Building Civil Liberties Protections Into the EU’s Latest Border Discussions

European officials are renewing efforts to secure their borders in the wake of last November’s Paris attack. At the end of last month, EU Interior Ministers met to solidify cooperation on border security and launched a new joint counterterrorism center to be housed within Europol. Just last week, France and Belgium announced renewed bilateral security cooperation agreements.

While such efforts are important to bolstering security among EU countries, broader cooperation is still needed and progress implementing proposed border security measures to date has been far too slow. Such progress has often stumbled due to civil liberties concerns, especially regarding the sharing of EU citizens’ personal information. Now, reticence to share sensitive information seems to be giving way to the collective security needs to screen suspect travelers in an effort to mitigate terrorism risks as they cross borders. European security personnel must both expand their approaches to border security, for example, through expanding information sharing mechanisms like bilateral agreements to share traveler information and use of Europol’s databases to identify suspects. However, expanding underlying information sharing authorities is critical to the effectiveness of changes on this front. Any new measures may prove to be be too little, too late, and won’t be viable in the long term unless and until the international community achieves a shared understanding of how to appropriately protect civil liberties on the front end of security reform.

The barrier to broader security reforms in Europe is not lack of commitment from the security apparatus, it’s the underlying policies. EU Interior Ministers (not to mention their American counterparts) have been trying for years to make progress in the same areas discussed at last month’s summit, and are in agreement on what needs to be done. But the two key gaps in their border security regime are due to policy, not implementation: First, EU nationals are seldom screened upon entry to the Schengen Zone (which has led to calls for so-called “systematic screening” through the Schengen Information System), and second, EU officials may not have the authority to share more in-depth traveler information with their European counterparts (e.g., agreements to share more sensitive passenger records — such as a traveler’s itinerary or the credit card number used to book a flight — between EU countries have faced opposition due to privacy concerns).

While it is heartening that the EU has announced its intent to reform its security apparatus, it has also been a work in progress for the last several years. The political priority for security upgrades began after the first attack by a returned ISIL fighter in Brussels in May 2014. After that incident, security officials and leadership within EU countries raised alarm bells about the need to systematically screen citizens entering the Schengen Zone and to exchange more information between security forces. But those calls went unanswered when some members of the EU Parliament’s civil liberties committee objected to changing the underlying authorities. Without civil liberties safeguards capable of winning a political compromise from privacy protectors, Interior Ministers will continue to agree that more should be done, and their concerns will continue to lack the legal authority for comprehensive action.

Civil libertarians’ concerns about the EU’s internal border policies are relatively simple (though the solutions are possibly quite complex). Currently, the Schengen Code says that EU citizens should only be “minimally” screened as they transit into the EU from outside the Schengen Zone. Depending on the country, this might mean simply a look at a traveler’s passport without a search through criminal databases to see if the individual raises a security concern. Additionally, though some traveler information is shared between security officials from European countries with their counterparts in other countries, when EU citizens travel from one EU country to another, officials can often only share passport information; they are often barred from sharing details such as a traveler’s itinerary or the credit card number used to book a flight. (These “passenger name records,” or PNRs, may be linked to a security case file even if the traveler’s name is not.) Data privacy advocates — and by extension, some European Parliamentarians — are concerned that in-depth screening of EU citizens might inhibit their right to travel, and that sharing information beyond what is on passports might violate their right to privacy and lead to discrimination. But, for Europe to safeguard against a new era of terror threats, it will need to systematically screen all EU citizens entering the Schengen Zone, and European countries need to exchange PNR information.

EU Parliamentarians and other European officials are in the process of figuring out screening processes that will work for them, and they will vote to codify reforms later this month. France and Belgium have announced moves toward systematic cooperation and have called for other EU counterparts to do the same. However, with the final vote still to come, a two-year sunset, a patchwork of different implementation regimes throughout the Schengen Zone, and the purposeful exclusion of Greece from border protections and the unintentional exclusion of Denmark (due to its opt-out from these types of EU requirements), European border security is far from being on sound political footing. The EU Parliament’s civil liberties committee — once the key hurdle for new screening authorities to pass — is now on board, but already support may be limited. One Member of Parliament said of the provisions, “They are part and parcel of militarisation and war which lead to racism and xenophobia.”

This parliamentarian’s comment reflects an attitude that could undermine the implementation and sustainability of the upcoming reforms. Even as foreign fighters and ISIL-inspired threats increase in frequency, security reforms in the EU were made possible only after two attacks in the heart of Paris within 11 months. Needless to say, more effort is needed to win over civil libertarians, and perhaps more importantly, to ensure the existing safeguards work.

Concerns over making these changes make sense, particularly when considering Europe’s sometimes difficult history balancing security and liberties, and the political necessity of preventing privacy intrusions. It also makes sense that EU security officials may be more accustomed to defending themselves from European civil liberties organizations rather than working together — so it is not surprising that neither side is jumping at an opportunity to partner.

It may be worth looking to the US for an example for how to balance security and civil liberties. Upon entry to the US, we screen all travelers. One way we account for privacy concerns is to prevent discrimination by screening everyone in a manner that is proportionate to the concern (e.g., everyone walks through a TSA checkpoint and screening device before getting on a plane), and ensuring that any subsequent screening or investigation is based on individualized suspicion that is proportionate to the person’s behavioral concern (e.g., a more thorough investigation if probable cause suggests someone is a security risk). In practice, it is not always perfect. But overall, our screening procedures are generally politically palatable enough from a civil liberties perspective and ensure systematic screening of travelers for security purposes.

Finally, from a diplomatic perspective, nations outside the EU may be able to help the EU work toward a solution that balances civil liberties with border security measures. The US has played an important role on this front and must continue to do so. President Obama offered — and the UN Security Council approved — a comprehensive UN Security Council Resolution in September 2014 to create a multilateral framework for agreement on (among other issues) traveler screening cooperation to mitigate terrorism concerns. The Security Council agreed to look into advancing information exchange between security officials, and also to leverage tools like Interpol. This framework has likely encouraged European countries to move forward with their cooperation, and can be the basis for framing international norms on these issues going forward. The US has a key interest in Europe’s progress, in no small part because we waive visas for citizens of many European countries, making screening prior to departure from Europe a US national security imperative. Europe will have to find a European solution to cooperation between its states, but its doing so must remain a diplomatic priority for the US, with assistance offered whenever possible to move them forward.

Some themes for managing the privacy and security balance are proportionality and use. Data should be collected proportionate to its need for use in screening, screening should be proportionate to the threat to security, and data should be retained proportionate to its need for future use. That is, both Advance Passenger Information (i.e., the information on your passport) and PNRs are necessary for screening travelers in transit; however, security officials without involvement in the travel screening process would not need to know passenger information unless it was flagged as a concern for further investigation. Moreover, all travelers must be screened against lists of known and suspected terrorists — in fact, doing so should ensure screening is based on criminal information and not based on race or ethnicity — but those not found to be suspect should know that their data will be retained for the minimum time possible and that they will have legal recourse to remove them from any watchlists they should not be on.

The advice from this American is to find a European solution. The first step is for European civil libertarians to work with their counterparts in countries like the US where these procedures are already in place to determine best practices and their threshold for compromise. Then security officials and civil libertarians should sit side-by-side in partnership to find a sustainable solution.

In an era of increasingly globalized threats, a global effort to protect civil liberties could lay a framework for security officials and civil libertarians to find a mutually agreeable foundation to effectively (and justly) address security threats. The news from late last month means that, if policy reform can be achieved, it will be complemented by closer partnerships within the EU, the combination of which will leave EU borders looking similarly secure to those in the US. Whether EU efforts include direct outreach to civil liberties influencers (or foreign counterparts such as US officials doing so on their behalf) remains to be seen, but the news out of Europe suggests moderate progress may be authorized this month. Ideally, it will happen quickly and will be ingrained into a privacy protection framework that will make the new era of stronger border security a more natural area for political support for generations to come. 

About the Author(s)

Ryan Greer

Consultant and Fellow with the Truman National Security Project Follow him on Twitter (@rgreer01).