Comments by Statewatch on the proposed Decision on Financial Intelligence Units for the House of Lords Select Committee on the European Communities (sub-committee "E", Law and institutions)
[This submission concerns document 11636/2/99 CRIMORG 141, 31.12 1999]
The proposed Decision is clearly of sufficient importance to merit scrutiny by the House of Lords European Committee. In particular, such scrutiny is necessary because many key provisions of the proposal are unclear and ambiguous, and the Decision takes no or limited account of human rights and data protection concerns.
We have the following specific observations:
1) Human Rights
The proposed Decision makes no reference to human rights at any point. There needs to be an overarching reference to the requirement to comply with applicable human rights standards imposed by the European Convention on Human Rights and any higher standards set by Member States. For instance, see the new Article 1a proposed by the EP's civil liberties committee (report A5-0102/2000, 4 April 2000).
2) Creation of FIUs
It is not clear from the draft Decision whether Member States have an obligation to create FIUs, or whether the Decision only applies if Member States have established an FIU. This point should be clarified.
3) Status of FIUs
As drafted, Article 3 is unclear. Does it require Member States to change the status of FIUs in national law? The effect of this Article should be clarified.
4) Data Protection
Article 4 is highly deficient because it does not provide for the application of data protection standards. Nor does Article 6. Article 5(4) refers to data protection in the requesting state, but it is also essential to provide for the application of data protection rules in the requested state. Indeed, Article 5(4) could be interpreted to mean that only the requesting state's data protection rules apply, in the absence of an explicit reference to data protection in Articles 5(5) and 6(2). Therefore the Decision needs an explicit clause on this point. The amended version of Article 5(4) proposed by the EP's civil liberties committee (see report mentioned above) is a good starting point, but this clause should also refer to compliance with the national law of the requested and requesting Member States, since the Council of Europe Convention and the EC directive set only minimum standards.
In addition, Article 5(3) must be amended to clarify that some or all of the information requested could be refused if it would violate EC, international or national data protection law to disclose it. Otherwise the Decision could be interpreted to mean that requested FIUs could never refuse to disclose information on data protection grounds, since Article 5(3) only refers to criminal investigations as a reason for refusing data and Article 5(4) refers only to protection of information after a transfer. If the EU is really to take data protection seriously, the Decision must provide explicitly for refusal of the transfer of information on data protection grounds.
The Decision should also provide explicitly that national data protection laws apply to it fully, in particular as regards complaints and requests for information, the powers of data protection authorities, and the right to request access to, correction of and deletion of data. It should also include rules on cross-border access to data (concerning such issues as mutual recognition of a decision of one Member State's court to order deletion of information from files) at least equivalent to the rules in the Europol or Schengen Convention on this matter.
Article 5(2) should specify that the requested state's prior approval of the use of information for prosecution must be in writing, so as to furnish proof that the relevant approval has been given. The Article must also specify that the use of information for prosecution shall be subject to both the requested and requesting state's rules on the rights of the defence, in particular to the evidence law of both states including both states' rules on disclosure of evidence to the defence. The prosecuting state must also inform the defence that the information has been obtained subject to this Decision and which Member State it was received from. These protections are essential because the defence should have an opportunity to challenge the use of the transmitted information if the provisions of this Decision or either state's relevant laws have been violated.
It is not clear how Article 5(3) relates to Article 5(2). Unless every Member State permits FIUs to prosecute individuals, then at least a prosecuting authority will have to have access to the relevant information. Article 7 should refer back to Article 5(3), as ensuring such non-transmission should form part of the protected channels of communication applying to the FIUs.
Article 8 must be clarified. What are the FIU's obligations to Europol?
The Decision would be easier to read with headings for each Article, as found in other recent EU legislation.
There is no need for Article 6(2), since it reproduces Article 5(5), and Article 6(3) already imposes all the rules of Article 5 upon spontaneous exchange of information.
Moreover, there is no need for Article 6(3), since Article 5 appears to apply to the entire Decision already, not just to Article 4 (see Articles 5(1) and 5(3)). This would be even clearer if the order of Articles 5 and 6 were reversed.
Statewatch evidence prepared by Steve Peers, Reader in Law, University of Essex
26 April 2000
© Statewatch ISSN 1756-851X.Material may be used providing the source is acknowledged. Statewatch does not have a corporate view, nor does it seek to create one, the views expressed are those of the author. Statewatch is not responsible for the content of external websites and inclusion of a link does not constitute an endorsement.