his men – and, with due regard to the teachings of Clausewitz, due to a certain amount of luck as well. Intelligence can be a force-multiplier on the battlefield, but it is by no means decisive. Knowledge may mean power, but it does not guarantee victory, which is often misunderstood. In signalling to his fleet just before the Battle of Trafalgar that “England expects every man to do his duty”, Nelson let go of all intelligence he had previously used, and granted every of his commanding officers the freedom necessary to engage the enemy. By the 18th century and with the development of the nation state system, intelligence had also become a commonly featured aspect of diplomacy and statecraft: its function was both to protect the leader from internal and external threats, as much as it was to enable a secure means of communication. The expansion of intelligence as an element of national security and foreign policy in the 19th century and beyond was therefore the evolution of a process that had begun several thousand years before. Humankind has always been inquisitive and a covert intelligence service is the perfect means of providing information. As warfare changed and as threats intensified and expanded, it became ever more vital to use whatever means necessary to gather information on the plans of the enemy.

C. Intelligence in World War One 17

Despite its long origins intelligence’, including “European Intelligence”, as we now understand it, is very much a twentieth-century creation. The contemporary British system, for example, can trace its origins to 1909, when the newly-formed Secret Service Bureau split, creating the Security Service (MI5), and the Secret Intelligence Service(MI6), dealing with domestic and foreign targets respectively.15 In France, following the 1870 Franco-Prussian war, an intelligence organisation was founded, though it was disbanded in 1899. In its place an intelligence component was assigned to the Deuxième Bureau of the Army General Staff. This complemented other intelligence organisations, in particular the Foreign Ministry’s Cabinet Noir.16 Keegan, Intelligence in War – Knowledge about the enemy from Napoleon to Al Qaeda, 2004, pp. 50–53. Ibid, p. 73. 15 Andrew, The Defence of the Realm: The Authorised History of MI5, 2009; Jeffery, MI6: The History of the Secret Intelligence Service, 1909–1949, 2010. 16 Porch, The French Secret Services: A History of French Intelligence from the Dreyfus Affair to the Gulf War, 2003. 13 14

6

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:27 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

In Germany, as part of its General Staff, the earlier Intelligence Bureau was reformed in 1912 into a specialised intelligence and counter-espionage division, known as Department IIIb.17 In Italy, the secret services established in the mid-nineteenth century were re-organised many times, and in 1900 the Office of Information was established. The Russian secret police was initially founded in the sixteenth century by Ivan the Terrible. In 1883 the Okhrana was founded, and which remained intact until the Bolshevik revolution of 1917.18 World War I was momentous for many reasons, not least of which was that it demonstrated how useful effective intelligence could be. This was particularly the case given the rapid technological advances that were made, particularly in cryptography. In some instances, intelligence did or could have proved to be possibly decisive. For example, one of the greatest successes for French intelligence was the discovery of the German plans to launch a gas attack on the Allied armies. Despite such information, some British and French commanders rejected the warning, to dire consequences as the Battle of Ypres would show.19 In addition, there were instances of good, close intelligence collaboration. At Folkestone, in south-east England, an Anglo-French base was setup, to conduct agentrunning operations into occupied parts of Western Europe. Perhaps the greatest coup for the French was their spy situated within the German High Command, who provided a stream of valuable information. The British intelligence effort was just as important during the war, especially in the field of code-breaking. A good example of this was the interception of the “Zimmermann Telegram”, which detailed advances made by the Germans in requesting Mexican involvement in the war. Largely as a response to this the United States entered the war in 1917.20 In contrast to the Allied effort, German intelligence at the time was less effective, suffering mixed fortunes. There were some successes, for instance predicting military developments in Russia, but there were also notable failures, including the over-reliance on open source information which was susceptible to British deception efforts. At the same time, the Austro-Hungarian intelligence service did produce good results, especially in codebreaking, and overall fared relatively well, particularly with regard to the Russian army.21 Italy’s introduction to the war in 1915 resulted in an increase in the size and scope of their intelligence effort, with collection stations opened in numerous European cities, including London, Paris, Madrid, Bern and St. Petersburg. Russian intelligence was good, and this was no doubt assisted through collaborative relations with the French. Despite this, the intelligence network was badly structured and organisationally in disarray. This caused great problems, for unlike some of her other allies, Russia had to fight on two fronts. Despite these examples of intelligence success, World War I cannot be considered an “intelligence war” as World War II would be. Rather, intelligence provided a means of gathering information, but in a period where such information was often novel, it was generally believed only when it conformed to existing preconceptions. The successes of intelligence, nonetheless, served to increase its stature and importance, both militarily and diplomatically.

17

Shrimpton, Spyhunter: The Secret History of German Intelligence, 2014. Andrew, KGB – The Inside Story of its Foreign Operations from Lenin to Gorbachev, 1990, p. 21. 19 Ferris, “The British Army and Signals Intelligence in the Field During the First World War”, in Intelligence and National Security 3:4 (2008), pp. 23–48. 20 Boghardt, The Zimmerman Telegram: Intelligence, Diplomacy, and America’s Entry into World War I, 2012. 21 Larsen, “Intelligence in the First World War”, Intelligence and National Security 29:2 (2012), pp. 282–302. 18

Goodman/Ischebeck-Baum

7

18

19

20

21

22

23

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:28 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

In all the major European countries, the intelligence efforts were enlarged. Amongst the victorious powers this was especially true. In Britain, MI5 had grown from 19 members of staff pre-war, to 844.22 The code-breaking effort was increased and in 1919 the Government Code and Cipher School was created. Of perhaps greatest importance however, was the creation in 1936 of the Joint Intelligence Committee (JIC) – a body composed of the various elements of the intelligence system, designed to produce allsource estimates for military and political decision-makers.23 25 France, the other major European victor, also increased its intelligence effort with the introduction of new intelligence organisations, each geared towards different objectives, including code-breaking and combating foreign agents domestically.24 Italian intelligence had evolved, and following Mussolini’s accession to power, it had become a threetiered, loosely organised system. Mussolini, as would become the norm with other authoritarian leaders, considered himself the supreme intelligence analyst and he alone was allowed to see the full range of information available. 26 Of the defeated powers the biggest changes occurred in Germany. The imperial police intelligence system had been dissolved by the Allies, and in its place a new organisation installed, whose primary task was to provide information on any political threats. In addition, the armed forces retained intelligence units, yet these were also directed towards providing information on “parts of the country”. Both areas therefore were directed towards internal and not external threats. 24

D. Intelligence in World War Two With the arrival of the Nazi party in the early 1930s, intelligence in Germany altered irrevocably. The Third Reich attached huge importance to the gathering of information on potential enemies, in many ways reflecting the insecurity that would dominate other authoritarian intelligence communities for so long. Intelligence was, therefore, omnipresent. Like other areas of government, competing intelligence organisations strove to dominate Hitler’s affection, and concentrating on diplomatic targets, military, economic, and social-ideological.25 The establishment of the Nazi Secret State Police or Geheime Staatspolizei (Gestapo), is an example of how past intelligence organisations can have an effect on modern governments. From the mid-1930s, Hitler gave the Gestapo two things, firstly the power and authority to operate throughout Germany, defying the principle of federalism in law-enforcement. Second, the Gestapo were to combine law-enforcement authority, which included the authority to arrest and torture, with clandestine intelligence operations going far beyond mere police investigation techniques. This, in the aftermath, led to post-war Germany’s principle of distinction between law-enforcement and intelligence. For example, neither the German foreign intelligence service, nor the security service have arresting powers. Only the lawenforcement agencies such as state police or federal police are entitled to do so. Today, this principle applies to most modern democratic systems as well. 28 In Russia, intelligence became an effective mode of governance with Lenin’s rise to power. The Tsarist Okhrana was replaced by the Bolshevik Vecheka, a ruthless 27

Andrew, The Defence of the Realm –The Authorized History of MI5, 2010, pp. 20–21. Goodman, “Creating the Machinery for Joint Intelligence: The Formative Years of the Joint Intelligence Committee, 1936–56”, in International Journal of Intelligence and Counterintelligence 30:1 (2016), pp. 66–84. 24 For further information see Jackson, France and the Nazi Menace: Intelligence and Policy Making, 2000. 25 Kahn, Hitler’s Spies, 2000, Preface, pp. x-xi. 22 23

8

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:28 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

organisation designed to suppress internal opposition. By 1919 a covert foreign section had been set-up to organise and spread the worldwide communist revolution. By the 1930s the primary Soviet intelligence agency, now known as the NKVD, had become Stalin’s omniscient tool of terror which, while coercing the populace at home, was remarkably successful at recruiting human agents abroad.26 Since 1918 intelligence had grown to become an integral component of government in all the major European countries. From the mid-1930s onwards, it would become crucial, not least in monitoring the rising German aggression. Traditionally it has been assumed that the Anglo-French appeasement policies of the late 1930s were a characteristic of the intelligence failure to identify the Nazi threat. Yet intelligence records reveal this explanation to be far too simplistic, for there was information on the nature of the German diplomatic and military status, and intelligence was only one cog in policy-makers’ decisions. Instead, the failure of German intelligence to gauge the British and French reactions to their invasion of Poland was far more disastrous than appeasement ever was.27 From the outset, World War II rapidly became an intelligence war. In every major theatre intelligence played a role. Historians have long debated the impact of intelligence on the conduct and duration of the war. While there can be no definitive answer, one simple fact is clear: that without intelligence the war would have been unrecognisably different. One key area was allied intelligence liaison – and in general terms this was effectively maintained in defiance of a common enemy. Polish intelligence and resistance proved to be crucial in this respect, for it was they who provided the first Enigma machine to British intelligence. The implications of this – that the Allies could intercept and decipher German Enigma codes – has, for many, been the greatest intelligence coup of the war.28 Through Ultra – the codename given to the breaking of the German code – the Allies were able to discern enemy plans. Thus, crucial tactical and strategic information was provided and turned out to be decisive in, for instance, the Battle of the Atlantic and the Battle of El Alamein. A corollary of this was the “XX System” or Double Cross system. British intelligence had managed to identify and intercept every single German spy within their shores. In addition, they were able to “turn” many of them so that they began to provide false information back to Germany.29 Through Ultra, the Allies were able to observe the German acceptance of, and reaction to such information. A related war effort was the Allied use of deception. In its simplest sense this involved camouflaging truck and tank movements in the desert so that their tracks could not be observed from the air. At the other end of the scale were the hugely successful campaigns to mislead the Germans into thinking where the invasion of France would occur in 1944, codenamed Operation Overlord. Through the Double Cross system and the fabrication of dummy army bases on the south-east coast of England, the Germans were convinced into believing that the attack would take place at the Pas-de-Calais, when in fact it would take place further along the French coast in Normandy.30 With the German war machine rolling through Europe, British Prime Minister Winston Churchill set-up the Special Operations Executive (SOE) with the task to “set 26 Andrew, KGB – The Inside Story of its Foreign Operations from Lenin to Gorbachev, 1990, pp. 173–232. 27 Wark, The Ultimate Enemy: British Intelligence and Nazi Germany, 1987, p. 73. 28 For a comprehensive account, see Winterbotham, The ULTRA Secret: The Inside Story of Operation Ultra, Bletchley Park and Enigma, 2000. 29 Masterman, The Double-Cross System: The Incredible True Story of How Nazi Spies Were Turned into Double Agents, 2000, p. 11. 30 A useful account can be found in Rankin, Churchill’s Wizards: The British Genius for Deception, 2009.

Goodman/Ischebeck-Baum

9

29

30

31

32

33

34

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:29 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

35

36

37

38

Europe ablaze”.31 This was intelligence in its covert action sense and it proved to be extremely useful. Through SOE, European resistance efforts to German occupation were co-ordinated and extended. To take one example, Norwegian workers had provided the Allies with information regarding German attempts to build an atomic bomb, and the fact that a plant in Norway was being used to make heavy water, a crucial stage of the process. Liaising with British intelligence, SOE and the Norwegian resistance were able to severely disrupt these efforts, eventually sinking a ferry laden with all the German stocks in a Norwegian fjord.32 Despite such efforts however, intelligence was not always as omniscient or effective. There is still debate as to the extent to which the Japanese attack on Pearl Harbor could have been avoided, given the quantity and quality of Japanese messages intercepted. A similar, yet more clear-cut case, is that of the German invasion of the Soviet Union – Operation Barbarossa – in June 1941. Stalin, as the self-appointed supreme authority on intelligence, could not and would not believe that Hitler would dishonour the 1939 Nazi-Soviet Non-Aggression Pact. As a result, he chose to ignore the plethora of good, reliable intelligence, which indicated that this was precisely what Hitler intended to do. Such an error was only rectified by the German miscalculation as to their pace of advance, culminating in their defeat in the 1942 Battle of Moscow.33 As a whole, it is possible to observe that Allied intelligence was exceptionally good during World War II. With the exclusion of the Soviet Union, there were efficient chains of command, and intelligence data could flow freely both nationally and internationally. In the Soviet Union this passage was not as simple, and often depended on whether intelligence confirmed existing beliefs. Yet where the Soviet Union did excel, as indeed they did in the 1930s and would continue to do so post-war, was in the recruitment of human agents. On the Axis side, intelligence, and in particular intelligence exchange, was more limited, and this can perhaps be seen as an outcome of the more fragmentary relationship between the Axis powers. German intelligence remained divided and beset by internal competition.34 Given their ideological stance, far more people offered their services to the Allies than they did to the Axis powers, yet there were some notable exceptions. In Britain, the American William Joyce, more commonly known as “Lord Haw-Haw”, provided a stream of pro-German propaganda, which he was eventually executed for. An Abwehr officer, Major Nikolaus Ritter, recruited various agents in Britain, Belgium and America. Despite Admiral Canaris (its head) calling Ritter the “rising star of the Abwehr”, Ritter was also its biggest failing for he inadvertently revealed all of its agents to an American spy in 1941.35 The Germans managed to break several of the Turkish codes, which revealed some brief details of British-American-Soviet discussions. Other intercepted signals in 1943 revealed to the Nazi High Command the attempts by the Spanish to distance themselves from Germany. Militarily, in general terms German intelligence was better at the tactical level – individual military situations – than it was on the larger strategic level, and this may have been a direct result of the German inability to penetrate the higher echelons of Allied decision-making.36 31 The entire and comprehensive history can be found in Foot, An Outline History of the Special Operations Executive, 1940–1946, 1999. 32 See Bascomb, The Winter Fortress: The Epic Mission to Sabotage Hitler’s Atomic Bomb London, 2016, Part One. 33 Murphy, What Stalin Knew: The Enigma of Barbarossa, 2005. 34 Kahn, Hitler’s Spies, 2000, p. 79. 35 Bassett, Hitler’s Spy Chief: The Wilhelm Canaris Betrayal, 2013. 36 Kahn, Hitler’s Spies, 2000, pp. 81–83.

10

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:29 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

The Italians, before their surrender, had also maintained a network of foreign agents, in particular in North Africa and undoubtedly a remnant of former colonial presence. By the middle part of the war, the Italian Military Information had a large code-breaking service. Despite collecting a vast amount of information, often through theft as opposed to interception, the Italians seem to have succumbed to Allied deception efforts.37 In summary, intelligence during World War II was therefore tantamount to the dayto-day running of the war. The accuracy and importance of such intelligence is something which can only effectively be considered in hindsight, yet what is crucial is the importance on which such information was placed. While we may know today that some things were correct while others were false, what is more important is that such material was acted upon at the time. There is a stark contrast between the relative intelligence successes on the Allied side, and the intelligence failings on the Axis side. While it is extremely difficult to gauge this difference and impact qualitatively, it is possible to state, as for example the official history of British intelligence in the war does, that but for intelligence the war would have taken a very different course.38 Ultimately, if intelligence had no greater effect during the war, it was the manner in which it paved the way for a monumental increase in the post-war period, and arguably this in part was due to the introduction of the United States as a major intelligence force. Taking its lead from the British system, the Americans in 1941 had instigated the Office of the Coordinator of Informationreplaced the following year by the Office of Strategic Services which, in 1947, became the Central Intelligence Agency (CIA). If there had been a nylon curtain separating the powers during the inter-war period, then the iron curtain that separated them post-1945, was far more impenetrable, and this had a direct impact on the importance of intelligence liaison.39 Before the end of hostilities, the British and Americans had identified that the Soviet Union would become the “new Germany”, and intelligence efforts were re-directed accordingly.40 The subsequent crystallisation of this East-West division meant that former military enemies were now intelligence partners. Through several formal and informal agreements, the Anglo-American intelligence partnership flourished, bringing into its coalition several other European nations.41 To those countries in the West, considerable American assistance was offered, and this ensured that friendly intelligence organisations could be created, particularly in West Germany. Initially, a CIA-controlled intelligence network was created – the Gehlen Organisation42. General Reinhard Gehlen, Hitler’s then Chief of the “Foreign Armies East”, discovered some time before the end of the war that once Nazi Germany had been defeated his expert knowledge on Russia and the Eastern Flank could save his life. In a secret effort, he started preparing his transition to peacetime Germany. He secretly collected material, maps, classified correspondence and information on secret sources in the East and hid them deep in the Bavarian woods. When the war was over, 37

An interesting account can be found in Conti, Mussolini’s Spies, 2017. Plausible assumptions can be found in Hinsley, British Intelligence in the Second World War [Five Volumes](London, HMSO, 1979–90). 39 For more information, see Waller, Disciples: The World War II Missions of the CIA Directors Who Fought for Wild Bill Donovan, 2015. 40 Interesting insight can also be found in Lewis, Changing Direction: British Military Planning for PostWar Strategic Defence, 1942-7, 2008. 41 For further information, see Aldrich, GCHQ: The Uncensored Story of Britain’s Most Secret Intelligence Agency, 2011. 42 For a first-hand account, see Gehlen, Der Dienst – Erinnerungen 1942–1971, 1971. 38

Goodman/Ischebeck-Baum

11

39

40

41

42

43

44

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:30 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

he used this treasure of wisdom as a bargaining chip for negotiating his future with the Americans. The latter soon appreciated Gehlen’s wit and sharp intellect and made further plans to work with him. 45 The Americans understood that, in order to make an effective stronghold against the Soviets, Germany needed a foreign intelligence service. It so happened that under the guidance and supervision of the CIA the first steps were taken to establish a German post-war intelligence organisation, run as a rather private entity: the Gehlen Organisation. Within Berlin, various military missions were established to observe conventional Soviet forces.

E. Intelligence in the Cold War By the end of the war the Russians were one of four main victors and therefore represented an important negotiating party for the future of continental Europe and Germany in particular, but it was clear that common strategic interests in this case would not produce a long-term partnership or repeat of the war’s Grand Alliance. Managing the bumpy road from war to peace was one thing, but the long-term global strategic interests and the pursuit of political or ideological goals was quite another. This was clear to all stakeholders. From the western point of view, particularly from the 1949 established North Atlantic Treaty Organisation’s (NATO), the major concern was undoubtedly the Soviet nuclear capability,43 what it could or could not do, and when and in which circumstances they were willing and able to use it.44 In other words, intelligence was very much focused on Soviet post-war capabilities and intentions. Alongside all concerns around the Soviet nuclear programme, conventional capabilities also played an important role. Military intelligence made a large part of multilateral or unilateral assessments along with the economic or political equivalent.45 47 Largely due to their geographical proximity to the Soviet Union, several European countries had particular strategic relevance. Norway became the ideal spot to monitor Soviet missile and nuclear tests from the 1950s onwards, and the Baltic as a whole once again became an arena of clandestine military operations such as secret submarine surveillance missions or air reconnaissance.46 Turkey, too, became crucial for capturing Soviet missile telemetry. Italy, with its initial large communist elements, was a useful base to disseminate propaganda, mainly through the sponsorship of terrorist attacks which could be blamed on the communists. In Germany, radio stations were used to spread information, and in many countries large military bases were established. In the East, with the vast and all-pervasive KGB at its heart, intelligence became synonymous with internal policing. As had been its stable tradecraft, the Soviet bloc nations excelled in the recruiting of western agents, and this continued right up until the end of the Cold War. The Soviet signals intelligence effort, about which very little is known, was vast in 46

43 See Weiße, NATO-Intelligence, pp. 63–72; Goodman, Spying on the Nuclear Bear, 2007, Chapter One; moreover Goodman, Joint Intelligence Committee, 20015, Vol. I, Chapter 9; see also Aldrich, Origins of the Soviet Threat; and Estimating Soviet Capabilities, in Spying on the World – The Declassified Documents of the Joint Intelligence Committee, 2014, pp. 121–147; pp. 208–223. 44 Ibid; see also Hennessy, The Secret State, 2010, pp. 46–80; as well as Goodman, Spying on the Nuclear Bea. 45 For the development of British Defence Intelligence and related institutional culture, see Dylan, Defence Intelligence and the Cold War, 2014, particularly pp. 184–220. 46 For top secret submarine missions in the Cold War and related naval strategy, see Hennessy, The Silent Deep, pp. 127–387; see also Heuser in Aldrich, British Intelligence, Strategy and the Cold War 1945–51, 1992 pp. 65–84.

12

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:30 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

scale and scope, and included amongst its triumphs the bugging of numerous foreign Embassies in Moscow, including the USA.47 Western intelligence efforts during the Cold War were endless; they had to be. World War II might have been over but the great intelligence war was just about to begin. As an outcome of World War II and the UK-USA agreement of 17th May 1943, Great Britain was the only European nation to become founding member of the so-called “Five Eyes” group: an intelligence sharing consortium furthermore consisting of the US, Canada, Australia and New Zealand.48 To this day, these five English-speaking nations are an important and exclusive intelligence-sharing platform relying on a unique and unprecedented agreement. Though primarily built around signals intelligence (SIGINT), Five Eyes is much more than that, and encompasses also other forms of intelligence, such as human intelligence (HUMINT), policing, and other areas of collaboration. In the early 1950s, western nuclear science and the exploration of nuclear strategic capabilities were greatly damaged due to the spying activities of Klaus Fuchs, a Germanborn nuclear scientist working on the Top Secret Manhattan Project in Los Alamos, USA.49 Klaus Fuchs was an ideologist. Having studied Physics at the universities of Leipzig, Kiel and Bristol up to PhD level, he turned to Communism half way through his academic career. Travelling back and forth between Canada and the UK, in August 1942 Fuchs became a British citizen and was employed by Her Majesty’s Government following his signing of the Official Secrets Act. Shortly thereafter, he joined the US-based Manhattan Project. In 1943, Fuchs was recruited by the KGB, and started providing the Kremlin with classified material on the development of atomic and hydrogen bombs.50 He was caught in the UK in 1950 and sentenced to 14 years in prison. After his release for good conduct on the 23rd of June 1959, he immigrated to East Germany and took up a position at the Institute of Nuclear Research near Dresden. Today, it is estimated that the material Fuchs provided to the Russians saved them about two years of scientific research.51 When studying Western European intelligence during the Cold War, it is important to understand that although there were respective national agendas, most efforts were along Anglo-American lines, which included NATO intelligence and objectives.52 There was economic and political intelligence, but the underlying focus, initially at least, was on military capabilities, as well as related science and technology. Oftentimes strategic or political objectives would be the same for all western parties, and so some efforts were carried out jointly too. Trying to establish intelligence on the Soviets and finding out what they were up to, after all, was in everyone’s interest. The US Administration still kept a close eye on West German intelligence, its political directive and doctrine, and, in fact, had done well establishing permanent joint elements from the very start, particularly in the realm of SIGINT, as they still exist today despite all political debate.53 German intelligence turned out to be useful to allied services and NATO during all stages of the Cold War. Despite Germany’s Nazi past and internationally agreed limitations for future Germany, western Allies by now very much understood that whatever happened in Germany would affect the future of Europe. An 47

Andrew, KGB, pp. 422–477. See Andrew, Secret Intelligence, pp. 24, 119, 140, 143, 145, 151. 49 See Goodman, Spying on the Nuclear Bear, pp. 3, 59, 60, 66, 68–69, 76, 79, 83, 85, 210. 50 See Andrew, KGB, pp. 312–315, 377, 379, 398. 51 Ibid. 52 For more information on Anglo-American strategy related to intelligence during the Cold War, see Grant, The British Way in Cold Warfare, Part III, pp. 127–196. 53 See Key Partners – Secret Links between Germany and the NSA, http://www.spiegel.de/international/ world/german-intelligence-worked-closely-with-nsa-on-data-surveillance-a-912355.html (accessed 12 June 2017). 48

Goodman/Ischebeck-Baum

13

48

49

50

51

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:31 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

52

53

54

55

independent, democratic Germany also needed its own intelligence organisation and defence; not without foreign guidance, but politically and legally speaking, solely controlled by the newly established government. Hence, still under Anglo-American patronage, the German Government under its first Chancellor Konrad Adenauer was given permission to go ahead with the establishment of its armed forces, the Bundeswehr. But, just as with the Gehlen Organisation, there was nobody there who could do it, except for the veterans. It was a delicate issue for German policy and public, that, with the consent of the allied victors, many of the former Nazi military and intelligence personnel were now being employed by government. Under the codename CASCOPE, on the 1st April 1956, the Gehlen Organisation was now transformed into today’s Bundesnachrichtendienst (BND). The newly established BND was crucial in the gathering of intelligence on East Germany, as for many it became a “window on the east.”54 But also it gained prominence through its networks in the Arab world, which, in most cases, went back to the war. Moreover, hidden from the public eye and against all historical odds, the BND managed to establish a close intelligence relationship with the Israeli foreign intelligence service Mossad from 1957, when bilateral liaison was negotiated between Reinhard Gehlen and Isser Harel, thendirector of Mossad and survivor of the holocaust. The first contact was made by one of Gehlen’s top men through the Israeli Embassy in Paris. What followed was a top-secret visit to Reinhard Gehlen’s villa in the BND headquarters in Pullach, Bavaria, by Isser Harel and his delegation.55 This should be the first step to a truly unique intelligence relationship spreading all over Europe and beyond. Altogether, the early Cold War era of European intelligence saw the emerge and intensifying of joint intelligence operations, usually under the auspices of the CIA. Operation “Jungle” is a good example for such early joint operations. It took place between 1949 and 1955, and involved the intelligence services and armed forces of the US, UK, West Germany, Sweden and Denmark. Its objective was to infiltrate western agents into Warsaw Pact Member States via the Baltic Sea route. These agents had the nationalities of or were born in the target nations, and were mainly drawn from Estonia, Poland and Lithuania. They were trained in espionage tradecraft by SIS (Security and Intelligence Services), who, in cooperation with British Naval Intelligence, had established headquarters for this particular operation in one of its outposts in the London Borough of Chelsea. The agents were infiltrated through German fast patrol boats stationed in Kiel, a large naval base on the shores of the Baltic Sea. In the cover of darkness and with stops in Denmark and Sweden, western agents frequently infiltrated the Warsaw Pact via this route throughout the following years. Given that these fast patrol boats would undoubtedly be spotted by Soviet Naval Intelligence at some point, they were officially assigned to the “British Baltic Fishery Protection Service”, a cover organisation with the mission to protect civilian fishing vessels against harassment by the Soviet Navy, as it occasionally happened.56 There were many such operations on both sides, not only restricted to continental Europe but conducted across the globe, basically wherever there was a chance to penetrate the other side, either through covert operations or through proxies. This global approach and strategy intensified and deepened throughout the forthcoming decades. Wherever these intelligence operations took place, whether within the Warsaw Pact or in western Europe, the cat-and-mouse-game between East and West would remain the same everywhere. 54

See Gehlen, Der Dienst, p. 151–226. For more information, see Jones/Petersen, in Israel’s Clandestine Diplomacies, 2013, pp. 169–188. 56 Hess, The British Baltic Fishery Protection Service (BBFPS) and the Clandestine Operations of Hans Helmut Klose 1949–1956 Journal of Intelligence History Vol. 1, no. 2 (Winter 2001). 55

14

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:31 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

Universities have always been a place for controversial political debate, where it is 56 tolerated and in fact encouraged. In the history of intelligence, academia have and continue to have an important role. During the Cold War, the UK saw arguably its biggest spy scandal, which originated from Cambridge University. The so-called “Cambridge Five” were a group of students who had turned to Communism from the 1930s onwards.57 Kim Philby, Donald Maclean, Anthony Blunt, Guy Burgess and John Cairncross, all disliked the establishment. They looked down upon the rich (despite all (other than Cairncross) coming from upper class families), and pitied them for not leading a purposeful but rather pretentious life. All five hated the idea of pursuing predictable and boring career as lawyers or bankers in the City of London, where sons and daughters with a Cambridge degree usually ended up working. Their provocative academic papers, the public statements they made during debates in the Student Union, and the conversations they had with colleagues over drinks in the Cambridge pubs, did not go unnoticed. One after another got “tapped on the shoulder” by the KGB.58 Suddenly, life for the five students had become very serious. They were given the order from their handler Arnold Deutsch to act against their inner beliefs and enter the British establishment.59 Indeed, all five had remarkable careers in the aftermath: in the Foreign Office, in the Security Service MI5, and even in the higher echelons of SIS.60 The Cambridge Five provided secret intelligence to the Soviets throughout World 57 War II and the Cold War until 1963. With British authorities hot on his heels Philby defected to the Soviet Union, where he had been promised the rank of a colonel. Much like Burgess and Maclean had discovered, Philby’s life turned out to be less glamorous than he had hoped. He died on 11th May 1988, having spent much of the intervening time in his Moscow flat. Nonetheless, the Kremlin did appreciate his work and in 2010 a Kim Philby memorial plaque was unveiled outside the main building of Russia’s foreign intelligence service SVR in Moscow. The ceremony was led by the then director Mikhail Fratkov and attended by Philby’s widow, Rufina Pukhova-Philby.61 Philby was not the only high ranking SIS officer to work for the Russians. Born in 58 1922 in Rotterdam, and with British family ties, George Blake joined the Royal Navy in the early 1940s, before being recruited by SIS in 1944. Because he spoke German, due to his Dutch upbringing, he was posted to Hamburg in order to interrogate German Prisoners of War. After some time, he was put through Russian language training and sent to Seoul where his mission was to spy on North Korea. When the Korean War broke out in 1950, Blake was taken prisoner and spent three years in North Korean captivity, where he developed a taste for Communism.62 After his release in 1953 he returned to London a hero. He was sent off by SIS again in 1955, this time to Berlin, where he was to recruit Soviet double-agents.63 In reality he did the exact opposite and provided the Soviets with details of British and American intelligence operations including the names of an estimated forty agents. The biggest 57 See Andrew, The Defence of the Realm – The Authorized History of MI5, 2010, pp. 167–168, 172, 420, 438, 854. 58 For recruitment of the Cambridge Five, see ibid, pp. 169–172, 420; see also Philby, My Silent War, Introduction. 59 See Andrew, The Defence of the Realm, pp. 169–173. 60 See for example Philby, My Silent War, pp. 144–159. 61 Russian Spy Agency reveals Philby memorial plaque, http://www.telegraph.co.uk/news/worldnews/europe/russia/8191989/Russian-spy-agency-unveils-Kim-Philby-memorial-plaque.html (accessed 12 June 2017). 62 See his own account in Blake, No other choice, Chapter Six, pp. 121–149. 63 See Andrew, The Defence of the Realm, pp. 488, 489–491, 492, 503, 509, 537–538, 587, 716, 718, 720; see also Hermiston, The Greatest Traitor, pp. 174–191.

Goodman/Ischebeck-Baum

15

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:32 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

59

60

61

62

blow-back to western intelligence Blake committed was undoubtedly related to “Operation Gold”, a secret tunnel between East and West Berlin, operated by SIS and CIA to wiretap Soviet Army communications. Interestingly, the Soviets decided not to blow “Gold” in order to protect their source. Instead, being very cautious about what was fed to western eavesdropping, they let the operation run, not wanting to give away any knowledge of its existence. Blake fell under suspicion in 1961 due to revelations by Warsaw Pact defectors, notably Michael Goleniewski, the former Deputy Head of Polish Counter-Intelligence. When Blake was arrested he confessed, though he rejected the accusation that he was a traitor, stating that he had never identified with the British: “To betray, you first have to belong. I never belonged”64. He was sentenced to forty-two years in prison by the British courts. During his imprisonment he managed to escape and flee to Russia via East Germany in 1966, where he started living on a KGB pension. When he turned eightyfive in 2007, Blake was awarded the Order of Friendship by Vladimir Putin.65 Of all Soviet spies in the British system it was the Cambridge Five that caused the most damage to British intelligence; indeed, it has been argued that they were the most able group of spies in KGB history.66 Until 1963, Her Majesty’s Government lost hundreds of crucial operations and sources in continental Europe and behind the Iron Curtain. For the overall operational capability of British Intelligence, however, this period of great set-backs meant that for the time being and until strong networks would have been re-established, they had to rely on their partner services, the CIA most of all, but also services in continental Europe. Until then, British intelligence had played a leading role in Europe, which, eventually, it would manage to regain. However, this turning point in the 1950s is important to note in the context of European intelligence, because it had an important impact on how European powers would strive to liaise and cooperate in the realm of intelligence. The UK now had to intensify its efforts with France, Germany, and other regional services.67 For all European intelligence services, one of the great strategic concerns was a possible breakthrough of the Soviet Army through the Fulda Gap, resulting in the invasion and occupation of Western Europe. Together with the respective intelligence services and representatives of the Special Operations Forces (SOF), NATO leaders had been dealing with this scenario from the very earliest stages of the Cold War. Drawing on lessons from World War II, from SOF, guerrilla tactics and underground resistance movements, a truly European operation codenamed “Gladio” was launched. Under the guidance of CIA and SIS, and under the auspices of NATO, paramilitary units were established in Belgium, Denmark, France, Greece, the Netherlands, Norway, Portugal, Austria, Finland, Spain, Sweden, Switzerland and Turkey. The mission of these units was not to fight the Soviets upon arrival; but to penetrate and sabotage them by clandestine means throughout the occupation, slowly marauding their capabilities.68 Winston Churchill had had plenty of experience with this type of operations during World War II, particularly though Special Operations Executive (SOE) and the Special Air 64 See Independent, The spy who stayed out in the cold: George Blake at 90, http://www.independent.co.uk/news/world/europe/the-spy-who-stayed-out-in-the-cold-george-blake-at90-8290141.html (accessed 12 June 2017). 65 See The Times, Vladimir Putin honours traitor George Blake with tit-for-tat birthday medal, https:// web.archive.org/web/20080517023556/http://www.timesonline.co.uk/tol/news/world/europe/article 2865969.ece (accessed 12 June 2017). 66 See Andrew, KGB, Chapter 6, pp. 173–232. 67 Whatever the situation in the field, the UK always held on to their own style in dealing with intelligence, see Goodman, in Grant, The British Way in Cold Warfare – Intelligence, Diplomacy and the Bomb 1945-1975, 2011, pp. 127–140. 68 See Weiße, Nato-Intelligence, pp. 40–43.

16

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:32 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

Service (SAS),69 and so had many others of the participating countries. In Germany, former elite troops of the Wehrmacht were used, along with personnel of the young BND. All over Europe, secret weapons caches and covert communications networks were established, and all members had to maintain a deep, highly secretive cover. Public opinion and bad press were not an issue since this was a top-secret operation. In the end, the Soviet invasion never happened; however, the NATO stay-behind operation remained active until 1990, after which it was publicly acknowledged for the first time.70 All operational efforts were coordinated by NATO’s Supreme Headquarters Allied Powers Europe (SHAPE), and more precisely by its embedded “Clandestine Planning Committee”. Albeit led and coordinated by NATO, hence not entirely a European effort as such, “Gladio” stands as one of the prime examples of transatlantic – and regional – intelligence and security cooperation from the early stages of the Cold War onwards. In intelligence terms, however, one important lesson of World War II was that, as politically risky as it may be, intelligence including covert and paramilitary operations, full-on sabotage and the targeting of individuals, have their place in foreign and security policy, may that be peace or in war. With everything that was happening across continental Europe, from the closure of the East German border on 13th October 1961 and the establishment of the Berlin Wall, over the race in technology and strategic weapons capabilities, to the cruel and merciless intelligence war in the shadows, Europe was not at peace at all. The Soviets, and most remarkably the KGB, were doing very well in infiltrating western security and intelligence organisations. This affected not only the Anglo-American intelligence world but the post-war years were a struggle for almost every intelligence organisation on the European continent.71 The French found themselves undermined by the KGB,72 while the Spanish, who had founded an intelligence service in 1936, did not manage to have an effective organisation until the mid 1970s.73 From the 1960s, the BND was getting more active and found itself in a very particular situation; a situation unique to any European intelligence service. Under the auspices of the US Administration, and CIA in particular, it mostly focused on Soviet and East German Intelligence (Stasi)74 on its doorstep. Until then, Reinhard Gehlen’s network had stretched from Russia to the Middle East to Latin America, where partner services could greatly gain from. However, with the enemy literally just on the other side of the wall, the BND already had its hands full with semi-domestic operations, targeting the highest political echelons of the GDR. Military intelligence on the Soviet and East German Army remained of great importance at all times, and made a major contribution to any western intelligence operation in East Germany. Often overlooked in the study of Cold War intelligence are the Allied Military Liaison Missions between 1946 and 1990 in this context.75 These were legitimate military missions set up in the Soviet sector by the UK, the US and France, with Soviet 69 See Aldrich/Cormac, The Black Door – Spies, Secret Intelligence and British Prime Ministers, 2016, pp. 90–1136; 161–181. 70 See Weiße, NATO-Intelligence, pp. 40, 43. 71 For further detail see Andrew, The Sword and the Shield – The Mitrokhin Archive and the Secret History of the KGB1999, Chapter One, pp. 1–22. 72 See for example Wolton, KGB en France, 1987. 73 See for further information, Fernandez, Los servicios des intelligencia espanoles. Desde la Guerra civil el 11-M – Historia de una transicion, Alianza Editorial 2006. 74 For general information on the Stasi, see Gieseke (4th ed.), Die Stasi 1945–1990, 2011; for Stasioperations against the UK, see Glees, The Stasi Files: East Germany’s Secret Operations against Britain, 2003. 75 See Behling, Spione in Uniform – Die alliierten Militärmissionen in Deutschland, 2004; Mußgung, Aliierte Militrämissionen in Deutschland 1946–1990, 2001.

Goodman/Ischebeck-Baum

17

63

64

65

66

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:33 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

military missions in their respective sectors. Each mission was based on a bilateral agreement, the British “Robertson-Malinin Agreement” of 1946 being the first.76 The missions worked along the lines of classic military diplomacy, comparable to military attachés, keeping in close touch with the Soviet and East German forces. However, there was a hidden side to them, namely that they also made excellent intelligence operations under diplomatic cover. Not only during diplomatic receptions could they spy on the other side, but most of all while touring the Soviet sector looking out for any military equipment. They established intelligence on the latest Soviet tank models; they knew the capacity of hospitals in East Germany; they knew the maximum weight every strategically important bridge could carry; they identified the first Soviet SCUDs and other missiles arriving from the Soviet Union; they managed to steal state-of-the-art radar technology from a Soviet fighter jet that had crashed in the British sector in 1966, which saved British defence technology an estimated two years of research; they reported on suspicious troop movements shortly before the Soviet invasion of Czechoslovakia; their intelligence played an important role during NATO’s 1983 “Able Archer” exercise because they closely monitored every move by the Soviet and East German armies, and so on.77 Additionally, due to Soviet moles, western intelligence services frequently suffered operational set-backs. It was the military liaison missions that would fill the gaps during these times, often under life-threatening circumstances and at Soviet gunpoint. 67 Throughout the years, American, British and French intelligence services and SOF developed a particular interest in the military liaison business. Partway through the missions they started embedding intelligence officers under the cover of Army, Navy or Air Force, usually in the rank for Lieutenant Colonel. The British SAS, for example, established a permanent undercover-presence in the “British Commander-in-Chief’s Mission to the Soviet Forces in Germany”, also known as BRIXMIS.78 Its primary task was to join the reconnaissance tours through the Soviet sector, however, they also were to scrutinise and map the landscape and infrastructure in order to identify possible drop-zones for parachutists, landing sites for helicopters, or high-value targets for an air raid in case war broke out again. 68 From the early 1960s, western intelligence made significant progress with eavesdropping on the Warsaw Pact. The main listening post for East Germany and wider Eastern Europe, nick-named Teufelsberg or “Devil’s Mountain”, was operated by the National Security Agency (NSA) and located on top of an artificial hill in Berlin Grunewald, inside the British sector. Covering the beginnings of Albert Speer’s Wehrmacht Faculty for Technology, the hill consisted of World War II debris and had a height of about eighty metres. From there, the allied powers would target Eastern Europe with SIGINT operations between 1963 and 1990.79 69 Though NSA, GCHQ and other intelligence agencies had their outposts and fixed installations, oftentimes, intelligence was collected from the air, such as through the famous American U-2 spy-planes, by submarine or other seagoing platforms, or, sometime later, from space via cutting-edge satellite technology.80 Intelligence was being collected all the time and by many different means and not only in continental Europe but also around the globe and in the proxy battlefields between East and West. 76 Printed in Geraghty, BRIXMIS – The Untold Exploits of Britain’s most daring Cold War Spy Mission, 1996, Appendix III, pp. 329–331. 77 Ibid; furthermore see Gibson, The Last Mission behind the Iron Curtain, 1997. 78 Geraghty, BRIXMIS, pp. 6–7, 14, 204, 286. 79 For a complete history of the “Teufelsberg”, see Behling/Jüttermann, Berlin Teufelsberg: Outpost in the Middle of Enemy Territory, 2012. 80 For the development of underwater intelligence gathering, see Hennessy, Silent Deep, pp. 94–97; for particular operations in the Cold War, see pp. 200–387.

18

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:33 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

When the world seemed on the verge of mutual nuclear destruction during the 70 Cuban Missile Crisis between the 14th and 28th of October 1962, intelligence – including European intelligence services – again played an important role. Khrushchev attempted to station nuclear ballistic missiles in Cuba, ninety miles away from the American mainland.81 This would have made all early warning mechanisms of the US Military redundant overnight, because a launch could only be noticed once it was too late. Even though the US Navy’s submarines armed with nuclear ballistic missiles ensured a second-strike capability, Kennedy saw the Soviet armament of Cuba as an immediate threat and utterly unacceptable. The great question, however, was whether the Soviets were really going to strike first. For the first time in the Cold War the Pentagon issued “Defence Readiness Condition Two” (DEFCON TWO), during which the Armed Forces were to be ready to deploy and engage within six hours. After the Bay of Pigs disaster in April 1961, leading to even more closeness between the Kremlin and Havana, anything was possible.82 Intelligence on the shipping of material to Cuba and ongoing installation works on 71 what looked like launch sites could be collected by US U-2 spy-planes, operated by the US Air Force and other means of US Central Intelligence. However, most European intelligence services also monitored and analysed the situation. The BND, for example, had been analysing Cuba for some time and in 1960 assessed that the Soviets would most probably not want to risk a full-on war.83 However, as a political posture, the Kremlin could nevertheless threaten the White House with doing exactly that. Moreover, in the following months, BND-reports pointed out increasing Soviet shipments across the Atlantic, while in Cuba itself the arrival of Soviet missile experts and commencing establishment of missile launch capabilities was reported.84 Founded in 1936 and already mentioned above, the JIC is the UK’s primary body for 72 intelligence analysis. It converts all processed intelligence into all-source assessments that are then disseminated amongst the decision-makers.85 The JIC works both ways, though: during the Cold War it was also responsible for the tasking of all intelligence services. It has often acted as a key element between policy and the operational level. Before, during and after the Cuban Missile Crisis, the JIC frequently issued analysis on the Soviet threat.86 Traditionally, intelligence was provided by all services, but mainly came from SIS, GCHQ, Defence Intelligence (including BRIXMIS), and general diplomatic correspondence. Its observations are largely comparable to the ones of other European services, however, the JIC’s first substantial assessment was issued on 26th October 1962.87 Along with rather general information on Soviet capabilities, it stated quite clearly that Khrushchev maintained a desire to avoid war with the West, which meant that despite the deployment of nuclear missiles the Kremlin was not likely to risk a preventive strike by the Americans. However, the JIC also concluded over the forthcoming months that the Americans too would want to avoid an escalation at all 81 See Andrew, The Sword and the Shield, pp. 180–184, 348, 349–350, 354, 363, 442; a good account of events can also be found in Trahair/Miller, Encyclopedia of Cold War Espionage, pp. 99–100. 82 See original JIC assessment J.I.C. (62) 99, UK EYES ONLY, provided in Aldrich/Cormac/Goodman, Spying on the World, p. 261. 83 See Bundesnachrichtendienst, Mitteilungen der Forschungs- und Arbeitsgruppe Geschichte des BND, Der Bundesnachrichtendienst und die Kuba-Krise, Nr. 3, Band I, 12. Oktober 2012. 84 Ibid. 85 A useful introduction to the JIC can be found in Goodman, The Official History of the Joint Intelligence Committee, Volume I, Introduction, pp. 1–8. 86 See original JIC assessments in Aldrich/Cormac/Goodman, Spying on the World, pp. 251–266. 87 See Goodman, in Gioe/Scott/Andrew (eds.), An International History of the Cuban Missile Crisis – A 50-year retrospective, 2015, p. 103.

Goodman/Ischebeck-Baum

19

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:34 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

73

74

75

76

cost. The great danger, the JIC’s Assessments Staff warned, would therefore lie in possible mistakes and misconceptions on either side.88 An important piece of intelligence on Soviet intentions helping in analysis and early warning had arrived in the form of HUMINT via SIS, and originated from a top-secret source deep inside the Soviet system. No European intelligence service had managed to get that close, but the British had. Oleg Penkovsky, codenamed “Hero” by the Americans and “Yoga” by the British, arguably is the most significant Cold War example of a joint HUMINT operation, some argue even in the history of espionage.89 A colonel in Soviet Military Intelligence (GRU), Penkovsky was jointly run by SIS and the CIA. He first approached American students in Moscow, then British businessmen, until finally his request was transported through the US Embassy to CIA headquarters in Langley, Virginia. It took the CIA rather long to establish his credibility.90 During a visit to Langley, in order to follow up on the case of George Blake, an SIS officer by the name of Harold Taplin Shergold (Shergy) was briefed on current developments regarding Penkovsky as a potential source. He later criticised the fact that the CIA had taken too long with the decision, which had also irritated Penkovsky himself. During a visit to London, Penkovsky again attempted to contact the British and offered to work for both sides, which ultimately was put to practice through the first joint meetings in London.91 A so-called “walk-in” versus a recruited agent is naturally more suspicious, and looking at the case of Penkovsky today it is clear that the CIA initially had their doubts.92 The British, on the other hand, seemed to have more faith in him and his material, given his prominent position in Soviet Military Intelligence. In order to ensure proper handling not only in continental Europe but also in Moscow, SIS used the British businessman Greville Wynne. Almost every foreigner travelling to Moscow at the time for business purposes was under surveillance, and it was no other than Penkovsky himself who, from the Soviet side, was put in charge of Wynne, staging as a representative of the so-called State Committee on Science and Technology. SIS made the most logical use of this fact, with turning the game around and making Wynne one of Penkovsky’s contacts. Through the eyes of Soviet counterintelligence it was not suspicious that the two could be seen together. Through Wynne, Penkovsky later clandestinely met the SIS Moscow Head of Station’s wife, who would become his prime contact to forward any of his material to SIS through the diplomatic post. More meetings followed in London and Paris.93 Despite running Anglo-American intelligence operations in continental Europe, the French Intelligence was not involved at all. The Americans, in particular, feared that sharing anything with the French was too dangerous because their services, the Direction de la Surveillance du Territoire (DST) and the Direction Générale de la Sécurité Extérieure (DGSE), were infiltrated by the KGB. While maintaining a generally good relationship with French intelligence regardless of the fact that Charles de Gaulle had decided to leave NATO in 1958, in the 88 See in this context Scott, in Learning from the Secret Past – Cases in British Intelligence History, 2011, pp. 239–264. 89 Gioe, in An International History of the Cuban Missile, p. 135–138. 90 Ibid, pp. 138–140; see furthermore Trahair/Miller, Encyclopedia of Cold War Espionage, p. 406. 91 A full and very informative account of how the “tradecraft” was managed between SIS and CIA is provided by Gioe, in: An International History of the Cuban Missile Crisisp. 135. 92 Ibid, pp. 160–163. 93 See Corera, The Art of Betrayal – Life and Death in the British Secret Service, 2011, p. 163; see also Schecter/Deriabin, The Spy who Saved the World – How a Soviet Colonel changed the course of the world, 1995.

20

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:34 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

case of Penkovsky, however, the British too assessed the operational value of their source higher than the political damage in case they were found out by the French. In other words, the risk was tolerable. In 1962, the year of the Cuban Missile Crisis, things became more and more difficult. The Soviet services were not sleeping and Penkovsky increasingly warned his handlers about Soviet counter-intelligence.94 He even suggested his own exfiltration out of the Soviet Union. The mounting pressure also led to bilateral tensions between the CIA and SIS, including considerations to terminate the operation because it had become too risky.95 Penkovsky was arrested by the KGB on 22 October 1962. Before that, he had agreed means of secret communication with his handlers, should he learn anything about a planned first strike against the US. Had such an event occurred, however, he never would have been able to give any indication whatsoever. Instead, he spent the peak of the Cuban Missile Crisis in KGB custody. Shortly thereafter, the British businessman Greville Wynne was arrested in Budapest. While Wynne was sentenced to eight years in prison and made it back to the UK in 1964 after a spy exchange, Penkovsky was sentenced to death and executed on 16 May 1963. Although the case of Penkovsky is primarily an example used in Anglo-American intelligence history, it is nevertheless important in the context of European intelligence too. This is particularly for two reasons: first, the intelligence Penkovsky provided on Soviet capabilities and intentions found its way to British analysis, the JIC, to be precise. Some of the assessments were shared with European partners or NATO, even though the provenance of the intelligence would have been concealed.96 Second, a thorough look at the joint operation in Paris and the fact that the French were deliberately not involved reveals that, whatever bilateral relations between French and British Intelligence may have looked like at the time, as it should, operational security and the protection of one’s own source outweighed the risk of political upset. Ultimately, Khrushchev decided to withdraw his missiles from Cuba, which led to a downscaling of the overall tension. His demand, however, and the price Kennedy had to pay, was that American missiles would be withdrawn from Turkey and Italy. Overall, due to its politico-strategic significance, the Cuban Missile Crisis had been equally important to the United States and Europe.97 Intelligence analysis in the aftermath of the Cuban Missile Crisis showed that most of the assessments on Soviet intentions were, in fact, not so far from the truth. To this day it remains an almost impossible task to assess the correct point in time at which the other side will take rational – or irrational – action; as the JIC assessed correctly at first, one of the most dangerous elements in such situations are misconceptions or accidents on either side.98 During the Cold War and the following decades, this key element and momentum of the burden of command with all accompanying difficulties and risks, stands as a constant companion of the intelligence consumer, and most of all as a challenging task for the political decision-maker. Presuming that the other side will act rationally always comes with considerable risk. In possibly the most important assessment of the crisis, dated 6th December 1962, the JIC reviewed all evidence (i. e. intelligence) available in the aftermath, including its own previous assessments. The intention was “to determine, in the light of events 94

See Gioe, in: An International History of the Cuban Missile Crisis, p. 163. Ibid, pp. 160–163. 96 See Aldrich/Cormac/Goodman, Spying on the World, JIC (62) 101, p. 264. 97 A good summary and discussion of Penkovsky’s overall impact can be found in Gioe, An International History of the Cuban Missile Crisis, pp. 136–138. 98 See Aldrich/Cormac/Goodman, Spying on the World, p. 253. 95

Goodman/Ischebeck-Baum

21

77

78

79

80

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:35 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

to date, the motives underlying recent Soviet actions in Cuba”.99 The main conclusion of this analysis was that Cuba should be looked at strategically, and should be considered in relation to Berlin and other places important to the Kremlin. The JIC concluded that Khrushchev knew the Americans were not interested in nuclear war, and so he used his good will to strengthen his position as Communist world leader. This, according to the JIC, did not mean that any escalation elsewhere should be ruled out.100 81 The next years and decades remained dynamic for all European Intelligence Services and saw no relaxation in the difficulties in operations despite occasional political initiatives towards a peaceful co-existence. The Soviet invasion of Czechoslovakia in 1968 took most European Governments by surprise. According to declassified records, the problem was not a lack of intelligence on the Soviets as such, but difficulties in the assessment of their political intentions. The BND had done quite well collecting military intelligence in wider Eastern Europe including Moscow, and also in the GDR. It issued the last warning to the German Government including its Ministry of Defence five hours before the invasion saying that it was very probable and likely to take place in the immediate future.101 This very last assessment was based on HUMINT, namely a loose conversation between a Soviet Commandant and his subordinate which had been picked up by a BND informant in the field. 82 Moreover, the Military Liaison Missions of the US, UK and France played an important role once again. Prior to the invasion they were already able to report unusual Soviet troop movements towards the Czech border that, to them, did not exactly look like an exercise: “We knew they were going into action. We could not convince our higher authority of that. They believed this was an exercise. We knew that was not the case. There is a vast difference between a unit going to exercise and one that goes to war. (…) We said ‘they are going to fight!’ Higher Command said: ‘You don’t invade in the Sixties.’ They dismissed this as manoeuvre and nothing more.”102 83 All the field reports – or “raw intelligence” – made their way to analysts in their respective countries and some from there to NATO. In the UK for example, the JIC received plenty of classified warnings about an imminent Soviet Army operation, which was in addition to diplomatic cables from Moscow, Prague and elsewhere behind the Iron Curtain. But the JIC’s Assessments Staff struggled to believe that something was really going to happen.103 In a period where, six years after Cuba, East and West seemed to enter peace agreements in the light of détente, and where they finally seemed able to come to a compromise on strategic weapons, known as Strategic Arms Limitation Talks (SALT I and later SALT II), it was hard to believe that the Kremlin was going to conduct such an operation and risk it all again. Clearly, Moscow was seeing the Prague Spring and the uprising around Alexander Dubcek with great concern, but would they really go in with military force while the West was watching? West European assessments later concluded that the Kremlin sought to avoid an intervention if they could, however, once it had taken place there was no sign that further events would result in a 99

See Aldrich/Cormac/Goodman, Spying on the World, JIC (62) 101, p. 257. Ibid, p. 254. 101 See Mitteilungen der Forschungs- und Arbeitsgruppe “Geschichte des BND”, Der Bundesnachrichtendienst und der “Prager Frühling” 1968’, http://www.bnd.bund.de/DE/Organisation/Geschichtsaufarbeitung/MFGBND_Uebersicht/MFGBND_Mitteilungen/Mitteilung_9_node.html (accessed 13 June 2017). 102 See unpublished interview by Tony Geraghty with BRIXMIS-member Lieutenant Colonel Roy Giles on Czech Invasion 1968, 26 May 1995, King’s College London, Liddell Hart Archives, BRIXMIS, File 10.9. 103 See Aldrich/Cormac/Goodman, Spying on the World, p. 296. 100

22

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:35 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

real threat to the West or to NATO. The Kremlin’s strategy in this case seemed more about containment.104 The 1970s largely were a decade of global proxy-wars between East and West, 84 which most naturally included intelligence operations overseas.105 Regions such as Latin America, Central- and South-East Asia, or Africa were arenas for clandestine activities, for espionage and covert action, for arranged coups and revolutions. The 1970s were also the decade of left-wing and anti-imperialist terrorism in Continental Europe, all of which became obvious concerns for the intelligence services. For Germany, it was the Red Army Faction (supported by the Stasi), for the UK the Irish Republican Army (IRA), and, although a decade old by then, for France and Spain it was the nationalist-separatist movement Euskadi Ta Askatasuna (ETA). These and other groups had ties to the Middle East, mainly with the Palestine Liberation Organisation (PLO). When the world witnessed the assassination of members of Israel’s Olympic team by 85 the PLO in Munich 1972, the BND and the German Security Service Bundesamt für Verfassungsschutz (BfV), were harshly criticised, most of all by Israeli Intelligence. Mostly without public knowledge, the BND had established good relations with Israel’s foreign intelligence service Mossad since the early 1960s,106 however, the early 1970s were a difficult time. What followed was operation “Wrath of God” all across Europe during which Israel pursued and eliminated the PLO hit team as well as the masterminds behind the operation, including Ali Hassan Salameh.107 Overall, this was not necessarily to the liking of European intelligence services; however, they had little choice but show a considerable degree of tolerance. The terrorist threat continued through the 1980s, seemingly blurring the lines 86 between national and international security. Nonetheless, the fact that European intelligence services were trying to tackle the terrorist threat did not signify that the Cold War had become any less intense; in fact the case was reverse. In 1983 it was a NATO exercise that led to another crisis. From 7th November NATO conducted “Able Archer”, a command post exercise simulating “Defense Readiness Condition 1” (DEFCON 1), the highest of escalation levels in a nuclear scenario where an attack is imminent. Although NATO had of course conducted large-scale exercises before, this one was different. For the first time, “Able Archer” involved active participation of governments, as well as the use of unprecedented ciphering and strategic radio silence. To a paranoid Kremlin this was highly suspect and supported the hypothesis that the Americans were planning a nuclear first strike. This view had been around the Kremlin for a while and the NATO exercise served to confirm it. The imminent delivery of American Pershing II nuclear missiles to Europe, as well as rising tensions in general, exacerbated the mood of tension in Moscow. The foundation of the 1983 Soviet assessment, however, had been laid two years earlier when the Kremlin mounted the most widespread operation in the history of Soviet intelligence. At the very heart of “Operation Ryan” was western nuclear readiness.108 KGB and GRU 104

Ibid, p. 297. For a Soviet perspective, see entirely Andrew, The World was going our way: The KGB and the Battle for the Third World, 2005. 106 A very informative account is provided again by Shpiro, Shadowy Interests: West-German-Israeli Intelligence and Military Cooperation 1957–82, in: Jones/Tore, Israel’s Clandestine Diplomacies, (eds.), 2013, pp. 169–188. 107 According to a former senior member of the Mossad, one of the most authentic accounts is Klein, Striking Back – The 1972 Munich Olympics Massacre and Israel’s Deadly Response, Random House 2005. 108 Jones, Able Archer 83: The Secret History of the NATO/Exercise that almost Triggered Nuclear War (2016). 105

Goodman/Ischebeck-Baum

23

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:36 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

87

88

89

90

agents overseas were collecting intelligence on western authorities, infiltrating respective governments and governmental organisations in order to establish whether there was any real intent to launch a nuclear attack in the form of a first strike. The broad details of “Ryan” were known to the West thanks to the two HUMINT sources run by SIS and CIA, who were able to enlighten analysts in the early 1980s. Colonel Oleg Gordievsky was the highest-ranking KGB official ever to defect to the west.109 Gordievsky had been recruited by SIS shortly after the 1968 Soviet invasion of Czechoslovakia. Disgusted with how the Soviets had dissolved the Prague Spring, he had turned to Britain. Serving as KGB officer at the Soviet Embassy in Copenhagen, he had expressed his dislike of the Kremlin policy to SIS, who, some time later, made the pitch. He was already a high value asset, but for SIS the situation became even more beneficial when Gordievsky was posted to London as the resident KGB Station Chief in 1982, one year before “Able Archer”.110 He provided valuable intelligence saying that the Soviets truly believed “Able Archer” was a cover-up for a real first-strike. De-classified records show that his HUMINT was a priceless contribution to overall assessments.111 Without doubt, having such a highranking source in their capital, SIS had to handle him with utmost care, applying the fine art of tradecraft, making sure not to be detected by the Soviets. But Soviet counterintelligence was not sleeping. In May 1985 Gordievsky was ordered back to Moscow where he was interrogated and then kept under close surveillance. In a life-threatening operation, SIS managed to exfiltrate him via Finland and Norway, and finally return him to London.112 After immense diplomatic efforts by the British Government, his family were able to join him six years later. Meanwhile, he had been sentenced to death in absentia by Soviet courts. Following the assassination of Alexander Litvinenko, a former officer in the Federal Security Service of the Russian Federation (FSB) by Russian Intelligence in 2006 in a London hotel, when Gordievsky suddenly fell very ill and spent days in hospital unconscious, he claimed that this too had been an assassination attempt. However, the case was never pursued and to this day there is no public evidence. On 10th July 1985, France witnessed a major intelligence scandal through what would become known as “Operation Satanique”. It took place in the port of Auckland, New Zealand. At the time, France was planning to conduct a nuclear test in Murora, part of French Polynesia. The “Rainbow Warrior” ship operated by the environmental organisation Greenpeace, but registered under Dutch flag, was going to sail to Murora in order to block the nuclear test. On 10th July a team of French intelligence operatives sunk the “Rainbow Warrior” in a paramilitary covert operation by setting off two limpet mines that had been attached to the hull. The “Rainbow Warrior” had been the target of French Intelligence some time before, and in fact some of the team were posing either as tourists during open ship events or as environmentalists interested in joining the crew. In the incident, a Dutch-Portuguese photographer drowned with the ship. Shortly thereafter, two members of the French team were arrested by New Zealand Police. It did not help that they were carrying Swiss passports. Two other members of the team made it to Australia on a yacht, were arrested there but later released. The case caused international outrage, severely damaged the reputation of French Intelligence, and ultimately ended up before the United Nations. 109

For a full account, see Trahair/Miller, Encyclopedia of Cold War Espionage, pp. 162–164. For the whole personal account, see Gordievsky, Next Stop Execution (1995); Trahair/Miller, Encyclopedia of Cold War Espionage, pp. 165. 111 Jones, Able Archer 83. 112 Trahair/Miller, Encyclopedia of Cold War Espionage, p. 165. 110

24

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:36 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

In the ruling, France was given full responsibility for what happened.113 This had several consequences. Not only were bilateral relations with New Zealand severely affected, moreover until then the New Zealand authorities had labelled the incident as a “terrorist attack”. Now with official French governmental responsibility, for diplomatic reasons it was described merely as “criminal act”. France argued the case of preventive action due to the fact that the “Rainbow Warrior” had been about to violate French sovereignty by entering French Polynesia with hostile intentions. However, it was also established that the operation had violated domestic and international law, being severe but below the threshold of an armed attack. The ruling shed light on how international law saw such interventions short of an act of war and how it held France responsible, however, it was mostly silent on espionage and intelligence activities as such. Intelligence activity, including espionage and covert action, remains a dangerous and risky business, most of the time exposing individuals to the criminal law of the state they are operating in if the operation fails. Only in time of armed conflict the “spy” is individually recognised by international law.114 However, even then all activity is at his own risk.115 Although the Rainbow Warrior incident concentrated French intelligence, for the rest of Europe the big question facing them was the evolving situation in the Soviet bloc. Many European intelligence services knew that the political leadership of the GDR was going through a deep crisis and increasingly losing public support in the late 1980s, yet none of them could really assess the exact outcome and consequence. While the Kremlin’s new leader Michael Gorbachev implemented political reforms, the leadership of the GDR held on to their old Communist concepts and beliefs. The ultimate breakdown of the GDR caused significant challenges for western intelligence services in many regards, most of all for the BND who now had to decide what to do with former Stasi personnel, and also who had to review their inner-German doctrine since all of Germany from now on would fall under domestic security rather than foreign intelligence. Collecting intelligence on the GDR had been the BND’s prime task until then. The Stasi, on the other hand, had heavily infiltrated West Germany’s society and political echelons.116 One of the most famous Stasi operations later became to known as the “Guillaume Affair”.117 This operation is not only an account of how severely the West was infiltrated by the Stasi, it is also an example of the fact that East German Intelligence had not always been in line with what the Kremlin wanted which, even on the operational level, affected the bilateral relationship greatly. By order the GDR’s head of foreign intelligence, Markus Wolf, Guenther Guillaume emigrated to West Germany together with his wife in 1956.118 He quickly managed to rise through the ranks of the Social Democratic Party and gained the trust of 113 Sunday Times Insight Team, Rainbow Warrior: The French Attempt to Sink Greenpeace (London: Century Hutchinson, 1986); for the ruling see United Nations Secretary-General: Ruling on the Rainbow Warrior Affair between France and New Zealand, International Legal Materials, Vol. 26, No. 5 (September 1987), pp. 1346-1274. 114 See Additional Protocol I, Article 46 (1), Geneva Conventions; for other laws and regulations, see https://ihl-databases.icrc.org/customary-ihl/eng/docs/v1_rul_rule107 (accessed on 02 July 2017). 115 For further discussion on the legal situation of spies and espionage, Schmahl, Intelligence and Human Rights, Part 4 Chapter 1, mn. 7 in this volume; Sule, National Security and EU Law restraints on Intelligence Activities, Part 4 Chapter 2, mn. 10–11 in this volume. 116 A good account of the Stasi-operations can be found in Wolf, Spionagechef im Kalten Krieg – Erinnerungen 2003; see also Dennis/Laporte, Stasi: Myth and Reality, 2003, p. 194. 117 Trahair/Miller, Encyclopedia of Cold War Espionage, pp. 175–176. 118 Ibid, p. 175.

Goodman/Ischebeck-Baum

25

91

92

93

94

95

96

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:37 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

Chancellor Willy Brandt. When he was made personal secretary of the Chancellor, his handlers were pleasantly surprised because this had not exactly been part of the plan. However, now the Stasi had a HUMINT source as close to the West-German Government as one could possibly get. The Kremlin, however, did not appreciate this for one particular reason. Willy Brandt had always been a good partner of Moscow, seeking diplomatic solutions and wanting to avoid any large disputes.119 He was regarded as a Russia-friendly man. Thus, the political risk of running an agent so close to him was estimated too high in Moscow vis-à-vis the secret intelligence possibly gained. Indeed, when West-German counter-intelligence found out in 1974 that Guillaume had been spying for the GDR, he was arrested and sentenced to thirteen years in prison. Willy Brandt stepped down in the same year, succeeded by his fellow party member Helmuth Schmidt. Having served his sentence to the full, Guillaume and his wife went back to the GDR. They never fully adjusted to the communist lifestyle again. 97 The basic issue for the GDR leadership in the late 1980s was that they did not agree with Gorbachev’s reforms. Consequently, they tried to establish their own Socialist course, which meant political divorce from the current Kremlin leadership. Declassified BND-files today show that the GDR Government was influencing the results of the 1989 general elections in their favour.120 This did not work out, however, particularly because the GDR population had already embarked on Russian reforms and Gorbachev was being celebrated as a political hero leaning towards the West. Western intelligence services were aware of what was happening and that the GDR Government would be facing serious problems in 1989, but they did not see coming what was going to take place on 9th November 1989.121 98 Events were impossible to foresee for several reasons. One of them was a press conference in East Berlin during which Political Secretary Guenther Schabowski read out a note that had been given to him by the then leader of the Party and successor of Erich Honecker, Egon Krenz. It contained a statement on the freedom of movement and the lifting of all travel bans for GDR citizens in principle, due to political pressure from Moscow.122 Being asked by a journalist when this regulation would enter into force, Schabowski hesitated but then remarked that to his understanding this would be the case immediately. This was not at all what the GDR leadership had had in mind but it was too late because the citizens of the GDR were already marching towards the borders. No intelligence agency in the world would have been able to predict such a misunderstanding. 99 For western intelligence agencies, not to mention for the political leadership, the question was what would the political and operational consequences of the collapse of the GDR be? The BND in particular, saw itself confronted with an enormous challenge. Despite any political direction and further planning, the immediate question was what to do with the many Stasi personnel and networks. The exact handling procedures remain classified, however, for obvious reasons no Stasi personnel could be incorporated into the BND itself.123 It is known that some former Stasi 119

See Miard-Delacroix, Willy Brandt: Life of a Statesman, 2016. See Mitteilungen der Forschungs- und Arbeitsgruppe “Geschichte des BND”, Jahre Mauerfall, http://www.bnd.bund.de/DE/Organisation/Geschichtsaufarbeitung/MFGBND_Uebersicht/MFGBND_pdf_ Dateien/MFGBND8_Dokument1.pdf?__blob=publicationFile&v=1 (accessed 13 July 2017). 121 CIA, At Cold War’s End: US Intelligence on the Soviet Union and Eastern Europe, 1989–1991. (Available at www.cia.gov). 122 See von Plato, The End of the Cold War? Bush, Kohl, Gorbachev and the Reunification of Germany, 2016, Chapter 4. 123 Other than in the German Federal Armed Forces, where many former GDR military personnel found a new employer. 120

26

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:37 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

officers joined East German constituencies, others were recruited by the Russian private sector, and so on. For them, literally everything changed overnight, especially their political ideals. The identity of Markus Wolf, who was frequently described as one of the greatest spymasters who ever lived and nicknamed “the man without face”, was only revealed in 1978 during a visit to Sweden, where the Swedish security service managed to take a picture of him. His identity was later confirmed by an East German defector called Werner Stiller. Wolf fled the GDR shortly before it collapsed and sought asylum in Russia and Austria. Being denied both he went to West Germany, where, after the reunification, he was tried for treason.124 Wolf died in Berlin in 2006. On trial, he stated that he had earlier refused an offer by the CIA to move to the United States under a new identity. In summary, intelligence became the stable ingredient of the Cold War, with everincreasing budgets and ever-advancing technological means. Just like in World War II, it is extremely difficult to measure the impact of intelligence, although substantive efforts have been made.125 Clearly, at the operational level, intelligence often played a decisive role. At the political level, however, intelligence tended to be helpful but rarely decisive. The Cold War was very much an era of military intelligence; operations were about the adversary’s military capabilities and political intentions – and in many cases, they still are. The former has always been – and continues to be – easier to establish than the latter. Although over time western assessments of Soviet intentions seemed to improve, to this day “Kremlinology” remains one of the hardest subjects.126 It is not at all exclusively about the collection of secret intelligence; most of all it is about understanding the other side. It is the epistemological challenge of attributing rationality (the essence of prediction) to a subject that is inherently irrational.127 American and European intelligence agencies never managed to place a long-lasting source close to the Soviet centre of power. Hence, one major effect of western assessments was to confirm existing views and conceptions rather than help establish the probability of events. In that respect, US and European agencies struggled to establish any real strategic intelligence on Soviet intentions. Intelligence on overall Warsaw Pact capabilities, which also included other eastern European nations than Russia, however, did help in the overall arms race, as well as in the planning and conduct of military campaigns; but the ultimate intelligence picture was never really satisfying from the western perspective.128 Famously, western intelligence failed to foresee the implosion of the Soviet Union, as indeed it seems, did Soviet intelligence.129 The initial post-Cold War environment was a strange one, as for the first time since 1900 there was no easily discernible enemy or threat. Growing throughout the Cold War, but really only evident afterwards, was the rising threat of terrorism. This had moved from its Cold War state-sponsored existence 124

A detailed account of the trial can be found in Wolf, Spionagechef im Kalten Krieg,pp. 12, 456. For instance, see the Special Issue of Intelligence and National Security (26:6, 2011) dedicated to this question. 126 In a 1939 radio broadcast, Winston Churchill already remarked that “Russia is a mystery wrapped in a riddle inside an enigma”. 127 See Kuhns, Intelligence Failures: Forecasting and the Lessons of Epistemology, in Betts/Mahnken (eds.), Paradoxes of Strategic Intelligence – Essays in Honor of Michael I. Handel, 2008, pp. 80–100. 128 A good analysis of the situation can be found in Trahair/Miller, Encyclopedia of Cold War Espionage, pp. IX–XIII. 129 For more elaboration on this subject, see Herman, What Difference Did It Make?, in Herman/ Hughes (eds.), Intelligence in the Cold War: What Difference did it Make?, 2013, pp. 132–147. 125

Goodman/Ischebeck-Baum

27

100

101

102

103

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:37 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

to a post-Cold War non-state sponsored form. As it did so, it can be said that the threat had diversified, culminating in the attacks in America in 2001.

F. European Intelligence after the Cold War For some time, it was thought that, now that the Cold War was “over”, the need for intelligence would almost cease to exist. Some believed that with the end of the Soviet era, intelligence services had become obsolete. This proved to be a wrong assumption. A growing characteristic since 1991 has in fact been the increasing importance of liaison with those countries that were previously considered hostile targets, in particular those in the Middle East and Africa.130 Silent and unofficial back-door channels had played a role in the past, but were now increasingly important. In addition, internal policing and security had gained prominence, as had the exchange of information between intelligence and law enforcement agencies. This has become especially crucial in Europe, as many of the terrorist targets travel through and frequent European cities. 105 In many of the former communist states the intelligence services strove to abandon their authoritarian past and the key for many was to reform their intelligence structures and embrace myriad forms of oversight and accountability. The great problem for some, such as in the case of the Czech Republic, Romania or Poland, was that the advisors employed to help reform their intelligence structures were, themselves, mostly working for Russian intelligence. 104

G. Intelligence, Europe and 9/11 When the New York Twin Towers were attacked by Al Qaeda in 2001, intelligence organisations around the world but particularly those in the Anglo-American sphere, which includes the Five Eyes community, had a hard time. The big question was whether the attacks could have been avoided by the proper acquisition of and informed decision-making based on intelligence.131 Usama bin Laden had been on the radar of several intelligence services some time before “9/11”, but in 2001, the US Administration seemed too focused on the proliferation of Weapons of Mass Destruction (WMD).132 What immediately followed was the war in Afghanistan by the “Coalition of the Willing”, and US-led Operation “Enduring Freedom”.133 107 On 12th September 2001, just after the horrific attacks on the Twin Towers, the entire American airspace was shut, no flights from overseas were allowed to enter US airspace – with one exception. A single aeroplane from London was headed for Washington DC. On board was a team of senior British intelligence officers, among them Sir Richard Dearlove, then “C” and head of SIS. They came to discuss with their American counterparts what the immediate next steps would have to be and in how far the national security landscape would have to be reformed. The Americans did not 106

130 Albeit not a European one, but still an excellent account on this challenge is to be found in Rizzo, Company Man – Thirty Years of Controversy in the CIA, 2014). 131 The 9/11 Commission Report: Final Report of the National Commission on Terrorist Attacks upon the United States: The Full Final Report of the National Commission on Terrorist Attacks upon the United States, 2004). 132 Ibid. 133 Coll, Directorate S: The C.I.A. and America’s Secret Wars in Afghanistan and Pakistan, 2001–2016, 2018.

28

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:38 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

want to speak to anyone else. Despite occasional political turmoil between Great Britain and the United States, this shows that the “special relationship” is of particular meaning in the sphere of security and intelligence in the west, which well includes European security as such.134 The US Administration around President George W. Bush, however, had also something else in mind. Saddam Hussein had long been an object of political debate in Capitol Hill, and his possible removal had already been discussed during the Clintonera. Shortly after “9/11” his file was again on the President’s desk. This time the plan should be implemented, resulting in one of the biggest intelligence scandals of all time. Rafid Ahmed Alwan al-Janabi was in his early thirties when he immigrated to Germany, seeking asylum upon arrival in Munich in 1999. He told the German authorities that he was an Iraqi chemical engineer who had been working in one of Saddam Hussein’s WMD development programmes. It did not take long for the BND to contact him during his stay at an asylum centre in the Bavarian town of Nuremberg. With his profile, he would make an interesting source. Over the course of one year alJanabi was questioned about twice a week by the BND officers. He told them about mobile laboratories and a secret installation in Iraq where he used to work.135 The Germans believed him, although this HUMINT could not be verified. When they informed SIS and the US intelligence community, the US Defence Intelligence Agency, to be precise, about what they had heard, al-Janabi was run as a so-called “blue source”, which means that despite sharing his intelligence only the Germans had direct access to him. For the US Administration, however, intelligence on Secret Iraqi WMD-programmes was exactly what they had been looking for. They gave al-Janabi the operational name “Curveball”. Tony Blair had already sworn allegiance to George W. Bush in the immediate aftermath of “9/11”. When the Germans developed doubts about “Curveball’s” integrity, however, they informed the British and the Americans. British intelligence sounded a warning towards the Prime Minister,136 while US central intelligence expressed severe concerns to the White House. But there was nothing that could be done from the operational viewpoint, the British Prime Minister and the US President had already decided that this single intelligence source would make the justification for an invasion and regime change in Iraq.137 US Secretary of State Colin Powell gave “evidence” before the United Nations Security Council on how Saddam Hussein was building mobile chemical laboratories while claiming to the world that he had no access to WMD.138 During the invasion of Iraq in 2003 al-Janabi’s files were found. It was then that he became very nervous and increasingly non-cooperative. With the help of former colleagues and acquaintances of his, it could be established that al-Janabi had been lying. He had never been a very gifted engineer, nor had he ever done serious work for Saddam Hussein, and most of all everything about the mobile laboratories was made up. The latter point was confirmed by the international WMD inspectors who were sent to 134 For a US perspective, see Rizzo, Company Man, pp. 155–170; an account on the UK’s Tony Blair era and perspective can be found in Aldrich/Cormac, The Black Door, pp. 410–434. 135 See Ahmad, The Road to Iraq: The Making of a Neoconservative War, 2008; Drogin, Curveball: Spies, Lies and the Man Behind Them: The Real Reason America Went to War in Iraq, 2008; Piffner/Pythian (eds.), Intelligence and national security policymaking on Iraq – British and American perspectives, 2008; Pillar, Intelligence and US Foreign Policy: Iraq, 9/11 and Misguided Reform, 2011. 136 Ibid. 137 Lord Butler of Brockwell, The Review of Intelligence on Weapons of Mass Destruction, 2004. 138 Report of the Commission on the Intelligence Capabilities of the United States Regarding Weapons of Mass Destruction, (2005), available at http://www.wmd.gov/report/wmd_report.pdf.

Goodman/Ischebeck-Baum

29

108

109

110

111

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:38 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

Iraq.139 They were not able to find any of the installations that had been described in the intelligence reports. This ultimately left the invasion of Iraq without political justification. In the aftermath “Curveball” was granted German citizenship and today lives in Bavaria under a new identity. 112 Particularly British intelligence saw a political inquiry after what happened. The major question to be discussed was whether this had been a classic example of the “push-pull” issue between intelligence and policy, referring to the dynamics of the intelligence cycle.140 Policy, in this case Tony Blair and George W. Bush, needed political justification for the military operation against Saddam Hussein. The intelligence services were simply told to deliver instead of being listened to. 113 The British Parliament saw the need for an investigation. The outcome was what today is known as the 2004 Butler Review141 and the 2016 Chilcot Report.142 Both state that the democratic collaboration of intelligence and policy had failed and hence should see internal review. Despite the political discussion around the Iraq invasion as such, for British Intelligence the lesson was that there should be more care in the validation of sources (it can be observed throughout history that there is great temptation to rely on a single source if the intelligence offered is attractive enough), better regulations for intelligence liaison and sharing, as well as an improvement of political oversight.

H. The Post-9/11 Era On 11th March 2004, several suicide attacks hit Madrid. The attacks were primarily carried out on trains during morning rush hour. Spain had not seen such a large-scale attack with so many fatalities before. In the aftermath, it was established by the authorities that there were several flaws in the national security system, for example regarding responsibility and investigatory powers of law-enforcement, which meant police and security services.143 Although Al Qaeda claimed responsibility for the attacks, there was little evidence to be found to underline such a claim. Instead, there was a suspected connection with the known ETA.144 However, as later found out, Spanish police informants who had helped under-cover investigations against Al Qaeda and terrorist groups in Northern Africa had been involved in the attacks. Whatever the condition of the national security apparatus at the time, however, the question for the Spanish authorities was why the attacks could not have been avoided. Relatively quickly, allegations against ETA were dropped, and traces to Islamist militant groups in Northern Africa were further pursued. To this day it has not been possible for the Spanish authorities or European organisations such as the European Union Agency for Law Enforcement Cooperation (EUROPOL) to find out who really was behind the attacks. 115 The fact that Spain was partaking in operations in Iraq was reason enough for the public to believe that this was an act of retaliation. In fact, this element caused political debate to the extent that the Spanish Government decided to terminate its mission in 114

139 See again for the whole narrative Ahmad, The Road to Iraq; Drogin, Curveball; Piffner/Pythian (eds.), Intelligence and national security policymaking on Iraq; Pillar, Intelligence and US Foreign Policy. 140 Butler, Review of Intelligence. 141 Ibid. 142 The Report of the Iraq Inquiry (2006). Available at: http://webarchive.nationalarchives.gov.uk/ 20171123122743/http://www.iraqinquiry.org.uk/the-report/. 143 Rose/Murphy, “Does Terrorism Ever Work? The 2004 Madrid Train Bombings”, International Security Vol. 32, No. 1 (Summer 2007), pp. 185–192. 144 Ibid.

30

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:39 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

Iraq.145 Ultimately, the attacks achieved political change, which is exactly what terrorism seeks to achieve. One outcome of the Madrid bombings was that Spain, Germany, Austria, Belgium, 116 France, Luxembourg, and the Netherlands signed the so-called Prüm-Convention in May 2005, also known as the Schengen III Agreement. Open to all Member States of the European Union, this agreement seeks to enhance cross-border cooperation against terrorism and organised crime. It originates from a German initiative reaching back to the year 2003, and was incorporated in an EU Council Decision in 2008, by which it became part of the EU’s counter-terrorism effort.146 On 7th July 2005, the UK was struck by multiple suicide attacks in central London.147 117 Despite all intelligence and security efforts, the attack could not be prevented. Just as it had happened before with the US Government, the question now was what had gone wrong in the security apparatus. In the aftermath, once again there was a parliamentary inquiry. The UK’s overseeing body, the Intelligence and Security Committee (ISC) issued its findings on 6th May 2009, stating that as difficult as it may be to accept, but the attacks could not have been prevented. The report makes unmistakably clear that the UK’s security service MI5 as well as the Metropolitan Police had done everything in their power to prevent attacks such as these from happening, and in fact looking at the statistics they had been quite successful in foiling others. The report also states what is well-known among those who study or work in the field of intelligence, namely that, as tragic as it may be, occasional failure is in fact something very natural.148 That said, the public yet had to learn this hard lesson while the intelligence community had known it long before.

I. European Politics, Edward Snowden, and Spying on Friends When the US intelligence contractor Edward Snowden shook the world in 2013 by 118 revealing a mass of classified material stolen from US intelligence through the onlineplatform wikileaks, nobody could guess the real impact. Only the aftermath made it possible to understand the scope of his doing. For the intelligence services, not only American but others as well, this was a disaster. Snowden’s revelations of surveillance programs such as “PRISM” and the – publicly very much misinterpreted – handling of mass data presented a welcome target for politicians and journalists.149 Operationally, the revelations meant the exposure of many intelligence sources and methods in the field. Not only US intelligence was deeply affected, but also intelligence agencies in continental Europe. The BND saw great criticism from the German public and the Federal German Government, particularly because of its collaboration with the US NSA.150 145

Ibid. Coolsaet, “EU Counterterrorism Strategy: Value Added or Chimera?”, International Affairs 86: 4 (2010) 857–873. 147 See Hewitt, The British War on Terror: Terrorism and Counterterrorism on the Home Front since 9/11, 2008. 148 ISC, Report into the London terrorist attacks on 7 July 2005 (2006). Available at: https://assets. publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/224690/isc_terrorist_ attacks_7july_report.pdf (accessed on 29th July 2018). 149 Anderson, A Question of Trust: Report of the Investigatory Powers Review, Available at: https:// terrorismlegislationreviewer.independent.gov.uk/wp-content/uploads/2015/06/IPR-Report-Print-Version. pdf (accessed on 29th July 2018). 150 Spiegel Online, Snowden claims: NSA Ties Put German Intelligence in Tight Spot http://www.spiegel. de/international/world/whistleblower-snowden-claims-german-intelligence-in-bed-with-nsa-a-909904.html (accessed on 29th July 2018). 146

Goodman/Ischebeck-Baum

31

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:40 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction 119

120

121

122

123

Reference will be made to the German laws governing intelligence and surveillance operations at a later stage in this book, however, politically speaking of respective historical events, anything to do with state surveillance tends to spark an emotional debate in Germany. In light of the NSA activities, the German government established a parliamentary inquiry in 2014 to ensure appropriate political oversight over the German services, operating domestically and overseas.151 On 28th June 2017, the fact finding commission handed its final report to the German Parliament. The outcome is still causing political debate. It did, however, contribute to the overall discussion around what the intelligence services should and should not do.152 It did not help that the Snowden-revelations also brought to light the NSA-hacking of Angela Merkel’s phone in 2009. As much as it can be discussed whether it is wise or not for the German Chancellor to communicate sensitive state business on an open line, finding itself the target of a friendly nation was considered somewhat of a hostile act within the German Government. Espionage and “spying on friends” are mainly considered a “don’t ask, don’t tell” issue. However, the political damage that was done, once again outweighed the potential value of intelligence gained. The definite low-point of German-US relations appeared through a – presumably – unprecedented HUMINT-case when a middle-ranking member of the BND was found to be spying on the above parliamentary inquiry for the Americans in 2014. It was later discovered that he had been passing classified material to his American handlers since 2008. This led to the expulsion of the CIA Station Chief in Berlin in 2014.153 The role of the UK’s GCHQ and whether it was actively involved in any of the operations remains unclear. The BND-member had been a rather adventurous character who found himself frustrated in his current position. In a court hearing he stated that his main motivation was to experience “something different” in his life. Reports show that he was working in the middle-ranks of the BND, dealing with archival work and internal administration regarding overseas postings, which is considered a rather unexciting and monotonous activity. Per his own account, he craved recognition, which was hopeless to find in the grey corridors of the German agency. Only the Americans were able to really appreciate his existence – at least they made him believe so. Ultimately though, for him that was not enough. After some six years of espionage activity for the Americans he approached the Russians in Berlin, offering his services in an email, attaching classified material to prove his value as a source. Presuming that he had made a good pitch, the correspondence was intercepted by the German security service and he was arrested shortly thereafter. Only then it was discovered that in fact he was an American spy. He was prosecuted for treason and sentenced to eight years in prison.154 Interestingly, years before in 2008 he had also 151 See Spiegel Online, The NSA’s Secret Spy Hub in Berlin, 23.06.2017, available at http://www.spiegel. de/international/germany/cover-story-how-nsa-spied-on-merkel-cell-phone-from-berlin-embassy-a-930205. html (accessed on 1st August 2018). 152 An unclassified version of the final report can be found at Deutscher Bundestag, Beschlussfassung und Bericht des 1. Untersuchungsausschusses nach Art. 44 des Grundgesetzes – 23.06.2017, http://dip21. bundestag.de/dip21/btd/18/128/1812850.pdf (accessed on 1st August 2018). 153 Reuters, Berlin tells CIA station chief to leave in spy scandal, 10th July 2014, https://www.reuters.com/ article/us-germany-usa-spy-official/berlin-tells-cia-station-chief-to-leave-in-spy-scandal-idUSKBN0FF1GU 20140710 (accessed 1st August 2018). 154 See Generalbundesanwalt, Anklage wegen Landesverrats und anderer Straftaten, 25.08.2015 – 33/ 2015, http://www.generalbundesanwalt.de/de/showpress.php?newsid=563 (accessed 1st August 2018); Spiegel Online, Spionage für USA und Russland – Ex-BND Mitarbeiter zu acht Jahren Haft verurteilt, http://www.spiegel.de/politik/deutschland/spionage-ex-bnd-mitarbeiter-zu-acht-jahren-haft-verurteilt-a1082796.html (accessed 1st August 2018).

32

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:41 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

approached the US Embassy in Berlin through an email as well, which had worked. Some time after that he was contacted by US Embassy staff.155 Because the operational risk was estimated too high in Berlin, US Intelligence decided to run this operation out of the US Embassy in Vienna – which, together with Berlin, was one of the espionagehubs during the Cold War and to this day is a popular conduit for intelligence operations in continental Europe.156 This BND-member makes an interesting profile, proving that there is in fact some- 124 thing timeless about traitors and double-agents. Throughout decades and centuries of intelligence history, the drivers for turning against one’s own government seem only a handful: frustration, greed, adventure, blackmail, and so on. Most of them tend to be of surprisingly basic and utterly human nature. As a consequence of the above, the German Government decided to enter negotia- 125 tions with US intelligence and its British counterparts. The intention was to establish non-spy agreements on the one hand and improve regulations for future intelligence liaison on the other. A German effort to join the Five Eyes consortium failed, however.157 It remains a very exclusive club. Instead, the German Government managed to negotiate agreements that nowadays serve as a solid basis for intelligence liaison with the Five Eyes community. “Spying on friends ‘remains’ don’t ask, don’t tell”, it seems.

J. Intelligence and the European Union When continental Europe saw multiple terror attacks by so-called Islamic State (or 126 “Daesh”) in recent years, European Governments realised how vulnerable the European security landscape actually was in the twenty-first century, despite all advanced technology and defence mechanisms. Europe and the EU had seen terror before, of course, but this was something new. Several of the EU Member States saw themselves confronted with most appalling gaps in their systems, leading to public accusations of either intelligence or political failure. A traumatic experience. Despite their good intelligence relations in the Maghreb and other regions influenced 127 by Islamic beliefs, particularly the French and their national security system seemed to suffer greatly from institutional weakness and a massive decrease in public trust. This became most obvious through the so-called “Charlie Hebdo Attacks”. In fact, following institutional failure (policy or intelligence, that is), the French Government has seen a parliamentary ruling on the immediate need for intelligence sector reforms.158 One of the outcomes was the initiative for a reform of the national intelligence machinery, which meant a review of the relationship and mechanisms between collection, analysis and consumer.159 Most naturally, this also meant assessing France’s contribution to and liaison with EU intelligence. 155 Ibid; Reuters, Berlin tells CIA station chief to leave in spy scandal, 10th July 2014, https://www. reuters.com/article/us-germany-usa-spy-official/berlin-tells-cia-station-chief-to-leave-in-spy-scandalidUSKBN0FF1GU20140710 (accessed 1st August 2018). 156 For example, see Andrew, KGB, p. 102; Kalugin, Spymaster, pp. 174–175, 180, 183, 184, 194, 289. 157 See Financial Times, Angela Merkel eyes place for Germany in US intelligence club, 25th October 2013, https://www.ft.com/content/e2492a3a-3d7a-11e3-9928-00144feab7de (accessed 1st August 2018). 158 See Chopin, Intelligence Reform and the transformation of the state: the end of a French exception, in Schmitt (ed.), Myths and Realities of the French Way of War, Journal of Strategic Studies, Vol. 40, Issue 4 2017, pp. 532–553. 159 Mueller/Stewart, “How French Intelligence Missed the Charlie Hebdo Terrorists”, Time Magazine (2015). Available at: https://politicalscience.osu.edu/faculty/jmueller/TNIcostsurveilTIMEfinlarger.pdf.

Goodman/Ischebeck-Baum

33

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:41 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction 128

129

130

131

132

The need for pooled and shared intelligence is nothing foreign or new to European Member States or the EU. Despite the respective national objectives, there has always been a basic common strategic interest. It is therefore only natural that the EU has been striving for its own intelligence for almost twenty years. Oftentimes in the recent past, political will and operational need for closer cooperation among member states has been expressed publicly but even today it remains a substantial operational and legal challenge. Intelligence and security services see themselves confronted with the dilemma of having to preserve a considerable and indeed very necessary degree of secrecy on the one hand, and the need to share with partner agencies on the other. The EU has been making a substantial effort in representing a platform for this rather sensitive undertaking, abiding by the principles of and following EU objectives. May it be in cyber-security, counter-terrorism, the fight against organised crime, counterproliferation of WMD, counter-intelligence or defence and conventional military operations: existing EU intelligence and security agencies have been seeking to overcome cultural obstacles and combine the effort. A major underlying principle, however, is the fact that the EU does not run its own intelligence operations as such. There is no EU tradecraft, there are no EU-led intelligence operations; there is only common analysis and distribution to EU political entities. The leading EU intelligence body is the “European Union Intelligence and Situation Centre” (EU INTCEN). INTCEN is responsible for analysis, general situational awareness and early warning, and serves the EU High Representative as well as other EU entities including Members of Parliament, as the main intelligence provider for informed decision-making.160 INTCEN’s institutional and legal roots lie in the Treaty of Lisbon, which in the year 2007 in principle amended two other major treaties, the 1957 Treaty of Rome, and the 1993 Maastricht Treaty. INTCEN’s general legal basis remains disputed, however, it is safe to say that the intelligence initiative as such is mentioned in the EU Council Decision of 26th July 2010, and is therefore officially recognised. INTCEN’s predecessor until 2012 was SITCEN, the EU Situation Centre, which, in its latest version, was established under the auspices of the then High Representative, Dr. Javier Solana in 2002. In fact, the initiative to provide the EU with intelligence goes back to 1999 and is closely linked with the development of the EU’s Defence and Security Policy (EDSP). Early days only saw the establishment and analysis of Open Source Intelligence (OSINT), but in the aftermath of “9/11”, the High Representative Solana initiated that member states should also contribute secret intelligence. In 2002, this also included the establishment of a counter-terrorism cell, staffed by security services personnel from respective member states. Additionally, INTCEN is supported by the “Satellite Centre” providing IMINT. Together with the EU’s Military Staff (EUMS), which also includes the EUMS Intelligence Directorate responsible for the support of EU military operations and early warning, INTCEN is nowadays part of the EU’s External Action Service (EEAS).161 In 2007, both the EU’s civilian and military intelligence bodies entered formal agreements for closer cooperation, and were subordinated to the EEAS in January 2011. Today, this machinery is known as the Single Intelligence Analysis Capacity (SIAC), ensuring that most reports and briefings issued to member states or EU entities. SIAC operates under the overall authority of the High Representative of 160 For more information, see de Franco/Meyer (eds.), Forecasting, Warning and Responding to Transnational Risks 2011. 161 For more information on the EEAS, see https://eeas.europa.eu/headquarters/headquarters-homepage_en (accessed 1st August).

34

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:42 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

the European Union for Foreign Affairs and Security Policy, who, at the same time, is also the Vice President of the European Commission. Most of INTCEN’s staff are EU officials complimented by subject matter experts from respective EU member states. INTCEN does not have its own budget but is being funded through the overall EEAS budget instead. Additionally to INTCENT’s institutional and legal foundations, there are furthermore two fora that play a significant yet almost unofficial role in the history of EU intelligence, namely the Club of Berne and the Club of Madrid. Not much is known about the Club of Berne, let alone published. What is in the public domain, however, is the fact that it is an informal forum founded in 1971 and, according to a press-statement by the Swiss Federal Police dated 28th April 2004, consisting of the EU member states as well as Norway and Switzerland.162 The rare press-statement was released due to the fact that in this particular year the Club of Berne launched the Counter-Terrorist Group as an off-shoot, which, in a similarly informal manner, was to support EU counter-terrorism strategy through intelligence sharing. The Counter-Terrorist Group acts as the link between the Club of Berne and EU INTCEN, and today is a permanent and reliable body in the EU security landscape. The Club of Madrid, in comparison, is a similar non-profit, yet much more public organisation. It was founded in the year of 2001 and, according to its website, mainly consists of former heads of state and ministers form sixty-five nations around the globe. Its purpose is to foster mutual understanding on the policy level, and it stands as an informal yet well-known forum for the exchange of political views. Although not as secretive as the Club of Berne, the Club of Madrid serves the EU as a strong platform in the realm of defence and security policy making. Based on official and mostly open policy documents, INTCEN has a hybrid Fusion well analysing hybrid threats since 2016. In summary, EU intelligence so far shows a more or less solid structure, which in other words means it is mostly effective despite occasional criticism. However, not least due to cultural differences between its member states and sometimes bulky administration and laws, challenges remain. At the time of writing, the most significant challenge in this regard is without doubt the departure of the United Kingdom from the EU, commonly known as “Brexit”. A precedent in the history of the EU, this case most naturally concerns the full range of European interests from economy, to law, to health-care, to security. Contemplating national security and intelligence, it remains to be seen how both the EU and the United Kingdom manage to survive this “divorce” in the best possible manner. Looking at the EU’s intelligence and security structure (i. e. the EEAS, the European Union Agency for Law Enforcement Cooperation or EUROPOL, and other information hubs), and the United Kingdom’s contribution to it, as well as her benefit from it, the core question is not whether there will be future cooperation at all; common strategic interest and common threat perception will without doubt lead to a form of liaison and long-term engagement. Instead, the issue of Brexit seems to be of more administrative nature, which, in a way, should not necessarily concern the operational level too much. After all, existential fears around Brexit seem to be mainly rooted in the economic sector, rather than in security and intelligence.163 162 Federal Office of Police, Club de Berne meeting in Switzerland, Press Release, fedpol, 28.04.2014, https://web.archive.org/web/20110510110856/http://www.ejpd.admin.ch/ejpd/en/home/dokumentation/ mi/2004/ref_2004-04-28.html (accessed 28th February 2018). 163 For further elaboration on EU Intelligence and Brexit, see Ischebeck-Baum, Anglo-German intelligence relations and Brexit, Journal of Intelligence History, Volume 16, Issue 2, 2017, pp. 95–99; https:// www.tandfonline.com/doi/abs/10.1080/16161262.2017.1333694 (accessed 23 February 2018).

Goodman/Ischebeck-Baum

35

133

134

135

136

137

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:42 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

K. Conclusion When looking at intelligence in Europe and the EU, addressing related challenges does not exclusively refer to mere national patterns of behaviour but also to institutional culture. Contemplating present and future intelligence in the European or any other context, it is often forgotten how beneficial it can be looking back and studying the history of things. Only then one should be able to understand the full context, requirements and challenges. The latter is not so much about predicting what will happen, but more about awareness for flaws in analysis within the system itself. It is, however, also about understanding that some things – such as an occasional failure on all levels and sides – cannot be avoided. Europe or the EU are subject to these conditions just as any other entity or nation. After all, history and the study of intelligence as a subject from different angles does have operational value. Analysing the history of European Intelligence including defence intelligence, one comes to realise maybe the profoundest thing of all, namely that, most naturally, liaison and cooperation are possible to a certain extent, but contributions do have their limits. Most of all, with more than one nation around the table there will always be more than one agenda. This is the classic and well-known dilemma of intelligence liaison, and it will be no different in the case of the EU. 139 For the last century, intelligence has grown to become the cornerstone of governmental decision-making and policy. Whereas its initial goal had been military, this scope has diversified to reflect the nature of the international scene, for as the target changes, so too must the intelligence organisation. In the twenty-first Century, intelligence is as vital as it has ever been. The proliferation of threats and the interconnectedness of the world, together with the information revolution that has taken place, may have altered the methods of spying but, at the same time, its core role and nature has remained undiminished. The evolution of the internet and the reliance upon technology for everyday life means that technical intelligence gathering has risen in importance, and while this is useful for targeting some threats and advances in technology are, of course, invaluable, it can be safely said that they cannot replace the spy on the ground. 140 The vulnerabilities of systems and human beings remain the same today, and whether they are exploited by human or technical means, the role of intelligence in modern European nations and the EU has remained the same: to discover and make use of information that the recipient wants to keep secret. By processing and using intelligence on others, the EU will remain an intelligence target itself. It therefore seems advisable when contemplating past, present and future of EU intelligence from a doctrinal or an institutional point of view, to take into account measures of counter-intelligence as well; for the latter should be a natural element in any mind-set related to intelligence, security and resilience whatsoever. The fact that the EU does not actively acquire intelligence but is only on the consuming side does not provide any real protection in this regard. 141 Is there “European Intelligence” after all? Not quite, but rather a European way of intelligence when it comes to SIAC. What could make intelligence European, however, could be the way it is understood and used according to geo-political concerns. Although we may not be too far from it, until now the United States of Europe do not exist. As a consequence, most tradecraft methods and means in intelligence remain classified at the national level, based on domestic doctrine and laws, first and foremost serving national interest. Be that as it may, from the international perspective, such 138

36

Goodman/Ischebeck-Baum

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:42 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence in Modern European History

should not be seen as a problem; in fact, trying to gain more insight in the national business from an EU perspective for example, could be counter-productive. It must be understood that secrecy is vital. It can be established, that, after all, what makes intelligence European, should be the dedication to European goals and strategy. For it is the European political leader who has the burden of decision-making. That is, wellinformed decisions, in the best case. How the knowledge has been acquired, however, will remain an individual and sovereign secret – sovereignty itself being at the very core of the European idea.

Goodman/Ischebeck-Baum

37

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:43 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2 Means and Methods of Modern Intelligence and their wider implications David Omand Outline A. The case for secret intelligence ..................................................................................... B. Means and methods of secret intelligence ................................................................. I. Human intelligence................................................................................................. II. Signals and communications intelligence.......................................................... III. Imagery...................................................................................................................... IV. Technical intelligence............................................................................................. V. Social media intelligence ....................................................................................... VI. Digital intelligence .................................................................................................. VII. Open source intelligence ....................................................................................... C. Intelligence in the service of a wider definition of national security................... D. The Requirement for pre-emptive intelligence ......................................................... E. The interaction of new demands and new sources of supply for pre-emptive intelligence ......................................................................................................................... F. Future developments in digital intelligence gathering............................................. G. Regulating the dynamic interaction between the demand for and supply of digital information ........................................................................................................... H. How law enforcement and intelligence agencies must respect privacy and other human rights .......................................................................................................... I. Modern intelligence processes and the intelligence cycle....................................... J. Organisational challenges for modern intelligence communities ......................... K. The need for greater international intelligence cooperation.................................. L. Conclusion .........................................................................................................................

mn. 1 3 3 7 15 16 17 18 19 20 25 32 37 41 45 50 53 73 76

Bibliography: Aldrich, GCHQ, London: HarperCollins, 2012; Anderson, Bulk Powers Review, London, August 2016; Andrew and Gordievsky, KGB, London: Hodder and Stoughton, 1990; Andrew, Aldrich and Wark (eds.) Secret Intelligence: A Reader, London: Routledge, 2008; Bingham, The Rule of Law, 2011 London: Penguin Books; Dover, Goodman and Hillebrand (eds.) Routledge Companion to Intelligence Studies, 2015; European Convention on Human Rights; Gomez, The Targeting Process: D3A and F3EAD, Small Wars Journal, 2011; Herman, Intelligence Power in Peace and War, London: RIIA, 1996; UK Regulation of Investigatory Powers Act 2016; Grey, Ghost Plane, London: St Martin’s Griffin, 2007; Home Office, Code of Practice for the Acquisition and Retention of Communications Data under the UK Regulation of Investigatory Powers Act, 2016; Johnson, The Oxford Handbook of National Security Intelligence, Oxford: OUP, Lowenthal, Intelligence: From Secrets to Policy Washington, DC: Congressional Quarterly Press, 2005;2012; Omand, Securing the State, London: Hurst, 2010.

A. The case for secret intelligence 1

Most of the information needed to make sense of the world around us, whether by governments, private companies or citizens, comes from sources that are open to our scrutiny if we know where to look. The Internet and the World Wide Web that it carries have revolutionised the ease and speed with which we can acquire and share information, and cheap storage and powerful cloud computing has made processing of big data an economic proposition. Of course we also need to apply the intellectual effort to understand the sources of the data and the limitations of any quantitative methods

38

Omand

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:43 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Means and Methods of Modern Intelligence and their wider implications

being applied in order to judge the reliability of inferences being drawn (such as the representativeness of past information on which algorithms being applied to today’s conditions were constructed). But, stubbornly, when it comes to the areas of national security and law enforcement there remains vital information that the authorities in democratic nations need to complete the picture but cannot easily obtain since those with the information take steps – sometimes extraordinary steps – to prevent anyone knowing their secrets. These others include dictators, terrorists and insurgents, cyber attackers, proliferators, people traffickers, child abusers, money launderers and criminal gangs of all types. Their common characteristic is that they either actively mean to harm us or are capable of creating serious threats to our national security and well-being. The purpose of secret intelligence is to obtain such information, overcoming the obstacles that the owners of the information place in the way1. Obtaining secret intelligence on the plans of a military opponent threatening invasion 2 or the subversives seeking the overthrow of legitimate authority is a defensive State activity as old as history. Information is gathered, preferably without the knowledge of the target analysed and understood, and then, hopefully, used to pre-empt the threat. This activity has become over the centuries a distinct specialization for the military and for law enforcement and a unique branch of civil government in the form of security and intelligence agencies. Modern national security still includes deterring and defending against external threats and when necessary countering domestic subversion of democratic institutions. For most European nations there is the added strength that comes from belonging to a North Atlantic collective defence and deterrence structure in addition to the security solidarity implicit in membership of the European Union. Supporting such arrangements will feature high up in lists of approved intelligence requirements for European nations. Examples today would include gathering intelligence to understand North Korean flouting of UN Resolutions and Russian behaviour in Crimea and Ukraine that has attracted censure and sanctions from the European Council. Another would be the provision of intelligence to address the growing concerns over subversive and criminal activities on the Internet, including the activities of Russian criminal groups and their interference in democratic elections in a number of European States following the exposure of cyber meddling in the US Presidential election. There are many other examples of continuing legitimate demands for intelligence to support national and collective diplomacy, military planning and cyber security.2

B. Means and methods of secret intelligence I. Human intelligence To meet the demands for intelligence from government, the armed forces and law 3 enforcement a range of methods are available. Traditionally these methods could be divided into those that involve the use of human beings as agents to steal information, and the use of technical devices to obtain the information from wireless communications and electronic emissions, audio signals, and other forms of sensor. A convenient acronym for the former is HUMINT, in which intelligence officers belonging to an intelligence agency recruit and run agents in order to penetrate the organisations or groups holding the secrets being sought. The agents are normally (but not exclusively) 1 2

Omand, Securing the State, London: Hurst, 2010, p. 22. Herman, Intelligence Power in Peace and War, London: RIIA, 1996, chapter 1.

Omand

39

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:44 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

nationals of the target country, such as military officers and government officials who have become disaffected with the regime, or for some other reason can be persuaded to conduct espionage. Intelligence officers are often posted overseas as part of a diplomatic mission and have the benefit of diplomatic status if their agent running operations are exposed or operate undeclared (“illegals”), requiring the time consuming manufacture and the maintenance of a suitable cover inside the country (a tactic therefore used sparingly but notably by the Russian services against Western nations). With friendly governments it is often the case that intelligence officers within diplomatic missions are declared to the government of the country in which they are stationed in order to facilitate intelligence exchanges and liaison. 4 The historical record shows that the well-placed human agent is in a unique position to provide information on the intentions of a potential adversary, and to assist in understanding of decision-making within the target nation, whilst more technical sources can often fill in the gaps and more easily provide intelligence on military, industrial and scientific capabilities. An example of the former during the later Cold War can be seen in the case of Oleg Gordievsky, an agent of the British Secret Intelligence Service (SIS) (including being run as an agent whilst acting as head of the KGB residency in London) who was able to reveal much about the paranoia exhibited by the leadership in Moscow over their fear of a US first strike attack and who, through his reporting and personal meetings with Margaret Thatcher and Ronald Reagan, influenced their views of the new Soviet leader Mikhail Gorbachev.3 On the other hand, we now know how thoroughly the wartime US nuclear weapons programme, and the British intelligence community itself, had been penetrated by communist sympathisers passing information to the KGB.4 Today the search for well-placed agents in foreign governments of interest continues on the part of all HUMINT services. 5 Another use of human agents of considerable antiquity is to facilitate technical access to targets, such as giving access to codes and cyphers used by diplomatic representatives to protect their despatches. Today, a well-placed human agent may be able to provide access to computer systems and assist in planting bugging devices to assist in interception. As the spread of strongly encrypted messaging systems spreads it must be expected that such human assistance will be increasingly sought in trying to penetrate terrorist, proliferation and other serious criminal networks including the planting of bugging and tracking devices. 6 Law enforcement has also a long tradition of running human sources as informants, often referred to as CHIS (covert human intelligence sources) specifically within known criminal organisations and within the wider criminal milieu in the domestic community as a whole in order to be tipped off about impending criminal conspiracies. National legislation normally provides for evidence from such sources to be used in court under specified conditions of admissibility5. Running agents within the most violent criminal gangs involves high risk to the individuals and their families, and that is certainly the case with terrorist and violent extremist groups, and may for that reason be practically impossible. Even where a recruitment of an informant may be achieved there may well be significant dangers of the authorities ending up colluding in criminal wrongdoing, 3

Andrew and Gordievsky, KGB, London: Hodder and Stoughton, 1990 chapter 13. US Department of Energy Manhattan Project, https://www.osti.gov/opennet/manhattan-project-history/Events/1942-1945/espionage.htm accessed 5 Feb 2018. 5 For example Law Report: Bugged recording is admissible: Regina v Khan – Court of Appeal (criminal Division)(Lord Taylor of Gosforth, Lord Chief Justice, Mr Justice Hutchison and Mr Justice Pill), 27 May 1994, accepting the relevance of the Home Office guidelines of 1984 on Covert Listening Devices and Visual Surveillance (Private Place). 4

40

Omand

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:44 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Means and Methods of Modern Intelligence and their wider implications

particularly if to maintain cover the individual is required to operate as an active member of the terrorist network or criminal gang.

II. Signals and communications intelligence Turning to technical sources, the most significant of these is still SIGINT, the acronym for signals intelligence. The most important branch of SIGINT is COMINT, or communications intelligence, although for military intelligence customers ELINT, or electronic intelligence (such as can be obtained from studying the characteristics of radar and other electromagnetic emissions) has a specialized but essential role. The interception of telegraph links using undersea cables was common by the early 20th century, a notable example being the interception in 1917 of the Zimmermann telegram, whose disclosure by the British to the US President helped to bring United States into the First World War on the side of the Allies. SIGINT was then obtained from the interception of radio communications of military headquarters and forces, diplomatic missions, governments and defence facilities and intelligence agencies including their illicit radio communications with their secret agents. Collection of SIGINT was by ground stations equipped with specially designed aerials for the purpose, or from ships and aircraft, and in some cases by covert sites within diplomatic missions. Longer-range high frequency (HF) radio transmissions were gradually replaced by microwave signals sent over long distances using line of sight relays, often from highly distinctive microwave towers or by using communication satellites to relay the signals. The development of compression algorithms meant that very many separate channels of communication could be sent on a single bearer (land cable or microwave link). Intercepting such links became a common part of SIGINT operations, and specialist SIGINT satellites in geo-stationary orbits were also used to intercept otherwise inaccessible major microwave links by capturing line of sight signals as they passed into space due to the curvature of the earth.6 Most recently, in the 2013 Snowden material7, there is much made of the access that the United States and her close intelligence allies have to the modern global digital communications network that carries Internet traffic, including that part carried by undersea fibre-optic cables. The volumes of Internet traffic are, however, truly vast and any interception agency however large and well-placed will only be able technically to access a small proportion of the global total and on practical grounds to retain and store a fraction of that accessed (figures of total access and store are not available but the National Security Agency in 2013 estimated that its analysts look at 0.0004 % of the world’s traffic in conducting their mission and since then the volume of global communications has continued to grow rapidly)8. A traditional part of SIGINT activity is DF (short for direction finding from the triangulation of radio signals) to locate the position of a transmitter. DF has largely been replaced by the modern LOCINT, or location intelligence, derived from data transmitted by mobile or other Internet enabled devices and the applications (apps) carried on them. Communications data from mobile devices showing who called whom, where, when and how can be a valuable source of LOCINT for military operations (such as the 6

Aldrich, GCHQ, London: HarperCollins, 2012. An indexed site of the material stolen by Edward Snowden from the US National Security Agency can be found at https://www.lawfareblog.com/snowden-revelations, accessed 5 Feb 2018. 8 https://www.theatlantic.com/politics/archive/2013/08/nsa-better-data-collection-math/311998/, accessed 5 Feb 2018. 7

Omand

41

7

8

9

10

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:45 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

11

12

13

14

allied operations in Iraq and Syria against the so-called Islamic State, NATO operations in Afghanistan and the current NATO forward deployments in the Baltic States). LOCINT is also proving essential for counter-terrorist operations in Europe and elsewhere. LOCINT is used routinely in many criminal investigations both to eliminate suspects from inquiries and to identify suspects for further investigation. A classic example would be the identification of a suspect for a murder with no witnesses whose mobile device was active both at the scene/estimated time of death of the victim and also at the waste-ground/time when it is believed that the body was dumped some kilometres away. Communications data from the communications company concerned, normally later admissible in court, can show whether there was the same mobile device present at the two places/times of interest and thus provide a lead for further investigation. Radio communication networks still exist, particularly for military units that require mobility, flexibility and independence from fixed systems that may not be available during hostilities, such as mobile phone networks. But by far most of today’s communications of interest are carried on the Internet including the strongly encrypted virtual private networks (VPN) of diplomatic services. An important distinction for the purposes of legal regulation of SIGINT activity is between Internet based communications data and communications content (which can be defined as information which discloses the meaning or part of the meaning of a communication). Communications data in turn can be divided into that which is required for the accurate transmission of the communication from sender to recipient (technical data about which device called which device, when, where and by what means) and information about the owner of the device such as their subscriber details, billing address and so on9. Another important distinction often made in law is between the direct interception by a telecommunications company at the request of the authorities of the communications of an identified subscriber who is a suspect, or where the address of the subscriber is known, often called “targeted surveillance”, and the interception of the sought for communications through so-called “bulk access” to data streams then using filtering and selection algorithms to whittle down to the required communications (a task often colloquially referred to as finding the wanted needle in the haystack). SIGINT agencies in the past had to devote significant effort to long-range technical search across the spectrum of radio communications to seek new transmissions and types of transmission, to classify them and identify whether they could be of intelligence interest in relation to their statement of priorities and requirements. The equivalent today is the mapping of patterns of communication and sampling of communications over global networks, seeking to identify how packets of data are likely to be directed by the servers making up the network, programmed to direct traffic so as to minimise cost at that instant, a cost that is itself governed by volumes of traffic between those nodes at that time. Packets of data that comprise a single communication may well end up taking different routes from sender to recipient complicating the interception task. Understanding such traffic flows is necessary to a SIGINT agency in order to optimise the chances of intercepting wanted traffic – noting that this can never be guaranteed and is a probabilistic matter. How bulk access, filtering and selection are managed so as to respect privacy rights is examined later in this chapter. SIGINT agencies also have to be centres of cryptographic expertise. Military and diplomatic communications have always been protected by some form of encryption, 9 Convenient definitions can be found in the Code of Practice for the Acquisition and Retention of Communications Data under the UK Regulation of Investigatory Powers Act, 2016, London: Home Office, March 2015 available at https://www.gov.uk/government/consultations/investigatory-powers-act2016-codes-of-practice, accessed 5 Feb 2018.

42

Omand

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:45 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Means and Methods of Modern Intelligence and their wider implications

posing a challenge for the intercepting agency. Internet security relies upon public key cryptographic systems and these can be designed so as to be unbreakable in any feasible time even by the fastest specialist cryptographic computers. The Snowden disclosures about some of the ways in which SIGINT agencies had nevertheless got round the problems of traffic encryption led to an acceleration of the introduction of end-to-end strong encryption by most Internet companies. The result has been rapid adoption by terrorists of secure apps on their mobile devices, such as WhatsApp and Telegraph, effectively preventing intelligence and law enforcement agencies from eavesdropping on their conversations and messaging, including notably when terrorists are being directed from overseas to conduct an attack. Manufacturers of mobile devices have also increased the security of the devices themselves so that even when a suspect is arrested and their devices seized it may not be possible for the authorities to access evidence on the device. A number of Western leaders have called for the tech companies to work with the governments of the democracies to find new technological solutions compatible with privacy rights to this shutting out of law enforcement, and consequent failure to uphold the rule of law in cyberspace, but no solution has yet been volunteered.

III. Imagery A branch of intelligence work of growing importance is IMINT, short for imagery or 15 visual intelligence. Originally conducted by cameras carried by manned reconnaissance aircraft, such as the US U2 spy plane, the use of low earth orbiting satellites carrying high-resolution visual sensors became a major part of Cold War intelligence. Today multi-spectrum sensors can detect recently disturbed earth that might indicate the placing of roadside bombs on routes being used by military convoys. Remotely piloted drones can loiter for long periods, virtually undetectable, whilst providing real-time battlefield imagery for force protection and in support of special force raids and armed drones. The technology of visual recognition using artificial intelligence combined with powerful cloud computing will allow IMINT operations over public events to identify known terrorist or criminal suspects. Other powerful new techniques include the fusion of digitised mapping and geographic information (GEOINT) and imagery into threedimensional representations of terrain as they would be seen by a pilot or military unit on the ground, thus enabling routes to be planned that evade enemy defences and minimise the likelihood of detection.

IV. Technical intelligence By extension, other specialised forms of intelligence gathering have their own “INT” 16 acronyms. So, for example, MASINT refers to the branch of scientific and technical intelligence devoted to detecting, tracking, identifying and classifying the distinctive signatures that are emitted by intelligence targets, particularly in areas such as missile telemetry, nuclear weapons development and chemical and biological weapons detection. Forensic intelligence (which does not yet have its own INT acronym) has become ever more important as fingerprint and DNA recovery improves and trace analysis is possible from residues left at a crime scene, along with the recovery of information from digital devices found at the scene. US Special Forces are now being specially trained in forensics to obtain intelligence from the scenes of their operations and raids, such as that against the hideout of Osama Bin Laden, under the general heading of 3FAD (Find, Omand

43

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:45 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

Fix, Finish, Analyse and Disseminate) a variant on the well-known intelligence cycle, described later in the chapter10. ACCINT is another specialist term referring to the intelligence acquisition of acoustic noise signatures from submarines and other vessels so that they can be identified, crucial for distinguishing friend from foe underwater and civilian from naval surface vessels in conflict. The most recent addition to the lexicon is cyber forensics, the analysis of the computer code used in cyber attacks to establish the sophistication of the attack, the origins and reuse of the various sections of code and any clues from date-time stamps, language and other indicators that may assist in the attribution of the attack to a state or non-state group.

V. Social media intelligence 17

The very rapid global expansion in the use of social media has created its own subbranch of intelligence gathering, known as SOCMINT, in order to try to derive information about targets from their social media use. Sources range from open Twitter feeds to closed Facebook groups, comparable to SIGINT, and therefore the level of legal authority necessary to conduct SOCMINT will vary according to the degree of privacy intrusion involved. Police services around the world are increasingly investing in social media monitoring equipment that, combined with computerised sentiment analysis, can provide tactical intelligence on the mood of crowds and demonstrators at public events. Widely reported use of social media to communicate between demonstrators in the socalled Arab Spring has led to attempts to use SOCMINT to anticipate mass movements by deriving strategic intelligence about public mood and discontents, although the value of this work as a predictive tool is still uncertain.

VI. Digital intelligence 18

Another specialized and growing branch of intelligence, often known under the general heading of DIGINT, or digital intelligence, involves sophisticated data mining and crossreferencing (often known as layering) of information contained in bulk databases containing personal information (an alternative term is PROTINT (Personal Protected Intelligence) to act as a reminder of the fact that the main source of information is personal data covered by data protection legislation11). By definition, most of the information in such databases will relate to ordinary citizens or users of service, of no legitimate interest to intelligence or law enforcement services. Information relating to legitimate intelligence targets, if it exists in the database, will therefore comprise a very small proportion indeed of the total data being examined. For that reason, the holding of bulk personal databases by intelligence agencies should require careful legal regulation to ensure respect for the privacy rights of all those whose data is contained in the database12.

VII. Open source intelligence 19

Finally, as the introduction to this chapter showed, secret intelligence is best seen as a small and highly specialised subset of the very much bigger everyday activity of open 10 Gomez, The Targeting Process: D3A and F3EAD, Small Wars Journal, 2011, available at http://www. dtic.mil/dtic/tr/fulltext/u2/a547092.pdf accessed 5 Feb 2018. 11 Omand, pp. 32–33. 12 As has now been introduced in the UK under Part 7 of the Investigatory Powers Act 2016.

44

Omand

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:46 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Means and Methods of Modern Intelligence and their wider implications

information gathering and analysis. Where the topic being studied relates to an intelligence requirement, the term OSINT, or open source intelligence, is commonly used. The derivation of intelligence from open sources is now a mainstream activity for national intelligence communities. Its characteristic feature is that these are sources that can be accessed without special legal authority and without the application of the methods of secret intelligence described earlier in the chapter. Some at least of what would, for previous generations, might have had to be found out by secret methods, if it could have been found at all, can now be obtained from sophisticated Internet searches. Specialist websites, for example, provide the real-time location of merchant shipping and fishing vessels, valuable for counter-proliferation and counter-narcotics work. A notable use of open source analysis of aircraft numbers and sightings was the uncovering of the pattern of secret flights transporting the victims of the special rendition programs run by the Bush administration.13 Another was the confirmation of chemical weapon use by Assad’s forces in Syria from examination of fragments of weapons posted on social media. Crowdsourcing can identify individuals, for example from media or surveillance photographs (although the misidentification and public hounding of an individual wrongly suspected of the Boston bombing also shows the dangers of this approach).

C. Intelligence in the service of a wider definition of national security Increasingly, in more recent times, governments have had to be concerned not just 20 with the safeguarding of the national territory and its democratic institutions but also the direct protection of the public from a variety of threats to their everyday life. Today that tendency is most obvious from the risks to the public in Europe and elsewhere from both jihadist and extreme-right terrorism. Organised criminal gangs conduct narcotics and people trafficking, sanctions evasion, counterfeiting, money laundering, and other serious crimes. International child abuse networks exploit the Internet. Such forms of serious international criminality also are creating demands for greater government involvement including the rising tide of cyber attacks, both criminal and State-sponsored. It would not be an exaggeration today to say that a European State can only maintain that it enjoys fully the benefit of national security when the authorities have the trust of the public that they are capable of managing the full range of serious threats so that people can get on with normal life freely and with confidence. The methods for obtaining human and technical intelligence, including those made 21 possible by the modern digital world, can be applied to obtain intelligence on the traditional national security targets as well as on the modern threats from terrorism and criminality, including in cyberspace. This commonality of method can lead to conflation of secret intelligence work and surveillance, which is a specialised subset involving persistent observation of the target. Traditionally, surveillance activity by Western intelligence services was confined to the shadowing of naval submarines and warships and counterintelligence work, such as following suspected spies and intercepting their communications. Today, however, many European security and intelligence agencies have as a major priority the surveillance of violent extremists suspected of planning or supporting acts of terrorism. 13

Grey, Ghost Plane, London: St Martin’s Griffin, 2007.

Omand

45

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:46 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

Such surveillance should not be confused with “mass surveillance”, as conducted by the security and intelligence services of authoritarian states as seen in the past Cold War practices of Warsaw Pact countries. “Mass surveillance” involves persistent observation of either the population as a whole or a very significant part of the population in a way that is indiscriminate. The objective of security agencies such as the East German Stasi, for example, was to establish patterns of behaviour of the population at large, by mass surveillance, so that exceptional activity that might pose dangers to the State, such as contact with Westerners, could be more easily identified. 23 Western police services and other law enforcement branches, on the other hand, routinely engage in targeted surveillance of criminal suspects with intrusive methods including de visu observation and shadowing, the placing of tracking devices in vehicles and bugging devices in vehicles and premises. The degree of interference with personal privacy and the privacy of family is likely to be considerable given the persistent intrusiveness of the measures. Additionally, such measures, although targeted, are almost certain to intrude on family members and innocent contacts with others. 24 The complexity of modern global communications and apps, and the use of secure voice and video Internet communications such as Skype and iChat, has led to law enforcement today routinely seeking technical support from intelligence and security agencies. The use of intelligence techniques developed for national security purposes has had some notable successes such as the joint operation between US and European services to uncover and disrupt major child abuse networks using the Dark Net and the uncovering of previously unknown terrorist networks. 22

D. The Requirement for pre-emptive intelligence Public concerns have built up over the last few years over the effectiveness of the management of serious threats to normal life, as seen in the media criticism of governments after terrorist incidents and cyber attacks. There is natural public and Parliamentary concern that the rule of law be upheld with terrorists and criminals able to be brought before a Court so that they answer for the crimes they have committed. Much of the criticism is, however, directed at perceived failures of law enforcement and intelligence agencies to prevent the incidents in the first place, particularly in cases where the authorities turn out to have had some knowledge of the perpetrators beforehand. There is a public expectation that government will do what is necessary to protect them and their property from serious harm, that is to pre-empt threats whenever this can lawfully be done. To have any chance of succeeding in that objective, governments need access to adequate pre-emptive intelligence to enable them to forestall and thus prevent the harms to the public. But, as already noted, those who intend harm have no interest in allowing government to know in advance their intentions and capabilities, and every interest in frustrating them in doing so. 26 Two important conclusions follow for the legitimate collection and analysis of secret intelligence. The first implication of gathering such secret intelligence is that very special methods will have to be used to overcome the will of the person with the secret who is determined to prevent the authorities knowing it, methods that inevitably carry ethical risk. These methods are not ones that would be ethically acceptable as part of the general moral code for society. Secrets have to be stolen. Plainly, family members, friends or associates of the holder of the secret will have to be persuaded that they 25

46

Omand

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:46 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Means and Methods of Modern Intelligence and their wider implications

should betray confidences. The right to privacy of communications will have to be interfered with, and even the privacy of family life intruded upon by the use of bugging, hacking or other techniques (as allowed by the European Convention on Human Rights when provided for in law and necessary in the interests of national security, public safety or the economic well-being of the nation, for the prevention of disorder or crime, fort he protection of health or morals or for the protection of the rights and freedoms of others)14. If such ethically risky methods cannot be used then it becomes next to impossible to acquire a secret, and thus to prevent the harm. As seen after the terrorist attacks in Europe of the last few years the public holds government and its law enforcement and intelligence agencies firmly to account for, as they see it, failures to prevent these atrocities. So from the point of view of the authorities, society has to accept that there is an inevitable ethical risk involved in acquiring secret intelligence, whether by recruiting human sources or by technical operations to intrude on privacy. As will be discussed later in this chapter, it is nevertheless necessary – and possible – in a democracy to regulate by law the application of intrusive intelligence gathering methods and thus place strict bounds on the ethical risks involved (such as intrusion into the privacy of the innocent, so-called collateral intrusion) and to introduce strong safeguards such as independent judicial and Parliamentary oversight so that any danger of abuse of these powers under future governments can be safeguarded against. There is, additionally, a second inevitable implication that flows from the definition of secret intelligence that complicates the legal regulation of ethical risk, and that is the inherent need for secrecy over intelligence operations. Which intelligence sources and methods are being employed against which targets, and thus which ethical risks are being run on society’s behalf, must remain a deep secret of the State. Parliaments can legislate to regulate in general the type of techniques that can lawfully be authorized and employed, for what general purposes, and set down limits on their use (such as special provisions for authorizing surveillance of elected representatives, lawyers, journalists and clergy when suspected of criminal offences). But the targets can easily dodge attention if they know which methods are to be specifically directed against them. Without that essential core of secrecy over the use of sources and methods any efforts to gather intelligence would quickly become self-defeating, and certainly pose the risk of harm to human sources and their families if their existence became suspected. These two obvious implications of acquiring pre-emptive secret intelligence – the ethical risks inherent and the need for secrecy about the application of sources and methods – make hard, but not impossible, the construction of a sound regulatory framework to govern secret intelligence work, and to have independent oversight of it. Progress has been made over the last few years by a number of European nations rethinking their approach to the regulation of intrusive methods of intelligence gathering, and redefining accordingly the boundaries of desirable transparency and necessary secrecy. A particular concern in that respect for the European Commission (EC), the Council of the European Union and the European Parliament (EP) was the 2013 and 2014 global media allegations concerning bulk intelligence access operations15. These disclosures drew on highly classified material stolen from the US National Security Agency (NSA) by the US contractor Edward Snowden and its close partner the UK’s 14 15

ECHR, Art. 8, http://www.echr.coe.int/Documents/Convention_ENG.pdf. Discussed in Cameron, The Problem of Oversight, Part 4 Chapter 3, in this volume.

Omand

47

27

28

29

30

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:47 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

Government Communications Headquarters (GCHQ). Those disclosures brought to public and Parliamentary attention, in many cases for the first time, the increasing use of advanced techniques for bulk collection, analysis and storage of digital communications involving personal data and led to allegations from civil society groups that legal powers were being exceeded. The European institutions expressed particular concern that given the reach of the digital intelligence gathering and the volumes of data involved such activity might amount to mass surveillance that would breach the European Convention on Human Rights and the Charter of Fundamental Rights of the European Union16. Following legal challenges and much public debate, clarification has been obtained from US authorities and from European States that use such methods of much of what is actually involved and of how procedures and processes take account of privacy rights. The governments concerned have as a consequence had to make unparalleled disclosures and to avow of much that was previously secret, a major contribution to greater transparency, itself making possible clearer and stronger national legal regulation. Work also continues on issues surrounding the protection of the personal data of European citizens and its processing when held by US companies or transferred to the United States.17 31 The accusations by the media and civil society groups against several European security and intelligence agencies included that they were conducting unlawful surveillance18. Most of these allegations have subsequently been dealt with by the greater transparency referred to earlier, clarification of what legal powers were being used, and in some cases by fresh legislation. Also included in the Snowden material was information about previously secret intelligence cooperation arrangements between the United States intelligence community and many European security and intelligence agencies (outside the longstanding US/UK SIGINT cooperation). The scale of the revelations shook the trust of many EU citizens in their national intelligence services and the systems for their regulation. This in turn has created great concern within national law enforcement and intelligence communities that the necessary social compact over the use of the powers of the State had been weakened between the public and Parliament and national government and its secret agencies.

E. The interaction of new demands and new sources of supply for pre-emptive intelligence To explain how serious this situation has come about, and the implications for the regulation of intelligence activity by European nations, it is necessary to understand an extraordinary historical coincidence of two sets of circumstances that has unfolded over the last 20 years. The first set of developments is in the changing demands for intelligence specifically about people; and the second set of developments involves the ability of advances in Internet and digital technology to be able to supply information about people to meet those demands. 33 Although, as earlier noted, traditional intelligence requirements continue to be placed on agencies to gather intelligence on the Armed Forces and the capabilities of potentially hostile States and to support traditional arms control and diplomacy, a 32

16 For discussion of the EU institution’s reactions and relevant case law by the CJEU see Schmahl, Intelligence and Human Rights, Part 4 Chapter 2 and Sule, National Law and EU Law Restraints on Intelligence Activities, Part 4 Chapter 3, in this volume. 17 FRA (2014a), p. 81 and following; FRA (2015). 18 See Nyst and King, Intelligence and Civil Society, Part 4 chapter 6, in this volume.

48

Omand

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:47 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Means and Methods of Modern Intelligence and their wider implications

marked post-Cold War emphasis has been on managing the harms that individual actors or non-state groups pose to our societies. Faced with terrorist and serious criminal groups it is information about their leading personalities and individual members that is urgently sought. For example, intelligence is being urgently sought today to establishing their identities (the use of aliases and multiple identities is of course commonplace), locations and movements, communications, associates, financing, capabilities and intentions (including identifying today which of the comparatively large number of Al Qaeda and Daesh sympathisers in Europe, including fighters returned from the so-called Islamic State in Syria following its being over-run by coalition forces in 2017, and in surrounding nations are actually contemplating taking violent terrorist action themselves). That increase in demand for intelligence about individuals who intend harm has coincided, remarkably, with the transformation in everyday life wrought by the private sector as it developed the digital technology that has powered the Internet and the massive use of mobile devices. A striking example of the convergence of these trends is the use by Russia of advanced social media manipulation to interfere with the 2016 US Presidential election against candidate Hillary Clinton and in favour of Donald Trump.19 Digitised information has become the common currency of the modern world. This 34 can be seen in the high stock market valuation of Internet companies with few employees, minimal fixed capital but huge intellectual assets in the shape of skilled people and innovative ideas and the massive investments being made into the exploitation of big data. It can be seen too in the transformation of much of warfare through the application of advanced command, control and information management systems and the introduction of the armed drone. And in the forensic science now applied to a crime scene filled with sources of data ranging from DNA traces to that held by the smart sensors on a mobile device. Some countries now go to extraordinary lengths to try to hack into government and private sector databases to steal intangible wealth in the form of intellectual property. Hacking attacks have also been conducted by Russian intelligence agencies to steal information as part of campaigns to influence events, including the US 2016 Presidential election and the 2017 French Presidential election. In those cases personal emails were stolen and then released publicly to try to embarrass candidates, examples of “weaponizing” genuine information20. Disinformation, that is information known to be false or documents that had been forged, has also featured in recent covert Russian influence operations over events in Ukraine, NATO deployments in the Baltic states. Intelligence agencies see themselves helping decision-makers to make sense of what is going on and what may happen next by reducing their ignorance of important aspects of the world. Increasingly, the ability in that respect of even the most skilled human analyst is being enhanced by the application of various forms of artificial intelligence, enabling ever larger quantities of data to be managed and inferences to be drawn that would have been simply infeasible before the advent of high speed cloud computing and advanced data science. The application of modern intelligence methods is in the process of transforming our understanding of the world around us. The business model of the Internet involves the gathering, processing and storage of 35 digitized information about users so that their data can be monetised and used for 19 Details of the alleged interference are set out in the Justice Department Indictment of the Russian Internet Research Agency, of 18 February, available at https://www.justice.gov/file/1035477/download. 20 See the US Director of National Intelligence Assessment, Background to “Assessing Russian Activities and Intentions in Recent US Elections: The Analytic Process and Cyber Incident Attribution”, available at https://www.dni.gov/files/documents/ICA_2017_01.pdf.

Omand

49

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:47 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

marketing purposes, replacing much of the pre-existing advertising industry. That personal data comes directly from their use of modern communications and apps, social media, games, search engines, payment systems and on-line purchases, airline, train and hotel enquiries and booking systems and all the other applications that have become so much of our daily life. The traces of our Internet activity, and the records of our real world activity that government and private sector alike keep in digitized form, represent an “Electronic exhaust” as it has been called that we all leave behind us. It should have come as no surprise therefore that there has been this dynamic interaction between the demand for, and supply of, intelligence about people of interest. 36 The targets of intelligence activity and law enforcement investigation have themselves quickly taken full advantage of the digital Internet revolution. In the early years of the First World War there was a rapid take-up of the then new technology of radio by warships and military units revolutionising command and control, and an equally rapid exploitation of that fact by the new intelligence techniques of radio direction finding and interception (the world’s first signals intelligence interception station was set up in 1914 by the Royal Navy in Scarborough on the north-east coast of England to monitor the movements of the German Grand Fleet). In a comparable way we can see in recent years the rapid take-up of digital technologies by terrorists exploiting the advantages of Internet anonymity, the security provided by public key encryption and the ability to have their communications hidden amidst the vast volumes of global communications in order to plan and direct operations and instruct followers in new techniques of bomb-making. Both AQ and Daesh provide their followers with instruction on security and evading digital surveillance, having learnt from the Snowden material how the US and other nations were able to access and exploit Internet communications21. Terrorist movements such as Daesh have become expert at using digital technology to spread their ideology to gather new recruits and motivate them to conduct attacks. Similarly criminals are able to use the Internet to plan and communicate securely, and in particular to acquire and use tools for conducting cyber-crime at scale. So it is to be expected that in pursuit of their targets the major intelligence powers outside and inside Europe will continue to try to develop advanced methods to access the digital communication networks used by their suspects and to examine their Internet usage.

F. Future developments in digital intelligence gathering 37

The digital revolution is transforming other forms of intelligence gathering as well. Imagery from high-resolution digital cameras (now ubiquitous in every mobile device) can be collected and analysed in ways not before possible. Drones with such cameras can conduct surveillance over long periods (and criminals are now using such techniques to “case the joint” before they strike). Telemetry and other technical intelligence are now available in digital form and can be analysed very quickly (including “lab on a chip” devices to monitor for counter-proliferation purposes). Even human intelligence agent recruitment has been affected since obtaining the services of technicians and others with access to adversary networks may pay much higher dividends than recruiting the classic 21 Examples of such OPSEC advice can be found in Zetter, Security Manual Reveals the OPSEC Advice ISIS Gives Recruits, Wired Magazine, 19 Nov 2015, https://www.wired.com/2015/11/isis-opsec-encryption-manuals-reveal-terrorist-group-security-protocols/, accessed 5 Feb 2018.

50

Omand

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:48 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Means and Methods of Modern Intelligence and their wider implications

20th century diplomat as a spy. In that respect at least, human intelligence has regained its salience as a vital component of national intelligence communities. The spread of strong end-to-end encryption (a trend accelerated by the publicity 38 given to digital intelligence following the reporting of Edward Snowden’s accusations) has, on the other hand, made it harder for SIGINT agencies to acquire the actual content of digital communications. Intelligence agencies have therefore recognised the value of being able to get closer to their targets, including having access directly to the devices they are using for communication. This has led to the development of sophisticated malware and network exploitation tools, often known under the general heading of “equipment interference”. Other close-access methods include placing bugs in devices such as printers or computer cables and exploiting the microphones and cameras within modern devices including Internet enabled televisions to eavesdrop on conversations. Many of these methods used by Western intelligence services have been exposed by Edward Snowden and WikiLeaks22. In parallel with the development of digital communications, governments and private 39 sector enterprises now routinely digitise their financial and other transactions with citizens and customers, both to increase the attractiveness of the service and to save back-office staff costs. Search engines have rapidly improved over the last few years and now are able to respond intelligently to queries for information, including spoken commands. Applications such as Google Maps and Google Street View, and their competitor services, provide any user with an unparalleled reconnaissance ability, one that terrorists and criminals have certainly exploited – but in turn one that can provide leads for the authorities to follow up after crime has been committed. Digitised information is cheap to store, at least relative to the old days of paper or analogue recordings, and has the enormous advantage that stores of data can be searched and compared, and advanced algorithms applied, in ways and at speeds simply not feasible before. Digital science is one of the fastest growing areas of technology with huge applications in such areas of civil life as varied as personalised medicine to the running of efficient transport systems. Artificial intelligence with neural and Bayesian learning programmes has already led to the development of advanced facial recognition systems that could pick out the terrorist suspect in a crowd and handwriting recognition algorithms that can or beat any human analyst. One of the most striking examples – of considerable and obvious interest to law 40 enforcement as well as intelligence today – follows from the digitisation of mapping. Mobile devices that we all carry around are routinely broadcasting our location, required if there is to be a seamless handover from one mobile cell tower to another as we move about, and for those who wish to call us to be able to have our communications directed to our device wherever on the planet we are. Even where users try to disable such functionality, the many apps which for convenience we have on our phones may well also be sending location data (without which the usefulness of the app would be sharply reduced if not removed altogether).

G. Regulating the dynamic interaction between the demand for and supply of digital information In short, a great deal of information about our daily lives and habits can be inferred 41 from digitized data, knowledge that in the past could only have been obtained, if at all, 22

For example see the Vault 7 disclosures, https://wikileaks.org/ciav7p1/, accessed 5 Feb 2018.

Omand

51

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:48 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

with major expenditure of time and effort through old-fashioned “shoe leather” investigations. Faced with the urgent demands for information about people, and all these digital supply opportunities, there is no sign of slowing down of the dynamic interaction as intelligence communities around the world make efforts to meet the former through the exploitation of the latter. For the democracies (but alas only for them) how far this dynamic interaction between demand and supply should be restricted and regulated has become a major public policy issue. The very power of these digital methods creates ethical and legal issues for any democratic government that wishes to employ them. 42 In the days of analogue technology a police service could request a wiretap on a criminal suspect, or an intelligence agency on a suspected spy, and, given the appropriate warrant, the national telephone company would deliver the product of interception from a single line to the authorities. Compare and contrast with the situation today where there is a multiplicity of competing providers of mobile telecommunication services and a variety of apps that allow voice or video communication over the Internet. Strong encryption protects the content of many of these communications. Communications data can provide useful intelligence about who is in contact with whom and when but is often only accessible in bulk, meaning that the data relating to suspects is mixed up with that of the general population. The same point applies to bulk personal data bases which the intelligence agencies and law enforcement may wish to query, which by definition contain mostly information of no interest to the authorities. With global packet switched networks, foreign interception is not straightforward either and to access the desired communications may involve complex filtering and selection from a stream of data (much of which is global market trading, commercial on-line film streaming services, pornography sites and on-line multi-player games most of which is of no interest to the intercepting agency). 43 A more comprehensive approach to regulation of intrusive intelligence gathering is as a result now beginning to be applied in a number of European countries, including the UK, France, Germany, Sweden and the Netherlands. The starting point has had to be the acceptance by their national intelligence communities that their digital intelligence gathering and intrusive investigative powers have to be governed by the modern rule of law. In particular, all the relevant methods have to be avowed and covered by legal regulation. Most legislatures have statutes that provide for the regulation of interception of communications and access to communications data (who called whom, when, and where and in what way). Ideally, regulation should also be introduced governing access by intelligence agencies to databases of personal information, and the use of the techniques of equipment interference such as hacking and network exploitation. In its 2016 Investigatory Powers Act the UK has taken that step, placing all the known methods of digital intelligence gathering under a strict legal framework23. 44 A second important implication of placing secret intelligence gathering under the modern rule of law is that legislation must be sufficiently transparent as to be understandable by the individual (or more exactly by the lawyers advising the individual) on how the law bears on them. So no secret law, and no hiding behind the absence of law or obscure provisions of law passed by Parliaments for different purposes with other purposes in mind or to cover past circumstances where the interception possibilities were very different from those of today, as had happened in the past in several European nations. Criticism of the failure to consolidate and update the different pieces 23

52

Leigh, Intelligence Law and Oversight in the UK, Part 5 Chapter 3, in this volume.

Omand

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:48 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Means and Methods of Modern Intelligence and their wider implications

of UK legislation bearing on interception to take account of developments in digital intelligence gathering was a prime motivation for the comprehensive 2016 Investigatory Powers Act24.

H. How law enforcement and intelligence agencies must respect privacy and other human rights25 There will be amongst the mass of digital data collected in bulk in a modern 45 intelligence gathering operation specific personal information (either as directly observed data points, or information capable of being inferred from them) that an individual would wish to be kept private. There may also be personal information an individual does not want to be retained in digital form whether by a commercial company or a government agency. In most cases those individual preferences should be respected, and European data protection legislation can often be used to enable that to be enforced. But there will be circumstances where a democratic decision is taken by a parliament that in the interests of society, for the purposes of national security including national economic well-being and the detection and prevention of serious crime, (or for the other reasons set out in the European Convention on Human Rights, in particular its Article 8) it is necessary to take bulk powers that intrude on privacy. An example in the case of the UK is the provision in the 2016 Investigatory Powers Act to give the government the power to require an Internet service provider to retain for a reasonable period of time Internet connection records. The necessity for using such bulk powers, including whether alternative means could have been as effective in achieving useful results, was examined in detail by David Anderson QC, then the independent Reviewer of UK Counterterrorism Legislation in a major report for the British Parliament in 2016.26 His conclusion was that there is indeed a clear operational case for the powers he examined but also that given the pace of change strong independent oversight will be needed on a properly informed basis. Apart from accepting the rule of law itself, national intelligence communities should 46 therefore recognize that in the modern era if they wish to use these powerful digital techniques then they must accept they will be regulated in ways that provide for independent oversight, both Parliamentary and judicial27. For previous generations of intelligence officers, and even for several intelligence services in Europe today, this requirement for regulation of their activity may be seen as onerous and a threat to their security and freedom of action. On the other hand, it is increasingly recognised by the major Western intelligence powers that an effective service capable of gathering intelligence on hard targets will in the long run have to be one that commands public confidence. Oversight is an important part of demonstrating that intelligence communities exhibit the necessary integrity, and that the public need not fear misuse of their powers. The public must therefore be convinced through oversight that whilst operating 24 Another example was the now superseded UK Interception of Communications Act 1985 that was criticized for not making clear the extent to which provisions for warrants for the interception of foreign communications in practice authorized bulk access to cable traffic. 25 See Schmahl, Intelligence and Human Rights, Part 4 Chapter 2 and Sule, National Security and EU Law Restraints on Intelligence Activities, Part 4 Chapter 3, in this volume. 26 David Anderson, Bulk Powers Review, London, August 2016. https://terrorismlegislationreviewer. independent.gov.uk/bulk-powers-review-report/. 27 See Cameron, The problem of oversight, Part 4 Chapter 3, in this volume.

Omand

53

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:49 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

effectively and efficiently to keep them safe the secret agencies will act with restraint in the use of the coercive and intrusive powers of the state. 47 Internal regulation within law enforcement and intelligence agencies, including the necessary training of staff, must be such as to demonstrate the application of wellknown legal tests such as right authority, necessity and proportionality in intrusive intelligence gathering operations. The methods used to choose bearers and communications channels, and to filter and select data accessed in bulk, must be capable of reasonable discrimination between the search for legitimate suspects and the avoidance of prying into the communications of the innocent in whose affairs the intelligence agencies and law enforcement have no legitimate interest. These principles should apply equally to intelligence gathering activity domestically and overseas. It has become clear to European intelligence agencies that the only safe legal approach is for them to recognise that they are at all times bound by the provisions of Article 8 of the European Convention of Human Rights, where appropriate the Treaty of European Union and of national constitutions. They must, therefore, from the outset in planning and conducting such operations respect the privacy rights of all those whose communications they come into contact with, however virtually or briefly. Privacy rights are nevertheless not absolute and there will, as the European Convention recognizes, be circumstances in which interference is justified for reasons including national security and the prevention and detection of serious crime. A reasonable demand from law enforcement and intelligence agencies is for greater clarity on the application of European and national law as it applies to that balancing judgement within the basket of human rights so that they are not unnecessarily exposed to public criticism and legal hazard. 48 A substantive ethical issue that arises is how far it is acceptable to access and retain Internet accessed data in bulk so as to be able to search for patterns of communications and other behaviour that might point to previously undetected or unlocated terrorist or other threats. Searching for communications of legitimate intelligence interest, when inevitably suspect communications are mixed with those of the public at large, involves careful consideration of privacy. If the methods of selection were insufficiently powerful so there was not a reasonable likelihood of obtaining a result of proportionate value then there would be the risk of breaching the legal prohibition against indiscriminate interception and “mass surveillance”, a rightly condemned practice of totalitarian regimes. And were that to become a regular occurrence then, as civil liberties campaigners have argued, that perception of indiscriminate surveillance may in turn chill innocent everyday behaviour for fear of privacy intrusion. Such a privacy intrusion would represent also an attack upon rights to freedom of speech if there are sentiments that cannot be expressed for fear of being overheard28, sadly a feature of crackdowns on dissidents by authoritarian regimes. 49 Considerable technical skill is likely to be needed on the part of the intercepting agency to ensure that the algorithms being used in search activity provide sufficient likelihood of success based both on the methods used and the “seeds” or starting points for searches of the data. As all criminal investigators know it is necessary in most cases to investigate and eliminate from further inquiries a number of suspects prior to identifying and charging the likely perpetrators of a serious crime. In addition, collateral intrusion into the communications of the innocent is likely, even in targeted interception intelligence operations. A tap on a telephone, or a bugging device in a dwelling 28 An argument advanced by UK Supreme Court judge, Lord Neuberger, Hong Kong Foreign Correspondents’ Club, “The Third and Fourth Estates: Judges, Journalists and Open Justice”, 26 August 2014, as well as by the European Court of Justice in its decision of case C-293/12 – Digital Rights Ireland and Seitlinger and Others, 8 April 2014, para. 37.

54

Omand

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:49 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Means and Methods of Modern Intelligence and their wider implications

place or vehicle, is quite likely to pick up innocent conversations with family members or between other innocent parties that are not the warranted subject of the investigation and which those monitoring should not record or which should be deleted as soon as their nature is established. Similarly, a suspect’s computer being monitored may well be used by other family members or friends. Any intrusion to gather intelligence must therefore be justified by a consequentialist argument of the balance of public good in terms of harms to be prevented. The key for the future to remaining within Article 8 rights will be the extent to which sufficient discrimination can be built in to the algorithms (and especially those using artificial intelligence systems that are trained on test data) to enable access, searches and pattern recognition to have a sufficiently high likelihood of returning information on legitimate suspects as to pass the “necessity” and “proportionality” tests. When it comes to collateral intrusion Article 8 right to respect for family and private life is therefore, in the words of the former UK Lord Chief Justice Lord Bingham being qualified by what may be called a community exception – a recognition that the rights of the individual may properly be restricted in the interests of the community at large, if certain fairly demanding conditions are met’29.

I. Modern intelligence processes and the intelligence cycle The interaction between the urgent demands for pre-emptive intelligence to prevent 50 harm and the novel supply opportunities of the modern digital world has already reshaped the way that many intelligence processes are now organised and carried out. The traditional way of characterising intelligence activity was as a set of separate linear processes, starting with the central setting of statements of requirements for intelligence, the subsequent management of intelligence collection by intelligence agencies, the processing, analysis and assessment of the resulting take, and the dissemination of finished intelligence products to customers, with this process then wrapped around into a circle by the provision of feedback on the value of intelligence products into the next iteration of intelligence requirements30. Such a conceptualisation of “the intelligence cycle” brings together three important but contested ideas: – Looking at intelligence as a “production process” not as a single analytical or research activity – The linking of the stages involved in producing intelligence in an fixed and orderly sequence – The provision of a feedback loop from customers on the value of intelligence received to refine the requirements for intelligence and thus improve the effectiveness of intelligence work Today, for most of the world of secret intelligence, the intelligence cycle has become a 51 network of interacting processes, with the user of intelligence at the centre, as illustrated below31.The skills of the intelligence analyst in elucidating the meaning of information that has been accessed have become much more akin to those of the criminal detective, who is responsible for obtaining relevant information (such as accessing a suspect’s bank accounts or seized electronic devices) as well as assessing their significance as evidence. The modern analyst may, for example, be able to test a hypothesis about a 29

Bingham, T. The Rule of Law, (2011) London: Penguin Books, Chapter 10. Omand, Is it time to move beyond the Intelligence Cycle, in: Phythian (ed), Understanding the Intelligence Cycle, London: Routledge, 2013. 31 The diagram is taken from Omand, Securing the State, p. 119. 30

Omand

55

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:49 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

potential terrorist suspect (and possibly eliminate the individual from further inquiries) by posing structured queries directly to a database of previously accessed information, by mining and layering information from several such sources of personal data or by setting collection parameters directly for an algorithm to apply to communications data. 52 The user of intelligence, be they military commander, senior police officer, immigration officer or security investigator is likely to be interacting directly with the intelligence analysts during ongoing operations. Of course strategic intelligence assessment is still needed on an all source basis, such as that carried out by the British Joint Intelligence Committee (JIC) and written assessments at an operational level issued by bodies such as, for example, the British Joint Terrorism Analysis Centre (JTAC). The product of much intelligence work today is, however, more usually a fragment of a jigsaw puzzle relating to a suspect group or individual, a problem where the analysts cannot be sure that there are not the elements of several puzzles mixed up together and where there is, of course, no picture on the lid of the box to guide them as how to put the pieces together to provide the most convincing explanation consistent with the intelligence as so far known. Diagram: The modern ‘cycle’: more an intelligence network than an intelligence cycle

Acon-on

Direcng

Disseminate User Interacon

Elucidang

Accessing

J. Organisational challenges for modern intelligence communities 53

The modern challenge to conventional thinking about secret intelligence work is not confined to rethinking the ethics of intelligence and the working of the intelligence cycle. There are other powerful tensions to be managed by national authorities in meeting today’s urgent demands for pre-emptive intelligence. A simple model to demonstrate the nature of the choices involved is illustrated in the spiders web diagram

56

Omand

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:50 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Means and Methods of Modern Intelligence and their wider implications

below, structured around a series of a dozen antinomies, or tensions. Of course, different Member States operating in different strategic environments at different stages of development will have webs of different shapes, at different times, reflecting where on each axis the centre of gravity of effort lies (the diagram can be read as zero at the centre and maximum at the rim of the decagon). Diagram: Intelligence reforms

Individual agencies

Evidence

Human Sources

Open Source Partner/ private sector

Domestic

Own sources

Overseas Technical sources

Closed Source

Intell. community

Intelligence

A modern government that seeks to respond to legitimate demands from the public 54 for protection from terrorism, serious criminality and cyber attacks also has to decide whether it will create and foster a genuine intelligence community worthy of the name. Within such an intelligence community it would be expected that different security and intelligence agencies, specialising in the different branches of intelligence gathering and analysis, would come together to combine forces to tackle hard targets, within a common ethical as well as legal framework. A good starting point, therefore, is with the axis in the diagram with end points labelled as domestic and external effort. Terrorism and serious crime, not least cyber crime, do not respect international 55 borders and cases for investigation that arise domestically will very likely turn out to have external dimensions and vice versa. The terrorist attacks that have affected many countries in Europe in the last five years illustrate this vividly. In the same way, the same cyber malware (such as the 2017 WannaCry ransomware attacks) is liable to target victims abroad as well as domestically. Any accurate attribution of cyber attacks that have affected domestic targets may well depend upon foreign intelligence gathering on the country within which the attackers have refuge. Convergence between domestic and external dimensions of intelligence gathering is evident more generally given the trends in target behaviour such as that posed by jihadist fighters returning to Europe from Syria and Iraq.

Omand

57

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:51 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

Nevertheless, for reasons largely historical, most nations that invest significantly in intelligence activity have chosen to maintain separate domestic and external services, often reporting to different Cabinet ministers. There are exceptions, such as Canada, where such human agent activity as is permitted by law is carried out by a single domestic security service, CSIS, and Finland, where the domestic service, SUPO, has recently been given the external responsibility. But most nations have found it convenient to have separate services, not least to mirror a distinction between the greater perceived political sensitivity of domestic as against external espionage. It is also not fanciful to imagine that most governments would feel understandable nervousness about the accumulated influence (not to mention power) that a head of a single secret security and intelligence agency might be able to wield. 57 There are practical advantages too in being able to recruit separately for an external service where officers can expect to spend the majority of their services overseas and exceptional language skills and self-reliance would be especially valued. On the other hand, service in a domestic security agency would be more likely to suit those with some legal or investigatory training. The external environment will at times be highly nonpermissive with declared intelligence officers kept under close surveillance by the host government and subject to harassment, with the threat of extreme sanctions being meted out to any agent that is exposed. The domestic scene can also have its difficulties, for example intelligence work in Northern Ireland during the “Troubles”, but as a general rule the home life of a domestic service intelligence officer and their family will be more settled than their foreign service counterpart. 58 When it comes to the legal environment in which agencies work every nation finds a way of regulating intelligence activity against its own citizens or on its own territory to a greater extent than the rules applying to foreign nationals or overseas nations. There are two basic models. The first model privileges citizens wherever they are in the world. The United States is perhaps the leading nation to adopt this approach so that traditionally there have been higher hurdles to be overcome to obtain authority to intercept the communications of US persons in comparison to those applying to citizens of other nations. Other jurisdictions such as the United Kingdom make the distinction a geographical one so that within the territory of the Member State there is one set of rules governing domestic communications interception (whether of citizens or noncitizens), with a different set of requirements to be met for foreign communications. For example, for the United Kingdom, the distinction is geographical (between the communications of all those within the British Islands and communications that have at least one end overseas). 59 All European citizens share the same Charter of Fundamental Rights of the European Union, but the Member States have always insisted that national security remains a national not an EU competence, and Member States have typically applied different thresholds domestically than they do outside their borders, even to their fellow Europeans in the rest of the world32. Within a domestic jurisdiction it is not unreasonable to have a system of warrants to provide legal authority for interception or intrusive investigation in which the police or intelligence agency concerned are required to be able to provide for scrutiny the names of their suspects (or the address of the premises to be targeted). Such precision is most unlikely to be available for most intelligence operations outside the country (for example to know such detail about terrorists fleeing Syria and Iraq after the collapse of the so-called Islamic State and seeking to re-establish 56

32 On the notion of “national security” in this context see Sule, National Security and EU Law Restraints on Intelligence Activities, Part 4 Chapter 3, in this volume.

58

Omand

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:51 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Means and Methods of Modern Intelligence and their wider implications

themselves in countries such as Mali and Libya). This chimes in with the practical argument that has arisen in military operations that States can only reasonably be expected to exercise a full duty of care to those within their own jurisdictions or in territory over which they have a degree of control. The next axis also involves getting the balance right within an intelligence community and is labelled as human intelligence/technical intelligence. After the experience of the 20th-century World Wars the lesson was learned that SIGINT when done well is capable of providing a breadth and reliability of coverage of national security issues that cannot be matched by other branches of intelligence. Investment in SIGINT by the major European nations has been considerable, exploiting radio signals, other forms of electromagnetic emission such as radar, and most recently digital communications. Nations differ however, in how they organise the cryptanalytic expertise needed and provide for access to the communications transmissions of interest themselves, whether as separate services such as the UK’s GCHQ or Sweden’s FRA or within another intelligence agency, such as is the case in France with the DGSE and with Germany with the BND, services that also provide their external HUMINT capability. In some countries a hybrid model is operated, with much of the collection activity being conducted by specialist staff and units within the Armed Forces. What seems clear is that domestic and external HUMINT services, and technical services where they are organized separately, have increasingly to plan priorities and operations together and make use of each others’ capabilities to leverage their own (socalled SIGINT-enabled HUMINT where a potential recruitment is illuminated by the knowledge of the subject that comes from interception; and HUMINT-enabled SIGINT where the human agent is able to help with equipment interference operations or access to a target network). Moving round the diagram, a further set of organizational issues arises from the value in today’s digital world of having better access to open sources as well as the traditional closed secret sources of the intelligence agencies. A longstanding example is provided by the work of the BBC Monitoring Service that openly accesses and records TV and radio broadcasts overseas (and now some web use) and provides not just the BBC itself but a wider set of customers with a service of news updates about much of the world. Rare language expertise is often a constraint for intelligence agencies and such expert external monitoring frees up those within the circle of secrecy to focus on the work that only they can do. Much the same argument applies to use by government agencies of academic and private sector products derived from open sources such as the Global Terrorism Data Base maintained by the University of Maryland, supported by the US Department of Homeland Security. The growing prevalence of social media use provides another good example where intelligence can be derived from open monitoring. Europeans who had gone to Syria to fight for the so-called Islamic State were identified by their clothing and other indicators seen in their social media posts. Counter-proliferation work has also benefited from open source examination of scientific literature, relevant company and university websites and other open sources. Finding and interpreting open source information for such purposes is becoming a specialized activity for which special training is needed, raising an organizational issue for national intelligence communities as to whether to create specialised single agencies for the purpose such as the United States Open Source Enterprise (formally the FBIS) or to provide each agency with the necessary experienced personnel. The ethical issues of more traditional intelligence gathering will be lessened if more organized use can be made of sources of information which are either openly available, Omand

59

60

61

62

63

64

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:51 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

65

66

67

68

especially nowadays through Internet searches, or that can be accessed lawfully with the appropriate permissions. Ethical dilemmas will still arise over the circumstances in which the desire that most people have for privacy for Internet use should be overridden. But intelligence gathering that involves the theft of secrets, or equivalent deceptive measures such as planting malware on suspects’ devices, are bound to be ethically more problematic. As already mentioned, in addition to human and technical sources of secret intelligence there is already a large body of personal digitised information legitimately held by governments and private companies such as immigration, passport and driver licence databases and including access to data from other EU Member States such as provided for by the Schengen III arrangements. These data sets are rapidly growing in number and scale. Although statutory privacy rights apply, these datasets can be lawfully accessed for a variety of purposes, ranging from checking that taxes have been paid through to checking that an airline passenger has not previously been identified as a potential terrorist and placed on a watch list. Moving clockwise round the diagram, we reach the point where the differing worlds of national security and law enforcement interact – and at times collide – when it comes to intelligence activity. For some European States the fear of any future recreation of “a secret police” has led to legal barriers being created between the domains of overseas intelligence, security and policing, both national and regional. The UK Parliament when it first legislated in 1989 to provide a statutory basis for the operation of the Security Service did not give that service powers of arrest, no doubt similarly wary of the historical taint of a secret police. But Parliament did lay down that one of the three statutory purposes that could justify secret intelligence activity should be the detection and prevention of serious crime (along with national security and the economic wellbeing of the nation from threats overseas). Unusually amongst European nations there has been no legal bar in the UK to the development of close relationships and full information exchange on investigations between the worlds of law enforcement and intelligence, not least to gather and prepare admissible evidence for trial. Joint counter-terrorism investigations have become the norm in the twenty-first century with the intelligence primacy lying with the Security Service but primacy for decisions bearing on public safety resting with the police. A close police relationship with all the national intelligence agencies has great advantages in supporting operations. Such integrated effort makes easier resolution of issues such as whether to play an investigation into a terrorist group long in the hope of identifying all its members and any links back to instigators overseas, or to act quickly in the interests of public safety to frustrate a budding attack even at the expense of not having the evidence on which a prosecution can be mounted. The final tension shown in the diagram is between cyber security and cyber intelligence gathering, and whether these functions should be exercised by a single body or kept separate33. Modern SIGINT may well involve hacking and computer network interference, precisely the techniques that an adversary would use against one’ s own nation. On the principle expressed by the old adage that former poachers make the best gamekeepers the skills and experience of a modern SIGINT agency can usefully be applied to understanding and countering cybercrime and defending against cyber attacks, for example protecting critical national infrastructure. Attribution of cyber attacks can also benefit from their being analysed in the context of an overall intelligence assessment of the likely perpetrators. Bulk access to global data streams 33

60

See Tropina/von zur Mühlen European Intelligence in Cyberspace, Part 2 Chapter 3, in this volume.

Omand

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:52 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Means and Methods of Modern Intelligence and their wider implications

also allows the detection and classification of malware. That is the approach taken by the US and the UK where the national centre of cyber security expertise is part of the intelligence community whilst France and Germany on the other hand have created separate cyber security agencies to manage the defensive role. A specific example of the need to balance offensive intelligence gathering and defensive cyber security interests arises from the existence of so-called “zero day” flaws in software in general use. The Internet was never designed to be fully secure and the complexity of modern software, and the difficulty of establishing in advance how different programs will interact when uploaded to a mobile device, makes it inevitable that flaws in security that can be exploited by attackers will be uncovered. The issue then is whether they should be retained for future use on the intelligence side for penetrating target networks and devices, or declared to the software manufacturers so that remedial patches can be issued. Each case has to be examined carefully on its merits (what the US calls a Vulnerabilities Equities Process) that involves examining both a full risk analysis and an assessment of the potential value of a “zero day” exploit against the highest priority threats. The national cyber priority should be (as it is in the UK) a safe and secure Internet and that should guide the process accepting that governments cannot also ignore their primary duty to safeguard the public from hostile states, terrorism and serious crime. These considerations do not always pull in opposing directions. Improving national cyber security technical capability and public awareness will make it harder for hostile states to mount disinformation campaigns and to spread false and misleading information on the Internet including the part played by automated “bots”34. Dealing with cyber crime is likely also to give rise to tension between action to disrupt plots and the due process of bringing suspects before the Courts, especially when the suspects concerned are hiding in jurisdictions that do not care to, or are not in a practical position to, enforce the law. Disruptive actions in the interests of the safety of the public may well carry ethical risks but would normally be expected to take priority over the important but abstract value of upholding the law through prosecution. That takes us finally to establishing the optimum balance for today’s conditions between military and civilian intelligence activity. Since the 19th century military staffs have included an intelligence function, most armed forces today have specialist equipment or units for collecting and interpreting battlefield intelligence. There are peacetime constraints on such intelligence gathering: international law governs innocent passage for warships on the high seas and recognises territorial waters into which intelligence gathering ships and aircraft should not penetrate; humanitarian law lays down conditions such as the wearing of uniform and the treatment of spies found in civilian clothes (and restrictions on the use of encrypted communications from vessels flying the red cross or red crescent). Intelligence gathering for force protection has become an integral part of military deployments, including today the use of observation satellites and reconnaissance drones and aircraft. Well trained and led military forces will exhibit an institutional concern for minimising harm to civilians and will act within international law in their use of their weapons systems. It is obviously important that this ethos should also apply to circumstances where intelligence is being used to target kinetic action such as might follow the geo-location of an insurgent leader. Military intelligence capabilities can be 34 “Bots” sometimes called “chatbots” are programs employed in social media networks to generate or promote messages supporting particular information campaigns automatically (such as tweets) by acting as a “follower” to boost apparent popularity or even as a fake account that gathers followers itself.

Omand

61

69

70

71

72

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:52 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 1. Introduction

enhanced by those of national civilian agencies to supply both human and technical intelligence (as was done to support NATO operations in Afghanistan).

K. The need for greater international intelligence cooperation Each of the axes in the diagram therefore represents a direction of choice for national intelligence communities, where a new balance of effort and investment may be needed in the light of the circumstances of the day and of the nation concerned. In the first instance the responsibility to manage these issues is national since, as we have seen, matters of national security are regarded as at the heart of the responsibilities of the nation state. But for each of the sets of issues represented by the axes in the diagram there is an overarching question for the national intelligence authorities which is how far they can reasonably seek to achieve their objectives using only national means, and how far to seek international cooperation with partners and allies. 74 It became apparent, for example, after terrorist attacks in 2016 and 2017 that European intelligence agencies were not sharing information with one another fast enough. Europe’s porous borders also have allowed terrorists to cross the continent without being detected. Continental European governments are in response developing capabilities and legal frameworks for digital intelligence gathering, and trying to promote more effective cooperation between their many agencies. Having the equivalent of the UK’s Joint Terrorism Analysis Centre (set up in 2002) in each Member State would simplify the process of connecting together in a virtual network with those engaged in analysing the threat and issuing national alert states and threat warnings in addition to the many bilateral and multilateral links that exist between those investigating terrorist activities. 75 The creation of international networks to promote security and intelligence reform has to be seen as a key development for European Union Member States, not least taking account of the British vote to leave the EU. Cooperation has to be based on earned trust to protect the sensitive intelligence that can lead to shared leads and joint operations. The Club of Berne, a non-EU body where the heads of the internal security services of the EU countries, Norway, and Switzerland meet regularly and oversee the Counter Terrorist Group, which liaises with the EU, provides the main vehicle for coordinating such efforts. Governments also need to establish good relationships with the U.S. technology companies that may hold data vital to stopping future attacks. 73

L. Conclusion 76

In the light of the current threats to European security, the collection, analysis, assessment and sharing of intelligence will remain a strategic priority not just for the European nations themselves but for their NATO allies, the US and Canada. Whilst the contribution of open source intelligence is set to grow in the Internet age, there will always be vital information that the enemies of free societies will try to prevent the authorities knowing and for which therefore the methods of secret intelligence will be needed. In particular, the effective protection of the citizen from terrorist or criminal harm requires access to digital intelligence sources and to various forms of bulk personal data. Such tools using advanced search algorithms are powerful, and increasingly ubiquitous. In the hands of authoritarian regimes they can be misused to detect

62

Omand

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:52 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Means and Methods of Modern Intelligence and their wider implications

and suppress legitimate dissent. In the democracies it is essential that all the intrusive methods of digital intelligence are brought under the rule of law and regulated and overseen in judicial and Parliamentary terms in order to provide confidence to the public in their proper use that they are being used lawfully and with proper restraint. The Snowden affair for a time at least diminished public trust in the effective 77 regulation of intelligence activity. The European public has, however, sadly also been reminded in recent years of the rationale for such activity to protect society. Intelligence professionals now look to their political leaders to explain to the public and to their legislatures the important role that pre-emptive intelligence plays in modern national security and to defend their methods as essential to public safety, while respecting the privacy and other rights of the citizen.

Omand

63

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 1.3d from 30.09.2019 13:47:52 3B2 9.1.580; Page size: 160.00mm  240.00mm

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:10 3B2 9.1.580; Page size: 160.00mm  240.00mm

PART 2 THE EUROPEAN INTELLIGENCE AGENDA Chapter 1 The Fight against Organised Crime and its proliferation in the European Union Felia Allum/Stan Gilmour Outline A. Introduction ...................................................................................................................... B. The EU and its organised crime-police cooperation agenda ................................. C. What is organised crime in the EU? Citizens’ perceptions.................................... D. The reality of organised crime and its fight in the EU ........................................... E. The fight against organised crime: Is a “European Criminal Intelligence Model” the only way forward?...................................................................................... F. Conclusions .......................................................................................................................

mn. 1 6 26 40 52 58

Bibliography: Academic Advisors, European Union Serious and Organised crime Threat Assessment, 2017, Europol, 1, available at https://www.europol.europa.eu/activities-services/main-reports/europeanunion-serious-and-organised-crime-threat-assessment-2017 [accessed 1 June 2017]; Alfano, Introduzione, in: Alfano & Varrica (eds.) Per un contrasto Europeo al crimine organizzato e alle mafie: La risoluzione del Parlamento Europeo e l’Impegno dell’Unione Europea, Milan: Franco Angeli, (2012), 11; Allum. & Den Boer, United we Stand? Conceptual Diversity in the EU strategy against Organised Crime, Journal of European Integration, 35 (2) (2013), 132; Allum, “Godfathers, dark glasses, and pasta”: Discussing British perceptions of Italian Mafias, Sicurezza e scienze sociali, 3EN, FrancoAngeli (2013) 1–68; Anderson, European Police cooperation, history and theory, in: Longo (ed.) The European Union and the Challenge of Transnational Organised Crime, Towards a Common Police and Judicial Approach, (2002), 9; Bigo, EU Police Cooperation: National Sovereignty Framed by European Security, in: Guild & Geyer (eds) Security versus Justice? Police and Judicial Cooperation in the European Union, Routledge, (2016), 93; Block, Bilateral Police Liaison Officers: Practices and European Policy, Journal of European Research, vol 6, n. 2, (2010), 194–210; Brady, The EU and the fight against organised crime, Working Paper, Centre for European Reform, Brussels, (2011) 17, available at http://cer-live.thomas-paterson.co.uk/sites/default/ files/publications/attachments/pdf/2011/wp721_org_crime_brady-1484.pdf [accessed 1 March 2017]; Bullock, Chowdhury and Hollings, Home Office, Research Report 16, Public Concerns about Organised Crime, Key implications, The Report, Summary (2009), pp. 1–17; available at https://www. gov.uk/government/uploads/system/uploads/attachment_data/file/116623/horr16-report.pdf [accessed 10 March 2017]; Calderoni, La decisione quadro dell’Unione Europea sul contrasto alla criminalità organizzata e il suo impatto sulla legislazione degli Stati membri, in: Alfano & Varrica (eds.) Per un contrasto Europeo al crimine organizzato e alle mafie: La risoluzione del Parlamento Europeo e l’Impegno dell’Unione Europea (2012), 40, Milan: Franco Angeli; Calvanese, Criminalità Organizzata in Basilicata: La Percezione Sociale da parte dei Giovani Lucani, in Rassegna Italiana di Criminologia. 2010 (1), pp. 35–58, available at http://www.rassegnaitalianadicriminologia.it/home/item/42-criminalit%C3% A0-organizzata-in-basilicata-la-percezione-sociale-del-fenomeno-da-parte-dei-giovani-lucani [accessed 1 March 2017]; Carrera, Cassarino, El Qadim, Lahlou, Den Hertog, EU-Morocco Cooperation on Readmission, Borders and Protection: A model to follow? (2016); Den Boer, Bruggeman, Shifting gear: Europol in the contemporary policing era, Politique Européenne (2007) 3/23; De Buck, Joint Investigation Teams, ERA Forum, (2007), 8: 253–264; EUROPOLs EU Serious and Organised Crime Threat Assessment (SOCTA 2013), available here: https://www.europol.europa.eu/activities-services/main-reports/eu-serious-and-organised-crime-threat-assessment-socta-2013, 2013, 6, [accessed 12 March 2017]; EUROPOL’s European Union Serious and Organised Crime Threat Assessment 2017, available here https:// www.europol.europa.eu/activities-services/main-reports/european-union-serious-and-organised-crimethreat-assessment-2017, 7 [accessed 12 March 2017]; Fijnaut, The European Parliament and organised crime: the impending failure of the Alfano Committee, Eur. J. Crime Crim. L. & Crim. Just,(2013), 21,

Allum/Gilmour

65

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:11 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda 1; Goold, Mind the (information) Gap: making sense of the European Union’s strategic approach to transnational organised crime, in Allum, and Gilmour, (eds.) Routledge Handbook of Transnational Organised Crime, 2012, Routledge, Abingdon, UK; Goold, Development of The Organised Crime Threat Assessment (OCTA) and Internal Security Architecture European Parliament (LIBE) PE 410.682, (2009) Brussels. http://www.europarl.europa.eu/RegData/etudes/etudes/join/2009/410682/IPOL-LIBE_ET (2009)410682_EN.pdf [Accessed 3 February 2018]; Heidensohn, Crime and Policing, in: Littlewood, Symes, and Levy (eds.), The future of Europe: problems and issues for the twenty-first century, (2016), 89, Springer; HM Government, Security, law enforcement and criminal justice: A future partnership paper (2017), 13, UK Government, London, available at: https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/645416/Security__law_enforcement_and_criminal_justice_-_a_future_partnership_paper.PDF [Accessed February 2018]; La Spina, Il mondo di mezzo. Mafie e antimafie, (2016), 181 Bologna: Mulino; Malins, La Costruzione dello Spazio giuridico Europeo contro il crimine Organizazzato, Verso la Conferenza ONU di Palermo del 12–15 dicembre 2000, Seminario organizzato dalla Commissione Parlamentare d’inchiesta sul fenomeno della mafia e delle altre associazioni criminali similari, Roma 2–3 novembre 2000, Camera dei Deputati, Roma, 113; Martill, and Staiger, (eds) Brexit and Beyond: Rethinking the Futures of Europe, UCL Press (2018) 150; Marotta, Role and Action of EUROPOL in combatting organised crime, in: Longo, (ed.) The European Union and the Challenge of Transnational Organised Crime, Towards a Common Police and Judicial Approach (2002) 113–114, Milano; Sciarrone, Dagnes, Storti, Presentation, Criminalità organizzata, contesto di legalità, e sicurezza urbana; un’indagine tra gli operatori economici di Torino, Dipartimento di Culture, Politica e Società Università degli Studi di Torino (2014), Italy; Scherrer, Jeandesboz, Guittet, Developing an EU Internal Security Strategy, fighting terrorism and organised crime, PE 462.423, European Parliament, Brussels, Belgium (2011), 63; Scottish Government, Public Perceptions of Organised Crime in Scotland, Ipsos MORI Scotland, Crime and Justice, Social Research (2013), available at https://www.ipsos-mori.com/researchpublications/researcharchive/3273/Public-Perceptions-of-Organised-Crime.aspx [accessed 12 August 2016]; Papademetriou, Global Legal Monitor, European Union: Parliamentary Committee on Organised Crime and Money Laundering, 19/10/2012, available at: http://www.loc.gov/law/foreign-news/article/europeanunion-parliamentary-committee-on-organised-crime-and-money-laundering/(accessed 10/8/2016); Procura di Napoli, Procidemento penale n. 54548/2008 RGNR del RG della Procura di Napoli – Richiesta di scambio informative preliminare tra autorità giudiziarie. Art. 18 Convenzione ONU sul Crimine Organizzato, Riferimento per Eurojust n. 4991/2008, 15/12/2008; Vigna, La Costruzione dello Spazio Giuridico europeo control il crimine organizzato, Verso la conferenza ONU di Palermo del 12–15 dicembre 2000, Camera dei Deputati, Roma (2001), 30.

A. Introduction 2016 will become a landmark year in EU history books for the challenges that were posed to this developing political international organisation. It was not only the year that the UK voted to leave the EU (“Brexit”) but it was also the year when EU leaders finally had to take stock of the migrant and refugee crisis and tackle it head on. 2 For the last decade, there had been a developing migrant crisis in the EU: a constant flow of migrants crossing the Mediterranean on small dinghies often landing on the Island of Lampedusa and makeshift shanty towns around Calais, full of people hoping to make it to the UK, are two of the strongest images of this situation. The traffic of people across the Mediterranean by organised crime networks is another, still not really understood, dimension to this question1. 3 But in 2015–2016, the migrant and refugee movement from war-torn zones (such as Syria, Afghanistan and Iraq) into the EU took on mammoth proportions: it was estimated by the International Organisation for Migration (IOM) that in 2015, more than 1,011,700 migrants arrived by sea, and almost 34,900 by land, FRONTEX estimated that 1,800,000 arrived at EU borders2. The photograph of a drowned three-year old 1

1 Cf. http://europe.newsweek.com/mastermind-evil-genius-behind-migrant-crisis-328471 [accessed 5 August 2016]. 2 Cf. Migrant crisis: Migration to Europe explained in seven charts, http://www.bbc.com/news/worldeurope-34131911 [accessed 5/8/2016].

66

Allum/Gilmour

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:12 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. The Fight against Organised Crime and its proliferation in the European Union

Syrian-Kurdish boy on the beaches of Turkey in September 2015 awoke public opinion and meant that this movement of populations became a recognised political problem which could no longer be ignored and one that needed to be tackled collectively. Moreover, the military intervention by some EU States in Syria and Afghanistan has 4 added a further ingredient to this political cocktail: a new wave and form of terrorist attacks in mainland Europe, targeting in particular France, characterised by random attacks on civilians in any place at any time, with perhaps links to criminal networks. These crises have challenged the very nature of the EU’s integration project in 5 particular, on how to respond to these external security issues as a collective community with its own internal security regimes. National sovereignty, accountability, police cooperation and EU-wide security governance have been the issues for various Members States who have not fully signed up to the idea of the EU being the main driver of internal security rather than the State. In this chapter, it is the challenge that serious and organised crime poses EU internal security and policing which will be analysed. In order to do this, the questions that will be discussed are: (1) what is the nature of organised crime in the EU? how does the discourse – perception – reality debate of organised crime play out in this international organisation? And, (2) what type of strategy has the EU developed to counter organised crime?

B. The EU and its organised crime-police cooperation agenda The founding fathers of the Common Market in 1958 did not include references to 6 police cooperation nor did they make explicit what their approach to organised crime was, for this was not part of their remit: they were interested in integrating the Coal and Steel industries, creating an internal market and perhaps, developing in time, a European defence community, but nothing to do with Member States’ internal security regimes. It could therefore be argued that it was only in the 1990s that the EU turned its attention to police cooperation through its Justice and Home Affairs (JHA) policies because of the insecurities, which completion of the new internal Single Market and its dismantling of borders would produce as well as a new post-Cold war environment. However, as Anderson has pointed out “[…] this view lacks historical depth and 7 perspective. An examination of a much longer period of history shows that some contemporary questions are not new”3. Indeed, he argues that throughout the whole of the twentieth century, and even as early as 18984, there were moves towards greater police co-operation because of the politically motivated violence that some states were facing. He believes that these developments should be seen as similar to the setting up by Member States of the TREVI (Terrorism, Radicalism, Extremism, and Violence International) Group in 1975 that was “established […] to co-ordinate action against politically motivated violence which had by that time been given the name of ‘international terrorism’”5. Despite the existence of TREVI, Members States during the 1970–80s, although 8 formally articulating good intentions6, were often reluctant and slow in practice to co3 Cf. Anderson, ‘European Police cooperation, history and theory’ in: Longo (ed.) The European Union and the Challenge of Transnational Organised Crime, Towards a Common Police and Judicial Approach, 2002, Milan, 9. 4 In 1898, there was the first Anti-Anarchist Conference in Rome which was considered to be one of the first major moves towards multilateral police co-operation (Anderson, ibid, 10). 5 Anderson, supra, 11. 6 European police cooperation developed during the 1980s, Scherrer, A., Jeandesboz J., & Guittet, Developing an EU Internal Security Strategy, fighting terrorism and organised crime. PE 462.423. European Parliament, Brussels, Belgium, 2011, 63.

Allum/Gilmour

67

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:12 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

9

10

11

12

operate7 because these issues fundamentally encroached upon a State’s sovereignty. As Anderson underlines: for there to be any real progress in these matters, especially police cooperation, “abandoning sensitivities about sovereignty in a domain which has been regarded as central to the regalian powers of the state and agreeing with partners a concept of a European security interest in cases of political violence”8 is of paramount importance. To establish ‘a European judicial space’, as suggested by Giscard d’Estaing in 19779, or “a European Police force” as articulated by Helmut Kohl in 199110, strikes at the heart of the European debate on state sovereignty. These projects would mean transferring judicial or police powers to a European authority, which would in turn signify a move towards a Federal state, one in which the individual State is downgraded and power transferred to the collective centre. The decision of handing over powers to a body outside and not controlled by a sovereign state becomes a political decision, one which might be seen as controversial by a country’s electorate, especially in countries like the UK and Denmark where the EU is not perceived as a positive organisation11. Although organised crime was formally included in the TREVI discussions it was not until the 1990s that it became a concrete policy priority for Member States: “the EU started to respond and counter the emergence of organised crime as a general security threat in parallel with its ‘Single Market’ integration project”12. The 1990s represent a concrete and significant, if not a difficult, move forward in European police cooperation and the fight against organised crime as these policies were included in the major EU treaties. The Maastricht Treaty in 1992 which established the European Union re-organised cooperation into three pillars13, the third being to establish “cooperation in the fields of Justice and Home Affairs”14. More specifically, it clearly stated “common action in the field of police co-operation (Article 30, ex Article K. 24)” with “the common evaluation of particular investigative techniques in relation to the detection of serious forms of organised crime” (Article 30, ex Article K. 2515). In this treaty, there was also the first reference and formal agreement of establishing a European police office, EUROPOL16. The convention setting up EUROPOL was signed in 1998 and it became operationally active in 1999. At first, it had the limited remit of gathering and analysing intelligence on transnational organised crime: “EUROPOL officers cannot make arrests or initiate investigations but they can assist during investigations and be present during the questioning of suspects if required by a Member State”. Thus, “it has focused mainly on developing the analytical abilities that

7 There are examples of extradition procedures or financial crime investigations were there is a lack of collective thinking. 8 Anderson, supra, 13. 9 Vigna, La Costruzione dello Spazio Giuridio europeo control il crimine organizzato, Verso la conferenza ONU di Palermo del 12–15 dicembre 2000, Camera dei Deputati, Roma, 2001, 30. 10 Heidensohn, ‘Crime and Policing’ in: Littlewood, J., Symes, V. and Levy, C. (eds.), The future of Europe: problems and issues for the twenty-first century. Springer, 2016, 89. 11 Cf. https://www.opendemocracy.net/can-europe-make-it/tam-s-ibolya/vote-of-no-confidence-explaining-danish-eu-referendum [Accessed February 2018]. 12 Allum and Den Boer, “United we Stand? Conceptual Diversity in the EU strategy against Organised Crime,” Journal of European Integration, 35 (2) (2013), 132. 13 The first two pillars were the single market (the old European Communities) and foreign and security policy. 14 Under title VI and it was placed in Pillar III of the EU treaties (entitled ‘Provisions on Police and Judicial Cooperation in Judicial and Criminal Matters’). 15 Allum and Den Boer, supra, 140. 16 See Ryder, European Criminal Intelligence, Part III Chapter 3, in this volume.

68

Allum/Gilmour

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:13 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. The Fight against Organised Crime and its proliferation in the European Union

it needs in order to add value to national investigations”17. However, by 2010, thanks to the insistence of some member states, it has become a full EU law enforcement agency18, accountable to the European Parliament (EP) with more investigative powers. The Amsterdam Treaty in 1997 is seen as a key stage for police cooperation as it established “a European judicial area” and “an area of Freedom, Security and Justice”. This new area corresponded to the Schengen space which became a pass-free travel zone. JHA became Police and Judicial Co-operation in Criminal Matters and decisions were still made unanimously by Member States although the Commission was given, for the first time, the right to introduce legislative proposals in this area. Parallel to the Amsterdam discussions, various “Action Plans”19 and decisions were elaborated, which demonstrated the EU’s seriousness about developing this area: in 1997, the first EU Action Plan to Combat Organised Crime20, a Joint Action (adopted by Council) making it a criminal offence to participate in a criminal organisation in the Member States of the EU in 199821, the Vienna Action Plan in 199822 and a Council Framework-Decision on the fight against organised crime in 200823. The 2008 Council Framework Decision was considered as particularly ground breaking as it laid out a common definition and approach of organised crime which should be applied in all Member States. However, in retrospect, this Framework Decision, was “limited”24 and “totally inefficient”25; as ‘it is mostly left up to Member States to interpret what they understand by “predicate offences”, “serious crime” and “organised crime”. This meant that actors could easily have different preferences, perceptions and interpretations about what organised crime really was26. This led to competing perspectives and confusion. These general developments were also helpful for Member States in the run up to the United Nations’ Palermo Convention on Transnational Organised Crime in 2000, as it 17 Brady, The EU and the fight against organised crime, Working Paper, Centre for European Reform, Brussels, 17. Available at http://cer-live.thomas-paterson.co.uk/sites/default/files/publications/attachments/ pdf/2011/wp721_org_crime_brady-1484.pdf [accessed 1 March 2017]. 18 See https://www.europol.europa.eu/[accessed 25/4/18]. 19 The EU have developed various tools to implement collective rules. For example, ‘Action plans’ and/ or ‘Decisions’. In the EU generally, ‘action plans’ set a defined target while EU Decisions are legally binding tools addressed to Members States or individuals, i. e. citizens or associations. 20 Cf. “Action plan to combat organised crime” (97/C251/0,1 Adopted by the Council on 28 April 1997). Available at http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A51997XG0815 [accessed 7 January 2018]. 21 Cf. “98/733/JHA: Joint action of 21 December 1998 adopted by the Council on the basis of Article K.3 of the Treaty on European Union, on making it a criminal offence to participate in a criminal organisation in the Member States of the European Union”. Available at https://publications.europa.eu/en/publicationdetail/-/publication/63c93028-6fe8-494c-a805-c061ad3058df/language-en [accessed 7 January 2018]. 22 Cf. “Action Plan of the Council and the Commission on how best to implement the provisions of the Treaty of Amsterdam on an area of freedom, security and justice – Text adopted by the Justice and Home Affairs Council of 3 December 1998”, available at http://eur-lex.europa.eu/legal-content/EN/TXT/?qid=1519643196581&uri=CELEX:31999Y0123(01) [accessed 7 January 2018]. 23 Cf. “Council Framework Decision 2008/841/JHA of 24 October 2008 on the fight against organised crime”. Available at http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex:32008F0841 [accessd 7 January 2018]. 24 Calderoni, “La decisione quadro dell’Unione Europea sul contrasto alla criminalità organizzata e il suo impatto sulla legislazione degli Stati membri”, in: S. Alfano and A. Varrica (eds.) Per un contrasto Europeo al crimine organizzato e alle mafie: La risoluzione del Parlamento Europeo e l’Impegno dell’Unione Europea, 2012, Milan: Franco Angeli, 40. 25 Alfano, “Introduzione”, in: Alfano and Varrica (eds.) Per un contrasto Europeo al crimine organizzato e alle mafie: La risoluzione del Parlamento Europeo e l’Impegno dell’Unione Europea, 2012, Milan: Franco Angeli, 11. 26 Allum and Den Boer, supra, 145.

Allum/Gilmour

69

13

14

15

16

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:14 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

17

18

19

20

enabled them to understand what their approach to organised crime was to be. All EU Member States were signatories of the Palermo Convention and agreed on its definition of Transnational Organised Crime27. But it is clear from the start that there have always been very different positions: for example, Humfrey Malins, a British MP, declared in 2000 “a common policy against the illegal traffic of human beings, a common legal system is neither practicable nor desirable; bilateral agreements with close neighbours represents on the other hand, a form of cooperation much more efficient as is the sharing of knowledge: this must be our approach for the future. Cooperation does not mean uniformity”28, whereas Antonio Gagliardo, an Italian and former director of EUROPOL, argued that “with the institution of EUROPOL, a new concept of cooperation is developed, one which moves beyond occasional and bilateral agreements between different police forces and of cooperation in Interpol”29. From the JHA pillar came some concrete initiatives on how to improve the understanding of and the fight against organised crime. These included the Tampere Programme (1999), The Hague Programme (2004) and the Stockholm Programme (2009). The Tampere Programme can be considered a milestone as it specifically concentrated on the fight against organised crime. It proposed “a new European arrest warrant for fast-track extradition of suspects; special EU procedures to preserve evidence for trials abroad and a task force of police chiefs to exchange best practice between EU police forces and plan joint operations”30. The Tampere Programme also importantly included the establishment of EUROJUST, a permanent judicial cooperation unit, to improve the fight against organised crime. Established in 2002 and based in The Hague, it acts as a central contact point. In 2008, a new Council Decision on the strengthening of EUROJUST was signed to give it further operational capabilities31. In the Hague Programme in 200432, one of the more concrete proposals that was advanced was “a promise to revolutionize how European police forces share information across borders by adhering to a “principle of availability” by January 2008. The principle of availability means that police forces will no longer need to formally request information from each other, or rely on informal “old boy” networks to get information. Police from one EU country will have access to police files in another, unless a good reason is given to the contrary”33. Another important directive34 that was passed in 2004 included the power for Member States to seize assets that were the product of proceed of crimes. In the Lisbon Treaty, which came into force in 2009, “many JHA areas move[d] from the consultation procedure with unanimity in the Council and only consultation of the 27 Cf. UN definition of Transnational Organised Crime https://www.unodc.org/unodc/en/organisedcrime/intro/UNTOC.html#Fulltext [accessed 1 February 2018]. 28 Malins, La Costruzione dello Spazio giuridico Europeo contro il crimine Organizazzato, Verso la Conferenza ONU di Palermo del 12–15 dicembre 2000, Seminario organizzato dalla Commissione Parlamentare d’inchiesta sul fenomeno della mafia e delle alter associazioni criminali similari, Roma 2–3 novembre 2000, Camera dei Deputati, Roma, 113. 29 Cf. Malins, supra, 174. 30 Brady, supra, 15. 31 Cf. https://eur-lex.europa.eu/legalcontent/EN/TXT/?uri=CELEX:32009D0426 [accessed 25/4/18]. 32 Cf. http://eurlex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:C:2005:053:0001:0014:EN:PDF [accessed February 2018]. 33 Brady, supra, 15–16. 34 Cf. Directive 2014/42/EU of the European Parliament and of the Council of 3 April 2014 on the freezing and confiscation of instrumentalities and proceeds of crime in the European Union. Based on the Italian model, this directive has taken a long time to be implemented. For example, in 2018 the UK has still not fully implemented the directive into national legislation.

70

Allum/Gilmour

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:14 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. The Fight against Organised Crime and its proliferation in the European Union

European Parliament (EP) to the ordinary legislative procedure with qualified majority voting (QMV) in the Council and full co-legislative powers of the EP”35. This effectively gave the EP greater involvement and also more extensive powers in the area of JHA (such as Europol, Eurojust, Judicial cooperation in criminal matters and Non-operational police cooperation36), thereby “effectively communautarizing” the organised crime agenda37. The EP has also played its part in the development of this area. Its Committee on Civil Liberties, Justice, and Home Affairs (LIBE) has consistently voiced its concern38 for the need to establish EU data protection standards to protect citizens’ rights otherwise, it will do everything it can in its power to block39 the development of EU databases (including the Prüm DNA/Fingerprint databases40). In 2011, on the initiative of Italian MEP Sonia Alfano, the EP established a Special Committee on Organised Crime, Corruption and Money Laundering (CRIM) whose mandate was to make ‘recommendations to tackle organised crime across the European Union’. In particular, it ‘paid particular attention to methods and procedures used in Italy, as models’41. In 2013, the EP approved a ‘Resolution on Organised Crime in the EU’ in which it identified 21 recommendations for concrete action and measures which would be implemented between 2014–2019. This resolution has been described by Italian prosecutor Roberto Scarpinato as ‘potentially a watershed moment’42 in the EU’s fight against organised crime as it seeks to force Member States to take collective action. However, the committee’s midterm report was quite heavily criticized for not sufficiently allowing research to be carried out in the Union and its Member States on this topic, for failing to ask what such a committee could be expected to achieve in the given circumstances, and how it could or should tackle a feasible assignment within a set timeframe43. CRIM was not re-established in the new EP term in 2016, but the EP’s Committee on Civil Liberties, Justice and Home affairs has been overseeing the implementation of those recommendations. However, there appears to be some disappointment about exactly what this committee has achieved. This brief overview of how policies on organised crime and police cooperation have developed in the EU highlights various tensions in a delicate political context. Organised crime is not easy to define and understand in one national context, let alone an international community of Member States. There exist various political tensions in 35 Cf. https://www.consilium.europa.eu/uedocs/cms_data/docs/pressdata/en/ec/111615.pdf [accessed 1/2/2018]. 36 cf. https://www.consilium.europa.eu/uedocs/cms_data/docs/pressdata/en/ec/111615.pdf [accessed 1/2/2018]. 37 Allum and Den Boer, supra 140. 38 See LIBE report on the proposal for a regulation of the European Parliament and of the Council concerning the respect for private life and the protection of personal data in electronic communications and repealing Directive 2002/58/EC (Regulation on Privacy and Electronic Communications) (COM (2017) 0 010 – C8 – 0009/2017 – 2017/0003 (COD)) http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP// NONSGML+REPORT+A8-2017-0324+0+DOC+PDF+V0//EN [Accessed 7 February 2018]. 39 It effectively has very little power in this regard apart from blocking any initiatives in relation to the Schengen Zone. Stronger regulation came into force through the EC General Data Protection Regulation see https://ec.europa.eu/info/law/law-topic/data-protection/reform/what-does-general-dataprotection-regulation-gdpr-govern_en [ccessed 1/2/2018]. 40 Cf. https://ec.europa.eu/home-affairs/what-we-do/policies/police-cooperation/information-exchange/ eixm_en [7 Accessed February 2018]. 41 Cf. Papademetriou, Global Legal Monitor, European Union: Parliamentary Committee on Organised Crime and Money Laundering, 19/10/2012, Available at: http://www.loc.gov/law/foreign-news/article/european-union-parliamentary-committee-on-organised-crime-and-money-laundering/(accessed 10/8/2016). 42 Quoted by Alfano, supra, 12. 43 See Fijnaut, C., “The European Parliament and organised crime: the impending failure of the Alfano Committee”, Eur. J. Crime Crim. L. & Crim. Just, (2013), 21, 1.

Allum/Gilmour

71

21

22

23

24

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:15 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

terms of transferring police powers to a higher authority as well as specific countries seeking to impose their vision on others (this could be suggested for Italy). 25 What emerges is that the EU’s Treaties, Action Plans and Framework Decisions are a patchwork of ideas, strategies and approaches. Although there is an attempt to have a clear internal security agenda, there does not exist one coherent European voice on how to tackle organised crime. This is because of the multitude of positions and opinions. As a result, EU institutional structures and decisions leave space for the interpretation and, ultimately, non-application of agreed common norms. This also extends into the domain of police and judicial cooperation: is it best to seek one coherent approach or to harmonize laws? The EU poses a real challenge to states about how to find the most appropriate formula. In terms of police cooperation, instead of waiting for states to decide the best way forward, information sharing between states is seen as an acceptable way forward.

C. What is organised crime in the EU? Citizens’ perceptions We often underestimate how important perceptions of a social phenomenon are because they influence policy-makers and politicians. And yet, they are often based on poor information, misunderstandings or misrepresentation of issues perpetuated by newspapers, films and novels. 27 Organised crime and mafias are areas that particularly suffer from this problem, because they are often portrayed in an over-sensationalised or romantic way in films or TV series, far away from the harsh reality of the phenomenon. For example, in 2013, a mixed group of British police and law enforcement agencies44 had the following images when asked to think about Italian mafias: “Al Pacino”, “dark clothing”, “horse’s heads”, “well dressed men sitting round a table”, “omertà”, “pasta houses”, “The Sopranos”, “Gomorrah”45. A far cry from the reality of illicit Italian mafia money being invested in businesses in London and the UK46. 28 So, perceptions are important but they can also be dangerous as they are the thermometer policy makers and politicians look at and refer to. If organised crime groups and activities are not perceived as a worrying phenomenon by the general public, then politicians will not take it seriously either. 29 An EU-wide survey of the perceptions of organised crime does not exist47. There are only special Eurobarometer reports: one focusing on ‘Organised, cross border crime and corruption’ (200648) and another on Awareness of Home Affairs (201249). There exists very little survey material on European citizens’ perceptions of organised crime from 26

44 A questionnaire was distributed among a very small (max 15) mixed group of police and law enforcement agencies in March 2013. 45 Cf. Allum, “Godfathers, dark glasses, and pasta”: Discussing British perceptions of Italian Mafias’, Sicurezza e scienze sociali, 3EN (2013), 51–68. 46 Cf. http://theconversation.com/mafia-in-the-uk-the-story-cant-simply-end-in-uxbridge-38186 [Accessed 3 February 2018]. 47 What does exist is a Corruption Perception Index. This has been published annually by Transparency International since 1995 and ranks countries according to how experts and opinion polls perceive corruption. See http://www.transparency.org/cpi2015?gclid=Cj0KEQjwxLC9BRDb1dP8o7Op68IBEiQAwWggQN0nTVcGTDNt9yeaXFBz3_95l_iXngVIEddfbhJfjiwaAk1_8P8HAQ (accessed 12/8/2016). 48 Cf. Eurobarometer, 2006, Special Eurobarometer 245/Wave 64.3 – TNS Opinion & Social, Opinions on organised, cross-border crime and corruption, Brussels. Available at http://ec.europa.eu/commfrontoffice/publicopinion/archives/ebs/ebs_245_sum_en.pdf [accessed 20 March 2017]. 49 Cf. Special Eurobarometer 380, Awareness of Home Affairs, Special Eurobarometer 380/Wave EB76.4–TNS Opinion & Social, 2012, available at http://ec.europa.eu/commfrontoffice/publicopinion/ archives/ebs/ebs_380_en.pdf [accessed 20 March 2017].

72

Allum/Gilmour

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:16 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. The Fight against Organised Crime and its proliferation in the European Union

individual Member States like France, Spain and Germany, perhaps this is because, as Jacques Dughera has pointed out, ‘mafia and organised crime only concerns others’50. Here, a brief summary of the available sources is presented in order to show how different Members States may perceive the question of organised crime. What we see is that where organised crime is visible, citizens are aware of the phenomenon where it is less tangible, the threat is felt as more removed. An A Ipsos Mori survey of public perceptions of organised crime in Scotland51 in 201352 showed that people had a good sense of what the phenomenon was. When asked what type of illegal activities they associated with organised crime: 72 % said drug dealing, 20 % money laundering and 18 % people trafficking. 8 % were unable to name any type of organised crime activity. 10 % said that they have been personally affected by organised crime in the last three years. 69 % of people in Scotland (nearly 7 out of 10) believe that organised crime is not a serious problem in their neighbourhood, while just over 27 % perceive it to be a serious issue, with those living in urban (31 %) and the most deprived areas (46 %) most likely to regard it as a problem. Those most likely to be affected by organised crime were young people (38 %), old people (25 %) and those on low income/from deprived backgrounds (16 %). When asked about the most significant impact of organised crime in Scotland, the answers were interesting: 21 % said fear in the community, 17 % drugs/ drug abuse, 12 % less money for public services, 11 % violence in the community and 11 % damage to victims’ health53. Not all agreed on who should tackle the problem: 88 % said the police, 38 % the Scottish government, 19 % local communities, 15 % everyone and 11 % councils. 63 % felt that the police were effective while 17 % felt it was ineffective. 81 % of people would report someone who was suspected of being involved in organised crime (85 % among women) while 8 % were unsure of what to do54. Similar questions were asked to students55 at the University of Bath in October 2016. When asked what illegal activities they associated with organised crime: 79 % said drugs, 52.5 % money laundering, 51 % human trafficking, 36 % extortion, 32.5 % violence and 2.5 % prostitution. About 9 % said they had been affected by organised crime in the last three years, mainly by theft and violence. 47 % believed that organised crime is not at all a serious problem in their neighbourhood while only 3 % believed it is a serious problem. They believed that the most affected were the low income/deprived 56 %, the weak 32 %, addicts 32 % and immigrants 29 %. Maybe this is because they see organised crime as something slightly removed from their everyday reality and lives. In 2009, a Home Office sponsored study explored the nature and extent of public concerns about organised crime in the UK56. The study focused on 4 main areas of 50 Cf. http://alternatives-economiques.fr/blogs/jdughera/2015/11/24/guerre-contre-la-criminalite-organisee-ou-en-est-on-en-france/[accessed 20 March 2017]. 51 Results are based on a survey of 1,001 respondents (adults aged 18+) conducted by telephone between 29th April – 5th May 2013. 52 Scottish Government, 2013, Public Perceptions of Organised Crime in Scotland, Ipsos MORI Scotland, Crime and Justice, Social Research, available at https://www.ipsos.com/sites/default/files/ migrations/en-uk/files/Assets/Docs/Scotland/Scotland_SPOM_Organised_Crime_Report_190913.pdf [accessed 12 August 2016]. 53 Cf. Scottish Government, supra, 6. 54 Cf. Scottish Government, supra, 8. 55 125 undergraduate and postgraduates students at the University of Bath in the department of Politics, Languages and International Studies answered this questionnaire during October 2016. All answers were gathered and treated anonymously. 56 Cf. Bullock, Chowdhury and Hollings, Home Office, 2009, Research Report 16, Public Concerns about Organised crime, Key implications, The Report, Summary, 2009, pp. 1–17, available at https://

Allum/Gilmour

73

30

31

32

33

34

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:16 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

questioning: (1) access to information about organised crime; (2) forms and characteristics of organised crime; (3) harms associated with organised crime and (4) impact of organised crime on society. The report highlighted that respondents understanding of organised crime was based largely on its image in popular culture, notably its representation in films and on television57. In conclusion, “most respondents thought that organised crime causes serious harm to the country”58: “it generate[d] high levels of harm at both national and local levels (…) a great deal of individual worry”. In particular, “crimes that impact at the individual level were considered most harmful and those impacting on the wider societal or business level the least harmful”59. 35 A short questionnaire distributed among English police officers60 in the South East of England in October-November 2016 gives us an interesting insight into their perceptions and understanding of Italian Mafias. The images that come to mind of Italian mafias are still strongly influenced by films, actors and scenes such as The Sopranos, Scarface, Marlon Brando, Joe Pesci, or Goodfellas. And yet, 83 % identified violence as their main activity, 81 % drugs, 77 % extortion and 77 % corruption, which may suggest that they do not necessarily consider Italian mafias as more invisible and sophisticated forms of crime but rather blatant and visible. 26 % believe that Italian mafias are not particularly or not harmful at all to Italy, 43 % believe that Italian mafias are not particularly or not harmful at all to Europe and 63 % believe that Italian mafias are not particularly or not harmful at all to the UK. In Italy, perceptions are clearly different. It is not seen as a remote and removed question from the everyday lives of citizens, even in the North. A questionnaire61 of secondary school children in Basilicata published in 201062 shows that they have a good understanding of the mafia question: there was “unanimous and strict disapproval about mafia crimes, its system of (counter) values, its power-seeking beyond rules, its violence, its structural illegal activities”63. The conspiracy of silence was blamed as a factor for its existence while understanding the seriousness of its threat. These students demonstrated a “mistrust and pessimism” towards public institutions as a result, but expressed a notion of resigned “fatal” co-habitation with an underlining sense of passivity64. 36 Another survey65 of shopkeepers and businesses in Turin in 201466 also confirms the concrete knowledge of mafias even in the North of Italy: around 60 % define mafia as a criminal association with economic and political powers, 21.3 % an organised system of violence and corruption and 8.2 % as a mentality. To the question what does the mafia do; in Turin 86.5 % believe they are interested in distributing and selling drugs, 62.9 % www.gov.uk/government/uploads/system/uploads/attachment_data/file/116623/horr16-report.pdf (accessed 10 March 2017). 57 Bullock et al, Home Office, 2009, supra, 3. 58 Bullock et al, Home Office, 2009, supra, i. 59 Bullock et al, Home Office, 2009, supra, iii. 60 36 police officers answered the questionnaire anonymously. The average age was 39: 74 % men and 26 % women. Some results discussed in Allum, 2013. 61 270 questionnaires distributed to young people (attending all forms of secondary schools) in the Province of Matera, Italy. 62 Calvanese, ‘Criminalità organizzata in Basilicata: la percezione sociale da parte dei giovani lucani’, in Rassegna Italiana di Criminologia. 2010 (1), pp. 35–58, available at http://www.rassegnaitalianadicriminologia. it/home/item/42-criminalit%C3%A0-organizzata-in-basilicata-la-percezione-sociale-del-fenomeno-da-partedei-giovani-lucani [accessed 1 March 2017]. 63 Calvanese, supra, 36. 64 Calvanese, supra, 36. 65 900 questionnaires distributed in 4 different districts of Turin, 501 returned, a completion rate of 55.6 %. 66 Sciarrone, R., Dagnes, J., and Storti, L.,, Presentation, Criminalità organizzata, contesto di legalità, e sicurezza urbaba; un’indagine tra gli operatori economici di Torino, Dipartimento di Culture, Politica e Società Università degli Studi di Torino, 2014, Italy.

74

Allum/Gilmour

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:17 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. The Fight against Organised Crime and its proliferation in the European Union

controlling subcontracts, 53.8 % building developments, 53.1 % usury (loan sharking) and 41.1 % providing votes in exchange for favours, etc67. As a result, 89 % believe that it damages the economy, 2 % believe it helps the economy and 9 % that it has nothing to do with the economy68. At the EU level, there exists limited data and it does not tend to focus on organised 37 crime in-depth but in relation to other phenomenon such as terrorism or corruption. For example, the 2006 Eurobarometer report focused uniquely on the link between organised crime and corruption. They asked about this relationship and found that ‘one out of two citizens considers that most corruption is caused by organised crime (54 %), whereas 35 % of the people interviewed reject that view’69. 11 % had no opinion. Italy (70 %), Slovenia (67 %) and Lithuania (67 %) are convinced of the link between organised crime and corruption, while the Republic of Cyprus (54 %), Czech Republic (52 % and Finland (51 %) do not agree that there is a link in their country, whilst there were 24 % of don’t knows in Portugal, 22 % in Estonia and 20 % in Spain70. Around 76 % of European citizens believe that preventing and combatting cross 38 border crime would be more effective if common policy decisions were taken at European level. But, “more than a quarter of citizens in Sweden (27 %), the United Kingdom (27 %) and Denmark (26 %) do not think that joint decisions […] would make police in this area [anti-organised crime and anti-corruption policies] more effective”71. However, asked about who and at what level the threat of organised crime and 39 terrorism should be combatted, 91 % agree that it is EU institutions and governments of Member States which should work more closely together as an effective way of tackling terrorism and organised crime’72. Those countries where respondents are least likely to agree are the UK (87 %), Austria (84 %) and Portugal (82 %)73. Opinion about whether Member States can counter organised crime and terrorism on their own varies across Member States: Poland (62 %), Italy (54 %), Belgium (54 %), France (53 %), Romania (52 %), Netherlands (52 %) and UK (45 %)74.

D. The reality of organised crime and its fight in the EU Since 2004, EUROPOL has published a variety of strategic analysis reports that provide 40 an overview of organised crime in the EU: there are the EU terrorism situation and trends reports75 organised crime threat assessments (SOCTA76) (including one that focuses on internet organised crime, IOCTA77), threat assessment reports (Migrant smuggling networks78, Italian organised crime79 and environmental crime80) and trend reports81. 67

Sciarrone, Dagnes and Storti, supra, 20. Sciarrone, Dagnes and Storti, supra, 21. 69 Eurobarometer, 2006, supra, 12. 70 Eurobarometer, 2006, supra, 11. 71 Eurobarometer, 2006, supra, 7. 72 Eurobarometer, 2012, supra 64. 73 Eurobarometer, 2012, supra, 66. 74 Eurobarometer, 2012, supra, 69. 75 Published since 2008. 76 Published in 2004, 2005, 2006, 2007, 2009, 2011, 2014. 77 Published in 2011, 2014, 2015. 78 Published in 2016. 79 Published in 2013. 80 Published in 2013. 81 See: https://www.europol.europa.eu/crime-areas-and-trends/trends-and-routes#fndtn-tabs-0-bottom-2 [Accessed February 2018]. 68

Allum/Gilmour

75

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:18 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda 41

42

43

44

45

In EUROPOL’s 2013 EU Serious and Organised Crime Threat Assessment report, it estimated that there were ‘3600 organised crime groups active in the EU’82, whereas by 2017, ‘approximately 5,000 international OCGs [were] currently under investigation in the EU’83. To put this into some kind of perspective, Italian figures suggest in 2016 that there are 90 Camorra clans in the Province of Naples, 114 in the Campania region with 4000–4500 members, in Calabria, 160 clans with 4389 members and in the Province of Palermo, 2400 members alone. Some suggest that each organisation has approximately 6000 members each84. But how these figures are calculated always remains somewhat problematic. According to EUROPOL’s 2013 report, organised crime groups are increasingly networked in their crimes and behaviour, increasingly heterogeneous although ethnic kinship, linguistic and historic ties remain important and increasingly flexible, engaging in multiple forms of crime85. In terms of figures, it estimated that in 2013, 70 % of groups were composed of members of multi nationalities, 30 % of groups are poly-crime groups (active in more than one criminal activity) and 40 % of groups have a network type structure. In 2017, 45 % of groups are now poly-crime groups. 70 % are active in more than three countries with 10 % being active in more than seven countries86. EUROPOL identifies two main models of group organisation: on the one hand, classic hierarchies and on the other, networks with cellular structures, less rigid than permanent hierarchies. But, then adds that ‘between these two models there are other varying forms of organisation and their typical features are not necessarily mutually exclusive. Groups can adapt to the characteristics of either or even both models’87. It is believed that these groups are increasingly entrepreneurial in approach and business management because ‘the use of violence is often counterproductive and almost always attracts unwanted law enforcement attention and retaliatory actions’88. It goes on ‘violence is used by most OCGs only in a measured, deliberate and premeditated manner and when deemed strictly necessary’. However, some OCGs use violence as an integral part of their strategy. In these cases, violence is used to intimidate witnesses, to extort money and collect debts, to coerce people to take part in or facilitate criminal activities, to forcefully take over businesses, to consolidate a group’s position in a certain crime area and as part of robberies and other property crimes’89. The 2017 EUROPOL report moves away from commodities and takes a ‘forward look at potential developments that are framed not simply in terms of law enforcement practice, but in a wider societal context’90. However, this information has to be qualified: the report is composed by EUROPOL based on intelligence sent by national police forces and, as Brady pointed out in 2006, while one Member State contributed over 500 pages of criminal intelligence to EUROPOL’s first organised crime threat assessment, another offered only a single page91. He 82 Cf. EUROPOLs EU Serious and Organised Crime Threat Assessment (SOCTA 2013) Available here: https://www.europol.europa.eu/activities-services/main-reports/eu-serious-and-organised-crime-threatassessment-socta-2013, 2013, 6, [accessed 12 March 2017]. 83 Cf. EUROPOL’s European Union Serious and Organised Crime Threat Assessment 2017, available here https://www.europol.europa.eu/activities-services/main-reports/european-union-serious-and-organised-crime-threat-assessment-2017, 7 [accessed 12 March 2017]. 84 La Spina, A., Il mondo di mezzo. Mafie e antimafie, Bologna: Mulino, (2016), 181. 85 Europol, 2013, supra, 6–7. 86 Europol, 2017, supra, 15. 87 Europol, 2013, supra, 33. 88 Europol, 2013, supra, 35. 89 Europol, 2013, supra. 90 Europol, 2017, supra, 1. 91 Brady, supra, 19.

76

Allum/Gilmour

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:18 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. The Fight against Organised Crime and its proliferation in the European Union

makes the point that “some Member States still do not give EUROPOL sufficient support” both in terms of information or personnel92. For example, for the 2013 EUROPOL’s Threat Assessment – Italian Organised Crime report93, it is clear that some of the larger Member States did not participate in the collection of data. So, it would appear that information sharing remains partial and its resulting overall picture very general, made up of all forms of organised crime and no forms of unorganised crime. As EUROPOL is intrinsically interlinked with a political project, there still lacks a real understanding of the necessity to have one central European police agency that coordinates and oversees investigations. As a result, European cooperation and interaction covers all forms of serious and organised crime activities but it remains patchy at best. Some examples of historic operations may highlight this in more detail. According to Marotta, Operation Bravo clarifies well how EUROPOL supports Member States94. This operation was undertaken in 1999 with the involvement of the Dutch, German, Belgian, Spanish, Danish, Swedish, Finnish law enforcement authorities and EUROPOL. It ‘uncovered a large-scale drug trafficking organisation’ that had been active in several Member States over a number of years. In December 1999, 12 people were simultaneously arrested in different locations in Finland, 5 at a later date and 207 kg of drugs were seized.95 Because this international network is active and present in several countries, “the role of EUROPOL as a co-ordinator of operative work, exchange of information and analyser of information has been significant”96. Operation Samot97 also highlights the usefulness and efficiency of European police cooperation, in this case, in relation to a human trafficking. Towards the end of 1998, Dutch law enforcement agencies started investigating an Iraqi organised crime group that appeared to be involved in the illegal trafficking of human beings. The organisers appeared to be resident in the Netherlands but the group organised the illegal transport of Iranian nationals into Scandinavia, the UK and Canada. The initial results of the investigations revealed that the organisation was arranging the passage of illegal immigrants from the Netherlands via Belgium and France into the UK. In order to target this international organisation as a whole, an international co-operation team was set up through EUROPOL. At the beginning of April 1999 an operational meeting took place through the liaison network within EUROPOL with representatives from the Netherlands and the UK, who also exchanged information with Belgium and France. As a result of this European co-operation, it was possible to arrest the main target in the UK in April 1999 and 9 others in May in the Netherlands, UK and France98. These cases involve a small number of Member States and therefore perhaps are easier to coordinate. However, there have been cases with an important number of member states such as Operation Gomorrah in 2008 which involved over 18 Member States and third countries. This operation highlights the positive energy and perhaps also the negative obstacles of European-International police cooperation. In 2008, “a 92

Brady, supra. Europol, Threat Assessment – Italian Organised Crime, 2013, available at https://www.europol.europa. eu/publications-documents/threat-assessment-italian-organised-crime [accessed 1 September 2017]. 94 Marotta, E., ‘Role and Action of EUROPOL in combatting organised crime’ in: Longo (ed.) The European Union and the Challenge of Transnational Organised Crime, Towards a Common Police and Judicial Approach, (2002) Milano, 113–114. 95 179 kg of hashish, 21 kg of amphetamines, and 7 kg of marihuana See http://www.burojansen.nl/ EUROPOL/EUROPOL1999.html [accessed 17 August 2016]. 96 Marotta, supra, 114. 97 Cf. http://www.burojansen.nl/EUROPOL/EUROPOL1999.html [accessed 17 August 2016]. 98 Cf. http://www.burojansen.nl/EUROPOL/EUROPOL1999.html [accessed 17 August 2016]. 93

Allum/Gilmour

77

46

47

48

49

50

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:19 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

two-year investigation coordinated by EUROPOL and EUROJUST involved 20 Member States and 3 third countries. This resulted in the arrest of 67 criminals linked to Camorra clans, the seizure of more than 800 tons of counterfeit products valued at 12 million euro and the recovery of assets exceeding 16 million euro”99. In the Italian document100 requesting information from other countries, the input from EUROPOL was systematically referred to in a very positive tone. 51 Obviously, EUROPOL was also involved and submitted a very detailed report that produced investigative leads101. A lot of documents helped to produce those conclusions, one of which merits special mention, the EUROPOL document AWF Copy (…) that collected many clues, all very significant in sustaining the hypothesis of this investigation102. For the whole investigation EUROPOL was constantly involved, it had pre-announced the creation of a working group, in which all confidentiality on gathered information was lifted103.

E. The fight against organised crime: Is a “European Criminal Intelligence Model” the only way forward? Among the complex and at times, confused approach towards organised crime that has emerged, EUROPOL and EUROJUST are the two main concrete tools that have developed at EU level to counter crime. In other words, closer police and judicial cooperation. Both institutions have been given the task to coordinate operational work, exchange information and analyze data. From an overarching supervisory role, they have gained more hands-on powers in terms of directing operations. EUROPOL, since 2006, has produced an annual assessment report on organised crime made up of information provided by national police forces. This would seem a useful tool to monitor organised crime and identify trans-border trends throughout Europe. 53 However, because of the lack of political will and desire to create a collective European police and judicial space, both tools have suffered from not being given enough powers and a legitimate status among Member States104 and even third parties like the USA. For example, in the past, as “EUROPOL cannot share information about transnational cases that impact on its jurisdiction, the US does not take EUROPOL very seriously and prefers to stick to its bilateral channels. EUROPOL also complains that Member State liaison officers based in Washington seldom consult its office in the same city”.105 54 In 2005, a “European Criminal Intelligence Model” was proposed as a practical way for European Police forces to exchange information106. It was seen as “a policing plan 52

99 Cf. Council of the European Union, From: Hungarian delegation, To: Customs Cooperation Working Party, n. prev. doc: 7805/3/10 REV 3 ENFOCUSTOMS 26, Subject: Threat Assessment on Intellectual Property Rights (IPR) 2010: 5). http://www.statewatch.org/news/2011/jan/eu-council-threat-assesmentipr-15841-rev1-10-2.pdf, 5. [accessed 18 August 2016]. 100 Cf. Procura di Napoli, Procidimento penale n. 54548/2008 RGNR del RG della Procura di Napoli – Richiesta di scambio informative prelimainare tra autorità giudiziarie. Art. 18 Convenzione ONU sul Crimine Organizzato, Riferimento per Eurojust n. 4991/2008, 15/12/2008. 101 Procura di Napoli, supra, 2. 102 Procura di Napoli, supra, 2. 103 Procura di Napoli, supra, 6. 104 Den Boer & Bruggeman, ‘Shifting gear: Europol in the contemporary policing era’, Politique Européenne 2007/3 (n° 23), 79. 105 Brady, supra, 34. 106 Goold, Development of The Organised Crime Threat Assessment (OCTA) and Internal Security Architecture European Parliament (LIBE) PE 410.682, (2009) Brussels: http://www.europarl.europa.eu/ RegData/etudes/etudes/join/2009/410682/IPOL-LIBE_ET(2009)410682_EN.pdf [accessed 3 February 2018].

78

Allum/Gilmour

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:19 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. The Fight against Organised Crime and its proliferation in the European Union

for coordinating investigations against organised crime throughout the EU, according to a method called intelligence-led policing”107 and was to be implemented by 2008. However, in 2005, some Member States (Austria, the Benelux countries, France, Germany and Spain) also decided to push ahead on this front separately because they saw it as one of the only viable ways forward. The Prüm Decision108, a kind of ‘laboratory’109, developed systems in which Police forces could exchange information (DNA, fingerprints, vehicle registration, etc.) quickly and easily; it was seen as ‘an information-sharing avant-garde outside the EU’110 Although it was feared that this system would undermine EU initiatives, it did not. Rather it acted as an encouraging force, removing some of the barriers that Bigo111 identified as necessary to maintain individual state sovereignty against the overwhelming appeal of state silo-busting global security strategies and thereby bolstering the EU Internal Security strategy with its focus on intelligence sharing across borders. Originally hostile to the idea of automatic intelligence sharing with other countries112, the UK Government opted back in to the Prüm measures113 and is discussing the possibility of maintaining open intelligence sharing in a bilateral agreement following Brexit. Questions of security appear to be winning the battle with those who would privilege individual, or at least state-level, sovereignty. In the Post-Stockholm agreement policy cycle data protection, although a central concern, is seen as negotiable based on acceptance of the EU’s new General Data Protection Regulation (GDPR)114. This sets the rules to allow intelligence and personal information to transfer across state boundaries and outside of the EU. In January 2017, a Council Resolution on a model agreement for setting up Joint 55 Investigation Teams (JIT115) (2017/C 18/01) was passed as well as clarification in Article 5 of Europol’s Regulations. They have sought to create links among national police and judicial agencies to enable better cooperation in transnational EU-wide investigations. In other words, these teams are able to (1) request and share information more informally, (2) be present at house searches and surveillance in other countries, (3) coordinate efforts on the spot, (4) build up trust between practitioners from different countries working together and deciding on common strategies and (5) prosecuting offenders in the appropriate jurisdiction. EUROPOL and EUROJUST provide direct support and assistance together with EU funding. Compared with the traditional way of information sharing which has been the International letter of request (ILOR), which were considered slow, cumbersome and bureaucratic, these teams have become “an invaluable tool for large-scale cross border enquiries and have now become a well utilized avenue for investigators to use”116. However, it may not be that straightforward to implement. Italy, considered a main player in the fight against organised crime, only117 implemented the 107

Brady, supra, 15. See Ryder, European Criminal Intelligence, Part 3 Chapter 3, in this volume. Cf. https://eurlex.europa.eu/legalcontent/EN/TXT/?uri=LEGISSUM%3Ajl0005 [accessed 25 April 2018]. 109 Brady, supra, 21. 110 Brady, supra, 21. 111 Bigo, “EU Police Cooperation: National Sovereignty Framed by European Security” in: Guild and Geyer (eds) Security versus Justice? Police and Judicial Cooperation in the European Union, Routledge (2016), 93. 112 Cf. conversation in Parliament at: https://publications.parliament.uk/pa/cm201516/cmselect/cmeuleg/342-xii/34205.htm [accessed February 2018]. 113 Cf. full Parliamentary decision at: https://publications.parliament.uk/pa/cm201617/cmselect/cmeuleg/71-vi/7122.htm [accessed February 2018]. 114 Cf. https://www.eugdpr.org/[accessed February 2018]. 115 de Buck, ‘Joint Investigation Teams’, ERA Forum, (2007), 8: 253–264. See also https://www.europol.europa.eu/activities-services/joint-investigation-teams [accessed 1 February 2018]. 116 Interview with Police officer, OC unit, Metropolitan police, 20 October 2016. 117 6 years after. 108

Allum/Gilmour

79

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:20 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

JIT into law in 2016. Even then, Italy has found it problematic. An Italian prosecutor who uses JIT argued that there clearly exist language and cultural barriers as well as financial and time constrains118. So, while it is a step in the right direction in terms of “intelligence sharing”, still more needs to be done to make this wholly efficient including guaranteeing funding. Caution is as ever at the forefront of key developments. 56 JIT build on the work of the police liaison officers that have been used in police cooperation since the 1970s and which in 1996 was formalized to have EU police liaison officers located in European capitals. But, again, their work has not been straightforward. Liaison officers have often become isolated individuals in capitals using discretionary and ad hoc powers in terms of what they do119 and how they engage with local and national law enforcement agencies. The Academic Advisors of EUROPOL’s 2017 threat assessment acknowledged this key impediment, stating; the ‘lack of harmonisation of law and failures in implementing international standards as a possible obstacle to the effectiveness of criminal investigations’120. 57 The decision by the UK to leave the EU will also mean a departure from the current arrangement it has with EUROPOL. This is likely to bring a new arrangement to the fore121 perhaps similar to the one negotiated by Denmark in its breakaway from EUROPOL in 2017122 following the introduction of EUROPOL’s new Regulation to strengthen cross-border investigations and cooperation123. Given that the UK has been a major contributor to EUROPOL (one of its directors was is British) and to EU policy on police collaboration and information sharing124, this is likely to have lasting impact across the Union. The UK Government has, however, stressed that it is keen to avoid a “limited patchwork of cooperation” that would potentially create “operational gaps” in security across Europe125. It sees a new strategic agreement between the UK and the EU as the best way forward but some commentators have pointed out the lengthy timeframe that such negotiations have endured in the past, with 9 to twelve years being close to the norm126.

F. Conclusions 58

This chapter has sought to outline the developments within EU policies and practices that improve the collective understanding of and law enforcement impact upon organised crime, including intelligence sharing across EU Institutions, States, and State 118

Interview with Italian Antimafia Prosecutor, Naples, 28 October 2016. Block, 2010, ‘Bilateral Police Liaison Officers: Practices and European Policy’, Journal of European Research, vol 6, n. 2, pp 194–210. 120 Comment by Academic Advisors, SOCTAs, 2017, Europol, 1, available at https://www.europol.europa. eu/activities-services/main-reports/european-union-serious-and-organised-crime-threat-assessment-2017 [accessed 1 June 2017]. 121 Martill. and Staiger. (eds). 2018. Brexit and Beyond: Rethinking the Futures of Europe, UCL Press, 150. 122 Cf. agreement between Denmark and EUROPOL at https://www.europol.europa.eu/publicationsdocuments/agreement-operational-and-strategic-cooperation-between-kingdom-of-denmark-and-europol [accessed February 2018]. 123 Cf. new Regulation at http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0794&from=EN [accessed February 2018]. 124 Martill. and Staiger. (eds). 2018, supra, 158; Sergio Carrera, Jean-Pierre Cassarino, Nora El Qadim, Mehdi Lahlou, Leonhard Den Hertog. EU-Morocco Cooperation on Readmission, Borders and Protection: A model to follow? 2016. , 4. 125 Cf. HM Government, 2017. Security, law enforcement and criminal justice: A future partnership paper, 13, UK Government, London. Available at: https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/645416/Security__law_enforcement_and_criminal_justice_-_a_future_partnership_paper.PDF [accessed February 2018]. 126 Martill and Staiger, supra, 152. 119

80

Allum/Gilmour

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:21 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. The Fight against Organised Crime and its proliferation in the European Union

Actors. Political and Police strategies for cooperation against organised crime in the EU have been fraught with delay and compromise as clashes between privileging “security” against “sovereignty” have played out in policy development and political discourse. Nevertheless, there has been significant progress made, even against the odds – 59 consider Denmark’s remarkable feat of political conjuring that saw it vote to leave EUROPOL (largely because of changes to intelligence sharing regulations) in a referendum and sign a last-minute agreement that changes its membership status whilst keeping its involvement in the European Police Office practically unchanged. These odds roll out once more as Brexit looms but most observers see a similar compromise in view for the future of British law enforcement and intelligence agencies in EUROPOL. The gradual linguistic merger between organised crime, terrorism, migration, and security has created a wider platform for EU agencies and political actors to negotiate upon and it is clear that a break from the EU’s five-year programmes (Tampere, Hague, and Stockholm) has allowed for a much broader approach127. The intelligence-led approach taken by EUROPOL, as outlined in their Threat 60 Assessments, sits at the heart of a coordinated approach to countering organised crime128 and is therefore critically important (and equally critical for their other themes, counter terrorism, cybercrime, etc.). With the future perhaps as unclear as it has ever been, there is still reason to be confident that past uncertainties are being dealt with in the development of cooperation against organised crime in the EU and beyond. This may take the form of further bilateral agreements to maintain progress, and retain the inclusion of the UK and ‘five-eyes’ partners in the mix (although there are clear calls for this to be a more transparent process if conducted out with the purview of international institutions129). The gains made in political, law enforcement, and judicial cooperation thus far, and over decades of development, are critical to maintain if the EU is to retain an ability to counter organised crime. 127 Cf. http://www.consilium.europa.eu/en/policies/strategic-guidelines-jha/for the full list [Accessed 3 February 2018]. 128 Goold,‘Mind the (information) Gap: making sense of the European Union’s strategic approach to transnational organised crime’ in Allum and Gilmour (eds) Routledge Handbook of Transnational Organised Crime, (2012), Routledge, Abingdon, UK. 129 Cf. https://www.privacyinternational.org/sites/default/files/2017-11/PI-Briefing-to-National-Intelligence-Oversight_0.pdf [accessed 3 February 2018].

Allum/Gilmour

81

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:21 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2 The Role of European Intelligence in Countering Terrorism Gilles de Kerchove/Christiane Höhn Outline A. Introduction ...................................................................................................................... I. Definition of intelligence? ..................................................................................... II. Importance of intelligence .................................................................................... III. Role of intelligence in counter-terrorism, including the US experience .... B. The EU framework with regard to intelligence ........................................................ I. Art. 4 (2) TEU ......................................................................................................... II. Challenges for the EU with regard to counter-terrorism and intelligence III. EU tools in the area of intelligence .................................................................... 1. EU Intelligence and Situation Centre (INTCEN)....................................... 2. Passenger Name Record (PNR) ...................................................................... 3. EU-US Terrorist Financing Tracking Programme (TFTP) ...................... 4. Financial Intelligence Units: FIU.net within Europol – secrecy by design .................................................................................................................... 5. Common risk indicators for security checks of EU nationals at external borders .................................................................................................. 6. Risk assessment methodology developed by the Commission (DG HOME) for air cargo (aviation security) and beyond ............................... 7. European Union Satellite Centre (SATCEN) .............................................. C. Relevant interfaces between EU tools and security services .................................. I. Schengen Information System (SIS) II............................................................... II. European Counter-Terrorism Centre (ECTC) at Europol............................ III. Interoperability of databases................................................................................. IV. Access of security services to the EU databases............................................... V. Security research ..................................................................................................... VI. EU Computer Emergency Response Team (CERT) ....................................... VII. Privacy shield ........................................................................................................... VIII. Fundamental Rights Agency................................................................................. IX. Battlefield information........................................................................................... D. European intelligence cooperation outside of the EU context .............................. I. Counter-Terrorism Group (CTG)....................................................................... II. Madrid Group.......................................................................................................... E. Assisting third countries to strengthen their security services in a rule of law framework.......................................................................................................................... F. What more could be done in the EU context? ......................................................... I. Under the existing legal framework ................................................................... 1. Commission to engage in dialogue with security services........................ 2. Commission to support cooperation in the context of Art. 73 TFEU... 3. Commission to support peer review and strengthening national services .................................................................................................................. 4. Commission to pool information in relevant areas to get a better information picture and subscribe to private databases............................ 5. Further develop concept of European security – what would this mean legally?................................................................................................................... 6. Harmonization of data protection and privacy rules?............................... 7. Designation by Member States of security services as competent authorities............................................................................................................. 8. Engagement of security services with the European Parliament............. 9. Engagement with the European Court of Justice ....................................... II. In the transatlantic context................................................................................... III. In the longer term future ...................................................................................... G. Conclusion .........................................................................................................................

82

de Kerchove/Höhn

mn. 1 6 12 17 33 33 37 40 41 42 45 47 50 51 54 55 56 61 72 73 75 77 80 83 84 85 85 88 89 93 94 95 96 99 100 103 105 106 107 108 109 112 116

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:22 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism Bibliography: Anderson, Attacks in London and Manchester, March – June 2017, Independent Assessment of MI5 and Police Internal Reviews, December 2017, available at: https://assets.publishing.service.gov.uk/ government/upl oads/system/uploads/attachment_data/file/664682/Attacks_in_London_and_Manchester_ Open_Report.pdf; Bauer, L’avenir du terrorisme, Institut Diderot, Les Carnets des Dialogues du Matin, Hiver 2015–2016, available at: www.institutdiderot.fr; Carter, D. L. & Carter, J. G. (2009), Intelligence Led Policing: Conceptual Considerations for Public Policy, Criminal Justice Policy Review, 20(3); Chesterman, One Nation Under Surveillance: A New Social Contract to Defend Freedom Without Sacrificing Liberty, Oxford University Press, 2011; Chertoff et. al, Globsec Intelligence Reform Initiative: Reforming Transatlantic Counter-Terrorism, 2016, available at: www.gobsec.org; Davies, Ideas of Intelligence Divergent National Concepts and Institutions Harvard International Review 24,3 (2002), p. 62–66; Den Boer (2014), Intelligence-led policing in Europe: lingering between idea and implementation, in: Duyvesteyn et al, The Future of Intelligence, Challenges in the 21st Century, Abingdon/New York, Routledge, p. 113; Den Boer (2015), Counter-Terrorism, Security and Intelligence in the EU: Governance Challenges for Collection, Exchange and Analysis, Intelligence and National Security, 30:2–3, 402–419; de Kerchove/Höhn, The Regional Answers and Governance Structure for Dealing with Foreign Fighters: the Case of the EU, in: Foreign Fighters under International Law and Beyond, eds. Andrea de Guttry, Francesca Capone, Christophe Paulussen (2016) pp. 299–326; European Political Strategy Center, Towards a “Security Union”, Bolstering the EU’s Counter-Terrorism Response, Issue 12/2016; Europol, Changes in Modus Operandi of IS revisited, November 2016; Fägersten (2015), Intelligence and decision-making within the Common Foreign and Security Policy, Swedish Institute for European Policy Studies, European Policy Analysis, issue 2015:22 epa; Fenech, Rapport fait au nom de la Commission d’enquête relative aux moyens mis en oeuvre par l’État pour lutter contre le terrorisme depuis le 7 janvier 2015, Assemblée nationale, No. 3922, July 2016; Gruszczak (2016), Intelligence Security in the European Union, Building a Strategic Intelligence Community, Palgrave/Macmillan; Hertzberger (2007), Counter-terrorism intelligence cooperation in the European Union, Turin, UNICRI; Kean/Hamilton (eds), The 9/11 Commission Report: Final Report of the National Commission on Terrorist Attacks Upon the United States, Washington, D.C (2004); Kaunert/Léonard, European security, terrorism and intelligence: Tackling new security challenges in Europe, Basingstoke/New York: Palgrave (2013); Kroon, Ma3tch: Privacy AND Knowledge “Dynamic Networked Collective Intelligence”, 2013 IEEE International Conference on Big Data, available at: http://ieeexplore.ieee.org/document/6691683/; Müller-Wille, For our eyes only, Shaping an intelligence community within the EU, EUISS. (2004); Palacios (2016), Intelligence Analysis Training: A European Perspective, The International Journal of Intelligence, Security and Public Affairs, 18:1, 34–56; Warner, Wanted: A Definition of “Intelligence”, Understanding Our Craft, Studies in Intelligence (CIA’s journal), Vol 46 No 3.

A. Introduction The European Council stated in its conclusions of 18 December 20151: “The recent 1 terrorist attacks demonstrate in particular the urgency of enhancing relevant information2 sharing.” Information collection, sharing and analysis are key in the fight against terrorism. As the pace and scale of recent terrorist attacks and foiled attacks in Europe have shown, having the best possible intelligence picture and acting upon it is especially important with regard to the European “foreign terrorist fighters”3 still in Syria and Iraq (some of whom might return to Europe) as well as Daesh, which has been directing, enabling or inspiring attacks in Europe, the region and around the world. In addition to strengthening efforts in the area of prevention of radicalization, it is 2 crucial for EU Member States to invest more in the security and intelligence services as well as law enforcement, to be as strong as possible at the national level. Strong services also encourage sharing among them. Sharing among law enforcement and security and 1 http://www.consilium.europa.eu/en/press/press-releases/2015/12/18-euco-conclusions/ (last checked 21 April 2017). 2 Information is a broad concept and includes law enforcement, intelligence and other information. 3 Individuals referred to as “foreign terrorist fighters” travel abroad for the purpose of terrorism. Definition contained in the DIRECTIVE (EU) 2017/541 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 15 March 2017 on combating terrorism and replacing Council Framework Decision 2002/475/JHA and amending Council Decision 2005/671/JHA. p 4.

de Kerchove/Höhn

83

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:23 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

intelligence services at the national level is increasing within the Member States. This horizontal sharing is necessary to have the full picture and the best possible analysis as both law enforcement and security/intelligence services work to prevent terrorist threats4. At European level, such cooperation is developing more slowly. Daesh has demonstrated that it works across national borders, that the various teams involved in recent attacks such as in Paris November 2015 and in Brussels March 2016, have been located in several Member States. 3 In addition, within the Schengen area, persons travel freely. Therefore, the abolition of internal border controls needs to be accompanied by so-called flanking security measures, including information sharing. One such tool is the Schengen Information System, which serves to put information from law enforcement and security services at the right place at the right time so that terrorist suspects entering the Schengen space can be identified during border or second line security checks. The SIS II can create valuable intelligence leads for security services and law enforcement (monitoring of movements). Schengen also explains why the “Security Union”5 promoted by Commission President Junker is so important. However, in the area of intelligence, the cooperation tools and structures in the Schengen area are less developed than law enforcement and criminal justice and challenges in information collection, sharing and analysis remain6. This is due in large part to restrictions in the EU Treaties, which excludes “national security” from the EU’s remit (Art. 4 (2) TEU). Given the nature of the current terrorist threat, there is a greater need for cooperation of security services across Europe than in the past. 4 After the Charlie Hebdo attacks and the November terrorist attacks in Paris in 2015, the EU Heads of State or Government and the European Council asked for deeper cooperation between Member States’ security services notably by structuring further their information exchange.7 4 This has been one of the key learning points after 9/11 (Kean/Hamilton (eds), The 9/11 Commission Report: Final Report of the National Commission on Terrorist Attacks Upon the United States. Washington, D.C (2004)) and also one of the conclusions of the report by David Anderson “Attacks in London and Manchester, March – June 2017, Independent Assessment of MI5 and Police Internal Reviews”, of December 2017, https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/664682/Attacks_in_London_and_Manchester_Open_Report.pdf, last visited 6 April 2018). 5 Delivering on the European Agenda on Security to fight against terrorism and pave the way towards an effective and genuine Security Union, Communication from the Commission to the European Parliament, the European Council and the Council, Brussels, 20.4.2016, COM(2016) 230 final. (https:// ec.europa.eu/home-affairs/sites/homeaffairs/files/what-we-do/policies/european-agenda-security/legislativedocuments/docs/201604 20/communication_eas_progress_since_april_2015_en.pdf (last checked on 16 March 107)). The first Commissioner for the Security Union, Sir Julian King, was appointed in September 2016. His mission letter can be found here:https://ec.europa.eu/commission/commissioners/ sites/cwt/files/commissioner_mission_letters/mission-letter-julian-king_en.pdf (last checked on 16 March 2017). 6 See for a comprehensive analysis of the current intelligence and law enforcement architecture in Europe Michael Chertoff et. al, Globsec Intelligence Reform Initiative: Reforming Transatlantic CounterTerrorism, 2016, www.gobsec.org p. 15: “Many national in the EU have integrated their borders without any integration or sufficient cooperation among their intelligence services”. The Honorary Steering Committee of the report are Michael Chertoff, former Secretary of the US Department for Homeland Security, Carl Bildt, former Swedish Prime Minister, John Baron Reid of Cardowan, former Home and Defense Secretary, Member of the House of Lords, UK and Dr. August Hanning, former State Secretary in the Federal Interior Ministry and Director of the Federal Intelligence Service (BND), Germany. 7 Informal meeting of the Heads of State or Government Brussels, 12 February 2015 – Statement by the members of the European Council (http://www.consilium.europa.eu/en/press/press-releases/2015/02/ 150212-european-council-statement-fight-against-terrorism/ (last checked 21 April 2017), European Council Conclusions of 18 December 2015 (http://www.consilium.europa.eu/en/press/press-releases/ 2015/12/18-euco-conclusions/(last checked 21 April 2017).

84

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:23 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

This chapter looks at the various aspects of intelligence in the fight against terrorism, 5 including the differences to traditional counter-espionage and counter-intelligence work, the relevant EU tools as well as limits of EU cooperation and makes some suggestions how cooperation on intelligence could be strengthened in particular in the context of the existing EU treaties.

I. Definition of intelligence? In the US, after 9/11, the US Government introduced a series of reforms in order to 6 remove the walls between agencies, including police and intelligence, in order to ensure that terrorists could not exploit information gaps. However, in the EU context, for cultural, historical and constitutional reasons some Member States insist on strict separation between law enforcement and intelligence information at national level and often argue that, for source protection reasons, intelligence information cannot be shared with law enforcement personnel or other players involved in counter-terrorism. However, many Member States have found ways around these concerns and achieved significant operational success doing so. Therefore the question arises: What is the difference between counter-terrorism 7 intelligence and law enforcement information? What is the definition of intelligence8? This is especially relevant as in many countries, such as Germany, the law enforcement agencies have received additional powers to act to prevent terrorism. With regard to counter-terrorism (CT), law enforcement also “increasingly relies on covert and/or “intelligence techniques”, so the distinction between the two communities can be blurred”9. In addition, criminal law has been adapted over the past years to respond effectively to the evolving terrorist threat. The Council Framework Decision on combatting terrorism as updated in 200810 already includes crimes such as membership in a terrorist organisation and providing terrorist training as well as inciting terrorist acts. Especially in the context of foreign terrorist fighters, with the UN Security Council Resolution 217811, the Council of Europe Additional Protocol to the Convention on Prevention of Terrorism12 and the new EU Directive on combatting terrorism13, criminalisation has been further expanded and includes many preparatory acts, such as preparation of terrorist travel or receiving terrorist training. Hence, criminal law and law enforcement cover actions long before attacks are committed.

8 On the definition see also Warner, Wanted: A Definition of “Intelligence”, Understanding Our Craft, Studies in Intelligence, CIA’s journal, Vol 46 No 3 and Davies, “Ideas of Intelligence Divergent National Concepts and Institutions” Harvard International Review 24,3 (2002), pp. 62–66. 9 Chertoff et. al, Globsec Intelligence Reform Initiative pp. 7. 10 COUNCIL FRAMEWORK DECISION 2008/919/JHA of 28 November 2008 amending Framework Decision 2002/475/JHA on combating terrorism, L 330/21. (http://eur-lex.europa.eu/legal-content/EN/ TXT/PDF/?uri= CELEX:32008F0919&from=EN last checked on 16 March 2016). 11 Adopted on 24 September 2014 http://www.un.org/en/sc/ctc/docs/2015/SCR%202178_2014_EN.pdf (last checked on 16 March 2016). 12 Adopted on 22 October 2015 https://rm.coe.int/CoERMPublicCommonSearchServices/DisplayDCTMContent ?documentId=090000168047c5ea. 13 The European Parliament and the Council reached political agreement on 17 November 2016. The Directive was adopted by the Council on 7 March 107 after the vote of the EP Plenary on 15 February 2017. It was signed on 15 March 2017. The text can be found here: http://data.consilium.europa.eu/doc/ document/PE-53-2016-INIT/en/pdf (last checked on 17 March 2017).

de Kerchove/Höhn

85

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:24 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

Diagram:

law enforcement security and intelligence services prevenon

invesgaon of criminal acts, including preparatory acts prevenon

Despite the various attempts at definition of intelligence information14, a clear cut definition and hence delineation between intelligence and law enforcement information seems to be lacking. Let’ s take the following as a hypothetical example: Let’ s assume that the same information was provided by a third country to the representative of the criminal police of one Member State and to the intelligence officer of another Member State, warning about explosives in a cargo plane that had landed at a European airport on its way to the US. Thanks to this information, the bombs were identified and the attack on the plane was averted. Although it was the same information, in one Member State, it was subsequently treated and transmitted as law enforcement information, in the other Member State as intelligence information. This seems to suggest an organic definition, based on the agency which receives the information. Given the different procedural rules for law enforcement and security services to collect information on citizens at home and fundamental rights protections, the organic approach would in this context suggest that the definition of whether a piece of information is regarded as relevant for law enforcement or for an intelligence agency depends on the body that collected or received it. There is the risk of information being overprotected depending on which route it entered the system. The threshold before security services can act with regard to collection of information tends to be lower, given the procedural protections in the criminal justice context. Security and intelligence services often can collect and store in their databases information, or intelligence, with different threshold than police. An additional question is: are the individual bits and pieces of information already intelligence or just the refined product? It seems that with regard to information found on the battlefield decisions have been made by some allies recently to classify only refined analysis products, which would allow easier sharing of the pieces of information such as from cell phones with law enforcement and other authorities. In the future, States will more and more lose the monopoly over information, including in conflict zones. The trend is already under way. Private organizations either on the ground or via crowd sourcing or other ways on the internet already have a wealth of information today that would be very useful to States. 9 In counter-terrorism, both security services and law enforcement hold valuable information that may be important pieces of the puzzle and which would need to be analysed together (“connect the dots”)15. Both security services and law enforcement are 8

14 On definition of intelligence please see the Omand Means and Methods of Modern Intelligence and their wider implications Part II Chapter II, in this volume. 15 David Anderson in his report writes:” The first step change relates to improvements in the ability of MI5 and police to exploit data to detect activity of concern, particularly on the part of closed subjects of interest but in relation also to active subjects of interest and previously unknown individuals. Two specific strands to this work are proposed: a better strategy for acquiring, analysing and sharing data across intelligence and policing, for example through wider use of bulk personal datasets… Key to this

86

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:24 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

active long before terrorist attacks are committed. While the task of security services is to protect the country from threats, police has both a protective task and in addition a task to help detect, investigate and bring to justice criminal suspects. Prior to the Brussels and Paris attacks, most of the perpetrators had ordinary criminal (but not terrorist) backgrounds. This underlines the need for security and intelligence services and law enforcement personnel to work together in cross-checking and sharing information. Instead of the organic approach, one could rather adopt a functional approach to the delineation – intelligence information to disrupt plots, while law enforcement information serves to collect evidence for investigation and prosecution. One often important distinction is between strategic and operational intelligence. 10 While the latter contains specific information which serves to identify terrorist suspects and disrupt plots, strategic intelligence is the analysis of information that provides the threat picture and serves to inform policy decisions. Criminal intelligence is important in the law enforcement and criminal justice 11 context. Networks have to be identified and dismantled in the context of criminal investigations and prosecutions. Intelligence led policing16 which has been promoted since 9/11 shifts police work from reacting to incidents to a more strategic and proactive approach of interventions, based on analysis and collection of information. While there is no universally accepted definition of intelligence led policing, the following elements seem to be key: “The collection and analysis of information related to crime and conditions that contribute to crime, resulting in an actionable intelligence product intended to aid law enforcement in developing tactical responses to threats and/or strategic planning related to emerging or changing threats.”17

II. Importance of intelligence Both strategic intelligence analysis and operational intelligence are crucial. Intelli- 12 gence is necessary to learn about the functioning, objectives, members, modus operandi and planned attacks of terrorist groups or individuals and to disrupt specific plots before they occur, such as in early 2015 in Verviers, Belgium. With Al Qaeda and even more Daesh this is particularly challenging because of the bottom-up model of terrorism it promotes, called by some the “Uberization” of terrorism: Al Qaeda wanted to centrally plan major attacks. Daesh has conducted and directed attacks, involving returning foreign terrorist fighters it had trained in Syria and Iraq. However, it also encourages, inspires and provides with “how to” information those who have not traveled to Syria and Iraq to commit attacks at home. Daesh has an extremely effective social media strategy to do this, leading to radicalization online of many youth inside the EU. For terrorists who are inspired by Daesh but only have very loose ties to the organization if at all, giving a Daesh label to the attack serves to make it part of a broader, seemingly important cause and provides significance. It is challenging for development is a new commitment by MI5 to allow knowledge derived from intelligence to be shared more widely beyond intelligence circles. This should enable, for example, neighbourhood policing and other agencies to make judgements with a better knowledge of the national security risk, and to implement appropriate local action. Improved flow of information in the other direction also has the potential to contribute to better decision-making at the centre in relation to the risk from closed subjects of interest in particular…” 16 On intelligence-led policing see also Den Boer (2014), in: Duyvesteyn et al (eds), Intelligence-led policing in Europe: lingering between idea and implementation, 113. 17 Carter, D. L. & Carter, J. G. (2009). “Intelligence Led Policing: Conceptual Considerations for Public Policy”. Criminal Justice Policy Review, 20(3), 310–325.

de Kerchove/Höhn

87

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:25 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

services to detect lone actors who are radicalized in their communities and online and have not previously travelled to conflict zones. Diagram:

informaon collecon

informaon sharing

informaon analysis

operaonal execuon

Intelligence sharing is only part of the challenge. Intelligence collection is the crucial first step without which sharing and analysis cannot take place. Human intelligence sources are key, but difficult to introduce into the terrorist environment both in Syria and at home. Investment in this is necessary – in recent years, much investment took place in signal intelligence and analysis of communication of the internet, which is important, but cannot replace human sources. One possibility for collecting intelligence from returning foreign terrorist fighters is in the context of criminal proceedings, where repentant suspects may be offered advantages in terms of sentencing or in prison. The French parliamentary commission of inquiry after the Paris attacks of November 201518 recommends to further explore how to set up a regime for repentant terrorist suspects19. This is also an example of how the criminal justice proceedings can serve to collect intelligence. Several Member States have set up intelligence units in prisons. Investing in cyber capabilities – prevention of attacks and infiltration, detection and observation of communication on the web, including the dark web, big data analytics – is important, given the high capacity of Daesh in cyberspace. 14 In addition, without excellent analysis of the often massive amount of information (tsunami of data), actionable intelligence may be overlooked. Hence, analysis and prioritization is a major challenge. Commissions of inquiry after terrorist attacks often find that data had been available but that some of the attackers had not been regarded as the highest threat or that there had been no indication of involvement in attack planning. Some services are broadening the profiles of their members (recruiting IT experts, sociologists, psychologists, ethnologists etc.) to be more creative and strengthen analysis from all possible angles. Recruiting staff with language skills is also critical. DAESH has recruited foreign terrorist fighters from over 100 countries and communicates in most of the world’s major languages. 15 Hence there is a strong need for Member States to support their security services with the necessary resources, technical capabilities (such as interception on cables) and a legal framework to ensure they can act effectively. The more a country invests in its intelligence service, the more capable it becomes and the more services from other countries want to engage and share. Improvements in the information sharing culture between services will come alongside greater investment in capabilities, hence stronger services at national level increase security across the EU. Alain Bauer points out the paradox that when services are efficient and there are no attacks the budget is often reduced20. 13

18 Commission d’enquête relative aux moyens mis en œuvre par l’État pour lutter contre le terrorisme depuis le 7 janvier 2015 (http://www2.assemblee-nationale.fr/14/autres-commissions/commissions-d-enquete/moyens-pour-lutter-contre-le-terrorisme/(block)/28447 last checked 4 June 2018): Report: http:// www.assemblee-nationale.fr/14/pdf/rap-enq/r3922-t1.pdf (last checked 16 March 2017). 19 Proposition 21: Engager une réflexion sur l’assouplissement du cadre juridique du statut de “ repenti “ dans le domaine du terrorisme. 20 Alain Bauer, “L’avenir du terrorisme”, Institut Diderot, Les Carnets des Dialogues du Matin, Hiver 2015–2016, www.institutdiderot.fr, p. 40.

88

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:25 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

Security and intelligence services also face constraints: To protect sources and 16 methods, the third party rule states that information received from another service may only be shared with the agreement of that service. Services also have to protect their own sources and methods. However, this is not specific to intelligence: law enforcement also has sources in the “milieu” it needs to protect. Infiltrating the mafia can be as deadly as dealing with sources in the counter-terrorism context. The “five eyes”21 – US, UK, Canada, Australia, New Zealand – is the closest and oldest arrangement for intelligence cooperation. There is an agreement of mutual non-espionage among the “five eyes”. Significant amounts of information are shared within this historically tried and trusted framework. But it is not possible for the members to share onwards with others without agreement from the country providing the information. Trust is key in intelligence cooperation. It seems necessary, in counter-terrorism, to move from a need to know to a dare to share culture, not removing the need to know but significantly broadening it. Anderson states in his review related to the recent attacks in the UK: “The decision to allow intelligence-derived knowledge to be shared more widely beyond intelligence circles marks a significant cultural change. It will allow local police and other agencies to be alerted to threats of which they are currently unaware, and should increase the options for addressing those threats.”22

III. Role of intelligence in counter-terrorism, including the US experience Modern terrorism engages both national security and law enforcement issues – Daesh 17 has had both a territorial presence and connections with “homegrown” terrorists. Thus, intelligence must address both of these. Also worth noting is that intelligence is focused on prevention, while law enforcement tends to be focused on criminal acts that have occurred. This division is bridged when laws allow the prosecution of preparatory acts, like conspiracy, terrorist travel, or material support to terrorism. Such laws bring law enforcement more into the prevention arena. In the current threat environment, in particular with regard to Daesh and Al Qaeda, where internal and external threats are closely linked, three elements are key: information collection, sharing and analysis (including prioritization). In counter-terrorism, the role of security and intelligence services is different from the traditional areas of their work. As Alain Bauer points out23, the qualities, methods and mindsets that were required during the Cold War, which was mainly focused on counter-espionage, are not those that apply in the fight against terrorism. While the traditional security and intelligence services should continue if not intensify their work on counter-espionage in the current international context especially with the hybrid threat (influence operations from some third countries), a different culture and approach is necessary for counter-terrorism. Bauer points out that specific counter-terrorism services are lacking – the only one being in New York, created after 9/11 by the New York Police Department (NYPD). The NYPD CT service consists half of military, law enforcement and intelligence officers and half of civilian consultants including university experts, which creates the needed combination of operational and conceptual competence. Services dealing with counter-terrorism in some EU Member 21 On the “five eyes”: Simon Chesterman, One Nation Under Surveillance: A New Social Contract to Defend Freedom Without Sacrificing Liberty, Oxford University Press, 2011. 22 Anderson, December 2017, p. 42. 23 Alain Bauer, “L’avenir du terrorisme”, Institut Diderot, Les Carnets des Dialogues du Matin, Hiver 2015–2016, www.institutdiderot.fr, pp. 20 f, 30 ff, 36 ff.

de Kerchove/Höhn

89

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:26 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

18

19

20

21

22

States are part of a larger structure of a service which has a different culture than that needed for counter-terrorism. According to him, there is often a cultural problem. Traditionally in counterespionage, time is the friend, criminal activities are not being interrupted to detect the whole network and not alert the group that it is being observed. Information is stove piped, closed off, everything is secret. During the Cold War, threats were existential for the existence of the State. This has also been the case with regard to separatist terrorist groups such as the IRA and ETA. In today’s form of terrorism, for counter-terrorism, time is your enemy, the fast moving threat has increased the need to share quickly. It can also prove difficult for officials in services that normally don’t work with certain countries because of espionage to suddenly work with them closely on counter-terrorism. According to Bauer, it is necessary to develop a specific counter-terrorism service (not to restructure the intelligence/security services which should continue their important counter-espionage work), based on the model of NYPD New York. Efficient counter-terrorism work is different from counter-espionage. In today’s form of terrorism, for counter-terrorism, a common, open analysis tool is necessary to also detect weak signals which combines the best minds and all relevant services and operators including public transport and train operators which are now excluded because according to Bauer the intelligence collection (which should be as open as possible), the analysis (which should be as precise as possible) and intervention (of which one should not speak) are mixed up. Today the small action community is regarded as determining everything, although collection and analysis are different and much larger. Conviction is necessary to create change. He also states that terrorists tell a lot about their plans on the internet and that the difficulty is to prioritize the importance of the various targets24. A key challenge in today’s world is how to make sense of the huge amount of information available, hence the analytical capabilities of security authorities are key. Daesh, which is a cross-border phenomenon and has a cross-border strategy, is a common enemy to the services of states and requires a common response. “Need to know” rules have to be broadened with around 5000 foreign terrorist fighters who travelled to Syria and Iraq from the EU and today tens of thousands of Daesh and AQ operatives with the franchises (AQ on 9/11 included around 400 persons). Instead, there is a stronger “need to share”25, or “dare to share”. However, this needs to be done in a way that sufficiently protects sources and methods when and where necessary. In the US, since 9/11, all services contribute to a national counter-terrorism database which is managed by the National Counter-Terrorism Centre (NCTC). From this, names and “selectors” are transferred to a consolidated unclassified watchlist maintained by the Terrorism Screening Centre. This integrated approach allows border guards and other screeners to check travellers against a comprehensive list of terrorist suspects. So far, this seems not to have compromised sources and methods. The need to connect the dots and avoid stovepipes has not only been identified by the 9/11 Commission in the US26 as of major importance in counter-terrorism, but also in

24 Alain Bauer, “L’avenir du terrorisme”, Institut Diderot, Les Carnets des Dialogues du Matin, Hiver 2015–2016, www.institutdiderot.fr, p. 41. 25 On page 3, the policy paper by the European Political Strategy Center – the Commission’s in-house think tank, also stresses the need to share: Towards a ‘Security Union’, Bolstering the EU’s CounterTerrorism Response, Issue 12/2016, 20 April, http://ec.europa.eu/epsc/pdf/publications/strategic_note_issue_12.pdf. 26 Report: https://9-11commission.gov/report/911Report.pdf (last checked 16 March 2017).

90

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:26 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

national Commissions of inquiry in the EU after attacks, such as in France after the attacks of November 2015, which advocates a single counter-terrorism database27 for France. In Europe, cooperation among law enforcement and security services is very different. 23 Europol28 was created about 20 years ago, has around 1000 officers working at its headquarters, and a budget of around 100 million Euros29. In 2016 Europol created a permanent structure for counter-terrorism cooperation with a secure information sharing system connecting the Member States and Europol30, several databases and analytical work files. Operational information garnered from several Member States can therefore be cross-matched and cross-checked. Europol also provides active support to the recent terrorist investigations after the attacks in Paris (November 2015) and in Brussels (March 2016), checking in particular the links across Member States. It also hosts the Internet Referral Unit, monitoring jihadist communications and propaganda online and supporting Member States with internet based investigations. All Member States have Europol Liaison Bureaux in The Hague and at home, a task force of seconded officers of Member States is investigating Daesh (Joint Liaison Team). More and more information is being shared with Europol, which has also cooperative relationships with partner countries such as the US. This is yielding an increase in significant hits and cross-matching referenced on Europol databases. Europol’s new European Counter Terrorism Centre31 combines all of its counter-terrorism tools in a center of excellence, similar to the European Cybercrime Centre (EC3)32 for cybercrime. Europol has made enormous progress since its founding and information sharing on counter-terrorism has massively increased. Contextual and biometric information still needs to be increased33. However, perspective is necessary. Even in the US which, unlike the EU, is a federal state, it took President Hoover 24 several decades to impose the Federal Bureau of Investigation (FBI) on the States. Of course, unlike the US, the EU is not a federal state. Therefore, there will always be cultural, legal, psychological, political and operational barriers that are (much) higher than the barriers ever were between different States of the US. However, this is not a hurdle that the EU could not overcome, at least in the field of counter-terrorism. Another transatlantic difference is the pendulum between privacy/data protection 25 on one hand and security on the other. While the pendulum is on the security end of the scale in the US, in many EU Member States as well as in a number of rulings of the European Court of Justice34, privacy prevails even today. This may have an 27 Proposition no. 17, http://www.assemblee-nationale.fr/14/pdf/rap-enq/r3922-t1.pdf (last checked 16 March 2017). 28 Comprehensive information about Europol can be found at https://www.europol.europa.eu/. 29 Statement of revenue and expenditure of the European Police Office for the financial year 2016 (2016/C 113/30), EU Official Journal. 30 SIENA at the level of EU confidential from autumn 2016. 31 Europol’s European Counter-Terrorism Centre strengthens the EU’s response to terror, https://www. europol. europa.eu/content/ectc. 32 https://www.europol.europa.eu/about-europol/european-cybercrime-centre-ec3 (last checked 16 March 2017). 33 EU Counter-Terrorism Coordinator, JHA agencies’ role in counter-terrorism, doc. 6146/18. 34 Such as the Judgment of the Court (Grand Chamber) of 6 October 2015 (request for a preliminary ruling from the High Court (Ireland)) — Maximillian Schrems (Case C-362/14) concerning data transfers to the US in the context of the Safe Harbour Agreement; Judgment of the Court (Grand Chamber) of 8 April 2014 (requests for a preliminary ruling from the High Court of Ireland (Ireland) and the Verfassungsgerichtshof (Austria)) – Digital Rights Ireland Ltd (Joined Cases C-293/12 and C-594/12) concerning the EU’s data retention directive and Tele2 Sverige AB (Joined Cases C-203/15 and C-698/15) concerning national data retention legislation. Judgment of the Court (Grand Chamber) of 13 May 2014 (Google Spain Case C-131/12) concerning the “right to be forgotten”. Opinion of the Court (Grand Chamber) of 26 July 2017 – European Parliament (Opinion 1/15) on the EU-Canada PNR agreement.

de Kerchove/Höhn

91

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:26 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

26

27

28

29

impact on the willingness to share not only among the Member States but also in the transatlantic context. In general, one can detect a major investment in IT systems, common resources and modern structures for cooperation and information sharing with regard to Europol. Europol has some of the strictest information handling codes of EU Member States and acts as an EU benchmark in this regard35. In line with Article 19 of the Europol Regulation which gives the provider of information to Europol the right to determine the modalities of access and transfer of information to other parties, the handling codes designed by Europol ensure a controlled and predictable handling of information, with a view to respecting the needs of the data owners. For instance, by applying a dedicated handling code, the provider may determine, at the moment when supplying information, approval by the data owner prior to disclosing information in judicial proceedings or to any other third party. This mechanism ensures that Europol can process sensitive information and intelligence for analysis purposes in line with its mandate under the Europol Regulation, thus enabling state-of-the-art data protection in the interest of law enforcement cooperation. On the other hand, the security services, being outside the EU institutional framework, have created a platform but not an institution. The services of several Member States do however come together outside of the EU context in the Counter-Terrorism Group (CTG). Since the call of the European Council in 2015 for closer cooperation among security services and more structured cooperation, there has been a lot of momentum within the CTG to further strengthen cooperation. Thanks to the leadership of the Netherlands Presidency (2016) to further step up cooperation of the security services, the Counter-Terrorism Group is working to strengthen real-time multilateral exchanges and has launched a new platform to facilitate this in mid-2016. It allows electronic information sharing in a common database and permanent closer cooperation between certain services through the secondment of officers. The new platform has already facilitated operational results36. The legal framework also is more challenging as common legislation in the EU context is not possible given that intelligence is defined as a national responsibility. Several European States have modified their national legislation to allow feeding of a multilateral database in the context of intelligence. For some bilateral information sharing is preferable and sufficient with regard to intelligence, as the information that is of interest to a partner country will be shared with that country (“need to know” approach). However, it is not always known to the service of a Member State that particular information would be of interest to another Member State. Another specificity with regard to counter-terrorism is the need to respond quickly to operational intelligence, the speed of reaction is critical to saving lives. Multilateral sharing such as in the context of the CTG platform allows a speedy reaction, it reduces the chance of unintentional gaps (“blind spots”) and allows all those with relevant information to contribute. Those excluded from a series of bilateral exchanges could have vital pieces of relevant information but are not aware of it37. Sharing with law enforcement is often done at national level, so that then law enforcement agencies can share internationally, for example with Europol. It is indeed 35 Chertoff et. al, Globsec Intelligence Reform Initiative, p. 16, see also Ryder, European Criminal Intelligence, Part 3 Chapter 3, in this volume. 36 See Report by the EU Counter-Terrorism Coordinator to the Council, Implementation of the counter-terrorism agenda set by the European Council, Brussels, 20 December 2016, doc 14260/16 ADD 1 EXT 1 p. 17 (http://data.consilium.europa.eu/doc/document/ST-14260-2016-ADD-1-EXT-1/en/pdf last visited on 19 April 2017). 37 Chertoff et. al, Globsec Intelligence Reform Initiative p. 26.

92

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:27 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

very important to share and work closely with law enforcement at national level. Information sharing on counter-terrorism via Europol has massively increased: By the end of 2017, there were more than half a million data objects linked to terrorism in the Europol Information System (EIS)38. In January 2018, the persons linked to terrorism in the EIS (foreign terrorist fighters and their supporters/facilitators) was 46.131, 6.539 provided by EU Member States and 39.592 by third parties. By the end of 2014, just before the Charlie Hebdo attacks in January 2015, the EIS contained 1125 objects (incl. around 350 person entities) linked to terrorism39. It is also important for intelligence and security services to work with the judiciary, 30 which may have information of interest to the services, so there should be close links. Another traditional question is also how to introduce intelligence information in the trial. There are rules in (most) Member States on how intelligence could be transformed into evidence or be used to start a criminal investigation. If information is in the hands of a law enforcement agency there are hardly any restrictions to use it as evidence in court of law (if lawfully collected). However, the use in courts of intelligence collected by intelligence and security agencies is often more complex40. This is being solved in different ways in the various EU Member States and has been discussed by Eurojust most recently at the tactical meeting in June 2016. In many cases, the intelligence information transmitted to law enforcement serves as the beginning of an investigation, in which other evidence is collected, which is admissible in court. Another challenge for security services (and law enforcement/judiciary) is encryp- 31 tion. Terrorists increasingly use the dark net and encryption. The internet companies have strengthened encryption after the Snowden leaks to keep the confidence of customers. In cases of end-to-end encryption created by the customer the companies don’t have the keys. There are complex questions related to encryption, those concerning the judiciary have been discussed by the EU Ministers of Justice at their informal meeting in Bratislava in July 2016 and by the Justice and Home Affairs Council in December 201641 and in December 2017. In October 2017, the Commission suggested a number of measures related to encryption in the criminal justice context, including strengthening Europol’s de-cryption capabilities42. Big data is an opportunity and a challenge for security services – services need to 32 adapt, including with regard to technology, to benefit in the best possible way from the 38 53 % of the total number of data objects, compared to 3.9 % of data objects linked to counter terrorism by the end of 2016. For more information on the EIS, see the Europol website: “The Europol Information System (EIS) is Europol’s central criminal information and intelligence database. It covers all of Europol’s mandated crime areas, including terrorism”. (https://www.europol.europa.eu/activities-services/services-support/information-exchange/europol-information-system last checked on 4 January 2018). 39 EU Counter-Terrorism Coordinator, JHA agencies’ role in counter-terrorism, doc. 6146/18 ADD 1/ EXT 1. 40 There are procedures in some Member States that allow the Court to review intelligence information in camera. The European Court of Justice rules of procedure have been adjusted for the Court to be in a position to hear and receive classified material, but this procedure has not yet been used. DECISION (EU) 2016/2386 OF THE COURT OF JUSTICE of 20 September 2016 concerning the security rules applicable to information or material produced before the General Court in accordance with Article 105 of its Rules of Procedure OJ L 355/5 (https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016D2386&from=EN last checked 18 May 2018). 41 Based on a discussion paper by the Presidency http://data.consilium.europa.eu/doc/document/ST14711-2016-INIT/en/pdf (last checked 16 March 2017). Outcome of the Council meeting: file:///C:/Users/ hoehnch/Downloads/st15391.en16 %20(1).pdf (last checked 16 March 2017). 42 Eleventh progress report towards an effective and genuine Security Union, Brussels, 18.10.2017 COM (2017) 608 final, COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE EUROPEAN COUNCIL AND THE COUNCIL.

de Kerchove/Höhn

93

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:27 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

available information on the internet, which has increased exponentially from the past. However, the recent Tele2 ruling43 of the European Court of Justice which does not allow to impose an obligation of generalized data retention on private telecommunications companies may have serious consequences: as the traffic data may no longer be available and the content may be encrypted, there may be the risk for security services that they go dark with regard to terrorist communication. That would benefit no-one.

B. The EU framework with regard to intelligence I. Art. 4 (2) TEU The key provision in this context is Art. 4 (2) TEU: “National security remains the sole responsibility of each Member State.”44 This is being interpreted, in particular by the security services of certain Member States, as excluding the regulation of cooperation and functioning of intelligence services from the remit of the EU. However, there has never been an interpretation of Art. 4 (2) TEU45 by the European Court of Justice (ECJ) or the Council Legal Service. This could change: In 2017, the United Kingdom’s Investigatory Powers Tribunal has made a preliminary reference to the ECJ to clarify whether the powers of the security and intelligence agencies to collect and access bulk communications data fall within the scope of EU law46. This could lead to an interpretation of the term “national security” by the ECJ. 34 On the other hand, internal security is a shared competence between the EU and the Member States, Art. 67 ff TFEU. This is interpreted as law enforcement cooperation. Information exchange between all relevant security stakeholders at EU level, including the security services and law enforcement authorities, is possible under Art. 67 (3) TFEU which sets out that the EU shall endeavour to ensure a high level of security through measures for “coordination” and “cooperation” between police, judicial and other competent authorities.47 The “new settlement for the UK within the EU” drawn up before the Brexit referendum, which has not entered into force due to the “no” vote, reconfirmed Art. 4 (2) but also recognized the benefits of collective action: “Article 4(2) of the Treaty on European Union confirms that national security remains the sole responsibility of each Member State. This does not constitute a derogation from Union law and should therefore not be interpreted restrictively. In exercising their powers, the 33

43 Judgment of the Court of 21 December 2016, Joined Cases C‐203/15 and C‐698/15. http://curia. europa.eu/juris/document/document.jsf?text=&docid=186492&pageIndex=0&doclang=en&mode=lst&dir=&occ=first&part=1&cid=820024 (last checked 17 March 2017). According to the ECJ, generalized data retention contradicts the structure of the e-privacy directive, the secondary law upon which Member States’ data retention legislation is based, as well as the necessity/proportionality principle with regard to the rights of privacy and data protection based on the Charter of Fundamental rights. 44 This has been reiterated in the draft Decision of the Heads of State or Government, meeting within the European Council, concerning a New Settlement for the United Kingdom within the European Union: “Article 4(2) of the Treaty on European Union confirms that national security remains the sole responsibility of each Member State. This does not constitute a derogation from Union law and should therefore not be interpreted restrictively. In exercising their powers, the Union institutions will fully respect the national security responsibility of the Member States.” However, this draft decision is void as the British referendum turned out in favour of the Brexit. 45 For a discussion of the definition of “national security” see Sule, National Security and EU law restraints on Intelligence Activities, Part 4 Chapter 2, in this volume. 46 Privacy International v Secretary of State for Foreign and Commonwealth Affairs et al, http://www. ipt-uk.com/judgments.asp (last visited on 16 January 2018). 47 See Chertoff et. al, Globsec Intelligence Reform Initiative p. 6.

94

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:28 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

Union institutions will fully respect the national security responsibility of the Member States. The benefits of collective action on issues that affect the security of Member States are recognised.”48 But what is the difference between national and internal security? How does this 35 relate to European security? One could argue that today, given the Daesh operating methods which are transnational and include cells spanning across several Member States, preparing the attack in one Member State and carrying it out in another, the concept of European security has to be added to national security, as national security does not capture exhaustively all the threats that a country faces. If this is the case, not all cooperation of security services at European level can possibly be excluded from the EU level. In addition, Art. 73 TFEU states that “it shall be open to Member States to organize 36 between themselves and under their responsibility such forms of cooperation and coordination as they deem appropriate between the competent departments of their administrations responsible for safeguarding national security.” The EU Treaties attribute competences to the European Union. A provision about possibilities for Member States to cooperate on issues of their sole responsibility is not necessary: Member States can do as they please in these areas with or without mention in the Treaty. Hence the article is a tautology. An explanation for this could be that some Member States had not been happy about Art. 4 (2) TEU and hence Art. 73 TFEU is there to accommodate those Member States and compensate for Art. 4 (2). Hence, the article is not a necessary condition for Member States’ security services to work together more closely, but it is interesting that it has been taken up in the EU Treaties. Another interpretation is that there is no tautology, that there must be a legal explanation for the article. This sense could be an encouragement of Member States to cooperate in this area.

II. Challenges for the EU with regard to counter-terrorism and intelligence As pointed out above, in counter-terrorism it is crucial to have the full information 37 picture and to collect, analyse and share as much information as possible. Hence close cooperation between law enforcement and security services is a “must” and stovepipes and artificial walls need to be avoided. It is therefore a challenge for EU counterterrorism cooperation that law enforcement cooperation takes place within the EU context and cooperation of security services outside of it. Despite these challenges, there are a number of tools and interfaces at the EU level that are relevant to security services which are explained below. Art. 4 (2) TEU has not prevented the European Council, institution of the EU, to ask 38 security services to cooperate more closely. EU leaders have indicated that deepening and structuring better the cooperation among security services is a priority in counterterrorism: At the informal meeting of the Heads of State or Government Brussels, 12 February 2015, the members of the European Council stated: “We ask that…Member States’ security services deepen their cooperation.” This was reiterated in the Conclusions of the European Council on 18 December 2015: “The commitment made by the Heads of State or Government last February for deeper cooperation between security services should be further pursued, in full respect of Member States’ sole responsibility 48 A New Settlement for the United Kingdom within the European Union, Decision of the Heads of State or Government, meeting within the European Council, concerning a New Settlement for the United Kingdom within the European Union, OJ C 69I, 23.2.2016, p. 1.

de Kerchove/Höhn

95

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:28 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

for national security, notably by structuring further their information exchange so that interested Member States can engage in enhanced joint operational threat analysis.” 39 So far, this deepening and structuring of the cooperation is taking place in the context of the CTG, as referred to in the joint statement of EU Ministers for Justice and Home Affairs and representatives of EU institutions on the terrorist attacks in Brussels on 22 March 2016: “Ministers are convinced of the need to […] fully support the work of the Counter Terrorism Group (CTG), in particular by further accelerating the establishment of a dedicated platform for real time, multilateral information exchange.”

III. EU tools in the area of intelligence There are some EU tools specifically related to intelligence49.

40

1. EU Intelligence and Situation Centre (INTCEN)50 41

The EU Intelligence and Situation Centre (INTCEN)51 is located in the European External Action Service (EEAS). It deals with strategic intelligence analysis, not operational intelligence. It relies on contributions from the security and intelligence services of EU Member States and is staffed with seconded experts from the services as well as with EU officials. Together with the EU Military Staff Intelligence Directorate it creates joint civil/military situational analysis and strategic foresight (Single Intelligence Analysis Capacity) for the EEAS, the Commission, the Council, and the Military Committee, as well as for Member States via the dedicated Council structures (COSI, JHA, PSC, FAC). The more timely intelligence contributions from the EU Member States, the better and more detailed the reports are. A counter-terrorism team within the INTCEN staffed by experts from CTG services is providing strategic analysis on the various aspects of the terrorist threat to Europe. Its work plan is established in close consultation with the CTG, with additional input by the EU Counter-Terrorism Coordinator and by the Commissioner for the Security Union to ensure that INTCEN’s strategic analysis covers the most important policy areas. Accurate strategic intelligence is important to make appropriate policy choices. Regional teams, such as for North Africa and the Middle East, also contribute to analysis relevant to the terrorist threat in the respective regions. Together with the EUMS Intelligence Directorate, INTCEN is considered by the EU Member States intelligence and security services to be the main 49 Regarding the emerging role of the European Union (EU) as a security and intelligence actor from the perspective of counter-terrorism see also Den Boer, Intelligence and National Security, 2015, 402 ff. On EU, CT and intelligence see also Kaunert/Léonard, European security, terrorism and intelligence: Tackling new security challenges in Europe, 2013. On the emergence of an EU strategic intelligence community as a complex multi-dimensional networked construction see also Gruszczak (2016), Intelligence Security in the European Union. For an older description see also Hertzberger (2007), Counter-terrorism intelligence cooperation in the European Union, Turin, UNICRI. (https://warwick.ac. uk/fac/soc/pais/people/aldrich/vigilant/eveline._hertzberger.intelligence_cooperation_eu.pdf last visited 16 January 2018) and Müller-Wille, For our eyes only, Shaping an intelligence community within the EU, EUISS. (2004) (https://www.iss.europa.eu/sites/default/files/EUISSFiles/occ50.pdf last checked on 16 January 2018). 50 For a more detailed description and analysis of INTCEN see the chapters by Rauwolf, Intelligence in EU-led military missions and operations, Part 2 Chapter 4, in this volume and Palacios, EU intelligence: On the road to a European Intelligence Agency?, Part 3 Chapter 1, in this volume. See also Fägersten (2015), Intelligence and decision-making within the Common Foreign and Security Policy, (http://www. sieps.se/en/publications/2015/intelligence-and-decision-making-within-the-common-foreign-and-security-policy-201522epa/Sieps_2015_22epa? last visited 16 January 2018). 51 See fact sheet https://eeas.europa.eu/factsheets/docs/20150206_factsheet_eu_intcen_en.pdf.

96

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:29 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

gateway for strategic intelligence to the EU. In addition to the intelligence analysis division, it also has an open source intelligence division, which also researches in social media, the EU Situation Room (providing 24/7 situational awareness based on media monitoring) and a Consular Crisis Management Division to support cooperation and coordination between the Member States and the EU delegations in the consular field.

2. Passenger Name Record (PNR) The EU PNR52 was adopted in April 2016. Again, it is an instrument for preventing, 42 detecting, investigating and prosecuting terrorist offenses53. The objectives include “to ensure security, to protect the life and safety of persons”54. The preamble also states that “assessment of PNR data55 allows identification of persons who were unsuspected of involvement in terrorist offences or serious crime prior to such an assessment and who should be subject to further examination by the competent authorities. By using PNR data it is possible to address the threat of terrorist offences and serious crime from a different perspective than through the processing of other categories of personal data.”56 Given the importance of the PNR to detect unknown terrorist suspects, it is a very 43 relevant tool for the security services. A number of directors of security services of EU Member States have briefed their national members of the European Parliament on the importance and necessity of an EU PNR. Prior to the adoption of the EU PNR, the EU had already concluded PNR Agree- 44 ments with the US, Canada57 and Australia58. A second PNR agreement with Canada was signed in 201059. Taking the EU-US Agreement as an example, the purpose is “to ensure security and to protect the life and safety of the public”60. The PNR data is used by the US “for the purposes of preventing, detecting, investigating and prosecuting terrorist offenses and related crimes.”61 With regard to privacy and data protection, 52 Directive of the European Parliament and of the Council on the use of Passenger Name Record data for the prevention, detection, investigation and prosecution of terrorist offenses and serious crime, Provisional edition P8?TA-PROV (2016)0127, http://data.consilium.europa.eu/doc/document/PE-712015-INIT/en/pdf (last visited 17 March 2017). 53 Art. 1.2 PNR directive. 54 Para 5 of the preamble of the PNR directive. 55 Art. 6 of the PNR directive sets out the conditions for the processing, such as the principles of nondiscrimination and that positive results from automated matching need to be reviewed by non-automated means. The PNR data can be compared against databases relevant for the purposes of preventing, detecting, investigating and prosecuting terrorist offences and serious crime and against pre-determined criteria. 56 Para 7 of the preamble of the PNR directive. 57 Agreement between the EC and the Government of Canada on the processing of Advance Passenger Information and Passenger Name Record data, Official Journal of the EU L82/15 of 21.3.2006. This PNRCanada agreement from 2006 is no longer in force. It was linked to Decision 2006/253 (COMMISSION DECISION of 6 September 2005 on the adequate protection of personal data contained in the Passenger Name Record of air passengers transferred to the Canada Border Services Agency) which expired in September 2009. 58 Agreement between the EU and Australia on the processing and transfer of Passenger Name Record data by air carriers to the Australian Customs and Border Protection Service, Official Journal of the EU L186/4 of 14.7.2012. 59 Starting in 2010, the EU and Canada negotiated a new PNR agreement, which was signed in 2014. The Council of the EU requested the European Parliament to approve it. 60 Art. 1 of the Agreement between the USA and the EU on the use and transfer of passenger name records to the US Department of Homeland security, Official Journal of the EU L215/5 of 11.8.2012. 61 Art. 4.1.a of the EU-US PNR Agreement. Art. 18 of the EU-US PNR Agreement states that “Consistent with existing law enforcement or other information-sharing agreements or arrangements between the US and any EU Member States…DHS shall provide to competent police, other specialised law enforcement or judicial authorities of the EU Member States…analytical information obtained from

de Kerchove/Höhn

97

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:29 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

many issues have arisen. All agreements contain safeguards for data protection. The draft EU-Canada Agreement signed in 2014 was referred by the European Parliament to the European Court of Justice, which provided an opinion on compatibility with EU law before conclusion62. The agreement has to be re-negotiated to comply with the ruling63.

3. EU-US Terrorist Financing Tracking Programme (TFTP) The EU-US TFTP64 is an instrument not only used for investigation and prosecution of terrorism and terrorism financing, but also for prevention and detection purposes, hence very early in the process65. Therefore, the TFTP is not only a law enforcement tool, but also an intelligence tool to collect information and detect terrorist (financing) networks at very early stages relevant for security services. This shows that in some areas, where it seems beneficial, Member States accept that the EU concludes agreements related to intelligence collection. Information obtained via the TFTP is provided to “law enforcement, public security, or counter terrorism authorities of Member States…for the purpose of the prevention, investigation, detection or prosecution of terrorism and terrorist financing.”66 Hence security services can benefit from the information of the TFTP. Requests to the US can be sent by Member States and Europol, and the US can share information on its own initiative. 46 By the end of 2017, 66,086 intelligence leads have been provided by the TFTP (Art. 9 and 10) since it came into force in 2010, including more than 30,117 leads specific to travelling foreign terrorist fighters (Syria/Iraq/IS). There has been a 20 % increase in the number of intelligence leads provided by the Terrorist Finance Tracking Programme (TFTP) in 2017, compared to 201667. More than 89 % of the intelligence leads from the TFTP were generated since January 2015. From an overall perspective, the TFTP has proven to be a valuable tool in counter terrorism investigations: it enhances the ability to map out terrorist networks, often filling in missing links in an investigative chain. However, EU/SEPA transactions are excluded from the TFTP, hence an EU Terrorist Financing Tracking System complementary to the TFTP could be considered68. 45

PNR in those cases under examination or investigation to prevent, detect, investigate or prosecute within the EU terrorist offences…” 62 The EP had referred the draft PNR agreement with Canada to the ECJ to ascertain compatibility with EU law (Case No. C-1/15). The press release on the opinion of the ECJ of July 2017 can be found here: https://curia.europa.eu/jcms/upload/docs/application/pdf/2017-07/cp170084en.pdf (last checked on 4 January 2018), Opinion of the Court (Grand Chamber) of 26 July 2017 – European Parliament (Opinion 1/15), http://curia.europa.eu/juris/document/document.jsf?text=&docid=194498&pageIndex=0&doclang=en&mode=lst&dir=&occ=first&part=1&cid=647080 (last checked on 4 January 2018). 63 The fundamental rights protection related to these instruments is set out in more detail in the chapter by Schmahl, Intelligence and Human Rights, Part 4 Chapter 1, in this volume. 64 Agreement between the European Union and the USA on the processing and transfer of Financial Messaging Data from the European Union to the US for the purposes of the Terrorist Finance Tracking Program, Official Journal of the European Union L195/5 of 27.7.2010. For more information see http://ec. europa.eu/dgs/home-affairs/what-we-do/policies/crisis-and-terrorism/tftp/index_en.htm. 65 Art. 1.1.a of the EU-US TFTP Agreement. 66 Art. 1.1.b of the EU-US TFTP Agreement. 67 EU Counter-Terrorism Coordinator, JHA agencies’ role in counter-terrorism, doc. 6146/18 ADD 1/EXT 1. 68 See report by the EU Counter-Terrorism Coordinator to the Council, State of play on the implementation of the statement of the Members of the European Council of 12 February 2015, the JHA Council Conclusions of 20 November 2015 and the Conclusions of the European Council of 18 December 2015, 4 March 2016, doc. 6785/16. About the benefits of the agreement in practice, in particular in the context of investigations see also the Joint Report from the Commission and the US Treasury Department regarding the value of TFTP Provided Data pursuant to Art. 6 (6) of the Agreement between the European Union and the USA on the processing and transfer of Financial Messaging Data from the European Union to the US for the purposes of the Terrorist Finance Tracking Program.

98

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:30 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

4. Financial Intelligence Units: FIU.net within Europol – secrecy by design FIU.net is a decentralised computer network69 to facilitate the exchange of informa- 47 tion between the Financial Intelligence Units (FIUs) in EU Member States. FIUs are mandatory state agencies that handle financial intelligence. Their cooperation is based on community legislation70 concerning arrangements for cooperation between financial intelligence units of the Member States in respect of exchanging information to compensate the open borders in the single market which also affect terrorist financing. To improve the international exchange of financial intelligence, the FIUs in France, Italy, Luxembourg and the United Kingdom joined the FIU in the Netherlands with the financial support of the European Commission. The system began in 2004 and was developed over the next decade. As of 2015 all EU FIUs were connected. The information exchanged on FIU.net includes suspicious transaction reports (STRs) and Suspicious Activity Reports (SARs)71. Each FIU stores the received financial information in its own local FIU.net database, in the FIU premises, and can share that information directly through their local application server. Hence, there is no single database in the FIU.net system. Under the auspices of the Commission, FIU.net was embedded into Europol on 1 January 2016. FIU.net is not connected to the other databases of Europol, but it is part of the Horizontal Operations Support of EUROPOL. FIU.net makes use of Ma3tch72, a technology that allows connected FIUs to match 48 and compare their data with data stored by other FIUs and detect subjects of their interest in other countries, without initially disclosing the data held. Ma3tch allows autonomous pseudonymised analysis. The data in Ma3tch is ‘hashed’: FIU.net transforms the data of each subject in a dedicated alphanumeric code. Only those lists of alphanumeric code will be shared with all FIUs through their FIU.net local application servers. The original personal data cannot be derived but FIUs can perform hit/no-hit searches: an FIU will only see hits relevant to the subjects they already know and whose alphanumeric code have been shared. The Ma3tch process identifies relevant information and knowledge links between all parties in real time, even though no sensitive information is exchanged, all organizations can identify where and when other relevant information is available. Overall, Ma3tch technology has an interesting approach worth studying and developing further which may in the future also inspire the private matching of information in other areas. A national FIU can make a request to its counterpart in another EU Member State. 49 FIU.net gives national FIUs the possibility to communicate and cross-check data “FIU to FIU” in real time. Europol offers to FIUs the possibility to cross-check their own data against High-Value Targets from Europol database, using the Ma3tch technology. In April 2018, the Commission made a legislative proposal to facilitate access of law enforcement authorities (as well as Europol) to information of FIUs and vice-versa and to facilitate the cooperation between the FIUs of Member States. It includes the obligation for FIUs to reply to information requests by FIUs of other Member States 69 For more information on FIU.net see https://www.europol.europa.eu/about-europol/financial-intelligence-units-fiu-net (last checked on 4 June 2018). 70 2000/642/JHA Council Decision of 17 October 2000 and EU Directive 2015/849 (4th AMLD). 71 Those are disclosures made to an FIU by an entity (financial institutions, professionals etc.) whenever required (by applicable legislation/regulations) to provide the information, based on any type of suspicion of money laundering or terrorist financing. 72 For a detailed explication of Ma3tch, on which our description is based, see Udo Kroon, Ma3tch: Privacy AND Knowledge ‘Dynamic Networked Collective Intelligence’, 2013 IEEE International Conference on Big Data (http://ieeexplore.ieee.org/document/6691683/).

de Kerchove/Höhn

99

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:30 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

within short deadlines73. In some Member States, the FIU is part of the first circle of security/intelligence services.

5. Common risk indicators for security checks of EU nationals at external borders 50

As requested by the European Council74, in 2015, the Commission, in cooperation with Member States, Europol and Frontex developed common risk indicators for security checks of EU nationals at external borders. In cases where systematic checks of databases for all travelers are not possible, the risk indicators, which have been further operationalized by Frontex, allow targeted checks of those travelers that seem to pose the greatest risk. To identify these risks and their indicators, inputs from the relevant authorities of the Member States have been crucial. The operational plans of respective joint operations coordinated by Frontex have been amended and contain instructions for the identification of foreign terrorist fighters through crosschecking with the relevant databases, using the Common Risk Indicators. It requires the referral of potential subjects of interest for detailed second line screening and if necessary foresees onward referral to the national security and intelligence services75.

6. Risk assessment methodology developed by the Commission (DG HOME) for air cargo (aviation security) and beyond 51

In 2010, the Commission indicated its intention to “further develop the EU regime for aviation and maritime security, based on continuous assessment of threat and risks”76, hence introducing the concept. The threat and risk assessment methodology was initially developed in the area of air cargo and then expanded to aviation security. In 2012, the Council “welcom[ed] the implementation, of air cargo security control measures based on joint threat and risk assessments and the reassessments of the threats and risks to aviation security related to liquids, aerosols and gels with a view to support related policy making” and concluded: “The Council requests the Commission, the 73 17.4.2018 COM(2018) 213 final 2018/0105 (COD) Proposal for a DIRECTIVE OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL laying down rules facilitating the use of financial and other information for the prevention, detection, investigation or prosecution of certain criminal offences and repealing Council Decision 2000/642/JHA {SWD(2018) 114 final} – {SWD(2018) 115 final}. 74 Informal meeting of the Heads of State or Government Brussels, 12 February 2015 – Statement by the members of the European Council: “full use be made of the existing Schengen framework to reinforce and modernise external borders’ control: we agree to proceed without delay to systematic and coordinated checks on individuals enjoying the right of free movement against databases relevant to the fight against terrorism based on common risk indicators; the Commission should issue rapidly operational guidelines for this; we will also consider a targeted amendment to the Schengen Borders Code where necessary to provide for permanent checks, based on a proposal by the Commission”. 75 For an overview of the implementation of the Common Risk Indicators see the report by the EU Counter-Terrorism Coordinator to the Council, State of play on the implementation of the statement of the Members of the European Council of 12 February 2015, the JHA Council Conclusions of 20 November 2015 and the Conclusions of the European Council of 18 December 2015, 4 March 2016, doc. 6785/16 (http://data.consilium.europa.eu/doc/document/ST-6785-2016-INIT/en/pdf last checked on 17 March 2017) as well as the report by the EU Counter-Terrorism Coordinator to the Council of 20 December 2016: Implementation of the counter-terrorism agenda of the European Council, doc. 14260/16 EXT 1 (http://data.consilium.europa.eu/doc/document/ST-14260-2016-EXT-1/en/pdf last checked on 17 March 2017) and ADD 1 EXT 1 (http://data.consilium.europa.eu/doc/document/ST14260-2016-ADD-1-EXT-1/en/pdf last checked on 17 March 2017); EU Counter-Terrorism Coordinator, JHA agencies’ role in counter-terrorism, doc. 6146/18 ADD 1/EXT 1. 76 “The EU Internal Security Strategy in Action: Five steps towards a more secure Europe”, Communication from the Commission to the European Parliament and the Council, 22.22.2010, COM(2010) 673 final.

100

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:31 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

High Representative and the Member States, in accordance with their respective roles and areas of competence, to consider extending the risk assessment activities hitherto conducted on air cargo and liquid explosives, to other domains of aviation security to be commonly agreed upon in the remit of Regulation 300/2008 to support risk based policy making. Due consideration should be given to relevant data for aviation security.”77 The risk assessment methodology has been developed by the Commission jointly with Member States and with strong support from EU INTCEN. Member States determine which authorities participate in the meetings, de facto, often, security services participate in the risk assessment. It has been extended to many other areas relevant to Commission competence both in aviation security and outside (transport security, supranational risk assessment for anti-money laundering and counter-terrorist financing, energy security, customs security etc). With regard to air cargo: Generally, air carriers that fly air cargo or mail into the EU 52 from a non-EU airport are required to comply with the EU ‘Air Cargo or Mail Carrier operating into the Union from a Third Country Airport’ (ACC3) programme78. ACC3 designation is required for each non-EU airport from which an air carrier flies air cargo or mail to the EU. However, the EU ACC3 requirements are waived for cargo and mail operations from origins with robust aviation security measures and with an established low risk, as identified through an EU Risk Assessment. These origins are laid down in Attachment 6-F to Regulation (EU) No 185/2010.79 At the same time, additional rules apply to cargo and mail that has been identified, again through an EU Risk Assessment, as high risk-cargo and mail. According to Art. 6 of the Anti-Money Laundering (AML) directive, the Commission 53 is carrying out supranational risk assessments for the EU related to AML and counter terrorist financing while Member States carry out their national risk assessments. The Commission, in close consultation with Member States, identifies common systemic risks across the EU and suggests mitigating measures. The latest risk assessment was published in June 201780.

7. European Union Satellite Centre (SATCEN) The EU SATCEN is a CFSP (Common Foreign Security Policy) instrument and was 54 incorporated as an agency into the EU in 2002. It provides Geospatial Inteligence (GEOINT) and Imagery Intelligence (IMINT) products to EU institutions, CSDP missions, JHA agencies and Member States upon request. It is pooling and sharing knowhow and services by providing analysis products, training and working to improve capabilities. SATCEN’s sources of satellite data are commercial providers and governmental satellite imagery from EU Member States. With regard to CT, “EU SatCen provides geospatial analysis of specific aspects of terrorism activity like terrorist training 77 Council Conclusions on aviation security against terrorist threats, December 2012, doc 17008/12 (http://register.consilium.europa.eu/doc/srv?l=EN&f=ST%2017008%202012%20INIT last visited 21 April 2017). 78 See http://ec.europa.eu/transport/modes/air/security/cargo-mail/non-eu_en.htm. 79 For security reasons, this attachment is not made public and only made accessible by Member States authorities based on a ‘need-to-know’. For further information on ACC3 see European Commission, Focus on ACC3 requirements Answers to the most frequently asked questions on EU regulations for inbound air cargo and mail VERSION 1.1, http://ec.europa.eu/transport/modes/air/security/cargo-mail/ doc/qa1082v11.pdf. 80 Report from the Commission to the EP and the Council on the assessment of the risks of money laundering and terrorist financing affecting the internal market and relating to cross-border activities, COM/2017/0340 final, https://publications.europa.eu/en/publication-detail/-/publication/ce3cb15d-5a5a11e7-954d-01aa75ed71a1/language-en (last visited 4 April 2018) and SWD (2017) 241 final.

de Kerchove/Höhn

101

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:31 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

camps or weapons smuggling. Satellite imagery, in conjunction with other spatial data, is also used for the development of spatial models of vulnerability to terrorism threats.”81

C. Relevant interfaces between EU tools and security services 55

In addition to EU tools which are related to intelligence, there are a number of interfaces which make other EU tools relevant for security services82. Combatting current and future security challenges would benefit from improved cooperation between the law enforcement, intelligence and military as well as IT security communities. Too much useful information lives and is contained within the silos of these individual communities for the moment.

I. Schengen Information System (SIS) II83 The SIS II is a flanking measure to compensate the abolishment of internal border controls in the Schengen area: In the context of the fight against terrorism, information about foreign terrorist fighters and other terrorist suspects is added by Member States to the database, so that in the context of border controls or checks within the Schengen area information on terrorist suspects from all Schengen partners (and the UK, which participates in the law enforcement part of the SIS II) is available. It is crucial that information on suspected foreign terrorist fighters and other terrorist suspects is entered into the SIS II systematically84 and that the database is checked systematically at the EU’s external borders85. SIS II generates leads about the movement of terrorist suspects and hence enhances the intelligence picture. 57 Art. 36 (3) of the SIS II Council Decision provides the possibility for security services to enter information into the SIS II for discrete checks, hence this is a link, an entry point for services to an EU system: 56

81 https://www.satcen.europa.eu/services/general_crime_and_security_surveillance (last visited on 17 January 2018) A good overview of SATCEN’s activities can be found in its Annual Report 2016 (https://www.satcen.europa.eu/key_documents/EU%20SatCen%20Annual%20Report% 20201658e24cb1f9d7202538bed52b.pdf last visited on 17 January 2018). 82 See also the speech by the Director General of the British MI5 Andrew Parker to the BfV Symposium in Berlin on 14 May 2018 (https://www.mi5.gov.uk/news/director-general-andrew-parker-speech-to-bfvsymposium last checked on 11 June 2018): “National level and multilateral security work between European nations draws strength from a range of important EU systems and arrangements. Exchanging data through EU law enforcement databases, and Passenger Name Records on the travel of terrorist subjects across Europe provides vital intelligence.” 83 Comprehensive information about the SIS II can be found on the Commission’s website at http:// ec.europa.eu/dgs/home-affairs/what-we-do/policies/borders-and-visas/schengen-information-system/ index_en.htm. 84 Conclusions of the European Council of 18 December 2015 “ensuring the systematic entry of data on foreign terrorist fighters into the Schengen Information System II”, doc EUCO 28/15. 85 Conclusions of the European Council of 18 December 2015: “It is also crucial that Member States implement systematic and coordinated checks at external borders, including on individuals enjoying the right of free movement.” In line with the mandates given by the JHA Council in November 2015 and by the European Council in December 2015, a targeted amendment of the Schengen Borders Code was adopted in 2016 to introduce mandatory systematic checks at external land, sea and air borders with regards to Union citizens and other persons enjoying the right of free movement, who would be checked systematically against relevant databases. The systematic checks of Union citizens in the databases are done on a “hit/no hit” basis, using the databases in such way that personal data rights are only impacted to a very limited extent justified by the security objectives.

102

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:32 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

“In addition, an alert may be issued in accordance with national law, at the request of the authorities responsible for national security, where there is concrete indication that the information referred to in Article 37(1) is necessary in order to prevent a serious threat by the person concerned or other serious threats to internal or external national security. The Member State issuing the alert pursuant to this paragraph shall inform the other Member States thereof. Each Member State shall determine to which authorities this information shall be transmitted.”86 In its conclusions on 20 November 2015, the JHA Council stated that “Member States will ensure that national authorities enter systematically data on suspected foreign terrorist fighters into the SIS II, in particular under Article 36.3, carry out awareness raising and training on the use of the SIS and define a common approach to the use of the SIS II data relating to foreign fighters.”87 Increasingly, security services in EU Member States are feeding and using the SIS II 58 databases, especially in the context of foreign terrorist fighters. There are differences among Member States: Some enter foreign terrorist fighters under the law enforcement provision of 36.2, others under the intelligence provision of Art. 36.3. Work has been undertaken in the past years to optimize and harmonize the use of the SIS II in the context of foreign terrorist fighters, for example by identifying criteria for the insertion of a person in this context and by adding a terrorist marker. Under the Netherlands Presidency, the JHA Council adopted a roadmap in June 2016 identifying a number of measures to further improve the use of the SIS II in the context of foreign terrorist fighters. In some Member States, there are obstacles for services to feeding the SIS II, for 59 example in the case of need for the authorization by a judge or prosecutor to enter a name88. It is important to identify and address potential obstacles both at national and European level. It is also important to exchange experiences of the services with the use of the SIS II, as well as to harmonize the actions to be taken in case of a hit and to train the border guards and police officers accordingly. While there is no explicit provision of access for security services to the SIS II in the current legislation, such access for queries would be possible if a member of the service was seconded to the national SIRENE bureau. Then the SIS II data could be run against the databases of the service. Granting explicit access to the SIS II to security services (or the possibility to designate security services as competent authorities under the regulation) will be an important question in the context of the update of the SIS II regulation89. Access to the SIS II for security services is important. Another important question is the mutualisation of the hits after a hit has occurred: 60 So far, only the Member State providing the information relevant for the hit and the Member State where the hit occurs are informed of the hit90. However, in the Schengen zone, it is relevant for all Member States to know when and where a foreign terrorist 86 Council Decision 2007/533/JHA of 12 June 2007 on the establishment, operation and use of the second generation Schengen Information System (SIS II), Official Journal of the European Union L 205/ 63 of 7.8.2007. 87 Conclusions of the Council of the EU and of the Member States meeting within the Council on Counter-Terrorism, 20 November 2015, doc 14406/15. 88 Reasons for these obstacles may include national fundamental rights related principles. 89 Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on the establishment, operation and use of the Schengen Information System (SIS) in the field of police cooperation and judicial cooperation in criminal matters, amending Regulation (EU) No 515/2014 and repealing Regulation (EC) No 1986/2006, Council Decision 2007/533/JHA and Commission Decision 2010/261/EU – COM/2016/0883 final – 2016/0409 (COD). 90 The SIS works on a hit/no hit basis: For example, a name is being checked in the database, if an alert is in the system there is a “hit”.

de Kerchove/Höhn

103

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:32 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

fighter has re-entered the EU or been intercepted within the EU. Therefore, a procedure is being discussed to inform other Member States and Schengen associated countries about the hits. This would allow to have a much fuller information picture, to which it would also be important to associate Europol if possible to ensure the best possible support to Member States who are leading the investigations.

II. European Counter-Terrorism Centre (ECTC) at Europol91 In November 2015, the JHA Council stated: “Europol will launch the European Counter Terrorism Centre (ECTC) on 1 January 2016 as a platform by which Member States can increase information sharing and operational cooperation with regard to the monitoring and investigation of foreign terrorist fighters, the trafficking of illegal firearms and terrorist financing”92. In December 2015, the European Council referred to the urgency of “improving information exchange between Member States’ counterterrorism authorities, supporting the work of the new Europol CT Centre, and increasing Member States’ contributions to Europol databases”.93 62 On 1 January 2016, Europol launched the European Counter Terrorism Centre (ECTC). This is a platform through which Member States can increase information sharing and operational cooperation with regard to: the monitoring and investigation of foreign terrorist fighters; the trafficking of illegal firearms; and terrorist financing and the identification of additional lines of investigations. Member States can make use of Europol’s full range of capabilities in the area of organised and cyber-crime, such as cross-checking the relevant data. The ECTC serves as an information hub for counterterrorism for law enforcement and other relevant authorities in EU Member States and beyond and provides operational support, coordination and expertise for Member States’ investigations, as well as a strategic support capability, including in tackling the use of social media for radicalisation purposes94. Europol is developing an interesting capacity to support internet based investigations of Member States in the context of the Internet Referral Unit and the European Cybercrime Centre EC3. For this, it will be necessary to attract top talent, such as PhDs in IT and mathematics, hence have the possibility to recruit also outside of the police forces, as Member States services already do. 63 Increasingly, Member States are asking Europol to provide support on major counterterrorism investigations, such as after the Paris and Brussels attacks in 2015 and 201695. The ECTC strongly increased operational support to Member States. Support more than tripled in 2017 (439 supported operations) compared to 2016 (127). Around a third of this support is provided by the Internet Referral Unit (IRU)96. By the end of 2017, terrorism has become the third largest crime area in Europol’s Secure Information 61

91

See also the Chapter by Ryder, European Criminal Intelligence, Part 3 Chapter 3, in this volume. Conclusions of the Council of the EU and of the Member States meeting within the Council on Counter-Terrorism, 20 November 2015, doc 14406/15. 93 Conclusions of the European Council of 18 December 2016, doc EUCO 28/15. 94 See the report by the EU Counter-Terrorism Coordinator to the Council, State of play on the implementation of the statement of the Members of the European Council of 12 February 2015, the JHA Council Conclusions of 20 November 2015 and the Conclusions of the European Council of 18 December 2015, 4 March 2016, doc. 6785/16. On the ECTC see also Europol’s European Counter-Terrorism Centre strengthens the EU’s response to terror and the infographic, https://www.europol.europa.eu/content/ectc and the analysis by Chertoff et. al, Globsec Intelligence Reform Initiative p. 16 ff. 95 For a recent overview over Europol’s activities relevant to CT see EU Counter-Terrorism Coordinator, JHA agencies’ role in counter-terrorism, doc. 6146/18 and doc. 6146/18 ADD 1/EXT 1. 96 EU Counter-Terrorism Coordinator, JHA agencies’ role in counter-terrorism, doc. 6146/18 ADD 1/EXT 1. 92

104

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:33 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

Exchange Network (SIENA): The volume exchanged by EU Member States and third parties now accounts for 12% of all exchanged messages (of overall exchanged messages, after robbery and drugs related crime, 16 % and 14 % of all messages exchanged, respectively)97. In support of the Member States, Europol can also help to prevent and disrupt 64 terrorist activities, hence support preventive investigations. It would be important for Member States to use Europol services to support investigations from the earliest possible stage and to reflect upon how best Europol can use its capabilities to support the Member States’ investigations of homegrown terrorist fighters98. The Commission supports the development of a more proactive and preventive role of Europol99. The new Europol regulation which entered into force in May 2017 provides a more modern legal framework for Europol100. In addition to the EIS101, information is exchanged via the Analytical Workfile Focal Point Traveller102 on foreign terrorist fighters103. However, while information sharing has been boosted (see above) and Member States now trust Europol and share counter-terrorism information more actively, it still not fully reflects the threat. As the sharing of names has increased considerably, it is more important now to also improve data quality and share contextual information for analysis purposes104. It is now more than ever important to enhance data quality and share contextual information for analysis purposes, both from an operational and strategic perspective. This becomes even more relevant, given that a strategic foresight component in assessing the strategic threat posed by terrorism, in a real time fashion, still needs to be established, to fully answer questions regarding, for instance, cyberterrorist threat scenarios and the risks resulting from the change of the situation in terms of the territorial influence of Daesh in the conflict zones in Syria and Iraq in particular. It is a challenge that the tasks of police and security services are different across the 65 Member States, so that some Member States, where police have early preventive powers, 97 By the end of 2015, there were about 732.000 exchanged messages on CT (8 %), and by the end of 2017, 1.005.610 messages processed through SIENA at Europol. 98 EU Counter-Terrorism Coordinator, JHA agencies’ role in counter-terrorism, doc. 6146/18. 99 Enhancing security in a world of mobility: improved information exchange in the fight against terrorism and stronger external borders, COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE EUROPEAN COUNCIL AND THE COUNCIL, Brussels, 14.9.2016 COM(2016) 602 final (http://ec.europa.eu/justice/citizen/document/files/com_2016_602_enhancing_security_en.pdf last checked on 17 March 2017). 100 REGULATION (EU) 2016/794 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 11 May 2016 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/ 968/JHA (file://dm4/home/docs/CTC/HoSG%202017%20implementation/Europol%20regulation.pdf last visited 21 April 2017). 101 See supra, mn. 29. 102 This is a specific database where information about foreign fighters is shared among Member States and with partner countries which have acceded to the Focal Point such as the US and Australia as well as INTERPOL and Eurojust. 103 For previous figures see the report by the EU Counter-Terrorism Coordinator to the Council of 4 March 2016, doc. 6785/16 as well as the report of December 2016 doc. 14260/16 EXT 1. See also de Kerchove/Höhn, The Regional Answers and Governance Structure for Dealing with Foreign Fighters: the Case of the EU, in: Foreign Fighters under International Law and Beyond, eds. Andrea de Guttry, Francesca Capone, Christophe Paulussen (2016), p. 299–326. 104 See recommendation by the EU CTC: “Member States should maintain a high volume and quality of contributions provided to Europol, while increasing the data quality, e. g. by contextual information for analysis purposes”. Report by the EU Counter-Terrorism Coordinator to the Council of 20 December 2016: Implementation of the counter-terrorism agenda of the European Council, doc. 14260/16 EXT 1, EU Counter-Terrorism Coordinator, JHA agencies’ role in counter-terrorism, doc. 6146/18.

de Kerchove/Höhn

105

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:33 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

share more information than others, where security services are in the lead105. The level of sharing varies among Member States. Europol is able to handle information up to level secret106 and has strict handling codes which allow Member States to remain the owners of the information that is shared. The more information is shared with Europol, the more interesting cross-checking becomes. Cross-checking with information Europol has received is interesting in particular given the criminal background of many of the recent attackers – as of November 2016, 816 individuals reported to Europol for terrorism-related offences have also been reported for involvement in serious and/or organised crime107. 66 Although it is called Europol, it is not a law enforcement agency, but rather an information sharing hub. Security services can be designated as Europol competent authorities by the Member States and enjoy full cooperation with and participation in Europol108. The TFEU and the legal framework of Europol allow information exchange between law enforcement and intelligence services109. The Europol regulation allows Europol to receive and cross-check information about persons who may commit a crime in the future110. It is a positive development that a number of Member States have seconded liaison officers from their security services to the national liaison bureaux in The Hague and have connected their security services to the SIENA network. 67 After the Brussels attacks of March 2016, Europol has put in place a Joint Liaison Team111 of seconded investigators from Member States which is supporting investigation into links of terrorist groups across the EU. Security services could second experts to this team or to their national Europol liaison bureau either at home or at Europol in The Hague, which would allow the service access to Europol’s information and might facilitate cooperation. 105 See also de Kerchove/Höhn, “The Regional Answers and Governance Structure for Dealing with Foreign Fighters: the Case of the EU”, in: Foreign Fighters under International Law and Beyond, eds. Andrea de Guttry, Francesca Capone, Christophe Paulussen (2016) p. 299–326. 106 The electronic network for information exchange SIENA was upgraded to confidential in the autumn 2016 and it is being explored how Europol can support the network of the Police Working Group on Terrorism (level secret). Manually, Europol can already handle information at the level secret. 107 Europol analysis: Changes in Modus Operandi of IS revisited, November 2016, https://www.europol. europa.eu/newsroom/news/islamic-state-changing-terror-tactics-to-maintain-threat-in-europe (last checked 17 March 2017). Chertoff et. al, Globsec Intelligence Reform Initiative p. 13 also highlight that more recent terrorism often has its origins in criminal networks and is often perpetrated by known criminals. “Lines between criminals and terrorists are increasingly blurred.” p. 15. 108 See also Chertoff et. al, Globsec Intelligence Reform Initiative p. 17: “Some intelligence services which are designated at Member State level to also constitute “competent” authorities under the legal framework of Europol have contributed data on foreign terrorist fighters to the EIS.” 109 See also Chertoff et. al, Globsec Intelligence Reform Initiative p. 17. 110 The new Regulation has a clear definition of the persons to be stored in Annex II of the Europol Regulation which became applicable in May 2017, for cross-checking data (in the EIS), namely “Personal data collected and processed for the purpose of cross-checking shall relate to: (a) persons who, in accordance with the national law of the Member State concerned, are suspected of having committed or having taken part in a criminal offence in respect of which Europol is competent, or who have been convicted of such an offence; (b) persons regarding whom there are factual indications or reasonable grounds under the national law of the Member State concerned to believe that they will commit criminal offences in respect of which Europol is competent.” 111 Joint statement of EU Ministers for Justice and Home Affairs and representatives of EU institutions on the terrorist attacks in Brussels on 22 March 2016, doc 7371/16 “set up a joint liaison team of national counter-terrorism experts at Europol’s European Counter Terrorism Centre (ECTC) to support the Member States’ law enforcement authorities in investigating the wider European and international dimensions of the current terrorist threat, to which Member States are invited to second experts. This team will draw on Europol’s law enforcement capabilities to monitor the threat from foreign fighters, the flows of terrorist financing and illegal firearms, and online propaganda.” See EU Counter-Terrorism Coordinator, JHA agencies’ role in counter-terrorism, doc. 6146/18 and doc. 6146/18 ADD 1/EXT 1.

106

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:34 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

In some Member States, police and security services are double-hatted, which may facilitate information sharing and cooperation through Europol (although such doublehatting is not necessary for services to cooperate with Europol)112. Some security services are already connected to Europol’s electronic information exchange network SIENA, in particular the dedicated counter-terrorism network within SIENA. Security services of several EU Member States are connected to Europol via the network of national counterparts in the context of Europol’s Internet Referral Unit113, which is detecting terrorist content on the internet and referring it to the internet companies for removal. Starting in 2016, Europol has also been asked by the Committee on Internal Security (COSI) to provide regular strategic assessments of the terrorist threat, alongside INTCEN, which it has started to do114. Europol is part of the EU’s initiative to ensure greater interoperability of databases115. Europol is also preparing its support to the Passenger Information Units (PIUs) of the Member States for processing and use of Passenger Name Record (PNR) data. Enrichment of Europol’s analysis by drawing on PNR data on known criminals and terrorists is in preparation. Europol is also developing a vision on travel information in cooperation with the Commission, other JHA agencies and Member States on how the various initiatives (ETIAS, EES, PNR, interoperability, revisions of SIS and Eurodac) can get together from an operational perspective and how Europol can best support the relevant border management and security authorities116. In October 2017, the Commission tabled a CBRN action plan117 proposing to develop a CBRN knowledge hub within the ECTC.

68

69

70

71

III. Interoperability of databases Greater interoperability of EU databases is a priority identified by the European 72 Council118. Today, EU databases are fragmented and based on different legal bases. Given the security and migration challenges as well as the new, unified legal basis for both under the Lisbon Treaty, it is important to re-think the current approach, taking on board from the beginning privacy by design. In December 2017, the Commission presented an interoperability legislative package119, based on the work of the High Level

112

See supra mns. 65–66. See: Europol’s Internet Referral Unit to combat terrorist and violent extremist propaganda, https:// www.europol.europa.eu/content/europol%E2%80%99s-internet-referral-unit-combat-terrorist-and-violentextremist-propaganda. 114 “Structured and multilateral approach for operational cooperation on CT threats: COSI had several discussions on the topic during the Netherlands Presidency and decided that regular separate future oriented threat assessments from INTCEN and Europol (law enforcement perspective) would be presented to COSI. COSI has started to implement this approach under the Slovak Presidency.” EU CTC report to the Council, December 2016, doc. 14260/16 ADD 1 EXT 1. 115 See infra mn. 72. 116 See EU Counter-Terrorism Coordinator, JHA agencies’ role in counter-terrorism, doc. 6146/18 and doc. 6146/18 ADD 1/EXT 1. 117 Action plan to enhance preparedness against chemical, biological, radiological and nuclear security risks, COM(2017) 610 final, 18.10.2017. 118 European Council Conclusions of 18 December 2015: “ensuring the interoperability of the relevant databases with regard to security checks”. 119 The press release provides a comprehensive overview and links to all the relevant legislative proposals and other documents (http://europa.eu/rapid/press-release_IP-17-5202_en.htm last checked on 4 January 2018). 113

de Kerchove/Höhn

107

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:34 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

Experts Group on Information Systems and Interoperability120. The package includes the establishment of a European Search Portal, a shared biometric matching service and a common identity repository. The work on interoperability is highly relevant to the security services as optimal interoperability would allow a much better information picture, while at the same time benefiting privacy and data protection (a common repository of data for security, travel and migration would help to better detect identity fraud and facilitate review by data protection authorities). Data protection and privacy have been taken into account from the beginning in the design of the interoperability package121.

IV. Access of security services to the EU databases It may be of interest for security services to have access to European databases and tools. As mentioned above, services have expressed an interest in access to the PNR and SIS II information, but there are also other databases such as the Entry-Exit-System which is currently under discussion. While security services are not specifically mentioned in the instruments today, there are possibilities for access: 74 On PNR, it is up to each Member State to set the conditions for access of security services. The EU text allows such access, as competent authorities can be those responsible for prevention and fight against terrorism122. This means that security services could be designated as or included into a PIU. To have maximum use of the PNR system and have full access to the data, it may be useful to consider placing an officer from the security service into the national Passenger Information Unit, as only the PIU has access to all PNR data. This would ensure that cross-checks can be carried out against all relevant security service databases and full access. Therefore, security services may want to be closely involved in the technical and legal next steps at national level to ensure that services can use the PNR to the maximum extent. With regard to SIS II and Europol, secondments by the service to the national SIRENE and/or Europol liaison bureau would allow access and running the information against the databases of the service. 73

V. Security research 75

The Commission has also invited security services to form a network to provide input and direction to future Horizon 2020 research programming and to review results from existing research projects of use for the services123. This network would be flexible 120 Information on the HLEG (with the participation of relevant stakeholders such as experts from EU Member States, the EU Counter-Terrorism Coordinator and EU JHA agencies) can be found here: http://ec.europa.eu/transparency/regexpert/index.cfm?do=groupDetail.groupDetail&groupID=3435 (last checked 17 March 2017). The final report by the HLEG was issued in May 2017 and includes an annex by the EU CTC (http://ec.europa.eu/transparency/regexpert/index.cfm?do=groupDetail.groupDetail Doc&id=32600&no=1 last checked 4 January 2018). 121 The EU’s Fundamental Rights Agency and the European Data Protection Supervisor (EDPS) actively participated in the HLEG interoperability and have provided annexes to the final report. 122 Art. 4.1 of the PNR directive: “Each Member State shall establish or designate an authority competent for the prevention, detection, investigation or prosecution of terrorist offences and of serious crime or a branch of such an authority, to act as its passenger information unit (‘PIU’).” 123 Horizon 2020 Work Programme 2016–2017, Secure societies – Protecting freedom and security of Europe and its citizens, European Commission Decision C (2015)6776 of 13 October 2015, SEC-21–GM2016-2017: Pan European Networks of practitioners and other actors in the field of security.

108

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:35 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

and outside of the institutional context and could be an interesting tool for services to benefit from EU funding and determine the direction of future security research in areas which are of particular relevance, such as for example new technologies, cyber security etc. Security services of EU Member States can also apply to participate in EU research 76 projects, which several services of EU Member States have already successfully done. This seems to have provided useful contacts also to the academic community, for example on prevention of radicalization. Security services can also apply for funding under the Internal Security Fund124.

VI. EU Computer Emergency Response Team (CERT) After a pilot phase of one year and a successful assessment by its constituency and its 77 peers, the EU Institutions decided to set up a permanent Computer Emergency Response Team (CERT-EU)125 for the EU institutions, agencies and bodies in 2012. It’s mission is to enhance the security of the IT infrastructure of all EU institutions, bodies and agencies by supporting incident prevention, detection, mitigation and response. The team is currently made up of 30 IT security experts who carry out highly specialised operational work to which information is critical. It cooperates closely with other CERTs in the Member States and beyond as well as with specialised IT security companies. It has subscribed to many commercially available tools within its remit to increase its knowledge base and collection of useful information to mitigate cyber threats. Exchanges with CERTs in EU Member States take place on a real time basis. It also cooperates closely with INTCEN and Europol. Within certain Member States, cooperation of CERTs and security services is important. Therefore, also on EU level, cooperation with security services is relevant. The Commission’s proposal for updating the mandate of ENISA126, the EU Cyberse- 78 curity Agency, includes steps to strengthen the role of ENISA in cyber security. It will have a supporting role in operational cooperation as secretariat of the CERTs Network by ensuring, among others, the well-functioning of the CERTs Network IT infrastructure and communication channels, requiring a structured cooperation with CERT-EU, European Cybercrime Centre (EC3) and other relevant EU bodies. With CERT-EU it could provide technical assistance in case of significant incidents and to support incident analysis, as well as vulnerability analysis upon request of Member States. The European Centre of Excellence for Countering Hybrid Threats (Hybrid CoE)127 79 is an instrument of its participating countries128. Participation in the Centre is open to EU Member States and NATO Allies. The EU and NATO are invited to join the activities of the Centre. Hybrid CoE is to serve as a hub of expertise supporting efforts 124 See http://ec.europa.eu/dgs/home-affairs/financing/fundings/security-and-safeguarding-liberties/internal-security-fund-police/index_en.htm. 125 More information: https://cert.europa.eu/cert/filteredition/en/CERT-LatestNews.html (last checked on 17 March 2017). 126 COM(2017) 477 final 2017/0225 (COD), Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on ENISA, the “EU Cybersecurity Agency”, and repealing Regulation (EU) 526/2013, and on Information and Communication Technology cybersecurity certification (‘’Cybersecurity Act’’). 127 For more information about the centre see https://www.hybridcoe.fi/about-us/. 128 Currently, the Participants of the Memorandum of Understanding concerning Hybrid CoE are Estonia, Finland, France, Germany, Latvia, Lithuania, Netherlands, Norway, Poland, Spain, Sweden, the UK and the USA.

de Kerchove/Höhn

109

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:35 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

to enhance civil-military capabilities, resilience, and preparedness to counter hybrid threats with a special focus on European security, including to further a common understanding of hybrid threats at strategic level and promote the development of comprehensive, whole-of-government response at national levels and of coordinated response at EU and NATO levels.

VII. Privacy shield The EU-US Privacy Shield129, adopted in June 2016, which regulates the transfer of data within companies between EU to US locations, replaces the Safe Harbour scheme, which was invalidated by the European Court of Justice. One interesting aspect in this context is the national security exception to the agreement, of which the Privacy Shield regulates the scope. 81 One of the objectives of the update and reform of the Safe Harbour scheme was the need to ensure that use of the national security exception provided in Commission Decision 2000/520/EC is limited to an extent that is strictly necessary and proportionate130. The Privacy Shield consists of the Privacy Principles and several official communications, representations and commitments by the US Government which will also be published in the US Federal register and which are the result of talks between the Commission and the US Government. All this is annexed to the Commission’s adequacy decision that assesses whether the Shield provides adequate privacy protections. 82 Adherence to the Privacy Principles is limited to the extent necessary to meet national security, public interest or law enforcement requirements131. The Commission has assessed the limitations and safeguards available in US law regarding access and use of personal data transferred under the EU-US Privacy Shield by US public authorities for national security purposes. In addition, the US Government, through its Office of the Director of National Intelligence (ODNI) has provided the Commission with detailed recommendations and commitments contained in Annex VI to the decision. The US has also committed to create a new oversight mechanism for national security interference (Annex III)132. The adequacy decision sets out in detail the findings of the Commission on access and use by US public authorities for national security purposes, in particular limitations, oversight and individual redress133. After a detailed analysis, the Commission assesses that the US national security framework relevant to the Privacy Shield captures the essence of the principles of necessity and proportionality134 and concludes that there are rules in place in the US designed to limit any interference for national security purposes with the fundamental rights of the persons whose personal data are transferred under the Privacy Shield to what is strictly necessary to achieve the legitimate objective in question135. 80

129 For more information see http://europa.eu/rapid/press-release_IP-16-2461_en.htm and the fact sheet http://ec.europa.eu/justice/data-protection/files/factsheets/factsheet_eu-us_privacy_shield_en.pdf. 130 See pre-ambular para 8 of the COMMISSION IMPLEMENTING DECISION of 12.7.2016 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection provided by the EU-U.S. Privacy Shield, Brussels, 12.7.2016 C(2016) 4176 final (adequacy decision). 131 Annex II, Sec I.5, para 64 of the adequacy decision. 132 Para 65 of the adequacy decision. 133 Paras 67–124 of the adequacy decision. 134 Paras 76 of the adequacy decision. 135 Para 88 of the adequacy decision.

110

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:35 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

VIII. Fundamental Rights Agency At the request of the European Parliament, the EU’s Fundamental Rights Agency 83 (FRA), one of the JHA agencies which participated in the High Level Expert Group mentioned earlier, launched research on surveillance by national intelligence authorities and fundamental rights136. In November 2015, FRA published a report mapping the legal framework on surveillance in the Member States137. The report highlights that introducing and maintaining clear and accessible legislation and strong oversight mechanisms is challenging, but vital in striking a balance between security and privacy. In 2017, FRA published the second report. “It updates FRA’s 2015 legal analysis on the topic, and supplements that analysis with field-based insights gained from extensive interviews with diverse experts in intelligence and related fields, including its oversight.”138

IX. Battlefield information Terrorist organizations such as Daesh and AQ are present on battlefields, such as in 84 Syria and Iraq, hence the military forces on the ground have opportunities to collect significant amounts of information on terrorist groups (documents, electronics, cellphones, computers, fingerprints). Given presence of foreign terrorist fighters and the nexus between Daesh structures on the battlefield and operations around the world, it is important that such information is not only collected, but also analyzed and shared with border and law enforcement authorities. It would be crucial for this information to be available in real time at the borders, hence in the SIS II system for the Schengen area, so that infiltration into the EU of Daesh operatives from the conflict zone can be avoided. Such information may also be useful for investigations and prosecutions of terrorist suspects in Europe. This requires information sharing not only with intelligence and security services, but also with law enforcement and border authorities. There are interesting precedents from the INTERPOL VENNLIG project the previous armed conflict in Iraq and in Afghanistan (INTERPOL project HAMAH)139. The EU has started to discuss these issues, which are also on the agenda at the G7140 and the antiISIL coalition141. Exploring closer cooperation with NATO and the US, which has a lot 136 See http://fra.europa.eu/en/project/2014/national-intelligence-authorities-and-surveillance-eu-fundamental-rights-safeguards-and (last visited 19 April 2017). 137 Report: “Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU” (http://fra.europa.eu/en/project/2014/national-intelligence-authorities-and-surveillance-eu-fundamental-rights-safeguards-and/publications last checked 19 April 2017). 138 FRA report: “Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU Volume II: field perspectives and legal update” (http://fra.europa.eu/en/publication/2017/surveillance-intelligence-socio-lega last checked 4 January 2018). 139 INTERPOL pioneered military-to-law enforcement information exchange, starting in 2005 with Project Vennlig in Iraq, and later in Afghanistan through Project Hamah. See INTERPOL press release https://www.interpol.int/fr/News-and-media/News/2017/N2017-144 (last checked 8 January 2018). 140 G 7 statement of Ministers of the Interior, 19–20 October 2017: “commit ourselves to discuss among G7 members states to deepening the issue of “battlefield data” acknowledging the legal and procedural challenges” (http://www.g7italy.it/sites/default/files/documents/Joint%20Communiqu%C3%A9.pdf) (last checked 8 January 2018). 141 “Coalition members are actively disrupting Da’esh networks that move individuals, material and funds to enable external attacks. Information sharing, enhanced traveller screening and law enforcement cooperation – including collection of evidence admissible in courts of law – are essential to this effort, as

de Kerchove/Höhn

111

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:36 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

of experience with embedding prosecutors and law enforcement with military forces and sharing internationally with law enforcement, will be important. It is also worth exploring how information collected by the International Criminal Court in conflict theatres can be made available to law enforcement and judicial authorities. The EU will establish a crime information cell pilot within the naval operation EUNAVFOR MED SOPHIA to facilitate sharing of information between military, law enforcement, judicial and border authorities, with the participation of Europol and Frontex.

D. European intelligence cooperation outside of the EU context I. Counter-Terrorism Group (CTG) As pointed out above, the cooperation between the security services of EU Member States and some partners takes place outside of the EU context in the CounterTerrorism Group (CTG), which was created by the Berne Club after 9/11. During the extraordinary JHA Council on 20 September 2001, Ministers called upon the heads of the security services of the EU Member States to intensify their cooperation and to increase the sharing of information. Since then, the CTG has met regularly at Heads of Service, Heads of Counter-Terrorism Units and expert level142. The regular threat assessments which are produced by the CTG are shared with EU institutions through the INTCEN. The chairman of the CTG has briefed the Justice and Home Affairs (JHA) Council repeatedly on the progress of cooperation in the context of the CTG, in particular the setting up of the common platform under the Dutch Presidency, which will allow the electronic exchange of information and closer cooperation through posting of members of the services of the Member States to the platform.143 In the future, the chairman of the CTG will be regularly invited to attend the JHA Council when counter-terrorism is being discussed. The platform and the increased engagement of the CTG with the JHA Council are very positive developments144. 86 Given the need to cross-check information on terrorist suspects with crime information and to have a complete information picture, it will be desirable to establish cooperation between the ECTC at Europol and the CTG platform. Otherwise, there are risks of not connecting the dots sufficiently. This is currently being explored. 85

is the ability to prosecute and penalize foreign terrorist fighters and others providing material support to Da’esh. We encourage information sharing through INTERPOL and other collective law enforcement channels, such as EUROPOL, as well as through financial intelligence unit (FIU) channels.” Joint Statement by Ministers of the Global Coalition following the Meeting on the Defeat of Da’esh, 22 March 2017 (https://eeas.europa.eu/headquarters/headquarters-homepage_en/23342/Statement%20by%20Ministers%20of%20the%20Global%20Coalition%20following%20the%20Meeting%20on%20the%20Defeat%20of %20Da%E2%80%99esh,%20Washington%20D.C.,%2022%20March%202017 last checked 8 January 2018). 142 On the CTG, see also Chertoff et. al, Globsec Intelligence Reform Initiative p. 15 f. 143 “New platform for deepening cooperation between European intelligence and security services”, press release, Netherlands Presidency of the EU, January 2016. Joint statement of EU Ministers for Justice and Home Affairs and representatives of EU institutions on the terrorist attacks in Brussels on 22 March 2016, doc 7371/16: “fully support the work of the Counter Terrorism Group (CTG), in particular by further accelerating the establishment of a dedicated platform for real time, multilateral information exchange.” 144 On cooperation within the CTG see also the speech by the Director General of the British MI5 Andrew Parker to the BfV Symposium in Berlin on 14 May 2018 (https://www.mi5.gov.uk/news/directorgeneral-andrew-parker-speech-to-bfv-symposium).

112

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:36 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

In its Communication on “Enhancing security in a world of mobility: improved 87 information exchange in the fight against terrorism and stronger external borders” of September 2016145, the Commission writes: “While some progress has been observed recently, and law enforcement counterterrorism units increasingly cooperate with Europol’s European Counter-Terrorism Centre, cooperation between law enforcement and security services is still uneven. Security services exchange more regularly through the Counter Terrorism Group (CTG), outside the EU framework, and the two communities remain operationally disconnected. The key challenge remains how to harness the potential benefits of sharing information and intelligence to make a real operational difference. This does not need institutional innovations. But making full use of the possibilities for cooperation under the EU Treaties could deliver a change in sharing and connecting information through multidisciplinary cooperation. The range of options available to achieve this objective are framed by the competences conferred in the Treaties, the responsibility for national security belonging to Member States. In this context, the Commission will look for practical solutions to improve information exchange.”

II. Madrid Group After 9/11, counter-terrorism fusion centers have been set up in a number of Member 88 States – such as OCAM in Belgium, GTAZ in Germany or JTAC in the UK -, bringing together and pooling information from the relevant players, including law enforcement and security services. At the EU level, the fusion centres are meeting in the so-called Madrid Group, which has been financially supported by the Commission in the past. In the current context, financial support to Madrid Group meetings could be resumed.

E. Assisting third countries to strengthen their security services in a rule of law framework In some third countries, restructuring the security services to be efficient and comply 89 with a rule of law and human rights framework is necessary, such as those countries in democratic transition which want to transform their services but need new savoir faire to fight terrorism effectively. The EU has experience in this context: After the end of the Cold War, in the context of enlargement, security services of “old” Member States helped new Member States to reform and update their services. This was done with EU funding and Member States’ expertise. In a third country, a similar project was undertaken for the first time in Palestine in 90 the early 2000s: Assisting Palestine to set up the security service to fight terrorism effectively. Several security services of EU Member States had been involved in this initiative funded by the EU, which had also led to closer intelligence working relationships between the services concerned and Palestine. An EU project in Ivory Coast has been launched recently, implemented by the French operator CIVIPOL146. As part of a 145 COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE EUROPEAN COUNCIL AND THE COUNCIL, Brussels, 14.9.2016 COM(2016) 602 final http://ec. europa.eu/justice/citizen/document/files/com_2016_602_enhancing_security_en.pdf (last checked on 17 March 2017). 146 Civipol is the consulting and service company of the French Ministry of the Interior. It provides services in the areas of homeland security, civil protection and governance to clients in France and

de Kerchove/Höhn

113

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:37 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

broader project related to peace and security147, the EU will support the strengthening of the capacities of the security and intelligence services. This includes support to the reorganisation and oversight mechanisms of security and intelligence services, audit of the IT systems of concerned services, strengthening their role in prevention of radicalisation and early warning, a feasibility study of a regional platform for intelligence sharing with neighbouring countries as well as strengthening the operational capacities of the security and intelligence services in full respect of human rights and the rule of law, including by training. 91 Today, the EU is assisting Iraq148 to strengthen the collaboration of security services in the context of counter-terrorism, in particular in the context of a counter-terrorism fusion center. The EU has also offered to provide expertise to Tunisia on the restructuring of the security service for counter-terrorism, which again would involve Member State expertise and EU funding. In the context of a broader project on Security Sector Reform149, the EU is assisting Tunisia with regard to the legal framework and oversight mechanisms of the security services related to the Ministry of Interior in the context of the fight against terrorism150. This component is implemented by Geneva Centre for the Democratic Control of Armed Forces (DCAF)151. The EU is also assisting the Tunisian Fusion Centre (CT pole) with expert advice. In the context of the Euromed Police IV project, sharing and analysis of strategic criminal intelligence is one of the objectives152. Joint threat assessments inter alia on counter-terrorism are being developed with partner countries in the MENA region. Europol is involved. 92 As part of the EU Western Balkans Counter-Terrorism Initiative, the CounterTerrorism Initiative (CTI) Network supports the strengthening of operational police cooperation and mutual trust in counter-terrorism153. With EU financial support, the Member States’ police and in some cases security services are working with their abroad. Civipol is regularly involved in large-scale international projects through auditing, advisory, technical assistance and training assignments. It works extensively with the European Commission. 147 Programme de soutien à la sécurité nationale, à la prévention de la radicalisation et à la consolidation de la paix en Côte d’Ivoire, Instrument contributing to Stability and Peace Action IcSP 2016/04. 148 Brussels, 5.8.2015, C(2015) 5536 final, COMMISSION IMPLEMENTING DECISION, of 5.8.2015 on the Exceptional Assistance Measure on strengthening counter terrorism capacities in the Middle East, North Africa and Iraq to be financed from the General Budget of the European Union and Annex: Instrument contributing to Stability and Peace, Exceptional Assistance Measure on Strengthening counter terrorism capacities in the Middle East, North Africa and in Iraq; Brussels, 3.3.2017 C(2017) 1464 final COMMISSION IMPLEMENTING DECISION of 3.3.2017 on exceptional assistance measures in favour of Iraq and ANNEX II: Instrument contributing to Stability and Peace. Exceptional Assistance Measures on Iraq – Support to the stabilisation and reconciliation process in Iraq, Second Exceptional Assistance Measure (EAM 2) – Supporting the development of human rights-compliant counter terrorism strategy, legislation and coordination measures in Iraq. 149 23 Million Euros, adopted in 2015. The information about the project is contained here: https://ec. europa.eu/neighbourhood-enlargement/sites/near/files/neighbourhood/pdf/key-documents/tunisia/2015 0731-aap-2015-tunisia-financing-commission-decision-20150730.pdf (last visited on 17 March 2017). 150 Description of the intelligence related part of the project: “Le troisième axe se concentre sur le renseignement, en particulier dans sa composante “ lutte contre le terrorisme “, notamment la réforme législative encadrant les activités de renseignement et la mise en œuvre d’actions spécifiques et de transfert d’expertises dans le domaine du financement des nouvelles formes de criminalité et du blanchiment des capitaux. Un élément majeur de cet axe pourrait être un soutien à la création d’un centre unique du renseignement intérieur soutenu par une loi-cadre sur les activités de renseignement.” https://ec.europa.eu/ neighbourhood-enlargement/sites/near/files/neighbour hood/pdf/key-documents/tunisia/20150731-aap2015-tunisia-financing-commission-decision-20150730.pdf (last visited on 17 March 2017). 151 More information about DCAF can be found here: http://www.dcaf.ch/ (last visited on 17 March 2017). 152 http://www.euneighbours.eu/en/eu-in-action/projects/euromed-police-iv (last visited on 21 April 2017). 153 EU Western Balkan counter-terrorism initiative: integrative plan of action, Council doc. 13887/15 of 4 December 2015, Conclusions of the Council of the EU and of the Member States meeting within the Council on the Integrative and Complementary Approach to Counter-Terrorism and Violent Extremism

114

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:38 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

counterparts from the Western Balkans on a broad range of operational counterterrorism issues and capacity building. In December 2016 the Council decided to “prioritis[e] activities to develop a more comprehensive mechanism to address security threats in the Western Balkan region, including integrating intelligence-led policing to set counter-terrorism and serious and organised crime priorities at a regional level, compatible with the approach taken in the EU Policy Cycle”.154

F. What more could be done in the EU context? “It is time to adapt and address existing barriers to better law enforcement and 93 intelligence integration and transnational liaison. These include issues of trust, standardisation, legislation, counter-terrorism approaches and culture. These must be addressed incrementally through existing best practices and models.Law enforcement is increasingly at the centre of better pan-European and transatlantic counter-terrorism cooperation. Crucially, better fusion of intelligence processes, and intelligence and law enforcement agencies, is needed to provide the means for pre-empting terrorist attacks before they occur, rather than relying on effective investigation after the event.”155

I. Under the existing legal framework Despite Art. 4 (2) TEU, there are possibilities for the EU to create closer links with 94 the services and support efforts to strengthen them. It is not suggested to create a European security service in the current legal and political context. However, the possibility and usefulness of combining the various security services of the EU institutions (today the Council, the Commission and the European Parliament each have their own security service) for counter-espionage could be explored, similar to the CERTEU156 for cyber security.

1. Commission to engage in dialogue with security services In full respect of Art. 4 (2) TEU, the Commission could reach out to security 95 services: it could organize regular meetings (together with the EU CTC) with senior representatives of the security services of Member States to discuss policy initiatives such as the results of the High Level Expert Group on Information Systems and Interoperability and get the views and needs of the security community. The Commission has already invited the intelligence community to participate in risk assessments, what was done for example, with the strong support from EU INTCEN, in aviation/ transport security. Further increasing the dialogue with the security services could lead to fruitful exchange, building trust and better understanding views and positions of security services.

in the Western Balkans (3 December 2015), doc. 14986/15, 7 December 2015 (http://data.consilium. europa.eu/doc/document/ST-14986-2015-INIT/en/pdf last visited 21 April 2017). 154 Council Conclusions on strengthening the EU internal security’s external dimension in the Western Balkans including via the Integrative Internal Security Governance (IISG) (8 December 2016) doc. 15413/ 16 (http://data.consilium.europa.eu/doc/document/ST-15413-2016-INIT/en/pdf last visited 21 April 2017). 155 Chertoff et. al, Globsec Intelligence Reform Initiative p. 4. 156 See supra mn. 77.

de Kerchove/Höhn

115

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:38 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

2. Commission to support cooperation in the context of Art. 73 TFEU 96

A common analysis culture and knowledge among services in the counter-terrorism field is also necessary. French President Macron has suggested the creation of a European Intelligence Academy in the context of counter-terrorism: “What Europe, Defence Europe, lacks most today is a common strategic culture. Our inability to work together convincingly undermines our credibility as Europeans. We do not have the same cultures, be they parliamentary, historical or political, or the same sensitivities. And that cannot be changed in one day. But I propose trying, straight away, to build that common culture […]. To create this convergence, we need deep-rooted change. […] I want this common culture to be expanded, in the fight against terrorism, to our intelligence services. I thus want a European Intelligence Academy to be created, to strengthen the ties between our countries through training and exchanges.”157 “In the fight against terrorism, Europe needs to ensure closer ties between our intelligence services by creating a European Intelligence Academy.”158

If Member States expressed an interest, the Commission could explore to support this initiative financially159. The Commission could also explore to support joint trainings160 of security service counter-terrorism officers and/or existing intelligence training academies in Member States to develop curricula and modules for counterterrorism which would be open to analysts from other Member States, a network among such academies/universities for counter-terrorism could be created and supported by the Commission. This would over time contribute to creating a common culture and more common analysis in the counter-terrorism field while not touching on the traditional functions of the security services (counter-espionage), which remain purely at the national level. 98 Art. 73 TFEU provides the possibility for several Member States to have more structured cooperation among security services (outside of EU context). The Counter Terrorism Group (CTG) is developing a platform for information exchange outside of the EU context, this is a good first step to strengthen cooperation. A number of Member States believe that, in light of the police/intelligence challenges revealed by the Paris and Brussels attacks, cooperation at both the national and the supranational level needs to be intensified. Upon request, the Commission could support such initiatives between interested Member States financially. 97

157 Speech by President Macron on 26 September 2017 (http://www.elysee.fr/declarations/article/initiative-pour-l-europe-discours-d-emmanuel-macron-pour-une-europe-souveraine-unie-democratique/last visited on 16 January 2018). English translation. 158 Summary/fact sheet of the proposals of President Macron’s speech of 26 September 2017, “Initiative pour l’Europe Une Europe souveraine, unie, démocratique” (http://www.elysee.fr/assets/Initiative-pourlEurope-une-Europe-souveraine-unie-et-democratique-Emmanuel-Macron.pdf last visited on 16 January 2018) English: (http://www.elysee.fr/assets/Initiative-for-Europe-a-sovereign-united-democratic-EuropeEmmanuel-Macron.pdf last visited 16 January 2018). 159 On page 7, the policy paper by the European Political Strategy, also suggests the creation of an intelligence academy: Towards a ‘Security Union’, Bolstering the EU’s Counter-Terrorism Response, Issue 12/2016, 20 April, http://ec.europa.eu/epsc/pdf/publications/strategic_note_issue_12.pdf. 160 On the need for a common European analysis culture and training see also José Miguel Palacios, “Intelligence Analysis Training: A European Perspective”, The International Journal of Intelligence, Security and Public Affairs, 2016, 18:1, 34–56 (http://www.tandfonline.com/doi/pdf/10.1080/23800992.2016.1150684 last visited on 19 April 2017).

116

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:39 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

3. Commission to support peer review and strengthening national services A peer review process of the security services could be put in place (outside of the 99 EU context), which the EU could support as appropriate (the process itself and the necessary upgrades of the national services). A peer evaluation of the counter-terrorism structures of the Member States took place previously in 2001 after 9/11.

4. Commission to pool information in relevant areas to get a better information picture and subscribe to private databases The Commission, in cooperation with the EU CTC, the Member States and other 100 relevant stakeholders could prepare the report to be submitted to the President of the European Council on the basis of Art. 222 (4) of the TFUE (threat assessments to the European Council to enable the EU and Member States to take effective action). The Commission has a lot of information in the area of aviation, transport, competi- 101 tion, health, cyber (EU-CERT161 in particular which is subscribed to major private databases and information tools and collects a lot of operational information), CBRN, energy etc. that is very relevant for counter-terrorism but at the moment is not pulled together to provide a comprehensive strategic risk analysis. One could reflect to designate a body in the Commission or task INTCEN to do so, to have the advantage to pool information, potentially building on the existing team in DG Home which is supporting the sectoral risk and threat analysis. Private companies have a lot of information relevant to security and CT162 as they 102 operate in high risk environments (and third states). There are also lots of private databases and tools the Commission could subscribe to increase its access to information. The Commission together with the EU CTC could build a partnership with the private sector for counter-terrorism, host regular meetings and identify the most relevant private tools the EU institutions and agencies (including Europol) should subscribe to.

5. Further develop concept of European security – what would this mean legally? As pointed out above, while the concept of “national security” is enshrined in the EU 103 treaties, the concept of “European security” as such is not (although the area of freedom, security and justice is). When the Lisbon treaties were drafted, the international threat environment was different – while Al Qaeda terrorism was present, the new bottom up and truly transnational operating methods of Daesh, building on thousands of foreign terrorist fighters who travelled from the EU to Syria and Iraq, did not exist yet. It can be argued that without European security, national security of the Member States cannot be fully protected. Does this mean that the current treaties could be interpreted in a way that intelligence is only excluded as far as the national security of a Member State is concerned, but not when European security is at stake? Should the concept of European security be incorporated in a future update of the EU treaties? These concepts would benefit from further academic discussions and development. It is necessary to deal with the new threat environment and adapt EU action accordingly, especially as citizens expect progress on security and the terrorist threat has a major impact in a number of Member States as well as neighbouring countries and tourist destinations. 161 162

EU Cyber Emergency Response Team. The Anderson report of December 2017 also highlights that private sector cooperation is vital.

de Kerchove/Höhn

117

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:40 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda 104

The above suggestions show that a number of steps could be taken to build trust and bring the services closer to the EU, while supporting and encouraging initiatives among a smaller number of Member States outside EU. Among all flanking measures for security that have been taken to compensate the lifting of the internal border controls in Schengen, those taken for intelligence remain the least developed and an enormous challenge, however, as pointed out above, significant steps have been taken with the creation of EU tools such as SIS II, the PNR, the EU-US TFTP which are enhancing the intelligence picture.

6. Harmonization of data protection and privacy rules? 105

It could be explored in the light of Art. 4 (2) TEU whether and if so how much privacy/ data protection rules of the Member States applicable to security and intelligence services could be harmonized at EU level to facilitate cooperation. The outcome of the preliminary reference made by the United Kingdom’s Investigatory Powers Tribunal to the ECJ could be of interest in this regard.

7. Designation by Member States of security services as competent authorities 106

With regard to EU tools such as Europol, the PNR or the future SIS, where the text so allows, Member States could designate security services as “competent authorities” at the national level so that they can fully benefit from the instruments. When negotiating new or revised legal texts at EU level such as SIS, it would be important to ensure that this is possible.

8. Engagement of security services with the European Parliament 107

Directors or other senior officials from Member States security services could increase their engagement with and brief the European Parliament, in particular the LIBE committee dealing with civil liberties and counter-terrorism, to ensure that the security perspective of the debate in Brussels is strengthened and operational necessities of the services are better understood.

9. Engagement with the European Court of Justice 108

In the US, regular exchanges in the form of informal seminars are taking place between the security and intelligence community and the Supreme Court, to build mutual understanding and provide an opportunity for the security community to keep the Court informed about evolution of the threat and current challenges. It could be explored to hold similar seminars between the security community in Europe, including the security services, and the European Court of Justice.

II. In the transatlantic context 109

Chertoff et al163 suggest a number of pragmatic transatlantic initiatives to strengthen intelligence and law enforcement cooperation such as a core transatlantic CT hub, in which the ECTC, the CTG as well as national CT centres from Europe and the US would be involved. It could start with a smaller core of countries and later expand. A “joint transatlantic CT Strategic Threat and Risk Assessment” could be regularly drafted to identify, assess and prioritise the threats, risk and opportunities facing intelligence 163

118

Chertoff et. al, Globsec Intelligence Reform Initiative p. 27 ff.

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:40 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Role of European Intelligence in Countering Terrorism

and law enforcement agencies in CT. Within the hub, case-based task forces could “promote joint execution of intelligence-led operations as well as better sharing of personal data”. They also promote the establishment of a hit-no-hit search function/single search 110 interface based on the FIU model (each nation holds its data but encrypted searching identifies information or patterns to follow up). Finally, they suggest a transatlantic CT centre of excellence, which could initially be a 111 virtual network linking academies carrying out intelligence training. It could agree on best practices, training material could be shared. It would achieve joint standardisation (“common terminology is needed through the intelligence cycle for the understanding and priorisation of threats, faster analysis and dissemination”) and training and build trust and mutual understanding. It could address emerging technologies and the EU could contribute funds for its members. Involvement of the private sector could be considered.

III. In the longer term future In its White Paper on the Future of Europe164, for Scenario 4 (“Doing less more 112 efficiently”) and Scenario 5 (“Doing much more together”), the European Commission suggests: “Cooperation between police and judicial authorities on terrorism-related issues is systematic and facilitated by a Common European Counter-Terrorism Agency. A new European Counter-Terrorism Agency helps to deter and prevent serious attacks in European cities by the systematic tracking and flagging of suspects. National police authorities can easily access European databases containing the biometric information of criminals.” In his State of the Union speech of 13 September 2017, President of the European 113 Commission Juncker stated the following vision: “The European Union must also be stronger in fighting terrorism. In the past three years, we have made real progress. But we still lack the means to act quickly in case of cross-border terrorist threats. This is why I call for setting up a European intelligence unit that ensures data concerning terrorists and foreign fighters are automatically shared among intelligence services and with the police.”165 In October 2017, the Commission issued a CT package and stated: “Beyond these practical measures for the short term, the Commission is working towards a future European Intelligence Unit, as announced by President Juncker as part of his vision for the European Union by 2025.”166 In the US, the Federal Bureau of Investigation, the FBI, is playing a leading role in 114 counter-terrorism: “Combating terrorism is the FBI’s top investigative priority. Working closely with a range of partners, we use our suite of investigative and intelligence capabilities to neutralize terrorist cells and operatives here in the U.S., to help dismantle extremist networks worldwide, and to cut off financing and other forms of support provided by terrorist sympathizers. Our overall goal, as we lead law enforcement and domestic intelligence efforts to defeat terrorism, is to eliminate the risk of terrorism, both international and domestic, to the homeland and to U.S. interests abroad.”167 The 164 European Commission, White Paper on the future of Europe, Reflections and scenarios for the EU27 by 2025, 1 March 2017 pp. 22 ff. (https://ec.europa.eu/commission/sites/beta-political/files/white_paper_on_the_ future_of_europe_en.pdf – last checked on 22 March 2017). 165 http://europa.eu/rapid/press-release_SPEECH-17-3165_en.htm (last checked on 16 January 2018). 166 Eleventh progress report towards an effective and genuine Security Union, COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN PARLIAMENT, THE EUROPEAN COUNCIL AND THE COUNCIL, Brussels, 18.10.2017 COM(2017) 608 final. 167 FBI website. https://www.fbi.gov/investigate/terrorism.

de Kerchove/Höhn

119

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:41 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

FBI is both a law enforcement and a domestic intelligence agency and has a network of legal attachés around the world for international law enforcement cooperation. 115 A number of commentators speak about the need to create a European Central Intelligence Agency (CIA) – which in the US context is responsible for the collection and analysis of foreign intelligence. However, the more relevant question to ask, given the domestic focus on Europe, is whether it should rather be explored in the longer term to create a European FBI, a combined law enforcement and intelligence capability focusing on fighting terrorism inside the EU. However, this would require a change in the EU legal framework which limits the task of Europol and Eurojust to only supporting Member State led investigations. Therefore, a sui generis solution for Europe respecting the principle of support to Member States may need to be sought. If this were to be considered, the ECTC at Europol could be further developed to provide support more explicitly both to law enforcement and security services of Member States by offering a common platform for information exchange and analysis at European level. Europol would remain an agency in support of Member States investigations and disruption efforts and not become an autonomous investigative body. However, law enforcement and intelligence information would be fused much more comprehensively and the ‘dare to share’ principle as discussed above would in that way be maximised as far as possible. Advances in technology in order to protect the most sensitive data ought to make such a scenario possible.

G. Conclusion While national security remains outside the remit of the EU, on counter-terrorism, closer cooperation among the security services and with law enforcement agencies, at European and national level is necessary. Today’s terrorism is a crime in a similar way to other serious crime and in this way counter-terrorism is different in nature than other national security tasks such as counter-espionage, which requires a different mindset. Despite the current legal framework, many EU tools and interfaces concern intelligence and security services and are already of great interest to them. Therefore it is of interest to security services to follow closely the developments at EU level and engage proactively, in particular at policy level. With regard to operational information sharing, progress has been made on the use of the SIS II by the security services and to structure more the cooperation in the context of the CTG. It would be interesting to further explore whether and how the technology developed in the context of the FIU.net could facilitate information sharing among Member States in counter-terrorism, including with regard to the security services. A number of steps could be taken in the current legal framework to further strengthen the cooperation of security services, including financial support by the Commission, if requested and as appropriate. 117 Outside of the EU institutional framework, a structural strengthening of the CTG with a permanent President like the Eurogroup could be considered. A stronger cooperation between the ECTC at Europol and the CTG platform is also needed. 118 In the long term future, the pros and cons of the question of the development of the ECTC at Europol to provide support more explicitly to both law enforcement and security services and bringing together law enforcement and intelligence information in support of the Member States with regard to supporting criminal investigations and disruption of the plots could be further explored. As technology advances and cross-border linkages and travel patterns increase further still, we may find that additional support and pooled capabilities, at the very least in certain niche capability areas, becomes essential. 116

120

de Kerchove/Höhn

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:42 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3 European Intelligence in Cyberspace Tatiana Tropina/Nicolas von zur Mühlen Outline A. Introduction ...................................................................................................................... B. Threats Landscape ........................................................................................................... I. Actors......................................................................................................................... 1. Cybercriminals .................................................................................................... 2. Terrorists .............................................................................................................. 3. Hacktivists............................................................................................................ 4. Nation states and state-supported actors...................................................... 5. Actors’ motivation and attribution issue ...................................................... II. Threats to confidentiality, availability and integrity of data and systems . 1. Unauthorised access to data and systems..................................................... 2. Illegal interception.............................................................................................. 3. Interference with computer data and systems............................................. a) Denial of service and computer sabotage ............................................... b) Ransomware................................................................................................... c) Targeted interference with computer data, systems and networks... d) Advanced persistent threats ....................................................................... e) Threats to critical infrastructure ............................................................... III. “Cyberwarfare”, “Information warfare” and “Hybrid cyberwarfare”.......... C. Cybersecurity Policies and Frameworks ..................................................................... I. Tools and policies to address cybersecurity threats........................................ II. Cybersecurity regimes ............................................................................................ 1. Criminal law and tackling crime .................................................................... 2. Critical information infrastructure protection frameworks...................... 3. Frameworks for cyberwar and warfare.......................................................... 4. Other regimes...................................................................................................... D. Cybersecurity and Cyber Intelligence.......................................................................... I. Reactive and proactive approaches ..................................................................... II. Intelligence in cyber domain or “cyber intelligence”? .................................... III. Levels and sources of cyber intelligence ............................................................ IV. Approaches at EU level ......................................................................................... V. National approaches............................................................................................... E. Conclusions .......................................................................................................................

mn. 1 4 4 6 7 9 10 12 14 17 21 22 23 25 28 29 30 31 34 34 39 39 43 46 54 59 59 62 65 70 76 85

Bibliography1: Abelson et al, Keys under Doormats: Mandating insecurity by requiring government access to all data and communications, Massachusetts Institute of Technology, 2015, available at: https://dspace. mit.edu/bitstream/handle/1721.1/97690/MIT-CSAIL-TR-2015-026.pdf; Agence Nationale de la Sécurité des Systèmes d’Information, Managing Cybersecurity for Industrial Control Systems, 2014, available at: https://www.ssi.gouv.fr/uploads/2014/01/Managing_Cybe_for_ICS_EN.pdf; Ahn/Doupe/Zhao/Liao, Ransomware and cryptocurrency, in: Holt (ed.), Cybercrime Through an Interdisciplinary Lens, Routledge, 2016, p. 105; Alarid, Recruitment and Radicalization: The Role of Social Media and New Technology, in: Hughes/Miklaucic (eds.), Impunity: Countering Illicit Power in War and Transition, Center for Complex Operations (CCO) and Peacekeeping and Stability Operations Institute (PKSOI), 2016, available at: http://cco.ndu.edu/Portals/96/Documents/Impunity/Impunity%20FINAL%20for%20Web.pdf; Alderson/ Soo Hoo, The Role of Economic Incentives in Securing Cyberspace, Stanford Center for International Security and Cooperation, 2004, available at: http://cisac.fsi.stanford.edu/publications/role_of_economic_incentives_in_securing_cyberspace_the; Andress/Winterfeld, Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners, Elsevier Science, 2013; Bambauer, Minnesota Law Review 96.2 (2011), p. 584; Barnsby/Reeves, Give Them an Inch, They’ll Take a Terabyte: How States May Interpret Tallinn Manual 2.0’s International Human Rights Law Chapter, Texas Law Review, 95.7, 2017, p. 1515; Baylon, 1

All online sources were last accessed on 8 March 2018.

Tropina/von zur Mühlen

121

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:42 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda Challenges at the Intersection of Cyber Security and Space Security, Chatham House, 2014; available at: https://www.chathamhouse.org/publications/; Baylon/Brunt/Livingstone, Cyber Security at Civil Nuclear Facilities: Understanding the Risks, Chatham House, 2015, 3 available at: https://www.chathamhouse.org/ publications/; Bendiek, European Cyber Security Policy, German Institute for International and Security Affairs, 2012; Bendiek, The New “Europe of Security”, SWP Comments 20/2017, available at: https://www. swp-berlin.org/fileadmin/contents/products/comments/2017C20_bdk.pdf; Berkman Center for Internet and Society at Harvard University, Don’t Panic: Making Progress on the “Going Dark” Debate, 2016, available at https://cyber.harvard.edu/pubrelease/dont-panic/Dont_Panic_Making_Progress_on_Going_Dark_Debate.pdf; Borum et al., Cyber Intelligence Operations, The Coast Guard Proceedings 71.4 (2014–2015), p. 65; Borum et al., Strategic cyber intelligence, Information & Computer Security 23.3 (2015), p. 317; Boulos, The Tallinn Manual and Jus ad bellum: Some Critical Notes, in: Ramírez/GarcíaSegura L. (eds.), Cyberspace. Advanced Sciences and Technologies for Security Applications, Springer, 2017, p. 231; Brantly, Defining the role of intelligence in cyber: a hybrid push and pull, in: Phythian (ed.), Understanding the Intelligence Cycle, Routledge, 2013, p. 76; Brantly, The Decision to Attack, University of Georgia Press, 2016; Brenner, At Light Speed: Attribution and Response to Cybercrime/Terrorism/ Warfare, Journal of Criminal Law & Criminology 97.2 (2007), p. 379; Brown/Snower, Global Economic Solutions 2010/2011, Global Economic Symposium, 2011, available at: https://www.global-economicsymposium.org/solutions/publications/global-economic-solutions/global-economic-solutions-2010-11; Brunst, Cyberabwehr, in: Dietrich/Eiffler, Handbuch des Rechts der Nachrichtendienste, Boorberg, 2017, p. 817; Brunst, Terrorism and the Internet: New Threats Posed by Cyberterrorism and Terrorist Use of the Internet, in Wade Maljević (eds.), A War on Terror?: The European Stance on a New Threat, Changing Laws and Human Rights Implications, Springer, 2010, 51; Christou, Cybersecurity in the European Union, 2016, Palgrave Macmillan UK; Christou, The EU’s Approach to Cybersecurity, 2017, University of Essex project on EU-Japan Security Cooperation, available at: http://repository.essex.ac.uk/19872/1/EU-Japan_9_Cyber_Security_Christou_EU.pdf; Cilluffo, A Borderless Battle: Defending Against Cyber Threats, Testimony before the U.S. House of Representatives Committee on Homeland Security, March 22 2017, available at: https://cchs.gwu.edu/testimonies; Cilluffo, A Global Perspective on Cyber Threats, Testimony before the U.S. House of Representatives, Committee on Financial Services, Subcommittee on Oversight and Investigations, June 16 2015, available at: https://cchs.gwu.edu/testimonies; Clapper/Lettre/Rogers, Joint Statement for the record to the Senate Armed Service Committee. Foreign Cyber Threats to the United States, 2017, available at: https://www.armed-services.senate.gov/imo/media/doc/Clapper-Lettre-Rogers_01-05-16.pdf; Clough, A World of Difference: The Budapest Convention on Cybercrime and the Challenges of Harmonisation, Monash University Law Review 40.3 (2014), p. 698; Cornish et al. (2010), On Cyberwarfare, Chatham House, 2010, available at https://www.chathamhouse.org/publications/; Council of the European Union, Six-Month report on the Implementation of the Cyber Defence Policy Framework by the Politico-Military Group, 10347/15, 2015; Danish Centre for Cyber Security, Threat Assessment: The cyber threat against Denmark, 2017, available at: https://fe-ddis.dk/eng/Products/Intelligence-Risk-Assessments/; Danish Ministry of Defence, Danish Defence Agreement 2013–2017, available at: http://www.fmn.dk/eng/allabout/Documents/TheDanishDefenceAgrement2013-2017english-version.pdf; Darmois/Schméder, Cybersecurity: a case for a European approach, London School of Economics, 2016, available at: http://www.securityintransition.org/wp-content/uploads/2016/02/WP11_Cybersecurity_FinalEditedVersion.pdf; Davies, Information Warfare and the Future of the Spy, Information, Communication & Society, 2.2 (1999), p. 115; Degaut, Spies and Policymakers: Intelligence in the Information Age, Intelligence and National Security 31.4 (2016), p. 509; Department of Defense, The DoD Cyber Strategy, 2015, available at: https://www.hsdl.org/?abstract&did=764848; Department of Homeland Security/Federal Bureau of Investigation, Joint Analysis Report on GRIZZLY STEPPE, 2016, available at https://www. us-cert.gov/security-publications/; Dunn Cavelty/Maurer, Postmodern Intelligence: Strategic Warning in an Age of Reflexive Intelligence, in: Security Dialogue 40.2 (2009), p. 123; Dutch Ministry of Defence, The Defence Cyber Strategy, 2012, available at: https://ccdcoe.org/strategies/Defence_Cyber_Strategy_NDL. pdf; Duvenage/von Solms/Jaquire, Conceptualising Cyber Counterintelligence, Proceedings of the 15th European conference on Cyber Warfare and Security, University of the German Federal Armed Forces, 2016, p. 93; European Commission, EU cybersecurity initiatives, 2017, available at: http://ec.europa.eu/ information_society/newsroom/image/document/2017-3/factsheet_cybersecurity_update_january_2017_ 41543.pdf; European Parliament, Cyber defence in the EU: Preparing for cyber warfare?, Briefing October 2014, available at: http://www.europarl.europa.eu/thinktank/de/document.html?reference=EPRS_BRI (2014)542143; European Parliament, Cybersecurity in the European Union and Beyond: Exploring the Threats and Policy Responses, Study for the LIBE Committee, 2015, available at: http://www.europarl. europa.eu/RegData/etudes/STUD/2015/536470/IPOL_STU(2015)536470_EN.pdf; Fidler/Pregent/Vandurme, NATO, Cyber Defense, and International Law, 2013, available at: http://www.repository.law. indiana.edu/facpub/1672; Finnemore/Hollis, Constructing Norms for Global Cybersecurity, The American Journal of International Law 110.3 (2016), p. 425; G8, G8 Principles for Protecting Critical Information Infrastructures, 2003, available at: http://www.cybersecuritycooperation.org/documents/G8_CIIP_

122

Tropina/von zur Mühlen

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:43 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Intelligence in Cyberspace Principles.pdf; Gehem et al., Assessing Cyber Security, The Hague Centre for Strategic Studies, 2015, available at: https://hcss.nl/report/assessing-cyber-security/; German Ministry of Defence, White Paper on Security Policy and the Future of the Bundeswehr, 2016, available at: http://www.planungsamt.bundeswehr.de/portal/poc/plgabw?uri=ci:bw.plgabw.grundlagen.weissbuch; German Ministry of Interior, CyberSicherheitsstrategie für Deutschland, available at: https://www.bmi.bund.de/cybersicherheitsstrategie/ BMI_CyberSicherheitsStrategie.pdf; Giles, Prospects for the Rule of Law in Cyberspace, Letort Papers, 2017, available at: https://ssi.armywarcollege.edu/pubs/display.cfm?pubID=1343; Gioe, “The More Things Change”: HUMINT in the Cyber Age, in: Dover/Dylan/Goodman (eds.), The Palgrave Handbook of Security, Risk and Intelligence, Palgrave Macmillan, 2017, p. 213; Global Public Policy Institute, Advancing Cybersecurity Capacity Building, March, 2017, available at: http://www.gppi.net/publications/; Goldman/ Warner, Why a Digital Pearl Harbor Makes Sense … and is Possible, in: Perkovich/Levite (eds.), Understanding Cyber Conflict, Georgetown University Press, 2017, p. 147; Goodman, International dimensions of cybercrime, in Ghosh/Turrini (eds.), Cybercrimes: A multidisciplinary analysis, Springer, 2010, p. 311; Gouvernement de la République française, French National Digital Security Strategy, 2015, available at: https://www.ssi.gouv.fr/uploads/2015/10/strategie_nationale_securite_numerique_en.pdf; Greathouse, Cyber War and Strategic Thought: Do the Classic Theorists Still Matter?, in: Kremer/Müller (eds.), Cyberspace and International Relations, Springer, 2014; Hackback: Permitting Retaliatory Hacking by Non-State Actors as Proportionate Countermeasures to Transboundary Cyberharm, Columbia Journal of Transnational Law 52 (2013), p. 275; Hathaway et al, The Law of Cyber-Attack, California Law Review 100.4 (2012), p. 817; Hathaway et al., France: Cyber Readiness at a glance, Potomac Institute for Policy Studies, 2016, available at: http://www.potomacinstitute.org/images/CRI/CRI_France_Profile_PIPS.pdf; Herr/Herrick, Understanding Military Cyber Operations, in: Harrison/Herr, Cyber Insecurity, Rowman & Littlefield, 2016, p. 259; HM Government, UK National Cyber Security Strategy 2016–2021, available at: https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/567242/national_cyber_ security_strategy_2016.pdf; Home Affairs Committee, Radicalisation – Eighth Report of Session 2016 – 17, House of Commons, 2016, available at: https://publications.parliament.uk/pa/cm201617/cmselect/cmhaff/ 135/135.pdf: Hulnick, Intelligence theory: seeking better models, in: Phythian (ed.), Understanding the Intelligence Cycle, Routledge, 2013, p. 149; Mattern et al., Operational Levels of Cyber Intelligence, International Journal of Intelligence and Counterintelligence 27.4 (2014), p. 702; Intelligence and National Security Alliance, Cyber Intelligence: Setting the landscape for an emerging discipline, 2011, available at: https://www.insaonline.org/resources/publications/; Intelligence and National Security Alliance, Operational Levels of Cyber Intelligence, 2013, available at: https://www.insaonline.org/resources/publications/; Intelligence and National Security Alliance, Tactical Cyber Intelligence, 2015, available at: https://www. insaonline.org/resources/publications/; Johnson, National Security Intelligence, in: Johnson (ed.), The Oxford Handbook of National Security Intelligence, Oxford Handbooks, 2010, p. 3; Julisch, Understanding and overcoming cyber security anti-patterns, Computer Networks 57.10 (2013), p. 2206; Kenney, Cyberterrorism in a Post-Stuxnet world, in: Williams/Fiddner (eds.), Cyberspace: Malevolent Actors, Criminal Opportunities, and Strategic Competition, United States Army War College Press, 2016, p. 153; Kesan/ Hayes, Mitigative Counterstriking: Self-Defense and Deterrence in Cyberspace, Harvard Journal of Law & Technology 25.2, p. 431; Korzak, UN GGE on Cybersecurity: The End of an Era?, 2017, available at: http:// thediplomat.com/2017/07/un-gge-on-cybersecurity-have-china-and-russia-just-made-cyberspace-lesssafe; Krause, NATO on its Way Towards a Comfort Zone in Cyber Defence, CCDCOE, 2014, available at: http://www.ccdcoe.com/sites/default/files/multimedia/pdf/TP_03.pdf; Lewis, Aux Armes, Citoyens: Cyber Security and Regulation in the United States, Telecommunications Policy 29.11 (2005), p. 821; Lewis, Confidence-building and international agreement in cybersecurity, in Disarmament Forum 4/2011, p. 51; Lewis, The Role of Offensive Cyber Operations in NATO’s Collective Defence, Tallinn Paper no. 8, CCDCOE, 2015, available at: https://ccdcoe.org/sites/default/files/multimedia/pdf/TP_08_2015_0.pdf; Lewis/Timlin, Cybersecurity and Cyberwarfare, UNIDIR, Center for Strategic and International Studies, 2011, available at: http://unidir.org/publications; Lewis/Zheng/Carter, The Effect of Encryption on Lawful Access to Communications and Data, Center for Strategic & International Studies, 2017, available at: https://ec.europa.eu/home-affairs/sites/homeaffairs/files/what-we-do/policies/organized-crime-and-humantrafficking/encryption/csis_study_en.pdf; Lin, Ethics of Hacking Back, Emerging Sciences Group, 2016, available at http://ethics.calpoly.edu/hackingback.pdf; Lotrionte, Cyberwar: Building a Normative and Legal-Based Approach for Cyberdeterrence, in: Beck (ed.), Law and Disciplinarity. Thinking Beyond Borders, Palgrave Macmillan, 2013, p. 67; Luiijf/te Paske, Cyber Security of Industrial Control Systems, 2015, available at: http://publications.tno.nl/publication/34616507/KkrxeU/luiijf-2015-cyber.pdf; Mačák, From Cyber Norms to Cyber Rules: Re-engaging States as Law-makers, Leiden Journal of International Law 30 (2017), available at: https://ssrn.com/abstract=2961821; Mačák, Is the international law of cyber security in crisis?, in Pissanidis/Rõigas/Veenendaal (eds.), 8th International Conference on Cyber Conflict (CyCon), NATO CCD COE Publications, 2016, p. 127; Mälksoo, From the ESS to the EU Global Strategy: external policy, internal purpose, Contemporary Security Policy 37.3 (2016), p. 374; Mandt, Integrating Cyber-Intelligence Analysis and Active Cyber-Defence Operations, Journal of Information Warfare 16.1

Tropina/von zur Mühlen

123

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:43 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda (2017), p. 31; Markoff, Explanation of Position at the Conclusion of the 2016–2017 UN Group of Governmental Experts (GGE) on Developments in the Field of Information and Telecommunications in the Context of International Security, 2017, available at: https://www.state.gov/s/cyberissues/releasesandremarks/272175.htm; Marxsen, Verfassungsrechtliche Regeln für Cyberoperationen der Bundeswehr, JuristenZeitung 2017, p. 543; Maurer, Cyber Mercenaries, Cambridge University Press, 2018; Maurer, Cyber norm emergence at the United Nations – An analysis of the activities at the UN regarding Cyber-security, 2011, available at http://belfercenter.ksg.harvard.edu/files/maurer-cyber-norm-dp-2011-11-final.pdf; McAfee Labs, 2016 Threats Predictions, available at: https://www.mcafee.com/us/resources/reports/rpthreats-predictions-2016.pdf; McGhee, Cyber Redux: The Schmitt Analysis, Tallinn Manual and US Cyber Policy, Journal of Law and Cyber Warfare, 2/2013, p. 64; Ministère des Armées, French White Paper on Defence and National Security 2013, available at: http://www.defense.gouv.fr/english/dgris/ defence-policy/white-paper-2013/white-paper-2013; Muller, Cyber Security Capacity Building in Developing Countries: Challenges and Opportunities, NUPI Report, no. 3 2015, available at: https://brage.bibsys. no/xmlui/bitstream/id/331398/NUPI+Report+03-15-Muller.pdf; NATO StratCom COE, Social Media as a Tool of Hybrid Warfare, 2016, available at: https://www.stratcomcoe.org/social-media-tool-hybridwarfare; Neutze/Nicholas, Competition, Conflict, and Innovation Demand Effective Cyber Security Norms, Georgetown Journal of International Affairs: International Engagement on Cyber, 2013, p. 3; Nielsen, Pursuing Security in Cyberspace: Strategic and Organizational Challenges, Orbis 56.3 (2012), p. 336; Nieuwboer, National intelligence authorities and surveillance in the EU: Fundamental rights safeguards and remedies, Report on the Netherlands, legal update, European Union Agency for Fundamental Rights, 2016, available at: http://fra.europa.eu/sites/default/files/fra_uploads/the-netherlandsstudy-data-surveillance-ii-nl.pdf; OAS, American States’ Inter-American Integral Strategy to Combat Threats to Cyber Security, available at: https://www.oas.org/juridico/english/cyb_pry_strategy.pdf; Obiso, Cybersecurity: Capacity Building and Emergency Response, 2014, available at: https://itu4u.wordpress.com/ 2014/05/27/cybersecurity-capacity-building-and-emergency-response/; OECD, Computer-Related Criminality: Analysis of Legal Policy in the OECD Area, Report DSTI-ICCP 84.22, 1986; OECD, OECD Recommendation of the Council on the Protection of Critical Information Infrastructures, 2008, available at: http://www.oecd.org/sti/40825404.pdf; Office of the Director of National Intelligence, Assessing Russian Activities and Intentions in Recent US Elections, 2017, available at: https://www.dni.gov/files/ documents/ICA_2017_01.pdf; Omand/Bartlett/Miller, Introducing Social Media Intelligence (SOCMINT), Intelligence and National Security Journal 27.6 (2012), p. 801; Osula/Rõigas, in Osula/Rõigas (eds.), International Cyber Norms – Legal, Policy & Industry Perspectives, NATO CCD CoE, 2016, p. 11, available at: https://ccdcoe.org/sites/default/files/multimedia/pdf/InternationalCyberNorms_full_book. pdf; Ott, Conflict in Cyberspace: How International Legal Norms Can Reduce Military Escalation in Cyberspace, Fletcher Security Review 3.1 (2017), p. 67; Pernik, Improving Cyber Security: NATO and the EU, International Centre for Defence Studies, 2014, available at: https://www.icds.ee/fileadmin/media/ icds.ee/failid/Piret_Pernik_-_Improving_Cyber_Security.pdf; Pipyros et al, A new strategy for improving cyberattacks evaluation in the context of Tallinn Manual, Computers & Security 74 (2017), p. 371; Richards, Pedalling hard: further questions about the Intelligence Cycle in the contemporary era, in: Phythian (ed.), Understanding the Intelligence Cycle, Routledge, 2013, p. 43; Robinson, EU Cyber-Defence: A Work in Progress, EUISS ISSUE Briefs 10/2014, available at: https://www.files.ethz.ch/isn/182329/ Brief_10_Cyber_defence.pdf; Schmitt (ed.), Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations, Cambridge University Press, 2017; Schmitt/Vihul, International Cyber Law Politicized: The UN GGE’s Failure to Advance Cyber Norms, Friday, 2017, available at: https://www.justsecurity.org/ 42768/international-cyber-law-politicized-gges-failure-advance-cyber-norms/; Scott/Spaniel, Rise of the Machines: The Dyn Attack Was Just a Practice Run, Institute for Information Infrastructure Protection, 2016, available at: http://icitech.org/wp-content/uploads/2016/12/ICIT-Brief-Rise-of-the-Machines.pdf; Secretariat of the Security Committee, Finland’s Cyber security Strategy 2013, available at: http://www. defmin.fi/files/2378/Finland_s_Cyber_Security_Strategy.pdf; Segal, The Development of Cyber Norms at the United Nations Ends in Deadlock. Now What?, 2017, available at: https://www.cfr.org/blog/development-cyber-norms-united-nations-ends-deadlock-now-what; Serrano, Cybersecurity: towards a global standard in the protection of critical information infrastructures, European Journal of Law and Technology 6.3 (2015), available at: http://ejlt.org/article/view/396/592; Shackelford et al., Making Democracy Harder to Hack, University of Michigan Journal of Law Reform 50:3 (2017), p. 630; Shakarian/Shakarian/ Ruef, Introduction to Cyber-Warfare: A Multidisciplinary Approach, Syngress, 2013; Shane/Perlroth/ Sanger, Security Breach and Spilled Secrets Have Shaken the N.S.A. to its Core, New York Times, December 12 2017, available at https://nyti.ms/2ji4LZ0; Shimeall, From Cyber Crime to Cyber War: Indicators and Warnings, in: Williams/Fiddner (eds.), Cyberspace: Malevolent Actors, Criminal Opportunities, and Strategic Competition, United States Army War College Press, 2016, p. 545; Sieber, Mastering Complexity in the Global Cyberspace: The Harmonization of Computer-Related Criminal Law, in Delmas-Marty et al. (eds.): Les chemins de l’Harmonisation Pénale/Harmonising Criminal Law, Société de législation comparée, Paris, 2008, p. 127; Sieber/Neubert, Transnational Criminal Investigations in

124

Tropina/von zur Mühlen

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:44 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Intelligence in Cyberspace Cyberspace: Challenges to National Sovereignty, Max Planck Yearbook of United Nations Law 20 (2016), p. 241; Sommer/Brown, Reducing Systemic Cybersecurity Risk, OECD, 2011, available at: https://www. oecd.org/gov/risk/46889922.pdf; Sophos, Security Threat Report 2012, available at: https://www.sophos. com/medialibrary/pdfs/other/sophossecuritythreatreport2012.pdf; Sterner, The Paradox of Cyber Protest, George C. Marshall Institute, 2012, available at: http://marshall.org/science-and-tech/the-paradox-ofcyber-protest/; Stouffer, Guide to Industrial Control Systems (ICS) Security, NIST Special Publication 800-82 (Revision 2), 2015, available at: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.80082r2.pdf; Styczynsky/Beach-Westmoreland/Stables, When the lights went out: A comprehensive review of the 2015 attacks on Ukrainian critical infrastructure, Booz Allen Hamilton, 2016, available at: https:// www.boozallen.com/content/dam/boozallen/documents/2016/09/ukraine-report-when-the-lights-wentout.pdf; Symantec, Internet Security Threat Report, 2017, available at: https://www.symantec.com/security-center/threat-report; Thornton, The Changing Nature of Modern Warfare, The RUSI Journal, 160:4 (2015), p. 40; Tiirmaa-Klaar, Cyber Diplomacy: Agenda, Challenges and Mission, in: Ziolkowski (ed.), Peacetime Regime for State Activities in Cyberspace, NATO CCD COE Publications, 2013, p. 509; Tiirmaa-Klaar/Gassen/Gerhards-Padilla/Martini, Botnets, Cybercrime and National Security, in: Botnets, SpringerBriefs in Cybersecurity, Springer, 2013; Tikk-Ringas, International Cyber Norms Dialogue as an Exercise of Normative Power, Georgetown Journal of International Affairs, 17.3 (2016), p. 47; Tikk/Kaska/ Vihul, International Cyber Incidents: Legal Considerations, NATO Cooperative Cyber Defence Centre of Excellence (CCD COE), 2010, available at: https://ccdcoe.org/publications/books/legalconsiderations.pdf; Trimintzios et al., Cybersecurity in the EU Common Security and Defence Policy (CSDP), European Parliamentary Research Service, 2017, available at: http://www.europarl.europa.eu/RegData/etudes/ STUD/2017/603175/EPRS_STU(2017)603175_EN.pdf; Tropina, Comparative Analysis, in Sieber/von zur Mühlen, (eds.), Access to Telecommunication Data in Criminal Justice, Duncker & Humblot, 2016, p. 9; Tropina, Organized Crime in Cyberspace, in: Heinrich-Böll-Stiftung/Schönenberg (eds.), Transnational Organized Crime: Analyses of a Global Challenge to Democracy, transcript Verlag, 2013, p. 47; Tropina, Public–Private Collaboration: Cybercrime, Cybersecurity and National Security, in: Tropina/Callanan (eds.), Self- and Co-regulation in Cybercrime, Cybersecurity and National Security, SpringerBriefs in Cybersecurity, Springer, 2015; Tsagourias, Cyber attacks, self-defence and the problem of attribution, Journal of Conflict and Security Law 17.2 (2012), p. 229; United Nations Office on Drugs and Crime, Comprehensive Study on Cybercrime, Vienna, 2013; United Nations, Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security, 2013, available at: http://www.un.org/ga/search/view_doc.asp?symbol=A/68/98; United Nations, Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security, 2015, available at: http://www.un.org/ga/ search/view_doc.asp?symbol=A/70/174; UNODC, The use of the Internet for terrorist purposes, 2012, available at: https://www.unodc.org/documents/frontpage/Use_of_Internet_for_Terrorist_Purposes.pdf; Uthoff, Strategic Cyber Intelligence: An Examination of Practices across Industry, Government, and Military, in: Lemieux (ed.), Current and Emerging Trends in Cyber Operations, Palgrave Macmillan, 2015, p. 198; van der Meer, Defence, Deterrence, and Diplomacy: Foreign Policy Instruments to Increase Future Cybersecurity, in Samuel/Sharma (eds.), Securing Cyberspace: International and Asian Perspectives, Pentagon Press, 2016, p. 95; Veenendaal/Kaska/Brangetto, Is NATO Ready to Cross the Rubicon on Cyber Defence? Cyber Policy Brief, available at: https://ccdcoe.org/sites/default/files/multimedia/pdf/NATO% 20CCD%20COE%20policy%20paper.pdf; von zur Mühlen/Tropina, Delikte in der digitalen Sphäre – Die Vereinten Nationen im Kampf gegen Cyberkriminalität, Vereinte Nationen 2/2016, p. 56; Watney, The way forward in addressing cybercrime regulation on a global level, Journal of Internet Technology and Secured Transactions 1.3 (2012), p. 61; Williams/Shimeall/Dunlevy, Intelligence Analysis for Internet Security, Contemporary Security Policy 23.2 (2002), p. 1; Wirtz, The Cyber Pearl Harbor, Intelligence and National Security 32.6 (2017), p. 758; Ziolkowski, Confidence Building Measures for Cyberspace, in: Ziolkowski (ed.), Peacetime Regime for State Activities in Cyberspace, NATO CCD COE Publications, 2013, p. 533.

A. Introduction Addressing security challenges resulting from modern information and communica- 1 tion technologies in the recent decade has become one of the key priorities on the agenda for policy-makers, business, law enforcement and intelligence community in many nation states. Cyberspace is frequently characterised by a “continuous state of insecurity”,2 caused by the blurring borders between public and private, civil and 2

Mandt, Journal of Information Warfare 16.1 (2017), 31 (32).

Tropina/von zur Mühlen

125

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:44 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

military, the transnational character of threats and their potential impact, and the low entry barriers for malicious cyber actors. The dependency of all the aspects of the society’s functioning on information and communication technologies creates “a new multi-dimensional attack space”,3 where any adversary can target physical, logical, social layers of the cyberspace and move between them. The possibilities to attack critical infrastructure have prompted the nation states to develop both offensive and defensive capabilities for the cyberattacks, which might potentially bring cyberspace onto the “brink of arm race”.4 2 Tackling the multitude of cyber threats requires a comprehensive and proactive approach, which, in addition to legal and regulatory frameworks, international cooperation, involvement of private industry, should include tools to mitigate and prevent the risks in cyberspace. This chapter analyses the role of cyber intelligence – collection and analysis of information about, comprehensive assessment of and reaction to the activities, capabilities and intentions of adversaries and malicious actors in the cyber domain – in developing an adequate response to the cyber threats, with a special focus on the European context. 3 The following part of the chapter – Section B – examines the threat landscape by analysing both the types of malicious actors and different types of threats. Section C focuses on different cybersecurity regimes developed to tackle threats in cyberspace. The last part – Section D – discusses the definition of cyber intelligence and its role in addressing the cybersecurity issues in general and in Europe in particular.

B. Threats Landscape I. Actors Understanding the different types of threats is crucial in developing an adequate response to them, because it brings a particular cybersecurity challenge to a specific domain, such as national security, critical information infrastructure protection or criminal investigations. The threats can be characterised and distinguished based on different factors: tools, targets, actors and their motivations, and types of malicious activity. However, not every factor plays the determining role in making a proper distinction. While understanding of tools and targets is critical for addressing the cybersecurity threats, the same technical means can be used by different type of actors – for example, the networks of compromised computers (botnets) could be used for both commission of crimes against individuals and attacks against critical infrastructure. Furthermore, different actors can attack the same object: for instance, financial industry can be an attractive target for both organised cybercriminals motivated by financial gains, hacktivists with intent to bring attention to their political cause and state-backed actors involved in cyber-espionage.5 5 Therefore, the motivation of malicious actors becomes one of the most important factors in assessing the level of a particular cybersecurity threat and the capability of the 4

3 Intelligence and National Security Alliance, Cyber Intelligence, 2011, 5, available at: https://www. insaonline.org/resources/publications/. 4 Baylon, “Challenges at the Intersection of Cyber Security and Space Security”, Chatham House Research Paper, 2014, 7, available at: https://www.chathamhouse.org/publications/. 5 See Cilluffo, A Global Perspective on Cyber Threats, 2015, 3, available at: https://cchs.gwu.edu/ testimonies.

126

Tropina/von zur Mühlen

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:45 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Intelligence in Cyberspace

attackers.6 Depending on the motivation, intentions and capabilities of the actors, the most common typology is a distinction between four different types of attackers: criminals, terrorists and hacktivists, and nation states (or state-supported actors).7

1. Cybercriminals In the past few decades, the scene of cybercrime has changed dramatically. From 6 being dominated by hackers committing the crimes out of curiosity or to test the security of the systems, cybercrime transformed into a complex and thriving digital underground economy, where both stand-alone criminals and criminal organisations are mostly motivated by financial gain. The underground economy of cybercrime is nowadays based on the monetary value of data as an illegal commodity and the development and trade of tools for commission of crimes. Both commodities are easily being moved across national borders and traded in underground online marketplaces. Illicit business of cybercrime shows many similarities with legitimate business models: criminals employ decentralisation, product placement, outsourcing, subcontracting, and networking. Highly sophisticated criminal-to-criminal services offer “crime as service” tools, including training tutorials, while making them available for “customer” demand at relatively low prices compared with the potential illicit profits.8 The growth of the dark market and criminal organisations in cyberspace, according to some opinions, already went to a scale that represents a potential threat to global economic integrity.9

2. Terrorists For many years, terrorists have been using the Internet for fundraising, recruiting, 7 training, planning and collection of information about targets.10 For example, the Islamic State effectively maximised its efforts to use modern telecommunication platforms like social networks and (often encrypted) messaging services to spread propaganda and recruit terrorists worldwide.11 Many of the recent attacks in Europe and the US linked to a radical Islamic motivation were committed by perpetrators who were radicalised over the Internet within a short period of time and carried out the attack in the name of ISIS without having a direct connection to the group.12 However, the level of threat that such groups and individuals pose to targets like 8 critical information infrastructure is unclear yet. While terrorist organisations might have a significant interest in cyberspace operations – for instance, the Islamic State definitely has an intention to engage in cyberattacks13 – many experts question their

6 Danish Centre for Cyber Security, Threat Assessment: The Cyber Threat Against Denmark, 2017, 3, available at: https://fe-ddis.dk/eng/Products/Intelligence-Risk-Assessments/. 7 See Cilluffo, A Global Perspective on Cyber Threats, 2015, 2, available at: https://cchs.gwu.edu/ testimonies. 8 Tropina, in: Heinrich-Böll-Stiftung/Schönenberg (eds.), Transnational Organized Crime: Analyses of a Global Challenge to Democracy, 2013, 52. 9 Cilluffo, A Borderless Battle: Defending Against Cyber Threats, 2017, 5, available at: https://cchs.gwu. edu/testimonies. 10 UNODC, The use of the Internet for Terrorist Purposes, 2012, 3 et seq., available at: https://www. unodc.org/documents/frontpage/Use_of_Internet_for_Terrorist_Purposes.pdf. 11 Alarid, “Recruitment and Radicalization: The Role of Social Media and New Technology”, in: Hughes/Miklaucic (eds.), Impunity: Countering Illicit Power in War and Transition, 2016, 313 et seq. 12 See (UK) Home Affairs Committee, 2016, mn. 23, available at: https://publications.parliament.uk/pa/ cm201617/cmselect/cmhaff/135/135.pdf. 13 Department of Defense, The DoD Cyber Strategy, 2015, 9, available at: https://www.hsdl.org/? abstract&did=764848.

Tropina/von zur Mühlen

127

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:45 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

ability to carry out a truly disruptive attack.14 This might be attributed to the fact that to achieve their aims terrorists have to tackle the information systems in a way that can cause physical harm and loss of lives,15 but it is still hard for them to develop such capabilities. Nevertheless, several less severe attacks like, for instance, the unauthorised alteration of websites (so-called defacements) have been conducted by groups that claimed to be connected to ISIS, although in some cases the question of attribution remains unclear.16

3. Hacktivists 9

Hacktivists use cyber capabilities to attack governments, individuals and corporations to bring attention to their political and social agenda or ideology. Some of the hacktivists groups, such as Anonymous, have been successfully building their “brands” for several decades already.17 Groups like Lulz Security (LulzSec) and Anonymous targeted high-profile organisations and businesses by carrying out distributed denial of service (DDoS) attacks, defacing websites, redirecting traffic, and leaking data. LulzSec’s victims include the Church of Scientology, the FBI, the CIA, the US Senate and Justice Department, MasterCard, Visa, Sony, the Wall Street Journal, Vatican City and others.18 The recent trend in hacktivism show copycat attacks carried out by groups acting like hacktivists but without clear political or social cause. Some reports predict that this might be the beginning of a new era of hacktivism, when malicious actors with hard-todetermine motives can use hacktivism as a mask, making attribution harder.19

4. Nation states and state-supported actors 10

National states are increasingly getting engaged in economic and industrial espionage and intelligence gathering. Furthermore, some states have been allegedly involved in computer network and critical information infrastructure attacks.20 Consequently, it is nation states and actors used as proxies (especially organised cybercrime groups and hacktivists)21 or backed up by the states that represent the most advanced and persistent threat to cybersecurity. Even when states are not proactively engaged in malicious activity, they still can collect and use intelligence for their military planning and doctrines, for offensive and defensive capabilities and for getting engaged in classic espionage.

14 Kenney, in: Cyberspace: Malevolent Actors, Criminal Opportunities, and Strategic Competition, Williams/Fiddner (eds.), 2016, 153 (154); Cilluffo, A Global Perspective on Cyber Threats, 2015, 2, available at: https://cchs.gwu.edu/testimonies. 15 See Brunst, in Wade Maljević(eds.), A War on Terror?, 2010, 51 (65 et seq.). 16 In April 2015, hackers disrupted the internal broadcasting system of the French TV channel TV5Monde and posted material on its social media feeds including protest against French military action in Iraq. Although the attack was initially attributed to ISIS, according to reports French authorities later suspected the involvement of the hacking group named “Fancy Bear” that is allegedly linked to the Russian military intelligence agency GRU, see http://reut.rs/1IGfCBo. 17 McAfee Labs, 2016 Threats Predictions, 36, available at: https://www.mcafee.com/us/resources/ reports/rp-threats-predictions-2016.pdf; Sophos, Security Threat Report 2012, 4, available at: https:// www.sophos.com/medialibrary/pdfs/other/sophossecuritythreatreport2012.pdf. 18 Sterner, The Paradox of Cyber Protest, 2012, 2, available at: http://marshall.org/science-and-tech/theparadox-of-cyber-protest/. 19 McAfee Labs, 2016 Threats Predictions, 36–37, available at: https://www.mcafee.com/us/resources/ reports/rp-threats-predictions-2016.pdf. 20 Cilluffo, A Global Perspective on Cyber Threats, 2015, 3–4, available at: https://cchs.gwu.edu/ testimonies. 21 Maurer, Cyber Mercenaries, 2018, 16 et seq.

128

Tropina/von zur Mühlen

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:46 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Intelligence in Cyberspace

The difference between cybercriminals and state-backed hackers is that the latter can 11 be a part of the nation state’s military or security organisations. For example, North Korea allegedly possesses sophisticated military offensive cyber operations capabilities that were involved in several malicious cyber activities since 2009.22

5. Actors’ motivation and attribution issue The differentiation of the threats based on motivation, albeit being helpful for 12 attribution to a specific domain, is still suffering from the lack of clear borders: actors can blend together, collaborate to advance their cyber capabilities and provide cover for each other.23 Organised cybercriminals can assert the interests of a particular nation state,24 and politically motivated attackers work with nation states to advance their goals. This behaviour increases the chance of attribution mistake or of a miscalculation when assessing cybersecurity risks. For example, it is alleged that Russia and other states use the capabilities of criminal organisations operating in the cyber domain.25 Furthermore, due to the anonymity of the internet and the lack of attribution, it is not always possible to define with certainty whether a cybersecurity threat is backed up by the nation state or motivated by financial gain only. Despite the lack of clear borders, the motivation behind the act is still a crucial factor 13 because an effective response to the threat from one actor in some cases cannot be used against others. For instance, a nation state as a threat cannot be deterred by the same methods as organised cybercrime or a terrorist group: while dismantling organised crime online would be the domain of criminal law, the destructive attack of one state on another can raise the issue to the level of war and applicability of humanitarian law.26

II. Threats to confidentiality, availability and integrity of data and systems The spectrum and multitude of cybersecurity threats are determined by the variety of 14 actors that can use cyberspace for malicious activity, and the wide array of tools and targets available to them. While the threats go beyond the criminal acts committed in cyberspace, not every criminal activity would represent a cybersecurity threat. For example, the crime creation, sharing, accessing of child abuse images, while clearly falling into the domain of criminal investigations, will not constitute a cybersecurity threat as it does not endanger or target the computer systems or data. At the same time, other crimes that use social engineering techniques in addition to digital tools would clearly belong to cybersecurity threats, because they include manipulation or interference with computer data and contribute into the underground economy of cybercrime. This includes the cases of phishing or computer fraud, and, under certain conditions also acts posing a risk to national security, for example, the use of social engineering to get access to protected systems for espionage. 22 Office of the Secretary of Defense, Military and Security Developments Involving the Democratic People’s Republic of Korea, 2017, 13 et seq, available at: https://fas.org/irp/world/dprk/dod-2017.pdf. 23 Department of Defense, The DoD Cyber Strategy, 2015, 9, available at: https://www.hsdl.org/? abstract&did=764848. 24 Shimeall, From Cyber Crime to Cyber War: Indicators and Warnings, in: Cyberspace: Malevolent Actors, Criminal Opportunities, and Strategic Competition, Williams/Fiddner (eds.), 545 (548). 25 See supra fn 16 and infra fn 31. 26 Sommer/Brown, Reducing Systemic Cybersecurity Risk, 11, available at: https://www.oecd.org/gov/ risk/46889922.pdf.

Tropina/von zur Mühlen

129

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:46 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

Therefore, classification of cybersecurity threats should not be attached only to criminal activities. Depending on the type and motivation of the attackers the threats are much broader than the domain of cybercrime and require different responses depending on the target, on the attacker, and types of data or systems that are endangered by a particular threat. 16 Threats are interdependent and are not mutually exclusive. For example, unauthorised access to data and systems can be used for interference or modification of data. Furthermore, denial of service attacks with the use of botnets would not be possible if the attackers did not get illegal access to the system by compromising it with malware and “zombying” it.27 Thus, while there is a distinction between different type of acts depending on the “core” activity and targets, they can complement each other in a particular malicious act. 15

1. Unauthorised access to data and systems Unauthorised access to computer data and systems – the so-called hacking – as a danger goes beyond just a criminal offence of accessing computer systems. This is a “meta-threat” because in many cases it is the first essential step for stealing sensitive information, modification and destruction of data, unauthorised disclosure and other activities. 18 Any type of malicious actor relies on an unauthorised access in achieving their aims. Cybercriminals use access for further commission of fraud and identity theft or for unauthorised disclosure of data. Illegal access with the purpose of unauthorised disclosure is also the tool of some hacktivists, such as in the case of the “Ashley Madison” breach, when in 2015, a group of highly skilled hacktivists “The Impact Team,” hacked into the extramarital websites owned by Avid Life Media, in particular, Ashley Madison website. The group threatened to expose information about clients if the site is not shut down. Later they leaked personal data of 32 million users publicly on the dark net.28 19 Illegal access is also a core threat when it comes to the state-supported malicious activity. Unauthorised intrusion into computer systems lies at the core of industrial and economic espionage and other dangers posed by nation states or state-backed actors. One of the examples, which went far beyond unauthorised access, is the so-called “Sony Hack”, when malicious actors, allegedly supported by North Korea and possibly in retaliation for a comedy movie, carried out an intrusion into the systems of Sony Pictures Entertainment. The unauthorised access led to the theft of confidential business information, sensitive data about Sony employees, celebrities and contractors. The access was combined with a destructive cyberattack and followed by coercion, threats of violence of terrorism.29 20 Unauthorised access is not always a pure technical threat: the access can be obtained by both “hacking” (unauthorised intrusion into the computer systems) and by social engineering techniques like phishing, when the target is lured to disclose access credentials. This happens both in cybercrime and in state-supported malicious acts. For example, the Danish Defence Intelligence Service reported that in 2015 and 2016 the same foreign actor repeatedly attempted to access data of the Danish Ministry of Foreign Affairs and the Ministry of Defence via phishing campaigns, which were carried 17

27 European Parliament, Cybersecurity in the European Union and Beyond, 2015, 38, available at: http:// www.europarl.europa.eu/RegData/etudes/STUD/2015/536470/IPOL_STU(2015)536470_EN.pdf. 28 https://www.wired.com/2015/08/happened-hackers-posted-stolen-ashley-madison-data/. 29 Department of Defense, The DoD Cyber Strategy, 2015, 1–2, available at: https://www.hsdl.org/? abstract&did=764848.

130

Tropina/von zur Mühlen

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:47 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Intelligence in Cyberspace

out against targeted individuals with the aim to reveal their login information. In addition to phishing, the attackers tried to access email accounts by the use of automated testing of passwords.30 Tailored phishing attacks against specific individuals – the so-called “spear-phishing” – also have been conducted to compromise the personal e-mail accounts of Democratic Party officials during the 2016 US election.31

2. Illegal interception Illegal interception of electronic communications endangers the confidentiality of 21 computer data and interconnected systems. Interception can be carried out by any malicious actor with the goal to obtain sensitive data – be it from individuals, for corporate espionage or for other intelligence purposes. Some of the interception methods exploit the weaknesses in the critical Internet infrastructure, like vulnerabilities in the Border Gateway Protocol (BGP), which is responsible for the entire Internet traffic routing. The so-called BGP-hack allows hackers to compromise the routers and redirect the traffic into a system under their control, hijacking the traffic without either sender or recipient noticing that the traffic had been intercepted at some unscheduled stop.32 Illegal interception can be performed by intelligence agencies in a foreign jurisdiction to collect sensitive information: for example, different documents released by National Security Agency (NSA) whistleblower Edward Snowden and by WikiLeaks indicate that the German Chancellery as well as (in a specific case) communications from the German foreign intelligence agency and the German federal criminal office were a target for interception by the US NSA.33

3. Interference with computer data and systems From computers of individual users to the obstruction of critical infrastructure – 22 interference with data and systems is probably the most common type of threat endangering availability and integrity of data. It can include denial of service attacks, destruction of data, and data modification. Currently, the denial of service attacks, ransomware, and targeted attacks against critical infrastructure can be considered as the most dangerous cyber threats. a) Denial of service and computer sabotage Computer sabotage, or denial of service is one of the most straightforward cyberse- 23 curity threats.34 DDoS (distributed denial of service) attacks have a major impact on the operation of the businesses by limiting the availability and accessibility of data and services to customers or public. DDoS attacks can be used by different actors: criminals employ them for blackmailing the businesses to pay money to stop the attack or under further threat to destroy the data, hacktivists carry this type of attacks to achieve their political goals, and nation states can use DDoS in political conflicts. 30 Danish Centre for Cyber Security, Threat Assessment: The cyber threat against Denmark, 2017, 4, available at: https://fe-ddis.dk/eng/Products/Intelligence-Risk-Assessments/. 31 Department of Homeland Security/Federal Bureau of Investigation, Joint Analysis Report on GRIZZLY STEPPE, 2016, 2, available at https://www.us-cert.gov/security-publications/; Office of the Director of National Intelligence, Assessing Russian Activities and Intentions in Recent US Elections, 2017, 2, available at: https://www.dni.gov/files/documents/ICA_2017_01.pdf. 32 For a recent example of a BGP-hack see Zetter, Someone’s Been Siphoning Data Through a Huge Security Hole in the Internet, available at: https://www.wired.com/2013/12/bgp-hijacking-belarus-iceland/. 33 Gebauer/Moltke/Sontheimer, Spiegel Online, 29.09.2015, available at: http://www.spiegel.de/international/world/new-snowden-document-reveals-us-spied-on-german-intelligence-a-1055055.html. 34 European Parliament, Cybersecurity in the European Union and Beyond, 2015, 39, available at: http:// www.europarl.europa.eu/RegData/etudes/STUD/2015/536470/IPOL_STU(2015)536470_EN.pdf.

Tropina/von zur Mühlen

131

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:47 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda 24

In most of the cases the interference is performed with the use of botnets – the robot networks that consist of compromised “zombie” computers, exploited without the knowledge of their owners.35 The recent attacks showed also that the botnets started exploiting the vulnerabilities of the Internet of Things by targeting poorly secured home devices connected to the Internet. In October 2016 the botnet operating with the use of Mirai malware brought parts of the Internet infrastructure on the US east coast offline by launching a coordinated attack on Dyn – a company that controls big parts of the domain name system.36 Later in December 2016 the same botnet was used to attack home routers, particularly affecting the customers of Deutsche Telekom in Germany and TalkTalk in the UK, bringing millions of users in Europe offline.37

b) Ransomware 25 Ransomware is a type of malicious software that interferes with computer networks or individual devices, encrypts the data and locks access to it, allowing malicious actors to demand a ransom for restoring the access. The first ransomware – the “PC Cyborg Trojan” – was documented as early as in 1989.38 Nowadays, almost three decades later, ransomware became an attractive tool for financial profit.39 26 The recent ransomware attacks – WannaCry and NotPetya – in May and June 2017 demonstrated a significant vulnerability of many computer systems and networks of individuals, businesses and governments to this type of threat. Both types of ransomware used Windows exploits that were leaked by the hacking group Shadow Brokers, possibly stolen from government entities.40 The WannaCry ransomware attack hit, among others, the networks and systems of Telefonica, Deutsche Bahn and NHS hospitals in the UK.41 The NotPetya ransomware attack started in Ukraine through a hacked Ukrainian accountancy software developer and affected some critical systems such as the automatic radiation monitoring systems in Chernobyl, energy companies and government agencies. NotPetya further spread to systems in Russia, Western Europe and the US. 27 According to NATO Cooperative Cyber Defence Centre of Excellence (CCDCoE), NotPetya ransomware had the level of complexity and costs showing that it is highly unlikely being developed by unaffiliated actors. As the poor design of ransomware collection methods made it impossible to cover the costs of the deployment of malware, NATO CCDCOE claims that with high probability NotPetya ransomware was launched either “by a state actor or a non-state actor with support or approval from a state”.42 28

c) Targeted interference with computer data, systems and networks The most dangerous cases of interference with data and systems are represented by targeted attacks, especially those that can possibly be politically motivated. In 2009 Stuxnet worm affected the operations of centrifuges at an Iranian uranium-enrichment 35 Tiirmaa-Klaar/Gassen/Gerhards-Padilla/Martini, Botnets, Cybercrime and National Security, in: Botnets. SpringerBriefs in Cybersecurity, 2013, 2. 36 See Scott/Spaniel, Rise of the Machines: The Dyn Attack was Just a Practice Run, 2016 available at: http://icitech.org/wp-content/uploads/2016/12/ICIT-Brief-Rise-of-the-Machines.pdf. 37 https://www.enisa.europa.eu/publications/info-notes/mirai-malware-attacks-home-routers. 38 Ahn/Doupe/Zhao/Liao, in: Holt (ed.), Cybercrime Through an Interdisciplinary Lens, 2016, 105. 39 According to the FBI, the victims of ransomware in the first quarter of 2016 paid $209 million for restoring access to their data, see http://nbcnews.to/2i5BU8Y. 40 Shane/Perlroth/Sanger, Security Breach and Spilled Secrets Have Shaken the N.S.A. to its Core, New York Times, December 12 2017, available at https://www.nytimes.com/2017/11/12/us/nsa-shadow-brokers.html. 41 CERT-EU, WannaCry Ransomware Campaign Exploiting SMB Vulnerability – v1.6, May 22 2017 available at: https://cert.europa.eu/static/SecurityAdvisories/2017/CERT-EU-SA2017-012.pdf. 42 https://ccdcoe.org/notpetya-and-wannacry-call-joint-response-international-community.html.

132

Tropina/von zur Mühlen

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:48 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Intelligence in Cyberspace

plant43 and, as estimated in reports, allegedly caused a partial destruction of approximately 1000 centrifuges.44 The Shamoon virus destroyed hard drives and shut down more than 30,000 computers at major energy companies in the Middle East in 2012 and reappeared several years later, wiping the information from hard drives in Saudi Arabia in November 2016 and January 2017.45 Attacks against power grids in Ukraine in December 2015, when the disruption of energy grids caused power blackout for more than 200,000 customers is yet another example of how data and system interference can be used to attack parts of critical infrastructure.46 d) Advanced persistent threats The term “Advanced persistent threat” (APT) refers to the activities performed by 29 organised criminals or state-supported actors intruding into a network and staying there undetected for an extended period of time, mapping its vulnerabilities and defence, locating and acquiring data, and utilising information that is captured in the course of intrusion. APT is always a customised infiltration, which means that it includes the process of preparation, learning about the technical characteristics of the network, targeting specific defences, collecting access information by technical means and social engineering techniques. Most of the APTs are performed by highly qualified intruders and target sensitive data related to diplomacy, politics, and intelligence services.47 e) Threats to critical infrastructure Critical infrastructures today mostly rely on software-based control systems and, 30 therefore, are increasingly becoming dependent on information technologies, which makes them also interrelated and interdependent.48 Cyberattacks against critical infrastructures, such as electricity and water supply, healthcare, transportation, financial services, can disrupt the supply of essential services and have devastating effect on public safety. The recent attacks such as above-mentioned Ukrainian power outage in 2015 and nuclear plant attacks in December 2014 in South Korea, where a state-run nuclear operator was the subject of a theft of sensitive data such as blueprints of nuclear reactors and electrical flow charts,49 show how vulnerabilities of the critical infrastructures can potentially cause significant damage. The alleged hacks of Russian Government on the email servers of the Democratic National Committee in the US raised the debate of the possibility of the nation state not only to disrupt the functioning of critical information infrastructures, but to also influence via cyberattacks the political situation in the other countries.50 43 See Shakarian/Shakarian/Ruef, Introduction to Cyber-Warfare: A Multidisciplinary Approach, 2013, 224–235. 44 Baylon/Brunt/Livingstone, Cyber Security at Civil Nuclear Facilities: Understanding the Risks, 2015, 3 available at: https://www.chathamhouse.org/publications/. 45 Symantec, Internet Security Threat Report, 2017, 16–17, available at: https://www.symantec.com/ security-center/threat-report. 46 Styczynsky/Beach-Westmoreland/Stables, When the lights went out: A comprehensive review of the 2015 attacks on Ukrainian critical infrastructure, 2016, available at: https://www.boozallen.com/content/ dam/boozallen/documents/2016/09/ukraine-report-when-the-lights-went-out.pdf. 47 Andress/Winterfeld, Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners, 2013, 154. 48 See ENISA, Methodologies for the identification of Critical Information Infrastructure assets and services, 2015, 1, available at: https://www.enisa.europa.eu/publications/methodologies-for-the-identification-of-ciis. 49 Baylon/Brunt/Livingstone, Cyber Security at Civil Nuclear Facilities: Understanding the Risks, 2015, 3 available at: https://www.chathamhouse.org/publications/. 50 Shackelford et al., Making Democracy Harder to Hack, University of Michigan Journal of Law Reform 50:3 (2017), 630 (632).

Tropina/von zur Mühlen

133

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:48 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

III. “Cyberwarfare”, “Information warfare” and “Hybrid cyberwarfare” The possibility of “cyber Pearl Harbor”51 is being debated for at least a decade. While for the time being there has been no act of “cyberwar” that would have caused deaths or significant damage to human beings, the combination of kinetic attack and cyberattack to multiply the effect of traditional warfare might be a likely scenario in the future.52 Therefore, a growing number of countries are including cyber-conflict in their military considerations by establishing special units, adopting new military doctrines and developing national strategies for cyber defence and capabilities for cyberwarfare.53 Attacks against Estonia in 2007 and Georgia in 2008,54 Stuxnet and Sony Hacks, interference with power grids in Ukraine and NotPetya ransomware gave prominence to the debate on the state and non-state actors’ capability to develop and use the socalled “cyberwarfare” alone or in addition to traditional warfare.55 Moreover, there are raising concerns about exploiting vulnerabilities of critical infrastructure that will allow achieving political aims without armed conflict and with the lower risk of retaliation due to the lack of attribution.56 32 In addition to the debates on cyberwarfare, a recently emerged concept of hybrid warfare in cyber domain is currently changing cybersecurity narratives. This concept was at first meant to address threats combining traditional warfare with cyberattacks. However, in the recent years the threat of propaganda, disinformation and misinformation (the so called “fake news”) and other harmful content spread on the Internet are included into the hybrid warfare narrative.57 The perceived national security threat relates to the use of propaganda together with cyberattacks, such as hacking critical information infrastructures, as a weapon for political destabilisation. 33 This concept represents a major shift in the cybersecurity narrative. In the past Western liberal democracies resisted efforts by groups such as the Shanghai Cooperation Organization to define “subversive content” as a cybersecurity issue. It was widely recognised that cybersecurity threats mostly represent technical threats, and that content regulation requires different sets of legal and policy instruments. Since this debate is relatively new, it is not clear whether the inclusion of the content, threats such as propaganda or “fake news” into the overall concept of cybersecurity threats is temporary or the entire concept will change in the near future. 31

51 This term is widely used as an analogy for a strategic surprise attack against national critical information infrastructure, see e. g. the remarks by Secretary Panetta on Cybersecurity, New York City, 11 October 2012, available at: http://archive.defense.gov/transcripts/transcript.aspx?transcriptid=5136. On the use of the analogy see Goldman/Warner, in: Perkovich/Levite (eds.), Understanding Cyber Conflict, 2017, 147 et seq.; Wirtz, Intelligence and National Security 32.6 (2017), 758 (758 et seq). 52 See European Parliament, Cyber defence in the EU: Preparing for cyber warfare?, Briefing October 2014, available at: http://www.europarl.europa.eu/thinktank/de/document.html?reference=EPRS_BRI (2014)542143. 53 See infra D.V. 54 See for details Tikk/Kaska/Vihul, International Cyber Incidents: Legal Considerations, 2010, available at: https://ccdcoe.org/publications/books/legalconsiderations.pdf. 55 See Greathouse, in: Kremer/Müller (eds.), Cyberspace and International Relations, 2014. 56 Cornish et al. (2010), On Cyberwarfare, 2010, available at https://www.chathamhouse.org/publications/. 57 See e. g. Thornton, The RUSI Journal, 160:4 (2015), 40; NATO StratCom COE, Social Media as a Tool of Hybrid Warfare, 2016, available at: https://www.stratcomcoe.org/social-media-tool-hybrid-warfare.

134

Tropina/von zur Mühlen

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:49 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Intelligence in Cyberspace

C. Cybersecurity Policies and Frameworks I. Tools and policies to address cybersecurity threats The complexity of threats existing in cyberspace blurs the boundaries between 34 different security regimes, such as civil defence, military defence and criminal justice, which previously were considered as distinct domains of policy and regulation.58 Traditionally, both crime and war were the acts of aggression committed in the physical world. The act of war was “unambiguous” and “unique” as mostly only nation states could summon the resources to launch physical aggression on another nation state.59 In case of crime the domain for criminal justice and law enforcement was clear with the ultimate dominance of reactive approach60 to prosecute the offender. This domain was defined in and governed by the criminal law of the sovereign states and mutual legal assistance treaties. With cyber threats, however, the problem of blurring borders between state, non-state and state-supported actors is changing the concept of crime and war and, as a result, erode the division between internal and external public order both for the purpose of prevention of and reaction to cybersecurity incidents. Theoretically, the different cybersecurity policies and regimes can be distinguished 35 based on the nature of threats and approaches to addressing them.61 In reality, however, the cybersecurity regimes are much more multifaceted, fragmented and overlapping. Various binding and non-binding treaties, frameworks and other instruments have been adopted or are being discussed on the international, regional, bilateral and national levels. The subject areas of the responses to cybersecurity threats vary from international law of armed conflict, critical information infrastructure protection to investigation of any crime leaving digital traces, to name but a few. Furthermore, development of cybersecurity regimes differs from traditional way of legislating reaction to aggression in a physical world: states are resorting “to normative activity outside the scope of traditional international law”62 and many of the processes are focused on the so-called “norm-making”, the soft law and non-binding tools as an alternative to international treaties.63 These processes are extremely complex and to a large degree fragmented; however, the policies and frameworks are not limited to norm-making as such. In addition to creation of binding measures and soft law instruments for cyberspace there are efforts related to foreign policy and diplomacy on the bilateral and multi58 See Tropina, in: Tropina/Callanan (eds.), Self- and Co-regulation in Cybercrime, Cybersecurity and National Security, 2015, 6; Bendiek, European Cyber Security Policy, 2012, 6. 59 Brenner, Journal of Criminal Law & Criminology 97.2 (2007), 379 (403). 60 Watney, Journal of Internet Technology and Secured Transactions 1.3 (2012), 63. 61 For example, Maurer suggests “two-stream” model, which differentiates two international (on the level of the UN) approaches to the cybersecurity issues: politico-military stream and economic stream. The former refers to the use of the information technologies for undermining international stability and the latter includes the criminal misuse of information technologies, see Maurer, Cyber norm emergence at the United Nations – An analysis of the activities at the UN regarding Cyber-security, 2011, 6, available at http://belfercenter.ksg.harvard.edu/files/maurer-cyber-norm-dp-2011-11-final.pdf. 62 Mačák, Leiden Journal of International Law 30 (2017), 5, available at: https://ssrn.com/abstract=2961821. 63 Finnemore/Hollis, in The American Journal of International Law 110.3 (2016), 437; Osula/Rõigas, in: Osula/Rõigas (eds.), International Cyber Norms – Legal, Policy & Industry Perspectives, 2016, 11, available at: https://ccdcoe.org/sites/default/files/multimedia/pdf/InternationalCyberNorms_full_book.pdf; Giles, Prospects for the Rule of Law in Cyberspace, 2017, 17, available at: https://ssi.armywarcollege.edu/pubs/ display.cfm?pubID=1343.

Tropina/von zur Mühlen

135

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:49 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

lateral level,64 which are represented by the on-going work to develop confidence building measures65 via diplomatic channels. Additionally, the processes of development of different organisational measures, technical cooperation, capacity building frameworks and public-private collaboration between industry and governments in providing cybersecurity on both national and international levels add more complexity to the multi-dimensional cybersecurity policy-making. 36 Another factor that increases the complexity is the erosion of traditional division between public and private sector and the issue of the degree of governmental intervention and regulation in cybersecurity domain. While it is governments who traditionally have the constitutional mandate to maintain public safety, the major parts of critical infrastructure and networks are owned and managed by the private actors, who play a critical and decisive role in identifying cyber threats and responding to them.66 The development of the internet was mostly dominated by the concept of opposing any regulation for the sake of innovation and development of the new technologies.67 However, the increasing dependencies on information infrastructure and vulnerability to cyber threats have changed the cybersecurity landscape, led to reconsidering the role of the governments, and “have produced a rush to regulate cybersecurity”68. Currently, there is a major shift, especially in Europe, from hands-off regulation to a stronger role of the governments in imposing mandatory cybersecurity requirements in the private sector69. 37 The challenge of developing responses to cybersecurity threats is the need to address all the facets of the problem and to understand that different tools are required depending on the threat and motivation of the attackers. While it is important to focus on the targets of the attacks, their methodology and consequences, the need to define the “ownership of cybersecurity”70 when it comes to threat is critical for attributing responses to distinct regulatory domains: national security agencies, military or law enforcement. Furthermore, the distinction between various regimes is crucial on an international level as responses to one threat will not solve other problems: for example, the processes related to cyberaggression or cyber-disarmament will not improve mutual legal assistance in digital crossborder investigations. 38 While this section of the chapter makes a distinction between different cybersecurity regimes, it should be noted that the “ownership” of legal, regulatory, policy and other responses to a particular threat will not always fit the traditional concepts of security mandates in criminal law, law of armed conflict, and public international law.71 The assignment of a particular problem to a specific agency – be it law enforcement or national security services – depends on the combination of factors, such as seriousness of the threat, motivation of the attackers, the scale of the problem and possible consequences.

64 See Tiirmaa-Klaar, in: Ziolkowski (ed.), Peacetime Regime for State Activities in Cyberspace, 2013, 509 et seq. 65 Van der Meer, in Samuel/Sharma (eds.), Securing Cyberspace: International and Asian Perspectives, 2016, 95. 66 Bendiek, above n. 58, 6. 67 Lewis, Telecommunications Policy 29.11 (2005), 821 et seq. 68 Bambauer, Minnesota Law Review 96.2 (2011), 584 (606). See also Alderson/Soo Hoo, The Role of Economic Incentives in Securing Cyberspace, 2004, 2 et seq., available at: http://cisac.fsi.stanford.edu/ publications. 69 Tropina, 2015, above n. 58, 29 et seq. 70 Hathaway et al, California Law Review 100.4 (2012), 817 (831). 71 Bambauer, 2011, above n. 68, 595 et seq.

136

Tropina/von zur Mühlen

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:50 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Intelligence in Cyberspace

II. Cybersecurity regimes 1. Criminal law and tackling crime Criminal law provides a set of instruments to respond to the threats to confidenti- 39 ality, integrity and availability of data, systems and networks and other threats. However, the domain of criminal justice is much wider than cybersecurity threats: cybercrime frameworks are being used for investigation of any crime leaving digital traces. Due to the transborder nature of criminal activity in cyberspace, the key to tackle the problem of cybercrime is harmonisation of legal standards in substantive criminal law and in the field of criminal procedure and mutual legal assistance.72 The first attempt to harmonise legislation in this area was taken three decades ago, 40 when the OECD proposed a list of acts serving as a common denominator for criminalisation of computer crime.73 However, despite the “flurry of activity in relation to cybercrime at the international, regional and national level”74 in the last decades, there is no global cybercrime treaty. Current approaches are to a large degree fragmented and involve many international and regional organisations operating in this field. The most important document up to date is the Council of Europe’s Convention on Cybercrime 2001, which became the only standard, that strives to achieve a truly international level.75 The single initiative taken on the global level by the United Nations (UNODC) – Comprehensive Study on Cybercrime76, which potentially could lead to a proposal on a cybercrime treaty – failed in 2013 due to the lack of both political willingness, and also due to the pioneering role of the Council of Europe in this field.77 In addition to CoE Convention, many other organisations, such as the European Union, 41 the Commonwealth of Independent States, African Union, and others developed various binding and non-binding regional cybercrime frameworks. Such instruments include the EU Directive on Attacks against information systems78, the Commonwealth Model Law on Computer and Computer Related Crime, frameworks of Commonwealth of Independent States and the Shanghai Cooperation Organisation, the League of Arab States’ Convention on Combating Information Technology Offences, African Union Convention on Cybersecurity and Data Protection 2014, and some others.79 These instruments have to a large 72 See Sieber/Neubert, Max Planck Yearbook of United Nations Law 20 (2016), 241 (243 et seq.); Goodman, in Ghosh/Turrini (eds.), Cybercrimes: A multidisciplinary analysis, 2010, 320 et seq.; Sieber, in Delmas-Marty at el (eds).: Les chemins de l’Harmonisation Pénale/Harmonising Criminal Law, 2008, 127 et seq. 73 OECD, Computer-Related Criminality: Analysis of Legal Policy in the OECD Area, 1986. 74 Clough, Monash University Law Review 40.3 (2014),730 (698). 75 As of the 10th of February, 2018, it has been ratified by 56 states and has only 4 signatories not followed by ratification. Despite being an instrument of the regional organisation, the Convention was open to signatures by non-members from the very beginning: even during the negotiations phase, four non-member states – the United States, Canada, Japan and South Africa – participated in the drafting process and signed the Convention. Except South Africa, three other states ratified the Convention later. Furthermore, the list of non-members of Council of Europe that ratified the convention includes such countries Australia, Dominican Republic, Israel, Mauritius, Panama, and others. See: Council of Europe, Chart of signatures and ratifications of Treaty 185 Convention on Cybercrime. Available at: https://www. coe.int/en/web/conventions/full-list/-/conventions/treaty/185/signatures. 76 United Nations Office on Drugs and Crime (UNODC), Comprehensive Study on Cybercrime, 2013. 77 See von zur Mühlen/Tropina, Vereinte Nationen 2/2016, 59 et seq. 78 Directive 2013/40/EU on attacks against information systems and replacing Council Framework Decision 2005/222/JHA. 79 A detailed list and analysis of cybercrime-related instruments can be found in the UNODC, 2013, above n. 76, 63 et seq.

Tropina/von zur Mühlen

137

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:51 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

degree influenced each other, with the most prominent role played by the Council of Europe Cybercrime Convention in setting the international standards. Yet, despite having common core provisions, they significantly differ in substantive areas: while most of them cover the criminalisation of certain illegal behaviour in cyberspace, very few establish mechanisms for international cooperation in cybercrime investigations.80 42 On national level the degree of fragmentation goes even further: while substantive criminal law is to a large degree harmonised81, the cross-border transmission of electronic evidence depends on mutual legal assistance and on the availability of certain investigatory instruments in the national law. Furthermore, there are differences related to the whole national security architecture and the place of criminal justice in it. For example, in some countries, there is a strict separation between law enforcement and intelligence agencies, while in other regimes law enforcement and intelligence share information freely.82 These differences influence transborder cooperation in cybercrime investigation and, as criminal justice traditionally is considered to be a sole domain of a sovereign state, it is hard to solve the problem of fragmentation with the adoption of an international treaty.

2. Critical information infrastructure protection frameworks The protection of critical infrastructure is a distinct area of cybersecurity regimes as critical information infrastructure resilience includes not only robustness in the case of cyberattacks, but also a broader spectre of issues, such as resilience in case of weather disaster or human errors.83 The first step to establish international standards was taken in 2003, when G8 suggested eleven principles for protection of critical information infrastructures. The principles include, among others, creation of emergency warning networks, raising awareness among stakeholders and promoting partnerships between them, and international cooperation. Notably, this shows the overlap in the mandates between critical information infrastructure protection and criminal justice domain – the G8 principles encourage countries to “have adequate substantive and procedural laws, such as those outlined in the Council of Europe Cybercrime Convention of 23 November 2001, and trained personnel to enable them to investigate and prosecute attacks on critical information infrastructures, and to coordinate such investigations with other countries as appropriate”.84 44 The G8 effort was followed by the resolution 58/199 of the United Nations General assembly, which refers to the G8 principles, and by the resolution 64/211 that offers the tools to assess policies on critical information infrastructure protection.85 Further efforts at the level of the United Nations were taken by the International Telecommunications Union (ITU), which in 2005 got involved in critical information infrastructure protection under the mandate of the WSIS. In 2007 the ITU launched a global cybersecurity agenda that resulted in the creation of IMPACT – International Multi-Lateral Partnership Against Cyber Threats.86 43

80 Such instruments can be found only in the Council of Europe Convention, the Commonwealth of Independent States Agreement, and the League of Arab States Convention. 81 UNODC, 2013, above n. 76, 72 et seq. 82 Tropina, in Sieber/von zur Mühlen (eds.), Access to Telecommunication Data in Criminal Justice, 2016, 9 (17 et seq.). 83 Tropina, 2015, above n. 58, 11. 84 G8, G8 Principles for Protecting Critical Information Infrastructures, 2003, available at: http://www. cybersecuritycooperation.org/documents/G8_CIIP_Principles.pdf. 85 See Serrano, European Journal of Law and Technology 6.3 (2015), 3, available at: http://ejlt.org/ article/view/396/592. 86 See http://www.impact-alliance.org/aboutus/mission-&-vision.html.

138

Tropina/von zur Mühlen

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:51 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Intelligence in Cyberspace

Regional organisations also play an active role in the field of critical information 45 infrastructure protection. In 2008 OECD adopted the Recommendation of the Council on the Protection of Critical Information Infrastructures, calling for the member states to implement such measures as risk management strategies, creation of CERT (computer emergency response teams) and CSIRTs (computer security incident response teams), public-private partnerships and others87. The European Union created the European Network and Information Security Agency (ENISA) in 2004 for coordination of efforts among Member States, launched the EU Cybersecurity strategy in 2013, and subsequently adopted the Directive on security of network and information systems (NIS Directive) in 2016.88 The possible effect of NIS Directive is, however, still unknown, as the Member States should identify the operators of essential services that are regulated by the Directive by 9 November 201889.

3. Frameworks for cyberwar and warfare There is no international consensus on the thresholds and triggers for malicious 46 activity in cyberspace to reach the level of threat or use of force, threat to the peace, breach of the peace or act of aggression, or armed attack as stipulated by the UN Charter and humanitarian law.90 Undoubtedly, as many state-supported threats in cyberspace fall below such a threshold, it is uncertain which rules should apply and how to prevent states from supporting cyberattacks. The development of frameworks in this area considers, firstly, the application of the law on the use of force (ius ad bellum) and international humanitarian law (ius in bello) to cyberspace91, and, secondly, the rules for responsible state behaviour. On the national level and on the level of military alliances cyberwar constitutes the development of military strategies and offensive and defensive capabilities of the nation states. The question of applying international humanitarian law (ius in bello) to acts and 47 conflicts in cyberspace and the issue of responsible state behaviour have been addressed, most prominently, on the level of the United Nations in the work of the UN Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security (UN GGE).92 The group, which started its work in 2004, produced three consensus reports: in 2010, 2013 and 2015. Two of the reports – in 2013 and 2015 – showed some agreement on the legal matters related to applicability of international law to cyberspace and responsible behaviour of states, such as not interfering with each other’s critical infrastructures, not targeting each other’s computer emergency response teams, assistance in investigation of cyberattacks and responsibility for actions originating from countries’ territory.93 87 OECD, OECD Recommendation of the Council on the Protection of Critical Information Infrastructures, 2008, available at: http://www.oecd.org/sti/40825404.pdf. 88 EU Directive 2016/1148 concerning measures for a high common level of security of network and information systems across the Union. 89 Art. 5 of EU Directive 2016/1148 concerning measures for a high common level of security of network and information systems across the Union. 90 Lotrionte, in: Beck (ed.), Law and Disciplinarity. Thinking Beyond Borders, 2013, 67 (71); Pipyros et al, A new strategy for improving cyberattacks evaluation in the context of Tallinn Manual, Computers & Security 74 (2017), 371 (375). 91 Giles, 2017, above fn. 63, 9. 92 See e. g. Tikk-Ringas, Georgetown Journal of International Affairs 17.3 (2016), 47 et seq. 93 United Nations, Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security, 2013, available at: http:// www.un.org/ga/search/view_doc.asp?symbol=A/68/98; United Nations, Report of the Group of Governmental Experts on Developments in the Field of Information and Telecommunications in the Context of International Security, 2015, available at: http://www.un.org/ga/search/view_doc.asp?symbol=A/70/174.

Tropina/von zur Mühlen

139

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:52 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

However, the 5th GGE (with the mandate 2016–2017) after two years of work “collapsed”94 as the final report was rejected by a number of countries, including Cuba and, allegedly, Russia and China95 due to their disagreement with the inclusion of such provisions as the right to self-defence, the right to respond to wrongful acts and the applicability of the international humanitarian law into the report.96 It is currently unclear whether the United Nations will continue the process of norm-making in this field in GGE format or in any other way. Undoubtedly, the failure of the 5th GGE shows the divergence in the legal and political debates and the inability of the UN to resolve these issues in the foreseeable future. 49 Further frameworks related to military activities in cyberspace can be found on the level of military alliances, notably, NATO.97 The first attempts to evolve cyber capabilities were taken at the NATO Summit in 2012 and followed by the creation of the NATO Computer Incident Response Capability. In 2005, NATO included the cyber threat in the Comprehensive Political Guidance document. The need to establish cyber capabilities was fully recognised after attacks against Estonia in 2007 and led to the adoption of the Policy on Cyber Defence.98 In 2014 the Wales Summit affirmed that “cyber-defence is part of NATO’s core task of collective defence”. Furthermore, cyberspace was recognised as a “domain of operations in which NATO must defend itself as effectively as it does in the air, on land and at sea” at the NATO meeting in Warsaw in 2016.99 50 Current NATO’s strategy for cyber defence includes the implementation of national cyber defence capabilities in NATO member countries via the NATO Defence Planning Process, integration of cyber defence into Smart Defence initiatives via creation of the Malware Information Sharing Platform, the Smart Defence Multinational Cyber Defence Capability Development project, the Multinational Cyber Defence Education and Training project,100 and cyber defence exercises with NATO member countries101 In 2015 NATO also developed the Memorandum of Understanding on Cyber Defence, which is aimed to increase situational awareness. For research, training and capacity building NATO established the Cooperative Cyber Defence Centre of Excellence (CCD CoE) in Tallinn, Estonia, as a research and educational enterprise not formally part of 48

94 Schmitt/Vihul, International Cyber Law Politicized: The UN GGE’s Failure to Advance Cyber Norms, Friday, 2017, available at: https://www.justsecurity.org/42768/international-cyber-law-politicized-ggesfailure-advance-cyber-norms/; see also Markoff, Explanation of Position at the Conclusion of the 2016–2017 UN Group of Governmental Experts (GGE) on Developments in the Field of Information and Telecommunications in the Context of International Security, 2017, available at: https://www.state.gov/s/ cyberissues/releasesandremarks/272175.htm; Segal, The Development of Cyber Norms at the United Nations Ends in Deadlock. Now What?, 2017, available at: https://www.cfr.org/blog/development-cybernorms-united-nations-ends-deadlock-now-what. 95 Korzak, UN GGE on Cybersecurity: The End of an Era?, 2017, available at: http://thediplomat.com/ 2017/07/un-gge-on-cybersecurity-have-china-and-russia-just-made-cyberspace-less-safe. 96 Schmitt/Vihul, 2017, above n. 94. 97 See for more details: Veenendaal/Kaska/Brangetto, Is NATO Ready to Cross the Rubicon on Cyber Defence? Cyber Policy Brief, available at: https://ccdcoe.org/sites/default/files/multimedia/pdf/NATO% 20CCD%20COE%20policy%20paper.pdf; Lewis, The Role of Offensive Cyber Operations in NATO’s Collective Defence, 2015, available at: https://ccdcoe.org/sites/default/files/multimedia/pdf/TP_08_2015_0.pdf; Pernik, Improving Cyber Security: NATO and the EU, 2014, available at: https://www.icds.ee/fileadmin/ media/icds.ee/failid/Piret_Pernik_-_Improving_Cyber_Security.pdf. See also Masala/Scheffler Corvaja, chapter xx, mn. xxx. 98 Fidler/Pregent/Vandurme, NATO, Cyber Defense, and International Law, 2013, available at: http:// www.repository.law.indiana.edu/facpub/1672. 99 See www.nato.int/cyberdefence/. 100 See http://www.nato.int/cps/en/natohq/topics_78170.htm. 101 See: Krause, NATO on its Way Towards a Comfort Zone in Cyber Defence, 2014, 5, available at: http://www.ccdcoe.com/sites/default/files/multimedia/pdf/TP_03.pdf.

140

Tropina/von zur Mühlen

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:52 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Intelligence in Cyberspace

NATO but supported by NATO member countries and several NATO schools and colleges. Furthermore, in 2016 NATO also signed the Technical Arrangement on cyber defence cooperation with the European Union102. One of the results of NATO’s involvement in the cyber domain is the development 51 of the Tallinn Manual on the International Law applicable to cyber warfare. The Tallinn manual is a project initiated by NATO and carried out by a group of experts, which consisted of practitioners and academics from NATO member countries. The Manual, first published in 2012, represents an “academic, nonbinding study”103 aimed to consider how the existing public international law is applicable to cyberspace rather than creation of any new norms applicable to cyberwar or cyberwarfare.104 The second version of the manual – Tallinn Manual 2.0 was released in 2017 and includes, in addition to the previous study, a legal analysis of the common cyber incidents.105 While it is clear that the Tallinn manual represents a significant step forward to fill 52 the gaps in cyber-norms and to reach consensus among the experts on the applicability of the international law to cyberspace,106 it has some drawbacks in terms of possible influence. The critics of Tallinn manual point out that it lacked the wider representation of nation states in its development107 and as a non-state initiative lacks the power of norm-making or norm interpretation process.108 Moreover, from a substantive point of view, the manual was criticised for possibly lowering the threshold for the applicability of the right to self-defence for non-state actors together with dropping the threshold of the definition of armed attack, and, therefore, increasing potential of the use of force and changing the landscape of the possible conflicts in the future.109 Nevertheless, in the context of failure of UN GGE in 2017, the potential influence of the manual is unclear. While the discussion on cyberwarfare and applicability of the international law is 53 getting fragmented, nation states started implementing cyberwarfare capabilities in their military doctrines. It is hard to assess exactly how many states are developing or planning to develop offensive cyberwarfare capabilities and at which stage this process finds itself at the moment. According to the joint statement by Clapper, Lettre and Rogers, “as of late 2016” at least 30 states “are developing offensive cyberattack capabilities”.110 The UNIDIR report of 2011, which was using open-source information from 133 states, found out that at least 33 countries included cyberwarfare in their military doctrines, planning or organisation.111 As it will be further discussed in the Part D.V., in the European Union there are several states which openly develop cyberwarfare capabilities.

102 NATO, 2016, NATO and the European Union enhance cyber defence cooperation, available at: https://www.nato.int/cps/en/natohq/news_127836.htm. 103 Lotrionte, 2013, above n. 90, 69. 104 See e. g. Barnsby/Reeves, in Texas Law Review 95.7, 2017, p. 1515 (1515 et seq.). 105 Schmitt (ed.), Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations, 2017. 106 Neutze/Nicholas, Georgetown Journal of International Affairs: International Engagement on Cyber, 2013, 3 (9 et seq.). 107 McGhee, Journal of Law and Cyber Warfare, 2/2013, 64 (103). 108 Mačák, 2016, above fn 62, 136. 109 Boulos, in: Ramírez/García-Segura (eds.), Cyberspace. Advanced Sciences and Technologies for Security Applications, 2017, 231 (241). 110 Clapper/Lettre/Rogers, Joint Statement for the record to the Senate Armed Service Committee. Foreign Cyber Threats to the United States, 2017, 5, available at: https://www.armed-services.senate.gov/ imo/media/doc/Clapper-Lettre-Rogers_01-05-16.pdf. 111 Lewis/Timlin, Cybersecurity and Cyberwarfare, 2011, 3, available at: http://unidir.org/publications.

Tropina/von zur Mühlen

141

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:53 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

4. Other regimes 54

55

56

57

58

Other regimes in addressing cybersecurity threats include confidence building measures, public-private cooperation, technical and organisational measures and capacity building. – Confidence building measures represent normative commitments that states are supposed to respect. Such commitments focus on preventing and reducing the risk of state conflicts or outbreak by mitigating mistrust, misunderstanding and miscalculations via exchange of information, resources, increasing awareness and facilitating common understanding.112 Sets of confidence building measures have been developed mostly on the regional levels by the organisations such as OSCE, AOS, ASEAN, SCO and others.113 – Public-private cooperation is considered important due to the significant role of the private sector in managing critical information infrastructure and networks and “existence of myriad actors in the information security field”.114 The scope and scale of public-private collaboration in cybersecurity involves different areas of ICT markets and various forms of cooperation: from ad hoc to long-term public-private partnerships and nationwide joint cybersecurity initiatives.115 – Technical and organisational measures, such as risk analysis, training, control and certification, alert systems and recovery strategies have become the core of organisational cybersecurity policies for both industrial control systems and other actors in the private sector.116 – Capacity building frameworks address the vulnerabilities of cross-border externalities117 because the lack of cybersecurity capacity in one country can pose significant risks on another. The programs for capacity building include the initiatives from international and regional organisations such as ITU118, EU119, OAS120, and private sector and academia’s efforts such as Oxford University Global Cyber Security Capacity Centre and Microsoft’s capacity building programs.121 Furthermore, the Global Forum 112 Trimintzios et al, Cybersecurity in the EU Common Security and Defence Policy (CSDP), 2017, 19, available at: http://www.europarl.europa.eu/RegData/etudes/STUD/2017/603175/EPRS_STU(2017)603175_ EN.pdf; Ziolkowski, in: Ziolkowski (ed.), Peacetime Regime for State Activities in Cyberspace, 2013, 533 et seq.; Lewis, Disarmament Forum 4/2011, 53 et seq. 113 See Giles, 2017, above n. 63, xiv et seq.; Ott, Fletcher Security Review 3.1 (2017), 67 (70). 114 Brown/Snower, Global Economic Solutions 2010/2011, Global Economic Symposium, 2011, 143, available at: https://www.global-ecnomic-symposium.org/solutions/publications/global-economic-solutions/ global-economic-solutions-2010-11. 115 Tropina, 2015, above n. 58, 20 et seq. 116 See Agence Nationale de la Sécurité des Systèmes d’Information, Managing Cybersecurity for Industrial Control Systems, 2014, 16 et seq., available at: https://www.ssi.gouv.fr/uploads/2014/01/Managing_Cybe_for_ICS_EN.pdf, Stouffer, Guide to Industrial Control Systems Security, 2015, 3-1 et seq, available at: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-82r2.pdf; Luiijf/te Paske, Cyber Security of Industrial Control Systems. 2015, 35 et seq., available at: http://publications.tno.nl/ publication/34616507/KkrxeU/luiijf-2015-cyber.pdf. 117 Global Public Policy Institute, Advancing Cybersecurity Capacity Building, 2017, 1, available at: http://www.gppi.net/publications/. 118 See http://www.itu.int/en/ITU-D/Cybersecurity/Pages/cybersecurity_metrics_capacity_building.aspx; Obiso, Cybersecurity: Capacity Building and Emergency Response, 2014, available at: https://itu4u.wordpress.com/2014/05/27/cybersecurity-capacity-building-and-emergency-response/. 119 European Commission, EU cybersecurity initiatives, 2017, available at: http://ec.europa.eu/information_society/newsroom/image/document/2017-3/factsheet_cybersecurity_update_january_2017_41543.pdf. 120 OAS, American States’ Inter-American Integral Strategy to Combat Threats to Cyber Security, 3 et seq., available at: https://www.oas.org/juridico/english/cyb_pry_strategy.pdf. 121 Muller, Cyber Security Capacity Building in Developing Countries: Challenges and Opportunities, NUPI Report, no. 3 2015, 8, available at: https://brage.bibsys.no/xmlui/bitstream/id/331398/NUPI+Report +03-15-Muller.pdf.

142

Tropina/von zur Mühlen

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:54 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Intelligence in Cyberspace

for Cyber Expertise (GFCE) was created in 2015 as a global capacity building initiative between governments and private stakeholders.

D. Cybersecurity and Cyber Intelligence I. Reactive and proactive approaches The nation states are increasingly recognising cyberspace as a new warfare domain, 59 and are therefore developing offensive and defensive capabilities to address constantly evolving cyber threats.122 However, while the technical capabilities of the attackers and defenders might evolve in parallel, many cybersecurity approaches are still rather static and reactive: they aim to identify the intrusion, minimise the disruption and mitigate the consequences after the malicious actors are “already inside the wire”.123 While investment into technology is essential, it cannot be effective on its own anymore due to the growing proliferation of adversaries, the increasing complexity of cyber-threats, the lack of legal frameworks, be it on national or international level, and the challenge of attribution.124 Any malicious activity in cyberspace has a human interaction behind it. It is the 60 motivation of the attacker that brings acts of adversaries to one or another domain – be it military defence or criminal justice. Serious persistent threats and attacks require adversaries to plan them, to collect information, to determine the targets, to acquire the access to the network. This planning process takes time, therefore it is important to empower policy-makers with the knowledge about adversaries’ capabilities and potential actions and use this time to develop solutions for an intelligencebased defence.125 There is already a recognition that cyber defence shall not follow only a passive, reactive approach. It is not enough to ensure the development of legal and technical instruments to address threats in cyberspace and building technical capability to react to the incidents that already happened. Therefore, some nation states are increasingly embracing the concept of intelligence-driven cyber defence,126 where intelligence, as in case of any complex security threats, is a central component. The aim of intelligence-driven cyber defence is to assess the range of geopolitical, cultural, social and other contexts that influence decision-makers behind the attack.127 This approach broadens the focus from the use of technology for identification and elimination of attacks and intrusions to a wider set of actions. Intelligencedriven cyber defence aims to collect information from expanded sources about adversaries and their capabilities, objectives, doctrines and limitations in order to understand the motivations behind malicious activities and prevent and anticipate cyber-incidents.

122 Gehem et al., Assessing Cyber Security, 2015, 49, available at: https://hcss.nl/report/assessing-cybersecurity/. 123 Mattern et al., International Journal of Intelligence and Counterintelligence 27.4 (2014), 702 (705); see also Intelligence and National Security Alliance, Operational Levels of Cyber Intelligence, 2013, 3, available at: https://www.insaonline.org/resources/publications/; Borum et al., The Coast Guard Proceedings 71.4 (2014–2015), 65 (67); Nielsen, Orbis 56.3 (2012), 336 (349). 124 Borum et al., Information & Computer Security 23.3 (2015), 317 (329). 125 Intelligence and National Security Alliance, 2013, above fn 123, 4 et seq. 126 See D.V. for national approaches within Europe. 127 Brantly, The Decision to Attack, 2016, 119 et seq.

Tropina/von zur Mühlen

143

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:54 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda 61

There is also an increasing discussion to what extent offensive capabilities by launching a counterstrike to the supposed source of an attack can and should be considered in the development of proactive approaches to maintain cybersecurity. These activities are discussed under the term “hack back” and reach from accessing systems to delete stolen content to DDoS attacks on networks with the intent to shut down the adversary’s systems.128 The latter example illustrates that these countermeasures can overlap with the issues that are discussed in the context of cyberwar. This especially relates to the state’s right to self-defence, the issue of attribution of the attack and the intensity of the counterattack.129

II. Intelligence in cyber domain or “cyber intelligence”? Although there is no agreed definition of cyber intelligence,130 it can generally be described as information collection about, comprehensive assessment of and reaction to the adversarial activities, capabilities and intentions in the cyber domain for intelligence purposes.131 It relies on data collected from a wide range of traditional intelligence sources (like human intelligence, open source intelligence and signal intelligence) with the aim to inform policy-makers at any level of the cyber domain. 63 Cyber intelligence should be distinguished from a broader concept of using information and communication networks as a source for collecting intelligence, where digital developments and information gathering supplement traditional tools for data collection.132 While traditional intelligence is also facing challenges related to cyberspace as the new environment for operations and is struggling with the consequences of the information revolution,133 cyber intelligence, as a distinct field, operates with the aim to address cybersecurity threats, including threats to national security. Furthermore, in addition to a general process of collecting information to address cyber threats, cyber counter-intelligence, as part of a broader concept of cyber intelligence, focuses on countering the intelligence actions of the adversary; this includes detection, deterrence, prevention, degradation, exploitation and neutralisation of the foreign intelligence services’ operations related to all the sceptre of possible threats – from cyberwarfare to their efforts to collect information.134 64 Both cyber intelligence and counter-intelligence require new sources and means of gathering information. This is especially true in such areas as cyber defence due to the fact that unlike the conventional weapons cyber-weapons are available to a wide range of actors as they require less infrastructure and no restricted, controlled or limitedsupply materials, and therefore, tracing such processes is harder and requires more information collected from different sources.135 62

128 See e. g. Kesan/Hayes, Harvard Journal of Law & Technology 25.2, 431 (474 et seq.); see also below n. 182. 129 On these issues see Tsagourias, Journal of Conflict and Security Law 17.2 (2012), 229 et seq. 130 See Uthoff, in: Lemieux (ed.), Current and Emerging Trends in Cyber Operations, 2015, 199 et seq. 131 Intelligence and National Security Alliance, Tactical Cyber Intelligence, 2015, 1, available at: https:// www.insaonline.org/resources/publications/. 132 See e. g. how the digital and cyber developments impact HUMINT: Gioe, in: Dover/Dylan/Goodman (eds.), The Palgrave Handbook of Security, Risk and Intelligence, 2017, 213. 133 See e. g. Degaut, Intelligence and National Security 31.4 (2016), 509 et seq.; Dunn Cavelty/Maurer, Security Dialogue 40.2 (2009), 128 et seq. 134 Duvenage/von Solms/Jaquire, Conceptualising Cyber Counterintelligence, Proceedings of the 15th European conference on Cyber Warfare and Security, 2016, 93 (96 et seq.). 135 Williams/Shimeall/Dunlevy, Contemporary Security Policy 23.2 (2002), 1 (4).

144

Tropina/von zur Mühlen

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:55 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Intelligence in Cyberspace

III. Levels and sources of cyber intelligence Cyber intelligence operates on several levels, which are complementary and supplementary to each other:136 On the strategic level, cyber intelligence focuses on the long-term issues that can impact strategic decisions.137 This level aims to provide information for political decision-making, assess the cyber-environment, define the intentions of adversaries that can have an impact on the national cybersecurity and estimate the capability of the malicious actors. It delivers a framework for all other levels of cyber intelligence activities by framing a “concept” for cyberspace operations. Tactical cyber intelligence is the collection and analysis of data in order to understand the threats and prepare for them.138 It links the macro-level provided by strategic intelligence with the micro-level of individual cases where tactical intelligence is supposed to respond to the dynamic threats by focussing on day-to-day defensive activity, on “what is happening on the network”.139 The tactical level includes tactics, procedures and tools to methodologically understand the patterns of behaviour or approaches of an adversary and examine the compromise indicators.140 Strategic and tactical levels are mutually reinforcing as tactical assessment can help strategic analysis.141 The reactive approaches to cyber threats are usually focussed on the analysis carried out on the tactical level as this level concentrates on the particular events happening on the network. This is exactly why there is a need to shift the focus from tactics to strategy and mutually reinforce both levels because acting on the tactical level mostly means that adversary is either close to getting access to the system or is already inside the network.142 Operational cyber intelligence bridges the two other levels – strategic and tactical. It refers to collection of specific information that is required to comprehend the operational environment, objectives, trends, resources and activities of adversaries and also to plan and execute cyber operations and achieve strategic goals in the cyber domain.143 Intelligence analysis at this level can also overlap with investigations of a single case and include the assessment of data related to a particular incident, the identification of specific vulnerabilities that have been exploited, and the analysis related to attribution.144 While addressing cyber threats becomes distinct from traditional intelligence and the focus of data collection might shift, the critical aspects of the traditional intelligence cycle model stay the same: direction and requirements, collection of data, processing and exploitation, analysis and production, dissemination, consumption and feedback.145 136 In practice, the levels are not always sharply distinguishable. On the corresponding levels of military cyber operations see Herr/Herrick, in: Harrison/Herr, Cyber Insecurity, 2016, 259 (266 et seq.). 137 Uthoff, 2015, above fn 130, 202; Borum et al., above fn 124, 319; Williams/Shimeall/Dunlevy, above fn 135, 9. 138 Intelligence and National Security Alliance, 2015, above n. 125, 2. 139 Julisch, Understanding and overcoming cyber security anti-patterns, Computer Networks 57.10 (2013), 2206 (2210); See also Williams/Shimeall/Dunlevy, above n. 135, 12; Borum et al., above n. 124, 68. 140 Uthoff, 2015, above n. 130, 203. 141 Williams/Shimeall/Dunlevy, 2002, above n. 135, 12. 142 Intelligence and National Security Alliance, 2013, above n. 125, 10. 143 Uthoff, 2015, above n. 130, 203. 144 Williams/Shimeall/Dunlevy, 2002, above n. 135, 12. 145 On the intelligence cycle in general see Omand, [in this book]; Johnson, in: Johnson (ed.), The Oxford Handbook of National Security Intelligence, 2010, 3 (12 et seq.). The intelligence cycle model recently has been criticized as outdated and oversimplified, see Richards, in Phythian (ed.), Understanding

Tropina/von zur Mühlen

145

65 66

67

68

69

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:55 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

However, it is clear that cyber intelligence needs to include all the methods of data collection that traditional intelligence rely on to get as much information about the adversary as possible.146 Any intelligence discipline can potentially provide data of crucial value for cyber intelligence. This includes collection of data coming from such disciplines as communications intelligence (COMINT), signal intelligence (SIGINT), human intelligence (HUMINT), open source intelligence (OSINT), geospatial and measurement intelligence (GEOINT) as critical components,147 which are further combined with other sources of data such as unclassified network data and data from CERTs, data about cyber-activity of a particular country or relevant geopolitical events.

IV. Approaches at EU level The EU Member States mainly consider the issue of cybersecurity as their national competence due to the sensitivity of the issue and its connection to national security and defence. However, the understanding of the cross-border nature of threats and growing concerns about the possibility of the vulnerabilities of one Member State to affect others and the entire Union, called for the development of coordinated approaches to cybersecurity in the European Union. This coordination till recently was rather happening in an ad hoc manner, distributed across different domains and institutions.148 The concrete efforts to shape a comprehensive cybersecurity agenda at EU level started with the harmonisation of approaches to tackling cybercrime, in particular, adoption of the EU Framework decision on attacks against information systems in 2004 (later repealed by the EU Directive on attacks against information systems 2013149). However, some critical parts of the overarching cybersecurity approach where the Member States traditionally try to protect their sovereignty, such as cyber defence, were missing until the adoption of EU Cybersecurity Strategy in 2013. The EU Cybersecurity Strategy was further followed by the Directive on security of network and information systems (EU NIS directive) in 2016 and the recent proposal for the creation of the EU Cybersecurity Agency in September 2017.150 71 The EU Cybersecurity strategy 2013 was the first attempt to address the entire spectrum of cybersecurity threats at EU level, including both, civil aspects of cybersecurity and cyber defence and clearly establish priorities for the cybersecurity policy that previously was spread across different regulatory frameworks. The document identified five strategic priorities, which include achieving overall resilience, fighting cybercrime, developing cyber defence policies and capabilities in relation to the Common Security and Defence Policy (CSDP), developing industrial and technological resources, and establishing a coherent EU cyber diplomacy. The three first tasks were assigned to 70

the Intelligence Cycle, 2013, 43 (46 et seq.); Hulnick, in Phythian (ed.), Understanding the Intelligence Cycle, 2013, 149 (152 et seq.). on cyber specific aspects see Brantly, in Phythian (ed.), Understanding the Intelligence Cycle, 2013, 76; Williams/Shimeall/Dunlevy, above n. 135, (15 et seq.); Intelligence and National Security Alliance, above n. 131, 6 et seq. 146 Brantly, in Phythian (ed.), Understanding the Intelligence Cycle, 2013, 76 (81). See also Williams/ Shimeall/Dunlevy, above fn 135, 15; Davies, Information, Communication & Society, 2.2 (1999), 115 (129). 147 Some authors also identified new categories of intelligence sources in the cyber domain like e. g. social media intelligence (SOCMINT), see Omand/Bartlett/Miller, Intelligence and National Security Journal 27.6 (2012), 801 et seq. 148 Darmois/Schméder, Cybersecurity: a case for a European approach, 2016, 11, available at: http:// www.securityintransition.org/wp-content/uploads/2016/02/WP11_Cybersecurity_FinalEditedVersion.pdf. 149 See above n. 78. 150 European Commission, Press release IP/17/3193 from 19 September 2017.

146

Tropina/von zur Mühlen

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:56 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Intelligence in Cyberspace

existing EU agencies: the European Network and Information Security Agency, the European Cybercrime Centre (EC3) within Europol and the European Defence Agency in collaboration with the EU Military Staff, respectively. The cyber defence pillar was the most significant novelty in the EU cybersecurity 72 approach outlined in the EU Cybersecurity Strategy 2013, as the EU has no standing military forces or equipment and only the Member States can provide capabilities for EU-led cyber defence operations.151 Furthermore, as the European Union itself is not engaged in developing offensive cyber capabilities and the generation and readiness of military forces are considered rather a national competence, the strategy focuses solely on self-protection in the cyber domain.152 Despite the fact that cyber defence was included as one of the top ten priorities on the EU military agenda by the 2010 revisions to the Capability Development Plan, endorsed in 2011,153 it was the EU Cybersecurity Strategy that set the further approach and coordination by defining four key activities in the area of cyber defence: building cyber defence capabilities, developing a EU cyber defence policy framework, dialogue and coordination between civil and military actors and a dialogue with international partners, including NATO and other stakeholders.154 The role of intelligence, however, was directly mentioned in the EU Cybersecurity 73 Strategy only in relation to fighting cybercrime and not with regard to the defence capabilities. Part 2.2 of the Strategy stipulates that European Commission will support the European Cybercrime Centre (EC3), which “will provide analysis and intelligence, support investigations, provide high level forensics, facilitate cooperation, create channels for information sharing between the competent authorities in the Member States, the private sector and other stakeholders, and gradually serve as a voice for the law enforcement community”. However, further developments related to the EU Concept on Cyber Defence provide for a greater role of cyber intelligence in addressing cyber threats. For example, a report on the implementation of the Cyber Defence Policy Framework lists the continuous production of strategic intelligence assessments on cyber-related issues as one of the tasks to achieve the aim of strengthening cyber threat analysis at strategic and operational levels in order to identify and analyse current and new cyber threats.155 A later report from 2016 states that the mandate to collect and provide strategic intelligence in support of the Cyber Defence Policy Framework is assigned jointly to the EU Intelligence and Situation Centre (EU INTCEN156) and the Intelligence Directorate of the European Union Military Staff (EUMS157).158 Furthermore, the 2016 report provides that to facilitate the planning and implementation for 151 Christou, The EU’s Approach to Cybersecurity, 2017, 2, available at: http://repository.essex.ac.uk/ 19872/1/EU-Japan_9_Cyber_Security_Christou_EU.pdf. 152 Christou, Cybersecurity in the European Union, 2016, 138. E. g., the EU Global Strategy for the European Union’s Foreign and Security Policy highlights on p. 11 that “Member States remain sovereign in their defence decisions”. The strategy is available at: https://europa.eu/globalstrategy/sites/globalstrategy/files/regions/files/eugs_review_web_0.pdf. See also Robinson, EU Cyber-Defence: A Work in Progress, EUISS ISSUE Briefs 10/2014, available at: https://www.files.ethz.ch/isn/182329/Brief_10_Cyber_defence.pdf, 2. 153 European Defence Agency, Capability Development Plan Fact Sheet, available at: https://www.eda. europa.eu/what-we-do/our-current-priorities/strategies/Capabilities. 154 EU Cybersecurity strategy, Part 2.3. 155 Council of the European Union, Six-Month report on the Implementation of the Cyber Defence Policy Framework by the Politico-Military Group, 10347/15, 2015, 15. 156 See also Palacios, EU Intelligence: On the road to a European Intelligence Agency?, Part 3 Chapter 1, in this volume. 157 See also Rauwolf, Intelligence in EU-led military minions and operations, Part 2 Chapter 4, in this volume. 158 Council of the European Union, Six-Month report on the Implementation of the Cyber Defence Policy Framework by the Politico-Military Group, 9701/16, 2016, 9.

Tropina/von zur Mühlen

147

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:56 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

each Common Security and Defence Policy (CSDP) operation or mission, EU INTCEN and the EUMS Intelligence Directorate are tasked to prepare updated strategic threat assessments, which include the section on cyber when appropriate. The same document also highlights strengthening cooperation with EU bodies such as CERT-EU159 and Europol for the process of enhancing strategic cyber threat analysis, with a view to regularly sharing insights and information. 74 The recent proposal for a new EU Cybersecurity Agency tries to give more prominent role to the information gathering and analysis in a proactive way.160 It aims to task ENISA with “proactively contributing to the development of policy in the area of network information security” and with “providing strategic long-term advice to Member States and Union institutions” by performing the analysis of current and emerging risks, threats and incidents and identifying emerging trends. This initiative indicates the growing understanding that collection and analysis of relevant information is an integral part of securing the cyberspace. 75 Despite all the efforts outlined above, the development of a comprehensive approach to cyber intelligence on EU level is still in its infancy. This can be also attributed to the fact that the approach to cybersecurity on the level of the European Union in general focuses on building capacity, resilience and addressing cyber threats while securing the freedom and openness of the Internet, rather than relying on deterrence and militarisation. Even though tackling the lack of military and intelligence capacities was on the EU agenda since the adoption of the EU Cybersecurity Strategy in 2013, progress is still slow and this area of the strategic priority is the least developed, compared to other non-military aspects.161 Even three years after the adoption of the EU Cybersecurity Strategy, in 2016, the European Commission still called for “synergies” to be “sought between cyber defence efforts and wider EU cybersecurity policies” in its communication on the European Defence Action Plan.162

V. National approaches 76

While the EU is currently trying to strengthen its security and defence policies as a union and, at the same time, enhance its cooperation with NATO on cyber defence, these attempts are not able to fully harmonise the policies and actions among the EU Member States in this field, as not all of the EU Member States participate in the Common Security and Defence Policy163 and, moreover, not all of the EU Member States are members of NATO.164 This makes the development of a common proactive approach to cybersecurity and cyber intelligence problematic: the foreign cyber and defence policy so far “remains the subject of well-intentioned declarations of intent” in the EU.165 159 Computer Emergency Response Team (CERT-EU) for the EU institutions, agencies and bodies. See: https://cert.europa.eu/cert/plainedition/en/cert_about.html. 160 Proposal for a Regulation of the European Parliament and of the Council on ENISA, the “EU Cybersecurity Agency”, and repealing Regulation (EU) 526/2013, and on Information and Communication Technology cybersecurity certification (“Cybersecurity Act”), COM(2017) 477 final. 161 Robinson, 2014, above fn 152,1 et seq., Christou, 2016, above fn 152, 136 et seq. 162 European Defence Action Plan (COM(2016) 950 final), 18. 163 E. g. Denmark is not a part of Common Security and Defence Policy. 164 Austria, Cyprus, Finland, Ireland, Malta, and Sweden are not NATO members. 165 Bendiek, The New “Europe of Security”, SWP Comments 20/2017, available at: https://www.swpberlin.org/fileadmin/contents/products/comments/2017C20_bdk.pdf. Mälksoo, Contemporary Security Policy 37.3 (2016), 374 (374 et seq.) argues that “the EU’s efficiency and autonomy as a security actor are but limited compared to some of its well-endowed member states”.

148

Tropina/von zur Mühlen

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:57 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Intelligence in Cyberspace

Due to the sensitivity of the issues and sovereignty concerns the EU is currently 77 only able to take a coordination role while Member States act independently on national security issues, especially with regard to such critical issues as, for example, attribution of malicious acts. In this regard, the Council of the European Union in the so-called “Cyber Diplomacy Toolbox”,166 while stressing the possibility of the joint EU diplomatic response to malicious cyber activities in cyberspace, highlighted that the “attribution to a State or a non-State actor remains a sovereign political decision based on all-source intelligence and should be established in accordance with international law of State responsibility”. Consequently, with the growing insecurity of cyberspace, its further militarisation and the development of advanced persistent threats it is the EU Member States that are taking steps to approach on the national level both military aspects of cybersecurity, such as defensive and offensive strategies and cyber intelligence gathering and processing capabilities. A number of countries consider offensive capabilities and cyber intelligence as critical – and sometimes interrelated – components of either general cybersecurity or more specific cyber defence strategies. The most notable attempt of addressing the issue of cyber intelligence on the national 78 level is the recent Cybersecurity Strategy of the United Kingdom, which was adopted in 2016. The Strategy, in addition to focussing on cyber defence, aims to enhance the “sovereign” offensive capabilities, and clearly states the UK has “the means to take offensive action in cyberspace”, should it “choose to do so”.167 The strategy also strengthens the role of cyber intelligence gathering by establishing the National Cyber Security Centre (NCSC) as a single body for cybersecurity, which, among other tasks, serves as “a unified source of advice for the Government’s cybersecurity threat intelligence and information assurance”.168 The parent body for the NCSC is the Government Communications Headquarters (GCHQ). Furthermore, the strategy sets as one of the priorities collaboration with the private sector by providing industry with proactive intelligence on cyber threats and getting upstream intelligence that could be in possession of the industry. Another example of strengthening the role of cyber intelligence and the development 79 of cyber offensive capacities on the national level is the case of the Netherlands. In comparison to the UK, where the national cybersecurity strategy covers all the aspects of cybersecurity, be they related to military or civil or law enforcement domains, the Netherlands set the general priorities concerning defence and intelligence in the National Cybersecurity Strategy and further developed them in the Dutch Cyber Defence Strategy 2012 (revised in 2015). The 2012 Defence Strategy sets the development of military capabilities to conduct cyber operations (offensive capabilities) and strengthening the intelligence position in cyberspace among the focal points for action. Both priorities are further strengthened in the 2015 revisions of the Strategy. The strategy highlights that the intelligence gathering “includes infiltration of computers and networks to acquire data, mapping out relevant sections of cyberspace, monitoring vital networks, and gaining a profound understanding of the functioning of and technology

166 See: Draft Council Conclusions on a Framework for a Joint EU Diplomatic response to Malicious Cyber Activities (Cyber Diplomacy Toolbox). Brussels, 7 June 2017 (OR. en) 9916/17. Available at: http:// data.consilium.europa.eu/doc/document/ST-9916-2017-INIT/en/pdf. 167 HM Government, UK National Cyber Security Strategy 2016–2021, 9, available at: https://www.gov.uk/ government/uploads/system/uploads/attachment_data/file/567242/national_cyber_security_strategy_2016. pdf. 168 Ibid., 29.

Tropina/von zur Mühlen

149

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:57 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

behind offensive cyber assets”.169 The implementation of the priorities related to cyber intelligence gathering resulted in the establishment on 15 June 2014 of the Joint SIGINT Cyber Unit, which represents a joint effort of the General Intelligence and Security Service and the Military Intelligence and Security Service.170 80 The Finnish Cyber Security Strategy regards cyber intelligence and creation and maintenance of cyberwarfare as critical components of the cyber defence capabilities. Cyber intelligence is considered as both the way for providing situational awareness about vulnerabilities, threats and adversary capabilities and the tool for supplying information for offensive capabilities (cyberwarfare).171 81 In Germany, the 2016 National Cyber Security Strategy underlines the importance of an efficient and sustainable cybersecurity architecture at national level. Amongst other measures, such as further development of the National Cyber Response Centre and the foundation of the central office for information technology in the security sphere (ZITiS) that will deliver support for security agencies in IT forensics, encryption, interception of telecommunications and Big Data analysis, one of the main objectives of the strategy is also strengthening the defence capabilities.172 The 2016 National Cyber Security Strategy also emphasises the role of the Federal Intelligence Service (BND). The collection of information related to cyber threats and cyber capabilities of foreign states falls under the general competence of the BND as its general mandate is to gather and evaluate relevant information that is of importance to the foreign or security policy. Furthermore, within its legal competences the BND is explicitly authorised to collect and analyse international telecommunication flows to identify attack signatures (so-called SIGINT Support to Cyber Defense, SSCD).173 In addition, the domestic security agency – the Federal Office for the Protection of the Constitution (BfV) – plays a vital role in the German Cyber Security Strategy by providing resources in the field of counter-espionage and counter-sabotage. The 2016 National Cyber Security Strategy also emphasises the importance of cyber and information technologies in the defence domain. This priority is further developed in the 2016 White Paper on German Security Policy and the Future of the German Army.174 Consequently, the Cyber and Information Space Command (CIR), organised as an individual branch of the German military with an independent organizational structure, started operating in 2017 – it is planned to be fully operational by 2021. The CIR is designed to strengthen protection of military’s own IT infrastructure and computer-assisted weapons systems and to perform the reconnaissance of online threats and to develop capabilities for actively countering cyberattacks (“offensive defence”). Yet, the legal basis and the preconditions, especially the authorisation by the German Parliament, for carrying out such counterattacks are still being debated.175

169 Dutch Ministry of Defence, The Defence Cyber Strategy, 2012, 12, available at: https://ccdcoe.org/ strategies/Defence_Cyber_Strategy_NDL.pdf. 170 Ibid. See also Nieuwboer, National intelligence authorities and surveillance in the EU: Fundamental rights safeguards and remedies, Report on the Netherlands, legal update, 2016, available at: http://fra. europa.eu/sites/default/files/fra_uploads/the-netherlands-study-data-surveillance-ii-nl.pdf. 171 Secretariat of the Security Committee, Finland’s Cyber security Strategy 2013, 28, available at: http:// www.defmin.fi/files/2378/Finland_s_Cyber_Security_Strategy.pdf. 172 German Ministry of Interior, Cyber-Sicherheitsstrategie für Deutschland, 33, available at: https:// www.bmi.bund.de/cybersicherheitsstrategie/BMI_CyberSicherheitsStrategie.pdf. 173 See Brunst, in Dietrich/Eiffler, Handbuch des Rechts der Nachrichtendienste, 2017, 817 (858). 174 German Ministry of Defence, White Paper on Security Policy and the Future of the Bundeswehr, 2016, 36 et seq., available at: http://www.planungsamt.bundeswehr.de/portal/poc/plgabw?uri=ci:bw.plgabw. grundlagen.weissbuch. 175 See Marxsen, JuristenZeitung 2017, 543 (544 et seq.).

150

Tropina/von zur Mühlen

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:58 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Intelligence in Cyberspace

Other examples of setting the priorities related to proactive approaches to cyber 82 intelligence and the development of offensive cyber capabilities can be found in the military strategies as opposite to overarching cybersecurity strategies. For instance, the French National Digital Security Strategy 2015 mentions only 83 defence in cyberspace,176 while the French White Paper on Defence and National Security 2013 calls for the development of intelligence activities for identification of the origin of attack and assessing the capabilities of potential adversaries. The White Paper connects intelligence and the development of offensive action capabilities of the French state as two of the most essential factors of an appropriate response to cyber threats.177 The 2014 Pact for Cyber Defence provides for the development of military capabilities to maintain cybersecurity.178 Shortly after the adoption of the Pact, France established a competence centre for cyber defence. In the beginning of 2017 the cyber defence command unit (COMCYBER) that combines the protection of own infrastructure, cyber intelligence and offensive capabilities, e. g. by the intrusion and destruction of hostile systems (hack backs) was set up under the umbrella of the Ministry of Defence. In Denmark, the Danish Defence Agreement focuses on strengthening the role of the 84 Centre for Cyber Security under the Ministry of Defence and on supporting the establishment and operations of a computer network operations capability in order to provide a capacity that can execute defensive and offensive military operations in cyberspace.179 Furthermore, the Danish Defence Agreement suggests to reinforce the intelligence activities by placing the intelligence services together under one domicile in the Copenhagen area with the aim, among others, of establishment of the new cyber capabilities in the frame of the Defence Intelligence Service.180

E. Conclusions As the issue of cybersecurity and especially of cyber defence is still perceived in 85 Europe as the domain of the nation states, the role of the European Union in promoting cyber intelligence and coordinating Member States efforts to address cyber threats from a strategic intelligence point of view is not very prominent yet. It is yet unclear whether this role will be stronger in the future. The attitude toward cyber intelligence and its integration into the strategies and policies in the EU Member States represents the patchwork of different approaches with such point of divergences as the issue of offensive capabilities and the role of cyber intelligence in cybersecurity as a whole as opposed to cyber defence only. In the meantime, the European Union and its Member States are facing a number of 86 other challenges related to cybersecurity and cyber intelligence such as – just to name a few – the problem of addressing hybrid threats, the policy dilemmas related to 176 Gouvernement de la République française, French National Digital Security Strategy, 2015, available at: https://www.ssi.gouv.fr/uploads/2015/10/strategie_nationale_securite_numerique_en.pdf. 177 Ministère des Armées, French White Paper on Defence and National Security 2013, 71, available at: http://www.defense.gouv.fr/english/dgris/defence-policy/white-paper-2013/white-paper-2013. See also Hathaway et al., France: Cyber Readiness at a glance, 2016, available at: http://www.potomacinstitute. org/images/CRI/CRI_France_Profile_PIPS.pdf. 178 See http://www.defense.gouv.fr/actualites/articles/presentation-du-pacte-defense-cyber. 179 Danish Ministry of Defence, Danish Defence Agreement 2013–2017, available at: http://www.fmn.dk/ eng/allabout/Documents/TheDanishDefenceAgrement2013-2017english-version.pdf, 16. 180 Ibid., 18.

Tropina/von zur Mühlen

151

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:58 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

encryption and access to encrypted information “going dark”181 and the permission of such defensive measures as the ability of the nation state to “hack back”.182 The question of safeguarding human rights remains one of the central issues in view of extraterritorial surveillance programmes that affect a broad range of communications and personal data.183 Furthermore, the role of the industry in providing cybersecurity and sharing information is becoming another point of discrepancy between EU Member States as well as the EU and countries outside of the EU, such as the USA. The role of the governments and the approach to public-private partnership to cybersecurity is being reconsidered on both EU level and on the level of the EU Member States: one can witness a major shift to hands on regulation and to strengthening the role of the governments in providing cybersecurity instead of considering industry as an equal partner. Ultimately, the necessity to enhance the cyber intelligence capabilities requires also addressing the issues of transparency, accountability and oversight of the agencies collecting and analysing information for this purpose. All these issues represent current and medium-term challenges that are going to influence the approaches to cyber intelligence in the EU and its Member States from both policy and practical perspectives. 181 For the debate see e. g. Castro/McQuinn, Unlocking Encryption: Information Security and the Rule of Law, 201, available at: https://itif.org/publications/2016/03/14/unlocking-encryption-information-security-and-rule-law; Abelson et al, Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications, 2015, available at: https://dspace.mit.edu/bitstream/handle/1721.1/ 97690/MIT-CSAIL-TR-2015-026.pdf; Lewis/Zheng/Carter, The Effect of Encryption on Lawful Access to Communications and Data, 2017, available at: https://ec.europa.eu/home-affairs/sites/homeaffairs/files/ what-we-do/policies/organized-crime-and-human-trafficking/encryption/csis_study_en.pdf; Berkman Center for Internet and Society at Harvard University, Don’t Panic: Making Progress on the “Going Dark” Debate, 2016, available at https://cyber.harvard.edu/pubrelease/dont-panic/Dont_Panic_Making_Progress_on_Going_Dark_Debate.pdf. 182 For the debates on hack backs see Lin, Ethics of Hacking Back, 2016, available at http://ethics. calpoly.edu/hackingback.pdf; Messerschmidt, Columbia Journal of Transnational Law 52 (2013), 275. 183 See Schmahl, Intelligence and Human Rights, Part 4 Chapter 1, mn. 21, mn. 28–39, in this volume.

152

Tropina/von zur Mühlen

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:53:59 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4 Intelligence in EU-led military missions and operations Christian Rauwolf Outline A. Introductory Remarks – The military in the “civil world” of the European Union I. From “comprehensive” to “integrated” approach ........................................... 1. EU’s comprehensive approach ........................................................................ 2. The EU Global Strategy (EUGS) – the “integrated approach” as prerequisite for “strategic autonomy”............................................................ B. The development of EU’s military capabilities ......................................................... I. The Headline Goal 2003........................................................................................ II. The Headline Goal 2010........................................................................................ III. Military Rapid Response and Battlegroups....................................................... IV. “Brexit” = new possibilities? ................................................................................. 1. PESCO – The Permanent Structured Cooperation.................................... 2. MPCC – The Military Planning and Conduct Capability........................ C. The EU’s crisis management process .......................................................................... D. EU’s planning process for military operations and missions ................................ E. Command and Control (C2) in EU-led Military Missions and Operations...... I. The PSC .................................................................................................................... II. EU Military Chain of Command ........................................................................ 1. Military Strategic Level (I) – The EU Operations Commander and the EU Operations Headquarters (OHQ)............................................................ 2. Military Strategic Level (II) – The Director of the Military Planning and Conduct Capability (MPCC) and the MPCC...................................... 3. Operational Level – The EU Force Commander and the EU Force Headquarters (FHQ).......................................................................................... 4. Tactical Level – The Component Commanders ......................................... III. EU Military Command and Control Structure................................................ IV. EU Command Options.......................................................................................... V. The EUMS ................................................................................................................ F. Military Intelligence structures in the wake of the development of EU’s military capabilities.......................................................................................................... G. Intelligence support to military missions and operations ...................................... I. Mission ...................................................................................................................... II. Permanent Structures............................................................................................. 1. The EUMS Intelligence Directorate ............................................................... 2. The EU Satellite Centre (SATCEN)............................................................... III. Non-permanent structures in support of military operations...................... H. Tasks but no “tools” – an assessment of EU’s military Intelligence structures. I. EUMS INT ............................................................................................................... II. MPCC ........................................................................................................................ III. OHQ/FHQ................................................................................................................ I. Recommendations............................................................................................................

mn. 1 6 6 11 16 20 22 26 32 34 35 36 45 50 51 52 52 53 54 55 56 57 58 59 64 64 67 67 73 75 80 80 81 85 87

Bibliography: American Chamber of Commerce to the EU (Ed.), The European Defence Action Plan. Challenges and perspectives for a genuine transatlantic defence and industrial relationship, 2018; Bagdonas, Sharing Capabilities, Impetus. Bulletin of the EUMS, 6, 2008, pp. 6–7; Beckmann/Kempin, EU Defence Policy Needs Strategy. Time for Political Examination of the CSDP’s Reform Objectives, SWP Comments 34, 2017; Bendiek, The New “Europe of Security”, SWP Comments 20, 2017; Bendiek, A Paradigm Shift in the EU’s Common Foreign and Security policy: from Transformation to Resilience, SWP Research Paper 11, 2017; Biscop, The Global Strategy and Defence: The Challenge of Thinking Strategically about Means, Impetus. Magazine of the EUMS, 22, 2016, pp. 2–3; Bossdorf, Why the Europeans are Afraid of Trump, European Security and Defence, 2018, 2, p. 1; Brennan, Post-Wiesbaden – “new” considerations on Intelligence development, in: Impetus. Bulletin of the EU Military Staff, 8, 2009,

Rauwolf

153

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:00 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda pp. 20–21; Chin, Ten years of Britain’s war against Al Qaeda, in: Utley (Ed.): 9/11 ten years after: Perspectives and Problems, 2012, p. 2; Council of the European Union, Council Decision of 10 May 2005 amending decision 2001/80/CFSP on the establishment of the Military Staff of the European Union, 2005; Council of the European Union, European Concept for Military Planning at the Political and Strategic Level, Council Document 10687/08, 2008; Council of The European Union, Declaration on strengthening the Common European Policy on Security and Defence, Cologne European Council, 2009; Council of the European Union, EU Military Rapid Response Concept, Council Document 5454/1/09 REV, 2009; Council of the European Union, European Union Concept for EU-led Military Operations and Missions, Council Document 17107/14, 2014; Council of the European Union, Council Conclusions on the EU’s comprehensive approach, 2014; Council of the European Union, EU Concept for Military Command and Control, Council Document 5008/15, 2015; Council of the European Union, EU Military Rapid response Concept, 2015; Council of the European Union, EU Concept for Force Generation, 2015; Council of the European Union, EU HQ Manning Guide – Revision, 2015; Council of the European Union, EUZusammenarbeit im Verteidigungsbereich: Rat beschließt militärischen Planungs- und Durchführungsstab (MPCC), Pressemitteilung 338/17, 2017; Dabas, Turning Political Words into Military Deeds, Impetus. Magazine of the EUMS, 16, 2013, pp. 6–7; Engberg, The EU and military operations: A comparative analysis, 2014; European Commission, Factsheet on the European Defence Union; European Council, European Council, Helsinki 10–11 December 1999; European External Action Service, MPCC Factsheet; European External Action Service (2017), EU Factsheet on PESCO, 2017; European External Action Service, Human Resources Report 2016, 2016; European External Action Service, Factsheet on CSDP; European Parliament, Report on the EU comprehensive approach and its implications for the coherence of EU external action, 2014; European Parliament, Report on the European Defence Union, 2016; Farazmand, Crisis and Emergency Management: Theory and Practice, 2014; Federal Foreign Office of Germany/ Federal Ministry of Defence, The European Security and Defence Policy, 2014; Giegerich, European Military Crisis Management. Connecting ambition and reality, 2017; Gluszko, The Role of the Military in the EU, Impetus. Magazine of the EUMS, 19, pp. 3–5, 2015; Gourlay, European Union procedures and resources for crisis management, International Peacekeeping, 11(3), 2014; Gruszczak, Intelligence Security in the European Union. Building a Strategic Intelligence Community, 2016; Haag, The first ten years of military Intelligence, Impetus. Bulletin of the EUMS, 11, pp. 8–9, 2011; Hamelink, The Battlegroup Concept: A Versatile Force Package, Impetus, Bulletin of the EUMS, 1, pp. 12–15, 2006; Hughes, NATO and the EU: Managing the Frozen Conflict – Test Case Afghanistan, 2007; Hynek, EU crisis management after the Lisbon Treaty: civil – military coordination and the future of the EU Operational Headquarters, in: European Security, 20(1), pp. 81–102, 2011; Ionascu, The EU Military Capability Development Process in: Romanian Military Thinking 3/2015, pp. 132–140, 2015; Jacobsen, Right Strategy, Wrong Place: Why NATO’S Comprehensive Approach will Fail in Afghanistan, UNISCI Discussion Papers No. 22, 2010; Joannin, The European Union and Crisis Management, European Issue, 22, 2016; Johansen/Aggerholm/ Frandsen, Entering new territory: A study of internal crisis management and crisis communication in organizations, Public Relations Review, 38(2), pp. 270–279, 2012; Journal of the European Union, Vol. 50, Treaty of Lisbon amending the Treaty on European Union and the Treaty establishing the European Community, signed at Lisbon, 13 December 2007, 2017; Kempin/Kunz, France, Germany, and the Quest for European Strategic Autonomy. Franco-German Defence Cooperation in A New Era, Notes de l’Ifri/ Notes du Cerfa No. 141,2017; Klaiber, The European Union in Afghanistan – Lessons Learned, 2007; Kozlowski/Palacios, Single Intelligence Analysis Capacity (SIAC) – A Part of the EU Comprehensive Approach, Impetus. Magazine of the EUMS, 14, pp. 10–11, 2014; Kuhn, The System of the EU Crisis Management – From bringing Peace to establishing Democracy?, in: Bogdandy/Wolfrum, (Eds.): Max Planck Yearbook of United Nations Law, Vol. 13, pp. 247–266, 2009; Labuhn, Mit PESCO zur Europa Armee? Der Weg zur EU-Verteidigungsunion bleibt steinig, Europäische Sicherheit & Technik, 02/2018, p. 10–11, 2018; Langlois/Capstack, The role of the military in the EU’s external action – implementing the comprehensive approach, 2014; Lassche, The EU Military Staff: a frog in boiling water?, Militaire Spectator Jaargang 186, Nummer 7/8, pp. 340–352, 2017; Laporte/Fischer, the EU Headline Goal Process, in: Hillmann/Hadjisavvas (Eds.): Military Capability development in the framework of the Common Security and Defence Policy, pp. 39–47, 2012; Major/von Voss, European Defence in View of Brexit, SWP Comments 10, 2017; Marrone/Pirozzi/Sartori, PESCO: An Ace in the Hand for European Defence, 2017; Matlary, European Union security dynamics in the new national interest, 2009; Mattelaer, The CSDP mission planning process of the European Union: innovations and shortfalls, European Integration online Papers (EIoP), 14(1), 2010; Messervy-Whitimg, CSDP’s First Steps, Impetus. Magazine of the EUMS, 21, p. 8, 2016; Mölling, Militärisches Krisenmanagement innerhalb der Europäischen Sicherheits- und Verteidigungspolitik. Strukturen, Akteure und Prozesse für die Planung und Entscheidung, 2009; N.N., EU factsheet on EU Intelligence Analysis Centre (INTCEN); N.N., Joint Declaration on European Defence issued at the British-French Summit (Saint-Malo, 4 December 1998); Ortega, A European Army? But First a Defence Union, Elcano Blog 17 March 2015; Ortega, Europeans, get to work, Elcano Blog 06 September 2016; Perret, The European Union and Crisis Management, European

154

Rauwolf

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:00 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Intelligence in EU-led military missions and operations Issue n° 22, 2006; Perruche, Progress and Achievements, Impetus, Bulletin of the EUMS, 2, pp. 1–5, 2006; Pietz, Flexibility and “Stabilization Actions”: EU Crisis Management One Year After the Global Strategy, ZIF Policy Briefing, September 2017; Pulkkinen, First Months of the Military Planning and Conduct Capability (MPCC), Impetus. Magazine of the EUMS, 24, pp. 4–5, 2017; Simón, Command and control? Planning for EU military operations, European Union Institute for Security Studies Occasional Paper, no. 81, 2010; Simon/Mattelaer, EUnity of Command – The Planning and Conduct of CSDP Operations, Egmont Paper, 4, 2001; Sönmez/Dikici/Durak, EU Crisis Management Process, Journal of Military and Information Science, Vol. 2(4), pp. 96–100, 2014; Statewatch.org, Britain drops opposition against new EU military command centre, 9 June 2017; Steinsson, NATO’s Comprehensive Approach in Afghanistan: Origins, Development, and Outcome, 2015; Tardy, MPCC – towards a EU military command?, EUISS Brief, 17/2017; Treverton, Foreword, in: Johnston (Ed.): Analytic Culture in the US Intelligence Community, 2005; Toucas, Debunking myths about Strengthened EU Security and Defence Cooperation, 2016; US Department of the Army Headquarters, Intelligence Officer’s Handbook, Field Manual 34-8-2, 1998; US Department of the Army Headquarters, Intelligence, Field Manual 2-0, 2014; Van Osch, The Strength of the EU, Impetus. Bulletin of the EUMS, No. 12, pp. 1–2, 2011; Walsh, Intelligence-Sharing in the European Union: Institutions are not enough, in: JCMS, Volume 44 (2006), Number 3, pp. 625–643; Walsh, Security Policy and Intelligence Cooperation in the European Union, 2009; Waltz, Knowledge Management in the Intelligence Enterprise, 2003.

A. Introductory Remarks – The military in the “civil world” of the European Union In the “civil world” of the European Union (EU) the military is often still perceived as 1 an alien object, although the civil-military cooperation was and is one of the central aspects of the EU crisis management structures and processes1. More than 30.000 women and men work for the Commission, around 3500 in the General Secretariat of the Council, around 7500 in the European Parliament2 and approximately 5000 for the European External Action Service (EEAS) in and outside of Brussels3, compared to less than 200 soldiers that serve in the European Union’s Military Staff (EUMS)4. Compared to NATO, that – in its core function – is a military alliance, the EU’s self-concept is a civil one. Nonetheless, since the beginning of military missions and operations under the command of the EU5 in 2002, the EUMS forms an integral part of the institutions – at the beginning since 2001 as part of the Council’s General Secretariat and since 2009 as part of the EEAS. In a changing world, were the EU was and still is increasingly forced to accept the 2 responsibility to conduct military operations, the few soldiers that serve at the Schuman Square provide the sole military expertise needed. The EUMS works under the authority of the High Representative/Vice President of the European Commission HR/VP and is the source of collective (multi-disciplinary) military expertise within the EEAS. In addition, the EUMS works under the direction of the EU Military Committee6 1

See Mölling, Militärisches Krisenmanagement, p. 3. See https://europa.eu/european-union/about-eu/figures/administration_en, accessed 01 March 2018. 3 EEAS HR Report 2016, https://eeas.europa.eu/sites/eeas/files/eeas_human_resources_reports_2016. pdf, accessed 01 March 2018. 4 See van Osch, The Strength of the EU, p. 1. 5 When considering EU crisis management one has to differentiate between two general types of actions: crisis management operations, which generally have a strong military component and are based on an executive mandate, and crisis missions, which have a predominantly civilian nature. Since the launching of the EU Training Mission for Somalia in 2010, a third option has been established: a military engagement with a non-executive mandate, the so-called “military (training) mission”. The two types of actions are often combined, especially in the field of civilian-military crisis management in which the EU specializes; see Kuhn, EU Crisis Management, p. 248. 6 The European Union Military Committee (EUMC) is the highest military body set up within the Council. The EUMC is composed of the Chiefs of Defence (CHODs) of the Member States, who are regularly represented by their permanent Military Representatives (MilReps).The EUMC provides the 2

Rauwolf

155

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:01 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

(EUMC) where its strategic planning capability is often utilised. The enabling capabilities of the EUMS include early warning, situation assessment, strategic planning, concept development, training and education and support of partnerships through military-military relationships, in short: it is the unique source of military expertise and planning capabilities.7 3 From its beginning, a small part of the EUMS, the Intelligence Directorate (EUMS INT), provided the basis for the assessment of the military situation in the countries of interest to the EU. With the growing number of crises in the neighbourhood of the EU and the increasing number of military engagements of the Union, the role of the military gained increasingly in importance. 4 Military Intelligence focuses on military threats posed by state and non-state actors in “traditional” armed conflicts as well as asymmetric conflicts8. Its main task on the tactical and operational level has always been and remains to inform the military commander about the possible and probable intentions and capabilities of an actual or potential adversary and to raise the awareness of risks and dangers in the area of operations (AOO) – all this with the aim to provide a solid base for the military commander’s decisions on the battlefield. On the strategic and political level, the task changes and “Military Intelligence” becomes “Defence Intelligence”: it focuses on the information of the military command and the political leadership to provide the information needed for a solid decision-making process. 5 EU military Intelligence was directly connected to the development of the Common Security and Defence Policy (CSDP).

I. From “comprehensive” to “integrated” approach 1. EU’s comprehensive approach Since the end of the 90s, the need to accompany military operations with coherent civil actions in the fields of “nation building”, “Disarmament, Demobilisation and Reintegration” (DDR), Security Sector Reform (SSR) and economic development amongst others was recognized by all major security actors9, nations as well as international organisations like NATO or the EU10. 7 The coherent application of military and civil actions is commonly referred to as “comprehensive approach (CA)”11. There is no universal definition for CA, the EU focuses mostly on using its “diverse policies and tools in a coherent and consistent manner”12. 6

Political and Security Committee (PSC) with advice and recommendations on all military matters within the EU. (https://eeas.europa.eu/headquarters/headQuarters-homepage/5428/european-union-militarycommittee-eumc_en, accessed 29 April 2018). 7 Gluszko, The Role of the Military, p. 4. 8 Gruszczak, Intelligence security, p. 95. 9 See Mölling, Militärisches Krisenmanagement, p. 3; Joannin, Crisis Management. 10 NATO’s engagement in Afghanistan was and is perceived as one of the most striking examples of how a military operation can fail when the appropriate and necessary complementing civil actions are missing or carried out in a uncoordinated way (e. g. Steinsson, NATO’s comprehensive approach; Jacobsen, Right Strategy.). 11 See Council of the European Union: Council Conclusions on the EU’s comprehensive approach, Ch. 1, Article 10 a, § 3, download at: https://europa.eu/capacity4dev/public-fragility/document/councilconclusions-eus-comprehensive-approach, accessed 8 March 2018. 12 Ibid.

156

Rauwolf

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:01 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Intelligence in EU-led military missions and operations

The Treaty of Lisbon within the TEU established that “the Union shall ensure 8 consistency between the different areas of its external action and between these and its other policies. The Council and the Commission, assisted by the High Representative of the Union for Foreign Affairs and Security Policy, shall ensure that consistency and shall cooperate to that effect” [Article 21 (3) 2nd sentence TEU]. A fully comprehensive external action would depend on all civil and military actors 9 to work with a single purpose regardless of organizational and cultural differences13. This does not depend on the creation of fully integrated civil-military entities and chains of command but could be achieved by making the divisions between civilian and military bodies as permeable as possible to reach their full synergy while preserving their different specialized expertise. The military requires an “element of separation” from civilian bodies to develop and maintain its unique skills and ethos14. During the decades since the establishment of the ESDP/CSDP there was never a lack 10 of political declarations. Especially in relation to the Lisbon Treaty a lot of politicians of different countries emphasized the “new quality” in defence cooperation after the signing. However, the European Parliament came, in its “report on the EU comprehensive approach and its implications for the coherence of EU external actions” in the autumn of 2014 to a rather disillusioning assessment: underlining “the fact that the Lisbon Treaty provides the framework for the Union to achieve a more coherent, joined-up and comprehensive approach for the effective pursuit of the Union’s external relations, […the European Parliament] regrets that, despite the Lisbon Treaty innovations, lack of progress in the consistency of the Union’s external action persists. […] It stresses that the EU foreign policy can only be effective if the Member States are willing and able to formulate common policy lines, particularly within multilateral organisations, such as the United Nations [… and] insists that the […comprehensive approach] is the common responsibility of all EU actors in EU institutions, in EU Member States and on the ground in third countries, and that, at the same time, it must fully respect the specific competencies of each institution and actor”15.

2. The EU Global Strategy (EUGS) – the “integrated approach” as prerequisite for “strategic autonomy” The unpredictability of the current US administration16 and the foreseeable departure 11 of the United Kingdom from the EU were and are the main motives17 for the EU to dedicate itself to the undefined target of “strategic autonomy”18, mentioned in the EUGS of 201619. Since then the EU has used the EUGS as a medium to make its citizens aware of the “added value the Union can contribute to security issues”20. To satisfy this requirement, the EU is promoting the “integrated approach” as an 12 expanded version of the comprehensive approach with the aim to enable the Union to “act at all stages of the conflict cycle, acting promptly on prevention, responding responsibly and decisively to crises, investing in stabilization, and avoiding premature 13

See van Osch, The Strength of the EU, p. 9. Langlois/Capstack, The role of the military, pp. 11–12. 15 European Parliament: Report on the EU comprehensive approach, http://www.europarl.europa.eu/ sides/getDoc.do?pubRef=-//EP//TEXT+REPORT+A7-2014-0138+0+DOC+XML+V0//EN, accessed 06 March 2018. 16 Bossdorf, Trump, p. 1. 17 Toucas, Debunking myths, p. 1. 18 EEAS, Global Strategy, p. 19, download at: https://europa.eu/globalstrategy/en/file/814/download? token=I-Kb0OrS, accessed 30 April 2018. 19 Biscop, Global Strategy, p. 3. 20 Bendiek, Europe of Security, p. 2; Toucas, Debunking myths, p. 2. 14

Rauwolf

157

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:02 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

disengagement when a new crisis erupts”21. “The EU will therefore pursue a multiphased […and] a multi-level approach to conflicts, acting at the local, national, regional and global levels”22. 13 First idea for the creation of a security and a defence union date back to the early 2000s but failed to be realized until in its report on future military cooperation in October 2016, the European Parliament (EP) called for a newly created defence union, to “facilitate closer interlocking of national troops and […to] transform the EU Battlegroups into standing units23. 14 Almost like an answer to the EP demands, the European Commission in November 2016 presented its European Defence Action Plan (EDAP) which contains a new level of ambition, stating that the EU should be capable of leading “ten civilian and five military operations” simultaneously24 and that a Military Planning and Conduct Capability (MPCC) was to be established until Summer 2017 to compliment the already existing Civil Planning and Conduct Capability,25 thus enabling the integrated approach to be realized at the strategic level in Brussels. 15 This creation of a permanent military command structure on the military strategic level in Brussels marked the latest step of a process that started nearly three decades ago with the development of the first military capabilities of the EU.

B. The development of EU’s military capabilities The Maastricht Treaty of 1993 gave birth to the EU, built on three pillars: the institutions and competences of the European Communities as developed since 1957, police and judicial cooperation and the Common Foreign and Security Policy (CSFP)26. 17 The first draft of the CFSP dates back to 1992. With the end of the cold war and the start of the war in Yugoslavia, the Western European Union (WEU27) put forward the reorganization of the armies in Europe with three fundamental missions as a basis: humanitarian and evacuation missions, peacekeeping missions and combat missions to 16

21

EEAS, Global Strategy, pp. 9–10. EEAS, Global Strategy, pp. 28–29. 23 European Parliament: Report on the European Defence Union, http://www.europarl.europa.eu/sides/ getDoc.do?pubRef=-//EP//TEXT+REPORT+A8-2016-0316+0+DOC+XML+V0//EN, accessed 10 March 2018. 24 See European Commission, Factsheet; See American Chamber of Commerce to the EU, European Defence Action Plan. 25 Bendiek, Europe of Security, pp. 3–4. 26 Joannin, Crisis Management. 27 The Western European Union (WEU) was an association of 10 European countries (Belgium, France, Germany, Greece, Italy, Luxembourg, the Netherlands, Portugal, Spain, and the United Kingdom) that operated as a forum for the coordination of matters of European security and defence. The WEU grew out of the Brussels Treaty of 1948 – an agreement between Belgium, France, Luxembourg, the Netherlands, and the United Kingdom to provide for collective defence and to facilitate cooperation in economic, social, and cultural matters. NATO and the Council of Europe, both of which were formed in 1949, developed out of that framework. In 1954 the Brussels Treaty was strengthened and modified to include West Germany and Italy, to end the occupation of West Germany, and to include West Germany in NATO; and the WEU came into being on May 6, 1955. In 1960 the activities of committees for social and cultural affairs were transferred to the Council of Europe. In 1984 the union was “reactivated” and a new agenda established: it recognized the significance of U.S. arms to the defence of Europe and resolved to increase regional military cooperation. In March 2010 the members decided to cease the WEU’s operations, and in June 2011 the organisation officially closed (https://www.britannica.com/topic/Western-European-Union, accessed 29 April 2018). 22

158

Rauwolf

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:02 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Intelligence in EU-led military missions and operations

manage crises and re-establish peace. These so-called “Petersberg Missions” were then incorporated into the Treaty of the European Union28. But only at the Franco-British Summit held in St. Malo on 3 and 4 December 1998, 18 the Heads of State and Government of the United Kingdom and France agreed on the need to give the EU the capacity for autonomous decision-making and action, backed up by credible military forces, in order to respond to international crises when the NATO is not involved29. To avoid unnecessary duplication, it was decided that the EU should take into account the assets of the WEU30. After the agreement between France and the United Kingdom, things began to evolve31 in the framework of the WEU as the organization providing the EU with access to operational capabilities and supporting the EU in the framing of defence aspects of the CFSP32. At the meeting of the European Council in Cologne in June 1999 Heads of State and 19 Government of the EU’s member states declared “that the European Union shall play its full role on the international stage. To that end, we intend to give the European Union the necessary means and capabilities to assume its responsibilities regarding a common European policy on security and defence33. (…) The Union must have the capacity for autonomous action, backed up by credible military forces, the means to decide to use them, and a readiness to do so, in order to respond to international crises without prejudice to actions by NATO”34.

I. The Headline Goal 2003 At the European Council in December 1999 in Helsinki the EU agreed upon a new 20 military target known as the Helsinki Headline Goal, which intended to solve especially the quantitative shortfalls regarding the military capabilities of the EU35. The Member States agreed to put at the Union’s disposal, on a voluntary basis, forces capable of carrying out the tasks set out in Article 17(2) TEU36 in operations up to army corps level (50.000 to 60.000 troops) with the necessary command, control and Intelligence capabilities, logistics, other combat support services and additionally, as appropriate, air and naval elements until 2003. The forces should be able to deploy in full at this level within 60 days, with their deployment sustainable for at least a year37. Meanwhile, the EU-NATO relationship became institutionalised by adopting, in 21 December 2002, in Copenhagen, the NATO-EU agreement allowing the EU to draw on some of NATO’s military assets and capabilities, other than national ones, in order to conduct its own peacekeeping operations. Known as the “Berlin Plus”, it states: – assured access by the EU to NATO planning capabilities for its own military operations; – the availability of NATO assets and capabilities for the EU; 28

Perret, Crisis Management. Lassche, The EU Military Staff, p. 342. 30 Joint Declaration on European Defence issued at the British-French Summit (Saint-Malo, 4 December 1998). 31 Ionascu, Capability Development Process, p. 132. 32 Gruszczak, Intelligence security, p. 97. 33 See Messervy-Whiting, CSDP’s first steps, p. 8. 34 Council of the European Union (2014): European Union Concept for EU-led Military Operations and Missions, Council Document 17107/14, http://data.consilium.europa.eu/doc/document/ST-171072014-INIT/en/pdf, accessed 09 March 2018. 35 Perruche, Progress and Achievements, p. 2. 36 I.e. the above-mentioned “Petersberg Tasks”. 37 Hamelink, The Battle Group Concept, p. 12. 29

Rauwolf

159

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:03 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

– the terms of reference for the Deputy Supreme Allied Commander Europe (DSACEUR) and European Command Options for NATO in the context of a EU-led operation making use of NATO assets and capabilities.

II. The Headline Goal 2010 Following the adoption of the European Security Strategy in December 200338, the EU decided to set a new Headline Goal 2010, changing the focus from the quantitative to qualitative approach39. Building on the Headline Goal 2003, it envisaged that the Member States would “be able by 2010 to respond with rapid and decisive action applying a fully coherent approach to the whole spectrum of crisis management operations covered by the Treaty on European Union”. 23 The process of developing EU military capabilities towards the Headline Goal of 2010 was a staggered and comprehensive one. The first step was to identify strategic planning assumptions. 24 Five illustrative scenarios, comprising a range of possible military operations, were prepared: – Separation of parties by force – Stabilisation, reconstruction and military advice to third countries – Conflict prevention – Evacuation operation – Assistance to humanitarian operations40. 25 Specifically, the new Headline Goal aimed to: – increase the interoperability of available EU forces and strengthen their deployment and sustainment capabilities; – expand the spectrum of EU missions, into the spirit of the Security Strategy provisions; – develop an EU rapid response capability, not only regarding decision-making (with the objective to take the decision to launch an operation within 5 days) but also regarding deployment in theatre (within 10 days following the decision)41. 22

III. Military Rapid Response and Battlegroups The aspired EU’s capability to deploy forces very rapidly was a key aspect of the Headline Goal 2010. 27 Earlier work on the contribution of naval and air forces in rapid response operations resulted in the adoption by the EU Military Council (EUMC) in late 2007 of a Maritime Rapid Response Concept42 and an Air Rapid Response Concept43. 28 To ensure the overall coherence of all concepts relating to rapid response, the EUMC tasked the EUMS to update the Air and Maritime Rapid Response concepts to reflect 26

38

See Laporte/Fischer, Headline Goal Process, p. 40. See Perruche, Progress and Achievements, p. 2. 40 Laporte/Fischer, Headline Goal Process, p. 42. 41 Ionascu, Capability Development Process, p. 133; Laporte/Fischer, Headline Goal Process, p. 41. 42 Council of the European Union, EU Military Rapid Response Concept, http://data.consilium.europa. eu/doc/document/ST-5008-2015-INIT/en/pdf, accessed 9 March 2018, Annex D. 43 See Council of the European Union, EU Military Rapid Response Concept, Annex E. 39

160

Rauwolf

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:03 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Intelligence in EU-led military missions and operations

the revised Military Rapid Response concept and to examine the possible need for a Land Rapid Response concept44. On 1 January 2007, the EU achieved full operational capability to conduct two 29 concurrent rapid response operations of the size of a Battlegroup (BG) of around 1500 soldiers45. Since then, Member States have managed collectively to permanently provide to the 30 EU two Battlegroups of 1500 up to 2500 personnel. Battlegroups are a specific form of Rapid Response elements. They remain on standby for six months and can be ready to start implementing their mission within 10 days after the Council’s decision to launch the operation and for a maximum of four months. A Battlegroup Coordination Conference is organized every six months to receive offers from Member States to populate the standby roster. Member States conducted a review of the Military Rapid Response Concept from a 31 joint perspective, taking into account the necessary global approach to crises. The revised concept was agreed by the EUMC in January 2009 and noted by the PSC46 in April. It newly defined the military rapid response time as a period from 5 to 30 days from the approval of the Crisis Management Concept to the moment when operations commence in the Joint Operations Area47.

IV. “Brexit” = new possibilities? With the United Kingdom’s Prime Minister’s official request of 29 March 2017, 32 invoking Article 50 TEU to leave the Union, the EU will have to change the way it organizes its defence policies. Some assess that the “Brexit” will have only limited impact on the CSDP compared to other policy areas like the single market, stressing the intergovernmental character of the CSDP48. Others, focusing on the role the UK was playing in the last decades, thwarting the development of the CSDP49 – like the establishment of a permanent EU military headquarters, prefer to think that the Brexit will open the door for strong and decisive changes in the time to come50. Already in 2016, some authors have argued that the Brexit will encourage the 33 remaining members, with France and Germany taking the lead, to look more favourably on a permanent structured cooperation (PESCO) as a mechanism to enhance their bilateral security and defence cooperation, with a view to strengthening the EU’s 44

See Council of the European Union, EU Military Rapid Response Concept, Annex C. Hamelink, The Battlegroup Concept, pp. 12–13. 46 The Political and Security Committee is a Committee of the Council of the European Union dealing with the common foreign and security policy (CFSP) mentioned in Article 38 of the Treaty on European Union.It comprises representatives from the 28 EU countries. Its remits are to monitor the international situation in the areas covered by the CFSP; to contribute to the definition of policies and to monitor implementation of policies without prejudice to the powers of the EU’s High Representative for Foreign Affairs and Security Policy. Under the responsibility of the Council and the High Representative, the committee exercises political control and strategic direction of crisis management operations. It may thus be authorised to take decisions on the political control and strategic direction of an operation. It is assisted by a Politico-Military Group, a Committee for Civilian Aspects of Crisis Management, and the Military Committee and Military Staff. (https://eur-lex.europa.eu/summary/glossary/political_security_committee.html, accessed 02 May 2018). 47 Council of the European Union, EU Military Rapid Response Concept, Council Document 5454/1/ 09 REV, dated 27 April 2009, http://register.consilium.europa.eu/doc/srv?l=EN&f=ST%205654%202009% 20REV%201, accessed 10 March 2018. 48 See Major/von Voss, European Defence, p. 1. 49 See Ortega, Europeans. 50 E. g. Bendiek, Paradigm Shift; Labuhn, PESCO; Marrone/Pirozzi/Sartori, Ace in the Hand. 45

Rauwolf

161

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:04 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

ambitions to arrive at (what German Minister of Defence Ursula von der Leyen calls) a “European Defence Union” (EDU)51.

1. PESCO – The Permanent Structured Cooperation 34

In its Fact sheet on PESCO the EEAS states that the EUGS “started a process of closer cooperation in security and defence” amongst the EU Member States. PESCO is described as the tool to realize this overarching aim by allowing Member States to “increase their effectiveness in addressing security challenges and advancing towards further integrating and strengthening defence cooperation in the EU framework”. PESCO, as a “treaty based framework” and process would help to “jointly develop defence capabilities and make them available for EU military operations” thus enhancing the EU’s “capacity as an international security partner”52.

2. MPCC – The Military Planning and Conduct Capability 35

Formally created on 8 June 2017, the MPCC may well be perceived as one of the most tangible deliverables of the latest efforts to revitalise EU defence policy. After the United Kingdom had blocked any progress in regard to the establishment of a permanent military command structure in Brussels, “it is symbolic of a certain evolution of mindset after more than 15 years of politicised discrepancies among member states (sic) on the virtues of an EU proper command structure”53.

C. The EU’s crisis management process EU has a comprehensive planning concept that establishes a framework for EU crisis management54. It covers a substantially wide range of situations and activities and includes interventions, designed to end armed conflicts55. This planning process is a quite flexible one that can be adapted to all types of possible EU-led missions and operations and all phases of crisis management56. 37 The process can be divided in six different phases starting from the political-strategic level down to the tactical level. These stages are; Monitoring, Crisis Management Concept, Strategic Options, Operational Planning, Conduct of Operation, and Evaluation57. 38 Monitoring, including early warning and advance planning, is considered as the first phase of crisis management planning58. The monitoring is conducted by several EU entities: the EU Satellite Centre (SATCEN), EU Situation Room and the EU Intelligence Analysis Centre (INTCEN)59. The EU Situation Room continuously scans the world events by focusing on the topics related to EU’s foreign interests60. In case of an 36

51

Ortega, European Army. European External Action Service (2017), EU Factsheet on PESCO, https://eeas.europa.eu/sites/eeas/ files/pesco_factsheet_19-10-2017_1.pdf, accessed 6 March 2018. 53 Tardy, MPCC, p. 1. 54 Sönmez/Dikici/Durak, Crisis Management Process, p. 96.; Dabas, Turning words into deeds, pp. 6–7. 55 Perret, Crisis Management. 56 Farazmand, Crisis and Emergency Management, p. 178. 57 See Hynek, EU crisis management, p. 83. 58 Mattelaer, CSDP mission planning process, pp. 3–4. 59 EU factsheet on EU Intelligence Analysis Centre (INTCEN), http://eu-un.europa.eu/factsheet-on-euIntelligence-analyses-center-intcen/, accessed 11 March 2018; see also Palacios, EU intelligence: On the road to a European Intelligence Agency?, Part 3 Chapter 1, in this volume. 60 Sönmez/Dikici/Durak, Crisis Management Process p. 97. 52

162

Rauwolf

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:04 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Intelligence in EU-led military missions and operations

emerging crisis, the first step is reviewing or revising – if needed – an existing plan where available. When this is not viable, process for a new plan is initiated. The responsible EEAS geographical desk prepares the Political Framework for Crisis Approach (PFCA)61, which is supported by all services and the respective EU delegations. The outcome of PFCA includes a broad range of options – in other terms, courses of actions – available for EU decision-makers62. The second phase is the development of the Crisis Management Concept (CMC)63. By means of the Crisis Management and Planning Directorate (CMPD), within the EEAS, a joint assessment is made for CMC in EU’s area of interest regarding the crisis. The EUMC, the Committee for Civilian Aspects of Crisis Management (CIVCOM), and an appropriate geographical working group within the EEAS provide necessary advice. After that, CMC establishes a basis for a joint effort that involves general end state, key and interim objectives, delivery of key objectives, and principles for measuring success64. The next step is the development of strategic options. The EUMS compiles Military Strategic Options (MSOs)65 whereas Civilian Planning and Conduct Capability (CPCC) lead police and civilian response options. PSC and Council evaluate all options and approve one of them66. Through these assessments, the Council can choose to act through a Council Decision (CD) with which the Council establishes the operation, appoints the Operation Commander(s) and decides on the financial costs of the operation67. At the same time the Council reserves its right to suspend the planning process at any time and to decide not to act in the framework of the CFSP68. The fourth and most extensive phase is the operational planning, which starts with the initial military directive (IMD) and includes the development of concept of operations (CONOPS) and operation plan (OPLAN)69. Civilian and military planning processes separate at this phase, for details on the military process see next chapter. Regarding the civilian operations, CPCC develops CONOPS before CDs, while military planners issue IMD and CONOPS after respective CDs70. The fifth phase is the conduct of operation. PSC, under the responsibility of the Council and of the High Representative (HR), controls and directs the CSDP operations at political and strategic levels. Civil Operation Commander and Military Operation Commander command and control the mission in the theatre71. In the sixth phase a review is conducted during the operations. EUMS evaluates reports and advises the PSC. Additionally, the HR proposes a set of measures aimed at refocusing or finishing the EU action to the PSC. The PSC agrees and forwards the 61 Council of the European Union, European Union Concept for EU-led Military Operations and Missions, Council Document 17107/14, http://data.consilium.europa.eu/doc/document/ST-17107-2014INIT/en/pdf, accessed 9 March 2018, p. 19. 62 Johansen/Aggerholm/Frandsen, New Territory, p. 273. 63 Council of the European Union: European Union Concept for EU-led Military Operations and Missions, p. 19. 64 Giegerich, Military Crisis Management, p. 38. 65 Council of the European Union, European Union Concept for EU-led Military Operations and Missions, p. 19. 66 Mattelaer, CSDP mission planning process, p. 4. 67 Ibid. 68 This could be the case, for example, if foreseeable conflicting interests or assessments of several Member States would impede the necessary unanimous decision of the Member States’ representatives in the Council. 69 Simón, command and control, pp. 13–14. 70 Sönmez/Dikici/Durak, Crisis Management Process, p. 99. See Simon/Mattelaer, EUnity. 71 Gourlay, procedures and resources, pp. 404–421.

Rauwolf

163

39

40

41

42

43

44

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:05 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

measures to the European Council. The Council decides whether to refocus the EU action, including possible termination, or to launch any further action needed at this stage72.

D. EU’s planning process for military operations and missions 45

46

47

48

49

According to the “EU Concept for Military Planning at the Political and Strategic Level”73 and the EU’s “Concept for EU-led Military Operations and Missions”74, military planning is an iterative process which needs to analyse all relevant factors to determine the military mission. At the political and strategic level this will include analysis of the implications of political objectives, desired end state, restraints and constraints as well as an analysis of the capabilities needed, in order to develop military options75. Military planning is conducted at four levels: – The political and strategic level, – The military strategic level, – The military operational level, – The tactical level.76 “Advance planning” and “crisis response planning” have to be distinguished. Advance planning is conducted to allow the EU to deal with potential crises. Crisis response planning is conducted to enable the EU to deal with a real crisis. It builds on advance planning whenever available77. As mentioned above, once the Council has agreed to prepare a military response to a given crisis, the CMC will be the base for the development of MSOs by the EUMS. A MSO describes a military action designed to achieve the EU objectives as defined in the CMC. A MSO outlines the military course of action, the required resources and the constraints. It usually includes an assessment of feasibility and risk, an idea for the command and control structure and an indicative force capability78. Moreover it should include the desired end state, the exit strategy, and the general objective of the military engagement79. Once one of the developed MSO has been selected, the EUMS will produce the IMD as the basis for the development of the CONOPS and the OPLAN by the Operational Headquarters (OHQ).

72

Sönmez/Dikici/Durak, Crisis Management Process, p. 100. Council of the European Union, European Concept for Military Planning at the Political and Strategic Level, Council Document 10687/08, http://register.consilium.europa.eu/doc/srv?l=EN&f= ST% 2010687%202008%20INIT, accessed 09 March 2018. 74 Council of the European Union, European Union Concept for EU-led Military Operations and Missions. 75 Simón, command and control, p. 8. 76 Council of the European Union, European Union Concept for EU-led Military Operations and Missions, p. 18. 77 Council of the European Union, Concept for Military Planning at the Political and Strategic Level, p. 9. 78 Simón, command and control, p. 12. 79 Simón, command and control, p. 13. 73

164

Rauwolf

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:05 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Intelligence in EU-led military missions and operations

E. Command and Control (C2) in EU-led Military Missions and Operations The EU Concept for Military Command and Control80 defines the responsibilities 50 and the framework for the C2 from the political strategic level to those military elements conducting the mission or operation81.

I. The PSC The PSC, in accordance with Article 38 TEU and under the authority of the Council82, 51 exercises political control83 and strategic direction84 of EU-led military missions and operations85, taking into account advice and recommendations from the EUMC86.

II. EU Military Chain of Command 1. Military Strategic Level (I) – The EU Operations Commander and the EU Operations Headquarters (OHQ) The commanding officer of the OHQ, the “EU Operations Commander” (OpCdr) is 52 a commander nominated by the Council or the PSC to conduct a defined military operation. This includes the responsibility to develop the CONOPS and the OPLAN. Moreover the OpCdr has to coordinate the deployment, sustainment and re-deployment of the EU force. The OpCdr is supported by the staff of the static headquarters located outside the area of operations (AOO), the OHQ87.

80 Council of the European Union, EU Concept for Military Command and Control, Council Document 5008/15, http://data.consilium.europa.eu/doc/document/ST-5008-2015-INIT/en/pdf, accessed 09 March 2018. 81 Council of the European Union, EU Concept for Military Command and Control, p. 6. 82 See Mölling, Militärisches Krisenmanagement, p. 7. 83 Political Control is the setting of political objectives and parameters, and the balancing of aims and means to achieve these objectives. It provides the framework within which the military operations can take place and defines their nature and scope (Council of the European Union, EU Concept for Military Command and Control, p. 7). 84 Strategic Direction is the translation of political and strategic objectives into guidance, enabling the military mission or operation to be planned and conducted (ibid.). 85 Council of the European Union, EU Concept for Military Command and Control, p. 7, pp. 16–17. 86 The EUMC provides the PSC with military advice and recommendations on the planning and conduct of EU-led military operations. The Chairman of the EUMC (CEUMC) acts as EUMC spokesman in the PSC and acts as the primary point of contact to the OpCdr (see Council of the European Union, EU Concept for Military Command and Control, p. 17). It is important to recognize that the EUMC is not a formal part of the chain of command within a military mission or operation led by the EU. Nevertheless it is the highest board providing military advice to the PSC and, with the chairman taking part in the PSC sessions, has an important role to play when it comes to decisions with military relevance taking into account the purely civil structure of the PSC; see Mölling, Militärisches Krisenmanagement, pp. 7–9. 87 Council of the European Union, EU Concept for Military Command and Control, p. 8, pp. 18–19.

Rauwolf

165

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:06 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

2. Military Strategic Level (II) – The Director of the Military Planning and Conduct Capability (MPCC) and the MPCC 53

In line with the Council Conclusions of 14 November 2016 on the implementation on the EUGS88 and after the UK dropped its opposition against it89, the MPCC was established as a part of the broader ongoing work to strengthen EU’S security, defence and crisis management capacity. Assuming responsibility at the strategic level for the operational planning and the conduct of EU’s non-executive military missions90, the MPCC was established within the EUMS and with its Director General as the Director of the MPCC who assumes the same roles, tasks and command relationships as those attributed to the military Operations Commanders. Working closely with its civilian counterpart, the CPCC through a Joint Support Coordination Cell (JSCC), the MPCC has to ensure “maximum coordination of civilian and military synergies and sharing of expertise”.91

3. Operational Level – The EU Force Commander and the EU Force Headquarters (FHQ) 54

The EU Force Commander (FCdr) is the military commander appointed by the Council or the PSC, acting under the authority of the OpCdr to execute a military operation. He is authorized to command assigned forces within a designated AOO supported by a headquarters deployed inside the AOO, the FHQ92.

4. Tactical Level – The Component Commanders 55

Component Commanders (CC) are designated by the FCdr or higher authority and are given the authority to accomplish missions and tasks assigned by the FCdr in the respective field of action (e. g. air, land, maritime, special forces)93.

III. EU Military Command and Control Structure 56

The EU military operational chain of command is based on a vertical top to bottom responsibility94.

88

Pietz, Flexibility. Statewatch.org, Britain drops opposition. 90 Currently the EU Training Missions (EUTM) in the Central African Republic, Mali and Somalia. 91 European External Action Service, MPCC Factsheet, https://eeas.europa.eu/sites/eeas/files/ mpcc_factsheet.pdf, accessed 06 March 2018. 92 Council of the European Union, EU Concept for Military Command and Control, p. 8, p. 20. 93 See Council of the European Union, EU Concept for Military Command and Control, p. 9, p. 21. 94 Council of the European Union, EU Concept for Military Command and Control, p. 12. 89

166

Rauwolf

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:06 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Intelligence in EU-led military missions and operations

Diagram:

IV. EU Command Options There are generally two command options for an EU-led military operation: an 57 autonomous one, where the EU on the military strategic level chooses one national OHQ offered by a Member State or one where the EU conducts an operation with recourse to NATO assets and capabilities95.

V. The EUMS The EUMS, like the EUMC, is not part of the military chain of command of an EU- 58 led military operation96. Nevertheless, the EUMS supports the EUMC in monitoring the execution of the operation97 and liaises closely with an active OHQ98. 95 Council of the European Union, EU Concept for Military Command and Control, p. 14; Council of the European Union, EU HQ Manning Guide – Revision, http://data.consilium.europa.eu/doc/document/ ST-15920-2011-EXT-1/en/pdf, accessed 10 March 2018, p. 8; Perruche, Progess and Achievements, p. 3; see Mölling, Militärisches Krisenmanagement, p. 13. 96 However, as mentioned above, in case of a EU-led military mission, the Director General of the EUMS takes over the responsibilities according to the ones of a military operations commander. 97 Council of the European Union, Council Decision of 10 May 2005 amending decision 2001/80/CFSP on the establishment of the Military Staff of the European Union, https://www.cvce.eu/content/publication/2006/8/21/1b4518ca-3924-441c-a31f-d9883164b66f/publishable_en.pdf, accessed 09 March 2018. 98 See Council of the European Union, EU Concept for Military Command and Control, p. 17.

Rauwolf

167

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:07 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

F. Military Intelligence structures in the wake of the development of EU’s military capabilities 59

60

61

62

63

The development of military Intelligence in the EU context was directly connected to the evolution of the CSDP. At the end of the 1990s the leading Member States began to search for alternatives to their national concepts which were often too limited, taking into account globalization, “new wars” and the proliferation of threats. A new system based on “multinational risk sharing and the pooling of military capabilities” in all sectors, including the Intelligence domain, was needed99. The intensification of EU military and defence cooperation since the end of the 1990s led to the development of the first forms of military Intelligence structures in the framework of the WEU100. The EUMS, established 2001, remains to be the core element of the security and defence structures of the EU. Its main objective in the beginning was to provide support and assistance to civilian missions101. Appropriate national and multinational Intelligence capabilities, converging in the EUMS, were crucial to perform early warning, situation assessments and strategic planning for military reactions to evolving threats to the EU’s security102. The construction of an “EU military Intelligence hub” in the new institutional context was a demanding task. The rapid deterioration of the global and European security environment after the 9/11 attack NATO’s intervention in Afghanistan and the subsequent terror attacks in Spain and the United Kingdom led to the need of enhancing multinational cooperation in the Intelligence domain to counter these threats103. During their informal meeting in Warsaw in March 2007, the EU’s ministers of defence agreed to improve planning and support of operations104. Furthermore, the EUMS Intelligence Division was formally tasked to provide input to advance planning, crises response, operations and exercises105. This included a formal involvement in EUMS planning, participation in “Mission Monitoring Teams” and provision of Intelligence analysis and products106.

G. Intelligence support to military missions and operations I. Mission 64

Intelligence support has to provide an analysis of the current situation, consider potential and emerging issues and include an evaluation of their possible development. A military mission or operation may be confronted with a particularly fluid operational 99

Matlary, Security dynamics, p. 7. Gruszczak, Intelligence Security, p. 97. 101 See Kuhn, EU Crisis Management, pp. 253–258 for an elaborate analysis of the legal, procedural and structural challenges and implications of a civil-military cooperation in a crisis management framework. 102 European Council, Helsinki, p. 89. 103 Chin, Ten years, pp. 27–43. 104 Engberg, Military operations, p. 38. 105 Gruszczak, Intelligence security, p. 100. 106 Brennan, Post-Wiesbaden, p. 20. 100

168

Rauwolf

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:07 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Intelligence in EU-led military missions and operations

environment, a limited time available for a comprehensive Intelligence preparation of the battlefield (IPB), which is vital for planning a decision-making at the strategic and operational level. To enhance situational awareness of the deployed forces and enable them to mitigate effects of rapidly changing conditions related to the specific characteristics and risks involved in a military mission or operation, the deployed forces must have integral Intelligence capabilities and appropriate analytical capabilities to provide Intelligence support locally. Reach-back capabilities (from Member States and partners) have to provide crucial support, especially in the planning and during the initial phase of the military mission or operation107. Generally speaking, Intelligence activities in a military environment are divided 65 according to the level of command: – Strategic Level – entailing global and sectoral situational analysis, threat assessment and risk analysis, anticipation of threats and challenges posed by potential or actual adversaries; – Operational Level – support for planning and conduct, crisis response, Intelligencedriven actions, loss and damage assessment; – Tactical Level – targeting, command and control, surveillance, real-time operational picture108. From a military commander’s point of view, from the military strategic to the tactical 66 level, Intelligence serves as one of the most important decision-making tools. The Intelligence section of his headquarters has to provide continuous Intelligence and information to enable him to conduct the operation and at the same time minimize risk109. The commander requires Intelligence about the adversary and the battle space prior to engaging in operations and in order to effectively execute his missions across the full spectrum of operations. Intelligence helps the commander to visualize the battle space, organizing his forces and controlling operations to achieve the desired strategic, operational or tactical objective. Furthermore, Intelligence supports force protection by alerting the commander to emerging threats and assisting in security operations110.

II. Permanent Structures 1. The EUMS Intelligence Directorate The core of the EU’s permanent military Intelligence structures is the Intelligence 67 Directorate of the EU Military Staff (EUMS INT). Its mission is “to provide Intelligence input to early warning and situation assessment, to contribute to the EUMS planning through the provision of Intelligence and Intelligence planning expertise and to provide the Intelligence input to crisis response planning and assessment for operations and exercises”111. EUMS INT is organized into three different branches, reflecting the traditional 68 Intelligence cycle requirements and division of tasks112. The Policy Branch is responsible for the development of Intelligence concepts and 69 contributes to the planning of EU military operations. 107

See Council of the European Union, EU Military Rapid response Concept, pp. 13–14. Waltz, Knowledge Management, p. 13; Treverton, Foreword, p. XI, Gruszczak, Intelligence security, p. 47. 109 See US Department of the Army Headquarters, Intelligence Officer’s Handbook, p. 1-1. 110 US Department of the Army Headquarters, Intelligence, p. 1-1. 111 https://eeas.europa.eu/headquarters/headquarters-homepage_en/5436/The%20European%20Union %20Military%20Staff%20(EUMS), accessed 01 March 2018. 112 Kozlowski/Palacios, SIAC, p. 10. 108

Rauwolf

169

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:08 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

The Support Branch is responsible for strengthening the cooperation with the military Intelligence organizations of the Member States and the information and Intelligence management and distribution. 71 The Production Branch is the central element of the Intelligence Directorate. Its function is to ensure that Intelligence production meets the needs of EU institutions and bodies113. Within the framework of the Single Intelligence Analysis Capacity (SIAC)114 mechanism, the Production Branch works closely with the EU Intelligence Analysis Centre and prepares joint, multi-source-Intelligence products115. 72 For its products, the production Branch relies on finished Intelligence provided by Member States Defence Intelligence Organisations (DIO)116. Member States use their representatives to supply Intelligence to the Military Staff and to communicate Intelligence from EUMS INT to their relevant national agencies117. EUMS INT uses Intelligence shared by Member States but it does not solely depend on these contributions. In addition, it uses Intelligence gathered by bodies and delegations of the EU118 to produce its assessments for the Military Committee, the HR/VP and other EU institutions. The sharing Intelligence with the EUMS INT has a main problem: there is no requirement that Member States share Intelligence that might be of value or interest to the EU or to other Member States, adhering is explicitly voluntary119.The EU representations as well as the Intelligence personnel in operations and missions are able to openly collect information from sources in the field, but all in all the EU lacks the possibilities of a DIO when it comes to systematic collection or analysis of Intelligence120. 70

2. The EU Satellite Centre (SATCEN) “Under the supervision of the Political and Security Committee and the operational direction of the EU’s High Representative for Foreign Affairs and Security Policy (HRIUP), the SATCEN provides decision-makers with early warning of potential crises. This enables them to take diplomatic, economic and humanitarian measures in good time, including generic planning for intervention”121. 74 Since the establishment of the SATCEN, geospatial Intelligence capabilities have been gradually developed as a result of the deepening cooperation with Member States122. SATCEN’s involvement in support of military missions and operations has evolved during the last decade. It reflects the changing international environment and is a result of the EU’s decision-making process becoming more complex and thus more dependent on situational assessments and risk analysis, especially when the use of military force is one of the options contemplated123. 73

113

Gruszczak, Intelligence security, pp. 105–106. See Kozlowski/Palacios, SIAC, p. 11. 115 Haag, The first ten years, p. 8. 116 Bagdonas, Sharing capabilities, p. 7. 117 Walsh, Security Policy, pp. 9–10. 118 Walsh, Security Policy, p. 15. 119 Walsh, Security Policy, p. 14. 120 Walsh, Security Policy, p. 15. 121 See https://europa.eu/european-union/about-eu/agencies/satcen_en#what_it_does, accessed 1 March 2018. 122 Gruszczak, Intelligence security, p. 107. 123 See Gruszczak, Intelligence security, p. 109. 114

170

Rauwolf

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:09 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Intelligence in EU-led military missions and operations

III. Non-permanent structures in support of military operations The Intelligence related capabilities of an EU force are the result of the “force generation process” that precedes the establishment of any military or civil mission or operation. Guidelines for the force generation are laid down in the “EU Concept for Force Generation”124. Member States political commitment, which later translates into appropriate military assets/forces/capabilities offered, constitutes a key for the success of an EUled military operation/mission. Without adequate offers from MS, the force generation process cannot be successfully completed. The appropriate military assets/forces/capabilities to execute the operation/mission must have been committed before the EU Operation Commander (OpCdr) or EU Mission Commander (MCdr) can recommend the decision to launch the operation/mission125. When it comes to the military headquarters, a second process very similar to the force generation, takes place to man the posts which follows the guidelines of the “EU HQ Manning Guide”126. Key principles for the manning of an EU headquarters are as follows: – “The commanders of both OHQ and FHQ are responsible for the manning of their HQ and will adopt a mission-tailored approach to meet the requirements of the operation. – Multinationalisation of the HQ is the overarching principle. However, manning will be driven by functional requirements of the operation, rather than to facilitate the participation from MS […]. – The manning of the EU HQ will be reviewed periodically throughout the course of the operation. – In order to achieve a wide degree of commonality across the potential EU HQ and to facilitate functional links between Strategic and Operational Levels, it is encouraged that HQs should stick to the generic EU HQs structure.” These general principles are valid for all parts of the headquarters. When it comes to the manning of the posts based on the structure decided by the headquarters’ Commander, it is the MS that have to fill the posts. Like the force generation process, the manning process is the result of several conferences with the aim to fulfil the demands of the commanders with the contribution of the MS. In regard to the Intelligence Directorate of the headquarters, the declassified version of the manning guide contains an interesting assumption: “It is assumed that, in addition to the NIC at the EU FHQ, most (EU and non-EU) TCNs will establish either a NIC or a NILO127 at the EU OHQ” with the aim to provide direct Intelligence support to the commanders.

124 Council of the European Union, EU Concept for Force Generation, http://data.consilium.europa.eu/ doc/document/ST-14000-2015-INIT/en/pdf, accessed 10 March 2018. 125 Council of the European Union, EU Concept for Force Generation, p. 5. 126 Council of the European Union (20154): EU HQ Manning Guide – Revision, http://data.consilium. europa.eu/doc/document/ST-15920-2011-EXT-1/en/pdf, accessed 10 March 2018. 127 TCN: Troop Contributing Nation; NIC: National Intelligence Cell; NILO: National Intelligence Liaison Officer (see EDA acronyms list, https://www.eda.europa.eu/docs/documents/eda_acronyms_ as_of_7_september_2009, accessed 10 March 2018).

Rauwolf

171

75

76

77

78

79

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:09 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

H. Tasks but no “tools” – an assessment of EU’s military Intelligence structures I. EUMS INT 80

Taking into account the many tasks for the EUMS INT derived from the support of the political-strategic decision-making process in Brussels, the Crisis Management Process, the Planning Process for military missions and operations, and the Intelligence support for missions and operations, EUMS INT seems to have more than enough workload for its people. Taking into account that the EUMS in total has roughly between 180 and 200 personnel128, even without official numbers, it’s reasonable to assume that EUMS INT cannot have more than a few dozen. These soldiers have to assume tasks that in NATO are shared by the Joint Intelligence and Security Division of the International Military Staff on the political-strategic level and the Intelligence Directorate of the Supreme Headquarters of Allied Powers in Europe (SHAPE)/Allied Command Operations (ACO) on the military strategic level which are accompanied by the NATO Intelligence Fusion Centre (NIFC). The last entity alone that is tasked to “facilitate the sharing and fusion of Intelligence, contribute to filling Intelligence gaps within ACO, and to support the planning and execution of current operations” comprises more than 200 military and civilian Intelligence professionals129. Even when assuming that all Member States provide only their smartest and brightest analysts to the EUMS INT, it is evident, that the number of people is simply too small to fulfil all the mentioned tasks completely – with regard to the infrastructure, the communication means and the access to Intelligence.

II. MPCC The establishment of the MPCC on 08 June 2017 was celebrated as the first step on the way to a permanent military headquarters on the military strategic level130. Of its intended 25 staff members, only 10 were additional ones, the rest recruited from the EUMS and the former EU Operations Centre. Half a year later, in December 2017, the Director General of the EUMS and Director of the MPCC was not able to declare “MINIMUM Operating Capability” because he lacked the personnel131 – it seems that Member States were not able or willing to provide the extra 10 military officers. 82 There are no official numbers available to the Intelligence personnel serving within the MPCC. Taking into account the small amount of additional personnel, it seems that most of the Intelligence related tasks are performed by the EUMS INT with the result that an entity designed to provide Intelligence to the political decision-makers on the strategic level would (still) be burdened with operational level tasks. 81

128

Lassche, The EU Military Staff, p. 342. See https://shape.nato.int/page1139304, accessed 10 March 2018. 130 Council of the European Union, EU-Zusammenarbeit im Verteidigungsbereich: Rat beschließt militärischen Planungs- und Durchführungsstab (MPCC), Pressemitteilung 338/17, https://www.consilium.europa.eu/de/press/press-releases/2017/06/08/military-mpcc-planning-conduct-capability/, accessed 10 March 2018. 131 Pulkkinen, First Months of MPCC, p. 5. 129

172

Rauwolf

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:10 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Intelligence in EU-led military missions and operations

It seems that the establishment of a permanent military headquarters aimed at 83 conducting military operations is not a goal achieved in the short-term132, taking into account that – even for the highly praised MPCC, Member States are not providing the necessary small amount of additional personnel. Common defence and security building through military means and support for 84 military missions and operations outside the EU’s territory has for decades been hindered by the deficit of political will on the part of the Member States. However, political endorsement of the concept of military operations and its incremental development in the framework of the ESDP/CSDP has led to the creation and progressive expansion of appropriate institutional arrangements. For example, the establishment of EUMS INT and its cooperation, especially with INTCEN and SATCEN have vastly expanded Intelligence capabilities in support of EU’s strategic objectives and national interests likewise133.

III. OHQ/FHQ The need for capable and resilient Intelligence structures in operations persists. 85 Taking into account, that the permanent structures are already used to capacity if not overloaded, Member States should provide the Intelligence personnel requested by the commanders. But trained analysts are a scarce resource. Member States’ DIOs are often not in the position to provide the experts needed without accepting restrictions in the own organizations. Battlegroups that are fully prepared and manned are generally available but again Member States lack the will to activate one of them when it comes to the decision to launch a new mission or operation and fall back to an ad-hoc creation of a “tailored to the mission/operation”, i. e. tailored to the will of the TCN and not to the need of the commander, designed force. Furthermore, with the force generation and manning process finished, the OHQ will come into existence far too late to assume all the preparatory tasks, especially the IPB based on solid knowledge databases for the operations area. Too less, too late to provide the necessary and fundamental Intelligence support in 86 the first phases of the operation. Operations commanders hence have to hope and to rely on the information provided by either the EUMS INT or by Member States’ DIOs.

I. Recommendations Some authors have for a long time favored a stronger integration of EU’s Intelligence 87 structures, sometimes advocated the creation of a EU Secret Service or a EU body with executive authority to direct the Member States DIOs work at least partly and with the power to demand the Intelligence needed in the (common) interest of the Union134. Others are intercessors for the establishment of a permanent OHQ. Taking into 88 account that the EUMS would not and could not be the core structure of such a headquarters and the investment in personnel, infrastructure and money the buildup of such a structure would imply and considering that it took more than half a year to 132

See Toucas, Debunking myths, pp. 1–2. Gruszczak, Intelligence security, p. 114. 134 Walsh, Security Policy and Palacios, EU intelligence: On the road to a European Intelligence?, Part 3 Chapter 1, in this volume. 133

Rauwolf

173

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:10 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

provide 10 additional seconded national experts to the MPCC – the idea of such a headquarters appears rather fictional. 89 The first step could be to establish an equivalent to the NIFC. Willing Member States could use the PESCO framework to create a common “Intelligence consultant” for national and EU purposes. This “EUFC” could become the core of a permanent OHQ if and when Member States decide to do so or remain as an additional structure providing the Intelligence support to missions and operations in the quantity and quality needed and asked for by EU’s commanders – a call that remains largely unanswered until today.

174

Rauwolf

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:11 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5 NATO Intellingence and Common Foreign and Security Policy* Carlo Masala/Alessandro Scheffler Corvaja Outline A. Introduction ...................................................................................................................... B. NATO’s legacy intelligence structure .......................................................................... I. Intelligence at NATO............................................................................................. II. Member-State level: Committees......................................................................... III. NATO HQ Level: IS and IMS.............................................................................. 1. International Staff............................................................................................... a) NATO Office of Security ............................................................................ b) Intelligence Unit/Terrorist Threat Intelligence Unit ............................ c) Emerging Security Challenges Division and the SAC.......................... 2. International Military Staff............................................................................... a) IMS-INT ......................................................................................................... b) NATO Situation Centre .............................................................................. IV. Intelligence elements in the broader NATO Command Structure ............. 1. J2 at SHAPE ........................................................................................................ 2. The NATO Intelligence Fusion Centre ......................................................... V. Intelligence during NATO operations ............................................................... VI. Problems of NATO’s legacy intelligence structure ......................................... 1. Lack of trust......................................................................................................... 2. Dependence on the United States .................................................................. 3. Fragmentation and duplication....................................................................... 4. Military focus ...................................................................................................... 5. Technical obstacles............................................................................................. C. NATO’s new intelligence structure.............................................................................. D. Intelligence cooperation between NATO and EU.................................................... E. Conclusion .........................................................................................................................

mn. 1 5 5 10 15 15 15 16 18 19 19 23 24 25 27 29 31 32 35 37 38 39 40 49 59

Bibliography: Atkeson, NATO Intelligence: A Contradiction in Terms, Studies in Intelligence 28 (1984), 1; Badcock, Portuguese spy caught passing ‘Nato secrets’ to Russian handler in Rome, The Telegraph, 24.05.2016, available at: http://www.telegraph.co.uk/news/2016/05/24/portuguese-spy-caught-passingnato-secrets-to-russian-handler-in (last accessed 31.05.2018); Ballast, Trust (in) NATO: The future of intelligence sharing within the alliance, Research Paper 170, NATO Defense College, 2017; BBC News, Trump worries Nato with ‘obsolete’ comment, 16.01.2017, available at: https://www.bbc.com/news/worldus-canada-38635181 (Last accessed: 31.05.2018); Bird, NATO’s Role in Counterterrorism, Perspectives on Terrorism 9:2 (2015), 61; Catano/Gaugar, Information Fusion: Intelligence Centers and Intelligence Analysis in: Goldenberg/Soeters/Dean (eds.), Information Sharing in Military Operations, 2017, 17; Clough, Quid Pro Quo: The Challenges of International Strategic Intelligence Cooperation, International Journal of Intelligence and CounterIntelligence 17:4 (2004), 601; Council of the European Union, Remarks by President Donald Tusk after the signature of the EU-NATO declaration, Press Release 420/16, 08.07.2016, available at: http://www.consilium.europa.eu/en/press/press-releases/2016/07/08/tusk-remarks-eunato-joint-declaration (last accessed: 31.05.2018); Črnčec/Urbanc, Streamlining the Intelligence and Security Structures in NATO and the European Union, Sodobni vojaški izzivi (Contemporary Military Challenges) 16:3 (2014), 63; Curtis, A “special relationship”, Master Thesis, Naval Postgraduate School, 2013, available at: https://calhoun.nps.edu/bitstream/handle/10945/34652/13Jun_Curtis_Wesley.pdf (Last accessed: 19.02.2018); Dibenedetto, Implementing the Alliance Maritime Strategy in the Mediterranean: NATO’s Operation Sea Guardian, Research Paper 134, NATO Defence College, 2016; Dempsey, NATO’s Intelligence Deficit: It’s the Members, Stupid!, Carnegie Europe, available at: https://medium.com/@Carnegie_Europe/natos-intelligence-deficit-it-s-the-members-stupid-db33f94c54 (Last accessed: 30.03.2018); ESRI UK, Delivering shared situational understanding, Case Study, ESRI UK, 2011, available at: https:// www.esriuk.com/~/media/esri-uk/Defence/NATO%20IFC%20FINAL.pdf?la=en (Last accessed: 30.03.2018); *

The Chapter was finalized in 2017 and thus only reflects developments up to this point.

Masala/Scheffler Corvaja

175

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:11 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda Flynn/Pottinger/Batchelor, Fixing Intel, Voices from the Field, Center for a New American Security, 2010, available at: http://online.wsj.com/public/resources/documents/AfghanistanMGFlynn_Jan2010.pdf (Last accessed 31.05.2018); Foster, Enhancing the Efficiency of NATO Intelligence Under an ASG-I, Strategy Research Project, United States Army War College, 2013, available at: www.dtic.mil/get-tr-doc/pdf? AD=ADA589230 (Last accessed: 19.02.2018); Freytag von Loringhoven, Adapting NATO intelligence in support of “One NATO”, NATO, available at: https://www.nato.int/docu/review/2017/Also-in-2017/adapting-nato-intelligence-in-support-of-one-nato-security-military-terrorism/EN/index.htm (Last accessed: 16.02.2018); Gebhard/Smith, The two faces of EU-NATO cooperation Counter-piracy operations off the Somali Coast, Cooperation and Conflict 50:1, 107; Gordon, Intelligence sharing in NATO, Atlantisch Perspectiev 6 (2017), 15; Græger, European security as practice: EU–NATO communities of practice in the making?, European Security 25:4 (2016), 478; Gruszczak, Intelligence Security in the European Union, 2016; Gruszczak, NATO’s Intelligence Adaptation Challenge, GLOBSEC NATO Adaptation Initiative, GLOBSEC, 2018, available at: https://www.globsec.org/wp-content/upload/2018/03/NATO’s-intelligenceadaptation-challenge.pdf (Last accessed: 23.04.2018); Howorth, EU–NATO cooperation: The key to Europe’s security future, European Security 26:3 (2017), 454; Iklódy, New Challenges – New NATO, NATO Review, 2010, available at: https://www.nato.int/docu/review/2010/lisbon-summit/New-NATO/ EN/index.htm (Last accessed: 30.03.2018); Intelligence/Information Sharing in Combating Terrorism, NATO, available at: http://www.natolibguides.info/intelligence (Last accessed: 30.03.2018); Kempin, Could France Bring NATO and the EU Closer Together?, Stiftung Wissenschaft und Politik, 2008; Koehler, Enhancing NATO-EU Cooperation: Looking South and Beyond, NDC Conference Report 02/2017, NATO Defense College, 2017, available at: http://www.ndc.nato.int/download/downloads.php?icode=519 (Last accessed: 19.02.2018); Korkisch, NATO gets better intelligence, Strategy Paper 01-2010, Institut für Außen- und Sicherheitspolitik, 2010, available at: http://www.natowatch.org/sites/default/files/NATO_Gets_Better_Intell_April_PDP_0.pdf (Last accessed: 19.02.2018); Kriendler, NATO Intelligence and Early Warning, Special Series 6/13, Conflict Studies Research Centre, Defence Academy of the United Kingdom, 2006; Masala/Scheffler Corvaja, Alliances in: Dunn Cavelty/Balzacq (eds.), The Routledge handbook of security studies, 2. ed., 2016, 349; Menzel, Knowledge Development vs. Intelligence in NATO: A Problematic Delineation and its Ramifications, JAPPC Journal 22 (Spring/Summer 2016), 12; Morrison, Intelligence in the Cold War, Cold War History 14:4 (2014), 575; Murray, How NATO Makes the Unknown Known: A Look at the Improvements to NATO Joint Intelligence, Surveillance and Reconnaissance, JAPPC Journal 22 (Spring/Summer 2016), 12; NATO, Istanbul Summit Communiqué Istanbul Summit Communiqué issued by the Heads of State and Government participating in the meeting of the North Atlantic Council, Press Release (2004) 096, 28.06.2004, available at: https://www.nato.int/cps/ic/ natohq/official_texts_21023.htm (Last accessed: 01.05.2018); NATO, NATO Handbook, 2006; NATO, New NATO division to deal with Emerging Security Challenges, Press Release (2010) 105, 04.08.2010, available at: https://www.nato.int/cps/ej/natolive/news_65107.htm (Last accessed: 01.05.2018); NATO, International Military Staff: Strategic Military Advice and Staff Support for NATO’s Military Committee, 2015, available at: https://www.nato.int/downloads/20150923_150923-ims-brochure-en.pdf (Last accessed: 01.05.2018); NATO, Joint declaration by the President of the European Council, the President of the European Commission, and the Secretary General of the North Atlantic Treaty Organization, 08.07.2016, available at: https://www.nato.int/cps/ic/natohq/official_texts_133163.htm (Last accessed: 01.05.2018); NATO, Statement on the implementation of the Joint Declaration signed by the President of the European Council, the President of the European Commission, and the Secretary General of the North Atlantic Treaty Organization, Press Release (2016) 178, 06.12.2016, available at: https://www.nato.int/cps/ ua/natohq/official_texts_138829.htm (Last accessed: 31.05.2018); NATO, Third progress report on the implementation of the common set of proposals endorsed by EU and NATO Councils on 6 December 2016 and 5 December 2017, 08.06.2018; NATO, NATO leaders agree to do more to fight terrorism and ensure fairer burden sharing, 25.05.2017, available at: ttp://www.nato.int/cps/en/natohq/news_144154.htm (Last accessed: 31.05.2018); NATO, Committees, available at: https://www.nato.int/cps/ic/natohq/topics_49174. htm (Last accessed: 01.05.2018); NATO, Common set of new proposals on the implementation of the Joint Declaration signed by the President of the European Council, the President of the European Commission and the Secretary General of the North Atlantic Treaty Organization, Press Release (2017) 174, 05.12.2017, available at: https://www.nato.int/cps/ic/natohq/official_texts_149522.htm?selectedLocale=en (Last accessed: 31.05.2018); NATO Encyclopedia, NATO, available at: https://www.nato.int/nato_static_fl2014/ assets/pdf/pdf_publications/20180201_2017-nato-encyclopedia-eng.pdf (Last accessed: 31.05.2018); Nordli/Lindboe, Intelligence in United Nations Peacekeeping Operations, 2017; Raik/Järvenpää, A New Era of EU-NATO Cooperation, Report, International Centre for Defence and Security Estonia, May 2017, available at: https://www.icds.ee/fileadmin/media/icds.ee/doc/ICDS_Report_A_New_Era_of_EU-NATO. pdf (Last accessed: 31.05.2018); Rynning, The Divide: France, Germany and Political NATO, International Affairs 93:2 (2017), 267; Schilde, Cosmic top secret Europe?: The legacy of North Atlantic Treaty Organization and cold war US policy on European Union information policy, European Security 24:2 (2014), 167; Schmitt, More allies, weaker missions? How junior partners contribute to multinational

176

Masala/Scheffler Corvaja

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:12 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. NATO Intellingence and Common Foreign and Security Policy military operations, Contemporary Security Policy (2018), available at: https://doi.org/10.1080/ 13523260.2018.1501999 (Last accessed: 09.09.2018). Sims, Foreign Intelligence Liaison: Devils, Deals, and Details, International Journal of Intelligence and CounterIntelligence 19:2 (2006), 195; Smith/Gebhard, EU–NATO relations: Running on the fumes of informed deconfliction, European Security 26:3 (2017), 303; Snyder, Alliance Politics, 2007; Stròzyk, How European Intel Services Connect the Dots, The Cipher Brief, available at: https://www.thecipherbrief.com/article/europe/how-european-intel-services-connect-the-dots (Last accessed: 19.02.2018); Supreme Headquarters Allied Forces Europe, DCOS Operations and Intelligence, available at: https://shape.nato.int/page28353414 (Last accessed: 01.05.2018); Supreme Headquarters Allied Forces Europe, SHAPE Command Structure, available at: https://shape.nato.int/page8251027 (Last accessed: 01.05.2018); Thies, Friendly rivals: Bargaining and burden-shifting in NATO, 2015; Valasek, The roadmap to better EU-NATO relations, Briefing Note, Centre for European Reform, 2007; Walsh, The international politics of intelligence sharing, 2010; Webb, Improvements Required for Operational and Tactical Intelligence Sharing in NATO, Defence Against Terrorism Review 6:1 (2014), 42; Weitsman, Waging War: Alliances, Coalitions, and Institutions of Interstate Violence, 2013; What is the NIFC?, NATO Intelligence Fusion Center (NIFC), available at: http://web.ifc.bices.org/about.htm (Last accessed: 19.02.2018); Wiek, Multilaterale Zusammenarbeit der Geheimen Nachrichtendienste in der NATO – ein Modell für die Europäische Union? in: Daun/Jäger (eds.), Geheimdienste in Europa, 2009, 204; Zapfe, Efficacy, not Efficiency: Adjusting NATO’s Military Integration, Research Paper 118, NATO Defense College, 2015, available at: http://www.ndc.nato.int/download/downloads.php?icode=460 (Last accessed: 19.02.2018); Director of National Intelligence, Intelligence Community Directive 208: Maximizing the Utility of Analytic Products.

A. Introduction NATO and the EU are often described as two institutions that live in the same city, 1 but on different planets.1 Their relationship has been characterized by rivalry and opposite national agendas, and meaningful cooperation has been scarce and difficult.2 Also in the field of intelligence, the cooperation has suffered from problems such as the dispute between NATO-member Turkey and EU-member Cyprus and the unclear division of labor between NATO and EU.3 But the intelligence relationship has also been further compounded by intelligence-specific issues such as the late incorporation of intelligence functions into the EU and its lack of capabilities in this field, which are stressed elsewhere in this book.4 But it would be unfair to shift all of the blame to the EU’s intelligence apparatus. 2 NATO itself looks back at a long series of attempts to develop an appropriate intelligence structure. A famous article by a former U.S. Army head of intelligence in Europe from 1984 even characterized NATO and intelligence as “a contradiction in terms”.5 As put by its newly installed Assistant Secretary General for Intelligence and Security, Arndt Freytag von Loringhoven, himself, intelligence inside NATO “has grown “organically” over the years without a common master plan” – and is therefore turning joint planning and coordination into a significant challenge.6 NATO’s intelligence bodies have also long been criticized for providing too narrowly military-focused intelligence irrelevant for modern conflicts and for not contributing sufficiently in the

1 Council of the European Union, Remarks by President Donald Tusk after the signature of the EUNATO declaration, 08.07.2016. 2 For a concise review of the difficult history of the relationship, cf. Howorth, European Security 26 (2017), 454. 3 Stròzyk, The Cipher Brief, How European Intel Services Connect the Dots, 2017. 4 See Rauwolf, Intelligence in EU-led military missions and operations, Part 2 Chapter 4, in this volume. cf also Gruszczak, Intelligence Security in the European Union, 2016, 203. 5 Atkeson, Studies in Intelligence 28 (Spring 1984), 1 (1). 6 Freytag von Loringhoven, NATO, Adapting NATO intelligence in support of “One NATO”, 2017.

Masala/Scheffler Corvaja

177

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:12 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

fight against terrorism – leading the U.S. president to characterize it as “irrelevant” during his electoral campaign.7 3 The sorry state of the intelligence partnership between NATO and the EU might however be up for some change in the near future. Institutional reforms have been enacted in both institutions: The EU has made significant steps forwards, with the establishment of the IntCent as the most prominent example.8 And with the establishment of its Joint and Security Intelligence Division in 2016, also NATO’s intelligence structure is currently undergoing one of the most fundamental reforms in its history. At the same time, also the pressure for increased cooperation between NATO and EU is increasing: the growing hybridity of threats has blurred the lines between internal security and external defense. At NATO’s 2016 Warsaw Summit, its Secretary General and the Presidents of the European Council and the European Commission issued a Joint Declaration in which they vowed to “boost our ability to counter hybrid threats, including by bolstering resilience, working together on analysis, prevention, and early detection, through timely information sharing and, to the extent possible, intelligence sharing between staffs; and cooperating on strategic communication and response.”9 4 In the light of these recent developments, this chapter aims at providing an overview of NATO’s intelligence apparatus, its cooperation with the EU and the potential for progress in the near to medium-term future. It reviews the important ongoing changes in NATO’s intelligence structures and analyzes the potential for positive side-effects for the EU-NATO intelligence relationship. For this purpose, the chapter starts with an overview of NATO’s legacy intelligence structure, highlights the important changes associated with the establishment of NATO’s Joint Intelligence and Security Division and finally looks at the hurdles of the EU-NATO relationship to see whether the reorganization will have positive secondary effects.

7 BBC News, Trump worries NATO with ‘obsolete’ comment, 16.01.2017. For the inadequacy of current NATO intelligence, cf. Flynn/Pottinger/Batchelor, Fixing Intel, 2010 and Bird, Perspectives on Terrorism 9 (2015), 61. 8 See Palacios, EU intelligence: On the road to an EU Intelligence Agency?, Part 3 Chapter 1, in this volume. 9 NATO, Joint declaration by the President of the European Council, the President of the European Commission, and the Secretary General of the North Atlantic Treaty Organization, 08.07.2016.

178

Masala/Scheffler Corvaja

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:13 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. NATO Intellingence and Common Foreign and Security Policy

B. NATO’s legacy intelligence structure I. Intelligence at NATO Figure 1: NATO’s organizational structure. North Atlanc Council Member-States Military Commiee

Commiees Commiees Commiees

Allied Command Operaons (SHAPE)

Strategic

NATO Command Structure (NATO-owned)

Internaonal Military Staff

Internaonal Staff

NATO HQ

Joint Force Command Lisbon

Operaonal

Taccal

NATO Force Structure (Member-State-owned)

Allied Land Command

Land Land HQs LandHQs HQs

Allied Command Transformaon

Joint Force Command Naples

Allied Air Command

Allied Marime Command

Air HQs Land HQs Land HQs

Marime HQs Land Land HQs HQs

CIS Group/ Cyber

Response Force

Source: Own Research. Note: The structure is simplified for illustrative purposes and misses some important elements such as the Nuclear Planning Group.

Amongst the various problems facing alliances and coalition warfare, establishing 5 appropriate intelligence sharing has always been the toughest nut to crack.10 To develop the necessary unity of effort for common policy – be it for deterrence or actual military operations – allies have to develop a coherent and shared vision of the problem. But even in a close alliance, the interests of allies will not align perfectly. Allied decisionmaking is thus always also a bargaining process, in which allies attempt to maximize their interest and shift the burden to others.11 As a consequence, allies will always remain wary of intelligence provided by others and fear that it is instrumentalized for bureaucratic or national interests. As an example, a German decision-maker will hesitate to base the decision whether to extend a NATO operation solely on NATO or British intelligence and insist on a national assessment. Allies will thus always want to base their decision-making on national intelligence – thus greatly limiting the role for 10 Schmitt, Contemporary Security Policy, 2018, 1. For general problems of alliances at large and coalition warfare more specifically, cf. Masala and Scheffler Corvaja in: Dunn Cavelty/Balzacq, The Routledge handbook of security studies, 2016, 349 and Weitsman, Waging War, 2013. 11 Cf. Snyder, Alliance Politics, 2007.

Masala/Scheffler Corvaja

179

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:14 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

independent alliance intelligence capabilities. Because national intelligence is so crucial for them, they will also be extremely cautious when it comes to sharing intelligence – and if only because they want to protect their sources. Especially when it comes to strategic intelligence, which guides national decision-making, the willingness to share and to trust is thus very limited.12 6 To understand NATO’s intelligence structure and the purpose of its various elements, it is important to distinguish between the two fundamental types of intelligence that exist at NATO: Agreed and Non-Agreed Intelligence.13 NATO Agreed Intelligence (NAI) is intelligence that is developed by NATO member states in a cooperative fashion and subject to unanimity. Its main purpose is to produce common threat assessments that form the basis for alliance planning and decision-making. In the production of NAI, the national intelligence services are in the lead, with designated member states tasked to draft specific chapters and sections. While the first drafts are provided by the member states, the final document requires unanimous approval of all 29 members. Many agreed intelligence products are produced on an annual basis. In the elaboration of NAI, NATO as an organization and its staff elements play a mainly secretarial role and assist the designated lead nations in consensus building for their segments.14 When it comes to NAI, NATO thus acts mainly as a committee, and the task of the organization is to facilitate the process. Because – at least in theory – NAI provides the basis for alliance force posture, planning und acquisition, NAI (and national contributions to it) is inherently political. Through their influence on NATO’s threat assessment, states can align NATO’s priorities with their national ones and manipulate their part of the overall defence burden.15 In any case, the purpose of NAI is not primarily to make NATO a platform for sharing intelligence between member states, but to arrive at a common assessment. 7 The overwhelming part of intelligence at NATO is non-agreed intelligence. It can be divided in two categories: intelligence produced by NATO staff from open and classified sources and national intelligence shared by the member states.16 Non-agreed intelligence produced by NATO staff is aimed primarily at NATO as an organization and is directed at its decision-makers. But it of course also aims at providing added-value to the member states, to which it is also provided. National intelligence shared by with NATO by its member states fulfills the same functions: On the one hand, it is directed at NATO as an organization and serves to facilitate its decision-making. And on the other hand, because it is shared, it is also directed at the other member states. Nonagreed intelligence is essential for enabling the daily operations and decision-making of individual NATO bodies, commands and agencies. Non-agreed intelligence provided by member states can of course be politicized, but its majority is simply OSINT material and releasable finished intelligence provided by the member states. Member states can also play a key role in providing NAI by providing it exclusively to co-nationals inside NATO HQ and/or the NATO Command Structure. 8 Just as important as the difference between Agreed and Non-Agreed Intelligence are NATO’s traditional focus on military intelligence and the very limited degree of intelligence integration. NATO is a political-military alliance and today deals with many issues that extend beyond the military realm. The intelligence it produces has 12 On the problems of intelligence sharing, cf. Walsh, The international politics of intelligence sharing, 2010 and Clough, International Journal of Intelligence and CounterIntelligence 17 (2004), 601. 13 Foster, Enhancing the Efficiency of NATO Intelligence Under an ASG-I, 2013, 4. 14 On NAI and its role in the Cold War, cf. Wiek in: Daun/Jäger, Geheimdienste in Europa, 2009, 204. 15 Cf. Curtis, A “special relationship”, 2013, 7 and Thies, Friendly rivals, 2015. 16 Črnčec/Urbanc, Sodobni vojaški izzivi (Contemporary Military Challenges) 16 (2014), 63 (68).

180

Masala/Scheffler Corvaja

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:14 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. NATO Intellingence and Common Foreign and Security Policy

however always been mainly military.17 This is quite logical: For most of its history, NATO raison d’etre and primary task were to deter and if necessary defend against the Soviet Union and the Warsaw Pact. The most essential intelligence element was accordingly NATO’s assessment of status, posture and strategy of enemy forces, which would serve as a basis for NATO’s force posture and the NATO defense planning process. This would then again serve as basis for the national defense planning of its member states. Intelligence in NATO was therefore focused on strategic-level and military intelligence, with the purpose of defining the overall need for NATO fielded forces.18 Below this strategic level, NATO never developed an integrated intelligence appara- 9 tus. On modern battlefields, NATO units are integrated down to the platoon level. It might thus seem difficult to imagine that there exist no bodies that can provide appropriate intelligence support to NATO operations. But up to this day, NATO’s intelligence structure still mirrors its Cold War posture, in which multinational integration would not occur below the Corps level.19 NATO therefore never developed own intelligence collection capabilities on these levels, because it was assumed that member states would provide intelligence support to their commanders.20 And – to make things worse – because each nation had clearly designated sectors, NATO also never established an operational intelligence structure to coordinate information between the Corps commanders.21 According to Curtis, member states were wary of permitting too much “intelligence dialogue” on the operational level, which could undermine the more controlled dialogue on the strategic level.22 What remained for NATO was strategic intelligence, where only few member states possessed relevant collection capabilities and relied on intelligence provided by the United States and its sophisticated intelligence apparatus – albeit their national services often cooperated with the United States on a bilateral basis. It can thus be summarized that NATO’s intelligence has traditionally lacked any own collection assets, was limited to the strategic level and depended on national and – most importantly – U.S. intelligence. The following paragraphs will provide an overview of the various elements of NATO’s legacy intelligence structure.

II. Member-State level: Committees NATO is built on two premier decision-making bodies, a political and a military one: 10 the North Atlantic Council (NAC) and the Military Committee (MC). The NAC is NATO’s supreme body and consists of its heads of state and government. It also biannually meets in the format of defense and foreign ministers. During daily work in Brussels, where the NAC meets at least once a week, the heads of states and government are represented by their Permanent Representatives (PERMREPS), who usually hold the rank of ambassador. The Military Committee, NATO’s top military authority, provides 17 Kriendler, NATO Intelligence and Early Warning, 2006. There existed also some other more economically-focused NAI-reports, but also those ultimately served to judge the military readiness of the Soviet Union and the Warsaw Pact. See Wiek in: Daun/Jäger (eds.), Geheimdienste in Europa, 2009, 204. 18 Curtis, A “special relationship”, 2013, 15. 19 Zapfe, Efficacy, not Efficiency, 2015, 3. 20 Korkisch, NATO gets better intelligence, 2010, 8. 21 This fact was very criticized even at the day and put NATO at considerable risk. See Curtis, A “special relationship”, 2013, 18 and Atkeson, Studies in Intelligence 28 (1984), 1 (1). 22 Curtis, A “special relationship”, 2013, 7.

Masala/Scheffler Corvaja

181

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:14 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

11

12

13

14

military advice to the NAC and guidance to NATO’s strategic commands.23 It consists of the chiefs of defence of the member states, which are represented by their Military Representatives (MILREPS), who are usually three-star flag officers. NATO Headquarters (NATO HQ) is structured along these lines. Its premier components are the International Staff (IS) and the International Military Staff (IMS). The International Staff, headed by NATO’s Secretary General, supports the North Atlantic Council (NAC) and its many committees and subcommittees – which is where most of the actual work at NATO HQ takes place. The committees play an integral role in NATO`s decision-making, as it is here where the subject-matter experts and decision-makers from embassies, ministries and agencies meet with NATO officials.24 The International Staff is split into seven divisions, each of which is headed by an Assistant Secretary General (ASG). The International Military Staff supports the Military Committee and its respective workings groups, which function by analogy to the NAC’s committees. The IMS consists of 6 six divisions, which are each headed by a 2-star general or flag officer.25 At a first glance, NATO’s intelligence structure mirrors this division into a civilian and a military committee and respective pillars. At the top, there stands both the Civilian Intelligence Committee (formerly the Special Committee) and the Military Intelligence Committee (formerly the NATO Intelligence Board). Since 2011, these two committees have been loosely aligned under the office of NATO`s Deputy Secretary General as head of the Intelligence Steering Board (ISB), which was to coordinate the development of common strategic intelligence requirements.26 This committee structure will remain unchanged by the current reform. To align the CIC and the MIC along the classical division of labor at NATO HQ would however be misguided. The NAC and the MC are not equals: The NAC and its committees take clear precedence and decides on the broader political and military issues and the MC and its working groups on their narrower military implementation. This is different in the realm of intelligence, where it is the civilian committee that carries the very narrow portfolio: As opposed to the other committees and working groups of the NAC, the CIC and its predecessors have traditionally had very limited and defined mandates which focused on espionage and terrorism. Their purpose was to protect the alliance as an organization from infiltration and attacks by terrorists.27 Because the CIC’s mandate is this limited, there accordingly also does not exist an intelligence division in the International Staff. The CIC is instead supported by the NATO Office of Security. While the CIC thus deals with “counterintelligence”, “foreign intelligence” at large is handled by the MIC, which produces most of NATO’s Agreed Intelligence and almost all relevant doctrinal documents. As opposed to other issues, the MIC, and not the CIC, thus also provides “foreign intelligence”-related support to the NAC – no matter if it is military or not. This division into a civilian and a military committee had proved extremely enduring, as allies had already at their 2004 Summit in Istanbul called for “a review of current intelligence structures”.28 CIC and MIC have not only distinct topic areas, but also different national constituents. The heads of the domestic security and hybrid services of the member states meet 23

NATO, NATO Encyclopedia. NATO, Committees. For an in-depth description of NATO’s institutional architecture and decisionmaking process, see the somewhat outdated yet still relevant NATO, NATO Handbook, 2006. 25 NATO, International Military Staff, 2015. 26 NATO, NATO Encyclopedia. 27 Črnčec/Urbanc, Sodobni vojaški izzivi (Contemporary Military Challenges) 16 (2014), 63 (69). 28 NATO, Istanbul Summit Communiqué Istanbul Summit Communiqué issued by the Heads of State and Government participating in the meeting of the North Atlantic Council, 28.6.2004. 24

182

Masala/Scheffler Corvaja

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:15 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. NATO Intellingence and Common Foreign and Security Policy

in the CIC, while the heads of the military intelligence and hybrid services sit in the MIC.29 Both the CIC and MIC were chaired by nations for a one-year term on a rotational basis. It can be imagined that these constituencies brought their national turf wars to their own committees and the relations between CIC and MIC. Jan Ballast describes that the annual informal Joint CIC/MIC November Plenary therefore brought almost eighty representatives to the table, which often disagreed on many issues.30

III. NATO HQ Level: IS and IMS While the committees consist of national representatives, NATO headquarters possesses both an International and an International Military Staff of NATO-hired or seconded personnel. It is here where the reform will bring about the biggest changes.

1. International Staff a) NATO Office of Security NATO’s International Staff is the major component of NATO Headquarters. It is 15 headed by the Secretary General and supports the work of the North Atlantic Council and its committees. While the International Staff consists of civilians and supports the civilian decision-making bodies, it is more than the “civilian” side of the house: The NAC is the alliance’s supreme decision making body and it is here where all decisions are ultimately taken. The International Staff has traditionally lacked an intelligence section – much because NATO lacked a true intelligence committee: As mentioned above, the Civilian Intelligence Committee was not the NAC’s committee on intelligence issues and/or a committee on non-military intelligence, but a rather a special committee with a narrow focus on counterintelligence and security issues. Accordingly, the NATO Office of Security was the only IS section whose primary purpose was intelligence issues, and it had the clearly delineated and limited task of concentrating on the security of the alliance’s personnel and infrastructure. It had its equivalent at Allied Command Operations in Mons with the Allied Command Counterintelligence (ACCI), which is part of the U.S. 650th Military Intelligence Group.31 b) Intelligence Unit/Terrorist Threat Intelligence Unit After the attacks of September 11th, NATO came under sustained pressure to deliver 16 in the field of counterterrorism – especially in the field of intelligence sharing.32 The narrow focus of the NATO Office of Security seemed increasingly unfit: The authors themselves vividly remember presentations of NATO’s above-mentioned counterterrorism section focusing on potential mortar attacks on NATO headquarters. At the 2002 Prague Summit, NATO enacted a reform of its intelligence structure. A Terrorist Threat Intelligence Unit (TTIU) inside NATO HQ was founded. The TTIU was set up with a mandate to conduct assessments of the terrorist challenges, risks and threats to NATO and its member states. All products of the TTIU were non-agreed intelligence. While the TTIU was subordinate to NATO Office of Security, it was co-directed by the Director of International Military Staff for Intelligence (IMS INT) and consisted of

29

Ballast, Trust (in) NATO, 2017, 5–6. Ibid., 6. 31 Korkisch, NATO gets better intelligence, 2010, 38. 32 Ballast, Trust (in) NATO, 2017, 6. 30

Masala/Scheffler Corvaja

183

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:15 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

both military and civilian officials.33 NATO thus already started to bring together the civilian and military components to work in a comprehensive fashion.34 In the aftermath of NATO’s Istanbul summit 2004, which established firm partnerships with states in the Levante (Mediterranean Dialogue) and the Gulf (Istanbul Cooperation Initiative), the Intelligence Liaison Unit was added. Ran jointly by IS and IMS, it was supposed to increase intelligence sharing with these states.35 17 The TTIU was expanded into the Intelligence Unit (IU) in 2011. The IU now no longer fell under the NATO Office of Security and worked on a broader set of issues, reporting to the North Atlantic Council. It was now subordinate to NATO’s Deputy Secretary General and tasked and coordinated by NATO`s Intelligence Steering Board, which included representatives from NATO HQ and NATO’s Strategic Commands.36 According to Foster, over time the IU became the main recipient of intelligence from the member states’ domestic intelligence services and received counter-intelligence and counter-espionage related reports. That member states perceived an added value can be recognized by the fact that the IU was able to double its size over time, mainly through voluntary national contributions.37

18

c) Emerging Security Challenges Division and the SAC The TTIU/IU was not the only part of the IS dealing with intelligence. As a result of its new Strategic Concept, NATO established an Emerging Security Challenges Division (ESCD) in 2010. The new division was supposed to concentrate on “new” threats such as terrorism, cyber, weapons of mass destruction (WMD) and energy security. In contrast to NATO’s other divisions, which report through committees of the NAC, the ESCD reports directly to the Secretary General and his Private Office.38 Inside the ESCD, another intelligence shop, the Strategic Analysis Capability (SAC), was created, with cyber and the science-for-peace-program as its main priorities.39 The member states were never big fans of the ESCD and the SAC: Terrorism, the proliferation of WMDs, cyber defence, and energy security were exactly those issues that many member states thought were none – or at least not primarily – of NATO’s business. But to make things worse, they perceived of the ESCD as just another attempt by then-Secretary General Anders Rasmussen to build an ever increasing personal staff and to increase NATO’s organizational autonomy. That this was not a far shot can be seen in the self-description of the SAC, according to which it “monitor [s] and anticipates international developments that could affect allied security.”40 Similarly, also the responsible Assistant Secretary General for ESC confirmed that the SAC “will integrate the intelligence and analysis to keep the Secretary-General and NATO military authorities informed of potential crises so that NATO can organize political consultations where necessary.”41 This clearly extends beyond the issues that were originally tasks of the ESC division.

33

Foster, Enhancing the Efficiency of NATO Intelligence Under an ASG-I, 2013, 3. NATO, Intelligence/Information Sharing in Combating Terrorism. 35 Ibid. 36 Foster, Enhancing the Efficiency of NATO Intelligence Under an ASG-I, 2013, 4–5. See also Črnčec/ Urbanc, Sodobni vojaški izzivi (Contemporary Military Challenges) 16 (2014), 63 (69–70) and Curtis, A “special relationship”, 2013, 5. 37 Foster, Enhancing the Efficiency of NATO Intelligence Under an ASG-I, 2013, 5. 38 Iklódy, New challenges – new NATO, 2010. 39 Ballast, Trust (in) NATO, 2017, 6. 40 NATO, New NATO division to deal with Emerging Security Challenges, 04.08.2010. 41 Iklódy, New challenges – new NATO, 2010. 34

184

Masala/Scheffler Corvaja

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:16 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. NATO Intellingence and Common Foreign and Security Policy

2. International Military Staff a) IMS-INT The major traditional intelligence component at NATO Headquarters used to be the 19 Intelligence Division of the International Military Staff, referred to as IMS INT, which reported to the Military Committee and the Military Intelligence Committee. Its main tasks were the production and assessment of intelligence from member states and NATO commands as well as the development and maintenance of NATO intelligence policy. It was led by a two-star equivalent and structured into an Intelligence Policy and an Intelligence Production branch.42 Its core activities were: “developing a NATO intelligence framework, architecture and intelligence capabilities; providing customer oriented policies and NATO Agreed Intelligence Assessments; advising on intelligence sharing matters and conducting intelligence liaison activities.”43 While the IMS in theory primarily supported the Military Committee, IMS INT was 20 the main body providing intelligence inside NATO and played an essential role in providing both agreed and non-agreed intelligence to NATO’s senior decision-making bodies and commands.44 Particularly important products of the IMS INT were the MC 161, NATO’s General Intelligence Estimate/Strategic Intelligence Estimate, which used to be updated on an annual basis.45 According to Foster, when NATO’s intelligence reform was introduced in 2016, IMS INT had a staff of about 35 personnel, of whom 15 worked in analysis/production (four dual hatted with the IU), 10 on doctrine and policy, and about five had administrative duties. A few members were also dedicated to niche intelligence capabilities.46 Also the importance of IMS INT’s role in promulgating a common NATO intelli- 21 gence doctrine cannot be understated. Apart from making sure that the systems of the alliance are interoperable, IMS INT ensures that also within national forces and services the processes for intelligence support to military operations are broadly comparable. This policy, which is usually expressed in NATO Intelligence Policy and Allied Joint Doctrine (especially Allied Joint Publication 2, AJP-2), typically serves as a gold standard according to which even non-NATO member states operate.47 NATO STANAG 2022 “Intelligence Reports” e. g. provides defined categories and terminology for use in intelligence reports. This doctrinal role thus presents a key element in ensuring the functioning of multinational cooperation.

42

NATO, International Military Staff, 2015. Ibid. 44 Foster, Enhancing the Efficiency of NATO Intelligence Under an ASG-I, 2013, 4. 45 Morrison describes the importance of the MC 161 during the Cold War as follows: “The jewel in the NATO intelligence crown was indeed MC 161 (.). This was an annual multi-volume assessment of the Soviet Union and NSWP in enormous detail, covering political, economic, industrial, and military aspects, with individual sections being drafted by assigned nations, drafts critiqued by NATO partners, and then finalised at a two-week working session at NATO Headquarters. MC 161 was valuable in two respects, one publicly acknowledged and one implicitly recognised. Firstly, it provided an agreed baseline assessment of Soviet intentions and Soviet and NSWP capabilities that could be used by all the military staffs of NATO, including those with very little in the way of relevant intelligence capabilities. Secondly – and this was never formally acknowledged – it was assumed (correctly as it turned out) that MC 161 would somehow be leaked to the Soviet Union, who would be best able to judge its accuracy. This was seen as a back-channel confidence-building measure: the Russians knew they were not ten feet tall, and to know that NATO as a whole felt the same should reassure them that NATO strategy was not built on a politically-driven worst-case analysis.” Morrison, Cold War History 14 (2014), 575. 46 Foster, Enhancing the Efficiency of NATO Intelligence Under an ASG-I, 2013, 5. 47 Nordli/Lindboe, Intelligence in United Nations Peacekeeping Operations, 2017, 5. 43

Masala/Scheffler Corvaja

185

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:16 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda 22

Apart from producing agreed intelligence and doctrine, the IMS INT also provided strategic warning and situation awareness to all NATO HQ elements. The NIWS “provides warning of any developing instability, crisis, threats, risks, or concerns that could impact on security interests of the Alliance and monitors de-escalation of a crisis.”48 During the Cold War, the NIWS focused on specified indicators that indicated a potential mobilization of the Warsaw Pact. According to Kriendler, such “indicators” were essentially steps the Warsaw Pact would have to take to prepare an offensive.49 “Warning” was instead the “formal alerting of political and military decision-makers and commanders to the potential for crisis or attack”.50 Due to its focus on large-scale mobilization, the system focused on military indications that tended to be largely quantitative and a “mechanical measurement of multiple, precisely defined and specific events.”51 After the end of the Cold War, NIWS was remodeled and henceforth relied on qualitative analytical processes. As such, it covered not only military threats to NATO, but also a wide set of risk indicators, including uncertainty and instability in and around NATO’s area of operations.52 The NIWS provided warning of any developing crisis and monitored its de-escalation, e. g. by monthly reports.53 In the NIWS, member states’ intelligence services were again in the lead, making it NAI, with specific issues and countries assigned to member states. Making it NAI was important because the main purpose of the system is not just to “catch” a crisis, but to also to develop a common perspective on it.

b) NATO Situation Centre 23 Finally, the International Military Staff also included the NATO Situation Centre (SITCEN), which provides situational awareness to the NAC and the MC. Established in 1968, it was one of NATO’s oldest bodies dealing with intelligence. Its staff consists of both civilian and military personnel. The SITCEN exchanges and disseminates information from all available internal and external sources on a 24/7 basis. As most situations centers, the SITCEN provides no independent intelligence analysis and acts primarily as a transmitter of information of both open and classified reports. It nevertheless plays an important role in ensuring the exchange of national information with the alliance.54

IV. Intelligence elements in the broader NATO Command Structure 24

Only a small part of NATO’s intelligence personnel works at NATO HQ where the current reforms are taking place. The large majority is spread out throughout its command structure – which will remain unaffected by the current reform. The most prominent case here is the J2-element at Allied Command Operations (ACO/SHAPE) (formerly Supreme Headquarters Allied Forces Europe). All NATO’s further subordinate commands of course also sustain J-2 (and G-2/A-2) directorates for Intelligence.55

48

Foster, Enhancing the Efficiency of NATO Intelligence Under an ASG-I, 2013, 4. Kriendler, NATO Intelligence and Early Warning, 2006, 5. 50 Ibid. 51 Ibid. 52 Ibid. 53 Foster, Enhancing the Efficiency of NATO Intelligence Under an ASG-I, 2013, 4. 54 Foster, Enhancing the Efficiency of NATO Intelligence Under an ASG-I, 2013. 55 Korkisch, NATO gets better intelligence, 2010, 33. 49

186

Masala/Scheffler Corvaja

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:17 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. NATO Intellingence and Common Foreign and Security Policy

But the complicated nature of NATO means that the most important operational intelligence players are two rather young, ad-hoc organizations: The NATO Intelligence Fusion Center (NIFC) and the Comprehensive Crisis and Operations Management Centre (CCOMC). According to Foster, NIFC and the CCOMC are however limited by their location outside of Brussels – which means that they can only provide limited NATO intelligence support because they are not always synchronized with the needs of NATO HQ.56

1. J2 at SHAPE The J2 at SHAPE falls under its Deputy Chief of Staff for Operations and Intelligence 25 (DCOS OPI), who is always an American flag officer.57 The J2 division is tasked with operational intelligence production, contributing to the development of ACO’s intelligence policy and providing intelligence, security and counterintelligence advice to the commander of ACO, the Supreme Allied Commander Europe (SACEUR).58 The division is supported by the 650th U.S. Military Intelligence Group/Allied Counterintelligence Activity, a U.S. military unit that provides counterintelligence, including counterespionage and security support to ACO.59 The J2 is part of SHAPE’s Comprehensive Crisis and Operations Management Centre 26 (CCOMC). CCOMC was set up in 2012 to support NATO’s Comprehensive Approach to Crisis Management and serves as SHAPE’s fusion and situational awareness center. The CCOMC plays an essential role in the planning and execution of NATO operations. It combines military and civilian expertise and serves as a gateway to other players – the very essence of NATO’s Comprehensive Approach.60 The J2 is part of the CCOMC’s Crises Identification Group (CIG), which consists of the two core elements, the Civil-Military Analysis (CMA) Branch and the J2 (Intelligence) Operations Branch, whose Chief is the CIG lead.61 J2 is responsible for directing and managing the intelligence production to satisfy SACEUR’s Prioritized Intelligence Requirements (PIR). J2 “coordinates and directs intelligence production across the ACO’s intelligence organizations (e. g. HQ JFCs, Single Service Commands, Joint Task Force etc.) and the NIFC, and coordinates intelligence with IMS INT and Allied Command Transformation (ACT) as necessary”.62

2. The NATO Intelligence Fusion Centre Another very important and particular institution is the NATO Intelligence Fusion 27 Centre (NIFC), which was founded in 2007. The NIFC is co-located with the U.S. European Command’s (EUCOM) Joint Analysis Center (JAC) at RAF Molesworth, U. K., which is run by the U.S. Defense Intelligence Agency. The NIFC comprises over 200 multinational military and civilian staff members from 26 of 29 NATO nations and one non-NATO nation and is tasked to “enable the nations to develop, unite and share intelligence”.63 The NIFC’s mission is to provide SACEUR with timely and actionable intelligence in support of the planning and execution of operations. The NIFC “produces baseline intelligence, including encyclopaedic information, analysis products, 56

Foster, Enhancing the Efficiency of NATO Intelligence Under an ASG-I, 2013, 7. Supreme Headquarters Allied Forces Europe, SHAPE Command Structure. 58 See also Supreme Headquarters Allied Forces Europe, DCOS Operations and Intelligence. 59 Ballast, Trust (in) NATO, 2017, 7. 60 Črnčec/Urbanc, Sodobni vojaški izzivi (Contemporary Military Challenges) 16 (2014), 63 (72). 61 Menzel, JAPPC Journal 12 (Spring/Summer 2016) (42–43). 62 Ibid. 63 Catano/Gaugar in: Goldenberg/Soeters/Dean, Information Sharing in Military Operations, 2017, 17. 57

Masala/Scheffler Corvaja

187

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:17 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

target products, orders of battle, and assessments, as tasked by SHAPE J2. Depending on the situation, the NIFC may deploy an intelligence support team to the designated JHQ to provide direct intelligence support and facilitate intelligence reach back to the NIFC”. The NIFC also produces significant GEOINT.64 28 According to Gordon, the NIFC was the brainchild of former SACEUR Jim Jones, who found that SHAPE/ACO’s own intelligence capabilities were insufficient to support his growing set of missions. He therefore started to increase intelligence staff at the operational level as a “U.S. initiative” in the form of NIFC.65 For Ballast, “for the United States as the main provider of both open source and classified intelligence, the NIFC, through its colocation with the DIA [Defense Intelligence Agency] European regional center [the EUCOM JAC mentioned above], offers an opportunity to receive intelligence from other nations and produce all-source intelligence”.66 While the NIFC falls under the operational command of SACEUR through the Deputy Chief of Staff for Operations and Intelligence at SHAPE,67 it is not a true NATO body but a U.S.sponsored, Memorandum of Understanding–based (MOU) organization chartered by NATO’s Military Committee. The NIFC thus remains outside national chains of command and NATO structures and is based on individual memoranda between the U.S. and participating nations. While basing the NIFC on an MOU organization instead of making it a full NATO organization might appear surprising, it follows a model that is widely used, e. g. at NATO School Oberammergau and all of NATO’s Centers of Excellence.

V. Intelligence during NATO operations It has been mentioned above that NIFC was a result of NATO’s first decade of outof-area-operations in the Balkans in the 1990s, where it recognized that it had no deployable intelligence assets. In Bosnia, the alliance set up an Allied Military Intelligence Battalion (AMIB), but in the absence of alliance-owned capabilities it relied very much on intelligence provided through its members’ national intelligence cells (NICs) for “reachback”.68 Member states established these cells to provide their national contingents – as well as key co-nationals in the NATO structure – with intelligence. Over the course of the operation, informal procedures developed for intelligence sharing and the discussion of current issues among the NICs.69 But while information was shared, the protection of information remained most important – rendered much more difficult at a NATO level as 10 new member states joined the alliance. The NIC model is today the established model by which national intelligence flows into NATO channels during NATO operations and can be found in all relevant doctrines. 30 While the NIC models stands, there is unanimous consent that there exists substantial room for improvement in the field of intelligence support to operations.70 Some of the greatest challenges in this regard are technical interoperability for the secure exchange of information as well as national foreign disclosure policies. In Libya for instance, the release of intelligence collected by the U.S. to the French was so slow that the French had to rely on their own intelligence – creating a five hour gap between 29

64

ESRI UK, Delivering shared situational understanding, 2011, 2. Gordon, Atlantisch Perspectiev 6 (2017), 15. 66 Ballast, Trust (in) NATO, 2017. See also Gordon, Atlantisch Perspectiev 6 (2017), 15. 67 NATO Intelligence Fusion Center (NIFC), What is the NIFC?. 68 Gordon, Atlantisch Perspectiev 6 (2017), 15 (15). 69 Ibid. 70 Murray, JAPPC Journal (2016) 12. 65

188

Masala/Scheffler Corvaja

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:18 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. NATO Intellingence and Common Foreign and Security Policy

reconnaissance and strike missions.71 Because allies recognized that relying on member state intelligence alone was problematic, NATO launched its Joint Intelligence, Surveillance and Reconnaissance (Joint ISR) initiative at the Chicago Summit in 2012. In February 2016, Allied Defence Ministers formally declared the Initial Operating Capability (IOC) of NATO Joint ISR. While this already presents a step forward in dealing with the problems experienced in both Afghanistan and Libya, even more improvement is expected from the Alliance Ground Surveillance system, which consists of five “Global Hawk” Unmanned Aerial Vehicles owned and operated by NATO.72

VI. Problems of NATO’s legacy intelligence structure The previous section started with some general remarks on NATO intelligence and 31 continued with an introduction of NATO’s various intelligence bodies – of which only NATO headquarters will undergo major changes as part of the current reform. In the following paragraphs, several long-standing problems of the alliance in the field of intelligence will be presented. On this basis, it will be possible to assess the likelihood of improvements through the recent reforms in the next section. It will be argued that intelligence inside NATO has traditionally suffered from the following problems: A lack of trust, dependence on the U.S., fragmentation and duplication as well as too much of a military focus. In addition, the NATO intelligence sharing business has also suffered from technical obstacles.

1. Lack of trust The abounding literature on the subject of intelligence sharing is unanimous when it 32 comes to its most enduring obstacle: a lack of trust.73 Judy Dempsey is right when she observes that, when it comes to intelligence, “a culture of deep cooperation does not exist (…) because the members do not trust each other.”74 In the world of intelligence, where the protection of methods and sources is an absolute priority, substantial mistrust exists already between and even within national intelligence services. This mistrust reaches unprecedented levels once it leaves the level of bi- or at least very mini-lateral sharing and moves to the level of multinational intelligence sharing. For Clough, this means that alliances and coalitions have a hard time at sharing intelligence: “as the number of partners increases, so the level of guaranteed security decreases.”75 And even where some level of trust exists, it is often not enough: For Ballast, intelligence is shared only when there are also a common threat perception, demonstrable added value and the right type of diplomatic relationships.76 Already on a bi-lateral basis this is unlikely to be a very frequent case. But at a level of 29, it becomes basically impossible. To see the lack of trust inside NATO exclusively as a result of its multinational nature 33 and size would nevertheless be too easy. NATO looks back at a very specific history full of spy scandals and intelligence leaks that confirms any potential doubts about its ability to safeguard secrets. For Morrison, during the Cold War, this led nations to keep sensitive information outside of NATO channels because they assumed that anything

71

Webb, Defence Against Terrorism Review 6 (2014), 42 (55). Murray, JAPPC Journal (2016), 12. 73 Cf. Walsh, The international politics of intelligence sharing, 2010. 74 Dempsey, Carnegie Europe, NATO’s Intelligence Deficit: It’s the Members, Stupid!, 25.5.2017. 75 Clough, International Journal of Intelligence and CounterIntelligence 17 (2004) 601 (612). 76 Ballast, Trust (in) NATO, 2017, 3. 72

Masala/Scheffler Corvaja

189

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:18 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

they sent to NATO “would soon be on desks in Moscow.”77 Prominent examples are the so-called “Topaz”-case and the leaking of NATO’s Kosovo operations plan to Serbia by a French officer. The constant enlargement of NATO since the early 90s and the lack of trust towards the intelligence establishments of many new member states has also presented a major obstacle of deepening intelligence cooperation “at 29”.78 And even today, substantial skepticism towards the intelligence establishments of many member states persist or is even on the rise.79 34 Ballast has mentioned that threat perception was an important prerequisite for intelligence sharing. Even where trust is in short supply, threat perception can serve as a substantial incentive to share intelligence.80 Inversely, where threat and according demand for information is low, such as in the almost 30 years after the end of the Cold War, states’ impetus to share will be low even where substantial trust exists. Sims describes that if sharing is not driven by collection requirements, it will be “heavily defensive in posture, implicitly adversarial, and therefore hollow, despite political and military leaders’ contrary expectations.”81 Should the threat increase and intelligence sharing turn into more of a necessity, states are instead usually willing to share greater ends. The increased level of intelligence sharing on the operational and tactical levels during NATO operations since 1990 stands as a perfect example of this pragmatic approach to intelligence sharing.

2. Dependence on the United States 35

NATO intelligence is and has always been extremely dependent on the United States – a result of both the massive preponderance of the U.S. in terms of intelligence capabilities and the political and military leadership of the U.S. within NATO. The U. S. provides the bulk of the intelligence, while the other member states mostly contribute niche capabilities. In addition to providing most of the actual intelligence, according to Ballast, the United States are also “instrumental in establishing common procedures and terms which facilitated intelligence sharing.”82 According to Curtis, the U.S. mission to NATO has regular direct access to the Secretary General, provides the overwhelming amount of intelligence in every Working Group and most of the briefings to the NAC and MC.83 Dependency on the United States is not limited to NATO Headquarters and extends to NATO’s operations, where substantial U.S. intelligence support is a condition-sine-qua-non. Particularly in the field of Joint Intelligence, Surveillance and Reconnaissance, but also e. g. in the field of targeting, the U.S. provides much of the needed information – up to 95 % in Kosovo according to Curtis.84 The alliance has no independent ability to provide such support to major NATO operations, and also most of its member states displayed significant weaknesses in this regard. Another excellent example would be the Libya campaign, where the United States continued to provide the majority of intelligence even after it had officially taken a backseat.85

77 Morrison, Cold War History 14 (2014), 575 (581–582). For Morrison, the U.S. and U.K. e. g. treated NATO’s highest level of classification “COSMIC TOP SECRET” as at most “CONFIDENTIAL”. 78 Dempsey, Carnegie Europe, NATO’s Intelligence Deficit: It’s the Members, Stupid!, 25.05.2017. 79 A prominent recent case was the arrest of a senior Portuguese counterintelligence official working for Russia, see Badcock, The Telegraph, 24.05.2016. 80 Ballast, Trust (in) NATO, 2017, 3. 81 Sims, International Journal of Intelligence and CounterIntelligence 19:2 (2006), 195 (202). 82 Ballast, Trust (in) NATO, 2017. 83 Curtis, A “special relationship”, 2013. 84 Ibid. 85 Curtis, A “special relationship”, 2013, 1.

190

Masala/Scheffler Corvaja

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:19 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. NATO Intellingence and Common Foreign and Security Policy

The dependency on the United States is both a blessing and a curse: On the one hand, 36 the U.S. ensures that eventual intelligence gaps are always filled. On the other hand, this service as a “lender of last resort” also prevents the development of adequate European intelligence capabilities and provides an incentive for free-riding. As described by Curtis, this has led to a “crisis-sharing mindset” which takes substantially greater U.S. intelligence support during major NATO operations for granted and prevents the development of an appropriate framework for NATO to support alliance operations.86

3. Fragmentation and duplication The United States have long proposed the creation of an ASG-position for Intelli- 37 gence – albeit they would have reportedly have preferred to see an American in the position. According to Ballast, the main reason for this wish was their annoyance with NATO’s scattered intelligence apparatus and in particular the division between the military and civilian pillars in the alliance.87 In 2013, Foster argued that the multiple and uncoordinated intelligence bodies such as NIFC, IMS INT, IU and SAC led to “duplication of effort and over tasking of intelligence analysis centers for similar products.”88 For Foster, they worked on the same issues at least 75 % of the time. Also Kriendler laments that the approach to intelligence at NATO HQ was “in general terms, too disparate, ad hoc, uncoordinated and, to some extent, duplicative”.89 For him, such parallel intelligence efforts waste valuable time and needlessly drain away limited resources, especially given that some have characterized the “paucity of dedicated analytical capability” as the single greatest weakness of NATO intelligence.90 As a result of this fragmentation, NATO’s member states therefore also received similar requests for information from different NATO bodies – leading to “donor fatigue” and even refusals to provide the same information repeatedly.91 On the NATO side, this also meant that the International Staff and the International Military Staff often provided “unsynchronized, uncoordinated, and incomplete intelligence picture.92

4. Military focus For Kriendler, the excessive focus on military issues was a direct result of the greatest 38 producers of intelligence: the allies’ military intelligence agencies. For him, all of NATO’s headquarters could benefit from increased access to intelligence from other intelligence agencies – something that was later attempted through the IU.93 To understand the fundamental divisions about the greater inclusion of non-military factors, it is necessary to remember that NATO here often touches ground that is very disputed within the member states. In more than a few member states, civilian and military intelligence services have long been engaged in turf wars about challenges such as terrorism, cyber and more recently hybrid warfare.94 This adds to the traditional competition between defense and foreign intelligence services, which have also been a problem.

86

Ibid. Ballast, Trust (in) NATO, 2017, 9. 88 Foster, Enhancing the Efficiency of NATO Intelligence Under an ASG-I, 2013, 1. 89 Kriendler, NATO Intelligence and Early Warning, 2006, 4. 90 Ibid. 91 Curtis, A “special relationship”, 2013, 9. 92 Ibid., 8. 93 Kriendler, NATO Intelligence and Early Warning, 2006, 4. 94 Črnčec/Urbanc, Sodobni vojaški izzivi (Contemporary Military Challenges) 16 (2014), 63 (67–69). 87

Masala/Scheffler Corvaja

191

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:19 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

5. Technical obstacles 39

Apart from their willingness, also member states’ ability to share is not unlimited. The U.S. sustains NATOs common intelligence system “Battlefield Information Collection and Exploitation System” (BICES), which was designed to enhance intelligence collaboration and dissemination of intelligence. This system however remains underused both in- and outside NATO and some states are trying to shelve it. According to Foster, the lack of attention to intelligence provided via BICES often leads to the NAC and the MC receiving disjointed intelligence analyses.95 At present, the military intelligence community within and supporting NATO uses BICES on an inconsistent basis, which inhibits the smooth and timely flow of intelligence. Many NATO nations do not even possess access to BICES in their capitals. The above-mentioned NATO JISR-initiative has already led to some improvements in this regard, but much work remains to be done.

C. NATO’s new intelligence structure Member states have long been aware of the above mentioned problems concerning NATO’s intelligence apparatus – Atkeson authored his piece on the oxymoronic nature of NATO intelligence in 1984. The increasing number of out-of-area-operations and NATO’s struggle to provide added value in the fight against terrorism brought these weaknesses to the open. As a result, already NATO’s Prague Summit Declaration in 2002 called for an overhaul of the entire structure. But while by 2016 important improvements had been made with the creation of the Intelligence Steering Board, the Intelligence Unit and the NIFC, a systematic review of the overall architecture was still missing. While many of the larger member states continued to press for a reform, they were not able to get all of the other allies on board. 41 This changed in 2016, primarily for two reasons: With the candidacy of Donald Trump, NATO started to get pounded for not doing enough in the field of counterterrorism – something that had long been criticized especially by the U.S. Congress. As it was clear that NATO would at a maximum play a supporting role in the fight against ISIS, greater intelligence cooperation on counterterrorism seemed to provide a valid initiative to improve NATO’s image. Maybe even more importantly however, the member states had recognized that the current intelligence structures were unapt for dealing with the hybrid challenge on NATO’s Eastern Flank. The fact that NATO’s new intelligence structure is an explicit answer to the threats faced by NATO on both its Eastern and Southern flanks was essential in achieving allied consensus.96 42 By the time of their summit meeting in Warsaw in July 2016, allies had thus agreed to launch a fundamental reform of NATO intelligence and announced the creation of a new Joint Intelligence and Security Division at NATO Headquarters and a responsible Assistant Secretary General (ASG). While the U.S. had initially hoped to appoint a U.S. ASG, member states opposed this idea due to the already very strong representation of the United States at NATO HQ.97 In October 2016, Secretary General Rasmussen then announced that he had chosen Dr. Arndt Freytag von Loringhoven, a German diplomat and former vice-president of the German foreign intelligence service, as first ASG. Freytag 40

95

Foster, Enhancing the Efficiency of NATO Intelligence Under an ASG-I, 2013, 10. Freytag von Loringhoven, NATO, Adapting NATO intelligence in support of “One NATO”, 2017. 97 At present, the Deputy Secretary General and two ASGs are Americans. 96

192

Masala/Scheffler Corvaja

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:20 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. NATO Intellingence and Common Foreign and Security Policy

von Loringhoven was expected to bring in important experiences in the integration of military and civilian intelligence structures, which had taken place during his tenure at the BND.98 While the ASG is German, his deputy is a U.S. brigadier general. The new Joint Intelligence and Security (JISD) provides intelligence support to both NAC and MC and reports to both the Civilian Intelligence Committee and the Military Intelligence Committee. It consists of two divisions: intelligence (with the merged strands of military and civilian intelligence) and security (the NATO Office of Security). By combining all of NATO’s strategic intelligence elements in the JISD, NATO hopes to establish “a single efficient structure, which can provide a coherent intelligence picture to the North Atlantic Council and NATO’s Military Committee.”99 The new division is somewhat of a strange body inside NATO HQ exactly because it defies the traditional division between IS and IMS. For the time being, the JISD is basically nothing more than a head that unites the existing bodies inside NATO’s intelligence apparatus. Also the committee structure will remain unchanged. Inside the existing structures, the Intelligence Unit has been further strengthened and redesignated as “Intelligence Production Unit” (IPU). A specific branch for hybrid analysis was set up, mandated to “analyse the full spectrum of hybrid actions, drawing from military and civilian, classified and open sources.”100As part of the action plan to step up NATO’s counterterrorism efforts adopted at NATO’s Brussels Summit in May 2017 the allies also decided to establish new “Terrorism Intelligence Cell” inside the NATO Office of Security to “improve the sharing of information among Allies, including on the threat of foreign fighters.”101 How much improvement is to be expected from these reforms? If we go back to the problems identified earlier on in this chapter, the current reform is focused on tackling two of them: the focus on military intelligence and the fragmentation of NATO’s intelligence apparatus. It is too early to say whether the new JISD will provide addedvalue in incorporating non-military factors and providing a coherent intelligence picture for NATO decision-making and planning. At least in terms of duplication of effort however, member states are already reporting improvements in NATO HQ Requests for Information and Priority Information Requests – meaning that NATO is streamlining its intelligence requests better.102 It remains to be seen whether the JISD will be able to incorporate also the last intelligence element at NATO HQ, the Strategic Analysis Capacity, which so far has succeeded in remaining attached to the ESCD. Whether the JISD can (and should) support a further streamlining of NATO’s intelligence structure also beyond NATO HQ is questionable. Ballast suggests that while coordination with SHAPE’s J2 is certainly necessary, JISD and J2 ultimately have very different tasks and information requirements. The JISD should therefore limit itself to establish effective liaison and sharing between both bodies. During operations, NATO will in the absence of significant own collection assets remain dependent on its member states and most importantly the United States as main providers of intelligence. Because NATO is unlikely to be engaged in operations at 29 and is likely to work with non-allied partners in such missions, a tailored framework will have to be adopted for each individual mission. Concentrating on greater specialization, a higher level of interoperability and a stronger NATO JISR-framework leave ample opportunity for improvement. Freytag von Loringhoven, NATO, Adapting NATO intelligence in support of “One NATO”, 2017. Ibid. 100 Ibid. 101 NATO, NATO leaders agree to do more to fight terrorism and ensure fairer burden sharing, 25.5.2017. 102 Gruszczak, NATO’s Intelligence Adaptation Challenge, 2018. 98 99

Masala/Scheffler Corvaja

193

43

44

45

46

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:20 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

Whether the JISD can contribute to more intelligence sharing by reducing the enduring lack of trust between allies is just as questionable. The political estrangement between important NATO member states, the constant adoption of new members and the perceived vulnerability of the security establishments of several smaller member states to infiltration do not bode well for improvements in terms of trust. For Ballast, the JISD should thus avoid to solicit states to greater multilateral intelligence-sharing and instead focus on creating political and technical opportunities for mini-lateral sharing in a NATO framework, e. g. in specific operations or in communities of interest. Moreover, the JISD should concentrate on “soft” factors influencing multi-lateral intelligence sharing such as “write-to-release”-doctrines and disclosure policies.103 Energy invested in promoting a change of mindset in the member states’ intelligence establishments, such as the recent move of the U.S. DNI, which encourages the production of more releasable open or lowly-classified intelligence is likely to yield more success than any attempt to get member states to provide more sensitive intelligence.104 48 While the establishment of a joint division is certainly a success, the mission is far from accomplished. The domestic services represented in the CIC are certainly less happy about the recent marriage and continue to push for the independence of the counterintelligence effort and particularly the NATO Office of Security. For Ballast, a real clash of cultures between the strict insistence on “need-to-know” from the security and “need-to-share” from the intelligence pillar is currently underway.105 As a general rule, the national domestic intelligence services have always considered NATO a playing ground of their foreign and military cousins and were thus weary of granting it any competences on their key areas of responsibility. Making sure that the reform does not get stuck in the turf wars of competing national intelligence services will be a key challenge for the new ASG. 47

103

Ballast, Trust (in) NATO, 2017, 16. Intelligence Community Directive 208: Maximizing the Utility of Analytic Products. 105 Ballast, Trust (in) NATO, 2017, 10. 104

194

Masala/Scheffler Corvaja

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:20 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. NATO Intellingence and Common Foreign and Security Policy

Figure 2: NATO’s New HQ Intelligence structure Old Structure

North Atlanc Council

Civilian Intelligence Commiee

Strategic Analysis Capacity

NATO Office of Security

Intelligence Unit

Internaonal Staff

New Structure

Military Comiee

Military Intelligence Commiee

IMS-INT

SITCENT

Internaonal Military Staff

North Atlanc Council

Civilian Intelligence Commiee

Military Comiee

Military Intelligence Commiee

Joint Intelligence and Security Division (Internaonal & Internaonal Military Staff) Intelligence Pillar

Security Pillar Strategic Analysis Capacity

NATO Office of Security

Intelligence Producon Unit

IMS-INT

SITCENT

Source: Own Research

D. Intellligence cooperation between NATO and EU After this in-depth view at NATO and its current reform, the last part of the chapter 49 will look at its cooperation with the EU. Three primary obstacles have traditionally prevented any meaningful cooperation between NATO and the EU in security and defense matters: Different levels of ambition for the military capabilities of the EU, disagreements about the right division of labor with NATO and the so-called “participation problem”, that is the membership of Cyprus in the EU.106 Throughout most of the 2000s, both member state and inter-institutional relations 50 suffered from fundamentally different conceptions about the EU’s role in security and defense issues. While there existed unanimous consent that Europeans should do more in this field, member states took three different stances towards the CSDP: On the one extreme, the staunchly “atlanticist” states, with the United Kingdom at the center, were openly hostile to CSDP and considered it as either an unnecessary duplication or as an outright competitor to NATO. For them, CSDP was to limit itself to softer, more civilian missions and leave the real military business to NATO. On the other extreme, the more “unionist” states, with France at the center, pushed for a robust military capability and tied CSDP to the need for greater European “strategic autonomy”. Between those extremes, states like Germany, who are both atlanticist and unionist,

106

Cf. Howorth, European Security 26 (2017), 454.

Masala/Scheffler Corvaja

195

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:21 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

attempted to take a middle ground and emphasized that the CSDP could strengthen both the EU’s strategic autonomy and the European pillar inside NATO.107 51 These same three camps were not only at odds about the military nature of CSDP, but also about the role NATO should play with regards to non-military security challenges. Some member states pushed strongly to solicit greater NATO engagement in the more civilian fields of security such as counterterrorism and energy security. For them, NATO presented the natural forum for transatlantic cooperation on security issues. This idea was strongly opposed by the more unionist member states, who argued that NATO was a military organization and that these fields were the clear responsibility of the EU.108 Any transatlantic cooperation on these issues would therefore have to take place in a U.S.-EU format – and NATO would have to limit itself to the their military dimensions. These turf wars between the member states were matched by corresponding tensions between the two bureaucracies, which were both trying to maximize their competencies and resources. 52 The third, and probably most important, obstacle is the ongoing conflict between Cyprus and Turkey. Already early NATO-EU relations in the 1990s suffered from the tensions between Greece and Turkey. But when Cyprus – not recognized by Turkey but strongly supported by Greece – joined the EU in 2004, this lead to an immediate blockade of the relationship between both institutions. Cyprus has blocked Turkish participation in CSDP missions and the European Defence Agency, while Turkey has blocked the participation of Cyprus (and Malta) at NATO-EU meetings and the use of NATO assets by the EU. For many years, both countries have continued this blockade – especially when it comes intelligence sharing – wherever the respective other was involved. While workarounds for the participation-problem could often be found, the Turkey-Cyprus issue continues to present a major obstacle for the inter-institutional relationship and the establishment of formal cooperation mechanisms.109 53 These three general problems were compounded by more specific intelligence problems. From NATO’s perspective, the first problem was the lack of a true intelligence counterpart in the EU. For a long time, the EU lacked appropriate intelligence structures with which to share.110 The Western European Union (WEU) had established an intelligence section, a Situation Centre and a Satellite Centre in the early to mid-90s. But it was only in the aftermath of the Cologne summit in June 1999 that the EU established dedicated defense and security bodies and integrated the WEU’s intelligence bodies (see Rauwolf, Intelligence in EU-led military missions and operations, Part 3 Chapter 4, in this volume.). Soon after, NATO and the EU concluded a first interim security arrangement on access to and exchange of classified information and related material.111 The cooperation increased with the engagement of the EU in peacekeeping missions in the Balkans. Because the UK blocked the establishment of EU operational and strategic headquarters, NATO and the EU concluded the “Berlin Plus” agreement, which enabled the use of the NATO command structure by the EU. As part of this agreement, the EU and NATO struck a more extensive security agreement which established standards for the exchange of classified information – and basically led to an adoption of NATO security mechanisms and standards in the EU.”112 107

Cf. Rynning, International Affairs 93:2 (2017), 267. As put by Tomas Valasek, “French diplomats at NATO fought to keep the alliance in its Cold War box (…) rather than let it adapt to dealing with new security threats.” Valasek, The roadmap to better EUNATO relations, 2007, 2. 109 Smith/Gebhard, European Security 26:3 (2017), 303 (303). 110 Gruszczak, NATO’s Intelligence Adaptation Challenge, 2018, 5. 111 Gruszczak, Intelligence Security in the European Union, 2016, 203. 112 Ibid. On the adoption of NATO standards by the EU, see Schilde, European Security 24:2 (2014), 167. 108

196

Masala/Scheffler Corvaja

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:21 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. NATO Intellingence and Common Foreign and Security Policy

Apart from a lack of institutions, the EU also suffered from a lack of actual intelligence to share – making intelligence cooperation on the ground fundamentally one-sided.113 While NATO possessed at least moderate intelligence capabilities during operations, the EU had nothing similar. And when it came to member state intelligence available to only one of the institutions, NATO could count on the steady flow of vast amounts of U.S. intelligence while the quantity and quality of the intelligence provided by the EU states that are not part of NATO is very limited. The U.S., who was very skeptical of sharing any sensitive intelligence with the EU, also had to consent to any exchange. In the world of intelligence sharing, where information is shared on a quidpro-quo-basis, this was not a good starting point.114 With the accession of Cyprus to the EU in 2004, “Berlin Plus” essentially became a “dead-letter agreement”, with Operations Concordia (2003) and Althea (2004) as the only missions ever launched. The simultaneous further evolution of CSDP also meant that the EU was not unhappy to break out of this system, hoping to eventually create a “Brussels Plus” or “Berlin Plus reverse” for comprehensive crisis management with itself in the lead.115 Because the formal intelligence sharing between both institutions remained underdeveloped, in missions such as in the Balkans and the Horn of Africa informal EU-NATO intelligence-sharing has become more important in recent years. As the security situation on Europe’s flanks has worsened and staff-to-staff contacts have increased, this now extends beyond areas of mutual operations.116 When looking at NATO-EU cooperation, for Koehler, “the emerging picture (…) is thus one of routinized cooperation on the staff and operational levels, coupled with continuing political stasis.”117 Recent developments might be about to put an end to this stasis. As discussed above, NATO and the EU face both political and institutional obstacles to greater intelligence sharing. Apart from cooperation in peacekeeping and counterpiracy, what had so far been missing was a larger pressure to cooperate and a common objective that is less affected by competition. The major threats that Europe is dealing with on its Eastern or on Southern Flank might just provide this opportunity and have already led to increased exchanges. At the same time, both institutions have become extremely hesitant to take on any more large-scale crisis management operations – an area where both institutions used to find themselves in bitter competition. Today, the picture is therefore one of relative compatibility: On Europe’s Eastern flank, there is no question that NATO is in the military lead. On the Southern Flank, where there exists no appetite for greater NATO and/or military involvement, the EU is clearly in the lead. When it comes to counter-terrorism, despite occasional pressure on NATO from the side of the United States, the division of labor is also clear and it is the EU who has the lead role, especially when it comes to the security of its Member States. This means that – as opposed to how it used to be with crisis management – there now exists a clear division of labor between the institutions. At the same time, the hybridity of the challenges on the Eastern and Southern flank provide ample opportunity for cooperation and support. NATO needs the EU when it comes to the non-military dimensions of hybrid warfare. And the EU needs NATO for 113 A perfect example would be the support of NATO intelligence capabilities to the EU mission in the Eastern Mediterranean, see Dibenedetto, Implementing the Alliance Maritime Strategy in the Mediterranean: NATO’s Operation Sea Guardian, 2016, 12. 114 See Clough, International Journal of Intelligence and CounterIntelligence 17:4 (2004), 601. 115 Kempin, Could France Bring NATO and the EU Closer Together?, 2008, 3. 116 Raik/Järvenpää, A New Era of EU-NATO Cooperation, 2017, 14. 117 Koehler, Enhancing NATO-EU Cooperation: Looking South and Beyond, 2017, 2. See also Græger, European Security 25:4 (2016), 478.

Masala/Scheffler Corvaja

197

54

55

56

57

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:22 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 2. The European Intelligence Agenda

some of the military aspects of counterterrorism. The hybrid threat might thus well provide an issue on which NATO-EU intelligence cooperation might evolve. The EU Hybrid Cell and the Hybrid Intelligence Branch within NATO’s IPU are already in regular contact and both support the establishment of the Center of Excellence for Hybrid Threats in Helsinki, which supports – but is not a part of – NATO and the EU. The fact that Turkey has so far taken less interest in the Eastern Flank will also make cooperation on this front significantly easier. 58 To operationalize the Joint Declaration signed at the Warsaw Summit, NATO and the EU have agreed to a Common Set of Proposals, with seven main areas. While member states were careful not to use the term “intelligence”, increased shared situational awareness and shared understanding was included in at least 6 of them and even constitutes one of three main sub-areas in the item “Countering Hybrid Threats”.118 What has since developed has been so-called Parallel and Coordinated Analyses (PACAs), where the EU and NATO would ask member states to basically share the same information with both NATO and EU, thus avoiding the need to share intelligence between both institutions. Three analyses on the Eastern and Southern Neighborhood had been conducted by June 2018 and another one on hybrid threats was on its way.119 The purpose of these PACAs is to provide a shared understanding of specific issues in both institutions – hopefully leading to a more coherent policy of the institutions. On the staffto-staff level, the relative geographical and thematic departments within EU INTCENT and NATO’s JISD are now conducting monthly video conferences to increase joint situational awareness. The branches in hybrid threats have also established a secure EUBICES connection.120 At the same time, NATO and the EU have also launched Parallel and Coordinated Exercises (PACEs) to improve their cooperation and are implementing and operationalising parallel procedures and playbooks for mutual interactions especially in the case of cyber attacks.121 Both institutions are also cooperating very closely with the European Centre of Excellence for Countering Hybrid Threats in Helsinki, which serves as a facilitator for discussions and exercises with representatives from both institutions and selected member states.122

E. Conclusion 59

NATO intelligence is currently undergoing a major transformation. By merging civilian and military intelligence structures at NATO HQ, this reform marks the logical conclusion of a process that started in the early 2000s. Streamlining the structure and strengthening its coordination mechanisms has reportedly already led to less duplication of effort and more coherent Requests for Information to the member states – one of the main objectives of the reform. The strengthened IPU should also lead to a better incorporation of non-military factors. The overhaul of NATO’s intelligence structure is 118 NATO, Common set of new proposals on the implementation of the Joint Declaration signed by the President of the European Council, the President of the European Commission and the Secretary General of the North Atlantic Treaty Organization, 5.12.2017. 119 NATO, Third progress report on the implementation of the common set of proposals endorsed by EU and NATO Councils on 6 December 2016 and 5 December 2017, 8.6.2018. 120 Ibid. 121 NATO, Statement on the implementation of the Joint Declaration signed by the President of the European Council, the President of the European Commission, and the Secretary General of the North Atlantic Treaty Organization, 6.12.2016. 122 NATO, Third progress report on the implementation of the common set of proposals endorsed by EU and NATO Councils on 6 December 2016 and 5 December 2017, 8.6.2018.

198

Masala/Scheffler Corvaja

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:22 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. NATO Intellingence and Common Foreign and Security Policy

however far from completed and many tricky questions remain – e. g. whether the reform should extend down to the operational and tactical level. Some of the fundamental obstacles to greater NATO intelligence sharing and cooperation will however remain unaffected: The reform will not increase the trust between allies, it will not lead to a lesser dependence on the United States and it will not eo ipso overcome the technical obstacles to intelligence sharing in the alliance. Multi-national sharing at 29 will remain tricky and never supersede the intense bi- and mini-lateral intelligence ties that exist across NATO. At the end of the day, intelligence in NATO will always remain instrumental for the specific missions of the alliance – and thus prevent NATO from becoming a more general multinational intelligence sharing platform. The reform also presents an opportunity for stepping up NATO’s intelligence 60 cooperation with the EU. The Joint Declaration of NATO and EU in 2016, the inclusion of common situational awareness in the Common Set of Proposals and the constant evaluation mechanisms are a step in the right direction. The roadblocks for greater cooperation such as the Cyprus issue will however remain, and become especially contentious once Turkey’s areas of interest come into focus. Much more important than any institutional reforms or political pressure will however be the perceived necessity of this cooperation in the eyes of both the institutions and the member states. Just like in the past, it might lead to intensive operational-level cooperation where the political relationship remains stalled. It is here where the signs are promising: NATO and the EU have relatively few divisions about their respective roles tackling the challenges on Europe’s Eastern and Southern Flank. And even more importantly, these roles are complimentary and both institutions can provide value to the other. If we look at Sims dictum about the Parallel and Coordinated Exercises sharing, the times could not be any better.123 123

Sims, International Journal of Intelligence and CounterIntelligence 19:2 (2006), 195 (202).

Masala/Scheffler Corvaja

199

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 2.3d from 30.09.2019 13:54:22 3B2 9.1.580; Page size: 160.00mm  240.00mm

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:09 3B2 9.1.580; Page size: 160.00mm  240.00mm

PART 3 EUROPEAN INTELLIGENCE COOPERATION Chapter 1 EU intelligence: On the road to a European Intelligence Agency? José-Miguel Palacios Outline A. Introduction ...................................................................................................................... I. European institutions and intelligence cooperation........................................ II. What is intelligence? .............................................................................................. III. EU intelligence cycle .............................................................................................. IV. A strategic-level tool............................................................................................... B. Clients, customers and stakeholders............................................................................ I. Intelligence stakeholders in the EU .................................................................... II. The Council.............................................................................................................. III. EEAS .......................................................................................................................... IV. The EU Commission.............................................................................................. V. EU agencies and other EU bodies....................................................................... VI. Other EU customers............................................................................................... C. EU intelligence structures .............................................................................................. I. INTCEN .................................................................................................................... II. EUMS INT ............................................................................................................... III. EUROPOL ................................................................................................................ IV. SATCEN.................................................................................................................... V. FRONTEX ................................................................................................................ VI. EU ISS........................................................................................................................ VII. A WIDENED COMMUNITY ............................................................................. D. Perspectives of EU intelligence ..................................................................................... I. A question of models ............................................................................................. II. A EU intelligence agency?..................................................................................... III. The EU intelligence community.......................................................................... IV. Models: the JIC........................................................................................................ V. Models: the INR ...................................................................................................... E. Conclusions: Alternatives for the EU ..........................................................................

mn. 1 1 4 10 16 17 17 21 25 29 33 36 38 38 49 53 56 62 66 68 71 71 75 81 87 92 97

Bibliography: Antunes, Developing an Intelligence Capability. The European Union, in Studies in Intelligence, Vol 49, No. 4 (2005), pp. 65–70; Best Jr., Intelligence Issues for Congress, CRS Report for Congress, 12 July 2006; Bett, Enemies of Intelligence: Knowledge and Power in American National Security, Columbia University Press, 2009; Bigo et al., National security and secret evidence in legislation and before the courts: exploring the challenges, DG HOME, 2014; Bisbee, Sharing Secrets. Trends in European Intelligence, in Dan Bisbee’s blog, January 2004. Retrieved from http://danbisbee.blogspot.com/2004/01/ how-much-intelligence-is-there-in.html (17 May 2012); Clerix, Ilkka Salmi, the EU’s spymaster, MO, 4 March 2014. Retrieved from http://www.mo.be/en/interview/ilkka-salmi-eu-s-007 (22 January 2017); Cooper, The post-modern state and the world order, Demos 2000; Cross, The Limits of Epistemic Communities: EU Security Agencies, Politics and Governance Vol. 3, Issue 1 (2015), pp. 90–100; Davies, Ideas of Intelligence: Divergent Concepts and National Institutions, Harvard International Review 24, 3 (2002), pp. 62‐66; Davies, UK security will both gain and suffer from Brexit. The EU will only lose, in LSE Brexit blog, 7 November 2016. Retrieved from http://blogs.lse.ac.uk/brexit/2016/11/07/uk-securitywill-both-gain-and-suffer-from-brexit-the-eu-will-only-lose/(10 November 2016); Davies, Gustafson and Rigden, The Intelligence Cycle is dead, long live the Intelligence Cycle, in Phythian (ed), Understanding the Intelligence Cycle, Routledge, 2013, pp. 56–75; Den Boer, Counterterrorism, security and intelligence in the EU: Governance challenges for collection, exchange and analysis, Intelligence and National

Palacios

201

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:09 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation Security, Vol. 30, No. 2–3 (2015), pp. 402–419; Esteban Navarro, Glosario de Inteligencia, Ministerio de Defensa 2007; EU Institute for Security Studies, 2015 Activities Report, EUISS 2015; EU Satellite Centre, Annual Report 2015, Publications Office of the European Union 2016; European External Action Service, Factsheet EU Conflict Early Warning System, September 2014. Retrieved from https://eeas.europa.eu/sites/ eeas/files/201409_factsheet_conflict_earth_warning_en.pdf (18 February 2017); European Union, Shared Vision, Common Action: A Stronger Europe. A Global Strategy for the European Union’s Foreign and Security Policy, June 2016; Fägersten, Intelligence and decision-making within the Common Foreign and Security Policy, SIEPS, European Policy Analysis (2015); Fingar, Reducing Uncertainty: Intelligence Analysis and National Security, Stanford University Press 2011; Freeman, Strategic Management: A Stakeholder Approach, Pitman, 1984; Gros-Verheyde, L’IntCen… le lieu des échanges … d’analyses Top secret, in blog Bruxelles 2, 21 January 2015. Retrievable at http://www.bruxelles2.eu/2015/01/21/que-faitlintcen-europeen/(20 November 2016); Gruszczak, Intelligence Security in the European Union: Building a Strategic Intelligence Community, Palgrave McMillan 2016; Haag and Bernardo Anaya, The first ten years of military Intelligence Support for the work of the EU, in Impetus 11 (Spring/Summer 2011), pp. 8–9; Hertzberger, Counter-terrorism intelligence cooperation in the European Union, UNICRI, 2007; Hulnick, What’s Wrong with the Intelligence Cycle, in Intelligence and National Security, Vol 21, No. 6 (2006), pp. 959–979; Kent, Strategic Intelligence for American World Policy, 3rd printing, Princeton University Press, 1953; Lahneman, The Need for a New Intelligence Paradigm, International Journal of Intelligence and CounterIntelligence, Vol. 23, No. 2 (2010), pp. 201–225; Lowenthal, Intelligence: From secrets to policy, CQ press, 2016; Netherlands Defence Intelligence and Security Service, 2013 Annual Report, Central Staff of the Ministry of Defence; Ignatius, Spy World Success Story, in Washington Post 2 May 2004; Jeffreys-Jones, In Spies We Trust, Oxford University Press 2013; Johnston and Johnston, Testing the Intelligence Cycle Through Systems Modeling and Simulation, in Johnston, Analytic Culture in the U.S. Intelligence Community, Centre for the Study of Intelligence, 2005, pp. 45–57; Kaunert and Léonard, European security, terrorism and intelligence: Tackling new security challenges in Europe, Springer, 2013; Kent, Strategic Intelligence for American World Policy, 3rd printing, Princeton University Press, 1953; Lange, Slovenia and the European External Action Service, in: Balfour and Raik (ed), The European External Action Service and National Diplomacies, IPC 2013, pp. 107–116; Marrin, At Arm’s Length or At the Elbow?: Explaining the Distance between Analysts and Decisionmakers, in International Journal of Intelligence and Counter Intelligence 20 (2007), pp. 401–414; Missiroli (ed), Towards an EU Global Strategy, EUISS, 2015; Müller-Wille, For our eyes only, Shaping an intelligence community within the EU, Occasional paper no. 50, EUISS, 2004; NATO Standardization Office, AAP-6. NATO Glossary of Terms and Definitions (English and French), edition 2012; NATO Standardization Office, AAP-6. NATO Glossary of Terms and Definitions (English and French), edition 2015; Netherlands Defence Intelligence and Security Service, 2013 Annual Report; Nomikos, European Union Intelligence Agency: A Necessary Institution for Common Intelligence Policy?, in Koutrakou (ed.), Contemporary Issues and Debates in EU Policy: The European Union and International Relations, Manchester University Press, 2004, pp. 38–55; Omand, Is it time to move beyond the Intelligence Cycle? A UK practitioner perspective in Phythian (ed), Understanding the Intelligence Cycle, Routledge, 2013, pp. 134–148; Omand, “Reflections on Secret Intelligence”, lecture at Gresham College, 20 October 2005. Retrieved from http://www.gresham.ac.uk/ print/1891 (19 May 2012); Palacios, “Hacia un concepto europeo de inteligencia”, in Inteligencia y Seguridad. Revista de Análisis y Prospectiva, 16 (2104), pp. 99–123; Presidenza del Consiglio dei Ministri, “Il linguagio degli organismi informativi. Glossario Intelligence”, special issue of Gnosis (2013). Retrieved from https://www.sicurezzanazionale.gov.it/sisr.nsf/wp-content/uploads/2013/12/Glossario-intelligence2013.pdf (17 July 2017); Rettman, EU intelligence chief: No way of checking if information came from torture, EU Observer, 10 December 2014; Rood, Inside the one spy agency that got pre‐war intelligence on Iraq – and much else – right, in Washington Quarterly January/February 2005; Svendsen, The globalization of intelligence since 9/11: frameworks and operational parameters, Cambridge Review of International Affairs, Vol. 21, No. 1 (March 2008), pp. 129–144; Treverton, Reshaping national intelligence for an age of information, Cambridge University Press, 2003; Treverton, Toward a Theory of Intelligence, Rand (Workshop Report), 2006; UK Cabinet Office, National Intelligence Machinery, 2010, pp. 23–24; Warner, Wanted: a definition of intelligence, Studies in Intelligence, Vol.46, No. 3 (2002), pp. 15–22.

Intelligence cooperation and joint intelligence production are also part of European construction. As it will be seen in this chapter, the European institutions already have an important and growing role in this field, although, for the time being, efforts are mostly channelled through structures not affiliated with the European Union. If Europe wants to play in the future a more important role in international affairs, if it wants to be better prepared to protect its specific interests and those of its citizens it will probably need to develop its own intelligence system, designed to support the 202

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:10 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. EU intelligence: On the road to a European Intelligence Agency?

work of the common institution and of the European Union as a whole. This will not necessarily entail the establishment of a EU intelligence agency, able to carry out all steps of the intelligence cycle.

A. Introduction I. European institutions and intelligence cooperation The European Union has been built by following two different approaches, one 1 supranational and one intergovernmental, and the complicated institutional architecture of the European Union has served well the interests of European integration on both tracks. Common institutions have been able to develop the supranational potential of the European idea and create a common framework for all EU citizens. Achievements such as the free movement of persons, services and capitals, the common currency or the Schengen area are the fruits of this supranational approach that some Member States support more enthusiastically than others. But the EU institutions have also played important roles in areas such as CFSP (Common Foreign and Security Policy) or JHA (Justice and Home Affairs), which remain basically intergovernmental. Without forgetting the important role played by what could be called “the wider EU”, a network of institutions not directly connected to the EU that also contribute to European construction. It is the case of the OSCE (Organisation for Security and Cooperation in Europe) and NATO (North Atlantic Treaty Organisation) for defence and security issues. It is also the case of the Council of Europe for promoting human rights, democracy and the rule of law in Europe. Additionally, also informal networks often play an important role in making European mechanisms run smoothly1. In the field of CFSP, a common institution, the European External Action Service 2 (EEAS), helps Member States to adopt and implement common positions, and a EU agency, the EU Satellite Centre (SATCEN), gathers and interprets satellite imagery. Commission departments such as DG NEAR (Neighbourhood and Enlargement Policy), DG DEVCO (International Cooperation and Development), DG ENER (Energy) and DG ECHO (Civil Protection and Humanitarian Aid Operations) also contribute to the EU external action, much in the same way as EUROPOL and FRONTEX (EU agencies), as well as DG HOME (Migration and Home Affairs) and DG JUST (Justice) support and supplement Member States’ efforts in the field of Justice and Home Affairs. Intelligence cooperation and joint intelligence production are also part of Eur- 3 opean construction. As it will be seen in this chapter, the European institutions already have an important and growing role in this field, although, for the time being, efforts are mostly channelled through structures not affiliated with the European Union. NATO, for instance, has a crucial role for military intelligence and so does the Counter-Terrorist Group (CTG), a forum bringing together the internal security services of EU Member States, Norway and Switzerland, for matters of counterterrorist coordination.

1 For a detailed discussion of the importance of networks, see Mai’a Cross Davis, The Merits of Informality: The European Transgovernmental Intelligence Network, Part 3 Chapter 2, in this volume.

Palacios

203

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:10 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

II. What is intelligence?2 In this chapter the word “intelligence” will be frequently used and it would probably be good to start with a definition of this term, which, in European conditions, is a very difficult thing to do. There are, obviously, some good official and academic definitions, but none of them is universally accepted. To a certain extent, it could be assumed that intelligence is, as defined in NATO glossary AAP-6 (2015 edition), “the product resulting from the directed collection and processing of information regarding the environment and the capabilities and intentions of actors, in order to identify threats and offer opportunities for exploitation by decision-makers”3. However, this recent definition still leaves a lot of space for different interpretations. 5 In practice, it is easy to recognise in contemporary Europe two main intelligence schools, using each a different concept of intelligence. In the British tradition, intelligence (or “secret intelligence” as they usually refer to it) is information obtained by special means. On the other hand, according to American tradition, at least since Sherman Kent, intelligence is knowledge, understanding, in support of decision-making4. As Philip Davies (2002) has pointed out, “the difference between British and US concepts of intelligence is that the United States approaches that information as a specific component of intelligence, while Britain approaches intelligence as a specific type of information”5. This is, of course, a rather schematic characterisation of the real situation, which is, both in Britain and the United States, much more nuanced and complex. In the United States, “secrets” are very often considered as a necessary component of any intelligence product. On the other hand, the British intelligence community is well aware of the role of analysis (assessment) and the value of non-secret information inputs, although the most important analytical products are elaborated in a body, like the Joint Intelligence Committee (JIC), which formally does not belong to the community. 6 In this discussion between British and American models, the various European intelligence schools have traditionally been much closer to the British one. In continental Europe, intelligence has been usually understood as “secret information” rather than as “knowledge”6, there is a clear tendency to relate “intelligence” to “secrets” and 4

2 Some works that can help readers understand the concept of intelligence and its recent evolution: Kent, Strategic Intelligence for American World Policy, 3rd printing, Princeton University Press, 1953; Treverton, Reshaping national intelligence for an age of information, Cambridge University Press, 2003; Fingar, Reducing Uncertainty: Intelligence Analysis and National Security, Stanford University Press 2011; Lowenthal, Intelligence: From secrets to policy, CQ press, 2016; Warner, “Wanted: a definition of intelligence”, Studies in Intelligence, Vol.46, No. 3 (2002), pp. 15–22; Bett, Enemies of Intelligence: Knowledge and Power in American National Security, Columbia University Press, 2009; Lahneman, “The Need for a New Intelligence Paradigm”, International Journal of Intelligence and CounterIntelligence, Vol. 23, No. 2 (2010), pp. 201–225; Svendsen, “The globalization of intelligence since 9/11: frameworks and operational parameters”, Cambridge Review of International Affairs, Vol. 21, No. 1 (March 2008), pp. 129–144.; Omand, “Reflections on Secret Intelligence”, lecture at Gresham College, 20 October 2005. Retrieved from http://www.gresham.ac.uk/print/1891 (19 May 2012). 3 NATO Standardization Office, AAP-6. NATO Glossary of Terms and Definitions (English and French), edition 2015, p. 2-I-6. 4 “Intelligence means knowledge” are the first words of Sherman Kent’s classical work Strategic Intelligence for American World Policy. See Kent, Strategic Intelligence for American World Policy, 3rd printing, Princeton University Press, 1953, p. 3. 5 Davies, “Ideas of Intelligence: Divergent Concepts and National Institutions”, Harvard International Review 24, 3 (2002), pp. 62‐66. 6 Palacios, “Hacia un concepto europeo de inteligencia”, in Inteligencia y Seguridad. Revista de Análisis y Prospectiva, 16 (2104), pp. 106.

204

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:11 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. EU intelligence: On the road to a European Intelligence Agency?

the practice of intelligence is frequently equated to espionage. However, and particularly over the last twenty years, the American concept of intelligence as understanding, as knowledge, has gradually entered the vocabulary of European experts and has been incorporated in different degrees into the national intelligence cultures of many EU Members States7. Bilateral cooperation in the field of intelligence has been a first and important way of extending American influence to European countries. This cooperation is essentially asymmetrical, given the marked disparity of means and technical sophistication between the US intelligence agencies and their European counterparts, and has served in many cases to transmit elements of the US intelligence culture. A second transmission belt, particularly effective in the realm of military intelligence, has been NATO. For over sixty years, NATO has made a great effort to standardise concepts and procedures, generally on the basis of US practice8. Finally, the emergence of academic intelligence studies, initially in the United States, is also serving as an effective vehicle for spreading in Europe the American concept of intelligence as “knowledge”. Although the aim of intelligence is not even mentioned by many of the most popular 7 definitions, it has been usually understood that intelligence is very closely related to “security”. Decision-makers look for intelligence (in both senses: special information or knowledge) on something or somebody as a way to reinforce their countries’ security. But security itself is a rather ambiguous concept subject to evolution. Nowadays, it is rather clear that security includes, at least, the two traditional fields of defence and internal security (in particular, from terrorist threats), but also some new disciplines, such as economic security, energy security, cyber security, etc. In practical terms, intelligence supports foreign policy (external action), law and justice activities and, to a lesser extent, other branches of public administration. And intelligence is used whenever there is a perception of threat or decision-makers are looking for opportunities or trying to envisage a future after a high-impact event. The development of EU intelligence is following a path similar to that already 8 followed in other fields of European construction. That is, the focus is on what Europeans have in common, rather than on the many existing differences. And, in case of problems, EU officials use an indirect approach to circumvent it, instead of losing time and wasting political capital in vain efforts to find definitive solutions. Large amounts of strategic ambiguity are serving well to bridge the gap between the old realities that are being left behind and the new realities that are hopefully emerging, which is absolutely necessary, because under the common European roof (described in detail in section C), contributing national agencies and seconded analysts stay faithful to their own national concepts. For some of them, “intelligence” is what national agencies share with the EU, while the role of common bodies consists in facilitating the exchange of national intelligence, as well as in “fusing” what they receive from Member States in order to make it more useful in the EU environment. Others, those understanding intelligence mostly as “analysis”, will sustain that EU intelligence bodies are able to produce their own intelligence with the assistance of Member States’ agencies. A common European concept of “intelligence” or, at least, a concept of intelligence 9 systematically used in the EU structures will probably take some time to emerge (to be 7 In Italy, for instance, “intelligence” is currently defined as “Il prodotto dell’elaborazione di una o più notizie di interesse per la sicurezza nazionale”. See Presidenza del Consiglio dei Ministri, “Il linguagio degli organismi informativi. Glossario Intelligence”, special issue of Gnosis (2013), p. 63. In Spain, it is the “Producto que resulta de la evaluación, la integración, el análisis y la interpretación de la información reunida por un servicio de inteligencia” (Esteban Navarro, Glosario de Inteligencia, Ministerio de Defensa 2007, p. 82). 8 See Masala/Scheffler Corvaja, NATO Intelligence and Common Foreign and Security Policy, Part 2 Chapter 5, in this volume.

Palacios

205

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:11 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

finally agreed upon). Because this discussion is not purely technical. It also reflects the existing differences on the future of European integration, with “federalists” in favour of reinforcing the powers of common institutions and their opponents insisting on the preservation of the primacy of Member States. For as long as the discussion on European construction is not positively solved, it will be very unlikely that European intelligence professionals can make progress towards a single intelligence concept, accepted by all actors and stakeholders.

III. EU intelligence cycle According to an old definition, official in NATO until 2013, intelligence may be a product, a process or an organisation9. Intelligence as a product has already been discussed and reference has been made to intelligence organisations, both at EU and national level. But it is also interesting to think of intelligence as a process, as a series of interrelated activities that allow us to create a “product”, which is used, in one way or another, in support of decision-making10. And it is interesting, because it gives us insight on the intrinsic complexity of intelligence, on the many different actors having a role in it. 11 Traditionally, the intelligence process has been described by using what is called “intelligence cycle”, that is, a “sequence of activities whereby information is obtained, assembled, converted into intelligence and made available to users”11. Contemporary specialists frequently dispute that the intelligence cycle is an accurate description of how intelligence is elaborated in practice and how policy-makers participate in the process. The sequential character of the cycle is particularly criticised, which has made some scholars propose its replacement by a non-sequential process comprising, maybe, the same elements (phases), but allowing their combination and interaction in almost every possible way12. Nevertheless, the intelligence cycle is still very useful for organisational and educational purposes. Even if the cycle is seen as a schematic description, without any prescriptive or normative value, it could also be useful as a first and simplified approximation to a rather complex activity or set of activities. 12 The EU lacks a single and officially sanctioned intelligence process, so that different institutions and agencies organise the intelligence work according to their own particular necessities and preferences. In the CFSP field, the EEAS has issued a Decision describing the Intelligence Support Architecture13, but the intelligence cycle is not explicitly part of it. Nevertheless, the contents or the Decision are clearly based on a 10

9 NATO Standardization Office, AAP-6. NATO Glossary of Terms and Definitions (English and French), edition 2012, p. 2-I-6. 10 For some interesting discussions of the concept of intelligence cycle, please see Davies, Gustafson and Rigden, “The Intelligence Cycle is dead, long live the Intelligence Cycle”, in Phythian (ed), Understanding the Intelligence Cycle, Routledge, 2013, pp. 56–75. ; Hulnick, “What’s Wrong with the Intelligence Cycle”, in Intelligence and National Security, Vol 21, No 6 (2006), pp. 959–979; Johnston and Johnston, “Testing the Intelligence Cycle Through Systems Modeling and Simulation”, in Johnston, Analytic Culture in the U.S. Intelligence Community, Center for the Study of Intelligence, 2005, pp. 45–57; Treverton, Toward a Theory of Intelligence, Rand (Workshop Report), 2006; Omand, “Is it time to move beyond the Intelligence Cycle? A UK practitioner perspective”, in Phythian (ed), Understanding the Intelligence Cycle, Routledge, 2013, pp- 134–148. 11 NATO Standardisation Office. 12 See, for instance, Johnston and Johnston, “Testing the Intelligence Cycle Through Systems Modeling and Simulation”, in Johnston, Analytic Culture in the U.S. Intelligence Community, Center for the Study of Intelligence, 2005, pp. 48–50. 13 HR decision of June 2012 establishing the organisation and functioning of the EEAS Intelligence Support Architecture. This decision bears no date and has not been officially published (July 2017).

206

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:12 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. EU intelligence: On the road to a European Intelligence Agency?

sequential understanding of the intelligence process, that is, on a cycle. Unofficially, the different CFSP intelligence actors use NATO’s four-step cycle (direction, collection, processing and dissemination), or its CIA equivalent, where the processing step is split into two different ones: processing (that is, collation and evaluation) and analysis. In the law and justice field, the first Director of EUROPOL, Jürgen Storbeck, established in the 1990s a five-steps intelligence cycle for the agency: planning and direction; collection; processing; production; and dissemination and evaluation14. In a later Intelligence Model Framework, elaborated by EUROPOL’s Analysis Unit, the intelligence cycle is replaced by the somewhat wider concept of “intelligence process”, with the following steps: tasking, collection, evaluation, collation, analysis, dissemination/identification of projects. In reality, EUROPOL’s process is nothing else than a different systematisation of the elements of NATO’s cycle, with tasking and identification of projects being part of the direction step, and evaluation, collation and analysis, of processing. The classical intelligence cycle presupposes the existence of a single, well structured and 13 straightforward decision-making process, something which may be true to a certain extent at the national level, but for sure not in supranational entities such as the EU. In the EU, there are national and EU-level (common) actors interacting within a multiplicity of structures. National intelligence systems play a very important role by supporting key players (their own national governments), but also, in an indirect way (intelligence liaison) other actors, such as foreign governments and the European institutions. On the other hand, the EU intelligence structures are mainly designed to support the institutions, but they are also able to influence the perceptions of national actors. The classical intelligence cycle is not appropriate to describe the work of intelligence in such a complex decision-making system, but it can surely help us to understand what European intelligence structures can provide and what is still missing. And, to a certain extent, what can be improved and what is irredeemably linked to the current identity and structure of the European Union and will not probably change unless the very European Union undergoes profound changes in its being and functioning. The EU intelligence system, meaning by that the different intelligence structures 14 working at EU level, primarily in support of EU bodies or institutions, is able to carry out the direction step of NATO’s intelligence cycle. For CFSP matters, the Intelligence Steering Board, probably the key body in the Intelligence Support Architecture15, defines priorities and recommends the adoption of different procedures, in particular for tasking. EUROPOL, SATCEN, FRONTEX and other EU bodies performing intelligence tasks have their own mechanisms for tasking and prioritisation. At EU level, the Council and its dependent bodies can instruct the different intelligence structures, either individually or in cooperation, to elaborate analyses in support of its own activities. It has frequently done so with INTCEN and EUROPOL, and more episodically with FRONTEX and other structures16. The EU intelligence structures have been designed to focus on the processing and 15 dissemination steps of the intelligence cycle. On the other hand, they almost completely 14

See Ryder, European Criminal Intelligence, Part 3 Chapter 3, in this volume. The Intelligence Steering Board has ceased to meet regularly. Its role and the whole of the Intelligence Support Architecture may be reconsidered as a result of the implementation of the new European Global Strategy. 16 For examples of the Council tasking INTCEN and EUROPOL, please see the Update on the conclusions, recommendations and way forward on the INTCEN and Europol threat assessments mechanism (ST 6699 2017 REV 1) of 4 May 2017. Concerning FRONTEX, a typical case is explained in a note from the Presidency of the Council dated 11 September 2015 (11782/1/15 REV 1). In this note, FRONTEX together with EASO (European Asylum Support Office) and EUROPOL, was mandated to produce a joint analysis on secondary movements of migrants, to be discussed by Council working groups. 15

Palacios

207

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:12 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

lack means for collection, either clandestine or overt. For that reason, instead of collecting classified information from their own human or technical sources, they have to request it from Member States’ intelligence and security agencies. The satellite imagery processed by SATCEN is purchased from commercial providers or contributed by those Member States owning observation satellites (Helios 2, Pléiades, CosmoSkyMed, SAR-Lupe). And, although diplomatic information is part of the mix processed by EU intelligence structures, it is not collected by themselves, but by the diplomatic services of the EU and Member States, as well as by other EU institutions and bodies. One of the few exceptions is FRONTEX, which is able to collect part of the information it later processes. In any case, FRONTEX is not a pure intelligence structure, but an agency with a wider scope of action that produces intelligence in support of its own activities and, in some cases, of decision-making at EU level.

IV. A strategic-level tool 16

Decision-making at EU level is strategic in its very nature and the EU-level intelligence system that is being described in this chapter produces, precisely, strategic intelligence. Particular members of the EU family (EU institutions, EU agencies, CSDP missions and operations) may need the support of intelligence at the operational or tactical level and, in principle, they can establish their own operational or tactical analytical bodies, in charge of processing all the information available to them. This is especially true in case of CSDP missions and operations. The functioning of such intelligence/analytical structures is out of the scope of this chapter.

B. Clients, customers and stakeholders I. Intelligence stakeholders in the EU Intelligence is a service to decision makers and must be tailored to their needs, in particular to the way decision makers use knowledge in support of their activities. Different users may and do often require different kinds of intelligence assistance, which translates into different products and different interaction patterns. The EU is an international actor with its own interests and policies, but an actor of a different kind from traditional nation-states. Therefore, intelligence support in the EU environment has its own particularities, difficult to find at national level. By means of a permanent dialogue with the users of their services, the different EU intelligence bodies try to offer to decision makers the specialised knowledge they need in order to make well-informed decisions. 18 In this chapter the distinction between clients and customers made by some scholars and practitioners is used. Clients are those users “paying for the services” of the intelligence structures and in most cases are hierarchically placed above them. Customers are all the rest of users and, unlike clients, have only limited possibilities to request specific support from intelligence. Although in principle it might seem that intelligence structures should orient themselves almost exclusively to meet the requirements of their clients, in practice the opinion of customers is also very important. In such a collaborative, consensus-based, decision-making system as the one existing in the EU, the distinction between clients and customers is sometimes blurred and for intelligence 17

208

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:13 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. EU intelligence: On the road to a European Intelligence Agency?

structures the satisfaction of users not belonging to their own hierarchy might be in some cases essential. The openness of modern Western societies, but also the unique characteristics of the 19 EU as a new kind of international actor, a sui generis construction specialised in projecting soft power, proud of its reputation as a champion of human rights, make it useful the introduction of a wider category, the “stakeholders”. Stakeholders are “groups and individuals who can affect, or are affected by, the achievement of an organization mission”17. Clients and customers are, obviously, important stakeholders. Academia, media, think tanks, NGOs, churches or other religious bodies with official status, international organisations and, in some cases, even third countries, that, under certain circumstances, are also entitled to receive some EU intelligence products can be added to the list of intelligence stakeholders. Due to classification constraints, most external stakeholders have no real access to EU 20 intelligence products, although EU formal regulations on transparency18, as well as informal practices, give them some insight on how intelligence analysis is conducted in the EU19. The relationship between EU intelligence and its stakeholders works also in the other sense. Many stakeholders have access to very interesting information and, under certain conditions, may be ready to share it with EU bodies, including intelligence. Some of them may feel that by providing information they can, at least in some degree, influence the intelligence products and, through them, EU decision-making.

II. The Council Intelligence is frequently associated with security, so that EU intelligence mostly 21 works in support of the Common Foreign and Security Policy, as well as in the field of Internal Security (Justice and Home Affairs). In both cases, Member States retain their sovereign authority and decisions on common policies are adopted by the Council by unanimity. Even if only a few EU intelligence structures (the agencies) are directly subordinate to the Council, all of them have the Council structures as their reference client. Because, at the end of the day, the institution in charge of adopting strategic decisions in the field of external and internal security is the Council and EU intelligence is necessarily strategic in nature. The European Council and, more often, the Council of the European Union in its 22 FAC (Foreign Affairs Council) and JHA (Justice and Home Affairs) configurations are at the top of the EU decision pyramid on intelligence matters. Positions and structures under the Council, such as the President of the European Council and his Cabinet, the Political and Security Committee or the regional and thematic working parties have regular access to the EU intelligence production, in written way as well as by means of oral briefings and presentations. In the field of Justice and Home Affairs, the Council’s Counter-Terrorism Coordinator, the COSI (Standing Committee on Operational Cooperation on Internal Security), the COTER (Working Party on Terrorism – International Aspects) and the TWP (Working Party on Terrorism) play a similar role as focal points for EU strategic counter-terrorist intelligence. The European Council, the Council of the European Union in its different configurations and, according to the 17

Freeman, Strategic Management: A Stakeholder Approach, Pitman, 1984, p. 52. Regulation (EC) No 1049/2001 of the European Parliament and of the Council of 30 May 2001 regarding public access to European Parliament, Council and Commission documents. 19 NGOs such as Statewatch (http://www.statewatch.org) have regularly reported on openness, secrecy and access to EU official documents, even of classified nature. 18

Palacios

209

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:13 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

established procedures, all the Council positions and bodies mentioned above can task the EU intelligence structures and receive support from them. 23 Decision-making is very complex in the EU, particularly when the unanimity of all Member States is required, as it is the case in CFSP and JHA. Building consensus is of paramount importance and, as a matter of fact, the Council bodies and officials are mostly focused in helping Member States to reach consensus. With national interests often diverging, consensus is made easier if a shared narrative, a common understanding of the relevant facts and their meaning, has already emerged and has been accepted by all Member States. Contributing to create this common understanding is maybe the most important of all functions performed by the different EU strategic intelligence structures in support of the Council. 24 A well-functioning decision-making process requires that all Member States are sufficiently and correctly informed. But intelligence is expensive, good intelligence even more expensive and an effective strategic intelligence system covering all the regions of the world where the EU has interests and on which EU bodies may be forced to take decision is beyond the reach of many EU Member States, except, perhaps, for a limited number of subjects of the highest national priority. As a Slovenian scholar has written, “an independent, neutral and objective analysis provided by the EEAS (INTCEN), and strongly advocated by the Slovenian MFA, would enable many Member States which do not have the capacity to invest in reporting and analysis on all EU policies, to be objectively informed when joining in decision-making processes. (…) With such independent information and analysis, decisions would be taken on the basis of informed consent and would lower the possibilities of a stalemate which otherwise occurs in such situations”20. In a similar line, former INTCEN Director Ilkka Salmi pointed out in December 2014 that “ambassadors from the bigger Member States will always have additional information. But at least they all have something – a common intelligence product – which they can count on”.21 This common intelligence product is made available to them by EU structures such as INTCEN22, EUMS INT23, EUROPOL and others (Section C).

III. EEAS 25

The Intelligence and Situation Centre (INTCEN) and the EUMS Intelligence Directorate (EUMS INT)24 are the two most conspicuous intelligence structures in the EU, and both of them are part of the European External Action Service. And, when eyes are turned to the planning and direction step of the intelligence cycle, the most important intelligence tasking and control arrangement in the EU, the Intelligence Support Architecture (ISA), was created by a decision of the High Representative25 and is chaired by her. In the frame of the Intelligence Support Architecture, an Intelligence Steering Board chaired by the High Representative or by the EEAS Executive Secretary 20 Lange, “Slovenia and the European External Action Service”, in: Balfour and Raik (ed), The European External Action Service and National Diplomacies, IPC 2013, p. 111. 21 Rettman, “EU intelligence chief: No way of checking if information came from torture”, EU Observer, 10 December 2014. 22 EU Intelligence and Situation Centre, previously known as Joint Situation Centre (SITCEN) and EU Intelligence Analysis Centre. 23 Intelligence Directorate (previously, Intelligence Division) of the EU Military Staff. 24 See Rauwolf, Intelligence in EU-led military missions and operations, Part 2 Chapter 4, in this volume. 25 HR decision of June 2012 establishing the organisation and functioning of the EEAS Intelligence Support Architecture.

210

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:13 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. EU intelligence: On the road to a European Intelligence Agency?

General defines intelligence requirements, intelligence contributions to advance planning and priorities at the strategic level. According to the Article 2 of the Council Decision establishing the organisation and 26 functioning of the European External Action Service (26 July 2010), the EEAS supports the High Representative in fulfilling her mandate to conduct the Common Foreign and Security Policy. That is, the High Representative and the EEAS assist Member States to adopt strategic decisions, but, in practice, their specific role is of operational nature and it would seem logical that the EEAS intelligence structures would also be able to provide support at the operational level. This is an old ambition, dating back to the postHampton Court process (2006–2007)26 and it has never fully materialised. Intelligence support to CSDP missions and operations, as well as to operational diplomacy, would require improvements in the volume and sensitivity of the information provided by Member States, but also better access of the EEAS intelligence structures to all the information collected by other parts of the EEAS, in particular by EU Delegations. More staff with specific training would also be needed to process this growing amount of information and the dissemination system should allow a rapid and secure transmission of the produced intelligence to those in need of it. A lot has been done in that direction over the last few years, but the EEAS intelligence structures continue being far more effective at the strategic level than at the operational level. For the EEAS intelligence bodies, EU Delegations are providers of information, but 27 they are also their customers whenever the availability of secure communications so allows. The Delegations’ access to the EEAS intelligence production allows them to be more aware of the strategic discussions being conducted in the headquarters, which, in turn, may help them in their daily work. At the operational level the situation is even more complex. With very different schemes of interaction and levels of expectation, the heterogeneity of the EEAS staff and the existence in Europe of different intelligence traditions make it difficult to reduce relations between EEAS intelligence and the EU Delegations to a limited number of standardised cooperation patterns. Something similar could be said about civilian CSDP missions and operations. All of 28 them would be interested in receiving operational-level intelligence support from the headquarters, something that can be provided only in particular cases. The lack of sufficiently detailed and timely information inputs and the insufficient availability of secure communications systems in civilian missions are, probably, two of the problems hindering this process until now. In 2009 it was decided to create in the civilian missions small intelligence analysis cells (MAC)27 designed to enhance proactive situational awareness for the Head of Mission in theatre. According to the initial expectations, the MACs would allow missions to contribute more efficiently to the development of a common situational awareness shared with their chain of command and other EU actors, including the EEAS intelligence structures. Additionally, the MACs were meant to facilitate the sharing of information with non-EU partners in theatre as appropriate. Some of the missions that count or have counted with MACs in 26 The informal Hampton Court summit in 2005 opened the way for a rationalisation of crisis management structures within the Council Secretariat. The main results of the post-Hampton Court process were the creation of the Crisis Management Board and the Single Intelligence Analytical Capability, as well as the establishment of the Civilian Planning and Conduct Capability (CPCC). 27 Overarching principles for the establishment of an analytical Capability in Civilian ESDP Crisis Management Operations – Mission Analytical Capability (MAC) (Council doc. 15417/1/09 dated 6 November 2009)). Although the word intelligence was carefully avoided in the Overarching Principles on the establishment of MACs, the table of definitions appended to the Overarching principles included a series of standard intelligence definitions (with the word intelligence replaced by others, mostly by “analysis”), many of them directly taken from NATO’s AAP-6.

Palacios

211

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:14 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

their structure are EUPM (European Union Police Mission) in Bosnia and Herzegovina, EUMM (European Union Monitoring Mission) Georgia and EUCAP (European Union Capacity Building) Sahel Mali.

IV. The EU Commission The President of the European Commission, the Commissioner for the Security Union and the members of the RELEX group of Commissioners play important roles in the definition and implementation of EU policies, many of which have also an external dimension. At a lower level, the same could be said about such DGs such as NEAR (Neighbourhood and Enlargement), ECHO (Civil Protection and Humanitarian Aid Operations), DEVCO (International Cooperation and Development), ENER (Energy) or MOVE (Mobility and Transport), with intelligence support needs not significantly different from those of the EEAS. For this reason over the last few years, despite the very limited possibilities of the EU intelligence structures, the President of the Commission, a number of Commissioners and several DGs have gradually become important intelligence customers. 30 DG HOME and DG JUST are the main Commission structures in the field of Justice and Home Affairs. In particular, DG HOME, with a more practice-oriented profile, is an important intelligence customer in matters related to counter-terrorism and migration. EUROPOL and INTCEN are its main providers of counter-terrorist intelligence. On the other hand, FRONTEX, INTCEN and EUMS INT can supply DG HOME with intelligence of interest for understanding security-related aspects of the migration phenomenon. 31 Although the EU intelligence structures have not been designed for producing specialised economic intelligence, some of them have limited capabilities for economic intelligence analysis, particularly in areas such as energy or transportation and if the political dimension is important. EU INTCEN, EUMS INT and SATCEN are the main providers of this type of intelligence. 32 No specific intelligence structures are directly subordinated to the European Commission. For that reason, nothing similar to the EEAS Intelligence Support Architecture exists, or has ever existed, in the Commission. Representatives of the Commission are regularly invited to attend the meetings of the EEAS Intelligence Steering Board and, at least, DG HOME so always does. The Security Directorate of DG HR and other Commission bodies may request from INTCEN and EUMS INT specific intelligence products using a tasking mechanism approved by the Intelligence Steering Board. 29

V. EU agencies and other EU bodies EU agencies can also be important customers for some of the EU intelligence structures. The support they receive depends, mostly, on their specialisation. Agencies working in fields related to security are more likely to benefit from some degree of intelligence support. Until recently, the lack of appropriate facilities for handling classified information or the absence of secure communications with the headquarters and other EU facilities limited the possibilities of cooperation with structures such as INTCEN and EUMS INT that mostly produce classified intelligence. 34 One of the EU agencies, SATCEN, has primarily intelligence functions, in the particular field of interpretation of satellite imagery. SATCEN works in support to 33

212

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:14 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. EU intelligence: On the road to a European Intelligence Agency?

INTCEN and EUMS INT, to the Council, to the EEAS and, in some cases, to EU Missions and Operations, other EU institutions and, with the approval of the Council, international organisations. At the same time, SATCEN is also a customer of other intelligence structures, such as INTCEN, EUMS INT and FRONTEX. The intelligence received from them allows SATCEN to better understand those bodies’ intelligence needs and provides SATCEN analysts with the context they need to interpret satellite images. EUROPOL’s and FRONTEX’s intelligence structures work primarily in support of 35 their own agencies, which are for them the priority clients. Both agencies also receive some intelligence support from other EU Intelligence structures, such as INTCEN, EUMS INT and SATCEN.

VI. Other EU customers The cooperation between the European Parliament and the EU intelligence struc- 36 tures is limited by the provisions of the Council and EEAS security regulations. The Director of INTCEN has sometimes attended sessions of different Committees and Subcommittees. In the past, INTCEN analysts have also provided security briefings to delegations of Members of the European Parliament travelling to countries of concern, at their request. The security services of the EU institutions can be intelligence customers in their own 37 right. This is particularly so if there is a credible terrorist threat against EU personnel and premises, in Brussels or abroad.

C. EU intelligence structures I. INTCEN28 The EU Intelligence and Situation Centre (EU INTCEN) is the main intelligence 38 structure in the EU. It was established in 2001 by the then Secretary General Javier Solana on the basis of a pre-existent Situation Centre, inherited from the Western European Union29. In the following years, under the direction of British diplomat William Shapcott, the EU Joint Situation Centre (SITCEN), which officially was a Directorate within Solana’s Cabinet, expanded rapidly. After the Madrid attacks of 2004 SITCEN incorporated a Counter-Terrorist Task Force, staffed with analysts 28 Some interesting works on European and EU intelligence, with special focus on INTCEN (SITCEN): Gruszczak, Intelligence Security in the European Union: Building a Strategic Intelligence Community, Palgrave McMillan 2016; Fägersten, “Intelligence and decision-making within the Common Foreign and Security Policy”, SIEPS, European Policy Analysis (2015); Nomikos, “European Union Intelligence Agency: A Necessary Institution for Common Intelligence Policy?”, in Koutrakou (ed.), Contemporary Issues and Debates in EU Policy: The European Union and International Relations , Manchester University Press, 2004, pp. 38–55; Cross, “The Limits of Epistemic Communities: EU Security Agencies”, Politics and Governance, Vol. 3, Issue 1 (2015), pp. 90–100; Müller-Wille, For our eyes only, Shaping an intelligence community within the EU, Occasional paper no. 50, EUISS, 2004; Hertzberger, Counter-terrorism intelligence cooperation in the European Union, UNICRI, 2007; Den Boer, “Counterterrorism, security and intelligence in the EU: Governance challenges for collection, exchange and analysis”, Intelligence and National Security, Vol. 30, No. 2–3 (2015), pp. 402–419; Kaunert and Léonard, European security, terrorism and intelligence: Tackling new security challenges in Europe, Springer, 2013. 29 Report by the Secretary General/High Representative to the Council on Intelligence Cooperation (SN 4546/1/01 REV1), dated 15 November 2011.

Palacios

213

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:15 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

seconded by European security services. With the time, SITCEN became a rather complex organisation, with elements specialised in intelligence analysis, early warning and alerting, support to CSDP missions, open sources processing, consular support, communications, security accreditation and other. SITCEN proved in practice to be a very flexible structure, able to assume different tasks and activities more or less related to secrets, to information or to both. When Solana’s mandate expired in late 2009, SITCEN consisted of three Units (Analysis, Operations and Communications/Consular Affairs), with an overall staff of more than 100, including EU officials and seconded national experts. 39 In January 2011 the EU INTCEN joined the just created European External Action Service. In the process, it lost the staff supporting the Council’s Security Accreditation Authority, but it absorbed the Commission’s Crisis Room, a small team specialised in crisis response and open sources intelligence belonging until then to DG RELEX (External Relations). Under the new Director, the Finn Ilkka Salmi, SITCEN reorganised in order to focus more on what was then understood to be its main function: intelligence analysis. In the summer of 2011, part of the EU SITCEN split to form the EU Situation Room and the Consular Crisis Division, both attached to the new Department for Crisis Response and Operational Coordination, headed by Dr. Agostino Miozzo, while the rest of SITCEN was reorganised into two Divisions (Analysis, and General and External Relations). In order to better reflect its new focus, in March 2012 SITCEN was renamed the EU Intelligence Analysis Centre (INTCEN). Between 2012 and 2015, the EU INTCEN counted around 70 people, 30 of them seconded by Members States’ Intelligence and Security Services30. 40 After the EEAS reorganisation in the summer of 2015, INTCEN recovered the Divisions it had lost four years earlier. Under a new name (EU Intelligence and Situation Centre), but keeping the same acronym, the EU INTCEN now comprises four Divisions: Intelligence Analysis, in charge of strategic intelligence analysis, both in the field of foreign and internal security intelligence; Open Source Intelligence, in charge of processing open sources; Situation Room, in charge of situation monitoring, and Consular Crises Management, in charge of helping Member States and the Union to provide appropriate assistance in the case of consular crises. With a different organisation and a reinforced analytical branch, the new INTCEN covers now most of the areas it used to cover under Solana. Since early 2016, INTCEN’s Director is Dr Gerhard Conrad, a career officer with the BND (German foreign intelligence agency). 41 Initially, the intelligence-related role of the Joint Situation Centre consisted in producing strategic intelligence analysis for the Secretary General and the Council’s structures (particularly, for the Political and Security Committee – PSC –) on the basis of information and analyses received from Member States’ intelligence agencies, EUproduced information and open sources. Very soon (2005), a counter-terrorist dimension was added and a close cooperation with Member States’ internal security agencies was established. As a British official explained in 2005 to the House of Commons: “The EU Joint Situation Centre (SITCEN) monitors and assesses events and situations worldwide on a 24-hour basis with a focus on potential crisis regions, terrorism and Weapons of Mass Destruction proliferation. The SITCEN also provides support to the EU High Representative, Special Representatives and other senior officials, as well as for EU crisis management operations”31. Ten years later, according 30 According to Ilkka Salmi. See Clerix, “Ilkka Salmi, the EU’s spymaster”, MO, 4 March 2014. Retrieved from http://www.mo.be/en/interview/ilkka-salmi-eu-s-007 (22 January 2017). 31 Clarke, Written Answer to Questions, 27 June 2005: column 1248W.

214

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:15 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. EU intelligence: On the road to a European Intelligence Agency?

to the INTCEN Factsheet32, the Centre’s mission remains almost the same, with considerable emphasis being made now on the “exclusivity” of the information that INTCEN is able to provide, thanks to its privileged relation with the Member States’ intelligence and security services: – to provide exclusive information that is not available overtly or provided elsewhere; – to provide assessments and briefings and a range of products based on intelligence and open sources; – to act as a single entry point in the EU for classified information coming from Member States’ civilian intelligence and security services; – to support and assist the presidents of the European Council and Commission “in the exercise of their respective functions in the area of external relations. SITCEN was not primarily conceived as a sort of “intelligence hub” allowing an 42 easier exchange of intelligence products between Member States intelligence services. National security was, and is still, a reserved domain of Member States as underlined by Article 4 (2) TEU and they decide by themselves how to coordinate the work of their respective intelligence organisations. The creation of SITCEN was more an attempt to provide Javier Solana with the necessary intelligence support to allow him to perform his duties as High Representative. Those duties being of strategic nature, the kind of intelligence support Solana needed was also essentially strategic. The initial hope was that SITCEN could provide Solana with the consensus assessment of the European intelligence community, and, armed with this “consensus on the facts and tendencies”, the High Representative could more easily assist Member States to reach political consensus among themselves. At the time, some of the underlying assumptions were that: – Member States possessed significant intelligence capabilities; – to a certain extent, Member States’ capabilities were complementary (regional and thematic specialisation); – Member States would be ready to share with the EU a large part of what they knew; – better situation awareness and better understanding would necessarily translate into more efficient decision-making at EU level. SITCEN/INTCEN never had any clandestine collection capability of its own. 43 Although from the very beginning SITCEN was designed as an “all-sources” strategic analysis centre, it always stressed that its ability to reach to Member States’ intelligence agencies and receive from them sensitive information was what made it different from other analytical bodies in the EU institutions. SITCEN/INTCEN does not have either intelligence operatives or intelligence liaison officers around the world, in particular in EU Delegations. Although, exceptionally, SITCEN/INTCEN staff has been deployed for limited periods of time to EU Delegations and Missions, the Centre has been always very reluctant to explore the “grey area” of what could be labelled as “human collection” (HUMINT)33, even if conducted by non-clandestine means. Finally, it has no mandate to collect and database personal data34. SITCEN was established as a purely analytical centre and, despite its natural growth, internal reorganisations and changes in the reporting lines, fifteen years later the current INTCEN remains so. Initially, SITCEN was meant to support the Council’s Secretary General Javier Solana, 44 but also the Council itself and its working bodies. In practice, with the growth of its staff 32 A version of the Factsheet dated 5 February 2015 can be retrieved from the Statewatch site: http:// statewatch.org/news/2016/may/eu-intcen-factsheet.pdf (accessed 17 July 2017). 33 For a detailed discussion of the different intelligence collection disciplines, see Omand, Means and Methods of Modern Intelligence and their wider Implications, Part 1 Chapter 2, in this volume. 34 Rettman, Op.cit.

Palacios

215

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:15 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

and the expansion of its missions, SITCEN started providing support to other EU structures, in particular to the European Commission. The Council Decision establishing the EEAS placed SITCEN under the direct authority of the High Representative, although, in practice the operational control over SITCEN (INTCEN) fell on the shoulders of the EEAS “number two”, the Executive Secretary General. Apart from working for the High Representative and the EEAS structures, SITCEN (INTCEN) continued disseminating its products to a wide array of EU consumers, including the President of the Council, the President of the Commission, the Council and its working bodies, several Commission DGs, etc. In the field of Counter Terrorism, the CounterTerrorism Coordinator35, DG HOME, COSI, TWP and COTER are some of the main users of INTCEN intelligence. After the EEAS reorganisation of the summer of 2015, INTCEN’s work is coordinated by the Deputy Secretary General for CSDP and Crisis Response Operational Coordination, although the Centre continues sending written products and offering oral briefings to the same customers it used to serve until then. 45 SITCEN (the original name of INTCEN, until 2012) was established as a strategic analytical service and has mostly worked at that strategic level during its fifteen years of existence. Its main clients and customers (Member States’ Ambassadors, President of the Council, President of the Commission, High Representative, individual Commissioners, Counter Terrorist Coordinator, etc.) are strategic players and SITCEN/INTCEN’s flagship products are designed to support decision-making at strategic level. Typically, SITCEN/INTCEN analyses are periodic (frequently, six-monthly) or ad-hoc general assessments of the situation, with medium/long term estimates of its possible evolution. On a number of occasions, SITCEN/INTCEN has also tried to offer some intelligence support to certain EU operational activities, such as the conduct of CSDP missions or what could be called “operational diplomacy”36. However, there was always a problem with the kind of information that SITCEN/INTCEN possessed, as well as with the time necessary to receive new information if needed. Without any collection means of its own, SITCEN/INTCEN has always been very dependent on the information provided by Member States. An information which frequently arrived late and was too general for being useful at the operational level (for years, EU intelligence managers have spoken about a “gap” between supply and demand for this kind of information). As a result, William Shapcott had to admit in 2011 in the House of Lords that SITCEN could not go very far in that direction. 46 In 2006, in the framework of the post-Hampton Court process, the High Representative Javier Solana, proposed the establishment of a more effective situation and risk assessment capacity, combining the possibilities of the existing civilian and military intelligence assets. The idea was to bring together, in a functional way, the analytical capacities of both the EU Situation Centre (SITCEN) and EUMS INT, thus benefiting from a wider knowledge base for producing enhanced and more reliable intelligence. The Single Intelligence Analysis Capacity (SIAC) arrangement was signed the same year. Ever since, SITCEN and EUMS INT have been working in close cooperation to provide wide ranging all-source intelligence products. According to this arrangement’s provisions, one of the SIAC components is always taking the lead in the production process for a specific task. 35 See Kerchove/Höhn, The role of European Intelligence in Countering Terrorism, Part 2 Chapter 2, in this volume. 36 In diplomacy the “operational level” is “the level in foreign policy communities where practitioners plan, design, and conduct diplomacy to achieve objectives in the strategic national interest”. Ten Principles of Operational Diplomacy: A Framework by Paul Kreutzer, retrieved from http://adst.org/tenprinciples-of-operational-diplomacy-a-framework/(17 July 2017).

216

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:16 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. EU intelligence: On the road to a European Intelligence Agency?

The INTCEN experience had unintended consequences for the functioning of the 47 European (largely informal) intelligence community. The fact that representatives of foreign intelligence and security services from different Member States were working together under the same roof, in close cooperation with their military counterparts, made INTCEN a natural place for meeting and, in some cases, for exchanging information, for helping each other. Over the last few years, INTCEN has been frequently referred to as the “EU intelligence hub” and this is a role that INTCEN has been increasingly willing to play. For intelligence and security services, INTCEN was an interesting, although indirect, channel of participation in EU-level decision-making. For officials in the EEAS and other EU institutions, INTCEN was a gateway to the unknown world of the secret services, an intermediary that could give them some access to the treasure trove of classified information generated by the EU intelligence community. As a distinguished former EEAS diplomat used to say, “soldiers talk to soldiers, spooks talk to spooks…”. INTCEN is a very small intelligence asset, unable to work autonomously in all steps 48 of the intelligence cycle. First, the direction step is in the hands of a body external to INTCEN, the Intelligence Steering Board, chaired by the High Representative. Secondly, INTCEN does not have any specific collection capability of its own. Concerning the third step of the cycle, INTCEN has some limited possibilities to process information, with its main focus being on analysis. Finally, INTCEN, together with the EUMS INT, is able to decide on the dissemination of the SIAC production, on the basis of the instructions adopted by the Intelligence Steering Board or guidance received from the High Representative. For the dissemination of written intelligence products, the SIAC bodies rely on the assistance of the classified information services (registries) of the EEAS and other EU institutions.

II. EUMS INT37 The European Union Military Staff (EUMS) was established by Council Decision of 49 22 January 2001 as a Council Secretariat department subordinate to the European Union Military Committee (EUMC)38. Under the EUMC guidance, EUMS main initial mission was to support the Military Committee in situation assessment and military aspects of strategic planning. This concerned the full range of Petersberg tasks39, including all EU-led operations. Directly attached to the Secretary-General/High Representative, the EUMS was also meant to provide support, upon the request of the Secretary General/High Representative or the Political and Security Committee (PSC), to temporary missions in third countries or to international organisations. In the field of intelligence, it was established that, as regards crisis management, the EUMS would request and process specific information from the Member States’ Defence Intelligence Organisations and other available sources. The EUMS was originally structured along classical military lines, with five divisions: Policy and Plans; Intelligence; Operations and Exercises; Logistics and Resources; and Communications, Information, and Security40. 37 For more details see Rauwolf, Intelligence in EU-led military missions and operations, Part 2 Chapter 4, in this volume. 38 Council Decision of 22 January 2001 on the establishment of the Military Staff of the European Union (2001/80/CFSP). 39 See Masala/Scheffler/Corvaja, NATO Intelligence and Common Foreign and Security Policy, Part 2 Chapter 5, in this volume. 40 For details on the establishment of EUMS INT, see ANTUNES, “Developing an Intelligence Capability. The European Union”, in Studies in Intelligence, Vol 49, No. 4 (2005), pp. 65–70.

Palacios

217

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:16 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

In 2005 a new Council Decision41 reformed the EUMS in the light of the experience acquired during its first four years of functioning. In particular, the Council Decision clarified the strategic planning orientation of its activities when it defined EUMS missions as “to perform early warning, situation assessment and strategic planning for missions and tasks referred to in Article 17(2) of the Treaty on European Union, including those identified in the European Security Strategy”. Two of those three missions (early warning and situation awareness) were very closely related to the production of intelligence. Among the tasks defined in the Council Decision, it was specified that the EUMS “monitors potential crises by relying on appropriate national and multinational intelligence capabilities”. The Decision also included an organisation chart, where an Intelligence Division composed of three branches was identified. 51 A third Council Decision42 introduced in 2008 new changes, with Divisions being renamed as Directorates. On 1 January 2011, the EUMS was transferred to the new European External Action Service. At that time, the missions of EUMS INT were defined as “to provide Early Warning and Situation Assessment, to contribute to Advance Planning and to provide Intelligence for Crisis Response Planning, Operations and Exercises”43. EUMS INT was, thus, supposed to offer the whole range of intelligence services, from strategic assessments to operational level inputs, although its very limited means did not match such ambitious objectives. Usually, it does so by working closely together with INTCEN within the SIAC framework. EUMS INT part in this joint venture had been both to contribute military expertise to SIAC joint products and to take the lead for products of typical military nature, as it has been in Georgia (2008), Ukraine (2014), Syria (since 2011), etc. Apart from contributing to the common intelligence function the work of its analysts and the information received from Member States’ Defence Intelligence Organisations, EUMS INT Policy Division is in the lead for developing concepts and regulations for the whole EEAS Intelligence Support Architecture. 52 EUMS INT attaches a great importance to the relations with Member States’ Defence Intelligence Organisations. The EU military intelligence structure does not have its own collection capabilities and depends almost entirely on Member States’ intelligence contributions. Its work is based on the Co-operation Framework Arrangement for Intelligence Support to the EU (CFAIS), an informal agreement between EUMS INT and national Defence Intelligence Organisations, which provides the basis for intelligence exchange. This arrangement helps Member States to have a good understanding of the EU intelligence requirements and current intelligence gaps, and EUMS INT to obtain a good knowledge of the possibilities and problems of Member States. To facilitate this shared situational awareness, for years the Policy Branch had been organising Intelligence Directors Conclaves (IDC), annual meetings allowing informal exchanges on EU intelligence matters between the directors of Defence Intelligence Organizations in the Member States and the EU Military Staff. “In 2013, the IDC became the Co-operation Framework Arrangement for Intelligence Support to the EU (CFAIS), a forum where the heads of military intelligence services of EU Member States enter into binding agreements on intelligence support provided by the European Action Service, particularly for EU missions”44. 50

41 Council Decision 2005/395/CFSP of 10 May 2005 amending Decision 2001/80/CFSP on the establishment of the Military Staff of the European Union. 42 Council Decision 2008/298/CFSP of 7 April 2008 amending Decision 2001/80/CFSP on the establishment of the Military Staff of the European Union. 43 Haag and Bernardo Anaya, “The first ten years of military Intelligence Support for the work of the EU”, in Impetus 11 (Spring/Summer 2011), pp. 8–9. 44 Netherlands Defence Intelligence and Security Service, 2013 Annual Report, p. 18.

218

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:16 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. EU intelligence: On the road to a European Intelligence Agency?

III. EUROPOL45 EUROPOL is the law enforcement agency of the European Union46. Although it has 53 existed in different organisational forms since 1994, it was not until January 2010 when it was transformed into a EU agency by the Council Decision of 6 April 2009 establishing the European Police Office (Europol) (2009/371/JHA)47. The mission of EUROPOL is “to support and strengthen action by the competent authorities of the Member States and their mutual cooperation in preventing and combating organised crime, terrorism and other forms of serious crime affecting two or more Member States” (Article 3). Three of its defined tasks (Article 5) fall directly in the field of security or criminal intelligence: – to collect, store, process, analyse and exchange information and intelligence; – to provide intelligence and analytical support to Member States in connection with major international events; – to prepare threat assessments, strategic analyses and general situation reports relating to its objective, including organised crime threat assessments. There is a certain overlap between EUROPOL and INTCEN tasks and products, 54 particularly in the field of Counter-Terrorism. Clients show a clear preference for having a single consolidated version on every important subject and have repeatedly asked EUROPOL and EU INTCEN to work together. As a result, both structures cooperate regularly, although institutional rivalries between police forces and security services in some Member States, as well as the different attitude towards secrecy and national legal restraints in view of protection of personal data have precluded until now a deeper and more intense cooperation. INTCEN has an important role in several reports produced yearly by EUROPOL in 55 cooperation with national law enforcement agencies: the Terrorism Situation and Trend Report (TE-SAT), the Serious and Organised Crime Threat Assessment (SOCTA) and the Internet Organised Crime Threat Assessment (IOCTA). Apart from that, EUROPOL also publishes non-periodic analysis, generally without INTCEN participation48. Many of those reports are unclassified and can be easily accessed by stakeholders other than the EU institutions and Member States governments, which increases their impact on public opinion. For the SIAC bodies, INTCEN and EUMS INT, secrecy is a requirement of national security and a necessary characteristic of the work of intelligence organisations. For EUROPOL, however, secrecy very often has the function of safeguarding privacy and protecting the integrity of criminal investigations. This important difference in the respective professional cultures of INTCEN and EUMS INT, on the one hand, and EUROPOL, on the other, makes it sometimes difficult for those structures to cooperate as intensely as their common political masters would wish. 45 Gruszczak, Intelligence Security in the European Union: Building a Strategic Intelligence Community, Palgrave McMillan, 2016, P. 172 et seq. 46 For more details see: Ryder, European Criminal Intelligence, Part 3 Chapter 3, in this volume. 47 In 2016 the Council Decision of 2009 was replaced by a new Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/ 934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA. 48 As an example of this kind of products, the reader can access the report Changes in Modus Operandi of Islamic State (IS) revisited, released in November 2016. As many other EUROPOL products, this report is unclassified. https://www.europol.europa.eu/publications-documents/changes-in-modus-operandi-ofislamic-state-revisited (Read: 7 January 2017).

Palacios

219

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:17 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

IV. SATCEN 56

57

58

59

60

The European Union Satellite Centre (EU SATCEN) is a EU agency specialised in interpreting satellite imagery as well as geospatial intelligence in support of EU decision-making, particularly in the field of CFSP. It was founded in 1992 as the Western European Union Satellite Centre and incorporated as a EU agency in 200249. In June 2014, a Council Decision modified SATCEN’s mission, enlarging the list of potential users in order to align it with the recent evolution of CSDP50. The Centre is located in Torrejón de Ardoz, near Madrid (Spain). SATCEN has no collection capabilities of its own and its primary sources of imagery are commercial providers. By agreement with some Member States, it can also make use of governmental imagery: Helios-2 (France, Belgium, Spain, Greece), SAR-Lupe (Germany), COSMO-SkyMed (Italy) and Pléiades (France). Contextual information (basic intelligence, political situation, etc.) is obtained from open sources or provided by EU intelligence structures, other EU institutions and agencies and, exceptionally, by external partners51. In 2015, SATCEN released 1348 products of various levels of classification to a large community of customers. Its main partners, the EU Military Staff, the EU Intelligence and Situation Centre (INTCEN) and the Civilian Planning and Conduct Capability (CPCC), belong all to the EEAS. Other important customers are CSDP missions and operations, the European Commission and some EU agencies (particularly, FRONTEX). Third states and international organisations like the United Nations, OSCE and the Organisation for the Prohibition of Chemical Weapons (OPCW) can also request the support of the Centre. All Member States receive the whole of SATCEN production, which is particularly important for smaller countries, unable to operate similar facilities of their own. Over the last few years, demand and production have been steadily rising, as a result of the intensification of Member States tasking as well as the request for support to international organisations. SATCEN describes itself as a “unique operational asset”52 and is, indeed, stronger at the operational than at the strategic level. SATCEN’s reports in support of strategic intelligence are usually produced at the request of the SIAC bodies (INTCEN and EUMS INT). Those reports are crucially important in the field of counter proliferation and may also be useful when some verification of the situation in the field can have strategic value. At a lower level, some good examples of SATCEN’s operational production are the analyses of military activity and equipment to support the OSCE Special Monitoring Mission to Ukraine (SMM Ukraine), or the monitoring of coastal activity and external border activity related to the migration crises (in support of FRONTEX)53. SATCEN is an intelligence structure specialised in the processing step of the cycle. A cycle that works independently from those in the EEAS or EUROPOL, although it is loosely connected to them. The Direction step is in the hands of the SATCEN board 49 Council Joint Action of 20 July 2001 on the establishment of a European Union Satellite Centre (2001/ 555/CFSP). 50 Council Decision 2014/401/CFSP of 26 June 2014 on the European Union Satellite Centre and repealing Joint Action 2001/555/CFSP on the establishment of a European Union Satellite Centre. 51 For more details on SATCEN, please see EU Satellite Centre, Annual Report 2015, Publications Office of the European Union 2016, p. 10. 52 Ibidem, p. 9. 53 Ibidem, p. 14–15.

220

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:17 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. EU intelligence: On the road to a European Intelligence Agency?

that approves its annual long-term working programme. Additionally, the High Representative can also authorise SATCEN to provide services to customers outside the CFSP frame if the Centre has enough resources for it. In some cases, but not always, SATCEN products feed the SIAC analytical process. SATCEN products are relatively easy to use by the EU for the purposes of strength- 61 ening international cooperation. Some of the reasons are: – Products are based on commercial imagery and can usually be released at unclassified or EU Restricted level, which makes it easier to share with outside partners; – SATCEN products can be made available very quickly, which represents a comparative advantage in the rapidly evolving situations typical for CFSP and, particularly, CSDP. Because of the necessity of requesting and receiving specific Member States’ contributions, the reaction time for the SIAC bodies, INTCEN and EUMS INT, are usually much longer; – SATCEN products do not contain political analysis, so that SATCEN is not perceived as a potential competitor by the policy-making community in the EU institutions and Member States.

V. FRONTEX FRONTEX is a EU agency with headquarters in Warsaw (Poland) and has been in 62 existence since 200454. Border control is the exclusive responsibility of Member States, and FRONTEX role consists in building the capacity of Member States in areas related to border control (training, best practices), as well as in providing them with additional human and technical means whenever a crisis situation develops in such a way that the national resources of a given country (or group of countries) are insufficient to cope with it. Although intelligence is not at the centre of FRONTEX activities, the agency produces intelligence in support of its own operations, of Member States and of the EUlevel decision-making in matters related to border control. At the strategic level, FRONTEX contributes to the EU-wide situational awareness 63 and risk analysis in the field of border control55. Once an area of weakness in relation to the management of the EU external border has been identified, FRONTEX provides advice on how this weakness could be remedied. FRONTEX brings together the information collected by its own means and information received from a wide range of different partners: EU agencies (particularly, SATCEN and EUROPOL), other members of the EU family (DG HOME and other parts of the European Commission, EEAS, EASO, EUROSTAT, etc.), border authorities of Member States, non-EU countries, international organisations (UNHCR, IOM, EUROPOL), think tanks, academia and the media. A large proportion of FRONTEX strategic products are unclassified and freely available. At the operational level, FRONTEX pays attention to the daily developments in the 64 areas of its joint operations at the external borders. Information collected by its own means is supplemented by information contributed by Member States’ coordination 54 A new legal regulation for FRONTEX was adopted in 2016. See Regulation (EU) 2016/1624 of the European Parliament and of the Council of 14 September 2016 on the European Border and Coast Guard and amending Regulation (EU) 2016/399 of the European Parliament and of the Council and repealing Regulation (EC) No 863/2007 of the European Parliament and of the Council, Council Regulation (EC) No 2007/2004 and Council Decision 2005/267/EC. 55 See, for instance, “Council conclusions on migrant smuggling”, 10 March 2016. http://www.consilium.europa.eu/en/press/press-releases/2016/03/10-council-conclusions-on-migrant-smuggling/(read 2 August 2016).

Palacios

221

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:18 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

centres, third countries, international organisations and media. In some occasions, intelligence produced by SATCEN may be of crucial importance in support to FRONTEX operational activities. 65 FRONTEX intelligence cycle is self-standing. Because of classification problems, FRONTEX has difficulties to receive information from other EU intelligence bodies, such as INTCEN and EUMS INT. On the other hand, personal information collected by FRONTEX can be shared, with the appropriate safeguards and guarantees, with EUROPOL, but not with the SIAC bodies (INTCEN and EUMS INT), whose mandate does not cover personal investigations. INTCEN Director has repeatedly stated that the Centre is not collecting nor storing personal data. Currently (2016–2017), FRONTEX and EUNAVFOR MED operation SOPHIA are sharing personal information in the framework of the fight against illegal migration to Europe. A liaison position has been established to that end.

VI. EU ISS The EU Institute for Security Studies (EU ISS) was set up as an EU agency in 2002 and is based in Paris. The Institute had been originally established in 198956 with the aim of stimulating academic research on European security. Currently, its activities are regulated by the Council Decision 2014/75/CFSP of 10 February 2014 and one of its main missions is the “conduct of policy-oriented analysis, information, dissemination and debate”, in particular by becoming the natural “interface between the Union institutions and the world of external experts, including security actors”. 67 The EU ISS does not consider itself an intelligence asset, although its production contributes to a significant degree to the EU strategic situation awareness and strategic early warning. As Björn Fägersten has rightly pointed out, the EU ISS carries out longterm analyses, which is one of the main tasks of strategic intelligence. Furthermore, since Director Dr. Antonio Missiroli, assumed office in 2012, the EU ISS has made an effort to attune its analysis closer to the needs of the CFSP main actors, in particular, the EEAS57. The EU ISS has participated in the development of the EU Global Strategy58, published strategic reports (six in 2015, seven in 2016, for instance) and an important number of shorter-term briefs and alerts. Its products are unclassified and, what would not be usual in the intelligence world, target the international expert community as well as public opinion at large. But the EU ISS can also work more directly in support of EU institutions (on cyber capacity-building, hybrid threats, and the strategic environment, for instance). By organising seminars, workshops and other similar activities, it can transmit their analyses to the institutions in a non-conventional, but rather modern and effective way59. 66

VII. A WIDENED COMMUNITY 68

At the strategic level, intelligence is almost synonymous with “sense making”. EU decision-makers not only take advantage of the production of the EU intelligence 56 Décision ministerielle rélative à la création d’un “Institut d’Études de la Securité de l’UEO”, Bruxelles, 13 November 1989. http://www.cvce.eu/content/publication/2008/6/30/393ce01a-b38a-412fbed4-cba6e62862dc/publishable_fr.pdf Read 3 August 2016. 57 Fägersten, “Intelligence and decision-making within the Common Foreign and Security Policy”, SIEPS, European Policy Analysis (2015), p. 4. 58 Missiroli (ed), Towards an EU Global Strategy, EUISS, 2015. 59 See EU Institute for Security Studies, 2015 Activities Report, EUISS 2015, pp. 7–8.

222

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:18 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. EU intelligence: On the road to a European Intelligence Agency?

structures, but also of many other EU means that contribute to make sense of apparently contradictory information in complex situations. The European Societal Security Research Group (Stockholm University, Swedish National Defence College, etc.) keeps track of (hopefully) all EU sense-making systems and in the summer of 2016 counted as many as 84 of different institutional affiliation. Many other bodies, which are not linked institutionally to the EU, but, nevertheless, help to shape the perceptions of EU decision-makers could also be added. Newspapers, opinion leaders, blogs, journals, think tanks, lobbies… all of them are part of what could be called the “EU expanded intelligence community”. EU institutions are aware of the existence of this alternative “expanded community” 69 and the important role that some of its members play in strategic decision-making. Different outreach programmes try to associate elements of the expanded community to the official assessment process and to establish collaborative relations to the benefit of all participants. As an example, the EU Conflict Early Warning System60 was developed with the engagement of academics, analysts and civil society organisations. Working together may be relatively simple in some cases, but it becomes more difficult when cooperation implies some degree of access by external partners to classified information. Given that intelligence structures such as INTCEN or EUMS INT mostly work in a classified environment, cooperation with academic institutions and other civil society partners is mostly unilateral, with outsiders contributing their knowledge and hoping to obtain in exchange some degree of indirect influence on EU decision-making. In this section the different elements of the EU intelligence community have been 70 sketched out. A community that does not formally exist, but is nonetheless able to effectively perform intelligence functions in support of EU strategic decision-making and, in an imperfect way, to the benefit of operational activities of particular EU institutions and agencies61. A loosely structured community without fixed membership, common rules of the game or a conceptual base accepted and respected by all. A community where the existence of a common strategic client, the Council, is the main element of cohesion.

D. Perspectives of EU intelligence I. A question of models As it has been seen in the previous sections a multiplicity of intelligence structures 71 (or, to be more precise, of structures which can carry out intelligence functions) give support to different EU actors involved in decision-making at strategic level. And now it could be hypothesised that the intelligence support system’s architecture is in some way related to the institutional architecture of the Union and to the formal and informal rules by which decisions are made. Given that European construction is still work in progress, that institutions and procedures are in continuous evolution, it could be asked how this ever changing environment is influencing and may influence in the future the role of intelligence in the EU, as well as the way intelligence support is organised in 60 European External Action Service, Factsheet EU Conflict Early Warning System, September 2014. Retrieved from https://eeas.europa.eu/sites/eeas/files/201409_factsheet_conflict_earth_warning_en.pdf (18 February 2017). 61 For a more detailed explanation of this argument, please see Gruszczak, Intelligence Security in the European Union: Building a Strategic Intelligence Community, Palgrave McMillan 2016.

Palacios

223

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:19 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

order to better assist EU clients and customers. This big question can be split into some more precise ones: – Is intelligence widely accepted in the EU as a useful tool in support of policy making and policy implementation? – Can national models of intelligence organisation and management be easily adapted for their use in the EU? – In particular, is the model of “intelligence community”, which has existed in the US for decades and has been more recently adapted by some EU Member States, an effective way of managing diversity at EU level? – If so, should a future EU intelligence community replicate the institutional architecture of the EU in order to better adapt to the structure of the EU decision-making system? – Should EU intelligence exist only at the strategic level? Alternatively, do institutions have any room for developing operational and tactical-level intelligence structures in the frame of the Treaties? – Is it possible and necessary to form an EU-wide single intelligence agency? If so, how would such a single agency look like? 72 The concept of intelligence has been gradually accepted in the European institutions. It is true that for years there was some resistance in EU circles to use the “i-word”, probably because of its perceived close association with clandestine collection and cover action. Intelligence was something that could be practised by Member States, something the results of which should be shared with other Member States and with the institutions, but definitely not an activity in which EU institutions could be directly involved. In a report to the European Council issued on 15 November 2001 (the “foundational act of SITCEN”)62 the then High Representative Javier Solana referred to intelligence precisely in this sense, as sensitive material produced by Member States that European institutions would like to be allowed to use, not as something the institutions would aspire to elaborate themselves. And for years the main EU civilian intelligence body, the EU Situation Centre, was mostly seen by many decision makers as a sort of fusion centre, where contributions from Member States were collated and synthesised. The very name of this body, EU Situation Centre, did not include the word intelligence and suggested that the Centre’s main function was situational awareness. This started to change in the last years of Solana’s incumbency and has continued changing after the establishment of the EEAS in 2011. The EU Situation Centre was renamed EU Intelligence Analysis Centre (2012) and, later, EU Intelligence and Situation Centre (2015). Intelligence matters have been included in the EEAS common training programme and the word “intelligence” can be found regularly in the Council documents. Intelligence has been finally accepted as an important tool in the toolbox of European construction. 73 Once the idea that intelligence has an important role to play in support of EU-level decision making has been generally accepted, the question arises as in which way this intelligence support can be best organised. And, in principle, two main models are possible. A single intelligence agency with a legal status similar to that of other EU agencies (EUROPOL, FRONTEX, etc.) could eventually be created. This is a possibility that has been often raised, particularly by medium and small Member States after a serious geopolitical crisis or a particularly vicious terrorist attack63. Alternatively, a 62 Report by the Secretary General/High Representative to the Council on Intelligence Cooperation (SN 4546/1/01 REV1), dated 15 November 2011. 63 Guy Verhofstadt, the former Belgian Prime Minister, said in 2015 after the Charlie Hebdo attack that the EU should “create a fully-fledged EU intelligence agency, a Eurintel. (…) In all major terrorist

224

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:19 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. EU intelligence: On the road to a European Intelligence Agency?

formal or informal community could play a similar role, which would have some advantages and disadvantages. This community could be built around a coordinating body (maybe around one component endowed with coordinating functions) or could be organised as a network where the nodes are not arranged hierarchically. Most big and some medium-sized democratic countries adhere to the community model, as it shows good cost-effectiveness and adapts well to the complexity of democratic decision making. In any case, in the same sense as the EU is a new type of international subject, which behaves in the international arena in ways different from those used by national states, it is very questionable whether in the field of intelligence organisational models taken from national experience can also be useful at EU level. If intelligence is a service provided to decision makers, it could maybe be expected that every important decision maker will have its own intelligence support and that the EU-wide intelligence system (community) will replicate, to a certain extent, the structure of the EU decision-making process. Needless to say, the landscape will look differently depending on the height of the 74 observation. The lower one flies, the easier it will be to find a suitable model. At tactical level, some departments can establish their own intelligence units, that is, units specialised in processing information to create knowledge, in the framework of their mandates and applicable legal rules. And they are doing so, although the “i word” is not necessarily used in the official names of such units. Particularly interesting, however, is the case of strategic intelligence. Because it is precisely at the strategic level where a real EU-wide decision-making system exists. In the rest of this section focus will be precisely on the strategic level of EU intelligence.

II. A EU intelligence agency? The idea of creating a EU intelligence agency is almost as old as the CFSP and 75 discussions on this issue have resurfaced every time Europe has been confronted with a major crisis affecting the security of the continent, such as those created by the recent terrorist attacks in Paris and Brussels, or by the massive influx of refugees from Africa and the Middle East. For the most radical European federalists, a common EU intelligence agency is a necessary component of the federal state they aspire to build or, at least, a step towards greater federalisation of Europe64. For some pragmatists, a EU intelligence agency would be an adequate answer to a number of challenges our societies are facing with increasing frequency, challenges across national borders requiring EUattacks over the past 10 years, the perpetrators were known, but we haven’t worked together as effectively as we could”. Nielsen, “No new mandate for EU intelligence centre”, in EU Observer, 6 February 2015. Retrieved from https://euobserver.com/justice/127352 (6 February 2015). Two years earlier, the EU Justice Commissioner Viviane Reding, a Luxembourgish politician, had said that “the Union should create its own intelligence service by 2020”. Rettman, “EU should create own spy agency, Reding says”, EU Observer, 4 November 2013. Retrieved from http://euobserver.com/justice/121979 (5 November 2013). 64 In September 2016 the Chairpersons of the Parliaments (Lower Chambers) of Italy, France, Germany and Luxembourg adopted a joint declaration under the title “Greater European Integration: The Way Forward”. In the declaration it was said that the Brexit offered “an opportunity to move forward with European political integration, which could lead to a federal union of States” and that the integration process “include all matters pertaining to the European ideal ‐ social and cultural affairs as well as foreign, security and defence policy”. Although intelligence was not explicitly mentioned, it was clearly covered by the reference to “security”. Retrieved from http://www.camera.it/application/xmanager/projects/leg17/ attachments/shadow_mostra/altro_file_pdfs/000/024/057/Rome_Conference_on_Europe_Declaration_ EN.pdf (18 July 2017).

Palacios

225

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:20 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

76

77

78

79

wide collective action65. Most such debates end with the conclusion that in the current institutional and political environment it is not possible to create a single intelligence agency for the EU. Very often the conclusion is even more radical. For many intelligence professionals, decision-makers and scholars the single intelligence agency will never be possible. And, perhaps, it will even be undesirable. As it has already been seen, the very concept of intelligence is unclear in Europe, so that it is not surprising that there is no generally accepted definition of what is an “intelligence agency”, what are its functions, organisation, dependence and authority. In practice, an intelligence agency is an organisation recognised as such by the law of its own country, by other intelligence agencies (through the establishment of bilateral relations or the common belonging to networks or clubs of intelligence agencies) or by the academic community. There are agencies such as the CIA that are able to work and deliver in all four/five steps of the intelligence cycle and also have the capacity to carry out covert actions. There are agencies without any covert action function, working exclusively in the field of information collection and knowledge building, but able to develop all the steps of the cycle. Finally, there are also agencies specialised in only one step of the cycle. In the US, for instance, the Bureau of Intelligence and Research -INR- is a purely analytical intelligence agency. Despite the enthusiasm of some politicians, EU officials and scholars, the intelligence professionals have generally been against the idea of a single EU intelligence agency, and the argument most frequently used by them is that, according to the Treaty on the European Union, as amended by the Lisbon Treaty of 2007, “national security remains the sole responsibility of each Member State” (Article 4(2)). But the Treaty itself does not define what should be understood under “national security”66 and national definitions, whenever they exist, are not necessarily identical67. In common use, the notion of national security mostly includes matters such as those related to the military defence from foreign powers, but also protection from espionage and particularly serious criminal activities, including terrorism. Today, the most extended interpretation of this legal provision, particularly among high-ranking European intelligence professionals, is that the Treaty on European Union effectively precludes the possibility of establishing a European intelligence agency in the future. In the current legal framework, it would be very difficult to create a European agency capable of collecting information by special or clandestine means. This type of collection requires adequate legal regulation and efficient mechanisms for judicial and parliamentary control. Particularly, but not only, concerning internal security intelligence. Such regulation, such mechanisms exist in the Member States, but not at the EU level. And within the framework of the current Treaty, it seems unlikely that they can be created. However, there should be no legal problem to establish under EU institutions, missions or agencies specialised bodies (units) for non- clandestine intelligence collection, processing and analysis. Such bodies can or cannot be labelled as “intelligence” depending on the definition of intelligence that we accept. A second important problem is that of the “client”, which, in EU conditions, is not always easy to identify. In national states, particular intelligence agencies do not support “the government” as a whole, but concrete participants in the decision-making process. 65

Viviane Reding’s and Guy Verhofstadt’s remarks (fn. 61) were made from a pragmatic perspective. Please see Sule, National Security and EU Law Restraints on Intelligence Activity, Part 4 Chapter 2, in this volume. 67 As a matter of fact, according to the findings of a study commissioned by the LIBE Committee (European Parliament), “the concept of ‘national security’ seems to be either absent from, or very loosely defined by, EUMS’ legal systems”. See Bigo et alt., National security and secret evidence in legislation and before the courts: exploring the challenges, DG HOME, p. 34. 66

226

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:20 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. EU intelligence: On the road to a European Intelligence Agency?

In countries with only one intelligence or security agency, the “client” is usually at the top of the state hierarchy: the head of state or government. In more sophisticated government systems there may be several agencies each supporting a different top level decision-maker or government department. In the US, for instance, the CIA is primarily focused on producing intelligence for the President, the DIA for the Secretary of Defence, the INR for the State Secretary, and the CGI (Coast Guard Intelligence) for the Coast Guard. If we translate this approach to European conditions, we would find it difficult to establish an intelligence agency supporting the EU as a whole, or even its top-level decision-makers, simply because in such complex decision-making system as that of the EU, their identification would be highly problematic. The apex of the pyramid is occupied by the European Council, that is, by Member States that are already supported by their own intelligence systems. However, from this point of view there should be no major problem for establishing intelligence structures in the European External Action Service or the European Commission. Both institutions assist Member States to take decisions in matters related to European security (CFSP and Justice/Home Affairs, in particular) and have a leading role in their implementation. An intelligence body working directly for them would clearly improve the knowledge available to both, which should help them to perform their important role. In this sense, although it is clear that there is no EU-wide intelligence agency so far 80 and it seems very unlikely that it can be established any time soon, we already have several EU intelligence bodies. All the structures listed in Section C can be considered as such.

III. The EU intelligence community As it has been seen in the previous sub-section, creating a single intelligence agency 81 for the European Union is not really an option today. On the other hand, we have also seen that different EU actors already have what could be called “intelligence assets” at their disposal, or at least would be able to set them up. However, none of those assets is really autonomous, in the sense that none is able to develop by its own means all the four/five steps of the intelligence cycle (process). Then again, most of the existing intelligence assets (and those that could eventually be established) are relatively specialised and work mostly for the benefit of concrete stakeholders, rather than for the EU decision-making process as a whole. A EU-level intelligence community would eventually allow the whole of the EU to take advantage of all the existing intelligence assets and make them work in an integrated way, in support of a single and comprehensive decision-making process. Easier said than done, however, as having a wellfunctioning EU intelligence community requires to solve first a series of practical problems. To begin with, there is a conceptual problem and a problem with the model to follow. 82 In the same way as some people may reject the very idea of an entity such as the EU, which is not a nation-state, possessing its own intelligence agencies68, some others would argue that a real intelligence community is not conceivable outside the framework of the nation-state. According to this view, at the EU level there is, of course, intelligence cooperation (international cooperation), but there should not exist any real intelligence 68 Robert Gerald Livingston has written that “one reason for institutional tight-fistedness is that intelligence collection, analysis, and exchange remain the most proto-national of a country’s activities”. As cited by Dan Bisbee, “Sharing Secrets. Trends in European Intelligence”, retrieved from http:// danbisbee.blogspot.com/2004/01/how-much-intelligence-is-there-in.html (17 May 2012).

Palacios

227

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:20 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

community. Simply because the sense of common interest, the feeling of deep solidarity that makes mutual trust possible even in closed environments like the intelligence profession are achievable in a nation state, but not yet in a (still amorphous) supranational structure such as the EU. At the end of the day, this school of thinking would argue, the small EU intelligence assets are critically dependent on contributions from Member States’ agencies, and the latter have no other loyalty than to their own countries. In other terms, the EU common institutions cannot expect to receive from them any help other than what Member States themselves consider is in their particular interest. 83 Some elements of community do, however, exist. On the one hand, given that the European Council is the central institution of the European Union, decisions by the Council translate into tasks for the different members of the EU family (institutions, agencies…), including their intelligence assets. This ensures a certain coherence of the direction of intelligence activities at EU level. For instance, in the field of counterterrorism, the Council gave green light to the creation of a CT task force within SITCEN in 2004 and has institutionalised a system of strategic reporting with contributions by EUROPOL and INTCEN (SITCEN), under the lead of the former. At a lower level, the EEAS has created a sophisticated system (the Intelligence Support Architecture) to coordinate intelligence support, mostly in the field of CFSP. In its area of competence, DG HOME has also done similarly when it has defined methodologies for assessing money laundering, aviation security, etc, with intelligence contributions coming from INTCEN, EUROPOL, Member States and the financial intelligence units. Informally, the different EU intelligence assets share the kind of collaborative culture that characterises the institutions and, in a natural way, tend to cooperate among themselves and with other EU actors. 84 National intelligence agencies are an important part of the widened EU intelligence community and participate in different ways in the common work: – Through their involvement in different coordination structures and activities, such as the CFAIS (EUMS INT) or the INTCEN Conference; – through the EU-related tasks received from their own national clients; – through their membership of non-EU intelligence clubs, forums and coordination structures at European or regional level. The best known of such structures is the Counter Terrorist Group (CTG)69. 85 The EU informal intelligence community is even wider. Although some of the elements we will list below would not accept that they are part of any “EU intelligence community” and others will even reject the very idea that their activities are intelligence or have anything in common with intelligence, they may be regarded as parts of an intelligence system in the sense that all of them willingly contribute to the best information of EU decision-makers, much in the same way as Member States’ intelligence agencies and EU intelligence assets do. Parts of this informal network are: – Bilateral exchanges with the United States and the US agencies. For many European countries such exchanges provide an important part of the intelligence collection they need; – NATO intelligence structures: the new Assistant Secretary-General for intelligence and security, the NATO Intelligence Fusion Centre, the IMS Intelligence Division, the Intelligence Unit, etc. Most EU members also belong to NATO and both organisations are committed to work together in order to avoid duplications and inconsistencies; 69 For more details see: de Kerchove/Höhn, The Role of European Intelligence in Countering Terrorism, Part 2 Chapter 2, in this volume.

228

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:21 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. EU intelligence: On the road to a European Intelligence Agency?

– bilateral exchanges with Western countries belonging neither to the EU nor NATO; – exchanges with strategic partners and other third countries; – academic institutions and think tanks; – media, as well as centres, institutions and firms specialised in processing open sources. For the time being, there seems to be little alternative to the community model for 86 organising the EU intelligence system. And, because of the complication of EU decisionmaking, the heterogeneity of the eventual members of the community and the lack of solid commitments to cooperate, as the ones we can see at national level, the EU-level intelligence community will be partly informal and will have a variable geometry. In such circumstances, it seems important that at least one component of the community, if possible attached to the centre of EU decision making (that is, the Council) can play some kind of, probably informal, coordinating role. This component might be a special coordinating unit (with, perhaps, a certain analytical capacity of its own) or one of the intelligence production assets. An excellent example of the first solution would be the JIC in the UK. Concerning the second, we have the US system before a Director of National Intelligence was appointed in 2004, with the all-sources agencies (mostly the CIA, but also the DIA and the INR) drawing on the resources of the whole community to prepare products in support of their priority clients (the President, the Secretary of Defence and the State Secretary). Both the JIC and the INR have been mentioned as possible sources of inspiration for the SITCEN/INTCEN, generally recognised (together with its military counterpart, EUMS INT) as the cornerstone of the EU-level intelligence system.

IV. Models: the JIC The British intelligence model has strongly influenced the development of EU 87 intelligence and, in particular, of its most conspicuous element, the SITCEN/INTCEN. SITCEN’s first Director William Shapcott was familiar with the functioning of the intelligence and assessment system in the UK and, in agreement with the first contributing intelligence agencies, introduced some characteristic elements of the British system in the structure and working practices of SITCEN. By his own assertion, SITCEN “was a bit like the JIC or the assessment staff but in a more modest way”70. A EU intelligence community based on the JIC model would not be strictly regulated and would have at its core an analytical centre able to integrate contributions from all the different intelligence and information structures, both at EU-level and in the Member States, but also from policy staff. The British system and practices have been particularly influential in the develop- 88 ment of EU intelligence and there are good reasons for that, with the UK at that time being a EU Member State, British models were perceived as part of Europe’s common culture and had thus a clear advantage over their American equivalents. On the other hand having English become in practice the working language of the European institutions, British models are more easily accessible than any of their continental alternatives. Last, but not least, some key people in the development of the EU intelligence system (notably, William Shapcott, SITCEN’s first Director, and Catherine 70 Evidence given by William Shapcott before the Select Committee on the European Union, House of Lords, on 6 December 2010. Retrieved from http://www.parliament.uk/documents/lords-committees/eusub-com-f/ISS/cEUF061210ev2ISS.pdf (23 January 2017).

Palacios

229

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:21 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

Ashton, the first High Representative after Lisbon), as British citizens, were familiar with the structure and work of the UK intelligence community. Under such conditions it is not surprising that an official British explanation of the functioning of the JIC could also be used for describing the role of SITCEN/INTCEN in the EU-level assessment process: “The JIC is supported by the Assessments Staff, which consists of a range of analytical staff seconded from various departments, services and disciplines. It is responsible for drafting all‐source assessments of strategic issues and issues of current concern, and providing warnings of threats to British interests. Its staff draws on a range of reporting, primarily from the Agencies but also including UK diplomatic reporting and open source material. The Assessments Staff work closely with the Agencies and other Government departments in analysing and interpreting the reporting”71. 89 As former Security and Intelligence Co-Ordinator in the Cabinet Office Sir David Omand has stated, the “Joint Intelligence Committee or JIC has for over 60 years had the responsibility of producing predictive strategic judgements for the highest levels of Government. The key senior policy officials from the Cabinet Office, FCO, MOD, Home Office, HM Treasury, DTI etc are JIC members as well as the intelligence professionals and all have to dip their hands in the blood of the collective judgments, however unwelcome they may be.”72Much of this could also be said to apply to the role of SITCEN/INTCEN in EU-level decision-making. Although Omand claims that the “JIC process is (…) unique around the world”73, many of its most salient features have been replicated in SITCEN/INTCEN: – All-source approach; – intelligence professionals and decision-makers working together; – search of consensus in the intelligence-policy community. 90 As Philip Davies has recently reminded, the SIAC (INTCEN and EUMS INT) operating model is based on the JIC74. On the one hand, SIAC’s flagship products, the strategic level “intelligence assessments”, are conceptually similar to the JIC’s assessments and are written in a very similar format. Furthermore, working procedures are also inspired, at least in part, by those used in the JIC. From the moment of SITCEN’s creation, analysts leading a project were expected to draw on contributions received from Member States intelligence agencies, most of them of an analytical nature, and to discuss findings and conclusions with other SITCEN and EUMS INT colleagues, but also with counterparts in several policy-making bodies (Council’s General Secretariat, European Commission, other institutions or agencies). Once the final draft was ready, counterparts were usually invited to a drafting meeting and, although the consensus was not formally necessary, analysts were encouraged to try to reach it by incorporating suggestions from all participants. Such rules of the game are still in use within the SIAC. 91 The question arises whether it is possible to adapt this characteristic element of the British administrative culture to a completely different environment, the EU, where formal and informal procedures for decision-making are substantially different. As Stephen Marrin has pointed out, in the case of Britain “integration of the analysis into decision making is facilitated by the collegial and collaborative aspects of British national 71

UK Cabinet Office, National Intelligence Machinery, 2010, pp. 23–24. Omand, “Reflections on Secret Intelligence”, lecture at Gresham College, 20 October 2005. Retrieved from http://www.gresham.ac.uk/print/1891 (19 May 2012). 73 Ibidem. 74 Davies, “UK security will both gain and suffer from Brexit. The EU will only lose”, in LSE Brexit blog, 7 November 2016. Retrievable from http://blogs.lse.ac.uk/brexit/2016/11/07/uk-security-will-both-gainand-suffer-from-brexit-the-eu-will-only-lose/(10 November 2016). 72

230

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:22 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. EU intelligence: On the road to a European Intelligence Agency?

security decision making”75. The EU environment is competitive rather than collaborative, with Member States fighting for influence, trying to be able to impose their own preferences. Officials seconded by Member States, as most EU INTCEN and EUMS INT analysts are, may in some occasions feel that their duty is to defend national interest by all means available to them, including, in the case of intelligence officers, the defence of an analytical line (a narrative) basically supportive of their own countries’ political objectives. Unlike what is the case in the United Kingdom, INTCEN’s rules emphasising consensus are not necessarily conducive to an integrative result. On occasions, such rules might be used by Member States to prevent that a message contrary to their preferred line of action finds its way to the final version of the assessments.

V. Models: the INR There is, however, a second option for structuring a community. If it is not possible 92 to set up a proper coordination body, then the alternative is to make one of the intelligence agencies play a similar role, although in a more simplified way. That was the system adopted in the United States in the National Security Act of 1947, with a new agency, the CIA, working directly for the President through the National Security Council and being located thus at the very centre of the decision-making and intelligence systems. With some frequency, European enthusiasts of intelligence integration have demanded the creation of nothing else than a European CIA, although this model would be almost impossible to replicate in the EU current legal and institutional framework. Clandestine collection and covert actions, two of the central missions of the CIA, cannot be carried out by European common bodies (agencies) in the absence of appropriate legal basis and suitable mechanisms for supervision. That is why on some occasions another US intelligence agency, the State Department’s Bureau of Intelligence and Research (INR), has been mentioned as a possible model for the EU INTCEN and, in general, for common European intelligence bodies (agencies)76. The Bureau of Intelligence and Research, better known by the acronym INR, is the 93 intelligence agency of the US State Department. Frequently praised by the high quality of its products77, INR conducts all-source analysis based on diplomatic information, open sources and intelligence produced by other parts of the intelligence community. A purely analytical body, INR is not allowed to engage in clandestine activity. The analytical staff is composed of civil servants, often with academic background, and career diplomats who usually have spent one or several diplomatic tours in the country or region they are focusing on at INR. A blend not very different from the one we can find in INTCEN. Because of its relatively small size, its staffing model and the sources it uses, INR 94 could be a practical model for INTCEN. Being part of the EEAS, INTCEN has the 75 Marrin, “At Arm’s Length or At the Elbow?: Explaining the Distance between Analysts and Decisionmakers”, in International Journal of Intelligence and CounterIntelligence 20 (2007), p. 407. 76 See, for instance, Jeffreys-Jones, In Spies We Trust, Oxford University Press 2013, p. 226: “SITCEN resembled Britain’s JIC and the US Department of State’s Bureau of Intelligence and Research (INR)”. Or, more recently, Gros-Verheyde, “L’IntCen… le lieu des échanges … d’analyses Top secret”, in blog Bruxelles 2, 21 January 2015. Retrievable at http://www.bruxelles2.eu/2015/01/21/que-fait-lintcen-europeen/ (20 November 2016): “Nous ne sommes pas la CIA. Si on veut nous comparer, ce serait plutôt à l’INR”. 77 There are plenty of examples of praising the INR. For instance, Best Jr., Intelligence Issues for Congress, CRS Report for Congress, 12 July 2006; Rood, “Inside the one spy agency that got pre‐war intelligence on Iraq – and much else – right”, in Washington Quarterly January/February 2005; Ignatius, “Spy World Success Story”, in Washington Post 2 May 2004.

Palacios

231

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:22 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

advantage that it can rely on the information gathered by the well-developed network of EU diplomatic representations, as well as crisis management missions and operations around the world. And this is, generally, high quality information, very well adapted to the needs of CFSP. As Tom Fingar, the former head of INR, has written, “most analysts like diplomatic reporting – one always knows where it came from and that the person conveying the information wanted it to be made available to the U.S. Government. That did not necessarily ensure that it was accurate, but it did reflect what the individual or organization involved wanted U.S. officials to hear”78. 95 In practice, the adaptation of the INR model to the EU would be rather difficult. Although in some important Western countries, such as the US, Australia, Japan or Israel, the respective Ministries of Foreign Affairs have their own intelligence analysis agencies, this is not the case in Europe. In most EU countries, foreign political analysis is clearly separated from intelligence and is performed by diplomats. In the UK, the FCO has a Research and Analysis Department, but, unlike the INR, is not part of the intelligence community and is not independently represented in the JIC. For many European diplomats, INR-like products are not really necessary as in their perception such products duplicate the analytical work they already do. From their point of view, the role of intelligence would be to supplement the work of diplomats with what diplomats themselves cannot gather by their own means. That is, with secrets. 96 But even if the INR model could be successfully implemented in the EU, it would not provide a practical way of coordinating the rather unstructured EU intelligence community. Unlike the CIA, the INR is a departmental agency and does not directly support the top level of decision-making. Similarly, an INTCEN working on the basis of the INR model could maybe be an efficient departmental intelligence asset, but it would face serious problems to provide any kind of coordination or guidance to the whole of the community, particularly in matters other than CFSP.

E. Conclusions: Alternatives for the EU After briefly discussing the current situation of the EU intelligence system some interesting tendencies have been detected: – Dependence from Member States’ national intelligence systems, particularly for human and technical collection. Ultimately, the system heavily relies on the cooperation with other Western allies, mostly with the US. – Lack of a common intelligence culture. So far, there is no agreement on what is intelligence, on the means of intelligence, on the limits of its powers, on its control. Some of the EU bodies mentioned in this chapter as “intelligence structures” would maybe reject the very idea that they are producing intelligence. – Informal, weakly structured community. There is no generally agreed and comprehensive list of members, no regulations governing the community, no chain of command, no formal structure. The main element of cohesion for this unstructured community is the existence of a supreme client, the European Council, that in a more or less direct way is supported by all intelligence structures of the EU and its Member States. 98 In a way, the system described in this chapter reproduces many of the most marking features of the EU institutional architecture. Some people may judge it to be insuffi97

78 Fingar, Reducing Uncertainty: Intelligence Analysis and National Security, Stanford University Press 2011, p. 101.

232

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:23 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. EU intelligence: On the road to a European Intelligence Agency?

ciently effective, but it is maybe because of the big differences it presents with what we can see at the national level, particularly in countries with a certain size and a developed intelligence system, countries that could serve us as models. The current solutions, imperfect as they may be, represent a practical and rather successful compromise between ambitions and possibilities. And it could even be said that, at least in some occasions, the community’s structural similarity to the current EU-level decisionmaking system makes it easier to deliver well-targeted, timely and cost-efficient answers to the challenges the EU is currently facing. Such an intelligence architecture assumes that the interests of the different EU 99 Member States are very similar and do not significantly differ from those of the Union as a whole. As a matter of fact, this is not always the case. As Robert Cooper has shrewdly observed, “the EU is an organisation not for pursuing a European interest, but for pursuing national interests more effectively”79, and the interests of different Member States are not necessarily the same. In this game, the EU provides a framework for settling disputes using “some mixture of law, bargaining and arbitration”80. And for every Member State, the ability to shape a common narrative consistent with their views is an important factor to make those views prevail. It is unrealistic to expect that Member States’ intelligence services will not use INTCEN’s and EUMS INT’s dependence on their contributions to try to influence the orientation of intelligence assessments. Something similar can be said about the dependence of European intelligence from 100 the intelligence systems of other Western countries, particularly the US. The current situation is satisfactory if the focus is on facing serious threats menacing the very existence of the EU (or the West) as a community of free, market-oriented and welfare states. In such issues, the interests of all Western countries coincide or are very similar. In the post-modern world, however, we rarely have to face existential threats. Politics is often about making our own preferences prevail or about gaining competitive advantages against partners that may not be (in general, they are not) our enemies. And here, the positions and interests of the EU as a supranational entity and other Western countries will from time to time diverge. Any critical dependence from the Western partners and allies will hamper the EU ability to conduct its own foreign and security policy, to protect the Europeans’ particular interests whenever they do not coincide with those of other Western states. A different approach would maybe consist in trying to gain value by helping to address 101 the ever greater difficulty in adopting common decisions and the risk that such decisions would not be optimal. Europe’s diversity is probably one of the EU’s strengths, but managing it may be some times complicated. Due to the increasing institutional complexity of the EU, there is a danger that decisions may sometimes be made taking more into account the process than the desirable outcome. Common institutions, such as the European Commission or the EEAS can play an important role in helping Member States to reach consensus. And intelligence is, probably, one of the best tools they can use, provided that is regarded by all actors as independent, objective and professional. An alternative way of organising the intelligence community at EU level would have as its goal to allow the community to play a genuine consensus-building role. That would probably require the setting up of appropriate strategic intelligence bodies working specifically for the major EU institutions and able to perform their basic duties even without significant help from Member States’ agencies. Which do not necessarily entail the establishment of a EU intelligence agency, able to carry out all steps of the intelligence cycle. 79 80

Cooper, The post-modern state and the world order, Demos 2000, p. 26. Ibidem.

Palacios

233

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:23 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

The Brexit will probably have a certain impact on the way European intelligence is organised and works. Britain possesses an excellent intelligence system and has been very active in most European initiatives in favour of further cooperation in the field of intelligence. Britain is part of Europe and, even if its leaves the EU, many intelligence problems (particularly, but not only, in such sensitive areas as counter-terrorism or counterproliferation) cannot have an effective European answer without British participation. In any case, the intense European intelligence cooperation has until now been channelled through structures (NATO, the CTG, for instance) that do not form part of the EU institutional architecture and that will continue working for as long as participating states feel that it is in their best interest. On the other hand, the impact of Brexit will be significant in the sphere of strategic intelligence. There, the EU-level bodies will lose regular access to the UK strategic intelligence production, and Britain will lose a chance to influence EU decision-making by directly contributing to shape EU intelligence assessments. 103 The new EU Global Strategy of June 2016 calls for the strengthening of cooperation between European law enforcement, judicial and intelligence services and asks Member States and EU institutions to provide greater support for the EU INTCEN81. In the Implementation Plan on Security and Defence (November 2016) one of the identified actions requires from Member States to consider upgrading EU INTCEN and EUMS INT capabilities and to reinforce links between both EU intelligence structures and Member States’ entities providing situational awareness. The message is clear: the EU would like to improve the intelligence support it receives, but without modifying the current architecture of the (largely informal) EU intelligence community. Only time will tell whether these objectives can be attained. 102

81 European Union, Shared Vision, Common Action: A Stronger Europe. A Global Strategy for the European Union’s Foreign And Security Policy, Brussels, June 2016. Pg. 50.

234

Palacios

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:24 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2 The Merits of Informality: The European Transgovernmental Intelligence Network Mai’a K. Davis Cross Outline A. Introduction ...................................................................................................................... B. Why is intelligence cooperation so difficult?............................................................. C. The European Intelligence Space.................................................................................. I. Structural changes................................................................................................... II. New threats .............................................................................................................. III. EU governance and secrecy .................................................................................. D. Conclusion .........................................................................................................................

mn. 1 6 13 17 26 31 39

Bibliography: Adler and Pouliot, International Practices, 3 International Theory 1 (2011), pp. 1–36; Adler, The Power of Ideology: The Quest for Technological Autonomy in Argentina and Brazil, University of California Press 1987; Calvani, Foreword, in: Hertzberger Counter-Terrorism Intelligence Cooperation in the EU 2007; Chivvis, Understanding Russian “Hybrid Warfare” And What Can Be Done About It, Testimony, Rand Corporation, 2017; Collins, The Sociology of Philosophies: A Global Theory of Intellectual Change, Harvard University Press 1998; Council of the EU Document 5626/11, 24 January 2011, Brussels. Still Classified; Cross, The European Diplomatic Corps: Diplomats and International Cooperation from Westphalia to Maastricht, Palgrave 2007; Cross, Security Integration in Europe: How Knowledge-based Networks are Transforming the European Union, University of Michigan Press 2011; Cross, A European Transgovernmental Intelligence Network and the Role of IntCen. Special Issue: Agency Governance in the European Union’s Area of Freedom, Security and Justice, 14 Perspectives on European Politics and Society, 3 (2013): 388–402; Cross, The Politics of Crisis in Europe, Cambridge University Press, 2017; Dyèvre, Innovation and information Technologies for the European Security and Intelligence Community, EUROSINT Forum Workshop, Paris, 9 December 2016; Edwards and Meyer, Introduction: Charting a Contested Transformation, 46 Journal of Common Market Studies, 1 (2008), pp. 1–25; Eurosint Forum, Innovation and Information Technologies for the European Security and Intelligence Community, Paris, 09 December 2016; Fägersten, European Intelligence Cooperation, in: Duyvesteyn, Jong, and van Reijn (Eds.), The Future of Intelligence – Challenges in the 21st century, Routledge, 2014; Gruszczak, Intelligence Security in the European Union: Building a Strategic Intelligence Community, Springer, 2016; Haas, Introduction: Epistemic Communities and International Policy Coordination, 46 International Organization 1 (1992), pp. 1–35; Hansard, House of Commons, 27 June 2005; Hertzberger, Counter-Terrorism Intelligence Cooperation in the EU, European Foreign and Security Studies Policy Program UNICRI 2007; Horn, Logics of political secrecy. 28 Theory, Culture & Society 7–8 (2011): 103–122; Johnstone, The Power of Interpretive Communities, in: M. Barnett and R. Duvall (Eds), Power in Global Governance, Cambridge University Press 2005, pp. 185–204; Keck and Sikkink, Activists Beyond Borders: Advocacy Networks in International Politics, Cornell University Press 1998; Keohane and Nye, Transgovernmental Relations and International Organizations, 27 World Politics 1 (1974), pp. 39–62; Müller-Wille, For Our Eyes Only: Shaping an Intelligence Community Within the EU, Occasional Paper 50, Paris: European Union Institute for Security Studies 2004; Müller-Wille, The Effect of International Terrorism on EU Intelligence Cooperation, 48 Journal of Common Market Studies, 1 (2008), pp. 49–73; Radaelli, The public policy of the European Union: whither politics of expertise? 6 Journal of European Public Policy, 1 (1999), pp. 757–774; Rettman, Secret documents group was like “bad Le Carre novel”, MEP says, EUObserver.com, 18 November 2010; Rettman, EU intelligence services opening up to collaboration, EUObserver.com, 18 January 2011; Sjursen, Integration without democracy? Three conceptions of European Security Policy in transformation, ARENA Centre for European Studies, Working Paper No. 7, 2008; Slaughter, A New World Order, Princeton University Press 2004; Steele, Open Source Intelligence, in Handbook of Intelligence Studies, edited by Loch Johnson, Routledge 2007, pp. 129–147; Thompson, Democratic secrecy. 114 Political Science Quarterly 2 (1999): 181–193; Todd, Could Europe do Better on Pooling Intelligence? Security & Defence Agenda Round Table Report, October 26, Brussels 2009; Verdun, The role of the Delors Committee in the creation of EMU: an epistemic community? 6 Journal of European Public Policy 2(1999), pp. 308–28; Vries, The European response to terrorism. ACI Security Summit, Brussels, 23 November 2016; Walsh, Intelligence-Sharing in the European Union: Institutions Are Not Enough, 44 Journal of Common Market Studies, 3 (2006),

Cross

235

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:24 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation pp. 625–43; Walters, Secrecy, publicity and the milieu of security, 5 Dialogues in Human Geography 3 (2015), pp. 287–290; Zito, Epistemic communities, collective entrepreneurship and European integration, 8 Journal of European Public Policy 4 (2001), pp. 585–603.

A. Introduction With the intensification of numerous security threats in Europe – especially the series of terrorist attacks in 2015 and 2016 – the importance of intelligence, defined as “information that is tailored to assist a certain receiver’s decision-making,”1 has taken on new importance. At the same time, in light of the stunning Snowden revelations that began in 2014, there is also more concern surrounding what intelligence professionals actually do, especially in democracies. Given these circumstances, the time is ripe to explore how intelligence cooperation in Europe has evolved in recent years, especially since the 2009 Lisbon Treaty, and the nature of it today. While many observers and the media tend to assume that intelligence sharing is virtually non-existent or nascent in the European setting, it is clear that the European intelligence space is actually reaching a new level of maturity in large part because of an increasingly consolidated transgovernmental network of intelligence professionals in Europe. There are several reasons for the growth of this network, which will be elaborated upon in this chapter: (1) the structural changes to the EU’s intelligence apparatus that take intelligence sharing more seriously, (2) the emergence of new threats, especially in the form of terrorism and public misinformation, and (3) the increasing recognition of the role of secrecy in the proper functioning of governance. All of these points to the responsiveness and adaptability of the intelligence profession in Europe as well as the importance of informality in sharing best practices and information. 2 A transgovernmental network is comprised of government professionals from different countries interacting and cooperating with each other to share best practices and knowhow, separately from nation states.2 Anne-Marie Slaughter argues that transgovernmental networks – like judges, legislators, and regulators – across the globe are increasingly working together in this way, informally participating in these networks so that they can do their jobs better.3 This chapter contends that this dynamic is now visible in the European sphere of intelligence, and has led to the creation of a kind of European intelligence space. While there is certainly a difference between sharing best practices and sharing substantive information, it is suggested that the former could be paving the way for the latter, and that the prevalence of open-source intelligence (OSINT) is also freeing intelligence professionals from reliance on Member States to provide them with intelligence.4 3 Why might the emergence of a transgovernmental intelligence network in Europe be surprising? In general, the political science literature focuses on the difficulties intelligence cooperation presents. Even in a region where integration – the pooling of sovereignty among Member States – has a long track record of over six decades, it is widely assumed that EU Member States are risk averse when it comes to any initiatives that push them towards sharing their own intelligence with others. The scholarly literature on this topic argues there is a low level of political will among Member States to cooperate, and a lack of desire to make use of the formal institutions set up to 1

1

Müller-Wille, JCMS 2008, 49 (52). Keohane and Nye, World Politics 1974, 39. 3 Slaughter, A New World Order, 2004. 4 Cross, Perspectives on European Politics and Society 2013, 388. 2

236

Cross

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:25 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Merits of Informality: The European Transgovernmental Intelligence Network

facilitate this.5 Member States tend to resist sharing intelligence with each other unless they are able to overcome the trust issues that go along with relinquishing sensitive data, and the inherent dangers related to this, like putting human sources at risk. In looking at Member-State motivations, most scholars have concluded that the current state of EU intelligence cooperation is quite dismal, with little hope of improving. According to some scholars, the only way in which Member States might change their minds is for normative (trust) or functional (efficiency) reasons, but the bar is set high.6 By contrast, it is argued that an exclusive focus on formal cooperation among 4 Member States is only a narrow lens through which to understand this policy area, as there is much that happens informally. To be sure, intelligence sharing is not easy to achieve, even in a region as tight-knit as Europe, and the degree of intelligence sharing that does occur today is still relatively new. EU Member States have been sharing intelligence since at least the 1970s, but in a more ad hoc or bilateral way.7 It was during the late 1990s in the wake of the Bosnian War that this process became more institutionalized. Also, 9/11 and the subsequent terrorist attacks in Madrid and London served as major impetuses towards increased intelligence sharing as well as the establishment of the EU’s Intelligence Centre, known today as IntCen.8 Even though the EU has created formal structures for sharing intelligence, informal interactions among national and European intelligence professionals are increasing, likely indicating that the EU is starting to take the role of secrecy in democratic governance more seriously. The chapter proceeds as follows. First, it reviews the literature pertaining to intelli- 5 gence cooperation, and situates the main argument of this chapter in these various perspectives. Second, it describes the shifts that are underway in the realm of informal intelligence cooperation. Finally, the chapter offers some conclusions on the future prognosis for European intelligence sharing, given today’s challenges and threats.

B. Why is intelligence cooperation so difficult? There is a robust literature on intelligence more generally, but relatively little on EU 6 intelligence specifically. Since EU intelligence is handled by several different groupings – IntCen, national intelligence services, Europol, the EU Military Staff, the European Satellite Centre, and others – the limited amount of research that has been conducted on this issue is spread out, focusing on different institutions and agencies. Empirically, there is a dearth of information about how intelligence cooperation works in Europe, even while there is a more robust theoretical debate. The fundamental dilemma that the political science literature addresses is that Member 7 States intuitively have a strong interest in sharing intelligence given their similar security concerns, but are highly reluctant to give up sovereignty in such a secretive and sensitive area. They acknowledge that the internally borderless nature of the Schengen area, the existence of the Common Foreign and Security Policy (CFSP), and growing security challenges in the region mean that European security efforts will fall far short without a comprehensive approach to intelligence that includes all Member States. As Björn MüllerWille writes, “sharing knowledge is a first step towards harmonizing views, formulating 5 Müller-Wille, European Union Institute for Security Studies, 2004; Walsh, JCMS 2006, 625; Edwards and Meyer, JCMS 2008, 1; See Palacios, EU intelligence: On the road to a European Intelligence Agency?, Part 3 Chapter 1, in this volume. 6 Ibid. 7 Walsh, JCMS 2006, 625. 8 Todd, Security & Defence Agenda Round Table Report, 2009.

Cross

237

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:25 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

8

9

10

11

and implementing common policies, and exploiting potential synergies in the fight against new threats”.9 The EU already strives to work together in combating illegal immigration, terrorism, cybercrime, organized crime, and human trafficking, among other things. A common source of intelligence analysis provides the necessary background for conducting these policies as effectively as possible. Despite this clear need, Müller-Wille finds that Member States still hold back from cooperating fully because of (1) distrust of what others will do with the intelligence, (2) concern that more EU intelligence sharing jeopardizes bilateral intelligence sharing with the US, (3) risk of free-riding, (4) loss of privileged or superior influence, and (5) fear that the intelligence will be manipulated for different ends. Geoffrey Edwards and Christoph Meyer echo the arguments about trust and free-riding, focusing in particular on the difference between those Member States that are more intelligence-oriented and those that are less. They write, “the gap in trust coupled with the risk for sources and free-riding between the national ‘haves’ and ‘have-nots’ in intelligence terms prevents a quicker evolution, institutionalization and task expansion of bodies such as [IntCen]”.10 Eveline Hertzberger’s interviews of intelligence experts confirm that there is a gap between those Member States like the UK, Spain, and Germany that have a lot of experience in the intelligence sector, and newer Member States like Poland and Slovenia, that are relatively inexperienced.11 James Walsh elaborates upon lack of trust as the central impediment to intelligence sharing among Member States.12 He argues that intelligence and trust intersect in a number of ways. First, any shared data must be protected to the satisfaction of all parties involved. Second, there must be trust that the information will not be used in a way detrimental to the interests of any of the actors. Third, intra-EU intelligence sharing must not be perceived as a threat to external forms of bilateral or multilateral intelligence sharing. His study concludes that existing EU institutions provide the technical mechanisms for sharing information, but do little to foster trust.13 Thus, there is a consensus in the literature that intelligence cooperation in the EU is particularly weak, and that EU institutions play only a minor role. One area where intelligence sharing is less problematic for Member States is in dealing with external issues that all agree upon. Member States provide information only if there is a direct interest or benefit in doing so. For example, in areas of operational information pertaining to Common Security and Defence Policy (CSDP) operations, they are far more willing to cooperate since their own soldiers’ protection in the field depends on this.14 EU intelligence institutions seem to have an easier time adding value on the analysis side of the equation, as opposed to the collection side. In contrast to these various findings, it is argued that the situation is actually changing in recent years, particularly when it comes to informal interactions among intelligence professionals. Also, while it is true that national governments tend to be resistant to sharing certain kinds of intelligence, their willingness is not necessarily a prerequisite for the development of a European intelligence space. An exclusive focus on Member-State motivations and behavior tends to neglect more important developments in the field, particularly the relationship building and networking among intelligence professionals. 9 Müller-Wille, European Union Institute for Security Studies 2004, 1 (13); See Palacios, EU intelligence: On the road to a European Intelligence Agency?, Part 3 Chapter 1, in this volume. 10 Edwards and Meyer, Journal of Common Market Studies, 2008, 1 (14). 11 Hertzberger, European Foreign and Security Studies Policy Program 2007, 1 (73). 12 Walsh, JCMS 2006, 625. 13 For more on trust, also see Gruszczak 2016; Fägersten 2014. 14 Hertzberger, European Foreign and Security Studies Policy Program, 2007, 1 (69).

238

Cross

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:26 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Merits of Informality: The European Transgovernmental Intelligence Network

Increasingly, they share best practices and knowhow so that they can improve their professional skills given the new challenges they face in terms of security. As a result, their transgovernmental network has begun to comprise a European intelligence space, even despite Member States’ remaining resistance to sharing substantive intelligence. There are many kinds of transnational actors or networks – often comprised of 12 professionals – that scholars have identified and researched in depth. These include epistemic communities,15 communities of practice,16 business networks, advocacy networks,17 interpretive communities,18 and argumentative communities,19 among others. Many of these groups are held together by shared values and a common motivation to achieve specific goals in the international arena, whether to improve environmental regulation, protect human rights, or promote EU integration in new policy areas. Transgovernmental networks are distinctive in that they are focused less on end goals and more on processes of governance. Transgovernmental networks do not necessarily need to pursue a shared policy goal. Rather, they form a network because they share the desire to do their work better as governance professionals, and in the process they learn to trust each other. As such, when new security crises emerge, the groundwork has already been laid for more substantive work within the network, as is highlighted in the next section.

C. The European Intelligence Space Europeans are sharing intelligence at all levels of interaction from the highest-level 13 officials to the lowest-level experts. They do so both formally and informally, as well as bilaterally, in smaller groups, and multilaterally with all Member States involved. As mentioned above, some Member States are more involved than others, particularly those that have a history of strong national intelligence services. But this also means that intelligence professionals from countries with less of a background in intensive intelligence gathering are especially committed to learning more, especially in the informal realm. For example, those professionals from Central and Eastern European countries (CEECs) are most interested in being networked and having the opportunity to learn from their counterparts in other European countries.20 Germans, by contrast, are less interested in the informal realm of intelligence practices, but much more involved on the formal side, sharing a range of resources, including information, technology, software, and best practices. The means by which professionals share intelligence varies on a case-by-case basis, 14 but it happens regularly through meetings, phone calls, discussions, and secure databases. There is no single format for sharing intelligence across countries in the world – although memoranda of understanding and letters of intent between intelligence agencies do have a standard system – but much of it does happen through written documents. Thus, intelligence professionals across Europe are engaging with each other in a variety of ways on a daily basis. Increasingly, they do not only meet for the purposes of their formal work, but they are also meeting through informal venues and 15 Adler, The Power of Ideology, 1987; Haas, International Organization, 1992, Radaelli, Journal of European Public Policy, 1999; Verdun, Journal of European Public Policy, 1999; Zito, Journal of European Public Policy 2001; Cross, The European Diplomatic Corps, 2011; Cross, Security Integration in Europe, 2011. 16 Adler and Pouliot, International Theory, 2011. 17 Keck and Sikkink, Activists Beyond Borders, 1998. 18 Johnstone in: Barnett/Duvall (eds), Power in Global Governance, 2005. 19 Collins, The Sociology of Philosophies, 1998. 20 Interview with Head of Eurosint Forum Axel Dyèvre February 2017.

Cross

239

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:26 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

for networking purposes. This is not simply the product of increased communication among all types of professionals in a globalized world. There is a distinct European space for intelligence sharing that is emerging. As evidence of this, the decision to attend networking meetings depends on who is present at those meetings – if nonEuropeans are at an event (with the exception perhaps of US intelligence professionals), this makes it more difficult for European intelligence professionals to attend.21 15 Who are the intelligence professionals that comprise this transgovernmental network, and how do they contribute to the creation of a European intelligence space? Although this chapter is focused on informal interactions among intelligence professionals, it is important to recognize that this still takes place among professionals with formal positions, such as those posted to national intelligence services and EU groups dealing with counterterrorism. In this respect, the professionals in IntCen are important to consider, as well as various informal venues for intelligence sharing, such as the Berne Group, Middle European Conference, Budapest Club, and Eurosint Forum, which will be discussed below. 16 The rest of this section considers each of the main reasons that have been identified for the growth of this transgovernmental network of intelligence professionals: (1) the structural changes to the EU’s intelligence apparatus that takes intelligence sharing more seriously, (2) the emergence of new threats, especially terrorism and the dissemination of misinformation to the public, and (3) the increasing recognition of the role of secrecy in the proper functioning of governance.

I. Structural changes There are at least two main structural changes that have taken place in more recent years that impact the transgovernmental intelligence network in Europe: the 2009 Lisbon Treaty and the rise in importance of open-source intelligence. Alongside the steady march towards more security integration,22 the 2009 Lisbon Treaty has given added impetus for EU Member States to work together on intelligence and speak with one voice in the security realm. The EU has made a more concerted effort to emphasize the importance of intelligence sharing on many levels, and as a result, changes over the past decade clearly show that intelligence is being taken more seriously in Europe. 18 Especially since 2009, the EU has started to fund intelligence initiatives that can lead to tangible improvements in European security. For example, Eurosint Forum, a nongovernmental, non-profit organization working on open-source intelligence sharing, has received EU funding for several projects. These include various collaborative initiatives, such as RECOBIA and VIRTUOSO (dealing with human intelligence), EUROCYBEX (cyber security), BODEGA (border control), PREDICT (crisis management), and CRIME, SAFIRE, and TERIS (dealing with terrorism and radicalization).23 Besides tangible output, this has meant the convening of many more meetings and networking events for European intelligence professionals. Axel Dyèvre, head of Eurosint Forum said, “In 2007 no one thought it was possible to have 20–30 intelligence professionals from different countries in the same room.”24 Now, this happens regularly, and is considered normal. For example, Eurosint Forum has hosted some 50 seminars from 2006 to 2016, with 25–100 participants each time from across Europe (a total of over 1,000 participants). This amounts to the inclusion of more than 450 individuals from 17

21

Interview with Dyèvre 2017, and interview with IntCen official, March 2017. Cross, Security Integration 2011. 23 Dyèvre, EUROSINT Forum Workshop, 2016. 24 Interview February 2017. 22

240

Cross

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:27 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Merits of Informality: The European Transgovernmental Intelligence Network

the intelligence profession across Europe in a common network.25 While it is difficult to know what meetings like this really mean in terms of sharing substantive information – since this is secret – it does provide a strong indication of the increasingly networked nature of the profession within Europe. The Lisbon Treaty has also directly impacted the work of the EU’s intelligence commu- 19 nity through the relocation of IntCen in 2011 to the European External Action Service, making it directly accessible to the foreign policy chief. This move has enhanced the efficiency and effectiveness of IntCen.26 The hierarchy, chain of command, and organization are much more streamlined. The EU is establishing specific guidelines for the EEAS’s intelligence support, and the emphasis is on higher quality intelligence provided much more rapidly than before Lisbon.27 Given that IntCen is a key EU intelligence-sharing body that grapples with a range of issues relevant to both internal and external EU security policy, this change is important. IntCen (originally known as SitCen) was established in 2002 as a body that “monitors and assesses events and situations worldwide on a 24-hour basis with a focus on potential crisis regions, terrorism and WMD proliferation”.28 Its work is strategic, and not operational.29 Even though IntCen is highly dependent on the Member States in some respects, its ability to bring various strains of information together in one place and focus on policy areas that can only be tackled collectively, mean that it is indispensable. Operating 24 hours per day, 7 days per week, IntCen’s work is divided into teams that cover almost every region of the world, as well as thematic areas such as counter-terrorism, cyberattacks, hybrid warfare, and non-proliferation.30 IntCen’s new positioning makes it more valuable than before the Lisbon Treaty, especially when it comes to using shared intelligence to craft common EU security policies. Indeed, one IntCen official explained that “Since joining the EEAS, intelligence sharing and the role of IntCen has gone up.”31 IntCen itself is also highly networked at the intersection of a hub of various other 20 intelligence bodies, such as the Intelligence Steering Board (a decision-making body chaired by the High Representative and Vice-President of the Commission) the Intelligence Working Group, chaired by the directors of IntCen and the EU Military Staff’s Intelligence division, and to some extent, the European Defence Agency. Its “customers”32 include the foreign policy chief, Counter-Terrorism Coordinator, Coreper II, the Political and Security Committee, the Working Party on Terrorism, the Article 36 Committee,33 and decision-makers in the area of police and judicial cooperation.34 Based in Brussels, IntCen has a staff of around 100,35 which consists of analysts with a 25

Eurosint Forum 2016. For more on this see Palacios, EU intelligence: On the road to a European Intelligence Agency?, Part 3 Chapter 1, mn 38, in this volume. 27 Interview with Gunter Eisl, Director of Intelligence in the EUMS, 27 June 2011. 28 Hansard, House of Commons, 27 June 2005. By contrast, Europol deals exclusively with crime within the EU’s borders and the EU Military Staff is concerned with intelligence that supports Common Security and Defence Policy (CSDP) operations. IntCen’s mandate spans both and then some. 29 See Palacios, mn 39–49. 30 Interview with IntCen official, March 2017. 31 Interview with IntCen official, March 2017. 32 See Palacios, mn 19. 33 Coreper II is the Committee of Permanent Representatives, the highest level of diplomatic representation of the Member States to the EU. The Political and Security Committee also represents the member states, but is one level below Coreper II, and focuses on external security policy. The Working Party on Terrorism is a Council committee that deals with the international dimension of terrorism, fostering EU cooperation with third countries to tackle the terrorist threat. The Article 36 Committee, known as the Coordinating Committee in the area of police and judicial cooperation in criminal matters, works on Member States’ collective approach to criminal matters. 34 Müller-Wille, JCMS 2008, 49 (59). 35 Interview with IntCen official, March 2017. 26

Cross

241

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:27 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

civilian background, as well as various support staff who contribute to open-source intelligence, consular crisis management, and the SitRoom. Many analysts are seconded from national intelligence services, and are double-hatted to both.36 In the wake of the Lisbon Treaty, the number of personnel has increased.37 21 Structurally, the existence and growing centrality of IntCen encourages both formal and informal intelligence sharing among Member States. Between 17 and 20 EU Member States, provide national intelligence to IntCen. Thus, not all Member States participate, but all 27 receive IntCen’s reports and analyses through their ambassadors in the Political and Security Committee. Each Member State can also stipulate who is allowed to see the information, beyond those who regularly consume IntCen reports, under the so-called “originator principle”.38 Typically, when a Member State wants to volunteer information to IntCen, it will convey this through its representative in IntCen. In recent years, with intelligence sharing on the rise, the question of who provides intelligence on which issues is more a matter of a country’s specific expertise than willingness to share.39 At the same time, Member States are very much in control of what they share. At any point, Member States may decide to remove intelligence they had previously provided to IntCen, and this information must immediately be purged from the system.40 22 The second major structural change more recently is the rise of OSINT. The Council of the European Union defines open sources as: “All the information available publicly, but not exclusively, on the Internet, which by virtue of its special importance for the maintenance of public security and for criminal investigation, should be captured, processed, evaluated, analysed and circulated to the agencies in charge of preventing and fighting crime.”41 Increasingly, pertinent intelligence is gathered through open-source material, such as the media, Internet chat rooms and blogs, as well as commercial satellite images, governmental reports, and deep Internet sites (those not readily accessible through standard search engines).42 Around 80–90 percent of intelligence comes from open sources. Around one-tenth of IntCen experts contributes to the production of OSINT.43 The growing need to sort through and analyze open-source intelligence has led to the rapid development and sharing of best practices among intelligence professionals in Europe. This de-prioritizes the importance of national leaders in authorizing the sharing of intelligence because experts are able to generate OSINT directly. 23 The advantages of this are that open-source intelligence can often be less complicated, easier to share, and more trustworthy. It is possible to replicate information searches directly, and limit the areas in which traditional, clandestine intelligence techniques are necessary. Open-source intelligence is easier to share because it does not risk protected, human sources in third countries. To be sure, open-source intelligence has always formed an important component of the intelligence profession, but with faster and 36

Hertzberger, European Foreign and Security Studies Policy Program 2007, 1 (69); interview 2017. Council of the EU Document 5626/11, 2011. 38 Rettman, EUObserver.com, 18 November 2010. 39 Interview with IntCen official, March 2017. Also see Palacios, EU intelligence: On the road to a European Intelligence Agency?, Part 3 Chapter 1, in this volume for an analysis of varying degrees of member state capabilities when it comes to intelligence. 40 Interview with IntCen official, March 2017. 41 Council of the European Union document 9037/10, “From Presidency To Ad hoc Group on Information Exchange, European Open Source Intelligence Project,” 27 April 2010, Brussels. 42 Rettman, EUObserver.com, 18 January 2011. 43 Interview with IntCen official, March 2017. 37

242

Cross

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:28 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Merits of Informality: The European Transgovernmental Intelligence Network

thicker globalization patterns, this particular technique has become far more useful in the past few years. The Internet has come to encompass more countries and languages, there has been an exponential explosion in new websites that feature useful knowledge, and non-traditional threats that rely on the Internet have mushroomed.44 Computer programs have been developed to assist with the compilation and sorting 24 of data. The result is that intelligence analysts can increasingly draw upon computer and media skills, rather than operating as spies on-the-ground in third countries. It is also far more likely that they would share OSINT over that obtained from clandestine sources in foreign countries given that open-source intelligence involves fewer issues of trust. Again, the main difference when it comes to open-source analyses is that intelligence professionals can engage in this type of intelligence research directly, thereby generating a distinctive, European intelligence, far less reliant on the willingness of Member States to share. Thus, two major structural changes – the Lisbon Treaty and the rise in importance of 25 OSINT – have clear ramifications for intelligence sharing in Europe more generally, and informal networking among intelligence professionals more specifically. Indeed, Hertzberger finds that personal contacts among double-hatted analysts in IntCen enable better intelligence cooperation over time, and an emerging institutional culture. These trends have been in place for some time, but have also received added impetus more recently as the EU has tried to grapple with recent and emerging threats.

II. New threats The EU is facing a range of new threats, from increased Russian aggression to a 26 significant increase in migration flows to the rise of far-right populism. When it comes to the field of intelligence, terrorism and problems with misinformation and propaganda in the media are high on the agenda. At the same time, terrorism tends to be more of an issue at the national level than the EU level since ultimately terrorism still occurs on the ground in local settings.45 But it is clear that the EU, and especially the European External Action Service, is reacting to these attacks proactively with a broad-level approach to tackling terrorism through consideration of its external dimension. This is leading to increased interactions between European intelligence professionals and their counterparts in third countries. Table 1 provides a few examples of how external policies have been accelerated or adopted in the wake of major attacks. Table: Changes in European intelligence sharing

Intelligence sharing

44 45

Accelerated Policies in 2015–2016

New policies after January 2015 attacks

New policies after November 2015 attacks

New policies after March 2016 attacks

Passenger Named Record Agreement (PNR); increased information sharing with the US

Information sharing with Turkey & Saudi Arabia; launch of Europol’s Counter Terrorist Centre

Approval of the PNR; intelligence sharing expanded to include more third countries

Focus on foreign fighters, especially after collapse of Daesh; prevention of recruitment & radicalization in refugee camps

Steele, Handbook of Intelligence Studies 2007 129 (132). Interview with Head of Eurosint Forum Axel Dyèvre February 2017.

Cross

243

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:28 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

One of EEAS’s first steps in January 2015, shortly after the Charlie Hebdo attacks, was to open up the issue of revamping the EU’s Counter-Terrorism Policy, with a particular focus on sharing intelligence.46 This received strong support from the EU’s Counter-Terrorism Coordinator, Gilles de Kerchove, who called specifically for a European Passenger Name Record (PNR) directive (as had existed in the US for some time). Such a policy allows EU terrorism experts, for example, in Europol and Interpol, to actively track where people have travelled before entering the EU, and determine whether individuals raise red flags in terms of possible radicalization. At the time of the Charlie Hebdo attacks, sixteen EU countries had already implemented PNR, but there was still no EU-level framework. The European Parliament expressed reservations about the original directive because of the possible threats to civil liberties. But on 4 December 2015, just over two weeks after the November 2015 attacks, the Council and the Parliament were able to reach a compromise relatively quickly and moved forward with the EU-level agreement in the name of European security (Council of the EU December 4, 2015). This was clearly a step closer to more hard power forms of political authority, and one that had faced much resistance until the first major terrorist attacks provided an opening to rethink Europe’s position on this. For its part, on an informal level, Eurosint Forum has taken a longer-term view, analyzing 255 different attacks with its consortium partners. They seek to detect trends over time that will be helpful to the EU. 28 Beyond PNR, the EEAS began building stronger bilateral relationships and mechanisms to share information with third countries, particularly Saudi Arabia and Turkey (EEAS February 2015). It also accelerated intelligence sharing with Algeria, Egypt, Yemen, the Gulf countries, some African nations, and the US. The EU now provides around € 142 million per year to build capacity for countering terrorism in third countries.47 As the threat to Member States tangibly and visibly increased with the 13 November 2015 terrorist attacks, the EEAS launched broader discussions on how intelligence sharing could become even more comprehensive. Many more intelligencesharing policies were immediately discussed in the wake of these attacks, such as the possibility of creating a CIA-like agency in Europe, and strengthening the role of IntCen, especially in the EEAS delegations. Such initiatives are ongoing, but also would have been too controversial even to enter the discussion earlier. The strengthening of these agreements has the potential to enable the European transgovernmental intelligence network to engage with third countries in many informal ways. 29 After the 2016 Brussels attacks, Eurojust and the Counter-Terrorism Coordinator added another layer, emphasizing the tracking of foreign fighters through intelligence sharing.48 In particular, policies concerning how to prevent radicalization and recruitment in Europe’s refugee camps were initiated, in recognition of the dangerous cycle that leads back to more Islamophobia in Europe.49 The push to have the EU take on a bigger role in counter-terrorism was evident when the Counter-Terrorism Coordinator himself expressed a wish for his role to become redundant so that the European Commission and EEAS could handle everything related to terrorism, without the need for his position (Ibid.). In effect, after the third major attack on a European city, representatives of several EU institutions were pushing for supranationalism as a means 27

46

Mogherini interview with Christiane Amanpour on CNN, January 22, 2015. Vries, ACI Security Summit, 2016. 48 “Fight against Terrorism News Alerts,” European Parliament Audiovisual Services for Media, October 25, 2016. http://audiovisual.europarl.europa.eu/Page.aspx?id=2755. 49 “Exchange of views with Gilles de Kerchove, EU Counter-Terrorism Coordinator on the fight against terrorism and recent attacks in Member States.” September 26, 2016. 47

244

Cross

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:29 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Merits of Informality: The European Transgovernmental Intelligence Network

of stopping terrorism as well as disrupting the feedback loop that was stirring up nationalist sentiments within Member States. This approach of actually tracking and controlling individuals represents a ratcheting up of the hard power authority of these policy initiatives compared to before. While these policies in reaction to terrorist attacks in 2015–2016 are more formal than informal, the former increases the space for the latter to develop, with implications for intelligence sharing beyond Europe. At the same time, the impact of external actors on the European public is also 30 damaging. The dissemination of misinformation and propaganda throughout Europe poses increasing threats. Russia is at the top of the list in terms of countries using these strategies as a form of hybrid warfare.50 Social media, public opinion campaigns, and cyberattacks (or hacking) can change the nature of elections and sway European attitudes towards beliefs that damage their own interests, away from support for openness, democratic debate, and pluralism. Member States share intelligence on these issues, but misinformation is an area that is being tackled through OSINT, especially the social media variant. More and more companies specialize in cyber tools, such as social media bots, and intelligence professionals increasingly have the access to the software and skills to mine open sources and recommend policy to combat cyber and hybrid attacks. Informal networks are particularly adept at discussing strategies in this regard since best practices and knowhow are fundamental to tackling these types of threats. Eurosint Forum, for example, operates entirely at an informal level with the aim of creating a network that allows people to see how their counterparts from other countries are dealing with these challenges and threats.51 They participate in this network “to discover things they don’t know,”52 which especially includes the cyber realm. As Axel Dyèvre puts it, “digital transformation is the main topic. Anything that is digital transformation is related, especially to security tools for exchange, information, and privacy.”53

III. EU governance and secrecy The informal nature of intelligence sharing leads to a stronger and more effective role 31 for secrecy in the governance of the EU. While there is often an automatic assumption that secrecy is somehow anti-democratic, it is nonetheless generally accepted at the national level if it is necessary for survival of the state, even in democracies.54 Indeed, democracies recognize that certain policy areas, including intelligence, transcend partisanship and that effectiveness requires some degree of secrecy. Dennis Thompson writes, “citizens cannot evaluate some policies and processes because the act of evaluating defeats the policy or undermines the process.”55 But there is a tension in the role of importance of secrecy in policy-making. As Eva Horn puts it, “Secrecy serves to protect and stabilize the state, and as such it is the precondition for the functioning of the law; but at the same time secrecy opens a space for the exception from the rule of law…”56 Thus, secrecy is taken for granted by most governments, but in the multi-leveled 32 system of the EU the nature of secrecy is a bit more complex. The arena of foreign policy-making has some processes that occur behind closed doors, but intelligence is even more removed from public scrutiny, especially when sharing happens informally. 50

Chivvis, Testimony, Rand Corporation, 2017. Interview with head of Eurosint Forum, Axel Dyèvre February 2017. 52 Ibid. 53 Interview with Head of Eurosint Forum Axel Dyèvre February 2017. 54 Sjursen, ARENA Centre for European Studies, 2008. 55 Thompson, Political Science Quarterly 1999, 181 (182). 56 Horn, Theory, Culture & Society, 2011 103 (106). 51

Cross

245

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:29 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

33

34

35

36

Besides Eurosint Forum, other long-standing examples of informal venues for intelligence sharing are the Berne Group and Budapest Club. The long-standing Berne Group, established in 1971 with six Member States, is the body under which the heads of all 28 Member States intelligence agencies and the US meet together. It focuses on operational cooperation, which EU institutions or agencies do not do.57 The Berne Group established the Counter-Terrorist Group in 2001, which includes the EU’s 28 national intelligence services, plus those of Norway and Switzerland. Europol and IntCen have agreements in place to communicate and exchange information with the Counter-Terrorist Group, connecting the formal and informal avenues for intelligence sharing. The Police Working Group on Terrorism, founded in 1979, is similar in that it operates outside of EU structures, but runs in parallel to them. The Budapest Club, established in 2007 by an initiative of the European Commission and Hungarian government, has since its inception routinely brought together Government intelligence officials and private sector experts to share ideas and techniques on collecting open-source intelligence.58 The Club has even set up a secure website for participants to continue fostering their network and share counter-terrorism strategies transnationally. Other secure websites, like Virtuoso, are funded by the European Commission, but are not technically an official project of the EU. The main purpose of Virtuoso is to develop a standardized platform, which will enable the intelligence professionals who use it to have their own separate systems, but to integrate the overarching structure to facilitate sharing. Dyèvre of Eurosint Forum said that this common framework helps to break down the walls in the European intelligence space because dealing with best practices is not as sensitive as dealing with actual intelligence. Nonetheless, once there is a certain comfort with discussions on the more technical level, this may facilitate exchange on a substantive level. Given that the seminars and workshops hosted by the Budapest Club and Eurosint Forum are informal in nature and encourage the development of personal friendships and contacts, they provide an ideal environment for building relationships. Participants are aware that the culture of European intelligence is changing, and that it is increasingly fulfilling the spirit of the Lisbon Treaty.59 Because both of these groups focus on open-source intelligence and the development of suitable technology, it is easier for participants to share best practices without jeopardizing state secrets. This has resulted in an emerging body of shared professional norms and substantive norms about how best to develop government policy related to intelligence. In 2007, Sandro Calvani, Director of the United Nations Interregional Crime and Justice Research Institute, wrote, “personal contacts and informal arrangements play a crucial role in the initiation and maintenance of intelligence cooperation relations”.60 While we do know that informal intelligence sharing of actual substance happens across multiple levels and among the different groupings of Member States, it is very difficult to know the substance of what is shared. In effect, at the same time as the transgovernmental intelligence network consolidates, a space for deep secrecy – aspects of security policy that are so hidden that the public does not even know what it does not know – is also apparent within the European intelligence field, indicating that informal networking is going beyond sharing of best practices. Examples of deep secrecy in the US have at various points included torture in interrogations, spying on citizens, and the creation of a range of highly classified programs. While it is unlikely that the EU goes 57

Müller-Wille, JCMS 2008, 49 (55). Rettman, EUObserver, 18 January 2011. 59 Rettman, EUObserver, 18 January 2011. 60 Calvani, in: Hertzberger Counter-Terrorism Intelligence Cooperation in the EU, 2007. 58

246

Cross

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:30 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. The Merits of Informality: The European Transgovernmental Intelligence Network

this far into the realm of deep secrecy, it is impossible to truly know what is involved when European intelligence professionals share knowledge informally. Deep secrecy contrasts with another category of secrecy: known unknowns.61 The 37 public knows that policies in a particular area are secret, without knowing the substance of these secrets. William Walters uses the example of the US drone policy to illustrate this. The public is aware that the program exists, but does not know the details of how decisions are made on an operational level. A key dimension of this category of known unknowns is functional secrecy, which Eva Horn defines as technical knowledge or “knowhow.” She argues that technical or functional secrecy should be thought of as politically neutral yet necessary because it is simply there to enable the functioning and stability of the state.62 On a practical level not everything can be publicly debated otherwise government would quickly grind to a halt. Functional secrecy commonly includes the areas of defense, security, diplomacy, and document classification.63 The transgovernmental network of intelligence professionals is certainly engaging in functional secrecy, but the content and the degree to which deep secrecy has increased as a result of this is again very difficult to know. Overall, informal intelligence sharing involves various types of secrecy. Although 38 closed off from public scrutiny, intelligence is an important tool for the security and survival of the EU, in addition to the states that comprise it. Given the nature of new threats that often cross borders, it has been suggested in this chapter that the strengthening of a transgovernmental intelligence network involves both functional secrecy (best practices) and deep secrecy (substantive information). While it is important to ensure that the public is ultimately able to weigh in on security issues, especially on the policy level, intelligence is often only effective if it is secret, and thus it falls into a realm where some degree of secrecy must be tolerated. Ultimately, it is important that the benefits of using the tool of secrecy in Europe do not come at the cost of the right to privacy and protection of civil liberties, as has happened in the United States.

D. Conclusion It has been argued in this chapter that there are at least three major causes for the 39 emergence and growth of a transgovernmental intelligence network in Europe: First, structural changes brought about the Lisbon Treaty and the centrality of OSINT have meant that intelligence sharing has become easier and encouraged at the European level. This is visible in terms of EU funding in support of intelligence sharing, the repositioning of IntCen into the EEAS, as well as both the need and desire to share best practices when it comes to open sources. Second, new threats in the form of terrorism and the dissemination of misinformation to the public means that new policy initiatives have emerged, creating more space for intelligence professionals to work together across borders in Europe. Third, as EU governance becomes stronger in the area of security, the role of secrecy has become more prominent. Even though any use of secrecy beyond public scrutiny must be carefully justified, it is well established that secrecy may sometimes be necessary in order for policies to work effectively. The existence of known unknowns in the European intelligence space provides some indication that the EU is maturing as a 61

Walters, Dialogues in Human Geography, 2015. Horn 2011. 63 Horn, Theory, Culture & Society, 2011 103 (115). 62

Cross

247

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:30 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

security actor. At the same time, it is difficult to know what is happening in the realm of deep secrecy as informal processes among intelligence professionals grow. 40 It is suggested that the future of EU intelligence sharing is likely to be stronger rather than weaker. Crises often create opportunities for more forward-looking and integrative policies in Europe (Cross 2017). In the second decade of the 21st century, Europe faces many such challenges on the security front. A strong basis of shared intelligence will likely be crucial to tackling everything from Russian propaganda to migration flows to cyberattacks and radicalization on the Internet. The fact that much of this is happening in the shadow of an uncertain transatlantic relationship under the Trump administration makes the need to share intelligence across Europe even more pressing. And while Brexit represents the departure of a key member state in the intelligence field, given the nature of strong informal networks among European intelligence professionals, there is a reason to believe that British participation will continue, although likely to a lesser extent. Foreign policy experts understand that European countries have to take care of their own security, and this means working together better on common areas of concern. Ultimately, as long as the political will among Member States to cooperate on these issues exists, and they are able to devote more resources to this, a stronger and more networked approach to intelligence sharing is a highly suitable model for the kind of actor that the EU is becoming.

248

Cross

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:30 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3 European Criminal Intelligence1 Steven J. Ryder Outline A. Introductory note on the area of freedom, security and justice............................ B. European criminal intelligence in context.................................................................. I. What is European criminal intelligence?........................................................... II. What is criminal intelligence used for? ............................................................. 1. Operational use of European criminal intelligence .................................... 2. Strategic use of European criminal intelligence .......................................... a) SOCTA............................................................................................................ b) EMPACT – EU policy cycle ...................................................................... c) Intelligence-led policing .............................................................................. III. Personal data protection........................................................................................ IV. Accessibility & sharing........................................................................................... 1. Europol ................................................................................................................. a) Information sharing ..................................................................................... b) Analysis........................................................................................................... c) Expertise ......................................................................................................... 2. Other existing databases ................................................................................... a) Interoperability.............................................................................................. C. Complimentary measures to European criminal intelligence................................ I. Other EU actors ...................................................................................................... D. Future possibilities & long-term perspective ............................................................. E. Concluding assessment ...................................................................................................

mn. 1 6 7 12 13 17 20 25 31 33 36 36 38 44 45 47 48 50 52 55 57

Bibliography: Abrams/Beale, Federal Criminal Law and its enforcement, 3rd ed., West Group 2000; Acar, Sexual Extortion of Children in Cyberspace, 2 Int’l J. Cyber Criminology 10 (2016), pp. 110–126; Aghgar/ Sampson/Beyerl, Open Source Intelligence Investigation – From Strategy to Implementation, Springer, 2016; Alach, The Emperor is still naked: How Intelligence-Led Policing has repackaged Common Sense as Transcendental Truth, Police J. Vol. 84(2011), pp. 75–97; Alegre, et al., The implications of the United Kingdom’s withdrawal from the European Union for the Area of Freedom, Security and Justice, Policy Department for Citizens’ Rights and Constitutional Affairs – European Parliament 2017; Aschmann, Europol aus Sicht der deutschen Laender, Peter Lang Europäischer Verlag der Wissenschaften 2000; Becker/Fitzpatrick, In Search of Shadows: Investigating and Prosecuting Crime on the “Dark Web”; 1 U.S. Attorneys’ Bull. 66 (2018), pp. 41–47; Bichard, The Bichard Inquiry – Report, House of Commons 2004; Bigo, The (in)securitization practices of the three universes of EU border control: Military/Navy – border guards/police – database analysts, 3 Security Dialogue 45(2014), pp. 209–225; Bossard, Law Enforcement in Europe, Office of International Criminal Justice 1993; Bruce/George, Intelligence Analysis – The Emergence of a Discipline, in: George/Bruce (ed.), Analyzing Intelligence – Origis, Obstacles, and Innovations, Georgetown University Press 2009, pp. 1–16; Carter, Brief History of Law Enforcement Intelligence: Past Practice and Recommendations for Change, 3 Trends in Organized Crime 8(2005), pp. 51–62; Carter, et. al., Law Enforcement Fusion Centers: Cultivating an Information Sharing Environment while Safeguarding Privacy, J. of Police and Criminal Psychology (2016), pp. 1–17; Cepik/Moeller, National Intelligence Systems as Networks: Power Distribution and Organizational Risk in Brazil, Russia, India, China, and South Africa, 1 Braz. Political Sci. Rev. 11(2017), pp. 1–26; Coman-Kund, European Union Agencies as Global Actors – A Legal Study of the European Aviation Safety Agency, Frontex and Europol, University Press Maastricht 2015; Cope, Intelligence Led Policing or Policing Led Intelligence, British J. of Criminology Vol. 44 (2004), pp. 188–203; Curtis, F., et. al., An economic evaluation of anonymised information sharing in a partnership between health services, police and local government for preventing violence-related injury, Injury Prevention Vol. 20(2014), pp. 108–114; de Belle, Geospatial intelligence: Can Customs learn from the policing perspective?; 2 World Customs Journal 8(2014), 1 The views expressed are solely and exclusively that of the author and cannot be constructed in any way, shape or form to be deemed to reflect the view of the employer.

Ryder

249

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:31 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation pp. 65–74; de Wijk, Supermacht Europa, Mets & Schilt 2005; Dean/Fahsing/Gottschalk, Organized Crime – Policing Illegal Business Entrepreneurialism, Oxford University Press 2010; Demmelbauer, Europol, Eurojust und das Europaeische Justizielle Netz, LexisNexis 2012; den Boer, Counter-Terrorism, Security and Intelligence in the EU: Governance Challenges for Collection, Exchange and Analysis, 2–3 Intelligence and National Security, 30(2015), pp. 402–419; den Boer/Bruggeman, Shifting gear: Europol in the contemporary policing era, Politique Européenne Vol. 27(2007), pp. 77–91; den Boer/Wiegand, Policing the Perilous Euroland: Countering Terrorism and Radicalization in Europe, 3 Pakistan J. of Criminology 3 (2012), pp. 1–19; Devroe/Terpstra, Plural Policing in Western Europe, 3 Eur. J. of Policing Studies 2 (2015), pp. 235–244; Ellebrecht, Verdacht auf See – Zwischen Befugnissen und Signalen, 3 Kriminologisches J. 46(2014), pp. 168–183; Ellermann, Europol und FBI – Probleme und Perspektiven, Nomos 2015; Essworthy/Gonzalez/Gauger, N., Cases without Borders: The Challenge of International Cybercrime Investigations, 4 Criminal Justice 30(2015), pp. 15–18; Evans, Law Enforcement Intelligence: A Call for New Strategies and Tactics in Countering Criminal Insurgency, 3 Low Intensity Conflict & Law Enforcement 13(2005), pp. 262–279; Faegersten, Bureaucratic Resistance to International Intelligence Cooperation – The Case of Europol, 4 Intelligence and National Security 25(2010), pp. 500–520; Ferguson, Big Data and Predictive Reasonable Suspicion, 2 U. Pa. L. Rev. 163(2015), pp. 327–410; Fisher, The Fight Against Terrorism – the need for local police units in the United States’ intelligence community, 1 J. of Military and Strategic Stud. 17(2016), pp. 189–208; Fletcher/Loof/Gilmore, EU Criminal Law and Justice, Edward Elgar 2008; Frunza, Innovation and Crime, in: Solving Modern Crime in Financial Markets, Elsevier 2016, pp. 3–6; Frunza, The Link Between the Betting Industry and Financial Crime, in: Solving Modern Crime in Financial Markets 1st ed., Elsevier 2016, pp. 77–128; Gagliardi, Transnational Organized crime and gun violence. A case for firearm forensic intelligence sharing, 1 Int’l Rev. L., Computers & Technology 26(2012), pp. 83–95; Gehler, Europa – Ideen, Instiutionen, Vereinigung, Olzog Verlag 2010; Glenny, Dark Market: Cybercops Cyberthieves and YOU, Random House 2011; Gless, Police and Judicial Cooperation between the European Union Member States. Results and Prospects, in: Fijnaut/Ouwerkerk (ed.), The Future of Police and Judicial Cooperation in the European Union, Martin Nijhoff Publishers 2010, pp. 25–49; Goold, Development of the Organised Crime Threat Assessment (OCTA) and internal security architecture – Study, European Parliament 2009; Gottschalk, Information Sources in Police Intelligence, The Police Journal Vol. 82(2009), pp. 149–170; Gottschalk, Law Enforcement strategy implementation: the case of police intelligence strategy, 3 Criminal Justice Stud. 22(2009), pp. 273–280; Grace/Oswold, ‘Being on our radar does not necessarily mean being under our microscope’: The Regulation and Retention of Police Intelligence, 1 Europ. J. of Current L. Issues 22(2016), pp. 1–17; Grant, Rights and Personal Data, and the Free Movement of Such Data for EU Security Purposes in the Context of Directive (EU) 2016/680 for the Purposes of Prevention, Investigation, Detection or Prosecution of Criminal Offences or the Execution of Criminal Penal, in: O’Neill/Swinton (ed.), Challenges and Critiques of the EU Internal Security Strategy: Rights, Power and Security, Cambridge Scholars Publishing 2017, pp. 171–198; Hidalgo, Beyond the Conflict Zone: U.S. HSI Cooperation with Europol. 2 CTC Sentinel 11 (2018), pp. 25–27; Higgins/Flory, Terrorism and International Law, Routledge 1997; Impala, The European Arrest Warrant in the Italian Legal System between Mutual Recognition and Mutual Fear within the European Area of Freedom, Security and Justice, 2 Utrecht L. Rev. 1(2005), pp. 56–78; Ingleton, Mission Incomprehensible – the linguistic barrier to effective police co-operation in Europe, Multilingual Matters Ltd 1994; Innes/Sheptycki, From Detection to Disruption: Intelligence and the Changing Logic of Police Crime Control in the United Kingdom, Int’l Criminal Just. Rev. Vol. 14(2004), pp. 1–24; Janz, Fall Carolin G.: Warum die Polizei nicht auf Mautdaten zurückgreifen darf, Badische Zeitung, 27 Jan. 2017; Jasserand, Law enforcement access to personal data originally collected by private parties: Missing data subjects’ safeguards in directive 2016/680?, 1 Computer Law & Security Rev. 34 (2018), pp. 154–165; Johnson, Suspicion formation among police officers: an international literature review, 1 Criminal Just. Stud. 26(2013), pp. 99–114; Joyal, How far have we come? Information sharing, interagency collaboration, and trust within the law enforcement community, 4 Criminal Just. Stud. 25 (2012), pp. 357–370; Klamert, Loyalty in the EU Treaties, in: The Principle of Loyalty in EU Law, Oxford University Press 2015, pp. 9–30; Klip, European Criminal Law. An Integrative Approach, 2nd ed., Intersentia Publishing Ltd. 2012; Kuner, Reality and Illusion in EU Data Transfer Regulation Post Schrems, 4 German L. J. 18(2018), pp. 881–918; Lenaerts/van Nuffel, Constitutional Law of the European Union, 2nd ed., Sweet & Maxwell 2005; Lindqvist, New challenges to personal data processing agreements: is the GDPR fit to deal with contract, accountability and liability in a world of the Internet of Things?, 1 Int’l J. L. and Information Technology 26(2018), pp. 45–63; Lowenthal, The Federal Burea of Investigation, Wiliam Sloane 1950; Lowenthal, Intelligence: From Secrets to Policy, 6th ed., Los Angeles et al. 2014 Marquenie, The Police and Criminal Justice Authorities Directive: Data protection standards and impact on the legal framework, 3 Computer Law & Security Rev. 33(2017), pp. 324–340; Matei, The Challenges of Intelligence Sharing in Romania, 4 Intelligence and National Security 24(2009), pp. 574–585; McQuade, Police and the Post-9/11 Surveillance Surge: “Technological Dramas” in “the Bureaucratic Field.”, 1 Surveillance & Society 14(2016), pp. 1–19; Middlemas, Orchestrating Europe – The

250

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:31 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence informal Politics of European Union 1973–1995, Harper-Collins 1995; Milke, Europol und Eurojust – Zwei Institutionen zur internationalen Verbrechensbekaempfung und ihre justitielle Kontrolle, Universitaetsverlag Osnabrueck 2003; Monahan, The Future of Security? Surveillance Operations at Homeland Security Fusion Centers, 2–3 Social Justice 37(2010–2011), pp. 84–98; Newburn (ed.), Handbook of Policing, Willan 2006. Occhipinti, Still Moving Toward a European FBI? Re-Examining the Politics of EU Police Cooperation, 2–3 Intelligence and National Security 30(2015), pp. 234–258; Odinot/Pool/ de Poot, Organised Cybercrime in the Netherlands, Dutch Minsitry of Security and Justice 2017; O’Neill, EU Cross-Border Policing Provisions, the View from One of the Schengen Opt-out States, Europ. J. of Crime, Criminal Law and Justice, Issue 18 (2010), pp. 73–89; Paoli, How to Tackle (Organized) Crime in Europe: The EU Policy Cycle on Serious and Organized Crime and the New Emphasis on Harm, 22 Europ. J. of Crime, Criminal Law and Criminal Justice 1(2014), p. 1–12; Pollicino, European Arrest Warrant and Constitutional Principles of the Member States: A Case Law-Based Outline in the Attempt to Strike the Right Balance between Interacting Legal Systems, 10 German L. J. 9(2008), pp. 1313–1356; Ponsaers/ Devroe, How integrated is local prevention of radicalisation and terrorism?, in: Renard (ed.), Counterterrorism in Belgium: Key Challenges and Policy Options, Egmont 2016, pp. 23–33; Pramanik/Lau/ Chowdhury, Automatic Crime Detector: A Framework for Criminal Pattern Detection in Big Data Era. s. l., PACIS 2016 Proceedings 2016; Quinton, The formation of suspicions: police stop and search practices in England and Wales, 4 Policing & Society, 21(2011), p. 357–368; Quirke, OLAF’s role in the fight against fraud in the European Union: do too many cooks spoil the broth?. Crime, Law and Social Change Vol. 53 (2010), pp. 97–108; Ratcliffe, Intelligence Lead Policing, in: Wortley/ Mazerolle (ed.), Environmental Criminology and Crime Analysi, Routledge 2008, pp. 263; Rattcliff, Intelligence-Led Policing and the Problems of Turning Rhetoric into Practice, 1 Policing & Society 12(2002), pp. 53–66; Reid, The United States of Europe – From the Euro to Eurovision – The superpower nobody talks about, Penguin Books 2004; Rossnagel/Richter, Big Data and Informational Self-Determination. Regulative approaches in Germany: The Case of Police and Intelligence Agencies, in: van der Sloot/Broeders/Schrijvers (ed.), Exploring the Boundaries of Big Data, Amsterdam University Press 2016, pp. 261–279; Safianski, Barriers to the Operational Effectiveness of Europol, Int’l Security (2013), p. 53–69; Sandel, Justice and the Common Good, in: Justice – What’s the right thing to do, Penguin Books 2010, pp. 244–270; Sanders/ Weston/Schott, Police Innovations, ‘Secret Squirrels’ and Accountability: Empirically studying Intelligence Led Policing in Canada, British Journal of Criminology Vol. 55(2015), pp. 711–729; Sarmiento, European Union: The European Arrest Warrant and the quest for constitutional coherence, 1 Int’l J. of Constitutional Law 6(2008), pp. 171–183; Schubert, Europol und der virtuelle Verdacht, Peter Lang International Verlag der Wissenschaften 2008; Sheptycki, The police intelligence division-of-labour, 6 Police & Society 27(2017), pp. 620–635; Siebold, Zwischen Grenzen: Die Geschichte des Schengen-Raums aus deutschen, französischen und polnischen Perspektiven 1st ed., Ferdinand Schoening 2013; Smith, Developing a Working Typology of Rural Criminals: From a UK Police Intelligence Perspective, 1 Int’l J. of Rural Criminology 2(2013), pp. 126–145; Staser McGill/Gray, Challenges to International Counterterrorism Intelligence Sharing, 3 Global Security Studies 3(2012), pp. 76–86; Taylor/Russell, The failure of police ‘fusion’ centers and the concept of a national intelligence sharing plan, 2 Police, Practice and Research 13(2012), pp. 184–200; Traynor, Italy threatens to give Schengen visas to migrants as EU ministers meet, The Guardian, 16 Jun. 2015; Treverton, Terrorism, Intelligence and Law Enforcement: Learning the Right Lessons, 4 Intelligence and National Security 18(2003), pp. 121–140; Treverton, Social Media and Intelligence, Swedish National Defence College 2014; van Ballegooij, The Cost of NonSchengen: Civil Liberties, Justice and Home Affairs aspects, European Parliamentary Research Service 2016. Walsh, Intelligence-Sharing in the European Union: Institutions Are Not Enough,3 Journal of Common Market Studies 44(2006), pp. 625–643; Webb, Improvements Required for Operational and Tactical Intelligence Sharing in NATO, 1 Defence Against Terrorism Review 6(2014), pp. 47–62; Wesel, Geschichte des Rechts – Von den Fruehformen bis zum Vertrag von Maastricht, Beck 1997; Wills, A topdown Approach: Inteligence Led Policing Gains in Popularity; Law Enforcement Technology, November (2017), pp. 8–10; Wolf, Schlussbericht des Parlamentarischen Untersuchungsausschusses III, Landtag Nordrhein-Westfalen 2017.

A. Introductory note on the area of freedom, security and justice The European Union has evolved at a pace unimaginable at the time of its 1 foundation. There has been an ever-increasing momentum towards the declared and enshrined aim of moving towards an ever-closer Union2 despite the progress made in 2

See Art. 1 TEU (OJ C 326 of 26.10.2012).

Ryder

251

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:32 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

the areas of creating an economic and monetary Union and the freedom of movement3. One aspect which has been if not entirely overlooked, at least significantly left behind, is the area of police and judicial cooperation in criminal matters4. The increase of mobility, abolishment of border controls, with free movement assured to all those in its area (or at least the Schengen area), has, although not necessarily related5, coincided with an ever-increasing level of sophistication and globalization of organised crime6. What has not kept up, is the reality of policing an area consisting of 28 Member States7. At the very heart of the issue is a question as simple as it is sensitive: what would be the initial description of a geographic area, absent of internal borders, sharing one common external border, governed by a parliament, a form of a senate8 and a government9, including armed forces? Most would call this a country, or a state10. It is ambitious to have such a state without any federal law enforcement and instead relying on finding means through which the hundreds of law enforcement authorities of the 28 Member States can cooperate11. This is without mentioning the 3 See Arts. 3(2)-(5) TEU, as well as considering the historic development thereof, especially the Single European Act 1986 calling for the establishment of the internal market, and subsequently also the significant changes by the Maastricht Treaty in 1992 – (now already 25 years ago) – making the lack of such an internal market completely unimaginable in the present day and almost taken for granted, cf. Gehler, Europa – Ideen, Instiutionen, Vereinigung, 2010, pp. 269 et seq. 4 While the first acknowledgement of the need for some degree of discussions being required as concerns “terrorism and other international lawlessness” in 1975 (cf. Lenaerts/van Nuffel, Constitutional Law of the European Union, 2005, p. 36 at 2–105), it only became an official part of the Union policy as of the Treaty of Maastricht (cf. Klip, European Criminal Law. An Integrative Approach, 2012. p. 17 et seq.), with the introduction of the three-pillar structure, police and judicial cooperation being the third pillar. This cooperation however was severely limited compared to the first pillar area of economic cooperation, with specifically a lack of (or very limited) competence of the European Court of Justice, with the need for unanimity, as well as the lack of co-decision powers of the European Parliament, which was only consulted, in a non-binding manner. The creation of the Area of Freedom, Security and Justice, (now Art. 67 TFEU) on which all legislative initiatives since then have their origin through the Treaty of Amsterdam in 1996, was a major step creating this obligation on the Member States. However, only via the Lisbon Treaty in 2009, and even then, with a five-year transition period, was this removed, and police and judicial cooperation became a “normal” part of the Union. 5 Cf. van Ballegooij, The Cost of Non-Schengen: Civil Liberties, Justice and Home Affairs aspects, 2016, for the consequences of Schengen regarding the enabling of the Migration crisis and impacting public trust, see also European Commission, 2016. Back to Schengen – A Roadmap. 6 See e. g. the first OCTA, (Europol, 2006. OCTA EU Organised Crime & Threat Assessment 2006) and the following ones, culminating in the most recent SOCTA (Europol, 2017. European Union Terrorism Situation and Threat Report 2017) (see also below at II.b.). For the general exploitation of organized crime resulting from globalisation and free movements, cf. Dean/Fahsing/Gottschalk, Organized Crime – Policing Illegal Business Entrepreneurialism, 2010. 7 Even though the European Union consists of 28 Member States, this is notwithstanding the fact that not all Member States participate in Schengen, Denmark no longer being a part of Europol (or in due course Eurojust following the adoption of their new Regulation), the European Public Prosecutor’s Office being established not having all the Member States participating, and equally the United Kingdom likely leaving the European Union, creating a different number of participating countries. 8 One could see the Council of the European Union as a form of senate, or equivalent on a German level to a form of the Bundesrat. 9 Based on i.a. on its near exclusive ability to introduce legislation, the European Commission. 10 For general discussion, cf. Reid, The United States of Europe – From the Euro to Eurovision – The superpower nobody talks about, 2004, de Wijk, Supermacht Europa, 2005. 11 The sheer number of competent authorities in the European Union, and the combined respective distribution of competences on a national level alone, give a good idea of the complications already in part faced on national levels, let alone the need to cooperate and identify the correct competent partner. For an estimation of numbers, the competent authorities connected to SIENA (Europol’s Secure Information Exchange Network Application, cf. below at para 43) provide an indication as to the numbers, with more than 700 authorities connected as of 2016 which includes third States and Member

252

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:33 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

additional complication that between them, these authorities speak 24 different official languages12, and that this linguistic diversity is enshrined in its founding acts13. Complicating matters further, the law enforcement traditions and systems, the level of education, the financial14 and human resources15 available, as well as the primary forms of crime16, are all different to varying degrees. Yet this precisely describes the situation the European Union is currently in. Despite all efforts already undertaken and partly discussed throughout this chapter, there is still a significant need to address the Union’s ability to collectively and sustainably combat serious crime and terrorism. A possible solution with precedence would be following the example of the United 2 States of America with a Federal Bureau of Investigation or the various other federal law enforcement authorities with coercive powers in the United States17. The reasoning behind not following this approach, but favouring a solution based mainly on facilitating bi- and multilateral cooperation between the Member States, is primarily a political18 and historical one19. Law enforcement and the judiciary have always been considered as a major question of national sovereignty and equally remain, from a national responsibility perspective, a national obligation20. The alternative the Union has chosen is information sharing, and more specifically the sharing of criminal intelligence21. States, but allows a cautious estimation (Europol, 2017. European Union Terrorism Situation and Threat Report 2017, p. 69). 12 Cf. Ingleton, Mission Incomprehensible – the linguistic barrier to effective police co-operation in Europe, 1994. 13 See Art. 3(3) TEU. 14 For example, the EU average spending by Member State on their police service is 0.9 % of GDP, with the variation lying between 0.5 % (Luxembourg and Finland) to 1.4 % (Croatia and Greece), and approximately 70 % of those costs being related to staffing costs Eurostat, 2018. Government expenditure on public order and safety. Available at: http://ec.europa.eu/eurostat/statistics-explained/index.php/Government_expenditure_on_public_order_and_safety [Accessed 9 April 2018]. 15 Indicative for example is, based on data from 2015, Hungary with 90 officers/100,000 inhabitants as lowest, and Cyprus with 590 as highest. While the data set utilized excludes data from Germany, Ireland and the United Kingdom, it provides an overview which allows a rough indication of the dramatic spread across the Member States (PORDATA – Fundação Francisco Manuel dos Santos, 2018. Police officers per 100 thousand inhabitants). Available at: https://www.pordata.pt/en/DB/Europe/Search+Environment/ Chart [Accessed 17 March 2018], Eurostat, 2017. Crime and criminal justice statistics. Available at: http://ec.europa.eu/eurostat/statistics-explained/index.php/Crime_and_criminal_justice_statistics#Source_ data_for_tables_and_figures_.28MS_Excel.29 [Accessed 17 March 2018]. 16 For comparison, the earlier Organised Crime Threat Assessments by Europol organized its threat assessments by regions across the Union. 17 For a partial development and historical perspective of the evolution of the Federal Bureau of Investigation at the time, cf. Lowenthal, The Federal Burea of Investigation, 1950. Also, of relevance is the absence of on an EU level, the existence of European Criminal Code, and for contextual evolution of the US Federal Criminal Law, cf. Abrams/Beale, Federal Criminal Law and its enforcement, 2000. 18 Cf. Ellermann, Europol und FBI – Probleme und Perspektiven, 2015, Aschmann, Europol aus Sicht der deutschen Laender, 2000. 19 The most significant difference being the parallel development of the United States as a country to the federal law enforcement branches – and equally there the FBI was only formally founded in 1908 (cf. Lowenthal, The Federal Burea of Investigation, 1950. pp. 3 et seq.), whereas the entire European Union only came into existence from an impactful perspective in 1957. 20 Art. 72 TFEU. 21 This is not to say that even in the case of existence of federal authorities, information sharing is not a necessity or a problem. Many states have significant internal issues sharing information even between their own competent authorities. Yet in the absence of a federal level which may also collect and obtain its own intelligence through coercive measures, the sharing and availability of relevant information is the major determining factor of success.

Ryder

253

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:33 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

Consequently, the sharing of information is the sine qua non for successful law enforcement in the Union. Of specific relevance therefore are the practicalities of sharing, the recipients, access rights and any restrictions on use, such as the purpose for which they may be used22. Related to all these considerations is also the origin of the information in question. A resulting area of concern when discussing the collection as well as sharing of information is protection of personal data. While applying only to personal data23, personal data unsurprisingly composes most of operational information exchanged24. The question of the balance between data protection and law enforcement or security is a contentious issue, where attitudes and approaches vary significantly across the Union25. It is therefore nearly impossible to address this topic without a brief discussion concerning the data protection safeguards and requirements26. 4 Whilst the immediate area of applicability of “European Criminal Intelligence” covers primarily cross-border investigations regarding serious and organised crime and terrorism, this may be a misleading perception. While it is true that cross-border investigations, by definition, require information to be shared, the scope of national, local or regional crime which has a European connotation can also not be underestimated. If the population of the Union can travel and reside freely in any other Member State, then even a national investigation involving a foreign national (i. e. foreign in the concept of not being a national of the Member State in question), would benefit from having the same access to information about the individual, as if the individual would have been investigated in his country of origin. This point however goes broader: Even if the individual were to have been investigated in his country of origin, he/she may have spent some (considerable) time in the territory of another Member State – which may have valuable investigative information (such as financial details, family, associates, previous arrests, etc.). As such, the scope of European criminal intelligence should not 3

22 For the general data protection principle of purpose limitation, cf. specifically Art. 29, Data Protection Working Party [2013], Opinion 03/2013 on purpose limitation. 23 i. e. as per Art. 4(1) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) “ ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;” 24 Generally, whilst strategic, or non-personal data, is of great relevance to setting strategy and making informed tactical decisions, most of information of direct operational value relates to data allowing (with varying degrees of effort) the identification of an individual. Nonetheless, also the sharing of anonymized, and consequently non-personal data, can lead to significant results. Apart from being a basis of intelligence-led policing (see further para 31), an example can also be seen at Curtis, F., et. al., Injury Prevention 2014, Vol. 20, pp. 108–114. 25 See C-203/15 Tele2 Sverige AB v Post-och telestyrelsen and C-698/15 SSHD v. Tom Watson & Others, (European Data Protection Supervisor, 2015), and also specifically on the balance of the provisions as regards involvement of international transfer of personal data, see Opinion 1/15 of the Grand Chamber of the European Court of Justice (Canada PNR Agreement), as well as judgement of the ECJ in C‐362/14 Schrems v. Data Protection Commissioner (Digital Rights Ireland), and from a national perspective for example in Germany, the case of the murder of Caroline G., evidence was inferred the involvement of a heavy goods vehicle driver as a suspect, and by virtue of the toll-collection system data on all HGVs in the area at the time would have been available, but the use of those data were exclusively limited to the purposes of managing the toll collection. For discussion of this inability to use personal data, even in cases where a murderer may be go free as a result, see e. g. Janz, Badische Zeitung, 27 Jan. 2017., Frankfurter Allgemeine, 2013. Friedrich will Mautdaten zur Bekämpfung von Verbrechen nutzen. Frankfurter Allgemeine, 6 November. 26 Infra B.III.

254

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:33 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

be reduced or assimilated purely to cross-border investigations and serious crime but is of utter importance in the daily work of any investigator, regardless of their capacity27. The sharing of information and intelligence is therefore not as much (only) a matter 5 of finding alternatives to what would be a “federal” police. Rather, it is the finding of means by which a proper implementation of the obligation incumbent on the Member States to create an area of freedom, security and justice is enabled. It is from this aspect that the chapter will examine the state of intelligence sharing, the efficiency and effectiveness of Europol in that respect, as well as complimentary initiatives and actors in this field. The chapter concludes with a prognosis regarding possible future developments to be expected as well as needed, and a discussion about where the trend towards sharing information is headed.

B. European criminal intelligence in context European criminal intelligence and the sharing thereof, is a pre-requisite to making 6 possible the effective combating of crime within the European Union. A central aspect is naturally what European criminal intelligence is and what it is not, including by whom and how it can be accessed and used. In this context it is also beneficial to address the impact from a data protection and civil liberties aspect.

I. What is European criminal intelligence? The meaning of European criminal intelligence needs to be addressed prior to any 7 further discussions. It instinctively can be used as a concept covering various meanings, dependent on the article in which it is mentioned, the context, and any attempts to contrast it against other things. At its core, “intelligence” has an immediate association with intelligence agencies. It is maybe surprisingly seen also as an end-product of analysis, rather than a raw material in and of itself. The FBI sees intelligence as “information that has been analyzed and refined so that it is useful to policymakers in making decisions – specifically, decisions about potential threats to our national security.”28 Equally, though, it can be seen as both raw information, as well as, an endproduct: “intelligence, especially finished intelligence – the analytical products and the on-call expertise of the analysts who produce them – bring value added to the national security policymaking process.”29 The dual meaning of intelligence to incorporate both in essence information as well as the end-result of having processed or analysed that information, is not shared throughout literature. This can be seen i.a. in the concept of describing fusion centres30: “State and major urban area fusion centers, …, have been one of the main vehicles for enhancing information sharing by acting as hubs for information and intelligence on terrorist, criminal, and other public safety threats within 27 For example, a Dutch national moved to Germany and is investigated there. Additionally, the national has spent 6 years living in Malta as well as in Spain, having opened bank accounts on both occasions as well as possibly some small companies. At the time of investigation in Germany, this background information may be valuable to have for further leads in the investigation, as well as for providing background context. The same applies if possibly already in Spain and Malta investigations had commenced but been closed due to lack of evidence. 28 Cited as such in Fisher, J. of Military and Strategic Stud. 2016, 17(1), pp. 189–208. 29 Bruce/George, in: George/Bruce (eds), Analyzing Intelligence – Origins, Obstacles, and Innovations, 2009, pp. 1–16. 30 On fusion centers in general, cf. para 33 re Intelligence-led policing.

Ryder

255

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:34 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

a particular geographic area.”31. As an example of an attempt to define what appears to be a simple word from a law enforcement perspective, Ratcliffe describes intelligence as follows: “The word intelligence seems to summon up the wrong image in just about everyone. To the public it can suggest subterfuge, a clandestine and covert activity conducted by officers of a shady disposition and involving a degree of moral ambiguity. To patrol officers, it is a peripheral activity that seems to have little relevance to their daily job and is mainly used by specialised units employing wiretaps and surveillance. To senior police officers, it is of tangential value, a tool for investigative case support that has little influence over strategic decision-making. But to crime intelligence analysts, it represents a rare objective voice that understands the criminal environment, a lone whisper that is maligned, misunderstood or simply ignored by an institutional milieu yet to come to terms with policing in the post-9/11, information rich world.”32 It may be concluded however, that sometimes complex notions are best broken down to their most straightforward and basic ingredients, which is an attempt made by Lowenthal who states “The Simplicity of Intelligence: In the baseball movie Bull Durham, a manager tries to explain to his hapless players the simplicity of the game they are supposed to be playing: ‘You throw the ball; you hit the ball; you catch the ball.’ Intelligence has a similar deceptive simplicity: ‘You ask a question; you collect information; you answer the question.’ In both cases, many devils are in the details.”33 For Lowenthal however, this detail, when broken down leads to his “working concept” definition, which is that “Intelligence is the process by which specific types of information important to national security are requested, collected, analysed and provided to policy makers; the products of that process; the safeguarding of these processes and this information by counterintelligence activities; and the carrying out of operations as requested by lawful authorities.”34 8

For this chapter, intelligence and information are synonymous, incorporating both information, or raw, unprocessed data, as well as the refined output resulting from its analysis35. From a practical perspective, and in an EU law enforcement context, there is no meaningful difference between intelligence and information, as it is doubtful to what extent any court would ever rule that intelligence is not equally information. This is strongly supported by the fact that the European Treaties themselves equally mention only “information”, both when referring to police cooperation36, as well as mentioning Europol’s mandate37. It should also be noted that in this context, any attempt to distinguish between the two may also be an old-fashioned approach, as the Europol 31

Carter, et.al., Journal of Police and Criminal Psychology 2016, pp. 1–17. Ratcliffe, in: Wortley/Mazerolle (eds), Environmental Criminology and Crime Analysis, 2008, p. 263. 33 Lowenthal, Intelligence: From Secrets to Policy, 6th ed., Los Angeles et al. 2014, p. 47. 34 Ibid, p. 10. 35 See equally Her Majesty’s Inspectorate of Constabulary who declares that “Information is the lifeblood of the police service” and clarifies via a footnote that “information” in that context “is used to refer both to information and intelligence” Her Majesty’s Inspectorate of Constabulary, 2015. Building the Picture: An inspection of police information management, p. 3. 36 Art. 87(2)(a) TFEU. 37 Art. 88(2)(a) TFEU. 32

256

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:34 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

Regulation speaks only of Europol’s ability to process information38, whereas the Europol Council Decision still speaks of processing information and intelligence39. The distinction between criminal intelligence and consequently the concept of (non- 9 criminal) intelligence, can either be seen from the view of the purpose for which it is used – or from the tracing the original purpose for which it was collected. Dealing with the latter first, the fact that there is information which is not allowed to be used for law enforcement purposes, as much as it may be desirable from their point of view, is a relevant aspect40. The general concern or unease regarding law enforcement intelligence, is most likely related to the association with intelligence agencies as mentioned above. Intelligence agencies in general are traditionally given greater powers than law enforcement authorities when it comes to the measures they can deploy to gain information. Or more accurately, the judicial authority required to allow the deployment of such measures. There are only a few methods employed by secret services, which in principle are prohibited to law enforcement authorities – the only difference being the need for prior judicial authorization. Still, it could be a subversion of judicial oversight or circumvention of police powers, if information gathered by the domestic or foreign intelligence agencies, were to be able to be directly and easily shared with law enforcement for law enforcement purposes41. On a European level, the cooperation between law enforcement and intelligence agencies does occur, but to differing extents. Whereby Germany has an official “Trennungsgebot” prohibiting an overlap of competence, other Member States, such as the United Kingdom, do not have such an express prohibition. It is of interest as well, to what extent the emerging threat of terrorism and its regrettable repeated impacts within the European Union since 9–11, have led to a loosening of such restrictions, or at least more openness as concerns such cooperation42. Of further relevance as regards terrorism is the consequence for the traditional 10 approach to policing, with a focus on prevention as well as detection and prosecution. As regards terrorism, a tremendous amount of efforts rightfully is placed on prevention as a priority over a successful judicial follow-up. The consequences of a possible terrorist attack, usually focused on the public at large, and in an indiscriminate manner, are a relatively new threat to most of the Union’s Member States, and the most suitable 38 Art. 18(1) Regulation of the European Parliament and European Council of 16 May 2016 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA, OJ L 135 of 24.5.2016, notwithstanding that in Preamble 12, describing Europol as the information hub, also here the legislator refers to information and intelligence, yet in the actual articles, Europol in Art. 18, is only authorised to process information. 39 Art. 10(1) of the Council Decision of 6 April 2009 establishing the European Police Office, OJ L 121 of 15.5.2009, which still speaks of “Europol shall process information and intelligence, including personal data,…” 40 For examples cf. supra 25. 41 See the German Constitutional Court, arguing that indeed it is in part the different competences available to agencies which prohibit an overlap of competences in principle – yet without making a final decision in that respect as concerns intelligence agencies, as it was not needed in the case: “Für die in Art. 87 Abs. 1 Satz 2 GG vorgesehenen sonderpolizeilichen Behörden des Bundes stellt sich allerdings die Frage eines Trennungsgebotes. Das Rechtsstaatsprinzip, das Bundesstaatsprinzip und der Schutz der Grundrechte können es verbieten, bestimmte Behörden miteinander zu verschmelzen oder sie mit Aufgaben zu befassen, die mit ihrer verfassungsrechtlichen Aufgabenstellung nicht vereinbar sind. So werden die Zentralstellen für Zwecke des Verfassungsschutzes oder des Nachrichtendienstes – angesichts deren andersartiger Aufgaben und Befugnisse – nicht mit einer Vollzugspolizeibehörde zusammengelegt werden dürfen (vgl. schon “Polizeibrief” der westalliierten Militärgouverneure vom 14. April 1949). Diese Frage bedarf jedoch hier keiner abschließenden Entscheidung.”, BVerfG, Beschluss des Zweiten Senats vom 28. Januar 1998–2 BvF 3/92 – Rn. (87). 42 Cf. infra para 35 regarding the establishment of the European Counter Terrorism Centre at Europol.

Ryder

257

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:35 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

approach to combat it is still under development. A central question, although initially seeming unrelated, is the difficulty in defining the border between non-criminal behaviour (not actionable by law enforcement) and the criminal preparation of a terrorist attack. The question at which point thoughts become a crime is essential. Without a suspicion of a criminal activity, the abilities of law enforcement are significantly diminished, or arrests are made prior to a criminal act having been committed43. 11 As a conclusion from the above, the definition of criminal intelligence must also have a factor in it denoting actual suspicion of being related to criminal (law enforcement actionable) activity44. It should be insufficient only meeting certain risk criteria or vulnerabilities for e. g. radicalization, which in and of themselves, are insufficient for a criminal investigation or law enforcement action. However, they could very well be of interest at a given point. The most apt description of European criminal intelligence, as relates to personal data, is any information pertaining to criminal activity with a potential nexus to activity within the European Union, or to persons having a nexus to it. This is a more abstract paraphrasing of what has been defined in the Europol Regulation as falling within its mandate to process, namely personal data related to “persons who, in accordance with the national law of the Member State concerned, are suspected of having committed or having taken part in a criminal offence in respect of which Europol is competent, or who have been convicted of such an offence45” or “persons regarding whom there are factual indications or reasonable grounds under the national law of the Member State concerned to believe that they will commit criminal offences in respect of which Europol is competent”46 as well as personal data related to “persons who might be called on to testify in investigations in connection with the offences under consideration or in subsequent criminal proceedings”, “persons who have been the victims of one of the offences under consideration or with regard to whom certain facts give reason to believe that they could be the victims of such an offence”, “contacts and associates” and “persons who can provide information on the criminal offences under consideration”47. While indeed a lengthy description of categories, it should be noted that as concerns personal data, Europol may not process any personal data which is not covered by one of the above categories. If indeed Europol’s mandate is to be the central intelligence processing hub for the European Union48, then there can be no more specific and exhaustive definition of European criminal intelligence as relates to personal data49. As 43 While out of scope of this Chapter, this is a motivating factor for the various legislations in place concerning the introduction of new criminal offences such as supporting terrorism, encouraging terrorism, or even possessing material likely to assist in terrorism, such as those in place by the United Kingdom. By definition they are vague and incredibly hard to assess in an objective manner. The differences can possibly also be inferred by assessing the statistics of arrest for terrorism and relating them to successful convictions, as done in the Terrorism Situation and Threat Assessments by Europol including the percentage of acquittals. From it, one could cautiously deduce the respective policy approach towards prevention, rather than conviction focused action by the law enforcement authorities – cf. Europol, 2017, European Union Terrorism Situation and Threat Report 2017, pp. 51 et seq. 44 Cf. Johnson, Criminal Just. Stud. 2013, 26(1), pp. 99–114. 45 Art. 18(2)(a)(i) Europol Regulation. 46 Art. 18(2)(a)(ii) Europol Regulation. 47 Annex II, Part B, Arts. 1(c)-(f) Europol Regulation respectively. 48 Cf. Recitals 12 & 13, Europol Regulation. 49 For a discussion on the extent to which a distinction between information and intelligence may be relevant to be considered from the aspect of the impact it may have on an individual, and consequently the necessity for proportionate safeguards being instituted, especially considering electronic databases, cf. Grace/Oswold, Europ. J. of Current L. Issues 2016, 22(1), Chapters 2 & 3.

258

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:35 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

concerns non-personal data, the previous broad scope stands, and for Europol, is limited to the somewhat subjective view, of processing non-personal data to the extent that it is relevant for the performance of its tasks50.

II. What is criminal intelligence used for? European criminal intelligence is utilized for two main objectives – operational or 12 strategic. This encompasses from the operational side concrete law enforcement actions, such as arrests, observations, or deployment of coercive measures. The strategic side focuses on using intelligence in a strategic manner, such as anticipation of required resources, advanced threat detections, allocation of priorities and assessing risks. This allows the steering of police operations from a tactical as well as from a managerial perspective, e. g. allocation or anticipation of required resources, enabling a pro-active, rather than being confined to a reactive, approach51.

1. Operational use of European criminal intelligence The use of intelligence for operational actions seems self-explanatory. Nonetheless, it 13 may be hard to envision it in abstract. Concrete examples abound, simply by following the news and searches for Europol, constantly leading to joint operations assisted by Europol. High-profile examples in combatting online child sexual exploitation include Operation Rescue in 201152 and Operation Pacifier in 201753, leading to together approximately 1,500 national investigations into the operations behind websites offering child sexual exploitation material. What is harder to describe when dealing with operational intelligence is the actual use behind the scenes. An Austrian investigator states the following about his practical use of Europol in a specific investigation he oversaw: “Based on evidence gathered, we soon realized that we were dealing with a Lithuanian organized criminal group. This international link prompted us to get Europol involved. We got straight in touch with our Europol national unit to start the process. We began the information exchange by providing any intelligence we already had on the gang which included data on their Lithuanian mobile phones being used in Austria. This data was fed into Europol’s information system and Europol’s analysis came back, telling there were links to Belgium, France, Italy and Sweden. The suspects had been police checked on the road and at border crossings in several countries – luckily, their ID and vehicle document data had been recorded in many cases, making it possible for us all to tap into this information through Europol.”54 50 Cf. Art. 23(2) Europol Regulation as relates to the ability to exchange non-personal data, as well as Art. 17 Europol Regulation, concerning the sources of information being limited in any event to information (including non-personal data) supplied to it, or retrievable by Europol from publicly available sources. In this context also allowing the clear inference, that even any publicly available information may become in essence criminal intelligence by virtue of its relevance to Europol. 51 Cf. re Intelligence-Led Policing at para 33. 52 Europol, 2011. More than 200 children identified and rescued in worldwide police operation. [Online] Available at: https://www.europol.europa.eu/newsroom/news/more-200-children-identified-and-rescuedin-worldwide-police-operation [Accessed 16 December 2017]. 53 Europol, 2017. Major online child sexual abuse operation leads to 368 arrests in Europe. [Online] Available at: https://www.europol.europa.eu/newsroom/news/major-online-child-sexual-abuse-operationleads-to-368-arrests-in-europe [Accessed 17 December 2017]. 54 Europol, 2011. The European Investigator – Targeting criminals across borders, p. 6.

Ryder

259

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:36 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

Law enforcement investigations within the European Union, when dealing with organized crime, as well as serious crime, are to almost 100 % connected to crossborder elements55. A purely national crime group, consisting only of the nationals of one State and operating exclusively within it, is extremely rare56. As a direct consequence, any national investigation into any of these crime areas, will result in cross-border contacts being required57. In turn, this implies that any information already available in another Member State, would be of potential value to the investigator. This could mean either an avoidance of duplication of work, or as may occur otherwise as well, an unintended interference in possibly already ongoing investigations by another country, potentially sabotaging their efforts based on e. g. premature arrests58. To avoid specifically these consequences as well, it is in the interest of all the other potentially involved Member States, that any other investigation undertaken into certain suspects or organised crime groups (OCGs), is fully aware at the very least of the existence of an ongoing investigation of a similar nature. There is therefore not only a potential for positive gains, but also a prevention of negative impacts on others. 15 There is also no real necessity to examine complex cases on a European level to illustrate the point, as the same challenges apply in an identical manner in the national context. Serving as an illustration59, Germany is a federal republic, with a federal police force. It is however comprised of the Laender, who each have their own police forces. Consequently, information sharing is essential. In this context, the need for the efficient sharing of information can be exemplified by way of one of the main emerging threats identified for the Union – mobile organized crime groups60. A typical modus operandi would be the actions of e. g. a Czech OCG entering Germany by car, crossing the unmanned border, and entering Germany either through the state of Saxony or Bavaria61. Here they commit a string of burglaries, before returning to their homes in the Czech Republic. Within a few hours, they could have entered Germany via Bavaria, driven to Thuringia, and left Germany again via Saxony, effectively crossing three Laender62. In this instance, all the information collected would have to be first of all 14

55

Europol, 2017. Serious and Organised Crime Threat Assessment 2017, pgs. 13 et seq. Ibid. 57 By way of example, trafficking of human beings or illicit goods, drugs, etc., by definition requires two countries, and equally once trafficked into the European Union, almost certainly will not have its exclusive final destination in a Member State with an external border. Further, almost all organized crime is active in relation to money laundering, which is an actual driver of technology and utilization of cyberplatforms, and as a result once more involving more than one jurisdiction (cf. Frunza, in: Solving Modern Crime in Financial Markets, 2016, pp. 3–6). 58 Whilst generally not publicized for obvious reasons, occasions do occur where an investigation into a cross-border Organised Crime Group (OCG) fail to achieve their maximum success, based on uncoordinated action by one of the involved states, unaware of the parallel investigation into the part of the OCG operating in the other state. 59 As an illustration only, and without entering into detailed structural analysis of the German system and law enforcement structure. 60 The type of crime described here as an example is an EU wide priority under the EU policy cycle, notably described “To combat organised property crime by concentrating on disrupting highly mobile OCGs carrying out organised thefts and burglaries across the EU. This should include OCGs using new technologies or enhanced countermeasures which exploit the lacking interoperability of cross-border surveillance tools.” (Draft Council conclusions on setting the EU’s priorities for the fight against organised and serious international crime between 2018 and 2021,Council Doc. 8654/17). 61 Based on the extensive borders shared between Germany and the Czech Republic – but also being able to cross briefly into Austria and enter Germany from there with only a minor detour, to add further resulting complexity for the final investigator. 62 This is a hypothetical example only to illustrate the issue, and any connection to actual cases is purely incidental and unintentional. 56

260

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:36 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

identified as relevant to others, and then shared between three different national police forces within Germany, including between two countries. An additional hindrance to the sharing of information is also the subjectively perceived 16 relevance of information to others by the owners of the information. In the above example of cross-border burglaries, the law enforcement services in Thuringia may register a spike in burglaries in certain regions, but without additional information are unlikely to consider this a potential cross-border issue63. This subjective awareness is an essential part of European policing: the awareness that to a certain extent “national” criminal intelligence does not really exist anymore. Rather, near enough everything could and should be considered as potentially relevant on a European level – and even where it is not immediately obvious, it should be easily accessible and locatable, once a link is identified64. The view that information should be shared in general, rather than only on a case-by-case basis, is equally supported by more than two thirds of the population65. In the interim, what remains is an inhibition of sharing vital information already existent on a German-Laender level66, present to an equal amount in Belgium67, the United Kingdom68 or most likely near enough any Member State of the Union consisting of more than one law enforcement service. The fact that the sharing and making available of information is already an issue on a national level allow the deductions of how much an issue it is on a European level – with the Member States themselves having more than 300 different competent law enforcement authorities69.

2. Strategic use of European criminal intelligence Operational actions are the main headline-grabbing points of contact for the public 17 and operational successes constitute key performance indicators for law enforcement work. Yet, it needs to be pointed out that they are often the result or outcome of significant strategic analysis undertaken in advance. Unless law enforcement is reduced to being completely reactionary in its approach to combatting crime, it is necessary to gain an understanding of the actual threats faced, their origin, causes and contributing factors. This would allow a significantly higher efficiency concerning the use of resources and most significantly allow also a sustainable combatting of serious and organized crime. This approach would permit moving beyond “merely” reacting to events, to pro-actively hindering emerging fields of crime, identifying and removing enablers, or eliminating a threat at a point where it is still containable, rather than at a later stage in which it becomes exponentially more difficult. 63

And this includes cross-border also from an intra-German aspect. Naturally, the more information is shared and the greater the circle of potential recipients of the information becomes, the greater the potential impact for an individual and the data protection concerns become. 65 European Commission, International cooperation between police and other law enforcement authorities, in: Special Eurobarometer 464 b “Europeans’ attitudes towards security”, p. 42. 66 See ongoing trial related to the NSU-Murders, and the various parliamentary committees investigating and identifying the failure of intra-German information sharing and competences in general, and specifically the conclusions of the parliamentary control report of Northern Westphalia, concluding the need for a joint information sharing system by all the Laender, as well as criticising the information exchange even within the various departments, including criticising the lack of ability of the intelligence agencies to share information with law enforcement, (cf. Wolf, Schlussbericht des Parlamentarischen Untersuchungsausschusses III, 2017 pgs. 753 et seq.). 67 As relates to the terrorist attacks in Belgium and the national information sharing deficits, cf. Ponsaers/Devroe, in: Renard (eds), Counterterrorism in Belgium: Key Challenges and Policy Options, 2016, pp. 23–33. 68 See for a more historical assessment from 2004 related to the murders of Ian Huntley (Bichard, The Bichard Inquiry – Report, 2004.). 69 Supra 11. 64

Ryder

261

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:37 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

On a European level, an additional complication stems from differing approaches across the Union as concerns priorities. This diverging approach can be seen for example on the questions of legality of prostitution (which is a significant factor in trafficking human beings70), the legality of gambling71, but also the legality of narcotics and their distribution72. Beyond trafficking of marihuana however, it is also of interest to note that over the past five years, there were more than 400 psychotropic substances reported for the first time within the European Union73 – exemplifying further the need for coherency across the Union. Should a Member State not yet have criminalized the substance, then that Member State risks becoming a haven for its production – and subsequent trafficking to another Member State, where it becomes an illegal product74. Apart from the field of narcotics, should for example Germany place a high priority on combatting trafficking in human beings, this will most likely yield a noticeable impact within Germany. Yet it will not likely have led to the overall limitation thereof in the Union. Rather, the OCGs will have simply found an alternative routing. This is even more the case, where the Member State used as an example is not as significantly present by size or geographic location as Germany is. 19 During the height of the migration crisis when the routes for illegal migration switched from arrivals at the shore of Greece, and moved towards Italy, the same aspect can be illustrated. This led to the most dramatic illustration of co-dependency currently existing in the Union, with Italy threatening to ignore the problem and allow free onward travel throughout the Schengen zone75. This was the result of Italy feeling abandoned, with other Member States being reluctant to – in Italy’s view – offer adequate support. Whilst the duty to loyal cooperation exists and applies equally to all Member States to all areas of activity of the Union76, it still appears to remain a significant challenge in practice to discharge that duty in full77. 18

20

a) SOCTA One of the direct consequences of the need to see the Union holistically from an emerging threat perspective is the production of an overview of the core emerging threats across the European Union from organized crime. These reports were 70 Cf. the Swedish government position on the matter: “The underlying reasons for people being involved in prostitution vary, but the primary factor that sustains both trafficking in human for sexual purposes and prostitution is demand. Efforts to undermine the market and to counteract the demand to buy sexual services are therefore fundamental in combatting prostitution and trafficking in human beings for sexual purposes.” Government Offices of Sweden, 2016. Prostitution and trafficking in human beings for sexual purposes. [Online] Available at: https://www.government.se/49469a/contentassets/2bfd917d30b64fe9a46d787e575e3eab/161219-infokit-uppdatering2.pdf [Accessed 12 January 2018]. 71 Cf. Frunza, in: Solving Modern Crime in Financial Markets, 2016, pp. 77–128. 72 e. g. Dutch coffee shops legally selling marihuana, while other countries and the Netherlands itself, spend considerable efforts in investigating the trafficking thereof. 73 See Europol, 2017. Serious and Organised Crime Threat Assessment 2017. 74 Precisely for this aspect, the European Monitoring Centre for Drugs and Drug Addiction (EMCDDA), has been given a central coordination task, including strict obligations of cooperation by both the European Medicines Agency and Europol to provide information they have in relation to newly identified substances, cf. Regulation (EU) No. 2017/2101 of the European Parliament and of the Council of 15 November 2017 amending Regulation (EC) No 1920/2006 as regards information exchange on, and an early warning system and risk assessment procedure for, new psychoactive substances, OJ L 305 of 21.11.2017. 75 Cf. Traynor, The Guardian, 16 June 2015. 76 Art. 4(3) TEU, also specifically for consequences of the Lisbon Treaty cf. Klamert, Loyalty in the EU Treaties, in: The Principle of Loyalty in EU Law, 2015, pp. 9–30, and historical view of the ECJ in Case 44/ 84 Hurd [1986] ECR 29 a. 77 As naturally, if fully implemented, it could be seen as placing EU priorities above national ones, a fundamental conflict at the root of most issues in cooperation between Member States.

262

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:37 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

produced by Europol and were called Organised Crime Threat Assessment (OCTA). The first OCTA was produced by Europol in 200678, and continued annually until 201179. Based on this pan-European view of organized crime, the Council of the European Union decides upon the Union priorities, binding upon all Member States80. Specific crime threats assessments, which Europol was tasked to provide demonstrated further added value. Examples of these were the Russian Organised Crime Threat Assessment (R-OCTA)81, South-eastern European Organised Crime Threat Assessment (OCTA-SEE)82, as well as an emerging Internet Facilitated Organised Crime Threat Assessment (i-OCTA) in 201183. In 2010, a decision was made however, that rather than consistently developing new threat assessments, a more coherent approach was required on a European level84, which led to the commencement of the EU Policy Cycle (2011–2013)85, with a revised policy cycle commencing with the publication of the first Serious and Organized Crime Threat Assessment (SOCTA), in 201386. Rather than focusing on individual threats in existence, the approach towards the SOCTA by Europol is more forward looking, thereby facilitating pro-active actions87. The SOCTA attempted in its inaugural edition to propose a more focused and 21 targeted approach by the Union as concerns law enforcement approach in general. In the words of Europol’s Director in the introduction to the 2013 SOCTA: “In each of these areas, and more generally in the field of serious and organised crime activity, the need to focus operational effort on identifying and disrupting the most significant criminal groups, rather than on conducting more generalised law enforcement activity, remains a critical factor in the EU’s response. In this context the 2013 SOCTA makes notable findings about the continuing evolution of a new breed of ‘network-style’ organised crime groups, defined much less by their ethnicity or nationality than has been the case hitherto, and much more by their capacity to operate on an international basis, with multiple partners and in multiple crime areas and countries. This calls for a shift in our strategic response in the EU, away from one centred on individual ethnic types, or even individual crime areas, towards a more flexible, heterogeneous model of targeting these dynamic organised crime networks, through a more effective use of cross-border mechanisms to exchange information and coordinate operational activity.”88 78

Europol, 2006. OCTA EU Organised Crime & Threat Assessment 2006. Europol, 2011. EU Organised Crime Threat Assessment. 80 As part of the EU Policy Cycle, cf. below at B.II.b. For general development, cf. Goold, Development of the Organised Crime Threat Assessment (OCTA) and internal security architecture – Study, 2009. 81 Europol, 2008. Russian Organised Crime Threat Assessment (Europol Restricted) cited in Europol, 2008. Europol Review. 82 Prepared by Southeast European Law Enforcement Center (SELEC), supported by Europol, at the initiative of the Slovenian Presidency cf. SELEC, available at http://www.selec.org/p460/OCTA+SEE [last accessed 15 January 2018]. 83 Europol, 2011. Threat Assessment (Abridged) – Internet Facilitated Organised Crime – iOCTA. Since 2014 however an annual production aimed at informing the public and Member States’ law enforcement authorities, all available athttps://www.europol.europa.eu/activities-services/main-reports/ internet-organised-crime-threat-assessment#fndtn-tabs-0-bottom-2 [last accessed: 19 December 2017]. 84 (Council of the European Union, 2010) Council of the European Union, 2010. Council conclusions on the creation and implementation of an EU policy cycle for organised and serious international crime. 3043rd Justice and Home Affairs Council meeting Brussels, 8 and 9 November 2010. 85 Ibid, p. 8 for a graphical representation. 86 Europol 2013, SOCTA 2013, pp. 11 et seq. 87 Cf. reception at the time Paoli, Europ. J. of Crime, Criminal Law and Criminal Justice 2014, 1(22), pp. 1–12. 88 Supra 80, p. 5. 79

Ryder

263

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:38 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

Part of this approach was a focus on crime enablers in a dedicated chapter89. Examples of enablers identified were increased use of legal business structures and use of otherwise legitimate professional expertise, e-commerce, as well as document and identity theft90. Approaching the fight against organised crime on a European level by identifying what enables organised crime in the first place, may not seem revolutionary. This however, depends on the national and subjective perspective and experience of the reader. But that is precisely the point91. Whilst some Member States may have made considerable in-roads into addressing some or even all these aspects themselves, this is most likely not the case by all Member States to an equal level. The primary reason for this is that even if one, multiple or even most Member States invest significantly into e. g. preventing and detecting identity or document theft and forgery, once they are issued in a Member State of the European Union they are valid and considered as such throughout it92. Rightfully therefore parts of the approach and focus of the SOCTA and subsequently of the EU Policy Cycle, contain “basic” approaches. This should not be seen as a critical, but rather as an encouraging statement. The focus has moved away from combatting only the symptoms towards identifying and addressing the enablers. If these can be addressed pan-European, to an equivalent level, then the entire Union would make a dramatic step towards a sustainable and effective tackling of specifically organized crime. 23 The latest, but still only second SOCTA, published in 201793, continues its approach in identifying emerging threats of a concrete nature, such as cybercrime. It also notes the detection of an additional 1,400 organised crime groups since the previous SOCTA, 4 years prior94. In its recommendations, it still addresses the need for basic requirements, including specifically the need for continued and real-time information exchange of, in essence, European criminal intelligence: 22

“These developments highlight the complex dynamics that shape the serious and organised crime landscape in the EU. They also emphasise the need for the continued and enhanced exchange of information between law enforcement authorities as part of their day-to-day business. Connecting law enforcement authorities and facilitating the real-time 24/7 exchange of information remains Europol’s core business. The SOCTA 2017 is a forward-looking document that both describes and anticipates emerging 89

Supra 84. Ibid. 91 See for instance the various significantly diverging national opinions on whether law enforcement is sufficiently active in combatting e. g. cybercrime, trafficking or corruption (European Commission, 2017). Perception of national law enforcement authorities’ action in fighting specific threats in: Special Eurobarometer 464 b – “Europeans’ attitudes towards security” Report. 92 Consider also in this respect the legitimate sale of EU citizenship by Malta to individuals contributing EUR 650,000 to a Maltese Government Fund as part of the “Individual Investor Programme” Republic of Malta, 2014. Individual Investor Programme of the Republic of Malta. [Online] Available at: http://iip.gov.mt/wp-content/uploads/2014/07/IIP-Brochure-v1.2_updated.pdf [Accessed 9 January 2018]. Cf. also Parfitt, T., 2018. The Times – Malta sells EU passports to rich Russians. [Online] Available at: https://www.thetimes.co.uk/article/malta-sells-eu-passports-to-rich-russians-9nd8p0sdn [Accessed 3 February 2018]. 93 Europol, 2017. Serious and Organised Crime Threat Assessment 2017. 94 Ibid., p. 7 – although the reasoning behind it is not necessarily due to such a dramatic increase: “In 2013, Europol reported the presence of at least 3,600 internationally operating Organised Crime Groups (OCGs) in the EU. In the SOCTA 2017, we identify approximately 5,000 international OCGs currently under investigation in the EU. This increase is primarily a reflection of a much improved intelligence picture. It is also an indication of shifts in criminal markets and the emergence of smaller groups and individual criminal entrepreneurs in specific criminal activities, especially those taking place online.” 90

264

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:38 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

threats from serious and organised crime. In this edition of the SOCTA, we highlight the role of technology in particular. Criminals have always been adept at exploiting technology. However, the rate of technological innovation and the ability of organised criminals to adapt these technologies have been increasing steadily over recent years. Developments such as the emergence of the online trade in illicit goods and services are set to result in significant shifts in criminal markets and confront law enforcement authorities with new challenges.”95 It is necessary to reflect upon the most suitable criteria for measuring progress as concerns police and judicial cooperation. Even within the Union itself, the situation is still sub-optimal. So, while the public view supports and believes enough is being done by police forces to cooperate96, the actual main European overview suggests that indeed, it is the “basics” that are still hampering a more effective fight against serious and organized crime97. Nonetheless, it is also these best practices and “basics”, which are exported by the Union, with considerable time and financial resources being deployed on national and European levels for trainings on police and judicial cooperation to States outside of the Union98. On a more positive and provisionally final point SOCTA is the best example of the 24 meaning of strategic use of European criminal intelligence presently in existence. Frontex99, notably its general risk assessment reports100, as well as other EU Agencies, provide various other strategic reports, yet none of them have such a fundamental overarching impact as the SOCTA in relation to its direct consequence on Union policy and law enforcement. And it is Europol, which provides this central piece of analysis, upon which the rest of the Union, i. e. the Member States themselves, are obliged to deploy and allocate their resources. One of the core weaknesses of law enforcement response across the Union, is that it is only possible if the existing co-dependency of the Member States is addressed in a binding and effective manner. The EU Policy Cycle, and the SOCTA at the heart of it, are an answer to this. b) EMPACT – EU policy cycle The European Union has been aware of the need for centralized coordination of 25 activities in the area of police and judicial cooperation101. Cornerstones are the creation by the Lisbon Treaty of a Standing Committee on Operational Cooperation on Internal Security (COSI)102, as well as the Commission’s Internal Security Policy103 (currently for 2015–2020) and its actual implementation. However, the creation of the 95

Ibid. Supra 91. 97 In this respect, consider also the renewed Internal Security Strategy, with its core focus on maximizing and implementing existing legal possibilities for police and judicial cooperation [European Commission, 2015. The European Agenda on Security. COM(2015) 185 final]. 98 E. g. as part of the “Technical Assistance and Information Exchange” (TAIEX), (European Commission, 2016. Taiex and Twinning 2016). 99 The European Border and Coast Guard Agency, Regulation (EU) 2016/1624 of the European Parliament and of the Council of 14 September 2016 on the European Border and Coast Guard and amending Regulation (EU) 2016/399 of the European Parliament and of the Council and repealing Regulation (EC) No. 863/2007 of the European Parliament and of the Council, Council Regulation (EC) No 2007/2004 and Council Decision 2005/267/EC, OJ L 251, 16.9.2016, pp. 1–76. 100 Frontex, 2018. Risk Analysis for 2018. 101 European Commission, 2017. Comprehensive Assessment of EU Security Policy. SWD(2017) 278 final. 102 Art. 71 TFEU – “A standing committee shall be set up within the Council in order to ensure that operational cooperation on internal security is promoted and strengthened within the Union.” 103 European Commission, 2015. The European Agenda on Security. COM(2015) 185 final. 96

Ryder

265

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:39 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

EU Policy Cycle was the most fundamental change to the way tackling serious and organized crime is undertaken on a Union level104. The views of the Council, at the time of committing to the creation of the policy cycle in 2010, were that they were conscious “of the need to further develop and streamline the existing structures and instruments and RECOGNIZING the need to develop a coherent, multidisciplinary and integrated approach in order to increase consistency, efficiency, transparency and accountability in the fight against organised and serious international crime”105 , and were therefore convinced that “…the best way to achieve this approach is by creating and implementing a policy cycle for organised and serious international crime; that such a policy cycle corresponds with the organised crime strategy required by the Stockholm Programme.”106 26 It is worth deconstructing the structures and procedures involved in the process. The policy cycle commences with the creation of the SOCTA107. This is followed by the second step of the actual setting of the policy by examination and discussion of the SOCTA’s findings by COSI. Because of those discussions, the Justice and Home Affairs Council of the European Union decides upon the crime priorities for the respective policy cycle period (i. e. the next 4 years)108. Following this determination, it is the role of the Commission to convene further meetings with the Member States and relevant actors, to decide upon the manner best suited for implementation. The outcomes of these discussions are Multi-Annual Strategic Plans (MASPs)109. Each of the designated crime priority area receives one MASP, and the resulting MASPs are once more ultimately approved by COSI110. 27 By way of example, one of the priority areas identified for the 2017 policy cycle is addressing criminal finances, i. e. money laundering and asset recovery111. While access to the complete MASP for this priority is restricted, it has been made publicly available with some redactions112. The MASP breaks down the actual issues into multiple levels, such as the known methods, facilitating factors, and provides concrete case examples of investigations and operations already conducted. Additionally, it also includes lessons learnt and assigns key performance indicators (KPIs) to each of the identified methods 104 It should be noted that the EU Policy Cycle was not a new invention, but followed various practices in a number of Member States concerning the setting of policy, as well as the intelligence-led policing approach, cf. infra 87. 105 Draft Council Conclusions on the creation and implementation of an EU policy cycle for organised and serious international Council Doc. 15358/10, p. 2, capitalization in original. 106 Ibid. p. 3. 107 The EU policy cycle is explained in equal competence and near identical wording and graphical demonstration at various sources, cf. European Crime Prevention Network, 2017. EU Policy Cycle: what is it, how does it work and what is the role of prevention, Council of the European Union, 2014. The EU policy cycle to tackle organised and serious international crime, Paoli, Europ. J. of Crime, Criminal Law and Criminal Justice 2014, 1(22), pp. 1–12, as well as the website of the Council, which helpfully includes links to all relevant documents for the respective cycle – http://www.consilium.europa.eu/en/policies/eufight-against-organised-crime-2018–2021/ . 108 Ibid. 109 Ibid. 110 Ibid, and for the sake of simpler coherency, the examination of the graphical representation in either of the mentioned sources is recommended. 111 The ten priorities for the current cycle are Cybercrime, Drug trafficking, Facilitation of illegal immigration, Organised property crime, Trafficking in human beings, Excise and MTIC fraud, Illicit firearms trafficking, Environmental crime, Criminal finances and money laundering as well as Document fraud (Council of the European Union, 2017. Draft Council conclusions on setting the EU’s priorities for the fight against organised and serious international crime between 2018 and 2021. Council Doc. 8654/17). 112 (Council of the European Union, 2017) Implementation 2018–2021 EU Policy Cycle for organised and serious international crime: Draft MULTI ANNUAL STRATEGIC PLAN for Criminal Finances/ Money Laundering/Asset Recovery Priority, Council Doc. 11805/17.

266

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:40 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

and enablers identified in relation to the crime area. The MASP further identifies the respective actors involved and concrete actions to be taken. Staying with the example of the criminal finances priority, and recalling that this is still a strategic, rather than an operational planning (which is the next step), the criminal finances MASP has an illustrative extract under the title operational activities: “2. Operational activities Objective: Prepare and conduct operations and investigations to detect and disrupt criminal syndicates and professional enablers involved in criminal finances and money laundering, and facilitate asset recovery. Type of actors involved: Type of actions: – Law enforcement community constituting law enforcement and judicial chain (e. g. police, customs, tax, judiciary and DELETED113 administrative authorities and services specialising in asset recovery), FIUs and regulators of financial institutions, other relevant non-law enforcement agencies – EU JHA Agencies and other EU bodies/actors – International organisations and networks – Private sector (including currency traders, financial institutions) – Dedicated Expert Action Leaders of other crime priorities Benefit: KPIs: – Disruption of criminal syndicates and professional enablers involved in criminal financing and money laundering DELETED – Awareness about specific tactics, initiatives and practices – Better understanding of criminal business model – Establishment of coordinated operational response – Increased freezing and seizure of assets”114 From this extract the general nature of the document becomes clear and becomes more relatable rather than an abstract notion of what could be in a MASP. Notable is equally its continued review, and the explicit insertion of KPIs to allow a meaningful evaluation, together with the identification of concrete actors to be involved. The next part of the process, following the adoption of the MASPs by COSI, is the 28 actual planning of the implementation of the individual MASPs, involving the individual actors previously identified as concerned (e. g. individual Member States, EU agencies). This results in the creation of Operational Action Plans (OAPs)115. It should also be understood, that not all Member States take part in each OAP116, as whilst indeed all are concerned by the security of the Union, not all are equally impacted by the same crime areas117. Once the OAPs are agreed upon by COSI, a “driver” is designated, who will lead the implementation of the OAP. Actions undertaken as implementation of the OAPs are considered European Multidisciplinary Platform Against Criminal Threats projects (EMPACT)118. The actual implementation is monitored on a national level by National EMPACT Coordinators (NECs), and its implementation supported by the EMPACT Support Unit of Europol (ESU). Of interest here is also the continued monitoring by 113 Markings in the referenced document indicating redactions made by the Council prior to giving partial public access. 114 Supra 112. 115 For a partially public version of an OAP in relation to excise fraud, see Council of the European Union, 2016, Operational Action Plan 2016 related to the EU crime priority D1: “Excise fraud”, Council Doc. 14837/2/15. 116 For an overview of the drivers of the individual OAPs for the 2014–2017 cycle, see Council of the European Union, 2014, Operational Action Plans 2015 related to the EU’s priorities for the fight against serious and organised crime between 2014 and 2017, Council Doc. 15929/2/14. 117 E. g. Illegal migration involves Member States with an external border more than others. 118 Supra B.II.b.i.

Ryder

267

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:40 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

COSI of the state of implementation of the OAPs by the driver, reported via the ESU, as well as a six monthly/annual progress report by Europol, allowing for, if required, amendments to the MASPs or OAPs. Once more, the core role of Europol in the process is evident. To stimulate the implementation of the OAPs as well as to address the question of funding the Commission provides significant grants to be awarded to support the implementation119. As a final stage, the Commission reports at the end of the cycle about the overall implementation. 29 The extensiveness of the discussion and level of detail provided on what is at first glance more a niche subject matter may seem misplaced. However, it impacts every citizen in the Union, and is the fundamental path towards getting closer to achieving the aim of an actual area of freedom, security and justice. It equally exemplifies the concrete impact the sharing of European criminal intelligence has on the daily life of all citizens. The immediate association with the sharing of intelligence relates to individual operations, belying the fact that in the background, significant decisions and resource allocations occur based on a central European analysis by one EU Agency – Europol. It is certainly not the “most attractive” part of law enforcement from a public relations aspect, yet to some extent it is the foundation upon which subsequent successful operations take place, and as such it receives undeservedly little attention. 30 Tied in with this however is also a significant danger. Having outlined the impact and the consequences of the SOCTA for a pan-European implementation, it is essential to recall that Europol’s analysis and subsequent production of the SOCTA relies entirely on the intelligence it receives120. Europol is not an investigative police body, and apart from publicly available sources, has no way to obtain information itself121. The immediate implication is that the information it bases itself upon must be accurate but must also be complete. Any inaccurate information, as well as an incomplete picture, will result in a skewered picture and a faulty analysis result. This would then commence a chain multiplier of the impact of the incorrect underlying assumptions. This is not to cast doubt on the SOCTA’s findings, yet the need for all Member States to contribute fully and accurately, cannot be overstated. It is with certainty that in the decision process Europol is fully aware of this risk, yet it is worthwhile considering once more the potentially opposing interests from a national perspective122. c) Intelligence-led policing 31 On a national level, but also on a European level, the concept of intelligence-led policing (ILP) has taken a central role in modern policing123. On a conceptual level, as 119 For an overview of all OAP grants allocated funding as well as the amounts since 2015 by Europol as part of the EMPACT implementation, see https://www.europol.europa.eu/publications-documents/ empact-grants. 120 See Art. 17 Europol Regulation, outlining exhaustively the sources of information for Europol, see also Council of the European Union, 2012. Serious and Organised Crime Assessment (SOCTA) – Methodology. Council Doc. 12159/12. p. 18 . 121 Art. 17 Europol Regulation. 122 E. g. being completely frank about having on a national level significant organized crime groups operating or having a high percentage of nationals associated with organized crime groups, which could paint a politically and publicly critical image of a specific Member State posing a specific threat to the internal security of the Union. Once more, there is no knowledge of the author that this has ever occurred or is an actual issue, yet intended only to demonstrate once more the co-dependency of the Member States in this process, as well as the need for information sharing not only on an operational level, but also on a strategic level, to the fullest extent – and that the entire process is based upon the assumption that all Member States will provide complete information, even if it means taking precedence over national interests or pride. 123 For a UK early perspective, cf. Cope, British J. of Criminology 2004, Vol. 44, pp. 188–203, Rattcliff, Policing & Society 2012, 12(1), pp. 53–66.

268

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:41 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

an example of what ILP is, the EU Policy Cycle as just discussed serves well. It is the progression from a reactive policing approach, to a pro-active one. It has been in part derided as common-sense policing124, and indeed on a conceptual basis is not overly complicated. Rather, from an academic perspective, it could be best described as “Intelligence-led policing is a business model and managerial philosophy where data analysis and crime intelligence are pivotal to an objective, decision-making framework that facilitates crime and problem reduction, disruption and prevention through both strategic management and effective enforcement strategies that target prolific and serious offenders.”125. What it does demonstrate regardless of the common-sense nature, is the increased reliance across all sectors on information. The ultimate aspect of this is naturally the crime-prediction vision of law enforcement and as far-fetched as it instinctively appears, there is increasing step towards such an assessment126. The relevance it has in the context of European criminal intelligence, is that 32 regardless of the actual difference of definitions of an academic nature, at the very heart of it, it uses information to make predictions about the future. This is in relation to types of events or developments, as well as to the likelihood of specific threats occurring. Because of this, certain actions are taken, and equally, certain actions are not. The fundamental feature however, upon which all the conclusions are based, is the available information. Akin to the dangers described above for the reliability and accuracy of the findings of the SOCTA, any intelligence-led policing effort, will be led, as the name says, by the intelligence available to it. As more and more police forces start to apply this concept, and more and more reliance is placed on its outcomes and used as a basis for subsequent decisions, the more exponentially important is the accuracy and completeness of the information at hand. As such, without discussing or entering into the merits of intelligence-led policing, it is sufficient to conclude that for the significance and importance placed on this policy approach to be validated, the information picture must be the most complete possible, and this once more cannot be done without the sharing of information127. Considering also for the national approach as referred to numerous times, the frequency of national organized crime existing without any relevant information being available across a border is near nonexistent. Having then extensively addressed, emphasized and demonstrated the absolute necessity of information sharing, the core question is how this can be achieved. Considering the sensitivities, justified or not, involved in sharing information even between various national law enforcement authorities, sharing information with one, let alone all Member States, seems a challenge128. One of the central solutions to this question is once more Europol.

III. Personal data protection The protection of personal data is enshrined in the TFEU129 and Articles 7 and 8 of 33 the EU Charter of Fundamental Rights. As such it is not only binding on any EU 124

Alach, Police J. 2011, Vol. 84, pp. 75–97. Ratcliffe, in: Wortley/Mazerolle (eds), Environmental Criminology and Crime Analysis, 2008, pp. 263. 126 Pramanik/Lau/Chowdhury, Automatic Crime Detector: A Framework for Criminal Pattern Detection in Big Data Era. 2016. 127 Cf. albeit from a US perspective, but with global application of the principle, Fisher, Journal of Military and Strategic Stud. 2016, 17(1), pp. 189–208. 128 Joyal, Criminal Just. Stud. 2012, 25(4), pp. 357–370. 129 Art. 16 TFEU. 125

Ryder

269

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:41 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

Agency, such as Europol, but also on the Member States themselves where they apply EU law. The Union relies on two main instruments in the field of data protection. Firstly, the recent General Data Protection Regulation (GDPR)130, which entered into force in May 2018. It contains strong provisions concerning the right to self-determination of individuals regarding the use of their personal data and is envisioned to address the technological advances made since 1995131. Many of these provisions however would be impractical when applied to a law enforcement context, such as processing the individual’s data only with their consent132. Therefore, a specific instrument was passed, laying “down the rules relating to the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, including the safeguarding against and the prevention of threats to public security”133. This Police Directive deals specifically with the processing of personal data by the competent authorities of the Member States, and as such creates equal and minimum standards134 applicable to the processing of EU criminal intelligence. As it too only entered into force in May 2018, the exact implications and any practical issues arising from it, remain to be seen. This is especially relevant, when considering for example the possibilities and conditions applicable to the transfer of personal data within as well as out of the Union135. 34 The Police Directive however does not apply to Union institutions or agencies136, which are generally subject to Regulation 2018/1725137. Its predecessor regulation, Regulation 45/2001, due to the existence of the third pillar at the time, did not apply to any agencies in the area of police and judicial cooperation138. As a result, e. g. the legal frameworks of Europol139 and Eurojust140 contain a stand-alone data protection regime141, as well as for Eurojust still, an independent data protection supervisory authority142. Areas of conflict exist specifically as regards EU agencies active in the former third pillar, i. e. in the field of police and judicial cooperation, such as Europol and Eurojust, and in the future the European Public Prosecutor’s Office (EPPO). Following the Lisbon Treaty, and the abolishment of the three-pillar system, the 130 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95/46/EC (General Data Protection Regulation). 131 Cf. Lindqvist, 2018, as well as more critically Kuner, 2018. 132 Art. 6(1)(a) GDPR. 133 Art. 1(1) Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing council framework decision 2008/977/JHA (Police Directive). 134 Cf. Marquenie, 2017, more critical cf. Jasserand, 2018. 135 Cf. Grant, 2017. 136 Art. 2(3)(b) Police Directive. 137 Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (Text with EEA relevance). 138 Cf. preambles 16 & 17 Regulation 45/2001. 139 Europol Regulation. 140 Eurojust Regulation. 141 As concerns the administration of personal data other than staff data, which is indeed made subject to Regulation 45/2001. 142 This was equally the case for Europol until the entry into force of the Europol Regulation on 1 May 2017 – so even the oversight by the European Data Protection Supervisor in this regard is a very recent development.

270

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:41 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

revision of Regulation 45/2001 is causing some concerns, especially from the point of view of the European Parliament, which seeks to remove the lex specialis approach, and is strongly in favour of having the revised 45/2001 Regulation applicable to all EU Agencies, including Europol, the EPPO and Eurojust143. The attempt at including these agencies into a framework dedicated to non-law enforcement processing demonstrates the consequences of the Lisbon Treaty well from the point of view of the European Parliament, which for the past decade(s), was only consulted, lacking the co-decision powers. As regards the interest of the Union and the sharing of European criminal intelligence, the position of the European Parliament has the potential to be disruptive to the process, if the actual working of e. g. Europol is not properly understood and legislated for. It is already ambitious to have one data protection framework covering all Union bodies and agencies, but to proceed to create a one size fits all approach, allowing e. g. Europol and Eurojust and the EPPO to operate smoothly under the same legal framework as e. g. the European Medicines Agency, the European Food and Safety Agency or the European Aviation Security Agency, seems a significant challenge. In the public domain, there is concern and general criticism towards the dangers of 35 citizen’s personal data being combined and exploited, leading to a transparent citizen144. Law enforcement is generally treated with even greater suspicion than private companies, especially concerning the use of open source information or social media145. The discussion within society about the appropriate balance to be struck between legitimate interests in personal data being protected, and the interest in effective law enforcement is yet to be concluded, to the extent it ever will be146. An example of this discussion is the discussion surrounding the e-privacy Directive147. The discussions culminated in the ruling of the Court of Justice in Tele2148. The ruling found that the general retention of communications data as envisioned under the Directive was incompatible with provisions of the Charter of Fundamental Rights, specifically with the right to data protection and privacy149. The discussions surrounding this Directive exemplify equally the need for a better understanding by society of the methodology by which law enforcement operates, especially in the context of cybercrime or using modern technology. On the 143

See position of the European Parliament (first reading), Doc. A8-3013/2017, pp. 45 et seq. Cf. Rossnagel/Richter, in: van der Sloot/Broeders/Schrijvers (eds), Exploring the Boundaries of Big Data, 2016, pp. 261–279. 145 For a police perspective on this, cf. (Carter, et al., 2016), (Treverton & Miles, 2014). 146 For a commercial perspective, cf. Atlantic Council; Thomson Reuters, 2017. Big Data – A TwentyFirst Century Arms Race, Atlantic Council. 147 Directive 2002/58/EC. 148 Case C 203-15, Judgment of the Court (Grand Chamber) of 21 December 2016 Tele2 Sverige AB v. Post- och telestyrelsen and Secretary of State for the Home Department v. Tom Watson and Others. 149 Ibid: “On those grounds, the Court (Grand Chamber) hereby rules: 1. Article 15(1) of Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications), as amended by Directive 2009/136/ EC of the European Parliament and of the Council of 25 November 2009, read in the light of Articles 7, 8 and 11 and Article 52(1) of the Charter of Fundamental Rights of the European Union, must be interpreted as precluding national legislation which, for the purpose of fighting crime, provides for general and indiscriminate retention of all traffic and location data of all subscribers and registered users relating to all means of electronic communication. 2. Article 15(1) of Directive 2002/58, as amended by Directive 2009/136, read in the light of Articles 7, 8 and 11 and Article 52(1) of the Charter of Fundamental Rights, must be interpreted as precluding national legislation governing the protection and security of traffic and location data and, in particular, access of the competent national authorities to the retained data, where the objective pursued by that access, in the context of fighting crime, is not restricted solely to fighting serious crime, where access is not subject to prior review by a court or an independent administrative authority, and where there is no requirement that the data concerned should be retained within the European Union.” 144

Ryder

271

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:42 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

face of it, it appears straightforward. As an example, one of the most important pieces of information for any cybercrime investigation, are IP addresses. These IP addresses can be roughly equated to licence plates on cars. If, however the registration details behind an IP address are not retained by the internet service provider, the simplified analogy would be the regular deletion of owner details for car licence plates. Following this analogy, investigating almost any internet related crime would be equivalent to attempting to identify the owner of a licence plate, with the data in question no longer having been stored. Unless discovering crime in real-time, rather than investigating leads after the event, it becomes near impossible to investigate certain offences, such as online child sexual exploitation and investigations into child abuse material, its possession or especially its distribution150. This is not an operational insight by the author, but rather a normal understanding of the time required to analyse seized hardware or gather information from an online service provider. This may then lead to the discovery of IP addresses, which would then require a judicial authorisation to oblige or even allow in the first place, the private party to disclose the information it holds on the IP address151. This is not a process which necessarily concludes in a few weeks or months, but can, especially when cross-border aspects are involved, takes considerably more time – at which point, the actual information related to the IP address at the time is no longer available152. An honest discussion therefore about the balance to be struck between the abilities of law enforcement, and the protection of personal data, must then also include the acceptance that one cannot “have it all”, and that for greater protection of personal data, there is a potentially equal amount of criminal activity which will go unprosecuted. This is a value-free statement, as it is in the end a question of priorities and values, on an almost philosophical level, but with real-life consequences153. What is clear though is that such an open discussion would be beneficial to society, but equally one that has not been had yet.

IV. Accessibility & sharing 1. Europol 36

The Union has not created a European FBI, but not due to a lack of proposing it154. What was created instead in 1994, on a police level, was the Europol Drugs Unit155 – the precursor of what is now the European Union’s Law Enforcement Agency156, or simply Europol. Europol is an agency without any coercive or investigative powers. Nonetheless it is essential for the sharing of information on a European Union level. Europol can be best explained by assuming it is based on three central pillars, namely analysis, 150

Cf. Becker/Fitzpatrick, U.S. Attorneys’ Bull. 2018, 66(1), pp. 41–47. From a police perspective, including standard operating procedures for the Netherlands, cf. Odinot/ Pool/ de Poot, Organised Cybercrime in the Netherlands, 2017. For a technologically accessible generic understanding of law enforcement practice, cf. Glenny, Dark Market: Cybercops Cyberthieves and YOU, 2011. 152 European Commission, 2013, Evidence for necessity of data retention in the EU. 153 For further analysis see also: Schmahl, Intelligence and Human Rights, Part 4 Chapter 1, in this volume. From a philosophical aspect, cf. Sandel, in, Justice – What’s the right thing to do, 2010, pp. 244–270. 154 Ellermann, Europol und FBI – Probleme und Perspektiven, 2005, Occhipinti, Intelligence and National Security 2015, 30(2–3), pp. 234–258. 155 From a historical perspective, as well as reflecting the political sensitivities of Member States and national law enforcement authorities being generally of a more suspicious nature, cf. den Boer/Bruggeman, Politique Européenne 2007, Vol. 27, pp. 77–91. 156 Having evolved generally from the Europol Drugs Unit, to Europol under the Europol Convention, to the Europol Council Decision, until through the Europol Regulation it became a full EU agency. 151

272

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:42 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

information exchange and expertise. These three areas will be assessed individually, as collectively, they aim at addressing the initially mentioned core requirements for effective policing to occur to an equivalent effect across all the Union’s Member States. These are the availability of information, the availability of equal capabilities as relates to analysis, forensic techniques and financial resources, as well as a shared strategic direction. If these aspects are in place, a coherent and joint effort against organized and serious crime is possible. If one of these however is not in place, then individual Member States lacking either of these, may find themselves evolving into a hot-spot of OCGs exploiting their specific weakness. This will negatively impact not only the Member State in question but equally would be detrimental to the internal security of the Union as a whole. As such, the work undertaken or intended to be undertaken by Europol is essential and significant. Based on the centralisation of information and consequently also personal data at 37 Europol, it is unsurprising that it is also closely monitored. Apart from the supervision of Europol by the Management Board (consisting of representatives of all Member States, as well as one from the Commission)157, it has an internal audit function158, and a data protection office159. Externally it is subject to the European Data Protection Supervisor (EDPS), who maintains significant powers, including the blocking of processing of personal data160. It is notable as well, that each Member State itself must also nominate a data protection supervisory authority, assessing the compliance and legality of transfers from the Member State to Europol itself161. Additionally, following the provisions of the Lisbon Treaty162, it is also subject to the scrutiny of the Joint Parliamentary Scrutiny Group (JPSG), composed of representatives of the European Parliament and of the national parliaments163. As both the EDPS and the JPSG are new to Europol, having only gained competence as of May 2017 once the Europol Regulation came into force, the exact manner of supervision, especially that of the JPSG, will remain to be seen. Equally, the European Court of Justice for the first time has full scrutiny over Europol’s activity, and Europol has already been taken to court – albeit unsuccessfully and based on a misconception of Europol’s role and tasks164. a) Information sharing The sharing of European criminal intelligence is one of the essential reasons for 38 Europol’s existence, and has uniquely managed to become possibly more successful than originally expected or hoped for. Leaving the academic notions briefly aside, one of the core requirements for information to be shared with anybody, is trust in its appropriate handling. The level of trust required is in direct relationship to the sensitivity of the information in question. This is a human instinct, and even stronger in law enforcement165. There are frequently valid reasons for this, as from an operational context the risk of information being received by undesired recipients cannot only jeopardize the success of individual operations, but entire investigations which may have involved 157

Art. 10 Europol Regulation. Art. 11(1)(n) Europol Regulation. 159 Art. 41 Europol Regulation. 160 Art. 43 Europol Regulation. 161 Art. 42 Europol Regulation. 162 Art. 88(2) TFEU. 163 Art. 51 Europol Regulation. 164 Case T-366/16 – Order of the General Court (Sixth Chamber) of 27 September 2017 AnastasiaSoultana Gaki v. European Union Agency for Law Enforcement Cooperation. 165 Joyal, Criminal Just. Stud. 2012, 25(4), pp. 357–370. 158

Ryder

273

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:43 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

significant resources and time. Ultimately, unauthorised disclosure would also pose a danger to the lives of officers, such as those deployed undercover, or the lives of informants, if the source of the information could be deduced. As such, it is also nothing that can be effectively legislated for as cooperation requires willing participants. The Member States specifically strongly objected to the original Commission proposal for the Europol Regulation which contained strong obligations to provide information, which ultimately did not make it into the final legislation166. An example of a failed attempt at “enforced” cooperation can be seen in the legal framework of Eurojust, the Union’s judicial cooperation body which as part of its revised legal framework in 2009167 contained an explicit and concrete obligation on all Member States to provide information to Eurojust in many scenarios and cases168. The outcome of the mutual evaluations demonstrated that many Member States simply ignored these provisions and did not share the information they were obliged to, even citing a lack of userfriendliness or questioning the added value to do so169. Absent in this context was also any legal enforcement proceedings by the Commission concerning the non-implementation of legally binding provisions. At least in the information sharing area, the provision of added value in return to any information received, is an efficient motivator to supply information in the first place. 39 In order then to become a viable information hub and to receive any information from the Member States, the first challenge for Europol was building trust. An indication of the potential mistrust towards Europol was also its originally very limited mandate – combatting drugs offences. However, over the years as Europol progressed through the Europol Convention and the Europol Council Decision, its mandate was equally expanded, to where it is today – fighting serious and crossborder crime affecting two or more Member States, terrorism and forms of crime affecting a Union interest170. Europol has demonstrated consistently to Member States that they can trust Europol with information, and that that information will not find its way into the public domain. Directly related to the question of trust is the second issue, namely whom the information submitted to Europol is shared with. Despite all Member States being part of Europol (leaving aside the situation of Denmark171), this does not mean that therefore all Member States receive all information shared with Europol. Europol has its own legal personality and consists of its own staff who are employed by the Union, as well as making use of deployed seconded experts from the authorities of the Member States172. Europol interacts with the Member States exclusively through the dedicated Europol National Unit (ENU) of each Member 166 Cf. Arts. 7(5) & 7(10) of the Commission Proposal for a Regulation of the European Parliament and of the Council on the European Union Agency for Law Enforcement Cooperation and Training (Europol) and repealing Decisions 2009/371/JHA and 2005/681/JHA (COM/2013/0173 final), compared with Arts 7 (6) & 7(11) of the Europol Regulation. 167 Council Decision 2009/426/JHA of 16 December 2008 on the strengthening of Eurojust and amending Decision 2002/187/JHA setting up Eurojust with a view to reinforcing the fight against serious crime, OJ L 138 of 4.6.2009. 168 Art. 13 Eurojust Decision. 169 Council of the European Union, 2014. Final report on the sixth round of mutual evaluations Council Doc. 14536/2/14. “The evaluation showed that Member States’ experience with Article 13 varies considerably. More than half of the Member States had not yet fully implemented the Article at the time of the evaluation visit, and in general only little awareness existed among practitioners of the obligations therein. Those who knew about Article 13 still did not systematically transfer the relevant information in a structured way; a number of them asked for a more “user-friendly” template, less burdensome to fill in. Furthermore, many practitioners seemed to question the added value of doing so”, p. 33. 170 Cf. Art. 3 & Annex I Europol Regulation. 171 Supra 7. 172 Arts. 53 & 56 Europol Regulation.

274

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:43 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

State173. Only if the ENU allows a direct contact with a different authority of that State can such contact take place, and even then, only under the conditions stipulated by the ENU174. This for example is also an essential difference to Eurojust, where the National Members of the Member States exist in a dual-function, retaining their national positions and jurisdictional competences, while also being able to act as Eurojust175. When information is shared with Europol, it is therefore only shared with Europol staff, and then only to the extent there is a need for the individual staff member to know176. The way the information is shared outside of Europol, be it with Member States or other third parties, is the secret to Europol’s success. The core factor for the success of Europol is found in the use of its handling codes. 40 The legal text seems quite simple in its content, yet it belies the fundamental nature of the provision: “Member States, Union bodies, third countries and international organisations may indicate, at the moment of providing information to Europol, any restriction on access thereto or the use to be made thereof, in general or specific terms, including as regards its transfer, erasure or destruction. Where the need for such restrictions becomes apparent after the information has been provided, they shall inform Europol accordingly. Europol shall comply with such restrictions.”177 This provision lies at the very heart of Europol, as it allows the Member States full control of their information, even after having shared it. As such, it squares the circle between sharing information, yet retaining full control over it while doing so. Europol has implemented this by means of handling codes, which can take one of three forms: H1 (free dissemination but consulting the owner prior to use in judicial proceedings), H2 (not to be shared with anyone) and H3 (free allocation of restrictions by the provider, e. g. Member States only, no third States or other EU bodies, only Member States involved in a specific operation, etc.)178. It is based on this system, that information is shared with Europol, and this also allows for the sharing of operationally sensitive information which would be relevant for Europol to compile a proper and reliable analysis, yet without the need for others to be aware of the information in question. It is ultimately decided by the supplier of the information with whom it is shared. An additional benefit to the process designed by Europol can be seen in a situation where a provider wishes to share operationally sensitive information related to 173 Art. 7 Europol Regulation. This is an essential aspect of Europol’s functioning, as not only do Member States thereby retain political control and an overview over what is and what is not sent to Europol, but also is crucial to the data quality of Europol information, by avoiding duplicate submissions of the same data, etc. Also, it serves a vital data protection function regarding the ability e. g. to correct faulty data submitted etc. – cf. Art. 38 Europol Regulation. 174 Art. 7(5) Europol Regulation, from a practical perspective this means that e. g. if the police of Berlin (Germany) decided it had valuable information for Europol, that it could not send it directly, and even if it did, Europol could not process it. Rather, the information would first have to go to the German National Unit, who would then decide at its own discretion whether or not to forward the information to Europol. In circumstances however where Europol was assisting in an operation in Berlin involving the Berlin police, the German National Unit could authorise direct exchanges between the Berlin police and Europol, subject to any conditions it would seem fit, such as copying the National Unit in any information exchanged. 175 Art. 5 Eurojust Decision, and equally the National Members, who may act individually as Eurojust as well, are still directly paid for by their respective national authority, rather than out of the Eurojust budget itself (Art. 33 Eurojust Decision) . 176 Art. 22 Europol Regulation. 177 Art. 19(2) Europol Regulation. 178 Cf. (Europol, undated but presumed pre 2012) http://moi.mk/Uploads/Europol%20Products%20and %20Services-Booklet.pdf.

Ryder

275

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:44 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

Mr. X only with Europol. To do so, it would use a H2 handling code (meaning it is not visible by anybody else). This would seem to go against the purpose of allowing other Member States to become aware of other relevant information if they too search for Mr. X. However, if such a search is conducted, the original supplier of the information will be alerted by Europol that the other Member State has searched against Mr. X and ask for their permission to share it. In this manner, the ability to share information only with Europol is created, while the ultimate goal of sharing information across all Member States is maintained. 41 This is not however without the second important legal obligation of Europol, which is the duty to notify. It states that Europol must inform Member States of any information relevant to them179. This avoids the scenario in which Europol may hold information and decide not to share it to the detriment of one of the Member States. It also underlines Europol’s position of a non-investigative body, assisting the Member States. This duty to notify however is still subject to the handling codes permitting such sharing, which take precedence even over the duty to notify180. However, for the first time in Europol’s history, the supremacy of handling codes has been qualified in the Europol Regulation, foreseeing that where it is “absolutely necessary in the interest of preventing an imminent threat to life”181, Europol must provide information even against the will of the provider of the information. In theory, this is a dramatic step undermining the ownership and restrictions available to the provider of the information and could potentially discourage information sharing. On the other hand, it emphasizes Europol’s transition as an instrument “by the Member States, for the Member States” as could be said under the Europol Convention, to a Union body, with a Union-focused objective. In practice it is hard to conceive this scenario coming into existence, of a Member State unwilling to share information which would otherwise lead to potential deaths in another Member State. Nonetheless it is an extremely symbolic one, emphasizing the obligation and importance to share information. 42 A further example of the step towards the increased making available of data at Europol is also found in the Europol Regulation, which foresees Member States having access to all data processed at Europol182. Europol processes data for three primary purposes183, namely for cross-checking, for strategic and thematic analysis, and for operational analysis184. The Regulation foresees that all Member States have direct access to all of Europol’s data processed by it for cross-checking and strategic and thematic analysis, as well as direct185 indirect access (i. e. hit/no-hit) to all data processed for operational analysis. This is a dramatic distribution of access, and a clear intention to place Europol at the very centre of the exchange of, as well as the vehicle for accessibility to, European criminal intelligence. Not only should Europol be supplied with all relevant information for the sake of Europol being able to assist the Member States, as well as provide reliable and accurate strategic assessments, but equally 179

Art. 22 Europol Regulation. Ibid. 181 Art. 22(2) Europol Regulation. 182 Art. 20 Europol Regulation. 183 There is also a fourth purpose, i. e. the facilitation of information exchange, yet this is not an active processing in the sense of using it for any analysis, but has a data protection connotation and background. 184 Arts. 18(2)(a)-(c) Europol Regulation. Art. 18(2)(d) is equally a processing ground, yet this is more an internal enabling provision allowing for the technical processing of information exchanged, rather than a source of processing or an area in which to conduct analysis. Finally, also under Art. 18(4) Europol may process data but solely for the purpose of identifying its relevance to Europol, and subsequently allocating it a purpose under Arts. 18(2)(a)-(c). 185 Direct in this context here meaning via a technically direct connection, possibly via the European Search Portal to be established under the Interoperability proposal – cf. infra para 49. 180

276

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:44 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

information should be supplied to Europol to enable access for all other Member States. At the same time, it creates a central repository, allowing Member States to easily assess whether or not the target of their investigation is known and additional information exists. The same applies also to any other information they have come across in their investigation, such as phone numbers, addresses, licence plates, etc.186 Naturally however, this access is subject though to use restrictions, i. e. handling codes placed on the information, but the principle behind it is significant, and once more demonstrates the “European Unionization” of Europol. A final observation of significant relevance to information sharing is the need for a 43 secure manner by which to exchange information. IT systems and new technologies are developed on an almost daily basis, and it is likely that multiple projects are running in parallel to each other aiming at the same solution but taking very different technological approaches. It is thus a significant challenge to have various information systems able to communicate with each other. Ideally, there should be a system in place in all Member States, using the same technology and infrastructure. Europol has provided such a system, namely the Secure Information Exchange Network Application (SIENA)187. SIENA was primarily developed to allow the secure transmission of information by the Member States to Europol, but quickly evolved to becoming a standard manner of transmission also between the Member States. This was enabled and facilitated by Europol’s legal framework, foreseeing the ability of Member States to exchange information also on a bi or multilateral basis, without involving Europol at all, including where the information exchanged falls outside of Europol’s competence188. As such, Europol’s infrastructure is utilized for information exchanges by the Member States, whether it falls into Europol’s mandate or not. This network also includes all of Europol’s formal cooperation partners and is the current pre-requisite for structured cooperation with Europol. This however also means that through SIENA, any Member State cannot only securely transmit information to any other Member State, but equally exchange information in a secure manner with several third States and other connected EU agencies, such as Eurojust or Frontex. Apart from the 28 Member States189, in 2016, 32 other third parties were connected to SIENA, allowing the direct reach of 757 law enforcement authorities190. Having this high rate of acceptance equally leads to a significant acceptance of Europol. An impression of the frequency of its use can be seen in an average of approximately 72,000 messages being exchanged per month in 2016, totalling more than 800,000 over the year.191 It is apparent that information exchange across the Union without Europol’s facilitating central role, is hard to imagine. b) Analysis Europol’s role in criminal analysis is already discussed extensively above concerning 44 the strategic analysis and its products, primarily in relation to the SOCTA192. Further products of Europol relate to e. g. general threat reports showing new emerging threats 186 As an example, the Europol Information System (since the Europol Regulation data under Art. 18 (2) for cross-checking contained almost 400,000 objects, in addition to over 100,000 suspected or convicted criminals, and was searched almost 1.5 million times – cf. Europol, 2017) Europol Review 2016–2017, p. 71. 187 Ibid, pp. 68 et seq. 188 Cf. Art. 8(4) Europol Regulation, as well as Art. 38(7) Europol Regulation indicating specifically that Europol is not responsible for such bilateral information exchange using Europol’s infrastructure. 189 Despite Denmark no longer being a part of Europol, it maintains a SIENA connection. 190 Supra 186. 191 Ibid. 192 Supra at B.II.b.i.

Ryder

277

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:44 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

or trends developing193. Further examples of strategic analysis worth mentioning is also the role played by Europol concerning its contributing factor and central role envisioned under the ETIAS system194. Analysis on an operational level in individual cases is conducted using modern technology and software to provide a meaningful interpretation using the data supplied to it by the participating Member States. Europol is also assisting in the analysis of meaningful links or connections between the information it receives. This means that just as per the example provided above, Member States provide information to Europol, and this information is consistently checked for hits against all other data stored at Europol. In this manner, it allows Europol to inform Member States about other active investigation or even concluded ones, as well as providing advice and guidance on recommended next steps or suggested points of contact195. It is equally active not only in Member States’ investigations, but also at times in those that involve third States, who also increasingly see the European Union as one single geographic area with ties to their international crimes or terrorism. An example of this is the view of a law enforcement official from the United States, who shares his experience with Europol as follows: “Based on evidence recovered from sensitive site exploitation, HSI196 began analysis of his financial links and conveyed a number of critical leads to European nations through the use of both SIENA and Europol relationships. Cooperation between HSI, the U.S. Department of Defense, and Europol on this specific case thus far has contributed to over 130 open investigations and 15 arrests in France, Belgium, Germany, and other European countries. Another significant operation includes Operation ERMIS, where HSI in The Hague provided over 2,000 financial leads on document forgers, which led to 19 separate arrests in Greece and the Czech Republic in 2016. Further investigation into these illicit travel rings indicated ties to both transnational criminal organizations and possible foreign terrorist fighter movements. This type of coordination benefits from the unique authorities HSI agents possess, their relationship with European and U.S. partners, and their understanding of transnational threat networks”197. Europol’s role therefore is expanding considerably by making it a central point of the Union also for third partners. Related to this is also the next part, the centralisation of expertise, both for the sake of expertise being able to be shared within the Union, but equally to act as a central point of contact towards third states into the Union.

45

c) Expertise The final “pillar” of Europol then is the provision of expertise. Expertise in this context should be seen however through the perspective of experience, and the subsequent sharing thereof. Once more returning to one of the central premises allowing functioning 193 See e. g. listing of Intelligence notices compiled at https://www.europol.europa.eu/activities-services/ intelligence-notifications-early-warning-notifications. 194 Cf. Art. 29 of the Proposal for a Regulation of the European Parliament and of the Council establishing a European Travel Information and Authorisation System (ETIAS) and amending Regulations (EU) No. 515/2014, (EU) 2016/399, (EU) 2016/794 and (EU) 2016/1624 (COM 2016/731 final), as well as the integration of ETIAS entries to be searched against Europol 18(2)(a) data, representing a significant shift from the usage of Europol data for and by the Member States’ law enforcement authorities to using them to establish and identify potential risks for the Union’s security by using them as a cross-check by all travellers falling under ETIAS. 195 Cf. Art. 6 Europol Regulation. 196 HSI here being Homeland Security Investigations, part of the US Immigration and Customs Enforcement (ICE). 197 Hidalgo, CTC Sentinel 2018, 11(2), pp. 25–27.

278

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:45 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

law enforcement, namely the need for equal abilities to combat all areas of serious and organized crime, it may be apparent that not all Member States will have built up identical experience, i. e. expertise, in dealing with them. The idea therefore is a centralization of experience, available to all Member States if required. This commenced with the allocation of the central function of Europol concerning counterfeiting of the Euro198, and has since developed into the creation of specialised centres199. Examples for this are the original creation of Europol with a focus on drugs, as the Europol Drugs Unit, and has developed to the launch of the European Cybercrime Centre (EC3) in 2012, the construction of the European Migrant Smuggling Centre (EMSC), the Intellectual Property Crime Centre, the European Counter Terrorism Center (ECTC) as well as the European Serious and Organized Crime Centre200. Central to all the creation of the centres is indeed the centralization of information in relation to all these areas, and the creation of a single point of contact to address the European Union. This point of contact is aimed also at private parties, who for EC3 also sit in dedicated advisory groups, and provide their strategic insights from their experience in private practice201. As part of ECTC, Europol also hosts the EU Internet Referral Unit, cooperating strongly with private parties to assist in the location and subsequent removal of internet content facilitating or constituting potential serious crime and terrorism, such as propaganda videos202. It should be noted though that this is an explicit new task of Europol203, but also, that this is conducted completely on a voluntary basis with the private parties, as Europol also in this respect, has no coercive or other authority to enforce compliance with any suggestion to review material to the service provider. It is apparent that the centralization of such experience risks also the creation of a 46 form of dependence by Member States on the availability of such resources they may draw from, and equally a possible encouragement to not develop such expertise in the first hand, knowing some aspects may be “outsourced” to Europol. One area in which this may become an issue is within EC3, and specifically the performance of forensic analysis of seized mobile phones and storage media. On the other hand, it is also a feasible argument to consider this the commencement of a further and deeper involvement of Europol and its acceptance on a national level, leading to its true “launching”, akin to the FBI, when it developed national expertise regarding fingerprint examinations, and thereby found its portal through which to promote and achieve its relevance and acceptance.

2. Other existing databases The centralization of information by way of using Europol was not the only manner 47 by which the Union attempted to make information easily accessible, nor was it the first. At the time of the creation in 1985 of the Schengen Area204, before the Treaty of Maastricht and even any form of formal treaty-based police cooperation, the first EU information system was created, namely the Schengen Information System (SIS). It was the result of the apparent need to have some form of centralized information 198

Art. 4(4) Europol Regulation, since 2005. As a concrete task for Europol, cf. Art. 4(1)(l) Europol Regulation. 200 Cf. Europol, 2017. Europol Review 2016–2017. 201 For original members, including the private parties involved, see https://www.europol.europa.eu/newsroom/news/ec3-advisory-groups-members . 202 In its first year of operation until 2016, the IRU made just above 11,000 referrals to 70 private parties, with 91 % of the referrals resulting in their removal by the platform – (Europol, 2016), p. 5. 203 Art. 4(1)(m) Europol Regulation. 204 For a thorough historic description, cf. Siebold, ZwischenGrenzen: Die Geschichte des SchengenRaums aus deutschen, französischen und polnischen Perspektiven, 2013. 199

Ryder

279

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:46 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

available, if internal borders are removed, even if it was “only” for 5 Member States. The aim of the SIS was “to maintain public order and security, including State security, and to apply the provisions of this Convention relating to the movement of persons, in the territories of the Contracting Parties, using information transmitted by the system”205. This would be achieved specifically by the obligation that “The Contracting Parties shall set up and maintain a joint information system; hereinafter referred to as the Schengen Information System, consisting of a national section in each of the Contracting Parties and a technical support function. The Schengen Information System shall enable the authorities designated by the Contracting Parties, by means of an automated search procedure, to have access to reports on persons and objects for the purposes of border checks and controls and other police and customs checks carried out within the country in accordance with national law and, in the case of the single category of report referred to in Article 96, for the purposes of issuing visas, the issue of residence permits and the administration of aliens in the context of the application of the provisions of this Convention relating to the movement of persons.”206 This was the first formal effort on a small scale covering initially only a few Member States, that led to the current further developments and prevalence of SIS as it is in operation today207. It is also of interest to note that with the absence of databases containing third-country nationals, there was and is no real alternative to SIS, apart from possibly Europol’s processing category of cross-checking. Although also here it should be restated, that the information contained in SIS is often a basis for concrete action, such as arrests to occur against a hit in SIS208. Information stored at Europol by contrast should be considered as information of a “softer” level, containing the background to investigations, rather than concrete outcomes. a) Interoperability 48 The Schengen Information System is currently the most essential database as regards the practical day-to-day operations on criminal intelligence. However, it is from a law enforcement perspective, not the only available database to law enforcement. EU Information systems also having a law enforcement component have over the past decade been created, and their creation is still ongoing. The main systems are: (a) The Visa Information System (VIS)209, the scope of which covers the exchange of information between Member States as regards the issuing of visas in the 205 Art. 93 The Schengen acquis – Convention implementing the Schengen Agreement of 14 June 1985 between the Governments of the States of the Benelux Economic Union, the Federal Republic of Germany and the French Republic on the gradual abolition of checks at their common borders, OJ L 239 of 22.9.2000. 206 Art. 92(1) Schengen Convention. 207 Council Decision 2007/533/JHA of 12 June 2007 on the establishment, operation and use of the second generation Schengen Information System (SIS II) OJ L 205 of 7.8.2007. 208 Cf. Art. 26 et seq of the SIS II Council Decision, listing the categories of alerts triggering possible arrests, i. e. active arrest warrants, for extradition or surrender. 209 Regulation (EC) No. 767/2008 of the European Parliament and of the Council of 9 July 2008 concerning the Visa Information System (VIS) and the exchange of data between Member States on short-stay visas (VIS Regulation) OJ L 218 of 13.8.2008, as concerns law enforcement access to VIS cf. Council Decision 2008/633/JHA of 23 June 2008 concerning access for consultation of the Visa Information System (VIS) by designated authorities of Member States and by Europol for the purposes of the prevention, detection and investigation of terrorist offences and of other serious criminal offences OJ L 218 of 13.8.2008, and currently under revision in relation to the Interoperability proposal by the Commission, cf. infra at B.IV.b.i.

280

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:46 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

Schengen area, with “the purpose of improving the implementation of the common visa policy, consular cooperation and consultation between central visa authorities by facilitating the exchange of data between Member States on applications and on the decisions relating thereto…”210. From a practical perspective, it is clear that an exchange of data in relation to visas is essential, considering also that a Schengen visa issued by one Member State is just as valid as one issued in another. The potential relevance of the data contained, i. e. details about persons who applied for it, were issued with, or had an application for a visa rejected, is clear for law enforcement, especially as relates to trafficking in human beings, illegal migration or terrorism. (b) The European Dactyloscopy, or EU Asylum fingerprint database (EURODAC)211, was created in 2003, aimed at assisting identification of asylum seekers and easier identification of the Member State of first entry. It has been revised and is presently once again under discussion based on a proposal from 2016212, aimed at broadening its scope towards overstayers, as well as adding biometric facial recognition. It only covers third-country nationals and is in principle accessible by law enforcement. Also, here, the potential exists of retaining relevant data for law enforcement. (c) The European Travel Information and Authorization System (ETIAS)213 is equally a recent proposal and still under discussion. It is available to thirdcountry nationals who enjoy the benefits of a visa liberalization scheme with the European Union, and similar to the Electronic System for Travel Authorization (ESTA) system used for travel to the United States, it aims to assess and issue travel authorizations in advance of travel by these individuals. One of the unique aspects of ETIAS is the use of other existing EU information systems in order to automate the approval process. As such, it foresees the cross-checking of the applicant’s details against i.a. any hits in SIS, any hits in VIS, any hits in the Entry-Exit System (EES) 214, as well as any hits against Europol data processed for cross-checking purposes by Europol215. Significantly, it also introduces a new watchlist concept, allowing for Member States (and third States via a Member State or Europol) to insert data only visible to themselves. These data if found in an application would trigger an 210

Art. 2 VIS Regulation. Regulation (EU) No. 603/2013 of the European Parliament and of the Council of 26 June 2013 on the establishment of “Eurodac” for the comparison of fingerprints for the effective application of Regulation (EU) No 604/2013 establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person and on requests for the comparison with Eurodac data by Member States’ law enforcement authorities and Europol for law enforcement purposes, and amending Regulation (EU) No. 1077/2011 establishing a European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice, OJ L 180 29.6.2013. 212 Proposal for a Regulation of the European Parliament and of the Council on the establishment of “Eurodac” for the comparison of fingerprints for the effective application of [Regulation (EU) No. 604/ 2013 establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a thirdcountry national or a stateless person] , for identifying an illegally staying third-country national or stateless person and on requests for the comparison with Eurodac data by Member States’ law enforcement authorities and Europol for law enforcement purposes (recast), COM(2016) 272 final. 213 Proposal for a Regulation of the European Parliament and of the Council establishing a European Travel Information and Authorisation System (ETIAS) and amending Regulations (EU) No. 515/2014, (EU) 2016/399, (EU) 2016/794 and (EU) 2016/1624 COM(2016) 731 final. 214 Infra at para 48.d. 215 Art. 18 ETIAS proposal. 211

Ryder

281

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:47 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

automatic alert, not only against an individual who is travelling, but also e. g. if a specific third party is processing any applications, or even a specific IP address is being used for the submission of an electronic application216. Apart from the added value of active monitoring, law enforcement, including Europol, may access the data for specific purposes217. (d) The Entry – Exit System (EES)218 is equally a database for third country nationals, which stores the entry and exit times and locations of individuals entering the Schengen area, as well as any refusals of entry. It is primarily aimed at identifying overstayers and preventing illegal migration. It does however also foresee the ability for law enforcement authorities and Europol to access the data under specific circumstances.219 (e) A European Criminal Records Information System for Third Country Nationals (ECRIS-TCN)220, currently under discussion, which aims to store third country nationals convicted of a criminal offence. This data is primarily for law enforcement services. 49 These systems have in common that they contain data which may be potentially relevant to investigators in the Member State from a law enforcement perspective, while primarily being collected and processed for a different purpose. What they also have in common, is individually varying access procedures, verification procedures and conditions for the implementation of such access221. In practice this means that an investigator in order to consult these systems would need to conduct 5 different searches, in addition to searching Europol data. This means six individual searches, which require individual justifications and verifications with differing procedures – all to see if any data is held222. It is plain that the likelihood of this being undertaken as a routine matter when faced with the investigation of serious crime or terrorism, is diminished considering the administrative workload involved, balanced against the likelihood of generating a hit in these systems, no matter how useful it could potentially be. The Commission is presently proposing an interoperability package223, which includes the creation of a 216

Art. 29 ETIAS proposal. Art. 43 et seq. ETIAS proposal. In practical terms this would mean the ability of law enforcement to access submitted applications to identify if a given suspect had planned or is planning to travel, the details provided, etc. This is however only foreseen to be possible, once the consultation of other databases has not provided a suitable answer – see Art. 45 ETIAS proposal for specific requirements and the details against which can be searched by law enforcement authorities of the Member States. 218 Regulation (EU) 2017/2226 of the European Parliament and of the Council of 30 November 2017 establishing an Entry-Exit System (EES) to register entry and exit data and refusal of entry data of thirdcountry nationals crossing the external borders of the Member States and determining the conditions for access to the EES for law enforcement purposes, and amending the Convention implementing the Schengen Agreement and Regulations (EC) No. 767/2008 and (EU) No 1077/2011, OJ L 327 of 9.12.2017. 219 Ibid, Art. 30 et seq. Also here, Europol and the law enforcement authorities may gain access to specific EES data. A hypothetical example could be the need to urgently identify whether and with what details, a terrorism suspect has entered into the European Union, through which valuable insights and subsequent prevention or detection of a terrorist offence may be gained. 220 Proposal for a Regulation of the European Parliament and of the Council establishing a centralised system for the identification of Member States holding conviction information on third-country nationals and stateless persons (TCN) to supplement and support the European Criminal Records Information System (ECRIS-TCN system) and amending Regulation (EU) No. 1077/2011, COM(2017) 344 final. 221 Primarily based on the increased requirements from a data protection perspective, allowing for a deviation from the purpose for which the data were primarily collected. 222 Indeed, depending on the crime area in question, the likelihood of a hit may be remote, however in the event of a hit, the added value to the investigation is likely significant. 223 Proposal for a Regulation of the European Parliament and of the Council on establishing a framework for interoperability between EU information systems (police and judicial cooperation, asylum and migration) COM(2017) 794 final, based on European Commission, 2017. High-level expert group on information systems and interoperability – Final Report – May 2017. 217

282

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:47 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

European Search Portal224. This would allow the querying of all the named systems, including Europol data for cross-checking purposes, to be consulted through one single portal, and undertaken by one search. Investigators in the Member States, based on an individual user profile tailoring access possibilities to the role of the individual user, would be able to conduct a single search query, which would automatically query data in all of the above systems, i. e. VIS, Eurodac, EES, SIS, Europol data submitted for cross-checking, ECRIS-TCN as well as the Interpol databases on stolen and lost identity documents and on travel documents associated with notices225. Not entering into the technical details thereof, it is clear that there is an attempt at addressing the fragmentation of various potentially relevant data, and ensuring an easier manner of access, thereby increasing the availability of information at the time it is needed, and at the location it is needed. Despite the proposal having been introduced only recently, and still pending a position of the European Parliament and Council, the proposal in itself is a comforting step towards seeing the Commission both realizing the existing deficits and having the political courage to make proposals to address them holistically. Further, the proposal includes the automated cross-referencing of all contained biometric data, aimed at identifying false identities or attempts at identity fraud or illegal entry, by creating alerts where matching biometric data contained in different systems listed, relate to different persons in another system – indicating that at some point, individuals entered or are attempting to enter the Union with false identities226. It appears the point may have turned from the creation of ever new systems or databases, to using data already available and maximising their use and accuracy.

C. Complimentary measures to European criminal intelligence Complementing the police cooperation aspect from a judicial side is naturally 50 quintessential to bringing investigations to their intended goal, namely a successful prosecution. Linked to that however is also the need to have certain coercive or investigative measures of an especially intrusive nature available to be authorized by a judicial authority. Recalling that there is a definitive need to ensure an equally competent and effective law enforcement action against any area of crime, there is a need for the police to be able to undertake the same amount of measures and be authorized to do so in a similar manner, regardless of the Member State in question. The flipside is however also not to be neglected, namely that the main reason for judicial intervention prior to certain police actions being permitted to be undertaken, is the protection of civil liberties. Whilst therefore a significant amount of attention has been and should be paid to the abilities for effective law enforcement to take place, the full enjoyment of an equal amount of fundamental rights across the Union must be guaranteed227 – hence the need for an equally progressive development in the field of judicial cooperation. There has been significant progress in the field of judicial cooperation in criminal 51 matters, based largely upon the concept of mutual recognition228. The most significant developments in this area have been a result of the unprecedented terrorist attacks of 224

Art. 6 Interoperability Proposal. Art. 6 et seq. Interoperability Proposal. 226 Art. 12 et seq Interoperability Proposal. 227 Cf. Art. 51(1) EU Charter of Fundamental Rights. 228 Seen as “the cornerstone” of judicial cooperation in criminal matters in The Hague Programme: Strengthening Freedom, Security and Justice in the European Union OJ C 53 of 3.3.2005. 225

Ryder

283

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:47 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

9/11 – spawning from these deplorable events, however, have been the Mutual Legal Assistance Convention229, Joint Investigation Teams230, as well as the European Arrest231 and the European Evidence Warrant232. Of all these instruments, one of the most notable and consequential decisions has been the European Arrest Warrant. It represents a fundamental general acceptance across the Union that there is an equivalent level of a law enforcement framework across all of the Member States of the Union. The level of training, independence, integrity and approach is sufficient enough to agree to surrender without (significant) verification a national to a different Member State – despite even constitutional obligations to protect one’s own citizens233. As essential a step this has been, it had not been followed up on an equally ambitious level when it concerns information required in judicial proceedings, i. e. evidence, until recently. There has been significant development disproportionate to the very limited attention it appears to have received, namely the European Investigation Order (EIO)234. The EIO came into force on 22 May 2017 and foresees the mutual recognition of a judicial order to actually obtain information. As such, it allows e. g. a judge in Member State A to order the search of a premise in Member State B. This represents a significant acceptance of judicial authority from an outside country and a significant interference into the national judicial order. The net result of these efforts, and the pinnacle of mutual recognition, is that all judges across all of the Member States, have had a dramatic broadening of their competence and as concerns criminal matters, the concept of mutual legal assistance has been abolished, just as the concept of extradition was by the European Arrest Warrant235.

I. Other EU actors 52

The impression that the only agency in existence and of relevance is Europol from an operational and strategic aspect, is inaccurate. It certainly is the case for Europol as 229 Council Act of 29 May 2000 establishing in accordance with Art. 34 of the Treaty on European Union the Convention on Mutual Assistance in Criminal Matters between the Member States of the European Union OJ C 197 of 12.7.2000. 230 Council Framework Decision of 13 June 2002 on joint investigation teams OJ L 162 of 20.6.2002 (even though already contained in Art. 13 of the MLA Convention, due to its lacking implementation by the Member States, the parts on the establishment of joint investigation teams was taken out and passed as a separate framework decision – see also Art. 5 thereof). 231 Council Framework Decision of 13 June 2002 on the European arrest warrant and the surrender procedures between Member States OJ L 190 of 18.7.2002. 232 Council Framework Decision 2008/978/JHA of 18 December 2008 on the European evidence warrant for the purpose of obtaining objects, documents and data for use in proceedings in criminal matters OJ L 350 of 30.12.2008 (now repealed however and no longer in force). 233 Cf. specifically from a constitutional aspect, Pollicino, German L. J. 2008, 9(10), pp. 1313–1356, Sarmiento, Int’l J. of Constitutional Law 2008, 6(1), pp. 171–183, Impala, Utrecht L. Rev. 2005, 1(2), pp. 56–78 As regards decisions by consitutional courts and the European Court of Justice dealing with these aspects, cf. German BVERFG: BVerfG, Decision of 15 December 2015, 2 BvR 2735/14, paras 44 et seq., CJEU, Joined Cases C-404/15 and C-659/15 PPU Aranyosi and Căldăraru, Judgment of the Court (Grand Chamber) of 5 April 2016, ECLI:EU:C:2016:198, paras 81–89., or even the Irish Supreme Court refusing extradition to the United Kingdom based on the likelihood of Brexit by the end of the imposed custodial sentence (Minister for Justice v O’Connor, [2018] IESC 3). 234 Directive 2014/41/EU of the European Parliament and of the Council of 3 April 2014 regarding the European Investigation Order in criminal matters OJ L 130 of 1.5.2014. 235 As requests for mutual legal assistance are indeed a request, asking for assistance. The issuance of a judicial order is not a request anymore, but the recipient is (apart from strict exceptions) obliged to comply. In essence, it turns the European Union into a single zone as concerns validity of judicial decisions in specific fields, such as increasingly the area of police and judicial cooperation.

284

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:48 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

concerns police cooperation, yet other agencies are also worth noting for their roles and impact they have in the general field of European criminal intelligence. One of the other increasingly relevant and growing agencies is the European Border and Coast Guard Agency (Frontex)236. The core role and mandate were the assistance in securing the external borders of the Union, but via its amendments, it also gained competence for cross-border criminality concerning external border security237. Whilst it is a mandated crime area, the main focus lies in its strategic analysis, with its ability to process personal data still limited as a consequence for the ability to conduct the strategic analysis238. To the extent it does process personal data, this is processable only i.a. for the purpose of submitting it to Europol239. The closest body related to the existence of a European police force is OLAF, the Commission’s internal investigations unit240. As its mandate however also covers the Union’s finances241, its field of involvement goes significantly beyond fraud or other offences committed by Union staff, but also deals with corruption in foreign aid, grant allocations, etc. Its main and significant restriction comes by way of its mandate only covering administrative enquiries, and to the extent it does discover and build an arguably criminal case, this information is passed on to the respectively concerned prosecutor’s office of the Member State in question, and OLAF’s involvement ends. The reason it is often referred to as potentially a European police force is that its powers appear to be coercive, yet on a fundamental basis derive mainly from the conditions attached to receiving EU funds, i. e. an active obligation of cooperation242. A further agency active in the field of European criminal intelligence is Eurojust, the 53 Union’s judicial coordination body, tasked with the facilitation of requests for mutual legal assistance and the facilitation of the execution of instruments of mutual recognition243. While it too maintains analytical capabilities, it is not tasked with analysis as its core purpose. Similarly, a highly valuable network allowing the identification of suitable contact points to address queries and request for mutual legal assistance to, is the European Judicial Network244. Sounding somewhat basic in this description, considering the significant differences in the structures and legal possibilities for judicial action, this is an essential first point of assistance for Union practitioners. While not at all involved in the actual sharing of information on an operational level, it would be remiss not to mention the European Police College (CEPOL)245 which is an essential tool in the Union’s approach of ensuring equal access to ongoing training and the distribution of knowledge, ensuring an equal playing field246. On the judicial level, the equivalent is the 236

Supra 97. Ibid, Art. 4(a). 238 Ibid, Arts. 46 et seq. 239 Ibid, Art. 47. 240 Regulation (EU, Euratom) No. 883/2013 of the European Parliament and of the Council of 11 September 2013 concerning investigations conducted by the European Anti-Fraud Office (OLAF) and repealing Regulation (EC) No. 1073/1999 of the European Parliament and of the Council and Council Regulation (Euratom) No. 1074/1999 OJ L 248 of 18.9.2013. 241 Ibid. 242 Cf. Quirke, Crime, Law and Social Change 2010, Vol. 53, pp. 97–108. 243 Art. 3(1) Eurojust Council Decision. 244 Council Decision 2008/976/JHA of 16 December 2008 on the European Judicial Network OJ L 348 of 24.12.2008. 245 Regulation (EU) 2015/2219 of the European Parliament and of the Council of 25 November 2015 on the European Union Agency for Law Enforcement Training (CEPOL) and replacing and repealing Council Decision 2005/681/JHA OJ L 319 of 4.12.2015. 246 Close cooperation with Europol, as regards Europol’s tasks related to training, is foreseen also in the Europol Regulation. 237

Ryder

285

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:48 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

European Judicial Training Network (EJTN)247, aimed at ensuring also on a judicial level an equal level of training, awareness and best practice248. Of practical relevance is also EU-Lisa249, the agency charged with the management and maintenance of largescale IT systems, which manages SIS and VIS at present, and presumably ETIAS in the future. It has no operational access to any of the data, nor is it tasked with any analysis, but it is acknowledged that any centralized system on the scale discussed requires a dedicated agency to ensure the security and technical management. 54 A considerable impact on a European level will occur with the commencement of the European Public Prosecutor’s Office (EPPO)250. This will introduce a public prosecutor from a European perspective, competent to investigate, prosecute and bring to justice individuals committing offences against the Union’s interest251. This will be done using designated national prosecutors, as well as drawing on the resources of Europol and Eurojust252. While the interesting implementation will only occur in the coming months and years, it is already clear that this is a considerable step towards the actual creation of European Law Enforcement in a literal sense, and a first step possibly in the “federalization” of law enforcement.

D. Future possibilities & long-term perspective 55

European criminal intelligence and its sharing is the precondition for being able to police the Union as if it were being policed by one single entity. Room for further or future developments then can only involve making available even more information to the systems in place or taking steps towards the creation of a “federal” equivalent system. One of the intriguing aspects when reflecting on all of the above issues listed, and arguably their culmination, is that this may all have been expected and foreseen by the legislator at the time of drafting the Lisbon Treaty. A potential solution is also available, should the political willingness ever be great enough to follow through and utilize the available provisions to the maximum extent. Specifically, this refers to Art. 86(4) TFEU, which states that “The European Council may, at the same time or subsequently, adopt a decision amending paragraph 1 [i. e. the mandate of the European Public Prosecutor’s office] in order to extend the powers of the European Public Prosecutor’s Office to include serious crime having a cross-border dimension and amending accordingly paragraph 2 as regards the perpetrators of, and accomplices in, serious crimes affecting more than 247 Whilst not an EU agency, it is an EU grant financed operation, for funding 2014–2020, cf. Regulation (EU) 1382/2013 of the European Parliament and of the Council of 17 December 2013 establishing a Justice Programme for the period 2014 to 2020 OJ L 354 of 28.12.2013. 248 For an overview of the interaction of Europol, Eurojust and the European Judicial Network, cf. Demmelbauer, Europol, Eurojust und das Europaeische Justizielle Netz, 2012. 249 Regulation (EU) No. 1077/2011 of the European Parliament and of the Council of 25 October 2011 establishing a European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice OJ L 286 of 1.11.2011, currently subject to revision based on Proposal for a Regulation of the European Parliament and of the Council on the European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice, and amending Regulation (EC) 1987/2006 and Council Decision 2007/533/JHA and repealing Regulation (EU) 1077/ 2011 COM (2017) 352 final. 250 Regulation (EU) 2017/1939 of 12 October 2017 implementing enhanced cooperation on the establishment of the European Public Prosecutor’s Office (“the EPPO”) OJ 283 of 31.10.2017. 251 Art. 86(2) TFEU. 252 Ibid.

286

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:49 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

one Member State. The European Council shall act unanimously after obtaining the consent of the European Parliament and after consulting the Commission.”253 This paragraph is not frequently referenced, yet in essence it comes full circle from the introduction to this chapter. The solution to the lack of harmonized abilities, legislation, financial and human resources and expertise across the various Member States of the Union is solved, by way of having all serious cross-border criminality dealt with by the European Public Prosecutor. Bearing in mind his/her mandate covers “investigating, prosecuting and bringing to judgment, where appropriate in liaison with Europol, the perpetrators of, and accomplices in, offences against the Union’s financial interests or serious crime affecting more than one Member State.”254 This would imply indeed a scenario in which Member States themselves are and remain responsible for ensuring their security255 – yet deferring and having the responsibility for the investigation and prosecution of all cross-border serious crime dealt with by the Union and the available resources dedicated for it on a Union level. While this is not a likely scenario in the medium-term, it is not unimaginable that 56 the pressures in existence from the ever-increasing mobility and innovation of organized crime groups’ methods and structures, will result in the Member States’ acceptance that no national action, no matter how coordinated it may be with that of other Member States, will suffice to address it in an adequate manner. And that will be the day, information or intelligence no longer needs to be shared – as it will no longer be a question of the Member States not sharing amongst each other, but rather more a question of how much the European Public Prosecutor will share with the Member States.

E. Concluding assessment The area and thematic scope of European criminal intelligence as such is as broad as 57 it is all-encompassing. This chapter has addressed what it considers the most relevant aspects and aimed at facilitating an understanding of the context in which the sharing of information must be seen to understand its relevance specifically from a Union perspective. Significant achievements and instruments relevant to information sharing, such as PNR256, Pruem257, Swedish Initiative258 to just name a few, have remained unaddressed, not due to their lack of importance but because emphasis was placed on context and exemplification. The Union faced, and still does, a significant structural problem considering its identification of being a Union, but not a state, whilst showing de facto nearly all the criteria of being one. It has undertaken a few individual actions and legislation addressing individual symptoms but has stepped short so far of consolidation and further expansion of existing scattered/decentralised infrastructure. One of the core inhibitors is of course the existence of strong data protection legislation, 253

Art. 86(4) TFEU. Art. 86(2) TFEU. 255 As foreseen under Art. 72 TFEU. 256 Directive (EU) 2016/681 of the European Parliament and of the Council of 27 April 2016 on the use of passenger name record (PNR) data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime OJ L 119 of 4.5.2016. 257 Council Decision 2008/615/JHA of 23 June 2008 on the stepping up of cross-border cooperation, particularly in combatting terrorism and cross-border crime OJ L 210 of 6.8.2008. 258 Communication from the Commission to the Council and the European Parliament – Towards enhancing access to information by law enforcement agencies (EU information policy) COM (2004) 429 final. 254

Ryder

287

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:49 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 3. European Intelligence Cooperation

as well as security concerns against a centralization of all relevant data. This utopian “Big-Brother” style database is the poster-child against having all available data centralized. It is however negligent not to ask whether having the data stored in separate systems on a technical level, is a meaningless differentiation if they can all be queried at the same time in one search. It would be more honest and consistent to take the step and make the case that in modern times, the forms of criminality faced require law enforcement action and activity at a greater and most importantly different level, which is not possible by using systems designed for a bygone era. The challenges of modern law enforcement lie from a European perspective in policing one geographic area in which all criminals can move freely, whilst it is the police that cannot. This is notwithstanding the other modern challenges resulting from the borderless internet, and the differing approaches taken by the CJEU, as well as the Member States themselves in e. g. the area of data retention legislation or the ongoing public debate about encryption or cloud computing, in effect making decryption by law enforcement by traditional manners technologically near impossible in many circumstances. 58 The efforts undertaken, and specifically the interoperability proposal, combined with the legal possibility for all of Europol’s data being accessible to law enforcement directly (even if it is only to verify whether or not information exists) and the attempts of using pseudo-anonymization through e. g. the ADEP project as a precursor to a European Police Records Index System259, are all encouraging steps – which the initial Principle of Availability/Swedish Initiative260 proposal also foresaw. The creation of a European Public Prosecutor and the associated acceptance thereof of not only 9 Member States as required by the Treaties261, but actually 3/4th of the Member States accepting a federal jurisdiction262, also demonstrate a significant change of attitude. European law enforcement is still a distance from reaching its golden age, but its commencement can be seen. While it is regrettably also fuelled by the new global threat of terrorism, both foreign and domestic, as well as the fight against child sexual exploitation and child abuse material, Europe is also in a political state in which it appears that society feels threatened, such as through illegal migration. The golden age of data protection and 259 For a short yet concise position of the Commission, cf. Parliamentary questions – 22 November 2016 – Answer given by Mr King on behalf of the Commission: “The European Agenda on Security notes that the real-time availability of police data across Member States is an area for future work on information exchange. In the communication on Stronger and Smarter Information Systems for Borders and Security, the so-called ‘European Police Records Index System’ (EPRIS) is mentioned among the tools that could potentially address some information gaps across Member States. There is a need for a full and detailed assessment of whether this additional tool is necessary, feasible and proportionate. The Commission has included a direct award of EUR 1.5 million in the Internal Security Fund — Police 2016 Annual Work Programme to support a pilot project called Automation of Data Exchange Processes (ADEP) as referred to in the question asked. The pilot project aims to create a technical system which allows, through an index, to see if police records on an individual exist in one or several other Member States. The automated reply to a search in the index would only indicate if data is available (‘hit’) or not (‘no hit’) in the police record of another country. In case of a hit, additional data would need to be requested using existing channels for police cooperation. ADEP applies the principle of data protection by design by the use of pseudonymised data — the identity of persons of interest will not be revealed as long as potential hits have not emerged. Prior to creating an ADEP request, the user has to be satisfied that all preconditions for the bilateral information exchange are fulfilled (e. g. principle of proportionality). The Commission intends to use the results of the ADEP pilot project to conduct a full assessment of the necessity, feasibility and proportionality of setting up of EPRIS before deciding whether to draft a legislative proposal.” 260 Supra 254. 261 Art. 86 TFEU. 262 Cf. Press Release 333/17 of the Council of the European Union of 8.6.2017 – 20 Member States agree on details on creating the European Public Prosecutor’s office (EPPO).

288

Ryder

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:50 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. European Criminal Intelligence

fundamental rights achieved in a period of stability and security may be coming to its end and swing the pendulum back towards focusing on the needs of law enforcement – as society may no longer be willing to accept a certain degree of risk and lessened security in exchange for greater individual freedoms but rather may be willing to sacrifice one for the other. Europe is still far away from a unified European criminal code and a European police force with coercive powers, but it is ultimately headed in that direction – not necessarily by political will, but by acceptance and resignation to the fact that there is no feasible alternative.

Ryder

289

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 3.3d from 30.09.2019 13:57:50 3B2 9.1.580; Page size: 160.00mm  240.00mm

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:06 3B2 9.1.580; Page size: 160.00mm  240.00mm

PART 4 EUROPEAN INTELLIGENCE AND RULE OF LAW Chapter 1 Intelligence and Human Rights Stefanie Schmahl Outline A. Introductory note on the complexity of legal issues................................................ B. General remarks on an attempt at systematization ................................................. I. No human rights relevance for inter-state intelligence activities................. II. General impact of human rights on intelligence activities against nonstate actors ................................................................................................................ 1. Extraterritorial application of human rights treaties ................................. a) Territorial jurisdiction and the normative non-relevance of nationality....................................................................................................... b) Extraterritorial scope of human rights treaties...................................... aa) Extraterritorial application of the ICCPR ....................................... bb) Extraterritorial application of the ECHR ........................................ cc) Human rights and extraterritorial activities of intelligence services..................................................................................................... 2. Human rights in times of emergency and during armed conflicts ........ C. Differences in the legal assessment of intelligence and human rights: a thematic case-by-case analysis ...................................................................................... I. Intelligence and legal restrictions on surveillance against non-state actors 1. International data protection........................................................................... 2. International human rights regime ................................................................ a) Dynamic interpretation of the right to privacy..................................... b) Requirements for the justification of interferences with the right to privacy............................................................................................................. II. Intelligence and the obligation to protect and ensure human rights in “extraordinary renditions” cases.......................................................................... III. Intelligence and legal requirements for the imposition of “targeted sanctions”................................................................................................ IV. Intelligence and legality of “targeted killings”? ................................................ 1. “Targeted killings” and the international human rights regime.............. 2. “Targeted killings” and the laws of armed conflict .................................... D. Concluding assessment ...................................................................................................

mn. 1 4 5 8 10 11 13 14 17 19 23 26 27 28 31 31 34 40 47 54 58 61 74

Bibliography: Aldrich, The Taliban, Al Qaeda, and the determination of illegal combatants, American Journal of International Law 96 (2002), 891; Alston, The CIA and Targeted Killings Beyond Borders, Public Law & Legal Theory Research Paper Series, New York University School of Law, Working Paper No. 11–64, 2011; Alston, Using International Law to Combat Unlawful Targeted Killings, in: Fastenrath et al. (eds.), From Bilateralism to Community Interest. Essays in Honour of Judge Bruno Simma, 2011, 1149; Aust, Spionage im Zeitalter von Big Data – Gobale Überwachung und der Schutz der Privatsphäre im Völkerrecht, Archiv des Völkerrechts 52 (2014), 375; Avbelj/Fontanelli/Martinico (eds.), Kadi on Trial. A Multifaceted Analysis of the Kadi Trial, 2014; Banks, Regulating Drones: Are Targeted Killings by Drones Outside Traditional Battlefields Legal?, in: Bergen/Rothenberg (eds.), Drone Wars: Transforming Conflict, Law, and Policy, 2015, 129; Barak, A Judge on Judging: The Role of a Supreme Court in a Democracy, Harvard Law Review 19 (2002), 116; Ben-Naftali/Michaeli, We must not Make a Scarecrow of the Law: A Legal Analysis of the Israeli Policy of Targeted Killings, Cornell International Law Journal 36 (2003), 233; Besson, The Extraterritoriality of the European Convention on Human Rights: Why Human Rights Depend on Jurisdiction and What Jurisdiction Amounts to, Leiden Journal of International Law 25 (2012), 857; Bieker,

Schmahl

291

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:06 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law Geheimdienste vor Gericht – die gerichtliche Aufarbeitung der massenhaften Überwachung im Vereinigten Königreich und die Europäische Menschenrechtskonvention, Die Friedens-Warte 90 (2015), 33; Biersteker, Targeted sanctions and individual human rights, International Journal 2009/10, 99; Biersteker/Eckert/ Tourinho (eds.), Targeted Sanctions. The impacts and effectiveness of United Nations Action, 2016; Blanchard, This Is Not War by Machine, in: Bergen/Rothenberg (eds.), Drone Wars. Transforming Conflict, Law, and Policy, 2015, 118; Bodnar/Pacho, Domestic Investigation into Participation of Polish Officials in the CIA Extraordinary Rendition Program and the State Responsibility under the European Convention on Human Rights, Polish Yearbook of International Law 21 (2011), 233; Brissa, Aktuelle Entwicklungen der parlamentarischen Kontrolle nachrichtendienstlicher Tätigkeit des Bundes, Die Öffentliche Verwaltung 2017, 765; Buergenthal, To Respect and to Ensure: State Obligations and Permissible Derogations, in: Henking (ed.), The International Bill of Rights – The Covenant on Civil and Political Rights, 1981, 72; Cannizzaro, Security Council Resolutions and EC Fundamental Rights: Some Remarks on the ECJ Decision in the Kadi Case, Yearbook of European Law (2009), 593; Cantwell, A Tale of Two Kadis: Kadi II, Kadi v. Geithner & U.S. Counterterrorism Finance Efforts, Columbia Journal of Transnational Law 53 (2015), 652; Cerna, Introductory Note to Abu Zubaydah v. Lithuania, International Legal Materials 57 (2018), 715; Chander/Land, Introductory Note to United Nations General Assembly Resolution on the Right to Privacy in the Digital Age, International Legal Materials 53 (2014), 727; Chesterman, The Spy Who Came in from the Cold War: Intelligence and International Law, Michigan Journal of International Law 27 (2006), 1071; Cline, An Analysis of the Legal Status of CIA Officers Involved in Drone Strikes, San Diego International Law Journal 15 (2013), 51; Cremona, EC Competence, “Smart Sanctions”, and the Kadi Case, Yearbook of European Law 28 (2009), 559; Cuyvers, “Give me one good reason”: The unified standard of review for sanctions after Kadi II, Common Market Law Review 2014, 1759; David, “Fatal Choices: Israel’s Policy of Targeted Killing”, Mideast Security and Policy Studies No. 51 (2002), 1; de Búrca, The European Court of Justice and the International Legal Order After Kadi, Harvard International Law Journal 51 (2010), 1; de Wet, From Kadi to Nada: Judicial Techniques Favouring Human Rights over United Nations Security Council Sanctions, Chinese Journal of International Law 12 (2013), 787; Deiseroth, Verstrickung der Airbase Ramstein in den globalen US-Drohnenkrieg und die deutsche Mitverantwortung, Deutsches Verwaltungsblatt 2017, 985; Dennis, Application of Human Rights Treaties Extraterritorially in Times of Armed Conflict and Military Occupation, American Journal of International Law 99 (2005), 119; Dinstein, The Right to Life, Physical Integrity, and Liberty, in: Henkin (ed.), The International Bill of Rights: The Covenant on Civil and Political Rights, 1981, 114; Doehring, Spionage im Friedensvölkerrecht, in: Bundesamt für Verfassungsschutz (ed.), Verfassungsschutz in der Demokratie, 1990, 307; Donohue, The Future of Foreign Intelligence: Privacy and Surveillance in a Digital Age, 2016; Dörmann, The Legal Situation of “Unlawful/Unprivileged Combatants”, International Review of the Red Cross 85 (2003), 45; Dörr/Grote/Marauhn (eds.), EMRK-GG Konkordanzkommentar, 2nd ed. 2013; Doswald-Beck, The Right to Life in Armed Conflict: Does International Humanitarian Law Provide all the Answers?, International Review of the Red Cross 88 (2006), 864; Duffy, Extraordinary Rendition and International Law, Interights Bulletin 16 (2010), 1; Duffy, Harmony or Conflict? The Interplay between Human rights and Humanitarian Law in the Fight Against Terrorism, in van den Herik/Schrijver (eds.), Counterterrorism Strategies in a Fragmented International Legal Order: Meeting the Challenges, 2013, ch. 15; Duffy, The “War on Terror” and the Framework of International Law, 2nd ed. 2015; Durner, Anmerkung zu BVerfG, Urt. v. 20.4.2016 – 1 BvR 966/09, 1 BvR 1140/09, Deutsches Verwaltungsblatt 2016, 780, Eichensehr, On Target? The Israeli Supreme Court and the Expansion of Targeted Killings, The Yale Law Journal 116 (2007), 1873; Ewer/Thienel, Völker-, unions- und verfassungsrechtliche Aspekte des NSA-Datenskandals, Neue Juristische Wochenschrift 2014, 30; Farer/Bernard, Killing by Drone: Towards Uneasy Reconciliation with the Values of a Liberal State, Human Rights Quarterly 38 (2016), 108; FischerLescano, Der Kampf um die Internetverfassung, JuristenZeitung 2014, 965; Fleck (ed.), The Handbook of International Humanitarian Law, 3rd ed. 2013, Francioni, The Right of Access to Justice to Challenge the Security Council’s Targeted Sanctions: After-Thoughts on Kadi, in: Fastenrath et al. (eds.), From Bilateralism to Community Interest, Essays in Honour of Judge Bruno Simma, 2011, 908; Frowein/Wolfrum/Schuster, Völkerrechtliche Frage der Strafbarkeit von Spionen aus der ehemaligen DDR, 1995; Gärditz, Die Rechtsbindung des Bundesnachrichtendienstes bei Auslandstätigkeiten, Die Verwaltung 48 (2015), 463; Gärditz, Die Reform des Nachrichtendienstrechts des Bundes: Ausland-Ausland-Fernmeldeaufklärung des Bundesnachrichtendienstes und Stärkung des Parlamentarischen Kontrollgremiums, Deutsches Verwaltungsblatt 2017, 525; Gärditz, Legal Restraints on the Extraterritorial Activities of Germany’s Intelligence Services, in: Miller (ed.), Privacy and Power, 2017, 401; Gärditz, Sicherheitsverfassungsrecht und technische Aufklärung durch Nachrichtendienste, Europäische Grundrechte Zeitschrift 2018, 6; Gasser, Acts of terror, “Terrorism” and International Humanitarian Law, International Review of the Red Cross 84 (2002), 547; Gasser, International Humanitarian Law and Human Rights Law in Non-international Armed Conflict: Joint Venture or Mutual Exclusion?, German Yearbook of International Law 45 (2002), 149; Giegerich, Europäische Vorreiterrolle im Datenschutzrecht: Neue Entwicklungen in der Gesetzgebung, Rechtsprechung und internationalen Praxis der EU, Zeitschrift für Europarechtliche Studien 2016, 301; Ginsborg, The United Nations Security Council’s counter-terrorism Al-Qaida sanctions regime: Resolution 1267 and the 1267 Committee, in: Saul (ed.),

292

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:07 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights Research Handbook on International Law and Terrorism, 2014, 608; Gormley, The Right to Life and the Rule of Non-Derogability: Peremptory Norms of Jus Cogens, in: Ramcharan (ed.), The Right to Life in International Law, 1985, 120; Gowlland-Debbas, The Right to Life and the Relationship between Human Rights and Humanitarian Law, in: Tomuschat/Lagrange/Oeter (eds.), The Right to Life, 2010, 123; Grabenwarter (ed.), Europäischer Grundrechteschutz, Enzyklopädie Europarecht, vol. 2, 2014, Grabenwarter/Pabel, Europäische Menschenrechtskonvention, 6th ed. 2016; Graf Vitzthum, Les compétences législatives et juridictionelles de la Communauté européenne dans la lutte contre le terrorisme – l’affaire Kadi, Zeitschrift für Europarechtliche Studien 2008, 375; Gross, Fighting by Other Means in the Mideast: A Critical Analysis of Israel’s Assassination Policy, Political Studies 51 (2003), 350; Hampson, The Relationship between International Humanitarian Law and Human Rights Law from the Perspective of a Human Rights Treaty Body, International Review of the Red Cross 90 (2008), 549; Hance, Pilotless drones and the extraterritorial application of international human rights treaties, available at: http://www.aabri.com/OC2013Manuscripts/OC13066.pdf; Heintze, On the Relationship Between Human Rights Law Protection and International Humanitarian Law, International Review of the Red Cross 86 (2004), 789; Heintze, The European Court of Human Rights and the Implementation of Human Rights Standards During Armed Conflicts, German Yearbook of International Law 45 (2002), 60; Heselhaus/Nowak (eds.), Handbuch der Europäischen Grundrechte, 2nd ed., 2019 (forthcoming); Hoffmann-Riem, Freiheitsschutz in den globalen Kommunikationsinfrastrukturen, JuristenZeitung 2014, 52; Hofmann, Der Europäische Gerichtshof für Menschenrechte und Extraordinary Renditions, in: Festschrift für Hailbronner, 2013, 443; Hollenberg, The Diverging Approaches of the European Court of Human Rights in the Cases of Nada and Al-Dulimi, International and Comparative Law Quarterly 64 (2015), 445; Hovell, Due Process in the United Nations, American Journal of International Law 110 (2016), 1; Huber, Die strategische Rasterfahndung des Bundesnachrichtendienstes – Eingriffsbefugnisse und Regelungsdefizite, Neue Juristische Wochenschrift 2013, 2572; Jankowska-Gilberg, Extraterritorialität der Menschenrechte, 2008; Joseph/Fletcher, Scope of Application, in: Moeckli/Shah/Sivakumuran (eds.), International Human Rights, 2013, 133; Kadelbach, Introductory Note to Al-Dulimi and Montana Management Inc. v. Switzerland, International Legal Materials 55 (2016), 1023; Karpenstein/Mayer (eds.), EMRK, Kommentar, 2nd ed. 2015; Klein, International Sanctions from a Human Rights Law Perspective: Some Observations on the Kadi Judgment of the European Court of Justice, International Human Rights Law Review 4 (2009), 111; Kokott/ Sobotta, The Kadi Case – Constitutional Core Values and International Law: Finding the Balance?, European Journal of International Law 23 (2012), 1015; Kremnitzer, Präventives Töten, in: Fleck (ed.), Rechtsfragen der Terrorismusbekämpfung durch Streitkräfte, 2004, 201; Kretzmer, Targeted Killing of Suspected Terrorists: Extra-Judicial Executions or Legitimate Means of Defence?, European Journal of International Law 16 (2005), 171; Kühling/Martini, Die Datenschutz-Grundverordnung: Revolution oder Evolution im europäischen und deutschen Datenschutzrecht?, Europäische Zeitschrift für Wirtschaftsrecht 2016, 448; Kühne, Schwarze Listen: Bürgerlicher Tod ohne Gerichtsverfahren und ohne Beweise – Der Fall Kadi und kein Ende, Zeitschrift für Rechtspolitik 2013, 243; Kuner, Regulation of Transborder Data Flows under Data Protection and Privacy Law, 2013; Kyriakou, The International Convention for the Protection of All Persons from Enforced Disappearance and its Contributions to International Human Rights Law, With Specific Reference to Extraordinary Rendition, Melbourne Journal of International Law 13 (2012), 1; Lachenmann, Das Ende des Rechtsstaates aufgrund der digitalen Überwachung durch die Geheimdienste?, Die Öffentliche Verwaltung 2016, 501; Larik, The Kadi Saga as a Tale of “Strict Observance” of International Law: Obligations under the UN Charter, Targeted Sanctions and Judicial Review in the European Union, Netherlands International Law Review 61 (2014), 23; Lawson, Life After Bankovic: On the Extraterritorial Application of the ECHR, in: Coomans/Kamminga (eds.), Extraterritorial Application of Human Rights Treaties, 2004, 83; Longobardo, (New) Cyber Exploitation and (Old) International Humanitarian Law, Zeitschrift für ausländisches öffentliches Recht und Völkerrecht 77 (2017), 809; Lubell, Extraterritorial Use of Force Against Non-State Actors, 2010; Machon, Targeted Killing as an Element of U.S. Foreign Policy in the War on Terror, 2006; Marauhn, Sicherung grund- und menschenrechtlicher Standards gegenüber neuen Gefährdungen durch private und ausländische Akteure, Veröffentlichungen der Vereinigung der Deutschen Staatsrechtslehrer 74 (2015), 373; Margulies, The NSA in Global Perspective: Surveillance, Human Rights, and International Counterterrorism, Fordham Law Review 82 (2014), 2137; Marxsen, Strategische Fernmeldeaufklärung, Die Öffentliche Verwaltung 2018, 218; Matz-Lück, Nachrichtendienste im Recht der internationalen Beziehungen, in: Dietrich/ Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, 107; McSherry, Predatory States, Operation Condor and Covert War in Latin America, 2005; Melzer, Keeping the Balance Between Military Necessity and Humanity: A Response to Four Critiques of the ICRC’s Interpretive Guidance on the Notion of Direct Participation in Hostilities, New York University Journal of International Law and Politics 42 (2010), 829; Melzer, Targeted Killing in International Law, 2008; Meron, Extraterritoriality of Human Rights Treaties, American Journal of International Law 89 (1995), 78; Meron, The Humanization of Humanitarian Law, American Journal of International Law 94 (2000), 238; Meyer (ed.), Charta der Grundrechte der Europäischen Union, 4th ed. 2014; Milanović, Extraterritorial Application of Human Rights Treaties, 2011; Milanović, Human Rights Treaties and Foreign Surveillance: Privacy in the Digital Age, Harvard International Law Journal 56 (2015), 81; Moussa, Can jus ad bellum override jus in bello?, Reaffirming the separation of the two

Schmahl

293

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:07 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law bodies of law, International Review of the Red Cross 90 (2008), 963; Neuman, Humanitarian Law and Counterterrorist Force, European Journal of International Law 14 (2003), 283; Nolte, Preventive Use of Force and Preventive Killings: Moves into a Different Legal Order, Theoretical Inquiries in Law 5 (2004), 111; Nolte, Targeted Killing, in: Wolfrum (ed.), Max Planck Encyclopedia of Public International Law, vol. IX, 2012, 763; Nowak, UN Covenant on Civil and Political Rights. A Commentary, 1993; Orakhelashvili, Restrictive Interpretation of Human Rights Treaties in the Recent Jurisprudence of the European Court of Human Rights, European Journal of International Law 14 (2003), 529; Otto, Targeted Killings and International Law, 2012; Pabel/Schmahl (eds.), Internationaler Kommentar zur EMRK, 2019; Papier, Beschränkungen der Telekommunikationsfreiheit durch den BND an Datenaustauschpunkten, Neue Zeitschrift für Verwaltungsrecht-Extra 2016, 1; Paust, War and Enemy Status after 9/11: Attack on the Laws of War, Yale Journal of International Law 28 (2003), 325; Pechstein/Nowak/Häde (eds.), Frankfurter Kommentar EUV/ GRC/AEUV, 2017, Peers/Hervey/Kenner/Ward (eds.), The EU Charter of Fundamental Rights. A Commentary, 2014; Pejic, Unlawful/Enemy Combatants: Interpretations and Consequences, in: Schmitt/Pejic (eds.), International Law and Armed Conflict: Exploring the Faultlines, 2007, 341; Peters, Privacy, Rechtsstaatlichkeit, and the Legal Limits on Extraterritorial Surveillance, in: Miller (ed.),, Privacy and Power, 2017, 145; Peters, Surveillance without Borders?, 1.11.2013, EJIL Talk 2013, Part 2; Pictet, Development and Principles of International Humanitarian Law, 1985, 62; Platon, The “Equivalent Protection Test”: From European Union to United Nations, from Solange II to Solange I, European Constitutional Law Review 10 (2014), 226; Polakiewicz, Privacy Protection in the 21st Century: The Need for Innovative Approaches, in: Casadevall et al. (eds.), Mélanges en l’honneur de Dean Spielmann, 2015, 504; Pöschl, Sicherung grund- und menschenrechtlicher Standards gegenüber neuen Gefährdungen durch private und ausländische Akteure, Veröffentlichungen der Vereinigung der Deutschen Staatsrechtslehrer 74 (2015), 401; Proelß/Daum, Verfassungsrechtliche Grenzen der Routinefernmeldeaufklärung durch den Bundesnachrichtendienst, Archiv des öffentlichen Rechts 41 (2016), 373; Rosenow, United we fight?: Terrorismusbekämpfung im Rahmen der Vereinten Nationen seit dem 11. September 2001, Die Friedens-Warte 86 (2011), 15; Ruys, License to Kill? StateSponsored Assassination under International Law, Military Law and Law of War Reviews 44 (2005), 13; Sandoz/Swinarski/Zimmermann (eds.), Commentary on Protocol Additional to the Geneva Conventions of 12 August 1949, and relating to the Protection of Victims of International Armed Conflicts (Protocol I), 8 June 1977, 1987; Schabas, The European Convention on Human Rights. A Commentary, 2015; Schaller, Spies, in: Wolfrum (ed.), Max Planck Encyclopedia of Public International Law, vol. IX, 2012, 435; Schenke, Konstitutionalisierung: Vorbild für die Europäisierung des Sicherheitsrechts?, in: Festschrift für Würtenberger, 2013, 1079; Schiedermair, Der Schutz des Privaten als internationales Grundrecht, 2012; Schmahl, Cybersecurity, Berichte der Deutschen Gesellschaft für Internationales Recht 47 (2016), 159; Schmahl, Derogation von Menschenrechtsverpflichtungen in Notstandslagen, in: Fleck (ed.), Rechtsfragen der Terrorismusbekämpfung durch Streitkräfte, 2004, 125; Schmahl, Effektiver Rechtsschutz gegen Überwachungsmaßnahmen ausländischer Geheimdienste?, JuristenZeitung 2014, 220; Schmahl, Herausforderungen der Regulierung im Cyberspace, Zeitschrift für Öffentliches Recht 73 (2018), 3; forthcoming; Schmahl, Maßnahmen der UNO zur Bekämpfung des internationalen Terrorismus: die Rolle des Sicherheitsrats und der Generalversammlung, in: Odendahl (ed.), Die Bekämpfung des Terrorismus mit Mitteln des Völker- und Europarechts, 2017, 109; Schmahl, Nachrichtendienste in der Völkerrechtsordnung, in: Dietrich et al. (eds.), Nachrichtendienste im demokratischen Rechtsstaat, 2018, 21; Schmahl, Specific Methods of Prosecuting Terrorists in National Law, in: Walter/Vöneky/Röben/Schorkopf (eds.), Terrorism as a Challenge for National and International Law: Security versus Liberty?, 2004, 81; Schmahl, Targeted Killings – A Challenge for International Law?, in: Tomuschat/Lagrange/Oeter (eds.), The Right to Life, 2010, 233; Schmahl, The European Court of Human Rights as Centre and Motor of a European Concept of International Law, in: Thouvenin/Tomuschat (eds.), Droit international et diversité des cultures juridiques, 2008, 277; Schmahl, Zwischenstaatliche Kompetenzabgrenzung im Cyberspace, Archiv des Völkerrechts 47 (2009), 284; Schmitt, State-Sponsored Assassination in International and Domestic Law, Yale Journal of International Law 17 (1992), 609; Schulze/Zuleeg/Kadelbach (eds.), Europarecht, 3rd ed. 2015; Buszewski/Gött, Avoiding Kadi – “Pre-emptive Compliance” with Human Rights when Imposing Targeted Sanctions, German Yearbook of International Law 57 (2014), 507; Staffler, Geheimdienstliches Verschwindenlassen von Terrorverdächtigen (extraordinary renditions) im Lichte der EGMR-Judikatur: der Fall Nasr (alias Abu Omar) und Ghali gegen Italien, Europäische Grundrechte Zeitschrift 2016, 344; Statman, Targeted killing, Theoretical Inquiries in Law 5 (2004), 179; Steiger, Das völkerrechtliche Folterverbot und der “Krieg gegen den Terror”, 2013; Stein, How Much Humanity Do Terrorists Deserve?, in: Delissen/Tanja (eds.), Humanitarian Law of Armed Conflict: Challenges Ahead, Essays in Honour of Frits Kalshoven, 1991, 567; Stein/Marauhn, Völkerrechtliche Aspekte von Informationsoperationen, Zeitschrift für ausländisches öffentliches Recht und Völkerrecht 60 (2001), 1; Streinz, Does the European Court of Justice Keep the Balance Between Individual and Community Interest in Kadi?, in: Fastenrath et al. (eds.), From Bilateralism to Community Interest, Essays in Honour of Judge Bruno Simma, 2011, 1118; Sule, Spionage: Völkerrechtliche, nationalrechtliche und europarechtliche Bewertung staatlicher Spionagehandlungen unter besonderer Berücksichtigung der Wirtschaftsspionage, 2006; Talmon, Der Begriff der “Hoheitsgewalt” in Zeiten der Überwachung des Internet- und Telekommunika-

294

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:08 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights tionsverkehrs durch ausländische Nachrichtendienste, JuristenZeitung 2014, 783; Tomuschat, Gezielte Tötungen (Targeted Killings), Vereinte Nationen 2004, 136; Tomuschat, Human Rights: Between Idealism and Realism, 3rd ed. 2014; Tomuschat, The Kadi Case: What Relationship is there between the Universal Legal Order under the Auspices of the United Nations and the EU Legal Order?, Yearbook of European Law (2009), 654; van Ooyen, Öffentliche Sicherheit und Freiheit, 2nd ed. 2013, van Steenberghe, Proportionality Under Jus in Bellum and Jus in Bello, Israel Law Review 45 (2012), 107; von Arnauld, Transnationaler Schutz der Privatsphäre aus der Sicht des Völkerrechts, Berichte der Deutschen Gesellschaft für Internationales Recht 47 (2016), 1; von Arnauld, Völkerrecht, 3rd ed. 2016; von Bernstorff/Asche, Nachrichtendienste und Menschenrechte, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, 79; von Kielmansegg, Der Zivilist in der Drehtür: Probleme der Statusbildung im humanitären Völkerrecht, JuristenZeitung 2014, 373; Vöneky, Espionage, Security Interests, and Human Rights in the Second Machine Age: NSA Mass Surveillance and the Framework of Public International Law, in: Miller (ed.), Privacy and Power, 2017, 492; Watkin, Controlling the Use of Force: A Role for Human Rights Norms in Contemporary Armed Conflict, American Journal of International Law 98 (2004), 1; Wegener, Verfassung in ausgewählten Teilrechtsordnungen: Konstitutionalisierung und Gegenbewegungen im Sicherheitsrecht, Veröffentlichungen der Vereinigung der Deutschen Staatsrechtslehrer 75 (2016), 293; Weiler, The Right to Privacy in the Digital Age: The Commitment to Human Rights Online, German Yearbook of International Law 58 (2014), 651; Weissbrodt/Bergquist, Extraordinary Rendition and the Humanitarian Law of War and Occupation, Virginia Journal of International Law 47 (2007), 295; Weissbrodt/Bergquist, Extraordinary Rendition and the Torture Convention, Virginia Journal of International Law 46 (2006), 585; Zagaris, U.S. Extraordinary Renditions Subject to Foreign and U.S. Investigations and Oversight, International Enforcement Law Reporter 21 (2005), 188; Zöller, Liberty Dies by Inches: German Counter-Terrorism Measures and Human Rights, German Law Journal 5 (2004), 469.

A. Introductory note on the complexity of legal issues The increasing threat of international terrorism contributes to the fact that the secret 1 services of different countries have strongly intensified their activities in order to effectively combat suspected terrorists. The goal of preventing or disrupting new terrorist attacks stems from the government’s responsibility to guarantee its population’s safety. The State has a sovereign duty to exercise due diligence to protect individuals from infringement of their rights.1 On the other hand, preventive measures against terrorist threats may grate against human rights of alleged perpetrators. As a consequence, the discussion about intelligence and human rights has been experiencing a renaissance for several years.2 In view of this ongoing debate, it must first be pointed out that a generalised response 2 to the question of the extent to which intelligence agencies are bound by international human rights cannot be achieved.3 The reason for this is that there are numerous forms of intelligence measures, ranging from digital surveillance to “targeted killing”, and various intelligence objects, namely, State and non-state actors with domicile in the country concerned or abroad. This factual divergence raises, of course, different legal questions. If a private enterprise of the telecommunications sector established in the territory of a given State is required to retain and transmit metadata for the purposes of data retention by the domestic intelligence authorities,4 other legal standards are 1 As to positive obligations on States to ensure human rights see e. g., HRC, General Comment No. 31: The Nature of the General Legal Obligation Imposed on States Parties to the Covenant, 26 May 2004, UN Doc. CCPR/C/21/Rev.1/Add.13 (2004), para 8. 2 See Schmahl in: Dietrich et al. (eds.), Nachrichtendienste im demokratischen Rechtsstaat, 2018, 21-41, forthcoming, with further references. 3 As regards the standards of human rights under national law, which are only casually referred to in this chapter, cf. Dietrich, Le Divelec and Leigh, Part 5 Chapter 1–3 in this volume. 4 As to the invalidity of the Data Retention Directive 2006/24/EC, see CJEU, Joined Cases C-293/12 and 594/12, Digital Rights Ireland, Judgment of 8 April 2014. As to the restrictive interpretation of the retention of data on the basis of Article 15 (1) of the Directive 2002/58/EC, cf. CJEU, Cases C-203/15 and C-698/15, Tele2 Sverige, Judgment of 21 December 2016.

Schmahl

295

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:08 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

applicable than in cases where public authorities tap a transnational fibre-optic cable.5 Still other legal problems arise when the UN Security Council, on the basis of intelligence findings, adopts “targeted sanctions” against suspected terrorists; these issues will predominantly have to be answered in the light of the provisions of the UN Charter.6 The involvement of secret services in the transfer of terror suspects between national jurisdictions by way of so-called “extraordinary renditions” in order to gain information using inhumane interrogation methods is, however, primarily to be assessed on the basis of human rights obligations.7 Human rights and, in addition, the rules of international humanitarian law are decisive, particularly with regard to “targeted killings” which are nowadays increasingly used in “unmanned drone wars”.8 Finally, the activities of the intelligence services in all mentioned fields raise various delineation problems with regard to the scope of international humanitarian and human rights law as well as with respect to the prohibition of intervention. 3 These complex questions are becoming even more complicated, as the means of intelligence services have undergone a significant change due to modern communication media. Unlike in times of analogue communication, the paths that electronic communication is taking through the fastest channels are impossible or, at least, very difficult to retrace.9 Even purely internal communications are often routed through foreign networks or servers. Due to this situation of online interconnectivity, the traditional differentiation between domestic and foreign surveillance partially loses its meaning.10 In the realm of modern communication technology and globalisation, territorial boundaries are becoming more and more irrelevant.11 In a similar vein, the growing use of robot weapons for “targeted killings” raises new problems on accountability. While an unmanned drone at least has a pilot who launched the missile from afar, this is not the case with a pilotless drone. Here, possible actors can come from various fields, including technology, military, intelligence, manufacturing, and government.12 The chain of accountability is thus not clear, and the lack of transparency challenges the principles of State responsibility.13

B. General remarks on an attempt at systematization 4

In spite of this challenging situation, all the above-mentioned constellations reveal basic problems of international law which are intermingled and deeply connected with each other, but at the same time give rise to systematic differentiations.

5

See infra, mns 27–39. See infra, mns 47–53. 7 See infra, mns 40–46. 8 See infra, mns 54–73. 9 See Schmahl, Archiv des Völkerrechts 47 (2009), 284 (285-7); Kuner, Regulation of Trans-border Data Flows under Data Protection and Privacy Law, 2013, 3. 10 See Aust, Archiv des Völkerrechts 52 (2014), 375 (376); Lachenmann, Die Öffentliche Verwaltung 2016, 501 (504). 11 See Weiler, German Yearbook of International Law 58 (2014), 651 (652); Peters in: Miller (ed.), Privacy and Power, 2017, 145 (150 et seq.). It is against this background that States are growingly trying to normatively re-localise virtual activities, see Schmahl, Zeitschrift für Öffentliches Recht 37 (2018), 3 (30). 12 There are more than one hundred human beings involved in a remotely piloted aircraft (“drone”) operation, and the chain of communication for such an operation involves multiple links and networks, see Blanchard in: Bergen/Rothenberg (eds.), Drone Wars, 2015, 118 (120). 13 Cf. Hance, OC13066; see also, with regard to cyberattacks, Schmahl, Berichte der Deutschen Gesellschaft für Internationales Recht 47 (2016), 159 (165). 6

296

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:09 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

I. No human rights relevance for inter-state intelligence activities First, we are still confronted with classic inter-state intelligence activities that have 5 always existed and are today simply carried out with modern technology. This category includes, for example, the tapping of mobile phones of officials, members or agents of foreign governments or organisations by (third) state agents.14 However, since only individuals are holders of human rights, intergovernmental surveillance plays no decisive role in the present investigation. Like all other State organs, intelligence agencies, security authorities and foreign governments are not regarded as bearer of human rights but, on the contrary, they are obliged to respect and ensure human rights of individuals.15 Nevertheless, the legal grounds of inter-state espionage should be briefly set out here. They offer – as a contrast film – some useful hints for adumbrating the relationship between intelligence and human rights, particularly in case of mass extraterritorial surveillance. According to international custom, inter-state espionage is neither expressly per- 6 mitted nor prohibited.16 Since international law is dependent on the consensus of States, all State activities, which are not explicitly prohibited, are as a rule considered to be allowed.17 The long-standing practice of inter-state espionage shows that the international community largely tolerates this behaviour.18 Inter-state surveillance activities do regularly not breach the principle of territorial sovereignty and the prohibition of intervention [see Article 2 (1) UN Charter]. If, for instance, foreign intelligence services merely tap the telecommunications networks of a foreign country to inform themselves, there is no sovereign act which could amount to a prohibited intervention.19 According to the International Court of Justice (ICJ)’s ruling in the Nicaragua case (1986), prohibited interference in foreign affairs presupposes a coercion.20 It is thus only when intelligence measures go beyond the mere acquisition of information, for example, when acts of sabotage are taken, that they might violate international law.21 The European Court of Human Rights (ECtHR), in the case of Weber and Saravia (2006), rightly held that surveillance measures carried out by means of satellites did not infringe the sovereignty of Argentine by the Federal Republic of Germany. The Court pointed out that the German federal secret service’s actions were not a physical tapping of telephone 14 See Aust, Archiv des Völkerrechts 52 (2014), 375 (377), with reference to the NSA tapping of the German Chancellor Merkel’s mobile phone. 15 Exceptions might apply with regard to the most intimate areas of the individual autonomy of members of foreign governments or in situations where these members clearly act as private individuals and not in their official function. 16 See the in-depth analysis by Sule, Spionage, 2006, 73–77. 17 See the dictum of the Permanent International Court of Justice, the S.S. Lotus, Judgment No. 9, P.C.I.J., Series A, No. 10 (1927), 4. 18 Similarly Schaller in: Wolfrum (ed.), Max Planck Encyclopedia of Public International Law, vol. IX, 2012, 435, mns 2 et seq. 19 See e. g., Doehring in: Bundesamt für Verfassungsschutz (ed.), Verfassungsschutz in der Demokratie, 1990, 307 (320); Aust, Archiv des Völkerrechts 52 (2014), 375 (381). A different question is whether spying might violate the legal principles on the allocation of State jurisdiction and the general principle of good faith, see Peters in: Miller (ed.), Privacy and Power, 2017, 145 (164 et seq.). 20 See ICJ, Armed Activities in and against Nicaragua, Merits, Judgment of 14 June 1986, ICJ Reports 1986, 14, para 205. 21 In this respect, there is consensus, see, e. g., Chesterman, Michigan Journal of International Law 27 (2006), 1071 (1081 et seq.); von Arnauld, Berichte der Deutschen Gesellschaft für Internationales Recht 47 (2016), 1 (17), Matz-Lück in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, 107 (113 et seq., 122).

Schmahl

297

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:10 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

lines, but merely a spying out of satellite and radio links.22 From this, it can be deduced that the manipulation of a central Internet node may well amount to a breach of the principle of non-intervention, but not the simple spying out of information.23 7 The legal treatment of the spy does not lead to a different assessment. It is common practice that foreign spies can be prosecuted under the national law of a State.24 Secret espionage activity is not protected by international law.25 States are rather denied the right to recourse to the international rules of immunity for the acts of spies, as long as the forum State has not consented to the activity.26 On the other hand, espionage does not trigger any State responsibility. In inter-state relations, intelligence measures do not constitute a breach of international law;27 the risk of the spy to undergo criminal liability remains personal.28 Even when the spy is a diplomat and thus equipped with diplomatic immunity according to the Vienna Convention on Diplomatic Relations (VCDR), the international responsibility of the sending State is very limited. Diplomatic agents who are engaged in espionage activities in the host country clearly act unlawfully. In response to such violations of international law, however, only the specific sanctions of this legal “self-contained” regime are available to the receiving State, which primarily includes the right to notify the sending State that the diplomatic agent is persona non grata [see Article 9 (1) VCDR].29 There is no further international responsibility of the sending State for unlawful conduct. Even the diplomat himself will not have to fear criminal sanctions, since he is entitled to diplomatic immunity.30

II. General impact of human rights on intelligence activities against non-state actors 8

On the other hand – unlike before – several types of intelligence activities are now directed against non-state actors. One prominent example is the massive spying on citizens which has become a common tool in the fight against terror in many countries. Several governments have increased surveillance of the citizenry as exemplified by secret programmes run by both the US National Security Agency (NSA) and the UK Government Communications Headquarters (GCHQ).31 Yet, not only surveillance but also 22 See ECtHR, Weber and Saravia v. Germany, Application no. 54934/00, Judgment of 29 June 2006, para 88. 23 Similarly see Aust, Archiv des Völkerrechts 52 (2014), 375 (382); Gärditz, Die Verwaltung 48 (2015), 463 (485); Longobardo, Zeitschrift für ausländisches öffentliches Recht und Völkerrecht 77 (2017), 809 (819-21). 24 In Germany, for instance, Section 99 of the Penal Code criminalises the use of intelligence by a foreign power against the interests of the Federal Republic of Germany. 25 See Frowein/Wolfrum/Schuster, Völkerrechtliche Frage der Strafbarkeit von Spionen aus der ehemaligen DDR, 1995, 18 et seq. 26 See BVerfGE 92, 277 (321); cf. also Second report on immunity of State officials from foreign criminal prosecution (Roman A. Kolodkin), UN Doc. A/CN.4/631, 10 June 2010, paras 84 et seq. 27 See Chesterman, Michigan Journal of International Law 27 (2006), 1071 (1081); see also supra, mn. 6. 28 See e. g., BVerfGE 92, 277 (328 et seq.). Also under the rules of international humanitarian law, a spy, who is part of the combatants, can be personally put under criminal responsibility, see Ipsen in: Fleck (ed.), The Handbook of International Humanitarian Law, 3rd ed. 2013, 1100 (1129). 29 See Chesterman, Michigan Journal of International Law 27 (2006), 1071 (1089). 30 See Schmahl, JuristenZeitung 2014, 220 (220). For a fuller account see Matz-Lück in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, 107 (131 et seq.). 31 See e. g., Report and Explanatory Memorandum of the Parliamentary Assembly of the Council of Europe (PACE) on mass surveillance (Rapporteur Omtzigt), CoE Doc. 13734, 18 March 2015, paras 10 et seq., as well as PACE Res. 2045 (2015), 21 April 2015, paras 10 et seq.

298

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:11 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

further intelligence activities, such as the involvement of secret services in “extraordinary renditions” of alleged terrorists, the listing of terror suspects in the context of “targeted sanctions” adopted by the UN Security Council, and the participation of intelligence agencies in the use of drones for “targeted killing” pose a large number of human rights problems. In all these cases, intelligence measures cannot be justified as easily as at the intergovernmental level. In spite of recognising individuals as partial subjects of international law, they are not equipped with the same sovereign power as State authorities.32 On the contrary, individuals are holders of human rights and are, therefore, to be protected against any unlawful State interference. As already mentioned33 each situation in which secret services are operating or 9 involved in operations against non-state actors is based on distinctive facts and consequently raises different human rights issues. However, there are two aspects that are critical to all intelligence operations against individuals and thus allow for a preliminary generalisation: these concern the extraterritorial application of human rights on the one hand,34 and the application of human rights in times of emergency and during armed conflicts on the other.35

1. Extraterritorial application of human rights treaties The most outstanding aspect closely linked to the issues of intelligence activities against 10 non-state actors is that of the extraterritorial application of human rights treaties. Or to put it differently: can human rights guarantees be applicable to actions of intelligence services which are carried out abroad? This question, of course, focuses primarily on the scope of international human rights treaties such as the ICCPR (International Covenant on Civil and Political Rights) and the ECHR (European Convention on Human Rights). However, under certain circumstances, it can also be of relevance with regard to the scope of the EU Charter of Fundamental Rights. Although Article 51 of the Charter says nothing about its applicability beyond the territories of the EU Member States, the issue of extraterritorial jurisdiction may well arise in cases where Member States’ authorities are required to implement EU secondary law (directed against non state actors residing in third countries) without having any leeway.36 Imposing and enforcing “targeted sanctions” against suspected terrorists is an example.37 a) Territorial jurisdiction and the normative non-relevance of nationality Activities by which States gain covert access to telecommunications data in their own 11 country or by which intelligence agencies adopt any other measure interfering with individuals’ rights on their domestic soil do regularly not pose any problem for the application of human rights treaties. Under Article 1 ECHR as well as under Article 2 (1) ICCPR, the Contracting States guarantee the rights laid down in the treaties to all persons within their territories and subject to their jurisdiction. Thus they attach their commitment to human rights primarily to the territorial principle recognised by customary international law.38 Consequently, in cases where a State secretly collects data stored on 32

See von Arnauld, Berichte der Deutschen Gesellschaft für Internationales Recht 47 (2016), 1 (7). See supra, mn. 2. 34 See infra, mns 10–22. 35 See infra, mns 23–25. 36 For a fuller account as regards Member States’ human rights obligations under Article 51 (1) of the Charter of Fundamental Rights see Pache in: Pechstein/Nowak/Häde (eds.), Frankfurter Kommentar EUV/GRC/AEUV, 2017, Article 51 GRC mns 19 et seq. 37 See infra, mns 47 et seq., in particular mn. 49. 38 As to the territorial principle see Island of Palmas, Award of 4 April 1928 (Max Huber), RIAA (1928), 829 (838). See also ICJ, Corfu Channel, Judgment of 25 March 1948, ICJ Rep. 1949, 4 (35). 33

Schmahl

299

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:11 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

servers located on its territory, taps glass fibre cables on its own soil, or interferes with the right to life and physical integrity of a person residing on its territory, these actions are undoubtedly qualified as an exercise of jurisdiction as defined by human rights conventions. Jurisdiction, which is primarily territorial, can always be assumed.39 12 Provided that a person comes within the territorial jurisdiction of a State, the nationality of the person who is affected by intelligence measures is largely irrelevant. By their very definition, human rights cannot turn on nationality alone.40 Under the principles of equality and non-discrimination, which are guaranteed in various human rights treaties [see e. g., Article 14 ECHR; Articles 2 (1) and 26 ICCPR], a nationalitybased distinction would be justified only if it pursues a legitimate aim, such as the protection of national security, and if the measures taken serve that aim and are strictly necessary.41 It is therefore difficult under human rights law to justify a radical different treatment of citizens and non-citizens without a legitimate and proportionate reason. Thus, for instance, in the Belmarsh case, the House of Lords struck down the UK Government’s post-9/11 order derogating from Article 5 ECHR, which allowed for the preventive security detention of foreign nationals, on the grounds that distinguishing between nationals and foreigners in the counter-terrorism context was disproportionate, discriminatory, and irrational.42 The Grand Chamber of the ECtHR widely agreed with the views of the House of Lords and found that the derogating measures of the UK Government were disproportionate in that they discriminated unjustifiably between nationals and non-nationals.43 b) Extraterritorial scope of human rights treaties 13 If citizenship is, by and large, normatively irrelevant to the threshold question of whether a human rights treaty applies to a particular sovereign act, then the truly critical question focuses on the territorial scope of human rights treaties on the basis of the location of the individual and the interference with his rights, regardless of that person’s nationality.44 This question is particularly crucial for intelligence actions in the fight against terrorism, since alleged terrorists often have their bases in the territory of another State. Intelligence agencies therefore frequently intercept communication and collect data from foreign suspects on foreign territory soil or interfere with other legitimate interests of foreigners residing abroad. 14

aa) Extraterritorial application of the ICCPR. In this respect, Israel and the United States take the long-standing positions that the ICCPR does not apply extraterritorially.45 They refer to the wording of Article 2 (1) ICCPR, according to which each State party is obliged to respect and to ensure the rights recognised by this Covenant 39

See Weiler, German Yearbook of International Law 58 (2014), 651 (654). As to the enjoyment of Covenant rights to all persons, regardless of nationality or statelessness, see HRC, General Comment No. 31 (fn. 1), para 10; cf. also Inter-American Commission of Human Rights, Precautionary Measures in Guantánamo Bay (Cuba), PM 259-02, 13 March 2002. 41 See Milanović, Harvard International Law Journal 56 (2015), 81 (99); Duffy, The ‘War on Terror’, 2015, 474. 42 A. v. Secretary of State for the Home Department, (2004) UKHL 56, (2005) 2 A.C. 68 (H. L.) 43. 43 See ECtHR, A. and Others v. the United Kingdom, Application no. 3455/05, Judgment of 19 February 2009, paras 188–90. 44 Milanović, Harvard International Law Journal 56 (2015), 81 (101). 45 See HRC, Concluding Observations on the Third Report of Israel, 29 July 2010, UN Doc. CCPR/C/ ISR/CO/3, para 5; Concluding Observations on the (First) Report of the United States of America, 3 October 1995, UN Doc. CCPR/C/79/Add. 50, para 19; Concluding Observations on the Fourth Report of the United States of America, 28 March 2014, UN Doc. CCPR/C/USA/CO/4, para 4. Cf. also US Department of State, Office of the Legal Advisor (Harald Koh), Memorandum Opinion on the Geographic Scope of the ICCPR, 19 October 2010, at 12-3. 40

300

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:12 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

to all persons within its territory and subject to its jurisdiction. The essence of their argument is that Article 2 (1) ICCPR limits its application to individuals “within its territory and subject to its jurisdiction”, and that the word “and” is to be understood as conjunctive, not disjunctive.46 That is why the United States, together with its partners from the “Five Eyes-States”,47 has also urged a weakening of the resolution later adopted by the UN General Assembly in 2013 on the right to privacy in the digital age.48 The final wording of the resolution no longer includes any explicit references to extraterritorial violations of the right to privacy, but focuses instead on the detrimental impacts that extraterritorial surveillance may have upon the exercise of human rights.49 Both the ICJ50 and the UN Human Rights Committee,51 though, explicitly reject this 15 restrictive interpretation. By contrast, they have adopted the view that anybody directly affected by a State party’s action will be regarded, for the purpose of the ICCPR, as subject to that State party’s jurisdiction, regardless of the circumstances in which the power or the sufficient factual control was obtained. They advocate thus a disjunctive understanding of the conditions laid down in Article 2 (1) ICCPR. When considering the first report submitted by the United States, the Committee even underlined that “the view expressed by the Government that the Covenant lacks extraterritorial reach under all circumstances … is contrary to the consistent interpretation of the Committee on this subject, that, in special circumstances, persons may fall under the subject matter jurisdiction of a State party even when outside that State territory”.52 The Committee’s view which offers a strong and direct correlation between “causes” and “effects” of the actions taken concurs with the principles of universality and indivisibility of human rights.53 From the human rights perspective, an individual is entitled to protection simply because he is human, irrespective of where he is located. What is decisive for the applicability of the ICCPR is not the place of the violation but the relationship between the individual and the violating State.54 Human rights treaties never intended to grant States unchecked authority to do as they pleased with individuals living outside of the country. Jurisdiction clauses were rather meant to prevent the responsibility of States when they are actually unable to uphold rights abroad.55 However, when they are in the factual position to ensure the enjoyments of rights on foreign soil, Article 2 (1) ICCPR was not drafted to allow States to escape from their responsibilities simply on the basis of the geographical 46

Cf., with more detail, Dennis, American Journal of International Law 99 (2005), 119 (123-4). The term ‘Five Eye-States’ refers to data gathering network of English-speaking countries comprised of the United States, the United Kingdom, Canada, Australia, and New Zealand. 48 See, with more detail, Chander/Land, International Legal Materials 53 (2014), 727 (727–8); Talmon, JuristenZeitung 2014, 783 (785). 49 See GA Res. 68/167, 18 December 2013, para 10 of the Preamble. 50 ICJ, Legal Consequences of the Construction of a Wall in the Occupied Palestinian Territory, Advisory Opinion of 9 July 2004, ICJ Rep. 2004, 136, paras 106–11; Armed Activities on the Territory of the Congo (Democratic Republic of Congo v. Uganda), Judgment of 19 December 2005, ICJ Rep. 2005, 168, para 216. 51 See HRC, General Comment No. 31 (fn. 1), para 10. See also HRC, López Burgos v. Uruguay, Views of 29 July 1981, Communication No. 52/1979, UN Doc. CCPR/C/13/D/52/1979, para 12.3. 52 See HRC, Concluding Observations on the (First) Report of the United States of America (fn. 45), para 19. 53 See ICJ, Construction of a Wall (fn. 50), para 109; Meron, American Journal of International Law 89 (1995), 78–82. 54 Lawson in: Coomans/Kamminga (eds.), Extraterritorial Application of Human Rights Treaties, 2004, 83 (86); Joseph/Fletcher in: Moeckli/Shah/Sivakumuran (eds.), International Human Rights, 2013, 133 et seq. 55 See the individual opinion of Christian Tomuschat in: HRC, López Burgos v. Uruguay (fn. 51). 47

Schmahl

301

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:13 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

location of the affected individual.56 The legal doctrine, too, argues for the assumption that the Covenants’ human rights obligations are applicable in cases where State actions are exercised extraterritorially.57 16 The described assessment is all the more convincing when it comes to the right to life and the prohibition of torture. Both guarantees are recognised as customary international law, and even as peremptory norms of international law.58 Therefore, a State has a duty to respect human life and dignity, and this includes all actions of State agents, wherever they operate, irrespective of citizenship and national boundaries.59 Even in times of public emergency,60 the prohibition of torture and the right to life remain non-derogable, except in respect of deaths resulting from lawful acts of war.61 A similar reasoning is to be found in the matter of Mohammad Munaf v. Romania (2009). An Iraqi-American national claimed that Romania had violated his rights under the ICCPR because its Embassy in Iraq had handed him over to the US Army, which then submitted him to degrading and inhumane interrogation methods. In order to determine whether the ICCPR, including the prohibition of torture enshrined therein, was applicable, the Human Rights Committee recalled its views that a State party may be responsible for extraterritorial violations of the Covenant, if it is a “crucial link in the causal chain” that would make possible violations in another jurisdiction.62 17

bb) Extraterritorial application of the ECHR. This line largely conforms to the case-law of the ECtHR. In the beginning, the Court took a narrow view of the concept of “jurisdiction”. In the famous Banković case of 2001, it held that a State party to the European Convention generally exercises its jurisdiction primarily in its own territory.63 The term “jurisdiction” under Article 1 ECHR was regarded as a strict threshold criterion, and jurisdiction was presumed to be exercised normally throughout the State’s territory.64 Conversely, acts of the Contracting States performed, or producing effects, outside their territories could, in the view of the Court, constitute an exercise of jurisdiction within the meaning of Article 1 ECHR only in exceptional cases.65 Exceptions could merely arise in those cases where the State exercises all or some of the public powers of government in the territory of another State with that State’s consent, invitation or acquiescence, or where it is occupying territory in which it 56 Rightly so Tomuschat (fn. 55). See also Lubell, Extraterritorial Use of Force Against Non-State Actors, 2010, 205; Peters in: Miller (ed.), Privacy and Power, 2017, 145 (153 et seq.). 57 See e. g., Buergenthal in: Henking (ed.), The International Bill of Rights, 1981, 72 (74–5); Meron, American Journal of International Law 89 (1995), 78 (81); Tomuschat, Human Rights: Between Idealism and Realism, 3rd ed. 2014, 100 et seq.; Weiler, German Yearbook of International Law 58 (2014), 651 (658); Marauhn, Veröffentlichungen der Vereinigung der Deutschen Staatsrechtslehrer 74 (2015), 373 (380). 58 See Dinstein in: Henkin (ed.), The International Bill of Rights, 1981, 114 (114–5); Gormley in: Ramcharan (ed.), The Right to Life in International Law, 1985, 120 (146 et seq.). 59 See Jankowska-Gilberg, Extraterritorialität der Menschenrechte, 2008, 136 et seq.; Melzer, Targeted Killing in International Law, 2008, 137–9. 60 See infra, mns 23–25. 61 Cf. Schmahl in: Fleck (ed.), Rechtsfragen der Terrorismusbekämpfung durch Streitkräfte, 2004, 125 (131-2); Krieger in: Dörr/Grote/Marauhn (eds.), EMRK-GG Konkordanzkommentar, 2nd ed. 2013, ch. 8, mns 36–8. 62 See HRC, Munaf v. Romania, Views of 13 July 2009, UN Doc. CCPR/C/96/D/1539/2006, para 3.1. 63 See ECtHR, Banković and Others. v. Belgium and 16 Other Contracting States, Application no. 52207/ 99, Decision of 12 December 2001, paras 59, 61. 64 See e. g., ECtHR, Banković (fn. 63), para 61. Further see ECtHR, Ilaşcu and Others. v. Moldova and Russia, Application no. 48797/99, Judgment of 8 July 2004, para 312, Assanidze v. Georgia, Application no. 71503/01, Judgment of 8 April 2004, paras 138–9. 65 ECtHR, Banković (fn. 63), para 67.

302

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:13 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

exercises effective and physical control.66 Applying this approach, the Court held in Banković that when NATO forces bombed targets in Kosovo and Serbia from the air, the persons in the bombed areas were not subject to the jurisdiction of the NATO States involved.67 This decision, hence, fuelled doubts whether European human rights norms apply to actions of States against terrorists acting outside their borders.68 However, in more recent decisions, particularly in the Al-Skeini judgment of 2011, 18 dealing with the application of the ECHR to UK forces in occupied Iraq, the ECtHR has elaborated three exceptional circumstances capable of giving rise to the exercise of jurisdiction outside the territorial boundaries of a State.69 These constellations include, first, the use of force by State’s agents operating outside its territory, by which individuals are brought under the control of the State’s authorities (so-called “personal model”).70 This is the case, for instance, when an individual is taken into the custody of State’s agents abroad.71 What is decisive in such cases of extraterritorial jurisdiction is the exercise of physical power and control over the person in question.72 The second exception to the principle that jurisdiction under Article 1 ECHR is limited to a State’s own territory occurs when, as a consequence of lawful or unlawful military action, a Contracting State exercises general effective control of an area outside that national territory (so-called “spatial model”).73 The obligation to secure, in such an area, the rights and freedoms set out in the Convention, derives from the fact of such control, whether it be exercised directly, through the Contracting State’s own armed forces, or indirectly through a subordinate local administration.74 Where the fact of such domination over the territory is established, it is not necessary to determine whether the State exercises detailed control over the policies and actions taken. In ascertaining whether effective geographical control exists, the Court primarily refers to the overall strength of the State’s military presence in the area.75 Third, the Court emphasised in Al-Skeini that a State party should also be held accountable under the Convention for breaches of human rights within an occupied territory or in cases where sovereign acts have extraterritorial effects,76 because to hold otherwise would be to deprive the 66 Cf. e. g., ECtHR, Loizidou v. Turkey, Application no. 15318/89, Judgment of 18 December 1996, paras 52–7; Cyprus v. Turkey, Application no. 25781/94, Judgment of 10 May 2001, paras 69–80; Banković (fn. 63), paras 60, 70–71. Further see ECtHR, Öcalan v. Turkey, Application no. 46221/99, Judgment of 12 May 2005, para. 91; Isayeva v. Russia, Application no. 57950/00, Judgment of 24 February 2005, para 180; Behrami and Behrami v. France and Saramati v. France, Germany and Norway, Applications no. 71412/01 and 78166/01, Decision of 2 May 2007, para 69. 67 ECtHR, Banković (fn. 63), paras 74–82. 68 See e. g., Neuman, European Journal of International Law 14 (2003), 283 (291–2); Orakhelashvili, European Journal of International Law 14 (2003), 529 et seq. 69 ECtHR, Al-Skeini v. the United Kingdom, Application no. 55721/07, Judgment of 7 July 2011, paras 132–42. 70 ECtHR, Al-Skeini (fn. 69), para. 136. The following models are partly drawn from Milanović, Harvard International Law Journal 56 (2015), 81 (112 et seq.), who differentiates between the “spatial model” and the “personal model”. 71 See e. g., ECtHR, Öcalan (fn. 66), para 91; Al-Saadoon and Mufdhi v. the United Kingdom, Application no. 61498/08, Decision of 30 June 2009, paras 86–89; Hassan v. the United Kingdom, Application no. 29750/09, Judgment of 16 September 2014, paras 76 et seq.; Jaloud v. the Netherlands, Application no. 47708/08, Judgment of 20 November 2014, para 152. 72 See e. g., ECtHR, Medvedyev and Others v. France, Application no. 3394/03, Judgment of 29 March 2010, para 67; Öcalan (fn. 66), para 91. 73 ECtHR, Al-Skeini (fn. 69), para 138. 74 See e. g., ECtHR, Loizidou (fn. 66), para. 62; Cyprus v. Turkey (fn. 66), para 76; Banković (fn. 63), para 70; Ilaşcu (fn. 64), paras 314–6. 75 See ECtHR, Al-Skeini (fn. 69), para. 139, with reference to ECtHR, Loizidou (fn. 66), paras 16, 56, and Ilaşcu (fn. 64), para 387. 76 See Al-Skeini (fn. 69), para 141, and the case-law cited in fn. 71.

Schmahl

303

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:14 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

population of that territory of the rights and freedoms hitherto enjoyed and would result in a “vacuum” of protection within the “legal space of the Convention” (socalled “espace juridique model”).77 cc) Human rights and extraterritorial activities of intelligence services. If the Court’s approach is transferred to intelligence activities taken abroad or having effect outside the territory, all three exceptions laid down in Al-Skeini can be valuable. Particularly in cases where intelligence agencies are directly involved in “extraordinary renditions”, meaning illegal abductions of terror suspects in order to transfer them to a third country where there is a substantial likelihood to be tortured, they clearly exercise direct and compulsory physical power over the individual concerned and thus fulfil the requirements of the “personal model”. Where a State acts towards an individual on its own territory in a manner that leads to a violation of that individual’s rights, the State is responsible, even if the violations ultimately arise outside its territory.78 Also the rule of non-refoulement prohibits transfer of persons to another State where there is a substantial risk of their fundamental rights being violated.79 In the case of Issa and Others (2004) which concerned applications made by six women living in northern Iraq, near the Turkish border, against Turkey following the (alleged) forced disappearance of their sons and husbands at the hands of the Turkish army, the ECtHR held that the applicant’s relatives came within the jurisdiction of Turkey. The Court made clear that accountability for physical abuse in such situations stems from the fact that Article 1 ECHR cannot be interpreted so as to allow a State party to perpetrate violations of the Convention on the territory of another State, which it could not perpetrate on its own territory.80 Even in cases where a territorial State merely consents to a human rights violation executed fully by the authorities of a third State, this consent cannot legitimate violations of human rights on the State’s territory. In the el-Masri judgment of 2012, the Court clearly underlined that the State party must be regarded as responsible under the Convention for acts performed by foreign officials on its territory with the acquiescence or connivance of its authorities.81 20 The use of unmanned drones for “targeted killing”, by contrast, does not easily fit with the qualifications of the “personal” or the “spatial model”; yet, these lethal strikes rather do involve the type of geographically limited aerial bombardments as in Banković.82 However, the ECtHR in Issa and Others already moved the threshold closer towards extraterritorial accountability in holding that physical force against a handful of individuals abroad constitutes effective control.83 In Andreou v. Turkey (2009) the Court further stressed that simply shooting a bullet into neutral territory injuring – not even killing – a single person can trigger the application of human rights norms, including the right to life.84 On the other hand, bombings, and thus unmanned drone strikes, do not involve the 19

77 See ECtHR, Al-Skeini (fn. 69), para 142. See also ECtHR Cyprus v. Turkey (fn. 66), para 78, Banković (fn. 63), para 80. 78 Rightly so Duffy, The ‘War on Terror’, 2015, 472–3. 79 Similarly, ECtHR, Chahal v. Turkey, Application no. 22414/93, Judgment of 15 November 1996, paras 79 et seq.; Hirsi Jamaa and Others v. Italy, Application no. 27765/09, Judgment of 23 February 2012, paras 122 et seq. 80 ECtHR, Issa and Others. v. Turkey, Application no. 31821/96, Judgment of 16 November 2004, para 71. 81 ECtHR, el-Masri v. Former Yugoslav Republic of Macedonia, Application No. 39630/09, Judgment of 13 December 2012, para 206. See also infra, mn. 42. 82 See supra, mn. 17. 83 ECtHR, Issa (fn. 80), paras 65 et seq. 84 Physical ill-treatment by State agents which does not result in death may also disclose a violation of the right to life, see ECtHR, Andreou v. Turkey, Application No. 45653/99, Judgment of 27 October 2009, paras 41 et seq.

304

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:14 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

kind of personal, hand-to-hand violence as was the case in Issa and Andreou. In the event of “targeted killings” by unpiloted drones, the extraterritorial application of human rights treaties is, at least at a first glance, more complicated, since one cannot point to an individual pilot who launched the missile. With a robot weapon that is itself performing the calculations to determine precisely when and where to target the missile attack, the lines of accountability between the manufacturer (for faulty equipment), the intelligence and the military commander become imprecise and non-transparent.85 Yet, in accordance with the view expressed by the Human Rights Committee in Mohammad Munaf, it is still the State authorities which are responsible for the use of the automatic weapon. Or in other words: the attacking State is the decisive “link in the causal chain” that leads to the death of the targeted individual. If the State is acting extraterritorially in a way it could not replicate legally on its own territory other than in the exceptional case where lethal force is necessary to defend the life of innocent third parties, the extraterritorial accountability of that State may be established.86 This ground for the extraterritorial application of human rights is even more solid regarding the right to life, since it forms part, as already mentioned,87 of the peremptory norms of international law.88 Yet, the most contentious and difficult issue in relation to “targeted killings” is generally not whether human rights law is applicable or excluded, but rather whether international humanitarian law applies, and whether its requirements are met.89 With regard to extraterritorial surveillance programmes, it is to note that the appeal 21 of modern communication technology lies in the very fact that it does not need direct access to individuals or to particular territories. Due to technical developments, the concept of physical or territorial control on which jurisdiction under Article 1 ECHR has been based is becoming somewhat outdated.90 Nevertheless, the exceptional criteria determined by the ECtHR in Al-Skeini might well be adapted to the current factual needs. As demonstrated above,91 the ECtHR recognises the human rights obligation of the Contracting States even if some effects of a sovereign measure occur beyond the States’ borders. This applies, for instance, when an interception of telecommunication affects communication partners who are not all residing in the same State but are divided between different jurisdictions of the sending and the receiving State.92 Communication data typically encompasses more than one person and often more than one jurisdiction. Moreover, new technologies on data portability frequently lead to a disconnection between the location of the individual and the location of the interference with the individual’s privacy.93 The choice of the virtual method should therefore not result in an advantage regarding the applicability of human rights treaties for the State that conducts extraterritorial mass surveillance. On the contrary, the focus should shift on the effects of surveillance.94 If virtual surveillance produces the same infringements that physical surveillance does, both approaches have not to be dealt 85

Cf. Hance, OC13066. Correctly so Farer/Bernard, Human Rights Quarterly 38 (2016), 108 (123). 87 See supra, mn. 16. 88 See Alston, The CIA and Targeted Killings Beyond Borders, 2011, 23, with further references. 89 Rightly so Duffy, The “War on Terror”, 2015, 562–3. For more details, see infra mns 61-73. 90 Weiler, German Yearbook of International Law 58 (2014), 651 (659); von Arnauld, Völkerrecht, 2016, mn. 640. 91 See supra, mn. 18. 92 Similarly ECtHR, Liberty and Others v. the United Kingdom, Application no. 58243/00, Judgment of 1 July 2008, paras 64–70. 93 See Milanović, Harvard International Law Journal 56 (2015), 81 (124); Kühling/Martini, Europäische Zeitschrift für Wirtschaftsrecht 2016, 448 (450). 94 Margulies, Fordham Law Review 82 (2014), 2137 (2152); similarly Vöneky in: Miller (ed.), Privacy and Power, 2017, 492 (502). 86

Schmahl

305

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:15 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

with differently.95 Thus the more general the control of a State becomes over the Internet traffic in a foreign State, the sooner this activity has to be understood as an exercise of effective control according to the “spatial model”.96 Likewise, the more a particular individual abroad is affected by surveillance measures of a foreign State, the more likely the extraterritorial exercise of sovereignty will be regarded as an effective personal control.97 Thereby, the lack of a direct physical affection on the person whose data are intercepted is irrelevant.98 It suffices that an effective control of the data is ascertainable; no physical power over the data holder is required.99 This distinguishes the human rights concept of extraterritorial protection categorically from the prohibition of intervention which governs the rules of inter-state espionage.100 In addition, unlike those human rights, which aim at protecting the physical integrity of a person, the right to privacy aims at safeguarding personal identity, autonomy and selfdetermination.101 The assertion, in Germany known as the “theory of the open sky”, that foreigners abroad should not fall under the ambit of fundamental rights is, at least in its generality, incompatible with the object and purpose of international human rights protection.102 Human rights treaties aim at limiting State power in the interest of the individual human being, irrespective of the person’s nationality and residence. Human rights treaties are no social compacts, nor can their applicability depend on morally arbitrary criteria such as the mere accident on birth.103 They are rather grounded in the idea that all human beings possess inherent dignity deserving protection. Moreover, since it is only the State authority itself, which is obliged to respect human rights when taking action outside its territory, any allegation of “human rights imperialism” is erroneous.104 There is simply no interference with any other sovereign power. 22 A similar reasoning finally applies with regard to the “targeted sanctions policy” of the UN Security Council. The power to make listing or delisting proposals of terror suspects 95

Correctly so Weiler, German Yearbook of International Law 58 (2014), 651 (660). Aust, Archiv des Völkerrechts 52 (2014), 375 (396 et seq.); see also Johann in: Karpenstein/Mayer (eds.), EMRK, 2015, Article 1 mn. 32. Different assessment by Gärditz, Europäische Grundrechte Zeitschrift 2018, 6 (16). 97 See Peters, EJIL Talk 2013, Part 2; Aust, Archiv des Völkerrechts 52 (2014), 375 (387); Margulies, Fordham Law Review 82 (2014), 2137 (2150); Weiler, German Yearbook of International Law 58 (2014), 651 (661–2). 98 See Fastenrath in: Pabel/Schmahl (eds.), Internationaler Kommentar zur EMRK, Article 1 mn. 106; Johann in: Karpenstein/Mayer (eds.), EMRK, 2015, Article 1 mns 31–2. See also Hoffmann-Riem, JuristenZeitung 2014, 52 (56). Different assessment by Gärditz, Die Verwaltung 48 (2015), 463 (476 et seq.). 99 See Ewer/Thienel, Neue Juristische Wochenschrift 2014, 30 (32); Aust, Archiv des Völkerrechts 52 (2014), 375 (392). Different view by Talmon, JuristenZeitung 2014, 783 (784). 100 See supra, mn. 6; further see Schmahl in: Dietrich et al. (eds.), Nachrichtendienste im demokratischen Rechtsstaat, 2018, 21 (25, 35). 101 Fischer-Lescano, JuristenZeitung 2014, 965 (970). Even metadata do provide detailed information about the intimate life of an individual, see Donohue, The Future of Foreign Intelligence, 2016, 39 et seq. 102 Similarly, with regard to Article 10 of the Basic Law: Huber, Neue Juristische Wochenschrift 2013, 2572 (2575–6); Wegener, Veröffentlichungen der Vereinigung der Deutschen Staatsrechtslehrer 75 (2016), 293 (320–1); Papier, Neue Zeitschrift für Verwaltungsrecht-Extra 2016, 1 (6); Brissa, Die Öffentliche Verwaltung 2017, 765 (771). Marxen, Die Öffentliche Verwaltung 2018, 218 (225–227); Dissenting: Proelß/Daum, Archiv des öffentlichen Rechts 41 (2016), 373 (381 et seq.); Gärditz, Deutsches Verwaltungsblatt 2017, 525 (526, 529). 103 Rightly so Milanović, Harvard International Law Journal 56 (2015), 81 (97–8). 104 See Gärditz, Die Verwaltung 48 (2015), 463 (472); von Arnauld, Berichte der Deutschen Gesellschaft für Internationales Recht 47 (2016), 1 (12 et seq.); Milanović, Extraterritorial Application of Human Rights Treaties, 2011, 118 et seq. Differently Besson, Leiden Journal of International Law 25 (2012), 857 (864 et seq.). 96

306

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:15 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

rests with the UN member States and their intelligence services,105 and is not limited to the members of the Security Council. By making such proposals, a State does regularly not infringe the sphere of exclusive jurisdiction of another State, but rather exercises “joint universal jurisdiction”.106 The same holds true with regard to the implementation and execution of “targeted sanctions” which usually take place within – and not outside – the territorial jurisdiction of the implementing State. This reasoning also applies if the implementing State exclusively acts on the basis of EU secondary law (i. e. an EU regulation) which, in turn, transposes a previous Security Council resolution.107

2. Human rights in times of emergency and during armed conflicts Besides the extraterritorial applicability of human rights treaties, the question has to 23 be answered whether, and if so, to what extent human rights apply in times of emergency and during armed conflicts. This aspect becomes a particularly crucial factor when intelligence measures against non-state actors are taken in conflict situations. In recent years, the former theory that the human rights regime only applies to the 24 internal domestic situation of a State has been abandoned. Instead, according to today’s prevailing doctrine, even during the conduct of hostilities the international human rights regime remains applicable, although in part it is superseded by the international humanitarian law as lex specialis.108 Or, to put it in other words: humanitarian law is a law which applies in the case of armed conflict. But when there is a gap in that law or when the meaning of a rule is unclear, it can be supplemented or guided by human rights law. The continued applicability of the human rights conventions even in times of war has been convincingly and repeatedly stressed by the ICJ.109 Also the Israeli High Court of Justice110 as well as the ECtHR111 accept both the supplementary character of human rights law during armed conflicts. However, while human rights law is, in principle, omnipresent, it is also responsive to 25 exceptional situations, including terrorist threats and the existence of armed conflict.112 First, the interplay between human rights law and international humanitarian law means, as outlined,113 that the latter is often specifically designed to address times of armed conflict. Second, certain specified human rights may be restricted when necessary, e. g., to protect national security; and third, in times of public emergency, certain rights may be suspended or derogated from. Most human rights treaties contain derogation clauses for times of emergency (see e. g., Article 4 ICCPR, Article 15 ECHR). Pursuant to these clauses, when a State faces a public emergency or a war, it 105

See infra, mn. 47. See Buszewski/Gött, German Yearbook of International Law 57 (2014), 507 (525). 107 See infra, mn. 49. 108 From the vast literature regarding this subject cf. only Meron, American Journal of International Law 94 (2000), 238 (267); Gasser, German Yearbook of International Law 45 (2002), 149–62; Heintze, International Review of the Red Cross 86 (2004), 789 (796 et seq.); Gowlland-Debbas in: Tomuschat/ Lagrange/Oeter (eds.), The Right to Life, 2010, 123 et seq. 109 See ICJ, Legality of the Threat or Use of Nuclear Weapons, Advisory Opinion of 8 July 1996, ICJ Rep. 1996, 226 (240), para 25; Construction of a Wall (fn. 50), paras 106, 110 et seq.; Armed Activities on the Territory of the Congo (fn. 50), para 216. 110 Israeli High Court of Justice, Public Committee against Torture in Israel and Palestinian Society for the Protection of Human Rights and the Environment v. Government of Israel et al., HCJ 769/02, Judgment of 13 December 2006, para. 18. 111 See e. g., ECtHR, Isayeva (fn. 66), paras 179–201; Hassan (fn. 71), paras 101 et seq. Further see Heintze, German Yearbook of International Law 45 (2002), 60–77. 112 See ECtHR, Al-Jedda v. the United Kingdom, Application no. 27021/087, Judgment of 7 July 2011, para 100. 113 See supra, mn. 24. 106

Schmahl

307

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:16 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

is allowed to suspend rights to the extent strictly necessary under the circumstances.114 In the context of Northern Ireland in the 1990s, for example, the United Kingdom derogated from the ICCPR and the ECHR regarding the length of the period between the arrest of terrorist suspects and the judicial control of their detention.115 Only a few rights, such as the right to life, freedom from torture and slavery, and the right to due process, remain unqualified and non-derogable.116 Foremost among the non-derogable human rights is the right not to be arbitrarily deprived of life. The word “arbitrarily” is the nexus that allows the right to life to be adapted to the exigencies of war. Although human rights protection does not cease in times of armed conflict, humanitarian law clarifies the content of the right to life as a lex specialis defining what constitutes an arbitrary deprivation of life in a situation of armed conflict.117 In these conditions, a lethal attack by an unmanned drone, for instance, can be qualified as non-arbitrary under human rights law only if it takes place in a manner consistent with international humanitarian law.118

C. Differences in the legal assessment of intelligence and human rights: a thematic case-by-case analysis 26

Apart from the systematic similarities on the applicability of human rights norms described above,119 the subject of intelligence and human rights reveals a number of additional legal questions, which are to be assessed differently, depending on the actual and legal circumstances of each single case.

I. Intelligence and legal restrictions on surveillance against non-state actors 27

The interception of telecommunication by intelligence services might, under international law, come into conflict with the right to protection of personal data and the right to privacy.

1. International data protection 28

Yet, until now, no multilateral treaty on data protection has been developed. Aspects of data protection and of the integrity of information technology systems are addressed in Article 37 (1) of the Constitution of the International Telecommunication Union. However, the standards laid down in Article 37 (1) only establish obligations at 114 See e. g., HRC, General Comment No. 29 on states of emergency, 24 July 2001, UN Doc. CCPR/C/ 21/Rev.1/Add.11, para 4. Further see ECtHR, Brannigan and McBride v. the United Kingdom, Application nos. 14553/89 and 1454/89, Judgment of 26 May 1993, paras 62–5; A. and Others v. the United Kingdom (fn. 43), paras 184–5. 115 ECtHR, Brannigan and McBride (fn. 114), paras 49–50. 116 The Human Rights Committee, however, considers some more rights as non-derogable, see HRC, General Comment No. 29 (fn. 114), paras 11–6. 117 See, with more detail, Duffy in: van den Herik/Schrijver (eds.), Counterterrorism Strategies in a Fragmented International Legal Order, 2013, ch. 15; Hampson, International Review of the Red Cross 90 (2008), 549 et seq. 118 Report of the Special Rapporteur on Extrajudicial, Summary or Arbitrary Executions (Philip Alston), UN Doc. A/HRC/14/24/Add.6, 28 May 2010, para 29. Further see infra, mns. 61–73. 119 See supra, mns. 10–25.

308

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:17 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

intergovernmental level; an individual right to a telecommunication secret is not provided for.120 A common concept of data protection has not yet gained acceptance. The views on what is to be understood as data protection and on the importance of data protection still vary significantly from State to State.121 Thus, at the universal level, there are only some non-binding standards, such as the guidelines adopted by the UN General Assembly in 1990 for the processing of computerised personal data files.122 In 2006, the International Law Commission also decided to include the issue of crossborder data movements in its long-term work programme;123 however, a consensus on the underlying criteria has not been achieved. At the regional level, data protection is provided with greater detail and effectiveness. 29 Within the framework of the Council of Europe, as early as 1981, a first convention on data protection has been concluded.124 As the agreement does not include an exemption for intelligence activities, its protection standards can, in principle, be applied to secret services. However, the convention is addressed only to the Contracting Parties and does not establish individual rights.125 In addition, it still breathes the spirit of its time of development in the late 1970s and is not tailored to the challenges of global “big data”.126 At present, a modernisation of the convention has recently been agreed, but has not yet entered into force.127 The European Union, on the other hand, has adopted a series of secondary acts on 30 data protection which bind both the Union and Member States, while guaranteeing cross-border individual rights.128 Lastly, the General Data Protection Regulation entered into force in May 2016; Member States had two years to complete the set framework.129 Moreover, Article 16 TFEU postulates its own guarantee on the protection of personal data, which corresponds in its wording to the individual right to data protection laid down in Article 8 (1) EU Charter of Fundamental Rights130 which, in addition, has close ties to the right to respect for private life enshrined in Article 7 EU Charter of 120 Cf. Stein/Marauhn, Zeitschrift für ausländisches öffentliches Recht und Völkerrecht 60 (2001), 1 (15–6). 121 See Giegerich, Zeitschrift für Europarechtliche Studien 2016, 301 (307). 122 Guidelines for the Regulation of Computerized Personal Data Files, UN Doc. A/RES/45/95, 14 December 1990; see also Schiedermair, Der Schutz des Privaten als internationales Grundrecht, 2012, 118 et seq. 123 International Law Commission, Report of the 58th Session, Supplement No. 10, UN Doc. A/61/10, Annex D, IV. 124 Council of Europe Convention for the protection of individuals with regard to automatic processing of personal data, 28 January 1981, ETS No. 108. 125 For more detail see Aust, Archiv des Völkerrechts 52 (2014), 375 (387 et seq.). 126 See Breuer in: Heselhaus/Nowak (eds.), Handbuch der Europäischen Grundrechte, 2019 (forthcoming), § 25 mn. 5. 127 Cf. Protocol amending the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, 10 October 2018, ECTS No. 223. As to the content of the Protocol see Polakiewicz in: Casadevall et al. (eds.), Mélanges en l’honneur de Dean Spielmann, 2015, 504 (507); idem, EU und Europarat: Ungleichlauf der Menschenrechte, Frankfurter Allgemeine Zeitung: Einspruch, 12 May 2018. 128 This includes, e. g., the General Data Protection Regulation (EU) 2016/679 (OJ 2016, L 119/1), which supersedes the Data Protection Directive 95/46/EC (OJ 1995, L 281/31); the Directive 2002/58/EC on privacy and electronic communications (OJ 2003, L 201/37), the Directive 97/66/EC on the protection of privacy in the telecommunications sector (OJ 1998, L 24/1), and the “Cookie” Directive 2009/136/EC (OJ 2009, L 337/11). 129 See General Data Protection Regulation (EU) 2016/679 (fn. 128). An overview of the provisions of this regulation can be found, e. g., by Kühling/Martini, Europäische Zeitschrift für Wirtschaftsrecht 2016, 448 et seq. 130 This duplication is considered to be mistaken in terms of regulation, see Breuer in: Heselhaus/ Nowak (eds.), Handbuch der Europäischen Grundrechte, 2019 (forthcoming), § 25 mn. 13. As to the relationship between the two standards, cf. Holznagel/Dietze in: Schulze/Zuleeg/Kadelbach (eds.), Europarecht, 3rd ed. 2015, § 37 mn. 44.

Schmahl

309

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:17 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

Fundamental Rights.131 The right to data protection encompasses all personal data, irrespective of how they are collected or processed and whether they are attributed to privacy or to the public sphere.132 Contrary to the Council of Europe Convention, however, all applicable EU secondary acts, which are fundamental to the right of data protection, are subject to exemptions for public security concerns.133 These exceptions are to be understood as concretising the provisions of Article 4 (2), third sentence TEU, which states that national security remains the sole responsibility of the member States. However, this limitation does not necessarily imply that a Member State’s argument of “national security” could not be re-examined as to its conformity with the EU law.134 For example, the CJEU ruled in the ZZ v. Secretary of the State for the Home Department (2013) that a national decision on public security does not per se lead to the inapplicability of EU law.135 On the contrary, a weighing of the values and interests at stake in each single case is necessary, which is why the legitimacy of measures for national security must be put into a proportionality check.136

2. International human rights regime 31

a) Dynamic interpretation of the right to privacy This case-by-case balancing of interests under the concept of “necessity”, which the CJEU calls for in cases of intelligence measures conflicting with the principle of data protection,137 is also vital for the relevant human rights treaties. Both the ICCPR as well as the ECHR guarantee the right to private life, which includes the integrity of personal data, although in principle only in the private sphere.138 The right to private life which is guaranteed in Article 17 ICCPR and Article 8 ECHR clearly extends to cyberspace. The UN Human Rights Council,139 the UN Special Rapporteurs on freedom of expression and the right to privacy,140 the UN General Assembly,141 the UN High Commissioner for Human Rights,142 the UN Human Rights Committee,143 the Parliamentary Assembly as 131 See CJEU, Schecke, Joined Cases C-92/09 and C-93/09, Judgment of 9 November 2010, paras 52, 64. See also, with criticism, Kranenborg in: Peers/Hervey/Kenner/Ward (eds.), The EU Charter of Fundamental Rights, 2014, mn. 08.159. 132 See Bernsdorff in: Meyer (ed.), Charta der Grundrechte der Europäischen Union, 2014, Article 8 mns 15 et seq. See also CJEU, Schecke (fn. 131), paras 56 et seq. 133 See e. g., CJEU, Google Spain, Case C-131/12, Judgment of 13 May 2015, paras 68 et seq.; Schrems, Case C-362/14, Judgment of 6 October 2015, para 72. 134 See Giegerich, Zeitschrift für Europarechtliche Studien 2016, 310 (321). On the concept of national security in the context of EU law see also: Sule, National Security and EU law restraints on Intelligence Activities, Part 4 Chapter 2, in this volume. 135 CJEU, ZZ/Secretary of State for the Home Department, Case C-300/11, Judgment of 4 June 2013, para 38. 136 CJEU, ZZ (fn. 135), paras 51, 57. See also CJEU, Tele2 Sverige (fn. 4), paras 95–6. 137 See Kranenborg in: Peers/Hervey/Kenner/Ward (eds.), The EU Charter of Fundamental Rights, 2014, mns 08-120 et seq. 138 See ECtHR, Rotaru v. Romania, Application no. 28341/95, Judgment of 4 May 2000, para. 44; Bărbulescu v. Romania, Application no. 61496/08, Judgment of 12 January 2016, paras 35 et seq. As regards the universal level see, for instance, Human Rights Council, The Right to Privacy in the Digital Age, UN Doc. A/HRC/28/L.27, 24 March 2015, para 3. 139 Human Rights Council, UN Doc. A/HRC/17/26, 16 May 2011; UN Doc. A/HRC/20/L.13, 29 June 2012; Human Rights Council, UN Doc. A/HRC/28/L.27, 24 March 2015. 140 See UN Doc. A/HRC/17/27, 16 May 2011, para 55; UN Doc. A/HRC/23/40, 17 April 2013 on the one hand, and UN Doc. A/HRC/31/64, 8 March 2016 on the other. 141 See UN Doc. A/RES/68/167, 18 December 2013; confirmed in: UN Doc. A/RES/69/166, 18 December 2014, paras 3 et seq. 142 UN Doc. A/HRC/27/37, 30 June 2014, paras 12 et seq. 143 HRC, General Comment No. 16 on Article 17 ICCPR, 8 April 1988, UN Doc. HRI/GEN/1/Rev.9 (vol. I), para 10; General Comment No. 34, 12 September 2011, UN Doc. CCPR/C/GC/34, paras 12, 15,

310

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:18 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

well as the Venice Commission of the Council of Europe,144 the Fundamental Rights Agency of the European Union145 and the ECtHR146 have all consistently and repeatedly emphasised the right to privacy in the online communication. This fact is, of course, not a surprising innovation to the international human rights regime, but rather a usual dynamic interpretation of existing human rights guarantees in the sense of Article 31 (3) VCLT. However, it is dogmatically remarkable that the fundamental rights under the German constitution, i. e. rights of inviolability of the dwelling (Article 13 of the Basic Law) and of telecommunications secrecy (Article 10 of the Basic Law), as well as the right to self-determination of information and the right to the confidentiality and integrity of information technology systems [both enshrined in Article 1 (1), read in conjunction with Article 2 (1) of the Basic Law], which are potentially affected in the course of surveillance by the intelligence, are to be found in international law only in the context of the right to private life.147 This convergence of various privacy and communication rights into one allembracing right to privacy on the international level probably leads to more harmonised but, at the same time, also to more general standards. In any case, both the systematic collection and storage of connection data, the 32 interception of (mobile) telephone conversations as well as the online search and the monitoring of Internet use by State authorities can interfere with the right to private life guaranteed in international human rights conventions.148 The ECtHR has repeatedly made clear that telephone, facsimile and e-mail communications are covered by the notions of “private life” and “correspondence” within the meaning of Article 8 ECHR.149 In this context, it is even irrelevant that an intelligence agency had previously publicly reported on the political activities of the person whose data are again intercepted with.150 The ECtHR understands the right to privacy extensively. The information or data in question need not be private in the sense that it is confidential; where public information is systematically collected and stored in files, Article 8 ECHR may always be engaged.151 Moreover, it is not necessary that the recorded information has already been read or 33 listened to; it is rather sufficient that it is generally available to the intelligence staff and can be accessed by them when required.152 Even the mere existence of legislation which 39, 43; see also HRC, Concluding Observations on the Fourth Report of the United States of America (fn. 45), para 22. 144 See PACE Res. 2045(2015), 21 April 2015, and Venice Commission, Report of 20/21 March 2015, 102nd Plenary Session, reprinted in: Council of Europe, Mass Surveillance: Who is watching the watchers?, 2016, 55. 145 See European Union Agency for Fundamental Rights, Report on surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015. Yet, it has to be underlined that the Agency’s mandate only extends to carrying out studies on fundamental rights issues insofar as they fall into the scope of EU law. 146 See ECtHR, Weber and Saravia (fn. 22), para 77; S. and Marper v. the United Kingdom, Application nos. 30562/04 and 30566/04, Judgment of 4 December 2008, paras 66–7; Iordachi and Others v. Moldova, Application no. 25198/02, Judgment of 10 February 2009, para 29; Kennedy v. the United Kingdom, Application no. 26839/05, Judgment of 18 May 2010, para. 118; Big Brother Watch and Others, Application nos. 58170/13 et al., Judgement of 13 September 2018, paras 303–4. 147 Cf. Durner, Deutsches Verwaltungsblatt 2016, 780 (783). 148 See e. g., ECtHR, Klass and Others v. Germany, Application no. 5029/71, Judgment of 6 September 1978, para 41; Copland v. the United Kingdom, Application no. 62617/00, Judgment of 3 April 2007, para 39. 149 ECtHR, Weber and Saravia (fn. 22), para 77; Kennedy (fn. 146), para 118; Iordachi (fn. 146), para 29; Popescu v. Romania, Application no. 71525/01, Judgment of 26 April 2007, para 61. 150 EGMR, Rotaru (fn. 138), para 44. 151 See ECtHR, Rotaru (fn. 138), para 47. See also Schabas, The European Convention on Human Rights, 2015, 383. 152 See, e. g., ECtHR Klass (fn. 148), para 34. Similarly see BVerfGE 100, 313 (366), with reference to Article 10 of the Basic Law.

Schmahl

311

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:19 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

allows a system for secret monitoring of communications entails a threat of surveillance for all those to whom the legislation may be applied.153 Therefore, according to the established case-law of the ECtHR, this threat necessarily strikes at freedom of communication between users of the telecommunications services and thereby amounts in itself to an interference with the exercise of the applicants’ rights under Article 8 (1) ECHR, irrespective of any measures actually taken against them.154 To the same aim, the Court constantly holds that an individual might under certain conditions claim to be the victim of a violation occasioned by the mere existence of secret measures or of legislation permitting secret measures, without having to allege that such measures had been in fact applied to him.155 Such a right of recourse for persons only potentially affected by secret surveillance is to be derived from the individual complaint procedure, since otherwise Article 8 ECHR runs the risk of being nullified. The only requirement is that a so-called “reasonable likelihood” exists between the surveillance measures and the private life of the potentially affected person.156 If, for instance, there is no possibility of challenging the alleged application of secret surveillance measures at domestic level, widespread suspicion and concern among the general public that secret surveillance powers are being abused cannot be said to be unjustified. In such cases, even where the actual risk of surveillance is low, there is a greater need for scrutiny by the Court.157 34

b) Requirements for the justification of interferences with the right to privacy Like any other interference with the right to privacy, it is, of course, also possible to justify intelligence surveillance programmes. The maintenance of national security is undoubtedly a legitimate purpose. Given the threats increasingly emerging from non-state actors, namely terrorist organisations, to basic human rights of innocent people, the State must be in the position to covertly observe subversive individuals and organisations for gaining the necessary information in order to prevent future attacks.158 The ECtHR, the CJEU, and also the Human Rights Committee have found that surveillance serves an important public interest – public security – and that this objective is an interest which individual fundamental rights need to be balanced against.159 Only the CJEU went a step further in stating that the right to security is itself a fundamental right.160 However, the acceptance of such an all embracing individual right to security is not compatible with the history of fundamental rights, which were, and continue to be, primarily conceived as defenses of citizens against State power. Moreover, an individual right to security would be directed against the object and purpose of other human rights because it would significantly facilitate interferences in fundamental freedoms based on security laws.161 Therefore, it is only – but still – recognised that the State has the positive duty to protect the life 153 See ECtHR, Klass (fn. 148), para 41; Weber and Saravia (fn. 22), para 78; Kennedy (fn. 146), para 120. 154 See ECtHR, Weber and Saravia (fn. 22), para 78; Liberty (fn. 92), para 56. 155 ECtHR, Klass (fn. 148), paras 34–38. 156 See ECtHR, Stefanov v. Bulgaria, Application no. 65755/01, Judgment of 22 May 2008, paras 49–50; Zakharov v. Russia, Application no. 47143/06, Judgment of 4 December 2015, para 169. For more detail see Gajdošová Effective Remedies against Intelligence Actions, Part 4 Chapter 4, in this volume. 157 See ECtHR, Kennedy (fn. 146), para 124; Zakharov (fn. 156), para 169; Big Brothers Watch (fn. 146), para 252. 158 See Schenke in: Festschrift für Würtenberger, 2013, 1079 (1082). 159 See ECtHR, Klass (fn. 148), para 48; Erdem v. Germany, Application no. 38321/97, Judgment of 5 July 2001, para 64; CJEU, Digital Rights Ireland (fn. 4), paras 42, 51; Tele2 Sverige (fn. 4), paras 90 et seq.; Human Rights Committee, Draft General Comment No. 36 on the Right to Life, UN Doc. CCPR/C/ GC/R.36/Rev.2, paras 25 et seq. (2 September 2015). 160 See CJEU, Digital Rights Ireland (fn. 4), para 42: “Article 6 of the Charter lays down the right of any person not only to liberty, but also to security”. 161 Rightly so van Ooyen, Öffentliche Sicherheit und Freiheit, 2nd ed. 2013, 209 et seq.

312

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:19 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

and the rights of its citizens and that it has the competence to protect itself against destabilization and terrorism. The ECtHR, therefore, rightly acknowledges that the national authorities enjoy a 35 margin of appreciation in choosing the means for achieving the legitimate aim of protecting national security.162 However, this does not mean that States are allowed to adopt any measure which they deem appropriate to counter threats to national security. The leeway given to the States is subject to human rights supervision embracing both legislation and decisions applying it. In view of the risk that a system of secret surveillance set up to protect national security may undermine democracy under the cloak of defending it,163 there must be adequate and effective guarantees against abuse. As a consequence, any national legislation on intelligence surveillance must comply with the rule of law, which means that the law must be accessible to the person concerned, foreseeable as to its effects and proportionate in its means.164 This is not only settled case-law by the ECtHR and the CJEU;165 but also the UN Human Rights Committee expressly refers in its opinion on the fourth report of the United States, rendered in 2014, on the need for respecting the international rule of law.166 In particular, any unprovoked mass surveillance is highly problematic.167 The ECtHR 36 and the CJEU consistently point out that the States must exclude misuse, specifically in the case of secret surveillance, both bulk and targeted, by adopting general and clear rules on the substantive requirements and the temporal conditions of the procedure.168 The ECtHR has held on several occasions that the reference to “foreseeability” in the context of interception of communications cannot be the same as in many other fields. Foreseeability in the special context of secret measures of surveillance, such as the interception of communications, cannot mean that an individual should be able to foresee when the authorities are likely to intercept his communications so that he can adapt his conduct accordingly.169 However, especially where a power vested in the executive is exercised in secret, the risks of arbitrariness are evident. It is therefore essential to have clear, detailed rules on interception of telephone and online conversations in order to give citizens an adequate indication as to the circumstances in which, and the conditions on which public authorities are empowered to resort to any such measures.170 162 See Schabas, The European Convention on Human Rights, 2015, 403 and 406, and von Bernstorff/ Asche in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, 79 (97), both with further references. 163 ECtHR, Weber and Saravia (fn. 22), para 106. 164 See e. g., ECtHR, Rotaru (fn. 138), para 52; S. and Marper (fn. 146), para 95, and Kennedy (fn. 146), para 151. 165 As to the need for regulatory and area-specific regulation, see ECtHR, Weber and Saravia (fn. 22), para 84, and CJEU, Tele2 Sverige (fn. 4), paras 109–10, both with further references. 166 HRC, Concluding Observations on the Fourth Report of the United States of America (fn. 45), paras 22 a)–e). 167 See ECtHR, Klass (fn. 148), paras 49–51; Weber and Saravia (fn. 22), paras 122-6; Iordachi (fn. 146), para. 51; Szabó and Vissy v. Hungary, Application no. 37138/14, Judgment of 12 January 2016, paras 23, 68 et seq. 168 See ECtHR, Weber and Saravia (fn. 22), paras 93–95; Copland (fn. 148), para 46; Zakharov (fn. 156), para. 229; Big Brother Watch (fn. 146) paras 307-13. See also CJEU, Digital Rights Ireland (fn. 4), paras 54 et seq.; Schrems (fn. 133), paras 91 et seq. In a similar vein, cf. BVerfG, Europäische Grundrechte Zeitschrift 2016, 149 (165), para 118 – BKA-Gesetz, with further references. 169 ECtHR, Zakharov (fn. 156), para 229; Big Brother Watch (fn. 146) para 306. 170 See e. g., ECtHR, Rotaru (fn. 138), para 55; Weber and Saravia (fn. 22), para 93. See also the individual complaint by Tretter and Others v. Austria, Application no. 3599/10 (Communicated Case, pending).

Schmahl

313

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:20 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

In its case-law on secret measures of surveillance, the ECtHR has consequently developed the following minimum safeguards that should be set out in law in order to avoid abuses of power: the nature of offences which may give rise to an interception order, a definition of the categories of people liable to have their telephones and online communication tapped, and a limit on the duration of the interception measure.171 Also the consequences of an intervention in the right to privacy must be sufficiently foreseeable. It needs to be clearly regulated what happens with the information obtained, in which procedure the data recordings are examined, evaluated, disseminated, stored or destroyed, and what precautions are taken to prevent the data from being passed on to unauthorised third parties.172 Finally, an independent body must approve the order of surveillance,173 and appropriate supervisory control mechanisms must be provided for when the surveillance is being carried out, preferably by a judicial authority, but at least, by a parliamentary, and in any case by an independent body.174 Once the surveillance has been terminated, the person concerned has to be given the right to judicial review in order to challenge the legality of the surveillance retrospectively.175 38 These conditions indisputably apply to domestic surveillance measures. This has been re-underlined by the ECtHR in the Kennedy case of 2010, where the British Regulation of the Investigatory Powers Act was legally contested.176 Whether the described requirements also apply to purely foreign surveillance is however less clear. The Court had to deal with this question neither in Kennedy nor in the Zakharov decision of 2015, since both cases primarily concerned domestic eavesdropping issues.177 Also with regard to the individual complaint lodged by several NGOs, including “Big Brother Watch”, against the United Kingdom, in which the interception of external communications by the GCHQ and the acquisition of intercepted material gathered abroad were at stake, the Court only incidentally considered whether external communications were covered by the Convention, although it found a violation of Article 8 ECHR.178 39 Nonetheless, there are strong grounds for advocating that the rule of law and the human rights regime also apply to extraterritorial surveillance of foreign nationals. On 37

171 See ECtHR, Amann v. Switzerland, Application no. 27798/95, Judgment of 16 February 2000, paras 56–58, Prado Bugallo v. Spain, Application no. 58496/00, Judgment of 18 February 2003, para 30; Weber and Saravia (fn. 22), para 95; Iordachi (fn. 146), paras 39, 44; S. and Marper (fn. 146), para. 99; Kennedy (fn. 146), paras 153, 159 et seq.; M.M. v. the United Kingdom, Application no. 24029/07, Judgment of 13 November 2012, para 95; Zakharov (fn. 156), para 231; Big Brother Watch (fn. 146), paras 307-316. 172 See e. g., ECtHR, Amann (fn. 171), paras 56–58, Prado Bugallo (fn. 171), para 30; Liberty (fn. 92), paras 62, 69; Iordachi (fn. 146), para. 48; Kennedy (fn. 146), paras 162–3; Zakharov (fn. 156), para 231. 173 ECtHR, Popescu (fn. 149), paras 70–73; Iordachi (fn. 146), para 40; Szabó and Vissy (fn. 167), paras 77 et seq. See also CJEU, Digital Rights Ireland (fn. 4), para 62; Tele2 Sverige (fn. 4), para 120. 174 See ECtHR, Klass (fn. 148), paras 55–6; Zakharov (fn. 156), para. 233. See also ECtHR, Rotaru (fn. 138), paras 43, 52 et seq.; Liberty (fn. 92), para. 68., and, on the (German) national level, BVerfG, Europäische Grundrechte Zeitschrift 2016, 149 (165), para 117 – BKA-Gesetz; Europäische Grundrechte Zeitschrift 2016, 668 (682), paras 151 et seq. – NSA Selektorenlisten, both with further references. 175 See ECtHR, Klass (fn. 148), paras 57, 70; Weber and Saravia (fn. 22), para 135; Zakharov (fn. 156), para 234; Big Brother Watch (fn. 146), para 310. Similarly cf. CJEU, Schrems (fn. 133), para 95. Only in individual cases can there be no subsequent notification, namely, if such notification would reveal the functioning of the secret services, see ECtHR, Klass (fn. 148), para 58. 176 See ECtHR, Kennedy (fn. 146), paras 155, 160. 177 See ECtHR, Kennedy (fn. 146); Zakharov (fn. 156). The same applies to the case of Szabó and Vissy (fn. 167), where the ECtHR, however, reaffirmed the fact that, in the case of mass surveillance, every individual had a right of action. 178 Cf. Big Brother Watch (fn. 146), paras 336–337; the case has been referred to the Grand Chamber on 4 February 2019. In a similar vein, see also the individual complaints by the Bureau of Investigative Journalism and Alice Ross v. the United Kingdom, Application no. 62322/14, and by Privacy International and Others v. the United Kingdom, Application no. 46259/16 (Communicated Cases, pending).

314

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:20 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

the one hand, the origin of electronic communications, as well as their course, is frequently neither disclosed nor detectable, so that the differentiation between domestic and extra-judicial surveillance can no longer be upheld.179 On the other hand, the distinction between domestic surveillance measures and those with extraterritorial effects appears to be problematic with regard to the principle of non-discrimination on grounds of nationality.180 In view of the increasing exchange of data between the intelligence services of different countries, for the persons affected by surveillance it does not make a noticeable difference in their freedom and in their rights to privacy, from which State authority they are spied out.181 Furthermore, it is untenable that States would be allowed to infringe human rights outside their territorial borders, whereas similar violations are prohibited in their own territory. Especially in the case of internet-based communication, public authorities might otherwise be tempted to escape completely from their human rights obligations under the territorial jurisdiction simply by using sophisticated, hidden, redirect or otherwise geographically not easily detectable technology.182 Last but not least, in the counter-terrorism and surveillance context, non-citizens neither inherently pose a greater threat to a State’s security than its citizens, nor is their private information of inherently greater value or interest to the State.183

II. Intelligence and the obligation to protect and ensure human rights in “extraordinary renditions” cases The described benchmark also applies mutatis mutandis if a State party to a human 40 rights convention supports another State in the pursuit of a violation of human rights on its own or a foreign territory. With respect to persons suspected of involvement in terrorist conspiracies, some States have loosened or been accomplices to a loosening of the prohibition of brutal and degrading interrogation carried out at home or – mostly – abroad. In particular, the system of so-called “extraordinary renditions”, as conducted by the US Central Intelligence Agency (CIA) with collaboration of some European States, appears to be the latest mutation of enforced disappearance which historically took place in Nazi-Germany and later in totalitarian regimes of Latin America.184 After 9/11, CIA set up an apparatus, by which it collected information about suspected terrorists, abducted them, transferred them to third countries where they were detained without any legal process. In these countries, unregistered places of detention (known as 179

See supra, mn. 3. Schmahl, JuristenZeitung 2014, 220 (225 et seq.); see also Explanatory Memorandum to PACE Recommendation 2045(2015), para 96, reprinted in: Council of Europe, Mass Surveillance: Who is watching the watchers?, 2016, 10 (42). Similarly see CJEU, Huber, C-524/06, Judgment of 16 December 2008, paras 78–9. 181 Cf. Bieker, Die Friedens-Warte 90 (2015), 33 (46); Schmahl in: Dietrich et al. (eds.), Nachrichtendienste im demokratischen Rechtsstaat, 2018, 21 (34). 182 See Pöschl, Veröffentlichungen der Vereinigung der Deutschen Staatsrechtslehrer 74 (2015), 401 (441). 183 Rightly so Milanović, Harvard International Law Journal 56 (2015), 81 (101). 184 As to the infamous “Nacht und Nebel”-decree provided for the secret transport of political prisoners see Nuremberg Military Tribunals, Trials of War Criminals before the Nuremberg Military Tribunals under Control Council Law No. 10: Nuremberg, October 1946-April 1949, vol. 3, 1951, 75–8. As to the Latin American totalitarian regimes cooperating, mainly from the 1960s to 1990s, by sharing intelligence concerning political opponents as well as by seizing, torturing and executing these persons in one another’s territory, see McSherry, Predatory States, Operation Condor and Covert War in Latin America, 2005, 1 et seq. 180

Schmahl

315

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:21 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

“black sites”) were in full operation. At these sites, “enhanced interrogation techniques” – a euphemism for ill-treatment – were applied to individuals.185 41 The practices performed within the “extraordinary rendition programme” such as abduction, illegal transfer, incommunicado detention, and torture for interrogations purposes are all practices that represent serious violations of basic human rights, enshrined not only in the ECHR but also in various other human rights treaties such as the ICCPR, the UN Convention Against Torture, the European Convention for the Prevention of Torture, the American Convention on Human Rights, and, most recently, in the International Convention for the Protection of All Persons from Enforced Disappearance. The Inter-American Court of Human Rights (IACtHR), in Velásquez Rodríguez v. Honduras (1988), rightly held that the phenomenon of enforced disappearances is a complex and often continuing form of human rights violation that must be understood and confronted in an integral fashion.186 From the European perspective, however, the point of dogmatic interest with “extraordinary renditions” lies not as much on the negative obligation not to interfere with human rights or on the extraterritorial application of human rights treaties, but primarily with the positive obligation of the Contracting State to protect and ensure human rights. The ECtHR constantly holds, to a similar extent as the Human Rights Committee,187 that States parties to the European Convention are under a positive obligation to prevent human rights violations on their territory, and to investigate, prosecute and provide redress in the event of breach.188 This obligation also applies when the authorities of the Contracting Parties knew or ought to have known at the time of the existence of a real and immediate risk from criminal acts of a third party and failed to take measures within the scope of their powers which, judged reasonably, might have been expected to avoid such risk.189 42 Although State authorities are regularly given a wide margin of appreciation of how they fulfil their positive obligations deriving from human rights treaties,190 the discretion can shrink to zero in certain cases. In any event, certain forms of intelligence cooperation between States have already led to a sentencing by the ECtHR in which it clearly condemns the Contracting State which had participated in ‘extraordinary renditions’ carried out by other States of having violated the duty to protect human rights. The Court’s landmark decision in this regard is the case of Khaled el-Masri. ElMasri, a German citizen of Lebanese origin, was, when crossing the Serbian-Macedonian border on New Year’s Eve 2003, arrested by Macedonian police and, with the support of Macedonian security authorities, later placed in the custody of CIA agents and flown to Kabul. In Afghanistan, he was detained for more than four months in a secret prison under inhumane conditions and “extensively interrogated” by masked CIA 185 See Kyriakou, Melbourne Journal of International Law 13 (2012), 1 (5). For a full account as to the background, the facts and the contributors of the “extraordinary renditions” programme see Steiger, Das völkerrechtliche Folterverbot und der “Krieg gegen den Terror”, 2013, 38–51. 186 IACtHR, Velásquez Rodríguez v. Honduras, Petition no. 7920, Judgment of 29 July 1988, paras 130 et seq. Since Velásquez Rodríguez the Inter-American Court of Human Rights has delivered more than 30 judgments on enforced disappearances. 187 See HRC, General Comment No. 31 (fn. 1), para 8. 188 See e. g., ECtHR, Osman v. the United Kingdom, Application no. 23452/94, Judgment of 28 October 1998, paras 115 et seq.; Kelly and Others v. the United Kingdom, Application no. 30054/96, Judgment of 4 May 2001, paras 94–6; Nencheva and Others. v. Bulgaria, Application no. 48609/06, Judgment of 18 June 2013, para. 108; Perevedentyevy v. Russia, Application no. 39583/05, Judgment of 24 April 2014, para 94. 189 ECtHR, Osman (fn. 188), para 121. See also ECtHR, Kayak v. Turkey, Application no. 60444/08, Judgment of 10 July 2012, paras 53 et seq. 190 See Grabenwarter/Pabel, Europäische Menschenrechtskonvention, 2016, § 19 mn. 7; for a fuller account see Schmahl in: Thouvenin/Tomuschat (eds.), Droit international et diversité des cultures juridiques, 2008, 277–96.

316

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:21 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

agents about alleged links to 9/11 terrorists. When it transpired that el-Masri had been mistaken for another person with the same name on a terrorist watch list, he was eventually returned to Albania and released near the Macedonian border. In its judgment of 2012, the ECtHR held that the cooperation of Macedonian security authorities with the CIA in “extraordinary renditions” infringe Macedonian’s positive duty, under the European Convention, to protect and to ensure human rights.191 With respect to the handover of el-Masri to the CIA rendition team, the Court held Macedonia responsible for a violation of the positive duty arising from Article 5 ECHR, due to enforced disappearance and arbitrary detention, as well as for an infringement of Article 3 ECHR because the victim was ill-treated by CIA agents at the airport and in other sites inside and outside the country with the knowledge of the Macedonian authorities.192 Since there was never an investigation by the Macedonian authorities regarding el-Masri’s detention, the Court also found a violation of Article 13 ECHR.193 The ruling in el-Masri was recently confirmed in the cases Abu Zubaydah v. Poland 43 (2014), Abu Zubaydah v. Lithuania (2018), and Abu Omar v. Italy (2016), in which the ECtHR has further stressed that the respective States parties, Poland, Lithuania and Italy, have equally and independently violated against the Convention guarantees when aiding and supporting a third State in the course of an “extraordinary rendition”.194 Abu Omar, an Egyptian cleric and suspect terrorist, was kidnapped in Milan in 2003 by Italian and CIA agents and transferred to Egypt where he was secretly detained and tortured for more than a year.195 Abu Zubaydah, a Guantánamo detainee, was captured in 2002 and transferred to Lithuania and Poland to secret facilities where he was unlawfully detained for four and a half years and became a victim of the “enhanced interrogation system” developed by the CIA.196 In all three cases, the ECtHR emphasises that a State party to the Convention is, in principle, responsible for the infringement of human rights committed by foreign authorities on its territory and with its knowledge.197 In addition, when States engage in torture or other ill-treatment, alone or in collaboration with other States, they are held responsible for violating the prohibition of torture under Article 3 ECHR.198 Since the Polish Government, in Abu Zubaydah v. Poland, had not made available to the Court the requested information on the treatment and the disappearance of Abu Zubaydah by referring to State secrets privilege, the ECtHR also found a breach of Article 38 ECHR.199 It singled out that Poland needed to 191 ECtHR, el-Masri (fn. 81), para 220. More closely on this point see Hofmann in: Festschrift für Hailbronner, 2013, 443 (447 et seq.). 192 ECtHR, el-Masri (fn. 81), paras 240–43 and 215–20. 193 ECtHR, el-Masri (fn. 81), paras 258–62. 194 ECtHR, Abu Zubaydah v. Poland, Application no. 7511/13, Judgment of 7 July 2014, paras 445 et seq; Abu Zubaydah v. Lithuania, Application no. 46454/11, Judgment of 31 May 2018, paras 629 et seq.; Abu Omar v. Italy, Application no. 44883/09, Judgment of 23 February 2016, paras 240 et seq.; further see ECtHR, Al Nashiri v. Italy, Application no. 28761/11, Judgment of 24 July 2014, para 518. See aslo the detailed appraisal of this case-law by Staffler, Europäische Grundrechte Zeitschrift 2016, 344 (346 et seq.). 195 See Council of Europe’s Committee on Legal Affairs and Human Rights, Alleged Secret Detentions and Unlawful Inter-State Transfers of Detainees Involving Council of Europe Member States, 16 June 2016, para 162. 196 For more detail see Bodnar/Pacho, Polish Yearbook of International Law 21 (2011), 233 (253 et seq.) and ECHR, Abu Zubaydah v. Lithuania (fn. 194), paras 15-395. 197 ECtHR, el-Masri (fn. 81), paras 206, 220; Abu Zubaydah v. Poland (fn. 194), para 449; Abu Zabadayah v. Lithuania (fn. 194), paras 576, 641. 198 ECtHR, Abu Zubaydah v. Poland (fn. 194), para 449; Abu Zabadayah v. Lithuania (fn. 194), paras 641–644; see also Duffy, Interights Bulletin 16 (2010), 1 (4). 199 See ECtHR, Abu Zubaydah v. Poland (fn. 194), para 435. See also ECtHR, Al Nashiri (fn. 194), paras 346–7.

Schmahl

317

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:22 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

conduct an independent inquiry in which State secrets may not be raised to justify a complete refusal to disclose information about human rights violations. Furthermore, the Court regarded, in Abu Omar v. Italy, even family members affected by the disappearance as victims of inhumane treatment under Article 3 ECHR, provided that they have previously actively and unsuccessfully sought information on the whereabouts of the abducted person from the authorities of the Contracting State.200 44 Also universal human rights monitoring bodies such as the Human Rights Committee and the Committee against Torture have published several findings relevant to the practice of “extraordinary renditions” and “enforced disappearances”. For instance, in Khan v. Canada (1994), the Committee against Torture noted that sending a person to a country not a party to the Convention against Torture (CAT) would subject a person to a risk of torture, and also would strip the person of any possibility of applying for protection under the Convention.201 In Agiza v. Sweden (2005), the Committee held that Sweden’s authorities knew or should have known at the time of the suspect terrorist’s handover to the US security personnel in order to remove him to Egypt, that Egypt resorted to consistent and widespread use of torture against detainees, and that the risk of such treatment was particularly high in the case of detainees held for political and security reasons.202 The Committee therefore found that Sweden had breached Article 3 CAT.203 The Human Rights Committee, in Khirani v. Algeria (2012), decided that incommunicado detention after an arrest without a warrant and without being informed of the reasons for the arrest, creates an exceedingly high risk of violation of the right to life, since victims are at the mercies of their jailers who, by the very nature of the circumstances, are subject to no oversight. Although no clear evidence was brought about the death of Khirani, the Committee concluded that the State party has failed in its duty to protect the victim’s life.204 45 All the decisions outlined here have in common that abductions with the purpose of ill-treatment of the abducted person and the participation in those abductions cannot be justified on legal grounds. First, “extraordinary renditions” and “enhanced interrogations methods” are not vital to the nation’s defence.205 Second, interrogation techniques which are infringing human rights law at home do not become legal when they are conducted abroad. Particularly “outsourcing torture” is in sharp contrast to any human rights standard.206 The prohibition of torture is of an absolute nature, meaning that 200

See ECtHR, Abu Omar (fn. 194), paras 314–5. Committee against Torture, Khan v. Canada, Decision of 4 July 1994, Communication no. 15/1994, UN Doc. A/50/44, at 46, para 12.5. 202 Committee against Torture, Agiza v. Sweden, Decision of 20 May 2005, Communication no. 233/ 2003, UN Doc. CAT/C/34/D/233/2003, para 13.4. 203 Ibid. 204 HRC, Khirani v. Algeria, Views of 26 March 2012, Communication no. 1905/2009, UN Doc. CCPR/ C/104/D/1905/2009, para 7.4. By contrast, the Committee, while considering that enforced disappearance is a continuing offence, declared the individual complaint by Yurich v. Chile inadmissible, since the events of the disappearance occurred prior to the entry into force for Chile of the Optional Protocol to which Chile, in addition, had made a reservation with regard to the application ratione temporis, see HRC, Yurich v. Chile, Views of 2 November 2005, Communication no. 1078/2002, UN Doc. CCPR/C/85/D/ 1078/2002, paras 6.2. and 6.4. 205 The US administration under President George W. Bush, however, claimed this vital interest, see Zagaris, International Enforcement Law Reporter 21 (2005), 188. 206 Rightly so Weissbrodt/Bergquist, Virginia Journal of International Law 46 (2006), 585 (593). See also European Parliament resolution of 8 June 2016 on follow-up to the European Parliament resolution of 11 February 2015 on the US Senate report on the use of torture by the CIA (2016/2573[RSP]), EU Doc. P8_TA(2016)0266, where the European Parliament strongly condemns the use of “enhanced interrogation techniques” as multiple fundamental rights violations and torture. 201

318

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:22 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

under no circumstances can it be derogated from.207 Third, even in times of armed conflict, torture and ill-treatment do not raise complex legal questions regarding the application of the international humanitarian law framework. If carried out, in Guantánamo Bay, Iraq, Afghanistan or elsewhere, they are straightforwardly severe violations of international humanitarian law,208 since under the Geneva Conventions and its Protocols, both civilians and prisoners of war are absolutely protected against torture and inhumane treatment.209 To the same extent, any unlawful deportation or transfer of a protected person is regarded as a grave breach of Article 49, in conjunction with Article 147 of the Fourth Geneva Convention. Furthermore, according to common Article 3 of the Geneva Conventions, which formulates the minimum yardstick for all armed conflicts, the core standards of human rights apply to all individuals in all circumstances, including those detained as part of the so-called “war on terror”.210 Last but not least, the assumption that torture or other forms of cruel and degrading treatment may extract useful information on future terror plots from detainees is substantially mistaken. Torture simply does not work to gather correct information, but produces rather false testimony and, above all, it runs the risk of creating more enemies.211 Yet, the described decisions can of course not be transferred to any transnational 46 intelligence cooperation between States. In individual cases, it will depend on the extent to which cooperation has been carried out and for what purpose the knowledge about a suspected terrorist is passed on to the intelligence authorities of other countries.

III. Intelligence and legal requirements for the imposition of “targeted sanctions” The cooperation of intelligence agencies of several countries also plays a pivotal 47 role in the imposition of multilateral “targeted sanctions” by which the Security Council requires the UN member States to freeze assets of and to impose travel bans against certain suspected terrorists or terrorist organisations in order to counter the financing of terrorism and to prevent future attacks.212 To this end, the Security Council established a subsidiary body, the so-called “Sanctions Committee”, in 1999, whose task is primarily to create and periodically consolidate the list of alleged terrorists (so-called “black list”),213 that is based on intelligence from national secret services.214 207 See Bodnar/Pacho, Polish Yearbook of International Law 21 (2011), 233 (254); Cerna, International Legal Materials 57 (2018), 715 (716). 208 Duffy, The “War on Terror”, 2015, 448, 798–9. 209 See Article 130 of the Third Geneva Convention, and Article 147 of the Fourth Geneva Convention. 210 See ICJ, Nicaragua (fn. 20), para 218. See also Weissbrodt/Bergquist, Virginia Journal of International Law 47 (2007), 295 (318 et seq.). 211 Weissbrodt/Bergquist, Virginia Journal of International Law 46 (2006), 585 (595); Schmahl in: Walter et al. (eds.), Terrorism as a Challenge for National and International Law, 2004, 81 (109–10). 212 For a fuller account on how the “targeted sanction” policy of the Security Council developed, see Biersteker, International Journal 2009/10, 99 (99 et seq.). As to the purposes, the consequences and the impacts of targeted sanctions see Biersteker/Eckert/Tourinho (eds.), Targeted Sanctions. The impacts and effectiveness of United Nations Action, 2016. 213 See SC Res. 1267 (1999), 15 October 1999, para 6. See also SC Res. 1333 (2000), 19 December 2000, para 16 b; SC Res. 1390 (2002), 28 January 2002, para 5; SC Res. 1452 (2002), 20 December 2002, para. 3. 214 As to more detail see de Wet, Chinese Journal of International Law 12 (2013), 787 (788 et seq.); Schmahl in: Odendahl (ed.), Die Bekämpfung des Terrorismus mit Mitteln des Völker- und Europarechts, 2017, 109 (121 et seq.). See also supra, mn. 22.

Schmahl

319

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:23 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

To date, the targeted persons have only limited possibilities for checking the correctness of their listing and for starting an individual petitioning for a delisting. Since there is no prior communication, no request for clarification, no hearing whatsoever, the individual does not learn of the sanction until its adoption and execution. The reason for this procedure is, of course, the element of surprise, without which suspected terrorists could easily transfer their funds to “financial havens”.215 Nevertheless, the element of surprise often comes at the expense of procedural fairness and fundamental rights. If implemented effectively, “targeted sanctions” may affect the right to property (Article 1 Protocol No. 1 ECHR; Article 17 EU Charter of Fundamental Rights), restrict the right to free movement (Article 12 ICCPR; Article 2 Protocol No. 4 ECHR; Article 45 EU Charter of Fundamental Rights), and infringe a number of procedural rights due to insufficient information and to the lack of access to judicial review (Article 14 ICCPR; Article 6 ECHR; Articles 41 (2) and 47 EU Charter of Fundamental Rights). 49 The most famous case in this regard is the case of Yassin Kadi.216 Kadi, a Saudi Arabian national with substantial assets in the United States and Europe, is suspected of helping fund the 9/11 attacks, and was among the first wave of individuals “blacklisted” and targeted by the UN sanctions regime as suspected terrorist financier in October 2001.217 This listing was then enforced in domestic jurisdictions around the world, including Europe, where it was implemented through a regulation of the Council of the EU218 and enforced against Kadi in the United Kingdom, pursuant to this EU regulation.219 Kadi challenged the EU regulation in the Court of First Instance (CFI), citing, inter alia, a denial of fundamental due process. The CFI, in 2005, however declined the rule on the permissibility of the action, holding that Security Council resolutions taken under Chapter VII of the UN Charter were in principle not subject to judicial review.220 Kadi appealed the decision of the CFI, and the CJEU, in its Kadi decision of 2008, reversed, objecting to an uncontrolled implementation of Security Council resolutions in the European Union legal order with a view to the European human rights standard, in particular the right to be heard and the right to property.221 The CJEU granted the EU Commission three months to amend the listing mechanism at the EU level, without which the UN listing would be considered null and void.222 50 In response to the decision of the CJEU of 2008, not only the EU listing procedure has been amended but also the Security Council has set up an Office of the Ombudsperson which since then assumes the role of an impartial referee in the listing and delisting procedures.223 However, the procedure before the Ombudsperson at UN level 48

215

See Francioni in: Fastenrath et al. (eds.), From Bilateralism to Community Interest, 2011, 908 (915). On a full account of the “Kadi-trials” see Avbelj/Fontanelli/Martinico (eds.), Kadi on Trial, 2014. 217 See Cantwell, Columbia Journal of Transnational Law 53 (2015), 652 (656 et seq.). 218 Council Regulation (EC) No. 467/2001 on prohibiting the export of certain goods and services to Afghanistan, strengthening the flight ban and extending the freeze of funds and other financial resources in respect of the Taliban of Afghanistan, OJ 2001 L 277/25; later repealed and substituted by Council Regulation (EC) No. 881/2002 imposing certain specific restrictive measures directed against certain persons and entities associated with Osama bin Laden, the Al-Qaida network and the Taliban, OJ 2001 L 139/9. 219 As to the EU competence to implement Security Council targeted sanctions see Cremona, Yearbook of European Law 28 (2009), 559 (567 et seq.); Graf Vitzthum, Zeitschrift für Europarechtliche Studien 2008, 375 et seq. 220 See TFI, Kadi, Case T-315/01, Judgment of 21 September 2005, (2005) ECR II-3649, paras 222 et seq. 221 CJEU, Kadi and Al Barakaat, Joined Cases C-402/05 P and C-415/05, Judgment of 3 September 2008, (2008) ECR I-6351, paras 334–53, 359–71. 222 CJEU, Kadi and Al Barakaat (fn. 221), para 376. 223 See SC Res. 1904 (2009), of 17 December 2009, paras 20 et seq. As to the proceedings before the Ombudsperson see, e. g., Ginsborg in: Saul (ed.), Research Handbook on International Law and Terrorism, 2014, 608 (617 et seq.); Rosenow, Die Friedens-Warte 86 (2011), 15 (25). 216

320

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:23 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

still does not comply with the strict requirements of the European rule of law, including the right to be heard and the right to an independent judicial procedure.224 In particular, the information provided by the Sanctions Committee merely contains a brief narrative summary of the reasons for the listing.225 Therefore, Kadi, who was relisted after the listing mechanism had been revisited, again challenged his resumed – and actually continued – listing at the General Court (the former CFI). In their “Kadi II” decisions, both the General Court (2010) and, on appeal, the Grand Chamber of the CJEU (2013),226 once again stressed that it was not sufficient to protect the rights to be heard and to effective judicial review according to Articles 41 (2) and 47 EU Charter of Fundamental Rights if the States disclose to the person concerned only rudimentary intelligence evidence on the grounds of their listing.227 Similar to the ECtHR’s view in the “extraordinary rendition” cases,228 the Grand Chamber of CJEU underlined that even confidential and classified information should be disclosed insofar it has served as the decisive basis for the listing and the ensuing interference with fundamental rights of the targeted terror suspect.229 The CJEU emphasised that the burden is on the listing entity to prove the validity of listing and not on the challenging individual to disprove it.230 Particularly sensitive and “explosive” confidential information on national security can, of course, be disclosed to the person concerned in a “de-sharpened” way; however, an entire withholding of fundamental evidence is regarded as being contrary to the European rule of law.231 The listed individuals, according to the Court, must be in the position to make known their views effectively in relation to the grounds advanced against them.232 Although the approach of the CJEU carries with it the risk of the devaluation and 51 fragmentation of international security laws under the auspices of the United Nations,233 the Kadi decisions are to be agreed with. After the UN has decided to adopt restrictive measures against individuals and organisations suspected of terrorism, it is above all up to the organisation itself to ensure appropriate human rights 224 See General Court, Kadi II, Case T-85/09, Judgment of 3 September 2010, (2010) ECR II-5177, para 128. See also the similar assessment of the ECtHR, Al-Dulimi and Montana Management v. Switzerland, Application no. 5809/08, Judgment of 26 November 2013, paras 116–8, with regard to the UN Focal Point for delisting, created by SC Res. 1730 (2006), 19 December 2006. 225 See General Court, Kadi II (fn. 224), para. 128; see also Larik, Netherlands International Law Review 61 (2014), 23 (35). 226 In 2012, Kadi was finally delisted, following an application channelled through the Ombudsperson. The CJEU, however, did not discontinue the case for being “devoid of purpose”, see Fontanelli in: Avbelj/ Fontanelli/Martinico (eds.), Kadi on Trial, 2014, 7 (11). 227 CJEU, Kadi II, Joined Cases C-584/10 P, C-593/10 P and C-595/10 P, Judgment of 18 July 2013, paras 95, 99, 119, 131, 135 et seq., with references to General Court, Kadi II (fn. 224), paras 192–5. In a similar vein, see also ECtHR, Nada v. Switzerland, Application no. 10593/08, Judgment of 12 September 2012, para 211; Al-Dulimi (fn. 224), paras 111 et seq. 228 See supra, mn. 43. 229 CJEU, Kadi II (fn. 227), para 125. 230 CJEU, Kadi II (fn. 227), paras 120–2. 231 See CJEU Kadi II (fn. 227), paras 123, 125, 128–34. Consenting Kühne, Zeitschrift für Rechtspolitik 2013, 243 (247); more critical assessment by Cuyvers, Common Market Law Review 2014, 1759 (1775–80). 232 CJEU, Kadi II (fn. 227), paras 111–2. Similarly CJEU, ZZ (fn. 135), para 59. See also ECtHR, A. and Others v. the United Kingdom (fn. 43), paras 210, 216 et seq., as well as ECtHR (Grand Chamber), AlDulimi and Montana Management v. Switzerland, Application no. 5809/08, Judgment of 21 June 2016, para 151. 233 See de Wet, Chinese Journal of International Law 12 (2013), 787 (799). Strong criticism against the Court’s dualist approach is raised by e. g., de Búrca, Harvard International Law Journal 51 (2010), 1 (44 et seq.); Tomuschat, Yearbook of European Law (2009), 654 (658 et seq.); Cannizzaro, Yearbook of European Law (2009), 593 (597 et seq.).

Schmahl

321

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:24 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

protection. Besides maintaining peace and security, it is an express purpose of the UN to promote respect and protection of basic human rights among members [see Articles 1 (2), (3), 55 UN Charter]. However, as long as the United Nations does not provide human rights equivalent legal protection and access to justice, the CJEU must in view of Article 47 EU Charter of Fundamental Rights act in a compensatory manner, and namely guarantee judicial review against an EU secondary law which implements the “targeted sanctions” regime adopted by the Security Council.234 The first ruling of the CFI in the matter,235 according to which EU organs were strictly bound to respect the obligations imposed on the Member States under Article 103 in conjunction with Article 25 UN Charter with the consequence that there was no room for the European Union to apply its standard of fundamental rights when enacting secondary laws that implement Security Council resolutions,236 has thus rightly been overruled by developing a transnational “Solange” principle between the CJEU and the UN.237 52 All in all, there is no persuasive argument for giving Security Council resolutions radical precedence to international human rights law: first, the Security Council often only “encourages” and does not strictly commit the States to designate suspect individuals for listing.238 In these situations, in the absence of a true and compelling obligation, Article 103 UN Charter does simply not apply,239 since it gives general precedence to the UN Charter or to Security Council resolutions only in the case of a conflict between two specific obligations of international law.240 Second, there are often resolutions on “targeted sanctions” which, albeit detailed, leave some latitude for implementation by expressly referring to human rights standards;241 hence the States (as well as the European Union) are free, within the limits of the margin of discretion given to them, to adhere to their human rights obligations without violating Article 103 UN Charter.242 Third, even in cases of inflexible Security Council resolutions leaving no margin of appreciation to the member States, Article 103 UN Charter has to be understood in a teleological reduced manner when it comes to a conflict of Charter obligations and human rights. Assuming that the UN Charter itself does not intend to prevent the application of human rights, but rather supports human rights-friendly approaches and further aims at coherence among the different branches of applicable international law,243 Security Council resolutions imposing the duty on member States to implement targeted sanctions against terror suspects must be interpreted in a 234 As to this “Solange” (as long as) argument raised by the CJEU, Kadi II, Judgment of 2013 (fn. 227), paras 130 et seq., see e. g., Tzanakopoulos in: Avbelj/Fontanelli/Martinico (eds.), Kadi on Trial, 2014, 121 (129 et seq.); Kokott/Sobotta, European Journal of International Law 23 (2012), 1015 (1018). This principle has also been applied by the HRC, Sayadi and Vinck v. Belgium, Views of 22 October 2008, Communication no. 1472/2006, UN Doc. CCPR/C/94/D/1472/2006, para 10.9, where the Committee noted that the applicants did have a remedy, since they took the State party to the European Court of First Instance and obtained an order requiring it to submit a delisting request to the Sanctions Committee. 235 See supra, mn. 49. 236 See the reasoning of the CFI in Kadi (fn. 220), paras 181–4, 226. 237 Streinz in: Fastenrath et al. (eds.), From Bilateralism to Community Interest, 2011, 1118 (1127). Critical assessment with regard to this “decentralized adjudicatory framework” by Hovell, American Journal of International Law 110 (2016), 1 (15–29). 238 See e. g., SC Res. 2083 (2012), 17 December 2012, para 10. 239 Rightly so Buszewski/Gött, German Yearbook of International Law 57 (2014), 507 (513). 240 Clearly so ECtHR, Al-Jedda (fn. 112), paras 101, 104–106. 241 For instance, see SC Res. 2178 (2014), 24 September 2014, para 5. 242 See ECtHR, Nada (fn. 227), paras 195–7. See also ECtHR (Grand Chamber), Al-Dulimi (fn. 232) para 138. 243 See ECtHR, Al-Jedda (fn. 112), paras 101–2; Nada (fn. 227), para 170.

322

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:24 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

harmonious way avoiding norm conflicts with human rights provisions,244 at least with those provisions which belong to the human rights standard of universal customary international law.245 In its Nada and Al-Dulimi decisions of 2012 and 2013 respectively, the ECtHR, too, 53 established a “coexistence” of the human rights guarantees and international obligations under Security Council resolutions.246 In essence, this “coexistence principle” has been upheld, upon referral, by the Grand Chamber in its recent judgment of June 2016 in the case Al-Dulimi v. Switzerland.247 Following its Bosphorus ruling (2005) on the “equivalent protection test” between the ECHR and the EU fundamental rights,248 the ECtHR underlines that the lack of judicial protection at UN level against the “smart sanctions system” should be compensated by adequate remedies at national level.249 The Court accepts that the maintenance of international peace and security can serve as a legitimate aim for justifying restrictions on human rights.250 But at the same time it holds that the restrictions have to be proportionate. Considering the long period during which the applicants’ assets had been frozen under the implementation of Security Council Resolution 1483 (2003) by the Swiss Government, the Court found in Al-Dulimi that it was disproportionate to deny them access to judicial review.251 It can be inferred from this case-law that in cases of an imminent threat, more restrictive sanctions are permissible, whereas sanctions which are intended to last longer in order to confront abstract dangers might need regular judicial revision in order to justify interferences with human rights.252

IV. Intelligence and legality of “targeted killings”? Finally, over the last decade, intelligence officers of the several States, particularly 54 from the US, become more and more involved in carrying out extraterritorial “targeted killing” that is the intentional slaying, undertaken with explicit governmental approval, of a specific individual or a group of individuals allegedly belonging to terrorist organisations abroad.253 Because of their pinpoint planning, state-sponsored killings mostly do not take place during a combat operation but rather outside definite situations of armed conflict.254 Thus it is not astonishing that there are debates running 244 See Report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism, (Ben Emmerson), 26 September 2012, UN Doc. A/ 67/396, paras 22–3, 59. Similarly Buszewski/Gött, German Yearbook of International Law 57 (2014), 507 (514); Francioni in: Fastenrath et al. (eds.), From Bilateralism to Community Interest, 2011, 908 (918); different assessment by Kolb, Recueil des Cours de l’Académie de Droit International de La Haye 367 (2014), 125–9. 245 Cf. Klein, International Human Rights Law Review 4 (2009), 111 (113). 246 See ECtHR, Nada (fn. 227), paras 172 et seq.; Al-Dulimi (fn. 224), para 111. See also Hollenberg, International and Comparative Law Quarterly 64 (2015), 445 (448 et seq.). 247 See ECtHR (Grand Chamber), Al-Dulimi (fn. 232) paras 138–49; but see also the Dissenting Opinion of Judge Nußberger. 248 ECtHR, Bosphorus v. Ireland, Application no. 45036/98, Judgment of 30 June 2005, para 156. 249 See Platon, European Constitutional Law Review 10 (2014), 226 (229 et seq.); Cuyvers, Common Market Law Review 2014, 1759 (1784–7). 250 See ECtHR, Al-Dulimi (fn. 224), paras 127 et seq., and ECtHR (Grand Chamber), Al-Dulimi (fn. 232), para 133. 251 ECtHR, Al-Dulimi (fn. 224), paras 131 et seq. Similarly ECtHR (Grand Chamber), Al-Dulimi (fn. 232), paras 150–1. 252 See Buszewski/Gött, German Yearbook of International Law 57 (2014), 507 (539); similarly Kadelbach, International Legal Materials 55 (2016), 1023 (1024–5). 253 Machon, Targeted Killing as an Element of U.S. Foreign Policy in the War on Terror, 2006, 15. 254 See, with examples, Schmahl in: Tomuschat/Lagrange/Oeter (eds.), The Right to Life, 2010, 233 (233–6).

Schmahl

323

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:25 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

not only on sovereignty concerns under the law of inter-state force,255 but particularly on the lawfulness of “targeted killings” under international human rights and humanitarian law.256 55 The discussion becomes even harsher with regard to the increasing use of “unpiloted aerial vehicles” commonly referred to as drones. Whereas drones were originally developed to gather intelligence and conduct surveillance, they have been nowadays adapted as lethal weapons systems.257 The pilotless drone regularly flies over a predetermined territory, identifies targets based on measurements compared with parameters in its programming and drops its missiles killing the intended target along with, despite originally touted for its accuracy, innocent civilians.258 Resorting to unpiloted drones is tempting for governments, because they allow the covert killing of potential terrorists without any risk to their armed forces.259 Yet, for the evaluation of the lawfulness of “targeted killing”, there is no relevant distinction between a killing carried out by a drone, a helicopter or a plane.260 56 Nor does it make a noticeable difference in human rights assessment whether a State executes “targeted killings” itself (which is rarely the case with the European States) or whether it knowingly gathers and distributes intelligence in order to provide the executing State with the necessary information for such an action. The preceding collection of intelligence at least raises fundamental rights questions for ECHR member States, since they are not only bound to respect ECHR standards in their own activities, but they must also refrain from collaborating with a third State and assisting that State’s human rights violations. As pointed out,261 the Contracting States of the European Convention are obliged to protect persons under their jurisdiction from threats to human rights emanating from third actors, including foreign States.262 This positive duty also applies to intelligence gathering operations which assist foreign governments or foreign intelligence authorities in executing a “targeted killing” abroad.263 57 Yet, the “targeted killing” policy is often justified in literature both as a legitimate response to terrorist threats and as a necessary reaction to the challenges of asymmetric warfare.264 There is, in fact, some evidence that “targeted killings” have reduced, for the short term, the carrying out of terrorist operations.265 However, considerations of efficiency and effectiveness do not replace a profound legal analysis. As Judge Buergenthal in the Legal Consequences of the Construction of a Wall case 255 See e. g., SC Res. 611 (1988), of 25 April 1988, condemning as an act of illegal aggression Israel’s killing in Tunisia of a terrorist suspect for violating Tunisian territory. See also Alston, The CIA and Targeted Killings Beyond Borders, 2011, 17 et seq. 256 For a full account on the debate see Otto, Targeted Killings and International Law, 2012. 257 See Banks in: Bergen/Rothenberg (eds.), Drone Wars, 2015, 129 (130 et seq.). 258 Hance, OC13066. With more detail on civilian casualties see Alston, The CIA and Targeted Killings Beyond Borders, 2011, 38 et seq. 259 Farer/Bernard, Human Rights Quarterly 38 (2016), 108 (116); Duffy, The “War on Terror”, 2015, 413. 260 See Alston, The CIA and Targeted Killings Beyond Borders, 2011, 30. 261 See supra, mn. 43. 262 See ECtHR, Osman (fn. 188), para 115; ECtHR, el-Masri (fn. 81), para 220; Al Nashiri (fn. 194), paras 578 et seq. Further see ECtHR, Chahal (fn. 79), para 80. 263 Von Bernstorff/Asche in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, 79 (102 et seq.); Deiseroth, Deutsches Verwaltungsblatt 2017, 985 (987 et seq.). Different assessment with regard to the German constitution’s basic rights by Gärditz in: Miller (ed.), Privacy and Power, 2017, 401 (415 et seq.). 264 See the references made by Alston in: Fastenrath et al. (eds.), From Bilateralism to Community Interest, 2011, 1149 (1150). 265 Cf. Statman, Theoretical Inquiries in Law 5 (2004), 179 (192).

324

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:25 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

rightly stated, the means used to defend against terrorism must conform to all applicable rules of international law.266

1. “Targeted killings” and the international human rights regime This means, first and foremost, that outside situations of armed conflict, the human 58 right to life must be fully respected. Although the wording is slightly different, both Article 6 (1) ICCPR and Article 2 (1) ECHR prohibit any arbitrary deprivation of life.267 The term “arbitrary” within the meaning of Article 6 (1) ICCPR implies that the utmost consideration must be given to the principle of proportionality.268 Thereby, it is widely accepted that Article 2 (2) ECHR serves as the model for providing a fair yardstick for cases in which lethal force may be regarded as non-arbitrary.269 While the ECtHR has not had the opportunity to address the problem of “targeted killings” in particular, it has made clear, in its constant case-law, that the test to be employed in examining whether the use of lethal force is absolutely necessary, is a strict one.270 In McCann v. the United Kingdom (1995) the Court underlined, for the first time, that the force used must be strictly proportionate to the achievement of the aims set out in sub-paragraphs 2 (a), (b) and (c) of Article 2 ECHR.271 This test of proportionality requires that before resorting to the use of deadly force, all other measures leading to banning the risk in issue must be exhausted. Moreover, the purpose of lethal force must not be to kill, but to render the targeted person incapable of attack or escape, and its proportionality is only to be measured by reference to the gravity of the concrete danger which he continues to represent.272 The paradigmatic situation in which use of force would be justifiable is thus provided from a case where serious violence against the person to be protected is so imminent that trying to apprehend or arrest the perpetrator would allow him time to carry out his threat. Therefore, according to the ECtHR, in the example of a person possessing a bomb ready to be detonated, State authorities are allowed to shoot this person in order to protect the life of other persons in the area.273 On the contrary, somewhat “stretching” this concept of immediate danger into one of abstract danger or even of mere risk prevention is not permitted.274 The reason for this restrictive approach is evident. Intentional killings carried out 59 by State authorities in order to prevent harm to human life as part of the State’s duty to protect its citizens are normally entrusted to professional staff. The conditions for recourse to lethal force must, therefore, be stricter than in cases where an individual 266

See the Declaration of Judge Buergenthal on ICJ, Construction of a Wall (fn. 50), para 2. By contrast, Article 2 EU Charter of Fundamental Rights is worded as an absolute right. However, interventions in the right to life can be justified by Article 52 (3) EU Charter of Fundamental Rights, read in conjunction with Article 2 (2) ECHR, see Breuer in: Grabenwarter (ed.), Europäischer Grundrechteschutz, Enzyklopädie Europarecht, Vol. 2, 2014, § 7 mn. 58. 268 Cf., e. g., HRC, Concluding Observations on the Second Report of Israel, 21 August 2003, UN Doc. CCPR/CO/78/ISR, para 15. 269 See e. g., Nowak, UN Covenant on Civil and Political Rights, 1993, Article 6 mn. 14; Dinstein in: Henkin (ed.), The International Bill of Rights, 1981, 114 (119); Kretzmer, European Journal of International Law 16 (2005), 171 (177). 270 See ECtHR, McCann and Others v. the United Kingdom, Application no. 18984/91, Judgment of 27 September 1995, paras 146–7; McKerr v. the United Kingdom, Application no. 28883/95, Judgment of 4 May 2001, paras 108–9; Hugh Jordan v. the United Kingdom, Application no. 24746/95, Judgment of 4 May 2001, paras 102–4; Isayeva (fn. 66), para 173; Utsayeva and Others v. Russia, Application 29133/03, Judgment of 29 May 2008, para 169; Andreou (fn. 84), para 47. 271 ECtHR, McCann (fn. 270), paras 149–50. 272 See Melzer, Targeted Killing in International Law, 2008, 59; Kremnitzer in: Fleck (ed.), Rechtsfragen der Terrorismusbekämpfung durch Streitkräfte, 2004, 201 (202). 273 ECtHR, McCann (fn. 270), paras 146–50, 200. 274 More detailed Nolte, Theoretical Inquiries in Law 5 (2004), 111 (117 et seq.). 267

Schmahl

325

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:26 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

defends himself against an unlawful assault.275 State authorities must take appropriate care to ensure that any risk to the life of any person is minimised.276 Any deliberate, premeditated or intentional lethal strike against the perpetrator must, therefore, have a sufficient legal basis in domestic law. It also must not be of a punitive but of an exclusively preventive nature aiming solely at protecting human life from unlawful attack. It furthermore must be preceded by warnings and other precautionary measures. As to the facts, the information must be well-founded, strong, and convincing regarding the imminent threat the offender poses to human life.277 A thorough and independent retrospective investigation is required, regarding the precision of the identification of the target and the circumstances of the damage caused.278 Three additional conditions are to be added to all of these: first, “targeted killing” must not be carried out when it is possible to arrest a person, second, the “collateral damage” of civilians must not be disproportionate to the aim of the lethal strike, and third, the deliberate slaying must be the undesired ultima ratio, and not the actual aim, of an operation.279 60 Against this background, States may, in exceptional situations of emergency and in order to protect the life of their citizens, intentionally slay potential terrorists in a foreign State. Because of the outstanding importance that the right to life enjoys, these situations however demand that the principles of necessity and proportionality be strictly observed and that any other law enforcement measure is impossible. Thus, for example, a “shoot-to-kill” policy violates human rights law.280 Furthermore, the imminent threat must be unambiguously present.281 The difficulty of any preventive killing lies in the assumption of an uncertified criminal charge, not based on disclosed evidence. The rule of law demands, however, that every person be entitled to defend himself against any allegation in a public trial.282 Any other standpoint would imply that even in the absence of an armed conflict under international law a State may lawfully kill persons in the territory of another State. Such a result would undermine the very essence of human rights law.283 Although human rights instruments were initially conceived as the duties States assumed in relation to persons within their respective territories, this limiting interpretation has been rejected. In light of the recent decisions of the ECtHR, outlined above,284 human rights norms apply beyond national frontiers to all territories effectively controlled by a State. Even with respect to territory beyond their zones of continuous control, State responsibility is not anymore denied from the outset. Therefore, not only the intentional slaying but also the preceding gathering of intelligence for the exclusive purpose of assisting this “targeted killing” have to be considered as potentially violating human rights law. 275 Rightly so Kremnitzer in: Fleck (ed.), Rechtsfragen der Terrorismusbekämpfung durch Streitkräfte, 2004, 201 (203). 276 See ECtHR, McCann (fn. 270), paras 146–50; Isayeva (fn. 66), para 175. 277 See ECtHR, Avsar v. Turkey, Application no. 25657/94, Judgment of 10 July 2001, para 282; Isayeva (fn. 66), paras 172, 177. 278 ECtHR, McKerr (fn. 270), paras 111–3; Hugh Jordan (fn. 270), para 120; Kelly (fn. 188), para 114; Isayeva (fn. 66), paras 209–14. 279 For more details cf. Melzer, Targeted Killing in International Law, 2008, 222–39. 280 See UNHCR, Extrajudicial, summary or arbitrary executions, Report of the Special Rapporteur, Philip Alston, UN Doc. E/CN.4/2006/53, paras 44–54; see also Alston in: Fastenrath et al. (eds.), From Bilateralism to Community Interest, 2011, 1149 (1156). 281 Schmitt, Yale Journal of International Law 17 (1992), 609 (614). 282 Ben-Naftali/Michaeli, Cornell International Law Journal 36 (2003), 233 (250. 283 Rightly so Kretzmer, European Journal of International Law 16 (2005), 171 (185). 284 See supra, mns 17–18.

326

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:26 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

2. “Targeted killings” and the laws of armed conflict Whereas the preceding analysis has shown that “targeted killings” are only acceptable when obeying the strict prerequisites enshrined in human rights law, in armed conflicts other parameters might be applicable. Killing is a primary component of warfare. It is, of course, neither the aim of wars to liquidate a maximum number of persons, nor does the existence of an armed conflict provide “carte blanche” for the use of lethal force.285 Since human rights law does in principle not cease to apply in the context of armed conflict, any other conclusion would be erroneous. However, the Inter-American Commission stated that the combatant’s privilege is in essence, a licence to kill or wound enemy combatants and destroy other enemy military objectives.286 Consequently, lawful combatants cannot be prosecuted for lawful acts of war carried out during the course of military operations even if their behaviour constituted a serious crime in peacetime.287 Nevertheless, the law of armed conflicts, which to a substantial part reflects international customary law,288 does establish several conditions to be respected when killing a person. One of the basic rules of warfare provides that, in principle, only combatants are legitimate objects of the attacks. The killing of combatants in armed conflicts is justified by considering soldiers on both sides not as individuals, but as agents of their respective collective polities.289 They can therefore be wounded and killed, regardless of whether they actually pose an imminent threat to the enemy or not.290 Yet, even in this situation, i. e. when targeting combatants as a military objective, the principle of protecting human lives does not completely disappear. Targeting someone meeting the criteria of a combatant in armed conflict, but whose death does not comply with the principles of military necessity and humanity, is regarded as illegal.291 In an international armed conflict it is comparatively easy to determine who fulfils the criteria of a combatant. The armed forces of one State already differ visually from the military entities of another State. During combat armies, militias and volunteer corps must have a fixed emblem recognisable at a distance, carry arms openly and be commanded by a person responsible for his subordinates (see Article 4A of the Third Geneva Convention). Soldiers are obliged to wear uniforms in order to distinguish them from civilians protected by non-combatant status.292 In internal conflicts, on the contrary, the perceptibility of who is a combatant is considerably diminished as there are two or more groups that confront each other on the same territorial ground. International humanitarian law does not attribute a formal status to rebels in order to prevent any kind of international recognition of the fighters.293 Yet, until now, the practice of “targeted killing” has not been directed so much against regular combatants in international armed conflicts and not even against rebels in non285 See Ruys, Military Law and Law of War Reviews 44 (2005), 13 (37); Gasser, International Review of the Red Cross 84 (2002), 547 (557). 286 Inter-American Commission on Human Rights, Report on Terrorism and Human Rights, OEA/Ser. L/V/II.116, Doc. 5 rev. 1corr., 22 October 2002, para 68. 287 Dörmann, International Review of the Red Cross 85 (2003), 45 (45). 288 Cf. Israeli High Court of Justice (fn. 110), paras 19–20. 289 See Pictet, Development and Principles of International Humanitarian Law, 1985, 62; Gross, Political Studies 51 (2003), 350 et seq. 290 Cline, San Diego International Law Journal 15 (2013), 51 (76); Schmahl in: Tomuschat/Lagrange/ Oeter (eds.), The Right to Life, 2010, 233 (254). 291 Cf. Schmitt, Yale Journal of International Law 17 (1992), 609 (644). 292 Schmitt, Yale Journal of International Law 17 (1992), 609 (635). 293 See Doswald-Beck, International Review of the Red Cross 88 (2006), 864 (889).

Schmahl

327

61

62

63

64

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:27 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

international conflicts but rather against persons who are associated with irregular armed groups in what may or may not have been non-international armed conflicts.294 It is not the place here to elaborate whether the asymmetric “global war on terror” or whether concrete lethal actions against terror suspects may amount to an armed conflict under the Geneva Conventions and its Protocols or not. Views in this regard are considerably differing between US and European lawyers.295 However, there is unanimity in one point: in order to justify a “targeted killing” under legal premises, a State has to demonstrate that the conditions of an international or a non-international armed conflict are objectively met.296 The reference to the law of inter-state force, including self-defence and the jus ad bellum, by contrast, cannot justify “targeted killings”, since the criteria for lawful use of force in self-defence are distinct from the legal question whether drone killings can be justified by international humanitarian law.297 65 At a first glance, it might well be argued that a non-state armed actor, as regards his position and function as a member of an armed organisation, is fully comparable to a combatant in international armed conflicts. Terrorist organisations may be highly organised, and most terrorists spend major parts of their time on the tasks of the organisation that is education, armament and fighting.298 They, therefore, do not differ essentially from members of the armed forces. However, it seems problematic to equalise the status of a terrorist with that of a combatant. A combatant is relatively easy to identify as long as he fulfils the conditions laid down in Article 4A of the Third Geneva Convention. By contrast, it is often disputable whether a suspect is really a terrorist.299 References to suspected terrorists are often based on missing reliable and public evidence of the commission or preparation of terrorist acts. It is with good reason that Article 50 (1) Additional Protocol I (AP I) states that in case of doubt whether a person is a civilian or a combatant that person shall be considered to be a protected civilian.300 66 Against this background, and as the law of armed conflicts only distinguishes between “combatants” and “civilians”, suspected terrorists must, as a rule, be considered as belonging to the category of civilians. The hybrid category of “unlawful combatants” should not apply to them.301 It is true that terrorists generally do not conduct their operations in accordance with the laws and customs of war; instead they act to an extremely high degree as criminals.302 Nevertheless, even in those cases, they do not become combatants with minor or even without any rights at all. Not only numerous scholars but also the Israeli High Court of Justice rightly emphasise that the human dignity of terrorists is to be honoured; like all human beings they enjoy, and are entitled to, protection by customary international law.303 The doctrine 294 Nolte in: Wolfrum (ed.), Max Planck Encyclopedia of Public International Law, vol. IX, 2012, 763, mn. 12. 295 In favour, e. g., Banks in: Bergen/Rothenberg (eds.), Drone Wars, 2015, 129 (146); critical, e. g., Otto, Targeted Killings and International Law, 2012, 453–88, both with further references. 296 See Special Rapporteur Report (fn. 118), para 46. 297 See e. g., Tomuschat, Vereinte Nationen 2004, 136 (138); Moussa, International Review of the Red Cross 90 (2008), 963 et seq.; van Steenberghe, Israel Law Review 45 (2012), 107 et seq. 298 See Kremnitzer in: Fleck (ed.), Rechtsfragen der Terrorismusbekämpfung durch Streitkräfte, 2004, 201 (209); Paust, Yale Journal of International Law 28 (2003), 325 (332). 299 Ben-Naftali/Michaeli, Cornell International Law Journal 36 (2003), 233 (271). 300 Ruys, Military Law and Law of War Reviews 44 (2005), 13 (35). 301 The term “unlawful combatant” dates back to Ex Parte Quirin et al. 317 US (1942) 1, and was, during the Bush administration, used in characterising suspected terrorists. See e. g., Aldrich, American Journal of International Law 96 (2002), 891 (892). 302 See Stein in: Delissen/Tanja (eds.), Humanitarian Law of Armed Conflict, 1991, 567 (568). 303 Cf. Israeli High Court of Justice (fn. 110), para 25; Neuman, European Journal of International Law 14 (2003), 283 (298); Kretzmer, European Journal of International Law 16 (2005), 171 (192); Pejic

328

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:27 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

which has tried to create a ‘third category’ of persons within the laws of war by generating “outlaws” and “extra-legal spheres”, could not and shall not gain momentum. As distinct from combatants who might be targeted during an armed conflict, as 67 long as they are within a fighting force, civilians, as a rule, enjoy comprehensive protection of their lives, liberty, and property. However, civilians taking a direct part in hostilities are not protected from attack upon themselves at such time as they are so doing. This principle is manifest in Article 51 (3) AP I, according to which “civilians shall enjoy the protection afforded by this section, unless and for such time as they take a direct part in hostilities”. This rule is also enshrined in customary law.304 The essence of this principle is that a civilian who commits acts of combat does not lose his status as a civilian, but as long as he is taking a direct part in hostilities he does not enjoy, during that time, the protection granted to a civilian. When he is firing weapons or otherwise poses an immediate threat to others, he forfeits his noncombatant immunity. Yet, when not so engaged – before and after the operation – he enjoys, in principle, the protection accorded to civilians and must not be targeted for an attack.305 The decisive point, however, remains in defining when and if so, how long a civilian 68 is to be considered as participating directly in hostilities. According to a restrictive interpretation, “direct participation” within the meaning of Article 51 (3) AP I exclusively means acts of war which by their very nature or purpose are likely to cause actual harm to the personnel and equipment of the enemy armed forces.306 The Israeli High Court of Justice, in its landmark decision of 13 December 2006, however assumes that not only those civilians who bear arms before, during or after an attack are regarded as taking a direct part in hostilities. It holds that the term “takes direct part” should be interpreted widely. Also persons who collect intelligence on the army, who transport irregular forces to or from the place where the hostilities are taking place, who operate weapons which unlawful combatants use, or supervise their operation or provide services to them are encompassed by the definition of taking a “direct part” in hostilities.307 The reasoning behind this extensive interpretation of the term “takes direct part in hostilities” is that – different to conventional wars – in “wars” of terror the fighters regularly deliberately hide amongst or mingle with civilians and do not respect the laws and customs of warfare.308 In addition, a too narrow interpretation of the wording of Article 51 (3) AP I bears the risk that particularly the masterminds of terrorist attacks remain protected from any forceful response, because the direct harm to civilians’ lives is regularly carried out by others.309 Also the International Committee of the Red Cross (ICRC) has adopted, in 2009, 69 an Interpretive Guidance on the notion of direct participation in hostilities under international humanitarian law applicable in non-international armed conflicts. The ICRC Guidance largely conforms to the requirements established by the Israeli High in: Schmitt/Pejic (eds.), International Law and Armed Conflict: Exploring the Faultlines, 2007, 341 (341–2). 304 Cf. Israeli High Court of Justice (fn. 110), para 30. 305 See e. g., Watkin, American Journal of International Law 98 (2004), 1 (17); Dörmann, International Review of the Red Cross 85 (2003), 45 (72 et seq.). 306 See e. g., Sandoz/Swinarski/Zimmermann (eds.), Commentary, 1987, §§ 1942–45. 307 See Israeli High Court of Justice (fn. 110), para 35. 308 Statman, Theoretical Inquiries in Law 5 (2004), 179 (185–6); Banks in: Bergen/Rothenberg (eds.), Drone Wars, 2015, 129 (146). 309 See Kretzmer, European Journal of International Law 16 (2005), 171 (193).

Schmahl

329

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:28 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

Court of Justice.310 It identifies a category of persons which, although nominally still civilians, could be attacked at all times, like regular combatants, as long as they perform a “continuous combat function” for an organised armed group in a noninternational armed conflict.311 The ICRC thus recognises a “quasi-combatant category of persons” in non-international armed conflicts with direct implications for the permissibility of “targeted killing” in non-international armed conflict.312 On the other hand, the ICRC formulates three abstract criteria which must be met by each specific act of a civilian in order to constitute his direct participation in hostilities within the meaning of Article 51 (3) AP I: (1) a likely “threshold of harm”, which would be (2) “caused directly” by the act in question, and which must, in addition, (3) have a “belligerent nexus”, that is a nexus specifically designed to support the military operations of one party to the detriment of the other.313 This coincides with the statement of the Israeli High Court of Justice that an individual who merely sells food to an unlawful combatant, who distributes propaganda, or who provides other non-combat aid is not taking direct but rather an indirect part in the hostilities.314 70 A divergence between the ICRC Report and the Israeli judgment can, however, be seen in the “during and for such time” element of the definition of direct participation.315 The Israeli Court of Justice considers that a “civilian who has joined a terrorist organisation which has become his ‘home’, and in the framework of his role in that organisation he commits a chain of hostilities, with short periods of rest between them, loses his immunity from attack ‘for such time’ as he is committing the chain of acts”.316 Since the Court does not temporally limit the “chain of terrorist acts” committed, a target can theoretically be attacked at any time provided that he is still a member of a terrorist organisation. This includes the proverbial “farmer by day, fighter by night”.317 The ICRC, by contrast, attempts, by distinguishing between persons who perform a “continuous combat function” for an organised armed group and other persons who can only be subject to attack while committing a specific act of participation in hostilities, to establish more narrowly confined groups which would then exclude the targeting of a person on the basis of a mere “membership approach”.318 In the latter case, States’ response must instead conform to the lethal force standards applicable to law enforcement under the human rights regime.319 Yet, the High Court of Justice of Israel did not simply limit itself to the criterion of membership in a terrorist organisation but further stressed “four factors” which need to be taken into consideration in each case: (1) well-based information for meeting the armed forces’ burden of proof; (2) the determination of a lack of less harmful means, including the possibility to arrest; (3) a thorough and independent investigation after the attack; and (4) the respect for the 310 Similarly Nolte in: Wolfrum (ed.), Max Planck Encyclopedia of Public International Law, vol. IX, 2012, 763, mn. 17. 311 Assembly of the ICRC, Interpretive Guidance on the Notion of Direct Participation in Hostilities under International Humanitarian Law, 26 February 2009, IRRC 90 (2009), 991 (1007). 312 Nolte in: Wolfrum (ed.), Max Planck Encyclopedia of Public International Law, vol. IX, 2012, 763, mn. 14. 313 ICRC, Interpretive Guidance (fn. 311), 1016. 314 See Israeli High Court of Justice (fn. 110), para 35. 315 See Nolte in: Wolfrum (ed.), Max Planck Encyclopedia of Public International Law, vol. IX, 2012, 763, mn. 18. 316 Israeli High Court of Justice (fn. 110), para 39. 317 As to this proverb and the so-called “revolving door” theory, see von Kielmansegg, JuristenZeitung 2014, 373 et seq. 318 See ICRC, Interpretive Guidance (fn. 311), 1036. 319 Melzer, New York University Journal of International Law and Politics 42 (2010), 829 (859).

330

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:28 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

principle of proportionality with regard to innocent civilians nearby.320 Thus, although the ICRC identifies a more elaborate set of substantive criteria of persons classified as directly participating in hostilities, the Israeli Court recognises a more human rightsbased duty of the State to conduct an independent investigation after every case of “targeted killing”.321 In his Report of 2010, the UN Special Rapporteur on Extrajudicial, Summary or 71 Arbitrary Executions, Philip Alston, agreed with most of the general criteria developed by the ICRC and the Israeli High Court of Justice for the concretisation of the term “direct participation in hostilities”. He did, however, consider that “[t]he ICRC’s Interpretive Guidance raises concerns from a human rights perspective because of the ‘continuous combat function’ category of armed group members who may be targeted anywhere, at any time”.322 This new category in fact risks erroneously targeting someone who may have disengaged from their function.323 Yet most importantly, the Special Rapporteur, in broad consensus with the Israeli High Court of Justice, stressed the requirements under human rights and international humanitarian law for States to specify and make transparent their policies with regard to the use of lethal force and their effects,324 which includes collection and use of intelligence as well as verification mechanisms on the latter. States are obliged to publish the measures taken by them to control and limit the circumstances in which “targeted killings” take place, in and outside armed conflicts, to disclose measures in place to provide effective independent and public investigations of alleged violations of law, to ensure that their armed forces use reliable information to verify that a target is lawful, to ensure that attacks are proportionate and not done in revenge, and to provide effective advance warning to the population.325 The findings of the Special Rapporteur are to be agreed with. The ICRC Guidance’s 72 views lead to legal uncertainty with regard to the nearly timeless possibility of attacking a presumed terrorist.326 The greatest concern regarding the preventive use of force is, however, the difficulty of proving that a threat exists and that it cannot be neutralised by non-forceful means.327 The possible chilling effects of extra-judicial killings of a civilian without him posing an imminent threat to others should be carefully taken into account.328 As was seen in the past, “targeted killings” regularly provoke retaliations from the other side.329 This is so even more, since “targeted killings” by unmanned drones often cause the death of bystanders.330 Individual targeting always runs the risk of leading to escalation, and the vicious circle of violence continues, instead of being stopped.331 320

Israeli High Court of Justice (fn. 110), para 40. Nolte in: Wolfrum (ed.), Max Planck Encyclopedia of Public International Law, vol. IX, 2012, 763, mn. 19. Different assessment by Alston in: Fastenrath et al. (eds.), From Bilateralism to Community Interest, 2011, 1149 (1152). 322 Special Rapporteur Report (fn. 118), para 65. 323 Alston in: Fastenrath et al. (eds.), From Bilateralism to Community Interest, 2011, 1149 (1164). 324 Special Rapporteur Report (fn. 118), para 68. 325 Special Rapporteur Report (fn. 118), paras 87–93. 326 Eichensehr, The Yale Law Journal 116 (2007), 1873 (1876). 327 Rightly so Eichensehr, The Yale Law Journal 116 (2007), 1873 (1877); Ben-Naftali/Michaeli, Cornell International Law Journal 36 (2003), 233 (286 et seq.). 328 Nolte, Theoretical Inquiries in Law 5 (2004), 111 (128). 329 Several examples proof that targeted killing provoked murderous retributions, see David, Mideast Security and Policy Studies No. 51 (2002), 1 (9–12). 330 Farer/Bernard, Human Rights Quarterly 38 (2016), 108 (116). 331 Schmitt, Yale Journal of International Law 17 (1992), 609 (676); Schmahl in: Tomuschat/Lagrange/ Oeter (eds.), The Right to Life, 2010, 233 (265–6). 321

Schmahl

331

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:29 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law 73

Finally, the fact that the drone strikes are carried out not only by the military but also by intelligence agencies (which, at least, provide the necessary information of the possible target) heightens concerns as to the lawfulness of these attacks under international humanitarian law, particularly because of the absence of the normal framework of military command, transparency and control.332 Furthermore, it risks undermining the prospect of oversight, procedural safeguards and accountability.333 On the other hand, international law does, of course, not forbid those who are not members of the armed forces from participating in armed conflicts.334 Instead those who operate drones become “unprivileged belligerents” as long as they are directly participating in hostilities. Despite being civilians, they lose their protected status under the same conditions and interpretive premises of Article 51 (3) AP I as they do apply to suspected terrorists.335 As such CIA or other intelligence personnel can be lawfully targeted by the enemy and killed. If captured they would not be entitled to prisoners of war status or immunity from prosecution for murder under the domestic law of any country in which they conduct drone killings.336

D. Concluding assessment Whereas intelligence measures had previously, particularly in times of the Cold War, not been regarded as a human rights problem, since intelligence activities were mainly addressed against the State apparatus of the adversary, the parameters have changed greatly today. Threats to international security are no longer the exclusive result of State intervention, but increasingly the result of aggressive behaviour of non-state actors, i. e. terrorists, with a globally dispersed operational base. This multi-polar diversity of threats and the rapid development of communication technology have both led to a shift of paradigms in international security policies. Since terrorist suspects and their terror planning are usually hard to localise and to anticipate, intelligence monitoring and preventive activities have enormously expanded during recent years. 75 There is no doubt that the State has the positive duty to protect individuals against indiscriminate violence and brutality. The fight against terror is, in essence, the fight for the defence of one of the most fundamental human rights, the right to life of innocent persons.337 The State will fail in its duty to protect human lives where it knew or ought to have known that there was a real risk of violations and failed to take measures of prevention in respect of acts of terrorism that were available to it.338 76 Yet, as early as 2002, Judge Barak stated that the inevitable fight against terrorism should be conducted within, not outside the law.339 This view is entirely to be agreed 74

332 Cline, San Diego International Law Journal 15 (2013), 51 (109 et seq.); Duffy, The “War on Terror”, 2015, 426; Special Rapporteur Report (fn. 118), paras 79–85. 333 See Report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism (Martin Scheinin), UN Doc. A/HRC/10/3, 4 February 2009. 334 See Special Rapporteur Report (fn. 118), paras 70–1. 335 Correctly so Cline, San Diego International Law Journal 15 (2013), 51 (111); Deiseroth, Deutsches Verwaltungsblatt 2017, 985 (989). Similar assessment by Longobardo, Zeitschrift für ausländisches öffentliches Recht und Völkerrecht 77 (2017), 809 (829-33). 336 See Special Rapporteur Report (fn. 118), para 71; Banks in: Bergen/Rothenberg (eds.), Drone Wars, 2015, 129 (148); Cline, San Diego International Law Journal 15 (2013), 51 (112). 337 Francioni in: Fastenrath et al. (eds.), From Bilateralism to Community Interest, 2011, 908 (918). 338 See ECtHR, Osman (fn. 188), para. 103; see also Duffy, The “War on Terror”, 2015, 490. 339 Barak, Harvard Law Review 19 (2002), 116 (151).

332

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:29 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence and Human Rights

with. The present legal analysis has however shown that certain security measures of the intelligence agencies of several countries were, or continue to be, in contradiction to the international legal order. The enormous extension of surveillance significantly affects the communication behaviour and the right to privacy of a wide population at home and abroad, since it has moved away from the rule-of-law requirement of a concrete danger. The extensive use of terrorist profiles within the UN “targeted sanctions” scheme rubs along with two cardinal human rights: the principle of nondiscrimination on grounds of national origin and the right to procedural fairness. And, lastly, the expansion of intelligence activities from traditional intelligencegathering to “enhanced interrogation methods” and “targeted killing” risks shattering human rights in their core content. The overall predominant concern is however that unlike State’s armed forces, its intelligence agencies do not generally operate within a legal framework which places appropriate emphasis upon ensuring compliance with human rights and international humanitarian law. This renders violations more likely.340 This is all the more so with regard to pilotless drone killings, since operators are regularly based far away from the battlefield, and undertake operations entirely through computer screens and remote audio-feed. The risk of developing a “playstation” mentality to killing is high.341 Therefore, international law, unlike in times of the Cold War, can no longer simply 77 take note of the activities by the intelligence. The human rights implications are too obvious when intelligence actions against non-state actors result in torture or in death; and they are not less evident when intelligence measures interfere with the right to privacy of a multitude of individuals through the bulk collection of their communications and personal data.342 Not without cause are the intelligence agencies growingly criticised on the lawfulness of their operations, particularly for secrecy around their security programmes and continuing resistance to clarifying their legal base. While there are some moves towards more transparency, which is an indispensable element for upholding the rule of law,343 concerns regarding the lack of independent review remain.344 In addition, several intelligence actions fail the test of proportionality and legal certainty. Although the principle of proportionality is open to some flexibility in interpretation, particularly in times of emergency, human rights and the rule of law are more and more in danger of becoming “collateral damages” in the fight against terrorism.345 It is exactly the logic of terrorist attacks to force the State to make extensive, even 78 overstretched use of its competences in order to suppress terrorist threats, thereby debunking itself as illiberal and losing legitimacy. This logic must not gain momentum. Otherwise, the State threatens exactly what it claims to fight for: democratic governance on the basis of the freedom of its citizens. Therefore, measures which do not compromise basic human rights remain the best response to terrorism and, last not least, only these measure promise long-term success. The assumption that the State can guarantee absolute positive security is a pure fiction – not only in open 340

See Special Rapporteur Report (fn. 118), para 73. Rightly so Special Rapporteur Report (fn. 118), para 84. 342 Milanović, Harvard International Law Journal 56 (2015), 81 (140); Aust, Archiv des Völkerrechts 52 (2014), 375 (405). 343 Alston, The CIA and Targeted Killings Beyond Borders, 2011, 19. 344 Duffy, The “War on Terror” 2015, 426. For more detail see Cameron, The problem of oversight, Part 4 Chapter 3, in this volume. 345 See former UN Secretary General Kofi Annan, Statement to the 20 January 2003 Security Council ministerial meeting on terrorism, available at https://www.un.org/sg/en/content/sg/speeches/2003-01-20/ statement-kofi-annan-20-january-security-council-ministerial-meeting. 341

Schmahl

333

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:30 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

democratic societies, but also in autocratic States, as terrorist attacks all over the world show. Finally, the conception of absolute security in the frame of the struggle against terrorism seems often to be rather one-dimensional, exclusively focused on threats to life and limb. It neglects the dimension of security of individuals within the legal system itself, i. e. their protection from arbitrary actions of the State.346 If this dimension of the rule of law is abandoned, citizens might lose both: freedom and security. 346

334

Zöller, German Law Journal 5 (2004), 469 (474).

Schmahl

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:30 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2 National Security and EU law restraints on Intelligence Activities1 Satish Sule Outline A. Introduction ...................................................................................................................... B. National Security and the EU Legal Framework of Intelligence Activities ........ I. Distinction of EU law from national and international law......................... II. Applicability of EU law to intelligence activities and national security..... 1. Development of EU law: development of the “overlap” ........................... 2. “National Security” the Exception Clause of Article 4 (2) TEU ............ a) General concept of national security: Formal and Substantial approach ......................................................................................................... (1) National security: Formal approach ................................................. (2) National Security: Substantial approach.......................................... b) Definition of the Term “National Security” in EU law ....................... (1) Lack of definition in Primary and Secondary Law ....................... (2) Case law of the CJEU on national security..................................... (a) Schrems: national security of third countries........................ (b) From ZZ to Tele2: national/State security of Member States ............................................................................................... c) Definition of national security in ECHR case law................................ d) Definition in national law of (Member) States...................................... e) Result: elements that constitute national security................................. 3. Interim result: Areas of Overlap between EU law and national intelligence activities .......................................................................................... C. Intelligence activities between Member States .......................................................... I. EU law application to intelligence activities outside areas of national security ...................................................................................................................... 1. Original development (gap and closure by interpretation) ...................... 2. EU principles potentially restricting intelligence activities....................... a) Articles 2 and 7 TEU: Shared values of the EU .................................... b) Article 4 (3) TEU: cooperation clause ..................................................... (1) General structure and nature of Article 4 (3) TEU ...................... (2) Case law of the CJEU on Article 4 (3) TEU................................... (3) Specific obligations under Article 4 (3) last sentence: obligation to refrain ................................................................................................. c) Provisions of cooperation in specific areas: economic industry and employment ................................................................................................... II. Overlaps of EU law with intelligence activities in areas of national security ...................................................................................................................... 1. Exception to the general ban on espionage under Article 4(3) TFEU... 2. Exception to the argument of mutual trust among Member States....... 3. Possibility to monitor undemocratic and dangerous developments in another Member State....................................................................................... D. Intelligence activities between Member States and EU institutions..................... E. Intelligence activities of Member States aimed at individuals ............................... I. Restraints by Fundamental Rights: the ECHR and the EU Charter of Fundamental Rights (the Charter)...................................................................... II. Restraints of intelligence activities and transfer of their results under EU Competition law...................................................................................................... 1. Intelligence activities and the ban on State aids (Article 107 TFEU) .... a) Definition of State Aids and the Private Investor Principle............... b) Advantage to beneficiary ............................................................................

mn. 1 9 9 14 15 19 22 28 30 42 43 46 47 49 56 62 69 74 75 78 79 85 85 89 90 93 98 105 110 111 113 117 120 125 126 131 133 137 141

1 This Chapter reflects personal views of the author. It does not reflect the position of the European Commission nor does it bind the European Commission in any form.

Sule

335

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:31 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law c) Use of State resources.................................................................................. d) Distortion of competition and restriction of trade between Member States................................................................................................................ NB: Potential Consequences of breaches of EU law?.................................................... F. EU law restraints on intelligence cooperation........................................................... I. Demand for EU intelligence cooperation.......................................................... II. Legal restraints of further cooperation of Member States’ intelligence authorities at EU level and a European Intelligence agency......................... 1. Creation of a European Intelligence Agency ............................................... 2. Obligation to share intelligence in the area of (national) security ......... G. Conclusions .......................................................................................................................

142 144 147 148 149 157 158 164 167

Bibliography: Ahluwalia, The Question of the U-2 Incident and International Law, Indian Journal of International Law Vol. 1, 1960–61, p. 301 et seq.; Arnull, The European Union and its Court of Justice, Oxford, 2000; Aust, Stellungnahme zur Sachverständigenanhörung am 5. Juni 2014, available at: https:// www.bundestag.de/blob/282870/fc52462f2ffd254849bce19d25f72fa2/mat_a_sv-4-1_aust-pdf-data.pdf; Bergstein, The Contribution of Secret Services to European Defence, in: The Path to European Defence, Wogau (ed.), Antwerpen 2004, pp. 239 et seq.; Blanke in: Blanke/Mangiameli (eds.), The Treaty on European Union, Berlin 2013, Article 4; Bleckmann, Article 5 EWG-Vertrag und die Gemeinschaftstreue, DVBl 1976, et seq.; Bleckmann, Die Bindungswirkung der Praxis der Organe und der Mitgliedstaaten bei der Auslegung und Lückenfüllung es Europäischen Gemeinschaftsrechts: Die Rolle des Artikels 5 EWG-Vertrag, in: Bieber/ Ress, (eds.), Die Dynamik des Gemeinschaftsrechts, Baden-Baden, 1987, pp. 161 et seq.; Bodin, Les six livres de la Republiques (1583), German translation: Über den Staat, Stuttgart, 2011; Bogdandy/Schill, Overcoming Absolute Primacy: Respect for national identity under the Lisbon Treaty, CMLR 48, 2011, 1417–1454; Calliess, Kooperativer Grundrechtsschutz in der Europäischen Union, JRP 2015, pp. 17–34; Communication from the Commission to the European Parliament and the Council of 19.3.2014, A new EU Framework to strengthen the Rule of Law, COM(2014) 158 final/2; Communication from the Commission, Better regulation for better results An EU agenda, COM(2015) 215 final; Constantinesco, L’Article 5 CEE, de la bonne foi à la loyaté communitaire, in: Liber Amicorum Pescatore, Baden-Baden 1987, pp. 97 et seq.; Craig/ De Burca, EU law, 6th edition, Oxford, 2015; De Baere/Ross, EU loyalty as Good Faith, ICLQ vol. 64, October 2015, pp. 829–874; Dearlove, National Security and Public Anxiety, in: Johnson (ed.), The Oxford Handbook of National Security Intelligence, Oxford, 2010, pp. 33–39; Dietrich, Das Recht der Nachrichtendienste, in: Eiffler/Dietrich, Handbuch des Rechts der Nachrichtendienste, Stuttgart, 2017; Dittert, Article 346 AEUV, in: Von der Groeben/Schwarze/Hatje, Europäisches Unionsrecht, 7. Ed. Munich 2014; Donoghue, The Limits of National Security, 48 Am.Crim.l.Rev. 2011, pp. 1573–1756; Dougan, Judicial Review of Member State Action under the General Principles and the Charter: Defining the “Scope of Union Law”, CMLR 52, 2015, pp. 1201–1246; Dyzenhaus, Legality and Legitimacy, Oxford 1997; Fundamental Rights Agency (FRA), Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015; Giegerich, Zwischen Europafreundlichkeit und Europaskepsis – kritischer Überblick über die bundesverfassungsgerichtliche Rechtsprechung zur europäischen Integration, ZEuS 2016, pp. 3–47; Greenwald, No place to hide, London 2014; Grotius, De iure belli ac pacis libri tres, The Translation of the edition of 1646 by Kelsey, F., Vol. II, Oxford 1925; Gruszczak, Intelligence Security in the European Union, London 2016; Gusy, BNDG in: Schenke/Graulich/Ruthig, Sicherheitsrecht des Bundes, Munich 2014; Hancher/ Ottervanger/Slot, EU State Aids, 5th ed., 2016, London; Hancox, The meaning of “implementing” EU law under Article 51(1) of the Charter: Akerberg Fransson, CMLR 50, 2013, pp. 1411–1432; Heidenhain, European State Aid Law, Munich, 2010; Hobbes, Leviathan (1651), ed. by Tuck, Cambridge 2000; Huber, BND-Gesetzreform gelungen oder nachbesserungsbedürftig?, ZRP 2016, pp. 161–166; Isensee, Grundrecht auf Sicherheit, 1983; James Madison, Alexander Hamilton and John Jay, The Federalist Papers (1788), ed. by Issac Kramnick, 1987; Kahl, Artikel 4 EUV in: Calliess/Ruffert, EUV/AEUV, 5th ed., Munich 2016; Kant, Zum ewigen Frieden, {1791} Reclam edition, Stuttgart 1984; Kerschberg, Business Intelligence and Legal Matters Management, Forbes 26 April 2011, available at: https://www.forbes.com/sites/benkerschberg/2011/ 04/26/business-intelligence-and-legal-matter-management/#61b78a472d3c; Lenaerts, A perspective on the future of Judicial Dialogue in Europe, Speech delivered on 3 June 2016 at the European Network of Councils for the Judiciary (ENCJ), Warsaw (written version on file with the author); Körner (President of the Bavarian office for the Protection of the Constitution) speech given on 13 July 2016 at a conference in Brussels; see also https://www.hss.de/news/detail/geheimdienstkooperation-und-terrorbekaempfung-ineuropa-news157/; Krieger, The German Bundesnachrichtendienst, in: Johnson, (ed.), The Oxford Handbook of National Security Intelligence, 2010, pp. 791–805; Lowenthal, Intelligence From Secrets to Policy, 6th ed., Los Angeles et al. 2015; Lück, Die Gemeinschaft als allgemeines Rechtsprinzip im Recht der Europäischen Gemeinschaft, Baden-Baden, 1992; Mederer, Article 107, in: Schröter/Jakob/Klotz/Mederer, Europäisches Wettbewerbsrecht, 2nd ed., Munich 2014; Müller-Wille, Building a European Intelligence Community in

336

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:31 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities response to terrorism, Isis Europe, European Security Review, Number 22, April 2003; Müller-Wille, For our eyes only? Shaping an intelligence community within the EU, Institute for Security Studies, Occasional Papers No. 50, January 2004; Nathusius, Wirtschaftsspionage, Heidelberg 2001; Neumann, National security, culture and identity, in: Dunn Cavelty/Maurer, The Routledge Handbook of Security Studies, 2010, pp. 95–104; Niambirweki, Peacetime Intelligence Gathering Activities and International Law, The Indian Journal of International Law, 1990, pp. 44 et seq.; Oberson, Intelligence Cooperation in Europe the WEU Intelligence Centre and Situation Centre, in: Towards a European Intelligence Policy, Chaillot Paper 34, 1998; Obwexer, Artikel 4 EUV in: Von der Groeben/Schwarze/Hatje, Europäisches Unionsrecht, 7th ed. Munich 2014; Omand, Securing the State, London, 2010; Parish, On the private investor principle, ELR 28, 2003, pp. 70 et seq; Piekalkiewicz, Weltgeschichte der Spionage, Frechen 1988; Politi, Why is a European Intelligence Policy necessary? In: Towards a European Intelligence Policy, Caillot Paper 34, 1998, pp. 3 et seq.; Quigley, European State Aid Law and Policy, 3rd ed. Oxford, 2015; Research Division of the European Court of Human Rights, National Security and European case-law, 2013, available at: https://rm.coe.int/ 168067d214; Röhner, Sicherheit als rechtswissenschaftliche Praxis, KritV 2015, pp. 153–169; Rosas, EU External Relations: Exclusive Competence Revisited, Fordham International Law Journal, (Vol. 38) 2015, pp. 1073–1096; Rossi, Artikel 73 AEUV, in: Calliess/Ruffert, EUV/AEUV, 5th ed., Munich 2016; Ruffert/ Walter, Institutionalisiertes Völkerrecht, 2nd ed., Munich 2015; Rusche/Micheau/Piffaut/Van de Casteele, State Aid, in Faull/Nikpay, The EU Law of Competition, 3rd ed. Oxford 2014; Schermers/Pearson, Some Comments on Article 5 of the EEC Treaty, in: Festschrift für Steindorff, Berlin 1990, pp. 1359 et seq.; Schmahl, Effektiver Rechtsschutz gegen Überwachungsmaßnahmen ausländischer Geheimdienste?, JZ 2014, pp. 220–228; Schmitt, Der Begriff des Politischen (1932), 6th edition, Berlin 1996; Schmitt, Politische Theologie (1922), 7th edition, Berlin 1996; Shaw, International Law, 7th ed., Cambridge 2014; Sule, Spionage, Baden-Baden, 2006; Sule, The European Commission’s Pharmaceutical Sector Inquiry and Competition Law Enforcement, ZEuS 2010, Vol. 3, pp. 257–283; Talmon, Sachverständigengutachten gemäß Beweisbeschluss SV-4 des 1. Untersuchungsausschusses des Deutschen Bundestages der 18. Wahlperiode, 3 June 2014, paras 26 et seq., available at: https://www.bundestag.de/blob/282872/2b7b605da4c13cc2bc512c9c899953c1/ mat_a_sv-4-2_talmon-pdf-data.pdf; Temple Lang, Community Constitutional Law: Article 5 EEC Treaty, CMLR 27 (1990) pp. 645 et seq.; V. Bogdandy, in: Randelzhofer/Scholz/Wilke, (Hrsg.), Gedächtnisschrift für Eberhard Grabitz, Munich 1995; Vedder/Heintschel von Heinegg, Europäisches Unionsrecht, Munich 2012; Villadsen, Prospects for a European Intelligence Policy, in: Studies on Intelligence, Summer 2000, No. 9, unclassified edition; Ward in: Peers/Hervey/Kenner/Ward, The EU Charter of Fundamental Rights, Oxford 2014; Wegener, Artikel 337 AEUV, in: Calliess/Ruffert, EUV/AEUV, 5th ed., Munich 2016; White Paper on the Future of Europe, European Commission COM(2017)2025 of 1 March 2017; Wright, Legal Aspects of the U2-Incident, American Journal of International Law 1960, pp. 836 et seq.

A. Introduction Legal assessments of national intelligence activities have naturally been sparse for a 1 long time. First treatises focussed on criminal law offences relating to espionage activities of individuals, of potential consequences under international law for States caught carrying out intelligence activities in other States and with the age of transparency on national public law justifying and properly delineating a legal framework for such activities carried out by the State.2 There were no discussions or assessments of intelligence activities under EU law, 2 when carried out by Member States e. g. against other Member States or institutions of the EU. Nobody thought of it because no one saw any overlap between the policies and laws of an economically determined EC (i. e. later EU) and the activities of Member States’ intelligence agencies, since the latter were framed in national security law – if legally framed at all.3 In view of the fact that EU integration has substantially accelerated and evolved since 3 the conclusion of the Treaties of Rome in 1957 and the fact that intelligence activities may nowadays comprise any area of State activities or that of individuals, it is rather questionable if such a separation can be upheld. 2 3

See below mn. 9. See Sule, Spionage, 2006, pp. 233–239.

Sule

337

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:32 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

Firstly, the Snowden revelations have shown that not only surveillance of individuals and States by “friendly” third States, such as the US, is carried out,4 but also that Member States may be involved in such surveillance targeting other Member States or individuals therein.5 The scope of surveillance and intelligence activities need not be limited to so-called “traditional” areas of national security, such as information gathering on other States’ political and military policies or potential terrorist threats by individuals. Rather it may also include areas of economic activity, industrial developments, environmental matters and scientific research.6 5 Secondly, a clear separation between areas affected by Member States’ intelligence activities on the one hand and EU law on the other does not seem to be accepted by the EU institutions themselves. Following the Snowden revelations the European Parliament (EP) in its report and resolution of 12 March 2014 condemned the use of indiscriminate mass surveillance of EU citizens. It asked Member States to reassess the working methods of their intelligence agencies and their oversight mechanisms.7 Former Vice President and EU Justice Commissioner, Viviane Reding, in a press statement and with particular reference to the UK TEMPORA surveillance programme also made clear that she would not hesitate to start an infringement procedure under EU law, should any evidence come to light that a Member State has used such surveillance methods for matters not falling solely into the scope of national security.8 In fact, it was revealed that the German foreign intelligence service, the Bundesnachrichtendienst (BND), had used surveillance programs to monitor communications of EU officials as well as to gain economic information on European undertakings9, in order to transmit them to the government of the US. This raises the question of how far such activities are compatible with EU law, namely the Treaties. 6 Thirdly, regardless of Member States’ current disagreements on future EU integration steps, one might ask whether espionage activities by Member States against each other and each other’s citizens is still compatible with the spirit of the EU treaties in view of the achieved level of integration as well as the – at least proclaimed – common values to which all Member States adhere. The latter includes the respect for human rights, democracy and the rule of law (Article 2 TEU). One might argue that any Member State 4

See e. g.: Der Spiegel of 28 October 2013, “Der unheimliche Freund”, pp. 20–26. See on the use of selectors by the German BND e. g. Spiegel Online of 14 October 2015, “BND spionierte europäische und US-Ziele aus”, at: http://www.spiegel.de/politik/deutschland/bnd-spionierteusa-und-andere-partnerlaender-aus-a-1057851.html, last visited on 13 April 2018 and Frankfurter Allgemeine Zeitung of 15 October 2015, “BND spionierte Partnerstaaten auch auf eigene Faust aus”, at:http:// www.faz.net/aktuell/politik/inland/bnd-affaere-spionage-von-partnerstaaten-auf-eigene-faust-13857520. html, last visited on: 13 April 2018; Handelsblatt of 4 May 2015, pp. 1, 4, 5, 12; Frankfurter Allgemeine Zeitung of 25 April 2015, p. 1. 6 See e. g. Lowenthal, Intelligence – From Secrets to Policy, 6th ed., 2015, pp. 384–391. 7 European Parliament resolution of 12 March 2014 on the US NSA surveillance programme, surveillance bodies in various Member States and their impact on EU citizens’ fundamental rights and on transatlantic cooperation in Justice and Home Affairs [2013/2188(INI)] :http://www.europarl.europa.eu/ sides/getDoc.do?type=TA&reference=P7-TA-2014-0230&language=EN&ring=A7-2014-0139 last visited on: 13 April 2018. 8 Speech by Vice President of the European Commission, Viviane Reding, “A data protection compact for Europe” of 28 January 2014, available at: http://europa.eu/rapid/press-release_SPEECH-14–62_en.htm, last visited on: 13 April 2018: “Where there is no link to EU law, national security is an area of Member State competence. The hands of the Commission are tied. But let me be clear. If I come across a single email, a single piece of evidence that the TEMPORA programme is not used purely for national security purposes, I will launch infringement proceedings. The mass collection of personal data is unacceptable”. 9 Extensive coverage in Handelsblatt of 4 May 2015, pp. 1, 4, 5, 12; Frankfurter Allgemeine Zeitung of 25 April 2015, p. 1. 4 5

338

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:32 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

that claims to respect and promote these values, should also be bound by them, as referred to by EU law. Last but not least, news of the lack of communication between Member States in the 7 immediate wake of the Paris terrorist attacks in November 2015, and subsequent attacks across the EU raise concerns about the current state of intelligence cooperation. Current and developing global threats and risks for Member States and individuals include international terrorism, proliferation, organised crime, unstable third countries within Europe’s vicinity or potential common environmental threats. They beg the question if intelligence cooperation and coordination between the Member States and EU institutions should not be improved, possibly even within an EU legal framework. This chapter will first look at the applicability of EU law to intelligence activities with 8 particular emphasis on the notion of national security. It will then turn to an analysis of potential legal restraints on intelligence activities among the Member States as well as between Member States and EU institutions. Finally it will examine potential legal restraints on future intelligence cooperation within the EU before drawing its conclusions.

B. National Security and the EU Legal Framework of Intelligence Activities I. Distinction of EU law from national and international law For a long time there had been very little legal academic discussion about intelligence 9 activities. This was mostly due to the fact that hardly any solid information about such activities was publicly available.10 Limited treatises on espionage had occasionally surfaced in the 20th century, particularly in the context of the U2 incident of 1960 when a US reconnaissance airplane was shot down over USSR airspace and a number of questions of international law were raised. Hence, emphasis lay on the admissibility of espionage activities under international law.11 Following the end of the Cold War increasing transparency about national intelligence agencies and a clear establishment of their legal basis in EU Member States like Germany or the United Kingdom, contributed to an increase of academic legal analysis.12 The latter focussed on national constitutional law aspects and often on fundamental right questions.13

10 First modern legal examinations under international law stem from the onset of modern times with treatises by Hugo Grotius, which found the employment of spies to be legally admissible, but also the punishment of the later: Grotius, De iure belli ac pacis libri tres, The Translation of the edition of 1646 by Kelsey, F., Vol. II, Oxford 1925, Liber III, Cap IV, § XVIII, 3. For historical overview of legal assessments of espionage until the beginning of the 20th century see: Sule, n. 3, pp. 45–57. 11 Wright, Legal Aspects of the U2-Incident, American Journal of International Law 1960, pp. 836 et seq. (841); Ahluwalia, The Question of the U-2 Incident and International Law, Indian Journal of International Law Vol. 1, 1960–61, pp. 301 et seq. (305); for further information see Talmon, Sachverständigengutachten gemäß Beweisbeschluss SV-4 des 1. Untersuchungsausschusses des Deutschen Bundestages der 18. Wahlperiode, 3 June 2014, paras 26 et seq., available at: https://www.bundestag.de/blob/282872/ 2b7b605da4c13cc2bc512c9c899953c1/mat_a_sv-4-2_talmon-pdf-data.pdf, last visited on: 13 April 2018; Schmahl, Effektiver Rechtsschutz gegen Überwachungsmaßnahmen ausländischer Geheimdienste?, JZ 2014, pp. 220–228, 221 et seq.; in-depth overview: Sule, n. 3, pp. 59–102. 12 Sule, n. 3, pp. 23–27, 203, Dietrich, Das Recht der Nachrichtendienste, in: Eiffler/Dietrich, Handbuch des Rechts der Nachrichtendienste, 2017, pp. 249–293, 266–268. 13 Id.

Sule

339

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:33 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

There are no international conventions dealing with intelligence activities with the exception of the Hague War Convention14 and very few court decisions on the subject under international law or national law.15 On the other hand, most EU-Member States have a legal basis for activities of their intelligence agencies,16 even if their form and level of detail may differ widely.17 Without going into the details of legal analysis of intelligence activities by States under international law and national law, the following picture seems to emerge. The majority of scholars seem to agree with Grotius’ original assessment that espionage activities by States are not forbidden under international law, neither are counter-espionage measures taken by States.18 This seems to be confirmed by the PCIJ judgement in the Lotus case, insofar as it stated a general liberty of States to take any measures under international law, as long as there is no explicit ban under international law.19 Certain collateral activities, however, such as the intrusion by the U2 airplane into Soviet airspace, may very well constitute breaches of international law.20 11 At national level, it is generally accepted that State necessity requires the need for intelligence activities, which has resulted in the abovementioned different legal basis in the EU Member States. At the same time each Member State sanctions foreign espionage activities through its national criminal law. The latter will only affect the individual caught but not his or her sending State. This is due to the international law principle of State equality and its consequence that no national law can be applied to another State.21 12 However, when assessing potential EU law restraints on national intelligence activities, the specific quality of EU law as an order sui generis needs to be taken into account. It needs to be recalled that although EU primary law, i. e. the European Union Treaty and the Treaty on the Functioning of the EU, are rooted in international law, their provisions as well as all subsidiary legal instruments form a specific legal order as clarified by the early case law of the CJEU. 13 In its decision of Van Gend en Loos, the CJEU held that EU law (Community law at the time) constituted a new legal order of international law. It underlined that for its benefit the States had limited their sovereign rights within limited fields and that this legal order produces direct effect, e. g. in cases of clear and unconditioned obligations in the Treaty.22 In Costa/ENEL the CJEU complemented this with a supremacy claim of EU law over national law where the two conflicted and required national authorities including courts not to apply national law in such cases.23 While these principles have generally been accepted by the Member States, it needs to be pointed out that some of 10

14 Articles 29–31 HLKO gave a definition of a spy during times of war and clarified his status, in particular the guarantee of a fair trial of any spy caught red-handed; see e. g. Sule, n. 3, pp. 63–65. 15 Noteworthy are the ICL decision in the Nicaragua case, ICJR 1986, pp. 14 et seq.; as well as an obiter dictum of a special Dutch post-war tribunal: Re Flesche (1949), ILR Vol. 16, 1955, Section 266 et seq. (271). Both decisions seem to accept the admissibility of peace-time espionage, as far as pure clandestine intelligence gathering activities are concerned, but not any accompanying collateral actions that infringe another State’s sovereignty. For an overview on the limited case law see Sule, n. 3, pp. 65–67 and 93–95. 16 See Fundamental Rights Agency (FRA), Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015, p. 27 counting 26 of 28 Member States with a “regulation of intelligence services by law”. 17 For examples on Germany, UK and France see the final three chapters of this book by Leigh, Dietrich and Le Develic, in part 5 in this volume, as well as overview by Sule, n. 3, pp. 111–239. 18 See overview by Sule, n. 3, pp. 73 et seq.; Talmon, n. 10. 19 The Case of the S.S. Lotus (1927), PCJI, Series A, No. 9, pp. 18 et seq. 20 Niambirweki, Peacetime Intelligence Gathering Activities and International Law, The Indian Journal of International Law, 1990, p. 44 (57); Sule, n. 3 pp. 72, 77 et seq. 21 Shaw, International Law, 7th ed., Cambridge 2014, pp. 155 et seq. 22 CJEU Case 26/62 Van Gend en Loos, [1963] ECR 1, p. 12. 23 CJEU Case 6/64 Flaminios Costa v. ENEL [1964] ECR 585.

340

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:33 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

the Member States’ highest courts, in particular the German Federal Constitutional Court, have upheld special national reserves in cases where they see essential constitutional guarantees endangered.24 As a consequence when assessing EU law restraints of intelligence activities, primary and secondary EU law need to be examined as relevant legal parameters.

II. Applicability of EU law to intelligence activities and national security The origins of EU law, namely the ECSC Treaty of 1951 as well the EEC and the 14 Euratom Treaties revolved around a closer cooperation and integration of (certain) economic activities of Member States. Their framework, thus, was designed to only cover isolated areas of Member States policies. At the time any potential overlaps with intelligence activities may have been far from obvious. However, the continuing development of further integration of EU policies parallels with the increase of potential overlaps between EU law and Member States intelligence activities.

1. Development of EU law: development of the “overlap” The abovementioned original treaties on the ECSC, EEC and Euratom neither 15 mentioned nor regulated intelligence activities of Member States. There are three potential, alternative reasons for this lack of regulation: an intended non-regulation by EU law, an intended gap to be regulated by EU law, or an unintended gap in EU law.25 In the first case the Contracting parties may not have wanted to regulate the matter 16 by the Treaties because they wanted general international law to continue to apply to the area of intelligence activities (intended non-regulation). In this case international law would remain applicable and intelligence activities generally admissible. In the second scenario the Contracting parties may have intentionally left the matter open in order for it to be covered by general clauses and the spirit of the Treaty. Article 31 (1) of the Vienna Convention on Law of Treaties provides for an interpretation in good faith in accordance with the ordinary meaning to be given to the terms of the treaty in their context and in the light of its object and purpose.26 In such a case, object and purpose of the Treaty itself would need to be taken into account as well as any other general clauses of the Treaty, which could be applied to close the gap. Finally, in the third scenario (the unintended gap) the Contracting parties did not even see a potential overlap of EU law and Member States activities. This is likely since they originally only intended the Treaties to regulate few enumerated areas of the Member States’ economic activities. Furthermore, the economic emphasis of the Treaties at that time eclipsed ideas of potential long-term political integration.27 Arguably this approach lasted until the eighties of the last century.28 At the same time intelligence activities of Member States were focussed very much on obtaining political and military (secret) information, a period covered also by the time of the Cold War, when most intelligence activities were 24 See e. g. BVerfGE (“Solange I”), decision of 29 May 1974 2 BvL 52/71 (= BVerfGE 37, 271); BVerfG, (“Solange II”) decision of 22 October 1986 2 BvR 197/83 (= BVerfGE 73, 339); BVerfG (Maastricht) decision of 31 March 1998 2 BvR 1877/97 (=BVerfGE 89, 155); BVerfG (Europäischer Haftbefehl) decision of 03 September 2009 2 BvR 1826/09; for an overview see Craig/De Burca, EU law, 6th edition, 2015, pp. 278 et seq. and Giegerich, Zwischen Europafreundlichkeit und Europaskepsis, ZEuS, 2016 pp. 3–47. 25 See Sule, n. 3, pp. 248 et seq. 26 See also: Shaw, n. 21, p. 676. 27 Craig/De Burca, n. 24, pp. 4 et seq. 28 See e. g. description by Craig/De Burca, n. 24, pp. 6–13.

Sule

341

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:34 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

directed against the Eastern European Countries of the Warsaw Pact.29 The case of an unintended gap does not answer the question whether the contracting parties would have preferred it to be closed by application of general international law rules or general clauses and principles of EU law. At the same time, the CJEU’s continuous dynamic interpretation of the EU treaties would suggest that one would have to examine potentially applicable general clauses of EU law and the aims of the Treaties as to their superiority over general international law, before turning to the later.30 17 Political integration increased with the Single European Act of 1986 and the threepillar structure of the Maastricht Treaty, which for the first time saw European intergovernmental cooperation in the areas of Common Foreign and Security Policy (second pillar) and Justice and Home Affairs (third pillar).31 No mention of intelligence activities or agencies was made. But second and third pillar mechanisms required unanimity of all Member States in any of their decisions. This reflected the clear will of the Member States to remain solely responsible for the areas of security, foreign and home affairs, i. e. opposing any supranational EU rules in this area. It also would suggest that Member States would consider intelligence activities to be part of foreign and security policies as well as home affairs. In other words they might have considered overlaps of intelligence activities with the second and third pillar of the Treaty, but not with the first pillar of the economic treaties of the EU. 18 With the Lisbon Treaty system Member States have finally acknowledged the problem of interpreting potential overlaps of national security activities, including intelligence activities, with areas of EU law. Hence, Article 4 (2), third sentence TEU states that national security remains a sole responsibility of the Member States. This clarification was deemed necessary in view of the increasing cooperation in the areas of foreign and security policy as well as home affairs.32 However, this statement has at best only partially dealt with the problem of potential overlaps of intelligence activities and EU law. It leaves open three questions First: How do we define national security in order to delineate intelligence activities connected to it? Second: How do we assess such activities under EU law? And third: What is the legal framework for the remaining intelligence activities (not covered by the definition of national security). These questions will be looked at in turn.

2. “National Security” the Exception Clause of Article 4 (2) TEU 19

Article 4 (2), second sentence TEU states that the Union will respect the essential State functions of its Member States, including ensuring the territorial integrity of the State, maintaining law and order and safeguarding national security. The provision thus establishes a clear obligation of the EU vis-à-vis its Member States, namely the obligation not to interfere in the areas mentioned. Article 4 (2), third sentence TEU then explicitly recalls that national security remains the sole responsibility of the Member States. This particular emphasis was inserted into the Lisbon Treaty at the 29 See e. g. Piekalkiewicz, Weltgeschichte der Spionage, 1988, pp. 424–494 and Krieger, The German Bundesnachrichtendienst in: Johnson, (ed.), The Oxford Handbook of National Security Intelligence, 2010, pp. 791–805, (797). 30 As clarified by the Court early on in the case Case 26/62, Van Gend en Loos, n. 22 and as e. g. recognised by Lord Denning in the case of Bulmer v. Bollinger {1974} 2 all E.R. 1226 at 1237; see also Craig/De Burca, n. 24; pp. 63 and 189 et seq.; Oppermann, Europarecht, 3rd ed., Munich 2005 § 7, para 19 and § 8, para 18; Arnull, The European Union and its Court of Justice, Oxford 2000, pp. 515 et seq. 31 See description by Craig/De Burca, n. 24; pp. 10–13. 32 See e. g. Vedder in: Vedder/Heintschel von Heinegg, Europäisches Unionsrecht, 2012, Article 4 EUV, paras 2 and 12; Blanke in: Blanke/Mangiameli (eds.), The Treaty on European Union, Article 4, paras 78 et seq.

342

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:35 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

conference of 2007. It was due to the Member States concern that increasing cooperation of counter-terrorism action at EU level might impinge on their competence to maintain internal security at national level.33 This limitation of EU competences is furthermore actionable before the CJEU, a 20 progress from the former three-pillar structure that had denied the CJEU any jurisdiction in the areas of Common Security and Defence policy according to the old Article 46 TEU.34 In order to establish whether and how EU law provisions or principles might apply to 21 intelligence activities by Member States, it is thus necessary to clearly define the concept of “national security”, since the latter forms the basis of a substantial part of national intelligence activities. a) General concept of national security: Formal and Substantial approach The concept of national security is often referred to in political discussions and 22 treatises as well as legal texts. It is often referred to as a main if not the main purpose of the public entity we call the State.35 In this vein it is also referred to as an objective, the attainment of which may impose limitations on actions of all members of society, e. g. competences of State actors or fundamental freedoms and human rights of its citizens. In a democratic transparent society that abides by the rule of law, such limitations in the name of national security will be rather the exception than the rule. They will be clearly defined and proportionate to their aim. These conditions have in particular been developed and elaborated by the case law of the ECtHR.36 However, given that the term “national security” is referred to in numerous national 23 ones as well as international legal documents, it is surprising that such texts hardly provide a definition of the concept. Thus, no such definition, for instance, is supplied by the TEU, which refers to national security in Article 4 (2) or elsewhere in European Union law. Questions by the EP to the Commission to clarify the scope of this concept have not yielded an exhaustive definition.37 Rather the Commission has pointed to the Member States prerogative of assessing a national security issue: “It is for each Member State to decide if in a given situation the criteria of ‘safeguarding national security’ have been fulfilled, and if so, whether it avails itself in such a situation of the exceptions provided for under Union law. In doing so, Member States are bound by their national constitutions to ensure that their national intelligence systems are used in a proportionate and responsible manner, respecting the rights of their citizens and the legitimate security interests of other States.”38 At the same time in view of this sole responsibility it has also

33 See Obwexer in: Von der Groeben/Schwarze/Hatje, Europäisches Unionsrecht, 7th ed., Article 4 EUV, para 46. 34 See also Vedder, n. 32, para 16. 35 See e.g. Omand, Securing the State, 2010, pp. xviii, 2, 9. 36 See e. g. Klass and Others v. Germany, 6 September 1978, Series A no. 28; Leander v. Sweden, 26 March 1987, Series A no. 116; Dragojevic v. Croatia, 15 January 2015, no. 68955/11; for further information on ECHR case law see also paras 56–61 below. 37 See e. g. parliamentary questions E-006381-14 by MEP In’t Veld of 27 August 2014 (available at: http:// www.europarl.europa.eu/sides/getDoc.do?pubRef=-%2f%2fEP%2f%2fTEXT%2bWQ%2bE-2014-006381% 2b0%2bDOC%2bXML%2bV0%2f%2fEN&language=EN) and E-008730-15 by MEP Sargentini of 30 May 2015 (available at: http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-%2f%2fEP%2f%2fTEXT% 2bWQ%2bE-2015-008730%2b0%2bDOC%2bXML%2bV0%2f%2fEN&language=EN); all last visited on 13 April 2018. 38 Reply to E-008730-15 by Commissioner Avramopoulos on behalf of the Commission of 12 October 2015 available under: http://www.europarl.europa.eu/sides/getAllAnswers.do?reference=E-2015008730&language=EN, last visited on 13 April 2018.

Sule

343

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:35 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

24

25

26

27

28

proclaimed that “the Commission, when preparing legislation, carefully scrutinises that the envisaged measures fall within the competence of the Union”.39 On national level, Donoghue has pointed to the fact that the US National Security Act ,1947 refers more than 100 times to “national security” but does not offer a legal definition.40 Similarly presidential directives on national security by the George W. Bush and the Obama administration referred to national security thirty-three times, equally without any definition.41 Röhner similarly points out that within European and particularly, German security discussions competences of the State to restrict individual rights are increasingly legitimised while useful legal definitions of the term “security” are not even attempted.42 The latter statement underlines the necessity of a definition. Where a concept is used in legal context, entailing the transfer of rights and the imposition of obligations (and in particular limitations of fundamental rights of individuals), the concept needs to be clear to all persons affected by it.43 Hence, the rule of law demands a clear description of the concept, accessible to all concerned. Otherwise it would be open to wanton discretion of authorities to invoke a state of particular national security situations entitling them to take far-reaching measures that adversely impact on society and the individual. Finally, a definition of national security is necessary in order to delineate competences and powers between different actors. It could help to draw a clear line between competences of Member States on the one hand and the European Union on the other according to Article 4 (2) TEU. In view of the current lack of a definition, and particularly in the context of Article 4 (2) TEU, two different approaches to define national security are conceivable: one of form and one of substance. (1) National security: Formal approach. Whereas a substantial definition might enumerate or abstractly describe elements essential to national security, a formal one would focus on the process and the actor claiming the case of national security. For instance, the fact that Article 4 (2) third sentence TEU refers to the Member States’ sole responsibility for national security without further describing it, may suggest that it is left to the Member States to define it. In such a case the definition of national security is one of pure form: It only comprises one procedural element: It demands that the actor wishing to make use of the term “national security”, simply decides him or herself where it applies and where not. He or she only needs to formally take this decision. This “decisionist” approach echoes the political legal thinking of German constitutional lawyer Carl Schmitt of the 1920s and 1930s, who famously stated: “Sovereign is whoever decides on the case of emergency.”44 In line with his beliefs “real life” manifested itself in the case of “exception” or emergency45 just as any political grouping would always be formed by an emergency,46 without defining the case of “emergency” in substance. This 39 Reply to Q E-006381-14 by President Barroso on behalf of the Commission of 16 October 2014 available under: http://www.europarl.europa.eu/sides/getAllAnswers.do?reference=E-2014-006381&language=EN, last visited on 13 April 2018. 40 Donoghue, The Limits of National Security, 48 Am.Crim.l.Rev. 2011, pp. 1573–1756 (1579). 41 Donoghue, n. 40, pp. 1581–82. 42 Röhner, Sicherheit als rechtswissenschaftliche Praxis, KritV 2015, pp. 153–169, 157. 43 See e. g. ECtHR, Klass and others v. Germany, n. 35, which pointed out the need for a clear legitimate base for surveillance measures and accepted the German G 10 law, including its definition of national security, paras 44–46; see also above Schmahl Intelligence and Human Rights, Part 4, Ch. 1 in this volume. 44 Schmitt, Politische Theologie (1922), 7th edition, 1996, p. 1. 45 Schmitt, n. 44, p. 21; see also Caldwell, Popular Sovereignty and the Crisis of German Constitutional Law, 1997, p. 97. 46 Schmitt, Der Begriff des Politischen (1932), 6th edition, 1996 p. 39.

344

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:36 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

approach is reflected by the so-called Copenhagen School within the debate on security studies as illustrated by Röhner: By simply claiming an existential danger to a particular object, which allows the employment of unusual means, detaching State actors from otherwise binding rules, national security is invoked.47 This “claiming act” is labelled “securitisation”.48 It thus negates any clear legal rules and simply refers back to a purely political decision in the sense of Carl Schmitt. This is particularly done by distinguishing the political unity, which needs to be protected from the so-called threatening “others”.49 The need of delineating one identity by “othering” another as a potential threat in the context of national security has also been pointed out by Neumann.50 How to distinguish these two groups of “we” and “they” though is left to the decision-maker, i. e. remains purely political. In a similar manner Gruszczak speaks of national security cultures, where security is subject to national sovereign interests, individual actions and collective policies based on shared beliefs and a sense of community.51 This seems to indicate that each “community” or “culture” will on its own define the scope of “national security”. Applied to Article 4 (2) TEU this approach would clearly (re-)assert the sovereign 29 character of the Member States. However, it would at the same time flatly contradict the concept of EU law as a supranational legal order, where Member States have actually limited their sovereignty in concrete areas. Hence, this approach does not address the scenario of overlap, i. e. where a Member State claims national security in actions that prevent the implementation of EU law. Also, it would ignore the CJEU’s monopoly to rule on questions of interpretation of Member States obligations under EU law as manifested in Article 267 TFEU, a competence that in the context of national security will be discussed below.52 International law treatment of a similar phenomenon seems to strengthen this interpretation: Article 2 (7) of the UN Charter prohibits “the United Nations to intervene in matters which are essentially within the domestic jurisdiction of any State”. However, what falls within such a domestic jurisdiction is not for the State to decide. Rather it has to be defined by international law. Otherwise, each State could define unilaterally the scope of competence of the UN.53 (2) National Security: Substantial approach. Any attempt to define national security 30 on the basis of substantial elements on the other hand would have to refer back to the main purpose of the State, as e. g. extrapolated by political philosophers and theorists. Building on these main elements some academics and intelligence practitioners either refer to abstract elements and/or list a number of concrete institutions and interests of protection, which seem to recur. They could be seen as a common core of what constitutes national security. Within such a substantial approach reference to subjective and objective concepts of 31 security need to be differentiated. One school of thought seems to equate the citizens’ subjective perception of safety in his or her everyday life with national security. 47

See Röhner, n. 42, pp. 163 et seq. Id. 49 Röhner, n. 42, 165. 50 Neumann, National security, culture and identity, in: Dunn Cavelty/Maurer, The Routledge Handbook of Security Studies, 2010, pp. 95–104 (96). This is equally reflected in Carl Schmitt’s claim that identity of a group is determined by distinguishing people in friend/enemy categories, Schmitt, n. 45, pp. 26–27; see also Dyzenhaus, Legality and Legitimacy, Oxford 1997, pp. 38 et seq. 51 Gruszczak, Intelligence Security in the European Union, London 2016, p. 153. 52 See paras 47–55 below. 53 Ruffert/Walter, Institutionalisiertes Völkerrecht, 2nd ed., para 199; see also: Permanent Court of International Justice, 7 February 1923, Advisory Opinion No. 4, Nationality Decrees Issued in Tunis and Morocco, 4, p. 24, available at http://www.refworld.org/cases,PCIJ,44e5c9fc4.html, last visited on 13 April 2018. 48

Sule

345

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:37 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

Another school rather refers to objective criteria that indicate a threat to safety when claiming national security issues.54 Thus, former UK Intelligence and security coordinator in the Cabinet Office Sir David Omand sees a shift of national security interests from a traditional aim of ensuring territorial integrity during the Cold War55 to a more general aim of establishing a state of trust by the public that risks and hazards to everyday life such as terrorist attacks or pandemics are adequately managed, thereby allowing continuous functioning of society.56 This suggests using the citizens’ subjective perception of security as an indicator for the case of national security. Former Chief of the UK Security and Intelligence Service, Sir Richard Dearlove, also refers to the citizens’ general fear of threat to their own safety regardless of its source. But at the same time he highlights the lack of precision if the latter were the only defining element of national security.57 In fact, even if subjective fear and objective threats may overlap,58 they will never be identical and the former bear the risk of political manipulation.59 Subjective fears may be created and heightened with few or even without any concrete objective grounds. Recent increases in false news underline this.60 32 A brief look at the historical development of discussing national security shows a struggle to enumerate a number of objective elements it might consist of. 33 With the advent of modern States in the 16th and 17th century modern philosophers underlined their main purpose of granting security for their citizens. Bodin, already in 1583, enumerated the protection and defence of its subjects as one of the State’s existential matters.61 But it was Hobbes, referred to regularly in security debates,62 who went further to proclaim that not only one but the State’s (or “commonwealth’s”) final cause was to ensure preservation of its citizens.63 This would in particular allow defending them from foreign invasion as well as injury by each other.64 The State’s main purpose thus was to guarantee peace and defence65, i. e. protection from external threats as well as internal turmoil. 34 When defending the newly adopted US Federal Constitution, the authors of the Federalist Papers argued for an efficient strong national, federal government. John Jay argued such a government instead of numerous small ones of numerous individual States to be best placed to grant “safety”, which he considered the peoples’ first object.66 54

See overview by Röhner, n. 41, pp. 155 et seq. Omand, n. 35, p. 10. Omand, n. 35, p. 9. 57 Dearlove, National Security and Public Anxiety, in: Johnson (ed.), The Oxford Handbook of National Security Intelligence, 2010, pp. 33–39, p. 39. 58 Dearlove, n. 57, p. 37. 59 Dearlove, n. 57, p. 37; Isensee, Grundrecht auf Sicherheit, 1983, p. 26; Röhner, n. 42, pp. 155 et seq. 60 See e. g. BBC trending, November 2016, The rise and rise of fake news; available at: http://www.bbc. com/news/blogs-trending-37846860; Georgetown SCS, Jan. 25, 2017, When Everything Is “Fit to Print”: The Rise of Fake News available at: https://scs.georgetown.edu/news-and-events/article/5933/when-everything-fit-print-rise-fake-news; Hofseth, Fake news propaganda and influence operations, Reuters institute, 14 March 2017, available at: http://reutersinstitute.politics.ox.ac.uk/risj-review/fake-news-propagandaand-influence-operations-guide-journalism-new-and-more-chaotic; FAZ of 13 June 2017: Das Netz ist ein Einkaufsparadies für Hetzer, at: http://www.faz.net/aktuell/politik/inland/fake-news-hetzer-im-internet-fuer-wenig-geld-kaufbar-15059708.html, all sites in this footnote last visited on: 13 April 2018. 61 Bodin, Les six livres de la Republiques (1583), German translation: Über den Staat, Stuttgart, 2011, pp. 9, 101 (original page numbering). 62 Röhner, n. 42, p. 157. 63 Hobbes, Leviathan (1651), ed. by Tuck, 2000, Chapter 17, p. 117. 64 Hobbes, n. 63, p. 120. 65 Hobbes, n. 63, Chapter 18, paras 6 and 10, pp. 124, 126. 66 Jay in: James Madison, Alexander Hamilton and John Jay, The Federalist Papers (1788), ed. by Issac Kramnick, 1987, Number III, p. 94. 55 56

346

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:37 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

While he conceded that according to circumstance large room for a definition of such “safety” existed, he focussed on a number of concrete dangers to safety which a federal government in his view was better placed to deal with, namely security for the preservation of peace, as well as against foreign military attacks and influence,67 as well as from war between the States of the Union.68 Similarly, Alexander Hamilton, defined the purpose of the Union to protect “the common defense of its members, the preservation of the public peace against internal convulsions as external attacks”. He added “the regulation of commerce with other nations and between the States; the superintendence of our intercourse, political and commercial with foreign countries”.69 The latter might be achieved by concentrating on elements that guarantee the 35 viability of the State, such as its territorial integrity or the functioning of its main constitutional bodies in the legislative, judicial and executive branches. Dearlove points to former conflict risks between States as main national security 36 concerns, which were complemented by new, global (partly strategic) threats, such as terrorist attacks but also disruptive impacts of extreme weather events caused by climate change or pandemics.70 He suggests concentrating on core national security concerns that could threaten the viability of the State, when referring to national security.71 A look at discussions on a legal definition of national security in the US context is 37 also useful. Donoghue thoroughly examined security policy aims by governments throughout US history. Her analysis shows a number of elements that have been the focus of security policy during different periods, namely protection from threats to the Union,72 international independence and economic growth,73 territorial integrity in view of all future foreign policy decisions,74 protection of the existence of political institutions and the constitutional structure of the national government75 especially from nondemocratic ideologies76 as well as undue corporate interests influence,77and adding matters such as terrorism, armed conflict, organized crime, drugs offences, economic growth, climate change and pandemic disease as national security concerns in the postcold war period.78As regards terrorism, drugs offences and crime in general she points out that the latter are perceived as a threat to national security, at least if they reach a certain volume or intensity, as they may disrupt the political, economic and institutional structure of a State.79 At the same time Donoghue points to the risks of expanding the concept of national security from existential threats to all conceivable risks to society: As the concept is linked to less transparent decision-making mechanisms, restrictions on legal remedies as well as inter-institutional oversight and control, its expansion in definition would render important activities of public authorities less accountable and remove them from democratic control.80

67

Jay, n. 66 pp. 94 et seq. Jay, n. 66, Number VI et seq., pp. 104 et seq. 69 Hamilton, in James Madison, Alexander Hamilton and John Jay, The Federalist Papers (1788), ed. by Issac Kramnick, 1987, Number XXIII, p. 184. 70 Dearlove, n. 57, pp. 33 et seq., 37. 71 Id. 72 Donoghue, n. 40; p. 1611. 73 Id. at p. 1596. 74 Id. at p. 1668. 75 Id. at p. 1664. 76 Id. at pp. 1664, 1670. 77 Id. at pp. 1623 et seq. 78 Id. at p. 1706. 79 Id. at 1748 et seq. 80 Id. at 1752 et seq. 68

Sule

347

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:38 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

On an international level, the Johannesburg Principles of 1996, drafted by experts in the fields of international law, national security and human rights defined national security as: “protect{ing} a country’s existence or its territorial integrity against the use or threat of force, or its capacity to respond to the use or threat of force, whether from an external source, such as a military threat, or an internal source, such as incitement to violent overthrow of the government.”81 39 Turning to EU law and with a view to the concept of national security as referred to in Article 4 (2) TEU there are no clear suggestions for defining it in academic discussions. It has been pointed out that the essential State functions listed in that paragraph, namely the territorial integrity of the State, maintaining law and order and safeguarding national security, in fact overlap, and that they certainly include internal and external security.82 A different view is that internal and external security are much wider in scope than national security which should not be regarded to include regular enforcement of law and order but rather limited to existential security matters of the Member States.83 This discussion will have to be reviewed in the context of the CJEU’s case law on security.84 40 From the above, it follows that most attempts in political (intelligence) theories to define the concept of “national security” by substantial elements, include the following recurring objects of protection: the territorial integrity of a State (i. e. against external military threats), the functioning of its constitutional organs and the essential functioning of its political and its economic system.85 41 This might form a common minimal denominator and starting point for an objective definition of national security. 38

42 43

b) Definition of the Term “National Security” in EU law As already mentioned primary EU law does not offer any definition of the term “national security”. (1) Lack of definition in Primary and Secondary Law. The TEU mentions the concept of national security but does not define it, neither does the TFEU or any other primary source of EU law. Primary law uses a number of similar terms which cannot always be clearly distinguished, national security in Article 4 (2) TEU and Article 73 TFEU, essential interests of security in Article 346 para 1 (b), internal security in Articles 24 para 3 TEU and Articles 71, 72 TFEU, external security in Article 24 para 3 TEU and finally public security [such as in Articles 34, 45 para 3, Article 52 para 1, Article 65 para 1 (b)]. All of these concepts exceptionally allow Member States to derogate from generally existing legal obligations under the Treaties, albeit seemingly with different degrees. The most telling distinction is the following: The concept of national security under Article 4 (2) third sentence TEU could be read to completely exempt the Member States’ activities from the application of EU law. By contrast the term public security as used in the provisions on the TFEU’s fundamental freedoms [as in Articles 34, 45 para 3, Article 52 para 1, Article 65 para 1 (b)] allows restrictions of 81 Johannesburg Principles on National Security, Freedom of Expression and Access to Information, Article 19, Principle 2(a), available at: https://www.article 19.org/data/files/pdfs/standards/joburgprinciples.pdf, last visited on 13 April 2018. 82 Vedder, n. 32, Article 4 EUV, para 12. 83 Obwexer, n. 33, para 45. 84 See subsequent sub-section. 85 In this context the protection of “functioning” does not include protection against occasions of “malfunctioning” or disturbances but rather against threats of a breakdown of the systems. The former are dealt with by general law enforcement mechanisms of the State, but only the latter can be subject of special measures under “national security”. See below mns. 69 et seq. of this Chapter.

348

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:38 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

those freedoms but subject to strict conditions, particularly the principle of proportionality86, in other words it is not per se exempted from EU law application. In a similar way essential interests of security of a Member State have to be rather qualified as an exceptional justification to derogate from general obligations under EU law than as a clause allowing for exempting a whole area of policy from EU application.87 Thus, while the concept of “national security” under Article 4 (2) third sentence TEU seems to remove measures under the national security principle, not only from EU law in substance but also procedurally from judicial review by the CJEU, the concepts of public security and essential interests of security constitute exceptions, the use of which has been constantly and strictly checked and monitored by the CJEU.88 Secondary EU Legislation offered some guidance in the field of data protection. 44 Directive 95/46/EC aimed at the protection of personal data.89 Its Article 3 (1) exempted applicability of the directive from data processing concerning public security, defence and State security (including a State’s economic well-being where processing concerns State security). Similarly, 2002/58/EC (e-Privacy Directive), which aims at protecting privacy in electronic communication, in its Article 1 (3) contains the same clause. Some have qualified all of the above elements to be a concretisation of Article 4 (2) third sentence, i. e. “national security”.90 This, however, seems rather questionable in view of the fact that at least one of these elements, “public security”, is, as already pointed out, used within primary law in different provisions as a concept that allows restrictions of individual rights, e. g. the classic four freedoms, but is subject to the principle of proportionality and thus judicial review by the CJEU. “National security” on the other hand seems to be phrased more widely. It might be intended to completely exempt national security from the application of EU law and thus from any substantial review by the CJEU. As a consequence public and national security cannot be read to be identical concepts unless one wanted to invalidate the primary law system of fundamental freedoms and their restrictions. The e-privacy Directive in its Article 15 (1), furthermore, equals national security to 45 State security without giving any further definition. It is noteworthy that national security is listed next to defence and public security suggesting that the latter two are 86

Craig/De Burca, n. 24, pp. 786 et seq. See CJEU, Case C-387/05, Commission v. Italy [2009] ECR I-11831 as well as Dittert in: Von der Groeben/Schwarze/Hatje, Europäisches Unionsrecht, 7. Aufl. Article 346 AEUV, para 2. 88 See the established case law of the CJEU on restrictions of the freedoms under the TFEU see e. g. cases CJEU, C-41/74, Van Duyn v. Home Office, [1974] ECR 1337; C-30/77, Regina v. Bouchereau [1977] ECR 1999; C-131/79, Regina v. Secretary of State for Home Affairs, ex parte Santillo [1980] ECR 1585; C340/97, Nazli and Others [2000] ECR I-00957; more recently: CJEU, C-145/09 Land Baden-Württemberg v. Panagiotis Tsakouridis [2010] ECR I-11979. See also overview by Craig/de Burca, n. 24, pp. 786 et seq. 89 Directive EC 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, which has been replaced by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). This regulation entered into force on 4 May 2016 and is applicable since 25 May 2018. Furthermore, in the area of police and judicial cooperation Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA entered into force on 5 May 2016. Member States had to transpose it into their national law by 6 May 2018. 90 Aust, Stellungnahme zur Sachverständigenanhörung am 5. Juni 2014, para 64, available at: https:// www.bundestag.de/blob/282870/fc52462f2ffd254849bce19d25f72fa2/mat_a_sv-4-1_aust-pdf-data.pdf, last visited on: 13 April 2018; Schmahl, n. 10, p. 224. 87

Sule

349

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:38 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

not part of the former. Beyond this, however, Article 15 of Directive 2002/5/EC seems of limited help. However, the CJEU in its judgement in the Tele2 case clarified its interpretation as will be shown in the context of its case law below. 46

(2) Case law of the CJEU on national security. The case law of the CJEU seems somewhat unclear given that different cases mention different terms of security such as “public security” in its case law from Van Duyn to Tsakouridis91, “State security” in the cases of ZZ92 or Commission v. Italy93 with Member States in their statements referring to “national security” in these last two cases.

47

(a) Schrems: national security of third countries. There is little CJEU case law on the concept of “national security”. However, some of its decisions revolve around the concept of “State security”. In Schrems the CJEU clarified that it would fully review decisions by the institutions such as the Commission when they touch upon “national security” of a third country.94 Here the CJEU annulled the Commission’s “Safe Harbour” decision of 2000. This decision, taken under Article 31 of the Directive 95/ 46/EC, had – until the CJEU judgement – allowed the transfer of personal data to the US on the basis that the Commission had acknowledged that the US offered an adequate level of protection of personal data. This adequacy was generally acknowledged where a third State adhered to a number of principles of data protection when processing data (“safe harbour principles”). After revelations about mass surveillance by US intelligence and security authorities,95 this had been called into question by individuals in national court proceedings in Ireland and Austria, which led to the preliminary rulings procedure at the CJEU. In fact the Commission itself had issued grave concerns as regards the level of protection of personal data and access to justice in situations where the US processed personal data for the purpose of protecting national security.96 As a consequence it had started negotiations with the US with a view to revise its adequacy decision of 2000, leaving it however in place for the time being. The CJEU in its decision noted that the adequacy decision had in a general way established primacy of national security and public interest or law enforcement requirements over safe harbour principles.97 It held that the decision enabled interference with fundamental rights (namely Articles 7 and 8 of the EU Charter of fundamental rights) of persons whose data were transferred from the European Union. The Court noted that the decision contained no findings by the Commission regarding the existence in the US of rules adopted by the State intended to limit such interference.98 It also held that legislation permitting public authorities to have access on a generalised basis to the content of electronic communication must be regarded as compromising the essence of the fundamental right to respect for private life, as guaranteed by Article 7 of the Charter.99 Furthermore, it criticised the lack of any possibility for an individual to 91

See references at n. 88. CJEU, Case C-300/11, ZZ v. Secretary of State for the Home Department, Judgment of the Court (Grand Chamber), 4 June 2013, ECLI:EU:C:2013:363. 93 CJEU, Case C-387/05, Commission v. Italy [2009] ECR I-11831. 94 CJEU Case C-362/14 Schrems (Maximillian Schrems v. Data Protection Commissioner), Judgment of the Court (Grand Chamber) of 6 October 2015, paras 84 et seq., ECLI:EU:C:2015:650. 95 For an overview on disclosure of NSA surveillance by Edward Snowden, see e. g. Greenwald, No place to hide, London 2014. 96 Communication of the Commission to the European Parliament and Council of 27 November 2013, COM(2013) 846 Final, Rebuilding Trust in EU-US Data Flows, p. 2, available under: http://eur-lex.europa. eu/procedure/EN/1041464, last visited on: 13 April 2018. 97 Schrems, n. 94, para 86. 98 Schrems, n. 94, paras 87 et seq. 99 Schrems, n. 94, paras 94 et seq. 92

350

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:39 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

pursue legal remedies in order to have access to personal data relating to him or her or have them rectified or erased.100 These were held to be minimal conditions that the Commission should have examined. As a consequence the CJEU declared the adequacy decision invalid. The CJEU in this case did not define national security, but acknowledges that the 48 Commission allowed for derogations by a third country from the safe harbour principles. It was not a critical issue that special derogations might be necessary in this area. Rather it criticised that the Commission had at no point published any examination of the third country’s rules as to any limitations of interference with fundamental rights or means of judicial remedies where that country processed data in the interest of, inter alia, national security. The Commission, by way of giving carte blanche, had allowed processing of personal data transmitted from the EU detached from any safe harbour rules. The decision shows that where the Commission acts under EU law and where such actions may concern national security of third countries, the CJEU will not refrain from reviewing such acts even in the light of national security issues. It remains to be seen how far the court will enter into reviewing justifications of restrictions on fundamental rights by a third country’s national security.101 (b) From ZZ to Tele2: national/State security of Member States. In the case of 49 ZZ102 the CJEU, in a preliminary ruling procedure, had to rule on the question of whether a Member State had infringed the fundamental right of access to a judicial remedy under Article 47 of the Charter (as well as under relevant secondary law), by not disclosing to the person concerned material upon which a decision had been taken to refuse entry of that person to the Member State on grounds of public security. Another Member State claimed the request for a preliminary ruling to be inadmissible103 as it touched upon matters of State security (sic) under Article 4 (2) and Article 346 (1)(a) TFEU, which remained the responsibility of solely the Member States. The Court rejected that argument. It pointed out that it was under a general obligation to give a ruling on European Union law where a national court has asked for it, but also that it might refuse to rule on a case where the interpretation of European Union law, which is sought, bears no relation to the actual facts of the main action.104 In the proceedings at hand, though, it held that the latter was not the case, as the interpretation of secondary Union law on free movement as well as Article 47 of the Charter was in question.105 Referring to the previous decision of Commission v. Italy106 it also clarified that the mere fact, that a decision concerned State security could not result in European Union law being inapplicable. It then continued to examine the imposed restrictions on access to a judicial remedy 50 and concluded that a State invoking “State security” would have to prove to the national court, which had to interpret applicable EU law in the case, that State security would in fact be compromised by precise and full disclosure to the person concerned of the 100

Schrems, n. 94, para 95. In fact the new adequacy decision of the Commission, Commission Implementing Decision 2016/ 1250 of 12.7.2016 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection provided by the EU-U.S. Privacy Shield, has already been challenged before the General Court and is pending, Case T-670/16, Digital Rights Ireland v. Commission; see: http://curia. europa.eu/juris/document/document.jsf?text=&docid=185146&pageIndex=0&doclang=EN&mode=lst&dir=&occ=first&part=1&cid=790760, last visited on: 13 April 2018. 102 CJEU, Case C-300/11, ZZ v. Secretary of State for the Home Department, n. 91. 103 ZZ, n. 92, para 35. 104 ZZ, n. 92, para 37. 105 ZZ, n. 92, para 38. 106 Id. referring to CJEU, Case C-387/05, Commission v. Italy, n. 93. 101

Sule

351

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:39 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

grounds which constitute the basis of the decision.107 It also clarified that the national court, where it was convinced of the issue of State security, had to strike the right balance between protecting the latter on the one hand and the right to effective judicial protection on the other, keeping the restriction of the latter right to what was strictly necessary.108 51 Already in the aforementioned case of Commission v. Italy, the Court had rejected the argument that measures taken by Member State to ensure their internal and external security would be entirely outside the scope of Community law.109 Rather, it argued that an inherent general Treaty exception excluding all measures taken for reasons of public security from the scope of Community law could not be inferred. Otherwise this could impair the binding nature of Community law and its uniform application.110 Hence, the court included derogations under (the old) Articles 296 and 297 TEC in its judicial review.111 It made clear that the derogations provided for in Article 296 [now: Article 346] for a Member State to take measures, it may consider necessary for the protection of essential interests of its security, did not confer on the Member State, a power to depart from the Treaty provisions based on no more than reliance on those interests.112 52 In the case of J.N. the CJEU had to review Article 8 (3) lit (e) of Directive 2013/33 laying down standards for the reception of applicants for international protection, which had been used by a Member State to detain on the grounds of national security and public order.113 In this context, the Court interestingly did not directly define national security, although the abovementioned provision clearly mentioned the term. It rather held that the concept of public security “covers both the internal security of a Member State and its external security”. It went on to state that “a threat to the functioning of institutions and essential public services and the survival of the population, as well as the risk of a serious disturbance to foreign relations or to peaceful coexistence of nations or a risk to military interests may affect public security”.114 In the concrete case, it held the challenged provision of Directive 2013/33 to be compatible with the EU Charter of fundamental rights.115 53 Ultimately, the CJEU clarified in the case of Tele 2 that it would reserve its power to scrutinise Member States’ actions as to their compatibility with the EU law, namely the EU Charter of Fundamental Rights, in areas of EU law, even where the Member States took such actions in the interest of national security.116 It reviewed (Swedish and UK) national legislation that provided for general and indiscriminate retention of traffic and location data as well as access by national authorities to such data. It did so in the light 107

ZZ, n. 92, para 61. ZZ, n. 92, para 64. 109 Commission vs. Italy, Fn. 93, para 45. 110 Id. 111 Commission vs. Italy, Fn. 93, para 46, these articles now correspond to Articles 346 and 347 TFEU. 112 Commission vs. Italy, Fn. 93, para 47. 113 CJEU C-601/15 PPU J. N. v. Staatssecretaris van Veiligheid en Justitie, judgment of 15 February 2016, ECLI:EU:C:2016:84. 114 CJEU C-601/15 PPU J. N. v. Staatssecretaris van Veiligheid en Justitie, n. 113, para 66. 115 CJEU C-601/15 PPU J. N. v. Staatssecretaris van Veiligheid en Justitie, n. 113, paras 73 et seq., 82. 116 CJEU C-203/15 Tele2 Sverige, judgment of 21 December 2016, ECLI:EU:C:2016:970, paras 88 et seq. 119. Note, that the subsequent opinion of the CJEU of 26 July 2017 on an envisaged agreement between Canada and the EU on the transfer and processing of Passenger Name Record data did not touch the notion of “national security” but focussed on the agreement’s purpose of enhancing “public security” to fight terrorism and serious transnational crime. It found the envisaged agreement to be incompatible with Articles 7, 8 and 52 (1) of the EU Charter of fundamental rights, CJEU Avis 1/15 Accord PNR UECanada, ECLI:EU:C:2016:656. 108

352

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:40 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

of Article 15 (1) of the e-privacy directive.117 It held such national measures to contravene fundamental rights of privacy, data protection, freedom of expression and the general guarantees in cases of restriction as protected by Articles 7, 8, 11 and 52 (1) of the Charter. The Court specifically referred to the possibility of making use of exemptions provided for by Article 15 (1) of the directive, as long as the principles of proportionality were respected, but found this to be lacking in the case at hand. The fact that the measures were partly introduced in the interest of national security did not preclude the Court from reviewing the national measures.118 The CJEU may further clarify the application of EU law to measures taken by a Member State to ensure national security in the case of Privacy International.119 The first two judgements (ZZ and Commission v. Italy) show, firstly, that the CJEU 54 seems to accept the equation of national and State security. Secondly, it seems to be ready to review any issue of validity or interpretation of EU law where there is an overlap with national or State security. It clarified that it was not sufficient for a Member State authority to simply claim State security. Rather, there is no presumption that the reasons invoked by a national authority exist and are valid.120 Thirdly, the court seems to be ready to review to a certain extent measures taken in view of national or State security as to their proportionality, where they interfere with applicable EU law. However, it seems that the court will be rather deferential where essential State 55 policies are concerned, in particular those of national, State or public security as already indicated in the case of J.N. above but also in the case of Campus Oil Ltd.121 In this preliminary ruling procedure the court was asked to clarify whether certain State measures aimed at protecting a minimum of domestic refined oil supplies could be justified on the grounds of public policy and public security. The court held that while the measures concerned had an equivalent effect to a quantitative restriction on imports according to (the old) Article 30 TEC [=Article 34 TFEU], they could be justified under (old) Article 36 TEC [=Article 36 TFEU].122 Although there were already Community measures in place requiring Member States to maintain minimum stocks of oil and petroleum products,123 the court acknowledged a residual risk of petroleum shortages in the event of a crisis.124 Nevertheless, the court pointed to the exceptional importance of oil as an energy source for a country’s existence, which justified the measures.125 Interestingly, one Member State, the UK, in its observations had pleaded for a restrictive interpretation of the term “public security” in this context, i. e. to cover (only) a fundamental interest of the State such as the maintenance of essential public service or 117

I.e. Directive 2002/58/EC, see above, paras 44–45. CJEU C-203/15 Tele2 Sverige, n. 116, paras 88 et seq. 119. 119 C-623/17 Privacy International v. Secretary of State for Foreign and Commonwealth Affairs and Others; (Reference for a preliminary ruling from the Investigatory Powers Tribunal London (United Kingdom) made on 31 October 2017 at the time of writing the case is still pending). 120 ZZ, fn. 92, para 61, Commission vs. Italy, Fn. 92, para 47. 121 See e. g. CJEU, Case 72/83 Campus Oil Ltd. v. Minister for Industry and Energy (1984) ECR 2727, paras 34 et seq. as well as Craig, quoted in Craig/De Burca, n. 24, p. 552. Similarly, the Court took a cautious approach in C-474/12 Schiebel Aircraft, judgment of 4 September 2014, ECLI:EU:C:2014:2139; the case, similar to Com v. Italy, n. 93, concerned the exclusion of one company from military contracts with the Austrian government by reason of the nationality of one of the company members. The Austrian government argued that national security precluded such a contractual relationship, as provided for by Article 346 TFEU. The court ruled that in this case it was for the national court, to verify whether the Member State was able to show that such derogation was necessary in order to protect its essential security interests. 122 Campus Oil Ltd., n. 121, para 34. 123 Campus Oil Ltd., n. 121, para 28. 124 Campus Oil Ltd., n. 121, para 30. 125 Campus Oil Ltd., n. 121, para 34. 118

Sule

353

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:40 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

to enable the life of the State to function safely and effectively, but not to predominantly attain economic objectives.126 Thus, essential functioning of the State seems to be at the heart of the CJEU decision in the context of “public security” as regards this particular case. c) Definition of national security in ECHR case law 56 Outside EU law the European Convention on Human Rights (ECHR) refers to national security in some of its Articles (namely Article 8 para 2, Article 10 para 2 and Article 11 para 2) as the first legitimate aim that may necessitate a restriction of these human rights, i. e. the right to respect for a private and family life, as well as the right to freedom of expression and information and freedom of assembly and association.127 Thus national security together with public security, the economic well-being of a State, the maintaining of public order, the prevention of crimes, the protection of health and morals as well as the protection of the rights and freedoms of others, form the only exhaustively listed legitimate goals that allow a restriction of certain rights under the ECHR, such as in Article 8 para 2 ECHR. 57 In its case law the European Court of Human Rights (ECtHR) did not give an exhaustive definition of the term “national security”.128 The European Commission of Human Rights had earlier on allowed for a certain elasticity of the term.129 Thus, it seems that the wide margin of appreciation allocated to the States regarding national security, covers interpretation of the term as well as the State’s selection of restrictive measures to protect national security. Indeed, the court has left interpretation of the term “national security” to the States, while enumerating some aspects that in its view definitely fall under the concept. At the same time it has not shied away from reviewing the restrictive measures taken by the States as to their legal basis and proportionality.130 58 Hence, the ECtHR in most cases did not define the term “national security”, but accepted the State’s margin of appreciation to assess whether national security was concerned, when it took a restrictive measure.131 In the case of Klass it expressly accepted that imminent dangers threatening the free democratic constitutional order, the existence or security of the Federation, or of a Land, the security of the allied armed forces stationed on the territory of the Republic, as mentioned in the German legislation under review in this case constituted elements of “national security.”132 In this case the court in particular mentioned espionage and terrorism as two threats to national security.133 The legislation concerned, the so-called G10, had been designed to monitor private communication of citizens under certain conditions in order to protect the abovementioned interests. When amended several years later, the G10 was again challenged by citizens before the ECtHR in the case of Weber and Saravia.134 In this 126

Campus Oil Ltd., n. 121, Oral Procedure, p. 2741. For an examination of the impact of intelligence activities on fundamental/human rights see Schmahl, Chapter 1, Part 4 in this volume above. 128 See: Research Division of the European Court of Human Rights, National Security and European case-law, 2013, paras 4 et seq.; available at: https://rm.coe.int/168067d214, last visited on: 13 April 2018. 129 Id.; see also: Christie v. the United Kingdom, no. 21482/93, Commission decision of 27 June 1994, DR 78‐A. 130 Research Division of the European Court of Human Rights, n. 127, para 27; ECtHR, Klass and others v. Germany, n. 35; Leander v. Sweden, n. 35. 131 See e. g.: ECtHR, Klass and others v. Germany, n. 36, paras 44–46; ECtHR, Leander v. Sweden, n. 36, para 59; ECtHR, Szabó and Vissy v. Hungary, 12 January 2016, No. 373138/14, para 55; ECtHR, Roman Zakharaov v. Russia, No. 47143/06, 4 December 2015, para 232. 132 ECtHR, Klass and others v. Germany, n. 36, paras 45 et seq. 133 Klass, n. 36, paras 48. 134 ECtHR, Weber and Savaria v. Germany, no. 54934/00. 127

354

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:41 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

context the court again accepted the goals of national security and/or prevention of crime as legitimated goals allowing a restriction of Article 8 ECHR.135 All in all it follows from the case law of the ECtHR that national security includes the 59 protection of State security and constitutional democracy from threats of espionage, terrorism,136 threats to territorial integrity (separatism)137 and threats to operational effectiveness of the army138.139 It also seems to include threats from organised crime.140 However, the ECtHR sometimes mentions the prevention of crime as well as other objectives additionally to national security as interests that may justify the restriction of certain fundamental rights under the ECHR, such as in cases of Roman Zakharov141 or Szabo and Vissy.142 Furthermore, the distinction between criminal actions that may in fact constitute a threat to national security and those that do not, is not clear. Thus, the ECtHR has held in CG and others v. Bulgaria that the acts committed by the applicant in the context of drug trafficking did not amount to a threat to national security.143 From the court’s point of view two main issues need to be kept in mind when 60 claiming the goal of protecting national security. Firstly, this exceptional clause is to be interpreted narrowly, especially if the measures envisaged are of highly intrusive character, e. g., secret surveillance of citizens.144 Secondly, the national legal basis, which provides for the restrictive measures concerned, needs to be sufficiently clear “to give citizens an adequate indication as to the circumstances in which and the condition on which public authorities are empowered to resort to any such measures”.145 Hence, the ECtHR has held that an important safeguard was the possibility of the individual affected by such measures to challenge the executive’s claim that national security is at stake.146 Furthermore, an adequate and efficient system of control of the secret measures taken by public authorities in this context should be provided for, preferably by the judiciary, but in any case by an independent body with sufficient powers to exercise effective and continuous control, including the possibility to receive, assess and act on individual complaints.147 As indicated above the ECtHR accepted Member States’ claims as to what constituted 61 areas of national security. But in a number of cases it found the restrictive measures that had been enacted to uphold it to lack a sufficiently clear legal basis or adequate safeguards against abuse.148 135

Weber and Savaria, n. 134, para 104. Klass, n. 36, paras 45–48; Weber and Savaria, n. 133, para 104. 137 ECtHR, Case of United Communist Party of Turkey and others v. Turkey, No. 133/1996/752/95; paras 40–41. 138 ECtHR Lustig Prean and Beckert v. United Kingdom, 27 September 1999, Nos. 31417/96 and 32377/ 96, paras 67, 82; ECtHR, Smith and Grady v. United Kingdom, Nos. 33985/96 and 33986/96 paras 74, 87; ECtHR, Konstantin Markin v. Russia, No. 30078/06, Paras 134 et seq. 139 See also Research Division ECtHR, n. 127, para 5, as well as: ECtHR, Kennedy v. United Kingdom, 18 May 2010, No. 26839/05, para. 159; Big Brother Watch and others v. United Kingdom, 13 September 2018, No. 58170/13, 62322/14 and 24960/15, paras. 333, 335. 140 Weber and Savaria, n. 136. 141 ECtHR, Roman Zakharaov v. Russia, n. 131 para 237. 142 ECtHR, Szabó and Vissy v. Hungary, n. 131, para 55. 143 ECtHR, CG and others v. Bulgaria, 1365/07, para 43. 144 See e. g. Klass, n. 35 above, para 42; ECHR, Szabó and Vissy v. Hungary, n. 131, para 54. 145 ECtHR, Malone v. the United Kingdom, No. 8691/79, para 66; ECtHR, Leander v. Sweden, n. 36, para 51; Weber and Saravia, n. 134, para 93. 146 ECtHR, Al-Nashif v. Bulgaria, 20 July 2002, No. 50963/99, paras 123 et seq. 147 See e. g.: Klass, n. 356, para 55; ECtHR Rotaru v. Romania, no. 28341/95, para 59. 148 See e. g. ECtHR, Kruslin v. France, 20 April 1990, No. 11801/85, para 34; Szabó and Vissy v. Hungary, n. 131, para 89; ECtHR, Big Brother Watch and others v. United Kingdom, 13 September 2018, No. 58170/13, 62322/14 and 24960/15, e. g. para. 336–347. 136

Sule

355

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:41 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

d) Definition in national law of (Member) States Mirroring international and EU law, national law does not offer any harmonised definition of national security across the EU Member States, as pointed out by the FRA study on surveillance.149 Some Member States specifically refer to the concept when defining tasks and competences of their security and/or intelligence agencies (e. g. the UK or France) whereas in other Member States’ legislation relevant to security does not refer to the concept at all (e. g. Germany). 63 In the UK the Intelligence Services Act (ISA)150 provides the legal basis for Secret Intelligence Service (SIS) and the Government Communications Headquarters (GCHQ) in its Sections 1 and 3. In both cases the functions of these two intelligence services are exercisable only in the interests of national security, in the interests of the economic well-being of the United Kingdom; or in support of the prevention or detection of serious crime. As regards national security particular reference is made to the UK defence and foreign policies in Section 1. Thus, the interest of prevention or detection of serious crime and the economic well-being are listed parallel to national security. Hence, by definition they are not included by the latter term under UK law.151 64 A recent French law, the Code de la Securité Interieur, provides a legal basis for monitoring any kind of communication by its intelligence services.152 These measures may be taken by the intelligence services to fulfil their tasks in order to collect intelligence that is relevant to the defence and promotion of fundamental national interests. These interests are enumerated in Article L 811-3. National security is not mentioned as such but the first interests mentioned are national independence, territorial integrity, national defence, major interests of external policy, the execution of European and international obligations of France and the prevention of foreign control. Interestingly fundamental national interests also include major economic, industrial and scientific interests, which are mentioned before the prevention of terrorism.153 Hence, the law itself does not use the term of national security but on the other hand focusses on security aspects when defining the competences of its intelligence services. These security issues revolve around the classic aims of preserving territorial integrity, independence of the State from foreign control and prevention of terrorism. They do however clearly include the defence and promotion of economic and industrial and scientific interests without seeming to limit them to security aspects.154 65 German legislation providing legal bases for any actions of intelligence services does not mention “national security” at all.155 Thus, the act on the German foreign intelligence service, Gesetz über den Bundesnachrichtendienst (BNDG), simply refers to the tasks of the BND as to “collect and analyse information in order to gain knowledge 62

149 Fundamental Rights Agency (FRA), Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015, pp. 25 et seq. 150 Intelligence Services Act 1994, available at: http://www.hmso.gov.uk/acts/acts1989/Ukpga_19940013_en_1.htm. 151 For further information on legislation regulating the UK intelligence services see below: Leigh, Intelligence Law and Oversight in the UK, Part 5, Ch. 3 in this volume. 152 Code de la Securité Interieur; available at: https://www.legifrance.gouv.fr/affichTexte.do?cidTexte=JORFTEXT000030931899. 153 Id., Article L 811-3: “Pour le seul exercice de leurs missions respectives, les services spécialisés de renseignement peuvent recourir aux techniques mentionnées au titre V du présent livre pour le recueil des renseignements relatifs à la défense et à la promotion des intérêts fondamentaux de la Nation suivants : […] 3° Les intérêts économiques, industriels et scientifiques majeurs de la France”. 154 For further information on legislation regulating French intelligence services see below: Le Divilec, Intelligence Law in France, Part 5, Ch. 2 in this volume. 155 For further information on legislation regulating the German intelligence services see below: Dietrich, Intelligence Law in Germany, Part 5, Ch. 2 in this volume.

356

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:42 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

which may be of relevance to external and security policy for the Federal Republic of Germany”.156 A recently adopted addition to that law further clarifies the BND’s competences as regards surveillance of communication that takes place entirely outside German territory. Information to be gathered must be relevant for an early recognition of dangers for Germany’s internal and external security, for its general capacity to act and other knowledge which may be of importance for external and internal security policy.157 Several federal ministries including the foreign ministry and that of defence will define the latter. By contrast, Germany’s internal security services for the protection of the Constitu- 66 tion, at federal and regional level (Bundesverfassungsschutz, or Ländesämter für Verfassungsschutz), have an enumerative set of defined tasks in their respective legal bases. Thus, § 3 of relevant federal law defines several tasks. One of the most important ones includes the collection and assessment of information on tendencies that are aimed against the free democratic basic order, the existence or security of the Federation or one of the Länder or at any illegal impairment of constitutional organs or their members at federal or Länder level.158 A juxtaposition of the tasks and fields of intelligence of internal and external 67 intelligence services shows that the BND’s tasks are wider in scope than those of Germany’s internal intelligence services. The aforementioned “information relevant to any knowledge of relevance to external and security policy” predominantly aims at external security159. This, however, seems to be interpreted widely to include all interests from protection of Germany’s territorial integrity, its constitutional order, the functioning of its State organs to protection against organised crime and terrorism.160 It may however also include information relevant to Germany’s external economic policy.161 The latter may in particular involve a securing of international ways of transport (e. g. against piracy), protection of German undertakings against economic espionage. At the same time the new amendment to the BNDG clarifies that the BND’s surveillance activities outside Germany may not be carried out for the purpose of economic espionage, i. e. to gain competitive advantages.162 Hence the tasks of German intelligence services focus on collecting information that 68 is predominantly relevant for Germany’s security but in the case of the BND also concerns information of general relevance to its external policy. The term “relevance” may include territorial protection as well as that of its constitutional form of state, protection against acts of (international) terrorism and organised crime, the latter of which is somewhat disputed.163 e) Result: elements that constitute national security In view of the attempts above to synthesise a useful approach to defining the term 69 “national security” the following aspects are worth retaining: – Need for a substantial definition instead of a formal (“decisionist”) approach 156 See § 1 (2) BNDG, available at: https://www.gesetze-im-internet.de/bndg/, last visited on: 13 April 2018 (translation by author). 157 § 6 (1) Nr. 1-3 BNDG, available at: https://www.gesetze-im-internet.de/bndg/, last visited on: 13 April 2018. 158 See § 3 (1) Nr. 1 Gesetz über die Zusammenarbeit des Bundes und der Länder in Angelegenheiten des Verfassungsschutzes und über das Bundesamt für Verfassungsschutz (Bundesverfassungsschutzgesetz BVerfSchG), available at: https://www.gesetze-im-internet.de/bverfschg/, last visited on: 13 April 2018. 159 See Gusy, in: Schenke/Graulich/Ruthig, Sicherheitsrecht des Bundes, 2014, § 1 BNDG, para 26. 160 See Gusy, n. 159, paras 27–31. 161 Gusy, n. 159, para 29. 162 § 6 BNDG (5). 163 See Gusy, n. 159, para 31.

Sule

357

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:42 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

The wording of Article 4 (2) TEU seems to allow a formal approach of defining national security. This would allow the responsible State actor, or in view of Article 4 (2) the Member States to discretionally decide what would constitute a matter of national security. At the same time such an approach would undermine two major legal principles: at European Union level it could remove any action of the Member States from its obligations under the supranational order of EU law and its judicial scrutiny by the CJEU. Furthermore, it would flatly contradict the principle of the rule of law, which demands a clear-cut limitation of State power by law. This requires legal certainty as to when aspects of national security are concerned. A purely “decisionistic”, i. e. discretionary approach could not satisfy that requirement. – Need for a strict interpretation delineating national from public security 71 Restrictive measures that may be taken under national security are generally farther reaching than those under aspects of public security. Similarly, under EU law matters of national security seem to be further removed from EU-competences under Article 4 (2) than those under public security.164 These are strong arguments for a narrower interpretation of the term “national security” than that of “public security”. At the same time a concentration on core national security concerns may allow an effective national security policy to develop by appropriate and realistic resource allocation, training and implementation.165 – Main elements of national security 72 The overview of general theories, case law by the CJEU, ECtHR and examples of national legislation does not yield an exhaustive definition or list of aspects that constitute national security. It suggests however that the following elements are comprised by it: o Preservation of territorial integrity (e. g. against internal or external threats) o Preservation of a given constitutional order (e. g. principles of democracy, rule of law, separation of powers) o Preservation of the political (=capacity of State/constitutional organs to act) and economic functioning (= functioning of the general economic system) of the State o Preservation of essential public services (e. g., networks of essential supply such as water, energy, health) 73 It needs to be pointed out that national security will seek protection of the above interests primarily against systemic threats, not individual disruptions, which may rather be issues of public security. The latter must be handled by classic law enforcement authorities rather than intelligence services. 70

3. Interim result: Areas of Overlap between EU law and national intelligence activities 74

It follows from the above that there are two general areas where national intelligence activities may fall into areas where EU law is applicable: Firstly, intelligence activities in pursuit of national security interests may have an impact on situations that are covered by primary or secondary EU law. Secondly, intelligence activities that are not explicitly taken in the interest of national security but other important national interests, may likewise – most probably even more often – affect situations that are subject to primary and secondary EU law. The following section will look at potential restraints of intelligence activities by EU law in both areas.

164 165

358

See above para 54 of this Chapter. See Dearlove, n. 57, p. 39.

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:43 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

C. Intelligence activities between Member States In view of the above, potential EU law restraints on national intelligence activities of 75 Member States would include activities undertaken in the interest of national security as well as those outside such interests. While the former are not exempted from EU-law scrutiny, such scrutiny will allow the Member States a relatively wide scope of discretion on justifying intelligence activities. The latter though, i. e. intelligence activities undertaken for purposes other than national security interests, may be subject to a stricter review under EU law. In this context three potential scenarios need to be distinguished166: Firstly the classic 76 cases of espionage, i. e. intelligence activities of one Member State targeting (especially secrets of) another Member State. Such measures are normally aimed at government or other public institutions or authorities of the State. In a second scenario Member States might target the European institutions with intelligence activities. This scenario includes the equally conceivable opposite case of EU institutions engaging in intelligence activities against a Member State. Finally, intelligence authorities have within the last two decades increasingly been tasked with the collection of data on terrorist activities emanating from individuals. Hence, the third scenario envisages Member States’ intelligence activities against individual persons either within their own territory or in other Member States. This includes natural as well as legal persons.167 All three scenarios will be examined with emphasis on the first one in this section. The following sub-section (I) will examine such intelligence activities that do not aim 77 at the protection of national security. The subsequent sub-section (II) will then look at EU law restraints on activities within the area of national security.

I. EU law application to intelligence activities outside areas of national security This section will examine potential EU law restraints to national intelligence activities 78 of Member States, which are not conducted in pursuit of national security interests. Such activities may relate to tasks set for national intelligence services within their national legal bases aside from protecting national security. They may include, e. g. collecting information to further economic, industrial or scientific interests.168

1. Original development (gap and closure by interpretation) As already pointed out above169, EU primary law does not specifically mention 79 intelligence activities of Member States. It was most probably originally not perceived as a matter that could overlap with EU policies and law. Thus, if intelligence activities 166

See also Sule, n. 3, pp. 247, 317 and 335. The possibility of the EU surveying individuals and/or collecting and analysing personal data is equally possible. Yet it can only do so within its competences, e. g. where its bodies are empowered to conduct surveillance or collect and analyse personal data. See e. g. Chapter of Ryder on Europol, Part 3, Ch. 3 in this volume. Other competences of are limited to the EU’s internal investigations of own staff, e. g. in the context of Counter-espionage. There is no legal basis and hence no competence for EU institutions generally spying on individuals. Thus, it will not be analysed any further in this context. 168 See tasks of intelligence services in the respective national legislation of Germany, the UK and France, above mns. 62–68. 169 See above mn. 15. 167

Sule

359

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:43 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

between Member States were to be legally assessed one might have originally turned to regular public international law, which normally covers relationship between States. However, EU law on the one hand has established itself as an order of supranational law170, and on the other has been extended in its scope of application by the Member States through a number of Treaty revisions.171 80 The former development has led to the establishment of a body of law that clearly distinguishes itself from public international law, under which intelligence activities and espionage in particular are not forbidden. The latter development has extended the field of potential overlaps of intelligence activities with EU policies. 81 To ensure a uniform application of the supranational body of EU law the CJEU has in its case law developed a number of principles that go beyond public international law rules, namely, those of direct applicability or to be more precise of “direct effect”172 and of supremacy of EU law. The former ensures that any sufficiently clear and precise provision of EU law does not need any further transposition act into national law to enfold direct legal consequences.173 This may also entail the possibility of individuals relying on such provisions before the courts, e. g. where they directly grant them an individual subjective right.174 Supremacy of EU law entails an obligation on Member States’ courts175 to set aside the application of national legal provisions if they contradict applicable EU law provisions.176 Administrative authorities equally have to apply these supreme rules over national law if they are sufficiently clear and precise.177 Furthermore, the CJEU has used the principle of “effet utile” when interpreting EU law provisions. Thus, the court always chose an interpretation that aimed at the most effective application of EU law.178 These specificities of EU law also included the need to have any infraction of EU law brought before the CJEU to decide on it. Thus, unlike public international law, EU law did not offer Member States a possibility to retaliate to a breach of EU law by another Member State with another breach of EU law in line with the so-called reciprocity principle. Rather, a Member State suffering from such a breach would have to bring the matter before the European Commission to investigate further or directly before the CJEU.179 82 The very purpose of developing these principles to ensure the most effective application of EU law reflects the original aim of the EU to create a federation of States that is based on a set of common values and principles, such as democracy, respect for the rule of law and fundamental rights of individuals. This is enshrined in Article 6 TEU. Such a system goes beyond that of public international law. The latter aims at allowing interaction of States on a basis of common rules but with lesser focus on prefixed goals or a wider set of common values and aims.180 170 Starting with the CJEU’s seminal C-26/62 Van Gend en Loos v. Administratie der Belastingen [1963] ECR 3, p. 12; CJEU C-6/64, Flaminio Costa v. E.N.E.L., [1964] ECR 1141, p. 593. 171 See above paras 17–18. 172 Craig and De Burca, n. 24, pp. 187 et seq., 190. 173 Id., CJEU, C-32/84, Van Gend & Loos, n. 169 above, pp. 12–13. 174 CJEU, C 6 & 9/90, Francovic, 1991 ECR I-5357, para 40. 175 CJEU C-6/64, Flaminio Costa v. E.N.E.L., n. 169 above, pp. 593 et seq.; CJEU C-106/77 Amministrazione delle finanze dello Stato v. Simmenthal, [1978] ECR 629, para 22. 176 CJEU C-106/77, Simmenthal, n. 175 above. 177 CJEU C-103/88, Fratelli Costanzo v. Comune [1989] ECR 1839, paras 30 et seq. 178 As e. g. in CJEU Case 106/77, Simmenthal, n. 175, para 16; CJEU Case C-213/89, Factortame and Others [1990] ECR I-2433, para 19. 179 Craig de Burca, n. 24, p. 452, CJEU, C-146/89, Commission v. United Kingdom, [1991] ECR I 3533, para 47; C-266/03, Commission v. Luxembourg [2005] ECR I 4805, para 35. 180 Compare the integrationist approach of the EU Treaties with the more general aims of maintaining peace and security, developing friendly relations among nations and achieving good cooperation, according to Article 1 (paras 1–3) of the UN-Charta.

360

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:43 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

For intelligence activities this means the following: firstly, where such activities 83 overlap with EU policies they need to be compatible with Member States’ obligations under the Treaty. Where they run counter such obligations, they have to be abstained from, due to the supremacy of EU law in the concrete case. Secondly, where a Member State suffers a disadvantage from such activities illegal under EU-law, the latter is not allowed to take the same (illegal) measures against the infringing State as might be possible under public international law, i. e. reprisals181. This leaves us with the question whether the Treaty envisages any obligation of 84 Member States to refrain from intelligence activities against other Member States. There is no such express provision in the Treaties. However, there are general provisions that may cover such an obligation as mapped out below.

2. EU principles potentially restricting intelligence activities a) Articles 2 and 7 TEU: Shared values of the EU An obligation to refrain from espionage between Member States might be inherent in 85 Article 2 TEU, which recalls the main principles and values shared by the European Union, including the Member States. They include respect for democracy, the rule of law and fundamental rights. To manifest these common values as an essential basis of the European Union Article 7 TEU has put in place a mechanism that allows reprimanding and even sanctioning a Member State that systemically disregards these principles and rights. It envisages firstly that the other Member States within the Council by a majority of four-fifths can determine that there is a clear risk of a serious breach by a Member State of the values referred to in Article 2 TEU, and in a second step to decide on concrete sanctions, namely to withdraw the voting rights of the Member State concerned. However, the threshold for issuing such decisions is particularly high: To determine a clear risk of a serious breach a quota of four-fifths of Member States is necessary [Article 7 (1) TEU]. To determine the existence of a serious and persistent breach itself, a unanimity of all other Member States and consent of the European Parliament is required [Article 7 (2) TEU]. Only then could a qualified majority of Member States decide to suspend certain rights of the Member State concerned, such as voting rights [Article 7 (3) TEU]. The Commission decision of 2014 on the so-called rule of law mechanism182, designed to better monitor potential breaches of the rule of law has not changed this drawback. Rather it has clarified the process of how the Commission will interact with the Member State concerned before issuing its decision to the Council.183 Whether intelligence activities, namely espionage, by one Member State against one 86 or more other Member States constitutes a breach of the principles enshrined in Article 2 TEU is very questionable. Firstly, the principles of democracy, rule of law and fundamental rights are principles, which are adhered to by a number of Member States with solid democratic systems built on the rule of law and the respect for fundamental rights. The latter has been continuously reaffirmed by their national courts and the ECtHR, such as in Germany or the UK.184 The same goes for third countries with a strong democratic tradition such as the US. The fact that these countries engage 181

On reprisals see Shaw, n. 21, p. 819. Communication from the Commission to the European Parliament and the Council of 19.3.2014, A new EU Framework to strengthen the Rule of Law, COM(2014) 158 final/2. 183 For details see also the Commission’s website on the rule of law mechanism: https://ec.europa.eu/ info/strategy/justice-and-fundamental-rights/effective-justice/rule-law_en, last visited on: 13 April 2018. 184 ECtHR, Klass and others v. Germany, n. 35 above or Kennedy v. United Kingdom, 18 May 2010, No. 26839/05 . 182

Sule

361

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:44 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

in intelligence activities, does not as such breach the aforementioned principles and certainly not on a systemic level. Rather, their intelligence services are tasked with gathering information that will allow their governments to react to threats to their systems based on democracy and the rule of law. 87 In particular, the acknowledgement of respect for fundamental rights in Articles 2 and 6 TEU cannot be interpreted as a general principle that precludes intelligence activities as such, including those targeted at other Member States’ institutions. In fact, it needs to be pointed out that fundamental rights, irrelevant of their legal basis or source, do not constitute or require a general ban on espionage. As intelligence activities serve to protect the essential security of the State, this includes the protection of its fundamental rights system, a system common to many States, in particular the Member States although in varying forms. 88 This, however, does not preclude the necessity to measure individual intelligence actions against applicable fundamental rights standards. Hence, if non-discriminatory surveillance of all communication of individuals within one Member State were carried out by another Member State, such a measure even if possibly allowed under public international law, might have to be measured against fundamental rights obligations within the European context, namely, under the ECHR and/or the EU Charter of fundamental rights (henceforth: “the Charter”). That, however, concerns the limits of intelligence activities against individuals as opposed to those against other Member States. A general ban on the latter cannot be derived from the principal respect for fundamental rights as enshrined in Articles 2 and 6 TEU.185 b) Article 4 (3) TEU: cooperation clause 89 A central provision within the Treaties that has continued to underline the difference between EU law and public international law is the so-called “cooperation” or “loyalty” clause in Article 4 (3) TEU, previously Article 5 and then 10 of the former EC Treaty.186 The provision contains two obligations to act and one to refrain from certain acts. Firstly, it obliges Union and Member States to respect the principle of “loyal cooperation” and to support each other when fulfilling tasks which result from the Treaties [Article 4 (3), first sentence TEU]. Secondly, it requires Member States to take any appropriate measures of general or specific nature in order to fulfil the obligations emanating from the Treaties or the measures taken by the institutions of the Union. Finally, Member States are required to support the Union in fulfilling its task and to refrain from any measures that could endanger attaining the goals of the Union. In its context the court often refers to the “principle of sincere cooperation”187 but also uses other terms such as the “obligation of loyal cooperation”.188 90

(1) General structure and nature of Article 4 (3) TEU. As a matter of fact, this general duty to cooperate is reflected in more concrete cooperation duties within specific policy areas regulated by the TFEU, such as Article 121 TFEU (coordination 185 For a (short) discussion of measures against individuals see section E.I. below. For a broader discussion of intelligence measures in the light of fundamental rights, see above Schmahl, Part 4, Ch. 1 in this volume. 186 For a more in-depth discussion of the Member States obligations under this provision (as former Article 10 TEC) in view of Member States’ espionage activities, see Sule, n. 3, pp. 283–298. For extensive coverage of Article 4 (3) TEU in general, see Kahl in: Calliess/Ruffert, EUV/AEUV, 5th ed., 2016, Article 4, paras 23–128; Blanke, n. 31, paras 81–104; De Baere/Ross, EU loyalty as Good Faith, ICLQ vol. 64, October 2015, pp. 829–874; Obwexer in: Von der Groeben/Schwarze/Hatje, n. 33, Article 4, paras 49–154; Vedder in: Vedder/Heintschel von Heinegg, n. 32, paras 18–22. 187 E. g. CJEU 230/81 Luxembourg/Parliament, [1983] ECR 255, paras 37 et seq. 188 See overview by Kahl in: Caliess/Ruffert, n. 185, para 29; De Baere/Ross, n. 185, p. 829.

362

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:44 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

of economic policy by Member States), Article 147 TFEU (coordination as regards employment policies of Member States), Article 173 TFEU (industrial policy) or Article 181 TFEU (coordination of research policies).189 When examining whether Treaty provisions forbid intelligence measures by Member State the more concrete provisions take precedence over the general one.190 Thus, strictly speaking, they should be examined first. In the context of this analysis however, it is worth approaching the subject from a general angle first. It allows to explain the main essence of the cooperation clause and the scope of the duties it imposes on Member States. On this basis it may be possible to identify whether the provision could be capable of encompassing an obligation to refrain from intelligence activities of Member States targeting each other. More specific clauses of this kind will be pointed out in the next subsection.191 To establish whether the cooperation clause of Article 4 (3) TEU could possibly entail 91 a ban for Member States to engage in intelligence activities against each other (or the EU institutions), its character deserves a closer look. It has been subject to academic discussion for some time, particular as regards the question whether it can constitute concrete legal obligations on its own.192 However, its abovementioned structure which spreads out a number of different obligations seems to suggest that it goes beyond the mere obligation of pacta sunt servanda.193 This principle of international law would in any case follow from Article 26 of the Vienna Convention on Treaties. Thus, there would not have been a need to include such an elaborate clause in the TEU (or TEC at the time) if it did not entail further reaching obligations.194 As a consequence, this principle of “Union loyalty” needs to be viewed as a “self-standing” obligation of Member States and Union regarding the manner in which to attain the goals established in the Treaty.195 Thus, it establishes a close nexus between the loyalty clause of Article 4 (3) TEU and the respective goals of the Treaty. In other words all obligations of Article 4 (3) TEU are only relevant in relation to the goals of Article 3 TEU. Given the relatively general phrasing of the loyalty obligations two means of 92 limitations need to be considered: Firstly, their conditional connection to a concrete aim of the Treaty, and secondly, the concrete scenario to which they apply. As regards the first, only the goals as mentioned in Article 3 TEU can be considered.196 As regards 189

Sule, n. 3, pp. 259–261. A general principle acknowledged by the CJEU and academic literature: CJEU, Case C-78/90, Compagnie commerciale de l’Ouest v. Receveur principal des douanes de La Pallice-Port, [1992] ECR I1847, para 19; C-195/90, Commission v. Germany, [1992] I-03141, paras 36–38; C-387/93, Banchero, [1995] I-04663, para 17; Kahl in Calliess/Ruffert, n. 185, Article 4 TEU, paras 48 et seq.; De Baere/Ross, n. 185, p. 835; Obwexer in: Von der Groeben/Schwarze/Hatje, n. 32, paras 83–87. 191 See below mns. 105 et seq. 192 See e. g. V. Bogdandy. A., in: Randelzhofer, A./Scholz, R./Wilke, D. (Hrsg.), Gedächtnisschrift für Eberhard Grabitz, München 1995, pp. 17 et seq., 18. 193 Kahl in: Calliess/Ruffert, n. 185, para 30; but critical: De Baere/Ross, n. 185, pp. 839–845. 194 See e. g. Schermers/Pearson, Some Comments on Article 5 of the EEC Treaty, in: Festschrift für Steindorff, Berlin 1990, p. 1359; Lück, Die Gemeinschaft als allgemeines Rechtsprinzip im Recht der Europäischen Gemeinschaft, Baden-Baden, 1992, p. 81; Temple Lang, Community Constitutional Law: Article 5 EEC Treaty, CMLR 27 (1990) pp. 645 et seq.; Constantinesco, L’Article 5 CEE, de la bonne foi à la loyaté communitaire, in: Liber Amicorum Pescatore, Baden-Baden 1987, pp. 97 et seq., 101; Bleckmann, Artikel 5 EWG-Vertrag und die Gemeinschaftstreue, DVBl 1976, pp. 483 et seq.; dissenting: De Baere/ Ross, n. 185, pp. 839–845. 195 Kahl in: Calliess/Ruffert, n. 185, paras 42–44; the principle can however not be entirely equated with similar constitutional obligations within federal States such as the German principle of federal loyalty (Bundestreue), see Sule, n. 3, pp. 285–288 with further references. 196 See e. g.: CJEU, Opinion 2/91, International Labour Organization, [1993] I-1061, para 10; Blanke, n. 32, para 82. 190

Sule

363

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:45 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

the second, four different scenarios need to be identified where obligations of Article 4 (3) may occur: obligations between the Member States, obligations of the Union towards the Member States, obligations of the Member States towards the Union and finally between institutions of the Union.197 Some concrete obligations have been elaborated by the case law of the CJEU within the different relationships starting with that of Member States vis-à-vis the Union.198 (2) Case law of the CJEU on Article 4 (3) TEU. The CJEU has used the clause of Article 4 (3) TEU particularly to establish an active duty of Member States towards the European Union when implementing EU law.199 Thus, the court has held that Member States are obliged to take all appropriate measures of general and specific nature to transpose EU directives into national law.200 This duty binds legislative as well as administrative bodies and the courts.201 In view of legislative cooperation it entails, e. g. that during the period of implementation Member States refrain from any measures that may threaten to undermine the aim of the directive.202 To render effectiveness to EU directives the court also developed the principle of their immediate effect, where individuals could rely on unconditional, sufficiently clear provisions of a directive that had not been transposed within the set time limit. This, the court had only been able to do by employing the loyalty clause of Article 4 (3) TEU when interpreting the transposition duties of Member States and their failure to live up to them.203 At administrative level it equally confirmed a duty to implement EU law within national law.204 It even went as far as obliging a Member State to ensure market freedoms by removing obstacles to them that had been set up by private parties, such as the blockades of French farmers against the import of agricultural products from other Member States.205 National courts were obliged under Article 4 (3) TEU to render judicial remedies effective, when related to EU law enforcement.206 The Court also established a duty of Member States to cooperate with the Union, i. e. the European Commission, where the latter had launched an investigation into potential infringements of EU law by that Member State.207 94 The Court vice versa established concrete duties of the Union towards Member States, such as cooperation duties of the Commission with authorities of Member States, including the obligation to support national courts by providing relevant information.208 93

197 See e. g.: Obwexer in: Von der Groeben/Schwarze/Hatje, Europäisches Unionsrecht, 7th ed., Article 4 EUV, paras 88, 137, 146, 150. 198 Note that most of the decisions referred to were at the time rendered in view of obligations to the European Community as predecessor of the European Union. With effect from 1 December 2009, Article 10 the EC Treaty has become Article 4 (3) second and third sentence TEU. The two provisions are, in substance, identical. Thus, Article 4 (3) TEU has to be read as Article 10 TEC or even Article 5 TEC, depending on the time of rendering the respective decisions. 199 For an exhaustive overview of relevant case see Kahl in: Calliess//Ruffert, n. 185. 200 See e. g. CJEU Case 30/72, Commission v. Italy, [1973] ECR 161, para 11; CJEU Case 14/83, von Colson und Kamannv Land Nordrhein-Westfalen, [1984] ECR 1891, para 26. 201 CJEU, Case 14/83, von Colson und Kamann, n. 200 above. 202 CJEU, C-129/96, Inter-Environnement Walloniev Région wallonnee, [1997] ECR I-7411, para 45. 203 See CJEU Case 148/78, Ratti, (1979) ECR 1629, paras 18 et seq.; CJEU Case 41/74, Van Duyn v. Home Office, [1974] ECR 1337, para 12. 204 CJEU, Cases 205-215/82, Deutsche Milchkontor GmbH, [1983] ECR 2633, para 17; CJEU Case 39/ 72, Commission v. Italy, [1973] ECR 101; paras 16 et seq. 205 CJEU Case C-265/95, Commission v. French Republic, [1997] ECR I-6959, paras 32, 6. 206 See e. g. CJEU Case 14/83, von Colson und Kamann, n. 200 above, para 26; CJEU Case 213/89, Factortame, [1990] ECR I-2433 para 21. 207 CJEU Case 240/86, Commission v. Greece, [1988] ECR 1835, LS 2, para 27. 208 CEJU Case C-2/88, Zwartveld and others, [1990] ECR I-3365, paras 17 et seq.; see furthermore, CJEU Case 251-/89, Athanasopoulos, [1991] ECR I-2797, para 57.

364

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:45 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

In the same vein the court confirmed obligations of EU institutions towards each 95 other under Article 4 (3) TEU, such as the duty of other legislative organs to respect the participation rights of the European Parliament, e. g. not to choose a concrete procedure with a view to the weakest participation rights of the latter.209 Finally, the court established in a very general manner duties of Member States 96 towards each other, such as the obligation to protect rights and interests of other Member States that are protected under EU law.210 It furthermore, developed a duty to mutually respect and acknowledge Member States’ monitoring and sanctioning procedures, insofar as necessary for a uniform effectiveness of Community (read Union) law.211 The latter demands a certain amount of mutual trust.212 In view of the above the court has on the one hand established for all actors 97 concerned a concrete obligation to cooperate on the basis of Article 4 (3) TEU. This duty goes beyond the obligation under international law of pacta sunt servanda, as the development of direct effect of certain directives shows. At the same time it is evident, that the court will develop concrete obligations that flow from this clause on a case-bycase basis. Its emphasis so far has been on the legislative cooperation duties. (3) Specific obligations under Article 4 (3) last sentence: obligation to refrain. 98 However, while the above clearly confirms the existence of the general and some specific active obligation of Member States under Article 4 (3) TEU, i. e. to act cooperatively, it does not allow an immediate conclusion as to which concrete actions Member States are to refrain from, i. e. their passive duties. This part of Article 4 (3) last sentence is – as the whole provision – aimed at 99 protecting the functioning of the European Union. The duty of Member States to refrain from any measures that could endanger attaining the aims of the Treaties of the Union, links the duty of loyal cooperation to concrete aims mentioned in the Treaties. These aims need to be derived from the preamble as well as Articles 3 TEU and 3–6 TFEU.213 Read in this order, they range from vague final aims of the Union to general aims listed in Article 3 TEU, which are to be attained by those more concrete tasks listed in Articles 3–6 TFEU. Arguably the closer the link to one of the latter, the clearer the obligation of a Member State will be as to what kind of measures to refrain from.214 The Court has in all cases linked the Member States obligations to refrain from 100 certain measures to the attainment of concrete aims mentioned in the Treaties. These obligations include refraining from measures that could undermine the practical effectiveness of the Treaties in agricultural policy,215 stand-still obligation for Member States, precluding them from setting national laws that would contradict primary or secondary EU-law,216 refraining from engaging in activities that would undermine the 209 CJEU, Case 204/86, Greece v. Council, [1988] ECR 5323, para 16; CJEU Case 65/93, Parliament/ Council, {1995} ECR I-643, para 23. 210 CJEU Case 32/79 Commission v. United Kingdom, [1980] ECR 2403, LS. 1, 6, para 46. 211 CJEU Case 46/76, Bauhuis, [1977] ECR 5, paras 22, 25; CJEU Case C-5794, The Queen/Ministry of Agriculture Fisheries and Food, [1996] ECR I-2553, para 19. 212 Id. For further duties, see also: CJEU Case 42/82, Commission/France, [1983] ECR 1013, paras 36 et seq.; CJEU Case C-340/89, Vlassopoulou, [1991] ECR I-2357, paras 14 et seq. 213 Kahl in: Calliess/Ruffert, n. 185, para 47. 214 See analysis by Bleckmann, Die Bindungswirkung der Praxis der Organe und der Mitgliedstaaten bei der Auslegung und Lückenfüllung es Europäischen Gemeinschaftsrechts: Die Rolle des Artikels 5 EWGVertrag, in: Bieber/Ress,(eds.), Die Dynamik des Gemeinschaftsrechts, Baden-Baden, 1987, pp. 161 et seq., pp. 195, 197. 215 CJEU Case 31/74, Galli [1975] ECR 47. 216 CJEU C-231/83, Cullet v. Leclerc [1985] ECR 305, para 16; CJEU C-129/96, Inter-Environnement Wallonie v Région wallonne, [1997] ECR I-7411, para 45.

Sule

365

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:46 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

EU’s position of negotiation in external affairs217 or refraining from damaging the system of financing the Union.218 101 In view of the above Article 4 (3) last sentence TFEU could only establish a general ban for Member States to refrain from intelligence activities against each other, where such activities could endanger aims of the Treaties. However, aims mentioned in Article 3 (1) TEU such as the promotion of economic well-being, seem far too vague to be seriously endangered by intelligence/espionage activities of a Member State. On the other hand, these aims are given more granularity in Article 3 (2) TEU when referring to the creation of the internal market, promotion of sustainable economic development, the economic and the currency union. This is specified further by provisions of Articles 3–6 TFEU that delineate exclusive and shared competences as well as areas of increased coordination. At this level of specification it may very well be possible to find concrete threats to the aims of the Treaty by Member States. Thus, espionage activities of one Member State against economic authorities of another, e. g. the ministry of economy, or its delegation before meetings in the Council, may be aimed at gaining confidential information on future economic decisions or potential negotiation positions before the meeting. In 1998 the German press reported about a potential British spy, codenamed “Orcada”, within the German Bundesbank that may have passed on sensitive financial and economic information to the British Government.219 Such activities, however, would arguably run counter to the Member States’ obligations to coordinate their economic activities as envisaged in Article 121 TFEU. Similarly, espionage activities of those Member States not participating in the currency Union against those who do, could undermine the aim of establishing an economic and currency union as referred to in Article 3 (4) TEU. In this respect it needs to be recalled that all Member States are obliged to refrain from activities that endanger integration.220 This obligation even binds those Member States not participating in the currency union, as the latter still remains an overarching aim of the Treaty.221 The absolute minimal obligation of those Member States not participating in it thus entails to refrain from any measures that would run counter to the long-term establishment of this aim. 102 One could raise the argument of “policy check” against such an obligation to refrain from espionage activities against other Member States within certain EU policy areas linked to the aims and goals of the Treaty. This would mean that individual espionage activities could in fact promote sound EU policies. Thus, where one Member State is in the process of endangering a particular policy by undetected abusive measures, espionage activities could arguably help uncover them. The case of Greece joining the currency union by manipulating its economic data could serve as an example.222 103 However, this line of argumentation ignores one essential element, inherent in the cooperation clause of Article 4 (3) TEU and the character of EU law as coined by the Treaties: the principle of mutual trust.223 It needs to be recalled that one of the main 217 CJEU Case 3, 4 and 6/76, Kramer, [1976] ECR 1279 paras 44 et seq.; CJEU Case 246/2007 Commission/Sweden, [2010] ECR I-3317 paras 103 et seq. 218 CJEU Case 44/84 Hurd [1986] ECR 29, paras 45 et seq. 219 See: Der Spiegel, 28 September 1998, Im Dienste ihrer Majestät, at http://www.spiegel.de/spiegel/ print/d-8002060.html; Die Welt, 21 September 1998, Der Spion der aus dem Internet kam, at: https:// www.welt.de/print-welt/article 630889/Der-Spion-der-aus-dem-Internet-kam.html, both sites last visited on: 13 April 2018. 220 CJEU Joined Cases 80 and 81/77, Commissaires Reunies v. Receveur des douanes [1978] ECR 927, paras 35 et seq.; CJEU Case 319/81, Commission v. Italy [1989] ECR 601 para 20; also Ruffert in: Calliess/ Ruffert, n. 165, Article 3, para 4. 221 See e. g. Häde in: Calliess/Ruffert, Article 119, para 11. 222 See Sule, n. 3, p. 300. 223 Sule, n. 3, pp. 301–304.

366

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:46 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

goals of the first Treaty, i. e. the European Community of Coal and Steel was to create durable peace in Europe.224 Hence the emphasis on cooperation between Member States under EU law is stronger than between States under international law. It requires a minimum of mutual trust between participating Member States.225 It is complemented by an obligation of mutual consideration and respect.226 It is this principle that allows Member States to rely on the assumption that confidentiality of their internal decisionmaking procedures and mechanisms are respected by the other Member States. Disrespect of these decision-making mechanisms within the area of EU law and policies would endanger the essential precondition of interaction of Member States within the European Union. Hence, the cooperation clause of Article 4 (3) constitutes an original Union law principle, fundamental to the EU’s constitutional structure.227 Monitoring and sanctioning powers in view of breaches of EU law are therefore not 104 vested in the Member States, but rather in one of the EU institutions, the European Commission as guardian of the Treaties [Article 17 (1), second and third sentence TEU].228 Hence, sanctioning measures of public international law, such as retorsion or reprisals are not available to Member States in this context.229 Consequently, the abovementioned example regarding Greece would not require increased Member States’ intelligence activities but rather a more elaborated monitoring system by the guardian of the Treaties, the Commission. c) Provisions of cooperation in specific areas: economic industry and employment As already pointed out, the principle of mutual cooperation manifests itself in several 105 specific provisions within the Treaty. Thus, in areas where such a specific cooperation duty exists, a potential ban derives from that provision rather than from the general duty of cooperation under Article 4 (3) TEU. Examples are certain coordination duties in the field of economic policy, employment 106 policy, industrial policy and the area of science and technology (Articles 121, 146, 173 and 181 TFEU). These articles require a specific duty of cooperation between the Member States in concrete policy areas. Subsequently only Articles 173 and 146 will be examined.230 A Member State engaging in intelligence activities that target another’s industrial 107 policy, could breach its obligation under Article 173 (2) TFEU to coordinate their measures in this area. In fact Article 173 (1) third indent TFEU obliges Member States to promote an environment favourable for cooperation of undertakings. Espionage activities between Member States aimed at particular industry sectors could undermine the aim of creating such a favourable environment. This being said, Article 173 (1) TFEU aims to protect the collective of companies, i. e. industry as such, rather than individual undertakings. Thus, to reach the threshold of endangering this aim, a 224 See Schumann Declaration of 9 May 1950, available at: https://www.robert-schuman.eu/en/doc/ questions-d-europe/qe-204-en.pdf, last visited on: 13 April 2018. 225 Note that Kant in his treatise on the “Eternal Peace” considered the establishment of trust and thus even an absolute ban using spies between States as the main precondition to such a peace, Kant, Zum ewigen Frieden, [1791] Reclam edition, Stuttgart 1984, first section, para 6. 226 CJEU, C-167/01, Inspire Art [2003] ECR I-10155, para 45; Kahl in: Calliess/Ruffert, n. 184, Article 4, paras 40, 116. 227 See opinion of GA Reischl in CJEU Case 32/79, Commission v. United Kingdom [1980] ECR 2460; Kahl in: Calliess/Ruffert, n. 185, Article 4, para 34. 228 Based on the premise that EU law was a legal order sui generis and not one of public international law, as established by the CJEU already in C-26/62 Van Gend en Loos [1963], n. 170. 229 CJEU C-146/89 Commission v. United Kingdom [1991] ECR I-3533; CJEU C-266/03 Commission v. Luxembourg [2005] ECR I-4805; see also Craig/de Burca, n. 24, p. 452. 230 For extensive discussion see Sule, n. 3, pp. 259–282.

Sule

367

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:47 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

Member State would have to engage in intelligence activities that systematically survey undertakings of whole industrial sectors. Such intelligence activities could adversely affect companies’ perception of the EU as a favourably environment for cooperation of undertakings.231 This would be particularly the case where such systematic espionage would adversely affect other Member States’ ability to compete within the industrial sector concerned.232 108 In a similar way the obligation to coordinate certain measures in the area of employment policies under Article 146 (2) TFEU could oblige Member States to refrain from certain espionage activities.233 According to that provision Member States consider promoting employment as a matter of common interest and coordinate their respective activities within the Council according to the procedures mapped out in Article 148. Given that this area is one of the Member’s exclusive competences, the individual Member States’ characteristics in this area are not affected by this coordination. Furthermore, it allows Member States to economically compete through their individual employment policies. Yet, the provision arguably obliges Member States in situations of conflict to choose an employment measure that least damages employment interests of other Member States.234 Where espionage activities between Member States in the industrial sector lead to a systematic “theft” of industrial knowhow and thus less ability of the targeted State to compete, this could have detrimental effects on that Member States’ level of employment. In fact, industrial espionage is considered to lead to a significant loss of jobs.235 But as in the area of industrial policy, any espionage activities between Member States would need to be systematic, show a tangible effect i. e. it would need to be shown to be causal to a substantial decrease of employment in the targeted Member State before it could be considered a breach of Article 146 II TFEU.236 109 In view of the above Article 4 (3) TFEU as well as its specific manifestations, such as Articles 173 (2) TFEU, 146 (2) TFEU, can be considered to set limits to Member States’ intelligence activities targeting each other in areas that concern attainment of the Treaties’ goals, in other words in concrete EU policy areas. These provisions can hence be seen to set a general ban on intelligence activities, i. e. espionage between Member States in the respective policy areas. However, this does not necessarily preclude such intelligence activities when pursued in the interest of a Member States’ national security.

231

For a more extensive discussion of this provision see Sule, n. 3, pp. 273–278. See also: Ruffert in: Calliess/Ruffert, n. 185, Article 173, para 24. 233 For more extensive examination see: Sule, n. 3, pp. 269–273. 234 Hemmann in: Von derGroeben/Schwarze/Hatje, Article 146, para 4. 235 See FAZ of 26 April 2016, Ein Bündnis gegen Wirtschaftsspionage, at: http://www.faz.net/aktuell/ wirtschaft/wirtschaftspolitik/initiative-wirtschaftsschutz-gegen-wirtschafts-spionage-14200359.html; Der Tagesspiegel of 19 June 2016, Cyberattacken auf mittelständische Firmen, at: http://www.tagesspiegel.de/ berlin/wirtschaftsspionage-in-der-region-cyberattacken-auf-mittelstaendische-firmen/14502762.html; also: report by the German Federal Police Agency, Wirtschaftsspionage und Konkurrenzausspähung eine Analyse des aktuellen Forschungsstandes, BKA, April 2014, p. 9 available at: https://www.bka.de/SiteGlobals/Forms/Suche/Servicesuche_Formular.html?nn=4444&resourceId=4198&input_=4444&pageLocale=de&templateQueryString=wirtschaftsspionage+konkurrenzspionage&submit.x=0&submit.y=0; Deutsche Welle, 29 June 2010, Industrial espionage threatens German companies and jobs, at: http://www.dw.com/ en/industrial-espionage-threatens-german-companies-and-jobs/a-5645869; early references: Frankfurter Allgemeine Zeitung of 14 February 1998, p. 1; Nathusius, Wirtschaftsspionage, 2001, p. 3, all sites in this footnote last visited on: 13 April 2018. 236 Sule, n. 3, p. 273. 232

368

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:47 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

II. Overlaps of EU law with intelligence activities in areas of national security The above result has to be distinguished from evaluating intelligence activities 110 between Member States that are aimed at protecting national security interests. A ban on intelligence activities can be derived from Article 4 (3) TEU in connection with concrete goals of the Treaties where such activities serve to promote national interests outside national security, e. g., to promote national economy/industry, research and technology etc. without a clear link to national security. Examples of this can arguably be found in the new French legislation on surveillance. The latter, as already pointed out, empowers the French intelligence authorities to conduct surveillance measures in order to further major economic, industrial and scientific interests.237

1. Exception to the general ban on espionage under Article 4(3) TFEU Where, however, national security is concerned Member States retain their compe- 111 tence to conduct intelligence activities. They serve to protect the core existence of each Member State. This runs parallel to the spirit of Article 4 (2) TFEU discussed above, which accords national security of Member States a special role within EU law. Insofar an exception from the abovementioned general ban on espionage, as derived from Article 4 (3) TFEU, is necessary even when they overlap with areas of EU policy. At the same time, such measures when interfering with or affecting concrete EU law provisions will remain subject to scrutiny by the CJEU.238 The latter may, however, be prepared to grant Member States a certain degree of discretion, when examining proportionality of any measure that restricts rights conferred under EU law.239 Yet, intelligence activities between Member States in the interest of national security 112 remain an exception to the general ban under Article 4 (3) TFEU. Consequently, they can only be based on a narrow definition of the term of “national security”.240 Such a definition, as already suggested above, would encompass only vital interests of the State. This has also been suggested by the ruling of the CJEU in its Tele2 judgement241. Based on the findings above it would comprise: – Preservation of territorial integrity (e. g. against internal or external threats). – Preservation of a given constitutional order (e. g. principles of democracy, rule of law, separation of powers). – Preservation of the political (=capacity of State/constitutional organs to act) and economic functioning (= functioning of the general economic system) of the State. – Preservation of essential public services (e. g. networks of essential supply such as water, energy, health).

237

See above mn. 64. As indicated by CJEU C-203/15 Tele2 Sverige, judgment of 21 December 2016, ECLI:EU: C:2016:970, paras 88 et seq. 119; see also above at mn. 49. 239 As e. g. suggested by its decision in the case of CJEU, Case 72/83 Campus Oil Ltd., n. 121; see also above at mn. 54. 240 On the principles of rule and exception in this case, see also CJEU, C -203/15 Tele2 Sverige, n. 238 paras 88 et seq. 241 CJEU, C-203/15 Tele2 Sverige, n. 238, para 90. 238

Sule

369

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:48 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

2. Exception to the argument of mutual trust among Member States As already pointed out the general ban on intelligence activities in areas of EU policies and law following from Article 4 (3) TEU is strongly based on the principle of mutual trust between the Member States. This begs the question why such mutual trust is unconditional in these areas but may be limited when it comes to exceptions in the interest of national security. The CJEU has in fact, in its Melloni decision underlined the necessity of preserving the principle of mutual trust and mutual recognition of Member States’ judicial decisions.242 In the concrete case the Member State’s argument that enforcement of the European arrest warrant would breach that State’s high level of fundamental rights protection was brushed aside by the CJEU, arguing that the EU Charter of Fundamental Rights had been duly taken into account when the legal basis for the arrest warrant had been adopted.243 Furthermore, it has emphasised the paramount importance of mutual trust for the Area of Freedom, Security and Justice.244 Thus, even where a Member State claims respect for a higher national level of fundamental rights protection, the latter – according to the CJEU line of argument – must cede in the interest of mutual respect.245 This seems to suggest that even essential national principles, i. e. key concepts of national constitutional law interests may not undermine the principle of mutual trust. Following this line of argument one might claim that the same applies where a Member State claims an exception to the principle of mutual trust in the area of national security. 114 However, there are three arguments against this assumption. Firstly, the Member States’ courts do not seem to have accepted the CJEU’s conclusions. Thus, the German Federal Constitutional Court (BVerfG) has in its decision on the European Arrest warrant, annulled a court order that aimed at implementing the latter, because it considered it to infringe the right to Human Dignity as protected by Article 1 (1) GG (i. e. the German Constitution).246 In fact, it argued that such an act of control and monitoring of EU law by the national court did not breach the principle of sincere cooperation of Article 4 (3) TEU. Rather it was even a principle inherent in Article 4 (2) 1st sentence TEU which provided for mechanisms of protecting national identities of the Member States.247 115 Secondly, there are different views on such claims by national courts. On the one hand it has been pointed out that in the case of the BVerfG, the latter could have come to the same conclusion by applying Article 1 of the Charter instead of the German Constitution.248 This would have placed the entire examination within remit of EU law. To allow for a consistent interpretation of the latter, the German court should have referred the question to the CJEU though.249 On the other hand it has been suggested that since Article 53 of the Charter allows Member States to maintain a higher level of protection of fundamental rights than that of the Charter250: This should also permit a non-unified application of Union law in certain situations to promote an effective protection of fundamental rights.251 113

242 CJEU C-399/11, Stefano Melloni v. Ministerio Fiscal, Judgment of the Court (Grand Chamber), 26 February 2013, ECLI:EU:C:2013:107, para 63. 243 CJEU C399/11 Melloni, n. 242, paras 47–53. 244 CJEU C-399/11, Melloni, n. 242, paras 37, 63. 245 Id. 246 BVerfG, Decision of 15 December 2015, 2 BvR 2735/14. 247 BVerfG, Decision of 15 December 2015, 2 BvR 2735/14, paras 44 et seq. 248 Giegerich, Zwischen Europafreundlichkeit und Europaskepsis – kritischer Überblick über die bundesverfassungsgerichtliche Rechtsprechung zur europäischen Integration, ZEuS 2016, pp. 3–47, 34. 249 Id. 250 See Kingreen, in: Calliess/Ruffert, Artikel 53 GRCh paras 6 et seq. 251 Calliess, Kooperativer Grundrechtsschutz in der Europäischen Union, JRP 2015, pp. 17–34, 32.

370

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:48 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

Thirdly, it needs to be kept in mind that even the principle of mutual trust is not 116 “blind”, as noted by the president of the CJEU, Koen Lenaerts.252 The CJEU has in fact, confirmed that mutual trust requires the Member States to consider all the other Member States to be complying with EU law and particularly with the fundamental rights recognised by EU law save in exceptional circumstances.253 Hence the assumption that all Member States adhere to the same common rules, such as a comparable respect for fundamental rights, may in fact be rebutted. As an example the court provided some guidance on such “exceptional cases” in the joined Aranyosi and Caldararu cases. With view to protecting the fundamental right to be free of torture and inhuman or degrading treatment (Article 4 of the Charter), it held exceptional cases could arise where there is a real risk of the person subject to a European arrest warrant being exposed to inhuman or degrading treatment in the issuing Member State.254 Hence where there is objective, reliable evidence for such an exceptional case a Member State may refuse to comply with EU law, i. e. here the implementation of a European arrest warrant.255

3. Possibility to monitor undemocratic and dangerous developments in another Member State Transferring this line of argument for the protection of national security, the limits of 117 the principle of mutual trust and Article 4 (3) TEU become apparent: neither obliges a Member State to refrain from measures necessary to protect its national security, if there are substantial indications of another Member State developing threats of the former’s security. The latter could be the case, in particular where one Member State threatens to move away from the main values and principles that the European Union is founded on as mentioned in Article 2 TEU. If indeed one Member State were to show signs of systematically undermining the principles of democracy, rule of law or fundamental rights, this could become a substantial threat to other Member States and the EU in total. Furthermore, it is difficult to argue that it is for the EU institutions to act in such a 118 case and prevent a Member State detaching itself from the values enshrined in Article 2 TEU. Although Article 7 TEU provides for a mechanism to discipline such a Member State, it has already been shown that such a mechanism is inefficient given the necessity to have a unanimous decision of all remaining Member States against the perpetrating one.256 Against this background, the need for every Member State to protect itself against such developments that may emanate from the Member State concerned becomes evident, and with it the need for intelligence activities in view of such a State. In fact it would be absurd if democratic Member States that act within a solidarity system and as net contributors to the EU budget were obliged to support financing a neighbouring Member State through their payments into the structural fund payments, where the latter is in the process of establishing a dictatorial system. Having said that, it needs to be re-emphasised that intelligence activities of one 119 Member State against another in the area of EU law or policies can only constitute an exceptional case. Firstly, it can only be done in the interest of protecting national 252 Koen Lenaerts, A perspective on the future of Judicial Dialogue in Europe, Speech delivered on 3 June 2016 at the European Network of Councils for the Judiciary (ENCJ), Warsaw. 253 CJEU, Opinion 2/13 Accession of the European Union to the European Convention for the Protection of Human Rights and Fundamental Freedoms, 18 December 2014, ECLI:EU:C:2014:2454, paras 168, 191. 254 CJEU, Joined Cases C-404/15 and C-659/15 PPU Aranyosi and Căldăraru, Judgment of the Court (Grand Chamber) of 5 April 2016, ECLI:EU:C:2016:198, paras 81–89. 255 Lenaerts, n. 252. 256 See above mn. 85.

Sule

371

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:49 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

security, which as already shown, needs to be interpreted narrowly. Secondly, there need to be clear substantial indications for a Member State developing a potential threat to the national security of other Member States. This can be assumed where such a State within its territory systematically undermines the principles enumerated in Article 2 TEU.

D. Intelligence activities between Member States and EU institutions Intelligence activities between Member States and EU institutions are no longer a matter of pure speculation. News of the German intelligence service BND surveying on behalf of the US intelligence service NSA communication of staff members of EU institutions proves their existence.257 In the concrete case the BND seems to have used selectors to target also EU officials.258 121 Just as in the case of intelligence activities between Member States, the question of a potential ban on espionage between Member States and EU institutions arises. And as already examined above, the main principle precluding such intelligence activities is that of mutual trust on which the principle of loyal cooperation enshrined in Article 4 (3) TEU is based. This duty of cooperation covers Member States and EU institutions alike.259 Thus, as already pointed out, the CJEU has on the basis of Article 4 (3) TEU established an active duty of Member States towards the European Union when implementing EU law.260 Equally it held that the European Union institutions were under cooperation duties, such as the Commission when supporting national courts by providing relevant information to them.261 Similarly to the relationship between Member States, this duty also contains an obligation on Member States and EU institutions to refrain from any measures that could endanger attaining the aims of the Treaties of the Union. Without engaging in a detailed examination of this particular constellation, it can be concluded that the principle of loyal cooperation forbids intelligence activities between Member States and EU institutions.262 Each party is bound to respect the internal – often confidential – decision-making mechanisms of the respective other. This is manifested for EU institutions in Article 4 (2) TEU. The latter obliges them to respect the Member States’ identities and their political and constitutional structures;263 vice versa, Member States have to respect the institutions’ independence, as mirrored in Article 245 TEU second sentence for the European Commission, or in the respective staff regulations or rules of procedure.264 120

257 Spiegel-online, 30.04.2015, “Ausspähen unter Freunden geht doch” at:http://www.spiegel.de/politik/ deutschland/bnd-affaere-kanzleramt-in-erklaerungsnot-gegenueber-partnern-a-1031565.html, last visited on: 13 April 2018. 258 See also: Spiegel online, 01.05.2015, “BND ließ 12.000 NSA-Suchbegriffe löschen” at:http://www. spiegel.de/politik/deutschland/bnd-liess-12-000-nsa-suchbegriffe-loeschen-a-1031626.html, last visited on: 13 April 2018. 259 Kahl in: Calliess/Ruffert, n. 185, Artikel 4 EUV, paras 55 et seq., paras 109 et seq.; see also preceding section. 260 See e. g. CJEU Case 30/72, Commission v. Italy, [1973] ECR 161, para 11; CJEU Case 14/83, von Colson und Kamannv Land Nordrhein-Westfalen, [1984] ECR 1891, para 26; for an exhaustive overview of relevant case see Kahl in: Calliess//Ruffert, n. 184. 261 CJEU Case C-2/88, Zwartveld and others, [1990] ECR I-3365, paras 17 et seq.; see furthermore, CJEU Case 251-/89, Athanasopoulos, [1991] ECR I-2797, para 57. 262 For in-depth discussion see Sule, n. 3, pp. 317–333. 263 Bogdandy/Schill, Overcoming Absolute Primacy: Respect for national identity under the Lisbon Treaty, CMLR 48, 2011, 1417–1454, in particular 1441 et seq. 264 See e. g. Sule, n. 3, pp. 322–326.

372

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:49 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

It is rather questionable, whether the abovementioned surveillance measures taken by 122 the BND were compatible with this principle of EU law. Firstly, monitoring communication of the staff of EU institutions does not respect the institutions’ decision-making mechanism and thus the principle of mutual trust. Secondly, it is questionable in how far such measures would have been necessary in the interest of national security: it seems that most of the information was collected for a third country and partly concerned economic information.265 Finally, even if the surveillance activities had been undertaken in the interest of national security, it would be difficult to exceptionally justify them under the principle of sincere cooperation. As already pointed out, such exceptions have to be applied narrowly and only where there is substantial evidence of the target State or institution developing a threat to national security. In the above mentioned concrete case of the EU institutions this cannot be seriously claimed in the concrete case. Following disclosure of this practice, the German legislature has amended the legal 123 basis of the BND’s activities.266 As already pointed out Article 6 (1) empowers the BND to gather information outside German territory. This includes personal data emanating from telecommunication networks. A precondition is that such data are necessary in order to counter threats to Germany’s internal and external security [§ 6 (1) No. 1 BNDG] or to preserve its capability to act [§ 6 (1) No. 2 BNDG]. Furthermore § 6 (1) No. 3 allows for the collection of data necessary to collect intelligence about developments that are of importance for certain external and internal security policy matters. Scope and nature of such developments are to be determined further by the federal chancellery in agreement with several federal ministries. Whilst the first two areas that require the collection of data would probably fall under the above established elements of national security267 the third area is relatively vague. Reasoning behind this legislation claims that § 6 (1) No. 3 BNDG is meant to allow setting short-term mandates reacting to crisis situations and that its main purpose is to limit it to security related aspects.268 Yet, one could argue that at least aspects of national security are already covered by the first two areas. Furthermore, 6 (1) No. 3 BNDG is phrased in such a vague way, that it might raise concerns as to its legal certainty. In any case this provision on its own does not seem to limit activities of the BND to matters of national security. Targeted intelligence activities against EU institutions and authorities of other 124 Member States are explicitly allowed under Article 6 (3) BNDG, if they are undertaken for the abovementioned purposes of Article § 6 (1) Nos. 1–3 BNDG insofar as they concern developments in third countries, which are of particular relevance to Germany’s security. The latter additional requirement privileges EU institutions and authorities of other Member States to a certain extent. It could be interpreted to limit the BND activities to interests of national security. But whether this legislation suffices to prevent further questionable intelligence practices against EU institutions will depend on its implementation. On a wider scale, any such activities also by Member States, just as much as intelligence activities of institutions vis-à-vis Member States remain conceivable but generally difficult to justify under EU law.

265 Spiegel Online of 12 May 2015, BND liefert NSA angeblich 1, 3 Milliarden Datensätze pro Monat, at: http://www.spiegel.de/politik/deutschland/bnd-soll-nsa-jeden-monat-1-3-milliarden-metadaten-liefern-a1033361.html, last visited on: 13 April 2018. 266 See above mns. 65 et seq. 267 See above mn. 72. 268 Entwurf eines Gesetzes zur Ausland-Ausland-Fernmeldeaufklärung des Bundesnachrichtendienstes, BTs 18/9041, Begründung, p. 22.

Sule

373

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:50 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

E. Intelligence activities of Member States aimed at individuals 125

Intelligence activities of Member States that target individuals, i. e. natural or legal persons might have to be measured against applicable fundamental rights standards as well as any other concrete provisions within EU law that protect interests of individuals, even though their main protective aim lies elsewhere, such as for example the EU rules on competition law, namely State aids.

I. Restraints by Fundamental Rights: the ECHR and the EU Charter of Fundamental Rights (the Charter) Disclosure of practices of bulk surveillance of EU citizens by Member States’ intelligence agencies such as the UK or Germany not only raised political and societal concern, they also triggered some academic discussion as to their compatibility with existing law.269 127 When measuring intelligence activities of Member States against fundamental rights standards at EU level the ECHR and the EU Charter on fundamental rights are the most relevant sources of law. However, in both cases applicability from the point of view of EU law needs to be established first. As regards the ECHR, it should be recalled that the EU has so far not acceded to the Convention.270 Thus, its status within EU law remains that of a source of inspiration for courts and authorities of a Member State as well as the CJEU as stated by the latter already in the case of Nold.271 Hence, the ECHR cannot be used as a framework of reference under EU law when assessing the abovementioned example.272 128 The Charter on the other hand could constitute such a framework, but only within its scope of applicability. Article 51 (1), first sentence of the Charter declares its applicability to all EU institutions. Furthermore, the Member States are bound by it solely on their implementation of EU law. It follows e contrario that where Member States are not implementing EU law, i. e. where they apply purely national law, they are not subject to the Charter. What exactly constitutes an implementation of EU law, however, has been subject of much academic debate273, in particular in view of the less than clear case law 126

269 See e. g. Schmahl, n. 11 pp. 221 et seq.; Huber, BND-Gesetzreform gelungen oder nachbesserungsbedürftig?, ZRP 2016, pp. 161–166; furthermore, see also statements made by several academics and practitioners before the German legislative’s NSA committee of enquiry, at: https://www.bundestag.de/ ausschuesse/ausschuesse18/ua/1untersuchungsausschuss/-/280848, last visited on: 13 April 2018; in particular: Talmon, n. 11. 270 Since the CJEU’s negative opinion on the draft accession agreement (CJEU Opinion 2/15, of 18 December 2014, Draft international agreement – Accession of the European Union to the European Convention for the Protection of Human Rights and Fundamental Freedoms – Compatibility of the draft agreement with the EU and FEU Treaties, ECLI:EU:C:2014:2454), the European Commission is renegotiating the terms of the agreement. At the time of writing, there is no clear timeline as to the future accession. 271 CJEU C-4/73, Nold KG v. Commission, [1974] ECR 491, para 13. 272 This, however, does not remove the Member State in the above example from its obligations under the ECHR. The mentioned surveillance measures are thus theoretically still to be measured against the Convention where an admissible case is brought before the ECtHR, such as e. g. the case of Privacy International vs. UK, See also Nyst/King, Chapter 5 Part 4 in this volume; for further information see Schmahl, Chapter 1 Part 4 in this volume. 273 Calliess, n. 250 above; Hancox, The meaning of “implementing” EU law under Article 51(1) of the Charter: Akerberg Fransson, CMLR 50, 2013, pp. 1411–1432; Dougan, Judicial Review of Member State Action under the General Principles and the Charter: Defining the “Scope of Union Law”, CMLR 52, 2015, pp. 1201–1246.

374

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:50 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

of the CJEU. In its decision of the case Akerberg Fransson274 the latter has gone beyond a pure active implementation of primary and secondary EU law. Here it seemed to allow an overlap of national procedural law with EU law as sufficient link to establish an element of “implementation”.275 The court seems to have somewhat narrowed this broad approach in the cases of Ymeraga and Siragusa.276 However, the limits of the Charter’s applicability do not yet seem to be entirely defined.277 This is particularly the case where a Member State’s measures do not implement or directly affect concrete secondary law but rather primary law such as one of the internal market freedoms. The abovementioned example of surveillance measures undertaken by one Member 129 State might have an immediate or indirect effect on one of the economic freedoms. An individual may be banned from entering a Member State, or supplying services or exporting goods to it on the basis of information gained about this individual, through the surveillance measures, e. g. because the person has been assessed to pose a threat to national security. Such a situation shows an indirect overlap of the intelligence measure with primary EU law. Whether this link, however, would be close enough to assume an implementation of EU law is questionable.278 If this were the case, then the measure would need to be assessed against the safeguards of the Charter, i. e. Articles 7 and 8, the fundamental rights to a private life and protection of personal data. Any restriction of these rights would then have to be based on law, respecting their essence [Article 52 (1) first sentence of the Charter]. It would need to be taken to protect an objective interest recognised by the EU and would need to fulfil the requirements of proportionality [Article 52 (1) second sentence of the Charter]. Where the intelligence activities are carried out in the interest of protecting national security, the CJEU could be expected to apply the proportionality test less strictly than in cases, where such activities are undertaken with different aims. Justifying the latter would be more difficult for Member States than measures taken in the interest of national security.279 In view of such an applicability of the Charter and potential cases that could be 130 measured against it, further reference is made to the chapter on fundamental rights below.280 In any case the Charter as such does not require a general ban on intelligence activities between Member States.

II. Restraints of intelligence activities and transfer of their results under EU Competition law Intelligence activities may be carried out to gain economic competitive advantages. 131 While industrial espionage between companies is often used with that aim, it is also conceivable that States engage in surveying companies situated in other States to gain confidential business information and then pass it on to companies situated within their own territory. This was a concern raised in the context of revelations about the US NSA 274

CJEU C-617/10, Åkerberg Fransson, 26 February 2013, ECLI:EU:C:2013:105. CJEU C-617/10, Åkerberg Fransson, n. 273, paras 21–28. 276 CJEU C-87/12, Ymeraga and Ymeraga-Tafarshiku, 8 May 2013, ECLI:EU:C:2013:291, paras 40 et seq.; CJEU C-206/13, Siragusa, 6 March 2014, ECLI:EU:C:2014:126, paras 25 et seq. 277 Calliess, n. 251, para 22. 278 On the discussion of whether derogation by a Member State from free movement rules (still) constitutes an implementation of EU law see Ward in: Peers/Hervey/Kenner/Ward, The EU Charter of Fundamental Rights, Oxford 2014, paras 51.37 et seq. 279 This follows from the rather deferential approach of the CJEU when judging matters of national or State security as opposed to those concerning public security, see above mn. 54. 280 See Schmahl, Part 4, Ch. 1 in this volume. 275

Sule

375

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:51 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

indiscriminate bulk surveillance, which also included foreign undertakings. US Director of National Intelligence, James Clapper rushed to counter this assumption arguing that the US Government could not engage in such an activity.281 US officials argued that in such a case the government would not know which of the competing companies to give the information to.282 This suggests that by passing on such information to any individual US company, the government would breach US competition law rules in view of other competing US companies that did not receive such information. However, the argument is not entirely convincing. There may be sectors in most States’ economies, which are covered by big monopolistic private or even State companies. In the former cases such private companies may have developed out of former State companies – often in areas of essential public services. Furthermore, sectors that demand high investments as well as sophisticated knowhow and expertise may have furthered monopolies (e. g. aviation industry). 132 The so-called TGV-Alstom/Siemens case may serve as an example for this kind of espionage. In that case the South Korean Government had issued a tender for the construction of a high-speed train track. Two European undertakings competed here: the French Alstom consortium and the German company Siemens. According to press coverage at the time the French foreign intelligence service, DGSE had surveyed communication between Siemens and the relevant South Korean authorities concerning Siemens’ offer.283 The DGSE then allegedly passed this information on to Siemens’ competitor Alstom, enabling the latter allegedly to modify its original offer in a way that led to them being awarded the contract.

1. Intelligence activities and the ban on State aids (Article 107 TFEU) Using the case as an example on a hypothetical basis, such intelligence activities can be measured against the Treaty’s provisions on competition, namely State aids. In other words, passing on confidential company business information gathered through intelligence activities to a specific company by a Member State may constitute unlawful State aids, thereby breaching Article 107 TFEU. While an in-depth examination of this problem is not attempted here, a cursory look at it allows highlighting major legal implications of such intelligence measures.284 134 Article 107 TFEU declares illegal “any aid granted by a Member State or through State resources in any form whatsoever which distorts or threatens to distort competition by favouring certain undertakings or the production of certain goods …, insofar as it affects trade between Member States”. It thus aims to eliminate Member States’ intervention in the economy where this distorts competition within the internal market. The ban targets measures that benefit the Member States’ own business sectors, thereby protecting them 133

281 See The Guardian, 9 September 2013, NSA accused of spying on Brazilian oil company Petrobras; at: https://www.theguardian.com/world/2013/sep/09/nsa-spying-brazil-oil-petrobras, last visited on: 13 April 2018. 282 New York Times, 20 May 2014, Fine Line Seen in U.S. Spying on Companies, at: https://www. nytimes.com/2014/05/21/business/us-snooping-on-companies-cited-by-china.html, last visited on: 13 April 2018. 283 See: Frankfurter Allgemeine Zeitung of 21 February 1998; Computer Technology 1999, Vol. 4, pp. 174 et seq., as well as description by European Parliament, Report on the existence of a global system for the interception of private and commercial communications (ECHELON interception system) [2001/ 2098(INI)], 11 July 2001 available at: http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP// TEXT+REPORT+A5-2001-0264+0+DOC+XML+V0//EN, para 10.7 last visited on: 13 April 2018; Ulfkotte, Verschlußsache BND, 1998, pp. 384 et seq. 284 For a more extensive discussion of this case in view of European State aid rules see Sule, n. 2, pp. 355–375.

376

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:52 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

from unfettered competition of other Member States. Hence, the ban on State aids is a precondition for a successful establishment of the internal market.285 Its main characteristics are that the measure in question involves: 135 – State resources used by the State, – confers an advantage on the beneficiary, – that the advantage is selective (i. e. limited to certain undertakings or the production of certain goods), and – that the measure distorts competition and affects trade between Member States.286 With view to the abovementioned TGV/Siemens case the question arises whether 136 passing on economically valuable information that has been gained through State espionage activities could constitute such a State aid. a) Definition of State Aids and the Private Investor Principle While State aids are generally understood to consist of financial aids, the CJEU as 137 well as academic literature seem in favour of a wide interpretation of what such aids can encompass.287 There may not be a clear definition of what constitutes State aids. However, CJEU case law gives some substantive guidance. Thus, it qualified State aids as any measure that specifically serves as means to pursue certain aims, which could normally not be attained without external help.288 Hence, it not only includes subsidies or services actively performed but rather any measures that mitigate the charges a company would normally have to bear.289 To further identify such measures the European Commission has developed the so-called “private investor principle”.290 This principle, endorsed by the CJEU291, basically does not consider State aid as any investment made by the State in an undertaking on terms and conditions that would be acceptable to a private investor of a size comparable to that of bodies managing the public sector operating under normal market conditions. In such a case the company does not receive an undue advantage as it could have obtained the investments also in the private market.292 The private investor principle has been subject to debate for various reasons.293 In 138 this context, however, that debate is irrelevant: the passing on of intelligence information in the TGV/Siemens case would constitute State aid, irrespective if one employs the private investor principle or not. In any case, the measure in question would alleviate 285 For general overview see e. g. Rusche/Micheau/Piffaut/Van de Casteele on State Aid in Faull/Nikpay, The EU Law of Competition, 2014, 3rd ed., paras 17.06 et seq.; Quigley, European State Aid Law and Policy, 3rd ed. Oxford, 2015, pp. 3 et seq.; Mederer, Article 107, in: Schröter/Jakob/Klotz/Mederer, in: Europäisches Wettbewerbsrecht, 2.Aufl. 2014. 286 Rusche/Micheau/Piffaut/Van de Casteele, n. 285, para 17.18. 287 Hancher/Ottervanger/Slot, EU State Aids, 5th ed., 2016, London, paras 3-006 et seq.; Quigley, n. 285, pp. 15–17; Heidenhain, European State Aid Law, Munich, 2010, § 3 para 6. 288 CJEU, C-30/59, Steenkolenmijnen Limburg, (1961) ECR 19, p. 43, 3rd heading; GC, Case T-613/97 Ufex, [2000] ECR II-4055. 289 Id. 290 E. g. in Commission Communication on the Application of the Articles 92 and 93 of the EEC Treaty and of Article 5 of the Commission Directive 80/723/EEC to public undertakings in the manufacturing sector, OJ C 307, 13 November 1993, p. 3. 291 CJEU, C-142/87 Belgium v. Commission (1990) ECR I-959, para 29; CJEU, Case C-305/89 Italy v. Commission (1991) ECR I-1603, paras 18 et seq.; CJEU Case C-39/94, SFEI v. La Poste [1996] ECR I3547, para 60; CJEU Case C-280/00, Altmark Trans GmbH v. Nahverkehrsgesellschaft Altmark GmbH [2003] ECR I 7747, para 84; 292 Rusche/Micheau/Piffaut/Van de Casteele, n. 285, para 17.62; Quigley, n. 285, p. 154. 293 See e. g. Parish, On the private investor principle, ELR 28, 2003, pp. 70 et seq., arguing that no private investor will take only purely rational, market economically sound decisions. Rather he or she may also be influenced by considerations of social or regional policy or business ethics, e. g. not closing down a specific factory for reputational reasons.

Sule

377

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:52 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

the charges, which would normally be included in the budget of an undertaking.294 Hence, a fundamental condition for any measure to constitute State aids is that it has a certain economic value, mirrored by measures or actions that undertakings usually take themselves. 139 So far the European Commission has considered State aids to comprise exemptions from taxes and levies as well as para-fiscal activities, transfer of properties, buildings or delivery of products or services without any market adequate service in return.295 Obtaining sensitive information of high relevance to business decisions is often the goal of an undertaking’s business intelligence policy. In fact, undertakings may either have dedicated business intelligence departments296 or may employ the services of consultants that provide them with such intelligence297. Such intelligence concerns general information on market developments as well as concrete information on competitors.298 Against this background the selective passing on of confidential information of a business competitor can be regarded as a valuable service, for which the undertaking would normally have to allocate a notable portion in its budget. 140 Arguably, an undertaking might have difficulties to engage in the same surveillance techniques such as the DGSE in the abovementioned case. While it might nowadays be possible to employ such techniques through the purchase of technical surveillance systems on the private market, it would remain flagrantly illegal. Any such surveillance by a private party in the abovementioned case would infringe applicable national criminal law, i. e. in the Siemens case, arguably, German or South Korean criminal law. However, the illegality of such an act cannot disqualify the measure from being defined as State aid. This would run against the very purpose of Article 107 TFEU to prevent distortion of competition within the market. If an otherwise legal measure taken by a Member State to benefit a particular undertaking infringes the ban of State aids, then so must an illegal measure. This a fortiori argument would apply irrespective of the private investor principle, since a rational private investor could not be expected to first engage in criminal surveillance measures in order to then pass on the resulting information to an undertaking without anything in return.299 b) Advantage to beneficiary 141 Furthermore, the passing on of information in the abovementioned TGV/Siemens case would also amount to an advantage to the beneficiary TGV. Unlike general economic information on particular developments abroad, which a Member State may make publicly available, information in this case would have been passed on selectively to the only national undertaking competing with the other Member State’s undertaking. This so-called selectivity test300 is met in the concrete case. Here the information about the competitor’s tender may have allowed TGV to modify its own offer in response to its competition thereby ensuring signature of the respective contract. This concrete case demonstrates – contrary to the US representative’s statements mentioned above – that 294

CJEU Case 30/59, Steenkolenmijnen Limburg, n. 287. Overview by Heidenhain, n. 287, § 4 paras 2–10; Quigley, n. 285, pp. 15–17. See e. g. Nathusius, Wirtschaftsspionage, 2001, p. 17 et seq.; see also Kerschberg, Business Intelligence and Legal Matters Management, Forbes 26 April 2011, available at: https://www.forbes.com/sites/benkerschberg/2011/04/26/business-intelligence-and-legal-matter-management/#61b78a472d3c, last visited on: 13 April 2018. 297 Numerous companies provide such services; see also the information platform on business intelligence: https://businessintelligence.com/, all sites last visited on: 13 April 2018. 298 See e. g. description at: http://lexicon.ft.com/Term?term=competitive-intelligence&mhq5j=e1, last visited on: 13 April 2018. 299 See discussion by Sule, n. 3, pp. 358–363. 300 Rusche/Micheau/Piffaut/Van de Casteele, n. 285, paras 17.95 et seq.; Quigley, n. 285, pp. 63–65. 295 296

378

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:53 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

there are constellations allowing a national government to choose a concrete undertaking on its territory which to bestow such benefits on. c) Use of State resources The application of Article 107 TFEU furthermore presupposes that the advantages 142 concerned are granted directly or indirectly through State resources. This suggests that the State incurs costs of some kind. The defining aspect is whether the State incurs an additional calculable burden or not.301 As a consequence the CJEU has rejected such a burden where specific undertakings benefited from purchase obligations imposed by a legislative change.302 Surveillance measures carried out by a national intelligence agency are likely to 143 require an identifiable budget item as well as definable human resources (i. e. in form of calculable man/hours). Thus they should fit the test applied by the CJEU. Of course one could argue that the beneficial measure in the TGV case was the passing on of information, not the collection as such. The transfer of the information would not amount to any substantial budgetary burden. This argument, however, could only be convincing, where the State, i. e. its intelligence services have already collected the relevant information for different purposes, in the interest of national security.303 In this case though, the only plausible reason the espionage activities were carried out seems to be for the specific purpose of gaining information that should later be passed on to a specific competitor. It is not conceivable which other purpose such surveillance activities could have had in that case. Hence these activities need to be qualified as being part of this measure. d) Distortion of competition and restriction of trade between Member States Once a measure has been found to fulfil all of the abovementioned criteria it can 144 relatively easily be qualified as contributing to distortion or a risk of distortion of competition. In other words a concrete distortion need not be shown. Rather its possibility suffices.304 The measure of passing on relevant information to a competitor, frees the latter from having to compete purely on the merits. The Member States’ activity of such espionage and transfer of information thus clearly carries a risk of distorting competition. As regards a restriction of trade between Member States, the concrete State aid needs to 145 show some link to the internal market i. e. a cross border effect. Yet, this criterion is often fulfilled by the fact that the measure in question can strengthen the position of the undertaking(s) in comparison to other undertaking(s) competing in intra-Union trade.305 In fact, the CJEU has even assumed such State aid to restrict trade between Member States if the recipient of the measure exports its products outside the EU.306 This again would apply to the TGV/Siemens case: The market for products and services that both undertakings were competing in was outside the EU, i. e. the South Korean procurement. At the same time both undertakings were competitors on the EU market. The fact that the position of one of them was strengthened by the State measure (passing on of confidential 301

CJEU, Case C-200/97, Ecotrade/Altiforni di Servola, (1998) ECR I-7907, para 35. CJEU, Case C-379/98, Preussen Elektra AG [2001] ECR I-02099. 303 Which according to the above analysis needs to be interpreted narrowly, see above para 71. 304 CJEU Case C-403/10P, Mediaset v. Commission [2011], paras 111, 113, 115; Rusche/Micheau/ Piffaut/Van de Casteele, n. 284, para 17.133. 305 CJEU Case C-730/79 Philip Morris v. Commission [1980] ECR 1980 2671, para 11; Rusche/Micheau/ Piffaut/Van de Casteele, n. 285, para 17.134; Medghoul in: Pesaresi/Van de Casteele/Flynn/Siatarli, EU Competition law, Vol. IV, 2nd ed. Deventer, 2016, para 2.511. 306 CJEU, Case C-142/87, Belgium v. Commission (“Tubemeuse”), [1990] ECR I-959, para 43. 302

Sule

379

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:53 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

information which allowed the undertaking to obtain the contract), must be deemed sufficient to establish a restriction in trade, similar to the Tubemeuse case.307 146 In view of the above there is an infringement of Article 107 (1) TFEU, by granting illegal State aids, where a Member State by surveillance activities of its intelligence service clandestinely gathers confidential business information of an undertaking in order to then pass it on to a competing undertaking in order to strengthen its position within the EU internal market.308 Should the DGSE indeed have acted in this way in the so-called TGV/ Siemens case, thereby ensuring that TGV obtained the contract both companies were competing for, then there are strong arguments that this constituted an illegal State aid.

NB: Potential Consequences of breaches of EU law? 147

Potential legal consequences of any of the above-examined potential breaches of EUlaw by Member States’ or EU institutions’ activities within the European Union cannot be examined in this context. They might however include potential infringement procedures by the Commission against individual Member States, infringement proceedings for breaches of EU law before the CJEU as well as Commission decisions against Member States in case of unlawful State aids, which then again could be subject of review proceedings before the CJEU. Finally, subjects negatively affected by such intelligence activities, i. e. Member States or individuals including undertakings that suffered from unlawful State aids, might claim damages.309

F. EU law restraints on intelligence cooperation 148

This last section will look at the legal framework, in particular its restraints on potential cooperation of intelligence activities at EU level.

I. Demand for EU intelligence cooperation As already pointed out, the EC as the predecessor to the EU had been constructed as a purely economic organisation. There had – most probably – not been any reason to suspect a need for intelligence cooperation between the Member States and the Community’s institutions. This thought very much parallels the (initial) general assumption that intelligence activities of Member States would at no point overlap with any EC policies or relevant EC legislation.310 150 With the development of common policies in justice and home affairs as well as within foreign and security policies in the so-called second and third pillar of the European Union after the Treaty of Maastricht, the need for intelligence cooperation became more plausible.311 A more political union would need a common level of 149

307

CJEU, Case C-142/87, Belgium v. Commission (“Tubemeuse”), [1990] ECR I-959. Further elements of the de minimis rule or potential justification reasons under Article 107 paras 2 and 3 shall not be examined in this context. They would most probably also not be relevant in the concrete case. 309 Reference is made to an overview of such potential consequences: Sule, n. 3, pp. 377–395. 310 See above mns. 14 et seq. 311 See e. g. 1996 report “A European Intelligence Policy”, Assembly of the WEU Document 1517; Oberson, Intelligence Cooperation in Europe the WEU Intelligence Centre and Situation Centre in: 308

380

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:54 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

information of Member States in order to pursue common policies, in particular in areas of internal security as well as common foreign and defence policies. Further cooperation and information exchange in order to fight international terrorism was evidently needed, after the terrorist attacks of 9 September 2001. The need for a minimum of common counter-intelligence measures at the level of EU institutions became apparent when eavesdropping device were found in the Justus Lipsius building of the Council in Brussels in May 2002.312 Coordination of intelligence activities was indeed soon established in several contexts, namely through creation of INTCEN and SATCEN.313 INTCEN (previously established as situation centre, SITCEN), an intelligence analysis centre, created at the level of the Council (on the basis of a pre-existing Situation Centre at the WEU314), now part of the EEAS,315 focuses on analysing intelligence information voluntarily shared by the Member States intelligence service. On this basis it produces strategic analysis papers primarily for the EEAS, the Council and Member States.316 Furthermore, the creation of the European Union Satellite Centre (EU SATCEN), a EU agency, by Council decision in 2001, ensures analysis and evaluation of satellite imagery to support EU decisionmaking.317 Additionally, the European Union Military Staff (EUMS) – first situated at Council level, then moved to the EEAS – supports the Council by exchange of relevant military intelligence in order to detect military threats to the EU at an early stage.318 Also, EUROPOL and FRONTEX constitute two agencies with genuine own powers of intelligence collection as well as analysis and evaluation within their own fields of activity, namely counter-terrorism and fighting organised crime as well as border control.319 Finally, less institutionalised cooperation intelligence groups and mechanisms facilitate the exchange of intelligence between the Member States, in particular in the area of counter-terrorism, such as the Club of Berne or the Counter-Terrorism Group (CTG).320 However, regardless of these existing intelligence sharing and cooperation mechanisms, several stakeholders have demanded new forms of intelligence cooperation at EU level, even the creation of an EU intelligence agency.321 This was particularly repeated Towards a European Intelligence Policy, Chaillot Paper 34, 1998; Palacios, EU Intelligence: On the road to a European Intelligence Agency?, Part 3, Chapter 1, in this volume. 312 See e. g. Die Zeit of 29 June 2013, USA sollen EU-Gebäude verwanzt haben, at: http://www.zeit.de/ digital/datenschutz/2013-06/usa-spionage-eu; Spiegel Online of 24 March 2003, Spionage gegen die EU “Sauerei der Sonderklasse”, available at: http://www.spiegel.de/spiegel/print/d-26670438.html; as well as The Guardian of 19 March 2003: Phone Bugs found in EU offices, available at: https://www.theguardian. com/politics/2003/mar/19/foreignpolicy.uk, all sites in this footnote last visited on: 13 April 2018. 313 For early development of EU intelligence cooperation see: Palacios, n. 310, paras 38–67; Gruszczak, n. 51, pp. 227–265; Oberson, n. 311; Müller-Wille, Building a European Intelligence Community in response to terrorism, Isis Europe, European Security Review, Number 22, April 2003. 314 Palacios, n. 311, mn. 38. 315 Palacios, n. 311, mns. 39–40. 316 Palacios, n. 311, mns. 41–44; Müller-Wille, For our eyes only? Shaping an intelligence community within the EU, Institute for Security Studies, Occasional Papers No. 50, January 2004, p. 23. 317 Palacios, n. 311, mns. 56 et seq.; see also Villadsen, Prospects for a European Intelligence Policy, in: Studies on Intelligence, Summer 2000, No. 9, unclassified edition, pp. 4 et seq. 318 See also Rauwolf, Intelligence in EU-Led missions and operations, Part 2, Chapter 4 in this volume; Palacios, n. 310, mns. 49–52. 319 See Ryder, European Criminal Intelligence, Part 3, Chapter 3 in this volume; Palacios, n. 310, mns. 53–55 and 62–65. 320 Cross, The Merits of informality: The European Transgovernmental Intelligence network, Part 3, Chapter 2, in this volume; Palacios, n. 311, mns. 84 et seq. 321 See e. g. Euracativ news bulletin of 18 November 2015, Verhofstadt calls for creation of EU intelligence agency at: http://www.euractiv.com/section/justice-home-affairs/news/verhofstadt-calls-forcreation-of-eu-intelligence-agency/; Euractiv news bulletin of 23 March 2016, Juncker warms to the idea

Sule

381

151

152

153

154

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:54 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

after terrorist attacks of 2015/2016 in Paris, Brussels, Berlin and other European cities. But such intelligence cooperation need not be limited to counter-terrorism. A paper by the European External Action Service (EEAS) of 2015 has summarised new challenges and threats for Member States of the EU in view of ongoing global developments.322 It has pointed to the EU being surrounded by an “arc of instability”323 and a number of security related external threats. These do not only originate from fragile or instable and undemocratic States but also from climate changes and resource scarcities.324 The paper proposes better cooperation within the Common Security and Defence Policy (CDSP) identifying existing difficulties in a number of areas, among which “intelligence” is listed as well.325 155 Finally, the EU Commission’s White Paper on the future of Europe as presented by President Juncker on 1 March 2017326 may also have consequences for future intelligence cooperation. It puts forward five scenarios for the future development of the EU. They range from limiting it to only single market activities to a substantially deeper integration of the EU. There is room for more intelligence cooperation in all scenarios, except the one concentrating on the single market. Others envisage closer defence and foreign policy cooperation for all or only willing Member States, or even an EU Defence Union.327 156 Demands for enhanced intelligence cooperation or even a European Intelligence Agency, however, raise two questions: firstly, whether further cooperation or even a EU intelligence authority is desirable and, secondly, whether this is currently legally feasible. As regards the first question several arguments have been raised against cooperation in the form of obligatory sharing of intelligence or the creation of an EU intelligence agency with its own genuine intelligence collection powers.328 These include worries about guaranteeing secrecy of shared information within a network of numerous stakeholders,329 distrust of other services as to their professionalism or reliability330, or loyalty conflicts of services, the Member State of which are in close cooperation with those of third countries.331

of an EU intelligence agency, at: http://www.euractiv.com/section/global-europe/news/juncker-warms-tothe-idea-of-an-eu-intelligence-agency/; EU observer news bulletin on statement of former German chief of foreign intelligence agency (BND), August Hanning, of 3 November 2016, Former spy chiefs call for EUUS intelligence hub, at: https://euobserver.com/justice/135749, all sites in this footnote last visited on: 13 April 2018. 322 The European Union in a changing global environment, 25 June 2015, https://europa.eu/globalstrategy/en/strategic-review-european-union-changing-global-environment-executive-summary, last visited on: 13 April 2018. 323 Id., p. 1. 324 Id., p. 1. 325 Id., p. 3. 326 White Paper on the Future of Europe, European Commission COM(2017)2025 of 1 March 2017. 327 White Paper, n. 326, (Scenario 5) pp. 22 et seq. 328 See e. g. Palacios, n. 311, mns. 71 et seq., 75 et seq. 329 Körner, (President of the Bavarian office for the Protection of the Constitution) speech given on 13 July 2016 at a conference in Brussels; see also https://www.hss.de/news/detail/geheimdienstkooperation-und-terrorbekaempfung-in-europa-news157/, last visited on: 13 April 2018; Politi, Why is a European Intelligence Policy necessary? In: Towards a European Intelligence Policy, Caillot Paper 34, 1998, pp. 3 et seq., 13; Bergstein, The Contribution of Secret Services to European Defence, in: The Path to European Defence, Wogau (ed.), Antwerpen 2004, pp. 239, 247. 330 Müller-Wille, n. 316, p. 16; Politi, n. 329, p. 7; Villadsen, n. 317, p. 10. 331 Müller-Wille, n. 316, p. 15; Politi, n. 329, p. 5; Villadsen, n. 317, p. 9.

382

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:55 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

II. Legal restraints of further cooperation of Member States’ intelligence authorities at EU level and a European Intelligence agency When examining what is legally possible establishing a European intelligence agency 157 with own intelligence collection powers on the one hand needs to be distinguished from a mere increase of cooperation of Member States in the field of intelligence on the other.

1. Creation of a European Intelligence Agency When calling for a European Intelligence Agency different stakeholders may have 158 different purposes of that agency in mind. Hence, the argument that Article 4 (2) TEU precludes creating such an agency332 is somewhat inaccurate. That provision clarifies that national security remains the sole responsibility of the Member States.333 As a consequence, any operational intelligence activities aimed at protecting national security of Member States may only be carried out by their respective intelligence authorities. EU primary law does not confer such a competence onto the European Union. Hence the latter cannot establish a European intelligence authority with genuine intelligence collection powers concerning national security matters.334 Nevertheless, not all intelligence activity is limited to national security matters. This is 159 mirrored by some legal bases establishing Member States’ intelligence agencies and their tasks.335 Their activities may concern all matters of national interest, including economic developments.336 It follows that areas not specifically connected to safeguarding national security could in fact be the object of intelligence gathering by the European Union. This could in particular make sense in policy fields where EU primary law, i. e. the Member States themselves, have transferred powers exclusively to the European Union. Where the EU has to take policy or legislative decisions in areas of its exclusive powers, it needs to be in possession of all necessary information to take those decisions. Hence it should be able to collect such information – and in fact it does, but not necessarily clandestinely. According to Article 3 (1) TFEU, examples of exclusive powers include, matters of 160 the customs union, the establishment of competition rules necessary for the common market, the conservation of marine biological resources under the common fisheries policy and common commercial policy. Furthermore, the CJEU’s AETR/ERTA case law337 and subsequent jurisprudence have clarified that internal exclusive powers of the EU are mirrored by the corresponding external powers in that area.338 In areas where EU institutions primarily take policy and legislative decisions, such decisions will be preceded by information gathering, e. g. in the forms of studies and public or targeted consultations. This is required to ensure that the EU will only put in place

332

As e. g. pointed out by Körner in his speech delivered on 13 July 2016 at a conference in Brussels; n.

329. 333

See discussion above at mns. 19 et seq. Körner, n. 329. 335 See above paras 62–64. 336 Id. 337 CJEU Case C-22/70 Commission v. Council [1971] ECR 263; Opinion 1/76, European Lay-up Fund for Inland Waterways Vessels, [1977] ECR 741. 338 Rosas, EU External Relations: Exclusive Competence Revisited, Fordham International Law Journal, (Vol. 38) 2015, pp. 1073–1096. 334

Sule

383

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:55 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

measures that appropriately tackle identified problems within its scope of powers and that it does so only insofar as necessary.339 161 The EU however also commands genuine executive powers in some policy fields such as in the area of external commercial policies and those of EU competition law. Here the need and executive powers for gathering first hand intelligence is crucial to sound decision-making. The same also applies insofar as the EU, in particular the Commission is monitoring Member States’ compliance with concrete EU legislation in other areas. The EU’s competences to act and legislate in certain policy fields entail its institutions’ (in particular the Commission’s) powers to gather information in such areas.340 This is confirmed by the declaratory reference of Article 337 TFEU to the Council’s competence to further concretise the Commission’s instruments for information gathering by decision. 162 Thus, in the area of antitrust policy, the Commission has been given formidable instruments to collect information, including powers to fine stakeholders, namely companies in case of non-cooperation. Such instruments include (obligatory) requests for information, unannounced inspections, and investigations of whole market sectors (sector inquiries).341 The latter may include the power to request information from a multitude of market participants as well as the power to conduct unannounced inspections of premises in a number of undertakings.342 In other words they may aim at collecting confidential business information insofar as relevant for antitrust investigations. These examples show that EU institutions do collect first hand intelligence, not only through open sources, but also with specific instruments of investigation. However, neither do these instruments envisage clandestine information gathering, nor is there any central European (intelligence) agency to do so. 163 Should the EU decide to establish a central intelligence authority to collect such information, it would in principle not face any legal obstacle on the level of EU primary law. However, in view of the above example it makes more sense to keep information gathering within the concrete services of the institutions, namely the Commission, that are enforcing the concrete policy. Clandestine collection of intelligence, however, which may even cover personal data, is not possible at EU level under the current legal system. If necessary for the execution of concrete EU policies within the exclusive powers of the EU, this could possibly be allowed within current EU primary law. It would, however, need to comply with the EU Charter of Fundamental Rights and fulfil the conditions and standards set by ECtHR343 and CJEU344 case law. Thus, such clandestine intelligence collection would e. g. need to be provided for by legal basis (EU secondary law, such as an EU regulation), with safeguards of independent oversight mechanisms345, as well as redress mechanisms where individuals are concerned.346 Furthermore, it needs to be recalled that the EU institutions are as much bound by the loyalty clause of Article 4 (3) second sentence TEU as the Member States. Thus, clandestine information collec339 See Communication from the Commission, Better regulation for better results An EU agenda, COM (2015) 215 final, p. 4. 340 Wegener in: Calliess/Ruffert, Article 337, para 1. 341 Regulation (EC) No. 1/2003 of 16 December 2002 on the implementation of the rules on competition laid down in Articles 81 and 82 of the Treaty, respectively Articles 18, 20 and 17. 342 As has been carried out in view of the pharmaceutical sector in 2009; see Sule, The European Commission’s Pharmaceutical Sector Inquiry and Competition Law Enforcement, ZEuS 2010, Vol. 3, pp. 257–283. 343 See overview of Research Division of the European Court of Human Rights, National Security and European case-law, n. 121, paras 4 et seq. 344 See mns. 47–55. 345 See Cameron, Part 4, Ch 3 in this volume. 346 See Gajdasova, Part 4, Ch 4 in this volume.

384

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:56 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

tion aimed at the Member States, even within the area of exclusive EU policies would violate the necessary relation of trust and therefore Article 4 (3) TFEU. One might consider whether exceptionally such activities could be justified, where there are indications of one or more Member States systematically sabotaging an EU policy that falls into the exclusive powers of the EU. Any such actions would only be proportionate if there are strong indications that the necessary information cannot be gathered through other means (e. g. open sources or direct requests to the Member States). Such an exception would mirror the one already mapped out for Member States that systematically threaten to breach shared values of the EU such as the rule of law.347

2. Obligation to share intelligence in the area of (national) security A different question is whether there are legal obstacles to further cooperation of the 164 Member States intelligence agencies also with the European institutions namely, as regards an obligation to share certain intelligence. At this point EU primary law does not confer any power on the EU to establish such an obligation.348 In fact, it does the opposite. As discussed above, Article 4 (2) TEU is aimed at preserving national security matters as sole competence of the Member States.349 This entails also their competence to decide themselves what kind of intelligence they may want to share in the field of national security. At the same time, they may of course decide to enter into self-binding agreements with other Member States to share such intelligence. Whether they are prepared to do so, though, is rather questionable. In fact, the Commission had in 2005 prepared a draft Council decision that envisaged the compulsory sharing of intelligence in order to combat terrorism.350 The draft however was withdrawn by the Commission later,351 as it apparently did not receive the agreement of all Member States. This could possibly reflect the sensitivity of compulsory sharing of information by national intelligence agencies. This sensitivity may not only originate in fears of potential leaking of sensitive information shared. Rather some Member States may have concerns or even face legal obstacles to sharing sensitive information including personal data with Member States who they consider not to share common values of democracy, the rule of law and fundamental rights.352 In fact, even if EU law envisaged an obligation to share such information, Member States would be entitled to deny this in cases where they deem another Member State not to meet essential standards of protecting fundamental rights.353 It is noteworthy that the solidarity clause of Article 222 TFEU obliges Member States 165 to act jointly in the spirit of solidarity if a Member State is a victim of emergency situations, such as terrorist attacks or natural or man-made disaster. This obligation enumerates a number of reactive and preventive measures that the Union and Member 347

See above, mns. 117–119. Article 73 TFEU offers a possibility to Member States to establish forms of coordination between authorities responsible for the protection of national security. This, however, can hardly be interpreted as a provision transferring any powers to the EU. Rather it affirms in a declaratory way the power of the Member States to establish such cooperation forms under international law. See also Rossi in: Calliess/ Ruffert, Article 73, paras 1 et seq. 349 See above paras 19 et seq. 350 Proposal for a Council decision on the transmission of information resulting from the activities of security and intelligence services with respect to terrorist offences of 22 December 2005, COM (2005) 695 final, at :http://eur-lex.europa.eu/legal-content/DE/HIS/?uri=CELEX:52005PC0695&qid=1499424232259, last visited on: 13 April 2018. 351 See Withdrawal of obsolete Commission proposals [2007], OJ C66/6 at: http://eur-lex.europa.eu/ legal-content/EN/TXT/PDF/?uri=CELEX:52007XC0322(02)&from=EN, last visited on: 13 April 2018. 352 As pointed out in discussion by Körner on 13 July 2016, see above n. 313. 353 In analogy to the arrest warrant case discussed at mns. 113–116. 348

Sule

385

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:56 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

States need to take. They include i.a. to mobilise all disposable instruments including military resources made available by the Member States, e. g. to prevent the terrorist threat in the territory of the Member States. It does not, however, define concrete measures, which a Member State should have to take. They might include financial, medical and logistic support, but also intelligence activities.354 Yet, Article 222 neither imposes any concrete obligation to take intelligence action nor to share intelligence information. Whether such an obligation might arise under specific circumstances, i. e. as the only or pivotal measure in order to fulfil the aim of e. g. preventing a terrorist threat, cannot be examined in this context.355 166 At the same time the political climate might quickly change, if Member States, feel that there are multiple concrete threats to the national security of all, i. e. in the face of an existential crisis. In such a situation they might be ready to create an obligation for sharing intelligence deemed highly relevant to combat concrete terrorist threats. As Dearlove has rightly pointed out, the economic crisis of 2008 suddenly allowed the Member States to take joint actions in the field of finance and economy, which before had not been deemed possible.356

G. Conclusions EU primary law does not set down express rules on intelligence activities of the Member States, but at the same time it contains a number of rules that limit such activities. While clearly reserving legislative matters of national security to the Member States, it does not grant them carte blanche for actions taken in the interest of national security. Rather it limits such actions to what is necessary and proportionate where such actions have an impact on policies that fall into the competence of the EU. At the same time the loyalty clause of Article 4 (3) TEU, which reflects the supranational nature of this legal order, forbids any intelligence activities between Member States which impact on EU policies and are not related to national security. The same applies to the relation of Member States and EU institutions. Thus, different conditions apply when examining lawfulness of intelligence activities of Member States under EU law, depending on whether they are connected to national security or not. This, however, requires a clear definition of what national security encompasses. In the long run, neither Member States nor the relevant courts, i. e. CJEU and ECtHR, will be able to sidestep this question. There are strong arguments to limit the concept to aspects that are essential to the functioning of the State. So far no legal disputes have arisen between Member States or Member States and the EU institutions. While they may also remain unlikely in the near future, they cannot be ruled out as the warning of Ms Reding, former Vice President of the EU Commission, indicates.357 Finally, at this time there are clear legal limits under EU primary law to institutionalise substantial intelligence cooperation beyond what already exists. Issues of national security and intelligence activities had lacked clear legal regulation at national level for a long time, even in countries of long democratic and rule of law traditions. There, legal bases of State measures, conditions for fundamental rights 354

Calliess in: Calliess/Ruffert, Article 222, para 34. Even if such a legal obligation were established it is rather questionable whether and how it would be enforceable before the courts. Primarily, Article 222 TFEU is dependent on the political willingness of the Member States to cooperate and support each other. 356 Dearlove, n. 57, p. 38. 357 See above, n. 7. 355

386

Sule

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:56 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. National Security and EU law restraints on Intelligence Activities

limitations and democratic oversight have been established only relatively recently. In a similar manner, such legal frameworks are necessary at EU level at least for those situations where such measures overlap with areas of EU policies and laws. Common rules on preconditions, limits and oversight mechanisms of intelligence activities would also establish a clear legal framework for further intelligence cooperation at EU level. Need for the latter will not diminish in view of the multiple risks that globally develop and will continue to affect the EU. Last but not least, a common clear legal framework regulating intelligence activities also increases the population’s acceptance of such measures and trust in the individual State and the EU.

Sule

387

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:57 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3 The problem of oversight Iain Cameron Outline A. Introduction ...................................................................................................................... B. Organisational contexts .................................................................................................. C. Internal controls and the need for external oversight ............................................. D. Parliamentary accountability ......................................................................................... E. Accountability to expert bodies .................................................................................... F. Special problems concerning oversight of signals intelligence and international co-operation ...................................................................................................................... G. The European dimension to national oversight........................................................ I. Indirect influence .................................................................................................... II. Oversight of EU institutions................................................................................. H. Concluding remarks ........................................................................................................

mn. 1 13 25 30 51 66 79 79 97 108

Bibliography: Abazi, European Parliamentary Oversight Behind Closed Doors, 5 Cambridge Journal of International and Comparative Law 31 (2016); Arar Commission, A New Mechanism for the RCMP’s National Security Activities, Canadian Govt publications, 2006 (“A new mechanism”); Arar Commission, Report of the Events Relating to Mahar Arar, Analysis and Recommendations, Canadian Govt publications, 2006 (“Analysis and Recommendations”); Bigo, Carrera, Hernanz, Jeandesboz, Parkin, Ragazzi, and Scherrer, National programmes for mass surveillance of personal data in EU Member States and their compatibility with EU law, European Parliament Directorate-General for Internal Policies, Policy Department C: Citizens’ Rights and Constitutional Affairs 2013; Bipartisan Policy Organisation, Today’s Rising Terrorist Threat and the Danger to the United States: Reflections on the Tenth Anniversary of The 9/11 Commission Report, 2014; Born/Johnston/Leigh, (eds.) Who’s watching the spies? Establishing intelligence service accountability, Washington, Potomac Books Inc, 2005; Born/Leigh/Wills, (eds) International intelligence cooperation and accountability, Routledge, 2011; Born/Leigh/Wills, (eds) Making international intelligence cooperation accountable, Geneva, Centre for the Democratic Control of Armed Forces (DCAF), 2015; Born/Wills, (eds) Overseeing intelligence services: A toolkit, DCAF, 2012; Cameron, Foreseeability and safeguards in the area of security: Some comments on the ECHR case law, in: Van Laethem/Vanderborght (eds), Vast Comité I, Comité Permanent Contrôle des Services de Renseignements et de Sécutrité, Inzicht in toezicht: Regards sur le contrôle, Intersentia, 2013; Cameron, Balancing data protection and law enforcement needs: Tele Sverige and Watson, 54 CMLRev (2017); Cameron, National security and the European Convention on Human Rights, Kluwer Law International, 2000; Cameron, Oversight of Intelligence Agencies: The European Dimension, in Goldman/Rascoff (eds), Global Intelligence Oversight: Governing Security in the Twenty-First Century, OUP, 2016; Council of Europe Commissioner for Human Rights, Democratic and Effective Oversight of National Security Services (2015); CTIVD, Annual Report, 2015 (English version); CTIVD, Review Report no. 56, The multilateral exchange of data on (alleged) jihadists by the AIVD, 2018; Dietrich, Of Toothless Windbags, Blind Guardians and Blunt Swords: The Ongoing Controversy about the Reform of Intelligence Services Oversight in Germany, Intelligence and National Security 1 (2015); Fundamental Rights Agency, Surveillance by intelligence services: fundamental rights safeguards and remedies in the European Union – Vol. I, Mapping Member States’ legal frameworks, 2016; Fundamental Rights Agency, Surveillance by intelligence services: fundamental rights safeguards and remedies in the European Union – Vol. II, Field Perspectives and Legal Update, 2017; Eijkman, Q., Eijk, N. van, & Schaik, R. van, Dutch National Security Reform Under Review: Sufficient Checks and Balances in the Intelligence and Security Services Act 2017?, IViR, University of Amsterdam, (2018); Eur. Com. for Democracy through Law, Democratic Oversight of the Security Services, CDL-AD(2007)016 (June 11, 2007), available at http://www.europarl.europa.eu/meetdocs/2009_2014/documents/libe/dv/3_cdl-ad%282007%29016_/3_cdl-ad%282007%29016_en.pdf.; Eur. Com. for Democracy through Law, Opinion on the International Legal Obligations of Council of Europe Member States in Respect of Secret Detention Facilities and Inter-state Transport of Prisoners, CDL-AD (2006)009 (March 11, 2006); Eur. Com. for Democracy through Law, Update of the 2007 Report on the Democratic Oversight of the Security Services and Report on the Democratic Oversight of Signals Intelligence Agencies, CDL-AD(2015)006e (Mar. 21, 2015), available at http://www.venice.coe.int/webforms/documents/?pdf=CDL-AD(2015)006-e; Farson, Canada’s long road from Model Law to Effective Oversight of Security and Intelligence, in Born/

388

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:58 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. The problem of oversight Johnson/Leigh (eds) Who’s watching the spies? Establishing intelligence service accountability, Potomac Books Inc, 2005; Farson, Parliament and Their Servants: Their role in scrutinizing Canadian Intelligence, 15 Intelligence and National Security 225–256 (2000); Farson/Phythian, Commissions of Inquiry and National Security: Comparative Approaches, ABC-CLIO, 2011; Greenwald, No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State, Metropolitan Books/Henry Holt 2014; Haydn, Playing to the Edge: American Intelligence in the Age of Terror, Penguin, 2016; Leigh, Rebalancing Rights and National Security: Reforming UK Intelligence Oversight a Decade after 9/11, 27 Intelligence and National Security 722–738 (2012); Lustgarten/Leigh, In From the Cold: National Security and Parliamentary Democracy, OUP, 1994; Malgieri/De Hert, European Human Rights, Criminal Surveillance and Intelligence Surveillance: Towards “Good Enough” Oversight, Preferably but not Necessarily by Judges, in Gray/Henderson, The Cambridge Handbook of Surveillance Law, CUP, 2017; McCubbins/Schwartz, Congressional Oversight Overlooked: Police Patrols vs. Fire Alarms, 28 American Journal of Political Science, 165 (1984); National Research Council of the National Academies, Bulk Collection of Signals Intelligence: Technical Options, National Academy Press, 2015; Oliver, Government in the United Kingdom: the search for accountability, effectiveness and citizenship, Open University Press, 1991; Power, The Audit Society: Rituals of Verification, OUP, 1999; Sejersted, Intelligence and Accountability in a State without Enemies, in: Born/Johnson/Leigh (eds.) Who’s watching the spies? Establishing intelligence service accountability, Potomac Books Inc, 2005; Stortinget, Dokument 15 (1995–96) Rapport til Stortinget fra kommisjonen som nedsatt av Stortinget for å granske påstander om ulovlig overvåking av norske borgere (Lund “Report”); Stortinget, Dokument 16 (2015–2016) Rapport til Stortinget fra Evalueringsutvalget for Stortingets kontrollutvalg for etterretnings-, overvåkings og sikkerhetstjeneste (EOS-utvalget); UN Human Rights Council, Report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism, Martin Scheinin: Compilation of good practices on legal and institutional frameworks and measures that ensure respect for human rights by intelligence agencies while countering terrorism, including on their oversight, Doc. A/HRC/14/46, 17 May 2010; US Congress, Senate, Select Committee to Study Governmental Activities. Final Report, Book II: Intelligence Activities and the Rights of Americans (1976) (“Church Report”); van Outrive, Intelligence Services in Belgium: A story of legitimation and legalisation, in Brodeur/Gill/Töllborg, (eds), Democracy, Law and Security: Internal Security Services in Contemporary Europe, Ashgate, 2002; Wills/ Vermuelen (eds), Parliamentary Oversight of Security and Intelligence Agencies in the European Union, European Parliament, Study, 2011; Zegart, The Domestic Politics of Irrational Intelligence Oversight, 126 Political Science Quarterly (2011)

This chapter examines the oversight of intelligence agencies. It begins with the organizational context of oversight. Then the interplay between external oversight and internal controls is examined, before turning to the relative advantages and disadvantages of parliamentary and expert oversight bodies. The chapter proceeds by taking up the particular problems involved in oversight of international cooperation between intelligence agencies, and in overseeing signals intelligence agencies. Thereafter, the European dimensions of intelligence oversight are examined briefly. The final section consists of a number of concluding remarks.

A. Introduction There is no authoritative definition of “intelligence oversight”. In the present chapter 1 it is used to mean the review, monitoring, and supervision of intelligence agencies and their activities by a parliamentary or independent expert body. The term “oversight” is of US origin and is used there to refer to Congressional monitoring of the activities of the executive branch generally, in line with the constitutional principle of the separation of powers.1 The US was the first state in modern times to introduce Congressional oversight of the intelligence agencies specifically following the revealing of extensive wrongdoing by them during the 1960s and 1970s.2 The term “intelligence oversight” has 1

https://www.senate.gov/artandhistory/history/resources/pdf/CRS.Oversight.pdf. See, in particular, the Church Report 1976. Reform in the area of intelligence in several states (not just the US) has often been “scandal-driven” with periodic “fire alarm” inquiries (McCubbins/Schwartz, 1984, Johnston, 2005) rather than the continuous low-key “police patrols” which characterize oversight. 2

Cameron

389

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:58 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

2

3

4

5

since been adopted by the international academic discourse, and by intergovernmental and non-governmental organizations involved in security sector reform. One can say that oversight forms one part of a more general framework of the accountability of intelligence agencies within a democratic state.3 The primary purpose of accountability is the avoidance of misuse of power. In a democracy, public power comes from the people and the exercise of executive power must, directly or indirectly, be answerable to the representatives of the people. Simply put, the potential for abuse of power can lie with the political (mis)use of the intelligence agency – (political policing) – or in the impenetrability of the agency itself (the State within the State). Some states experience both problems simultaneously. Within a general framework of accountability, oversight can be distinguished, first, from the issue of control of intelligence agencies (instructing them generally, and ordering them to do specific things)4 and second, from the issue of providing remedies for possible wrongdoing by them. Control which is external to the agency (and, as shown below, internal controls are very important) is primarily a matter for the government, or executive power. However, as certain powers of intelligence agencies involve restricting constitutional and human rights, even the judiciary can be tasked with control functions (directing investigations, or approving particularly intrusive methods of investigation). As regards remedies, traditionally in a democratic state it is the judiciary which adjudicates allegations of wrongdoing. Thus, oversight, in the sense of supervision, but without exercising control or remedies functions, would appear largely to be a function for the remaining branch of government, the legislature. But the reality in European states tends to be much more complicated than this simple model based on the separation of powers. There is an unavoidable degree of overlap between the present chapter and several of the other chapters in this volume, particularly those on human rights, remedies and the EU’s competence in national security matters. Firstly, for European states, the case law of the European Court of Human Rights (ECtHR) interpreting the European Convention on Human Rights (ECHR) has influenced how states have constructed their systems of oversight, and so it is necessary to say something, albeit brief, about this case law. Secondly, in practice, the oversight function is often linked closely to the function of providing a remedy for an alleged abuse of power. Thirdly, oversight by EU bodies of EU agencies involved in intelligence, and the indirect effect EU law and EU institutions can have on national intelligence agencies, means saying something about EU competence in the field of national security. Oversight can be for different purposes, and focused on different things.5 It can be backward-looking to apportion responsibility, or forward-looking for the purposes of learning from mistakes. It is often both. There are various things which can be focused upon. It can be about keeping an agency within its legal mandate, particularly as regards compliance with constitutional and human rights. It can be about the appropriateness or legitimacy of the activities of an agency, a wider concept than legality (even if the legal principle of proportionality can blur the boundaries between the two concepts). Intelligence oversight can be about bringing a degree of transparency into this area, 3 Following Oliver’s definition of accountability as “being liable to be required to give an account or explanation of actions and where appropriate, to suffer the consequences, take the blame or undertake to put matters right, if it should appear that errors have been made”. See Oliver, 1991 (22). Although there is no such explicit requirement in Oliver’s definition, it is only meaningful to speak of intelligence accountability in democratic states, even if democracy, of course, is on a sliding scale. 4 See the discussion of the concepts of review, accountability and oversight in the context of security in Arar Commission, A New Mechanism, 2006, (456–463). 5 Born/Leigh/Wills, 2015, Chapter 15.

390

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:59 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. The problem of oversight

characterized by secrecy, something which is necessary for legitimacy of state action in a democracy. Oversight can also be (partly) about compensating for the lack of press or parliamentary scrutiny by bringing some sort of external evaluation of the effectiveness of the agency – does it achieve the results it was created for – and/or its efficiency – does it use its resources efficiently? Why is an oversight in the field of intelligence particularly problematic? The normal 6 legislative mechanisms, for controlling the administration, works by ensuring accountability of the executive for the actions of the administration. But intelligence agencies operate in secret, and even executive control over them may be deficient. The parliamentary mechanisms for ensuring executive accountability will obviously not function when the executive itself lacks control. Even where the executive is in control, when the legislature does not have its own sources of information to check on the legitimacy of a particular claim made by the executive, it will seldom be in a position to hold the executive accountable. Where parliamentary accountability is deficient, it becomes even more important that 7 the national courts are able to perform this function effectively. But for various reasons the ordinary courts are often not in a position to perform adequately this task in the area of national security. Powers granted governments in this area are often largely discretionary, meaning that there is a wide spectrum of “legal” actions in specific cases, ranging from the clearly appropriate to the clearly inappropriate, but not so inappropriate that the actors could be said to have acted without legal authority, or committed an offence. Useful statutory definitions of what is meant by the term “national security” often do not exist in domestic legal systems, making it very difficult for the judiciary to rule that an exercise of power falls outside the scope of “national security”.6 Courts may moreover lack the procedural competence (e. g. jurisdictional obstacles)7 or the will to intervene. Even if they have both, they may feel constrained not to do so. They may feel that, constitutionally, this area belongs to the executive. Or they may consider that the policy element looms large in national security decision making, outweighing the adjudicative element. Or they may reason that they have neither the access to all the relevant information nor the training and experience necessary to evaluate this information properly, if they had it. Or they may feel that the public nature of the judicial process is inappropriate for matters which should be kept secret. Even if they have the jurisdiction, the competence and the will to intervene, they can only exceptionally act proprio motu and must usually wait for an appropriate case to present itself (the “accident of litigation”). This will be rare when an interference with individual rights usually occurs in secret. It is particularly important, as regards the limited value of “normal” parliamentary and 8 judicial control, to note the special nature of security intelligence. The heart of a security agency is its intelligence files. An intelligence agency needs to gather “speculative” information in order to determine which people are, or are probably or possibly, threatening national security. This information must be graded to indicate its reliability, and the grading periodically reassessed. In other words, intelligence officers basically make a risk assessment of the available information as to whether a particular group or phenomenon is a security threat. It takes a long time for any external oversight body to penetrate the world of intelligence, to understand what is a “reliable” intelligence assessment, and why this is so. But unless and until an external oversight body is in a position to make a reasonably informed “second assessment”, it is not a real safeguard. 6 See Sule, National Security and EU law restraints on Intelligence Activities, Part 4 Chapter 2 in this volume. 7 See Gajdošová, Effective Remedies against Intelligence Actions, Part 4 Chapter 4 in this volume.

Cameron

391

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:59 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

This, then, is the first, and most important, problem of intelligence oversight; how can oversight be constructed so as to be meaningful without at the same time undermining the effectiveness and efficiency of the agencies being overseen? This is primarily a national problem and different solutions have been found. Historical, constitutional, organizational factors mean that there can be no single model for “successful” oversight. It is difficult to compare very different oversight mechanisms with each other, partly because it is the overall result which is important, not the individual components. Having said that, comparative material is very useful when a state goes about the task of constructing a system of oversight. Comparative information on “better ways of doing things” is helpful to counter an argument (from the agency itself, or the government) that there is “no alternative.” Nowadays we know enough to say what can work, what does work, and what definitely does not work. 10 Constructing an oversight system is primarily a national problem, because the main question is for national decision makers and it is: bearing in mind the powers we feel our intelligence agencies should have, is our oversight good enough to minimize abuse of power, ensure respect for human rights, maintain efficiency in the use of resources etc.? One measure that oversight is inadequate is repeated complaints about it expressed in parliament. Another is if there are recurring highly critical views expressed by the press and civil society. A difficulty with both of these means of “measurement”, particularly the latter, is that the press and civil society can misunderstand the efficacy of existing safeguards against abuse of intelligence powers, particularly when these are of a technical nature. Understandably enough, the press is suspicious of secrecy, seeing it as prima facie evidence of wrongdoing. The press also loves scandals, and has a tendency to present every issue in black/white terms. Still, widespread criticism is an important factor to take into account. 11 The second problem applies to European states in general and EU states in particular.8 It is a consequence of the first, combined with the fact of European integration. State parties to the ECHR will be responsible at the level of public international law if they fail to construct and implement satisfactory accountability mechanisms and institutions at the national level, where such a failure negatively affects rights under the ECHR, such as privacy, freedom of association and freedom of speech. Similarly, states are responsible at the level of EU law if they fail to live up to the requirements of EU law (to the extent that these requirements touch upon intelligence issues). And while all EU states have established intelligence oversight mechanisms, the quality, and quantity, of oversight in practice varies enormously. In many EU states, there is little, or no, meaningful intelligence oversight in the sense set out above. In other words, measured against the minimum standards of the ECHR, let alone ideal standards, oversight in many EU states is not very good. 12 The present chapter will try to say something about both these problems, particularly the first of these. This inevitably involves summarizing rather complicated issues. For more detail the reader is therefore referred to the “standard works” on intelligence oversight in Europe.9 9

8 Non-European states can naturally also be subject to treaty obligations, particularly human rights treaties such as the UN International Covenant on Civil and Political Rights, which indirectly require states to control (inter alia, by effective oversight) how their intelligence agencies operate. See, in particular, the standards developed by the UN Special rapporteur on terrorism (UN Human Rights Council, 2009) However, the ECHR involves more developed standards, and the EU involves a greater level of supranational impact on national oversight. 9 The Venice Commission reports on democratic oversight of security services and signals intelligence agencies are central in this regard. See Eur. Com. for Democracy through Law, 2007, updated 2015 and Eur. Com. for Democracy through Law, 2015. I was the rapporteur for both these reports and the present

392

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:05:59 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. The problem of oversight

B. Organisational contexts Oversight tracks the security architecture in the state, i. e. how the different national intelligence agencies are structured, organised and run. This in turn is dependent upon a number of factors, particularly historical factors, the threats the state faces (or perceives as facing) and the type of government of the State (parliamentary, semipresidential, presidential). In some States, the constitution is firmly based on the separation of powers, which in turn means that the conduct of foreign and defence policy is often the exclusive or primary preserve of the executive. The term “intelligence agencies” is used here as a collective term, but as is well known, there are different types of such agencies and the oversight appropriate for these varies to some degree. Internal security agencies can be distinguished from external intelligence agencies, even if the boundary lines between them can at times be difficult to draw. Military agencies can be distinguished from civilian agencies. The principal mandate of the first may be confined to intelligence collection relating to military threats to the State, and the security/loyalty of the armed forces, although again the boundary line between this and the mandate of a civilian agency may be difficult to draw.10 Lastly, signals intelligence agencies should be mentioned. Having grown out of the decryption and radio interception agencies of the Cold War period, these agencies now monitor the content and patterns of global telecommunications traffic which is now primarily carried in fibre optic cables. They may also have responsibility for developing and maintaining communications security, e. g. defensive measures against computer network attacks. The signals intelligence function can be incorporated into the external intelligence agency (as is the case for Germany) or shared between agencies (as is the case for the Netherlands). In other states, such as Sweden and the UK, signals intelligence agencies are organizationally independent from the other agencies. Some states have a single agency for internal and external security.11 Others have distinct agencies for internal and external intelligence and security, with either separate or overlapping territorial competences, as in Hungary, Germany, Poland, Romania and the UK. A state may naturally have several agencies with intelligence functions.12 Moreover, parallel lines of governmental responsibility may exist, e. g., to the head of government, the ministry of justice/interior, and the ministry of defence. An intelligence agency may be part of a government department or organized as a separate legal entity.13 The advantage in having different agencies is specialization. The disadvantages are naturally fragmentation of purpose, “turf battles”, duplication of work and greater, or much greater, difficulties in monitoring and controlling the agencies. chapter builds extensively upon these. For other European “standard works” see Wills/Vermuelen, 2011, Council of Europe Commissioner for Human Rights, 2015, Born/Leigh/Wills, 2015 and FRA, 2016. 10 For example, where the state sends troop contingents to peace-keeping operations in areas heavily penetrated by organized crime, the military may want to know about the links which exist between crime in the host area and its own State, and the present and future threats contacts with organized crime can pose to the safety of its personnel, the integrity of the military command structure etc. 11 For example, Spain, the Centro Nacional de Inteligencia (CNI), regulated by the law 11/2002 of 6 May (as amended). 12 The US intelligence community is a case in point, with 16 different agencies, or government departments, with large intelligence functions. Romania is another case, with six different agencies. 13 E. g. the CNI is a corporate body under public law and a department of the Ministry of Defense. The French internal intelligence agency (Direction centrale du reseignement intérior, DCRI) is a department of the Ministry of the Interior.

Cameron

393

13

14

15

16

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:00 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

A basic difference should be mentioned between European states which grant their intelligence agencies engaged in internal security police powers, and those which do not. Some European states, such as the Netherlands, Slovenia, the Czech Republic and Germany,14 have separate civilian agencies with primary responsibility for security crimes. Such agencies might also be given strategic responsibility for surveillance of terrorism. These agencies have no police powers. If they wish to make arrests, interrogate suspects etc. they must act through the police, usually a special section of the police. Other states, such as Denmark, Finland, France, Ireland, Sweden and Switzerland, have security police, either fully integrated into the command structure of the ordinary police, or as separate police organizations. However the internal security function is organized, all such agencies tend to have a preventive focus, meaning that they investigate what can be called “pre-crime” (a concept which naturally has an inbuilt risk of abuse of power). Thus, even where the state has a security police, it tends to employ many different sorts of civilian analysts. There is no natural dividing line between security matters and crime, especially in the case of what is perceived in, at least in western EU states, to be the major security threats to most European states today, namely terrorism.15 There can thus be an inbuilt tension in the relationship between the police (which is invariably a much larger organization) and the internal security agency. 18 It is up to the state whether it wants to have a civilian security agency or a security police. Undoubtedly, police powers of arrest, search and seizure can, when combined in the same organization with the powers and capabilities of a security agency, create a very powerful institution. However the acceptability of such an institution from the perspective of accountability and the protection of individual rights depends upon the adequacy of the control structure created to prevent abuse, or overuse, of power. Whatever choice the state makes in this regard, there is obviously a need for a closely coordinated police-security response to terrorism. 19 In most States, the tasks and the extent of the exceptional powers of the internal security services are set out in parliamentary legislation, either “organic” laws16 (e. g. Spain) or ordinary legislation (e. g. Sweden). External agencies and signals intelligence agencies were traditionally seen as not infringing citizens’ rights, and so legislation was not seen as being so necessary. However, the growing together of external and internal security has changed this, and, together with the requirements of the ECHR that powers restricting human rights must be “prescribed by law” means that even these agencies’ mandate, power and organisation should be set out in legislation.17 In addition to legislation, more detailed norms, or guidelines, are normally set out in subordinate legislation promulgated by the executive (which, if in the form of executive orders will usually be published) or by the Head of the security service in question (which will 17

14 For obvious historical reasons, this has been taken particularly seriously in Germany. The Trennungsgebot (separation of police and intelligence organisations) is set out in the Gesetz über die Zusammenarbeit des Bundes und der Länder in Angelegenheiten des Verfassungsschutzes und über das Bundesamt für Verfassungsschutz (Bundesverfassungsschutzgesetz – BVerfSchG) [Act on the Federal Office for the Protection of the Constitution], Dec. 20, 1990, BGBl. I at 2954, 2970, as amended, § 2, para 1, sentence 3, § 8, para 3. 15 This is not to say that this is the major threat. Espionage, including economic espionage, is a major threat, as is non-proliferation. While the military threat posed by Russia is nowhere near the level of the threat posed by the USSR, Russian hybrid warfare is still threatening for states on its borders, as shown by its intervention in the Ukraine. 16 Laws dealing with the “organs” of the State, also called “cardinal” laws, the enactment of which require special parliamentary majorities. 17 See below, mn 85–86.

394

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:00 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. The problem of oversight

usually be secret). Where defence or foreign policy matters are, according to the constitution, the primary responsibility of the president, this will have implications for the legal status of the norms regulating the agency (as well as the accountability arrangements). In France, for example, up until 2015, there was no parliamentary legislation on the internal security services, the whole organizational structure of these services having been set out in executive decrees. The legal mandate given to the intelligence agency obviously deeply affects the oversight which can be performed by the agency, as the oversight will usually be focussed on keeping the agency within its powers. Two illustrations can be given here. Where these powers are framed in broad, discretionary, terms, then meaningful oversight will tend to be difficult. Where powers are given which have a considerable potential for intrusion into constitutional and human rights, then oversight should be more extensive, in other words, oversight should “match” powers. The extent to which a state allows outsourcing of intelligence functions will also affect oversight which tends to be focussed on state agencies. Some states, e. g. the US, have gone far in this regard. But privatization of other (previously) state services such as telecommunications also deeply affects intelligence agencies. The prime sources of intelligence are now social media, databanks and telecommunications. It is private companies which are the motors in developing social media, data storage and the telecommunications industry, meaning that intelligence agencies have to work together with such companies. But even in a wider perspective, the comparative strength or weakness of state institutions vis-à-vis powerful private interests are an important part of the organizational context affecting oversight. The most obvious example of this is the level of corruption and the penetration of state institutions by organized crime. For many European states, organized crime is a much larger and more pressing threat than terrorism. As government departments are both “taskmasters” and “consumers” of intelligence, they cannot be seen as an oversight body. Instead they exercise control over a security agency.18 The degree of bureaucratic (meaning the civil servants in the departments) and governmental (meaning politically responsible ministers) control exercised depends upon a number of factors which can vary from State to State and from time to time in the same State. There may be relatively strong bureaucratic control, at the same time as an agency may deliberately have been given a statutory, or even constitutional, degree of insulation from day to day governmental/ministerial control. Independence in practice can also arise in particular, where the government in the State is weak for some reason (e. g. governmental power in the State is continually changing hands because of political instability, or voting preferences and the electoral system often result in weak coalition governments). In most, if not all, States, the monopoly of specialist knowledge possessed by the agency will itself grant the agency a considerable degree of autonomy in practice from governmental control. There are examples in the past of agencies more or less setting their own security agendas, despite, in theory, strong governmental control. Finally, it is not simply the powers given to an agency which should influence oversight. The mere size of an intelligence agency gives a preliminary basis for deciding what sort of oversight is necessary; both its size in relation to the police and in absolute terms. The police have the primary responsibility for public order and crime investigation. In many states this responsibility will include investigation of terrorism. Thus, the internal intelligence agency should be able to concentrate on intelligence gathering. Even if low-intensity threats (lone-wolf terror inspired by extremist ideologies etc.) are 18

See Lustgarten/Leigh,1994, (314).

Cameron

395

20

21

22

23

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:00 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

many, and intelligence work is labour-intensive, the intelligence agency should be smaller – much smaller – than the police. 24 Another important relationship is between the resources of the intelligence agency and the resources of the overseer. There is no simple arithmetical relationship between number of overseers and the number of personnel in the agency being overseen, but numbers and relative budgets of the overseer compared to the budget of the agencies have some significance in determining whether an overseer is a façade or, at least on paper capable of sufficient insight. If you have an agency of, say, 2000 people, and say, one person (with two assistants) is put in charge of external oversight, then you are probably looking at a façade.

C. Internal controls and the need for external oversight Internal control is the primary guarantee against abuses of power. The staff working in the agencies should be committed to the pluralistic, democratic values of the State and to respecting the legal mandate of the agency and human rights. Even if external overseers are knowledgeable in intelligence matters and relatively well funded, the external oversight body will likely be very small in comparison to the body it is overseeing. It will thus rarely have the capacity to dig both broadly and deeply but will only be able to “sample” the work and files of the agencies overseen. External oversight then, tends to work on a “metalevel”, to buttress the internal controls and periodically ensure these are working properly. One can then ask, why have external oversight at all?19 One important reason is that internal limits will not suffice because, while the staff of an intelligence agency should set limits on the collection of data, it is not primarily their job to limit themselves and think about the damage which overcollection of intelligence can do to the vital values of democratic societies. A problem for the personnel of any intelligence agency is that they can develop a “security mindset”. The vulnerability of democratic societies combined with the diffuse nature of the threats against them means that intelligence is wanted on everything which is, or can become, a danger. Unless external limits are imposed, the natural tendency of all agencies is to over-collect information. Physical and administrative capacities may previously have set limits on the extent to which an intelligence agency could interfere with peoples’ human rights. However, major technological advances, particularly in data collection, processing and analysis and in surveillance, have dramatically increased the capacity of an intelligence agency in this respect. 26 Intelligence agencies have certain special features, in particular, compartmentalization of intelligence, which make imposing internal controls more difficult. Nonetheless, the senior management of the agency must exercise efficient control in practice over the lower ranks of the agency, ensuring that authorization routines are followed, in particular as regards investigative methods capable of infringing personal integrity, ensuring that setting policies and deciding security priorities is at a high level in the agency and that there are clear chains of responsibility. A legal requirement to document decisions and that certain types of instructions (internal and/or governmental) must be put in writing20 can act help to prevent what has been called “plausible deniability”, a regrettably common problem in intelligence accountability. Junior ranks 25

19 The British approach to oversight seemed for a long time to have been based on the idea that, since you would never be able to satisfy everyone that oversight was working properly, you might as well not satisfy anyone, Cameron, 2000 (455). 20 See e. g. the Canadian Security Intelligence Service Act 1984, Sections 7(1) and (2).

396

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:01 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. The problem of oversight

must be in a position to determine what sort of measures are lawful and legitimate, so that dubious orders can be identified and officially queried.21 Having said this, intelligence work is still to a considerable extent to be regarded as “craftsmanship”. This means allowing a high level of administrative discretion. The inevitability of open-ended rules in this area places even greater emphasis on 27 training, and periodic retraining, of all staff in the importance of democratic and human rights values and in awareness of the dangers posed by security work to these values. It means recruiting staff from relatively different political and social backgrounds. The need for competent staff to deal with the complex, transnational problems posed by terrorism also requires a wide form of recruitment and training in social, political, religious contexts.22 Retaining competent staff also requires good working conditions. The staff of an intelligence agency is subject to special psychological stresses as a result of the importance of their work and their need to keep matters secret, at times even from close colleagues. The mandate of the oversight body should thus be framed widely to monitor all of these different aspects of internal controls. An institution which can form a bridge between internal and external controls is an 28 “inspector-general”. The idea originates from the US intelligence community, which now has around a dozen inspectors-general. This is a position internal to the agency, but with a statutory defined area of independence and wide-reaching powers of access to information and staff, thus operating within the “ring of secrecy”. The primary function of inspectors-general is, however, not to provide public assurance about accountability, but rather to strengthen accountability to the executive and they often have a remit that extends to efficiency, avoiding waste and audit, as well monitoring legality and policy compliance. Having said this, some inspectors-general can also either report to an external oversight body or be tasked by it to perform specific functions. The speed of technological development is another reason for establishing an 29 inspector-general (and for that matter, external oversight). Rules are often designed to be technique-neutral. The technology may have become much more powerful but it might still be governed by an old, outdated legal framework. The agency is likely to have an inbuilt tendency to argue that increases in surveillance or data-processing capabilities can nonetheless still fall within existing statutory powers. The secrecy of such measures means that they are unlikely to come, or come speedily, before the courts for an authoritative determination of their legality. An inspector-general can perform an assessment of legality one-step removed from the agency itself.

D. Parliamentary accountability There are several reasons why parliamentarians should be involved in the oversight of 30 intelligence agencies. Firstly, the ultimate authority and legitimacy of these agencies is derived from legislative approval of their powers, operations and expenditure. Secondly, there is a risk that the agencies may serve narrow political or sectional interests, rather than the State as a whole and protecting the constitutional order, if democratic scrutiny does not extend to them. Thirdly, the involvement of parliamentarians can also help to ensure that the use of public money in security and intelligence is properly authorised 21 By contrast, providing for subsidized professional insurance cover for employees, as CIA director Haydn did, removes the personal (civil law) responsibility an intelligence official has, who acts in breach of the law, Haydn, 2016 (218). 22 Arar Commission, Analysis and Recommendations, 2006 (327).

Cameron

397

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:01 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

31

32

33

34

35

and accounted for. Most EU states have opted for establishing one or more parliamentary oversight committees.23 However, despite the strength of the arguments for parliamentary oversight, there are many drawbacks. Intelligence policy is, like all policies, something which benefits from a wide-ranging discussion over the political spectrum. However, parliamentarians tend to be inappropriate overseers of the details of intelligence work. When parliaments scrutinize the executive, they tend to work by means of asking questions. The information obtained then serves as the basis for debate and criticism. Publicity is thus the mechanism of ensuring political accountability. By contrast, the most effective scrutiny of security is detailed and unglamorous work that is usually unattractive to politicians who seek immediate public credit for their contribution. It also takes a long time to understand intelligence (it has a long “learning curve”), and parliamentarians may have neither the patience nor the interest necessary to develop the necessary expertise.24 This is particularly so where there is a lack of political stability in the State, resulting in frequent changes of government or very large changes in parties represented in the parliament. If the agency wishes to conceal information from an amateur, part-time investigator, for whatever motives, good or bad, it is probably able to do so. In semi-presidential systems, but even in deeply fragmented parliamentary systems, an antagonistic relationship can develop between the president and/or parliamentary majority on the one hand, with the minority in parliament on the other. Oversight over security can become party politics. Inexperienced parliamentarians may air accusations and conspiracy theories in the chamber in order to attract publicity. Worse, sensitive material disclosed to parliamentarians may be leaked to the press. Where the institutions of the State are weak (e. g. there is serious corruption in the parliament), granting the parliament insight into the operations of the intelligence agency will risk compromising it and the secrecy of its work. Indeed, corrupt politicians may seek to become part of a parliamentary oversight body to protect themselves and their interests. In some EU states there is still a high level of suspicion amongst the public that there is a “state within the state”. In such states there is likely also to be suspicion that the “deep state” seeks to place “its people” in the parliamentary oversight body, in order to render it harmless. For some or all of these reasons, a State may choose to establish an expert oversight body instead, or in states with a bicameral legislature, situate the oversight body in the second chamber where members are less party political or where there is longer continuity of membership. The mandate of parliamentary oversight bodies differs considerably between EU states. By virtue of express constitutional provisions, or indirectly by constitutional convention, parliament usually determines the mandate of its scrutiny committees.25 However, in this area, the executive may have considerable influence over the content of the mandate. Some states have “functional” oversight, with a single oversight body for all the security and intelligence agencies, whereas other states have agency-specific oversight, 23

Overviews can be found in Wills/Vermuelen, 2011 (92–95) and FRA 2016 (34–41). The same point often holds true for another mechanism of parliamentary control, namely an ad hoc parliamentary commission of inquiry. Such commissions can be powerful investigative tools in many States, with considerable powers of obtaining documentation and examining witnesses. See generally, Farson/Phythian, 2011. 25 See e. g. Germany where the Law on the Parliamentary Control of Activities of the Federal Intelligence Services 1978, as amended, (hereinafter PKGrG) § 4 para 2 provides that the number of the PKGr’s members, its composition and its working practices shall be laid down in a parliamentary resolution of establishment. 24

398

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:02 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. The problem of oversight

with different oversight bodies for different agencies.26 The advantage of the former approach is that it facilitates seamless oversight. Since different parts of the intelligence machinery work closely with each other, an effective oversight body needs to be able to cross agency boundaries. There is also considerable variation in what different parliamentary oversight bodies 36 in EU states can look at. A particular dividing line goes between bodies with the power to scrutinize the operations of intelligence agencies, although this is invariably framed as ex post facto oversight27 and bodies which are largely limited to looking at overarching security policy.28 The distinction between policy and operations is often difficult to make in practice. However, to assess effectiveness, legality or respect for human rights, access to some operational detail is absolutely necessary. But simply providing that the oversight body may look at operations obviously does not solve all the problems. Ongoing operations should not be the object of scrutiny, as this risks interfering in matters which are for the agency and the government. At the same time, the long-term nature of security operations can easily be used as an excuse to avoid the scrutiny of an oversight body. Finding a balance between a satisfactory level of information on operations at the same time as not interfering overly in the work of an intelligence agency is something which requires building up a relationship of mutual trust between the agency and the oversight body. A disadvantage with giving a parliamentary oversight body access to operational 37 detail is that it will tend to raise a barrier between it and the remainder of parliament. Another disadvantage is that a legal requirement that the body be notified in advance of certain actions by the agency can inhibit it from later criticism of these operational matters.29 Moreover, where the body goes beyond oversight stricto sensu and is tasked with approving certain types of operation, e. g. surveillance operations, then this makes it part of the control system. This in turn means that it should not also perform the function of a complaints body, as otherwise it would be investigating itself. Such an advance notification requirement can also lull the oversight body into a false sense of security. It is difficult exhaustively to define all the types of operation which notification should cover, and new types of threat, and new types of response, can emerge. By administratively redefining an existing power or authority, an agency may be able to engage without notification in the kind of operations it was originally intended notification should cover. This is another illustration of how important internal controls, are, and staff commitment to democratic values. Giving a parliamentary oversight body a broad right of access to documents (rather 38 than simply passive receipt of information or the ability to receive testimony from senior staff) is the normal way of ensuring that the body has knowledge of operational detail. This in turn raises means the security screening (vetting) of members and whatever staff the body has, as well as putting in place measures to protect the physical security of documentation. Constitutional doctrines on parliamentary privilege can be an obstacle to vetting MPs. If so, then this will mean that 26 In the US, the Department of Homeland Security reports to 92 committees and subcommittees of Congress, see Bipartisan Policy Organisation, 2014 (21). 27 Examples here are the Control Panel of the German Bundestag (Parlamentarisches Kontrollgremium, PKGr) or the Norwegian oversight body (kontrollutvalg for etterretnings-, overvåkings- og sikkerhetstjeneste (EOS-utvalget). 28 This was the case up until 2013, for the UK Intelligence Security Committee (ISC). The Justice and Security Act 2013 gave the ISC a limited mandate to look at operations. For criticism, see Leigh 2012. 29 This was the experience of the former Norwegian oversight body, see the Lund Report (434–439) and, allegedly, of the US Senate intelligence committee as regards the NSA expansion of the scope of its surveillance beginning in 2001.

Cameron

399

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:02 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

39

40

41

42

43

the oversight body will face serious difficulties in its access to information. In any event, it appears that in no EU state does a parliamentary body have unrestricted access to intelligence information.30 How great an independent investigative capability of the oversight body should have depends on its functions and the degree to which it feels it can rely on the material it receives from the government and the agencies being monitored. As already mentioned, an alternative to, or an addition to, giving an oversight body its own staff is to permit it to task an executive-appointed inspector-general to investigate a particular issue and report back to the oversight body. In some States, however, there may be constitutional difficulties in having an executive officer, responsible to the government, also serving on occasion parliament or a parliamentary body. Where, for some reason an inspector-general is not an option, and an oversight body examines more than policy, it should have access to at least a residual investigative capability of its own. On occasion, officials might have to be interviewed systematically, and their replies compared and analysed. Information an oversight body has received, e. g. a threat assessment, might on occasion usefully be compared with other sources, e. g. academic studies and comparative material. Some countries have stipulated explicitly that the oversight body is also entitled to obtain information and documents from experts, e. g. in think tanks or universities.31 This allows for alternative viewpoints to those of the government and the services to be considered. Staff tends to be crucial when it comes to the oversight body’s access to information, not only because of the greater amount of time they have, and their greater expertise, but also because they provide an element of continuity of contact between the oversight body and the intelligence services, whereas parliamentarians will come and go.32 Obtaining staff with expertise in intelligence can mean employing those that have previously served in intelligence-related functions. If this is considered, then to avoid divided loyalties it is inappropriate to have staff members who are still serving in the agency, and who are simply seconded to the oversight body.33 Whatever the degree of access to information they are given, oversight bodies obviously need to make great efforts to protect from unauthorised disclosure information and documents related to sensitive issues (about persons) and/or about national security. Unauthorised disclosure of information may not only harm national security interests, but will also harm the trust which is necessary for an effective relationship between the oversight body and the services. Unauthorised disclosure by a member of an oversight body may involve penalties under applicable secrecy legislation.34 Another issue concerns the report a parliamentary body makes. Publicity, or the threat of it, is a means of trying to ensure that the government is responsive to whatever problems the oversight body has identified, and whatever criticism or recommendations it makes for dealing with these, even if the oversight body’s need for a professional 30

Wills/Vermuelen, 2011 (142). See, e. g. Article 14 (4), Loi du 15 Juin portant organisation du Service de Renseignement de l’Etat, Memorial-Journal Officiel du Grand-Duché de Luxembourg, 2004, A-No. 113. 32 Farson, 2000. The 2009 reform of the German PKGr included increasing its staff and allowing panel members to bring in their own (security-cleared) staff to assist them. Having said this, the control instruments the PKGr has are mainly focused on the government, not the intelligence services themselves, Dietrich, 2015 (13). 33 During the first years of its existence, the UK ISC had a secretary who was seconded them from the British internal security agency, MI5. 34 See, e. g. the Norwegian Act relating to the Monitoring of Intelligence, Surveillance and Security Services, 1995, Section 9. 31

400

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:02 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. The problem of oversight

working relationship with the intelligence agency will mean that it can usually be expected to accept the agency’s request not to reveal particular information. Different methods exist for reconciling openness with the need for security. The German system can be mentioned in this respect: the report of the Control Panel is secret, but the panel can, by 2/3rd majority, waive this requirement.35 In this way, it retains an important bargaining tool in its relationship with the government, at the same time as minimizing the risk of criticism being made on party political grounds. Even if really sensitive information is excluded, an important function of the oversight body is to provide for greater transparency. The legitimacy of the oversight body in fact means that it has to provide as much information as possible to the public, in as readable a form as possible. A number of parliamentary oversight bodies in EU states are unsatisfactory in this regard, either publishing no information at all, or only short, uninformative reports.36 A parliamentary oversight body may have the final word on the content of a report, but if it only has the power to produce an annual report, and not a special report, it will be unable to draw attention to activities which require an urgent response. A parliamentary body which cannot control the timing of its report risks its report losing all political impact. A report can only contain recommendations, but where the report identifies serious problems, then some follow-up response from the agency and/or the government is obviously expected. The oversight body should thus be free to respond to the follow-up and give its views on whether identified problems are, or are likely to be, solved by the corrective measures taken or proposed. Something should be said about deciding the membership of parliamentary bodies. In some systems, parliamentary rules on committee membership generally may mean that there may be little scope for a meaningful parliamentary oversight body. As already mentioned, considerable time is usually needed to build up expertise in security matters. This is undermined by a rule requiring rotation of committee members every parliamentary term. The ability of the oversight body to command the respect of both the agency being monitored, and from parliamentary colleagues and the public, will usually be enhanced if its members are relatively experienced and senior. However, seats on committees are often distributed within parties according to seniority, and as there is often little public credit to be derived in this area, there is an evident risk that senior members may choose other committees on which to serve. Variations exist concerning the appointment of members of parliamentary oversight bodies. For example, in Germany, responsibility for appointment rests solely with the parliament, where the Bundestag votes by majority to accept each individual member of the Parliamentary Control Commission.37 Although traditions vary within parliamentary systems concerning the chairmanship of parliamentary committees, the legitimacy of a parliamentary oversight body is usually enhanced if, rather than being appointed by the government, the chair is chosen by the committee itself. Legitimacy is also strengthened if the chair is a member of the opposition or if the chair rotates between the opposition and the government party (as is the German practice). Three final issues can be noted as regards parliamentary oversight. A number of states provide for some form of external involvement in, or scrutiny of, the appointment of the director of an intelligence agency. This can ensure broad political backing for the director’s appointment as well as reinforce and guarantee the status of the position. PKGrG, as amended, § V, 1, Dietrich, 2015 (13–14). FRA 2016 (41). 37 See PKGrG, § 4 paras 1 and 3.. 35 36

Cameron

401

44

45

46

47

48

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:03 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

Such processes can be in constitutional conventions (for instance, the UK and Sweden) or formal statutory requirements.38 49 The second issue is audit by a parliamentary body. As with oversight generally, it requires some ingenuity to devise systems for protecting secrecy while nevertheless ensuring that auditors have the wider access to classified information necessary to certify whether the services have used government funds within the law. Without access to operational detail, auditors are not able to do either a proper efficiency or a proper effectiveness audit. Understandably, limited restrictions to protect the identities of certain sources of information and the details of particularly sensitive operations may be imposed.39 Even here, an inspector-general can have a role to play. 50 The third issue is that a parliamentary oversight body can be given a function as a whistleblowing instance: intelligence staff concerned about possible illegalities can be permitted to reveal secret information to the oversight body, without sanctions being applicable.40

E. Accountability to expert bodies Expert bodies can serve as either a supplement or a replacement for parliamentary bodies and/or as a supplement or replacement for judicial control/approval of coercive measures. They can also be given remedies functions. Remedies will not be dealt with, as these are the subjects of another chapter in this volume. It should, however, be noted that there can be considerable advantages in combining oversight with complaints functions. If the oversight body can receive complaints it can get a feel for the areas perceived by the public to be unsatisfactory, and thus useful background in deciding on whether or not to launch a proprio motu investigation, or initiate a thematic inquiry. The general problems for oversight by expert bodies are similar to those of parliamentary bodies and need not be repeated here. However, a number of extra points need to be made, relating to mandate/powers and membership of expert bodies, the relationship between an expert body and parliament and the connection with judicial control. 52 An expert body allows for greater expertise and time in the oversight of security and intelligence services and avoids the risks of political division and grandstanding to which parliamentary bodies can be susceptible. The body may be full or part-time, but even if it is part-time, the supervision exerted is likely to be more continuous than that exercised by a parliamentary body, the members of which have many other political interests and responsibilities. The members’ tenure can be made longer than the standard electoral period, something which is particularly important as intelligence has, as already mentioned, a relatively long “learning curve” (mn 31). 51

38 See e. g. the Belgian Act Governing the Supervision of the Police and Intelligence Services, 1991, Art. 17. 39 In Spain, in accordance with Article 11 of the law 11/2002 a special Committee in the Parliament is established to control CNI’s budget and be informed generally about its activities and the progress of tasks given to it by the Government. The Director of CNI attends to the Committee on his or the Committee’s request. The only official secrets kept from this committee are the CNI’s sources and means of gathering information and the information received from foreign intelligence agencies or international organisations. For other models see Born/Leigh/Wills, 2015, Chapter 20. 40 This was a part of the 2009 reform of the PKGr. Having said this, any such whistleblowing is reported to the agency in question. Even if no criminal sanctions are applicable, whistleblowing is likely to damage or even end a person’s career in the agency, something which is obviously a powerful disincentive. See also below mn 80.

402

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:03 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. The problem of oversight

As compared to a parliamentary body, there will not be a problem of vetting the members of an expert body, meaning that generally speaking, it will be easier to give an expert body access to sensitive operational material. The membership of the expert body will depend partially upon its mandate. Where the focus of the body is ensuring that the security agency abides by the law, it is reasonable to assume that several of the members should be lawyers, or legally trained. Lawyers are trained to have good judgment, weighing different interests against one another. However, they may, depending on the legal culture of the State, be less inclined to question the legitimacy of discretionary judgments, so long as these fall within the acceptable span of decision-making. Where the body has a broader mandate, this might favour appointing people from different walks of life, such as historians, criminologists and political scientists.41 If the problem for parliamentary oversight bodies can be summarized in the word “competence”, the problem for expert bodies can be summarized in the word “legitimacy”. This affects both how the body is established, how members of the body are chosen and to whom or what the expert body reports. As regards establishment of the body, it is greatly desirable for the legitimacy of the expert body, and its good relations with parliament, that it is created by statute. Only where the parliament has voluntarily accepted that accountability is better exercised by an independent expert body, rather than a parliamentary body, will the former be in a position to give plausible reassurance to both the parliament and the public that misuse of powers is not occurring. Moreover, in order to maintain parliament’s confidence in the expert body it is necessary to provide for institutional links between the two. Not involving parliament in some way can easily lead to resentment and tensions, e. g. parliament may want greater access to intelligence material, and might try to compel the expert body to reveal this.42 An expert body will not consist of elected politicians having earned a reputation for competence and integrity during a number of years in the public gaze. They will instead usually be figures who are less well known to the public. As the expert body will rarely be in a position to reveal to the public the basis for its conclusions, the public have to trust it. One way of improving the basis for this trust is to reveal, as much as security considerations make possible, the reasons for its conclusions. Another way is to involve the parliament in both choosing the members of the body and by making, or letting, the body report to the parliament. Different ways of involving the parliament in choosing the members exist. For example, the government can appoint the members but after a process of consultation with all the parties represented in parliament, or at least the leaders of these parties. Parliament itself can choose and appoint the members. The government can appoint the members from a list chosen by the parliament. Whatever the methods chosen, it is vital for the legitimacy of the expert body that its members are either generally regarded as apolitical or, where instead members have political affiliations, that there is an appropriate political balance in the body.43 The same need exists for expert bodies, as for parliamentary bodies, to have control over their own agendas, their objects of investigation and over the publication of annual and special reports. It is possible to provide for parliament,44 or even the 41 An example here is the Swedish Defence Intelligence Inspection, Statens Inspektion för försvarsunderrättelseverksamheten, SIUN, where until recently one member (a former MP) was a university lecturer in Russian. 42 See Farson, 2005 (99–118) on the experience of the Canadian SIRC. 43 See van Outrive, 2002 for critical remarks concerning the politicisation of the Belgian Committee R which occurred at one stage of its existence. 44 See the Dutch Intelligence and Security Services Act 2002 Article 78(2). It is also possible in Norway, though the power has not been used.

Cameron

403

53

54

55

56

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:03 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

government,45 to task an expert body to make a particular investigation, without compromising its independence. However, in states where this is permissible, tasking tends not to occur, because of the expert body’s proprio motu power of investigation. 57 There can be important advantages in having both a parliamentary oversight body focusing on policy issues and an expert body operating within the “ring of secrecy”. An expert, technocratic type of monitoring can get out of touch with political priorities. Moreover, an expert body will not usually be in a position to defend itself vis-à-vis the press and public or the parliament as a whole. But where there is a parliamentary body with a good relationship with an expert body then there are conditions for two-way communications, where the expert body is able to reassure the parliamentary body that things are in order (or the opposite of course) and the parliamentary body is able to reassure the parliament as a whole and the public that the expert body is in touch with political “realities” and is doing its job properly. 58 An alternative to establishing a parliamentary body and expert body is to create a hybrid body, which consists partly of active politicians, including serving members of parliament, and partly of expert members. An example of this is the Swedish Commission on Security and Integrity Protection (Säkerhets- och integritetsskyddsnämnden, SIN), which consists of one MP from all the parties represented in the parliament, and three lawyers (of which two are serving or former judges).46 Another example is the French CNCTR, which consists partly of judges and partly of members with political experience, as well as a member with technical expertise. A third example is the German G-10 Commission, whose expert members tend to be connected to political parties, even though they have (so far) not been serving MPs. In the best case analysis, such a hybrid body can combine legitimacy with expertise. As dealt with in more detail below, technical expertise is particularly important as regards oversight of technical aspects of surveillance. The extent to which these types of hybrid models are appropriate for other states depends partly upon how far the state in question adheres to a strict separation of powers and partly upon where the preponderant problems in security oversight are seen as lying, with the political control of the agency, or with the agency itself. 59 Like parliamentary bodies, expert bodies can have functional monitoring powers, which is, e. g., the Dutch approach,47 or be agency specific.48 Some bodies can have only a partial mandate to monitor an intelligence agency, focussing on particular measures with special potential for infringing human rights.49 For an expert body, even more so than a parliamentary body, it is important that the scope of its review is drawn carefully, to avoid disputes as to whether a particular activity falls within the body’s mandate and to avoid overlaps with other accountability mechanisms, in particular judicial controls over police powers and Ministerial accountability to parliament.50 45 E. g. in Belgium, government tasking can occur under Article 32 of the Act of 18 July 1991 on the supervision of the police and intelligence services. 46 SIUN is a smaller body, with political representatives (in general) only from the two largest parties. 47 The Dutch oversight body, the CTIVD, supervises the General Intelligence and Security (AIVD) Service, the Defence Intelligence and Security Service (MIVD), other bodies, such as the police to the extent that these carry out AIVD and MIVD activities as well as the coordinator for the intelligence and security services which falls under the authority of the Prime Minister’s office (see Intelligence and Security Services Act of 7 February 2002, Articles 1 and 4. 48 E. g. SIUN monitors only the Swedish signals intelligence organisation. 49 E. g. the Swedish SIN does not have a mandate covering all aspects of the work of the Police and the Security Police, but instead focuses on data banks, surveillance and the use of secret identities. See also the discussion of data protection inspectorates, infra. 50 For example, the mandate of the Belgian “Committee R” was originally drafted widely, and was narrowed somewhat by statute in 1999. See van Outrive, 2002 (50).

404

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:04 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. The problem of oversight

A particular form of expert body with a limited supervisory mandate is data ombudsmen/data protection inspectorates. Where such data protection ombudsmen and inspectorates continuously supervise the accuracy, reliability, legitimacy and proportionality of the intelligence stored, these operate as oversight. Where they decide on complaints from members of the public who allege that flawed data is stored on them they are a remedies/complaints procedure.51 Bearing in mind the crucial importance of data banks to the work of a security agency, and the already mentioned (mn 8) distinction between security intelligence and “hard” data, it is imperative that some such supervisory body exists in every State, and that it has sufficient powers, in law and practice, to perform control functions satisfactorily. In this respect one can note that the EU has legislated on data protection, by means of the General Data Protection Regulation52 and the EU directive regarding processing of personal data by law enforcement.53 EU data protection rules provide inter alia for independent oversight, meaning the creation of a national data protection authority with supervisory powers and which provides individuals with effective remedies. However, the above mentioned directive excludes from its scope activities outside the scope of EU law [Article 2(3)(a)] and Recital 14 of the directive makes it clear that data processing for national security purposes is such an activity. Thus, even if it is the CJEU which has the final word on what does, and does not, fall within this exception, there is no EU obligation to subject intelligence agencies to ordinary national procedural and substantive data protection rules, or to the supervision of national data protection authorities. Some EU states nonetheless locate their controls over security data specifically within the general data inspectorate, giving a specific security-screened person, or team of people, the function of monitoring this data. Other EU states provide for specialist, expert control bodies. A few EU states provide for both.54 Significantly, however, several EU states either provide only for weaker controls by the data protection authority over data processing by their intelligence agencies (Cyprus, Italy, Lithuania and Poland) or no external control at all (Czech Republic, Estonia, Romania and Slovakia).55 Another type of specific mandate which can be granted to an expert body relates to surveillance. Here the body operates as a substitute, or a complement, to judicial authorisation procedures. The exploratory and speculative nature of much intelligence surveillance, and the connection security crime has to politics, is an argument which has been used in some states for having a different system of authorisation for this type of surveillance. There are good arguments for having both judicial authorisation and a follow-up supervisory oversight exerted by an expert body. Judicial authorization only deals with the question of whether sufficient grounds exist for using special investigative measures 51

See Gajdošová, Effective Remedies against Intelligence Actions, Part 4 Chapter 4 in this volume. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), OJ L 119/1 4.5.2016. 53 Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA OJ L 119/89, 4.5.2016. 54 For example, in Sweden, the databanks of the security police (the internal security agency) and the external, signals intelligence agency are subject to both the supervision of specialist bodies and the ordinary Data Inspectorate (using specialist security-screened staff). 55 FRA 2016 (46–51). 52

Cameron

405

60

61

62

63

64

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:04 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

to obtain data on individuals. It rarely if ever touches upon what the agency then does with this data, let alone all the other things the intelligence agency does. A system of follow-up oversight can examine the “big picture”. When it looks at special investigative measures, for example, it can examine the pattern of past authorisations, matching the initial suspicions with the product obtained. As such it is able to act as a forwardlooking mechanism, recommending improvements in how targeting decisions and intelligence gathering priorities are made in the future, so as to minimize interference with human rights. 65 Where an expert body instead operates only as a substitute for judicial authorisation and not simply as a complement to it, it is especially important that the body in question is sufficiently resourced, capable, independent and motivated to exercise meaningful oversight. The most obvious factor in determining this is the attitude of the agency being overseen: if it (or its political master) is uncooperative, then meaningful oversight will be very difficult. But assuming there is at least a reasonable amount of cooperation, meaningful oversight will depend in particular on three factors. The first of these is the expertise of the expert body in security matters, and the time it actually spends making spot checks. The second factor is the scope of the review performed – is it simply looking at compliance with the law. For example, as far as surveillance is concerned, is it looking at the appropriateness of the targeting or is it only making a formal check of whether the intelligence agency has filled in the correct grounds for launching the surveillance. The third factor is the methodology of the expert body in making spot checks. As it will not be able to look at everything, it must focus its resources on the area(s) of greatest risk of harm, meaning (usually) harm to individual rights.56 In the cases its singles out for analysis, it should be able to make a deep, critical analysis, e. g. as far as surveillance is concerned, examining all the supporting evidence over time for a pattern of surveillance.

F. Special problems concerning oversight of signals intelligence and international co-operation An oversight body faces special problems when it comes to cooperation between intelligence services in different states and when it comes to overseeing signals intelligence. I will begin with international cooperation.57 While various sorts of joint operation exist, this sort of cooperation usually takes the form of arrangements for exchange of intelligence. Where an intelligence agency merely receives intelligence from an overseas agency with which it has an arrangement, it can argue that it is not responsible for how this intelligence was obtained. In fact, there can be strong incentives for the receiving agency not to inquire into how it was obtained. If the receiving agency asks too many questions, it may well receive embarrassing answers, namely that the material was indeed obtained by unethical means. This reluctance to inquire is strengthened where an agency is in practice dependent on friendly foreign agencies providing it with intelligence. 67 Whatever national restrictions which apply to obtaining information tend only to apply to actions within the territory or to direct actions by State officials. This means that an agency may benefit from intelligence collected overseas by another country’s agency in ways that it would not be legally permitted to use. Asserting some form of 66

56 57

406

Of course, there can be other types of harm. For these problems in more detail, see generally, Born/Leigh/Wills, 2011 and Born/Leigh/Wills, 2015.

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:04 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. The problem of oversight

accountability over the opposite situation, supplying information to another country’s agency, can also be problematic. First, the information is unlikely to result in a decision that can be directly traced to the supplying agency. Second, even if traced to the supplying agency, it can argue that it has no responsibility for whatever action the receiving agency takes on the basis of the information. Thus, there are good reasons for providing for external oversight of intelligence exchange arrangements and how they work in practice. However, in many states, information is routinely supplied in accordance with the 68 “originator” or “third party” rule. This provides that the source is not to be revealed without the express permission of the originator, to any other body, including the courts or whatever oversight bodies exist in the receiving State.58 Where the legal systems of both the supplying and receiving agencies protect the secrecy of international relations in this way, the result is a vacuum of accountability.59 In order to make oversight meaningful in this area it is necessary, to begin with, that 69 both the supply and receipt of data must be regulated by statutory provisions setting out the general standards relating to agreements to transfer data. Such statutory standards should include formal conditions, such as the need for the agreement to be in writing, and be made at the proper level in the agency in question, as well as substantive conditions, such as the need to take into account the human rights implications, excluding certain types of information from transfer and mitigating whatever risks might arise as a result of such cooperation.60 It should be a requirement to inform the oversight body, or bodies, of the content of such agreements.61 There should be statutory requirements on a supplying agency to check the reliability and accuracy of the intelligence before it is transferred and similar requirements on a receiving agency, when information is received from another State.62 All of this can and should be the subject of external oversight. As regards oversight and the originator rule, foreign source data should in principle 70 not be excluded from the supervision of whatever data monitoring arrangements exist for data of national origin. The network nature of certain threats, such as international terrorism, and the network response to these threats, mean that the situation is likely to arise frequently that an oversight body in one state is denied access to important foreign source data which forms part of the reasons behind the general policies or specific operations of its own intelligence agency and which it accordingly considers that there is a pressing need to examine. For some states, oversight of foreign source data is expressly excluded.63 Other states, such as the Netherlands and Sweden, make no exceptions to the oversight bodies access to the intelligence agency’s data files, meaning that all incoming, and outgoing, information is part of their supervision. 58 Haydn 2016 (221–2) describes how he, as CIA director, personally informed the director of the equivalent service of the closest ally of the US, the British MI6, that all US intelligence exchange would cease if the British government complied with the order of a British court to disclose documentation (including US documentation) relating to a civil claim for damages (for torture) made by a Guatanemo detainee. 59 This makes the ECtHR case law on extraterritorial responsibility (infra, text at fn 92–94) all the more important. 60 Arar Commission, Analysis and Recommendations, 2006 (348). 61 See e. g. Canadian CSIS Act, Section 17(2) which requires that the oversight body, the Security Intelligence Review Committee (SIRC) be given copies of all CSIS agreements with foreign governments and international organizations. 62 See Arar Commission, Analysis and Recommendations, 2006 (fn 72) (334). An example of a supply rule can be found in the Bundesverfassungsschutzgesetz (BVErfSchG), Germany, 2002, Art. 19. 63 See, e. g. Loi No. 2015-912 du 24 juillet 2015 relative au renseignement, amending the Code Internal de securité which excludes this material from the scrutiny of the French oversight body, the CNCTR.

Cameron

407

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:05 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

There are, of course, legitimate secrecy concerns. However, the way to handle these is to ensure that the oversight body is itself reliable. Where the intelligence agency feels it cannot trust its oversight body, it will not make available foreign source data to it. Parliamentary oversight tends to give rise to more concerns as regards secrecy, and this is another argument for expert or hybrid, rather than pure parliamentary oversight. If necessary, one can provide that especially stringent security arrangements may be permissible for access to such data, as is the case for the Norwegian expert oversight body.64 72 The above points build upon the traditional idea of bilateral exchange arrangements. However, in at least two areas, intelligence agencies have gone beyond this and created multilateral platforms which allow international exchange of data in, or almost in, realtime. The first is signals intelligence (below). The second is the Counter-Terrorism Group database on “jihadis” operated by the intelligence services in the EU, Norway and Switzerland. The database is administered by the Dutch intelligence services on behalf of the group. A genuine multilateral database creates special problems for oversight. In particular, who is accountable if different standards are being applied by the different agencies for acquisition, processing, communication, retention and deletion?65 73 Finally on this point, the correct response to networking by intelligence agencies is for national oversight bodies to also engage in networking. Although secrecy rules naturally apply to these bodies, which, as previously mentioned, have to build up trust in the agencies they oversee, at the very least, they can exchange information on “best practices”, trends and problems (in general terms) which have emerged in their work. They can also make available to one another the published evidence from equivalent investigations and reports in world languages. More systematic cooperation is made easier if the oversight bodies are expert, rather than parliamentary, if they are well-established, have similar mandates and a similar approach to security/ rights balancing. A first step has been taken in this direction: the expert oversight bodies in Belgium, the Netherlands, Norway, Germany and Switzerland have been cooperating as regards the oversight issues which have arisen in connection with the CTG database.66 74 I will turn now to the particular problems involved in overseeing signals intelligence agencies. Not all states have signals intelligence agencies with “offensive” capability (espionage/exploitation and computer network attacks). However, every state nowadays needs some sort of agency to engage in defence of computer networks and the line between defensive and offensive measures is increasingly difficult to draw.67 To begin with, due to their geographical location, different states have access to different cable and satellite-borne telecommunications, which means that data are frequently collected which are of interest to other states. Moreover, the nature of the Internet, with communications being broken down into “packets”, sent on different routes, and then “reassembled” means that different states can obtain access to different parts of the same message. Thus, while many states co-operate with each other by exchanging domestic and foreign intelligence with one another, the links between allied states as regards signals intelligence can be even stronger. The “originator” rule can therefore be a particularly serious obstacle to oversight of signals intelligence agencies. 71

64 See the evolution of the supervision exercised by the Norwegian EOS-utvalget in this regard, Stortinget (71). 65 See the recommendations of the CTIVD 2018 (33–36). 66 CTIVD 2018 (8). 67 Haydn, 2016 (140–145).

408

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:05 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. The problem of oversight

To understand why parliamentary oversight of signals intelligence is seldom appropriate, it is necessary to understand the special nature of the process of collecting, analyzing and retaining data by means of signals intelligence.68 Balancing of privacy and other human rights concerns against other interests comes in at several points in this process, but two crucial points are when a decision is made to use particular selectors, and when human analysts decide whether or not to keep the information in question. The first type of decision resembles, at least in some ways, a decision to authorize targeted surveillance. The case law of the ECtHR makes it clear that some form of judicial or quasi-judicial authorization body is necessary to control the dynamic process of refining the selectors.69 As the decision involves considerable policy elements, knowledge of intelligence techniques and foreign policy are also desirable. Finding a group of people who combine all three types of competence is not easy, even for a large state. Thus, for authorization purposes, it is easier to create a hybrid body of judges and other experts. The technical sophistication of signals intelligence makes it difficult to supervise without the aid of technical experts, so such experts must either be members or in the staff of the body.70 The second type of decision is of a “data protection” character, which can be overseen afterwards by an expert administrative body. Such a body must be independent and have appropriate powers. It must be focused first on following up the authorization given – what sort of material was collected – and second on what sort of material it is justified to keep. It is possible to combine the two functions, “judicial” authorization and “administrative” follow-up in the same body. However, where the body has authorisation functions, there are problems involved in giving the same body remedies functions, as otherwise it is checking up on itself.71 However a state chooses to construct its oversight of signals intelligence, a parliamentary body is not appropriate. The main reason is that none of the two functions (three, if remedies are included) is “political” in nature. Another problem is of parliamentarians finding sufficient time for oversight along with all their other duties. Giving it authorisation functions means either having a standing body (one that can be called together at short notice) or at the very least, a body which meets regularly. A third is the already mentioned problem of security screening parliamentarians. Thus, strong arguments exist, in states with signals intelligence agencies, not to oversee these by means of parliamentary bodies.72 This is not to say that parliament has no role to play in relation to signals intelligence. Since the revelations by former NSA contractor Edward Snowden, the level of public distrust in signals intelligence is so great that it is crucial to link whatever expert oversight body is established to the 68

National Research Council of the National Academies, 2015, Chapter 2. Weber and Saravia v. Germany, App. No. 54934/00, decision 29 June 2006 § 88. For a detailed treatment of the issue up to 2015, see Eur. Com. for Democracy through Law, 2015 (§ 85–106). See also the later cases of Roman Zakharov v. Russia, App. No. 47143/06, Judgment (Grand Chamber), 4 December 2015 and Szabó and Vissy v. Hungary, App. No. 37138/14, Judgment 12 January 2016 and Malgieri/De Hert, 2017. 70 Cf. CTIVD Annual report 2015 (39). The CTIVD expressed concern about the lack of privacy safeguards and called for stricter oversight of Dutch signals intelligence. 71 The new Dutch Intelligence Act has given the CTIVD a remedies function (see Eijkman et al, 2017 (38), but this is not a problem as it has no authorization functions. The Swedish SIN has control functions when it comes to security screening, which means that it and the complaints function (which it also has) are constructed as “self-contained” parts of the oversight body. 72 A degree of support for this proposition can also be drawn from the fact that the state which was first with parliamentary oversight, the US, and which has always stressed the importance of democratic legitimacy in oversight, chose to establish an expert, hybrid body, the Privacy and Civil Liberties Oversight Board, PCLOB, to oversee signals intelligence. 69

Cameron

409

75

76

77

78

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:05 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

parliament (e. g. by giving it control over the composition of the body, making it report to parliament, allowing parliament to task it with particular investigations). Moreover, the parliament has a role to play in the general policy issue of what sort of matters are of sufficient importance to national security to need signals intelligence about. This latter type of decision would benefit from a (closed) discussion in a political body, where different spectrums of opinion are represented. Another type of policy-oriented issue is deciding on the general rules regarding how and under what circumstances signals intelligence can be collected or be exchanged with other signals intelligence organizations. A third such issue is making a general evaluation of the overall effectiveness and efficacy of signals intelligence measures. A fourth role for a political body is to engage in a continuous dialogue with whatever expert oversight body is established.

G. The European dimension to national oversight I. Indirect influence National security is, as already mentioned, a national responsibility. How this is organized, run, and overseen is a matter primarily for each European state. However, for the member states of the Council of Europe (which includes all the members of the EU) the case law of the ECtHR is important as setting a “lowest level of protection”. Other parts of the Council of Europe have also had an impact on intelligence oversight either by virtue of a supra-national investigative power or through the development of “soft law standards” by means of studies and recommendations. For EU Member States, EU law, and judgments of the CJEU, affect how they construct parts of their oversight systems. 80 Although the focus in this chapter is on institutional oversight, a section on indirect influence is an appropriate place to note the role played in oversight by whistleblowers and of national and international civil society.73 Whistleblowers can bring previously secret information into the open, facilitating public debate and strategic litigation (which might otherwise be blocked by secrecy or standing rules). Civil society can highlight individual cases of alleged misuse, draw public attention to deficiencies in oversight systems and publicize good practices in dealing with oversight. Civil society can also, assuming they fulfil national standing requirements, initiate litigation before national courts and, assuming they fulfil the victim requirement, bring a case before the ECtHR, or assist a victim in bringing a case. They thus often perform a useful “prodding” function for governments and parliaments willing to listen. The increased difficulties international NGOs are experiencing (being attacked as foreign interference) in certain EU states with authoritarian governments is thus a cause for concern.74 81 The ECHR provides one of the few common standards applicable to all European states, and as such is invaluable as a platform upon which to elaborate more detailed European principles of accountability. Unlike under EU law, there is no exclusion of national security matters from the scope of the ECHR. The pan-European legal culture of the ECtHR can give a different perspective on the need to reform an unsatisfactory system, and the direction reform can take. Criticism from the ECtHR can provide the catalyst to break a national “log jam” and give the national legislature the opportunity to overhaul the whole 79

73

See Nyst/King, Intelligence and Civil Society, Part 4 Chapter 5 in this volume. The influence exerted by important NGOs such as Human Rights Watch and Amnesty International means that it is very important that whatever analyses they make are not superficial, journalistic or sensationalist. 74

410

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:06 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. The problem of oversight

field. The ECtHR case law shows that there can be situations when an international body places greater demands than those set by national courts and legislatures. The rendition cases are a good illustration of this last point.75 As the ECtHR assesses 82 state responsibility, its scrutiny cannot be blocked by national separation-of-powers doctrines. Nor is the ECtHR blocked by a refusal on the part of the executive branch to give evidence. The ECtHR is mainly content to let the national courts do the factfinding in the case. Thus, the factual framework is settled, and the ECtHR can focus on structural and policy issues. This means that it will rarely need secret evidence to decide the case.76 On the other hand, the ECtHR will not be impressed by a government refusal to submit requested evidence.77 As the rendition cases show, even if the respondent state withholds evidence, if the ECtHR considers that proof of a violation may follow from the coexistence of sufficiently strong, clear, and concordant inferences, or of similar unrebutted presumptions of fact, then it will find in favour of the applicant. So far, the main ECtHR case law has dealt with setting minimum levels of foresee- 83 ability, particularly as regards legal authority to engage in secret surveillance and security filing/screening. The adequacy or otherwise of a legal mandate is an issue on which judges, national or international, are eminently suitable to pronounce. However, the real challenge for the future relates to the adequacy of the control and remedies mechanisms in practice. The requirements of Articles 8 and 13 of the ECHR in this respect are to ends (effective remedies and safeguards) rather than means. This is a more sensitive area for the ECtHR to take on, as it will involve it in a more policy-oriented exercise of assessing whether a particular blend of controls contains adequate safeguards for preventing abuse of power. The remedies and safeguards that should operate in the area of oversight can rarely be purely judicial in nature. In practice, the value of an external monitor will mainly depend on the political climate in which he or she works, the dedication of the officeholder, and the competence of his or her staff. These are fairly intangible things on which to form an opinion, far away in Strasbourg. The ECtHR is thus relatively illequipped to judge whether formal safeguards are real safeguards, even if it has shown a commendable degree of scepticism in this respect more recently.78 Moreover, the ECtHR has limited follow-up mechanisms. A negative judgment can 84 spur reformist forces in a state to make a more extensive review of intelligence powers and oversight. But if such forces are in a minority in the parliament and the opportunity is not taken to make a more wide-reaching investigation of, and then an implementation of, necessary reforms, then all one achieves is a little more transparency. For example, the UK reactions to the negative judgments of the ECtHR in the late 1980s and early 1990s were formalistic, contenting itself with providing statutory authorization for powers previously exercised under executive decree.79 75 El-Masri v. Macedonia, App. No. 39630/09 Judgment (Grand Chamber) 13 December 2012 Al Nashiri and Husayn (Abu Zubaydah) v. Poland, App. Nos 28761/11 and 7511/13, Judgments 24 July 2014, Nasr and Ghali v. Italy, App. No. 44883/09, Judgment 26 February 2016, Abu Zubaydah v. Lithuania, App No. 46454/11, Judgment 31 May 2018, Al Nashiri v. Romania, App No. 33234/12, Judgment 31 May 2018; see furthermore: Schmahl, Human Rights and Intelligence, Part 4 Chapter 1 in this volume. 76 Although it can receive secret evidence, it tends not to do so. A government can submit evidence that it requests be kept secret [see Article 33(2) of its rules of procedure]. 77 See Article 44C of the ECtHR Rules of Procedure. 78 See Cameron, 2000 and Malgieri/De Hert, 2017. The Zahkarov case (fn 81) is a good example of a more sceptical approach, using extensive civil society criticism as a basis for setting higher standards (and lower requirements to prove that one is a victim of secret measures). 79 The Security Services Act 1989 and the Intelligence Services Act 1994 were attempts to legally authorize “carrying on as before.” The safeguards against abuse in the UK were for a long time almost entirely internal, in other words the professionalism of these services. The external oversight was improved a little in 2013, when the ISC received slightly greater powers and improved a bit more in

Cameron

411

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:07 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

The primary impact of the ECHR as concerns national security will tend to be on internal security agencies: “jurisdiction” under Article 1 is usually synonymous with territory. However, the ECHR has important implications even for control, oversight and remedies as regards external intelligence agencies, because it has a degree of extraterritorial effect. The case law of the ECtHR has dealt mainly with military forces abroad80 such as naval vessels,81 but even extraterritorial security and intelligence activity fairly clearly fall within a state’s jurisdiction.82 The intelligence community (or parts of it) might find it convenient to regard cyberspace as a wholly new domain, analogous to the high seas, where the rule of the jungle applies and there are no laws. However, whichever way you look at it, the processing, analysis, and communication of intelligence material collected extraterritorially is clearly within national jurisdiction, and is governed both by national law and states’ applicable human rights obligations.83 Not all intelligence activities affect convention rights of course, but to the extent that they do, there are various implications. The powers to engage in these activities need to be set out in statute, formulated in reasonably foreseeable terms and subject to adequate controls. Remedies need to be available to those who can, on reasonable grounds, argue that they are the victims of rights violations. 86 To a foreign intelligence officer, this might seem a dramatic, indeed, unworkable requirement. The officer has to engage in activities potentially or actually violating foreigners’ private lives. But this is not as unworkable as it might first appear. Under Article 1, a state is not held responsible for every act it commits: only those acts over which it has exercised sufficient control.84 Where the intelligence service of State A cooperates with the security service of the host state, State B, then disentangling their respective control over the activity in question may be difficult or even impossible. This will presumably often be the case when the issue concerns intelligence exchange. On the other hand, the rendition cases have established that, assuming that sufficient proof can be adduced, there can be responsibility in where cooperation takes more tangible forms, i. e. handing over someone to a non-Convention state party, in circumstances where there is a clear risk that the person will be tortured. In such circumstances, convention state party B, will bear responsibility for every rights violation that the suspect suffers at the hands of non-state party A. 87 As regards this issue of proof, the ECtHR can be said to have explicitly accepted the realities of differential (mis)trust in Europe. In Roman Zahkarov,85 the ECtHR stated that it would henceforth apply two levels of scrutiny to allegations of abuse of powers of secret 85

2016, when safeguards over surveillance were strengthened, at the same time as surveillance powers were expanded, by the Interception of Communications Act. 80 See Al-Jedda v. UK, App. No. 27021/08 Judgment (Grand Chamber) 7 July 2011, Al-Saadoon v. UK, App. No. 61498/08, Judgment 2 March 2010, Ilaşcu v. Moldova, App. No. 48787/99, Judgment 8 July 2004, Bankovic and Others v. Belgium and 16 other Contracting States App. No. 52207/99, decision 12 December 2001, Issa and Others v. Turkey, App. No. 31821/96, Judgment 16 November 2004. See also Eur. Comm. on Democracy through law, 2006 (regarding the host state’s obligations under ECHR to control intelligence activities going on at foreign military bases in its territory). 81 Hirsi Jamaa v. Italy, App. No. 27765/09, Judgment (Grand Chamber) 23 February 2012. 82 See Ocalan v. Turkey, App. No. 46221/99, Judgment 12 May 2005. 83 See Weber v. Germany, (fn 81) § 88. Cf. CJEU Case C-131/12, Google Spain v. AEPD, EU:C:2014:317. The conclusion should thus be that remedies should be available for foreign citizens who can argue that their Convention rights have been violated, e. g. by surveillance operations. This is the case under Swedish law and, since 2016, German law. By contrast, the British remedies instance, the IPT, has stated that noncitizens/residents may not complain to it of a violation of their Convention rights, HR Watch and others v. SSFCO and others [2016] UKIPTrib15 165-CH. 84 See Bankovic case (fn 92) at § 39 (“the positive obligation to protect in Article 1 of the Convention applies proportionately to the control exercised”). 85 Fn 81.

412

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:07 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. The problem of oversight

surveillance: where the national system of remedies ostensibly provided to individuals is not working in practice, the ECtHR will regard the menace of surveillance as sufficient to give an applicant standing.86 Thus, the issue of whether or not a person is a victim is linked to how well the oversight and remedies systems appear to be working. Putting the ECtHR’s case law on the victim requirement together with its case law on extraterritoriality does not necessarily mean that the same controls must operate over foreign intelligence activities as operate over domestic intelligence activities. Under national constitutional law doctrines, judicial control over domestic intelligence activities may be the norm, whereas national doctrines on the separation of powers or judicial restraint in issues of foreign affairs or national security may operate to block judicial control over extraterritorial intelligence activities. But the case law of the ECtHR under Article 8 does not require judicial controls for surveillance of security crime. The difficulties of proof in this area will usually also be even greater than for alleged abuse of domestic power, so complaints are hardly likely to succeed.87 But this does not alter the need to put adequate controls, oversight and remedies systems in place. Nor can one say that this is a waste of time and money. A major point behind having such systems is to prevent violations of rights arising at all. However, the ECtHR cannot take a holistic approach to intelligence accountability in the way a legislature can – laying down general rules as to the mandate of an organization, its powers, the necessary internal and external controls over the exercise of those powers, and the available remedies against abuse of power. The particular facts of the case provide a strict procedural framework for the ECtHR, a crucial difference between judicial and legislative power. The ECtHR is thus limited to examining systems of accountability through the lens of the ECHR requirements, that a limitation on a given human right be for the “protection of national security” “in accordance with the law” “necessary in a democratic society,” and accompanied by “effective remedies” at the national level. Thus, internal control mechanisms (as previously noted, of vital importance in practice) effectively elude ECtHR scrutiny. Having said this, the value of the ECHR is not simply in terms of the actual case law of the ECtHR. The ECHR is part of the public law of the member-states. The decision to create intelligence oversight bodies, and the mandates these bodies received to monitor legality (including proportionality) in a number of states, including Belgium, Sweden, Denmark, Norway, and the Netherlands, has been strongly influenced by ECtHR case law. The ECHR standards are regularly referred to, applied and developed by the oversight bodies in these states which want to live up to ECtHR standards. Even a state that has tended to take a minimalist approach to ECtHR case law in national security issues such as the UK, has to show greater respect when the ECHR is applied by its own courts as public law.88 I will turn now to the impact of EU law on national oversight. The creation of an internal market with freedom of movement of goods, persons, etc., creates a need for much better police and intelligence cooperation. The security of EU states is now linked together in a variety of different ways. In particular, there is a need for timely exchange of intelligence as regards terrorist threats. But while this naturally puts focus on effective cooperation between intelligence agencies, the question of the limits on the work of 86

Ibid. para 171. See e. g. Weber v. Germany, (fn 81) where the ECtHR found that the applicants failed to prove their allegations that German “strategic surveillance” was in violation of international law. 88 See the British case of Liberty v. GCHQ, [2014] UKIPTrib 13_77-H, [2015] UKIPTrib 13_77-H. The court found that there was a (albeit small) deficiency in the British legal basis for signals intelligence. For the time period in question this surveillance was thus not “in accordance with the law.” 87

Cameron

413

88

89

90

91

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:07 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

92

93

94

95

such agencies also arises. The CJEU expects EU member states to trust each other, except in exceptional circumstances.89 Nonetheless, an assurance that the intelligence agencies in all these states will, in practice, not just on paper, comply with certain minimum standards, and that these standards are being enforced by reliable oversight bodies, is an important part of the mutual confidence which is necessary for European cooperation in security matters to work. As already mentioned, the level of parliamentary and press criticism in a state is one indication of how satisfactory its system of oversight is. A more objective indication is whether a state has been found by the ECtHR to have violated the ECHR. Of course, the accident of litigation determines which cases get to the ECtHR, so an absence of negative judgments is not a guarantee that everything is fine. But it seems clear from a number of judgments that there are major failings in the systems of control and oversight in some EU states.90 This is unsurprising: the systems of public administration generally work much better in some EU states than others. But the point is that to the essentially constitutional issue of what sort of oversight is appropriate from national perspective has been added a thin European element. The existence of more successful models of oversight in other EU states should, thus (hopefully) be a positive influence on reform of oversight in a state with poor oversight. Of course, this does not mean that a “successful” model can simply be transferred from one state to another. The contexts, political, constitutional, historical, cultural are quite different (mn 9), and so a foreign model naturally has to be adapted to make it function properly. Above all, the political élite(s) in the state in question have to be (at least moderately) interested in making oversight work. As is well known, the EU has only limited legislative competence in issues of national security. Article 4 of the Treaty on European Union (TEU) provides that “the Union shall respect the … Member States essential State functions, including safeguarding national security … national security remains the sole responsibility of each Member State.”91 This is further buttressed by Article 72 of the Treaty on the Functioning of the European Union (TFEU), which provides that the EU’s competence in justice and security “shall not affect the exercise of the responsibilities incumbent upon Member States with regard to the maintenance of law and order and the safeguarding of internal security.”92 The EU does have the competence to adopt legislation in the area of police cooperation (Article 87 TFEU) and, in relation to material criminal law, as regards organized crime and terrorism (Article 88 TFEU). Title V bestows shared, not exclusive, competence, meaning that the Member States can continue to legislate in these areas, as long as they do not violate existing EU rules. Nowadays, of course, with the threat of international terrorist organisations such as Islamic State (IS), it is no longer possible to keep separate “low” policing (ordinary crimes and public order) from “high” (security) policing. Nor, when the recruiting bases are the alienated suburbs of European urban areas and the “battleground” is everywhere, is it so 89 See, e. g. Case C-399/11, Melloni, EU:C:2013:107, § 37 and § 63; see also Sule, National Security and Eu law restraints on Intelligence Activities, Part 4 Chapter 2 mn. 113-116, in this volume. 90 See, in particular, Al-Nashif and others v. Bulgaria App. No. 50963/99, Judgment 20 June 2002, Association “21 December 1989” and Others v. Romania, App. Nos 3381/07 and 18817/08, Judgment 24 June 2011, Bucur and Toma v. Romania, App. No. 40238/02, 8 Judgment January 2013, and the rendition cases noted above (fn 88). 91 Consolidated Version of the Treaty on European Union Art. 4, Feb. 7, 1992, 2002 O.J. C 325/5 [hereinafter TEU]. 92 Consolidated Version of the Treaty on the Functioning of the European Union Art. 72, Dec. 13, 2007, 2012 O.J. C326/01 [hereinafter TFEU].

414

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:08 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. The problem of oversight

meaningful to make a sharp distinction between external and internal threats. The EU Commission, the European Parliament and the CJEU naturally have a strong institutional interest in defining national security narrowly, so as to increase their own role in the area.93 The Member States for their part have an institutional interest in keeping the European institutions out of national security. At the same time, the Member States cannot avoid the growing European interdependence in security matters. In particular, most want improved information exchange at the same time as they would prefer this to be in a way which leaves little or no supervisory role for the European institutions. This is not a simple choice between good (more European oversight) and bad (less European oversight): there are good arguments on both sides. The different concepts of security used in the TFEU (“national”, “external” and “public”), securityrelevant secondary EU legislation and the EU Charter of Fundamental Rights and Freedoms (EUCFR) are the grounds on which a struggle over competence is waged. However, the express exclusions of national security mean that it is difficult for the CJEU to use the EUCFR in an “offensive” fashion, setting out standards which go beyond the minimum standards of the ECHR. Still, the struggle of competence is very visible as regards data processing and data 96 transfer. This has so far manifested itself inter alia in disputes over the Terrorist Finance Tracking Programme94 as regards the question of Passenger Name Records (PNR)95 and as regards the obligation on telecommunications providers to retain telephony and internet metadata.96 In the Tele2/Watson case, the CJEU demanded that states make police and intelligence access to metadata contingent on prior approval by a court or quasi-judicial expert body. If such a requirement exists for metadata, it must ipso facto exist for more intrusive surveillance such as telephone tapping, bugging and, particularly, computer hacking. This is hardly controversial and the CJEU is correct to try to insist on such safeguards (even if how they will actually work in practice will be totally dependent on national administrative and judicial culture). Much more controversial is the CJEU’s ruling, in the same case, that blanket data retention is not compatible with the EUCFR.97 In reaching this conclusion, the CJEU displays a disturbing inability to understand the technology involved, how differently police and intelligence agencies in EU states are regulated and how differently they actually use this technology. The “good” are being punished for the sins of the “bad”. Indeed, the “good” now may feel forced to become less good, and multiply their use of other integrity-infringing methods for obtaining metadata. Quite apart from the wisdom of attempting to remove an investigative tool which the legislatures in all 28 EU states have deemed essential, one 93 See, e. g. CJEU Case C-300/11, ZZ v. Secretary of State for the Home Department. EU:C:2013:363. If an extensive approach is taken to the concept of “public security” as including combating terrorism, then relatively little activities are left to be covered by the national security exception. 94 https://ec.europa.eu/home-affairs/what-we-do/policies/crisis-and-terrorism/tftp_en. 95 Some EU states already have an obligation on passengers under national law. A directive has been adopted, Directive (EU) 2016/681 of the European Parliament and of the Council of 27 April 2016 on the use of passenger name record (PNR) data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime, OJ L 119/132, 4.5.2016. PNR was also the subject of a case before the CJEU. The EP referred the draft EU-Canada PNR agreement to the CJEU which laid down certain data processing standards with which the agreement must comply, to be compatible with the EUCFR Opinion 1/17, EU:C:2017:592. 96 See Joined Cases C-293/12 and C-594/12 Digital Rights Ireland (Grand Chamber), ECLI:EU: C:2014:238, Case C-362/14, Maximillian Schrems v. Data Protection Commissioner, Judgment of the Court (Grand Chamber), ECLI:EU:C:2015:65, Joined Cases C 203/15 and C 698/15, Tele2 Sverige AB (C 203/15) v. Post- och telestyrelsen, and Secretary of State for the Home Department (C 698/15) v. Tom Watson, Peter Brice and Geoffrey Lewis, (Grand Chamber) EU:C:2016:970. 97 For analysis, see Cameron, 2017.

Cameron

415

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:08 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

can say that trying to impose a “one size fits all” standard in one part of an area which is otherwise clearly outside of EU competence is doomed to failure.

II. Oversight of EU institutions 97

98

99

100

101

102

EU law and EU institutions not only affect national oversight. There are certain EU institutions which have already, or have the potential to develop, an intelligence gathering capacity.98 Thus, some form of EU-level oversight is necessary of these. How much oversight is necessary and who is to perform this is the subject of dispute. The main EU entities with intelligence functions are the European police organization EUROPOL, the European body for coordinating the work of prosecutors, EUROJUST and INTCEN,99 the information analytical centre attached to the European External Action Service (EEAS) – the “foreign ministry” of the EU. Other agencies, such as the border agency, FRONTEX, have minor intelligence functions and there are agencies which can in the future develop intelligence gathering functions, such as the Agency for Network and Information Security (ENISA).100 However, relatively little need be written about this issue. EUROPOL has no operational capacity. Instead it receives data, including personal data, from member- states regarding terrorism and organized crime (but by no means all the data it wants or considers it needs) and produces crime assessments. The national police organizations are the consumers of EUROPOL’s crime assessments and whatever operational measures are taken in implementation of these are the responsibility of the national police force(s) involved. Under Regulation 794/2016101 EUROPOL is overseen by a joint national – EU Joint Parliamentary Scrutiny Group (JPSG). Under Article 51(2) of the regulation, the mandate of the JPSG is to “politically monitor Europol’s activities in fulfilling its mission, including as regards the impact of those activities on the fundamental rights and freedoms of natural persons”. Certain specified types of documentation are to be transferred to JPSG. Under Article 52, it has access to other classified and non-classified information. Similarly, EUROJUST works through the national prosecutors’ offices. It too handles personal data, but it too is overseen by a supervisory board. The Commission denies that INTCEN is an intelligence organization as such,102 even if it produces situation and threat assessments on the basis of information received from other EU agencies and the Member States. It does not collate personal data. Supervision of the way EU institutions such as FRONTEX handles personal data is provided by the EU Data Protection Supervisor.103 For discussion of policy issues there is a consultative group linking the European Commission, national data protection authorities, and the EU data protection supervisor (the European Data Protection Board).104 If the main reason for intelligence oversight is the risk of abuse of coercive powers, then there is little need for oversight of the above EU institutions.105 However, even if an 98 See Palacios, EU Intelligence: On the road to a European Intelligence Agency?, Part 3 Chapter 1 in this volume. 99 http://eu-un.europa.eu/factsheet-on-eu-intelligence-analyses-center-intcen/ .. 100 https://www.enisa.europa.eu/. 101 OJ L 135, 24.5.2016. 102 See, European Parliament, answer 25 April 2017, given by Vice-President Mogherini on behalf of the Commission to parliamentary question E-000599/2017. 103 European Data Protection Supervisor, https://secure.edps.europa.eu/EDPSWEB/edps/EDPS. 104 See: European Data Protection Board https://edpb.europa.eu/ which replaces the former Article 29 Working Party. 105 Wills/Vermuelen 2011 (146).

416

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:09 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. The problem of oversight

EU agency has no coercive powers, the collation and analysis of publicly available information, especially in the age of social media, can produce a detailed picture of an individual and can obviously give rise to privacy concerns. Moreover, if a broader approach is taken to the raison d’être of oversight (transparency, efficiency etc.) then it is clear that even these institutions need external oversight. The question still remains whether the existing external oversight is enough. The European Parliament has periodically advanced the argument that it be given a greater role in overseeing the above agencies, beyond the degree of budgetary control it already exercises over them.106 As shown above, one of the decisive issues for oversight is whether a parliamentary body should be given access to operational details. The operational detail is at the national level: there are few, if any, EU operational details. But in any event, to obtain operational details, the oversight body must show that it can be trusted. This in turn means keeping information secret, and the EP has the rules in place to keep secrets. The inter-institutional agreement on access to information already gives certain MEPs access to confidential information obtained from Member States. However, giving information to a few MEPs does not improve transparency.107 The risk is obvious that the MEPs in question are simply taken hostage. The EP seems caught in a trap here: it must show it can keep information secret, but if absolute confidentiality is the price which has to be paid for obtaining a little more information from Member States, then little is gained in terms of democratic legitimacy. There are many other things that must work for parliamentary oversight to be meaningful. Political representatives must develop their knowledge and show a continuous interest in intelligence matters. This in turn requires, amongst other things, a willingness to put in the boring, (politically) unrewarding hours and a degree of continuity of membership.108 Political representatives should not “sensationalize” or (unnecessarily) politicize intelligence, something which requires a degree of consensus in the parliament. I do not doubt that there are MEPs capable of doing this. However, there are extremist parties represented in the EP, which are likely to take the opportunity to sensationalize and politicize intelligence. It is not possible to exclude these from participation in scrutiny activities, if one wishes to uphold the democratic principle. For many of these reasons, and whatever the dedication and quality of individual MEPs, there is room to doubt whether the EP as an institution is sufficiently mature to be given operational details concerning national intelligence operations. The EP should keep its scrutiny work at the policy level and aim to achieve so much transparency as possible. The relevant committees (primarily the Civil Liberties Justice and Home Affairs Committee, LIBE) should strive to build up their knowledge of intelligence and have informed discussions about it. The EP can also use its considerable financial resources to investigate and encourage good national practices in intelligence oversight. It can commission expert reports – not superficial studies as it has on occasion done in the past.109 It can provide a European forum for meetings of national oversight bodies. One should not be too hard on the EP. No purely parliamentary body in an EU state seems to provide satisfactory oversight of operational matters in intelligence.110 Where 106 Ibid. (76–7). The authors considered that there was no need for the EP to duplicate the existing control over the two main bodies involved, EUROJUST and EUROPOL (80). 107 For criticism, see Abazi, 2016. 108 The interviews carried out by Wills/Vermuelen 2011 show sporadic, at best, interest on the part of MEPs in questioning the directors of relevant AFSJ agencies (75). 109 An example is Bigo et al, 2013. To be fair: if one demands a quick report of a difficult, technical area, superficiality is almost guaranteed. 110 Even in the state which invented legislative oversight of the intelligence agencies, the US, criticism of Congressional oversight is severe, see Zegart, 2011.

Cameron

417

103

104

105

106

107

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:09 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

parliamentary bodies have a role to play it is in (relatively) informed discussion of policy matters. To the extent that external oversight of operational matters seems to be performed in a (relatively) satisfactory fashion in EU states, it is being done by hybrid or expert bodies.

H. Concluding remarks 108 109

110

111

112

I will not try to draw together all the themes touched upon in the present chapter, but will content myself with making a few concluding remarks. In a more dangerous world, there is more risk of heavy-handed measures by intelligence agencies, which are being pressured to find and neutralize threats to national security. Improvements in the technology of surveillance and data storage and processing mean greater potential for intelligence agencies to interfere with privacy and other rights. The technicalities involved, together with the complex relationship intelligence agencies now have with major private corporations in social media and telecommunication (at times symbiosis, at times competitors) make it difficult for the public to understand what is going on. Technical advances and the increased availability of strong encryption have led to intelligence agencies demanding, and receiving, increased powers as regards surveillance, adding to public fears of a “mass surveillance state”. In western EU states, alienated sections of the population, especially immigrant Muslim communities, are being cast as threats by populist politicians. For these, and other, reasons there is a need for strong external oversight of intelligence agencies to reassure the public – all of it – that powers are not being misused. The complexities of the technologies involved (and the difficulties in understanding these) also add to the uphill struggle that oversight bodies have. Even if they are, in fact, equal to this struggle, they are likely to experience difficulties in explaining this to the public, and so fulfilling their function of reassuring the public that things are not off the rails. But what is the picture of intelligence oversight in Europe? It is mixed. In a few EU states, oversight is reasonable (even though improvements are always possible). In all the others, it appears to be poor or non-existent. To take the most serious cases first, two EU Member States, Hungary and Poland now have authoritarian governments. These governments have dismantled important elements of the Rechtsstaat in their states. If an independent judiciary is seen as a threat to an authoritarian government, it is unrealistic to expect that government to embrace independent oversight over the “sharp-end” of the state, the intelligence services. The risk is clear that for these two states at least, the security apparatus (once again one should say) will become a mechanism for the ruling party to suppress political opposition. For several other EU states, especially in Eastern Europe, the main threats to the state are political corruption and penetration by organized crime. These threats weaken all the institutions of the state, including the intelligence services. As threats, one might think that the intelligence services should become involved in combating organized crime and corruption. But there are dangers in involving a secret agency, with farreaching coercive powers, in this struggle. The job of the intelligence agency is to collect intelligence. This is often a long-term function, which is focused on persons, groups and structures. This type of intelligence is a highly valuable commodity in a state where many politicians are corrupt, but are anxious to conceal this fact. The agency can thus itself become corrupted, and become a tool for organized crime and/or corrupt politicians. Or the agency can become a “player” in its own right, trading damaging 418

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:10 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. The problem of oversight

(real or invented) information on politicians for its own purposes. In such circumstances, the agency will not be keen to be under the supervision of politicians not under the control of the ruling party or parties: this will usually make it more difficult to collect and trade intelligence. The same will apply to the government: if it is “clean” or at least, “clean-ish”, it will not want to let corrupt politicians from other political parties near the biggest source of secret information in the state, the intelligence agencies. If, on the other hand politicians in the ruling party are engaged in corruption, they will not want the other corrupt group to have access to anything (the police, the prosecutors, the intelligence agencies) which makes their own continued corrupt practices more difficult. Thus, in a state with a high level of corruption, such as Romania, or Bulgaria, even (or especially) if an intelligence agency is trying to stay loyal to the state as such, and not get involved in providing ammunition to politicians from party A to discredit politicians from party B, the agency will hardly be interested in exposing itself and its secrets to scrutiny by a parliamentary body. It could conceivably be prepared to accept some sort of independent expert oversight body, but, as shown below, technocratic oversight bodies need a special blend of factors before they can work in a satisfactory manner. Even for states without such serious threats of corruption, improved intelligence oversight is unlikely to be a priority. The main aim of many governments as far as concerns their intelligence agencies is to achieve a high level of effectiveness. As pointed out in the introduction, external oversight should not be seen as an obstacle to effectiveness and efficiency, but in fact as another spur to these. Nonetheless, oversight is often seen as a “luxury”. Intelligence agencies, like all other public bodies, naturally consider that they have not been established for the purpose of being overseen, but to accomplish their goals. The dangers of the “audit society”111 are well known. There is a risk of oversight wasting the resources of the agency on time-consuming and unnecessary formalities or even negatively impacting on important intelligence work which is not easily explicable to non-experts or is not easily quantifiable. Such a risk might be real in a state where the parliament exercises strong budgetary control over intelligence agencies, but the European oversight bodies, those that are working at all that is, do not seem to be very “expensive” for their respective intelligence agencies. Most oversight bodies lack staff and resources to do more than a “meta-level” oversight, checking that the internal routines are working and occasionally randomly sampling cases. Ambitious oversight bodies combine this with a programme of themeoriented oversight. Bearing in mind the small size of oversight bodies, and its need to build up a relationship of trust with the agency, a bigger risk is the opposite: that the oversight body is “captured” by the agency or agencies which it is overseeing and used as a cat’s paw (vis-à-vis the parliament, or in bureaucratic battles over funding or influence). Whether or not this is the case, improved oversight is not a priority for most states, even those states which have provided for increased powers for their intelligence agencies, and which should therefore, as a quid pro quo, provide for strengthened oversight. The network nature of several international threats is also a disincentive to strengthened oversight. The US intelligence community, a vast and fragmented entity, experiences a lot of Congressional oversight, even if this is not particularly effective.112 This community has, at times, and understandably, a strained relationship with its own oversight. It is, also understandably, not interested in strengthening the parliamentary 111 112

Power, 1999. See generally Zegart, 2012.

Cameron

419

113

114

115

116

117

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:10 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

oversight its foreign partners have to deal with. The US intelligence community is to defend American democracy. It is naturally distrustful of anything which can force its foreign partners to disclose US-source material. Such material is regarded by intelligence agencies in US-friendly states as of vital importance to their own work. Thus, oversight bodies in EU states which have access to operational detail, indirectly, have to reassure the US intelligence community that they can be trusted with this information.113 It is more likely that expert (technocratic, rather than political) oversight can do this. But here we ran into the already mentioned difficulty that expert oversight lacks democratic legitimacy: why should the people trust another group of experts to safeguard their basic rights? Technocratic oversight requires a reasonable level of social capital to work properly. It is not a surprise that states with a relatively high degree of social capital, such as Sweden, Norway and the Netherlands have contented themselves with giving operational detail only to hybrid or expert oversight bodies.114 Social capital is in short supply in many European states and seems to be diminishing rather than increasing. 113 The Snowden revelations revealed that one of the “marketing” strategies GCHQ used to the NSA was its’ minimal oversight. See Greenwald, 2014. 114 Another relatively successful expert oversight body is the Belgian committee “R”. Social capital is not so high in Belgium (at least according to the world values survey) but the experts are apparently trusted more than the politicians.

420

Cameron

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:10 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4 Effective Remedies against Intelligence Actions Jana Gajdošová Outline A. Introduction ...................................................................................................................... B. Effective remedy and the specific context of surveillance ...................................... C. Institutional requirements of an effective remedy.................................................... I. Independence ........................................................................................................... II. Powers ....................................................................................................................... 1. Access to materials............................................................................................. 2. Binding decisions................................................................................................ III. Specialisation............................................................................................................ IV. Summary of key points.......................................................................................... D. Procedural requirements of an effective remedy ...................................................... I. Accessibility .............................................................................................................. 1. Notification .......................................................................................................... 2. Legal standing ..................................................................................................... II. Capability of providing adequate redress .......................................................... III. Summary of key points.......................................................................................... E. Concluding remarks: effective remedies for individuals in the context of surveillance – science fiction or reality? .....................................................................

mn. 1 5 14 18 25 27 33 36 43 44 48 49 54 65 71 74

Bibliography: Article 29 Working Party, Working Document 01/2016 on the justification of interferences with the fundamental rights to privacy and data protection through surveillance measures when transferring personal data (European Essential Guarantees), 2016; Born and Wills (eds.), Making international intelligence cooperation accountable, Centre for the Democratic Control of Armed Forces (DCAF) 2015; Born and Wills (eds.), Overseeing intelligence services: A toolkit, Centre for the Democratic Control of Armed Forces (DCAF) 2012; Cameron, National security and the European Convention on Human Rights, Kluwer Law International 2000; Cameron, Foreseeability and safeguards in the area of security: Some comments on ECHR case law, in: Van Laethem and Vanderborght (eds.), Regards sur le contrôle. Vingt ans de contrôle démocratique sur les services de renseignement, Intersentia 2013; Caparini, Controlling and Overseeing Intelligence Services in Democratic States, in: Born and Caparini (eds.), Democratic Control of Intelligence Services: Containing Rogue Elephants, Routledge 2013; Chesterman, One nation under surveillance: The new social contract to defend freedom without sacrificing liberty, Oxford University Press 2011; Council of Europe, Mass surveillance – Who is watching the watchers?, Council of Europe Publishing 2016; Council of Europe Commissioner for Human Rights, Issue paper: Democratic and effective oversight of national services, Council of Europe 2015; Council of Europe Commissioner for Human Rights, Issue paper: The rule of law on the Internet and in the wider digital world, Council of Europe 2014; Emmerson, Report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism, 2014; European Parliament, Standing up for your right(s) in Europe: A Comparative Study on Legal Standing (Locus Standi) before the EU and Member States’ Courts, European Parliament 2012; European Union Agency for Fundamental Rights, Handbook on European law relating to access to justice, Publications Office of the European Union 2016; European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, Publications Office of the European Union 2015; European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, Publications Office of the European Union 2017; European Union Agency for Fundamental Rights, Access to justice in Europe: an overview of challenges and opportunities, Publications Office of the European Union 2014; European Union Agency for Fundamental Rights, Opinion of the European Union Agency for Fundamental Rights on the proposed data protection reform package, Publications Office of the European Union 2012; European Union Agency for Fundamental Rights, Bringing rights to life: The fundamental rights landscape of the European Union, Publications Office of the European Union 2012; European Union Agency for Fundamental Rights, Access to data protection remedies, Publications Office of the European Union 2011; European Union Agency for Fundamental Rights, Data protection in the European Union: The role of national data protection authorities (Strengthening the fundamental rights architecture in the EU II),

Gajdošová

421

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:11 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law Publications Office of the European Union 2010; Gruszczak, Intelligence Security in the European Union: Building a Strategic Intelligence Community, Palgrave Macmillan UK 2016; Harris, O’Boyle, Bates, and Buckley, Law of the European Convention on Human Rights, 3rd ed., Oxford University Press 2014; Leigh, A view across the channel: Intelligence oversight in the United Kingdom, in: Van Laethem and Vanderborght (eds.), Regards sur le contrôle. Vingt ans de contrôle démocratique sur les servies de renseignement, Intersentia 2013; Miller (ed.), Privacy and Power: A Transatlantic Dialogue in the Shadow of the NSAAffair, Cambridge University Press 2017; Murphy, Surveillance and the Right to Privacy: Is an “Effective Remedy” Possible?, in: Diver, and Miller (eds.), Justiciability of Human Rights Law in Domestic Jurisdictions, Springer International Publishing 2016; Peers, Hervey, Kenner and Ward (eds.), The EU Charter of Fundamental Rights: A Commentary, Hart Publishing 2014; Peers, EU Justice and Home Affairs Law, Volume II: EU Criminal Law, Policing and Civil Law (4th ed.), Oxford University Press 2016; Scheinin, Compilation of good practices on legal and institutional frameworks and measures that ensure respect for human rights by intelligence agencies while countering terrorism, including on their oversight, 2010; United Nations High Commissioner for Human Rights, The right to privacy in the digital age, 2014; Venice Commission, Rule of Law Checklist, 2016; Venice Commission, Update of the 2007 Report on the democratic oversight of the security services and report on the democratic oversight of signals intelligence agencies, 2015; Venice Commission, Report on the Democratic oversight of the Security Services, 2007.

A. Introduction Now more than ever, intelligence services play a key role in ensuring the security of the state, resulting in a strong imperative for secrecy. However, the surveillance measures often impose significant limitations on fundamental rights and if not subject to any control and oversight, they may serve to undermine democratic government and the fundamental rights of its citizens. Accordingly, it is essential to ensure that intelligence services are held accountable for their actions, including through a system of effective remedies available to individuals against unlawful surveillance.1 2 This chapter provides a legal analysis of the requirements necessary for remedies to be effective in case of violation of the right to privacy and data protection2 as a result of 1

1 The views expressed in this chapter are solely those of the author and its content does not necessarily represent the views or position of the European Union Agency for Fundamental Rights (FRA). The author would like to thank Dr. Mario Oetheimer, Head of Sector Information Society, Privacy and Data Protection at FRA and Dr. Jonas Grimheden, Senior Policy Manager at FRA for their invaluable advice and comments that greatly improved the chapter. All mistakes are the author’s own. Different United Nations’ bodies have been setting standards for decades; see for instance: Emmerson, Report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism, 2017; United Nations Human Rights Council, Resolution on the right to privacy in the digital age, 2017; General Assembly, Resolution on the Right to Privacy in the digital age, 2014; United Nations High Commissioner for Human Rights, The right to privacy in the digital age, 2014; Emmerson, Report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism, 2014; Scheinin, Report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism, 2010; United Nations Human Rights Council, Report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism, Martin Scheinin: Promotion and protection of all human rights, civil, political, economic, social and cultural rights, including the right to development, 2009. 2 It is to be noted that the nature of the right at stake has implications for the type of remedy the State is required to provide. In cases, where the national security argument was used in the context of two different rights under the ECHR, namely Articles 3 and 8, the ECtHR stated that “[i]t is true, as the Government have pointed out, that in the cases of Klass and Others and Leander […] the Court held that Article 13 […] only required a remedy that was “as effective as can be” in circumstances where national security considerations did not permit the divulging of certain sensitive information. However, it must be borne in mind that these cases concerned complaints under Articles 8 and 10 of the Convention […] and that their examination required the Court to have regard to the national security claims which had been advanced by the Government. The requirement of a remedy which is “as effective as can be” is not appropriate in respect of a complaint that a person’s deportation will expose him or her to a real risk of treatment in breach of Article 3 […], where the issues concerning national security are immaterial”. See

422

Gajdošová

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:12 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Effective Remedies against Intelligence Actions

surveillance activities by intelligence services. The analysis is divided into two main parts, reflecting the two building blocks of a concept of “effective remedy”: institutional and procedural.3 The legal analysis is based on the available case law of the European Court of Human Rights (ECtHR) and the Court of Justice of the European Union (CJEU) and is accompanied by references to well-established European and international soft-law standards, recommendations and principles. This is supported by some selected examples of different approaches in the EU Member States from the existing comparative research published by different European and international actors, in particular the European Union Agency for Fundamental Rights (FRA).4 Existing case law at the European level principally covers minimum standards relating to an effective remedy in the context of targeted surveillance actions by intelligence services and it has so far only marginally touched upon the issue of untargeted surveillance and the safeguards surrounding it.5 In this chapter, targeted surveillance is taken to mean when a pre-existing suspicion 3 leads to a specific target.6 It is understood as an activity conducted in a targeted way in the sense that it is based on a hypothesis that a specific person (persons) has committed, is committing or plans to commit an offence or security-threatening act. There must be “probable cause”, “reasonable suspicion” or similar type of test to satisfy7 such an approach. On the other hand, untargeted or general surveillance of communications, sometimes also called strategic, bulk or mass surveillance does not start with the prior suspicion against a particular person. It is justified by the prevention of crime and the protection of national security: “finding a danger rather than investigating a known danger”8 or, put differently, “instead of starting from the target to find the data, one starts with the data to find the target”.9 As pointed out by Chahal v. the United Kingdom, Application no. 22414/93, Judgment of 15 November 1996, mn. 154. See also Harris, O’Boyle, Bates, and Buckley, Law of the European Convention on Human Rights, 2014, pp. 765–766. 3 On the general standards concerning an effective remedy, see European Union Agency for Fundamental Rights, Handbook on European law relating to access to justice, 2016, section 5.1. 4 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017 and European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015. 5 According to the Article 29 Working party, the ECtHR and CJEU “do not seem to have taken a final position on the legality of the massive and indiscriminate collection of personal data (i. e. non-targeted bulk collection) and their subsequent use, including the questions under what circumstances such collection and use of personal data could take place”, see further in Article 29 Working Party, “Working Document 01/ 2016 on the justification of interferences with the fundamental rights to privacy and data protection through surveillance measures when transferring personal data (European Essential Guarantees)”, 2016. Cf. CJEU, Joined cases C-203/15 and C-698/15 Tele2 Sverige AB v. Post- och telestyrelsen and Secretary of State for the Home Department v. Tom Watson, Peter Brice, Geoffrey Lewis, ECLI:EU:C:2016:572, mn. 103, in which – while not expressly holding that untargeted surveillance (i. e. storage and access to data on a generalised basis) was per se unlawful – the CJEU supported the retention of data following justified suspicion – even perhaps generalised suspicion – rather than using the analysis of retained data to justify suspicion. 6 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU. Field perspectives and legal update, 2017, p. 32. 7 Venice Commission, Update of the 2007 Report on the democratic oversight of the security services and report on the democratic oversight of signals intelligence agencies, 2015, mn. 42. 8 Venice Commission, Update of the 2007 Report on the democratic oversight of the security services and report on the democratic oversight of signals intelligence agencies, 2015, mn. 51. 9 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015, p. 18, citing Delmas-Marty (2015), “La démocratie dans les bras de Big Brother: Propos recueillis par Johannès, F.”, Le Monde, 4 June 2015. See also a general discussion on the terminology used by different actors at national and international levels in European

Gajdošová

423

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:12 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

some commentators, such untargeted surveillance carries with it greater risks of abuse and overuse and as such, greater safeguards should be made available against abuse and overuse of this measure as compared to targeted surveillance.10 The terms “untargeted”, “general”, “strategic”, “bulk” and “mass” surveillance are used interchangeably in this chapter. 4 In part B, the meaning and value of an effective remedy are first set out. The chapter then briefly highlights characteristics intrinsic to the area of surveillance that have played an important role in how the concept of an effective remedy has been evolving in this area. The chapter then continues with a detailed analysis of individual institutional and procedural requirements which are necessary for remedies to be effective in case of violation of the right to privacy and data protection as a result of surveillance activities by intelligence services (parts C and D). On the basis of the analysis provided in parts C and D, part E offers a final reflection on the question of the effectiveness of remedies available to individuals against intelligence actions.

B. Effective remedy and the specific context of surveillance Under the rule of law, effectiveness of justice, notably in providing effective redress to anyone who alleges that her or his rights have been violated, is essential. The right to an effective remedy is a fundamental right embodied in Article 13 of the European Convention on Human Rights (ECHR)11 and Article 47 of the EU Charter of Fundamental Rights (Charter) as well as in the provisions of all standard international treaties.12 According to these standards, everybody whose rights have been violated has to be provided with an effective remedy.13 6 Without such recourse, other substantive fundamental rights would become unenforceable and any justice system would be of little use. In other words, the right to an effective remedy is a right in itself but it is also instrumental in making other fundamental rights a reality; in bringing them into life. In the context of surveillance, the most commonly complained of violation for which a remedy is sought relates to the right to privacy and protection of personal data.14 7 It is to be noted that, when assessing whether surveillance by the intelligence services in question went beyond what is “necessary” in a democratic society, the ECtHR often examines the availability of an effective remedy provided to individuals by the law as 5

Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, pp. 29–32. For a definition of targeted and strategic surveillance, see Venice Commission, Update of the 2007 Report on the democratic oversight of the security services and report on the democratic oversight of signals intelligence agencies, 2015, p. 10. 10 Cameron in Van Laethem and Vanderborght (eds.), Regards sur le contrôle. Vingt ans de contrôle démocratique sur les services de renseignement, 2015 p. 177. 11 Generally, the right to a remedy under Article 13 of the ECHR is absorbed in the right to a fair trial under Article 6, and Article 13. Therefore, with rare exceptions, it only applies to cases that are neither about civil law nor about a criminal charge. 12 It is also found in international instruments – such as Article 8 of the Universal Declaration of Human Rights and Article 2 (3) of the International Covenant on Civil and Political Rights. 13 For a discussion on differences between the scope of Article 13 of the ECHR and Article 47 of the Charter, see: European Union Agency for Fundamental Rights, Handbook on European law relating to access to justice, 2016 section 5.1. 14 Other commonly complained of violations concern an interference with the right to personal integrity and liberty, freedom of expression, freedom of assembly and association or right to a fair trial. See an overview provided in the Council of Europe Commissioner for Human Rights, Issue paper: Democratic and effective oversight of national services, 2015, chapter 2. The nature of the right at stake has implications for the type of remedy the State is required to provide: see fn. 2.

424

Gajdošová

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:13 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Effective Remedies against Intelligence Actions

part of a system of important safeguards.15 In the absence of a system that provides for effective remedies for individuals who suspect that they were subjected to secret surveillance, the menace of surveillance can be claimed in itself to constitute a direct interference with their right to privacy and data protection.16 From a wider perspective, the right to an effective remedy is to be seen as a core 8 element of any legal order based on the rule of law.17 In its 2016 Rule of Law Checklist, the European Commission for Democracy through Law (Venice Commission) pointed out that “[t]he increasing use of information technology has made the collection of data possible to an extent which was unthinkable in the past. This has led to the development of national and international legal protection of individuals with regard to automatic processing of personal information relating to them”. One of the most important requirements of such protection is the availability of effective remedies for alleged violations of individual rights by both targeted and untargeted surveillance.18 Effective remedies are also an essential part of the accountability requirement, encouraging trust which society should have vis-à-vis the work of its intelligence services, as well as one of the tools that can help to improve the quality of work by intelligence services. As earlier noted by the Venice Commission, “[i]t is necessary for individuals who claim to have been adversely affected by the exceptional powers of security and intelligence agencies, such as surveillance or security clearance, to have some avenue for redress. Quite apart from strengthening accountability, complaints may also help to lead to improved performance by the agencies through highlighting administrative failings”.19 Individuals can seek recourse for a violation of their right to privacy and data 9 protection at national as well as European and international levels. Yet, the most accessible level of recourse is undoubtedly the national level (which of course can comprise different sub-levels, including regions). It is the level which is the closest to the individual and provides the quickest means of putting violations to an end and obtaining a remedy. This is why the exhaustion of domestic remedies is generally a criterion for a complaint to be admissible before a supra-national redress mechanism which is in line with the European principle of subsidiarity.20 This rule, is, however, only valid provided the remedies offered at the national level are effective. In line with established standards, remedies should be effective in both law and 10 practice. That is to say, they need to be accessible, be capable of providing redress in respect of the complainant and offer a reasonable prospect of success.21 However, the specific nature of the surveillance context has had a considerable impact on 15

Zakharov v. Russia, Application no. 47143/06, Judgment 4 December 2015, mn. 232. Having regard to the findings in relation to the substantive right to privacy and data protection (Article 8 on the right to private and family life), the ECtHR usually concludes that it is not necessary to examine a complaint under Article 13 of the ECHR separately. See, for example, ECtHR, Zakharov v. Russia (fn. 15), mn. 171. 17 The right to an effective remedy has long been a core element of an EU legal order based on the rule of law, see CJEU, Case C-362/14 Maximillian Schrems v. Data Protection Commissioner, ECLI:EU: C:2015:650, mn. 95. 18 Venice Commission Rule of Law Checklist, 2016. 19 Council of Europe, Venice Commission, Report on the Democratic oversight of the Security Services, 2007, mn. 241. 20 European Union Agency for Fundamental Rights, Bringing rights to life: The fundamental rights landscape of the European Union, 2012. 21 See in general: El-Masri v. “the former Yugoslav Republic of Macedonia”, Application no. 39630/09, Judgment 13 December 2012, mn. 255; or Kudła v. Poland, Application no. 30210/96, Judgment 26 October 2000, mn. 152, and in the context of surveillance: Kennedy v. the United Kingdom, Application no. 26839/05, Judgment 18 May 2010, mn. 109. 16

Gajdošová

425

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:13 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

how flexibly these requirements have been applied by the European courts, the ECtHR in particular,22 and how challenging it has become for an individual to obtain a remedy in this area. 11 First and foremost, there is the inherently secret nature of surveillance. Given that it is happening in secrecy, it is practically impossible for an individual to obtain any remedy while the surveillance is ongoing and due to the frequent absence of ex-post notification to individuals that they were subject to surveillance,23 also once the surveillance is terminated. In Zakharov, referring to three distinct stages of surveillance, i. e. when the surveillance is first ordered, while it is being carried out, and after it has been terminated, the ECtHR stated that “[a]s regards the first two stages, the very nature and logic of secret surveillance dictate that not only the surveillance itself but also the accompanying review should be effected without the individual’s knowledge. Consequently, since the individual will necessarily be prevented from seeking an effective remedy of his or her own accord or from taking a direct part in any review proceedings, it is essential that the procedures established should themselves provide adequate and equivalent guarantees safeguarding his or her rights. […]”.24 Accordingly, before the termination of surveillance, the emphasis is put on effective guarantees in the form of effective oversight and the right to an effective remedy de facto kicks in only after the termination of surveillance25 (see Figure 1). Figure 1: Review of intelligence actions over time

22 The specific context of surveillance plays a particularly important role when determining what an effective remedy means. In other words, “an effective remedy … means a remedy that is as effective as can be having regard to the restricted scope for recourse inherent in such a system”. See Association for European Integration and Human Rights and Ekimdzhiev v. Bulgaria, Application no. 62540/00, Judgment 28 June 2007, mn. 99. 23 See European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015, p. 62, which details how the obligation to inform and grant right to access are completely exempted in some Member States (the Czech Republic, Ireland, Lithuania, Poland and Slovakia) and restricted in the other 23 EU Member States. Limitations can be based on the direct aspect of the access to information, on the general aspect of surveillance, on the level of classifications, on national security, on the operational impact of surveillance, or on other procedural grounds. 24 ECtHR, Zakharov v. Russia (fn. 15), mn. 233 and 234. 25 This does not, of course, mean that it is impossible to provide a limited remedy while the surveillance is ongoing. An example of a possible limited remedy is provided in Klass, where individuals believing themselves to be under surveillance could complain to the G10 Commission overseeing the system of secret surveillance and apply to the German Federal Constitutional Court in exceptional cases. See Klass and Others v. Germany, Application no. 5029/71, Judgment 6 September 1978, mn. 70.

426

Gajdošová

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:14 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Effective Remedies against Intelligence Actions

Secondly, there is the low awareness among individuals about what the different 12 possibilities of seeking remedies against intelligence actions are, amplified with the highly technical nature of intelligence matters.26 Figure 2: Redress avenue options against intelligence actions at national level

courts (ordinary and/or specialised)

data protecon authority

seeking access to personal data held by intelligence authories

bringing a complaint for being subject to unlawful surveillance

Intelligence services

ombudsman oversight body (ies)

In practice, individuals claiming the violation of their substantive right to privacy and 13 data protection are confronted with rather complex redress avenue options (Figure 2).27 In general, they may wish to bring two different types of complaints against intelligence services and hence need to be provided with an effective remedy. Firstly, they may complain about the fact that they were subject to surveillance and that such surveillance was not lawful. Secondly, they may also need to be able to pursue legal remedies in order to have access to their personal data that was collected by intelligence services, and obtain the rectification or erasure of such data. Depending on the type of complaint, an individual then has to be able to choose the correct path in accordance with their national rules.28

C. Institutional requirements of an effective remedy In light of ECHR jurisprudence in general as well as case law relating to secret 14 surveillance and interference with the right to privacy and data protection in particular, the national authority competent for providing the remedy does not have to be a judicial authority.29 In making reference to securing a remedy for violations “in whatever form”, the ECtHR indicates a willingness to interpret the right to an effective 26 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 113. 27 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015, p. 75. 28 See, for example, decisions of the French Council of State (Highest Administrative Court) from 19 October 2016, illustrating the spectrum of remedies available to the individual in France: www.conseiletat.fr/Actualites/Communiques/Controle-des-techniques-de-renseignement. 29 ECtHR, Klass and Others v. Germany (fn. 25), mn. 64 (concerning G10 Commission). See also ECtHR, Kudła v. Poland (fn. 21), mn. 157; or Ališić and Others v. Bosnia and Herzegovina, Croatia,

Gajdošová

427

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:14 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

remedy broadly, incorporating not only judicial remedy mechanisms, but also other remedial mechanisms (although noting that in principle judicial control offers the best guarantees of independence, impartiality and a proper procedure).30 This is so long as the decisions of such bodies may ultimately be supervised by a judicial body and so long as the alternative mechanisms themselves conform to the general requirements of fairness. These requirements include, among others, effective powers, including a power to issue binding decisions, as well as the requirement that such mechanism itself meets independence standards.31 In its Issue paper on the rule of law on the Internet and in the wider digital world, the Council of Europe’s Commissioner for Human Rights expressed an opinion that ‘a remedy under Article 13 should be as close to a full judicial remedy as possible; any departures from the trappings of a proper judicial forum must be justified by the special context’.32 15 Existing comparative research from different actors at EU and Council of Europe levels shows that the landscape of redress mechanisms responsible for addressing claims for effective remedies in the context of the work of intelligence services includes not only ordinary and/or specialised courts33 but also other mechanisms that are external to the court system. These are the so-called non-judicial mechanisms such as data protection authorities and other expert bodies, executive and parliamentary bodies, ombudsperson institutions as well as other specialized bodies.34 Some of them can be said to have a hybrid nature as they combine non-judicial members with (former) judges or combine oversight with the remedial functions.35 16 A broad interpretative reading of Article 47(1) of the EU Charter also indicates that other forms of remedial mechanisms apart from judicial remedies may also be available and considered effective.36 Indeed, Article 47(1) of the Charter refers to the need to secure a remedy before a tribunal rather than a court.37 Just like under Article 13 Serbia, Slovenia and the former Yugoslav Republic of Macedonia, Application no. 60642/08, Judgment 16 July 2014, mn. 131–136. 30 ECtHR, Klass and Others v. Germany (fn. 24), mn. 56 or more recently ECtHR, Zakharov v. Russia (fn. 15), mn. 233. 31 Leander v. Sweden, Application no. 9248/81, Judgment 26 March 1987, mn. 77. 32 Council of Europe Commissioner for Human Rights, Issue paper: The rule of law on the Internet and in the wider digital world, 2014, p. 47. 33 In the EU, four EU Member States (France, Germany, Ireland and the United Kingdom) introduced a system of specialised judges or courts to deal with cases in the area of surveillance. See further in European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 132 and European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015. 34 E. g. European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 112; Council of Europe Commissioner for Human Rights, Issue paper: Democratic and effective oversight of national services, 2015, chapters 4 and 5; Venice Commission, Update of the 2007 Report on the democratic oversight of the security services and report on the democratic oversight of signals intelligence agencies, 2015. 35 In the EU, oversight bodies in Germany and Belgium (the Standing Committee I and G10 Commission) are given powers similar to those of a court. Some qualify these specialised bodies as quasi-judicial mechanisms – see e. g. European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 132. 36 See, for example, CJEU, C-363/11, Epitropos tou Elegktikou Synedriou sto Ypourgeio Politismou kai Tourismou v. Ypourgeio Politismou kai Tourismou – Ypiresia Dimosionomikou Elenchou, ECLI:EU: C:2012:825, mns. 19–31. See also Peers, Hervey, Kenner and Ward (eds.), The EU Charter of Fundamental Rights: A Commentary 2014, pp. 1250–1253. 37 It is to be noted that unlike in English, in some other language versions of the Charter, the word “court” rather than “tribunal” is used. See in this context, Article 29 Working Party, Working Document

428

Gajdošová

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:15 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Effective Remedies against Intelligence Actions

referred to above, however, several factors, which are similar to those set out by the ECtHR, will be taken into account by the CJEU in order to determine the validity of non-judicial bodies as a redress mechanism. The case law includes the following stipulations for non-judicial proceedings: the independence and lack of bias of the body or official in question, the ability of the applicant to present and contest evidence, and the ability of that body to take a legally binding decision.38 The next sections focus on the distinct institutional requirements that determine 17 whether a given legal redress mechanism is capable of offering a remedy to individuals against intelligence actions. These include: the independence of the body providing a remedy and its powers, including the power to make binding decisions. A separate section will deal with the issue of specialisation which facilitates rendering the right to a remedy effective not only in law but also in practice. Issues concerning the procedural requirements of an effective remedy will be set out in part D.

I. Independence General safeguards of independence of a redress body set out by the CJEU and 18 ECtHR relate to, among others, the manner of appointing and dismissing tribunal members, the duration of their terms of office, and the existence of guarantees against outside pressure.39 In general, a redress mechanism can still meet the institutional requirements of effectiveness if it performs other functions in addition to judicial functions (e. g. disciplinary or advisory functions), but it cannot undertake both judicial and executive functions.40 Such a body may include lay judges or members who have non-judicial functions as long as they comply with the requirements of independence.41 This also applies to the area of surveillance where a remedy is being sought due to a 19 violation of the right to privacy and data protection. Redress mechanisms responsible for addressing complaints and claims for an effective remedy arising from the activities of intelligence services must be independent of the intelligence services and the executive.42 While the independence safeguards are less of concern in cases of courts (ordinary or specialised) that are part of judicial system in a given country, they seem to be particularly challenging in relation to other mechanisms of a non-judicial nature that exist in different countries and that often perform a dual function – oversight and remedial. According to the Venice Commission, “[i]f the oversight body is too closely identified with the agencies it oversees or operates within the ring of secrecy, the complainant may feel that the complaints process is insufficiently independent. In cases where a single body handles complaints and oversight, it is best if there are quite distinct legal procedures for these different roles”.43 01/2016 on the justification of interferences with the fundamental rights to privacy and data protection through surveillance measures when transferring personal data (European Essential Guarantees), 2016. 38 See for example CJEU, Evans, C-63/01, 4 December 2003, mn. 48–58. Other aspects that CJEU takes into account include whether the body is established by law, is permanent and has compulsory jurisdiction, see: CJEU, C-394/11, Belov v. CHEZ Elektro Bulgaria AD and others (Bulgaria and the European Commission intervening), ECLI:EU:C:2013:48. 39 Campbell and Fell v. the United Kingdom, Application nos. 7819/77 and 7878/77, Judgment 28 June 1984, mn. 78. 40 Benthem v. the Netherlands, Application no. 8848/80, Judgment 23 October 1985, mn. 43. 41 Ibrahim Gürkan v. Turkey, Application no. 10987/10, Judgment 3 July 2012, mn. 18. 42 See also Scheinin, Compilation of good practices on legal and institutional frameworks and measures that ensure respect for human rights by intelligence agencies while countering terrorism, including on their oversight, 2010, Practice 10. 43 Venice Commission, Report on the Democratic oversight of the Security Services, 2007, mn. 246.

Gajdošová

429

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:16 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

According to the findings of the comparative research on the laws of the 28 EU Member States in the area of surveillance published by the EU Agency for Fundamental Rights (FRA) in 2015, the ideal distance between the oversight bodies and the controlled is a complex matter: “while ties that are too close may lead to a conflict of interest, too much separation might result in oversight bodies that, while independent, are very poorly informed”.44 According to the results of this research, the issue of independence can be particularly problematic in cases where several different functions are blended within one body; for instance, in the case of an executive oversight body with remedial powers, the question of independence arises when it also has the power to warrant surveillance. 21 Other types of redress mechanisms responsible for addressing complaints and claims for effective remedy arising from the activities of intelligence services, such as data protection authorities, parliamentary oversight bodies, as well as ombudsperson institutions, tend to be, at least in theory, structurally and formally more capable of being independent than the executive oversight bodies.45 22 In its case law, when assessing the independence of executive, parliamentary or expert oversight bodies with remedial powers, the ECtHR took particular account of the manner of appointment, the place in the administrative hierarchy and the legal status of the members of the oversight body. It found the level of independence to be insufficient, for example, when a Minister as a member of the executive was directly involved in the commissioning of special means of surveillance.46 On the other hand, bodies composed of members of parliament of both the majority and the opposition, or of persons qualified to hold judicial office, appointed either by parliament or by the Prime Minister, were found to be sufficiently independent if such potential conflicts of interest did not arise.47 23 As for the ombudsmen (or any other type of mechanisms with a human rights remit), their independence would be difficult to question provided they hold an accreditation status confirming their level of independence in light of the internationally recognised Principles relating to the Status of National Institutions (Paris Principles).48 According to the Paris Principles, factors that operate to ensure independence include, firstly, pluralism in the composition of an institution (reflecting the composition of the society); secondly, a suitable infrastructure (in particular adequate funding and budget autonomy); and thirdly, a stable mandate of the institution’s members expressed through appointment and dismissal conditions and the exclusion of voting rights for government representatives within governing bodies of institutions. According to the Venice Commission, however, there are other issues outside of the independence criterion that should be borne in mind in cases where ombudsmen are tasked to provide a remedy against intelligence actions: “in the ombudsman-type systems, the emphasis is on an independent official investigating on behalf of the complainant. These independent offices usually exist to deal with an administrative failure by public bodies, rather than a legal error. Their investigations may give less emphasis to the complainant’s own participation in the process and to transparency than would be the case with legal proceedings”.49 The existing 20

44 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015, p. 70. 45 Ibid., p. 70. Compare, however, with the case in which the ECtHR found that the parliamentary oversight body lacked necessary independence which resulted in remedies being ineffective: Bucur and Toma v. Romania, Application no. 40238/02, Judgment of 8 January 2013, mn. 98; see also Cameron, The problem of oversight, Part 4 Chapter 3 in this volume. 46 See relevant case law cited in ECtHR, Zakharov v. Russia (fn. 15), mn. 278. 47 Ibid. 48 Principles relating to the Status of National Institutions (The Paris Principles), adopted by UN General Assembly resolution 48/134 of 20 December 1993. 49 Venice Commission, Report on the Democratic oversight of the Security Services, 2007, mn. 245.

430

Gajdošová

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:16 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Effective Remedies against Intelligence Actions

empirical evidence confirms that although individuals may lodge complaints related to surveillance with their national ombudsmen in 11 EU Member States, these ombudsmen’s mandate may explicitly exclude the issue of national security or the work of intelligence services. In addition, their expertise and powers (including access to classified information and a possibility to issue a binding decision) are usually very limited (see further in mns. 27–42 below).50 General guidance on different aspects of independence of national data protection 24 authorities can be found in the case law of the CJEU delivered in the context of relevant EU data protection law, Article 8 of the Charter and Article 16 of the Treaty on the Functioning of the European Union.51 The CJEU refers to the need to ensure that these authorities enjoy an independence which allows them to perform their duties free from external influence, direct or indirect, which is liable to have an effect on their decisions.52 While data protection authorities are not national human rights institutions per se, as they have a more focused and narrow mandate, these authorities are intended to be independent monitoring bodies with a role in the fundamental rights field and as such, the detailed standards established in Paris Principles could usefully guide their work. For example, the need to further strengthen the independence of data protection authorities in terms of ensuring adequate financial and human resources has been raised several times by different actors in the EU in the past.53 Such requirements to ensure the independence of these bodies can ensure that a robust safeguard is, and is seen to be, in place against possible infringements of privacy rights.

II. Powers As the previous section has shown, states have to ensure that any person claiming a 25 remedy has an enforceable right to have his or her claim determined by an independent body of judicial, administrative or legislative nature. Independence is, however, only one of the institutional requirements of an effective remedy. According to the existing case law, it is equally important that the body in question, in particular in cases where such a body is not a court, has sufficient powers. ECtHR, for instance, held that “The ‘effectiveness’ of a ‘remedy’ within the meaning of Article 13 does not depend on the certainty of a favourable outcome for the applicant. Nor does the ‘authority’ referred to in that provision necessarily have to be a judicial authority; but if it is not, its powers […] are relevant in determining whether the remedy before it is effective.”54 In the specific field of surveillance, powers that a competent redress body is required 26 to have in order to render the right to a remedy effective, include: the ability to conduct 50 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 118. 51 See also Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, OJ 2016 L 449 (General Data Protection Regulation), Art. 52. 52 CJEU, C-614/10 Commission v. Austria, ECLI:EU:C:2012:631; CJEU, C-518/07 Commission v. Germany [2010] ECR I-1885; or CJEU, C-288/12 Commission v. Hungary, judgment of 8 April 2014. 53 E. g. European Union Agency for Fundamental Rights, Data protection in the European Union: The role of national data protection authorities (Strengthening the fundamental rights architecture in the EU II), 2010; European Union Agency for Fundamental Rights, Opinion of the European Union Agency for Fundamental Rights on the proposed data protection reform package, 2012; European Union Agency for Fundamental Rights, Access to data protection remedies, 2014. 54 ECtHR, Kudła v. Poland (fn. 21), mn. 157.

Gajdošová

431

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:17 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

a thorough and impartial review by having a full, unhindered access to all relevant material as well as the power to grant a remedy that is binding.55 Finally, a competent redress body should also be specialised in this area. These powers are discussed in the subsequent sections in turn.56

1. Access to materials 27

28

29

30

31

32

When it comes to unhindered access to all relevant materials, the existing case law requires a redress body to have access to all relevant documents, including classified materials and the obligation on the part of those involved in intelligence activities to disclose any material, the redress body considers relevant.57 This criterion of relevance has been expanded upon by the ECtHR. In the Kennedy case, for example, the ECtHR highlighted that “[i]n undertaking its examination of complaints by individuals, the IPT [Investigatory Powers Tribunal] has access to closed material and has the power to require the Commissioner to provide it with any assistance it thinks fit and the power to order disclosure by those involved in the authorisation and execution of a warrant of all documents it considers relevant”.58 In the Zakharov case, the ECtHR held that there was no effective remedy where the access to materials by the oversight body dealing with individual complaints was de facto limited by excluding specific types of information from such access (e. g. information concerning security services’ undercover agents and their tactics), or making an access to information subject to specific conditions (e. g. access to counter-intelligence to be granted only following an individual complaint).59 Similarly, in the Szabó case, the ECtHR stated that the effective remedy could not be provided to individual grievances caused by secret anti-terrorist surveillance where the redress body – although being able to request information from the relevant intelligence services – did not have full access to relevant documents.60 Furthermore, it has been recommended by other Council of Europe bodies that such a full and unhindered access to relevant information should be accompanied by a duty of cooperation on the part of intelligence services, as well as specific powers for the redress body to subpoena or order search and seizure in cases where the information has not been voluntarily provided.61 There should be corollary safeguards in place to ensure that all the information obtained by the redress body is protected and used only for the purposes of complaints handling.62 Despite the fact that the access to all information and documents by redress bodies is essential, the existing EU comparative data show that less than two-thirds of EU Member States provide non-judicial remedial bodies with full access to both the information and the power to issue binding decisions. Such access to classified information is widest in the case of expert bodies while limited in the case of other 55

ECtHR, Kennedy v. the United Kingdom (fn. 21), mn. 167. A comparative overview table with non-judicial bodies’ remedial powers in case of surveillance by EU Member State can be found in European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, table 7. 57 ECtHR, Kennedy v. the United Kingdom (fn. 21), mn. 167. 58 Ibid. 59 ECtHR, Zakharov v. Russia (fn. 15), mn. 292. 60 Szabó and Vissy v. Hungary, Application no. 37138/14, Judgment 12 January 2016, mn. 82. 61 See – in the context of effective oversight – Council of Europe Commissioner for Human Rights, Issue paper: Democratic and effective oversight of national services, 2015, p. 64. See also Council of Europe Parliamentary Assembly, Democratic oversight of the security sector in member states, 2005. 62 Ibid. 56

432

Gajdošová

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:17 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Effective Remedies against Intelligence Actions

types of oversight bodies.63 Most ombudsmen in the EU Member States are generally denied access to classified information.64 Even the judiciary face a similar problem in EU Member States. Most EU Member States do not allow courts to use intelligence information that is not available to the parties and that does not meet evidential standards.65 In its research, FRA has identified some innovative mechanisms that are promising in addressing – at least to some extent – the problem of the lack of access to classified information. These include, for instance, the so-called closed material procedures and open inter-partes hearing (United Kingdom), in camera sessions (France) or the use of the so-called shielded witnesses (Germany, Spain and the Netherlands).66

2. Binding decisions The binding character of a decision delivered by a body responsible for addressing 33 claims for an effective remedy is one of the well-established aspects of an effective remedy as interpreted by the ECtHR. The CJEU often refers to the need for a binding nature of decisions when assessing the issue of compulsory jurisdiction.67 This requirement is a well-established requirement of the effective remedy-related jurisprudence in general and applies equally to the complaints arising from the violation of the right to privacy and data protection due to the work of intelligence services. The binding nature of decisions is a requirement and the capacity of the body in 34 question to make recommendations or give advice – even if normally followed – will not be enough.68 This has been also considered in several cases involving secret surveillance. In Segerstedt-Wiberg and Others v. Sweden, the ECtHR for example, stated: “Parliamentary Ombudsperson and the Chancellor of Justice have competence to receive individual complaints and have a duty to investigate them in order to ensure that the relevant laws have been properly applied. By tradition, their opinions command great respect in Swedish society and are usually followed. However, […] the Court found that the main weakness in the control afforded by these officials is that, apart from their competence to institute criminal proceedings and disciplinary proceedings, they lack the power to render a legally binding decision”.69 While the binding nature of courts’ decisions can be taken for granted, it is less 35 common in cases of non-judicial bodies. According to the existing data, in only 18 EU Member States may remedial bodies issue binding decisions on complaints related to surveillance.70 Such remedial bodies mainly include expert bodies and data protection authorities. The power to issue binding decisions is thus generally not granted to ombudsmen and this power is also lacking in cases of some oversight bodies, in particular those of a parliamentary nature.71 When it comes to national data protection 63 Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015 and European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, pp. 114 and 134; table 7. 64 Ibid. p. 118. 65 Ibid. p. 129. 66 Ibid. p. 130. 67 E. g. CJEU, Case C‐175/11, H. I. D. and B. A. v. Refugee Applications Commissioner and Others, ECLI: EU:C:2013:45, mn. 87. 68 ECtHR, Benthem v. the Netherlands (fn. 40), mn. 64. 69 Segerstedt-Wiberg and Others v. Sweden, No. 62332/00, Judgment 6 June 2006, mn. 118. 70 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 114. 71 Only two EU Member States, Finland and Romania, have empowered another non-judicial body with such a power: the ombudsman and the parliamentary committees, respectively; see: European Union

Gajdošová

433

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:18 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

authorities, furthermore, although in general they have the power to issue binding decisions, limitations can and often do apply in some countries when the case concerns the specific context of untargeted surveillance.72

III. Specialisation 36

37

38

39

40

Although not a legal requirement per se, the issue of specialisation considerably facilitates rendering the right to a remedy effective in practice. According to the relevant international actors, an authority which is independent, and which has formal competence in law to award a remedy but which in fact lacks the expertise to make a proper assessment, will have difficulties in meeting criteria of an effective remedy in law.73 With increasingly complex legal frameworks and more and more sophisticated intelligence technology used by intelligence services, the importance for members of redress bodies – be it the courts or non-judicial bodies – to have adequate legal and technical expertise and specialisation or have access to relevant experts and specialists is growing. Indeed, having a redress body which is well-equipped to cover often very technical issues facilitates rendering the right to a remedy effective not only in law but also in practice. Adequate technical, as well as legal expertise, is undoubtedly one of the main advantages of expert oversight bodies, such as national data protection authorities or other expert oversight bodies that deal with individual complaints in this area.74 Therefore, from the point of view of meeting the requirement of specialisation, having an expert oversight body that deals with individual complaints represents a significant advantage as compared to more general avenues for complaints handling, such as ombudsmen or ordinary, non-specialised courts. As noted by the Council of Europe Commission for Human Rights, there are, however, other ways to mitigate this problem. Such measures can include establishing specialised tribunals or having specialised, security-cleared judges who have adequate legal and technical knowledge. Combining experts with existing or former judges in one (hybrid) body represents another option. A way forward can also be to give a right to the redress bodies to call upon well-established, independent experts, who are security vetted, to advise on technical matters (in this case it is equally important to ensure that necessary resources are provided to redress bodies to enable them to use this right to have an expert advice whenever necessary).75 While specialisation is certainly an advantage, it may also entail certain risks. As noted by the Venice Commission “[t]he group of security cleared judges and prosecutors can be so small that it is almost ‘incestuous’, and they may come to identify more with the people with whom they are in daily contact – the security officials – rather than their judicial colleagues. There is a danger that these judges become so used to the types of Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 116. 72 A comparative overview table with non-judicial bodies’ remedial powers in case of surveillance by EU Member State can be found in European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, table 7. 73 Venice Commission, Report on the Democratic oversight of the Security Services, 2007, mn. 247. 74 Ibid. 75 Council of Europe Commissioner for Human Rights, Issue paper: Democratic and effective oversight of national services, 2015.

434

Gajdošová

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:18 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Effective Remedies against Intelligence Actions

techniques, information and assessments they see every day that they lose their qualities of independence and external insight through a process of acclimatisation”.76 According to the existing case law, in such cases an important issue to consider will be the existence of adequate guarantees of independence from the executive and overall fairness of proceedings (as mentioned in mns. 18–24 above). A suggestion from the Venice Commission for possible guarantees of independence include: “[…] some form of appeal or follow-up mechanism should exist for even judicial authorization of special investigation techniques. It also suggests that, unless special reasons exist, the number of years spent as a judge authorising or reviewing security surveillance should not be too long”.77 The comparative data from the EU Member States show that the lack of technical 41 specialisation, particularly in cases of judges in ordinary courts, represent one of the main limits to effective remedies against intelligence actions.78 In this context, having an oversight body to deal with individual complaints offers the clear advantage of a broader contextual knowledge derived from the oversight functions, which may then assist in dealing with complaints. However, unless it is an expert oversight body, the question of specialisation may also be problematic when it comes to other types of oversight bodies. Indeed, the existing evidence shows that the lack of technical expertise is also a general problem of parliamentary oversight bodies or ombudsmen.79 At the same time, there are interesting ways in which some EU Member States have 42 decided to tackle the problem of a lack of specialisation in this area, as identified by FRA’s research.80 These include cooperation and complementarity between remedial bodies without necessarily expertise but with the power to issue a binding decision and expert oversight bodies without such a power to issue a binding decision but with the needed expertise (e. g. Belgium, France, Ireland and the Netherlands); establishing specialised tribunals or having specialised, security-cleared judges who have adequate legal and technical knowledge (e. g. France, Germany, Ireland and the United Kingdom).

IV. Summary of key points From the point of view of institutional effectiveness of a remedy to be provided in 43 cases of violations of the right to privacy and data protection by intelligence actions, issues such as independence, powers and specialisation play an essential role. Independence is more often challenged in cases where the legal redress mechanism has a nature of a non-judicial body as opposed to courts, in particular, where such non-judicial bodies perform a dual function – oversight and remedial and are part of the executive branch (i. e. executive oversight bodies). The powers of bodies tasked to provide remedies, such as a full, unhindered access to all documents, including classified information, and a power to issue binding decisions, are generally not fully-fledged 76 Venice Commission, Update of the 2007 Report on the democratic oversight of the security services and report on the democratic oversight of signals intelligence agencies, 2015, mn. 212–213. 77 Ibid., mn. 213. 78 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, section 14.2. and European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015, chapter 3. See also Council of Europe Commissioner for Human Rights, Issue paper: Democratic and effective oversight of national services, 2015, p. 53. 79 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, section 14.2; see also Cameron, The problem of oversight, Part 4 Chapter 3 in this volume. 80 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, pp. 132–133.

Gajdošová

435

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:19 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

and/or subject to several restrictions, in particular in the case of non-judicial bodies. As far as the issue of specialisation is concerned – although not a legal requirement per se, having the possibility of drawing on the expertise of an expert oversight body, specialized judges or the possibility of calling ad-hoc experts when dealing with individual complaints usually represents a significant advantage compared to more general avenues for complaints handling, such as ombudsmen or ordinary, nonspecialised courts.

D. Procedural requirements of an effective remedy Article 13 of the ECHR permits individuals to claim a remedy before a national authority for arguable claims that one or more of their rights set out in the ECHR have been violated. The CJEU has also recognised Member States’ obligation to provide remedies that are sufficient to ensure the effective judicial protection of rights in fields covered by Union law under Article 47 of the Charter.81 According to the CJEU, domestic law must not make it impossible or excessively difficult to enforce rights under EU law. Whether a national provision complies with the principle of effectiveness will be determined by taking into account the overall procedure, the position of the parties and the circumstances of the case.82 The ECtHR developed concrete requirements of a procedural nature for a remedy to be effective, namely the overall accessibility of a remedy and its capability of providing an adequate redress.83 45 Existing opinions and studies of different European and international actors show that the accessibility of the remedy is often hampered in practice.84 For instance, bringing an action before courts seems to be more of a theoretical possibility given that there may be explicit restrictions on individuals seeking a remedy in an ordinary court before they have been notified that they have been a target of surveillance. Even if individuals are aware that their rights have potentially been violated, due to state secrecy arguments to prevent challenges being heard or “neither deny nor confirm” policy, legal proceedings can be easily frustrated because of difficulties in meeting the evidentiary requirements.85 Given the very secrecy of these activities, individuals are in many cases simply unlikely to be able to prove that they have been individually and directly concerned and subjected to surveillance. These hurdles can easily restrict or reduce access left to individuals in such a way or to such an extent that the very essence of the right to an effective remedy is impaired.86 46 Research shows that non-judicial bodies tend to be easier to access than courts, given that their proceedings are usually less formalistic and less costly and procedural 44

81 E. g. CJEU, C-50/00 P, Unión de Pequeños Agricultores v. Council of the European Union, [2002] ECRI I-06677, mn. 39–41; or CJEU, T-461/08, Evropaïki Dynamiki – Proigmena Systimata Tilepikoinonion Pliroforikis kai Tilematikis AE v. European Investment Bank (EIB), [2011] ECR II-06367, mn. 46. 82 E. g. CJEU, C-249/11, Hristo Byankov v. Glaven sekretar na Ministerstvo na vatreshnite raboti, ECLI: EU:C:2012:608, mn. 75; or CJEU, C-169/14, Juan Carlos Sánchez Morcillo and María del Carmen Abril García v. Banco Bilbao Vizcaya Argentaria SA, ECLI:EU:C:2014:2099, mn. 43–51. 83 See e. g. ECtHR, Kudła v. Poland (fn. 21), mn. 152. For these principles applied in the context of surveillance: ECtHR, Kennedy v. the United Kingdom (fn. 21), mn. 109. 84 E. g. European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015, chapter 3; Council of Europe Commissioner for Human Rights, Issue paper: Democratic and effective oversight of national services, 2015, chapters 4 and 5; Venice Commission, Update of the 2007 Report on the democratic oversight of the security services and report on the democratic oversight of signals intelligence agencies, 2015. 85 Ibid. 86 E. g. ECtHR, Zakharov v. Russia (fn. 15), mn. 302.

436

Gajdošová

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:19 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Effective Remedies against Intelligence Actions

rules concerning evidentiary burden or legal standing less strict.87 However, in practice, non-judicial avenues may not be capable of providing an adequate redress in accordance with the existing established standards – which is the second procedural requirement of an effective remedy in addition to its accessibility. Indeed, in the context of individuals seeking remedy against intelligence action, a relevant redress body should have the power to, inter alia, quash relevant warrants, provide individuals concerned with access to their personal data and order the deletion or rectification of personal data unlawfully collected.88 Just as with the power to issue binding decisions (as mentioned in mns. 33–35 above), however, this aspect of decision-making powers is usually neither fully met in cases of ombudsmen nor in cases of some of the oversight bodies, including data protection authorities, which have the role of supervising data processing operations for intelligence purposes and providing remedy, where necessary.89 The next sections focus on specific elements of the procedural requirements that 47 determine whether a given legal redress mechanism offers an effective remedy to individuals against intelligence actions. These include: accessibility of a remedy and its capability of providing an adequate redress.

I. Accessibility In the field of secret surveillance, there are two aspects that play a crucial role when 48 assessing the accessibility of a remedy: existence of a requirement to notify the subject of surveillance that either a general surveillance regime or specific surveillance measures are in place and the legal standing requirements that any individual has to meet in order to be able to challenge such measures.90

1. Notification The issue of notification is not a standard part of effective remedy-related assess- 49 ments in the case law of the ECtHR and CJEU in general. However, in the specific context of surveillance which is undertaken in secrecy, an obligation to inform an individual concerned about surveillance measures taken against him or her, is often presented as a condition sine qua non for ensuring that access to a remedy is actually practical and not only illusory.91 Indeed, unlike in cases of violations of fundamental rights in other areas, an individual – unless notified – may simply not be aware or even suspicious that his or her fundamental rights have been interfered with by the 87 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015, p. 76. 88 CJEU, Maximillian Schrems/Data Protection Commissioner (fn. 17), mn. 95; or ECtHR, SegerstedtWiberg and Others v. Sweden (fn. 69), mn. 120. 89 For a comparative overview of national data protection authorities’ remedial competences over intelligence services in the EU, see: European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, Figure 10. 90 There are also other aspects that have an impact on the accessibility of a remedy, such as the evidentiary requirements. According to the Venice Commission, given the levels of secrecy involved, individuals seeking redress are likely to face severe practical difficulties in proving a case, in obtaining access to relevant evidence, or in challenging the intelligence services’ version of events. To combat some of these problems, special security-cleared advocates have been introduced in some countries. See Venice Commission, Report on the Democratic oversight of the Security Services, 2007, mn. 250. 91 United Nations High Commissioner for Human Rights, The right to privacy in the digital age, 2014, mn. 40.

Gajdošová

437

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:20 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

50

51

52

53

secret action of intelligence services and hence may not even consider exercising his or her right to a remedy.92 The obligation to inform an individual concerned during and/or after the surveillance about surveillance actions represents an important criteria in assessing the effectiveness of a remedy. The CJEU confirmed that: “the competent national authorities to whom access to the retained data has been granted must notify the persons affected, under the applicable national procedures, as soon as that notification is no longer liable to jeopardise the investigations being undertaken by those authorities. That notification is, in fact, necessary to enable the persons affected to exercise, inter alia, their right to a legal remedy […]”.93 Nevertheless, where national security considerations are at stake, ECtHR has been prepared to accept some limitations on this obligation. Already in Klass and Others v. Germany, the ECtHR accepted that the obligation to inform – even ex-post94 – is not an absolute requirement.95 In Zakharov, the ECtHR held that “[i]t may not be feasible in practice to require subsequent notification in all cases. The activity or danger against which a particular series of surveillance measures is directed may continue for years, even decades, after the suspension of those measures. Subsequent notification to each individual affected by a suspended measure might well jeopardise the long-term purpose that originally prompted the surveillance. Furthermore, such notification might serve to reveal the working methods and fields of operation of the intelligence services and even possibly to identify their agents”.96 The ECtHR, however, added that the absence of any requirement to notify will have to be justified and accompanied with additional safeguards. Firstly, states are required to have review procedures in place that would safeguard individuals’ rights from the very beginning i. e. when the surveillance is ordered, while it is being carried out and once it is terminated, via an independent oversight body (or other non-judicial bodies) with sufficient powers and procedural guarantees (as mentioned in mns. 19–35 above), and/ or courts. Secondly, legal standing (i. e. ability to sue/bring a claim) of an individual before such an independent oversight body or a court has to be interpreted more generously (see mns. 54–63 below). An overview of the legal frameworks of EU Member States shows that in the context of secret surveillance measures, notification is the exception rather than the rule. Although the majority of states includes in their laws an obligation for national authorities to inform individuals subject to surveillance, in some cases within specific time-frames, at the same time they introduce specific limitations on such obligations which include various grounds, such as national security, national interests or the purpose of the surveillance measure itself.97 According to the research conducted by FRA in this area, only two EU Member States have specific provisions on the obligation to inform in the context of untargeted intelligence but this is again subject to specific 92 From the point of view of the right to privacy and data protection, the obligation to notify also ensures transparency of data processing and the exercise of other data protection-related rights of the individual, i. e. the rectification and/or deletion of data being processed unlawfully. 93 CJEU, Tele2 Sverige AB i Post- och telestyrelsen and Secretary of State for the Home Department/Tom Watson, Peter Brice, Geoffrey Lewis (fn. 5), mn. 121. 94 Cf. Murphy, in: Diver, and Miller (eds.) Justiciability of Human Rights Law in Domestic Jurisdictions, 2016. 95 ECtHR, Klass and Others v. Germany (fn. 25), mn. 57–58. See also Weber and Saravia v. Germany, Application no. 54934/00, Judgment 29 June 2006, mn. 135. Cf. ECtHR, Association for European Integration and Human Rights and Ekimdzhiev v. Bulgaria (fn. 22), mn. 101. 96 ECtHR, Zakharov v. Russia (fn. 15), mn. 287. 97 European Union Agency for Fundamental Rights, Handbook on European law relating to access to justice, 2016, section 3.1.

438

Gajdošová

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:20 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Effective Remedies against Intelligence Actions

restrictions (e. g. notification to be provided only when selectors used are directly attributable to the individual (Sweden) or unless personal data obtained are immediately deleted after collection and not further processed (Germany)).98 The subsequent FRA’s findings from the fieldwork pointed out the general non-implementation of notification obligation and/or the right to access information.99 The findings, at the same time, refer to certain safeguards built into the laws of some EU Member States, such as the socalled indirect access right (i. e. right for an individual to access his/her own data indirectly through the data protection authority or the expert body) or the involvement of the expert oversight body or a court for scrutinising whether the invoked grounds for restricting the rights of notification or access are reasonable.100

2. Legal standing Legal standing rules represent a well-established procedural mechanism that sets out 54 the conditions under which an individual can bring a claim to a redress body. Rules for standing generally limit the ability to pursue a particular claim to the individual who has suffered the harm in question or their direct representatives (for instance, where the individual is deceased) and hence have a direct impact on how accessible available remedies are. In general, only persons (natural and legal) who have a direct personal interest in the action are allowed to bring their claims before the courts. Individuals who cannot show that they have been personally affected by the measures in questions, will not be considered to be individually concerned and hence will have their action declared inadmissible, usually ex oficio.101 At the same time, in some areas in which it was recognised that individuals face 55 particular difficulties of procedural and/or of other nature when seeking to obtain justice, a more relaxed approach to legal standing has been introduced into different legal regimes, including at the EU or international level. Such approaches include the possibility of public interest claims or collective complaints (sometimes referred to as class actions), in order to avoid rendering the right to a remedy ineffective in practice.102 This more generous approach to legal standing exists, for example, in areas which relate to a general public interests, such as the environment, or in which there may be certain third parties that may have a legitimate interest in bringing claims in relation to breaches of laws within their area of expertise, such as NGOs, trade unions, equality bodies or the media. While ensuring appropriate procedural guarantees to avoid abusive litigation, such broadened rules help to compensate for the practical difficulties individuals face in the given area when seeking to bring their claim. They also lead to procedural economy with beneficial results in terms of costs and time not only for the parties concerned but also for the court system and therefore for public resources in general. In the context of secret surveillance measures, a strict requirement to establish that an 56 individual has been the victim of a violation can be difficult or impossible to meet since very few states have provisions in place requiring ex-post notification of surveillance to the individual concerned (as mentioned in mns. 49–53 above). Accordingly, as also 98

Ibid. European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 110. 100 Ibid. pp. 126 and 127. 101 European Parliament, Standing up for your right(s) in Europe: A Comparative Study on Legal Standing (Locus Standi) before the EU and Member States’ Courts, 2012. 102 E. g. European Union Agency for Fundamental Rights, Access to justice in Europe: an overview of challenges and opportunities, 2011, section 3.1.2. 99

Gajdošová

439

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:21 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

57

58

59

60

highlighted by different United Nations and Council of Europe actors, the rules on legal standing should be interpreted in a more generous way.103 According to the UN Special Rapporteur on Counter-terrorism, Ben Emmerson, for instance, the specific context of mass surveillance regimes requires that any internet user has to have a standing to challenge the legality, necessity and proportionality of the surveillance measures.104 Similarly, the CoE Commissioner for Human Rights points out, referring to the relevant case law of the ECtHR, that individuals who believe that their rights have been unlawfully infringed by intelligence services must have access to an institution that can provide an effective remedy.105 The need to adjust the approach to legal standing requirements in cases involving claims against secret surveillance was explicitly confirmed by the ECtHR to counterbalance the frequent absence of notification combined with the impossibility to request and obtain information about surveillance measures from authorities.106 In Zakharov, the applicant claimed that there had been an interference with his rights as a result of the mere existence of legislation permitting covert interception of mobile telephone communications and the resultant risk of being subjected to interception measures, rather than as a result of any specific interception measures applied to him.107 The court stressed that any approach to legal standing before the national courts as well as before the ECtHR has to take into account the need to ensure that the secrecy of surveillance measures does not result in the measures being effectively unchallengeable and outside the supervision of the national judicial authorities and of the ECtHR. Accordingly, a national legal system has to provide an effective remedy to an individual claiming to be a victim of a violation occasioned by the mere existence of secret measures or of legislation permitting secret measures against a group of persons to which the person belongs or against all users of a given communication service. According to the ECtHR “[t]here is in principle little scope for recourse to the courts by the individual concerned unless […] any person who suspects that his or her communications are being or have been intercepted can apply to courts, so that the courts’ jurisdiction does not depend on notification to the interception subject that there has been an interception of his communications”.108 At the same time, furthermore, such a redress body has to be able to effectively check and make sure that any measures are being carried out in a lawful manner. It must thus be able to have access to all relevant materials and have the power to grant a binding remedy (including, where appropriate, a possibility to issue an order for the termination of surveillance or the destruction of the material).109 103 Supra mn. 52. See also Venice Commission, Update of the 2007 Report on the democratic oversight of the security services and report on the democratic oversight of signals intelligence agencies, 2015, mn. 138; Emmerson, Report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism, 2014, mn. 50; or United Nations High Commissioner for Human Rights, The right to privacy in the digital age, 2014, mn. 40. 104 Emmerson, Report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism, 2014, mn. 50. 105 Council of Europe Commissioner for Human Rights, Issue paper: Democratic and effective oversight of national services, 2015, section 5.2. 106 In this context see, for instance, Emmerson, Report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism, 2017, mn. 35, in which the United Nations Special Rapporteur welcomed this case law of the ECtHR as enhancing the right to an effective remedy in the context of secret surveillance measures. 107 ECtHR, Zakharov v. Russia (fn. 15). 108 Ibid., mn. 234. See also Emmerson, Report of the Special Rapporteur on the promotion and protection of human rights and fundamental freedoms while countering terrorism, 2014. 109 ECtHR, Association for European Integration and Human Rights and Ekimdzhiev v. Bulgaria (fn. 22). For further analysis of effective oversight, see: Scheinin, Compilation of good practices on legal and

440

Gajdošová

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:21 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Effective Remedies against Intelligence Actions

The ECtHR added that in case there is no such effective remedy at the national level, it will allow for an exception to the rule, which otherwise denies individuals the right to challenge a law in the abstract before the ECtHR:“where the domestic system does not afford an effective remedy to the person who suspects that he or she was subjected to secret surveillance, widespread suspicion and concern among the general public that secret surveillance powers are being abused cannot be said to be unjustified […].There is therefore a greater need for scrutiny by the court and an exception to the rule, which denies individuals the right to challenge a law in abstracto, is justified. In such cases the individual does not need to demonstrate the existence of any risk that secret surveillance measures were applied to him”.110 The ECtHR makes a distinction between complaints against the existence of a regime that is alleged to fall short of the requirements of an effective remedy, and complaints directed against specific instances of unlawful activity by the state. Whereas in the latter situation, applicants should be required to show a reasonable likelihood that they have been the subject of unlawful surveillance, in the former situation, the ECtHR has been prepared to examine the impugned provisions on their face value.111 Taking into account the secret nature of the surveillance provided for by the law in question, the broad scope of its application, affecting all users of the given communication services, and the lack of effective means of challenging the alleged application of secret surveillance measures at domestic level, an examination by the ECtHR of the relevant legislation in abstracto was found justified in Zakharov case. In other words, where the applicable legal framework does not provide sufficient safeguards and effective remedies are absent at the national level, the ECtHR will assess the overall legal framework even when an applicant cannot prove that he or she was under surveillance. In light of the findings of the comparative research on the laws of EU 28 in the area of surveillance published by the FRA in 2015, relaxing standing rules and allowing for collective complaints and in this way enabling independent journalists, civil society organisations and whistle-blowers to play their essential “intermediary” role in facilitating access to remedies, represents an important way forward.112 A decision of the German Constitutional Court from September 2016 indicates that national courts may also be reflecting on the strictness of the legal standing requirements in the specific context of strategic surveillance. When considering a constitutional challenge brought by the national oversight body concerning the national intelligence services’ decision not to disclose a complete list of the selectors (search terms) used to share intercepted institutional frameworks and measures that ensure respect for human rights by intelligence agencies while countering terrorism, including on their oversight, 2010; European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 114; European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015, chapter 2; Council of Europe Commissioner for Human Rights, Issue paper: Democratic and effective oversight of national services, 2015, chapters 4 and 5; Venice Commission, Update of the 2007 Report on the democratic oversight of the security services and report on the democratic oversight of signals intelligence agencies, 2015. 110 ECtHR, Zakharov v. Russia (fn. 15), mn. 171. 111 Ibid., mn. 170–179. 112 In this context, the findings point out that non-judicial redress mechanisms are usually more accessible to individual because their procedural rules, including those concerning legal standing, are less strict. See European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015, pp. 67–68. In practice, furthermore, the intermediaries would not be able to pursue the litigation without pro bono legal support given that legal aid is generally not available in this area, see: European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 121.

Gajdošová

441

61

62

63

64

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:22 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

data with the US National Security Agency, the Constitutional Court noted that “[f]or the admissibility of a constitutional complaint, it is […] enough if the citizen shows that it is rather likely that his fundamental rights are violated by the injunction, even if he cannot show in detail to be in fact the object of measures of strategic surveillance”.113 The possibility of relying on assumed facts, i. e. assuming “for the sake of the argument”, that the facts asserted by the complainant are true (United Kingdom), on the so-called second-hand evidence, consisting of declarations made by officials who did not have direct access to the classified information but have received a description of such information (Spain or Germany), or on the testimonies of anonymous witnesses allowing members of the security services to disclose anonymously classified information during a specific procedure (the Netherlands) can also be seen as one way of facilitating individual’s standing before the redress body.114

II. Capability of providing adequate redress The adequacy of reparation for harm suffered represents another building block of an effective remedy. According to the existing case law of the ECtHR, where a state breaches its obligations it must “put an end to such breach […] and make reparation for its consequences in such a way as to restore as far as possible the situation existing before the breach …”.115 The nature of the right at stake has implications for the type of remedy the State is required to provide (e. g. compensation for pecuniary and/or nonpecuniary loss, orders (injunctions) or specific performance). 66 In its report on the right to privacy in the digital age, the UN High Commissioner for Human Rights stated that an effective remedy must be capable of ending ongoing violations, for example, through ordering deletion of data or other reparation.116 According to the Council of Europe Commissioner for Human Rights, victims whose right to privacy and data protection has been violated as a result of surveillance measures, should be granted not only compensation for any violations but also relevant surveillance measures or orders should be quashed, relevant files destroyed or unlawfully collected information deleted.117 67 In its case law, the ECtHR confirmed that where a redress body does not have the competence to order the destruction of files or the erasure or rectification of information kept in the files, then the remedy is ineffective.118 In the Zakharov case, although being satisfied that relevant authorities in question had certain powers with respect to the breaches detected by them and thus were able to order to stop or remedy the detected breaches of law and to hold those responsible liable, the ECtHR pointed out that there was “no specific provision requiring destruction of the unlawfully obtained intercept material”.119 In the earlier case of Kennedy, on the other hand, the ECtHR seemed to be satisfied where the relevant redress body [Investigatory Powers Tribunal (IPT)] could – provided it is found in the claimant’s favour – “quash any interception order, require destruction of intercept material and order compensation to be paid”.120 65

BVerfG, decision of 20 September 2016 – 2 BvE 5/15, mn. 60. European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 130. 115 Perdigão v. Portugal, Application no. 24768/06, Judgment 16 November 2010, mn. 85. 116 United Nations High Commissioner for Human Rights, The Right to privacy in the digital age, 2014, mn. 41. 117 Council of Europe Commissioner for Human Rights, Issue paper: Democratic and effective oversight of national services, 2015, section 3.1. 118 ECtHR, Segerstedt-Wiberg and Others v. Sweden (fn. 69), mn. 120. 119 ECtHR, Zakharov v. Russia (fn. 15), mn. 282 and 292. 120 ECtHR, Kennedy v. the United Kingdom (fn. 21), mn. 167. 113 114

442

Gajdošová

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:22 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Effective Remedies against Intelligence Actions

One may criticise, however, that in this case, the ECtHR did not go further to examine whether this power has ever been used by the IPT to determine its effectiveness in practice. Indeed, it seems that to date, even in the cases in which the IPT decided to uphold complaints, these full powers to provide redress have not been used.121 According to the existing comparative research, the power to quash an interception 68 order, require the destruction of unlawfully obtained intercept material and order compensation to be paid, is not only absent in the case of ombudsperson institutions but is also frequently missing in case of some of the oversight bodies, including data protection authorities which, while having the role of supervising data processing operations for intelligence purposes, are equally tasked with providing a remedy to the individuals concerned.122 Further elaboration of the requirement of adequacy of redress was provided by the 69 CJEU in the Schrems case. According to the Court, a national legal system “not providing for any possibility for an individual to pursue legal remedies in order to have access to personal data relating to him, or to obtain the rectification or erasure of such data, does not respect the essence of the fundamental right […] as enshrined in Article 47 of the Charter”.123 Admittedly, for the reason of national security, it may prove necessary not to disclose certain information to the individual. Yet, a redress body has to be able to review whether the invoked reasons are still valid, with the national authority being required to prove that the disclosure of the information would compromise state security. There should be no presumption that the reasons invoked exist and are valid.124 The existing comparative research data concerning the situation in the EU shows that 70 the right to access data by individuals in the EU Member States is generally provided only in an indirect way (i. e. indirectly through the data protection authority or the expert body), if at all. Such a right exists in 12 EU Member States (Austria, Belgium, Bulgaria, Cyprus, Finland, France, Hungary, Ireland, Italy, Luxembourg, Portugal and Sweden).125 Even in some of these cases, “in some Member States, the oversight body involved in indirectly exercising an individual’s right to request access to data neither confirms nor denies the data processing. The replies are usually limited to stating that the complaint has been handled and/or checked”.126

III. Summary of key points There are two procedural aspects to be taken into account regarding an effective 71 remedy in cases of violations of the right to privacy and data protection by intelligence actions. These are the overall accessibility of a remedy and its capability of providing an 121 E. g. Liberty and Others v. GCHQ and Others, IPT/13/77/H, 6 February 2015 and 22 June 2015 or Privacy International v. the Secretary of State for Foreign and Commonwealth Affairs, GCHQ, MI5 and MI6, IPT/15/110/CH, 17 October 2016. The IPT, however, rarely publishes its decisions or holds public hearings and there are no specific statistics available on its website (www.ipt-uk.com). 122 For a comparative overview of national data protection authorities’ remedial competences over intelligence services in the EU, see: European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, part III, Figure 10. 123 CJEU, Maximillian Schrems/Data Protection Commissioner (fn. 17), mn. 95. 124 CJEU, C-300/11, ZZ v. Secretary of the State of Home Department, ECLI:EU:C:2013:363, mn. 53–54, 57, 61 and 64. 125 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 126. 126 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015, p. 75.

Gajdošová

443

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:23 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

adequate redress, the standards of which have been established in the case law of the ECtHR and CJEU and developed by different UN and CoE bodies. While relatively open accessibility is usually perceived to be one of the main advantages of non-judicial bodies (often called “low-threshold” bodies), the ability to provide an adequate redress is undoubtedly stronger in courts rather than in ombudsmen, but also in cases of particular oversight bodies, including data protection authorities. 72 In case law concerning surveillance, accessibility is examined from two angles – the existence of an obligation of intelligence services to inform an individual concerned (when ordering, during and/or after the surveillance) and the legal standing rules to bring a claim before a redress body. The obligation to inform (notification) – even when concerning the obligation to inform ex-post – is not an absolute obligation, especially where national security considerations are at stake. Nevertheless, the absence of any requirement to notify will have to be justified and accompanied with additional procedural safeguards, one of them being a more generous approach to the legal standing requirements. In fact, this need to adjust the approach to legal standing requirements in cases involving claims against secret surveillance has now become an important safeguard that is taken into account when the effectiveness of a remedy is examined. This is to counter-balance the frequent absence of notification combined with the impossibility to request and obtain information about surveillance measures from authorities, resulting in individuals not being able to effectively access a remedy. As such, complaints against the existence of a surveillance regime that is alleged to fall short of the requirements of an effective remedy should be allowed, without the need for those bringing such complaints to show a reasonable likelihood that they themselves have been the subject of unlawful surveillance. 73 The second aspect of the accessibility requirement; the adequacy of reparation for harm suffered by an individual as a result of the unlawful surveillance, has also had existing standards set by the ECtHR and the CJEU as well as by different UN and CoE bodies. These require that a redress body has the power to quash an interception order, require destruction of unlawfully obtained intercepted material or order rectification of information kept in the files and order compensation to be paid. In addition, a redress body has to be able to provide individuals with access to personal data relating to them and ensure their right to obtain the rectification or erasure of such data. This can, at the least, be conducted in an indirect way and by reviewing whether the invoked reasons are still valid, with the intelligence authority being required to prove that the disclosure of the information would compromise state security. There should be no presumption that the reasons invoked exist and are valid. Such comprehensive powers are, however, usually absent not only in case of ombudsperson institutions but are also frequently missing in case of some of the non-judicial bodies, including data protection authorities which, while having a role in supervising data processing operations for intelligence purposes, are equally tasked with providing a remedy to the individuals concerned in some countries.

E. Concluding remarks: effective remedies for individuals in the context of surveillance – science fiction or reality? 74

The work of intelligence services, the relevance of which is ever more heightened in the context of the fight against pressing security threats, such as terrorism or organised crime, is characterised by the need for secrecy, especially when the surveillance measures are ongoing. Accordingly, setting up a legal redress mechanism that would 444

Gajdošová

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:23 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Effective Remedies against Intelligence Actions

be effective in practice in the area of secret surveillance is not an easy task. As the Venice Commission highlighted: “[a] complaints system should balance, on the one hand, independence, robustness and fairness, and, on the other hand, sensitivity to security needs. Designing such a system is difficult but not impossible”.127 Relevant standards established in the case law of the ECtHR and CJEU and developed by different UN and CoE bodies, as analysed in this chapter, provide some but certainly not the exhaustive guidance in this regard.128 While the general rule that a remedy must be “effective” both in law and in practice continues to be the basic premise in cases concerning complaints against surveillance by intelligence services, special requirements of secrecy and sensitivity that pertain to surveillance systems appear to allow for a somewhat flexible approach to institutional and procedural requirements of the general “effective remedy” concept.129 Above all, in order to satisfy the accessibility requirement of a remedy, there is no longer the need for an absolute notification obligation, including ex-post notification. This is due to the specific context related to the need to protect national security against terrorism and other threats in which intelligence services work, coupled with the specific nature of intelligence work based on secrecy and special methods that go beyond the targeted surveillance.130Admittedly, such flexibility in the approach to the notification requirement has been compensated by additional safeguards. These are, firstly, a more generous approach to legal standing and, secondly, the availability of independent redress bodies with sufficient powers and competence to handle complaints from the very beginning of the surveillance – i. e. when the surveillance is ordered, while it is being carried out and once it is terminated. As shown in this chapter, however, there are issues that relate to the application of these additional safeguards which have a considerable potential to render the effectiveness of one’s right to a remedy especially vulnerable. As a hypothetical example, we can envisage individuals who cannot prove to be the object of surveillance, but is able to show that it is rather likely that their fundamental rights are violated by such surveillance and may thus be allowed to seek a remedy before an oversight or other similar non-judicial body at national level. However, many of these bodies generally lack strong powers (e. g. the power for a full access to all information, including classified information or to issue a binding decision) and in many cases suffer from lack of independence and expertise. Due to claimed overriding secrecy interests, moreover, procedures of oversight bodies often lack transparency and the specific procedural rules that apply once challenges are brought by individuals before a redress body, enable for example intelligence services to invoke secrecy arguments or exclude the complainant from some parts of proceedings, hence simultaneously interfering with his or her right to a fair trial.131 In case a redress body finds in 127

Venice Commission, Report on the Democratic oversight of the Security Services, 2007. The existing jurisprudence at the European level mainly covers minimum standards relating to effective remedies in the context of targeted surveillance actions by intelligence services. This area is, however, evolving rapidly and there are many cases that are currently awaiting a decision by the ECtHR. It is to be seen, therefore, how the standards concerning effective remedies will be further shaped in the specific context of untargeted surveillance. 129 See e. g. Council of Europe Commissioner for Human Rights, Issue paper: Democratic and effective oversight of national services, 2015, pp. 32–33. 130 ECtHR, Zakharov v. Russia (fn. 15), mn. 233 and 234. Harris, O’Boyle, Bates, and Buckley, Law of the European Convention on Human Rights, 2014, pp. 774–777. 131 According to the existing comparative data, there is no harmonisation among EU Member States of the conditions under which classified information may be disclosed and used as evidence during judicial proceedings. Most Member States do not allow courts to use intelligence information that is not available to the parties and that does not meet evidential standards. See: European Union Agency for Fundamental 128

Gajdošová

445

75

76

77

78

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:24 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

favour of intelligence services, individuals are usually left with a simple statement rejecting their complaint as inadmissible.132 In addition, there is not always a legal possibility at the national level to appeal such decisions and hence ensure their supervision by a judicial body (court), which may render such national redress systems challengeable for not complying with the overall institutional requirements of an effective remedy and general requirements of fairness.133 79 Moreover, the existence of a multitude of bodies at the national level that together create a legal redress mechanism of the given country represents a considerable hindrance to effective remedies in practice. Admittedly, even if a single remedy does not by itself entirely satisfy the requirements of effectiveness, the aggregate of remedies provided for under domestic law may do so. It can thus be argued that one has to always look at the overall remedial landscape in a given country as an effective legal redress system can be in principle accomplished as long as the different bodies in place (e. g. courts, oversight bodies, data protection authorities, etc.) complement each other and as a whole constitutes a strong system capable of assessing whether the intelligence services’ actions were carried out properly and providing remedies, where relevant.134 80 Yet, the more complex the remedial landscape (i. e. more bodies that are involved in one way or another in providing a remedy), the more difficult it will be for an individual or those acting on their behalf (unless equipped with necessary legal and technical knowledge) to find their way around it in practice. As existing evidence shows, “[t]he complexity of the remedial landscape does not facilitate the implementation of effective remedies… Fragmentation and compartmentalisation of different remedial avenues have made it difficult to seek remedies”.135 From this point of view, the access to an effective remedy against intelligence services in Europe seems to be made considerably difficult given the complexity of the remedial landscape which includes not only traditional avenues in the form of ordinary and/or specialised courts but also a considerable number of non-judicial mechanisms such as oversight bodies (if of a parliamentary, executive and/or expert nature), data protection authorities as well as other specialized bodies which one should turn to, or not, depending on the type of the complaint. A further layer of complexity is added in practice in cross-border cases of foreign Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 129. 132 See also relevant findings of the fieldwork research conducted by FRA: European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 114. According to these findings, for example, in 11 EU Member States non-judicial bodies inform complainants that a control was performed without specifying the outcome. 133 E. g. in the United Kingdom, the absence of judicial review of IPT judgments (until adoption of the Investigatory Powers Act in 2016) was confirmed by the courts: United Kingdom, IPT, Privacy International, R (On the Application Of) v. Investigatory Powers Tribunal, Court of Appeal – Administrative Court, February 02, 2017, [2017] EWHC 114 (Admin), 2 February 2017. According to existing empirical evidence across the EU, only in a few cases can decisions of non-judicial bodies be reviewed by a judge (for instance following an expert body decision in Austria and France, or by the data protection authority in France); see: European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 114. 134 Cf. Harris, O’Boyle, Bates, and Buckley, Law of the European Convention on Human Rights, 2014, p. 773. 135 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015, p. 75. This finding was subsequently confirmed by the fieldwork research conducted by FRA in 2017, see European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 113.

446

Gajdošová

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:24 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 4. Effective Remedies against Intelligence Actions

surveillance where an individual of one EU Member State wishes to seek a remedy against foreign intelligence gathering operations in a different EU Member State. Data shows that a majority of EU Member States do not have laws prescribing an oversight of cooperation agreements by independent bodies.136 On the basis of the above, it comes as no surprise that only a limited number of 81 individuals tend to seek remedies in practice despite the fact that modern surveillance techniques affect a vast part of the population.137 Exercising one’s right to an effective remedy in the context of surveillance – although not a complete science fiction – has indeed become more challenging than ever. 136 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, p. 57. See also Brown, Halperin, Hayes, Scott and Vermeulen, Toward Multilateral Standards for Foreign Surveillance Reform in: Miller (ed.), Privacy and Power: A Transatlantic Dialogue in the Shadow of the NSA-Affair, Cambridge University Press 2017. 137 As highlighted by FRA in its findings from the 2016 fieldwork research: on average, according to the experts interviewed, remedial bodies receive 10–20 complaints per year, see: European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU: Field perspectives and legal update, 2017, part III.

Gajdošová

447

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:25 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5 Intelligence and Civil Society Carly Nyst/Eric King Outline A. Introduction ...................................................................................................................... B. Understanding the increasing role of civil society ................................................... I An uptick in legislative transparency ................................................................. II. Agencies and oversight bodies becoming more public facing...................... III. Changing tradecraft ................................................................................................ C. Assessing the influence of European civil society organisations........................... I. United Kingdom ..................................................................................................... 1. The RIPA era: 2000 to 2012 ............................................................................ 2. The post-Snowden era: 2013 to 2016 ............................................................ 3. The Investigatory Powers Act era: 2016 to ? ............................................... II. Germany.................................................................................................................... III. France ........................................................................................................................ IV. Netherlands.......................................................................................................... V. Denmark ................................................................................................................... VI. Poland........................................................................................................................ VII. Hungary .................................................................................................................... VIII. Europe ....................................................................................................................... D. Conclusion .........................................................................................................................

mn. 1 11 12 19 25 33 35 37 40 46 47 56 61 65 68 70 74 78

Bibliography: Access Now, Silencing civil society in Hungary: How to fight back?, 28 April 2017, available at https://www.accessnow.org/silencing-civil-society-hungary-fight-back/; Alan Travis, Tribunal says EU judges should rule on legality of UK surveillance powers, The Guardian, 8 September 2017, available at https://www. theguardian.com/world/2017/sep/08/snoopers-charter-tribunal-eu-judges-mass-data-surveillance; Angelique Chrisafis, NSA surveillance: French human rights groups seek judicial investigation, The Guardian, 11 July 2013, available at https://www.theguardian.com/world/2013/jul/11/nsa-surveillance-french-investigation; Anh Nguyen, GCHQ ‘3 times more likely’ to lose cyber security skills than private sector Computer World UK, 17th July 2012, available at: http://www.computerworlduk.com/it-vendors/gchq-3-times-more-likelylose-cyber-security-skills-than-private-sector-3370427/; Cara McGoogan, Safe Harbour deal ruled invalid by top European court, Wired, 6 October 2015, available at http://www.wired.co.uk/article/safe-harbourinvalid-european-court-justice; Carly Nyst and Tomaso Falchetta, Right to Privacy in the Digital Age, 9 Journal of Human Rights Practice 1 (2017); Christoph Drier, German SPD and Greens defend mass surveillance, World Socialist Website, 16 July 2013, available at https://www.wsws.org/en/articles/2013/07/ 16/spdg-j16.html; Chris Bing, NSA’s best are ‘leaving in big numbers,’ insiders say Cyberscoop, 6 December 2016, available at: https://www.cyberscoop.com/nsa-morale-down-keith-alexander-mike-rogers/; David Anderson, A Question of Trust: Report of the Investigatory Powers Review, June 2015; David Anderson QC, A Question of Trust: Report on the Investigatory Powers Review June 2015, available at: https:// terrorismlegislationreviewer.independent.gov.uk/wp-content/uploads/2015/06/IPR-Report-Print-Version. pdf; David Omand, A Reflection on the Investigatory Powers Bill, DEMOS, 24th March 2016, available at: https://quarterly.demos.co.uk/article/issue-8/david-omand/; Duncan Campbell, Planned Espionage Act could jail journos and whistleblowers as spies, The Register, 10 February 2017, available at https://www. theregister.co.uk/2017/02/10/espionage_law_jail_journalists_as_spies/; European Commission, European Commission acts to preserve the rule of law in Poland, 26 July 2017, available at http://europa.eu/rapid/ press-release_IP-17-2161_en.htm; EDRi, Polish civil society group stirs up debate on internet freedom, 23 February 2011, available at https://edri.org/edrigramnumber9-4polish-debate-internet-blocking/; European Parliament, Report on the US NSA surveillance programme, surveillance bodies in various Member States and their impact on EU citizens’ fundamental rights and on transatlantic cooperation in Justice and Home Affairs, 2013/2188(INI); European Union Fundamental Rights Agency, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015; Felix Tregeur, From Deep State Illegality to Law of the Land: The Case of Internet Surveillance in France, 7th Biennial Surveillance and Society Conference (SSN 2016) “Power, performance and trust”, Apr 2016, Barcelone, Spain 2016, https://www.researchgate.net/publication/301588736_From_Deep_State_Illegality_to_Law_of_the_Land_

448

Nyst/King

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:26 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. Intelligence and Civil Society The_Case_of_Internet_Surveillance_in_France; Felix Treguer, Intelligence reform and the Snowden Paradox: The Case of France, 5 Media and Communication 1 (2017); France Passes Long-Awaited Whistleblower Protections, Blueprint for Free Speech, 8 November 2016, available at https://blueprintforfreespeech. net/france-passes-long-awaited-whistleblower-protections; Freedom House, Freedom of the Press 2017, available at https://freedomhouse.org/report/freedom-press/2017/poland; French constitutional council approves eavesdropping law, Reuters, 24 July 2015, available at http://www.reuters.com/article/us-francesurveillance/french-constitutional-body-approves-eavesdropping-law-idUSKCN0PX2QF20150723; German Politicians to Face Grilling as BND Inquiry Begins, Deutsche Welle, 7 April 2006, available at http://www. dw.com/en/german-politicians-to-face-grilling-as-bnd-inquiry-begins/a-1962940; Gesellschaft für Freiheitsrechte, Stop boundless surveillance: Let’s complain against the BND law!, available at https://freiheitsrechte. org/bnd-gesetz-stoppen/; Gordon Corera, The spies of tomorrow will need to love data Wired, 7th April 2016, available at: http://www.wired.co.uk/article/spies-data-mi6-cia-gordon-corera; Graham Smith, Futureproofing the Investigatory Powers Bill, Cyberleagle, 15th April 2016, available at: http://www.cyberleagle. com/2016/04/future-proofing-investigatory-powers.html; Harriet Agerholm, Poland abortion strike: thousands of women in over 60 cities refuse to work in protest over restrictive laws, The Independent, 3 October 2016, available at http://www.independent.co.uk/news/world/europe/poland-women-abortion-strike-protests-black-monday-polish-protestors-industrial-action-a7343136.html (last accessed 17 October 2017); Human Rights Watch, Preempting Justice: Counterterrorism Laws and Procedures in France, 1 July 2008, available at https://www.hrw.org/report/2008/07/01/preempting-justice/counterterrorism-laws-and-procedures-france; Kim Zetter, An unprecedented look at Stuxnet, the worlds first digital weapon, Wired, 11th March 2014, available at: https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/; Loerk Essers, German federal prosecutor considers formal NSA investigation, PC World, 13 February 2014, available at http://www.pcworld.com/article/2093720/german-federal-prosecutor-considers-formal-nsa-investigation. html; Marc Trévidic, A dreadful weapon in the wrong hands, worries Marc Trévidic”, RTL, 7th April 2016, available at: http://www.rtl.fr/actu/societe-faits-divers/la-loi-sur-le-renseignement-entre-de-mauvaisesmains-est-une-arme-redoutable-estime-le-juge-marc-trevidic-7777296541; Matt Burgess, Everything you need to know about EternalBlue – the NSA exploit linked to Petya Wired, 29th June 2017, available at: http://www.wired.co.uk/article/what-is-eternal-blue-exploit-vulnerability-patch; Ministry of the Interior, Finland needs civilian intelligence to protect national security, 19 April 2017, http://intermin.fi/artikkeli/-/ asset_publisher/suomi-tarvitsee-siviilitiedustelua-kansallisen-turvallisuuden-suojaamiseen?_101_INSTANCE_jyFHKc3on2XC_languageId=en_US; Nicholas Weaver, In Contempt of Bulk Surveillance: It’s Too Easy Lawfare, 16th September 2016, available at: https://www.lawfareblog.com/contempt-bulk-surveillanceits-too-easy; National Research Council Bulk Collection of Signals Intelligence: Technical Options. 2015, The National Academies Press. https://doi.org/10.17226/19414; Olivier Chopin, Intelligence reform and the transformation of the state: the end of a French exception 40 Journal of Strategic Studies 4 (2017) 536; OSCE, Surveillance amendments in new law in Germany pose a threat to media freedom, OSCE Representative says, asks Bundestag to reconsider bill, 8 July 2016, available at http://www.osce.org/fom/ 252076; Owen Bowcott, GCHQ spied on Amnesty International, tribunal tells group in email, The Guardian, 2 July 2015, available at https://www.theguardian.com/uk-news/2015/jul/01/gchq-spied-amnesty-international-tribunal-email; Owen Boycott, Court to hear challenge to GCHQ hacking of phones and computers, The Guardian, 5 October 2017, available at https://www.theguardian.com/uk-news/2017/ oct/05/court-to-hear-challenge-to-gchq-bulk-hacking-of-phones-and-computers (last accessed 10 October 2017); Quirine Eijkman, Mobilizing for Privacy: Civil Society Advocacy against Surveillance in the Netherlands, 5 Journal of Politics and Law 4 (2012); Reporters without Borders, BND law: German Bundestag ignores criticism of civil society and breaches constitution, 21 October 2016, available at https://rsf.org/en/news/bnd-law-german-bundestag-ignores-criticism-civil-society-and-breaches-constitution; Reporters without Borders, Three UN Special Rapporteurs criticize German foreign intelligence reform bill, 8 September 2016, available at https://rsf.org/en/news/three-un-special-rapporteurs-criticize-german-foreign-intelligence-reform-bill (last accessed 10 October 2016); Royal United Services Institute, A Democratic Licence to Operate: Report of the Independent Surveillance Review, 13 July 2015, available at https://rusi.org/publication/whitehall-reports/democratic-licence-operate-report-independent-surveillance-review; Ryan Gallagher, Apple and Google just attended a secret spy summit in a remote english mansion The Intercept, 22nd May 2015, available at: https://theintercept.com/2015/05/ 22/apple-google-spy-summit-cia-gchq-ditchley-surveillance/; Ryan Gallagher, Operational Socialist, The Intercept, 13 h December 2014, available at: https://theintercept.com/2014/12/13/belgacom-hack-gchqinside-story/; Tamsin Rutter, NGOs fear state control from Poland’s new civil society department, Global Government Forum, 30 November 2016, available at https://www.globalgovernmentforum.com/ ngos-fear-state-control-from-polands-new-civil-society-department/; UK Intelligence and Security Committee, Privacy and Security: A modern and transparent legal framework, 12 March 2015; Ulf Buermeyer, GFF and Amnesty complain about the “G10”, Gesellschaft für Freiheitsrechte, 23 October 2016, available at: https://freiheitsrechte.org/de-g10/; Warren Strobel and John Walcott, Top NSA

Nyst/King

449

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:27 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law official says telephone surveillance should have been disclosed, Reuters, 21st March 2017, available at: http://www.reuters.com/article/us-usa-intelligence-nsa-idUSKBN16T034.

A. Introduction 1

2

3

4

5

6

What do a Romanian lawyer, a Swiss businessman and a Swedish carpenter have in common? Prior to 2000, they were some of the litigants in the major cases before the European Court of Human Rights (“ECtHR”) related to the activities of intelligence agencies.1 Civil society – a term used here to encompass non-governmental organisations (“NGOs”), activist groups and grassroots organisations – was all but absent from the 20th century ECtHR jurisprudence relating to intelligence agencies. Instead, before the turn of the millennium, European civil society’s engagement with intelligence agencies, inhibited by entrenched and absolute government secrecy, was historically limited to seizing upon the fruits of investigative journalism to seed momentary public outrage. In 2018 the situation is markedly different. Relevant civil society litigation is pending or has been recently concluded in the ECtHR or the Court of Justice of the European Union (“CJEU”) in respect of at least five countries: the United Kingdom,2 France,3 Sweden,4 Ireland,5 and Hungary.6 In many more European nations, NGOs and activists conduct research and run campaigns dedicated to making intelligence agencies more accountable and transparent. This shift should be seen in the context of three distinct trends which have emerged over the past two decades. The first is increased transparency and clarity in intelligence laws and policies, primarily under the influence of the European Convention on Human Rights. The second is the increased efforts of intelligence agencies to engage with the public. As late as 1994, the British government would not confirm the existence of the country’s intelligence agencies. Today, those same agencies-each maintain public relations departments and Twitter accounts. This development has been undeniably prompted, in part, by the impact of whistleblowers and leaks which have undermined public confidence in intelligence agencies. The third trend is the changing nature of intelligence tradecraft, catalysed by the advent of the internet and new technologies, which has seen the democratisation of intelligence techniques. These three trends have taken place against a fourth, overarching one: the professionalization of civil society advocacy and activism. The injection of NGO funding in Europe, and the evolution of public and private philanthropy as wealth across the continent have grown, has enabled civil society to invest in research initiatives, commence litigation, and ensure the sustainability of organisations in the long term. Today, the fluency and intensity of civil society engagement in legal and policy issues concerning the intelligence sector is stronger than ever. Indeed, civil society has 1 Rotaru v Romania, European Court of Human Rights, Application no. 28341/95, 9 May 2000; Amman v. Switzerland, European Court of Human Rights, Application no. 27798/95, Judgement of 16 February 2000; Leander v. Sweden, European Court of Human Rights, Application No. 9248/81, Judgement of 26 March 1987. 2 Big Brother Watch and Others v. The United Kingdom, Applications nos. 58170/13, 62322/14, and 24960/15. Judgement of 13 September 2018 (subject to appeal to the Grand Chamber). 3 Association confraternelle de la presse judiciaire v. France, Application no. 49526/15, communicated on 26 April 2017. 4 Centrum För Rättvisa v. Sweden, Application no. 35252/08, Judgement of 19 June 2018. 5 Maximillian Schrems v. Data Protection Commissioner, Ireland, case C-362/14, Court of Justice of the European Union, Judgement of 6 October 2015. 6 Szabo and Vissy v. Hungary, Application no. 37138/14, Judgement of 12 January 2016.

450

Nyst/King

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:28 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. Intelligence and Civil Society

appropriated the critical role of intelligence oversight and scrutiny, a role which European governments have faltered in performing themselves. In recent years, and particularly as the dual threats of transnational terrorism and cybercrime have intensified, States across Europe have considered and adopted laws and policies expanding State secrecy, extending document classification, and preventing the publication of information related to the operations of intelligence agencies.7 Moreover, the technical resources afforded to oversight agencies have failed to keep apace with changes in the methodology of intelligence agencies,8 which are increasingly relying on digital intelligence obtained through technological means. In place of well-resourced oversight agencies with the independence and expertise necessary to scrutinise intelligence agencies, it is frequently civil society which adopts the role of exposing intelligence failings, demanding accountability for intelligence overreach, and educating the public about the proper role of intelligence agencies in democratic societies. Nevertheless, the intensity and effectiveness of civil society engagement in issues related to intelligence and engagement continues to differ significantly across Europe. These disparities can be attributed to a range of factors, including shortfalls in NGO funding; inhospitable domestic legal frameworks, including the lack of costs protection for public interest litigation, and high standing requirements which prevent facial challenges; and limited public support for the relevant issues. In addition, it is important to give due weight to the role of leaks and whistleblowers in the work of civil society regarding intelligence. The single most important factor in the acceleration of civil society work in the United Kingdom over the past four years was the publication, by The Guardian and other media outlets, of documents provided by NSA whistleblower Edward Snowden. The extent of civil society engagement is thus frequently outside the control of activists and organisations, resting instead in the hands of intelligence operatives and contractors deciding whether to break confidentiality obligations in the name of the public interest. In this regard, the participation of civil society in intelligence debates in a particular country may also depend on the relevant country’s whistleblowing laws. The culmination of all of the abovementioned factors will impact upon the hospitality of a particular country to civil society action in the context of intelligence and security issues. As a result, the typology and structure of civil society, as well as their preferred means of influencing debates, differ across the continent, as does the success and effectiveness of their actions. It is not possible to make general observations about civil society in Europe without considering the particular country contexts in which organisations operate. As such, and after analysing the current environment against which civil society engagement in intelligence policy is set, this chapter considers the influence of civil society country by country: beginning with the United Kingdom, the context with which the authors are most familiar and where, arguably, the most organised, large-scale and effective interventions have been executed; and continuing to analyse the situations in Germany, France, the Netherlands, Denmark, Poland, and Hungary. For each country, the prominent civil society actors, their organisational structure, and their preferred means of influencing, are canvassed, and the effectiveness of their interventions to date 7 See, for example, the 2015 French intelligence law (Article 7) and the UK Law Commission’s consultation on a review of the Official Secrets Acts. 8 In its 2014 report on the US NSA surveillance programme, surveillance bodies in various Member States and their impact on EU citizens’ fundamental rights and on transatlantic cooperation in Justice and Home Affairs, the European Parliament noted that, “despite the fact that oversight of intelligence services’ activities should be based on both democratic legitimacy (strong legal framework, ex ante authorisation and ex post verification) and adequate technical capability and expertise, the majority of current EU and US oversight bodies dramatically lack both, in particular the technical capabilities,” 2013/2188(INI), para 74.

Nyst/King

451

7

8

9

10

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:28 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

are assessed. Broader “European” civil society efforts in this field are also briefly identified and analysed. In concluding, this chapter looks to the forthcoming challenges for civil society – decreases in funding, the proliferation of a new generation of secrecy laws, and the shrinking civil society space – and question whether civil society will continue to be able to play its critical role in holding intelligence agencies to account.

B. Understanding the increasing role of civil society 11

Civil society has never had more influence on the development of intelligence policy than it currently enjoys. Three factors underpin this gradual but observable change: an uptick in legislative transparency, prompted primarily by human rights standards; the increasingly public-facing nature of intelligence agencies; and the changing nature of intelligence tradecraft.

I. An uptick in legislative transparency New legislation relating to surveillance and intelligence collection has been passed in a number of European countries in recent years. The fact that publicly available legislation exists at all to govern the secret actions of secret intelligence agencies is, in itself, a relatively recent development, particularly when cast against the extensive history of some European intelligence agencies. There are a number of reasons for this development, the most significant perhaps being the requirement, imposed by the European Convention on Human Rights in 1950, for interferences with fundamental rights to be in accordance with law. 13 Exercising powers on the basis of secret interpretations of obscure or overly-broad laws does not satisfy the standards now expected of rule of law-respecting countries, no matter how diligently such interpretations are followed. The ECtHR has stipulated that the European Convention requires that citizens must have the ability to scrutinise and comprehend how legislation interferes with their rights.9 This is necessary to enable individuals to ensure that powers are exercised in a lawful way, and to hold those using the powers to account if they are misused (see Gajdóšová, Part 4 Chapter 4 and Cameron, Part 4 Chapter 3 in this volume). But equally important is that the legislation reassures those concerned about a powerful unchecked state, by providing clear guidance on how and when powers can be used, and whether the powers themselves derive public legitimacy. In Szabó and Vissy v. Hungary,10 the European Court of Human Rights cautioned that 12

“it would defy the purpose of government efforts to keep terrorism at bay, thus restoring citizens’ trust in their abilities to maintain public security, if the terrorist threat were paradoxically substituted for by a perceived threat of unfettered executive power intruding into citizens’ private spheres by virtue of uncontrolled yet far-reaching surveillance techniques and prerogatives.”11 14

This aspect is increasingly appreciated by governments. Marc Trévidic, the former chief terrorism investigator for the French judicial system, has explained that, in his 9 Malone v. The United Kingdom, [1984] ECHR, Application no. 8691/79, judgment of 2 August 1984, para 67. 10 European Court of Human Rights, Application no. 37138/14, judgement of 12 January 2016. 11 Szabo, at [68].

452

Nyst/King

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:29 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. Intelligence and Civil Society

view, “[i]f an intelligence law is not well-conceived and rational, it could easily become a formidable weapon of repression. An intelligence law should not only protect citizens against terrorism, but also against the State. We in France are doing neither. There is a total absence of control in this law.”12 Intentional or otherwise, surveillance law in many European jurisdictions has, histori- 15 cally, been riddled with opacities. In the United Kingdom, the main piece of surveillance legislation was widely regarded as opaque with it being variously described as “difficult”, “a particularly puzzling statute”, and “impenetrable”.13 In other jurisdictions, as the EU Fundamental Rights Agency recognised in its 2015 report, domestic surveillance laws are embedded in “complex frameworks”, piecemeal compilations of laws, codes and policies.14 Core to the intelligence reform in the United Kingdom has been that any new 16 legislation in this area must be clear, accessible and transparent. This principle was “willingly and ungrudgingly endorsed” by government and the security and intelligence agencies in the UK.15 With such a principle accepted, the new Investigatory Powers Act contained express powers for bulk interception, bulk hacking, and bulk personal datasets as well as the use of domestic bulk communications data, all of which capabilities had previously been denied by the government. Indeed, the acquisition of bulk communications data was only avowed on the day the bill was introduced to parliament. Similar new intelligence legislation has swept across Europe in the wake of the Snowden revelations. This changing perception of whether the avowal of an intelligence capability might in some way disadvantage the security and intelligence agencies and hinder their ability to protect national security has transformed civil society’s ability to participate in debates that were previously held in secret behind closed doors. New capabilities such as the use of hacking are now expressly referenced in British, 17 French,16 and Dutch17 intelligence statutes and hacking is now authorised under Italian law.18 Likewise, the avowal of the scope and scale of communications interception practices has resulted in statutes expressly referring to the need for “bulk interception” or what civil society advocates often refer to as “mass surveillance” in Germany,19 France,20 Austria,21 Switzerland,22 the Netherlands,23 and the UK,24 with Finland currently considering proposals to follow suit.25 12 Marc Trévidic, A dreadful weapon in the wrong hands, worries Marc Trévidic”, RTL, 7th April 2016, available at: http://www.rtl.fr/actu/societe-faits-divers/la-loi-sur-le-renseignement-entre-demauvaises-mains-est-une-arme-redoutable-estime-le-juge-marc-trevidic-7777296541 (last accessed 10 October 2017). 13 Graham Smith, Future-proofing the Investigatory Powers Bill, Cyberleagle, 15th April 2016, available at: http://www.cyberleagle.com/2016/04/future-proofing-investigatory-powers.html. 14 European Union Fundamental Rights Agency, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 2015. 15 § 14.4, David Anderson QC, A Question of Trust: Report on the Investigatory Powers Review June 2015, available at: https://terrorismlegislationreviewer.independent.gov.uk/wp-content/uploads/2015/06/ IPR-Report-Print-Version.pdf. 16 Code de procédure pénale, Articles 706-102-1 and 706-102-2; 220 Code de procédure pénale, Articles 706–73 and 706–73. 17 Article 125 i, Code of Criminal Procedure; and Computer Crime III Act which is likely to come into force in 2017/2018. 18 Cass., Sez. VI, 27 November 2012, no. 254865. 19 Article 6(1) Communications Intelligence Gathering Act, 2016. 20 Le Loi sur le Reseignement, 2015. 21 § 10/5 Polizeiliches Staatsschutzgesetz; Sicherheitspolizeigesetz. 22 Article 43, Nachrichtendienstgesetz. 23 Article 48, Intelligence and Security Service Act. 24 Part 6, Investigatory Powers Act 2016. 25 Ministry of the Interior, “Finland needs civilian intelligence to protect national security,” 19 April 2017, http://intermin.fi/artikkeli/-/asset_publisher/suomi-tarvitsee-siviilitiedustelua-kansallisen-turvalli-

Nyst/King

453

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:30 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law 18

Such transparency has long been demanded by civil society groups, and while many actors take the view that the use of bulk powers can never be a proportionate interference with rights, such a debate can never occur if the government contests such wide scale interference is even occurring. With increased transparency to the public discourse around such powers is able to progress, with the arguments as to the utility, necessity and appropriateness of the powers taking place in a manner that was never before possible. Clear and transparent legislation also ensures that the authorisation and oversight procedures can likewise be scrutinised in a more meaningful manner, resulting in a more robust democratic controls on such powers. For some, this increased legislative transparency is the beginning of a new epoch, with former director of GCHQ David Omand (see also Omand, Part 1 Chapter 2 in this volume) commenting that this “mark [ed] a new phase in placing secret activity of the State … firmly under the rule of law.”26

II. Agencies and oversight bodies becoming more public facing One of the core problems civil society has historically faced is not having access to information about the detail of intelligence agencies’ practices. This lack of information meant meaningful engagement with intelligence communities was all but impossible as the two communities had no shared lexicon to engage in debate. What civil society groups called “hacking”, intelligence agencies called “computer network exploitation”. “Mass surveillance” is a rejected term by the agencies who call what they do “bulk interception”. The lack of this common language has historically disadvantaged civil society groups whose concerns, rarely phrased in the correct government jargon, were all too easily dismissed by intelligence insiders. Likewise a lack of visibility on how or why certain techniques might be deployed in certain circumstances meant that civil society’s legitimate concerns were difficult to respond to by intelligence agencies who could not, or did not want to, reveal information that was otherwise classified. This created conditions where public debate on intelligence agency practice was extraordinarily difficult. 20 One key lesson learned by many intelligence and security agencies in the wake of the Snowden revelations is the need to have an increased public-facing presence and better explain their work. For some intelligence agencies, upon reflection, not releasing more information earlier was a mistake and might have mitigated some of the furore aimed at the agencies in the wake of the Snowden revelations. Rick Ledgett, former Deputy Director at NSA has made that perspective clear that certain programs should have been disclosed earlier.27 21 While much of their work will necessarily be secret, unless there is public understanding of how and why agencies operate the way they do their actions will not carry public legitimacy. To that end a great number of efforts have been made to declassify previously secret aspects of many agencies’ work, and put more information into the public domain than ever before about the work undertaken in the public’s name. As many of the techniques employed by one intelligence agency will be functionally similar, if not identical, to those techniques exercised by other intelligence agencies, transpar19

suuden-suojaamiseen?_101_INSTANCE_jyFHKc3on2XC_languageId=en_US (last accessed 10 October 2017). 26 David Omand, A Reflection on the Investigatory Powers Bill, DEMOS, 24th March 2016, available at: https://quarterly.demos.co.uk/article/issue-8/david-omand/ (last accessed 10 October 2017). 27 Warren Strobel and John Walcott, Top NSA official says telephone surveillance should have been disclosed, Reuters, 21st March 2017, available at: http://www.reuters.com/article/us-usa-intelligence-nsaidUSKBN16T034 (last accessed 10 October 2017).

454

Nyst/King

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:30 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. Intelligence and Civil Society

ency by one agency sheds light on the practices of all agencies. Once the veil has been pierced in one country without any negative fallout it becomes very challenging for an agency in another country to continue to maintain ’neither confirm or deny’ positions, or claim that revealing information could damage national security in some way. The United States has taken significant steps towards improving the transparency of 22 its intelligence agencies in recent years. A Tumblr account, created by the US intelligence community, dubbed “IC on the record”28 contains an increasing number of declassified materials, some of which is released proactively, while other material comprises documents responding to Freedom of Information Act requests made by civil society groups such as the American Civil Liberties Union. Reports such as those commissioned by President Obama and authored by the National Academy of Sciences29 reveal more detailed technical information than has even been released before about how specific capabilities like bulk interception operate. In the UK, GCHQ created a Twitter account30 for the first time. Senior officials at 23 the UK intelligence agencies appear to have accepted that the “cold winds of transparency”31 have blown in and that they now operate in a different landscape. GCHQ also updated its website with features such as “How does an analyst catch a terrorist?”, amongst others attempting to set out what their officers do on a day to day basis. Alongside efforts to transform oversight institutions to regain public confidence in their ability to oversee the agencies work, the annual and thematic reports published by the Interception of Communications Commissioner’s Office, and to a lesser degree the Intelligence and Security Committee have placed significant quantities of material about the inner workings of the UK’s intelligence and security agencies into the public domain. Armed with this information, alongside other data sources such as leaked material, 24 civil society groups have been able to engage in more detailed policy debates than ever before, and direct their concerns more forcefully to the specific aspects of what was previously mostly secret. Previously polarised debate has become less ideologically driven from both sides, and more centered around facts and specific policy discussions. While there is a long way to go, this shift results in more robust discussion, and ultimately better policy-making.

III. Changing tradecraft Another significant shift which has permitted civil society to play a more active role 25 in the accountability of intelligence agency practice is the changing tradecraft used by the agencies. Where once agencies had capabilities thought of as “NOBUS” (meaning “nobody but us” could use them), the modern world has upset that balance with digital technologies levelling the playing field. While many techniques in the HUMINT world continue to be practised by agencies, 26 the use of digital techniques has transformed agencies’ working methods. Agencies like MI6, which has long practised the dark art of recruiting agents to spy, now have 28 Website of the Director of National Intelligence, available at: https://icontherecord.tumblr.com/ (last accessed 10 October 2017). 29 National Research Council, Bulk Collection of Signals Intelligence: Technical Options, 2015, The National Academies Press. https://doi.org/10.17226/19414 (last accessed 10 October 2017). 30 GCHQ twitter account available at: https://twitter.com/GCHQ. 31 Ryan Gallagher, Apple and Google just attended a secret spy summit in a remote english mansion, The Intercept, 22nd May 2015, available at: https://theintercept.com/2015/05/22/apple-google-spy-summitcia-gchq-ditchley-surveillance/ (last accessed 10 October 2017).

Nyst/King

455

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:31 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

27

28

29

30

technologists and data analysts brought into operational planning, on equal footing as the case officer which historically leads operations.32 For signals intelligence agencies the advent of the internet has led to fundamental changes, with the scale of material now accessed, acquired and processed in a single day dwarfing that which they would have collected in an entire year only a decade ago. The ability for such agencies to undertake computer network exploitation, that is, remotely hacking into digital devices, has given them access to devices and data historically far out of reach. While no corporate or non-state actor is capable of undertaking many of the activities that these signal intelligence agencies perform (not least because it would be unlawful for them to do so), similar types of activities are being undertaken in different contexts. A flourishing cyber security industry means that malware analysts and security researchers are using the same techniques and often the same tools as those with security clearances are using within intelligence agencies. No longer are the techniques used unique to intelligence agencies and essentially untraceable by all except opposing intelligence agencies. Indeed, today even the most secret of actions undertaken by intelligence agencies in the cyber domain can end up being discovered and reported on publicly by individuals in the private and civil society sectors. A clear example is State-deployed cyber attacks, the traces of which enable experts to conduct attribution. This was the case with the Stuxnet attack by NSA and Israeli 8020,33 and the GCHQ-led attack on Belgian telecoms company Belgacom.34 When such an attack is discovered, the tools and exploits used by the attacker can be identified, enabling other attackers to repurpose and redeploy them against whomever they wish. The cache of exploits held by intelligence agencies can be leaked or stolen. For example, the repurposing of exploits such as Eternalblue originally developed by signals intelligence agencies has swept the globe with the recent criminal WannaCry ransomware attacks, which have taken hospitals, law firms and thousands of other victims offline.35 While the capabilities that these agencies have to undertake such attacks are sophisticated (not least due to the extraordinary resources and funding available to them) they are not out of reach of both understanding and scrutiny of civil society actors with the assistance of the private sector. Indeed the use of these common techniques and tools means civil society groups have greater credibility than ever before to put forth their arguments and attempt to keep unlawful practice in check. Even complex bulk interception and data analysis systems that sift through emails, chats, images, online search activity, usernames and passwords, and other private information using data siphoned from undersea fiber optics cables around the world rely on technology and techniques that are easily recognisable and replicable by others. Papers have been written, for example, on how to build a bulk interception system in miniature, using commercially available hardware and open source software.36 32 Gordon Corera, The spies of tomorrow will need to love data, Wired, 7th April 2016, available at: http://www.wired.co.uk/article/spies-data-mi6-cia-gordon-corera (last accessed 10 October 2017). 33 Kim Zetter, An unprecedented look at Stuxnet, the world’s first digital weapon, Wired, 11th March 2014, available at: https://www.wired.com/2014/11/countdown-to-zero-day-stuxnet/ (last accessed 10 October 2017). 34 Ryan Gallagher, Operational Socialist, The Intercept, 13 h December 2014, available at: https:// theintercept.com/2014/12/13/belgacom-hack-gchq-inside-story/ (last accessed 10 October 2017). 35 Matt Burgess, Everything you need to know about EternalBlue – the NSA exploit linked to Petya, Wired, 29th June 2017, available at: http://www.wired.co.uk/article/what-is-eternal-blue-exploit-vulnerability-patch (last accessed 10 October 2017). 36 Nicholas Weaver, In Contempt of Bulk Surveillance: It’s Too Easy, Lawfare, 16th September 2016, available at: https://www.lawfareblog.com/contempt-bulk-surveillance-its-too-easy (last accessed 10 October 2017).

456

Nyst/King

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:31 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. Intelligence and Civil Society

Fundamentally, this means that the technical expertise behind many of the intelligence 31 agencies’ capabilities exists in equal numbers outside those agencies as it does inside. No longer do intelligence agencies have a monopoly on such expertise. Indeed, agencies are struggling to retain staff, with some agencies losing critical staff with high-end cyber skills at a rate three times higher than in the private sector.37 This is due to a number of reasons, including the low morale within agencies following recent bad press, as well as agencies being unable to match the salaries offered by technology companies.38 With access to expertise on issues that were previously the sole domain of intelligence 32 agencies, civil society groups have been able to command a more formidable opposition to the policies and practices they consider unlawful. It is unlikely this position will change in the near future, and as policy discussions about cyber-security becomes increasingly important, so too will civil society’s influence rise.

C. Assessing the influence of European civil society organisations Although the term “civil society” is often deployed broadly to describe the organisa- 33 tions, institutions and individuals which represent the interests of a country’s citizens, in this chapter we take a more circumscribed approach to the term, which we understand to refer to non-governmental organisations whose primary purpose is advocacy, research or campaigning on social issues. We adopt such a definition not to narrow our analysis, but to enable us to gain insight into and draw conclusions about the impact of formalised civil society organisations on intelligence practices, in contrast to the impact had by individuals, activists and the media. In this section, we address six European countries in turn. We ask which, if any, civil 34 society organisations are successfully influencing intelligence policy and practice, their means of exercising such influence, and their successes and failures.

I. United Kingdom British civil society represents one of the most organised and engaged civil society 35 communities in the European intelligence policy sphere. There are now at least four civil society organisations that dedicate a significant percentage of their programmatic work to intelligence policy issues,39 with another six participating in influencing activities.40 Many of these organisations coordinate their campaigning and influencing activities through the vehicle of the “Don’t Spy on Us” coalition, and have partnered together to institute public interest litigation challenging aspects of British intelligence law. However, British civil society engagement in intelligence policy has undergone a 36 remarkable evolution over the past two decades. There are two distinct periods in that 37 Anh Nguyen, GCHQ ‘3 times more likely’ to lose cyber security skills than private sector, Computer World UK, 17th July 2012, available at: http://www.computerworlduk.com/it-vendors/gchq-3-times-morelikely-lose-cyber-security-skills-than-private-sector-3370427/ (last accessed 10 October 2017). 38 Chris Bing, NSA’s best are ‘leaving in big numbers,’ insiders say, Cyberscoop, 6th December 2016, available at: https://www.cyberscoop.com/nsa-morale-down-keith-alexander-mike-rogers/ (last accessed 10 October 2017). 39 Liberty, Privacy International, the Open Rights Group, Big Brother Watch, the Foundation for Information Policy Research, and Rights Watch UK. 40 JUSTICE, English PEN, Amnesty International, ARTICLE 19, Index, and the National Union of Journalists.

Nyst/King

457

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:32 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

evolution: the period subsequent to the adoption of the Regulation of Investigatory Powers Act (“RIPA”) in 2000, and the period following publication of the Snowden documents in 2013.

1. The RIPA era: 2000 to 2012 Prior to the enactment of RIPA, the most prominent member of British civil society engaged in intelligence policy was the British Civil Liberties Association, known as Liberty. Together with British Irish Rights Watch (now Rights Watch UK) and the Irish Council for Civil Liberties, Liberty brought the first successful challenge to British intelligence law in the European Court of Human Rights. In Liberty v. United Kingdom,41 filed in 1999, the organisations challenged the bulk interception by Britain’s Ministry of Defence of communications transmitted between Britain and Ireland, as part of a scheme which operated between 1990 and 1997, purportedly under the authority of the Interception of Communications Act 1985. The Strasbourg Court found a violation of Article 8 of the European Convention on Human Rights (the right to privacy) because of the inadequacies of the relevant legal framework.42 Yet by the time the case was heard by the European Court, the Interception of Communications Act 1985 had already been replaced by the Regulation of Investigatory Powers Act 2000. 38 The adoption of RIPA saw a number of other recently-established civil society organisations, such as the Foundation for Information Policy Research (“FIPR”) and Privacy International, join the conversation on British intelligence law. Taking place against a broader debate around the regulation of cryptography (known as “the crypto wars”) and including, inter alia, controversial provisions concerning the disclosure of encryption keys, RIPA became a critical catalyst for more diverse engagement in intelligence legislative reform. In greater numbers than ever before, individuals with technical expertise and computer science backgrounds were participating in policy advocacy and public awareness-raising. FIPR, comprised of academics and experts from across both the legal and technical communities, operated a “Regulation of Investigatory Powers Act Information Centre” where it compiled the many op-eds, letters to the editors, articles and other public materials its members published. At the same time, organisations like Liberty and the British chapter of the International Commission of Jurists, JUSTICE, were key in levying the legal and human rights-based arguments before parliament and the public. 39 The occurrence, only months after RIPA was adopted, of the September 11 attacks in United States both marked a new era of security and intelligence policy, and cemented the involvement of British civil society organisations in the intelligence policy debate. Over the following decade, the UK Government repeatedly extended intelligence and policing powers, including via the Anti-Terrorism, Crime and Security Act in 2001, and the EU 2006 Data Retention Directive, ensuring civil society were permanently engaged in intelligence policy debates. Over time, the more legalistic strategies of organisations like Liberty and JUSTICE, and the technical focus of FIPR and Privacy International, were complemented by the emergence of public-facing campaign organisations, such as NO2ID, established in 2004 to campaign against the introduction of compulsory ID cards; grassroots digital rights organisation the Open Rights Group, founded in 2005 and now boasting more than 3,000 active members; and, in 2009, campaign group Big Brother Watch. Civil society won an important public and political victory during 2012 and 2013, when it promoted the widespread adoption of the term “Snoopers’ Charter” 37

41

Application no. 58243/00, Judgement of 1 July 2008. Liberty v. UK, at [69]. For a detailled overview of UK intelligence law, see Leigh, Intelligence Law and Oversight in the UK, Part 5 Chapter 3 in this volume. 42

458

Nyst/King

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:33 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. Intelligence and Civil Society

to describe the Draft Communications Data Bill, providing public cover for the Deputy Prime Minister Nick Clegg to block the Bill’s adoption in April 2013.

2. The post-Snowden era: 2013 to 2016 The experience of the period from 2000 to 2012 saw critical foundations laid in the civil society landscape; a range of civil society organisations had emerged which, taken together, boasted legal, political and technical expertise and experience. Without these foundations – as can be seen through a comparative analysis with other European countries – British civil society would not have been in a position to respond as effectively to the publication of the Snowden documents, which began in June 2013. As it was, NGOs moved quickly to establish a collaborative campaigning platform, the ’Don’t Spy on us’ Coalition, which immediately reissued a demand that civil society had been voicing without effect since the adoption of RIPA – that for the elaboration of a new intelligence law “for the digital age”. This campaign was complemented by a range of public interest litigation, instituted by a number of different civil society organisations, which deployed the Snowden documents as factual evidence to underpin legal arguments. The litigation sought to highlight the overreach of intelligence agencies, and used the allegations contained in the Snowden documents to establish that intelligence practices had extended beyond what was authorised by RIPA and other legal authorities. The central piece of litigation, and the one afforded the most attention by media, was the case instituted by Liberty and Privacy International, and supported by a range of international organisations affiliated with both. In Liberty & Ors v. GCHQ,43 civil society contended that the UK Government and security services conducted mass surveillance of digital communications through its Tempora programme, and further that the UK received intelligence acquired through the NSA’s bulk collection system, Prism. The case yielded civil society both a victory and a loss. On the one hand, the proceedings of the case, which stretched over more than a year, acted as a vehicle for sustained campaigning by the claimant organisations and their coalition partners in Don’t Spy On Us. The litigation acted as a lever that NGOs used to increase public and political pressure on the UK Government to consider legislative reform. That pressure resulted in, inter alia, the Parliamentary Intelligence and Security Committee agreeing to undertake an investigation into the allegations raised in the Snowden documents.44 In addition, in a concession to civil society during the adoption of data retention legislation in July 2014, the government agreed to appoint the Independent Reviewer of Terrorism, David Anderson, to undertake an independent review of intelligence law and policy.45 These two reports, along with a third published by the Royal United Services Institute (“RUSI”),46 laid the foundations for the legislative reform that would ultimately occur in 2016, and result in the Investigatory Powers Act 2016. Seen through this lens, the cumulative influence of NGO litigation and campaigning on intelligence law reform is clear. Yet a narrower construction of the litigation’s impact 43 [2014] UKIPTrib 13_77-H (5 December 2014), http://www.ipt-uk.com/docs/IPT_13_168-173_H.pdf; [2015] UKIPTrib 13_77-H (26 February 2015)l; http://www.ipt-uk.com/docs/Liberty_Ors_Judgment_6Feb15.pdf; [2015] UKIPTrib 13_77-H 2 (22 June 2015)[3] http://www.ipt-uk.com/docs/Final%20_Liberty_Ors_Open_Determination.pdf. 44 ISC, Privacy and Security: A modern and transparent legal framework, 12 March 2015. 45 David Anderson, A Question of Trust: Report of the Investigatory Powers Review, June 2015. 46 Royal United Services Institute, A Democractic Licence to Operate: Report of the Independent Surveillance Review, 13 July 2015, available at https://rusi.org/publication/whitehall-reports/democraticlicence-operate-report-independent-surveillance-review (last accessed 10 October 2017).

Nyst/King

459

40

41

42

43

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:33 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

reveals its mixed results. In the Liberty and Privacy International case, the Investigatory Powers Tribunal concluded that the mass surveillance alleged by the claimants47 was in fact authorised by British intelligence law. With respect to intelligence sharing, the Tribunal found that, whereas the extent of intelligence sharing alleged had not been authorised by British law prior to the case being heard, the very act of litigating the matter had led to disclosures by the intelligence agencies which had rendered the intelligence sharing arrangements lawful. The Tribunal did make a factual finding that two of the ten claimants, Amnesty International and the South African Legal Resources Centre, had been subjected to unlawful interception, but when an error on the part of the Tribunal led to Amnesty International being omitted from the initial judgement, the public impact of this finding was reduced.48 44 Nevertheless, civil society found the experience of litigating issues of intelligence policy a fruitful means for influencing the public and political debate. The failure to achieve legal victories aside, litigation enabled NGOs to get access to materials, internal policies, and concessions that had previously been obscured from the public. Through successive cases brought by Privacy International against the intelligence services – including challenges to the deployment of computer network exploitation,49 the acquisition of bulk datasets,50 and the use of freedom of information exemptions51 – NGOs were able to establish greater expertise and legitimacy on intelligence policy issues, placing them on more equal footing with intelligence experts and policy-makers during concurrent legislative processes. Litigation also served as a critical catalyst and funnel for public support. Big Brother Watch and the Open Rights Group raised £20,000 in less than 48 hours when they instituted a crowd-funding initiative to support a challenge before the European Court of Human Rights, while Privacy International’s “Did GCHQ Spy on You” campaign successfully encouraged more than 25,000 individuals to file complaints with the Investigatory Powers Tribunal. 45 The “post-Snowden” era of civil society influencing culminated in the legislative process, from November 2015 to December 2016, that saw the UK Government supplanting much of RIPA with a new piece of legislation, the Investigatory Powers Act 2016. Civil society invested extensively in the legislative process, lobbying individual members of parliament, making submissions to the various committees tasked with scrutinising the Act in its draft form, publishing materials explaining the importance of the Act to the public, hosting events (including the screening of the Snowden documentary, CITIZEN FOUR), and commissioning a provocative print and billboard campaign which figured photographs of Vladimir Putin and Robert Mugabe attesting to their approval of the legislation. The impact of civil society advocacy was evident in the inclusion of the legislation of numerous additional safeguards, although none of the intelligence powers contested by civil society was removed or significantly changed. 47 It must be noted that, with the respondents maintaining a “neither confirm nor deny” stance with respect to the claims, the matter proceeded on assumed and agreed hypothetical facts to allow for the legal issues to be determined in open hearings, which hypothetical facts agreed by the parties closely followed the factual allegations contained in the Snowden documents and alleged by the claimants. As such, the Tribunal made no finding as to whether the intelligence services had in fact, as alleged by the claimants, been conducting mass surveillance. 48 Owen Bowcott, GCHQ spied on Amnesty International, tribunal tells group in email, The Guardian, 2 July 2015, available at https://www.theguardian.com/uk-news/2015/jul/01/gchq-spied-amnesty-international-tribunal-email (last accessed 10 October 2017). For a detailled overview of German Intelligence law see: Dietrich, Intelligence Law in Germany, Part 5 Chapter 1 in this volume. 49 Privacy International and Greennet and Ors v Secretary of State and GCHQ IPT 14/85/CH 14/120126/CH. 50 Privacy International v. Secretary of State and Ors [2016] HRLR 21. 51 Privacy International v. United Kingdom, Application no 60646/14, communicated 3 January 2017.

460

Nyst/King

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:33 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. Intelligence and Civil Society

3. The Investigatory Powers Act era: 2016 to ? The period following the adoption of the Investigatory Powers Act has been 46 characterised by a number of significant challenges to British policy-making, chief among them are three significant terrorist attacks in the UK, the impending impact of Brexit, and a general election. Civil society campaigning on intelligence policy has necessarily subsided. Organisations await both the outcome of cases pending before the European Court of Human Rights52 and the Court of Justice of the European Union,53 as well as those before the Court of Appeal54 and the Investigatory Powers Tribunal. The establishment, in Investigatory Powers Act, of a new intelligence oversight body, the office of the Investigatory Powers Commissioner, offers one possibility for the interests of civil society to be factored into intelligence policy-making going forward. But without continuing intelligence disclosures or a legislative process to respond to, and with the future of Britain’s intelligence relationships uncertain in the face of Brexit, British civil society are left to await their next opportunity for engagement.

II. Germany The environment for civil society engagement in intelligence policy-making in 47 Germany is uniquely characterised by a very technical discourse, a comparatively high level of transparency, and the expenditure of considerable political capital on intelligence issues. These realities correspond to at least three historical and legal realities in Germany. 48 For obvious reasons, overreach by the intelligence agencies is a concern which attracts both political and public attention in Germany, a country with a correspondingly strong legal tradition of strong privacy protections. The German State of Hessen adopted the world’s first law on data protection, which came into force on 7 October 1970; Germany adopted a federal law which came into force on 1 January 1978; and a 1983 German Constitutional Court decision on the collection of census data cemented strong restrictions on the State collection of personal information in German law, and the right to informational self-determination.55 Since 1981, Germany has played host to the Chaos Computer Club, the largest 49 hacker association in Europe. The presence of the CCC in Berlin, and its broad German membership and focus, can be correlated to its influence over German public and political discourse. The CCC ensures that technical arguments and issues are often heard in German media, and its investigations into the technical capabilities of German police and intelligence agencies have been influential.56 In a similar vein, the grassroots organisation Digitalcourage was established in 1987 in Berlin, with a focus 52 Big Brother Watch and Others v. The United Kingdom, Applications nos. 58170/13, 62322/14, and 24960/15, Judgement of 13 September 2018 (subject to appeal to the Grand Chamber). 53 Alan Travis, Tribunal says EU judges should rule on legality of UK surveillance powers, The Guardian, 8 September 2017, available at https://www.theguardian.com/world/2017/sep/08/snooperscharter-tribunal-eu-judges-mass-data-surveillance (last accessed 10 October 2017). 54 Owen Boycott, Court to hear challenge to GCHQ hacking of phones and computers, The Guardian, 5 October 2017, available at https://www.theguardian.com/uk-news/2017/oct/05/court-to-hear-challengeto-gchq-bulk-hacking-of-phones-and-computers (last accessed 10 October 2017). 55 BVerfGE 65, 1. The text is available at http://www.datenschutz-berlin.de/gesetze/sonstige/volksz.htm (last accessed 10 October 2017). 56 See, for example, the CCC’s research on the Staatstrojaner from 2011: http://ccc.de/en/updates/2011/ staatstrojaner (last accessed 10 October 2017).

Nyst/King

461

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:34 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

50

51

52

53

on technology and politics. Berlin today plays host to a range of technology-oriented groups, including the Tactical Technology Collective. The consequence of these two features is a third: the German Courts and Parliament have been active in scrutinising intelligence and law enforcement agencies. For example, when it was revealed that the constitution protection office of the North RhineWestphalia state of Germany were unlawfully using malware, the German Federal Constitutional Court declared that the use of hacking tools such as trojans threatens a basic right for a citizen using a computer with an Internet connection to “a guarantee of confidentiality and integrity in information-technology systems.”57 Although this decision did not result in the forfeit of malware as a tool for law enforcement intelligence gathering, it represented the beginning of a public discussion about the use of hacking tools. In 2011, after the CCC published an investigation into the use of trojans by German police, officials at the state and federal levels confirmed that agencies were using trojans. On 20 April 2016, the Federal Constitutional Court found that elements of the law under which remote searches were taking place, Section 20 of the Federal Criminal Police Office Act (BKAG), were unconstitutional to the extent that they provided inadequate protections in the core area of private life.58 Meanwhile, the German Parliament has repeatedly instituted inquiries designed to scrutinise the activities of the German foreign intelligence service, the Bundesnachrichtendienst (“the BND”). In 1995 the parliament led an inquiry into the BND concerning the arrest of a Colombian plutonium dealer at Munich airport; in 2006 the BND was subject into an inquiry into its actions during the Iraq War.59 Most recently, the German Parliament spent three years scrutinising the German foreign intelligence service, as well as its foreign counterparts in the US and elsewhere, in the aftermath of the Snowden revelations. Interestingly, and in contrast to the UK experience, it was not civil society organisations which exerted the pressure or influence that led to the post-Snowden BND inquiry. That role can said to have been played in large part by German political parties, including the Social Democrats and the Greens, which called for a Special Commission of the Federal Criminal Police Office to look into the issue,60 and technical organisations the CCC and Digitalcourage, which filed a complaint with the federal prosecutor that called for a criminal investigation.61 German media has also played a critical part in challenging German intelligence practices: newspapers Der Spiegel and Süddeutschezeitung both published exclusives based on documents leaked by Edward Snowden, and the activist website Netzpolitik has devoted extensive coverage to the German Parliament’s BND inquiry since 2014, including by taking and publishing transcripts of the proceedings. The fact that technical, political and journalistic entities supplanted the role of civil society in publicly engaging intelligence policy in the aftermath of the Snowden 57

Federal Constitutional Court, Judgement of 27 February 2008, 1 BvR 370/07, 1 BvR 597/07. Federal Constitutional Court, Judgement of the First Senate of 20 April 2016, 1BvR 966/09-1BvR 1140/09, at 208. 59 “German Politicians to Face Grilling as BND Inquiry Begins,” Deutsche Welle, 7 April 2006, available at http://www.dw.com/en/german-politicians-to-face-grilling-as-bnd-inquiry-begins/a-1962940 (last accessed 10 October 2017). 60 Christoph Drier, “German SPD and Greens defend mass surveillance,” World Socialist Website, 16 July 2013, available at https://www.wsws.org/en/articles/2013/07/16/spdg-j16.html (last accessed 10 October 2017). 61 Loerk Essers, “German federal prosecutor considers formal NSA investigation,” PC World, 13 February 2014, available at http://www.pcworld.com/article/2093720/german-federal-prosecutor-considers-formal-nsa-investigation.html (last accessed 10 October 2017). 58

462

Nyst/King

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:34 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. Intelligence and Civil Society

revelations speaks to the lack of civil society organisations with a specific remit to engage in intelligence policy in Germany. Indeed, only one domestic advocacy or campaigning organisation has such a focus: Digitale Gesellschaft, established in 2010. In the place of domestic campaigning organisations, a number of international organisations, some with a physical presence in Germany, have recently sought to engage publicly in intelligence policy debates. For example, the reform of the BND law, which was adopted in October 2016, was met with harsh criticism62 by an alliance of international NGOs which included Amnesty International, the European Federation of Journalists, the Courage Foundation, and the European Centre for Press and Media Freedom, alongside the German Federation of Journalists, and the German Union of Journalists. Three UN Special Rapporteurs – for freedom of expression, the situation of human rights defenders, and the independence of judges and lawyers – also expressed criticism of the law,63 as did the OSCE Representative for freedom of the media, Dunja Mijatović.64 The absence of German civil society organisations from the public debate is not 54 necessarily an indication of their lack of influence over intelligence policy, however. Rather, think tanks such as Stiftung Neue Verantwortung (“SNV”), which was established in 2008, and the Centre for Internet and Human Rights (“CIHR”), established in 2014, have a credible and influential voice in intelligence policy-making in Germany. That civil society prefers research-based consultative methods of influencing over public campaigning and litigation techniques may reflect the more consultative stance of the German Government on issues of intelligence policy. However the recent creation of Gesellschaft für Freiheitsrechte65 as a legal action 55 charity may see strategic litigation increasingly being deployed as a tool in the German context. Alongside Amnesty International, the organisation has brought a case challenging the extraterritorial reach of the German intelligence law, and has further planned litigation.66

III. France The situation in France sits in marked contrast to that in Germany and the United 56 Kingdom, with the opportunities for engagement in intelligence policy being limited by the lack of a cohesive intelligence community in France,67 historically opaque laws and policies governing French intelligence agencies, the absence of any parliamentary oversight mechanism explicitly dedicated to scrutinising the intelligence services until 62 Reporters without Borders, “BND law: German Bundestag ignores criticism of civil society and breaches constitution”, 21 October 2016, available at https://rsf.org/en/news/bnd-law-german-bundestagignores-criticism-civil-society-and-breaches-constitution (last accessed 10 October 2017). 63 Reporters without Borders, “Three UN Special Rapporteurs criticize German foreign intelligence reform bill”, 8 September 2016, available at https://rsf.org/en/news/three-un-special-rapporteurs-criticizegerman-foreign-intelligence-reform-bill (last accessed 10 October 2016). 64 OSCE, “Surveillance amendments in new law in Germany pose a threat to media freedom, OSCE Representative says, asks Bundestag to reconsider bill”, 8 July 2016, available at http://www.osce.org/fom/ 252076 (last accessed 10 October 2017). 65 Ulf Buermeyer, “GFF and Amnesty complain about the “G10”, Gesellschaft für Freiheitsrechte, 23 October 2016, available at: https://freiheitsrechte.org/de-g10/ (last accessed 10 October 2017). 66 Freiheitsrechte, “Stop boundless surveillance: Let’s complain against the BND law”, available at https://freiheitsrechte.org/bnd-gesetz-stoppen/ (last accessed 10 October 2017). 67 The first appearance of the French intelligence community in an official text was not until 2008. Olivier Chopin, “Intelligence reform and the transformation of the state: the end of a French exception” 40 Journal of Strategic Studies 4 (2017) 536.

Nyst/King

463

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:35 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

2008,68 and the ad hoc nature of intelligence investigations under the French system (which, for example, prevents the interrogation of intelligence sources or methods by the judges authorising investigations and prosecutions).69 This statement by counterterrorism prosecutor Philippe Maitre illustrates the historical absence of transparency around intelligence practices under the French system: “There is no judicial control over the intelligence services. It’s the judicial procedure that verifies the information that begins as intelligence… The origin of the intelligence is not important, and we don’t always know it.”70 In a 2008 interview with Human Rights Watch, former counterterrorism Judge Jean-Louis Brugière emphasised the point: “We don’t know whether the methods used were human or technical, or [even whether] the information comes from a third country….”71 57 In the face of such a closed system, international civil society organisations such as the International Federation for Human Rights (“FIDH”) and Human Rights Watch have sought admirably to highlight and critique French intelligence practices, but were clearly at a disadvantage without access to public policy with which to engage. FIDH, in collaboration with the Ligue des droits de l’Homme (“LDH”), also lodged a complaint against the NSA surveillance in the aftermath of the Snowden revelations, with the intention of prompting a judicial investigation into the alleged role of tech companies including Facebook, Apple, Google, Yahoo, Microsoft and Skype in data gathering by the NSA.72 But a community of domestic NGOs with an intelligence policy remit did not emerge in France, as it did in other European countries, until comparatively recently. 58 Interestingly, when such a community did emerge in August 2013, it was not a response to the Snowden revelations but to a domestic legislative attempt to authorise intelligence access to communications metadata. Although civil society organisations were slow to respond to the Military Planning Bill (Loi de Programmation Militaire), and were ineffective in their ultimate campaigning attempts, the experience motivated civil society to broker a new coalition to share expertise on digital rights and internet issues. In 2014, the Observatoire des Libertes et du Numerique (“OLN”) was born, comprised of LDH, digital rights organisation La Quadrature du Net (“LQDN”), a lawyers’ union (Syndicat des Avocats de France) a judges’ union (Syndicat de la Magistrature) and two smaller research organisations (CECIL and CREIS-Terminal). 59 This coalition was the primary vehicle for civil society campaigning when, less than a year later, the government sought to transpose the intelligence code into law (Loi de Renseignement). During the legislative process for the enactment of the intelligence law, the OLN coalition led advocacy with the assistance of international organisations as well as partners in the hacker and scientific communities. Among other tactics, they engaged 68 Felix Tregeur, “From Deep State Illegality to Law of the Land: The Case of Internet Surveillance in France,” 7th Biennial Surveillance and Society Conference (SSN 2016) “Power, performance and trust”, Apr 2016, Barcelone, Spain, 2016, . , 12. For a detailled overview over French Intelligence Law see: Le Divelec, Intelligence Law in France, Part 5 Chapter 2 in this volume. 69 Human Rights Watch, Preempting Justice: Counterterrorism Laws and Procedures in France, 1 July 2008, available at https://www.hrw.org/report/2008/07/01/preempting-justice/counterterrorism-laws-andprocedures-france (last accessed 10 October 2017). 70 Human Rights Watch, Preempting Justice: Counterterrorism Laws and Procedures in France, 1 July 2008, available at https://www.hrw.org/report/2008/07/01/preempting-justice/counterterrorism-laws-andprocedures-france (last accessed 10 October 2017). 71 Human Rights Watch, Preempting Justice: Counterterrorism Laws and Procedures in France, 1 July 2008, available at https://www.hrw.org/report/2008/07/01/preempting-justice/counterterrorism-laws-andprocedures-france (last accessed 10 October 2017). 72 Angelique Chrisafis, “NSA surveillance: French human rights groups seek judicial investigation”, The Guardian, 11 July 2013, available at https://www.theguardian.com/world/2013/jul/11/nsa-surveillancefrench-investigation (last accessed 10 October 2017).

464

Nyst/King

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:35 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. Intelligence and Civil Society

the public through campaigning under the ambit of the website sous-surveillance.fr, and submitted a joint brief to the Constitutional Council which subsequently invalidated some of the provisions of one part of the intelligence law.73 Among other techniques, through sous-surveillance.fr OLN crowd-sourced research on the political positions of members of parliament with respect to the law. Unlike in the United Kingdom, to date public interest litigation has not been a 60 preferred means of influencing exercised by civil society organisations in France. Treguer (2017) attributes this feature of the French landscape to two factors: the absence of opportunities for litigation under the French civil law system, particularly in a field such as intelligence which is covered by exemptions for state secrets; and the structural weaknesses of the French privacy advocacy community.74 In this regard, Treguer notes that until recently French NGOs have remained outside transnational networks focusing on State surveillance, and that this too has impeded the effectiveness of their interventions, and deprived them of best practice models from other jurisdictions.

IV. Netherlands In the Netherlands, the well-informed and effective civil society interventions in 61 intelligence policy and legal reform reflect the open and consultative approach of the government to intelligence policy-making. In this regard, analysis of the civil society landscape in the Netherlands leads to conclusions which are consistent with those developed above: the breadth and depth of civil society engagement in intelligence policy corresponds directly to the extent of transparency and accountability which surrounds the intelligence agency in any particular country. In the case of the Netherlands, as in some other countries, it should also be noted that the domestic legal framework entitles an individual to be notified after having been subject to intelligence measures, albeit after a certain period of time and subject to exceptions. The existence of such a requirement arguably increases the accountability of intelligence practices and policies.75 However, the current level of NGO engagement in intelligence policy in the 62 Netherlands is a comparatively new development. Observing the period from 2009 to 2011, Eijkman (2012) notes that Dutch civil society had only recently begun to express concerns about digital surveillance issues, and called the mobilisation of Dutch NGOs on privacy issues before the UN Human Rights Committee and the European Court of Human Rights “remarkable”.76 At that time, two NGOs played a key role: the Dutch section of the International Commission of Jurists, and the privacy NGO Vrijbit. In subsequent years, a number of other NGOs have emerged. Two in particular have 63 played a prominent role in the intelligence policy sphere: Bits of Freedom (“BoF”), and Privacy First. BoF, a digital rights organisation with a focus on campaigning and research, led engagement with the legislative process surrounding the adoption of the 73 Reuters, “French constitutional council approves eavesdropping law”, 24 July 2015, available at http://www.reuters.com/article/us-france-surveillance/french-constitutional-body-approves-eavesdroppinglaw-idUSKCN0PX2QF20150723 (last accessed 10 October 2017). 74 Félix Tréguer, “Intelligence reform and the Snowden Paradox: The Case of France,” 5 Media and Communication 1 (2017), 21. 75 European Union Agency for Fundamental Rights, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU, 62. 76 Quirine Eijkman, “Mobilizing for Privacy: Civil Society Advocacy against Surveillance in the Netherlands”, 5 Journal of Politics and Law 4 (2012), 42.

Nyst/King

465

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:36 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

Draft Law on Intelligence and Security Services throughout 2015 and 2016. BoF set up a website designed to enable members of the public to easily respond to the government’s consultation on the Draft Law; a record 557 comments were published, and more than 500 further unpublished comments were received. 64 Privacy First has been more inclined to use litigation as its primary means of influencing. In addition to challenges to the Dutch Passport Act, the Data Retention Act, and the use of automatic numberplate recognition technology, in 2013 it filed a case contesting the receipt of foreign intelligence by the Dutch intelligence agencies. Citizens v. Plasterk,77 which Privacy First filed along with 19 co-complainants, was ultimately rejected by the domestic courts, but the arguments levied therein were resubmitted as an amicus brief in a Strasbourg case brought by British NGOs Big Brother Watch and Open Rights Group.78

V. Denmark A 200-member volunteer group, funded solely by membership contributions used to finance web servers and meetings, has played an outsized role in Danish policymaking in the intelligence sphere over the past five years. The members’ ability to engage with highly technical issues has seen the IT-Political Association of Denmark (“IT-Pol”) become a go-to source of information for the Danish media on digital rights issues. 66 Unique amongst the organisations studied in this chapter, except for the CCC, IT-Pol also facilitates the use of encryption and anonymisation techniques as a form of citizen activism. When data retention was introduced in Denmark in September 2007, IT-Pol created and distributed the Polippix privacy CD, a bootable Linux live CD with software for secure and encrypted web browsing and communication, where all internet access was through the Tor onion routing network. 67 In an interesting example of cross-jurisdictional civil society influencing, a representative of IT-Pol was invited to give evidence in British Parliament during the parliamentary hearings concerning the Investigatory Powers Act. 65

VI. Poland The Polish civil society contingent engaged in intelligence policy issues has only one prominent member, Panoptykon Foundation. Panoptykon’s sole objective is to promote and protect human rights in a surveillance society.79 The organisation’s seven staff work to monitor and research Polish surveillance techniques and practices, to educate the public about them and to campaign for human rights compliant intelligence and surveillance policy. 69 Civil society faces very real challenges in current day Poland, where the government’s attacks on freedom of the media80 and gender rights81 have raised concerns that rule of 68

77

Rechtbank Den Haag, C/09/455237/HA ZA 13-1325, 23 July 2014. Available at https://www.privacyfirst.nl/images/stories/PDFs/20160209_Intervention_BtP.pdf (last accessed 10 October 2017). 79 https://en.panoptykon.org/idea (last accessed 10 October 2017). 80 Freedom House, Freedom of the Press 2017, available at https://freedomhouse.org/report/freedompress/2017/poland (last accessed 10 October 2017). 81 Harriet Agerholm, “Poland abortion strike: thousands of women in over 60 cities refuse to work in protest over restrictive laws”, The Independent, 3 October 2016, available at http://www.independent.co. 78

466

Nyst/King

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:36 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. Intelligence and Civil Society

law in the country is under threat.82 In the context of advocacy around surveillance law, civil society is additionally hampered by a legal framework that impedes facial legal challenges to intelligence laws, Panoptykon has demonstrated impressive impact in the field of surveillance law and policy. In 2012, the group was invited to join an expert group on internet regulation, managed by the Minister Chief of Prime Minister’s Advisers, and was able to successfully influence policy debates on, inter alia, data retention, content liability and the role of internet intermediaries. The prior year it had been part of a successful effort to contest the establishment of a list of prohibited websites.83

VII. Hungary One of the most effective society initiatives to influence intelligence policy has been undertaken by the Hungarian Civil Liberties Union (“HCLU”), a civil liberties organisation modeled on the American Civil Liberties Union and similarly embracing litigation as a vehicle for policy change. The HCLU successfully contested the Hungarian intelligence law before the European Court of Human Rights in the case of Szabo and Vissy v. Hungary.84 In Szabo, the HCLU contested the powers of the Hungarian intelligence agency, the Anti-Terrorism Task Force (“TEK”) under the Police Act 1994. The Act provided one set of surveillance powers exercisable in the context of criminal investigations (which subjected surveillance to judicial authorization), and another set of powers [in section 7/ E(3)] applicable to intelligence gathering in the context of national security. The national security surveillance powers were subject to ministerial, rather than judicial, authorization; were not linked to a particular crime; and required a warrant to relate only to a premises, persons concerned, or “a range of persons,” and was thus potentially executable against any person. In this regard, the Court held that such powers might “be interpreted as paving the way for the unlimited surveillance of a large number of citizens”85. In finding the Hungarian legal framework inadequate, the court remarked on the absence of any legal safeguards requiring TEK to establish “a sufficient factual basis for the application of secret intelligence gathering measures which would enable the evaluation of necessity of the proposed measures – and this on the basis of an individual suspicion regarding the target person”. Only demonstrable existence of a reasonable suspicion, the court emphasized, “would allow the authorising authority to perform an appropriate proportionality test”.86 In this context, the case of Szabo represented a critical development of European jurisprudence on intelligence law, and the case was repeatedly referenced in, for example, the legislative reform debate in the UK surrounding the adoption of the Investigatory Powers Act. As such, the HCLU’s influencing efforts continue to have an impact on intelligence policy outside the country’s borders. uk/news/world/europe/poland-women-abortion-strike-protests-black-monday-polish-protestors-industrial-action-a7343136.html (last accessed 17 October 2017). 82 European Commission, “European Commission acts to preserve the rule of law in Poland”, 26 July 2017, available at http://europa.eu/rapid/press-release_IP-17-2161_en.htm (last accessed 10 October 2017). 83 EDRi, “Polish civil society group stirs up debate on internet freedom”, 23 February 2011, available at https://edri.org/edrigramnumber9-4polish-debate-internet-blocking/ (last accessed 10 October 2017). 84 Êuropean Court of Human Rights, Application No. 37138/14, judgement of 12 January 2016. 85 Szabo, at [67]. 86 Szabo, at [67].

Nyst/King

467

70

71

72

73

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:37 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

VIII. Europe In addition to domestic campaigns and initiatives, in recent years we have also seen the emergence of pan-European civil society organisations and movements with a remit that includes intelligence policy.87 The most successful of these has involved litigation before the Court of Justice of the European Union (“CJEU”) which, applying the European Charter of Fundamental Rights, has adopted an expansive interpretation of privacy and data protection rights in the face of intelligence and law enforcement practices. 75 Two cases have been particularly impactful. The case of Digital Rights Ireland v. Minister for Communications, Ireland,88 brought by the Irish NGO Digital Rights Ireland and others, successfully challenged the EU Data Retention Directive (Directive 2006/24/ EC), which permitted EU Member States to mandate the compulsory retention of communications data by telecommunications providers for the purposes of national security and crime prevention. In response to the case brought by Digital Rights Ireland, the CJEU invalidated the Directive, a decision with tangible implications for intelligence policy across the EU. In response, a number of European countries elaborated new legislative grounds for mandatory data retention. The UK’s attempt to do so, the Data Retention and Investigatory Powers Act 2014, was subsequently also ruled unlawful by the CJEU, upon a legal challenge by civil society organisation Liberty and British politicians David Davis and Tom Watson, and supported by intervenors such as the Open Rights Group and Privacy International.89 This series of cases represents a fascinating example of how civil society organisations build upon each other’s work at a regional level. 76 The case of Schrems v. Data Protection Commissioner, Ireland,90 was also decided by the CJEU, but its origins and impacts could not have been more starkly different to Digital Rights Ireland. Whereas the latter saw a formalised NGO institute a facial challenge to European legislation, Schrems began with a grassroots campaign by an Austrian law student, Max Schrems, who, in the immediate aftermath of the Snowden revelations, wrote to the Irish Data Protection Commissioner requesting them to prohibit Facebook, operating out of Ireland, from transferring his personal data to servers in the United States. Mr Schrems argued that the law and practice in the US – as evidenced by the Snowden documents – did not provide an adequate level of data protection as that enjoyed by Mr Schrems under European law. What began as a simple complaint by a single man resulted in the invalidation of the Safe Harbour regime, a legal arrangement established pursuant to the EU Data Protection Directive to permit entities transferring European personal data to more than 4,000 companies in the United States.91 77 Which is not to say that the impact of Schrems occurred independently of civil society. On the contrary, Mr Schrems enjoyed the support of NGOs throughout the case, and Digital Rights Ireland joined the CJEU matter as a complainant. The European Digital Rights Initiative, a Brussels-based organisation and network, also 74

87 Carly Nyst and Tomaso Falchetta, “Right to Privacy in the Digital Age”, 9 Journal of Human Rights Practice 1 (2017). 88 Joined Cases C‐293/12 and C‐594/12, judgement of 8 April 2014. See also Schmahl, Intelligence and Human Rights, Part 4 Chapter 1 in this volume. 89 Tele2 Sverige AB v. Post-och telestyrelsen and Secretary of State for the Home Department v. Tom Watson and Others, Joined Cases C203-15 and C-698/15, judgementå of 21 December 2016. 90 Case C‐362/14, Judgement of 6 October 2015. 91 Cara McGoogan, “Safe Harbour deal ruled invalid by top European court”, Wired, 6 October 2015, available at http://www.wired.co.uk/article/safe-harbour-invalid-european-court-justice (last accessed 10 October 2017).

468

Nyst/King

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:38 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 5. Intelligence and Civil Society

played a key role in supporting Mr Schrems and in taking the legal success and translating it into policy change at the European level. In that context, a number of American digital rights organisations which maintain a presence in Brussels, chief among them Access Now and the Center for Democracy and Technology, also exerted pressure on European lawmakers and assisted in transposing the effects of the CJEU’s judgement into American public and political discourse.

D. Conclusion Broadly speaking, the capacity of European civil society organisations to influence intelligence law and policy-making has increased significantly over the past few years. Against a backdrop of progressively greater transparency, both of intelligence laws and of the practices of intelligence agencies, civil society has organised, formed coalitions, developed technical expertise and instituted public interest litigation designed to promote human rights-compliant intelligence policy. Legislative processes, in particular, acted as an important trigger for greater civil society engagement in Germany, France, the Netherlands and the UK. Will the trend towards greater influence of civil society over the intelligence community continue? As we argued in part B above, oversight agencies are increasingly willing to open up a dialogue with civil society organisations, as intelligence bodies awaken to the value in improving public relations and building public trust and legitimacy. As knowledge about signals intelligence becomes democratised and intelligence laws face the rigorous scrutiny of European Courts, the discourse continues to move towards greater transparency, in turn creating space for civil society to exert pressure and influence with greater effectiveness. Yet a number of developments threaten to undermine these advancements. Europe is not exempted from the worldwide trend towards shrinking space for civil society, effectuated through onerous registration requirements, restrictions on receipt of foreign funding and the exertion of political pressure on NGOs. In Hungary, for example, the government has waged a sustained attack on civil society organisations, particularly those in receipt of funding from George Soros’s Open Society Foundations. NGOs have been forced to declare leaders’ personal assets and, under the 2017 Law on the Transparency of Organisations Receiving Support from Abroad, to report donor’s personal details and register as an “organisation receiving support from abroad” when in receipt for more than EUR 23,000 per annum from overseas sources.92 In 2016, in a move which angered civil society, Poland announced plans to establish a National Centre for Civil Society to “bring order to the whole sphere of NGOs.”93 A further area of concern for civil society is the continued vilification by intelligence agencies of whistleblowers, as evidenced by the UK Law Commission’s proposal to overhaul Britain’s Official Secrets Acts by including new provisions which criminalise public interest whistleblowing and related journalistic reporting.94 France recently 92 Access Now, “Silencing civil society in Hungary: How to fight back?”, 28 April 2017, available at https://www.accessnow.org/silencing-civil-society-hungary-fight-back/ (last accessed 10 October 2017). 93 Tamsin Rutter, “NGOs fear state control from Poland’s new civil society department”, Global Government Forum, 30 November 2016, available at https://www.globalgovernmentforum.com/ngosfear-state-control-from-polands-new-civil-society-department/ (last accessed 10 October 2017). 94 Duncan Campbell, “Planned Espionage Act could jail journos and whistleblowers as spies”, The Register, 10 February 2017, available at https://www.theregister.co.uk/2017/02/10/espionage_law_jail_journalists_as_spies/ (last accessed 10 October 2017).

Nyst/King

469

78

79

80

81

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 4.3d from 30.09.2019 14:06:38 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 4. European Intelligence and Rule of Law

adopted whistleblower law, known as Sapin II, omits disclosures of intelligence and national security information from its otherwise rigorous framework for protection of whistleblowing in the public interest.95 Such developments are difficult to square with consecutive improvements in legislative transparency around intelligence, and reflect the depth of the wounds inflicted on the intelligence community by the Snowden leaks. 82 Nevertheless, the authors believe that the prospects for future effective civil society influencing of intelligence agencies are bright. The dramatic advancements in this field over the past five years, let alone the past fifty, suggest the arc of intelligence policy is bending towards transparency and accountability. Moreover, it is our experience that civil society organisations continue to innovate and educate such that they are becoming an increasingly influential force in national security policy generally, and on intelligence issues in particular. It is our fervent hope that this trend will continue. 95 Blueprint for Free Speech, “France Passes Long-Awaited Whistleblower Protections”, 8 November 2016, available at https://blueprintforfreespeech.net/france-passes-long-awaited-whistleblower-protections (last accessed 10 October 2017).

470

Nyst/King

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:22 3B2 9.1.580; Page size: 160.00mm  240.00mm

PART 5 EUROPEAN INTELLIGENCE IN NATIONAL LEGISLATION AND LEGAL PRAXIS Chapter 1 Intelligence Law in Germany Jan-Hendrik Dietrich Outline A. Introduction ...................................................................................................................... B. Key terms of German intelligence law ........................................................................ I. Nachrichtendienst as Intelligence Service?......................................................... II. Verfassungsfeindliche Bestrebungen – Anti-constitutional activities ........... III. Personenbezogene Daten – Personal data .......................................................... IV. Nachrichtendienstliche Mittel as Intelligence methods, materials and instruments? ............................................................................................................. V. Tatsächliche Anhaltspunkte – Specific indications .......................................... VI. Übermittlung – Transfer of data.......................................................................... C. The German intelligence community.......................................................................... I. Coordination and division of labour.................................................................. II. Network of Offices for the Protection of the Constitution and the Federal Office of Military Counter-Intelligence ............................................................. III. Federal Intelligence Service and Military Intelligence .................................... IV. Intelligence Producer-Consumer Relations....................................................... V. Oversight organs ..................................................................................................... D. German intelligence legislation..................................................................................... I. Constitutional requirements................................................................................. 1. Constitutional requirements pertaining to the legal structure of the state 2. Basic rights........................................................................................................... II. Intelligence law in Germany................................................................................. 1. Brief presentation of legal sources of intelligence law ............................... 2. The intelligence services’ legal mandate........................................................ 3. Powers of the intelligence services ................................................................. a) Requests for information from the private sector................................. b) Use of intelligence methods, materials and instruments..................... aa) Intelligence legislation general clause............................................... bb) Human intelligence .............................................................................. cc) Surveillance of Private Homes ........................................................... dd) IMSI catcher........................................................................................... c) Surveillance of Correspondence, Posts and Telecommunications (Signals Intelligence) .................................................................................... aa) Monitoring of individuals ................................................................... bb) Strategic surveillance ............................................................................ cc) Telecommunications surveillance of foreigners abroad............... dd) Telecommunications surveillance at the source ............................ d) Computer and network surveillance (‘online search’) ......................... E. Intelligence cooperation.................................................................................................. I. Legal framework for the exchange of information ......................................... II. Databases of the intelligence services................................................................. III. Fusion Centres......................................................................................................... F. Oversight ............................................................................................................................ I. Administrative Oversight ...................................................................................... II. Parliamentary Oversight........................................................................................

Dietrich

mn. 1 6 7 8 9 10 11 12 13 13 19 21 23 27 28 31 32 35 39 39 48 53 54 57 59 63 68 74 77 79 87 94 102 104 106 107 111 115 119 120 121

471

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:23 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis III. Judicial review.......................................................................................................... 128 IV. Independent Oversight Bodies with Specific Mandate .................................. 130 G. Conclusion ......................................................................................................................... 134 Bibliography: Bäcker, Strategische Telekommunikationsüberwachung auf dem Prüfstand, Kommunikation & Recht 2014, p. 556; Baier, Die parlamentarische Kontrolle der Nachrichtendienste und deren Reform, Verlag Dr. Kovač 2009; Bareinske, Auslandsaufklärung, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, V § 8; Bareinske, Force Protection, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, V § 9; Bartodziej, Parlamentarische Kontrolle, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, VII § 2; Bayerisches Staatsministerium des Innern und für Migration, Verfassungsschutzbericht 2017, 2018; Brandt, Das Bundesamt für Verfassungsschutz und das strafprozessuale Ermittlungsverfahren, Duncker & Humblot 2015; Brissa, Aktuelle Entwicklungen der parlamentarischen Kontrolle nachrichtendienstlicher Tätigkeit des Bundes, Die Öffentliche Verwaltung 2017, 765; Brunst, Terrorismusaufklärung, in: Dietrich/ Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, V § 2; Buchberger, Rechtsschutz gegen nachrichtendienstliche Aktivitäten?, in: Dietrich/Gärditz et al. (eds.), Nachrichtendienste im demokratischen Rechtsstaat, Mohr Siebeck 2018, 107; Bundesministerium des Innern, Abschlussbericht der Bund-Länder-Kommission Rechtsterrorismus, 2013; Dietrich, Reform der parlamentarischen Kontrolle der Nachrichtendienste als rechtsstaatliches Gebot und sicherheitspolitische Notwendigkeit, Zeitschrift für Rechtspolitik 2014, p. 205; Dietrich, Of toothless windbags, blind guardians and blunt swords, Intelligence and National Security, 31 (2016), 397; Dietrich, Rekonstruktion eines Staatsgeheimnisses, Rechtswissenschaft – Zeitschrift für rechtswissenschaftliche Forschung 2016, 566; Dietrich, Geheime Mitarbeiter, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, VI § 2; Dietrich, Das Recht der Nachrichtendienste, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, III § 3; Dietrich/Gärditz/Graulich/Gusy/Warg (eds.), Nachrichtendienste im demokratischen Rechtsstaat, Mohr Siebeck 2018; Dietrich, BNDG, in: Schenke/Graulich/Ruthig, Sicherheitsrecht des Bundes, 2nd ed., C.H. Beck 2018, §§ 6–18; Dorn, Das Trennungsgebot in verfassungshistorischer Perspektive, Duncker & Humblot 2004; Droste, Handbuch des Verfassungsschutzrechts, Boorberg 2007; Eiffler, Exekutivkontrolle, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, VII § 1; Engelhart, The National Socialist Underground (NSU) Case, in: Miller (ed.), Privacy and Power, Cambridge University Press 2017, 375; Foster/Sule, German Legal System and Laws, 4th ed., Oxford University Press 2010; Gärditz, Die Reform des Nachrichtendienstrechts des Bundes: AuslandAusland-Fernmeldeaufklärung des Bundesnachrichtendienstes und Stärkung des Parlamentarischen Kontrollgremiums, Deutsches Verwaltungsblatt 2017, p. 525; Gärditz, Legal Restraints on the Extraterritorial Activities of Germany’s Intelligence Services, in: Miller (ed.), Privacy and Power, Cambridge University Press 2017, 401; Gärditz, Auskunftsersuchen gegenüber der Privatwirtschaft, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, VI § 1; Gazeas, Übermittlung nachrichtendienstlicher Erkenntnisse an Strafverfolgungsbehörden, Duncker & Humblot 2014; Geisler, Im Saal der Ahnungslosen, die tageszeitung, 6 July 2013, p. 7; Gieseke, Die Stasi: 1945–1990, 4th ed., Pantheon 2011; Gnüchtel, Das Gesetz zum besseren Informationsaustausch bei der Bekämpfung des internationalen Terrorismus, Neue Zeitschrift für Verwaltungsrecht 2016, p. 1113; Graulich, Justizgewährung und Geheimdienste, in: Graulich/Simon (eds.), Terrorismus und Rechtsstaatlichkeit, Akademie Verlag 2007, p. 143; Graulich, Reform des Gesetzes über den Bundesnachrichtendienst – Ausland-Ausland-Fernmeldeaufklärung und internationale Datenkooperation, Kriminalpolitische Zeitschrift 2017, p. 43; Gusy, Richterliche Kontrolle des Verfassungsschutzes, in: Bundesamt für Verfassungsschutz (ed.), Verfassungsschutz in der Demokratie, Carl Heymanns Verlag 1990, p. 67; Gusy, Polizei und Nachrichtendienste im Kampf gegen die organisierte Kriminalität, in: Friedrich-Ebert-Stiftung (ed.), Nachrichtendienste, Polizei und Verbrechungsbekämpfung im demokratischen Rechtsstaat, 1994, p. 91; Gusy, Grundrechte und Verfassungsschutz, VS Verlag für Sozialwissenschaften 2011; Gusy, Organisation und Aufbau der deutschen Nachrichtendienste, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, IV § 1; Gusy, Nachrichtendienste in der sicherheitsbehördlichen Kooperation – verfassungsrechtliche Grundlagen und gesetzliche Grundfagen, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, IV § 2; Hansalek, Die parlamentarische Kontrolle der Bundesregierung im Bereich der Nachrichtendienste, Peter Lang Verlag 2006; Hempel, Der Bundestag und die Nachrichtendienste – eine Neubestimmung durch Art. 45 d GG?, Duncker & Humblot 2014; Hirsch, Die Kontrolle der Nachrichtendienste, Duncker & Humblot 1996; Hochreiter, Die heimliche Überwachung internationaler Telekommunikation, Herbert Utz Verlag 2002; Hörauf, Das neue Antiterrordateigesetz, Neue Zeitschrift für Verwaltungsrecht 2015, 181; Huber, Die strategische Rasterfahndung des Bundesnachrichtendienstes – Eingriffsbefugnisse und Regelungsdefizite, Neue Juristische Wochenschrift 66/35 (2013) p. 2572; Huber, BND-Gesetzesreform – gelungen oder nachbesserungsbedürftig?, Zeitschrift für Rechtspolitik 2016, p. 162; Huber, Kontrolle der Nachrichtendienste des Bundes – dargestellt am

472

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:23 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany Beispiel der Tätigkeit der G10-Kommission, Zeitschrift für das Gesamte Sicherheitsrecht 2017, p. 12; Kornblum, Rechtsschutz gegen geheimdienstliche Aktivitäten, Duncker & Humblot 2011; Kreuter/Möbius, Verfassungsrechtliche Vorgaben für nachrichtendienstliches Handeln im Ausland: Extraterritoriale Geltung der Grundrechte?, Bundeswehrverwaltung 53/7 (2009), p. 146; Krieger, Oversight of Intelligence: A Comparative Approach, Treverton/Agrell (eds.), National Intelligence Systems. Current Research and Future Prospects, Cambridge University Press 2009, p. 210; Krieger, Geschichte der Geheimdienste: Von den Pharaonen bis zur NSA, 3rd ed., C.H. Beck 2014; Krieger, Geschichte der deutschen geheimen Nachrichtendienste: eine historische Skizze, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, I § 1; Kutzschbach, Datenverarbeitung der Nachrichtendienste, in: Dietrich/ Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, VI § 6; Lang, Geheimdienstinformationen im deutschen und amerikanischen Strafprozess, Duncker & Humblot 2014; Löffelmann, Heimliche Bild- und Tonaufnahmen, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, VI § 3; Löffelmann, Überwachung des Brief-, Post- und Fernmeldeverkehrs, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, VI § 4; Löffelmann, Sonstige Telekommunikationsüberwachung, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, VI § 5; Marscholleck, Das Gesetz zur Verbesserung der Zusammenarbeit im Bereich des Verfassungsschutzes, Neue Juristische Wochenschrift 2015, 3611; Marxsen, Strategische Fernmeldeaufklärung, Die Öffentliche Verwaltung 2018, p. 218; Masing, Nachrichtendienste im freiheitlichen Rechtsstaat, in: Dietrich/Gärditz et al. (eds.), Nachrichtendienste im demokratischen Rechtsstaat, Mohr Siebeck 2018, 3; Münkel, Kampagnen, Spione, geheime Kanäle – Die Stasi und Willy Brandt, 2nd ed., BStU 2013; Omand, Securing the State, Columbia University Press 2010; Papier, Beschränkungen der Telekommunikationsfreiheit durch den BND an Datenaustauschpunkten, Neue Zeitschrift für Verwaltungsrecht 2016, p. 1; Rehbein, Die Verwertbarkeit von nachrichtendienstlichen Erkenntnissen aus dem Inund Ausland im deutschen Strafprozess, Duncker & Humblot 2011; Roggan, Artikel 10-Gesetz, Nomos 2012; Roggan/Hammer, Das Gesetz zum besseren Informationsaustausch bei der Bekämpfung des internationalen Terrorismus, Neue Juristische Wochenschrift 2016, p. 3063; Roggan, Legislative Entgrenzungen im Bereich der “Terrorismusbekämpfung”, Zeitschrift für Rechtspolitik 2017, p. 208; Schwabenbauer, Heimliche Grundrechtseingriffe, Mohr Siebeck 2013; Siems, Datenübermittlung in der sicherheitsbehördlichen Kooperation, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, VI § 7; Singer, Die rechtlichen Vorgaben für die Beobachtung der Organisierten Kriminalität durch die Nachrichtendienste der Bundesrepublik Deutschland, Shaker Verlag 2002; Singer, Praxiskommentar zum Gesetz über die parlamentarische Kontrolle nachrichtendienstlicher Tätigkeit des Bundes, Springer 2016; Spitzer, Die Nachrichtendienste Deutschlands und die Geheimdienste Russlands – ein Vergleich, LIT 2011; Stubenrauch, Gemeinsame Verbunddateien von Polizei und Nachrichtendiensten, Nomos 2008; Thiel, Die Entgrenzung der Gefahrenabwehr, Mohr Siebeck 2011; Unterreitmeier, Überwachung durch Polizei oder Nachrichtendienste – kein Unterschied?, Zeitschrift für das Gesamte Sicherheitsrecht 2018, p. 1; von Lampe, Bekämpfung der organisierten Kriminalität, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, V § 6; Warg, Der gesetzliche Auftrag der deutschen Nachrichtendienste, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, V § 1; Warg, Spionageabwehr/Geheimschutz, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, V § 4; Weisser, Die Entwicklung des Bundesnachrichtendienstes, Sierke Verlag 2014; Wolff, Entwicklungslinien und Prinzipien der parlamentarischen Kontrolle der Nachrichtendienste, in: Dietrich/Gärditz et al. (eds.), Nachrichtendienste im demokratischen Rechtsstaat, Mohr Siebeck 2018, 69; Zöller, Informationssysteme und Vorfeldmaßnahmen von Polizei, Staatsanwaltschaft und Nachrichtendiensten, C.F. Müller 2002; Zöller, Der Rechtsrahmen für die Übermittlung personenbezogener Daten unter Beteiligung der Nachrichtendienste, in: Dietrich/Gärditz et al. (eds.), Nachrichtendienste im demokratischen Rechtsstaat, Mohr Siebeck 2018, 185.

A. Introduction Anyone dealing with the historical development of German intelligence services will 1 inevitably come across dark chapters of German history. The crimes of the Secret State Police (Geheime Staatspolizei [Gestapo]) and the SS Security Service (Sicherheitsdienst des Reichsführers SS [SD]) under the National Socialist dictatorship are widely known.1 A similar degree of notoriety was gained by the Ministry of State Security (Ministerium 1 See Krieger in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, I § 1, mn. 54 et seq.; Dorn, Trennungsgebot, 2004, 46 et seq.

Dietrich

473

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:24 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

für Staatssicherheit [MfS, the so-called Stasi]), with the help of which the ‘regime of injustice’ (Unrechtsstaat) in the GDR monitored East German society virtually everywhere until the fall of the Berlin Wall.2 Current German intelligence services have nothing in common with these historical forerunners. There is no legal succession, nor are there any misapprehended lines of tradition. 2 However, these historical experiences have not been without influence. Lessons from the past are substantially reflected in the legislation governing the activities of German intelligence services. One pecularity is the so-called separation rule, which has its origin in what is referred to as the Alliierter Polizeibrief (Military Governors’ Letter to the Parliamentary Council defining Federal Police Power) of 1949.3 Since that time, this rule has been incorporated in different forms into several laws. It relates to the separation of law enforcement agencies and intelligence services. For example, according to Section 1 (1), sentence 2 of the Federal Intelligence Service Act (Gesetz über den Bundesnachrichtendienst [BNDG]4), the Federal Intelligence Service BND (Bundesnachrichtendienst) must not be attached to a police authority. Thus, the separation rule serves as an organisational principle under the rule of law. It is meant to prevent concentrations of power in the state. Christoph Gusy, a distinguished scholar of public law at the University of Bielefeld, highlights the purpose of the separation rule in his now famous formula: “Those who know everything should not be allowed to do everything, and those who are allowed to do everything should not know everything.”5 Also in other areas, German law clearly displays how Germany has come to terms with the past. For example, several East German federal states have made the “observation of former, persistent structures of the intelligence and counterintelligence services of the former GDR” a task of their offices for the protection of the constitution. A similar responsibility is included in Section 2 (1) of the Act on the Protection of the Constitution of the Federal State of Saxony. 3 Besides German efforts to come to terms with the past, the rulings of the Federal Constitutional Court (Bundesverfassungsgericht) have a particular impact on the development of German intelligence law. In its role as “guardian of the constitution”, the Court has laid down limits for German intelligence services time and again when citizens’ basic rights were involved. Its 1983 ruling on a national census, for example, was of far-reaching importance, in which, for the first time, the Court referred to the individual’s basic right to informational self-determination.6 Very restrictive privacy provisions have formed the core of German intelligence law ever since. These provisions place the protection of informational self-determination in specific terms by imposing severe constraints on the collection of information by the intelligence services. 4 Over the years, German intelligence law has become so dense and systematic that we can refer to it as a separate area of law.7 This new coherent legal field is receiving increasing scholarly attention. For some years now, matters of intelligence legislation

2

See Gieseke, Die Stasi: 1945–1990, 2011, 110 et seq. See Dorn, Trennungsgebot, 2004, 122 et seq. 4 Federal Law Gazette, BGBl. I 1990 at 2954, 2979, most recently amended by Article 4 of the Act of 30 June 2017 (BGBl. I at 2097). 5 Gusy, in: Friedrich-Ebert-Stiftung (ed.), Nachrichtendienste, Polizei und Verbrechungsbekämpfung im demokratischen Rechtsstaat, 1994, 91 (93). Author’s translation of: “Wer (fast) alles weiß, soll nicht alles dürfen und wer (fast) alles darf, soll nicht alles wissen.” 6 BVerfGE 65, 1 (1 et seq.)’. 7 Cf. Dietrich in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, III § 3, mn. 17 et seq. 3

474

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:25 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

have been addressed in publication series and expert meetings. Recently, numerous doctoral theses have dealt with this topic.8 The subsequent section provides an overview of the current legal situation in 5 Germany taking into account both fundamental decisions of German courts and the relevant scholarly literature. The focus is on the legal framework of the German authorities’ intelligence activities (D.). In addition, reference is made to the cooperation between (E.) and the supervision (F.) of the intelligence services. The foundation for this, however, is laid down in the following paragraphs on key terms of German intelligence law (B.) and on the German intelligence community (C.).

B. Key terms of German intelligence law Germany subscribes to the legal tradition of civil law.9 Hence, the laws themselves 6 are of prime importance in German legal practice. Ambiguous legal concepts in individual provisions are subject to judicial interpretation. Intelligence law contains a large number of such ambiguous legal concepts, which have only taken shape over time in the light of administrative practice and case law. The key terms shall now be looked at more closely.

I. Nachrichtendienst as Intelligence Service? The provisions of German intelligence law are logically linked by the term Nachrich- 7 tendienst.10 Strictly speaking, it cannot be easily translated into English by the term “intelligence service.” The term Nachrichtendienst was created by post-war lawmakers. Quite deliberately, it avoids referring to clandestine activities and alludes to a limitation of the official mandate. The term is restricted to collecting, analysing and providing information, nothing beyond that. Thus, German lawmakers intentionally enacted an antithesis to forerunners in German history. The Secret State Police, i. e. the Gestapo, was a secret police authority with unrestricted powers. Section 7 of the Act on the Secret State Police (Gesetz über die Geheime Staatspolizei) of 1936 legitimised any measures: “Decrees and orders of the Secret State Police are not subject to review by administrative courts.” Against this backdrop, the term Nachrichtendienst can be defined as an information provider for political decision makers and other actors tasked to ensure state security (e. g. police, military).

8 E. g. Brandt, Das Bundesamt für Verfassungsschutz und das strafprozessuale Ermittlungsverfahren, 2015; Gazeas, Übermittlung nachrichtendienstlicher Erkenntnisse an Strafverfolgungsbehörden, 2014; Lang, Geheimdienstinformationen im deutschen und amerikanischen Strafprozess, 2014; Spitzer, Die Nachrichtendienste Deutschlands und die Geheimdienste Russlands – ein Vergleich, 2011; Stubenrauch, Gemeinsame Verbunddateien von Polizei und Nachrichtendienstem, 2008; Weisser, Die Entwicklung des Bundesnachrichtendienstes, 2014. 9 See Foster/Sule, German Legal System and Laws, 2010, 3 et seq. 10 See Unterreitmeier, Zeitschrift für das Gesamte Sicherheitsrecht 2018, 1 (2 et seq.); Dietrich in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, III § 3, mn. 2 et seq.; Gazeas, Übermittlung nachrichtendienstlicher Erkenntnisse an Strafverfolgungsbehörden, 2014, 53 et seq.

Dietrich

475

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:25 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

II. Verfassungsfeindliche Bestrebungen – Anti-constitutional activities 8

All in all, 18 German intelligence services are primarily tasked with observing anticonstitutional activities.11 These agencies are referred to as federal and state offices for the protection of the constitution.12 Anti-constitutional activities are addressed in more detail in the laws of the respective authorities. Section 4 (1) in connection with Section 3 (1) (1) of the Federal Act on the Protection of the Constitution (Bundesverfassungsschutzgesetz, long title: Act Regulating the Cooperation between the Federation and the Federal States in Matters Relating to the Protection of the Constitution and on the Federal Office for the Protection of the Constitution [Gesetz über die Zusammenarbeit des Bundes und der Länder in Angelegenheiten des Verfassungsschutzes und über das Bundesamt für Verfassungsschutz” – BVerfSchG])13, for example, addresses politically motivated, target-oriented and purposeful behaviour within an association of individuals, directed against the “free democratic basic order”. As a rule, this refers to all extremist activities aiming to remove central constitutional principles. Criminal or unlawful conduct is not a requirement for its applicability.

III. Personenbezogene Daten – Personal data 9

The aforementioned census decision of the Federal Constitutional Court14 had the decisive effect that protection of a basic right can now be claimed with regard to information on personal and factual circumstances of a specific person. According to legislation, the object of this protection of basic rights is described as “personal data.” German intelligence services are only allowed to collect or process (e. g. store or forward) personal data under strictly defined conditions.

IV. Nachrichtendienstliche Mittel as Intelligence methods, materials and instruments? 10

In order to fulfil their legal tasks, German intelligence services are allowed to use nachrichtendienstliche Mittel.15 This term can best be translated into English as “intelligence methods, materials and instruments”, although it should be kept in mind that the internationally recognized broad understanding of “intelligence agency” or “intelligence service” cannot be applied to German authorities.16 There is no unanimous understanding in Germany on the exact meaning of “intelligence methods, materials and instruments.” Federal legislation operates with examples: i. e. federal laws contain examples of intelligence methods, materials and instruments, which are covered by the term anyhow. Pursuant to Section 8 (2) of the Federal Act on the Protection of the 11 See Warg, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, V § 1, mn. 24 et seq. 12 See mn. 19 et seq. 13 Federal Law Gazette, BGBl. I 1990 at 2954, 2970, most recently amended by Article 2 of the Act of 30 June 2017 (BGBl. I 2017 at 2097). 14 BVerfGE 65, 1. 15 See Gazeas, Übermittlung nachrichtendienstlicher Erkenntnisse an Strafverfolgungsbehörden, 2014, 93 et seq.; Droste, Handbuch des Verfassungsschutzrechts, 2007, 305 et seq. 16 See mn. 7 above.

476

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:26 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

Constitution, instruments include surveillance, the employment of confidential informants, image and sound recordings or cover documents. Further details are laid down in a classified administrative regulation. Some federal states deviate from this approach. The legislation of some federal states regarding the protection of the constitution contains exhaustive lists of intelligence methods, materials and instruments. While guaranteeing transparency, this can sometimes severely restrict the flexibility of the authorities.

V. Tatsächliche Anhaltspunkte – Specific indications German legislation imposes strict constraints on the use of intelligence methods, 11 materials and instruments, since they regularly involve infringements of basic rights, e. g. the right to informational self-determination. The more intense the potential restrictions of basic rights, the higher are the demands for their justification. For that reason, the legal requirements for the use of intelligence methods, materials and instruments vary depending on the methods, materials and instruments used. Yet, all provisions have in common that the intelligence services are allowed to take action even without a suspicion of a crime or of a specific threat to a particular legal interest. Instead, specific indications are sufficient to justify that a specific measure supports fulfilment of the intelligence services’ legal mandate.17 Again, the term “specific indications” alludes to the aforementioned separation rule: in Germany, police authorities may only take action if there is a suspicion of a crime or a threat to important legal interests. In contrast, the intelligence services act in anticipation of a threat or crime.

VI. Übermittlung – Transfer of data As a matter of principle, personal data held by the intelligence services may not be 12 freely exchanged with other authorities. The Federal Constitutional Court even assumes an informational separation principle between the intelligence services and the police, derived from the basic rights according to which information must always be collected and stored separately.18 It may only be exchanged in exceptional cases. Legislation refers to the exchange of information with other authorities or agencies as “transfer of data.”19 Requests for a transfer of data vary according to the addressee of the information. From a comparative viewpoint, conditions for the transfer of data within the intelligence community, for example, are permissive. The transfer of data to the public prosecutor’s office and the police, in contrast, is subject to strict standards. Here, the interference with basic rights is all the more distinct since the holder of a basic right whose personal data are transferred is facing prosecution.

C. The German intelligence community I. Coordination and division of labour Anyone talking about “intelligence communities” in Europe may be asked what this 13 term actually refers to. David Omand traces the term “intelligence community” back to 17

See Droste, Handbuch des Verfassungsschutzrechts, 2007, 175 et seq. BVerfGE 133, 277 (329). 19 For more detail see Gazeas, Übermittlung nachrichtendienstlicher Erkenntnisse an Strafverfolgungsbehörden, 2014, 197 et seq. 18

Dietrich

477

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:27 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

a protocol of the US Intelligence Advisory Committee from 1952, which shortly afterwards served as the basis for an amendment of the National Security Act of 1947.20 By law, the function of “Head of the United States Intelligence Community” was created and assigned to the Director of Central Intelligence (DCI). De lege lata, this gave him a certain coordinating function among the US intelligence actors, though it could hardly be implemented in reality. However, historical developments show what an intelligence community is all about: the focus is on the division of labour and its coordination. The cooperation of individual actors is organised in an infrastructure. 14 In Germany, elements of such an infrastructure have been in existence for quite some time. Unlike in other states, there are no explicit statutory regulations governing a German “intelligence community.” At the centre of the existing German infrastructure is the Commissioner for the Intelligence Services of the Federal Government (Beauftragter für die Nachrichtendienste des Bundes)21, a post which was created in the aftermath of the Guillaume affair22, when weaknesses in the cooperation of the German intelligence services became apparent. Since 2014, the function is performed by a permanent state secretary. Related tasks are specified in an organisational decree of the Federal Chancellor23. Accordingly, the Commissioner is responsible for: – coordinating and ensuring the intensified cooperation of the intelligence services of the Federal Government, – furthering cooperation among the services and interagency cooperation with other authorities at home and abroad, – coordinating the intelligence services’ reporting to the Federal Government, – assuming the role of central point of contact for the German Parliament and the public on questions pertaining to the intelligence services, – representing the interests of the intelligence services to the German Parliament and the public. 15 In order to fulfil his coordinating function, the Commissioner has various instruments at his disposal.24 In this context, the weekly intelligence situation meeting (Nachrichtendienstliche Lage [ND-Lage]) is of particular importance. As part of this meeting, the directors of the three intelligence services of the Federal Government report to the Commissioner on the current security situation at home and abroad in the regular attendance of the Head of the Federal Chancellery as well as several state secretaries from relevant ministries. The intelligence situation meeting is prepared by the Commissioner’s staff, which decides on the issues addressed. The intelligence situation meeting is followed by a smaller-scale meeting with the directors of the intelligence services (Präsidentenrunde [Directors’ Meeting]). This meeting is focused less on technical information and more on debating follow-on questions and decision making. 16 Moreover, the Commissioner has extensive rights to obtain information on policy, budgetary and organisational issues. This includes the right to request the specific budget plans of the three intelligence services of the Federal Government. He is entitled to participate in the preparation of internal service regulations and draft laws. In 20

See Omand, Securing the State, 297. These include the Federal Intelligence Service (Bundesnachrichtendienst [BND]), the Federal Office for the Protection of the Constitution (Bundesamt für Verfassungsschutz [BfV]) and the Federal Office of Military Counter-Intelligence (Bundesamt für den Militärischen Abschirmdienst [BMAD]). 22 See Münkel, Kampagnen, Spione, geheime Kanäle – Die Stasi und Willy Brandt, 2013, 57 et seq. 23 See Eiffler in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VII § 1, mn. 33 et seq. 24 See Eiffler in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VII § 1, mn. 48 et seq. 21

478

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:27 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

addition, the aforementioned Federal Chancellor’s organisational decree grants him the right to suggest specific measures in order to improve cooperation among the intelligence services of the Federal Government. With the rise of international terrorism, the infrastructure of the German intelligence 17 community has become denser. To a significant extent, this has been due to a number of committees of inquiry identifying shortcomings in the cooperation of the security agencies in their reports. Particularly noteworthy in this context is the work of the committee of inquiry on the NSU, which brought to light a number of intelligence failures with regard to the crimes of the so-called National Socialist Underground (Nationalsozialistischer Untergrund) terrorist organisation.25 Criticism focused on the poor information management and lack of analytical skills of the German intelligence services. As a consequence of these failures, working level cooperation among the authorities was intensified further. Improvement measures included, for example, the establishment and expansion of common databases of the intelligence services. Thus, the NADIS WN Intelligence Information System (Nachrichtendienstliches Informationssystem Wissensnetz) was introduced as an improved database of the federal and state offices for the protection of the constitution in 2012. Since 2014, a common HUMINT database (referred to as ‘Confidential Informants Database’ [V-Leute-Datei]) has been maintained to document the surveillance priorities of individual agencies for the protection of the constitution. The identification of specific human sources shall, however, not be possible.26 The most recent major structural innovation is the establishment of the master’s 18 degree programme “Intelligence and Security Studies”, which will be offered jointly by the Federal University of Administrative Sciences and the Bundeswehr University staring in early 2019.27 This programme was developed under the auspices of the Commissioner for the Intelligence Services of the Federal Government. It is designed as a qualification tool for executive staff from the federal and state intelligence services as well as Bundeswehr officers. It enables a standardised intelligence education throughout the intelligence community. Through this it contributes significantly to strengthening the intelligence actors’ network.

II. Network of Offices for the Protection of the Constitution and the Federal Office of Military Counter-Intelligence Domestic intelligence in Germany is carried out by the federal and state offices for 19 the protection of the constitution. Together, they are referred to as Verfassungsschutzverbund (network of offices for the protection of the constitution).28 This network is responsible for observing and preventing anti-constitutional activities. It is also responsible for counter-espionage. At its centre is the Federal Office for the Protection of the Constitution BfV (Bundesamt für Verfassungsschutz). Founded in 1950, the BfV is a higher federal authority under the responsibility of the Federal Ministry of the Interior.

25

Deutscher Bundestag, Drucksache 18/14600, 856 et seq.; Drucksache 18/12950, 27 et seq. Cf. Dietrich in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 2, mn. 91. 27 See Serrao, Die neue Schule der Spione, Neue Zürcher Zeitung, 08.11.2017, https://www.nzz.ch/ international/die-neue-schule-der-spione-ld.1329729 (15 July 2018). 28 See Droste, Handbuch des Verfassungsschutzrechts, 2007, 33 et seq.; Gusy, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, IV § 2, mn. 23 et seq. 26

Dietrich

479

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:28 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

With a staff of about 3,000, its annual budget amounts to some 349 million Euro.29 Its tasks and powers are laid down in the Federal Act on the Protection of the Constitution. In accordance with Section 5 (2) of the Federal Act on the Protection of the Constitution, the BfV has the central authority for use of information. This corresponds with the obligations to transfer information of the 16 offices for the protection of the constitution of the federal states. Every Federal state has its own office for the protection of the constitution. According to the size and importance of the respective federal states, these offices differ considerably. The Federal state of Hamburg, for example, maintains only a relatively small office with a staff of 153. For its operation, about 12 million Euro have been allocated in the state’s budget.30 In contrast, the Bavarian State Office for the Protection of the Constitution has a staff of 541, and its annual budget amounts to some 38 million Euro.31 Smooth cooperation of federal and state authorities cannot be taken for granted. In the past, the federal states’ frequent insistence on their autonomy in matters relating to the protection of the constitution did not encourage the flow of information between the authorities. A noticeable change has only been brought about by the far-reaching reform of 2015, strengthening the central function of the BfV.32 It is fair to say that the BfV has served as the coordinator of the domestic intelligence community since then. 20 Closely linked to the network of offices for the protection of the constitution is the Federal Office of Military Counter-Intelligence BMAD (Bundesamt für den Militärischen Abschirmdienst) which performs tasks related to the protection of the constitution within the German armed forces. These include prevention and observation of anti-constitutional activities within the Bundeswehr, countering espionage and sabotage, as well as the protection of German base camps in operations abroad.33 Since August 2017, the BMAD has been organised as a civilian higher federal authority under the responsibility of the Federal Ministry of Defence, although the majority of its staff has a military background. The BMAD operates on the basis of the Military Counterintelligence Service Act (Gesetz über den Militärischen Abschirmdienst [MADG])34 which, to a large extent, refers to the Federal Act on the Protection of the Constitution instead of containing substantial provisions of its own. Since its founding in 1956, there have been repeated calls for the dissolution of the BMAD.35 The most common argument is that its tasks could just as well be performed by the BfV. These calls have been disregarded by the Federal Ministry of Defence. The Ministry rather underlines the need for specific access to the military, as anyone wishing to discern extremist tendencies in the Bundeswehr would have to be able to get in the mindset and understand the hierarchies of the military.

29 Bundesministerium der Finanzen, Bundeshaushalt 2017, Einzelplan Bundesamt für Verfassungsschutz, https://www.bundeshaushalt-info.de/#/2017/soll/ausgaben/einzelplan/0626.html (15 July 2018). 30 See Freie und Hansestadt Hamburg, Behörde für Inneres und Sport, Strukturdaten, Regelanfragen und Überprüfungen, http://www.hamburg.de/innenbehoerde/wirueberuns/233294/verfassungsschutz-strukturda ten/(15 July 2018). 31 Cf. Bayerisches Staatsministerium des Innern und für Migration, Verfassungsschutzbericht 2017, 18. 32 See Marscholleck, Neue Juristische Wochenschrift 2015, 3611 (3611 et seq.). 33 See Gusy, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, IV § 1, mn. 81 et seq. 34 Federal Law Gazette, BGBl. I 1990 at 2954, 2977, most recently amended by Article 3 of the Act of 30 June 2017 (BGBl. I 2017 at 2097). 35 See Müller/Jahn, Leutheusser: Offen über MAD-Auflösung reden, Interview with Sabine LeutheusserSchnarrenberger, Frankfurter Allgemeine Zeitung, 17 September 2012, http://www.faz.net/aktuell/politik/ inland/f-a-z-interview-leutheusser-offen-ueber-mad-aufloesung-reden-11893762.html (15 July 2018).

480

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:28 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

III. Federal Intelligence Service and Military Intelligence Other members of the German intelligence community include the Federal Intelli- 21 gence Service BND (Bundesnachrichtendienst) as well as the military intelligence (MI) assets of the Bundeswehr (military intelligence organisation).36 The BND is the German foreign intelligence service. Since it was founded in 1956 it has been subordinate to the Federal Chancellery. It is a mixed civilian and military organisation. Among its staff of about 6,500, there are some 750 Bundeswehr soldiers.37 The BND is tasked with collecting and analysing information of significance for foreign and security policy.38 In addition, it contributes significantly to the protection of German forces on operations abroad. Its annual budget amounts to some 833 million Euro.39 Since 1990, it has had its own legal foundation: its tasks and powers are laid down in the Federal Intelligence Service Act (Gesetz über den Bundesnachrichtendienst [BNDG]), with the BNDG also making frequent references to the Federal Act on the Protection of the Constitution. This reference technique is subject to severe criticism in literature and practice.40 It cannot be denied that the analogous application of the Federal Act on the Protection of the Constitution to foreign intelligence service matters often poses problems. The Bundeswehr’s military intelligence organisation41 (Militärisches Nachrichtenwe- 22 sen [MilNW]) is closely entwined with the BND. The MilNW is not a military intelligence service in its own right. Rather, it includes elements from all military services which jointly form part of the Bundeswehr capability profile. In regard to contents, its mission is tasked with providing the Federal Minister of Defence and military leaders at all levels with a picture of military situation to provide for appropriate military decisions. For that purpose, information of tactical and operational relevance is gathered and evaluated. Each service has specific MI capacities. Thus, the German Air Force uses, for example, big HERON reconnaissance drones or the TORNADO ECR aircraft, which are deployed for electronic combat and reconnaissance. The most important reconnaissance capacities are consolidated in the Strategic Reconnaissance Command (Kommando Strategische Aufklärung [KSA]). The KSA assumes a coordinating function in support of tactical and operational level information supply. The management of information requirements for the preparation of the military intelligence situation, though, is incumbent on the Bundeswehr Joint Forces Operations Command (Einsatzführungskommando) where all military intelligence information is gathered and assessed. The military intelligence organisation not only differs from the BND in organisational terms. There is a widely held assumption that the BND gathers information of strategic relevance while the military intelligence organisation is focused on the tactical level. As opposed to the federal and state intelligence services, the military intelligence organisation does not have a separate legal 36 See Bareinske, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, V § 8, mn. 89 et seq. 37 Cf. Bundesnachrichtendienst, Der Auslandsnachrichtendienst Deutschlands, 34, http://www.bnd. bund.de/DE/Service/Downloads/Dateien/BND_Broschuere_Sep_2016.pdf?__blob=publicationFile&v=3 (15 July 2018). 38 See Weisser, Die Entwicklung des Bundesnachrichtendienstes, 2014, 128 et seq. 39 Cf. Biermann, PR-Termin statt Transparenzoffensive, DIE ZEIT, 05.10.2017, https://www.zeit.de/ politik/deutsch land/2017-10/bnd-bfv-mad-geheimdienste-anhoerung-bundestag (15 July 2018). 40 Cf. Dietrich in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, III § 3, mn. 53. 41 See Bareinske, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, V § 8, mn. 89 et seq.

Dietrich

481

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:29 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

basis. Instead, its tasks are derived directly from the mission of the Bundeswehr to defend the Federal Republic of Germany in accordance with Article 87a of the Basic Law, the German Constitution.

IV. Intelligence Producer-Consumer Relations In its decision on the so-called counter-terrorism database, the Federal Constitutional Court, for the first time, addressed the function of the German intelligence services in Germany’s political system in more detail. The Court declared: “Without prejudice to more detailed differentiations among the various services, the goals are essentially limited to observing and reporting on fundamental threats that might destabilise the community as a whole, in order to permit a political assessment of the security situation.42 The goal is not operational protection against threats, but providing political intelligence.” The Court thus addresses an essential role of the intelligence services. They inform and consult as part of the political decision-making process. In intelligence legislation, this mission is referred to as reporting commitments. It follows from Section 1 (1) in connection with Section 33 of the Federal Intelligence Service Act that the Federal Intelligence Service must inform the Federal Chancellery and the federal ministries about the intelligence gathered from its activities. For these recipients, it prepares specific materials, including, for example, high-level reports, briefings and analyses for political decision makers. In contrast to that, the working level of the ministries is provided with regular and incidentrelated reports, messages and letters. More than 2,000 pages of paper per week are submitted to the specialist level.43 24 The Federal Constitutional Court certainly alludes to a central function of German intelligence services. Nevertheless, its description is not exhaustive. The intelligence services must serve many more informational needs of different consumers. One of these important consumers is the public. According to Section 16 of the Federal Act on the Protection of the Constitution, the BfV’s mandate includes the information of the public. This is the legal basis for the Office’s Annual Report on the Protection of the Constitution, which informs the public on anti-constitutional activities. 25 In addition, the role of the intelligence services in the security authorities’ network must be taken into account. As a result of the separation rule44, safeguarding public security is done on a division of labour basis. Without a specific reason, the intelligence services conduct situation and structural intelligence in anticipation of threats and criminal offences. However, once a threat has been identified or there is suspicion of a crime, they are obligated to inform the police and the public prosecutor’s office, which may initiate investigations based on the intelligence received. Therefore, German intelligence legislation contains particular provisions regarding the obligation to forward information to police authorities. 26 With regard to the BND, its military function must be addressed as well. The BND does not only prepare specific intelligence products for decision makers in the Federal Ministry of Defence. The armed forces are also provided with reports on the developments in the respective theatres tailored to their information requirements. In the case of specific threats, the BND informs by means of tactical-operational notices or warning messages.45 23

42

BVerfG 133, 277 (326). Dietrich in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, III § 3, mn. 5. 44 Cf. mn. 2 above. 45 Cf. Bareinske, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, V § 8, mn. 105. 43

482

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:29 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

V. Oversight organs German intelligence services are subject to a strict oversight regime.46 The number of 27 oversight organs – which actually may also be regarded as a part of the German intelligence community – is very high by international standards. First of all, the intelligence services are subject to administrative oversight by federal or state ministries which exercise expert, legal and administrative supervision. As far as legislative authority is concerned, certain organs provide political oversight. At the federal level, for example, there is the Parliamentary Oversight Panel PKGr (Parlamentarisches Kontrollgremium) which oversees the work of the three intelligence services of the Federal Government. According to Article 45 d of the Basic Law, the PKGr even has constitutional status.47 At the state level, there are similar organisations to oversee the offices for the protection of the constitution of the federal states. A function of particular importance at the federal and state levels is exercised by what is referred to as G10 Commissions. They are regularly appointed by the parliaments and decide, instead of courts, ex ante on requests of the intelligence services for restrictions of the basic right laid down in Article 10 of the Basic Law (postal, correspondence and telecommunications secrecy). Another important parliamentary oversight organ is the Confidential Committee (Vertrauensgremium) which is a sub-committee of the German Bundestag‘s (i. e. the German Parliament’s) budget committee and oversees the budgets of the intelligence services of the Federal Government. Finally, independent oversight is also exercised by the federal and state data privacy commissioners as well as by the federal and state supreme audit institutes. In addition, judicial review of intelligence activities is provided by German courts.48 Apart from a few exceptions, the courts carry out ex post oversight of intelligence activities, which is mainly due to the fact that ex ante oversight is, for the main part, assumed by the G10 Commissions. A judicial warrant is only required for the surveillance of homes. There is no special court for matters pertaining to intelligence law.

D. German intelligence legislation As mentioned above, German intelligence legislation has become much more com- 28 pact over the past few decades. The landmark decisions of the Federal Constitutional Court have played a major role in this process. Time and again, however, new legal regulations have been preceded by actual developments or events such as the detection and investigation of the crimes committed by the National Socialist Underground (Nationalsozialistischer Untergrund) terrorist organisation or the disclosure of the Snowden documents. Intelligence legislation in Germany can be understood in a narrower and in a broader 29 sense. In a narrower sense, intelligence legislation comprises those regulations which 46

See Dietrich, Intelligence and National Security, 31 (2016), 397 (397 et seq.). See Singer, Praxiskommentar zum Gesetz über die parlamentarische Kontrolle nachrichtendienstlicher Tätigkeit des Bundes, 2016, Art. 45 d GG, mn. 1 et seq.; Hempel, Der Bundestag und die Nachrichtendienste – eine Neubestimmung durch Art. 45 d GG?, 2014. 48 See Graulich, in: Graulich/Simon (eds.), Terrorismus und Rechtsstaatlichkeit, 2007, 161 (161 et seq.); Gusy, in: Bundesamt für Verfassungsschutz (ed.), Verfassungsschutz in der Demokratie, 1990, 67 (93 et seq.). 47

Dietrich

483

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:30 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

directly address the German intelligence community’s actors. Such laws allow intelligence services to interfere with the basic rights of citizens (for example e. g. based on Section 9, Federal Act on the Protection of the Constitution) or to authorise oversight organs to carry out surveillance measures (e. g. pursuant to Section 5, Act on the Parliamentary Oversight of the Intelligence Activities of the Federation). In a broader sense, there are legal provisions which do not constitute a legal basis for intelligence activities, but protect the intelligence services’ function. Such a provision is included in Section 50 (1) No. 4 of the Code of Administrative Court Procedure, according to which legal disputes involving the BND are ruled by the Federal Administrative Court as the court of first and final instance. 30 As much as the increasing number of statutory regulations is to be welcomed in regard to the containment of state power under the rule of law, it has also made German intelligence law difficult to manage.49 Provisions specifying the powers of the authorities are spread across many laws and are only related to one another via a complex reference technique. Thus, in many important aspects, the Federal Intelligence Service Act confines itself to referring to the Federal Act on the Protection of the Constitution. Specifically, this means that practitioners of law are not able to understand the Federal Intelligence Service Act without having the Federal Act on the Protection of the Constitution at hand. In addition, this reference technique raises occasionally complicated questions of interpretation in practice. That is to say, the powers of foreign and domestic intelligence services are placed on an equal footing, which is in part incompatible with the mandate of the two authorities.

I. Constitutional requirements 31

The Basic Law provides the canvas for intelligence legislation. Its decisions regarding the legal structure of the state impact on the intelligence community. In addition, in fulfilling their mandate, authorities are bound by the basic rights defined in the Constitution.

1. Constitutional requirements pertaining to the legal structure of the state 32

To begin with, the Basic Law addresses legal and administrative competences regarding the protection of the constitution. In accordance with Article 73 (1) No. 10 b of the Basic Law, the Federation has legislative power concerning “cooperation between the Federation and the Länder concerning protection of the free democratic basic order, existence and security of the Federation or of a Land.” In addition, it is authorised to enact laws to ensure “protection against activities within the federal territory which, by the use of force or preparations for the use of force, endanger the external interests of the Federal Republic of Germany.” Article 73 (1) No. 10 b, Basic Law, forms the basis for the Federal Act on the Protection of the Constitution. Finally, Article 87 (1), sentence 2, Basic Law, lays down an executive authority to establish the BfV as the central office for the protection of the constitution in order to support the relationship between the Federal government and the Federal states. The fact that the German Constitution contains explicit provisions regarding legislative and executive powers must not be underrated in terms of legitimation. In hardly any other state in the world have intelligence services been included in the constitution.

49

484

Cf. Dietrich in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, III § 3, mn. 5.

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:30 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

The Basic Law does not contain explicit provisions regarding legislative and executive 33 powers in regard to the BND and the BMAD. The Federal Intelligence Service Act is based on the legislative power of the Federation concerning foreign affairs in accordance with Article 73 (1) No. 1, Basic Law. The Military Counterintelligence Service Act is based on the legislative power of the Federation concerning defence (Article 73 (1) No. 1, Basic Law) and the protection of the constitution (Article 73 (1) No. 10 b, Basic Law). In addition, Article 45 d, Basic Law, contains an organisational provision, which is 34 specifically aimed at the intelligence services. It was only included in the Basic Law in 2009. It provides for the appointment by the German Bundestag of a panel to scrutinise the intelligence activities of the Federation (BNS, BfV, BMAD). Thus, the PKGr is vested with constitutional status. At the same time, the Article provides for its detailed organisation, tasks and authorities to be regulated by federal law. It forms the basis of the Act on the Parliamentary Oversight of the Intelligence Activities of the Federation (Gesetz über die parlamentarische Kontrolle nachrichtendienstlicher Tätigkeit des Bundes [PKGrG])50.

2. Basic rights The basic rights contained in Article 1 to 19 describe an objective regime of values on 35 which all government action must be based. According to Article 1 (3), Basic Law, the German executive and thus also the intelligence services are directly bound by the basic rights. Subjectively speaking, the basic rights form the basis for the citizens’ claims to protection against the curtailing of rights by the state. The applicability of the basic rights is mainly ensured via what is referred to as provisions of legality. This means that restrictions of basic rights must only take place pursuant to a law. For the intelligence community, this constitutional requirement means that laws need to be created as soon as their activities run the risk of affecting basic rights. For example, such a provision of legality is contained in Article 10 (2) of the Basic 36 Law, according to which warrants restricting the privacy of correspondence, mail and telecommunications may only be issued pursuant to a law. This provision of legality was implemented by what is referred to as Article 10 Act (Act Restricting the Privacy of Correspondence, Posts and Telecommunications [Gesetz zur Beschränkung des Brief-, Post- und Fernmeldeverkehrs])51 which authorises the BND, BfV and BMAD to interfere with citizens’ rights laid down in Article 10, Basic Law. Typically, intelligence activities affect the following basic rights: among others, the 37 right to informational self-determination and the right to integrity and confidentiality of information technology systems, which can be derived from Article 2 (1) in connection with Article 1 (1), Basic Law. The Federal Constitutional Court has derived both basic rights from the Constitution. The right to informational self-determination provides the citizen individual data privacy protection from state-imposed surveillance. The right to integrity and confidentiality of information technology systems has its origin in the ruling of the Federal Constitutional Court on the online search by authorities for the protection of the constitution. Referred to as Computer-Grundrecht (computer-related basic right), it protects computers, tablets or smart watches from government infiltration. Moreover, intelligence activities typically interfere with the privacy of correspon50 Federal Law Gazette, BGBl. I 2009 at 2346, most recently amended by Article 3 of the Act of 13 January 2017 (BGBl. I 2017 at 17). 51 Federal Law Gazette, BGBl. I 2001 at 1254, 2298; 2007 at 154 most recently amended by Article 12 of the Act of 14 August 2017 (BGBl. I 2017 at 3202).

Dietrich

485

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:31 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

dence, mail and telecommunications as laid down in Article 10 (1), Basic Law. This basic right protects the confidentiality of communication. Finally, intelligence activities may affect the inviolability of the home guaranteed in Article 13, Basic Law. 38 In this respect, the intelligence laws enacted by the German Bundestag and by the state parliaments put the provisions of legality included in the basic rights in specific terms. But their rationale does not end here. They are not only meant to restrict government action. Rather, legislation must be designed in such a way that the state’s task of guaranteeing the safety of all citizens can be fulfilled as effectively as possible. Consequently, the laws must, for example, define the responsibilities, organisational structures and powers of intelligence services in order to create optimum conditions for successful operations.

II. Intelligence law in Germany 1. Brief presentation of legal sources of intelligence law The following section is an overview of the different sources of intelligence law in the narrower sense. The oldest set of rules is the Federal Act on the Protection of the Constitution (Bundesverfassungsschutzgesetz, long title: Act Regulating the Cooperation between the Federation and the Federal States in Matters Relating to the Protection of the Constitution and on the Federal Office for the Protection of the Constitution [Gesetz über die Zusammenarbeit des Bundes und der Länder in Angelegenheiten des Verfassungsschutzes und über das Bundesamt für Verfassungsschutz – BVerfSchG])52 of 1950. While at the time of its creation it still focused on matters of organisational law, it has now become a modern law of intervention. It defines both the tasks and powers of the BfV and its cooperation with the state offices for the protection of the constitution. The Federal Act on the Protection of the Constitution underwent an important reform in 2015. The investigation of the crimes committed by the National Socialist Underground (Nationalsozialistischer Untergrund) terrorist organisation had revealed, among other things, significant shortfalls in the exchange of information between the offices for the protection of the constitution. As a result, the role of the BfV as central authority was considerably strengthened in Section 5 (2) of the Federal Act on the Protection of the Constitution.53 In addition, detailed provisions regarding the use of human sources by the intelligence services were included.54 40 Inseparably connected with the Federal Act on the Protection of the Constitution is the Federal Intelligence Service Act (Gesetz über den Bundesnachrichtendienst [BNDG])55. However, many of its provisions confine themselves to referring to related provisions of the Federal Act on the Protection of the Constitution. The Federal Intelligence Service Act is a comparatively new law. In effect since 1990, it defines the tasks and powers of the German foreign intelligence service. Its most recent major amendment dates back to 2016.56 The provisions included in the Federal Intelligence Service Act with the Act on Signals Intelligence Gathering in Germany of Foreigners Abroad (Gesetz zur Ausland39

52 Federal Law Gazette, BGBl. I 1990 at 2954, 2970, most recently amended by Article 2 of the Act of 30 June 2017 (BGBl. I 2017 at 2097). 53 Bundesministerium des Innern, Abschlussbericht der Bund-Länder-Kommission Rechtsterrorismus, 2013, 194 et seq.; 278 et seq.; Deutscher Bundestag, Drucksache 18/14600, 856 et seq. 54 See mn. 63 below. 55 Federal Law Gazette, BGBl. I 1990 at 2954, 2979, most recently amended by Article 4 of the Act of 30 June 2017 (BGBl. I 2017 at 2097). 56 See Gärditz, Deutsches Verwaltungsblatt 2017, 525 (525 et seq.); Graulich, Kriminalpolitische Zeitschrift 2017, 43 (43 et seq.); Huber, Zeitschrift für Rechtspolitik 2016, 162 (162 et seq.); Marxsen, Die Öffentliche Verwaltung 2018, 218 (222 et seq.).

486

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:32 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

Ausland-Fernmeldeaufklärung) of 23 December 2016 define the conditions under which the BND is allowed to monitor, from Germany, telecommunications between foreigners abroad. These provisions are probably unique by international standards. Another law which is inseparably connected with the Federal Act on the Protection of the Constitution is the Military Counterintelligence Service Act (Gesetz über den Militärischen Abschirmdienst [MADG])57. This law also largely confines itself to referring to the Federal Act on the Protection of the Constitution rather than containing substantial provisions of its own. Even Section 14 of the Military Counterintelligence Service Act, which defines the role of the BMAD on Bundeswehr operations abroad, only has a clarifying function, as according to this provision, intelligence activities abroad are the sole responsibility of the BND. The Federal Act on the Protection of the Constitution, the Federal Intelligence Service Act and the Military Counterintelligence Service Act contain authorisations to enact regulations that are inferior to parliamentary legislation in the hierarchy of norms. Based on Section 8 d (8) of the Federal Act on the Protection of the Constitution, for example, is the Intelligence Services Transmission Regulation (NachrichtendiensteÜbermittlungsverordnung [NDÜV])58. It establishes when and how private parties – e. g. an airline or a telecommunications provider – have to provide information to the intelligence services. An explicit authorisation to enact internal service regulations is contained in Section 8 (2), second sentence, Federal Act on the Protection of the Constitution, which, in accordance to Section 4 (1), third sentence, Military Counterintelligence Service Act, and Section 5, Federal Intelligence Service Act, applies to the BMAD and BND as well. According to this regulation, each of the three intelligence services of the Federal Government is obligated to issue a secret service regulation on intelligence methods, materials and instruments. With this authorisation, legislation steers a middle course. On the one hand, explicitly listing intelligence methods, materials and instruments in the text of the law does not seem to make much sense from an intelligence perspective. On the other hand, by fixing it in internal regulations, the term is meant to take at least some shape. The Article 10 Act (Act Restricting the Privacy of Correspondence, Posts and Telecommunications [Gesetz zur Beschränkung des Brief-, Post- und Fernmeldeverkehrs])59 contains a specific legal basis for the surveillance of correspondence, post and telecommunication.60 It authorises far-reaching clandestine restrictions of basic rights by the intelligence services of the Federal Government and of the federal states while at the same time defining control mechanisms. Section 15, Article 10 Act, for example, governs the establishment of the G10 Commission.61 More recent intelligence legislation includes the Counter-Terrorism Database Act (Antiterrordatei-Gesetz [ATDG])62 and the Right-Wing Extremism Database Act (Rechtsextremismus-Datei-Gesetz [RED-G])63. Both acts are meant to facilitate and accel57 Federal Law Gazette, BGBl. I 1990 at 2954, 2977, most recently amended by Article 3 of the Act of 30 June 2017 (BGBl. I at 2097). 58 Federal Law Gazette, BGBl. I 2012 at 2117, most recently amended by Article 3 of the Act of 23 December 2016 (BGBl. I 2016 at 3346). 59 Federal Law Gazette, BGBl. I 2001 at 1254, 2298; 2007 at 154 most recently amended by Article 12 of the Act of 14 August 2017 (BGBl. I 2017 at 3202). 60 See Zöller, Informationssysteme und Vorfeldmaßnahmen von Polizei, Staatsanwaltschaft und Nachrichtendiensten, 2002, 341 et seq. 61 See mn. 27 above and mn. 132 below. 62 Federal Law Gazette, BGBl. I 2006 at 3409, most recently amended by Article 10 of the Act of 14 August 2017 (BGBl. I 2017 at 3202). 63 Federal Law Gazette, BGBl. I 2012 at 1798, most recently amended by Article 11 of the Act of 14 August 2017 (BGBl. I 2017 at 3202).

Dietrich

487

41

42

43

44

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:32 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

erate the exchange of information between the security agencies.64 In 2012, the Federal Constitutional Court ruled parts of the Counter-Terrorism Database Act unconstitutional.65 The resulting amendment of 2014 continues to be discussed critically in specialist literature.66 45 The Act on the Parliamentary Oversight of the Intelligence Activities of the Federation (Gesetz über die parlamentarische Kontrolle nachrichtendienstlicher Tätigkeit des Bundes [PKGrG])67 is based on Article 45 d, Basic Law. According to Section 1 (1), Act on the Parliamentary Oversight of the Intelligence Activities of the Federation, the Parliamentary Oversight Panel is established. Its title already points to the direct subject of oversight: not the intelligence services themselves but the Federal Government is answerable to the Parliamentary Oversight Panel. Accordingly, the Act on the Parliamentary Oversight of the Intelligence Activities of the Federation is mainly aimed at establishing a political performance evaluation.68 46 Finally, German intelligence legislation comprises the Security Clearance Check Act (Sicherheitsüberprüfungsgesetz [SÜG])69. It lays down preventive measures of governmental security protection. The focus of the law is on the classification of sensitive information. Among others, it defines different levels of classification and lays down obligatory security clearance checks for personnel who are to be granted access to such classified matters. In this regard, the Security Clearance Check Act, together with its code of practice, is a counter-espionage instrument. 47 Besides the aforementioned federal legislation, there are numerous laws at federal state level. As a result of the provisions of legality included in the basic rights, every federal state office for the protection of the constitution works on its own legal basis. That is why there are 16 Acts on the Protection of the Constitution of the federal states. In terms of contents, the major part of them is largely based on the Federal Act on the Protection of the Constitution. In specific cases, though, they also differ considerably, a fact which can be explained by political majorities in the state parliaments. Thus, in some federal states, surveillance of organised crime is considered part of the mission of the offices for the protection of the constitution, while in other federal states this is an exclusive task of the criminal investigation police. There are also some major differences with respect to the powers granted. For example, the Federal State of Bavaria grants permission to execute online searches, whereas there is no such legal basis in any other federal state. The large number of relevant laws does not necessarily have a positive effect. Neither do the citizens enjoy a standard level of protection from state intervention, nor is it possible to guarantee effective cooperation of the offices for the protection of the constitution throughout Germany.

2. The intelligence services’ legal mandate 48

The tasks of the German intelligence services are explicitly regulated by law. In accordance with Section 3 (1) of the Act on the Protection of the Constitution, the BfV and the offices for the protection of the constitution of the federal states are responsible 64 See Stubenrauch, Gemeinsame Verbunddateien von Polizei und Nachrichtendiensten, 2008, 75 et seq. See also mn. 106 et seq. 65 BVerfGE 133, 277. 66 See Hörauf, Neue Zeitschrift für Verwaltungsrecht 2015, 181 (184 et seq.). 67 Federal Law Gazette, BGBl. I 2009 at 2346, most recently amended by Article 3 of the Act of 13 January 2017 (BGBl. I 2017 at 17). 68 See Dietrich, Zeitschrift für Rechtspolitik 2014, 205 (206). 69 Federal Law Gazette, BGBl. I 1994 at 867, most recently amended by Article 4 of the Act of 18 July 2017 (BGBl. I 2017 at 2732).

488

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:33 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

for collecting and analysing information on anti-constitutional activities70. Their responsibilities also include counter-espionage.71 As already mentioned, some federal states have extended this area of activity for their offices for the protection of the constitution. Thus, surveillance of organised crime72 and, in the East German states, observation of active remaining structures of the intelligence and counterintelligence services of the former GDR are part of their mission.73 The tasks of the BMAD laid down in Section 1, Military Counterintelligence Service 49 Act, correspond to those of the offices for the protection of the constitution. However, the surveillance of anti-constitutional activities by the BMAD as well as its counterespionage and counter-sabotage activities are limited to personnel, agencies and facilities under the auspices of the Federal Ministry of Defence. Accordingly, the BMAD can be considered the Bundeswehr agency for the protection of the constitution.74 The BND’s mission is laid down in Section 1 (2) of the Federal Intelligence Service 50 Act. It collects and analyses information of importance for foreign and security policy. This allocation of tasks must be interpreted widely. In particular, the BND’s focus is also on military information. In contrast to many other states, the Federal Republic does not operate a purely military intelligence service. Instead, the BND is tasked to gather and analyse defence intelligence. For that purpose, the BND employs about 800 soldiers.75 Their work largely relates to strategically important issues. In contrast, operational and tactical intelligence is provided by the Bundeswehr Military Intelligence Organisation, which is not an intelligence service.76 “Of importance for foreign and security policy” in accordance with Section 1 (2), Federal Intelligence Service Act, is also economic intelligence on foreign countries if relevant to Germany’s foreign trade activities. Industrial espionage to gain competitive advantages, however, is inadmissible in accordance with Section 6 (5), Federal Intelligence Service Act. The BND’s legal mandate of observation is specified by the Federal Government. Under the auspices of the Federal Chancellery, the federal ministries define what is referred to as the Mission Statement of the Federal Government (Auftragsprofil der Bundesregierung [APB])77. The APB identifies the thematic and regional focuses of the BND’s activities and sets priorities. It has a high security classification and is part of the core area of the Government’s executive autonomy, which is withheld from Parliament and from the public. The APB is seen critically by some parliamentarians.78 Limitation to the collection and analysis of information is an essential feature of the 51 German intelligence services’ mission. If legislation uses the term “collection”, this goes beyond the passive receipt of information. Rather, it is an active process, including the 70

Cf. mn. 8 above. See Droste, Handbuch des Verfassungsschutzrechts, 2007, 125 et seq. 72 See Singer, Die rechtlichen Vorgaben für die Beobachtung der Organisierten Kriminalität durch die Nachrichtendienste der Bundesrepublik Deutschland, 2002, 168 et seq.; Zöller, Informationssysteme und Vorfeldmaßnahmen von Polizei, Staatsanwaltschaft und Nachrichtendiensten, 2002, 329 et seq. 73 See Warg, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, V § 1, mn. 58 a et seq. 74 Cf. Warg, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, V § 1, mn. 78. 75 Cf. Bundesnachrichtendienst, Der Auslandsnachrichtendienst Deutschlands, 34, http://www.bnd. bund.de/DE/Service/Downloads/Dateien/BND_Broschuere_Sep_2016.pdf?__blob=publicationFile&v=3 (15 July 2018). 76 See mn. 22 above. 77 See Dietrich, in: Schenke/Graulich/Ruthig, Sicherheitsrecht des Bundes, 2018, BNDG, § 6 mn. 18; Bareinske, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, V § 8, mn. 80 et seq. 78 Deutscher Bundestag, Drucksache 18/9142, 6. 71

Dietrich

489

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:33 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

use of all available intelligence methods, materials and instruments. Preparatory and follow-up measures are also considered part of the collection of information. For example, the technical support the BND provides to a foreign intelligence service is considered part of its legal mandate as long as it furthers a close exchange of information (“do ut des”).79 Paying sources for the information provided is also to be understood as collection as defined in the act. In contrast to that, the term “analysing” refers to subsequent steps in the intelligence cycle, i. e. the evaluation, storage, processing and transmission of information.80 52 What is striking is that the legal mandate of the German intelligence services is relatively limited by international standards. The German intelligence services do not have any police powers. The law expressly lays this down. For example, according to Section 1 (1), first sentence of the Federal Intelligence Service Act, the BND must not be attached to a police authority. Section 2 (3), Federal Intelligence Service Act, establishes that it has no police powers. BND personnel are not allowed to arrest or search anyone. The BND does not run prisons either. This way, the laws establish a separation in terms of organisation, personnel and functions between police authorities and intelligence services.81 Literature partly attributes this to the aforementioned separation rule, which is derived from the constitution and for whose existence there are good reasons.82 However, so far the Federal Constitutional Court has merely confirmed an (informational) separation rule, stating that information from intelligence services and police authorities must be collected and stored separately in principle.83 Information can only be exchanged in exceptional cases.84

3. Powers of the intelligence services 53

Powers cannot be automatically derived from the legal mandate. In its ruling on the national census, the Federal Constitutional Court clearly stated that every state intervention into basic rights requires a sufficiently specified legal basis.85 As a consequence, the services’ mandates and their powers are always addressed separately in German laws.86 The most important powers of the German intelligence services are discussed below.

a) Requests for information from the private sector 54 If intelligence services require information about third parties from private enterprises, this may represent an interference with different basic rights, which can only be justified pursuant to a law.87 For example, a query from the BfV to an airline whether a particular passenger was on board a particular aircraft would affect the (passenger’s) basic right to informational self-determination. The German intelligence services were only granted an explicit legal authorisation to request information with the counter79 Cf. Bareinske, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, V § 8, mn. 97. 80 Cf. Droste, Handbuch des Verfassungsschutzrechts, 2007, 50. 81 See Gazeas, Übermittlung nachrichtendienstlicher Erkenntnisse an Strafverfolgungsbehörden, 2014, 58 et seq.; Thiel, Die Entgrenzung der Gefahrenabwehr, 2011, 367 et seq. 82 Cf. Thiel, Die Entgrenzung der Gefahrenabwehr, 2011, 385; Brandt, Das Bundesamt für Verfassungsschutz und das strafprozessuale Ermittlungsverfahren, 2015, 329; Zöller, Informationssysteme und Vorfeldmaßnahmen von Polizei, Staatsanwaltschaft und Nachrichtendiensten, 2002, 317 et seq. 83 BVerfGE 133, 277 (329). 84 See mn. 106 et seq. 85 BVerfGE 65, 1 (44). 86 See Schwabenbauer, Heimliche Grundrechtseingriffe, 2013, 26 et seq. 87 See Gärditz, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, Boorberg 2017, VI § 1, mn. 9 et seq.

490

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:34 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

terrorism legislation of 2002 and 2007. The new provisions are included in Section 8 a through 8 c of the Federal Act on the Protection of the Constitution. Through references, they also apply to the BND and to the BMAD. Pursuant to Section 8 a (1), Federal Act on the Protection of the Constitution, the 55 intelligence services of the Federal Government are allowed to request information on contractual relationships from internet service providers (such as chat forums, online banking, internet shops). The prerequisite is that the information is necessary for the fulfilment of the intelligence mission and that there are specific indications of serious threats to the state, its citizens or its constitutional order. According to Section 8 a (2), Federal Act on the Protection of the Constitution, the services may request information from airlines and travel tour operators, banks and other financial service providers as well as providers of telecommunication services (such as telephone companies). The law specifies exactly which data may be requested. For example, banks must provide information on account holders, cash movements or deposits. Information requests are only admissible under the conditions described above. The procedure for a request of information is governed by Section 8 b, Federal Act on 56 the Protection of the Constitution, in connection with the Intelligence Services Transmission Regulation.88 To begin with, the authority to submit requests for information is reserved to the head of the agency concerned. This means that only the director of an intelligence service or his deputy is authorised to submit a request for information from a private enterprise to the competent ministry. This is meant to ensure that all expert bodies within the intelligence service have already duly examined the necessity of the request. The ministry will then decide on the request. If it accepts the reasoning, it will approach the private enterprise with the request for information. Prior to that, however, it has to inform the G10 Commission about the request in accordance with Section 8 b (2), Federal Act on the Protection of the Constitution. In case of imminent danger, the G10 Commission may be informed subsequently. The Commission has comprehensive powers of control. It checks the legitimacy and necessity of the request for information. If it comes to the conclusion that the information cannot be obtained lawfully or is not necessary, the ministry may not approach the private enterprise. With a closer look at this complicated procedure it seems disproportionate to the overall gain, at least in case of minor restrictions of basic rights. b) Use of intelligence methods, materials and instruments An essential feature of the German intelligence services’ activities is the use of 57 intelligence methods, materials and instruments.89 In this regard, they differ from police authorities. The activities of the intelligence services of the Federal Government are based on Sections 8 (2), 9, 9a and 9b of the Federal Act on the Protection of the Constitution. For the intelligence services of the Federal States, there are similar regulations in state law. The Federal Act on the Protection of the Constitution does not contain a definition of 58 intelligence methods, materials and instruments. Section 8 (2) only gives examples. The law states ‘surveillance, image and sound recordings’, ‘cover license plates for cars’ or ‘human sources’ as potential intelligence methods, materials and instruments. Pursuant to Section 8 (2), sentence 2, Federal Act on the Protection of the Constitution, an exhaustive definition of all methods, materials and instruments is to be specified in an

88

Cf. mn. 42. Cf. Brandt, Das Bundesamt für Verfassungsschutz und das strafprozessuale Ermittlungsverfahren, 2015, 49. See also mn. 10 above. 89

Dietrich

491

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:34 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

internal service regulation of the respective intelligence service.90 Sections 9, 9a and 9b of the Federal Act on the Protection of the Constitution specify under which conditions the services are allowed to use intelligence methods, materials and instruments. aa) Intelligence legislation general clause. Intelligence methods, materials and instruments may only be used if the conditions specified in Section 9 (1), Federal Act on the Protection of the Constitution, are met. This provision is referred to as the ‘intelligence legislation general clause’.91 It contains general requirements that apply to all intelligence methods, materials and instruments. For methods, materials and instruments that interfere very strongly with basic rights, additional provisions are included in follow-up regulations (e. g. Section 9b, Federal Act on the Protection of the Constitution). Pursuant to Section 9 (1), sentence 1, Federal Act on the Protection of the Constitution, the use of intelligence methods, materials and instruments is allowed if specific indications give reason to believe that – intelligence on anti-constitutional activities can be gained in this way or – human sources to investigate anti-constitutional activities can be won or – the methods, materials and instruments are required for counter-espionage purposes. 60 On closer inspection, it becomes clear that these requirements do not present a major obstacle for the use of intelligence methods, materials and instruments. The law does not require a criminal offence to be committed, nor does it require a specific danger to be averted. Yet the low threshold for intervention is justified because intelligence services operate well in advance of actual dangers and crimes. They are supposed to identify potential risks as early as possible. In contrast, averting dangers or prosecuting crimes falls within the competence of the police in Germany. Strikingly, the wording of the law is geared to the work of the BfV. Section 5, Federal Intelligence Service Act, and Section 5, Military Counterintelligence Service Act, however, establish that Sections 9, 9a and 9b, Federal Intelligence Service Act, apply analogously to the BND and the BMAD. This causes some difficulties in practice. Especially with regard to the BND, it is difficult to judge the scope of the analogy. One would not exactly call this legal certainty. 61 A use of intelligence methods, materials and instruments that does not strongly interfere with basic rights can be solely based on Section 9 (1), sentence 1, Federal Act on the Protection of the Constitution. This applies, for example, to means of technical surveillance such as night vision imaging systems, direction-finding transmitters or GPS detection systems. Clandestine video tape recording or photo shoots may count among the methods as defined in Section 9 (1), sentence 1, Federal Act on the Protection of the Constitution, as long as they take place outside of homes. Further examples include: cover license plates for cars, cover names for intelligence services personnel, false passports or driving licenses. In addition, the employment of human sources can be based on the general clause in exceptional cases. This applies to sources who are meant to provide information only once, or only on simple facts (Informant). Even persons who do not directly belong to the political environment observed (e. g. bouncers, taxi drivers or landlords) and are only contacted occasionally by the intelligence services may be employed on the basis of Section 9 (1), sentence 1, Federal Act on the Protection of the Constitution (Gewährsperson).92 59

90

Cf. mn. 42. Cf. Gazeas, Übermittlung nachrichtendienstlicher Erkenntnisse an Strafverfolgungsbehörden, 2014, 48; Droste, Handbuch des Verfassungsschutzrechts, 2007, 225. 92 See Dietrich in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 2, mn. 16 et seq.; Droste, Handbuch des Verfassungsschutzrechts, 2007, 266 et seq.; Gazeas, Übermittlung nachrichtendienstlicher Erkenntnisse an Strafverfolgungsbehörden, 2014, 100 et seq. 91

492

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:34 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

The general clause is somewhat restricted by the rule of proportionality, which is 62 expressly mentioned in Section 9 (1), sentence 2, Federal Act on the Protection of the Constitution. Strictly speaking, the provision is merely declaratory. The necessity of proportionality of state measures follows directly from the principle of the rule of law of the German constitution. Section 9 (1), sentence 2, only specifies this requirement. Accordingly, the use of intelligence methods, materials and instruments would be disproportionate (and thus not permissible) if the relevant facts could be obtained in a way less intrusive for the affected individual. bb) Human intelligence. The employment of human sources can sometimes con- 63 stitute a severe infringement of basic rights.93 This concerns, for example, the use of sources who are specifically inserted into an object of surveillance using a legend and who operate for the intelligence services for a long period of time. Within the network of offices for the protection of the constitution, such sources are referred to as Vertrauenspersonen or V-Personen (confidential informants). These confidential informants are not employees of the intelligence services. Rather, they often have a criminal or even anti-constitutional background. As a rule, they only provide information for money. A civil servant of the intelligence service referred to as V-Personenführer (confidential informant handler) is responsible for directing and monitoring the confidential informant. The permanent employment may result in severe infringements of the right to informational self-determination. To give an example: the BfV has recruited a confidential informant from an extremist milieu. His fellows have no suspicion. Over the years, they reveal a lot of private information to the confidential informant, who passes part of it on to the intelligence service. For such cases, a specific legal basis has been included in the Federal Act on the 64 Protection of the Constitution in 2015.94 Section 9 (2) of the Federal Act on the Protection of the Constitution establishes strict requirements for the selection of confidential informants. First of all, the recruitment of minors is not allowed. Likewise, members of a parliament or individuals who have been sentenced to long prison terms are not eligible as confidential informants. Also, from Section 9b (2) No 2, Federal Act on the Protection of the Constitution, it follows that the remuneration the confidential informant receives must not be so high that he or she can live on it alone. According to Section 9b (1) in connection with Section 9a (2), sentence 2, Federal Act on the Protection of the Constitution, confidential informants must not be employed to initiate or exert a controlling influence on anti-constitutional activities. This provision is based on a decision of the Federal Constitutional Court. The court pointed out that an extremist party could not be banned as long as members of the party leadership act as confidential informants for the authorities for the protection of the constitution.95 Here, an influence of the state could not be ruled out. Section 9a, Federal Act on the Protection of the Constitution, applies to the use of 65 undercover agents of the authorities for the protection of the constitution. Compared to confidential informants, they allow for even more severe infringements of basic rights as in that case information collection by the state is done directly by an intelligence service official. Undercover agents are rarely used in practice, though, since their work involves high risks and costs.96 In addition, insertion of an external individual into a target 93 See Dietrich in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 2, mn. 95 et seq. 94 See Deutscher Bundestag, Drucksache 18/4654, 18 et seq. 95 BVerfGE 107, 339 (366 et seq.). 96 See Dietrich in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 2, mn. 30 et seq.

Dietrich

493

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:35 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

organisation is sometimes severely hampered by the nationality, language or ethnic affiliation of its members. 66 Moreover, the new provisions in Sections 9a and 9b, Federal Act on the Protection of the Constitution, establish limits for the employment of confidential informants and undercover agents in terms of criminal law. It was mainly case law that had urged lawmakers to establish legal regulations on admissible criminal offences during clandestine operations. The Oberlandesgericht (Higher Regional Court) of Düsseldorf had sentenced the source of an intelligence service to prison for his membership in a terrorist organisation in spite of the fact that he had reliably provided the intelligence service with important information.97 To prevent such verdicts, Section 9a, Federal Act on the Protection of the Constitution, in the amended version of 2015, provides for the indemnity from prosecution of covert human sources under specific circumstances. This applies for example to organisation-related criminal offences such as membership in a terrorist organisation or criminal offences that can be expected in a particular environment. As a last resort, criminal proceedings against a confidential informant or an undercover agent may even be dismissed by the public prosecutor’s office in accordance with Section 9a (3), Federal Act on the Protection of the Constitution. 67 Some of the federal states have issued similar regulations regarding the use of human sources by their offices for the protection of the constitution. Individual provisions, however, differ considerably from those at federal level. cc) Surveillance of Private Homes. In Germany, the privacy of the home is explicitly guaranteed by the Constitution. The basic right to inviolability of the home is laid down in Article 13 (1) of the Basic Law. Against his will or without his consent, public authorities may only enter and/or use technical means of surveillance in the home of a citizen in exceptional cases. The basic right also includes the protection from interventions from outside, e. g. by directional microphones or thermal imaging cameras.98 69 In its rulings, the Federal Constitutional Court repeatedly considered the privacy of the home as being related to the protection of human dignity as defined in Article 1 (1) of the Basic Law.99 The possibility of expressing inner processes – such as impressions and feelings as well as reflections, views and experiences of a highly personal nature – belonged to the free development of personality and should be possible without fear of state surveillance. Often, this was only possible in a private home. It was a “last refuge” for safeguarding human dignity. The state was absolutely excluded from the related “core area of private life” (Kernbereich privater Lebensgestaltung). Precautions should be made to prevent any risks to this core area.100 This jurisdiction again tightens the constitutional requirements regarding the surveillance of private homes. 70 A legal basis for interventions in the right to the inviolability of the home is contained in Section 9 (2), Federal Act on the Protection of the Constitution. Accordingly, the BfV (and, by reference, the BND and the BMAD as well) is allowed to adopt acoustic and optical surveillance measures under the following conditions: – if they are indispensable to ward off imminent general dangers or – if they are indispensable to ward off imminent dangers to individual persons’ lives or – if police support cannot be obtained in time. 68

97

Oberlandesgericht Düsseldorf, Neue Zeitschrift für Strafrecht 2013, 590 (590 et seq.). See Schwabenbauer, Heimliche Grundrechtseingriffe, 2013, 75 et seq.; Gazeas, Übermittlung nachrichtendienstlicher Erkenntnisse an Strafverfolgungsbehörden, 2014, 114 et seq.; Löffelmann, in: Dietrich/ Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 3, mn. 34 et seq. 99 BVerfGE 109, 279 (313); 130, 1 (22). 100 BVerfGE 109, 279 (313). 98

494

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:35 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

If, and the extent to which, these conditions are met will be decided by a judge 71 pursuant to Section 9 (2), sentence 3, Federal Act on the Protection of the Constitution. The judge must issue a warrant for the surveillance of the private home. For the BfV, jurisdiction lies with a judge at the District Court of Cologne. In the case of imminent danger, the head of the BfV may also issue a warrant for the surveillance operation. In that case, the judicial decision shall be sought afterwards without delay. What, at first glance, looks like a meaningful containment of state surveillance powers 72 proves to be a gigantic legislative mistake on closer inspection. The prerequisites established in Section 9 (2), Federal Act on the Protection of the Constitution, relate to police tasks but not to the intelligence services’ mandate. Against the backdrop of the above-mentioned separation rule, the task of warding off imminent dangers is precisely what the intelligence services are not responsible for. It is also hardly ever conceivable in practice that the police authorities cannot be reached. Thus, there is actually no application for Section 9 (2), Federal Act on the Protection of the Constitution.101 It is therefore not surprising that the surveillance of private homes by the intelligence services of the Federal Government is not mentioned in the reports of the parliamentary oversight boards. With a view to these unfortunately worded legal requirements, Bernadette Droste refers to a “de facto prohibition” of the surveillance of private homes by the intelligence services.102 From a perspective of security policy, this limitation of the intelligence services’ powers is extremely concerning. Lessons learned from criminal prosecution clearly reveal that the surveillance of private homes provides for important findings to be gained on otherwise inaccessible groups or organisations.103 There is no doubt that putting the prerequisites for interferences with Article 13 (1) 73 of the Basic Law into legal form is a great legislative challenge. The legislation of the federal states however shows that it is possible to draft provisions that are in conformity with the constitution. The legislation of the Federal States pertaining to the protection of the constitution takes the rulings of the Federal Constitutional Court on the core area of private life into account without stretching the requirements for the surveillance of private homes to absurd levels. For example, Section 10 of the Act on the Protection of the Constitution of Lower Saxony establishes a stage model. (1) Accordingly, data collection is inadmissible if there are actual indications that this may involve data which are to be attributed to the core area of private life. (2) If, during an ongoing surveillance, there are actual indications that data from the core area of private life are collected, the surveillance must be interrupted. Collected data must be deleted. In practice this means that eavesdropping by state authorities in a private home is indeed legal. Conversations about criminal offences or political actions are not considered worthy of protection. The core area is only considered affected in cases where intimate issues are registered. dd) IMSI catcher. Another means of intelligence collection is particularly highlighted 74 in Section 9 (4), Federal Act on the Protection of the Constitution.104 According to this provision, the intelligence services of the Federal Government are allowed to use what is referred to as IMSI catchers to track the location of mobile phones or identify serial numbers and card codes. Legal requirements are high. Section 9 (4), Federal Act on the Protection of the Constitution, establishes that the measure shall only be admissible 101 Cf. Löffelmann, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 3, mn. 43. 102 Cf. Droste, Handbuch des Verfassungsschutzrechts, 2007, 316. 103 Cf. Löffelmann, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 3, mn. 35. 104 See Droste, Handbuch des Verfassungsschutzrechts, 2007, 328 et seq.; Löffelmann, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 5, mn. 67 et seq.

Dietrich

495

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:36 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

– if the use of the IMSI catcher is necessary for the fulfilment of the intelligence mission and there are concrete indications of serious threats to the state, its citizens or its constitutional order; – if tracking the location or identifying serial numbers and card codes was not possible in any other way; – if it is directed against an individual who is involved in establishing or maintaining a serious threat. 75 The use of an IMSI catcher is subject to the consent of the Federal Ministry of the Interior, which must be requested by the head of the intelligence agency or his or her deputy. The G10 Commission shall be involved in accordance with Section 8 b, Federal Act on the Protection of the Constitution.105 After completion of the measure, the individual concerned must be notified unless this would threaten the purpose of the measure. 76 The intelligence services of the Federal Government make occasional use of IMSI catchers. For the year 2014, for example, the reports of the parliamentary oversight boards recorded 18 IMSI catcher operations.106 c) Surveillance of Correspondence, Posts and Telecommunications (Signals Intelligence) 77 The Basic Law establishes that restrictions of the privacy of correspondence, posts and telecommunications in accordance with Article 10 are only admissible in exceptional cases and must be based on a corresponding law. Obviously, the main priority in this context is the privacy of telecommunications. First and foremost, the privacy of telecommunications refers to the contents of communications. In addition, it relates to the circumstances of communications, e. g. who spoke to whom and for how long. 78 Restrictions on the privacy of telecommunications imposed by the German intelligence services are most often based on the Article 10 Act (G10). The latter puts the constitutional provision of legality as laid down in Article 10 (2) of the Basic Law into specific terms. It allows for restrictions in individual cases (“monitoring of individuals”) as well as restrictions for bulk international telecommunications traffic (“strategic surveillance”). The Article 10 Act is the legal basis for measures of all German intelligence services. Apart from the Article 10 Act, there are legal provisions regarding signals intelligence gathering in Germany of foreigners abroad as well as on telecommunications surveillance at the source107. 79

aa) Monitoring of individuals. The prerequisites for the surveillance of individual telecommunications are established in Sections 3 and 4, Article 10 Act. In 2015, the intelligence services of the Federal Government carried out 193 operations on this legal basis.108 Monitoring telecommunications requires the cooperation of the providers of telecommunication services. Section 2, Article 10 Act, obligates companies like Deutsche Telekom AG or German Vodafone GmbH (as an affiliate of the British Vodafone Group) to make it possible for the authorities to monitor and record telecommunications. Details are laid down in the Telecommunications Interception Ordinance (Telekommunikations-Überwachungsverordnung [TKÜV])109. 105

See mn. 56 above. Cf. Deutscher Bundestag, Drucksache 18/7424, 9. 107 See mn. 102 below. 108 Cf. Deutscher Bundestag, Drucksache 18/11227, 5. 109 Federal Law Gazette, BGBl. I 2017 at 2316, most recently amended by Article 16 of the Act of 17 August 2017 (BGBl. I 2017 at 3202). 106

496

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:36 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

Pursuant to Section 3 (1) in connection with Section 1 (1) para 1, Article 10 Act, the following prerequisites must be met to impose restrictions on the privacy of individual telecommunications110: – imminent danger to the free democratic basic order or – imminent danger to the existence or security of the Federation or of a federal state, – concrete indications of serious crimes. “Imminent danger” according to Section 1 (1) para 1 is a pre-stage of danger as defined in police legislation. It merely presupposes a general threat situation that, if it occurred, would have existential consequences for the state and society. The free democratic basic order comprises the fundamental principles of the constitutional order set forth in the Basic Law, such as the protection of basic and human rights, the separation of powers, the independence of the courts, the sovereignty of the people, and the principle of legality. In contrast, the term “existence of the Federation or of a federal state” has to be understood in terms of international law. In this context, the state’s unity and capacity to act as well as its territorial integrity are to be protected. Finally, the “security of the Federation or of a federal state” is endangered by attacks on Germany’s political system and its institutions. Beyond imminent danger, Section 1 (1), Article 10 Act, provides that specific indications must give rise to the suspicion that a person is committing or has committed serious crimes as defined in the German Penal Code (Strafgesetzbuch [StGB])111. Relevant crimes listed in Section 3 (1), Article 10 Act, include crimes posing a threat to the state such as high treason (Sections 81, 82, Penal Code), treason (Section 94, Penal Code) or sabotage against national defence (Section 109e, Penal Code). There are also crimes on the list that are not directly related to state security (e. g. murder as defined in Section 211, Penal Code). Given the rule of separation between intelligence and police tasks112, this is not without problems because in Germany the responsibility for preventing and prosecuting specific acts of violence actually falls to the police.113 Finally, Section 3 (2) sentence 1, Article 10 Act, once again expressly provides that the surveillance operation must comply with the principle of proportionality. This provision only serves a clarifying purpose, as the rule of proportionality is already laid down in the Basic Law. This means that a citizen’s telecommunications may only be monitored if the information in question cannot be obtained by any other means. There is an obligation to constantly review whether less restrictive methods for citizens exist. Section 3 a, Article 10 Act, governs the protection of the core area of private life.114 The provision takes into account the more recent case law of the Federal Constitutional Court, according to which, in a narrow core area, the free development of the individual’s personality (e. g. expressing feelings or one’s sexuality) must be protected from state influence.115 The German legislature took into consideration that telecommunications surveillance might affect this core area. According to Section 3 a sentence 1, Article 10 Act, telecommunications surveillance is not permissible if it is clear beforehand that the conversation only contains information from the core area of the private sphere. This 110 See Löffelmann, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 4, mn. 12 et seq.; Zöller, Informationssysteme und Vorfeldmaßnahmen von Polizei, Staatsanwaltschaft und Nachrichtendiensten, 2002, 347 et seq. 111 Federal Law Gazette, BGBl. I 1998 at 3322, most recently amended by Article 1 of the Act of 30 October 2017 (BGBl. I 2017 at 3618). 112 See mn. 2 and mn. 52 above. 113 Cf. Löffelmann, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 4, mn. 38. 114 See mn. 69. 115 BVerfGE 109, 279 (318 et seq.).

Dietrich

497

80

81

82

83

84

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:37 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

requirement is symbolic. In practice, there will hardly ever be a case in which the contents of communication, e. g. of a telephone conversation, can be predicted exactly.116 According to Section 3 a, sentence 2, Article 10 Act, surveillance is to be interrupted as soon as it becomes apparent that most intimate personal information is exchanged (e. g. telephone conversation on sexual preferences). However, there must be specific indications that communication will take this course. Even the repeated use of terms such as “marriage” or “family” does not necessarily trigger an interruption. What counts is the overall orientation of the conversation. In the case of ambiguity, the surveillance operation may be continued. Automated recordings must be submitted immediately to a member of the G10 Commission who decides on their exploitation or deletion. No matter how meaningful this provision may be from a rule of law perspective, it will be difficult to implement in practice. In most instances, it will be hard to judge when exactly the threshold to the core area of private life has been crossed. 85 Section 3 b, Article 10 Act, governs the protection of individuals who are bound by professional secrecy. Accordingly, clergymen or lawyers must not be monitored by the intelligence services unless they themselves are suspects or supporters of criminal offences. 86 The procedure to be adopted for monitoring individuals is laid down in Section 10, Article 10 Act. The head of the intelligence service must request the consent of the Federal Ministry of the Interior. The Ministry will thoroughly examine the request and then issue a warrant for the surveillance operation. The warrant must contain all information that allows for a subsequent legal review (such as the target person, the reasons for the surveillance operation, its duration). Before enforcing the surveillance operation, the G10 Commission must be informed. It will verify the legality of the warrant and may declare it inadmissible. In case of imminent danger, the surveillance operation may be enforced prior to notifying the G10 Commission. Pursuant to Section 12, Article 10 Act, the monitored individual must be informed by the intelligence services once the operation is completed. This is to ensure that, at least retrospectively, the party concerned is given the opportunity to have the operation reviewed by a court. Notification of the party concerned may only be waived in exceptional cases. 87

bb) Strategic surveillance. In contrast to the monitoring of individuals, only one German intelligence service has the authority to carry out strategic surveillance operations. Pursuant to Section 5, Article 10 Act, only the BND is entitled to use search strings to filter out and exploit individual conversations from a large number of different telecommunication connections.117 To that end, selectors are defined in the first stage. Selectors are formal search strings such as telephone numbers or email addresses or content-related search strings such as relevant terms used in the respective milieu. They are entered into a word database, which allows for an automatic filtering of a specific portion of the telecommunications traffic. Only communications related to foreign countries (from and to Germany) are recorded.118 116 Cf. Löffelmann, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 4, mn. 52. 117 See Zöller, Informationssysteme und Vorfeldmaßnahmen von Polizei, Staatsanwaltschaft und Nachrichtendiensten, 2002, 350 et seq.; Löffelmann, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 4, mn. 116 et seq.; Gazeas, Übermittlung nachrichtendienstlicher Erkenntnisse an Strafverfolgungsbehörden, 2014, 178 et seq. 118 In the case of wired telecommunications, the relation to foreign countries is easily ascertainable. In case of packet communications via the internet, additional clues are required to reveal the relation to foreign countries (e. g. language, server location or domain name).

498

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:37 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

Section 5, Article 10 Act, does not provide for the monitoring of individual telecommunication connections in Germany and those of German nationals abroad. The legal basis for operations of this kind is provided in Section 3, Article 10 Act. Filtered data streams are reviewed by BND analysts for their intelligence relevance and further utilised. Irrelevant data are deleted.119 Strategic telecommunications surveillance is often viewed critically by the political public and in specialist literature. Thus, Frederik Roggan uses the term Staubsaugerfahndung (“vacuum-cleaner search”).120 A look at the figures shows that this criticism is not justified. In 2014, for example, the number of telecommunication connections filtered out by means of search strings as part of counterterrorism operations amounted to no more than 14,604, only 63 of which proved to be of relevance for the intelligence services.121 This is not what would go by the name of nationwide monitoring. One might say that the BND uses a high-precision harpoon rather than a dragnet.122 The legal prerequisites for strategic telecommunications surveillance are laid down in Section 5 in connection with Section 1(1), Article 10 Act. They include: – imminent danger to the free democratic basic order or – imminent danger to the existence or security of the Federation or of a federal state or – a risk of an incident as defined in Section 5 (1) paras 2 to 8, Article 10 Act, or – a crisis situation as defined in Section 8 (1), Article 10 Act. Relevant in practice are the risks of incidents as defined in Section 5 (1) para 2 to 8, Article 10 Act. In line with these provisions, telecommunications surveillance is admissible, for example, if there is a risk – of international terrorist attacks with a connection to the Federal Republic of Germany (para 2) or – of illegal proliferation in cases of substantial importance (para 3) or – of the illegal introduction of narcotics into the territory of the European Union in cases of substantial importance (para 4) or – of the illegal smuggling of foreign persons by professional organisations or organised gangs in cases of substantial importance (para 7) or – of cyber attacks in cases of substantial importance (para 8). In exceptional cases, strategic surveillance can also be based on Section 8 (1), Article 10 Act. According to this provision, strategic surveillance is also admissible in crisis situations endangering the life and limb of a person abroad as a result of which the interests of the Federal Republic of Germany are directly affected in a particular way. This provision goes back to the kidnapping of German citizens in the Philippines in the year 2000.123 Its main purpose is to support the Government’s crisis management efforts in case German citizens are taken hostage abroad.124 Section 8 (3), Article 10 Act, contains a very strict subsidiarity clause according to which, in particular, surveillance is only admissible in case there are no other assets available on the spot or they cannot be efficiently used.

119 Cf. Löffelmann, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 4, mn. 116. 120 Cf. Roggan, Artikel 10-Gesetz, 2012, § 5, mn. 1. 121 Cf. Deutscher Bundestag, Drucksache 18/11227, 8. 122 See Gutschker/Wehner, Schleppnetz und Harpune, Frankfurter Allgemeine Zeitung, 22.06.2013, http://www.faz.net/aktuell/politik/abhoerprogramme-schleppnetz-und-harpune-12240495.html (15 July 2018). 123 See Deutscher Bundestag, Drucksache 14/8312, 6. 124 See Löffelmann, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 4, mn. 138.

Dietrich

499

88

89

90

91

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:38 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

For strategic surveillance operations, the requirements for the protection of the core area of private life pursuant to Section 5 a, Article 10 Act, apply. The provision, however, essentially confines itself to referring to Section 3 a, Article 10 Act.125 93 As a first stage in the strategic surveillance process, the telecommunication connections to be monitored are identified. With the consent of the Parliamentary Oversight Panel, the Federal Ministry of the Interior defines specific areas and transmission paths. In addition, it sets forth what proportion of the communication traffic shall be monitored. Pursuant to Section 10 (4), Article 10 Act, only 20 percent of the transmission capacity available on a specific transmission path may be monitored. This is to prevent a complete exploration of telecommunication connections. Beyond that, the procedure does not differ from the procedure for the monitoring of individuals: the BND requests the consent of the Federal Ministry of the Interior for conducting a surveillance operation with specific search strings. The search strings must be suitable for gathering information on the above-mentioned dangers and risks.126 The Ministry will examine the request and may then issue a warrant for the surveillance operation on that basis. Before conducting the surveillance operation, the G10 Commission must agree to the warrant (to the search strings, in particular) pursuant to Section 15 (6), Article 10 Act. In the case of imminent danger, the Ministry has a competence for urgent decisions. Approval of the G10 Commission must be obtained immediately afterwards. All persons whose rights – as laid down in Article 10 (1), Basic Law – have been interfered with must subsequently be informed of the surveillance operation pursuant to Section 12 (1), Article 10 Act.127 92

cc) Telecommunications surveillance of foreigners abroad. The provisions included in the Federal Intelligence Service Act in December 2016128 are likely to be unique by global standards. The new provisions relate to the surveillance of telecommunications traffic abroad by the BND (surveillance of foreigners abroad – Ausland-Ausland-Fernmeldeaufklärung). Thus, foreign espionage is given a legal basis in Germany and placed under the control of an independent committee. Telecommunications surveillance of foreigners abroad accounts for by far the largest share of the BND’s signal intelligence activities (about 90 percent)129. That is why it is referred to as “routine surveillance”. It differs from the monitoring of individuals and strategic surveillance in the following regard: neither natural persons in Germany nor German citizens or German legal entities abroad may be monitored. However, it should be noted that, pursuant to EU law, foreign legal entities in other EU countries must be treated like German legal entities. 95 Routine surveillance as defined in Section 6 et seq., Federal Intelligence Service Act, is always carried out from German territory. In technical terms, this means that the BND accesses wired transit connections, for example at the German internet exchange point DE-CIX in Frankfurt am Main.130 Accessing satellite-based connections is, however, also possible.131As for strategic surveillance, formal and content-related search strings are used. In doing so, the BND sometimes cooperates with foreign intelligence services. As a result of the 2016 amendment, Section 13, Federal Intelligence Service Act, establishes special requirements for international cooperation in such cases. This provision was 94

125

Cf. mn. 84. See mn. 89 et seq. 127 Cf. mn. 86. 128 Federal Law Gazette, BGBl. I 2016 at 3346. 129 Cf. Dietrich, in: Schenke/Graulich/Ruthig, Sicherheitsrecht des Bundes, 2018, § 6 BNDG, mn. 2. 130 See Papier, Neue Zeitschrift für Verwaltungsrecht 2016, 1 (1 et seq.). 131 See Löffelmann, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 4, mn. 171. 126

500

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:38 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

based not least on the findings of the German Bundestag‘s committee of inquiry into the NSA.132 Its investigations revealed that the US intelligence service NSA had provided the BND with search strings related, among others, to institutions of the European Union as well as to senior officials from neighbouring EU states. The new provisions are meant to prevent that kind of abuse of the BND’s reconnaissance capacities. Integrating routine surveillance in the Federal Intelligence Service Act can be 96 considered the Solomonic solution of a constitutional debate in legal literature.133 The debate relates to the question if foreigners can invoke the basic rights set forth in the German constitution in case they are affected by German surveillance operations abroad. If foreigners were actually entitled to the basic rights set forth in the Basic Law, the intelligence services would need a legal basis establishing detailed requirements for surveillance operations abroad. This view is strongly rejected by some legal experts.134 In their opinion, the basic rights can only be invoked on German territory and/or by German citizens. It is not surprising that so far the Federal Government and German lawmakers have also held this opinion. A more recent opinion, however, assumes that foreigners abroad also enjoy German basic rights in case they are affected by the activities of German state authority.135 This view has received more and more support in recent years. The provisions included in the Federal Intelligence Service Act in 2016 solve this debate in legal literature by a compromise. On the one hand, Section 6 et seq., Federal Intelligence Service Act, establishes a clear legal basis for routine surveillance. The absence of an explicit reference to Article 10, Basic Law, however, gives reason to believe that the previous legal interpretation has not been abandoned. A closer look at the new provisions reveals that a thoroughly sensible solution has 97 been found. In fact, the wording of Article 1 (3), Basic Law – according to which German state authority is directly bound by the basic rights irrespective of when and where in the world it takes action – advocates the inclusion of foreigners in the range of protection offered by the basic rights. However, the protection offered by the basic rights to foreigners abroad will regularly be significantly reduced due to overlapping constitutional provisions.136 The Federal Constitutional Court has acknowledged the necessity to guarantee the existence and security of the Federal Republic of Germany as a legitimate aim in the public interest. On balance, this aim will frequently outweigh the individual freedoms of foreigners abroad to an extent that it justifies low intensity infringements. Accordingly, the protection provided by the basic rights can only be realised through procedural arrangements. This is a responsibility of the Independent Committee as defined in Section 16, Federal Intelligence Service Act. The prerequisites for routine surveillance are established in Section 6 (1), Federal 98 Intelligence Service Act. The legal consequence is the release of certain telecommunications networks for the surveillance of foreigners abroad. Pursuant to Section 6 (1), Federal Intelligence Service Act, telecommunications surveillance of foreigners abroad is admissible under the following conditions: 132

Deutscher Bundestag, Drucksache 18/12850, 516 et seq. See Gärditz, in: Miller (ed.), Privacy and Power, 2017, 401 (401 et seq.); Dietrich, in: Schenke/ Graulich/Ruthig, Sicherheitsrecht des Bundes, 2018, § 6 BNDG, mn. 6 et seq. 134 See Hochreiter, Die heimliche Überwachung internationaler Telekommunikation, 2002, 129; Kreuter/ Möbius, Bundeswehrverwaltung 53/7 (2009), 146 (146 ff.); Löffelmann, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 4, mn. 172. 135 See Bäcker, Kommunikation & Recht 2014, 556 (559 et seq.); Brissa, Die Öffentliche Verwaltung 2017, 765 (771); Huber, Neue Juristische Wochenschrift 2013, 2572 (2575 et seq.). 136 See Dietrich, in: Schenke/Graulich/Ruthig, Sicherheitsrecht des Bundes, 2018, § 6 BNDG, mn. 8 et seq. 133

Dietrich

501

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:39 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

– the BND acts from Germany – to fulfil its legal mandate (collect and analyse information on foreign countries of significance for German foreign and security policy) – data are required to identify and ward off threats to Germany at an early stage or – data are required to guarantee Germany’s capacity to act or – data are required to gain other intelligence of significance for German foreign and security policy so as to meet the requirements identified by the responsible ministries in the Mission Statement of the Federal Government137. 99 These conditions are rather permissive. Essentially, they legitimate surveillance as soon as the BND acts in fulfilment of its legal mandate. Beyond that, the BND’s activities are only limited by arbitrariness provisions that are already laid down in the constitution. In contrast to strategic surveillance, there is no quantitative restriction to the surveillance of foreigners abroad.138 Section 6 (2) and (3), Federal Intelligence Service Act, establish some limitations, though. If routine surveillance is carried out in order to capture content data, Section 6 (2), Federal Intelligence Service Act, establishes that the BND must only use search strings that are sufficiently specified and suitable for clarifying the facts of interest. Section 6 (3), Federal Intelligence Service Act, imposes even stricter requirements for the search strings. In case EU institutions or citizens are subject to routine surveillance, this is only possible under the conditions applying to strategic surveillance as defined in Section 5 (1) and/or Section 3 (1), Article 10 Act.139 This does not give rise to problems under European Union law. In particular, there is no infringement of the prohibition of discrimination under EU law because the latter does not apply to facts pertaining to intelligence legislation.140 100 An additional authority to carry out preparations for routine surveillance is established in Section 12, Federal Intelligence Service Act. This provision allows for search strings and telecommunications networks to be tested for their suitability for routine surveillance in a kind of test run. This suitability test must not exceed 6 months. It is not subject to review by the Independent Committee. In terms of proportionality this is not objectionable. The test runs serve to identify promising subjects of surveillance with minimal human and technical resources.141 This narrows down the initial spectrum of surveillance.142 The intensity of infringement is thoroughly reduced by the strict provisions for the deletion of personal data gathered during the suitability test (Section 12 (4), Federal Intelligence Service Act). 101 The procedural arrangements for routine surveillance are similar to those for strategic surveillance.143 At the written request of the BND, the Federal Chancellery as the competent authority may issue a warrant specifying which telecommunications networks may be monitored by the BND. Search strings to monitor EU communication also require a warrant by the Federal Chancellery. Pursuant to Section 9 (3), Federal Intelligence Service Act, the warrant shall apply for a maximum of nine months. A 137

Cf. mn. 50. Cf. Löffelmann, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 4, mn. 184. 139 For details see mn. 79 et seq. and mn. 87 et seq. 140 Cf. Gärditz, Deutsches Verwaltungsblatt 2017, 525 (526). For detailed analysis see Sule, National Security and EU law restraints on Intelligence Activities, Part 4 Chapter 2, in this volume. 141 See Dietrich, in: Schenke/Graulich/Ruthig, Sicherheitsrecht des Bundes, 2018, § 12 BNDG, mn. 1 et seq. 142 Cf. Löffelmann, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 4, mn. 186; 143 See Dietrich, in: Schenke/Graulich/Ruthig, Sicherheitsrecht des Bundes, 2018, § 9 BNDG, mn. 1 et seq. 138

502

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:40 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

warrant by the Federal Chancellery is also required for suitability tests pursuant to Section 12, Federal Intelligence Service Act. Prior to the enforcement of surveillance operations pursuant to Sections 6 (1) and (3), Federal Intelligence Service Act, the Independent Committee (Unabhängiges Gremium) must be heard. This step can only be dispensed with in case of imminent danger. In that case, it must be involved afterwards. The Independent Committee144 examines whether the legal conditions laid down in Section 6, Federal Intelligence Service Act, have been complied with (admissibility and necessity). It will not carry out an assessment of proportionality in the strict sense, though. In particular, it will not consider whether the surveillance operation seems justified from a political point of view. The focus is solely on the question of whether the intended surveillance operation complies with the legal framework and if the specific purpose can be realised by the most moderate means. dd) Telecommunications surveillance at the source. The monitoring instruments 102 available to the German intelligence services also include what is referred to as telecommunications surveillance at the source (Quellen-Telekommunikationsüberwachung [Quellen-TKÜ]). It is a consequence of the increasing prevalence of encrypted communication via the internet. Voice-over-IP services such as “Skype” or “Google Talk” encrypt the audio data in the equipment involved before the data packets are sent over the internet, and are only decrypted once they have been received.145 In some cases, this technology seriously hampers the intelligence services’ surveillance operations. To bypass encryption, ‘telecommunications surveillance at the source’ means that the intelligence services have to infiltrate computers with a surveillance software, tapping communications before they are encrypted and transmitting them to the competent authorities. So far, the intelligence services of the Federal Government apparently referred to 103 Section 3, Article 10 Act, for carrying out these kinds of measures. This means that ‘telecommunications surveillance at the source’ is treated like the monitoring of individuals.146 There are good reasons for this. It cannot be denied, though, that ‘telecommunications surveillance at the source’ constitutes a more severe interference with basic rights than traditional telecommunications surveillance, because it does not only affect the privacy of telecommunications as defined in Article 10 (1), Basic Law. The infiltration of computers also affects the basic right to confidentiality and integrity of information technology systems as set forth by the Federal Constitutional Court147. Of course, the implanted surveillance software is not meant to tap off data stored on the computers. Yet it serves to bypass a decisive guard for informational privacy. Thus, measures of this kind at least risk an infringement of the basic right to confidentiality and integrity of IT systems. Accordingly, Section 3, Article 10 Act, does not suffice to justify telecommunications surveillance at the source. It would therefore be highly recommended to thoroughly examine the bill submitted in March 2017 by the Federal State of Bavaria, which contains an explicit provision regarding telecommunications surveillance at the source.148 d) Computer and network surveillance (‘online search’) Many intelligence services around the world also utilize what is referred to as ‘online 104 search’ (Online-Durchsuchung). The term refers to the covert access to information 144

See mn. 133 below. See Löffelmann, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 4, mn. 104. 146 Cf. mn. 79 et seq. 147 BVerfGE 120, 274 (312 et seq.). 148 Bundesrat, Drucksache 228/17. 145

Dietrich

503

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:40 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

technology systems through the internet.149 This access depends on the ability to implant Remote Forensic Software into private systems. For example, it enables the search for specific files on a computer or the recording of user behaviour.150 105 Computer and network surveillance is a contentious issue in Germany. There is no legal basis for the intelligence services of the Federal Government to carry out these kinds of operations. According to the Federal Government, this is why computer and network surveillance is currently not carried out by these agencies.151 Case law of the Federal Constitutional Court is likely to be the reason for this. In its ruling of 27 February 2008, the Court declared a regulation unconstitutional which was intended to authorise North Rhine-Westphalia’s office for the protection of the constitution to carry out computer and network surveillance.152 Taking into account this decision, only the Bavarian legislature mustered the creative political force required for establishing a legal foundation for the Bavarian office for the protection of the constitution with regard to ‘online search’.153 Given potential threats in the current situation of security policy, it is hard to understand the hesitation of the federal and other state legislatures.

E. Intelligence cooperation 106

As in most European states, the safeguarding of public security is performed on a division of labour basis in Germany. The German intelligence services cooperate with one another but also with other authorities such as police agencies and the public prosecutor’s office. Cooperation arrangements are defined in detail by law, thus implementing constitutional requirements because the exchange of personal data may represent a restriction of the basic right to informational self-determination. As an example: the BND gathers information for the purpose of the prevention of danger. If it forwards crime-related information to the police, the purpose of the information changes (from prevention of hazard to criminal prosecution). With this change of purpose, the justification for collecting the information in the first place is no longer valid. In fact, this is another restriction of basic rights. Against this backdrop, the Federal Constitutional Court assumes that the basic right to informational self-determination imposes a principle of separation for police and intelligence information.154

I. Legal framework for the exchange of information 107

The legal provisions for the exchange of information (data transfer regulations [Übermittlungsvorschriften])155 apply irrespective of whether data are exchanged infor149

See Schwabenbauer, Heimliche Grundrechtseingriffe, 2013, 72 et seq. See Löffelmann, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 5, mn. 28 et seq.; 151 Bundesministerium des Innern, Antwort auf schriftliche Anfrage des MdB Hunko, https://cdn. netzpolitik.org/wp-upload/2014-07-23_Schriftliche-Frage-7-123.pdf (15 July 2018). 152 BVerfGE 120, 274 (274 et seq.). 153 See Löffelmann, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 5, mn. 32 et seq. 154 BVerfGE 133, 277 (329). 155 See Brandt, Das Bundesamt für Verfassungsschutz und das strafprozessuale Ermittlungsverfahren, 2015, 117 et seq.; Gazeas, Übermittlung nachrichtendienstlicher Erkenntnisse an Strafverfolgungsbehörden, 2014, 286 et seq,; Zöller, in: Dietrich/Gärditz et al. (eds.), Nachrichtendienste im demokratischen Rechtsstaat, 2018, 185 (185 et seq.). 150

504

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:41 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

mally (e. g. on the phone) or formally (e. g. on written request), electronically (e. g. by email), orally or by mail. They must also be complied with in the case of an institutionalised exchange of information (such as the cooperation in fusion centres or access to joint databases). Moreover, in its decision on subscriber data, the Federal Constitutional Court developed a sender-recipient model for legal powers in terms of information exchange.156 Legal literature refers to it as a “double door model” (Doppeltürmodel).157 This means that the sender must have an authority granted by law to transmit specific information to another agency (“first door”). In addition, there must also be a legal basis for the recipient to accept the information in question (“second door”). The conditions under which a door opens or remains closed usually depend on the respective authorities’ mission. Section 20, Federal Act on the Protection of the Constitution, for example, establishes that the BfV will transmit personal data to the police and to the public prosecutor’s office in case this is required in order to prevent or prosecute major criminal offences. Hence the authority of the sender is connected with the legal mandate of the recipient. Legislation differentiates between obligations and discretionary powers to transmit 108 information.158 In some cases, the German intelligence services are not free to choose whether or not to transfer data to other authorities. For example, the offices for the protection of the constitution are obligated to exchange information. Pursuant to Section 6 (1), Federal Act on the Protection of the Constitution, all offices for the protection of the constitution are obligated to exchange without delay all relevant information needed for the proper performance of their tasks. In addition, Section 20, Federal Act on the Protection of the Constitution, obligates the three intelligence services of the Federal Government to transmit information on capital crimes to the police and to the public prosecutor’s office. Beyond that, the transfer of information is at the discretion of the respective authorities. In some cases, the exchange of information may be blocked by the prohibitions imposed by Section 23, Federal Act on the Protection of the Constitution. A transfer of data is prohibited, for example, if this could endanger the life and limb of a human intelligence source. Whether there is an obligation or discretion to exchange information is by no means a trivial matter. The investigation of the crimes committed by the National Socialist Underground (Nationalsozialistischer Untergrund) terrorist organisation revealed that important findings had not been exchanged between the police and the intelligence services due to an absence of obligations to transfer data.159 The individual data transfer regulations envisage different material prerequisites for 109 the exchange of information. For example, Section 18 (1), Federal Act on the Protection of the Constitution, establishes an obligation for all federal authorities to transmit information to the offices for the protection of the constitution if – facts have come to their knowledge that are – indicative of intelligence activities carried out on behalf of a foreign power or – on violent anti-constitutional activities.

156

BVerfGE 130, 151 (184). See Zöller, in: Dietrich/Gärditz et al. (eds.), Nachrichtendienste im demokratischen Rechtsstaat, 2018, 185 (189). 158 See Siems, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 7, mn. 21 et seq. 159 See Schäfer/Wache/Meiborg, Gutachten zum Verhalten der Thüringer Behörden und Staatsanwaltschaften bei der Verfolgung des “Zwickauer Trios”, Erfurt 2012, https://www.thueringen.de/imperia/ md/content/tim/veranstaltungen/120515_schaefer_gutachten.pdf (15 July 2018), 199 et seq., 244 et seq., 264 et seq. 157

Dietrich

505

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:41 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis 110

The legal threshold for the transfer of information depends on the intensity of the interference with basic rights. Since the transfer of personal data to police authorities may lead to criminal proceedings, an exchange of such information is only admissible under strict conditions. This also applies to the exchange of information with foreign authorities. In its landmark decision regarding the Federal Criminal Police Office Act, the Federal Constitutional Court recently pointed to the fact that the transfer of data to third countries presupposes that the data will be handled in the third country in conformity with human rights and data protection standards.160 So far, this requirement has not been met by the relevant provisions of the Federal Act on the Protection of the Constitution. In this respect, there is an urgent need for the legislature to take action.

II. Databases of the intelligence services 111

Databases are an important instrument of cooperation among authorities. To some extent, the intelligence services use internal databases. For example, the offices for the protection of the constitution use the NADIS WN Intelligence Information System (Nachrichtendienstliches Informationssystem Wissensnetz).161 This is a modern composite file with search functions to which all offices for the protection of the constitution have access. It was established based on Section 6 (1), Federal Act on the Protection of the Constitution. NADIS WN contains structured data on persons and objects (e. g. name, file reference, occupation, marital status). In addition, all findings regarding the particular person are stored together with the supporting documentation (e. g. surveillance report, newspaper cuttings, video films, photographs). Access to the database is limited and step-by-step. Every staff member of the offices for the protection of the constitution has access to the database index, which enables them to draw conclusions as to whether NADIS WN contains any information about a particular person at all. This index access only refers to the name, address, date of birth and photograph of a person. However, pursuant to Section 6 (2), sentence 7, Federal Act on the Protection of the Constitution, access to the findings stored on a specific person is limited to staff with data acquisition or analysis tasks.162 For databases such as NADIS WN, Section 14, Federal Act on the Protection of the Constitution, calls for the establishment of an ‘order on file management’ specifying the purpose of the file, the scope and use of the data when creating a database. The order on file management requires the consent of the Federal Ministry of the Interior. Prior to issuing the order, the Federal Commissioner for Data Privacy and Freedom of Information must be heard. An order on file management allows for an investigation, in terms of data privacy, as to whether or not the intelligence services have stored data not required to fulfil their legal mandate. Sections 10 to 13, Federal Act on the Protection of the Constitution contain detailed provisions establishing which data may be stored, modified or used, and which data must be corrected or deleted by the intelligence services. The federal states have their own regulations.

160

Cf. Bundesverfassungsgericht, Neue Juristische Wochenschrift 2016, 1791 (1806). See Schäfer/Wache/Meiborg, Gutachten zum Verhalten der Thüringer Behörden und Staatsanwaltschaften bei der Verfolgung des “Zwickauer Trios”, Erfurt 2012, https://www.thueringen.de/imperia/ md/content/tim/veranstaltungen/120515_schaefer_gutachten.pdf (15 July 2018), 199 et seq., 244 et seq., 264 et seq. 162 See Kutzschbach, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 6, mn. 91 et seq. 161

506

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:42 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

Besides internal databases, the German intelligence community also uses databases to 112 which other security agencies (e. g. police authorities) have access.163 The establishment and operation of such databases presents a major challenge. The informational separation rule164 developed by the Federal Constitutional Court must be adhered to. Legal authorisations are contained in the Federal Act on the Protection of the Constitution (Sections 22 a to 22 c). In 2016, for example, Section 22 c, Federal Act on the Protection of the Constitution, was introduced, authorising the BfV to access files of foreign intelligence services.165 Among others, this is admissible if – security interests of the Federal Republic of Germany are affected, and – the third countries involved guarantee compliance with basic rule of law principles. It counts for much that the legal provisions alone allow for establishing and accessing 113 an index file. An index file only contains indications that a specific participant of the file has information on a specific person or on specific facts. The information itself, though, is not contained in the file. For some interagency files, there are specific laws. Police authorities and intelligence 114 services have established two permanent common files based on the Counter-Terrorism Database Act (Antiterrordatei-Gesetz [ATDG])166 and the Right-Wing Extremism Database Act (Rechtsextremismus-Datei-Gesetz [RED-G])167. Both Acts had to be modified following a 2013 decision of the Federal Constitutional Court, which had ruled some provisions unconstitutional.168 A total of 38 German authorities subscribe to the CounterTerrorism Database (Antiterror-Datei [ATD]). Since its establishment, information on about 18,000 individuals has been stored, with the BND accounting for 46 percent of the data.169 31 percent of the data result from the findings of police authorities, and another 21 percent can be traced to information from the offices for the protection of the constitution.170 Which kind of data shall be stored in the ATD is set forth in Sections 2 and 3, Counter-Terrorism Database Act. Accordingly, the authorities are obligated to store data in the ATD on individuals in case there are specific indications of a membership in a terrorist organisation. At the same time, the contents of the ATD are also restricted. For example, storage of data of minors under the age of 14 is inadmissible. There was a controversial debate in legal literature if data on contact persons from the surrounding field of terror suspects may be stored in the ATD.171 In the meantime, the Federal Constitutional Court has laid down narrow limits for the storage of data of contact persons.172 They can only be included with a few basic data in the context of the main terror suspect, and searches for them must not result in matches. The ATD is also an index file, i. e. a search (via name, address etc.) only reveals if there is an authority that holds relevant information. The actual exchange of data is arranged for in line with the 163 See Brandt, Das Bundesamt für Verfassungsschutz und das strafprozessuale Ermittlungsverfahren, 2015, 218 et seq.; Kutzschbach, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 6, mn. 100 et seq. 164 Cf. mn. 12. 165 See Gnüchtel, Neue Zeitschrift für Verwaltungsrecht 2016, 1113 (1113 et seq.); Roggan/Hammer, Neue Juristische Wochenschrift 2016, 3063 (3063 et seq.). 166 Federal Law Gazette, BGBl. I 2006 at 3409, most recently amended by Article 10 of the Act of 14 August 2017 (BGBl. I 2017 at 3202). 167 Federal Law Gazette, BGBl. I 2012 at 1798, most recently amended by Article 11 of the Act of 14 August 2017 (BGBl. I 2017 at 3202). 168 BVerfGE 133, 277 (277 et seq.). 169 Deutscher Bundestag, Drucksache, 17/12665, 5. 170 Deutscher Bundestag, Drucksache, 17/12665, 5. 171 See Stubenrauch, Gemeinsame Verbunddateien von Polizei und Nachrichtendiensten, 2008, 241 et seq.; 172 Cf. BVerfGE 133, 277 (348 et seq.).

Dietrich

507

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:42 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

aforementioned data transfer regulations. Essentially, the Right-Wing Extremism Database (Rechtsextremismus-Datei [RED]) is operated along the same legal parameters.

III. Fusion Centres Current European threat levels call for the rapid availability of information at interagency level. In case of simultaneous terror attacks in several places or countries, flows of information must not be hampered by the limits of areas of responsibility. Hence fusion centres have been created throughout Europe. The “fusion” concept may be considered an organisational principle but ought to be understood actually in procedural terms. Fusion aims at consolidating and harmonising various information sources in order to generate an overall picture of the situation. 116 In Germany, too, several of these cooperation platforms have been established in recent years in which the German intelligence services participate.173 In particular: – the Joint Counter-Terrorism Centre (Gemeinsames Terrorismusabwehrzentrum [GTAZ]) with the associated Joint Internet Centre (Gemeinsames Internetzentrum [GIZ]) – the Joint Counter-Extremism and Counter-Terrorism Centre (Gemeinsames Extremismus- und Terrorismusabwehrzentrum [GETZ]) – the National Cyber Response Centre (Nationales Cyber-Abwehrzentrum [NCAZ]) – the Joint Illegal Migration Analysis and Strategy Centre (Gemeinsames Analyse- und Strategiezentrum Illegale Migration [GASIM]) 117 Communications and analysis processes within these centres are not easy to organise. The principle of general separation of police and intelligence data as prescribed by the Federal Constitutional Court must be observed. Accordingly, the exchange of information on the aforementioned platforms must comply with the applicable regulations for the transfer of data.174 In the GTAZ, for example, this is built into the organisational structure: a total of 40 different authorities cooperate in the GTAZ. Besides the three intelligence services of the Federal Government (BND, BfV and MAD) and those of the Federal States, there are representatives of federal and state police authorities. In addition, there is the Chief Federal Prosecutor, the Customs Criminological Office, and the Federal Office for Migration und Refugees. For these authorities, there are two separate analysis elements for the different functional areas. The intelligence services cooperate in the Intelligence Information and Analysis Centre (Nachrichtendienstliche Informations- und Analysestelle [NIAS]). For the police authorities, the Police Information and Analysis Centre (Polizeiliche Informations- und Analysestelle [PIAS]) was established. Focusing on specific cases, daily cooperation between the analysis centres takes place in joint working groups.175 Current working groups include, among others, the “Daily Situation Briefing” and the “Islamist Terrorist Potential” working groups. 118 Some authors contend that the Joint Centres lack a legal basis.176 On closer examination, however, specific legislation does not seem to be required. As far as personal data are concerned, sectoral legislation establishes detailed arrangements for the exchange of information between police authorities and intelligence services. Here, the limits of legal 115

173 See Brunst, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, V § 2, mn. 48 et seq. 174 Cf. mn. 107 et seq. 175 See Brunst, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, V § 2, mn. 51. 176 See Roggan, Zeitschrift für Rechtspolitik 2017, 208 (210).

508

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:42 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

interference with basic rights through the transfer of data to other authorities are described in sufficiently specific terms.

F. Oversight The activities of the German intelligence services are monitored by a large number of 119 organisations at federal and state level.177 The intensity of oversight has improved significantly over the years. A main reason for this is that comprehensive rights to obtain information and to inspect files, as well as rights for inspection visits for oversight bodies, were included in the relevant legislation. At the same time, the intelligence services’ obligations to report, document and provide information on their activities have been tightened. Even though there may still be some grounds for criticism on details, the level of oversight achieved so far can be considered groundbreaking from a rule of law perspective. In the following section, the oversight mechanisms of the intelligence services of the Federal Government shall be presented in greater detail.178

I. Administrative Oversight Administrative oversight comprises expert, administrative and legal supervision.179 At 120 the federal level, this responsibility is vested in the Federal Ministries as superior authorities. Thus, the BfV is supervised by the Federal Ministry of the Interior while the BMAD is under the supervision of the Federal Ministry of Defence. Administrative oversight is best understood as input and output control. As part of input control, for example, the superior authorities are involved in all important personnel and budget decisions concerning the intelligence services. Accordingly, if a new chief of division is to be appointed or if a new specialist branch is to be established in the BND, the Federal Chancellery as the superior authority must be involved. As far as output control is concerned, the focus of the superior authority is on the intelligence product. Pursuant to Section 33, Federal Intelligence Service Act, the BND is obliged, for example, to inform the Federal Chancellery continuously and unsolicited about its activities.180 This shall enable the Federal Chancellery to correct undesired developments in terms of how the BND performs its tasks. It can be stated that administrative oversight is taken quite seriously. This is particularly true for legal supervision. The government is always held responsible for any illegal activities of the intelligence services.181

177

Cf. mn. 27. The federal states have their own oversight bodies for their offices for the protection of the constitution, but, in detail, they are similar to those at the federal level. 179 See Eiffler in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VII § 1, mn. 9 et seq. 180 See Bareinske, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, V § 8, mn. 103 et seq. 181 Cf. Dietrich, Intelligence and National Security, 31 (2016), 397 (402). 178

Dietrich

509

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:43 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

II. Parliamentary Oversight Parliamentary oversight of intelligence service activities is implemented in different forms and by different entities.182 First, the German Bundestag has traditional parliamentary information tools at its disposal. The German Parliament must be able to examine whether the Federal Government has acted in accordance with legal regulations, i. e. that the intelligence services’ activities are not a cause for complaint from a political perspective. Information tools of this kind include written requests submitted by members of parliament, question time in parliament as well as the establishment of committees of inquiry or study committees.183 For example, one of the aforementioned committees of inquiry184 was tasked with examining the role of the security agencies in the investigation of the crimes committed by the National Socialist Underground (Nationalsozialistischer Untergrund) terrorist organisation. 122 Besides these general information tools of parliamentary oversight, the Bundestag has established two permanent bodies to oversee the activities of the intelligence services: The Confidential Committee (Vertrauensgremium) meets on the basis of Section 10 a (2) of the Federal Budget Code (Bundeshaushaltsordnung [BHO]). It consists of 10 members elected from the Bundestag Budget Committee. The Confidential Committee decides on the classified operating budgets of the intelligence services of the Federal Government. Even though budget execution is a responsibility of the executive branch, the Confidential Committee must be informed whenever the budget is significantly exceeded. 123 The Parliamentary Oversight Panel is the mainstay of legislative control. As an auxiliary body of the German Bundestag it is even vested with constitutional status based on Article 45 d, Basic Law.185 It currently consists of nine members of parliament elected to the committee by the Bundestag. There are no legal provisions with regard to their number or political party affiliation. The Act on the Parliamentary Oversight of the Intelligence Activities of the Federation (Gesetz über die parlamentarische Kontrolle nachrichtendienstlicher Tätigkeit des Bundes [PKGrG]) merely states that “The Bundestag determines the number of members as well as the composition and the working method of the Parliamentary Oversight Panel.” The Panel meets about once a month for consultations, which on principle are non-public meetings. Its conduct of business is primarily determined by its internal rules of procedure.186 These rules stipulate, for example, that one year the majority in Parliament chairs the committee, and the next year the minority takes over. This is in order to prevent the Panel from being exploited for the purposes of party politics. The Act on the Parliamentary Oversight of the Intelligence Activities of the Federation provides the members of the Panel with substantial rights to obtain information. Accordingly, they are entitled to inspect the files of intelligence services or their superior authorities and also to question their staff 121

182 See Baier, Die parlamentarische Kontrolle der Nachrichtendienste und deren Reform, 2009, 20 et seq.; Hansalek, Die parlamentarische Kontrolle der Bundesregierung im Bereich der Nachrichtendienste, 2006, 30 et seq.; Hirsch, Die Kontrolle der Nachrichtendienste, 1996, 101 et seq. 183 See Bartodziej, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, V § 2, mn. 9 et seq. 184 Cf. mn. 17. 185 See Hempel, Der Bundestag und die Nachrichtendienste – eine Neubestimmung durch Art. 45 d GG?, 2014, 30 et seq. 186 See Singer, Praxiskommentar zum Gesetz über die parlamentarische Kontrolle nachrichtendienstlicher Tätigkeit des Bundes, 2016, § 3 mn. 25.

510

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:44 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

members. Moreover, the Panel has access to all premises of the intelligence services. The Federal Government can only reject requests for information under strict conditions, e. g. if intelligence sources must not be revealed by any means. The Panel reports to the Bundestag on its activities at least once every two years. These reports are then released as official parliamentary publications.187 Criticism has been directed at the work of the Parliamentary Oversight Panel during 124 the past years. The media, in particular, did not spare the Panel’s members. So, for example, the newspaper Frankfurter Allgemeine Zeitung (FAZ) ridiculed the relationship between intelligence services and oversight bodies under the caption: “Tame Talkers, Mightily Silent”.188 Attending a press conference of the Parliamentary Oversight Panel, a correspondent of the newspaper tageszeitung (taz) was under the impression that she had happened upon a gathering at “Simpleton Hall”.189 Indeed, a closer look at the actual oversight activities conducted over the past years reveals that the general interest has been more on party politics-related effects than on the efficient fulfilment of the oversight mandate. In fact, the Panel was not truly capable of examining whether the intelligence services actually lived up to their mandate, because it lacked both the personnel and expertise to do so. Rather, parliamentary oversight became a means of political confrontation.190 Only the pressure exercised by several committees of inquiry at the federal and state 125 levels generated a political willingness to act. On 6 January 2016, the Law on the Development of Parliamentary Oversight of the Intelligence Services of the Federation (Gesetz zur weiteren Fortentwicklung der parlamentarischen Kontrolle der Nachrichtendienste des Bundes) came into force.191 It contains significant amendments to the Act on the Parliamentary Oversight of the Intelligence Activities of the Federation.192 The main new arrangement provides for the establishment of a “Permanent Commissioner of the Parliamentary Oversight Panel.” Pursuant to Section 5 b, Act on the Parliamentary Oversight of the Intelligence Activities of the Federation, the Permanent Commissioner is proposed by the Panel (following a simple majority vote) and appointed for five years by the President of the Bundestag. As to its legal status, the position is a strange hybrid between that of an independent commissioner (such as the Parliamentary Commissioner for the Armed Forces) and that of a high-ranking career civil servant at the level of a ministerial department chief. This makes it an official appointment unlike any other.193 The Parliamentary Oversight Panel may relieve the Commissioner of his duties at any time and with immediate effect, which requires a three-fourths majority vote. Also, the Commissioner may be re-appointed only once by the Parliamentary Oversight Panel. Accordingly, his maximum term of office is 10 years. The rationale of the law cites the Permanent Commissioner’s role as that of a “far-reaching arm” of the Parliamentary Oversight Panel who, for example, may exercise the Panel’s right to access records of the intelligence services or to access their premises.194 In this function, 187

E. g. Deutscher Bundestag, Drucksache 19/422. Cf. Sattar, Frankfurter Allgemeine Zeitung, 18 July 2013, http://www.faz.net/aktuell/politik/staat-undrecht/kontrolle-der-geheimdienste-maechtige-schweiger-zahnlose-schwaetzer-12285538.html (15 July 2018). 189 Cf. Geisler, die tageszeitung, 6 July 2013, https://www.taz.de/Archiv-Suche/!5063802&s=/(15 July 2018). 190 See Dietrich, Zeitschrift für Rechtspolitik 2014, 205 (206). 191 Federal Law Gazette, BGBl. I 2016 at 2746. 192 See Gärditz, Deutsches Verwaltungsblatt 2017, 525 (532 et seq.); Brissa, Die Öffentliche Verwaltung 2017, 765 (767 et seq.). 193 See Bartodziej, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, V § 2, mn. 93 et seq. 194 Cf. Deutscher Bundestag, Drucksache 18/9040, 2. 188

Dietrich

511

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:44 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

the Commissioner acts in a support role and as a technical advisor to the Panel. To that end, he has a sizeable staff to assume specialist tasks. The Commissioner and his staff prepare the monthly meetings of the Parliamentary Oversight Panel and its annual reports to the German Bundestag. In addition, the Commissioner is entitled to take part in the meetings of the Confidential Committee and of the G10 Commission. 126 It seems doubtful whether the creation of the office of Permanent Commissioner alone will suffice to eliminate all deficiencies in terms of intelligence services oversight. The good news is that the Parliamentary Oversight Panel now has personnel to assume its oversight rights which existed before only on paper. The Permanent Commissioner and his staff process information in response to the needs of the members of parliament. Thus, members of parliament are now better prepared when communicating with members of the intelligence services. This could enable the Permanent Commissioner, in theory, to contribute to considerably improving intelligence services oversight. He could make oversight more knowledgeable, constructive, sustainable and factual. The question of whether this promise can actually be kept should be viewed with scepticism. It is true that legislation has brought the office of Permanent Commissioner to prominence by establishing a separate legal provision for it. In practice though, his legal status is rather weak.195 Reporting directly to the Panel, he may be released from office at any time. He does not have powers in his own right. In this way, he differs greatly from the truly independent commissioners of the Bundestag, like the Parliamentary Commissioner for the Armed Forces. The latter is free to decide when and why to take action. In contrast, the Permanent Commissioner must wait to be tasked by the Parliamentary Oversight Panel, whose rights he exercises on its behalf. Moreover, given his relatively weak position, the Permanent Commissioner will not be able to eliminate one major problem: the influence of political party interests. Strictly speaking, it cannot be ruled out that the political aspects of oversight described above will be given an even broader scope, as the actors will be better informed. 127 To avoid misunderstandings: the activities of intelligence services must remain the subject of political debate. Yet daily performance oversight must not be prone to abuse. It must be exhaustive, tough and demanding, but discrete. In this context there is a problem in Germany that must not be underrated. Occasionally top secret information is leaked. It has never been possible to identify those who passed on the information to the press. In 2002, Otto Schily, the then Federal Minister of the Interior, held members of the Parliamentary Oversight Panel responsible for passing the name of a trusted agent of the Federal Office for the Protection of the Constitution to the press and threatened to bring charges against them.196 In 2012, Roman Trips-Hebert, an employee of the Bundestag‘s administration, published an article in the Zeitschrift für Rechtspolitik in which he argued that German criminal legislation in this field had nothing more but symbolic significance given the serious leaks from committees of inquiry.197 Thus, the establishment of a Permanent Commissioner does not eliminate the risk that oversight is politically instrumentalised and abused for cheap showmanship.

195 See Bartodziej, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, V § 2, mn. 95. 196 See Schily in Schwierigkeiten – “Wer ist denn hier der Gegner?”, DER SPIEGEL, 26 January 2002, http://www. spiegel.de/politik/deutschland/schily-in-schwierigkeiten-wer-ist-denn-hier-der-gegner-a-179341. html (15 July 2018). 197 Cf. Trips-Herbert, Zeitschrift für Rechtspolitik 2012, 199 (202).

512

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:45 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

III. Judicial review Intelligence services do not enjoy immunity in Germany. Therefore, it is possible to 128 have their activities examined by a court. If, for example, a BND employee violates a provision of the Penal Code, he may, in principle, be tried by a German criminal court. Until recently, this was a subject of vivid debate among German legal experts.198 In the day-to-day life of an intelligence agent he may sometimes be forced to act in an unlawful manner in order to fulfil his official duties. For example, if a BND employee buys a stolen CD-ROM in Switzerland that contains data of German tax evaders, this has to be considered from a legal point of view as receiving stolen property according to Section 259 of the German Penal Code. He is only spared a prison sentence because he did not commit the deed with a motive of personal enrichment, which is also stipulated in Section 259. However, in the past cases have not always been that clean-cut. As recently as in 2011, the Oberlandesgericht (Higher Regional Court) of Düsseldorf sentenced a BND source to prison for his membership in a terrorist organisation in spite of the fact that he had reliably collected valuable intelligence on the organisation for years.199 In the meantime, legislation responded and created the possibility of indemnifying such individuals on a case by case basis.200 Those who have become the target of measures of intelligence surveillance also have 129 recourse to a German court.201 However, the problem in this context is that those affected usually do not know that an intelligence service has put them under surveillance. This is why intelligence legislation (e. g. Section 12, Article 10 Act) establishes that persons affected need to be informed about the existence and duration of any surveillance measure in hindsight in order to ensure the efficient legal protection of the citizens that the German constitution calls for. Based on this notification, persons who have been monitored may petition a German administrative court to examine whether the surveillance measure was illegal. According to Section 50, Code of Administrative Court Procedure, the Federal Administrative Court is responsible as the court of first and last instance whenever someone questions the lawfulness of a surveillance measure of the BND. By way of exception, proceedings before the Federal Administrative Court can take place partially closed to the public. Sometimes intelligence may not be used in court given its particular political sensitivity or because it could disclose information about a service’s source. In such cases, the superior authority issues a declaration of non-disclosure (referred to as Sperrerklärung) which prevents certain information from being disclosed in court. Court hearings without counsel to examine whether the withholding of information had been lawful can then be held in camera. It should be noted that judicial review of the German intelligence services is always conducted ex-post (with the exception of surveillance of a private home202). There is no preventative oversight of intelligence activities by courts like the US Foreign Intelligence Surveillance Court.

198 See Dietrich, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 2, mn. 170 et seq. 199 Oberlandesgericht Düsseldorf, Neue Zeitschrift für Strafrecht 2013, 590 (590 et seq.). 200 See mn. 66. 201 See Kornblum, Rechtsschutz gegen geheimdienstliche Aktivitäten, 2011, 116 et seq.; Graulich, in: Graulich/Simon (eds.), Terrorismus und Rechtsstaatlichkeit, 2007, 143 (156 et seq.); Gusy, in: Bundesamt für Verfassungsschutz (ed.), Verfassungsschutz in der Demokratie, 1990, 67 (93 et seq.). 202 See mn. 68 et seq.

Dietrich

513

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:45 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

IV. Independent Oversight Bodies with Specific Mandate At the federal level, there are further oversight bodies with very specific mandates. The independence of these entities is guaranteed by law. For example, Section 19, Federal Court of Auditors Act (Bundesrechnungshofgesetz)203, establishes that the Federal Court of Auditors (Bundesrechnungshof) is responsible for auditing the annual account and budget management of the intelligence services of the Federal Government with a view to their efficient use of budget funds. The audit findings are submitted to the Confidential Committee, the Parliamentary Oversight Panel as well as the responsible Ministry. For reasons of secrecy, the work is delegated to what is referred to as a ‘college of three’ (Dreierkollegium) chaired by the President of the agency. 131 As public entities of the Federal Republic, the intelligence services of the Federal Government are subject to oversight by the Federal Commissioner for Data Protection and Freedom of Information (Bundesbeauftragter für den Datenschutz und die Informationsfreiheit [BfDI]). The legal basis for the BfDI’s work is the Federal Data Privacy Act (Bundesdatenschutzgesetz)204. She is responsible for reviewing all specific data privacy regulations. As many provisions of intelligence legislation are meant to ensure the protection of the basic right to informational self-determination, the competence for review includes, in particular, personal data that are collected and processed by the intelligence services.205 Pursuant to Section 24 (4), Federal Data Privacy Act, the intelligence services are obliged to provide full support to the BfDI in her work. This means that she must be provided access to premises, to requested information and to documents and files. For reasons of secrecy, the obligation to provide support only relates to the BfDI herself and to members of her staff designated by her in writing. The intelligence services may only refuse assistance to her in rare cases if the security of the Federal Republic or of a federal state was at risk. This would be the case, for example, if the disclosure of information to the BfDI engendered the disclosure of details on the cooperation with important foreign intelligence services and, as a result, that cooperation was seriously damaged. This aspect has considerable practical relevance. During the investigations conducted by the so-called Bundestag NSA committee of inquiry, the committee of inquiry, the BfDI and the G10 Commission requested access to the search strings the BND had received from the NSA for SIGINT purposes. Eventually, these requests were denied because the Federal Constitutional Court decided against them. The Court emphasized that “handing over the NSA Selector Lists (…) would significantly undermine the intelligence services’ functioning as well as their ability to cooperate, and thus would also impair the Federal Government’s capacity to act in matters related to foreign or security policy.”206 132 The aforementioned G10 Commission207 monitors compliance with the Article 10 Act. Among others, the latter establishes explicitly under which conditions the BND is entitled to carry out the strategic surveillance of bulk telecommunications traffic, i. e. a SIGINT operation. The G10 Commission consists of four members who are selected by the Parliamentary Oversight Panel. There is no provision in the Article 10 Act specify130

203 Federal Law Gazette, BGBl. I 1985 at 1445, most recently amended by Article 15 of the Act of 5 Febuary 2009 (BGBl. I 2009 at 160). 204 Federal Law Gazette, BGBl. I 2017 at 2097. 205 See Kutzschbach, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, VI § 6, mn. 67 et seq. 206 BVerfGE 143, 101 (recital 159). 207 See mn. 27.

514

Dietrich

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:46 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 1. Intelligence Law in Germany

ing that the members of the Commission also have to be members of the German Bundestag. The only mandatory condition is that the Commission’s chairperson has to be a trained lawyer. Upon request by the intelligence services, the G10 Commission decides on restrictions of the privacy of correspondence, posts and telecommunications. This means that it has an ex ante oversight perspective. Only in some clearly defined cases a request to the G 10 Commission can be dispensed with, e. g. in case of imminent danger. However, in such cases, the intelligence services are still required to ask the G10 Commission for a retroactive approval. According to Section 14 (1), Act on the Parliamentary Oversight of the Intelligence Activities of the Federation, the Parliamentary Oversight Panel is obligated to submit to the German Bundestag a detailed annual report on the conduct, type and scope of surveillance operations approved by the G10 Commission. The most recent oversight entity with a specific mandate is the aforementioned 133 Independent Committee as defined in Section 16, Federal Intelligence Service Act.208 The Independent Committee monitors the approval of telecommunications networks for BND surveillance.209 In addition, it oversees search strings for the focused surveillance of communications within the EU. The Committee meets at least every three months. It must inform the Parliamentary Oversight Panel on its activities at least every 6 months. It consists of three members and three substitutes, who are all appointed by the Federal Cabinet. The chairperson of the Independent Committee and one other member must be judges at the Federal Court of Justice. The third person must be a federal prosecutor in the Chief Federal Prosecutor’s Office. The same ratio applies to the substitutes. The members of the Committee are not bound by any mandatory instructions. Yet they are obliged to maintain secrecy. They do not have any particular investigative powers.

G. Conclusion German intelligence law may be considered as progressive by global standards. 134 Nevertheless, it cannot be neglected that it lacks a concept of order. At the federal level, legal matters remain fragmented and confusing. To a certain extent, the necessary synchronisation of the various sets of rules has fallen by the wayside. As laws have been amended over the past years, the sets of rules have grown in complexity while becoming more contradictory and less accessible for application. Given the somewhat incoherent patchwork of intelligence legislation, federal legislators should soon find the political energy to create a uniform, unambiguous legal framework for intelligence activities by passing a single law for the intelligence services of the Federal Government. There also seems to be a compelling need for the laws relating to the state offices for 135 the protection of the constitution to be revised210: To a certain extent, the differences between the single laws are so wide that it must be doubted whether a consistent level of protection of basic rights and an adequate fulfilment of the mission to safeguard state security throughout Germany can actually be guaranteed. Also, from the perspective of efficient administration management, the question must be raised if all 16 domestic services of the federal states are actually able to fulfil their legal mandate. 208 209

Supra mn. 101. See Dietrich, in: Schenke/Graulich/Ruthig, Sicherheitsrecht des Bundes, 2018, § 16 BNDG, mn. 3 et

seq.

210 See Dietrich, in: Dietrich/Eiffler (eds.), Handbuch des Rechts der Nachrichtendienste, 2017, III § 3, mn. 70 et seq.

Dietrich

515

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:46 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2 Intelligence Law in France Florent Le Divelec Outline A. Introductory remarks on the scope of the chapter .................................................. B. The French intelligence service..................................................................................... I. The “premier cercle”: the six specialised intelligence services...................... 1. Internal intelligence service: Direction Générale de la sécurité intérieure - DGSI................................................................................................ 2. Foreign intelligence service: Direction générale du renseignement extérieur - DGSE ................................................................................................ 3. Military security service: Direction du renseignement et de la sécurité de la défense - DRSD ........................................................................................ 4. Military intelligence service: Direction du renseignement militaire DRM...................................................................................................................... 5. Customs intelligence service: Direction nationale du renseignement et des enquêtes douanières - DNRED................................................................ 6. The Financial Intelligence Unit: Service “traitement du renseignement et action contre les circuits financiers clandestins” - Tracfin .................. II. The “second cercle”: Intelligence outside the IC ............................................. C. Coordination and information exchange ................................................................... I. Coordination bodies ............................................................................................... 1. Strategy Coordination: Conseil national du renseignement et lutte contre le terrorisme - CNRCT ........................................................................ 2. Support to the Prime Minister: Secrétariat général de la défense et de la sécurité nationale - SGSDN......................................................................... 3. Request management: Groupement interministériel de contrôle- GIC. 4. Community building through education and training: L’académie du renseignement ..................................................................................................... II. Exchange of information....................................................................................... D. Oversight of intelligence policy and activities ........................................................... I. Oversight committee: Commission nationale de contrôle des techniques de renseignement .................................................................................................... 1. The CNCTR in practice.................................................................................... a) Ex-ante opinion ............................................................................................ b) Individual complaints .................................................................................. c) Referral to the Conseil d’Etat..................................................................... d) Surveillance of International Communications ..................................... e. Duty of honest cooperation ....................................................................... 2. Annual activity report ....................................................................................... II. Parliamentary oversight......................................................................................... 1. Budgetary oversight: Commission de vérification des fonds spéciauxCVFS ..................................................................................................................... 2. Parliamentary delegation on intelligence: Délégation parlementaire au renseignement- DPR.......................................................................................... III. The inspection of intelligence services: L’inspection des services de renseignement.......................................................................................................... E. The Law on Intelligence ................................................................................................. I. The use of intelligence collection techniques ................................................... 1. Services authorized to use intelligence collection techniques .................. 2. Purposes for the use of intelligence collection techniques ....................... 3. Intelligence collection techniques and other means available to the members of the IC ............................................................................................. a) Intelligence collection techniques ............................................................. b) The sensitive case of Black Boxes ............................................................. c) Authorization of unlawful activities.........................................................

516

Le Divelec

mn. 1 5 8 9 12 15 16 18 21 25 27 28 29 37 41 46 48 51 52 58 58 60 61 64 70 71 73 74 78 84 89 90 91 92 94 96 98 101

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:47 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France II. Data retention rules................................................................................................ III. Judicial remedies and agents’ responsibility ..................................................... 1. Judicial remedies for individuals..................................................................... 2. Criminal liability of intelligence services members .................................... IV. Derogations and complementary provisions .................................................... 1. Emergency Procedure........................................................................................ 2. International surveillance ................................................................................. 3. Protection of whistle-blowers .......................................................................... F. A law reshaped by constitutional concerns ............................................................... I. The annulment of the provisions on international surveillance .................. II. The radio transmission exemption ..................................................................... III. Case pending in Strasbourg.................................................................................. G. Concluding remarks ........................................................................................................

103 108 109 115 117 118 119 123 125 126 130 135 139

Bibliography: Adam P., Délégation Parlementaire au Renseignement, Rapport relatif à l’activité de la délégation parlementaire au renseignement pour l’année 2016, p. 44; CF2R, French Intelligence and Security Services in 2016: A Short History, available at: http://www.cf2r.org/fr/notes-historiques/frenchintelligence-and-security-services-in-2016-a-short-history.php, accessed 3 November 2017; CF2R, Direction nationale du renseignement et des enquêtes douanières, available at: https://www.cf2r.org/wpcontent/uploads/2017/05/DNRED.pdf; Chopin O. (2017), Intelligence reform and the transformation of the state: the end of a French exception, Journal of Strategic Studies, 40:4, 532–553; de Maison Rouge O., Le droit du renseignement, LexisNexis, 2016; de Villaines A., Renseignement français : des compétences très complémentaires, 26 march 2016, La Chaîne Parlementaire Assemblée nationale, available at: http:// www.lcp.fr/actualites/renseignement-francais-des-competences-tres-complementaires; Délégation Parlementaire au Renseignement, Rapport relatif à l’activité de la délégation parlementaire au renseignement pour l’année 2014, p. 72, available at: http://www.assemblee-nationale.fr/14/rap-off/i2482.asp; Desmaretz G., Service Action, un service secret pas comme les autres: Formation, méthode et pratique, Paris, Chiron, 2008; ENA, France: quel budget pour les services?, in Le renseignement dans tous ses états, L’ENA hors les murs, juin 2014, n° 442; Erman J., The Dreyfus Affair: Enduring CI Lessons, Intelligence in Public Literature; European Parliament, Fighting tax crimes Cooperation between Financial Intelligence Unit, Manuscripts completed in March 2017, Brussels, European Union, 2017; Hayez P., ‘Renseignement’: The New French Intelligence Policy, International Journal of Intelligence and Counter Intelligence, 23: 474–486, 2010.; Mallet J.C., Défense et Sécurité nationale: le Livre blanc, 2008, available at: http://www. ladocumentationfrancaise.fr/rapports-publics/084000341/index.shtml; Premier Rapport d’activité 2015/ 2016, Commission Nationale de contrôle des techniques de renseignement; Projet de loi de finances pour 2017, Direction de l’action du Gouvernement : coordination du travail gouvernemental; Rapport n° 423 (2015–2016) de M. Jean-Pierre Raffarin, fait au nom de la délégation parlementaire au renseignement, déposé le 25 février 2016; Rapport parlementaire, Compte rendu de la Commission de la défense nationale et des forces armées, compte-rendu n° 47, 2013 available at http://www.assemblee-nationale.fr/14/pdf/crcdef/12-13/c1213047.pdf; Rees M., Données de connexion : les avis de la CNCTR classés secret-défense, Next Inpact, available at: https://www.nextinpact.com/news/105617-donnees-connexion-avis-cnctrclasses-secret-defense.htm; Sénateur M. Vinçon S., Avis présenté au nom de la commission des Affaires étrangères, de la défense et des forces armées (1) sur le projet de loi portant création d’une délégation parlementaire pour le renseignement, 20 Juin 2007.; Untersinger U., Une première “ boîte noire “ de la loi sur le renseignement désormais active, Le Monde, available at http://www.lemonde.fr/pixels/article/2017/ 11/14/les-boites-noires-de-la-loi-sur-le-renseignement-sont-desormais-actives_5214596_4408996.html, accessed on the 15th of November 2017; Urvoas J.J. and Vadillo F., Réformer les services de renseignement français : efficacité et impératifs démocratiques, Paris, Fondation Jean-Jaurès 2011; Urvoas J.J. and Verchère P., Assemblé Nationale, Rapport d’Information déposé en application de l’article 145 du Règlement par la Commission des lois constitutionnelles, de la législation et de l’Administration générale de la République, en conclusion des travaux d’une mission d’information (1) sur l’évaluation du cadre juridique applicable aux services de renseignement, May 2013; Warusfel B., Structures et evolutions du renseignement en France, Revue Droit et Défense 94/1.

A. Introductory remarks on the scope of the chapter Since the birth of French intelligence services under the reign of Louis XI during the 1 XVth century, their organization underwent a long process of creation, destruction and

Le Divelec

517

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:48 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

adaptation.1 Driven by successive national and international events (e. g. the French Revolution, the First Empire, the Franco-Prussian war or again WWI), the modern intelligence machinery took its contemporary shape in 1944 with the creation of separate military, internal and external intelligence services.2 After numerous structural changes brought by the successive presidencies and the emergence of terrorism3, the need for an adaptation of the intelligence machinery was expressed in 2008 by the French White Paper on Defence and National Security. Under the impulse of President Nicolas Sarkozy, the White Paper announced the preparation of a new legal framework to define the purpose of the intelligence services4. 2 In 2015, this framework was finally introduced with the passing of two laws, the loi sur le renseignement (law on intelligence),5 and the loi relative aux mesures de surveillance des communications électroniques internationales (law on the surveillance of international communications)6. These laws established new provisions within the Code de la sécurité intérieure (Homeland Security Code or CSI) to codify the means of action made available to intelligence services for the conduct of their missions. Although some intelligence collection techniques7 had already been codified by law prior to this reform8, the 2015 intelligence law now formalised and ‘legalised’ the practices involved in intelligence activities9, more particularly the surveillance of electronic communications. 3 This intelligence reform initiated by the 2008 White Paper ultimately led to the formal establishment of the communauté française du renseignement (French intelligence community or IC),10 the codification of the tools available to intelligence services for the collection of intelligence and the creation of a new oversight mechanism aimed at controlling the legality of intelligence services’ recourse to such tools. 4 This chapter describes the new architecture of the French intelligence machinery. It focuses on introducing the intelligence services (B), how coordination and information exchange is ensured (C), how the new oversight mechanism functions (D) before presenting the intelligence collection techniques codified by the laws of 2015 (E). 1 For a concise history of French intelligence services in English, see CF2R – French Intelligence and Security Services in 2016: A Short History accessed 3 November 2017. “Intelligence activities” is understood here as any action or recourse to an intelligence collection technique aimed at obtaining information on a given individual, group of individuals or organisation. 2 For further details on the institutional evolutions of intelligence services in France, see Bertrand Warusfel, Structures et evolutions du renseignement en France, Revue Droit et Défense 94/1. For further details, see CF2R supra, fn. 1 and John Erman, The Dreyfus Affair: Enduring CI Lessons, Intelligence in Public Literature. 3 Supra fn. 1. 4 Jean-Claude Mallet, Défense et Sécurité nationale : le Livre blanc, available at: http://www.ladocumentationfrancaise.fr/rapports-publics/084000341/index.shtml Philippe Hayez, ‘Renseignement’: The New French Intelligence Policy, International Journal of Intelligence and Counter Intelligence, 23: 474–486, 2010. 5 Loi n° 2015-912 du 24 juillet 2015 relative au renseignement. 6 Loi n° 2015-1556 du 30 novembre 2015 relative aux mesures de surveillance des communications électroniques internationales. 7 All means used to gather intelligence as provided by the law of 2015 are referred to as “techniques de renseignement”. The term “ intelligence collection technique” will therefore be used within this work. 8 B. Warusfel, supra, fn. 2 and Jean-Jacques Urvoas and Patrice Verchère, Assemblé Nationale, Rapport d’Information déposé en application de l’article 145 du Règlement par la Commission des lois constitutionnelles, de la législation et de l’Administration générale de la République, en conclusion des travaux d’une mission d’information (1) sur l’évaluation du cadre juridique applicable aux services de renseignement, May 2013. 9 Olivier Chopin (2017) Intelligence reform and the transformation of the state: the end of a French exception, Journal of Strategic Studies, 40:4, 532–553, p. 549. 10 Ibid.

518

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:49 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

Finally, the major decisions taken by the French Constitutional Court and the pending case at the ECtHR will be presented to highlight the tensions that rose following the adoption of these laws by the French legislature (F).

B. The French intelligence service The term Intelligence Community was first introduced by the 2008 White Paper on 5 Defense and National Security11 and legally defined in 201412. Following the adoption of the law in 2015 and its subsequent amendments, the IC today encompasses13: – The six “premier cercle” services; – La coordination nationale du renseignement et de la lutte contre le terrorisme; – Le centre national de contre-terrorisme; – L’académie du renseignement; – L’inspection des services de renseignement Intelligence activities are per definitionem the exclusive domain of the six existing 6 intelligence services14. In some cases, however, the latest law on intelligence, grants the very same rights to other services that do not belong to the IC per se, for example lawenforcement agencies15. These other services can be authorized to use the same intelligence collection techniques16 under strict conditions and for specific purposes, e. g. for the identification or localisation of a suspect. The two kinds of services are therefore categorised as “premier cercle” (the six specialised intelligence services) and “second cercle” (all other) services: Diagram 1: The two types of services authorized to use intelligence collection techniques17 Intelligence Collecon Techniques Intelligence Community

« Premier Cercle » Services

« Second cercle » Services

Other services

11

Supra, n. 1. Décret n° 2014-474 du 12 mai 2014 pris pour l’application de l’article 6 nonies de l’ordonnance n ° 58-1100 du 17 novembre 1958 relative au fonctionnement des assemblées parlementaires et portant désignation des services spécialisés de renseignement. 13 Art. 811-1 CSI as modified by Décret n° 2017-1095 du 14 juin 2017 relatif au coordonnateur national du renseignement et de la lutte contre le terrorisme, à la coordination nationale du renseignement et de la lutte contre le terrorisme et au centre national de contre-terrorisme. 14 Art. 811-2 and 811-4 CSI. 15 Art. 811-4 CSI. 16 Depicted in Book VII CSI titled “On Intelligence”. 17 Source F. Le Divelec. 12

Le Divelec

519

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:50 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis 7

The following section introduces the members of the Intelligence Community (I) and the other services allowed to carry out intelligence activities (II). Diagram 2: The French Intelligence Machinery18

Conseil Naonal du Renseignement*

Ministère de l'Économie et des Finances*

Ministre des Armées*

Services de « premier cercle »*

I. The “premier cercle”: the six specialised intelligence services 8

The Intelligence Community includes the six specialised, “premier cercle”19 intelligence services. They share the same purpose of collecting intelligence but are competent in different fields and within different geographical areas.

1. Internal intelligence service: Direction Générale de la sécurité intérieure - DGSI 9

The French internal intelligence service is both an intelligence and a specialised law enforcement service20. Created in 201421, the DGSI is part of the National Police, under the supervision of the Ministère de l’Intérieur, competent within the national territory. It is the result of a long transformative process that started in 1937 with the creation of the Renseignements généraux (RG-General Intelligence) and the Direction de la surveillance du territoire (DST-Directorate of territorial surveillance). These two services played complementary roles until their fusion in 2008, when they were merged to create the Direction centrale du renseignement intérieur (DCRI). The merger aimed at adapting the structure to new threats by harmonizing and centralising competences, workforce and tools22.

18

Source Académie du Renseignement modified by F. Le Divelec (*). Art.R811-1 CSI. 20 Contrary to the British MI5, the DGSI has the competence to conduct arrest of individuals. See supra, n. 2. 21 Décret n° 2014-445 du 30 avril 2014 relatif aux missions et à l’organisation de la direction générale de la sécurité intérieure. 22 Ibid. 19

520

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:50 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

The DCRI was tasked to fight any activity within the national territory that might 10 threaten the fundamental interests of the nation23. In 2014, the DCRI became the DGSI and was tasked to collect, fuse and process intelligence related to national security and the fundamental interest of the nation24. The DGSI is subdivided into several sub-directorates with different foci: the fight 11 against terrorism (sous-directorate T), counterintelligence (H), cyber-threats (“système d’information”) and the protection of national economic interests (sous-directorate K)25.

2. Foreign intelligence service: Direction générale du renseignement extérieur - DGSE The roots of the French external intelligence agency can be traced back to the early 12 1940s when part of the French army settled in Great Britain during German occupation26. Following multiple changes made after the end of World War II27, the foreign intelligence service finally took the current name of Direction générale du renseignement extérieur (DGSE) under the presidency of François Mitterrand in 198228. Originally created by décret29, the DGSE has since 2008 been codified within the Code de la défense (CDD)30. The DGSE is in charge of both intelligence and covert action31. Its task is to collect 13 and produce intelligence pertaining to the security of the nation and to detect and prevent espionage activities directed against French interests both outside the national territory32. The DGSE is structured around five separate directorates (administration, operation, analysis, strategy and technology) under the authority of a director general nominated by décret by the Conseil des ministres and supervised by the Ministère des Armées33. In contrast to the DGSI, the DGSE does not possess its own special operations department34 but has at its disposal the Service Action (SA), a specially trained military commando unit placed under the command of a joint-army general staff and attached to the DGSE’s operations directorate. The SA operates exclusively for the DGSE35. Although the mandate of the DGSE starts at the border of the national territory, it 14 operates in close collaboration with the DGSI and other services36.

23 Décret n° 2008-609 du 27 juin 2008 relatif aux missions et à l’organisation de la direction centrale du renseignement intérieur. 24 Supra, n. 21, art. 1. 25 O. De Maison Rouge, le droit du renseignement, 2016 p. 28. 26 Ibid, p. 36. 27 CF2R supra n 1. 28 Supra, fn. 25, O. De Maison Rouge, p. 38. 29 Décret n° 86-306 du 2 avril 1982 portant création et fixant les attributions de la direction générale de la sécurité extérieure. 30 Décret n° 2008-1219 du 25 novembre 2008 relatif à certaines dispositions réglementaires de la troisième partie du code de la défense creating the now Art.D3216-1 to 4. 31 It has for instance a monopoly on the conduct of clandestine operations abroad. 32 Art.D.3126-2 CDD. 33 Before the election of Emmanuel Macron, the Ministry was named Ministère de la Défense. Supra, n. 30, Art. 1. 34 Supra, n. 25, O. De Maison Rouge, p. 40. 35 Gérard Desmaretz, Service Action, un service secret pas comme les autres : Formation, méthode et pratique, Paris, Chiron, 2008. See, the DGSE website available at: http://www.defense.gouv.fr/dgse/tout-le-site/direction-des-operations. 36 Art. D3126-2 and 3 CDD.

Le Divelec

521

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:51 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

3. Military security service: Direction du renseignement et de la sécurité de la défense - DRSD 15

The DRSD is the intelligence service in charge of ensuring the security of personnel, sensitive information, equipment and installations supervised by the Ministère des Armées37. Its mandate is both internal – to protect military infrastructure located on the national territory – and external – to protect infrastructure during operations abroad.

4. Military intelligence service: Direction du renseignement militaire - DRM The DRM was created in 199238 to inform and assist the strategic decision-making of political and military authorities within the Ministère des Armées. Its functioning and organization is defined by decision (arrêté) taken by the Ministre des Armées39. It provides the necessary intelligence to the head of general staff for the development of military policy and the direction of military operations. 17 To fulfil its mission, the DRM collects intelligence and coordinates the actions of all military entities involved in military intelligence40. Additionally, its director assists and advises the Ministre des Armées on military intelligence41. 16

5. Customs intelligence service: Direction nationale du renseignement et des enquêtes douanières - DNRED The DNRED, created in 1988, is a specialised service of the direction générale des douanes et droits indirects (General directorate for customs and indirect taxes- DGDDI) under the Ministère de l’Action et des Comptes publics42. 19 Its mission is to fight against trafficking by dismantling organized crime cells specialised in weapons trade, drug trafficking and counterfeiting. Its competences, defined within the code des douanes (customs code), are limited to the national territory43. 20 The DNRED fights flows of counterfeits and conducts national and international anti-fraud investigations. It collects and processes intelligence and disseminates it to all custom services and their partners. It is the designated point of contact for foreign custom agencies for the exchange of intelligence and the coordination of international cooperation in this field. It has, for instance, privileged relations with Europol and OLAF44. 18

37 The DRSD was previsouly named direction de la protection et de la sécurité de la défense until the décret n° 2016-1337 du 7 octobre 2016 portant changement d’appellation de la direction de la protection et de la sécurité de la défense. See Art. D.3126-5 to D.3126-9 CDD. 38 Décret n° 92-523 du 16 juin 1992 portant création de la direction du renseignement militaire Now at Art. D.3126-10 to D.3126-14 CDD. 39 Arrêté du 30 mars 2016 portant organisation de la direction du renseignement militaire. 40 Patricia Adam, Délégation Parlementaire au Renseignement, Rapport relatif à l’activité de la délégation parlementaire au renseignement pour l’année 2016, p. 44 (Hereafter, DPR 2016 Report). 41 Ibid. 42 ‘La Direction Nationale Du Renseignement et Des Enquêtes Douanières’ accessed 4 November 2017. 43 Supra, O. De Maison Rouge, n. 25, p. 31. 44 CF2R, Direction nationale du renseignement et des enquêtes douanières, available at: https://www. cf2r.org/wp-content/uploads/2017/05/DNRED.pdf.

522

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:52 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

6. The Financial Intelligence Unit: Service “traitement du renseignement et action contre les circuits financiers clandestins”- Tracfin Tracfin is the specialized intelligence service governed by the Ministère des finances et des comptes publics. It fights illegal financial systems, money laundering and terrorism financing. Its mission is to collect and analyse information and to confirm suspicions raised by professionals from both the financial and non-financial sectors45. Tracfin’s operational arm is split into two departments and one division46: (1) The analysis department (department for the analysis of intelligence and information, DARI) is responsible for the first round of information and declaration analysis, the operational analysis of financial intelligence and the relations with professional and international organizations; (2) The investigation department (département d’enquêtes) conducts further investigations on relevant cases. (3) The counter-terrorism division (division de lutte contre le financement du terrorisme-DLFT) is responsible for all activities in the fight against terrorism financing. Flanking these internal departments, Tracfin is supported by a range of actors from other services. First, the pole juridique et judiciaire (legal and judicial hub) brings in legal expertise and support. This hub consists of three liaison officers from, respectively, the Police nationale, the gendarmerie Nationale and the Office central de répession de la grande délinquance financière47. Their task is to provide expertise and ensure the coordination with other pending cases in their services throughout the territory. Second, the mission des systèmes d’information (information systems hub) ensures the functioning and upgrading of all information systems used by Tracfin. Third, the cellule d’analyse stratégique (strategic analysis cell) analyses all available information to identify and study new trends in terrorism financing and money laundering. At the international level, Tracfin is linked with the 28 EU Financial Intelligence Units and 150 Financial Intelligence Units in the international sphere48.

45 Art. L.561-2 of the Code monétaire et financier as modified by Ordonnance n° 2016-1635 du 1er décembre 2016 renforçant le dispositif français de lutte contre le blanchiment et le financement du terrorisme transposing directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing. 46 The organisation of Tracfin was defined by the Décret n° 2011-28 du 7 janvier 2011 relatif à l’organisation et aux modalités de fonctionnement du service à compétence nationale TRACFIN. The operational structures are presented as such in the presentation document of Tracfin available at: https://www.economie.gouv.fr/files/tracfin_septembre2016_fr.pdf. 47 The Central Office for the repression of serious financial crimes (OCRGDF) is in charge of fighting money laundering, terrorism financing and fraud. Its central role is to coordinate police and gendarmerie actions, to investigate suspect behaviour transferred by TRACFIN and to cooperate with Europol and Interpol in these matters. 48 For further details see European Parliament, Fighting tax crimes Cooperation between Financial Intelligence Unit, Manuscripts completed in March 2017. Brussels, European Union, 2017.

Le Divelec

523

21

22

23

24

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:53 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

Table 1: Budget and Personnel Strength of the “premier cercle” services49 Personnel in 2016

Spending for 2017 (in million Euro)51

DGSE

5 094

669.82

DGSI52

3500

200

DRM

1 579

191.75

DRSD

1 052

119.08

DNRED

739

6.16

TRACFIN

92

14.90

II. The “second cercle”: Intelligence outside the IC The “second cercle” services are the law enforcement authorities authorized to use intelligence collection techniques which are not part of the Intelligence Community53. Today, more than 20 different services across police, gendarmerie54 and the penitentiary have been integrated into the “second cercle”. While “premier cercle” services can use all intelligence collection techniques encompassed in the law of 2015, the “second cercle” services have strictly limited access to selected techniques55. The relevant services under the authority of the Ministère de l’Intérieur, Ministère des Armées and Ministère de la Justice have been defined by décret56. Each décret introduced the purposes for which an individual service can have recourse to a given technique. 26 These décrets allow such services outside the intelligence community to have recourse to certain techniques for limited purposes based on their respective mandate, the material means at their disposal, and their territorial competences57. 25

49

Supra DPR 2016 Report n. 140, p. 29. These excludes the allocation of fonds spéciaux described hereunder. See infra mn. 76 and Table 3. 52 Due to the architecture of the National Police’s budget, precise numbers are difficult to find. See Astrid de Villaines, Renseignement français : des compétences très complémentaires, 26 march 2016, La Chaîne Parlementaire Assemblée nationale, available at http://www.lcp.fr/actualites/renseignement-francais-des-competences-tres-complementaires. 53 Premier Rapport d’activité 2015/2016, Commission Nationale de contrôle des techniques de renseignement- Here after “ CNCTR Report “, p. 32. 54 Supra, n. 9, Chopin, p. 543. The Gendarmerie plays a central role in ensuring the territorial security (about 80 % of the national territory is under its jurisdiction). Members of the Gendarmerie have a ‘general surveillance mission’ (mission de surveillance générale) but are nevertheless excluded from the IC. 55 Art. 811-2 CSI. 56 Décret n° 2015-1639 du 11 décembre 2015 relatif à la désignation des services autres que les services spécialisés de renseignement, autorisés à recourir aux techniques mentionnées au titre V du livre VIII du code de la sécurité intérieure, pris en application de l’article L. 811-4 du code de la sécurité intérieure. Décret n° 2017-36 du 16 janvier 2017 relatif à la désignation des services relevant du ministère de la justice, autorisés à recourir aux techniques mentionnées au titre V du livre VIII du code de la sécurité intérieure, pris en application de l’article L. 811-4 du code de la sécurité intérieure. 57 Supra, CNCTR Report, n. 53, p. 36. 51

524

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:53 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

C. Coordination and information exchange To ensure the proper flow of information and the coordination of intelligence 27 activities, the law on intelligence reshaped the coordination bodies competent in intelligence matters (I) and tried to ensure a greater exchange of information (II).

I. Coordination bodies Four bodies advise and assist the Président and the Prime Minister in the orientation 28 and coordination of intelligence activities in France.

1. Strategy Coordination: Conseil national du renseignement et lutte contre le terrorisme - CNRCT Replacing the former Comité interministériel du Renseignement, the Conseil national du renseignement (National Intelligence Council-CNR) has since 2008 been a special body of the Conseil de défense et de sécurité nationale58. It defines the strategies and priorities pertaining to intelligence and distributes human and technical resources amongst the intelligence agencies. The Conseil is composed of: (1) The Président de la République as its president; (2) The Prime Minister; (3) The Ministers concerned by the ordre du jour; (4) The Directors of the “premier cercle” services as required by the ordre du jour; (5) The coordonnateur national du renseignement (national intelligence coordinator). Created in 200959, the coordonnateur national du renseignement (national intelligence coordinator)60 advises the President on all intelligence matters. He or she shares all relevant intelligence produced by the services with the President, the Prime Minister as well as with the CNRCT61. The coordonnateur also prepares all CNRCT meetings and ensures the implementation of its decisions. He is supported by a team from the coordination nationale du renseignement. He oversees the effective coordination and cooperation between the individual intelligence services62. As guarantor of the coherence and the effectiveness of the specialised intelligence services’ actions, the coordonnateur has a key role in guaranteeing smooth coordination and cooperation between them. He provides the Président de la République with a daily summary of intelligence produced by the intelligence services. He also forwards any requests by the intelligence services (e. g. regarding budget, workforce etc.). 58 Interministerial committee having for object to shape the objectives and coordinate the security and defence policies. 59 Décret n° 2009-1657 du 24 décembre 2009 relatif au conseil de défense et de sécurité nationale et au secrétariat général de la défense et de la sécurité nationale. 60 The current coordinator is Pierre de Bousquet de Florian who was nominated by the Président by the Décret du 22 juin 2017 portant nomination du coordonnateur national du renseignement et de la lutte contre le terrorisme. 61 Rapport parlementaire, Compte rendu de la Commission de la défense nationale et des forces armées, compte-rendu n° 47, 2013 available at http://www.assemblee-nationale.fr/14/pdf/cr-cdef/12-13/ c1213047.pdf as accessed on the 20th of November 2017. 62 Art. R. 1122-8 CDD.

Le Divelec

525

29

30

31

32

33

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:54 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

In June 2017, the Conseil national du renseignement became the Conseil national du renseignement et de la lutte contre le terrorisme while the coordonnateur national du renseignement became coordonnateur national du renseignement et de la lutte contre le terrorisme63. In addition, the centre national de contre-terrorisme was created within the CNRCT to analyse threats and develop strategies in the fight against terrorism64. 35 The tasks of the coordonnateur with regard to the fight against terrorism have been expanded: They now include the smooth coordination and cooperation between both “premier cercle” and “second cercle” services in the fight against terrorism65. To ensure this coordination, he/she oversees the sharing of information between all ministries involved in intelligence activities. 36 The coordonnateur is the main point of contact between the directors of the intelligence services, the Président and Prime Minister. He proposes to the Président the objectives and priorities to be indicated to the services. At the international and European level, he, together with the President and the Prime Minister, coordinates and develops initiatives regarding international cooperation in the fight against terrorism66. 34

2. Support to the Prime Minister: Secrétariat général de la défense et de la sécurité nationale - SGSDN Created in 2010 in its current form, the Secrétariat général de la défense et de la sécurité nationale (general secretariat for national security and defence-SGDSN) supports the Prime Minister in the exercise of his/her responsibility for national security and defence67. Thus, the SGDSN drafts the national intelligence direction plan (Plan national d’orientation du renseignement) based on the national intelligence strategy (stratégie nationale du renseignement) written by the CNRCT68. 38 The SGSDN also coordinates and manages several working groups involving several ministries by: (1) Acting as a secretary for the conseil de défense et de sécurité nationale ; (2) Hosting and coordinating inter-ministerial cooperation related to defence, national security and related policies; (3) Monitoring any crisis involving security issues; (4) Developing and implementing the necessary measures to protect the secrecy of national defence related matters; (5) Adapting the legal framework of intelligence services’ activities with the support of the coordonateur and ensuring the organization of inter-ministerial groups on intelligence matters; (6) Developing and implementing the inter-ministerial planning of defence and national security matters; 39 Further than these political missions, the SGSDN plays a role in the protection of national interests by: (1) Providing and ensuring the functioning of secured communication networks for the President and the government necessary for national security and defence matters; (2) Developing and implementing the governmental policy regarding information systems’ security; 37

63

Décret, see supra, n. 13. Art. R. 1122-8-2. 65 Art. R*1128-8 CDD. 66 Art. R*1122-8-1 CDD. 67 Art.R*1132-3 CDD. 68 Supra, n. 9, O. Chopin p. 544 and Rapport n° 423 (2015–2016) de M. Jean-Pierre Raffarin, fait au nom de la délégation parlementaire au renseignement, déposé le 25 février 2016, p. 92. 64

526

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:54 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

(3) Ensuring the coherence of actions undertaken in the field of scientific research policies and technology projects pertaining to national security and defence matters69; (4) Controlling the export of weapons and sensitive technologies70; Following the adoption of the décret on the CNRCT in June 2017, the SGSDN now 40 accompanies the coordonnateur during her/his activity report in front of the conseil de la defense et de sécurité nationale. It is supported by the agence nationale de la sécurité des systèmes d’information (National Cybersecurity Agency -ANSSI), formally attached to the SGDSN, which is in charge of fostering a coordinated, ambitious, pro-active response to cybersecurity issues in France.71

3. Request management: Groupement interministériel de contrôle - GIC The groupement interministériel de contrôle (inter-ministerial control group) plays a central role in the authorisation process and implementation of intelligence collection techniques. Under the supervision of the Prime Minister, it is responsible for registering all requests for and authorisations of implementation of intelligence collection techniques (including against international communication)72 . The GIC is the point of contact between intelligence services and network operators or internet service providers to collect the metadata when authorised by the Prime Minister. Similarly, it carries out the geolocation in real-time and the security interception73 of communications when authorised by the Prime Minister74. Thus, it collects the intelligence and puts it at the disposal of the authorised service, the CNCTR and the Prime Minister75. Furthermore as a service of the Prime Minister, the GIC contributes to the Prime Minister’s duty of ensuring the centralisation of all intelligence collected through other means and the traceability of the implementation of intelligence techniques76. These missions were added following a suggestion made by the CNCTR in its first report77. The CNCTR highlighted the crucial nature of these two missions for ensuring the effectiveness of the oversight of intelligence activities and affirmed the central role of the GIC in this process. In the context of requests filed by individuals for the verification of the use of intelligence collection techniques against themselves, the GIC also ensures the defence of the Prime Minister during proceedings in front of the Conseil d’État.78 The group is headed by a director nominated by the Prime Minister. The GIC has at his disposal the necessary means to achieve its missions. Issues of budget and personnel are dealt with by the SGSDN79.

69

Art.R*1132-3 CDD. Article D1132-4 CDD. 71 See the official English Webpage: http://www.ssi.gouv.fr/en/mission/word-from-director-general/, accessed on the 1st of March 2017. 72 Décret n° 2016-67 du 29 janvier 2016 relatif aux techniques de recueil de renseignement. 73 Interceptions de sécurité is a category encompassing all intelligence collection techniques targeting the content of communications. 74 See infra mn. 97. 75 Supra, CNCTR Report, n. 53, p. 77. 76 Supra, n. 72. 77 Supra, CNCTR Report n. 53, p. 131. 78 See infra, mn. 61 and 109. 79 Art. D.823-3 CSI. 70

Le Divelec

527

41

42

43

44

45

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:55 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

4. Community building through education and training: L’académie du renseignement The académie du renseignement (intelligence academy) was created in 2010 to contribute to the training of intelligence services’ personnel, to strengthen the links within the intelligence community and to diffuse a common “intelligence culture”80. Under the authority of the Prime Minister, the académie81: (1) Develops, organises and implements initial and further training for intelligence personnel; (2) Encourages the cooperation between services in terms of training and; (3) Takes part in the organisation of public awareness campaigns concerning intelligence activities; 47 The académie is headed by a Director nominated by the Prime Minister who exercises his/her authority on all personnel of the académie82. He/she presents a yearly assessment to the Prime Minister.83 The objectives of the academy and the results are assessed twice a year by a special committee (comité d’orientation et d’évaluation) presided over by the coordonnateur which includes a representative of the Prime Minister, the directors of the intelligence services (or their representatives) and the director of the académie84. 46

II. Exchange of information The law of 2015 addressed the exchange of information within and beyond national borders through various measures. 49 At the national level, the Prime Minister organises and oversees the centralisation and fusion of intelligence to ensure both information exchange between services and the effective oversight of the CNCTR. Second, Art. 863-2 CSI expressly encourages members of “premier cercle” and “second cercle” services to exchange all useful data for the completion of their missions. This invitation to share any useful information (following a request or of their own initiative) pertinent to the services’ missions is extended to all autorités administratives85 (public bodies such as state administrations, territorial administration and social security bodies). Art. L863-2 CSI stipulates that the modalities and conditions applicable to these exchanges are to be defined by décret86. 50 The law of 2015 addresses requests for judicial assistance filed by foreign judicial authorities. If a request concerns acts linked or susceptibly linked with a mission fulfilled by “premier cercle” services outside the national territory, the following procedure applies87: 48

80

Décret n° 2010-800 du 13 juillet 2010 portant création de l’académie du renseignement. Ibid. Art. 2. 82 Art. 3 Décret n° 2010-800 du 13 juillet 2010 portant création de l’académie du renseignement. 83 Ibid. 84 Ibid. Art. 5. 85 The definition of the authorités administratives concerned by that measure are listed at art. 1 of the Ordonnance n° 2005-1516 du 8 décembre 2005 relative aux échanges électroniques entre les usagers et les autorités administratives et entre les autorités administratives. 86 As of 2017, no décret has yet been adopted. 87 Art. 694-4-1 of the code de procedure pénale. 81

528

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:56 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

Diagram 3: Procedure regarding requests for judicial assistance pertaining to intelligence services’ activities Foreign judicial authority

Files a request for judicial assistance

French judicial authority Forwards the request Asks for an opinion on the transmission of the informaon

Ministre de la Jusce

Parent Ministry of the intelligence service

Gives an opinion within a month on whether the transfer of informaon could pose a threat to the Naon’s interests Informs whether the requested might be wholly or parally granted

Foreign judicial authority

D. Oversight of intelligence policy and activities Oversight of the activities of the intelligence service’s takes place at three different 51 levels. The use of intelligence collection techniques is monitored by the CNCTR (1), while their overall activity and use of the budget is controlled by the DPR (2) and the inspection des services de renseignement (3).

I. Oversight committee: Commission nationale de contrôle des techniques de renseignement The Commission nationale de contrôle des techniques de renseignement (CNCTR)88 52 carries out an external administrative control on the use of surveillance measures. It is an autorité administrative indépendante89 (independent administrative authority-AAI90) and therefore receives no instructions from any authority91. The CNCTR is composed of nine members92: 53 (1) Two members of the Conseil d’État (supreme administrative court) nominated by its vice-president; (2) Two members of the Cour de cassation (supreme civil court) nominated by both its president (premier president) and the chief prosecutor (procureur général) at the Cour de Cassation; 88

Replacing the Commission nationale de contrôle des interceptions de sécurité (CNCIS). Art. 831-1 CDD. 90 Under French law, an AAI is a state institution in charge of ensuring the regulation of specific sectors considered being essentials for the functioning of the state and for which the Government wishes to avoid intervening directly. Since the first appearance of the term in the law of the 6th of January 1978 (which created the Commission nationale de l’informatique et des libertés), the AAI is therefore a unique legal category of institution due to the lack of supervision by any ministerial hierarchy. 91 Art. 832-1 CDD. 92 Art.L831-1 CSI. 89

Le Divelec

529

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:56 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

54

55

56

57

(3) A qualified individual based on his/her knowledge on pertinent matters such as electronic communications and nominated after a proposal by the Autorité de regulation des communications électroniques et des postes93; (4) Two members of the Parliament and two members of the Senate nominated by their respective Chambers for the duration of their mandate. Apart from the members of the Parliament and of the Senate, the members of the CNCTR are nominated for six years. The mandate cannot be renewed94. A turnover of half of the members from the Conseil d’État and the Cour de Cassation is organized every three years. The CNCTR gives ex-ante opinions on the use of intelligence collection measures95, controls the implementation of these measures after authorisation96, gives observations97, recommendations98 and publishes a yearly report of its activities99. The CNCTR has access to all data collected from the authorisation to the execution of an intelligence collection technique as well as information on the data collected, its storage and its deletion100. The CNCTR, finally, can also give opinions on the suspension of measures, deletion of data and refer the matter to the Conseil d’État if its advice is ignored on a given case or is considered serious enough to require judicial review101. Most importantly perhaps, the CNCTR is the privileged addressee of individuals’ complaints102. The CNCTR plays a complementary role with the Commission nationale de l’informatique et des libertés103 (CNIL) in the oversight of intelligence services. While the CNCTR assesses the legality of the intelligence collection techniques against individuals, the CNIL oversees the legality of data storage within the services’ databases104.

1. The CNCTR in practice a) Ex-ante opinion 58 Every intelligence collection technique is subject to an opinion of the CNCTR105. To ensure the efficiency of this a priori control, every parent Ministry of a service wishing to use intelligence collection techniques should notify the Prime Minister (through the GIC) by submitting a request containing the following elements106: (1) The requested intelligence collection technique; (2) The service requesting the authorisation; (3) The purpose of the request107; (4) The motives of the request108; 93

The AAI in charge of regulating telecommunications in France. Art. 831-1 CDD. Ibid. Art. L821-1. 96 Ibid. Art. L833-4. 97 Art. L. 833-10 CSI. 98 Art. L833-6 CSI. 99 Art. 833-3 CSI. 100 Art. 833-2 CSI. 101 L833-8 CSI. 102 See infra, mn. 60. 103 The CNIL is the French data protection authority, part of the Art. 29 WP. It is an autorité administrative indépendante in charge notably of receiving and processing individual complaints regarding their presence on the national databases including the ones of the services of “premier cercle”. 104 Art. 26 de la loi du 6 janvier 1978 relative à l’informatique, aux fichiers et aux libertés. See infra, mn. 111. 105 Except in case of emergency see infra mn. 118. 106 Art. 821-2 CSI. 107 E. g. terrorism prevention or the defence of the national independence. See infra mn. 92. 108 I.e. Why is this specific measure pertinent to pursue the indicated purpose. 94 95

530

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:57 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

(5) The duration of the authorisation; (6) The targeted individual (and/or device where relevant). Following the transmission of the request by the GIC, the CNCTR has 24 or 72 hours to assess the request and forward its opinion. Should this delay not be respected, the CNCTR is considered as having given a positive opinion109. In any case, the ultimate decision remains in the hands of the Prime Minister, who can decide not to follow the opinion of the CNCTR. The period to deliver an opinion depends on the nature of the request110. If an 59 opinion can be delivered by one member of the CNCTR, the period is of 24 hours. If the technique concerned or the complexity of the case require the CNCTR to sit in an ad hoc formation, the period is extended111. An opinion can be delivered by: (1) The President or one of the members of the Conseil d’État or the Cour de Cassation112; (2) In specific cases by: • The plenary formation composed of all members if at least four members are present to deliberate113; • The restricted formation composed of the members of the Conseil d’État and the qualified individual if at least 3 members are present to deliberate114. 115. Table 2: Ad hoc formation of the CNCTR required by law115 Object/subject of the request

Formation

Timeframe

Legal Basis

Request concerning protected professions (journalist, lawyer, judge or member of parliament)116

Plenary (No emergency procedure allowed117)

72 hours

Art. 821-7 CSI

Intrusion into private property and vehicles118

Restricted or Plenary

72 hours

Art. 853-3 CSI

New or serious question

Restricted or Plenary

72 hours

Art. 832-3 CSI

All other requests

Opinion delivered by the President or one member of the Conseil d’État or Cour de Cassation

24 hours

Art. 832-3 CSI

109

Art. 821-3 CSI. Supra, CNCTR Report, n. 53 p. 57. 111 Ibid, p. 52–53. 112 Art. L832-3 CSI. However, when the President or member of the Conseil d’État or the Cour de Cassation have a doubt as to the validity of the request, he/she is entitled to require the request to be deliberated in the plenary or restricted formation. 113 Ibid. 114 Ibid. 115 Source F. Le Divelec. 116 Pursuant to art. 821-7 CSI, individuals exercising these professions shall not be the object of intelligence techniques due to their mandate or profession. Yet, this exemption is not absolute and requires therefore a strict control of the CNCTR. The actual regime applicable to protection professions is the object of a pending request in front of the ECHR. See infra, mn. 137. 117 See infra, mn. 118. 118 See infra, Table 5. 110

Le Divelec

531

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:58 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

Request by the service through the parent Ministry GIC

CNCTR’s opinion Within 24/72 hours

Prime Minister

60

Authorises the implementaon of the technique

Diagram 4: Authorization process for Intelligence Collection Technique119

b) Individual complaints When individuals request an assessment of the existence and legality of intelligence collection techniques against themselves from the CNCTR, they will only be notified that the verification has been completed but will not receive positive or negative confirmation about their existence120. However, if an illegal use of an intelligence collection technique is noticed, the CNCTR will recommend the Prime Minister, the Minister responsible for the concerned intelligence service and the service itself to terminate the measure and destroy any data collected121. Following this notification, should the recommendation not be followed, the President or three members of the CNCTR can refer the matter to the Conseil d’État.

c) Referral to the Conseil d’Etat If the Prime Minister does not follow the CNCTR’s opinion or does not do so sufficiently, the CNCTR’s president or three of its members can file a complaint before the Conseil d’État to assess the legality of the authorisation122. 62 Similarly, the president or three members can refer the matter to the Conseil d’État if the Prime Minister does not adequately take into consideration the CNCTR’s recommendation to terminate an intelligence collection technique and/or to destroy the collected intelligence. This referral can be triggered by an individual complaint or during the control of an authorisation delivered prior to the control of the CNCTR123. 63 According to the first CNCTR report, as of December 2015, no request has been made to the Conseil D’État regarding these procedures124 nor had the Prime Minister given an authorisation after a negative opinion of the CNCTR.125 61

64

d) Surveillance of International Communications The CNCTR monitors the use of intelligence collection techniques against international communication on an ex-post basis. This control was not part of the original tasks of the CNCTR and was only introduced after the provisions on international 119

Source F. Le Divelec. Following a decision taken in November 2017, the CNCTR refused to grant access to the content of its opinions considering them as covered by the secret défense. See Next Impact, Données de connexion : les avis de la CNCTR classés secret-défense, available at: https://www.nextinpact.com/news/105617-donnees-connexion-avis-cnctr-classes-secret-defense.htm accessed on the 16th of November 2017. 121 Art. 833-4 and 6 CSI. 122 Ibid. 123 See infra, mn. 118. 124 Supra, CNCTR Report, n. 53, p. 94. 125 Ibid. p. 66. 120

532

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:58 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

communications in the intelligence law had been annulled by the Conseil constitutionnel in 2015126. Regarding the use of intelligence collection techniques against international communications127, the CNCTR has permanent, complete and direct access to any authorisation, the intelligence collected, the transcripts or extractions and all data destruction reports. On request, the CNCTR can also carry out a control of the technical means implemented for the authorised surveillance of international communication128. Any data collected on communications linked with the national territory must be destroyed except where: i) The individual is communicating from abroad and; ii) The individual was the object of: – An authorisation for security interception129 according to Art. 852-1 CSI at the time he left the national territory; or – Has been identified as a threat to the fundamental interests of the nation.130 Of its own accord or on request by an individual, the CNCTR can verify that no intelligence collection technique has been illegally implemented against the said individual. The CNCTR then notifies the plaintiff that it has verified the legality of all measures without revealing whether he/she was the subject of a measure131. If the CNCTR notices a violation, it recommends the Prime Minister to interrupt the measure and to destroy any data collected. If the CNCTR considers that its recommendations have been ignored or insufficiently followed, the president of the CNCTR or three of its members can refer the matter to the Conseil d’État. According to its first report, the CNTR has carried out two controls per month since the entry into force of the law on international communication and has not notified any violation132. Although the CNCTR is responsible for the ex-post control of implemented measures, the Prime Minister in 2016 requested that an a priori control be set up. This control has been tested since May 2016133.

65

66

67

68

69

e) Duty of honest cooperation Ministers, public authorities and public officials must take all necessary measures to 70 facilitate the work of the CNCTR134. A fine of up to one-year imprisonment and 15 000 € can be given in the following situations: (7) Refusal to transfer, concealment or destruction of documents and information requested by the CNCTR; (8) Transmission of transcripts or extracts inconsistent with the content of the actual information collected; (9) Obstructing of the mission of the CNCTR and its members or staff.

126

See infra, mn. 126. Ibid. 128 Art. 854-9 CSI. 129 See infra Table 5(a). 130 I.e. all purposes listed at Art. 811-3 CSI. Art. 854-9 CSI states that in this situation the identity of the individual shall be immediately communicated to the CNTR. 131 Art. L. 854-9 CSI. 132 Supra, CNCTR Report, n. 53, p. 82. 133 Ibid, p. 46. This test phase was originally designed to be applied for a year but was extended in March 2017. See Fundamental Rights Agency, Surveillance by intelligence services: fundamental rights safeguards and remedies in the EU – Volume II: field perspectives and legal update (Hereafter FRA Report). 134 Art. 833-3 CSI. 127

Le Divelec

533

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:11:59 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

2. Annual activity report The CNCTR publishes an annual report on all activities monitored during that year135. Although this report cannot provide information covered by the national defence seal nor reveal any procedures or operational methods used by the intelligence services136, it provides useful information about the use of the techniques provided for by law. 72 For instance, according to the first report, between October 2015 and 2016 more than 20 000 individuals were the subject of intelligence collection techniques137. The implementation of these techniques followed more than 7 000 requests introduced by the services138. According to this same report, more than 47 % of individuals were kept under surveillance for the prevention of terrorism (9 624 individuals) and less than 30 % for the prevention of organised crime or collective violence representing a serious threat to public security (5 848 individuals).139 71

II. Parliamentary oversight 73

A two-level parliamentary oversight mechanism has been created with a specific budget commission (1) and a parliamentary committee on intelligence (2).

1. Budgetary oversight: Commission de vérification des fonds spéciaux- CVFS It is difficult to evaluate intelligence services’ budgets in France, as the information available is limited and scattered, and the overall budget architecture is highly complex140. The DGSI’s budget is not, for instance, clearly indicated in public documents. The DGSE’s budget, on the other hand, is included in the budget of the Ministère des Armées and is thus more accessible141. 75 Every member of the intelligence community is provided with a budget by the ministry to which they are attached. Additionally, the services benefit from special funds (fonds spéciaux) for the covert actions linked to the internal and external security of the State142. In 2013 and 2014, these fonds spéciaux were almost exclusively dedicated to actions carried out by the DGSE143. 74

135 Art. 833-9 CSI. The first report was released in the end of 2015 in the shape of a comprehensive report providing a vast amount of statistical data and comments see supra, CNCTR Report, fn. 53. 136 Art. 833-9 CSI. 137 Supra, CNCTR Report, n. 53, p. 73. 138 Ibid, p. 72. 139 Ibid. 140 France : quel budget pour les services ? in Le renseignement dans tous ses états, L’ENA hors les murs, juin 2014, n° 442. 141 Ibid. See for instance the DPR 2016 report where the budget lines of all members of the intelligence community was indicated since 2013 at the exception of the DGSI. Supra DPR 2016 Report n. 40, p. 28. 142 See Sénat, Projet de loi de finances pour 2017, Direction de l’action du Gouvernement : coordination du travail gouvernemental. For the year 2017, the budgetary envelope of the special funds was of 67.8 million euro. 143 Supra, ENA, n. 140.

534

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:00 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

Table 3: Budget per specialised intelligence service (in million euro)144 Budget 2013

2014

2015

2016

2017

Special funds in 2013/2014

DGSE144

641.24

654.81

672.50

711.63

669.82

58.7

DGSI

***

***

***

***

***

0.8

DRM

156.27

160.06

168.82

172.65

191.75

0.06

DRSD

96.48

95.06

98.32

105.61

119.08

0.08

DNRED

65.09

64.42

65.02

68.76

6.16

0.015

TRACFIN

7.14

7.44

10.26

13.66

14.90

0.02

The CVFS conducts an a posteriori control of the use of the special funds145. 76 Reformed in 2013 by the loi de programmation militaire146, the commission became a special body of the parliamentary delegation on intelligence (see infra). Nevertheless, its missions remain the same, i. e. to verify that the use of the special funds is compliant with the law applicable to public finances147. This control does not encompass the evaluation of the actions committed based on 77 this budget. Rather, the commission is entitled to have access to any documents, elements and reports justifying the spending and the use of the corresponding funds to examine the services’ activities148. If necessary, its members can travel abroad to check the use of the funds outside of the national border149.

2. Parliamentary delegation on intelligence: Délégation parlementaire au renseignement- DPR The DPR was created in 2007 to control intelligence activities. Originally competent 78 to monitor the activities of specialised intelligence services, its mandate was enlarged in 2013150 to control governmental intelligence activities and to evaluate its intelligence policy. The 2015 law on intelligence extended this mission to intelligence activities carried out by the services of “second cercle”151. 144

Supra, DPR 2016 Report, n. 40, p. 28 and for the special funds see supra, ENA, n. 140. See Sénateur M. Serge Vinçon, Avis présenté au nom de la commission des Affaires étrangères, de la défense et des forces armées (1) sur le projet de loi portant création d’une délégation parlementaire pour le renseignement, 20 Juin 2007. 146 In the french system, the loi de programmation militaire is a law aimed at laying down the schedule of State funding in military matters for a given period. Loi n° 2013-1168 du 18 décembre 2013 relative à la programmation militaire pour les années 2014 à 2019 et portant diverses dispositions concernant la défense et la sécurité nationale creating the art. 6 nonnies-VII of the ordonnance n° 58-1100 du 17 novembre 1958 relative au fonctionnement des assemblées parlementaires. 147 J.P. Raffarin, supra, n. 68 p. 102. 148 Article 154 of the Loi n° 2001-1275 du 28 décembre 2001 de finances pour 2002 as amended by article 13 de la loi n° 2013-1168 du 18 décembre 2013 relative à la programmation militaire pour les années 2014 à 2019 et portant diverses dispositions concernant la défense et la sécurité nationale. 149 For instance, the members carried out a control in the neighbouring countries of Iraq and Syria in 2015. See supra, n. 68 Raffarin, p. 114. 150 Supra, n. 146. 151 Art. 6 nonies-I-4, ordonnance n° 58-1100 du 17 Novembre 1958 relative au fonctionnement des assemblées parlementaire. 145

Le Divelec

535

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:00 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

To fulfil this task and the budgetary control entrusted to the CVFS, the delegation is composed of152: (1) Two members of the Assemblée Nationale for the duration of their mandate and two members of the Sénat designated for 3 years after each partial renewal of the Senate’s members. Both are nominated by their respective Presidents of Chamber to ensure a pluralist political representation. (2) The four presidents of the commissions in charge of defence matters153 and internal security (the so-called commission des lois). 80 In the conduct of its mission, the DPR is granted access to any useful information including154: (1) The national intelligence strategy; (2) Information from the national intelligence orientation plan; (3) Exhaustive budget reports of “premier” and “second cercle” services; (4) Information on the organization and activities of these services; (5) Observations made by the CNCTR to the Prime Minister and statistical data on each intelligence collection technique from the CNCTR report; (6) Observations made by the CNCTR regarding the interception of radio transmissions155. 81 The delegation can interview most intelligence actors156: (1) The Prime Minister; (2) The ministers dealing with intelligence matters; (3) The SGDSN; (4) The coordonnateur; (5) The director of the académie du renseignement; (6) The directors of intelligence agencies; (7) Any other director of the national administration having knowledge of intelligence activities; (8) The president of the CNCTR; (9) The President of the Commission du secret de la défense nationale157. 82 The DPR can also ask the Prime Minister for the communication of part or all the report written by the inspection des services de renseignements158. Information on ongoing operations are excluded from its control along with information on exchanges with foreign services or international organizations competent in the field of intelligence159. Additionally, members of the committee are not allowed to access information that could jeopardize the anonymity, security or life of an individual nor any information dealing with the operational methods of intelligence collection160. The work of the 79

152 As highlighted above, the CVFS is now encompassed within the DPR. Its members are therefore the same. Supra, n. 146, Art. 6 nonies-II. 153 For the Sénat the Président de la commission des affaires étrangères et de la défense and for the Assemblée Nationale the Président de la commission de la défense. 154 Supra n. 146. 155 The Loi du 30 Octobre 2017 renforçant la sécurité intérieure et la lutte contre le terrorisme (1) modified the list of documents that shall be communicated regarding the surveillance of radio transmissions. On this law, see infra mn. 132. 156 Supra n. 146. 157 The independent authority in charge of giving opinions on the declassification of classified information pertaining to defence matters. 158 See infra, mn. 85. 159 Supra n. 146. 160 Ibid.

536

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:01 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

DPR is covered by the secret de la défense nationale and its members are bound to respect the secret status of any information accessed during the conduct of their mission161. The DPR publishes an annual public report summarizing its assessments of govern- 83 ment actions and public policy regarding intelligence activities. This report cannot contain any classified information but can contain observations and recommendations addressed to the Président de la République and the Prime Minister162. According to the DPR report published in March 2017163, 23 meetings took place in 2016. The DPR highlighted that 84.5 % of its recommendations were considered by the executive in 2014 and 2015. Nevertheless, the DPR stressed that very few recommendations on the conduct of the public policy on intelligence had been considered164.

III. The inspection of intelligence services: L’inspection des services de renseignement The inspection des services de renseignement was created in 2014 under the authority of the Prime Minister to control, audit and advise the specialised intelligence agencies and the académie du renseignement165. This inspection body is composed of members nominated by the Prime Minister- on recommendation of the coordonnateur- among civil servants entitled to access très Secret-Défense information (highest classification level). The members are chosen from the personnel of four different inspection and control bodies: l’inspection générale des finances (finance inspection); l’inspection générale de l’administration (administration inspection); le contrôle général des armées (army inspection); and le conseil général de l’économie, de l’industrie, de l’énergie et des technologies (General council on economy, industry, energy and technologies)166. To compensate for the absence of a specialised inspection body per se, a general secretary for intelligence services’ inspection was created in 2016167. The Prime Minister chooses the secretary from the inspection members. The secretary, who is appointed for two years, proposes to the Prime Minister a program of inspection, the team and head of mission for each inspection. Both the nomination of the secretary and the program of inspection are the object of a non-binding opinion given by the CNCTR. While carrying out their missions, the members of the inspection team have access to all installations, information and documents necessary to carry out their mission. They report their findings to the Prime Minister, the parent ministers of the intelligence services concerned and the coordonnateur. The objective of these missions is to ensure the legality and the respect of the code of ethics by the services and to ensure the conformity of their actions with the orientation

161

Ibid. Ibid. 163 Supra, DPR 2016 Report, n. 40. 164 Ibid. 165 Décret n° 2014-833 du 24 juillet 2014 relatif à l’inspection des services de renseignement. 166 Ibid, Art. 3. 167 Décret n° 2016-926 du 7 juillet 2016 instituant un secrétaire général de l’inspection des services de renseignement This followed a recommendation formulated by the DPR in its 2014 Activity report. See: Délégation Parlementaire au Renseignement, Rapport relatif à l’activité de la délégation parlementaire au renseignement pour l’année 2014, p. 72, available at: http://www.assemblee-nationale.fr/14/rap-off/i2482.asp. 162

Le Divelec

537

84

85

86

87

88

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:01 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

set up by the CNCTR168. The inspection can also assess whether the service’s budget is allocated properly169.

E. The Law on Intelligence 89

This section explains which intelligence collection technique may be used by whom and for which purpose (I). It then analyses issues of data storage (II) before listing the rights of individuals (III). An overview of the derogative regimes (IV) concludes this section.

I. The use of intelligence collection techniques 90

The law on intelligence sets the guiding principles according to which only a limited number of services (1) can for a specific purpose (2) implement an intelligence collection technique (3).

1. Services authorized to use intelligence collection techniques 91

According to the law on intelligence, only specialised intelligence services (“premier cercle”) can have recourse to intelligence collection techniques170. Yet, “second cercle” services can have recourse to certain techniques for specific purposes171.

2. Purposes for the use of intelligence collection techniques Services of “premier” and “second cercle” must state the specific purpose for which they intend to use a given technique. Article L.811-3 CSI lists the following purposes: – N° 1: National independence, territorial integrity and national defence – N° 2: Major foreign policy interests, fulfilment of European and international commitments and prevention of any form of foreign intrusion; – N° 3: Major economic, industrial and scientific interests; – N° 4: Terrorism prevention; – N° 5: Prevention of: xviii. Threat to the republican nature of the institutions; xix. Actions aimed at maintaining or reconstituting combat groups or private militias; xx. Collective violence representing a serious threat to public security; – N° 6: Prevention of organized crime; – N° 7: Prevention of the proliferation of weapons of mass destruction. 93 While “premier cercle” services can use intelligence collection techniques for all listed purposes, this is not the case for “second cercle” services. The table hereunder summarizes the permissible purposes for “second cercle” services depending on their parent Ministry.172 92

168

Supra, mn. 29. Supra, CNCTR Report, n. 53, p. 25. 170 Supra mn. 25. On the dichotomy “premier” and “second cercle” see supra mn. 6. 171 Art. L.811-4 CSI. 172 Here is summarised the sum of purposes that could justify an action by the concerned services depending on each parent Ministries. Not all services have access to intelligence techniques for all these 169

538

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:02 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

Table 4: Permissable purposes for “second cercle” services by parent Ministry173 Parent Ministry

Ministère de la

Purpose of the action (as listed above)173 N° 1

N° 2

N° 3

N° 4

N° 5

N° 6

N° 7

?

?

?

?

?

?

?

Justice174

Ministère de l’Economie Ministère des Armées175 Ministère de l’Intérieur176

3. Intelligence collection techniques and other means available to the members of the IC The 2015 law on intelligence authorized intelligence services to use new intelligence 94 collection techniques methods and such that had hitherto been limited to judicial proceedings177. The techniques are individually described by Art. 851-1 to 853-3 CSI. The two laws legalised two categories of measures available to “premier cercle” and 95 “second cercle” services. Intelligence collection techniques have been provided by law (mn. 96). The law on intelligence created a derogatory regime regarding other measures or behaviour otherwise prohibited by law (mn. 98). a) Intelligence collection techniques The fourteen intelligence collection techniques now provided by law are depicted in 96 the table below. Though different procedures are applicable178, the procedural “architecture” depicted in this chapter remains applicable to all of them.

purposes. However, considering the numerous amount of individual services which can have access to these techniques, this work would be unreadable if each service was to be individually described. Article R811-2 CSI contains each individual service and the purpose that can justify access to the allowed techniques. 173 Source F. Le Divelec based on Art. R811-2 CSI. 174 Art. R811-2 III CSI. 175 Art. R811-2 II CSI. 176 Art. R811-2 I CSI. 177 Supra, DPR 2016 Report, (n. 40), p. 29. 178 Regarding the individual concerned, a “purpose exclusivity” (see technique n° 2 for example), the last resort nature of the recourse to a technique (See n° 12 for example) or again the duration of the allowed data retention period (see infra).

Le Divelec

539

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:03 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

Table 5(a): Intelligence-gathering techniques embodied in the CSI Techniques Administrative access to metadata179

Security interception

Legal basis

Max. Duration of the authorisation

Art. 851-1

General procedure: 4 months renewable under the same conditions

2- Targeted access to metadata in real time for Art. 851-2 the fight against terrorism (Purpose N° 4) &5 towards an individual (and its entourage if pertinent181) previously identified as a threat

4 months No emergency procedure allowed

1- Targeted access to metadata: information or documents processed or retained by electronic communications networks or services180

3- Threat detection by bulk analysis of metadata (Black Boxes)182

Art. 851-3

Two months renewable183

4- Real-time location of terminals mentioned in (1) by access to the network (incl. IMSI catcher) transmitted by operators of electronic communication

Art. 851-4

General procedure Exception: See N° 12

5- Real-time beacon to locate an individual, vehicle or object

Art. 851-5

General procedure

6- Direct access to metadata to identify terminal location, subscription number and location using a device (IMSI catcher)

Art. 851-6

Two months renewable

7- Targeted interception of the content of electronic communication of an individual (and its entourage if pertinent)

Art. 852-1

General procedure

8- IMSI Catcher and Wiretapping for limited purposes (N° 1,4 and 5)

Art. 852-1

48 hours renewable184

179 Administrative access to metadata encompasses all techniques implemented through solicitation of operators of electronic communication and internet service providers. 180 According to art. 851-1, these might include the identification of subscription or connection identifiers for electronic communications services, all subscription or connection identifiers of the targeted individual, the location of the terminal equipment used and the list of numbers dialled, received calls as well as the date and duration of these calls. 181 Following a request for preliminary ruling filed with the Conseil Constitutionnel, the court considered that the extension of the authorisation to the entourage of the suspect was contrary to the Constitution. Though the technique was considered compatible with the Constitution, the lack of definition of the number of persons potentially concerned by this measure did not conciliate the protection of the public interest and the right to private life. By the Loi du 30 Octobre 2017, Art 851-2 was amended (see supra, n. 155). The Prime Minister is now to define by arrêté the maximum number of persons concerned within the suspect’s entourage after opinion of the CNCTR. Similarly, when an implementation request is granted, the number of persons shall be communicated to the CNCTR. See in English supra, FRA n. 133, p. 69 and Décision du Conseil Constitutionnel, n° 2017-648 QPC du 4 août 2017. 182 See infra mn. 99. This technique of intelligence-gathering was named “boîtes noires” (black boxes) by the media and civil society during the debate prior to the adoption of the law on intelligence. This generic term will be in turn used within this chapter. 183 The renewal request shall indicate the amount and pertinence of users detected by the first implementation. 184 Information irrelevant to the purpose justifying the use of the technique is immediately destroyed.

540

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:04 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

Table 5(b): Intelligence-gathering techniques embodied in the CSI Techniques

Legal basis (CSI)

Max. Duration of the authorisation

9- Use of microphones and cameras

Art. 853-1

Maximum two months renewable Exception: See N° 12

10- Access to stored data when no other technique is available to gather the intelligence sought

Art. 853-2-I 1°

30 days renewable Exception: See N° 12

11- Keylogging and screen capture

Art. 853-2-I 2°

2 months renewable Exception: See N° 12

Intrusion in a private location

12- Intrusion in private property and vehicles to implement techniques 5, 9, 10 and 11 as the last resort

Art. 853-3

30 days renewable185

International communication

13- Bulk collection and processing of international communications186

Art. 854-2

4 months renewable

Radio transm.

14- Interception of radio transmissions

Art. 852-2

General procedure

Conversations, images and stored data

As of October 2016, according to its first report, the CNCTR had been solicited 97 mostly for the access to metadata (technique n° 1)187. The staggering number of preliminary opinions (more than 48 000) compared to other categories can be explained by its use as a preliminary means to implement further intelligence collection techniques once metadata has been collected188.

185 When the authorisation is given following a negative opinion of the CNCTR, the Conseil d’État is immediately referred to by the CNCTR to obtain its opinion within 24 hours. The technique shall not be implemented until the decision is taken unless the purpose justifying the intrusion is the prevention of terrorism. See Art. 853-3-III CSI. 186 See infra, mn. 119. 187 Supra, CNCTR Report, fn. 53. 188 Ibid, p. 73.

Le Divelec

541

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:04 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

Table 6: Opinions given by the CNCTR for the period October 2015 to October 2016189 Intelligence-gathering techniques

Number of preliminary opinion delivered

Percentage of positive opinion

Percentage of negative opinion

Access to metadata (851-1)

48 208

99,86 %

0,14 %

Live geo-tracking (851-4)

2 217

93,1 %

6,9 %

Security interceptions (852-1)

8 538

Other techniques189

7711

b) The sensitive case of Black Boxes Black boxes are one of the most controversial instruments legalised by the law of 2015. Pursuant to Art. 851-3-I CSI, intelligence services are authorised to deploy an automatic data processing system to detect connections that might reveal a terrorist threat. Based on pre-designated parameters, they remain under control of the CNCTR, which will give its opinion on their use and have permanent, direct and complete access to information on their use as well as to the information and data collected190. When a network operator is requested to comply with the services’ request, it cannot refuse191. 99 The recourse to black boxes as regards communication inside the state territory is, however, limited to the purpose of preventing terrorism and can be used to analyse a limited amount of information and documents without enabling the identification of individuals192. It is only when a threat has been proven to be real that the Prime Minister can authorise the identification of the person and the collection of data linked to him/her after having consulted the CNCTR193. However, regarding international electronic communication, this processing is extended to all purposes and does not require an a priori opinion194. The CNCTR will intervene a posteriori to verify that the collected data are in line with the initial authorisation given by the Prime Minister. 100 On 14 November 2017, at a conference organised at the University of Grenoble, Francis Delon, President of the CNCTR affirmed that the CNCTR had just delivered its first favourable opinion regarding the deployment of a black box195. 98

101

c) Authorization of unlawful activities The law on intelligence authorizes intelligence operatives to use borrowed or fake identities196. The civil code articles (Art. 50 and 52) protecting the establishment of civil status are thereby not applicable and the individuals involved in the creation of this 189

Supra, CNCTR Report, n. 53, p. 65. Art. 853-1-II CSI. Art. 851 CSI. 192 Meaning abonnement identification numbers, connection to electronic communication services, localisation of equipment used to connect and list of calls, the numbers, duration and date of these calls. See Art. 851-41 CSI. 193 Art. 853-1-IV CSI. 194 Art. 854-2 CSI. 195 Martin Untersinger, Une première “ boîte noire “ de la loi sur le renseignement désormais active, Le Monde, available at http://www.lemonde.fr/pixels/article/2017/11/14/les-boites-noires-de-la-loi-sur-le-renseignement-sont-desormais-actives_5214596_4408996.html, accessed on the 15th of November 2017. 196 Art. 861-2 CSI. 190 191

542

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:05 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

identity are not criminally liable. The Prime Minister designates which “second cercle” services are subject to this derogative regime197. Thus, operatives of “premier cercle” and authorised “second cercle” services can 102 contact individuals suspected of jeopardising the fundamental interest of the nation (meaning all listed purposes) by means of electronic communication using a fake or borrowed identity cover198. In this frame, agents can gather information on the individual and can gather and share with him or her content encouraging or making the apology of terrorism. However, an operative who would incite the targeted individual to commit an infraction (e. g. to commit a terrorist act) incurs a penalty of up to one year of imprisonment and a 30 000€ fine.

II. Data retention rules The law on intelligence sets fixed retention periods for data retrieved through 103 individual intelligence collection techniques199. The applicable retention periods are listed in Tables 7 a and 7 b below. At the end of the indicated period, the data must be destroyed.200 A report containing the execution date (beginning and end) and the nature of the 104 collected data is produced for each intelligence collection technique. These reports can be accessed by the CNCTR on a direct, complete and permanent basis. Table 7(a): Data retention period of data collected201 Techniques

Duration of data retention

1- Targeted access to metadata201

4 Years

2- Targeted access to metadata (metadata) in real time

4 years

3- Threats detection by bulk analysis of metadata

60 days 4 Years once an individual is identified as a terrorist threat

4- Real-time location of terminals mentioned in (1) by access to the network (incl. IMSI catcher) transmitted by operators of electronic communication

4 years

5- Real-time beacon to locate an individual, vehicle or object

4 years

6- Direct access to metadata to identify terminal location, subscription number and location using a device (IMSI catcher)

4 Years Data erased if not linked with the purpose of the implementation within 90 days

197

As of December 2017, no arrêté had yet been publicly published. Art. 863-1 CSI. 199 Arts. 822-1 to 4 CSI. 200 Art. 822-2 CSI. 201 Supra, CNCTR Report, n. 53, p. 44. 198

Le Divelec

543

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:06 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis 7- Targeted interception of the content of electronic communication of an individual (and its entourage if pertinent)

30 days

8- IMSI Catcher and Wiretapping for limited purposes (N° 1,4 and 5)

30 days

Table 7(b): Data retention period of data collected Techniques

Duration of data retention

9- Use of microphones and cameras

30 days (microphones) 120 days (images)

10- Stored data access

120 days

11- Keylogging and screen capture

120 days

12- Intrusion in private property and vehicles to implement techniques 5, 9, 10 and 11 as the last resort

–

13- Bulk collection and processing of international communications

See infra

14- Interception of radio transmissions

30 days

Although the retention period is calculated from the day of the data collection, in the case of encrypted data, the period runs from its decryption202. Similarly, any data linked to cyberattacks can be retained for a longer period if technical analysis is necessary. Data retained for a longer period cannot be used against the targeted individuals once the original timespan has expired. Finally, any data relevant to a request pending in front of the Conseil d’État can be retained after expiration of the retention period. 106 In the case of data collected in the frame of international intelligence activities, the retention periods will depend on whether one end of the communication is linked to the national territory or not203. In the former case, the “national” retention periods apply but the period begins after the first processing and no later than six months after collection. However, should both sides of the communication be of foreign origin, the following periods apply204: – Content data shall be destroyed 12 months after its first processing, within the limit of 4 years after collection; – Metadata: 6 years. The same exception applies regarding encrypted data and data pertaining to cyberattacks which can be retained for up to eight years. Any data linked to a case pending in front of the Conseil d’État must be retained. 107 Data cannot be collected, extracted or transcribed for any purposes other than the ones indicated in Art. 811-3 CSI205. The CNCTR ensures that all data is destroyed once 105

202

Art. 822-2 Art. 854-8 204 Art. 854-5 205 Art. 822-3 203

544

para. 2 CSI. CSI. CSI. CSI.

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:06 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

no longer necessary for the purpose mentioned in the initial request. Data destruction is conducted by designated agents and is reported to the CNCTR206.

III. Judicial remedies and agents’ responsibility The law on intelligence provides judicial recourse to individuals (1) and specified the 108 criminal liability of service members (2).

1. Judicial remedies for individuals The Conseil d’État is competent to monitor the legality of both individuals’ complaints 109 filed regarding intelligence collection techniques207 and information stored in databases208. Individuals wishing to verify that no intelligence collection technique has been illegally used against them can refer to the Conseil d’État after consultation of the CNCTR (following the procedure described above, mn. 65)209. Although the CNCTR does not notify individuals whether an intelligence collection technique was targeting them, they can refer to the Conseil d’État within two months after being notified by the CNCTR that a control was carried out or four months after the introduction of the request to the CNCTR if they have not been notified that the control took place210. When an administrative court has referred a case, whose resolution depends on the legality of an intelligence collection technique, the court suspends the proceedings and refers the matter to the Conseil d’État211. This decision cannot be contested and the court will resume the case once the Conseil d’État has ruled on the legality of the said technique. The Conseil d’État also addresses requests pertaining to individuals’ rights on the 110 processing of their personal data212. This right derives from Art. 39 and 40 of the loi informatiques et libertés,213 which state that individuals may request access to data stored by a data processor and informed on how such data is processed, for what purpose and by whom. According to Art. 41 of the same law, this right is limited when the processing concerns national security, defence or public safety.214 In these procedures, the Conseil d’État sits in an ad hoc formation composed of215: 111 (1) A president proposed by the Ministre de la Justice and designated by the Prime Minister; (2) Two members of the Conseil d’État at the level of at least conseiller d’État216; (3) Two substitutes of the Conseil d’Etat; (4) Two rapporteur public217.

206

Art. 822-4 CSI. Art. L841-1 CSI. 208 Art. L841-2 CSI. 209 Art. 841-1 CSI. 210 Décret n° 2015-1211 du 1er octobre 2015 relatif au contentieux de la mise en œuvre des techniques de renseignement soumises à autorisation et des fichiers intéressant la sûreté de l’Etat. 211 Ibid. The Conseil d’État will give its assessment within a month. 212 Art. 841-2 CSI. 213 Loi du 6 janvier 1978 relative à l’informatique, aux fichiers et aux libertés (Law on informatics and freedoms). 214 For further details on the right to access data and the role of the CNIL, see supra, FRA Report n. 133. 215 Art. 773-8 du Code de Justice Administrative. All are entitled to access restricted information (secret de la défense nationale). 216 Fourth rank on the 6 scale hierarchy of the administrative judicial system. 217 A public rapporteur is a member of an administrative court who gives his independent opinion during a given case. 207

Le Divelec

545

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:07 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

To rule on a given case, this ad hoc panel of first and last instance have a quorum of at least 3 of its members218. Following the decision, only the existence or absence of an infringement will be announced219. Should the Conseil d’État observe an illegal authorisation of an intelligence collection technique, the judge can abrogate the authorisation, order the destruction of any data collected and grant compensation to the claimant220. 113 Where the illegal authorisation may constitute a criminal offence (see infra mn. 118), the Conseil d’État must notify the Procureur de la République and transfer the case file to the Commission du secret de la défense nationale to obtain an opinion on the declassification of the pertinent information for its use in criminal proceedings. This opinion is then passed to the Prime Minister before being forwarded to the procureur. 114 By March 2017, 146 complaints had been filed (136 for the verification of information and 10 regarding the implementation of an intelligence-gathering technique), 52 of which have been subject to a decision221. The decisions taken by the Conseil D’État mirror the secrecy of the services’ activities. While providing little or no information on the substance of the control, the Conseil d’État in these decisions: (1) Restated the legal basis for the individual’s complaint: • Art. 821-1 for the implementation of intelligence technique • Art. 41 de la loi du 6 janvier 1978 relative à l’informatique, aux fichiers et aux libertés for information stored on a given database222 (2) Referred to Art. 841-1 or 841-2 CSI depending on the type of judicial control requested; (3) Recalled the extent to which information can be given to the plaintiff; (4) Very briefly stated in a single paragraph whether further action from the jurisdiction was necessary (i. e. whether the potential data or technique were stored/ implemented in breach of the applicable provision) without confirming whether information or a technique was indeed observed/implemented regarding the plaintiff223. 112

2. Criminal liability of intelligence services members 115

Members of “premier cercle” and “second cercle” intelligence services do not have complete impunity in the conduct of their missions. The judiciary is competent, under the code pénal, to judge infractions committed by intelligence services and, if relevant, their members. Art. 862-2 CSI, in fact, stipulates that members of specialised intelligence services are criminally liable for their actions in accordance with the pertinent Code penal provisions.

218

Art. R.773-11 Code de Justice Administrative. Ibid, Art. L.773-7. 220 Ibid. 221 Supra, FRA Report, n. 133. 222 Supra, n. 104. 223 For instance, in the case of illegal storage of data, the Conseil d’État, solely indicated the illegal storage and granted compensation. See Conseil d’État, décision n° 396549 du 8 Novembre 2017. 219

546

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:08 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

Table 8: Offences and the attached maximum sentence in case of abuse of an intelligence collection technique224 Action

Applicable provision and legal qualification

Maximum sanction

Illegal information processing224

Arts. 226-16 et seq. of the Code Pénal: breach of individuals’ rights

5 years of imprisonment and 300 000€ fine

Illegal access to an informatics system

Art 323-1 of the Code Pénal: intrusion into a computer system

2 years of imprisonment and 60 000€ fine

Illegal Recording of oral communication

Art 226-1 et seq. of the Code Pénal: breach of private life

1 year of imprisonment and 45 000€ fine

Illegal use of a fake name or profession, use of fraudulent behaviour to obtain information

Art 313-1 of the Code Pénal: fraud

5 years of imprisonment and 375 000€

Art. 862-1 CSI applies to actions committed outside of the national territory and 116 suspected of constituting a criminal offence. When an act is committed outside the national territory by a member of a “premier cercle” service in the conduct of its mission, the Procureur de la République shall inform the Ministry concerned that the facts are liable to constitute a penal infraction. The Ministry shall deliver within a month an opinion on the prosecution of the concerned employee.

IV. Derogations and complementary provisions The law on intelligence laid down derogations and complementary provisions 117 regarding cases of emergency (1), international surveillance (2), and the protection of whistle-blowers (3).

1. Emergency Procedure Art. 821-5 CSI allows for a derogation to the a priori oversight mechanism in the 118 cases of absolute emergency. Thus, for the pursuit of the following purposes: N° 1: National independence, territorial integrity and national defence; N° 4: terrorism prevention; N° 5: Prevention of a threat to the republican nature of the institutions; The Prime Minister can authorize the use of intelligence collection techniques without an a priori opinion of the CNCTR. The latter, however, must be informed of this decision within 24 hours after the Prime Minister delivers his/her authorisation225.

2. International surveillance The surveillance of international communication is subject to a specific regime. The 119 current regime derives from the original legal framework for international intelligence 224 225

Supra n. 25, O. De Maison Rouge. The procedure followed to obtain an a priori opinion must then be respected. Supra, mn. 58.

Le Divelec

547

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:08 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

activities that was declared unlawful by the Conseil constitutionnel and subsequently replaced by the law on surveillance of international electronic communication adopted in November 2015226. 120 The Prime Minister designates the channels of communication and networks on which communication received or emitted from outside the national territory should be monitored227. This surveillance of international communication is allowed for all purposes contained in Art. 811-3 CSI but cannot target individuals using metadata linked with the national territory228. 121 Two types of interception are provided by law. First, upon request, the Prime Minister can authorize the non-targeted (bulk) processing of intercepted metadata. This authorisation must contain229: (1) The purpose for which the request is introduced; (2) The motives of the implementation of the measures; (3) The intelligence services in charge; (4) Type of data processing that could be implemented. The authorisation given by the Prime Minister can be valid for up to one year extendable with the same procedure. 122 Second, upon request, the Prime Minister can authorise the individualised processing of the content of communications or only metadata intercepted. Similarly, the authorisation must contain: (1) The purpose for which the request is introduced; (2) The motive for the use of intelligence collection techniques; (3) The geographical area or the organizations, group of people or people concerned; (4) The services in charge. The authorisation is given for four months extendable for an equal duration with the same procedure.

3. Protection of whistle-blowers The CSI now encompasses a procedure which permits members of the intelligence services to inform the CNCTR of any wrongdoing230. Employees from both “premier cercle” and other services who have witnessed any illegal acts can inform the CNCTR, which will, in turn, refer to the Conseil d’État and alert the Prime Minister. Should the CNCTR consider that a legal provision has been violated, it will refer it to the Procureur de la République and transfer all the information to the Commission du secret de la défense nationale to obtain the approval to communicate them to the Procureur. 124 Whistle-blowers cannot be sanctioned or become the subject of any discriminatory measure (whether indirect or direct) if they acted in good faith when passing on information to the CNCTR231. Should they consider that they are being or have been 123

226

Supra, n. 6. Art. L.854 et seq. CSI. 228 At the exception of specific individuals, see supra, mn. 66. 229 Art. 854-2 CSI. 230 Art. 861-3 CSI. 231 Though no definition of good faith is established within the CSI, a contrario, the term bad faith as defined in art. 226-10 of the code penal applicable in that context describe it as “A denunciation made by any means and directed against a specified person, of a fact that is liable to cause judicial, administrative or disciplinary sanctions and that the maker knows to be totally or partially false, where it is sent either to a judicial officer or to a judicial or administrative police officer, or to an authority with power to follow it up or to refer it to the competent authority, or to hierarchical superiors or to the employer of the person concerned”. Translation extracted from the French penal code as translated and available at http://www. legislationline.org/documents/section/criminal-codes/country/30. 227

548

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:09 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

discriminated against, the administration must prove that the decisions have been taken based on objective factors. The use of this procedure in bad faith is punished by up to 5 years of imprisonment and a 45 000€ fine232. As of 2017, according to the DPR and the CNCTR, this procedure had not been used233.

F. A law reshaped by constitutional concerns The sensitive nature of the law on intelligence has led the Conseil Constitutionnel to 125 assess the constitutionality of the law on several occasions since 2015. After having declared a part of the legislation unconstitutional shortly after its adoption in July 2015234, the court had to decide on the constitutionality of the law on international communication235, the radio transmissions exemption236 and intelligence collection techniques being extended to a suspect’s entourage237.

I. The annulment of the provisions on international surveillance In July 2015, the constitutional court ruled that the provisions on the surveillance of international communication were unconstitutional. The law on intelligence had laid down a derogation regarding the monitoring of the surveillance of international communication by the CNCTR. The Conseil constitutionnel declared these provisions unconstitutional on the grounds that the law did not define the conditions applicable to the processing, storage and destruction nor did it define the conditions applicable to the oversight of the CNCTR. In substance, the Prime Minister did not have to submit any ex-ante request to the CNCTR. The CNCTR could intervene only after the measure had been implemented. The Conseil Constitutionnel stressed that the modes of processing, storage and destruction of intelligence collected depended exclusively on the will of the executive power while under Art. 34 of the French Constitution238, the legislative power has the prerogative for defining these points. On these grounds, the Conseil Constitutionnel considered that the legislator had not determined the rules for the protection of the fundamental guarantees granted to citizens. Following this partial annulment, the law of the 30th of November 2015 was adopted and declared compatible by the constitutional court239.

126 127

128

129

II. The radio transmission exemption An old provision applicable to the legal regime created by the law of 2015 was also 130 criticized. Art. 811-5 CSI, adopted within the loi sur le secret des correspondances in 232

Art. 226-10 du Code Pénal. Supra, FRA Report, n. 133, p. 71. 234 Décision du Conseil constitutionnel n° 2015-713 DC du 23 juillet 2015. 235 Décision du Conseil constitutionnel n° 2015-722 DC du 26 novembre 2015. 236 Décision du Conseil constitutionnel n° 2016-590 QPC du 21 octobre 2016. 237 Décision du Conseil constitutionnel n° 2017-648 QPC du 4 août 2017. 238 This article settles down the distribution of competences between the Parliament and the Government. See: http://www2.assemblee-nationale.fr/langues/welcome-to-the-english-website-of-the-french-national-assembly. 239 Supra, n. 235. 233

Le Divelec

549

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:09 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

131

132

133

134

1991, provided intelligence services with the possibility to bypass any form of oversight when using intelligence collection techniques against “communications hertziennes” (hereafter “radio transmissions”)240. The measures to ensure the surveillance of radio transmissions for the defence of national interests were not governed by the chapter regulating the recourse to intelligence techniques. In other words, intelligence services would not be monitored and no recourse for individuals would be available. Two main issues were therefore referred to the Conseil Constitutionnel by several civil actors241: the broad definition of “communication hertzienne” and the lack of remedies available to citizens. In a concise decision, the Conseil constitutionnel declared that the exemption presented a disproportionate violation of the right to privacy and privacy of correspondence242. The exemption was hence declared unconstitutional. The Conseil Constitutionnel highlighted, first, that the powers that had been granted to public authorities did not exclude the possibility of collection of individualised data and therefore presented a violation of the right to privacy and privacy of correspondence243. Second, the Court highlighted that if such means of intelligence collection could be applied solely for the defence of national interests, the provision at stake did not prevent these measures from being used for other purposes than those justifying its first application244. In other words, no safeguards against abusive use of this exemption were set up. Third, and finally, the Court highlighted that the provisions applicable to radio transmission did not list the permissible means of surveillance, did not subject the recourse to these measures to any procedural condition nor did it provide guarantees regarding its application. On these grounds, the Court declared Art. 811-5 CSI incompatible with the constitution. Following this decision, the legislator modified by law the chapter on “communications hertziennes”245. Art. L855-1 A to L855-1 C CSI now limit the definition of “communications hertziennes” by excluding any electronic communication made exclusively through radio transmissions involving an electronic communication operator246. According to Art. L855-1 B, in principle, all intelligence collected must be deleted six years after it has been collected or decrypted247. All intelligence collected can be processed only for the purposes listed in Art. 811-3 CSI and must be deleted once it is deemed unnecessary for the pursuit of these objectives248. The CNCTR is now responsible for controlling the legality of these measures. Thus, it must be informed of the nature and scope of any measures taken based on Art. 855-1A and have access to any information on the used intelligence collection techniques and the collected intelligence. It can communicate recommendations and observations to the Prime Minister and the DPR. In sum, the “communication hertziennes” exemption has been reduced in scope and radio transmissions are now subject to specific procedural safeguards presented in a separate chapter249.

240 Any communication made through radio wave, i. e. communication made through wireless means of transmission such as Wi-Fi, exchange between a cell phone and a relay antenna etc. 241 La Quadrature du Net, le French Data Network, la Fédération FDN et the association Igwan.net. 242 Supra n. 234. 243 Ibid, § 6. 244 Ibid, § 7. 245 See supra, n. 155. 246 Ibid, Art. L855-1 A. 247 Ibid, Art. L855-1 B-I. 248 Ibid, Art. L855-1 B-II. 249 Ibid, Art. L855-1 A.

550

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:09 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 2. Intelligence Law in France

III. Case pending in Strasbourg In 2015 the judicial press association, the Paris Bar and the National Bar Council250 challenged the law on intelligence before the ECHR. In a communication published in April 2017251, the ECHR addressed three questions pertaining to the legality of the French intelligence law. The first refers to the lack of definition of the terms “information or documents”. In the CSI, these terms describe the data that can be collected through the use of intelligence collection techniques. The claimants argue that the lack of definition of these terms renders the legal basis for intelligence techniques insufficiently clear. The second question relates to the safeguards for the confidentiality of the information about protected professions such as lawyers and journalists. The claimants challenge the provisions applicable to journalists and lawyers due to the lack of sufficient procedural guarantees and the absence of a posteriori sanctions in the case of breach of confidentiality/secrecy. The CSI provides that journalists and lawyers cannot be the object of surveillance in the conduct of their professional activities252. The claimants argue that it is difficult to establish whether elements pertain or not to the profession of the individual. For instance, the claimants asked “under what conditions and by whom the distinction is to be drawn between matters specifically connected with a lawyer’s work under instructions from a party to proceedings and those relating to activity other than that of counsel”253. The ECHR submitted two questions pertaining to lawyers and journalists’ right to privacy and the right to an effective remedy if such a right is infracted. Third, the ECHR asked the claimant and defendant to present their opinions on the proportionality of the list of purposes justifying a recourse to an intelligence collection technique laid down by the CSI and the role of the CNCTR regarding the surveillance of these protected professions. Finally, the ECHR invited the parties to make observations on the resources available to the CNCTR and the efficiency of the control of the Conseil d’État.

135

136

137

138

G. Concluding remarks The reform of French intelligence is still at an early stage. The multiplication of new 139 threats and the evolution of technology have pushed towards the reshaping of intelligence activities, its community and, with it, the ability to limit fundamental rights for the purpose of security. Despite the introduction of clear boundaries in term of recourse to intelligence collection techniques by the law of 2015, the powers granted to intelligence services have been criticised due to the permissive nature of the legal framework and the uncertainty of its efficiency254. The vagueness of the purposes for which the use of intelligence collection techniques is allowed, the expansion of the 250

L’Association de la presse judiciaire, l’Ordre de Paris et le Conseil national des barreaux. ECHR, Cinquième section, Requête no 49526/15 Association Confraternelle De La Presse Judiciaire contre la France et 11 autres requêtes, communiquée le 26 Avril 2017. 252 Art. L821-7 CSI. 253 ECHR, Kopp v. Switzerland, § 73, 25 March 1998, 3/1997/797/1000 as referred to by the claimants. 254 See for instance the arguments advanced by the defendant in the ECHR pending cases. See supra mn. 136. 251

Le Divelec

551

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:10 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

services allowed for use such techniques by the law of 2015 and, the broad surveillance allowed on electronic communications, for instance, have been the object of criticism. 140 Judicial authorities have played a key role in the shaping of the present legal framework through the activity of the constitutional courts and the monitoring of the first months of its implementation through the administrative courts. Although the first decisions taken by the Conseil d’État have confirmed the limited access to information for the public, the procedure has proven to be a reliable tool for individuals to hold accountable intelligence services in the conduct of their missions. In combination with the additional powers of the CNCTR and the new mandate of the DPR, the overall oversight “governing the use of measures aiming at general [and targeted] surveillance of communications”255 has proven to be extensive. 141 Yet, several provisions of the CSI are now subject of a pending case in Strasbourg, which relates to the extent to which journalists and lawyers are protected inside the frame of their professions. The ECHR has extended its questions to specific aspects of the law on intelligence (e. g. the list of purposes, the degree of control carried out by the Conseil d’État etc.) which mirrors the concerns expressed following the adoption of the current legal regime. The decision is however not to be expected before a few years. 142 In the meantime, and as the first year of Macron’s presidency has shown, the implementation of the legal framework applicable to intelligence activities will be subject to further development256. While accompanied by judicial challenges and public concerns, the new laws on intelligence and international intelligence have finally provided the intelligence services with a legal basis for their activities. Overall, the framework, which specifies which intelligence collection techniques can be used by whom for which purpose, as well as the accompanying oversight mechanism are to be praised. The intelligence collection techniques provided to intelligence services, the purposes justifying their use and the margin of appreciation left to intelligence services in carrying out their mandates will however remain sources of uncertainties and suspicions. Civil society, constitutional judges and ECHR case-law will play a major role in the constant adaptation of this new legal framework to ever-evolving threats, technologies and civil rights. 255 256

552

Supra, FRA Report, n. 133, p. 40. See the modifications brought to the CSI since May 2017.

Le Divelec

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:11 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3 Intelligence Law and Oversight in the UK Ian Leigh Outline A. Introduction ...................................................................................................................... B. A historical sketch............................................................................................................ I. Origins of the security and intelligence agencies............................................. II. Recent controversies............................................................................................... C. The legal basis for and role of the intelligence agencies......................................... D. The powers of the agencies............................................................................................ I. Introductory ............................................................................................................. II. The reform of surveillance powers ..................................................................... III. Targeted interception and examination............................................................. IV. Untargeted “bulk” powers..................................................................................... V. Bulk personal datasets............................................................................................ VI. Equipment interference ......................................................................................... VII. The judicial approval process............................................................................... E. Accountability of the agencies ...................................................................................... I. Ministerial responsibility and control ................................................................ II. Parliamentary oversight......................................................................................... III. Judicial oversight..................................................................................................... 1. The Commissioners ........................................................................................... 2. Investigatory Powers Tribunal ........................................................................ F. Intelligence and the courts............................................................................................. I. The courts and deference to national security ................................................. II. Evidential protections and intelligence .............................................................. 1. Public interest immunity .................................................................................. 2. Special advocates ................................................................................................ 3. Closed material procedures.............................................................................. 4. Criminal trials and intelligence material....................................................... G. Conclusion .........................................................................................................................

mn. 1 4 4 8 15 22 22 26 33 39 43 47 49 52 52 56 63 63 66 69 69 74 74 76 79 82 85

Bibliography: Aldrich, R., Whitehall and the Iraq War: the UK’s Four Intelligence Enquiries, Irish Studies in International Affairs, 16 (2005), 73–88; R. Aldich, GCHQ: the uncensored story of Britain’s most secret intelligence agency, Harper Collins, 2011; R. Aldrich and R. Cormac, The Black Door: Spies, Secret Intelligence and British Prime Ministers, Harper Collins, 2016; Anderson D., Report of the Bulk Powers Review, Cm. 9326 (2016); Andrew, C., Secret Service: the Making of the British Intelligence Community London, 1986; Andrew, C., Defence of the Realm: the Authorized History of MI5, London, 2009; Birkinshaw, P., Reforming the Secret State, Milton Keynes, 1990; Bochel, H., Defty, A., Kirkpatrick, J., New mechanisms of independent accountability: select committees and Parliamentary scrutiny of the intelligence services, Parliamentary Affairs, 68 (2) 314–331 (2015); Born, H., L, Johnson and I. Leigh, Who’s Watching the Spies: Establishing Intelligence Service Accountability, Dulles, Virginia, 2005; Born, H. and I. Leigh, Democratic Accountability of Intelligence Services, Armaments, Disarmament and International Security, Yearbook of the Stockholm International Peace Research Institute 2007, Oxford University Press 2007, ch. 5; Born, H., Leigh, I. and Wills A., International Intelligence Cooperation and Accountability London Routledge, 2011; Born, H., Leigh, I. and Wills A., Making International Intelligence Cooperation Accountable, Oslo, Norwegian Parliament Printing House, 2015; Chamberlain, M., Update on procedural fairness in closed proceedings, (2009) 28(4) Civil Justice Quarterly 448–543; Davies, P., MI6 and the Machinery of Spying Frank Cass, 2004; Defty, A., Educating parliamentarians about intelligence: The role of the British Intelligence and Security Committee, Parliamentary Affairs 2008 61(4):621–641; Fikfak, V. and H. Hooper, Parliament’s Secret War Hart, Oxford 2018; Forcese, C. and L., Waldman, Seeking Justice in an Unfair Process: Lessons from Canada, the United Kingdom, and New Zealand on the Use of “Special Advocates” in National Security Proceedings, Ottawa, 2007; Gill P., Policing Politics: Security Intelligence and the Liberal Democratic State, Frank Cass, London, 1994; Forsyth, C., Public Interest Immunity: Recent and Future Developments, (1997) 56 Cambridge Law Journal 51; Gill, P., The

Leigh

553

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:11 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis Politicization of Intelligence: Lessons from the Invasion of Iraq, in H. Born, L. Johnson and I. Leigh (eds.), Who’s Watching the Spies: Establishing Intelligence Service Accountability Dulles, Potomac Books, 2005; Gill, P., Evaluating Intelligence Oversight Committees: the case of the UK Intelligence Security Committee and the “War on Terror”, Intelligence and National Security, 22(1) pp. 14–37 (2007); Gill, P., The ISC and the Challenge of International Security Networks, Review of International Studies 35 (2009) 932; Glees, A., P. Davies, and J. Morrison, The Open Side of Secrecy: Britain’s Intelligence and Security Committee, London., Social Affairs Unit, 2006; Glover, R., Murphy on Evidence, 14th ed., Oxford 2015, ch. 13; Horne, A. and Walker, C., Parliament and National Security, in Horne, A. and Le Sueur, A. (eds.), Parliament: Legislation and Accountability Hart, Oxford, 2016; Intelligence and Security Committee, Iraqi Weapons of Mass Destruction- Intelligence and Assessments, Cm.5972, 2003; Intelligence and Security Committee of Parliament, Privacy and Security: A modern and Transparent Legal Framework, March 2015 HC 1075; Jackson, J., The Role of Special Advocates: Advocacy, Due Process and the Adversarial Tradition”, 2016, 20(4) International Journal of Evidence and Proof 343–362; Jacob, J.,”From Privileged Crown to Interested Public, 1993 Public Law 121; Jeffery, K., MI6: the History of the Secret Intelligence Service 1909–1949 Bloomsbury, 2010; Justice, Secret Evidence London, 2009; Leigh, I., Public Interest Immunity, (1997) Parliamentary Affairs 55–70; Leigh, I., and L. L. Lustgarten, Five Volumes in Search of Accountability: The Scott Report, 1996, 59 Modern Law Review 695–725; Leigh, I., Reforming Public Interest Immunity, 1995, 2 Web Journal of Current Legal Issues, http://www.bailii.org/uk/other/journals/ WebJCLI/1995/issue2/leigh2.html; Leigh, I., Parliamentary Oversight of Intelligence in the UK: A Critical Evaluation, in H. Born and M. Caparini (eds.), Democratic Control of Intelligence Services: Containing Rogue Elephants Aldershot, Ashgate, 2007; Leigh, I., The Role of Judges in S. Farson and M.Pythian (eds.), Commissions of Inquiry and National Security: Comparative Approaches, Praeger, 2010, ch. 16; Leigh, I., National Courts and International Intelligence Cooperation in H. Born, I. Leigh and A. Wills (eds.), International Intelligence Cooperation and Accountability, Routledge, 2011; Leigh, I., Rebalancing Rights and National Security: Reforming UK Intelligence Oversight a Decade After 9/11, 2012, 27 (5) Intelligence and National Security 721–737; Lustgarten, L. and I. Leigh, In From the Cold: National Security and Parliamentary Democracy, Oxford, Oxford University Press, 1994; McKay, S., Blackstone’s Guide to the Investigatory Powers Act 2016, Oxford University Press, Oxford, 2017; McKay, S. and Walker, C., Legal regulation of intelligence services in the United Kingdom, in Dietrich, J-H. and Eiffler, S.R. (eds.), Handbuch des Rechts der Nachrichtendienste, Richard Boorberg, Stuttgart, 2017; Moran, J. and Walker, C., Intelligence Powers and Accountability in the U.K., in Goldman, Z.K. and Rascoff, S.J. (eds.), Global Intelligence Oversight: Governing Security in the Twenty-First Century, Oxford University Press, New York, 2016 pp. 289–314; Murray C., Out of the Shadows: the Courts and the United Kingdom’s Malfunctioning Counter-Terrorism Partnerships, Journal of Conflict & Security Law 2013, 18(2), 193–232; Peto, A. and Tyrie, A., Neither Just Nor Secure, London Centre for Policy Studies, 2011; Phythian M., The British Experience with Intelligence Accountability, Intelligence and National Security, 22 (1), p. 81 (2007); Pythian, M., Intelligence Oversight in the UK: The case of Iraq, in L. Johnson (ed.), Handbook of Intelligence Studies, Routledge 2007; Phythian M.,” A Very British Institution”: The Intelligence and Security Committee and Intelligence Accountability in the United Kingdom’, in Loch K. Johnson (ed.), Oxford Handbook of National Security Intelligence New York, Oxford University Press, 2010, 699–718; Phythian, M., The British Experience with Intelligence Accountability: The First Twenty Years, in Loch K. Johnson (ed.), Essentials of Strategic Intelligence, Santa Barbara, CA, Praeger Security International, 2015, 447–69; Sullivan, J., Closed Material Procedures and the Right to a Fair Trial, 29 Maryland J. Int’l Law 269 (2014); Supperstone, M., A New Approach to Public Interest Immunity? [1997] Public Law 211; Tomkins, A., Public Interest Immunity After Matrix Churchill, 1993 Public Law 650; Tomkins, A., National Security and the Due Process of Law, 64(1) Current Legal Problems 215–253 (2011); Wadham, J., The Intelligence Services Act 1994, Modern Law Review, 57: 916–927 (1994).

A. Introduction 1

This Chapter addresses the legal framework within which security and intelligence agencies operate in the United Kingdom. A brief historical sketch traces the agencies from their foundation in the early twentieth century, focusing particularly on controversies since the end of the Cold War. This is followed by discussion of the legal basis and the role of the intelligence agencies, as well as the non-statutory elements of the intelligence community. The succeeding section deals with the powers of the agencies. This is an area which has undergone extensive discussion following the disclosures since

554

Leigh

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:12 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. Intelligence Law and Oversight in the UK

2013 of Edward Snowden and comprehensive revision, especially of bulk collection powers, in new legislation- the Investigatory Powers Act 2016. Discussion of the accountability and oversight arrangements for the agencies falls under 2 three headings: ministerial responsibility and control; parliamentary oversight through the Intelligence and Security Committee; and judicial oversight by the Commissioners (and the newly-created office of the Investigatory Powers Commissioner) and by the body responsible for handling complaints concerning the agencies (the Investigatory Powers Tribunal). The section examining intelligence and the courts opens by discussing how far the 3 historically deferential attitude of the judiciary towards claims of national security has been modified post 9/11. It then moves on to assess evidential and procedural restrictions designed to allow and protect intelligence in civil proceedings: Public Interest Immunity, followed by the growth in use of security-cleared Special Advocates and the introduction of Closed Material Procedures. Finally, it deals with the use of intelligence material in criminal trials. The Conclusion points to some emerging and future trends, notably the increasing importance of cyberwarfare and the future of intelligence cooperation after Brexit.

B. A historical sketch I. Origins of the security and intelligence agencies The United Kingdom does not have a written constitution. Historically, matters of 4 defence and national security were dealt with under powers derived from the prerogative (the residue of non-statutory power enjoyed by Crown and recognised at common law). This includes decisions over war and peace, the deployment of armed forces and the creation and the organisation of security forces. In modern times these prerogative powers are exercised by ministers on behalf of the Crown rather than by the sovereign personally. Elements of control outside the executive branch have been introduced as a number of aspects of the defence and security prerogatives have been replaced or limited by legislation. In addition, the reach of judicial review by the courts into this field has extended in recent years and, increasingly, Parliament also has sought to call the government to account for the exercise of security and defence powers. The three main security and intelligence agencies were created secretly in the early 5 twentieth century, without reference to Parliament, under prerogative powers. The Secret Service Bureau, the forerunner of both MI5 and MI6 dated from 1909.1 The predecessor of GCHQ, the Government Code and Cipher School, was established in 1919.2 Official acknowledgement of their existence and the granting of statutory charters came much later: to the Security Service (MI5) in 1989 and to the Secret Intelligence Service (SIS or MI6) and the Government Communications Headquarters (GCHQ) in 1994. The relevant statutes are the Security Service Act 1989 and the Intelligence Services Act 1994 (the latter covering SIS and GCHQ). Prior to the 1989 legislation the Security Service’s work was governed by the 6 Maxwell-Fyfe Directive – a brief administrative Charter named after the Home Secretary who issued it in 1952 – which emphasized the Service’s role in the “Defence of the 1 C. Andrew, Secret Service: the Making of the British Intelligence Community (London 1986) 121 ff.; C. Andrew, Defence of the Realm: the Authorized History of MI5 (London, 2009) Section A, Chs. 1–3. See also: Goodman/Ischebeck-baum, Intelligence in Modern European History, Part 1 Chapter 1, in this volume. 2 https://www.gchq.gov.uk/topics/our-history (accessed 6 June 2018).

Leigh

555

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:12 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

Realm”, together with its duty to behave non-politically.3 The Service was, nevertheless, responsible to the Home Secretary and its Director-General had a right of access to the Prime Minister. The Security Service Act 1989 reaffirmed the existing constitutional position under the Directive and gave an explicit statutory basis for the Service’s work. The impetus for doing so came from concerns that the Service’s use of surveillance and personal information violated the right to private life, home and correspondence under the European Convention on Human Rights. 7 GCHQ (Government Communications Headquarters)4 – the signals intelligence agency – came to public attention in the mid-1980s, largely because of a protracted industrial dispute about the ban on officers there belonging to a trade union5 and disclosures about war-time code-breaking, but it lacked a statutory remit until 1994. The Secret Intelligence Service (MI6) was not even officially acknowledged to exist until 1992.6 The Intelligence Services Act 1994 provided a statutory charter for both agencies and it also filled a notable gap in the 1989 Act by creating for all the three agencies a statutory committee of parliamentarians, drawn from both Houses of Parliament -the Intelligence and Security Committee (“ISC”). The Justice and Security Act 2013 formally reconstituted the ISC as a committee of Parliament, although there remain some differences between it and a conventional parliamentary select committee. It is the current legislation governing its remit and powers.

II. Recent controversies The agencies have been drawn into controversy on several occasions following 9/11, partly as alleged failures relating to the intelligence leading up to Iraq war and prior to major terrorist attacks in Britain. Allegations about complicity in torture or rendition have been extensively litigated and are under continuing investigation by the Intelligence and Security Committee. Finally, the disclosures of Edward Snowden have resulted in a flurry of legal challenges by NGOs to various surveillance practices, several major reviews of surveillance and to a comprehensive new statutory regime (the Investigatory Powers Act 2016). 9 The events prior to the Iraq War raised serious public concerns about the possible politicisation of intelligence. The government chose, in the attempt to enlist public and political support for its policy, to release, in September 2002 and February 2003, two dossiers of intelligence-related material concerning the attempts of the Iraqi regime to acquire and develop “Weapons of Mass Destruction”.7 Allegations that intelligence was fabricated or knowingly mis-stated for political ends were subsequently refuted following official reports by the Intelligence and Security Committee (ISC) and by Lord Hutton, a senior judge. They did, however, find other unsatisfactory features concerning 8

3 Lord Denning’s Report, Cmnd. 2152 (1963); https://www.mi5.gov.uk/who-we-are (accessed 6 June 2018). 4 https://www.gchq.gov.uk/topics/our-history (accessed 6 June 2018). On the history of GCHQ see R. Aldich, GCHQ: the uncensored story of Britain’s most secret intelligence agency (Harper Collins, 2011). 5 The decision was unsuccessfully challenged in the courts: Council of Civil Service Unions v. Minister for the Civil Service [1985] AC 374. 6 http://www.mi6.gov.uk/output/sis-home-welcome.html. An official history of the early decades of SIS was published in 2010: K. Jeffery, MI6: the History of the Secret Intelligence Service 1909–1949 (Bloomsbury, 2010). See also P. Davies, MI6 and the Machinery of Spying (Frank Cass, 2004). 7 P. Gill, “The Politicization of Intelligence: Lessons from the Invasion of Iraq”, in H. Born, L. Johnson and I. Leigh (eds.), Who’s Watching the Spies: Establishing Intelligence Service Accountability (Dulles, Virginia, 2005). M. Pythian, “Intelligence Oversight in the UK: The case of Iraq”, in L. Johnson (ed.), Handbook of Intelligence Studies, (Routledge 2007).

556

Leigh

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:13 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. Intelligence Law and Oversight in the UK

the process. The ISC criticised the prominence given to one claim (that Saddam Hussein possessed weapons of mass destruction that could be brought into use in 45 minutes) and the partial and misleading treatment given to it.8 The subsequent Hutton report found that the Joint Intelligence Committee Chairman and staff may have been “subconsciously” influenced to make statements that were more definitive than was usual in intelligence assessments in compiling the dossiers with a view to publication.9 A later Privy Counsellors’ review chaired, by Lord Butler (a former Cabinet Secretary),10 confirmed this conclusion and went further in proposing safeguards over future public uses of intelligence and in suggesting changes in MI6, Defence Intelligence and JIC practice. These resulted in two reforms to the central intelligence machine. The first was the combining of the roles of Secretary to the Joint Intelligence Committee and Intelligence Coordinator into a Permanent Secretary of Intelligence, Security and Resilience whose responsibilities now also include giving strategic guidance to the intelligence community and accounting for the resources devoted to the agencies under the Single Intelligence Account. The second was the creation within the Cabinet Office of the post of Professional Head of Intelligence Analysis.11 Allegations of complicity by UK agencies in the torture of terrorist suspects held 10 abroad led to investigations by the Intelligence and Security Committee (the “ISC”) in 2007 into extraordinary renditions12 and by the Parliamentary Joint Committee on Human Rights in 2009.13 In a legal challenge brought by one Guantanamo Bay detainee, Binyam Mohammed, the Court of Appeal found in 2010 that the Security Service had misled the ISC that they “operated a culture that respected human rights and that coercive interrogation techniques were alien to the services’ general ethics methodology and training”. In contrast, Lord Neuberger concluded, that “at least some Security Services officials appear to have a dubious record when it comes to actual involvement and frankness about such involvement with the mistreatment of Mr Mohamed”.14 Following the judgment the government settled the claim and those brought by a number of other litigants, who claimed that the agencies had been complicit in torture, by paying substantial compensation. Detailed instructions to cover the questioning by the agencies of terrorist suspects held abroad were published15 and a judicial inquiry was established. The inquiry was subsequently disbanded, however, in the light of fresh criminal investigations into the involvement of MI6 in the rendition to Libya of a dissident, Abdel Hakim Belhaj, and his wife, Fatima Boudchar, which came to light after the fall of the Gaddafi regime, as it was unable to complete its work while the criminal investigations were in progress. In December 2013 the ISC agreed to take over the 8 Intelligence and Security Committee, Iraqi Weapons of Mass Destruction- Intelligence and Assessments, Cm. 5972, 2003, para 86. 9 Report of the Inquiry into the Circumstances Surrounding the Death of Dr David Kelly C.M.G., H.C. 247 (2003–4), para 467, http://www.the-hutton-inquiry.org.uk. 10 Review of Intelligence on Weapons of Mass Destruction: Report of a Committee of Privy Counsellors (2003–4) HC 898. 11 National Intelligence Machinery 2010. 12 Intelligence and Security Committee, Rendition (2007), Cm 7171, paras 111–47. See also: Intelligence and Security Committee, The Handling of Detainees by UK Intelligence Personnel in Afghanistan, Guantanamo Bay and Iraq (2005) Cm 6469. 13 Joint Committee on Human Rights, Allegations of UK Complicity in Torture, para 60. 14 R (on the application of Binyam Mohamed) v Secretary of State for Foreign and Commonwealth Affairs [2010] EWCA Civ 158, para 29. 15 Consolidated Guidance to Intelligence Officers and Service Personnel on Detention and Interviewing of Detainees Overseas, and on the Passing and Receipt of Intelligence Relating to Detainees https://www. gov.uk/government/uploads/system/uploads/attachment_data/file/62632/Consolidated_Guidance_November_2011.pdf (accessed 21 February 2018).

Leigh

557

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:13 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

11

12

13

14

investigation from the judicial inquiry and it reported its findings in July 2018. It found that UK agencies had been much more involved in the US rendition programme than had been acknowledged and had failed to challenge very serious mistreatment of a small number of detainees.16 The Snowden revelations have had a significant impact in the UK since a number of them concern the work of GCHQ and its collaboration with the NSA in bulk collection of communication data. Snowden’s allegations made the public aware about the agencies collection activities on a previously unimagined scale. Those alleged activities include, among other things, the services’ direct access to fibre optic cables that carry much communications traffic (TEMPORA),17 access to the servers of leading internet companies under joint programmes (PRISM),18 and extensive computer network exploitation to implant malware (in particular to access Belgacom and Gemalto, a major producer of mobile phone SIM cards).19 The UK Government’s initial reaction was to issue categorical- if carefully wordeddenials of Snowden’s allegations that SIGINT cooperation is used to circumvent legislation. In Parliament Ministers’ initial response to Snowden’s allegations was a mixture of generalised reassurance and to point to the more detailed, but largely irrelevant, scheme governing interception warrants. Since the allegations centred on “mass surveillance” by GCHQ involving interception of external communications and collection of metadata this amounted to evasion rather than a meaningful response. The ISC supported these ministerial assurances by its own statement on the PRISM programme20 that it had found no evidence that the law was being broken. Far from being an endorsement of the existing position, if anything these statements implied that the legislation was deficient, as the committee itself later acknowledged in its 2015 report Privacy and Security.21 There followed a spate of other official reviews and test cases brought by privacy campaigners (described in Section D. II below). The outcome was that a number of obscure or secret information-gathering techniques employed by the agencies, particularly in relation to bulk data and equipment interference, were officially acknowledged and brought within a detailed statutory framework. The Investigatory Powers Act 2016 makes significant changes to the legal regime governing surveillance (see Section D. III-VI below).22 Some of these changes (especially

16

ISC, Detainee Mistreatment and Rendition 2001–2010, HC 1113 (2018). TEMPORA was said to involve the interception by GCHQ of digital traffic flowing through the underwater fibre optic cables landing in the UK. 18 “The PRISM programme was said to involve the collection by the NSA of data from the servers of nine US internet companies (Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube and Apple –’the Prism Providers’). Types of data collected included a range of digital information such as email, chat, videos, photos, stored data, VOIP, video conferencing and online social networking details.” (Anderson, A Question of Trust, Annex 7). 19 David Anderson QC (Independent Reviewer of Terrorism Legislation), A Question of Trust, Annex 7.7. 20 Statement by the ISC regarding GCHQ’s alleged access to the US PRISM programme, July 2103 https://b1cba9b3-a-5e6631fd-s-sites.googlegroups.com/a/independent.gov.uk/isc/files/20130717_ISC_statement_GCHQ.pdf?attachauth=ANoY7coZE-rHTq9Qzt2ZUBDHYRhsr1oop0VRWbG3M7vS0R8jGCovCwsUInaAlJ4T05hWcB8ApdN3mbge3Ey66211zyzdHjeyIj1x_pScLmjavzvy-4Dsxp4MojNPfJGRvSlAbi– oOL2cFrLrIz6SqlaQ5n4yc1sAJzUNhv54EHYePW7mN5742OVbKTsdSXfzc7g_Id8cv_a-fVJhyzy2xCAuQiXORftFftP-kzkMNH8sujSgGNIsTQ%3D&attredirects=0. 21 Intelligence and Security Committee of Parliament, Privacy and Security: A modern and Transparent Legal Framework (March 2015) HC 1075. 22 The legislation is highly technical and complex and only a brief summary of the relevant key features can be given here. See further: S. McKay, Blackstone’s Guide to the Investigatory Powers Act 2016 (Oxford University Press, Oxford, 2017). 17

558

Leigh

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:14 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. Intelligence Law and Oversight in the UK

those on data retention, precipitated by the Digital Rights judgment)23 had been under discussion for several years and had already generated significant opposition from civil libertarians, prior to the Snowden revelations. Nonetheless, it is clear that those disclosures had a significant impact, in particular by forcing additional admissions about bulk collection or strategic communication intelligence by UK agencies, by fuelling a debate about the legality and the adequacy of oversight of these practices within the current regime, and by shaping proposals in the draft legislation.24

C. The legal basis for and role of the intelligence agencies The relevant provisions are the Security Service Act 198925 and the Intelligence 15 Services Act 1994 (the latter covering SIS and GCHQ). Other parts of the intelligence machinery – especially those concerned with intelligence analysis- such as Defence Intelligence and the Joint Intelligence Committee are creatures of the prerogative and remain outside the statutory framework. A separation is made between security and policing: the agencies do not have the power to arrest or to prosecute- even in the fields of counter-terrorism and counter-espionage, these are the province of the police and the Crown Prosecution Service, with whom the services work closely. Although MI5 is a security agency, MI6 is responsible for intelligence26 and GCHQ 16 for signals intelligence and information security,27 all three agencies have the common statutory functions of the protection of national security, protecting the economic wellbeing of the UK28 and assisting (the police or customs) in preventing or detecting serious crime. The statutory approach to national security differs markedly, however, between the Security Service and the other agencies. This is undoubtedly because of civil liberties sensitivities about the impact of domestic security operations, although strictly the legislation does not prohibit domestic operations against appropriate targets by SIS and GCHQ (nor prohibit MI5 from working overseas). Consequently the Security Service’s statutory aims are more closely defined than with 17 the other agencies: in its case the protection of national security, including (but not limited to) protection against threats from espionage, terrorism and sabotage, from the activities of agents of foreign powers, and “actions intended to overthrow or undermine parliamentary democracy by political, industrial or violent means” (“counter-subversion”).29 The breadth of these aims reflects the Cold War origins of the Maxwell-Fyfe 23 Emergency legislation was introduced (the Data Retention and Investigatory Powers Act 2014) following the judgment of the CJEU in Digital Rights Ireland Ltd v. Minister for Communications (Joined Cases C 293/12 and C 594/12) to provide a stop-gap legal basis for requirements on telephone and internet companies to retain “communications data” on individuals for up to a year. This legislation contained a sunset clause of 31 December 2016 and is superseded by the Investigatory Powers Act 2016, Pt. 3. 24 Intelligence and Security Committee of Parliament, Privacy and Security: A modern and Transparent Legal Framework (March 2015) HC 1075 (hereafter “Privacy and Security”); David Anderson QC (Independent Reviewer of Terrorism Legislation), A Question of Trust: Report of the Investigatory Powers Review (2015) (hereafter “A Question of Trust”) ; Royal United Services Institute, A Democratic Licence to Operate: Report of the Independent Surveillance Review (London, 2015) (hereafter “A Democratic Licence to Operate”) . 25 I. Leigh and L. L. Lustgarten, “The Security Service Act 1989” (1989) 52 Modern Law Review 801–836; P. Birkinshaw, Reforming the Secret State (Milton Keynes, 1990). 26 http://www.mi6.gov.uk/output/sis-home-welcome.html. 27 http://www.gchq.gov.uk/. 28 Limited, however, to the actions or intentions of persons outside the British Islands. 29 Security Service Act 1989, S. 1.

Leigh

559

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:14 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

18

19

20

21

Directive. In practice, however, counter-terrorism now accounts for more than 80 % of MI5’s effort and resources. Since the end of the Cold War the controversial area of counter-subversion, which many believed betrayed a bias against radical political and pressure groups, has been dormant.30 In view of the politically sensitive nature of its role in the domestic arena, there are two important safeguards that limit the Service’s work.31 Collection of information must be restricted to what is “necessary for the proper discharge of its functions” (and likewise its disclosure). The Director-General is also responsible for ensuring that the Service does not take any action to further the interests of any political party. The Intelligence Services Act takes a much broader approach to SIS and GCHQreferring to “the interests of national security, with particular reference to the defence and foreign policies of Her Majesty’s Government”.32 The emphasis on the policies of the government of the day, rather than on overriding national interests is an oblique acknowledgement that the priorities of these agencies are set through “tasking” approved at ministerial level in the annual submission “United Kingdom’s National Requirements for Secret Intelligence”. Within these broad parameters the functions of MI6 are “to obtain and provide information relating to the actions or intentions of persons outside the British Islands. [and] …to perform other tasks relating to the actions or intentions of such persons”.33 The coy reference to other “other tasks” is of course polite usage for a range of actions from espionage to covert action, many of which will be illegal according to the laws of the country where they are undertaken. GCHQ has two roles: signals intelligence and information assurance. In relation to the first its brief to conduct all types of signals interception (and disruption) and decryption.34 The second (and more defensive) role is that of providing technical advice on communications and information technology security to government departments and the armed forces.35 A significant omission is the failure of the 1994 legislation to detail the arrangements for international cooperation (especially with the United States’ National Security Agency, the NSA) which is known to affect much of GCHQ’s work. Four parts of the intelligence structure are outside the statutory framework – Defence Intelligence, the Joint Intelligence Committee (JIC), the Intelligence Assessments Staff and the Joint Terrorism Analysis Centre (JTAC).36 The role of the first two especially came under close scrutiny as a result of events surrounding the use of intelligence in the public justification of the UK’s involvement in the war in Iraq. Defence Intelligence37 is part of the Ministry of Defence and supports the Armed Forces by analyzing information, from open and covert sources, and providing assessments both for them and for the Joint Intelligence Committee. It provides assessments and advice to guide policy 30

Lustgarten and Leigh, In From the Cold, Ch. 14. Security Service Act 1989, S. 2(2). 32 Intelligence Services Act 1994 Ss. 1(2)(a) and 3(2)(a). GCHQ’s functions can also be exercised under Ss. 3(2) “in the interests of the economic well-being of the United Kingdom in relation to the actions or intentions of persons outside the British Islands;” and “in support of the prevention or detection of serious crime”. 33 Intelligence Services Act 1994, S. 1(1). 34 “to monitor or interfere with electromagnetic, acoustic and other emissions and any equipment producing such emissions and to obtain and provide information derived from or related to such emissions or equipment and from encrypted material”: Intelligence Services Act 1994, S. 3 (1) (a). 35 S. 3 (1) (b). 36 National Intelligence Machinery 2010. 37 Formerly the Defence Intelligence Staff. For a current description of Defence Intelligence see: https:// www.gov.uk/government/groups/defence-intelligence (accessed 6 June 2018). 31

560

Leigh

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:15 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. Intelligence Law and Oversight in the UK

decisions, inform defence research and equipment programmes; and support military operations. The head, the Chief of Defence Intelligence (who reports to the Minister of Defence) is also responsible for coordination of intelligence throughout the Armed Forces. The Joint Intelligence Committee sits at the hub of the intelligence machine, in the Cabinet Office, formally connecting it with government. It is responsible for tasking the agencies (especially SIS and GCHQ) and for providing intelligence assessments based on the agencies’ output which are circulated within government, including the relevant ministers. The JIC membership includes not only the heads of the security and intelligence agencies, but also senior officials from the Cabinet Office, the Foreign Office, the Ministry of Defence, the Home Office, the Department of Trade and Industry and the Treasury. The Joint Terrorism Analysis Centre (JTAC) was created in 2003 as the UK’s centre for the analysis and assessment of international terrorism. It is housed within the Security Service (since this the lead agency for counter-terrorism in the UK) and is responsible to the Director-General of the Service.38 Its role is to analyse and assess all intelligence relating to international terrorism, whether domestic or abroad, and to produce threat assessments to other government departments and agencies. JTAC’s effectiveness is monitored by an Oversight Board, chaired by the Cabinet Office.

D. The powers of the agencies I. Introductory The agencies powers are limited to information gathering through various means 22 related to their function.39 They do not have powers of arrest or detention or formal powers to question or interview individuals. The Security Service in particular, however, works closely with the police in counter-terrorism and official secrets investigations and prosecutions.40 The origins of the power to intercept communications in the UK are obscure: up to 23 the 1980s the government relied on the prerogative as legal authority for warrants issued by ministers for mail opening and phone tapping, until the practice was successfully challenged before the European Court of Human Rights in the Malone case.41 Following that decision a statutory scheme for interceptions was enactedinitially in the Interception of Communications Act 1985 and then in the Regulation of Investigatory Powers Act 2000.42 This permits warrants (still issued by a minister, rather than a judge) for the prevention or detection of serious crime, in the interests of national security or for safeguarding the country’s economic well-being. The system is overseen by a Judicial Commissioner who reports annually. The Investigatory Powers 38

Ibid., 15. General provisions apply. S. 2(2) of the Security Service Act 1989 requires the Director-General to ensure that there are arrangements limiting the collection of information by that Service to that necessary for the proper discharge of the Service’s role or for preventing or detecting serious crime. There are equivalent provisions for MI6 and GCHQ: Intelligence Services Act 1994, Ss. 2(2)(a) and 4(2)(a). 40 On police powers of surveillance see M. Amos “The Impact of Human Rights Law on Measures of Mass Surveillance in the United Kingdom”, in F. Davis, N. McGarrity and G. Williams, Surveillance, Counter-Terrorism and Comparative Constitutionalism (Routledge, 2014). 41 Malone v. UK (1984) 7 EHRR 14. 42 For an overview see: J. Moran and C. Walker, “Intelligence Powers and Accountability in the UK”, in Z. Goldman and S. Racoff (eds.), Global Intelligence Oversight: Governing Security in the Twenty-First Century (Oxford University Press, 2016). 39

Leigh

561

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:15 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

Act 2016 (which is being brought into force in phases between 2017 and 2019) introduces important changes to this system of “targeted surveillance” by the agencies, described below. 24 The need to demonstrate a clear legal basis for other forms of state surveillance in order to comply with Article 8 of the ECHR also led in 2000 to the introduction of an umbrella regime for covert surveillance by the services and the police – the Regulation of Investigatory Powers Act 2000. The 2000 Act currently governs intelligence gathering by the agencies involving the use of covert surveillance, covert human intelligence sources (agents) and various forms of technical surveillance: the interception of communications, and the acquisition, disclosure and retention of communications data. The legislation requires that intelligence gathering using any of these must be authorised by designated persons within the agencies who review that it is necessary and proportionate to the aims of the investigation, and that the information cannot be obtained using less intrusive methods.43 These authorisations must be recorded, and made available for review by the Judicial Commissioners, who ensure intelligence gathering is proportionate and not used excessively or inappropriately. Interception of communications and “intrusive surveillance” (i. e. conducted on private premises or a private vehicle) additionally require a warrant signed by a Secretary of State. Many instances of intrusive surveillance will in any event involve interference with property (for example, to plant and recover covert audio and video devices) and so will fall within the regime for property warrants (issued by the Secretary of State) under the Intelligence Services Act 1994. 25 The provisions concerning interception of communications and communications data will be replaced by the Investigatory Powers Act 2016, once it is in force and the account below focuses on those new provisions. A brief explanation is necessary, however, of the context for the changes.

II. The reform of surveillance powers Prior to the 2016 Act the RIPA provisions drew a distinction between interception warrants, which identified specific targets for surveillance and were approved individually, and “certificated warrants” for interception of external communications (i. e. where the originator or recipient of the communication was outside the country). The latter, approved by the Foreign Secretary, needed only to specify general categories of information and were then subject to less rigorous controls over the examination of material obtained. Interception of metadata was likewise subject to lighter regulation and could be undertaken by a number of public agencies, after approval of a magistrate. 27 There was clear evidence before the 2016 reforms that the existing law on surveillance was being stretched and contradicted in spirit, if not according to the letter, by some of the agencies’ practices. RIPA contained some safeguards against use of external communications warrants as a substitute for the targeted interception of internal communications, thus partially addressing one potential concern. What the legislation did not do, however, was to adequately distinguish between metadata and interception of the contents of communication in a way corresponding to current technology. As a result, the weaker controls over gathering metadata allowed for collection of much personal information that a decade earlier would have only been available under the stricter regime governing interception of the content of communications. Nor did the legislation contain 26

43 Regulation of Investigatory Powers Act 2000, S. 28 (in the case of “directed surveillance” ie covert surveillance in a public place) and S. 29 (in the case of covert human intelligence sources) and Sch. 1.

562

Leigh

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:16 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. Intelligence Law and Oversight in the UK

any effective safeguards against the transfer of intercepted material to overseas agencies such as the NSA, or deal adequately with controls over material flowing the other way. The distinction between domestic and external interception was in any event called into question by the disclosures of Edward Snowden which included allegations that the UK agencies treated communications with overseas based internet platforms (such as yahoo, Google and Facebook) as subject to the external regime. The Intelligence and Security Committee revealed in 2015 that the agencies had sought and ministers had approved “thematic” interception warrants covering defined groups of individuals or networks, rather than identified individuals.44 Commentators argued that this practice was of dubious legality under the RIPA45 and the statutory overseer, the Interception of Communications Commissioner, was plainly uncomfortable with it also, although stopping short of labelling it unlawful.46 A series of further admissions and official disclosures followed. The Interception of Communications Commissioner was asked in January 2015 to review the use of a hitherto obscure power contained in the Telecommunications Act 1984 to give ministerial directions to communications providers on grounds of national security.47 This provision had its roots in the privatisation of telecommunications and pre-dated the widespread availability of mobile phones and internet communications but had nonetheless been used, without reporting its use to Parliament, to allow the agencies to acquire bulk communications data under successive governments.48 Other techniques that had not previously been acknowledged by the agencies, such as the use of Bulk Personal Datasets and Computer Network Exploitation (computer hacking) were also publicly avowed. The UK authorities have attempted to frame the debate about non-targeted data gathering and analysis by careful choice of language, referring to “bulk” powers (in preference to “mass surveillance”) to acknowledge the large-scale of the enterprise while nonetheless distinguishing it from universal or indiscriminate intelligence gathering. The account by the ISC of GCHQ’s practice stresses, however, that only a small (but unspecified) proportion of internet traffic is collected under these powers, that smaller proportions still are searched by automated means and only very small proportions of these will ever be read by a human analyst.49 In an effort to demonstrate the need for these powers and to garner bi-partisan support an independent review was commissioned from the Independent Reviewer of Terrorism which endorsed the operational case for the various bulk powers in the IPA 2016.50 The Investigatory Powers Act 2016 brings the existing powers for the agencies and law enforcement bodies for surveillance of communications and access to communications data together in one place but also significantly extends the powers to cover 44 Intelligence and Security Committee of Parliament, Privacy and Security: A modern and Transparent Legal Framework (March 2015) HC 1075, para 42 ff. 45 The statutory basis for thematic warrants rests on the definition of a “person” who may be subject to an external warrant which includes “any organisation or any association or combination of persons” [Regulation of Investigatory Powers Act 2000, S. 8(1)]. The Investigatory Powers Act 2016, S. 7(2). aims to remove any doubt by providing that in the context of a single investigation or operation, a warrant can also cover a group of linked persons, or to more than one person or organisation, or set of premises. 46 T. Hickman, “The Investigatory Powers Bill: What’s Hot and What’s Not?” U.K. Const. L. Blog (11th Dec 2015) (available at https://ukconstitutionallaw.org/). 47 The review was published: Report of the Interception of Communications Commissioner, Review of the Directions given under S. 94 of the Telecommunications Act (1984), July 2016, HC 33. 48 As the Prime Minister acknowledged in a statement to parliament in November 2015: Rt. Hon. Theresa May MP, H.C. Deb., 4 Nov 2015, col. 971. 49 Privacy and Security 31–32. 50 David Anderson QC, Report of the Bulk Powers Review, Cm. 9326 (August 2016).

Leigh

563

28

29

30

31

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:16 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

additional new technologies and allows access to internet connection records. It gives comprehensive statutory underpinning for the first time to a variety of “untargeted” or “bulk surveillance” techniques used by the security and intelligence agencies, in particular, bulk collection and examination, analysis of bulk personal datasets, and also to equipment interference. These are discussed in turn below. Together they reflect the increasing shift in counter-terrorism techniques away from traditional interceptions of communications and towards the collection and analysis of communications data, designed to establish the movement and location of individuals, their habits (including internet browsing), their networks, contacts and travel. 32 Despite the scale of the reforms the government has conceded that the legislation required further amendment before being brought into force with regard to retention of communications data, following the decision of the CJEU in Tele2 Sverige AB v. Postoch telestyrelsen and Secretary of State for the Home Department v. Tom Watson and Others.51 In a consultation document issued in November 2017 the government argued, however, that any changes would affect communications data retention on grounds of investigation of serious crime but not national security, because of the EU’s lack of competence in the latter field.52 In September 2018 the ECtHR also found that the procedure under the 2000 Act for accessing communication data violated Article 8 of the ECHR, as did the bulk interception regime. The judgement (which is under appeal to the Grand Chamber) did not address the 2016 legislation, though it seems likely that the new legislation would meet the concerns that the court expressed about lack of oversight and the clarity of the law.53

III. Targeted interception and examination 33

Under Part 2, Ch. 1 of the 2016 Act the heads of the three intelligence services and the Chief of Defence Intelligence may apply to the Secretary of State for an interception warrant.54 These fall into two main relevant categories: targeted interception warrants and targeted examination warrants. The latter authorise the examination of material relating to a person in Britain that has been collected under a bulk interception warrant.55 The main changes introduced by the 2016 Act are to place added protections for certain categories of communications onto a statutory footing and to move away from ministerial warrants by introducing judicial approval. 51 Joined Cases C-203/15 and C-698/15 Tele2 Sverige AB v. Post- och telestyrelsen and Secretary of State for the Home Department v. Tom Watson and Others, 21 December 2016, CJEU. Following that decision, the Court of Appeal granted a declaration that insofar as the Data Retention and Investigatory Powers Act 2014 (since repealed) permitted use of access to retained data collected for the purpose of preventing, detecting, investigating and prosecuting criminal offences it was not limited to fighting serious crime nor subject to prior review by a court or independent administrative authority: Watson v. SSHD [2018] EWCA Civ 70. The Court of Appeal’s judgment does not deal with the use of data for national security purposes. 52 Home Office, Investigatory Powers Act 2016, Consultation on the government’s proposed response to the ruling of the Court of Justice of the European Union on 21 December 2016 regarding the retention of communications data (November 2017) 11. 53 Big Brother Watch and Others v. United Kingdom, Appl. nos. 58170/13, 62322/14 and 24960/45 (ECtHR, 13 September 2018). 54 The minister must personally consider the application: Investigatory Powers Act 2016, s. 30. 55 A targeted examination warrant is required whenever a member of an intelligence service wishes to look at material which relates to a person who is known to be in the British Islands and when he or she believes that it is necessary and proportionate to select the content of that person’s communications for examination: Investigatory Powers Act 2016, s. 15(3).

564

Leigh

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:17 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. Intelligence Law and Oversight in the UK

An interception warrant may relate to a particular person or organisation, or a single 34 set of premises. This re-enacts longstanding practice and earlier legislation. The Act also aims to remove any doubt about the legality of thematic warrants by providing that in the context of a single investigation or operation it can also cover a group of linked persons, or to more than one person or organisation, or set of premises.56 It is questionable, however, whether it complies with the criteria identified by the Grand Chamber of the European Court of Human Rights in the Zakharov case which include the need in order to comply with Art. 8 ECHR to: “clearly identify a specific person to be placed under surveillance or a single set of premises as the premises in respect of which authorization is ordered. Such information may be made by names, addresses, telephone numbers or other relevant information”57 Concerning the grounds for a targeted warrant, the Secretary of State may issue an 35 interception warrant in the interests of national security, for the purpose of preventing or detecting serious crime, in the interests of the economic well-being of the United Kingdom (in circumstances relevant to the interests of national security), or for giving effect to the provisions of a mutual assistance agreement.58 The minister must personally consider the application and be satisfied that the interception is both necessary59 and proportionate to the grounds. Special enhanced safeguards apply if the warrant relates to the communications of 36 Members of Parliament. Previously it was thought that that the so-called “Wilson doctrine”60 prevented interception of communications of MPs and Peers as a matter of constitutional convention. However, the Investigatory Powers Tribunal examined the practice in 2017 and concluded that the doctrine had no strict legal effect.61 The Tribunal noted, however, that the agencies were bound by codes and guidance (disclosed in the proceedings), which imposed considerable preconditions before parliamentarians’ communications could be accessed and that this regime complied with the European Convention on Human Rights. The 2016 Act significantly strengthens the protection for Members of Parliament’s communications: in these cases the authorisation of the Prime Minister and a Judicial Commissioner is required.62 Additional statutory requirements also apply to protect legally privileged material and 37 journalistic material.63 The introduction of these protections follow a ruling from the Investigatory Powers Tribunal in Belhadj & Others v the Security Service & Others64 that 56 Investigatory Powers Act 2016, S. 7(2). A warrant may also relate to testing or training activities: ibid., S. 7 (3). 57 Zahravov v. Russia, Application 47143/06, para 264, European Court of Human Rights, para 264. 58 Investigatory Powers Act 2016, Ss. 20(2). Sub-s. (4) makes clear that a warrant may only be considered necessary in the interests of the economic well-being of the UK when it relates to the acts or intentions of persons outside the British Islands. 59 A warrant cannot be considered necessary if its only purpose is gathering evidence for use in legal proceedings, or only on the basis that the information that would be obtained relates to trade union activity in the British Islands [Ss. 20(5) and (6)]. 60 Based on a statement to the House of Commons on 20 June 1966 by the then Prime Minister, Harold Wilson. 61 Caroline Lucas MP, Baroness Jones of Moulsecoomb AM, George Galloway vs. the Security Service, SIS, GCHQ [2017] 1 All ER 283, IPT/14/79/CH IPT/14/80/CH IPT/14/172/CH. 62 S. 26. 63 Ss. 27–29. 64 In Belhadj & Others v. the Security Service & Others IPT/13/132-9/H. And see Privacy International and Greennet & Others v. (1) The Secretary of State for Foreign and Commonwealth Affairs (2) The Government Communications Headquarters, IPT 14/85/CH 14/120-126/CH holding that since changes to

Leigh

565

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:17 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

legally privileged material collected under the former legal regime had been unlawfully intercepted in contravention of Art. 8 ECHR, and ordering its destruction. 38 Following the minister’s approval a Judicial Commissioner considers whether to approve the warrant (see Section E.III. 1 below for description of judicial oversight), applying judicial review principles to the Secretary of State’s conclusions with regard to the necessity and proportionality of the warrant65 and having particular regard to privacy duties.66 Where a Judicial Commissioner refuses to approve a warrant written reasons must be given by the Commissioner and these may be reconsidered by the Investigatory Powers Commissioner at the request of the person authorising the warrant. The Investigatory Powers Commissioner’s decision is final.67

IV. Untargeted “bulk” powers Domestic authorisations to obtain communications data are governed by Part 3 of the 2016 Act. This provides for “bulk acquisition”68 i. e. an instruction to a telecommunications operator to retain communications data69 and disclose it to the intelligence services70 (or so-called metadata) and for the retention and examination of bulk personal datasets.71 40 Before exercising one of the “bulk” powers, the services must obtain a warrant authorised by the Secretary of State and approved by a Judicial Commissioner. The warrants must specify the operational purposes for which any communications data obtained may be selected for examination. The operational purposes provided for in the Act are: national security; or national security and the purpose of preventing or detecting serious crime; or national security and in the interests of the economic wellbeing of the United Kingdom.72 The ‘operational purposes’ approved by the Secretary of State for bulk interception must, however, be specified in greater detail than the general description ‘national security’, and moreover are required to be shown at 3-monthly intervals to the Intelligence and Security Committee.73 41 When bulk acquisition is used domestically the intelligence services may only collect communication data rather than the content of the communications.74 This could nonetheless include the location of mobile and fixed line phones from which calls are made or received, and the location of computers used to access the internet, the identity 39

the statutory Codes of Practice in 2015 that protection for legally privileged material in relation to Computer Network Exploitation (CNE) by the services had complied with the ECHR. 65 S. 23. 66 Set out in S. 2. 67 Ss. 23(4) and (5). 68 Privacy International challenged the previous bulk acquisition powers under S. 94 of the Telecommunications Act 1984 before the Investigatory Powers Tribunal. The IPT ruled that until 4 November 2015 when stricter safeguards were introduced, the intelligence services were violating the right to private life (Article 8 of the ECHR): Privacy International v. Secretary of State for Foreign and Commonwealth Affairs [2016] UKIP Trib 15_110-CH, 17 October 2016. See also Big Brother Watch and Others v. UK (above). 69 Under the terms of the Act communications data refers to the “who”, “when”, “where” and “how” of a communication, but not its content.: see Ss. 261 and 262. 70 Investigatory Powers Act 2016, Ss 158–175. 71 Investigatory Powers Act 2016, Ss. 199–226. 72 Investigatory Powers Act 2016, S. 138 (bulk interception); S. 158 (bulk acquisition); S. 178 (bulk equipment interference); Ss. 204 and 205 (bulk personal datasets). 73 Investigatory Powers Act 2016, S. 142 (bulk interception); S. 161 (bulk acquisition); S. 183 (bulk equipment interference); S. 212 (bulk personal datasets). 74 Investigatory Powers Act 2016, S. 158(6).

566

Leigh

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:18 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. Intelligence Law and Oversight in the UK

of a subscriber to a telephone service or a detailed telephone bill, websites visited from a device, email contacts, map searches, GPS location and information about devices connected to a Wifi network. Such data can, for example, be used by the agencies to identify members of a terrorist network in contact with a particular email address.75 Techniques used for foreign surveillance gathering by contrast are more intrusive and 42 allow for the collection and access of content of communications rather than only metadata.76 The Act allows bulk collection through “interception of overseas-related communications”77 (i. e. sent or received by a person outside Britain) and “obtaining secondary data from such communications”.78 One method used by the intelligence services is to tap undersea fibre optic cables landing in the United Kingdom in order to intercept their traffic. Indeed in 2008 the European Court of Human Rights found that a programme of mass interception of “external” communications passing between the Republic of Ireland and the UK operated by the Ministry of Defence under warrant between 1990 and 1997 violated Article 8, because the statutory basis was insufficiently clear and detailed.79 The provisions governing ministerial approval of “operational purposes” described above go some way to meet the criticism that the 2016 Act permits “mass surveillance”. However, the language used to describe these would still allow a high degree of generality in the authorization of bulk powers and a number of the controls governing how analysts can query databases of collected data remain in the form of internal procedures, rather than legal requirements.

V. Bulk personal datasets Bulk personal datasets are large datasets containing information about a large 43 number of individuals (such as passport holders, driving licence records, voters on the electoral register) that are incorporated into “analytical systems”. The majority of the individuals to whom this data relate will not be of any interest to the intelligence services but they will examine the data relating to the minority who are of intelligence interest. The data may be acquired by overt or covert means, and include data about biographical details, commercial and financial activities, communications and travel. Although it is hardly surprising that services access and link personal data in this 44 way, the existence their use of bulk personal datasets was only confirmed for the first time in 2015.80 In its Privacy International decision the Investigatory Powers Tribunal found that the intelligence services had violated the right to private life until 12 March 2015 when stricter safeguards were introduced.81 Whereas previously the agencies claim of authority to access and use Bulk Personal Datasets rested only on their general statutory competences, the 2016 Act now gives an express statutory basis for the retention and use of these datasets. The 2016 Act defines them as sets of “information that includes personal data 45 relating to a number of individuals”82 where “the nature of the set is such that the majority of the individuals are not, and are unlikely to become, of interest to the

75

Anderson, A Question of Trust (2016), p. 159. Investigatory Powers Act 2016, Part 6 Ch. 1. 77 Investigatory Powers Act 2016, S. 136 (2)(a). 78 Investigatory Powers Act 2016, S. 136 (2)(b). 79 Liberty and Others v. United Kingdom, Applicationno. 58243/00, E Ct HR, 1 July 2008. 80 Intelligence and Security Committee of Parliament (2015), Ch. 7. 81 Investigatory Powers Tribunal, [2016] UKIPTrib 15_110-CH, 17 October 2016. 82 Investigatory Powers Act 2016, S. 199 (1)(a). 76

Leigh

567

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:18 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

intelligence service in the exercise of its functions”.83 It provides that BPDs may not be retained or examined by an intelligence agency unless authorised by warrant.84 Warrants are of two kinds: Class or Specific BPDs.85 46 An intelligence agency is prevented from using a class BPD warrant to access a dataset that consists of health records or if a substantial proportion of the dataset consists of sensitive personal data.86 For this purpose, the definition of “sensitive personal data” corresponds to that for data protection purposes i. e. a person’s racial or ethnic origins, political or religious beliefs, trade union membership, health, sexual life, and criminal record.87 A restriction also prohibits retention or examination of a BPD in reliance on a class BPD warrant if the head of the intelligence service considers that the nature of the BPD raises novel or contentious issues which ought to be considered by the Secretary of State and a Judicial Commissioner.

VI. Equipment interference 47

Part V of the 2016 Act gives for the first time explicit powers for interference by the agencies with equipment (typically, computers and mobile devices). Hitherto the agencies have relied on less specific powers to interfere with property, which in public accounts had been associated with covert entry to premises in order to search, place or recover surveillance devices. In its Greenmet decision the Investigatory Powers Tribunal found that existing powers for property interference warrants (under S. 5 of the Intelligence Services Act 1994 and with reference the statutory Codes of Practice) could in principle be used to allow GCHQ to carry out Computer Network Exploitation (CNE) and gave guidance over how specific a warrant would have to be in order to be lawful both at domestic law and so as to comply with Articles 8 and 10 of the ECHR.88 The Tribunal reached no conclusion whether s. 7 of the Intelligence Services Act 1994 (which allows ministerial authorization of otherwise unlawful extra-territorial acts by the services) could lawfully authorize CNE outside the British Islands, because of its uncertainty over whether the Convention would apply, at least in relation to a hypothetical case. The 2016 Act covers the topic explicitly and provides for equipment interference warrants to be issued by the Secretary of State89 and to be approved by a Judicial Commissioner.90 If the Commissioner refuses to approve the warrant the agency may ask the Investigatory Powers Commissioner to review the decision.91

83

Investigatory Powers Act 2016, S. 199 (1)(b). Investigatory Powers Act 2016, S. 200. 85 Investigatory Powers Act 2016, Ss. 204 and 205, respectively. 86 S. 202(1). Nor may an intelligence service retain, or retain and examine, a BPD in reliance on a class BPD warrant if the head of the intelligence service considers [the BPD consists of, or includes such personal data (s. 202(2)]. 87 Data Protection Act 1998, S. 2(a)-(f). 88 Privacy International and Greenmet & Others v. (1) The Secretary of State for Foreign and Commonwealth Affairs (2) The Government Communications Headquarters, IPT 14/85/CH 14/120-126/ CH. 89 Investigatory Powers Act 2016,S. 102. A warrant can only be issued if it is necessary in the interests of national security, for the purpose of preventing or detecting serious crime, or in the interests of the economic wellbeing of the United Kingdom (so far as those interests are also relevant to the interests of national security) (s.102(5)) and proportionate to the intended outcome. 90 Investigatory Powers Act 2016, S. 108. 91 Investigatory Powers Act 2016, S. 108(5). 84

568

Leigh

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:19 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. Intelligence Law and Oversight in the UK

Bulk equipment interference92 is only permitted if outside Britain.93 It covers ‘hacking 48 or the implantation of software into endpoint devices or network infrastructure to retrieve intelligence, but [they] may also include, for example, copying data directly from a computer’.94 Presumably also, though not explicitly acknowledged, the interference could take the form of implanting malware in a cyber-attack. It is alleged, for example, that GCHQ participated, together with US and Israeli agencies, in the development of the so-called Olympic Games virus to disable critical infrastructure in advance of a potential Israeli attack on the Iranian nuclear programme.95

VII. The judicial approval process The ‘double-lock,’ approval process introduced in the 2016 Act requires that warrants 49 or notices for both targeted surveillance and bulk powers be authorised by the Secretary of State96 and subsequently approved by the Judicial Commissioner.97 Judicial Commissioners must hold or must have held a high judicial office.98 The ‘double-lock,’ is a major change and replaces a procedure dating back to the sixteenth century under which ministers alone were responsible for issuing warrants for interception. This change follows longstanding criticism that the system of ministerial warrants 50 lacked the independence and rigour of a judicial process in protecting human rights and was out of line with international practice. These considerations, together with the pragmatic argument that a judicial process was more likely to persuade the major US communications providers to cooperate with requests from the UK agencies,99 led to proposals to put final approval in the hands of a Judicial Commissioner. The Intelligence and Security Committee had suggested that ministers should continue to issue warrants rather than judges because they were better able to judge the wider public interest, as well as the diplomatic and political context, while being politically responsible for decisions to authorize surveillance.100 As the Independent Reviewer pointed out, however, in view of the secrecy surrounding surveillance, responsibility was notional rather than a realistic prospect of being called to account. He recommended a system of judicial warrants, with a variation of a mixed system in the case of national security warrants relating to defence and foreign affairs. The latter system would retain the advantages of ministerial approval but place consideration of more distinctly legal questions into the hands of a Judicial Commissioner.101 It is a variation on this division of labour, applying it more widely, that has been implemented in the ‘dual lock’ provisions.

92

Investigatory Powers Act 2016, Part 7. Investigatory Powers Act 2016, s 176(1)(c). Prior to the entry into force of the Investigatory Powers Act 2016, bulk powers interference had never been used in the United Kingdom. Anderson, D. (2016), 184. 94 Anderson, A Question of Trust, (2016), 34. 95 ‘Zero Day: Nuclear Cyber Sabotage’, BBC television, 16 Jan 2017. 96 Investigatory Powers Act, s. 19 for interception and examination, s. 87 for retention of communications data, s. 102 for equipment interference. 97 Investigatory Powers Act, s. 23 for interception and examination; and S. 87 (1) (b) for retention notices, S. 102 (1) (d). 98 Investigatory Powers Act, S. 227 (2). 99 A Question of Trust 207. 100 Privacy and Security 119. 101 A Question of Trust, 274. 93

Leigh

569

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:19 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis 51

Under the process the Commissioner is required to review whether the warrant or notice is necessary and whether the measures applied for are proportionate.102 Warrants are valid for six months,103 and retention notices can require the retention of data for 12 months.104 In urgent cases a warrant can be issued for targeted interception and equipment interference and as well as for bulk interception and bulk datasets without the prior approval of the Judicial Commissioner.105 In these cases, however, the Commissioner must be notified and can decide whether they approve the warrant or not within three working days after the date of issue. In cases of refusal to approve a warrant, the implementing authority must, “so far as is reasonably practicable, secure that anything in the process of being done under the warrant stops as soon as possible”.106 The Commissioner may also decide whether to request the destruction of any material collected or may impose conditions on its use or retention.107

E. Accountability of the agencies I. Ministerial responsibility and control Ministerial responsibility for the Security Service is through the Home Secretary, although operational control is in the hands of the Director-General. SIS and GCHQ both come under the authority of the Secretary of State for Foreign and Commonwealth Affairs. Operational control is in the hands of the Chief and Director, respectively, who are appointed by the minister.108 Each agency head is required to give an annual report to the Prime Minister and the Secretary of State. 53 It would be wrong, however, to equate the position of the agencies with conventional government departments of state, responsible to a Secretary of State. There is a marked departure from the British constitutional position by which ministers are legally responsible and officials are anonymous and, legally-speaking, invisible. Statutory provisions give the heads of the agencies a right of direct access to the Prime Minister109 who, despite the services’ departmental associations, has traditionally assumed overall control and acted as the government mouthpiece on intelligence matters.110 Moreover, unlike normal civil service heads of department, the Director-General of the Security Service, the Chief of the SIS and the Director of GCHQ are named in law as having day to day responsibility. The reason is undoubtedly to provide a safeguard of the services’ neutrality in party political terms. Indeed, political neutrality is explicitly addressed by 52

102 Investigatory Powers Act, S. 23 (1) for interception and examination, S. 89 (1) for retention, S. 108 (1) for equipment interference. 103 Investigatory Powers Act, S. 32 (2) (b) for interception and examination, S. 116 (2) (b) for equipment interference. 104 Investigatory Powers Act, S. 87 (3). 105 Investigatory Powers Act 2016, Ss. 24 and 109 for targeted interception and examination, and equipment interference warrants respectively. S. 180 for bulk equipment interference, s. 209 for bulk personal datasets. 106 Investigatory Powers Act 2016, Ss. 25 (2); 110 (2); 181 (2); 210 (2) respectively. 107 Investigatory Powers Act 2016, S. 25 (3). 108 Intelligence Services Act, Ss. 2 and 4. 109 Security Service Act 1989, S. 2(4) and Intelligence Services Act 1994, Ss. 2(4) and 4(4). 110 See also: R. Aldrich and R Cormac, The Black Door: Spies, Secret Intelligence and British Prime Ministers (Harper Collins, 2016).

570

Leigh

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:20 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. Intelligence Law and Oversight in the UK

provisions that require the heads of all three agencies to ensure that the services do not take any steps to further the interests of any UK political party.111 Furthermore, some of the services’ actions require explicit ministerial approval by the 54 responsible Secretary of State. Unlike many other countries in which judicial authorisation is required, in the UK the tradition has been for telephone tapping or mail opening (which may also be undertaken by the police) to be approved by the Secretary of State under warrant.112 This process will, however, be modified by the addition of a process of judicial confirmation once the ‘dual lock’ system under the Investigatory Powers Act 2016 comes into force. Another instance where ministers are given specific powers concerning individuals is the field of detention of terrorist suspects and the deportation of foreign nationals on grounds of national security.113 Diligent ministers will clearly require convincing and detailed supporting evidence from the agencies before they approve such actions. In the current context of use of counter-terrorist powers, for example, a close and continuous dialogue between the Home Secretary his officials and the Security Service is inevitable. Similarly the implications of the actions of SIS and GCHQ for diplomatic and foreign relations create an imperative for consultation with the Foreign Secretary. In some instances this is buttressed by legal requirements also: when immunity is required from legal liability under UK law for actions abroad (i. e. for offences over which the UK courts exercise extra-territorial jurisdiction) the Foreign Secretary may give authorisation under section 7 of the (Intelligence Services Act 1994. The budgets of the agencies are set by ministers through the Single Intelligence 55 Account (SIA) as part of the government-wide periodic Spending Review mechanism. Individual agency budgets are not published annually because the information is deemed sensitive. The Prime Minister’ s National Security Adviser is the Principal Accounting Officer for the SIA. Defence Intelligence and the central intelligence machinery are funded separately through the Ministry of Defence and the Cabinet Office respectively. JTAC is funded by the various departments and agencies contributing staff with additional costs covered through the SIA.

II. Parliamentary oversight114 The Intelligence and Security Committee (‘ISC’), was established under the Intelli- 56 gence Services Act 1994 to examine all three security and intelligence services. The Justice and Security Act 2013 made some (mostly minor) changes to the ISC’s composition, reporting and remit and is the current legislation. Under the Justice and Security Act 2013 the ISC was re-designated as the Intelligence 57 and Security Committee of Parliament (emphasis added), with a remit to examine the expenditure, policy and administration of all three security and intelligence agencies.115 111

Security Service Act 1989, S. 2; Intelligence Services Act 1994 1994, Ss. 2 and 4. Regulation of Investigatory Powers Act 2000, Part 1. In practice, the Home Secretary, Foreign Secretary, Northern Ireland Secretary, the Secretary of State for Defence, and the Second Minister in Scotland. 113 Under the Anti-Terrorism Crime and Security Act 2001 and the Immigration Act 1971. 114 On parliamentary handling of intelligence more generally, see: L. Lustgarten and I. Leigh, In From the Cold, Ch. 16; A.Horne and C. Walker, ‘Parliament and National Security’ in Horne, A. and Le Sueur, A. (eds.), Parliament: Legislation and Accountability (Hart, Oxford, 2016); V. Fikfak and H.Hooper, Parliament’s Secret War (Hart, Oxford 2018). 115 Justice and Security Act 2013, S. 2(1). The agencies’ expenditure is audited under arrangements with the National Audit Office. The Chair of the House of Commons Public Accounts Committee is also shown the relevant details. 112

Leigh

571

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:20 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

This is a subtle difference which the government argued would make the Committee ‘demonstrably accountable to Parliament’.116 The ISC can oversee other parts of the intelligence community under a memorandum of understanding agreed with the Prime Minister.117 It has restricted powers to examine operational matters where the agencies volunteer information or (in the case of historic operations) where requested by the Prime Minister and both the committee and the Prime Minister consider it to be of significant national interest.118 58 Unlike a select committee the ISC is governed by legislation, rather than the standing orders of Parliament. The legislation governs the appointment of its members, the procedure it adopts, its powers over witnesses and hearings, and the publication of its reports. It comprises nine Parliamentarians from both Houses, appointed by the respective Houses (to be eligible however they must be nominated by the Prime Minister after consultation with the Leader of the Opposition).119 Parliament can veto the Prime Minister’s nominees to the Committee but does not have a free choice of nominees. Current Ministers of the Crown are legally debarred from being members of the committee.120 59 Certain additional practices have supplemented the statutory provisions. The composition has usually been eight members of the House of Commons and one member of the House of Lords. Members have frequently included past holders of ministerial office with experience of responsibility for security and intelligence (including past Foreign, Defence and Home Secretaries) and retired senior civil servants. In the past Prime Ministers have made conspicuous use of the patronage of appointing the chair of the ISC: the chair has been held by a succession of ex-ministers from the party of government. Arguably, confidence in the independence of the committee has been weakened by the failure to rotate the chairmanship with the Opposition.121 Under the changes introduced in 2013 the Chair is chosen by the Committee itself, rather than by the Prime Minister.122 The ISC now also reports direct to Parliament but must send its reports beforehand to the Prime Minister and exclude matters that the Prime Minister considers would be prejudicial to the agencies.123 This is a minor symbolic change to the previous practice whereby the report was to the Prime Minster who then laid it before Parliament. Despite the changes the ISC falls short of being under full control of Parliament in the same way as a select committee.124 60 Although the ISC has power to send for persons and papers, in other respects its information-gathering powers are limited. The agency heads may refuse to disclose ‘sensitive information’125 ie information that might lead to the identification of sources, 116 Ministry of Justice, Justice and Security Green Paper (2011), Cm 8194: para 3.20; and para 3.25–3.32, discussing incidental changes to the appointment of the members and Chair of the ISC and to the arrangements for its accommodation, staffing and budget. 117 Justice and Security Act 2013, Ss. 2(2) and (5). On this basis it also examines Defence Intelligence. 118 Justice and Security Act 2013, S. 3. 119 Justice and Security Act 2013, S. 1 (3) and (4)(a). 120 Justice and Security Act 2013, S. (4)(b). 121 It appeared that a convention of this kind (or of rotating the chair between parties) might emerge when the Labour Prime Minister Tony Blair retained Tom King (a former Conservative minister) as Chair of the ISC following the 1997 election. However, on King’s departure there followed a succession of appointments of ex-ministers from the ruling party. 122 Justice and Security Act 2013, s. 1(6). 123 Justice and Security Act 2013, s. 3. 124 As advocated by the Joint Committee on Human Rights, Allegations of UK Complicity in Torture, 23rd Report for 2008–9, HL 152/HC 230 (2009). For earlier similar proposals see Home Affairs Select Committee, Accountability of the Security Service, HC (1998–99), p. 291. 125 Justice and Security Act 2013, Sched. 1.

572

Leigh

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:21 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. Intelligence Law and Oversight in the UK

other forms of assistance given to the agencies, or operational methods; information concerning past, present, or future specific operations; or, information provided by a foreign government which does not consent to its disclosure is included. Within these categories refusal is discretionary. In practice the ISC works by consensus, perhaps because it meets almost exclu- 61 sively in private. The published reports do not record formal disagreement or voting among members of the Committee and nor have there been any published minority reports. Nevertheless in the past the Committee has arguably been hampered in its work by being too closely associated with the agencies- particularly when tackling controversial topics such as intelligence before the Iraq war, the 7 July 2005 bombings in London126 and allegations of complicity in torture.127 As a consequence of the inability of the ISC to produce definitive reports that allayed public concern and mistrust surrounding these topics there have been several ad hoc inquiries into topics that the ISC has already investigated, for example the Butler review, the special inquest into the 7/7 bombings.128 The perception that the oversight regime was failing to provide public assurance that the agencies were acting efficiently and with propriety was undoubtedly a major contributing factor to the 2013 reform of the Committee’s status and powers. Nonetheless, a MORI survey in 2014 found that 48 % of these survey were “not at all confident” or “not very confident” in the system of oversight in holding the agencies to account, compared to 40 % who were “fairly confident” or “very confident”.129 The ISC has now been in operation for over more than two decades under some 7 62 different chairs and consequently it is difficult to generalise about its effectiveness. Commentators have given its work mixed reviews.130 Most accept that it has built up a relationship of trust with the agencies (with only exceptional leaks of confidential material) and that this has enabled it to investigate matters above and beyond those in its remit, including some with operational aspects. It has been seen as fulfilling an educative role in bridging the secret and political worlds.131 Others, however, have seen the relationship with the agencies as too close, sometimes bordering on advocacy,132 or 126 Intelligence and Security Committee 2006. Report into the London Terrorist Attacks of 7 July 2005, Cm 6785; Intelligence and Security Committee 2007, Rendition, Cm. 7171 (July 2007). 127 Joint Committee on Human Rights 2009, 23rd Report for 2008–9, HL 152/HC 230. Although the ISC’s 2018 report (p. 558 above) allays this concern. 128 Report of the Official Account of the Bombings in London on 7th July 2005, H.C. 1087 (2005–6). 129 Ibid., 39. 130 P. Gill, “Evaluating Intelligence Oversight Committees: the case of the UK Intelligence Security Committee and the ‘War on Terror’, Intelligence and National Security, 22(1) 14–37 (2007); I. Leigh, “Parliamentary Oversight of Intelligence in the UK: A Critical Evaluation” in H. Born and M. Caparini (eds.) Democratic Control of Intelligence Services: Containing Rogue Elephants (Aldershot: Ashgate 2007); A. Glees, J. Morrison and P. Davies, The Open Side of Secrecy: Britain’s Intelligence and Security Committee (London: Social Affairs Unit, 2006); M. Pythian, “A Very British Institution: The Intelligence and Security Committee and Intelligence Accountability in the United Kingdom”, in Loch K. Johnson (ed.), Oxford Handbook of National Security Intelligence (New York, Oxford University Press, 2010), 699–718; M. Pythian, “The British Experience with Intelligence Accountability: The First Twenty Years”, in Loch K. Johnson (ed.) Essentials of Strategic Intelligence (Santa Barbara, CA, Praeger Security International, 2015), 447–69; H.Bochel, A. Defty, J. Kirkpatrick “New mechanisms of independent accountability: select committees and Parliamentary scrutiny of the intelligence services”, Parliamentary Affairs, 68 (2) 314–331 (2015). 131 A. Defty, “Educating parliamentarians about intelligence: the role of the British Intelligence and Security Committee” (2008) 61(4), Parliamentary Affairs 621–641. 132 See, for example, its criticism of US-based internet companies for their lack of cooperation with the agencies: Intelligence and Security Committee, Report on the intelligence relating to the murder of Fusilier Lee Rigby, 139–151.

Leigh

573

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:21 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

on occasion naïve, have criticised it for lack of ambition133 and inattention to human rights concerns,134 and have contrasted the quality of its investigations with those other inquiries.135

III. Judicial oversight136 1.The Commissioners The agencies are also overseen by judicial Commissioners, who were appointed initially under the 1989 and 1994 Acts but currently work within the Regulation of Investigatory Powers Act 2000. These procedures were initially introduced in a (successful) attempt to ward off a finding that the previous regime violated the European Convention on Human Rights.137 The legislation is in the process of being supeceded by the Investigatory Powers Act 2016, the oversight arrangements of which are being introduced in phases, from spring 2018. Formerly the Intelligence Services Commissioner was responsible for reviewing and reporting upon the issue and authorization, by the relevant minister, of warrants for operations by the Agencies.138 The Interception Commissioner (established under S. 57 of the Regulation of Investigatory Powers Act 2000) reviewed the issue and authorization of warrants to intercept mail and telecommunications by the intelligence and security Agencies and law enforcement organizations. 64 The Investigatory Powers Act 2016 makes significant changes to this scheme by bringing together in a single and more powerful judicial Commissioner’s office the various oversight Commissioners established under earlier legislation (so abolishing the offices of the Interception Commissioner and Intelligence Services Commissioner). The new Investigatory Powers Commissioner (‘IPC’) must hold or must have held a high judicial office139 but the Commissioner’s role is distinct from that of the Judicial Commissioners under the Act.140 The role of the office is to keep under review the majority of the targeted and bulk surveillance powers available to the intelligence services,141 especially with regard to the operation of safeguards to protect privacy.142 The security and intelligence services are required to disclose or provide all the 63

133 P. Gill, “The ISC and the Challenge of International Security Networks”, Review of International Studies 35 (2009) p. 932. 134 I. Leigh, “Rebalancing Rights and National Security: Reforming UK Intelligence Oversight a Decade After 9/11” (2012) 27 (5), Intelligence and National Security 721–737. 135 R. Aldrich, “Whitehall and the Iraq War: the UK’s Four Intelligence Enquiries”, Irish Studies in International Affairs, 16 (2005), 73–88. 136 In addition to the methods described here judges are from time to time to called upon by the government to conduct ad hoc inquiries into matters of public concern involving intelligence: I. Leigh,”The Role of Judges” in S. Farson and M.Pythian (eds), Commissions of Inquiry and National Security: Comparative Approaches (Praeger, 2010), ch. 16. 137 The 1989 Act was treated as sufficient reason by the Convention organs to take no further action in cases brought (by Patricia Hewitt and Harriet Harman and dating to their involvement with the National Council for Civil Liberties) involving alleged surveillance and recording of personal details by the Security Service: Council of Europe Resolution DH(90) 36 of 13 December 1990. Later decisions have confirmed that system of Commissioners and tribunal has been found to satisfy Art. 6, 8 and 13 of the European Convention on Human Rights: Case of Kennedy v UK, App. no. 26839/05, European Court of Human Rights, 18 May 2010. See also: Esbester v. UK, App. no. 18601/91, 2 April 1993; G, H, and I v. UK (1993), 15 EHRR CD 4. 138 Regulation of Investigatory Powers Act 2000, S. 59. 139 Investigatory Powers Act 2016, S. 227 (2). 140 Investigatory Powers Act 2016, S. 229 (4). 141 Investigatory Powers Act 2016, S. 229 (1). 142 Investigatory Powers Act 2016, S. 229 (5).

574

Leigh

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:22 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. Intelligence Law and Oversight in the UK

necessary documents and information for the purposes of the IPC’s functions143 and to give any assistance the IPC requires in accessing apparatus, systems or other facilities of the intelligence services when exercising oversight functions.144 The IPC is required to report annually145 or at any time requested by the Prime Minister146 or where the Commissioner considers it appropriate.147 The Prime Minister is obliged to publish the Commissioner’s annual reports and to lay a copy of it before Parliament, together with a statement whether any matter has been excluded.148 In excluding material on the permitted grounds149 the Prime Minster is required to consult with the Commissioner.150 The creation of the IPC reverses the fragmentation of oversight in which multiple 65 actors had responsibility for examining a narrow function of the agencies or a specific type of review. Instead the IPC brings these functions together, with the possibility of benefiting from joining up or cross-fertilisation from these different oversight activities. The resources available to the new office (the IPC has 50 staff), also underline the trend towards expert review. Following the recommendation of the Bulk Powers Review there is a new technical advisory panel to assist the Commissioner’s office.151 Moreover, instead of being a responsive institution that either reports or is tasked the IPC has own-initiative powers to conduct thematic reviews of capabilities and to investigate serious errors.152

2. Investigatory Powers Tribunal A specialist body the Investigatory Powers Tribunal (the ‘IPT’), has been established to 66 investigate public complaints against the agencies or allegations of illegal interception by them.153 Members of the tribunal must hold or have held high judicial office or be qualified lawyers of at least ten years’ standing. Any person may bring a claim and the IPT must determine all claims brought before it, except those it considers to be vexatious or frivolous.154 The IPT is specified as the only appropriate forum for proceedings against any of the intelligence services concerning alleged incompatibility with European Convention rights and for complaints by persons who allege to have been subject to the investigatory powers of the Regulation of Investigatory Powers Act.155 It has jurisdiction to investigate any complaint that a person’s communications have been intercepted and, where interception has occurred, to examine the authority for such interception. It is required to follow the principles applicable by a court on an application for judicial review156 and can require anyone involved in the authorisation and execution of an

143

Investigatory Powers Act 2016, S. 235 (2). Investigatory Powers Act 2016, S. 235 (3) and (4). 145 Investigatory Powers Act 2016, S. 234 (1). 146 Investigatory Powers Act 2016, S. 234 (3). 147 Investigatory Powers Act 2016, S. 234 (4). 148 Investigatory Powers Act 2016, S. 234 (6). 149 Investigatory Powers Act 2016, S. 234 (7). 150 Investigatory Powers Act 2016, S. 234 (7). 151 Investigatory Powers Act 2016, Ss.246 and 247. 152 See below. 153 Regulation of Investigatory Powers Act 2000, S. 65. 154 Regulation of Investigatory Powers Act 2000, Ss. 67(1), (4) and (5). 155 Regulation of Investigatory Powers Act 2000, S. 65(2). In R (A) v Director of Establishments of the Security Service [2009] UKSC 12; [2010] 2 AC 1 the UK Supreme Court confirmed that this provision prevented other courts from hearing claims under S. 7 of the Human Rights Act 1998 against any of the intelligence services. 156 Regulation of Investigatory Powers Act 2000, Ss. 67(2) and 67(3)(c). 144

Leigh

575

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:22 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

interception warrant to disclose or provide documents and information157 and all such assistance as it thinks fit from a relevant Commissioner.158 At the conclusion of proceedings the IPT is required to give a simple statement either that they have found in favour of the complainant (i. e. that there has been unlawful action against him or her) or that ‘ no determination has been made in his favour’.159 This safeguards information about the agencies so that proceedings cannot be used to discover whether or not a person is lawfully under surveillance. In the event of a successful claim the IPT is also required to submit a report to the Prime Minister.160 The IPT has the power to award compensation and to make such other orders as it thinks fit, including orders quashing or cancelling interception warrants and requiring the destruction of any records so obtained.161 There is currently no appeal,162 although once in force the Investigatory Powers Act 2016 will introduce an appeal on a point of law to the Court of Appeal.163 The procedure before the IPT has been found to be compatible with Article 6 of the ECHR.164 67 Despite the restrictions built into the statutory scheme, in a series of careful judgments (mostly arising from the Snowden allegations) the IPT has succeeded in crafting within its limited powers a procedure for dealing with serious allegations notwithstanding the agencies’ policy to neither confirm nor deny them. This procedure allows for the relevant legal arguments to be determined on the basis of “hypothetical facts”. Consequently, the IPT is able to make a binding pronouncement of legal principle even if it is unrealistic for the claimant to be able to discharge the burden of proof. This procedure was adopted by the IPT in dealing with the claim brought by Privacy International and other NGOs that the alleged involvement of the GCHQ in the PRISM and TEMPORA programmes was unlawful.165 The Investigatory Powers Tribunal found that GCHQ involvement in the TEMPORA programme, alleged by Snowden, lacked a basis in domestic law. It held that the searching by GCHQ of bulk data collected by the NSA had been in violation of Art. 8 of the European Convention on Human Rights but that this defect had been cured for the future by the disclosure (during the proceedings in question) of previously secret internal guidance.166 A similar approach was followed by the IPT in its Greenmet decision, holding that since changes to the statutory Codes of Practice in 2015 protection for legally privileged material in relation to Computer Network Exploitation (CNE) by the services had complied with the ECHR.167 It remains to be seen whether this approach to the foreseeability and accessibility tests under Art. 8 (2), which essentially allows the agencies to benefit from previously secret internal procedures disclosed only at the courtroom door, will be

157

Regulation of Investigatory Powers Act 2000, Ss. 68(6) and (7). Regulation of Investigatory Powers Act 2000, S. 68(2). 159 Regulation of Investigatory Powers Act 2000, S. 68(4). 160 Regulation of Investigatory Powers Act 2000, S. 68(5). 161 Regulation of Investigatory Powers Act 2000, S. 67(7). 162 Regulation of Investigatory Powers Act, S. 67(8). This provision has also been held by the Court of Appeal to preclude judicial review of the Tribunal’s decisions: R (Privacy International) v. Investigatory Powers Tribunal [2017] EWCA Civ 1868. 163 Investigatory Powers Act 2016, S. 242. 164 Kennedy v UK (2011) 52 EHRR 4. 165 Liberty and others v The Secretary of State for Foreign and Commonwealth Affairs and others, Case Nos. IPT/13/77/CH; 13/92/CH; 13/194/C and 13/204/CH, [2015] UKIPTrib 13_77 –H. 166 Liberty and others v. The Secretary of State for Foreign and Commonwealth Affairs and others, no. IPT/13/77/CH; 13/92/CH; 13/194/C and 13/204/CH, [2015] UKIP Trib 13_77 –H at 153–154. 167 Privacy International and Greenmet & Others v. (1) The Secretary of State for Foreign and Commonwealth Affairs (2) The Government Communications Headquarters, IPT 14/85/CH 14/120-126/CH. 158

576

Leigh

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:23 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. Intelligence Law and Oversight in the UK

accepted by the Strasbourg court.168 Nonetheless the IPT, which was previously a rather under-rated body, has earned a measure of respect for these and other decisions which show careful analysis and some robustness in dealing with claims from the agencies. A notable instance was its ruling in in Belhadj & Others v the Security Service & Others169 that legally privileged material had been unlawfully intercepted in contravention of Article 8 ECHR and ordering its destruction. In the words of the Independent Reviewer of Terrorism Legislation, the IPT has ‘stepped out of the shadows’.170 The Tribunal may be further strengthened by changes in the 2016 Act connecting the 68 IPT’s complaints-based jurisdiction and the IPC’s audit role. The existing duty of the Commissioner to assist the IPT has been supplemented by a duty to give the Tribunal the Commissioner’s opinion on relevant matters, which will allow the Commissioner’s expertise to assist the Tribunal.171 There is also a duty to inform a person affected by a serious error (i. e. one that has caused them significant prejudice or harm) in matters under the Commissioner’s review where the Commissioner determines that this is in the public interest.172 The person concerned must also be informed of their right to apply to the IPT and given sufficient details to enable them to do so. This is should make it substantially easier to bring a successful complaint to the IPT against the security and intelligence agencies in appropriate cases, although much will turn on the IPC’s assessment of when it is in the public interest to inform the individual concerned. In principle the hand of the IPT in reaching its own assessments (and consequently public confidence in the process) should also be strengthened by the enhanced power to draw on the expertise of the IPC. At the same time the IPT has introduced the procedural innovation of appointing counsel to the tribunal to assist it in challenging material from the security and intelligence agencies.173

F. Intelligence and the courts I. The courts and deference to national security The courts themselves have long recognized that decisions based on national security 69 are for the government and that judges have neither the necessary information nor the competence to assess these questions. Famously in the 1984 GCHQ case (concerning the legality of the government’s ban on trade union membership) Lord Diplock explained: “National security is the responsibility of the executive government; what action is needed to protect those interests is ….a matter upon which those upon whom the responsibility rests, and not the courts of justice, must have the last word. It is par excellence a non-justiciable question. The judicial process is totally inept to deal with the sort of problems which it involves.”174

168 Similar questions are pending before the European Court of Human Rights: Big Brother Watch and Others v. the United Kingdom,no. 58170/13, 7 January 2014. 169 In Belhadj & Others v the Security Service & Others IPT/13/132-9/H. 170 A Question of Trust, para. 6.107. 171 Investigatory Powers Act 2016, S. 232. 172 Investigatory Powers Act 2016, S. 231. 173 As recommended by the Independent Surveillance Review, A Democratic Licence to Operate 113. 174 Council of Civil Service Unions v. Minister for the Civil Service [1985] A.C. 374, 412.

Leigh

577

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:23 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis 70

This approach has been followed both in wartime and in peacetime in a line of judicial decisions now dating back a century, to the First World War.175 Perhaps the high point of judicial deference to governmental claims of national security in modern times came in Lord Denning’s 1977 judgment in the case of an unsuccessful challenge brought by the American journalist Mark Hosenball to his deportation on national security grounds following a magazine article that he had written about GCHQ. His Lordship stated that the rules of natural justice (which would have normally required disclosure of material to allow Hosenball to challenge the decision) had to be ‘modified’ when security was at stake: “There is a conflict here between the interests of national security on the one hand and the freedom of the individual on the other. The balance between these two is not for a court of law. It is for the Home Secretary.”176

Following 9/11 a more sceptical attitude prevails. For example, where the government advances arguments that are contradictory or has chosen measures that interfere disproportionately with individual rights then the courts do now intervene- as the House of Lords’ landmark decision in the Bellmarsh detainees’ case shows. The House of Lords ruled that the provisions in Part IV of the Anti-Terrorism Crime and Security Act 2001 dealing with detention without trial of non-nationals were incompatible with the European Convention, despite a purported derogation from Article 5 (the right to liberty).177 A majority of the court found that because of the potentially devastating consequences of an attack the government was not wrong to invoke the derogation, but that the powers that it claimed on this basis were disproportionate. Some of the judicial comments are worth noting for comparison to earlier statements from the bench. Lord Scott, while deferring to the Secretary of State on whether there was a public emergency within Article 15 of the European Convention on Human Rights, nevertheless expressed ‘very great doubt’ whether it threatened the life of the nation and referred to the ‘faulty intelligence assessments’ prior to the Iraq war.178 In his speech Lord Hoffmann was more candid still, referring to ‘the widespread scepticism which has attached to intelligence assessments since the fiasco over Iraqi weapons of mass destruction’.179 Nonetheless, the constitutional objection to the judiciary over-ruling the government on matters of national security was relied on by the majority of the judges in the Bellmarsh decision in holding that they could not question the government’s assertion that there existed a public emergency. 72 The loosening of the deference doctrine has encouraged a flood of actions in the regular courts (in addition to challenges in the IPT) against the intelligence services arising from alleged abuses in the “War against Terror” and involving the question of intelligence cooperation with international partners.180 These include a challenge to the legality of the ministerial guidance issued to cover the conduct of intelligence officers 71

175 L. Lustgarten and I. Leigh, In From the Cold: National Security and Parliamentary Democracy (Oxford, 1994) ch. 12. 176 R v Secretary of State for the Home Department ex parte Hosenball [1977] 3 All E.R. 452, 461. 177 A (FC) and Others (FC) v Secretary of State for the Home Department, [2004] UKHL 56; [2005] 2 WLR 87. 178 Ibid., para. 154. 179 Ibid., para. 94. 180 I. Leigh, ‘National Courts and International Intelligence Cooperation’ in H. Born, I. Leigh and A. Wills (eds.), International Intelligence Cooperation and Accountability, (Routledge, 2011) ; C. Murray, “Out of the Shadows: the Courts and the United Kingdom’s Malfunctioning Counter-Terrorism Partnerships”, Journal of Conflict & Security Law 2013, 18(2), 193–232.

578

Leigh

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:24 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. Intelligence Law and Oversight in the UK

dealing with intelligence partners, who have suspects in detention,181 to the alleged supply of location information by GCHQ to the US for overseas drone attacks,182 and to the alleged involvement of MI6 with US authorities in an alleged rendition.183 In a number of instances lawyers representing litigants claiming to have suffered 73 human rights abuses at the hands of foreign intelligence services have brought proceedings against UK authorities for disclosure of any related intelligence they may have received from the services in the counties accused of wrongdoing that could assist the claim in foreign courts.184 This strategy was used in Binyam Mohammed185 and several other prominent cases.186 Binyam Mohammed was brought by a former Guantanamo Bay detainee to force the Foreign Secretary to disclose potentially exculpatory material, based on reports from the US Government to MI5 and MI6, concerning his alleged torture in Pakistan. He had also been rendered by the US to Morocco and tortured there. After protracted litigation the Court of Appeal confirmed that, notwithstanding the importance of intelligence cooperation, the public interest in discussion of allegations of complicity in torture outweighed the objections of the US authorities.187

II. Evidential protections and intelligence 1. Public interest immunity188 Traditionally the common law protected intelligence from examination in legal 74 proceedings through the doctrine of public interest immunity in civil cases (the doctrine cannot be used in criminal cases). This allows for a minister to claim through a signed certificate that to allow the material covered by the certificate to be adduced would be 181 Equality and Human Rights Commission v Prime Minister [2011] EWHC 2401 (Admin), [2012] 1 WLR 1389 (unsuccessful). 182 R (application of Khan) v Secretary of State for Foreign and Commonwealth Affairs [2014] All ER (D) 112 (Jan); [2014] EWCA Civ 24. The legality of alleged passing by GCHQ to the US of locational information to CIA for drone attacks in Pakistan unsuccessfully challenged because the court refused to make a declaration that would involve judging the acts of a sovereign foreign government (the USA) and because of the hypothetical nature of the alleged criminality involving GCHQ officials. 183 Belhaj v Straw and others [2017] UKSC 3, in which the Supreme Court held that action against UK officials for complicity in wrongdoing by US officials overseas was not barred by the doctrines of state immunity or foreign act of state. 184 The so-called Norwich Pharmacal remedy (which takes its name from the case of Norwich Pharmacal v Commissioners of Customs and Excise [1974] AC 133) allows a litigant to seek disclosure of evidence from third parties to litigation in this way. 185 R (Binyam Mohammed) v Secretary of State for Foreign and Commonwealth Affairs [2010] EWCA Civ 65. 186 Al Rawi and others v Security Service [2011] UKSC 34. 187 The High Court had initially acceded to the Foreign Secretary’s request to maintain passages redacted from earlier judgments in the face of threats from the US to re-evaluate its intelligence sharing with the UK if these details (based on reports from the US government to MI5 and MI6 about Binyam Mohammed’s treatment) were published: R (Binyam Mohammed) v Secretary of State for Foreign and Commonwealth Affairs [2009] EWHC 152 (Admin). The court later revisited its conclusion in the light of new information that became available: R (Binyam Mohammed) v Secretary of State for Foreign and Commonwealth Affairs (No. 5) [2009] EWHC 2549 (Admin). 188 R. Glover, Murphy on Evidence (14th ed., Oxford 2015), Ch. 13; C. Forsyth, ‘Public Interest Immunity: Recent and Future Developments’ (1997) 56 Cambridge Law Journal 51; M. Supperstone, ‘A New Approach to Public Interest Immunity?’ [1997] Public Law 211; I. Leigh, “Reforming Public Interest Immunity”, [1995] 2 Web Journal of Current Legal Issues http://www.bailii.org/uk/other/journals/WebJCLI/1995/issue2/leigh2.html ; I. Leigh and L. L Lustgarten, “Five Volumes in Search of Accountability: The Scott Report”, (1996) 59 Modern Law Review 695–725; I. Leigh, ‘Public Interest Immunity’, (1997) Parliamentary Affairs 55–70; J. Jacob, “From Privileged Crown to Interested Public” [1993] Public Law 121; A. Tomkins,’ Public Interest Immunity After Matrix Churchill’ [1993] Public Law 650.

Leigh

579

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:24 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

contrary to the public interest. This procedure is controversial because the exclusion of secret material may effectively prevent individuals with a sound legal claim against the government for alleged wrongs by intelligence agencies/officials from pursuing them because of suppression of available evidence for essentially procedural reasons. Although at one time these certificates were treated as conclusive by the courts, the modern practice allows the court to inspect the contested material and weigh the claim against other interests, ordering disclosure if it so chooses.189 Where the court finds that exclusion is justified there is the reassurance that the secrecy claim has been confirmed by an independent body. If, on the other hand, the challenge to the certificate is upheld it may lead to the government seeking to settle or discontinue proceedings to avoid complying with an adverse judicial ruling to disclose intelligence considered to be damaging to national security.190 75 Public Interest Immunity has clear limitations, however, which have led in recent years to the devising of alternative means to protect intelligence material in litigation. The option of settling a claim to avoid disclosure in the event of an adverse judicial ruling is not a possibility, however, when the government is only a third party to litigation, joined because as an intelligence partner it may have relevant information relating to proceedings that are brought against foreign officials or agencies. This has been a partial explanation for the UK Government seeking to regain a measure of control by introducing Closed Material Procedures under the Justice and Security Act 2013 (described below). Moreover, exclusion of material prevents the government also from relying on it in order to defend or justify powers, such as executive measures based on intelligence material. The difficulties of devising a way in which it can do so consistently with fair trial rights (notably Art. 6 of the ECHR) have led to the creation of specialist court-substitute bodies which are not fully adversarial in the traditional sense. Foremost among these are the Investigatory Powers Tribunal (discussed above) and the Special Immigration Appeals Commission.

2. Special advocates So far as practical and evidential difficulties of handling secret material in court are concerned, attitudes are now also more sceptical. The European Court of Human Rights has insisted that the right to a fair trial (Art. 6 ECHR) requires courts to accommodate some form of adversarial challenge to intelligence material even if normal trial procedures, such as full cross-examination, cannot apply.191 This has led in recent years to procedural innovations such as the introduction of the Special Immigration Appeals Commission and, more widely, of Special Advocates who are security-cleared. These innovations provide for the limited introduction of intelligence into legal proceedings in a way consistent with fair trial rights: that is they allow some form of adversarial challenge to intelligence material even if normal trial procedures, such as full crossexamination, cannot apply. 77 Prior to 1997, in immigration deportation cases, a decision to deport a person from the United Kingdom on grounds of national security was taken by the Home Secretary personally and there was no formal right of appeal. The Home Secretary’s decision was 76

189

Conway v Rimmer [1968] AC 910. As happened following the ruling of the UK Supreme Court in Al-Rawi v The Security Service [2011] UKSC 34; [2012] 1 AC 531 that the Security Service could not serve closed defences within a closed material procedure. 191 See discussion of the special advocate system and the Special Immigration Appeals Commission procedure in A and Others v UK Appl no. 3455/05, 19 February 2009 (G.C.), paras. 207–224 and drawing an analogy between the requirements of Art. 6 and the procedural requirements of Art. 5(4) ECHR. 190

580

Leigh

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:25 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. Intelligence Law and Oversight in the UK

reviewed by an Advisory Panel, which made recommendations on whether the Home Secretary’s decision to should stand. The Panel’s recommendations were purely advisory and although it was able to review the evidence relating to national security threat this material was not disclosed to the applicant or his legal representatives on grounds of national security. The decision of the European Court of Human Rights in Chahal v. UK that a person facing deportation on grounds of national security had to be given an effective means of challenging this before a judicial body192 led Parliament to create the Special Immigration Appeals Commission (SIAC). SIAC is an independent judicial tribunal in which intelligence material can be presented with limited disclosure to the deportee. The legislation provides for a Special Advocate to represent an appellant in cases in which there is non-disclosable security evidence in relation to the immigration decisions of the Home Secretary.193 Special Advocates have access to closed material and represent the deportee’s interests but may not take instructions from the deportee.194 Since their introduction the use of Special Advocates has spread to a number of other courts and tribunals in which decisions based on intelligence material can be challenged. Innovations like the Special Immigration Appeals Commission and Special Advocates 78 are often regarded by practising lawyers as regrettable incursions into the principle of open justice.195 In particular, critics point to the professional and ethical difficulties for lawyers arising from the duty to represent the interests of a person from whom instructions cannot be taken and to whom material cannot be disclosed. Effectively Special Advocates reviewing security material work in isolation and without normal professional support. Subsequent decisions have produced minor changes to the processnotably the requirement that to satisfy the European Convention on Human Rights a person must be told the “gist” of the case against him- but in other respects the system has been found to be a necessary limitation on the right of fair trial.196

3. Closed material procedures Faced with a growing number of legal challenges implicating the agencies the 79 government sought to regain control and to establish a secure environment for litigation concerning security intelligence, by introducing Closed Material Procedures (‘CMPs’) in the Justice and Security Act 2013. The government argued that, on the one hand, disclosure of intelligence material in open court would endanger national security and intelligence cooperation but, on the other, to wholly exclude it would prevent judges from taking important material into account and hamper the government in fully defending itself against allegations (CMPs apply to civil cases only). The legislation is intended to allow intelligence material to be considered under conditions of secrecy, which may include consideration in the absence of the other party and their lawyers. 192 Chahal v UK (1997) 23 EHRR 413. The Court found that the then existing procedure violated Art. 5 (4) of the European Convention on Human Rights, because judicial review proceedings could not effectively review the grounds for his detention, and because he was not represented before the Advisory Panel. 193 Special Immigration Appeals Commission Act 1997, S. 6. 194 Special Immigration Appeals Commission Rules (as amended), Rules 36–38. 195 C. Forcese and L. Waldman Seeking Justice in an Unfair Process: Lessons from Canada, the United Kingdom, and New Zealand on the Use of “Special Advocates” in National Security Proceedings, Ottawa 2007; Justice, Secret Evidence (London, 2009); M. Chamberlain, “Update on procedural fairness in closed proceedings”. (2009) 28(4) Civil Justice Quarterly 448–543; J. Jackson, “The Role of Special Advocates: Advocacy, Due Process and the Adversarial Tradition”, (2016) 20(4) International Journal of Evidence and Proof 343–362. 196 ECtHR, Case of A. and Others v. The United Kingdom, Application no. 3455/05, Judgment (Grand Chamber, 19 Feb. 2009), paras. 223 and 224, finding a violation of Article 5.4 because the applicants were hindered in challenging the decision to deport by the generalised nature of allegations against them.

Leigh

581

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:25 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

The court releases a summary of closed proceedings but, exceptionally, even the fact that CMPs have been used may be withheld. 80 A number of safeguards are built into the legislation.197 Before agreeing to the use of CMPs the court must be satisfied that that the alternative of an application for public interest immunity has been considered, that there is relevant material which if disclosed would damage national security and that a CMP would be in the interests of the fair and effective administration of justice. The court will consider the material provided in support of the application, to determine that it is relevant and that its disclosure would damage national security. The court is under a duty to review the lifting of CMPs in the light of developments throughout the proceedings.198 Special advocates can be appointed to participate and to challenge the relevance and admissibility of the intelligence material.199 Moreover, there is an obligation to report to Parliament annually on the operation of the CMP provisions200 and for an independent five-year review of the legislation.201 81 CMPs are highly controversial as critics allege that they amount to a form of secret justice.202 They argue that a civil claimant should not in effect have to bear the cost of protecting intelligence in the form of restrictions of his or her rights.203 Some argue that it violates Article 6 ECHR,204 but domestic courts have so far not found any incompatibility and the system has yet to be tested at Strasbourg.

4. Criminal trials and intelligence material Until the 1990s intelligence was mainly used as background by prosecution authorities and it was unprecedented for intelligence officers to appear in court as witnesses. The more prominent role that MI5 in particular now has in relation to counter-terrorism has brought about a significant change in that practice: it is now common for security officials to give evidence (often, at the judge’s discretion, anonymously and from behind a screen to protect their identity from becoming public). At the same time, practice has changed to anticipate the disclosure of relevant intelligence material in criminal prosecutions. 83 There are, nonetheless, a number of significant evidential restrictions, designed to give protection to intelligence material. Foremost among these is the prohibition on the use in legal proceedings of intercept material.205 The ban has been regularly reviewed over the last three decades206 but successive governments have chosen to retain it for 82

197

Justice and Security Act 2013, S. 6. Justice and Security Act 2013, S. 7. 199 Justice and Security Act 2013, S. 9. 200 Justice and Security Act 2013, S. 12. 201 Justice and Security Act 2013, S. 13. 202 For critical discussion of the 2013 Act see: A.Peto and A.Tyrie, Neither Just Nor Secure (Centre for Policy Studies, 2011) http://www.cps.org.uk/files/reports/original/130123103140-neitherjustnorsecure.pdf; A.Tomkins, “Justice and security in the United Kingdom” (2014) Israel Law Review. ISSN 0021-2237 http://eprints.gla.ac.uk/91090/1/91090.pdf; T. Hickman, ‘Turning out the lights: the Justice and Security Act 2013’ http://ukconstitutionallaw.org/2013/06/11/tom-hickman-turning-out-the-lights-the-justice-andsecurity-act-2013/. 203 See Justice, Justice and Security Green Paper Consultation Response (London, 2012); Liberty, Liberty’s Response to the Ministry of Justice’s Green Paper- Justice and Security (London, 2012); Human Rights Joint Committee, 24th Report for 2011–12, The Justice and Security Green Paper, HL 286/HC 1777 (2011–12). 204 John Sullivan, “Closed Material Procedures and the Right to a Fair Trial” , 29 Maryland J. Int’l Law 269 (2014). Available at: http://digitalcommons.law.umaryland.edu/mjil/vol29/iss1/12. 205 The current provision is the Investigatory Powers Act 2016, S. 56. 206 See I. Leigh, ‘Intelligence and the Law in the United Kingdom’ in L. Johnson (ed.), Oxford Handbook of National Security Intelligence, (Oxford University Press, 2010), 654–55. 198

582

Leigh

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:26 3B2 9.1.580; Page size: 160.00mm  240.00mm

Chapter 3. Intelligence Law and Oversight in the UK

operational reasons- it prevents any form of parallel challenge being mounted in criminal proceedings to the decision to intercept. Maintenance of the ban, however, puts the UK out of line with its international intelligence partners and now appears somewhat anomalous in view of the much greater transparency surrounding surveillance, following the introduction of the 2016 Act and the introduction of a judicial input to authorisation through the ‘double lock’ provisions. Where the prosecution relies on other intelligence material, this has to be disclosed to 84 the defence- as noted above, Classified Material Procedures do not apply to criminal trials. It is, however, possible (though rare in practice) for parts of a criminal trial to be held in camera, with the public and press excluded.207 Moreover, where intelligence material forms part of the background to a prosecution but is not relied upon in evidence, the question arises of whether it should be disclosed to the defence. Prima facie, any unused material that might reasonably be considered to assist the accused’s defence or to undermine the prosecution case must be disclosed under the procedures contained in the Criminal Procedure Investigations Act 1996.208 The Act provides however that material is not subject to this duty where it would be against the public interest to disclose it209 and, in such cases for the prosecution to apply to the court for a determination.

G. Conclusion The environment in which the security and intelligence agencies operate has under- 85 gone rapid change in the past quarter century. This period has seen the agencies move from their Cold War orientation to preoccupation with a diverse range of threats, especially international terrorism, but also proliferation threats and organised crime. It has also seen a remarkable growth in transparency. In the 1980s the agencies were still shrouded in secrecy, so much so that one of them (MI6) was not even officially acknowledged. Now, on the other hand, the system of accountability to the parliamentary Intelligence and Security Committee is well-established, the services have a relatively public profile (through their websites, and the heads give public lectures and occasional media interviews) and they recruit staff openly, to the extent of championing employment diversity. So far as legal developments are concerned the change has been no less dramatic. 86 Since 9/11 the courts have become accustomed to hearing claims against the security and intelligence agencies arising from the alleged abuses of the “War on Terror” and have, to a small degree at least, relaxed their previously deferential attitude to national security. The government, in turn, has accepted that intelligence cannot simply be a “no-go zone” for legal accountability. Although protective measures like the Investigatory Powers Tribunal, Special Advocates and Closed Material Procedures are controversial for their incursion on the principles of open and adversarial justice, they do at

207 For one example in which the Court of Appeal upheld the restrictions (which effectively prevented any reporting of the circumstances surrounding the terrorism charges in question, of which the defendant had been acquitted) see Guardian New and Media Ltd v.R and Erol Incedal [2016] EWCA Crim 11. 208 Criminal Procedure Investigations Act 1996, S. 3(1). 209 Criminal Procedure Investigations Act 1996, S. 3(6). Exceptionally, the prosecution may apply ex parte to the court to determine if disclosure would be contrary to the public interest. The courts have given guidance to protect the right of fair trial in such circumstances, including in some instances the appointment of a special advocate to contest the prosecution’s application for withholding disclosure: R v. H; R v. C [2004] UKHL 3.

Leigh

583

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/Part 5.3d from 30.09.2019 14:12:26 3B2 9.1.580; Page size: 160.00mm  240.00mm

Part 5. European Intelligence in National Legislation and Legal Praxis

least allow independent courts and tribunals to examine the actions of the security and intelligence agencies in a way that was unimaginable not so long ago. 87 Most dramatic of all perhaps has been the technological change over the period, with many of the capabilities of the agencies laid bare since 2013 by the unprecedented disclosures of Edward Snowden. The result was a (long overdue) public and parliamentary debate about surveillance, resulting, with the Investigatory Powers Act 2016, in a detailed and comprehensive legal framework that regulates and gives legitimacy to the agencies’ capabilities. These changes have important implications for oversight of the agencies also, bringing a discernible shift towards expert oversight through the new office of the Investigatory Powers Commissioner. 88 Technology also poses constant challenges, especially through the rapidly escalating cyber threat, both from hostile states, such as North Korea and Russia, and non-state actors. There has been a discernible attempt both to educate public opinion210 and to legitimise the work of GCHQ especially in this field, through the establishment of a public-facing National Cyber Security Centre.211 89 Looking ahead, the international environment for the agencies work will continue to evolve, especially following Brexit in October 2019. Since 9/11 international intelligence cooperation in the fight against terrorism has grown exponentially and although for the UK agencies these arrangements are very far from exclusive to EU partners, those relationships are nonetheless important, not least in sharing information about foreign terrorist fighters and other violent Islamists. Significantly, early in 2018 the Chief of MI6 appeared alongside the heads of the DGSE and BND to affirm the importance of continued cooperation after the UK leaves the EU212 and the Prime Minister spoke at the same security conference of the aspiration for a new post-Brexit security treaty between the EU and the UK.213 210 See especially the Prime Minister’s Mansion House speech in November 2017 to accusing Russia of mounting ‘a sustained campaign of cyber espionage and disruption’ and of seeking to ‘weaponise information’ by planting fake news stories and photo-shopped images ‘in an attempt to sow discord in the West and undermine our institutions’: Rt. Hon. Theresa May, Mansion House Speech, 13 November 2017: https://www.gov.uk/government/speeches/pm-speech-to-the-lord-mayors-banquet-2017. 211 https://www.ncsc.gov.uk/. 212 Joint statement 16th February 2018, ‘BND, DGSE and MI6 emphasise necessity of international cooperation’ http://www.bnd.bund.de/EN/_Home/Startseite/Buehne_Box/Textbausteine/News_ENG/ 180216_MSC18/180216_MSC18_Artikel.html;jsessionid=09F8AA7423E566CB6008DD5085713E84.1_ cid386?nn=3132246. 213 ‘Theresa May: “Europe’s Security is our Security’, BBC News 17 February 2018. http://www.bbc.co. uk/news/av/uk-politics-43096450/theresa-may-europe-s-security-is-our-security.

584

Leigh

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/index.3d from 30.09.2019 14:12:52 3B2 9.1.580; Page size: 160.00mm  240.00mm

Index Bold Roman numbers refer to the main parts, bold Arabic numbers to the chapters, normal ones to margin numbers.

A Abductions, illegal IV 1 19, 41, 45 Able Archer 1983 I 1 66 Abu Omar – ECtHR Judgment IV 1 43 Abu Zubaydah – ECtHR Judgment IV 1 43 Access to materials IV 4 29 Accountability – Theory of IV 3 3 Adequate redress IV 4 44, 46 et seq., 71 Advanced persistent threats II 3 29 Agreed Intelligence (NATO) II 5 6 et seqq. Al Qaeda I 1 106 Al-Dulimi – ECtHR Judgment IV 1 53 Alliance Ground Surveillance II 5 30 Allied Command Operations (ACO/SHAPE) II 5 24 Allied Counterintelligence Activity II 5 26 Allied Joint Doctrine (NATO) II 5 21 Allied Military Intelligence Batalllion II 5 29 Al-Skeini – ECtHR Judgment IV 1 18, 19, 21 Andreou – ECtHR Judgment IV 1 20 Area of Freedom, Security and Justice (AFSJ) III 3 1 et seqq. Area of Operations (AOO) II 4 4, 52, 54 Armed conflicts IV 1 23 et seq., 45, 54, 58, 61 et seq. Armed groups, irregular IV 1 64 Assistant Secretary General (NATO) II 5 41 Asymmetric warfare IV 1 57, 64 Atlantic, Battle of the I 1 32 Attribution II 3 12 Audit IV 3 49 Auftragsprofil der Bundesregierung V 1 50 B Banković – ECtHR Judgment IV 1 17, 20 Basic Rights V 1 35 et seq. Battlefield information II 2 84 Belmarsh – House of Lords Judgment IV 1 12 Berlin Plus II 4 21, 5 53 et seqq. Berlin Wall I 1 64 BfV (Bundesamt für Verfassungsschutz) I 1 85; V 1 8, 19, 24, 32, 39, 48, 54 BICES II 5 39 Big Brother Watch – ECtHR Judgment IV 1 38, 2 59, 5 3, 39, 44, 64 Binding decision(s) IV 4 14, 16, 17, 23, 32, 34 et seq., 42 et seq., 46, 78 Black boxes V 2 98

Blake, George I 1 58 BMAD (Bundesamt für den Militärischen Abschirmdienst) V 1 20, 33, 41, 49 BND (Bundesnachrichtendienst) I 1 53; V 1 2, 21, 26, 30, 33, 40, 50 et seq., 87, 94 et seq. Bonaparte, Napoleon I 1 10 Bosphorus – ECtHR Judgment IV 1 53 Brexit I 1 136; II 1 1, 54, 59; V 3 89 Bulk data access I 2 12 Butler Review I 1 113 C Caesar, Julius I 1 5 Cambridge Five I 1 56 Campus Oil Ltd – CJEU Judgment IV 2 55 et seq. 11 Cascope I 1 52 CFSP (Common Foreign and Security Police) III 2 7 Charlie Hebdo Attacks I 1 127 Chilcot Report I 1 113 CIA (Central Intelligence Agency) I 1 42; IV 1 40 Civilian Intelligence Committee II 5 10 et seqq. Civilians, armed conflict IV 1 45, 55, 59, 63, 65 et seq. Classified information IV 4 23, 32, 43, 64, 78 Closed Material Procedures V 3 79–81 Club of Berne IV 2 153 Cold War IV 1 74, 77, 2 9, 16 Combatants, armed conflict IV 1 61 et seq. Combatants, unlawful IV 1 66, 68 et seq. Commission nationale de contrôle des techniques de renseignement V 2 42 et seqq, 52 et seqq, 60 and seqq, 80 and seqq, 97, 104, 109, 118, 123, 127 et seqq. Commissioners (Judicial) (UK) V 3 49–51, 63–64 Committee against Torture IV 1 44 Committee for Civilian Aspects of Crisis Management (CIVCOM) II 4 39 Committee for State Security (KGB) I 1 47 Common Foreign and Security Policy (CFSP) II 4 17, 18; III 1 1 et seq., 12, 14, 23, 56, 60 et seqq., 75, 79, 83, 94, 96 Common Security and Defence Policy (CSDP) II 4 5, 10, 32, 59, 84; III 1 16, 26, 28, 38, 44, 45, 56, 58, 61 Common Set of Proposals (EU/NATO) II 5 58 et seqq.

585

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/index.3d from 30.09.2019 14:12:52 3B2 9.1.580; Page size: 160.00mm  240.00mm

Index Component Commander (CC) II 4 55 Comprehensive Approach (CA) II 4 7 et seqq., 10, 12 Comprehensive Crisis and Operations Management Centre (NATO) II 5 26 Concept of Operations (CONOPS) II 4 42, 49 Conseil d’Etat V 2 44, 53 et seqq, 59 et seqq, 105, 109 et seqq, 123 Conseils Constitutionnel V 2 64, 119, 125 et seqq. Construction of a Wall – ICJ Judgment IV 1 57 Cooperation clause IV 2 89 Counter-Terrorism Database V 1 44, 114 Counter-Terrorism Group (CTG) II 2 27 f, 39, 41, 85 ff, 98, 109, 116 f. Courts IV 4 10, 15, 19, 32, 35 et seqq., 52, 54, 59 et seq., 64, 71, 79 et seq. Criminal trials (UK) – Secrecy and disclosure V 3 82–84 Crisis Management and Planning Directorate (CMPD) II 4 39 Crisis Management Concept (CMC) II 4 31, 39 et seqq., 48 Critical infrastructure II 3 30, 43 et seqq. Cryptography I 1 19 Cuban Missile Crisis I 1 69 Curveball I 1 109 Cybercriminals II 3 6 Cyberdefence II 3 60 Cyberespionage II 3 10 et seq Cyberintelligence II 3 62 et seqq. Cybersecurity II 3 34 et seqq. Cyberspace IV 1 31 Cyberterrorists II 3 7 et seq. Cyberthreats II 3 4 et seqq. Cyberwar II 3 46 et seqq. Cyberwarfare II 3 31 et seqq. D Data mining I 2 18 Data portability IV 1 21 Data protection IV 1 28 et seq., 3 61, 96, 101 Data protection authority(ies) IV 4 15, 21, 24, 35, 38, 46, 53, 68 et seqq., 79 et seq. Data retention II 2 32 Defence Intelligence (UK) V 3 21 Defence Intelligence II 4 4 Defence Intelligence Organisation (DIO) II 4 72, 86, 87 Denial of service attack II 3 23 et seq. Denmark IV 5 65 et seq Deportation, unlawful IV 1 45 Derogation, human rights treaties IV 1 25 Detention IV 1 12, 25, 40 et seq. Digital capabilities IV 5 6 Digital intelligence (DIGINT) I 2 18 – Demands for I 2 33 – Law enforcement use I 2 36 – Supply of I 2 34

586

Digital Rights Ireland v Minister for Communications, Ireland – CJEU judgement IV 5 75 Digital Rights Ireland – CJEU Judgment IV 1 2, 34 et seq. Dignity, human IV 1 16, 21, 66 Direct participation in hostilities IV 1 69, 71 Direction de la Surveillance du Territoire (DST) I 1 76 Direction Génerale de la Sécurité Extèrieure (DGSE) I 1 76 Disappearance, enforced IV 1 19, 40 et seq. Disarmament, Demobilisation, Re-integration (DDR) II 4 6 Discrimination, prohibition of IV 1 12, 39, 76 Double Cross I 1 32 Drone killings IV 1 64, 73, 76 Drone war IV 1 2 Drone, unmanned IV 1 2, 3, 20, 25, 72 Droned, pilotless (unpiloted) IV 1 3, 20, 55, 76 Due diligence IV 1 1 Due process IV 1 25, 49 Duty to protect human rights IV 1 34, 42, 44, 59, 75 E ECHR – Extraterritoriality IV 3 85–86 – Implications for oversight generally IV 3 11, 19, 81, 83, 85 Effective remedies IV 4 1, 7 et seq., 15, 41, 63, 79, 80 El Alamain, Battle of I 1 32 El-Masri – ECtHR Judgment IV 1 19, 42 et seq. Emergency, times of IV 1 9, 16, 23 et seq., 60, 77 EMPACT – EU Policy Cycle III 3 25 Enigma I 1 31 Equipment interference (UK) V 3 47–48 Espionage, inter-state IV 1 5 et seq., 21 Ethical issues of pre-emption I 2 25 et seqq. EU – Cybersecurity II 3 70 et seqq. EU Agencies with relevance to Criminal Intelligence III 3 52 et seqq. – Eurojust III 3 53 – European Border and Coast Guard Agency (Frontex) III 3 52 – European Public Prosecutor’s Office III 3 54 – OLAF III 3 52 EU Battle Group (EUBG) II 4 13, 29 et seqq. EU Global Strategy (EUGS) II 4 11, 34 EU Institute for Security Studies – III 1 66, 67 EU Intelligence Analysis Centre (EU INTCEN) II 4 24, 38, 71, 84 EU Military Council (EUMC) II 4 2, 27, 28, 31, 51, 58 EU Military Staff (EUMS) II 4 1, 2 et seqq., 28, 40, 53, 58 et seqq., 61, 63, 80 et seqq.

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/index.3d from 30.09.2019 14:12:53 3B2 9.1.580; Page size: 160.00mm  240.00mm

Index EU Satellite Centre (EU SATCEN) II 4 38, 73 et seqq., 84 EU SITCEN – III 1 24, 38 et seqq., 72, 83, 86 et seqq. EUMS (Intelligence Directorate) II 4 3, 63, 67 et seqq., 80 et seqq.; III 1 24, 25, 30 et seqq., 46, 48 et seqq., 55, 59, 61, 65, 69, 84, 86, 90 et seq., 99, 103 Eurobarometer II 1 29, 37 EUROJUST II 1 18, 20, 50, 52, 55 European Convention on Human Rights IV 5 4, 12, 37 European Counter-Terrorism Centre (ECTC) at Europol II 2 61 ff, 86, 109, 115, 117 f. European Court of Human Rights IV 5 3, 13 European Court of Justice (ECJ) II 2 33, 105, 108 European Criminal Intelligence III 3 7 – Operational use III 3 13 et seqq. – Scope III 3 14 – Strategic use III 3 17 et seqq. European Criminal Intelligence Model II 1 54 European Cybercrime Centre II 3 71 et seqq. European Defence Action Plan II 4 14 European External Action Service (EEAS) – III 1 2, 12, 24 et seqq., 40, 44, 47 et seqq., 58, 60, 63, 67, 72, 83, 94, 101 European Intelligence Agency IV 2 156, 157 et seq. European Intelligence Space III 2 13 et seqq. European Parliament – on ECHOLON IV 2 132 – on intelligence activities IV 2 5 – Intelligence oversight role IV 3 102–107 – on national security IV 2 23 European Public Prosecutor’s Office III 3 54 et seqq. European security II 2 35, 103 European single intelligence agency – III 1 71, 73, 75, 81 European Union Agency for Law Enforcement Cooperation (EUROPOL) I 1 114 European Union External Action Service I 1 132 European Union Intelligence and Situation Centre I 1 130 European Union Military Staff Intelligence Directorate I 1 132 Europol II 1 12, 17, 20, 40 et seqq., 55 et seqq.; III 1 2, 12, 14, 24, 30, 35, 53 et seqq., 60, 63, 65, 73, 83; III 3 36 et seq.; IV 2 152 – Analysis III 3 44 – Expertise & centres III 3 45 – oversight of IV 3 99 – Sharing of information III 3 38 et seqq. Eurosint Forum III 2 15, 18, 27, 30, 32, 34 et seq. Euskadi Ta Askatasuna (ETA) I 1 84 EU-US Terrorist Financing Tracking programme (TFTP) II 2 45 f, 104

Extraordinary renditions IV 1 2, 19, 40 et seq., 50 Extraterritorial application of human rights treaties IV 1 9, 10 et seq., 20, 41 Extraterritorial application, ECHR IV 1 17 et seq. Extraterritorial application, ICCPR IV 1 14 et seq. F Financial Intelligence Units – FIU.net II 2 47 ff, 116 Five Eyes I 1 48 Force Commander (FCdr) II 4 54, 55 Force Headquarters (FHQ) II 4 54, 77, 79, 85 France IV 5 14, 56 et seq French Intelligence Services V 2 5 et seqq. FRONTEX II 1 3; IV 2 152; III 1 2, 14, 15, 30, 34, 35, 58 et seqq., 73 – Oversight of IV 3 98 Fuchs, Klaus I 1 49 G G10 Commission V 1 27, 43, 84 et seq., 93 GCHQ IV 1 8, 38; IV 5 18, 23, 28 – History V 3 5, 7 – Llegal mandate V 3 15–16, 18, 20 GDR (German Democratic Republic) V 1 2 Gehlen Organisation I 1 44 Gehlen, Reinhard I 1 44 Gemeinsames Terrorismusabwehrzentrum (GTAZ) V 1 115 et seq. General Data Protection Regulation IV 1 30 General Intelligence Estimate (NATO) II 5 20 German High Command I 1 20 German intelligence community V 1 13 et seq. Germany 47 et seq. Gestapo V 1 1, 7; I 1 27 Giscard d’Estaing II 1 9 Global Hawk II 5 30 Goleniewski, Michael I 1 59 Gordievsky, Oleg I 1 87 Government Code and Cypher School I 1 24 Guillaume Affair I 1 95 H Hack back II 3 61 Hacking II 3 9, 17 et seqq.; IV 5 16, 17, 19, 26, 50 Hague Programme II 1 18, 19, 59 Harel, Isser I 1 53 Helmut Kohl II 1 9 Helsinki Headline Goal II 4 20 et seqq. Hitler I 1 27 Honest Cooperation V 2 70 et seqq. Human Intelligence V 1 63 et seq. Humanitarian law, international IV 1 2, 20, 24, 25, 45, 63 et seq. Humfrey Malins II 1 17

587

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/index.3d from 30.09.2019 14:12:54 3B2 9.1.580; Page size: 160.00mm  240.00mm

Index I ICRC (International Committee of the Red Cross) IV 1 69 et seq. Immunity, diplomatic IV 1 7 IMSI Catcher V 1 74 IMS-INT II 5 19 et seqq. Independence IV 4 14 et seqq., 40, 43, 74, 78 Information Sharing III 3 38 et seqq. – Necessity III 3 14 et seq. – via Europol III 3 – via other databases/systems III 3 47 et seq. Information warfare II 3 31 et seqq. Initial Military Directive (IMD) II 4 42 Inspectors-general – oversight and IV 3 28, 29, 39, 40, 49 INTCEN II 2 41, 51, 69, 72, 85, 95, 101; III 1 14, 24, 25, 30 et seqq., 51, 54, 55, 58 et seqq., 65, 69, 83 et seqq., 103; III 2 4–6, 8, 15, 19–22, 25, 28, 33, 39; IV 2 151 Integrated Approach II 4 12 Intelligence – Challenges for the EU with regard to CT and intelligence II 2 37 ff – Criminal intelligence/intelligence led policing II 2 11 – EU tools in intelligence II 2 40 ff – Ggrading of IV 3 8 – Importance of intelligence II 2 12 ff – Role of intelligence in counter-terrorism II 2 17 ff – Training of intelligence stuff IV 3 2 Intelligence activities legal assessment – and currency Union IV 2 101 – and economic policy IV 2 101 – and employment policy IV 2 108 – and industrial policy IV 2 107 – under EU competition law IV 2 131 et seq. – under general EU law IV 2 15 et seq., 75 et seq. – under international law IV 2 9, 10 – under national law IV 2 11 Intelligence agencies – different types IV 3 14 Intelligence and Security Committee I 1 117; V 3 56–62 Intelligence Bureau I 1 18 Intelligence Community V 2 3, 5 et seqq, 25 et seqq., 46, 75 Intelligence cooperation – EU IV 2 149 et seq. – general IV 2 7 et seq., 148 et seq., 154 et seq., 167 Intelligence cooperation – III 1 3, 6, 14, 41, 46 et seq., 61, 69, 72, 82, 84, 97, 102 Intelligence cycle I 2 50 Intelligence Fusion Center V 1 115 et seq. Intelligence Liaison I 1 31 Intelligence oversight IV 5 6, 23, 46, 79

588

Intelligence Preparation of the Battlefield (IPC) II 4 64 Intelligence Production Unit (NATO) II 5 16 et seqq., 44, 57 Intelligence reforms I 2 53 et seqq. Intelligence service V 1 7 Intelligence sharing III 2 1 et seqq. Intelligence Steering Board (NATO) II 5 40 Intelligence Unit (NATO) II 5 16 et seqq., 44, 57 Intelligence-led Policing III 3 31 Internal security II 2 34 f, 69, 76 International cooperation between oversight bodies IV 3 73 International intelligence cooperation I 2 73 et seqq. – Oversight problems IV 3 66 Interoperability of databases II 2 70, 72, 95 Interpretive Guidance (ICRC) IV 1 69 et seq. Interrogation methods IV 1 2, 16, 76 Intervention, prohibition of IV 1 2, 6, 21 Invasion of Czechoslovakia I 1 81 Investigatory Powers Act 2016 IV 5 16, 46, 75 – Bulk person datasets V 3 43–46 – Bulk powers V 3 39–42 – Equipment interference V 3 47–48 – Judicial approval V 3 49–51 – Targeted interception and examination V 3 35–39 Investigatory Powers Commissioner V 3 64–65 Investigatory Powers Tribunal V 3 66–68 IOCTA II 1 40 Iraq War – UK intelligence dossier V 3 9 Irish Republican Army (IRA) I 1 84 Islamic State I 1 126 Issa – ECtHR Judgment IV 1 19, 20 J Janabi, Rafid Ahmed Alwan al I 1 109 Joint Analysis Center (EUCOM) II 5 27 Joint Declaration (EU/NATO) II 5 3, 58 et seqq. Joint Intelligence and Security Division (NATO) II 5 42 et seqq. Joint Intelligence Committee (JIC) I 1 24; V 3 21 Joint Intelligence, Survaillance and Reconnaissance initiative II 5 30 Joint Investigation Teams II 1 55, 56 Joint Operations Area (JOA) II 4 31 JTAC V 3 21 Judicial cooperation in criminal matters III 3 50 et seqq. Jurisdiction, extraterritorial IV 1 10, 18 Jurisdiction, territorial IV 1 11, 12, 22, 39 Justice and Home Affairs II 1 6, 11, 13, 18, 20, 21, 23, 29

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/index.3d from 30.09.2019 14:12:54 3B2 9.1.580; Page size: 160.00mm  240.00mm

Index K Kadi – CJEU Judgment IV 1 49 et seq. Kennedy – ECtHR Judgment IV 1 38, 2 86 Kernbereich privater Lebensgestaltung V 1 69 Khan – Views of the Committee against Torture IV 1 44 Klass – ECtHR Judgment – IV 2 22, 25, 58 et seq., 86 Kommando Strategische Aufklärung V 1 22 L Legal standing IV 4 46, 48, 52 et seqq., 64, 72, 76 Liberty & Ors v GCHQ–Investigatory Powers Tribunal judgement (UK) IV 5 42 Life, right to IV 1 11, 16, 20, 25, 44, 58 et seq., 75 Lisbon Treaty II 1 20; III 2 19, 39 Loyal cooperation (principle of) IV 2 89, 99, 121 M Maastricht Treaty II 1 11 Margin of appreciation IV 1 35, 42, 52 Mass surveillance I 2 30 MC 161 II 5 20 McCann – ECtHR Judgment IV 1 58 Militärisches Nachrichtenwesen V 1 22 Military Intelligence II 4 4, 5 Military Intelligence Committee II 5 10 et seqq. Military necessity IV 1 62 Military Planning and Conduct Capability (MPCC) II 4 14, 35, 53, 81 et seqq., 88 Military Strategic Option (MSO) II 4 40, 48 et seqq. Ministerial responsibility – UK V 3 52–55 Multinational intelligence – III 1 3, 38, 50 Munaf – Views of the Human Rights Committee IV 1 16, 20 Mussolini I 1 25 Mutual trust – between Member States IV 2 96, 103, 113, 116 – between Member States and EU institutions IV 2 121 et seq. N Nada – ECtHR Judgment IV 1 53 National Intelligence Cell (NIC) II 4 79 National Intelligence Liaison Officer (NILO) II 4 79 National security II 2 3, 17, 33 ff, 80 ff, 87, 103, 116 – and Article 4 II 3 TEU IV 2 18 et seq., 26 et seq., 39, 43, 49, 70, 164 – and CJEU case law IV 2 46 et seq – and ECtHR case law IV 2 56 et seq. – Definition IV 2 18, 22 et seq. – Substantial elements of IV 2 69

National Security Agency I 1 68 National security and the courts – UK V 3 69–73 NATO II 4 1, 6, 18, 19, 21 et seqq., 57, 62, 80 – Cyber capabilities II 3 49 et seqq. NATO intelligence – Allied Command Operations/SHAPE II 5 24, 46 – Assistant Secretary General II 5 41 – Civilian Intelligence Committee II 5 10 et seqq. – IMS-INT II 5 19 et seqq. – Intelligence Unit/Intelligence Production Unit II 5 16 et seqq., 44, 57 – Joint Intelligence and Security Division II 5 42 et seqq. – Military Intelligence Committee II 5 10 et seqq. – NATO Intelligence Fusion Centre II 4 80, 89; II 5 25, 27 et seqq. – NATO Office of Security II 5 15 et seqq., 43 et seqq., 48 – Situation Centre II 5 23 – Strategic Analysis Capacity II 5 45 – Terrorism Intelligence Cell (NATO) II 5 44 – Terrorist Threat Intelligence Unit II 5 16 et seqq. NATO Intelligence Warning System II 5 22 NATO Office of Security II 5 15 et seqq., 43 et seqq., 48 NATO-EU Cooperation – Berlin Plus II 5 53 et seqq. – Common Set of Proposals II 5 58 et seqq. – Joint Declaration II 5 3, 58 et seqq. – Parallel and Coordinated Analyses II 5 58 – Parallel and Coordinated Exercises II 5 58 – Participation Problem II 5 49, 52 Nelson, Horatio I 1 9 Netherlands IV 5 61 et seq Nicaragua – ICJ Judgment IV 1 6 Nile, Battle of the I 1 10 Non-Agreed Intelligence (NATO) II 5 7 et seqq. Non-judicial bodies IV 4 17, 35, 37, 43, 46, 52, 71, 73, 78 North Atlantic Treaty Organization (NATO) I 1 46 Notification IV 4 11, 49 et seqq., 72, 76 NSA (National Security Agency) IV 1 8 NSU (Nationalsozialistischer Untergrund) V 1 17, 28, 39, 108 O Ombudsmen IV 4 23, 32, 35, 38, 41, 43, 46, 71 Operation Bravo II 1 48 Operation Commander (OpCdr) II 4 52, 75 Operation Enduring Freedom I 1 106 Operation Gamorrah II 1 50 Operation Gladio I 1 61

589

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/index.3d from 30.09.2019 14:12:55 3B2 9.1.580; Page size: 160.00mm  240.00mm

Index Operation Gold I 1 58 Operation Headquarters (OHQ) II 4 49, 52, 57, 58, 77, 79, 85, 88 Operation Jungle I 1 54 Operation Plan (OPLAN) II 4 42, 49 Operation Ryan I 1 86 Operation Samot II 1 49 Operation Wrath of God I 1 85 Originator rule IV 3 68 70, 74 Osint (Open source Intelligence) III 2 2, 22 et seqq. Oversight I 2 46; V 1 27, 45, 119 et seq. Oversight body(ies) IV 4 19 et seqq., 29, 32, 35, 38, 41 et seqq., 46, 52, 64, 68, 70, 78 et seqq. P Palermo Convention II 1 16 Palestine Liberation Organization (PLO) I 1 84 Parallel and Coordinated Analyses II 5 58 Parallel and Coordinated Exercises II 5 58 Parlamentarisches Kontrollgremium V 1 27, 34, 45, 93, 123 et seq. Parliamentary oversight V 2 73 et seqq. Parliamentary Oversight – (UK) V 3 56–62 Participation Problem II 5 49, 52 Passenger Name Record (PNR) II 2 42 ff, 70, 73, 104, 106 Penkovsky, Oleg I 1 74 Personal Data Protection in criminal matters III 3 33 et seqq. Personal data, protection IV 2 5, 44, 47 et seq., 53, 76, 123, 129, 163 et seq. Personal data, protection of IV 1 27, 30 et seq. PESCO II 4 33, 34, 89 Petersberg Missions II 4 17 Philby, Kim I 1 56 Political Framework for Crisis Approach (PFCA) II 4 38 Positive obligations, human rights IV 1 42 Powers IV 4 8, 14, 17, er seqq., 43, 46, 52, 61, 67, 73, 76, 78 Priorized Intelligence Requirements (NATO) II 5 26 Privacy II 2 44, 72, 80 ff, 83, 105 Privacy rights I 2 14 Privacy, right to IV 1 14, 21, 27, 31 et seq., 76 et seq. Private life, right to IV 1 30 et seq. Procedural fairness, right to IV 1 48, 76 Property, right to IV 1 48 et seq. Proportionality, principle of IV 1 30, 58, 60, 70, 77 Prüm II 1 21, 54 Public Committee against Torture – Judgment of the Israeli High Court of Justice IV 1 24, 66, 68 et seq. Public Interest Immunity V 3 74–75 Putin, Vladimir I 1 59

590

R Rainbow Warrior I 1 89 Ransomware II 3 25 et seqq. Red Army Faction (RAF) I 1 84 Reding, Viviane (Commissioner) – on intelligence Activities IV 2 5, 167 Redress body(ies) IV 4 18, 26, 30 et seqq., 37, 39, 46, 54, 60, 64, 67, 69, 72 et seqq. Regulation of Investigatory Powers Act 2000 IV 5 36 et seq Remedies IV 3 3, 4, 51, 61, 77, 83, 85 Right to be heard IV 1 49 et seq. Right to privacy and data protection IV 4 2, 4, 7, 9, 13 et seq., 19, 33, 43, 64, 71 Risk assessment II 2 51 ff, 95, 109 Ritter, Nikolaus I 1 37 Robot weapon IV 1 3, 20 Roman Zakharov – ECtHR Judgment IV 2 59 Rule of Law IV 2 6, 22, 25, 70, 72, 82, 85 et seq., 112, 117, 163 et seq. – mechanism IV 2 85 et seq. Rule of law IV 1 35, 39, 50, 60, 76 et seq., 4 5, 8, 14 Russian Foreign Intelligence Service (SVR) I 1 57 S Sanctions Committee (UN) IV 1 47, 50 SATCEN II 2 54; III 1 2, 14, 15, 31, 34, 35, 36 et seqq.; IV 2 151 Schengen III Agreement I 1 116 Schengen Information System (SIS) II 2 3, 56 ff, 70, 73 f, 84, 104, 106, 116; III 3 48 Schrems – CJEU Judgment IV 2 47, 5 76, 77 Secrecy III 2 31 et seqq.; IV 4 1, 11, 19, 45, 49, 59, 74, 75 et seqq. Secret intelligence justification I 2 1 – Human intelligence (HUMINT) I 2 3 – Imagery intelligence (IMINT) I 2 15 – Location intelligence (LOCINT or DF) I 2 10 – Open Source intelligence (OSINT) I 2 19 – Signals intelligence (SIGINT) I 2 7 et seqq. – Social Media intelligence (SOCMINT) I 2 17 Secret Intelligence Service (MI6) I 1 17 – History V 3 5, 7 – Legal mandate V 3 15–16, 18–19 Security research II 2 75 f Security Sector Reform (SSR) II 4 6 Security Service (MI5) I 1 17 – History V 3 5–6 – Legal mandate V 3 15–17 Security, national IV 1 12, 25, 29, 34 et seq., 50 Serious and Organised Crime Threat Assessment (SOCTA) III 3 20 et seqq. Shared Values of the EU IV 2 85 et seq., 163 SIAC – III 1 26, 46, 48, 51, 55, 59 et seqq., 65, 89, 90 Signals Intelligence V 1 77 et seq. Single Intelligence Analysis Capacity (SIAC) II 4 71

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/index.3d from 30.09.2019 14:12:57 3B2 9.1.580; Page size: 160.00mm  240.00mm

Index SITCEN – Oversight of IV 3 98 Snowden (Edward) I 1 118; I 2 14 – Allegations V 3 10 – UK response V 3 12–14, 28–32 – leaks IV 5 8, 16, 20, 40 et seq, 51, 52, 57, 76, 81 Social compact 2 31 SOCTA II 1 40 Special Advocates (UK) V 3 76–78 Special Air Service (SAS) I 1 62 Special Operations Executive (SOE) I 1 34 Specialization IV 4 17, 36 et seqq. Spy IV 1 7 St. Malo II 4 18 Stalin I 1 28 Stasi V 1 1, 65 State Aids and intelligence activities IV 2 133 et seq. Strategic Analysis Capacity (NATO) II 5 45 Strategic Autonomy II 4 11 Strategic Intelligence Estimate (NATO) II 5 20 Stuxnet II 3 28 Supreme Headquarters Allied Powers Europe (SHAPE) I 1 62; II 5 24, 46 Surveillance (UK) V 3 22 et seq. – History V 3 23–25 Surveillance of Private Homes V 1 68 et seq. Surveillance, bulk (mass) IV 1 5, 21, 33, 36 et seq., 76 et seq., 2 5, 57, 126, 131, 5 16 et seq, 22, 30, 42, 44 Surveillance, digital (virtual) IV 1 2, 21 Surveillance, domestic IV 1 3, 38 et seq. Surveillance, extraterritorial IV 1 5, 14, 21, 38 et seq. Surveillance, inter-state IV 1 5 et seq. Szabo and Vissy – ECtHR Judgment IV 2 58 et seq., 5 13 T Talinn Manual II 3 52 et seq. Targeted killings IV 1 2 et seq., 8, 20, 54 et seq., 76 Targeted sanctions IV 1 2, 8, 10, 22, 47 et seq., 76 Targeted surveillance I 2 12 Tele2Sverige – CJEU Judgment IV 1 2, 34 et seq., 2 45, 49 et seq., 53, 112, 5 75

Terrorism III 2 15 et seq., 26 et seqq., 33 et seq., 39 – oversight and IV 3 17, 18, 21, 23, 70, 72, 91, 95, 99 Terrorism Intelligence Cell (NATO) II 5 44 Terrorist suspects IV 1 25, 74 Teufelsberg I 1 68 TGV Alsthom/Siemens case IV 2 133 et seq. Third Reich I 1 27 Torture – Alleged complicity of UK agencies V 3 10 Torture, prohibition of IV 1 16, 25, 41, 43 et seq., 77 Trafalgar, Battle of I 1 11 Transgovernmental network III 2 1 et seqq. Transparency IV 4 23, 78 TREVI II 1 7, 8, 10 U UK Investigatory Powers Act 2016 I 2 11 Ultra I 1 32 UN Security Council IV 1 2, 8, 22, 47, 49 et seq. United Kingdom IV 5 15, 16 United States IV 5 22 Usama bin Laden I 1 106 V Velásquez Rodríguez – IACtHR Judgment IV 1 41 Vertrauensgremium V 1 27, 122 Vienna Action Plan II 1 14 Virtual private networks (VPN) I 2 11 V-Leute V 1 17 W Warfare IV 1 57, 61 et seq., 68 Weber and Saravia – ECtHR Judgment IV 1 6, 2 58 et seq. Western European Union (WEU) II 4 17, 18, 60 Whistleblowing IV 3 50, 80 Wolf, Markus I 1 96 World War I I 1 19 World War II I 1 30 Z Zakharov – ECtHR Judgment IV 1 38 Zimmermann Telegram I 1 20 ZZ – CJEU Judgment IV 1 30, 2 46, 49 et seq., 54

591

Reemers Publishing Services GmbH O:/Beck/Dietrich_Sule/3d/index.3d from 30.09.2019 14:12:57 3B2 9.1.580; Page size: 160.00mm  240.00mm