After Paris: What’s next for the EU’s counter-terrorism policy?

Camino Mortera-Martinez
27 January 2015

In the aftermath of the Charlie Hebdo shootings, both national governments and the European Union have announced that they will adopt new laws to combat terrorism. On January 29-30th the justice and interior ministers of the 28 member-states will hold an informal meeting in Riga to discuss what measures the EU should take. Rather than focusing on radical initiatives like the establishment of a European CIA, or the re-imposition of border controls, they should take some modest but important steps. In particular, they should overcome their differences on several key pieces of legislation which have been under discussion for some time and agree to use some powerful instruments that are already at their disposal.

Anti-terror legislation in the EU has traditionally evolved in response to events: urgent measures, like the European Arrest Warrant and the setting up of Eurojust (the Union’s agency for judicial co-operation) were taken after the 9/11 attacks. Then in the wake of the Madrid and London bombings, in 2005, the EU adopted its first-ever counter-terrorism strategy. That was followed in 2006 by the so-called data retention directive, which required communication providers to store data about their customers for up to two years. However the European Court of Justice (ECJ) recently declared this directive void, stating that its provisions violated EU rights of privacy and data protection.

In recent years, faced with the alarming phenomenon of returning jihadists, the Commission has tried to put in place a battery of measures which either the European Parliament or influential governments in the Council have opposed. These measures include sharing passenger data and a more effective use of the Schengen countries' internal database. The Paris events will undoubtedly help to unblock some of these measures. But what should be the EU’s priorities for a coherent and effective set of counter-terrorism policies?

High on the Council’s wish list is the controversial directive that seeks to establish an EU system for exchanging information about airline passengers departing for or arriving from third countries, known as Passenger Name Records (EU PNR). PNR data includes, inter alia, the name and address of the passenger, banking data, itinerary and emergency contact details. There is currently no obligation for airlines to transmit PNR data to member-states, although international agreements with the US and Canada oblige air carriers to share data on European passengers travelling to those countries with the authorities at the destination. The PNR directive, tabled by the Commission in 2011, introduces a requirement for air carriers to transfer PNR data to the member-state of arrival or destination. The civil liberties (LIBE) committee of the European Parliament has so far blocked the directive, on the grounds that it does not offer sufficient safeguards against violations of fundamental rights to privacy and data protection.

This argument is similar to the controversy in 2010 over the EU-US agreement on the Terrorist Finance Tracking Programme (TFTP), which ended with the Parliament blocking, for the first time in its history, an international agreement between the EU and a third country. The TFTP agreement was eventually adopted, once clauses safeguarding privacy – requested by the Parliament – had been introduced.

Both the Council and the Parliament should learn from the mistakes they made then, if they want to find a solution on PNR. The Council should make sure that national intelligence services brief security-vetted MEPs on the reasons why an EU PNR system is needed. This briefing procedure, which was made available to allow the Parliament to take informed decisions on security-related issues, has not yet been applied in relation to PNR.

The Treaty of Lisbon conferred full legislative powers on the Parliament in the field of Justice and Home Affairs, including counter-terrorism. The Council should now treat the assembly as an equal partner and involve it fully in the decision-making process. This could be done by explaining the value of the system to MEPs and trying to accommodate their demands to the greatest possible extent. Likewise, the Parliament should outgrow its sometimes naïve approach to security matters (as in the row over TFPT), and take a more responsible stance. It should avoid using security measures as a weapon in a test of strength with the Council and focus on the practical consequences of its vote. The Commission should act as an honest broker between the two institutions, ensuring that member-states do not use the Paris shootings to dismiss legitimate concerns about privacy and civil liberties.

One of the main demands of the European Parliament is that the PNR directive should not be adopted before the EU has completed the reform of its data protection rules. The reform includes the introduction of a specific directive covering the rules for the exchange of data between police and judicial authorities. The revised data protection rules would provide the general legal basis for all the privacy safeguards that MEPs would like to introduce into the PNR directive. The EU is set to complete this revision in the course of the next months. Early agreement on data protection reform will help institutions to find consensus on the PNR directive.

The EU is responsible for harmonising counter-terrorism measures in national criminal systems. The framework decision on combatting terrorism, adopted in 2002, requires member-states to introduce in their criminal codes provisions penalising terrorism and harmonising punishments for terrorist offences. It was amended in 2008 in order to criminalise offences related to provocation, recruitment and training for terrorist purposes. The decision now needs a comprehensive revision, among other things, to align its provisions with a United Nations Security Council resolution – UNSCR 2178 (2014) – on foreign fighters. The resolution requires countries to penalise travelling, or planning to travel, to foreign countries with the intention of preparing, or training for, a terrorist attack. It also criminalises financing and facilitating such activities. Harmonising legislation across the EU in order to tackle the problem of returning jihadists is crucial for the work of security forces and prosecutors. Some member-states, which take the threat from foreign fighters particularly seriously (such as France, Germany or the UK) have already adopted, or are in the process of preparing, relevant legislation; several other member-states, however, such as Hungary or Romania, do not share the same sense of urgency and lack proper legislation. This could lead to the creation of ‘safe havens’ where returning jihadists could find sanctuaries inside the EU.

In order to restrict the freedom of movement of potential terrorists, some member-states are pushing for systematic passport checks to be reintroduced on borders within the Schengen area, and for more stringent controls on Schengen’s external borders. The European Commission, however, opposes systematic checks and argues that member-states should instead make more use of the tools already at hand, like Schengen’s database, the Schengen Information System (SIS II). Member-states can input ‘alerts’ into SIS II to signal, for example, that a person is wanted for a criminal offence or that a firearm or identity document has been stolen. Such ‘alerts’ then pop up whenever the border authorities of a member-state perform a check on a person attempting to enter their country.

The Schengen Borders Code requires systematic checks at the external border while allowing for non-systematic checks within the Schengen area. Inside Schengen, border authorities can perform thorough controls (involving checking SIS II and other databases) on random samples of passengers, or on passengers identified as a ‘threat’.

The Commission has said that not all member-states are consistently performing such checks and that SIS II is being underused. SIS II is one the most powerful tools in the fight against terrorism, but member-states do not always enter the required data on suspected terrorists. This hampers the effectiveness of the system. The sub-optimal use of the SIS II database is closely linked to the reticence of national authorities to share intelligence information. Intelligence services are inherently reluctant to share information, but they may be missing the potential benefits of a more co-operative approach – for instance in the case of returning jihadists. The Commission and the Council can encourage such co-operation, by showing member-states the effect of entering more intelligence-based ‘alerts’ into SIS II. They can also make use of formal structures like Europol and the EU Intelligence Analysis Centre (EU INTCEN, part of the European External Action Service), and other initiatives. Federica Mogherini (the EU High Representative for Foreign Affairs and Security Policy) has a plan to appoint security attachés in EU delegations in relevant countries. While the idea of a European CIA remains, for the time being, a fantasy, EU institutions have an important role in co-ordinating the input of national intelligence agencies in the fight against terrorism.

A vital factor in the success of the Charlie Hebdo killings was the terrorists’ access to weapons. The Kouachi brothers and their fellow terrorist Amedy Coulibaly reportedly acquired their arsenal near Brussels’ main train station and then brought the weapons into France. The EU regulates the free movement of weapons used for legitimate purposes and has also taken steps to prevent cross-border smuggling of firearms. The EU has imposed very strict standards for the import, export and transfer of firearms and their replicas and adopted very clear rules on the deactivation of weapons. Despite these efforts, relatively accessible black markets for firearms still exist across Europe, enabling terrorists to purchase weapons and move them across borders. The European Commission hopes to introduce stricter controls at the EU level and has called for a better exchange of information on the manufacture and trafficking of firearms. The EU should continue its efforts to strengthen oversight of the firearms trade in Europe and use the opportunity to urge member-states to share information on arms smuggling, not least through inputting alerts into SIS II.

The incidents in Paris and the subsequent counter-terrorism raids and arrests across Europe are a reminder of the need for a concerted European response to terrorism. The EU does not want to start a futile "War on Terror", as President George W Bush did in 2001. The events in Paris should not prompt governments and Commissioners to ignore legitimate concerns over the impact of security on civil liberties. But member-states and EU institutions can do more to ensure that they use the tools they have effectively and update criminal laws where necessary. That way, they can fight radical Islamism while still protecting fundamental European rights and values.

Camino Mortera-Martinez is a research fellow at the Centre for European Reform.