18 November 2021
Intensified border security checks targeting Afghan nationals have been agreed by the Council of the EU, with the procedures requiring the extraction of mobile phone data and significant coordination with national intelligence agencies – despite the EU having no competences in the realm of “national security”.
Counter-terrorism action plan
The procedure for enhanced checks (pdf) was approved by the Council’s Terrorism Working Party on 10 November after several rounds of drafting by national delegations, and foresee a “uniform three level procedure for enhanced security checks of persons crossing or having crossed the EU’s external borders… and to humanitarian evacuations from Afghanistan.”
They procedure was drawn up in response to the EU's Counter-Terrorism Action Plan on Afghanistan (pdf). An initial version of the plan called for EU institutions and agencies to:
"monitor and provide analysis of the Taliban's takeover in Afghanistan with regard to the global Islamist extremist and Jihadist propaganda scene, including Afghan diasporas and Muslims in Europe."
The reference to "Afghan diasporas and Muslims in Europe" has now been softened to "those in Europe who are at risk of radicalisation."
The first step in the enhanced border checks will see officials run checks on EU and Interpol databases using data from individuals’ travel or identity documents; answers to questioning; biometric data (“including both facial images and dactyloscopic data [fingerprints]”); and “any identity discovered during the identification or verification.”
Authorities are also instructed to carry out physical searches of the means of transport and possessions of the individual concerned, and, where relevant, checking those items against the Schengen Information System, which contains millions of alerts on missing or stolen objects.
If the first level of checks does “not allow a conclusion on the security threat posed by the individual or where there are elements pointing towards a potential threat to EU’s internal security based on a risk assessment,” a second round of checks should be conducted.
This is to involve searches in the Europol Information System and further Interpol databases; the “consultation of national intelligence and security services through the sending of a trace request,” to which those agencies should respond “according to their mandate”; the extraction and analysis of information “from mobile electronic devices in possession of the individuals”; and “in-depth security interviews”.
Should “security concerns persist,” a third level of checks will be carried out. This will include:
“Further consultation of national intelligence and security services on the basis of initial results of the trace request and according to the mechanisms of cooperation and coordination they deem most appropriate, including a consultation with their foreign counterparts.”
Intelligence agencies should provide a response “in accordance with their national legislation”. Foreign intelligence agencies are also part of the picture – officials are instructed to consult:
“…relevant information shared by trusted third countries (e.g. on the base of evidence collected in Afghanistan on possible involvement in terrorist or other serious crime activities). Europol may be requested by the competent national authorities to support this process, as appropriate.”
Depending on the outcome of the checks, national authorities should “take the appropriate decision, including whether the individual should be arrested and/or eventually prosecuted.” The document also notes that it may be retroactively applied to individuals evacuated from Afghanistan for humanitarian reasons.
It will not surprise anybody that following the rise to power of an authoritarian theocracy, EU officials may be concerned about the possibility of ‘threats’ emanating from that state. But does this justify blanket suspicion of all Afghans? The document states that the procedure applies to:
“All individuals crossing or having crossed the EU’s external borders, following recent developments in Afghanistan, who arrived from Afghanistan or a neighbouring or transit country where they resided immediately prior to their arrival, in particular Afghan nationals; individuals declaring to be Afghan nationals; or individuals believed to be Afghan nationals...”
Notwithstanding the first part of the sentence, it appears that this is a policy that overwhelmingly targets one nationality, which may raise questions regarding discrimination and a lack of individual assessment. The document itself merely refers to “risk assessment,” but does not emphasize the need for an individualized assessment.
National security competences
The document is keen to highlight the utility of national security and intelligence agencies. The preamble notes:
“Member States' national security services often possess valuable information in relation to information shared by third countries on foreign terrorist fighters (FTFs) and could contribute to verify its accurateness. Member States are encouraged to harness the cooperation between intelligence services and law enforcement agencies at European and national level to avoid any possible information gaps.”
It goes on to say:
“Highlighting that the specific procedure set out in this document does not encroach on the principle that national security remains the responsibility of each Member State, and that it fully respects fundamental rights. The procedure is legally non-binding and its implementation by the Member States should respect national legislative provisions and procedures.”
The EU’s founding treaties state that: “national security remains the sole responsibility of each Member State.” The procedure agreed by the Council does not give any instructions to national security and intelligence agencies, but it could be argued that by encouraging consultation with them for the purpose of enhanced security checks, it is seeking to direct their activities.
The requirement for national authorities to extract and analyse data from mobile electronic devices is likely to ring alarm bells amongst privacy advocates, given the intrusive nature of such a procedure. While the document makes clear that this should be done in accordance with national law, it is not evident that those laws have the safeguards that would be needed around access, retention and storage of the data in question, which is likely to be highly sensitive. Nor is it clear that an informal procedure determined in secret by a Council working party can provide sufficient legal basis for such activity – indeed, the document is clear that it is not legally binding.
Spotted an error? If you've spotted a problem with this page, just click once to let us know.
Statewatch does not have a corporate view, nor does it seek to create one, the views expressed are those of the author. Statewatch is not responsible for the content of external websites and inclusion of a link does not constitute an endorsement. Registered UK charity number: 1154784. Registered UK company number: 08480724. Registered company name: The Libertarian Research & Education Trust. Registered office: c/o MDR, 88 Fleet Street, London EC4Y 1DH, UK. © Statewatch ISSN 1756-851X. Personal usage as private individuals "fair dealing" is allowed. We also welcome links to material on our site. Usage by those working for organisations is allowed only if the organisation holds an appropriate licence from the relevant reprographic rights organisation (eg: Copyright Licensing Agency in the UK) with such usage being subject to the terms and conditions of that licence and to local copyright law.