17 January 2023
The European Police College is to train a host of states with miserable human rights records on the use of “covert techniques in forensics and mobile telecommunications” and will provide “training activities related to cyber-attacks in order to build capacities for law enforcement, judicial authorities and other relevant bodies.”
Support our work: become a Friend of Statewatch from as little as £1/€1 per month.
Image: Lex McKee, CC BY-NC 2.0
Operational Action Plan
The training on “covert techniques in forensics and mobile telecommunications” will be given to the countries that make up the Eastern Partnership: Armenia, Azerbaijan, Georgia, Moldova and Ukraine, while countries in the Middle East and North Africa – including Algeria, Egypt, Morocco and Libya – are to receive training on cyber-attacks.
The plans are outlined in the most recent version of the EU’s Operational Action Plan 2023: Cyber attacks (pdf), which was circulated to member state delegations in the Council on 16 December.
Germany had primary responsibility for developing the plan, according to the document, but it is the European Police College (CEPOL, now formally known as the EU Agency for Law Enforcement Training) that will provide the training courses to foreign police forces.
Fundamental rights failure
The plan was circulated in the Council just days after the publication of a European Ombudsman decision condemning the European Commission’s failure to assess the possible human rights impact of providing support to African countries to develop surveillance capabilities, including through “knowledge on surveillance techniques and other equipment, to strengthen their border management.”
The Ombudsman emphasised that:
“If the surveillance technologies and capacity transferred are used by the partner countries for purposes not foreseen under the project, there is a risk for human rights of individuals in these countries, as well as for the ability of the EU to fulfil or realise its human rights obligations.
…the Commission does not exclude such a possibility. However, it considers that the measures in place (multi-layer approval process of projects; use of specific documentation of projects - action documents; possible suspension of funds) are sufficient to mitigate the risks for human rights. The Ombudsman disagrees.”
Could there be a possibility of the partner countries in question misusing the skills provided by CEPOL? Readily-available public information suggests that there could well be.
The goal of training police forces in covert investigative techniques is, fundamentally, to increase the number of arrests and to place more people in police custody and, eventually, prison. Yet the states that will receive CEPOL's training routinely abuse the rights of people in custody.
The recently published Human Rights Watch World Report 2022 notes that in Armenia: “Torture and ill-treatment in custody remains a problem and it is often perpetrated with impunity.”
The organization reports similar problems in Azerbaijan, where maltreatment in custody is “rampant” and “the practice continued with impunity” throughout 2022. The Azerbaijani authorities are also evidently already well-acquainted with covert investigative techniques: they have used the Pegasus surveillance software to spy on more than 1,000 political activists and journalists.
In Georgia, the government is cracking down on protest rights, while “thousands of documents containing compromising information on Georgian clergy” were leaked to the media. The information was allegedly obtained via “illegal surveillance and wiretapping.”
Despite this, the Operational Action Plan makes no mention of human rights or civil liberties with regard to the training to be given by CEPOL, nor any of the other activities that are planned for 2023. Yet as the Ombudsman noted with regard to the Commission’s support for surveillance projects abroad:
“The goal should instead be to prevent such violations, and prior human rights impact assessments can play and important role to this end.”
Training on cyber-attacks
A separate training course on cyber-attacks provided by CEPOL will be offered to authorities in the Middle East and North Africa, namely Algeria, Egypt, Israel, Jordan, Morocco, Lebanon, Libya, the Palestinian Authority, Tunisia, Afripol and the League of Arab States.
The document contains few details on what this will entail, but says the aim is “to build capacities for law enforcement, judicial authorities and other relevant bodies.”
Elsewhere, the document states:
“The impact of cyber-attacks is extremely high. Cyber-dependent crime causes significant financial loss to businesses, private citizens and the public sector each year through payments for ransomware, incident recovery costs and costs for enhanced cyber-security measures. Regular citizens are affected by publication of their personal data and disruptions caused by attacks to critical infrastructure.”
It also notes that the most relevant partner states for cooperation with the EU on cyber-attacks and cyber-crime are Belarus, Brazil, China, Georgia, Israel, Japan, Moldova, Russia, South Korea, Ukraine and the United States. It is unclear why countries in the MENA region are being offered the training.
There has been intense scrutiny of EU cooperation with Libya over the last decade, in particular with regard to border and migration control. However, EU police cooperation has also come in for scrutiny – at the last meeting of the Europol Joint Parliamentary Scrutiny Group, Europol’s executive director, Catherine de Bolle, said “with CEPOL we have a capacity building project in the MENA region.”
Irish MEP Clare Daly asked de Bolle about the fundamental rights risks of training the Libyan national counter-terrorism team, which she described as being “well known for repressing and torturing political opponents and being linked to networks affiliated with human slavery and trafficking”
In response, de Bolle said: “When we are talking about operational agreement it is the responsibility of the European Commission and there is a complete framework in place to make assessment related to human rights.” She added: “We look at each country individually and we see with the member states what is possible and what is not and how we can dialogue with these countries.”
It is unclear if and how CEPOL assesses the fundamental rights risks of providing training to repressive agencies with appalling human rights records – but if de Bolle’s response is indicative of the EU’s approach as a whole, then there is little to be optimistic about.
EU border agency Frontex is obliged to report annually to the European Parliament, European Commission and Council of the EU on its cooperation with non-EU countries. The 2021 report, obtained by Statewatch and published here, focuses on an expanding influence in the Western Balkans, information sharing, the expansion of the European Border Surveillance System (EUROSUR) to non-EU states, and deportations.
The EU will seek agreements between EU judicial cooperation agency Eurojust and a range of non-EU countries - including states with dismal human rights records such as Egypt, Turkey, Israel and Algeria - following approval from the Council of the EU for the opening of negotiations.
- Agreements would allow exchange of personal data with countries including Algeria, Egypt and Turkey - MEPs concerned over making deals with dictatorships - Council amends draft decisions: but will paper safeguards be enough?
Spotted an error? If you've spotted a problem with this page, just click once to let us know.
Statewatch does not have a corporate view, nor does it seek to create one, the views expressed are those of the author. Statewatch is not responsible for the content of external websites and inclusion of a link does not constitute an endorsement. Registered UK charity number: 1154784. Registered UK company number: 08480724. Registered company name: The Libertarian Research & Education Trust. Registered office: MayDay Rooms, 88 Fleet Street, London EC4Y 1DH. © Statewatch ISSN 1756-851X. Personal usage as private individuals "fair dealing" is allowed. We also welcome links to material on our site. Usage by those working for organisations is allowed only if the organisation holds an appropriate licence from the relevant reprographic rights organisation (eg: Copyright Licensing Agency in the UK) with such usage being subject to the terms and conditions of that licence and to local copyright law.