EU: First thoughts on the EU's internal security strategy, by Tony Bunyan

The EU has just adopted an Internal Security Strategy. Here the origins of the concept of “internal security” and the UK’s National Security Strategy are examined and the question is posed as to what lessons can be learned when looking at the embryonic EU plans.

“Internal security” is a term much used by national governments, law enforcement and security agencies though little understood outside of their circles. It involves the state bringing together the activities of all of the agencies at national, regional, local and community level into one overall plan to protect and maintain internal security.

Internal security embraces everything from border controls to public order, from civil disasters (eg: floods) to counter­terrorism, from surveillance (eg: using undercover sources) and intelligence-gathering (eg: using monitoring internet usage) to tackling crime, from drug trafficking to critical infrastructures.

Internal security brings together the operations and work of the police (including para-military units), immigration and customs, internal security agencies, civil contingency planning, the military, judges and courts, national and local government, hospitals and fire-fighters, multi-national companies and small businesses, schools, universities and civil society. In preparation for threats to internal security, laws on emergency powers or civil contingencies or crisis management are in place which can be applied locally or nationally (including new powers of arrest and detention and “rules of engagement”). People perceived to be “threats” to internal security are portrayed as “enemies of the state” or “enemies of the people”.

On the one hand,a states’ internal security plan protects people from attack and injury and rescues them from floods and catastrophes. On the other, it maintains public order (ie: policing protests) and seeks to maintain the status quo (both political and economic).

History tells us that when it comes to a choice between the health and safety of the people and the security of the state and the status quo there is little doubt which interest will be protected. History also tells us that only a state can organise an internal security strategy - now the EU is developing its own.

The origins of “Internal security”

The concept of “internal security” is as old as the nation state, although this exact term was not used until the early 20th century. “External threats” were seen as coming from “foreign” enemies and “internal threats” from a domestic “enemy” through their open defiance of the status quo.

In the late 19th and early 20th century the vast British Empire – which covered a quarter of the globe - was run on the basis that defence of the status quo in all of its colonies was a defence of the “homeland” (ie: to ensure the continued exploitation of labour and natural resources). Later, faced with demands for independence by non-violent and armed insurrections across the Empire, the modern concept of “internal security” emerged during more than fifty counter-insurgency operations after 1945. The British “model” in Malaysia was copied by the USA in Vietnam and then adapted for use in Northern Ireland.

The concept of “internal security” evolved from seeking to combat insurrection to countering “subversion”. One of the architects of modern day “internal security” was Brigadier Frank Kitson, who developed these ideas while seeking to counter insurgents in the British colonies of Malaya, Kenya and Cyprus.

He defines “subversion” as:

“the use of political and economic pressure, strikes, protest marches and propaganda”

and extends the definition to groups of people seeking to:

“force them [governments] to do things which they do not want to do.” [1]

The same phraseology is reflected in the EU definition of “terrorism”, adopted in 2001, which extends terrorist acts to include:

unduly compelling a Government or international organisation to perform or abstain from performing any act

Internally it has always been the job of the modern state to maintain the status quo and law and order, and in times of crisis (perceived or real), to coordinate all the agencies of the state at the national level.

In the UK a National Security Plan was adopted in the early 1970s (incorporating military, political, legal, sociological, psychological and ideological factors) and covered internal security and “civil defence” (now civil contingency planning) and was in effect:

a defence against civilians; it protects the government against its people [2]

The current UK National Security Strategy was adopted in March 2008. One of the architects was Sir David Ormand, who had been the UK Security and Intelligence Coordinator in the Cabinet Office (and previously been Director of Government Communications Headquarters, GCHQ, the UK equivalent of the US’s NSA). In a publication for the Institue for Public Policy Research (IPPR) Ormand says that the implications of the Strategy for the intelligence community include the adoption of anticipatory policies towards future threats. [3]

He uses the example of local problems being tackled at the local level at the same time as national authorities take on the international dimensions:

The national intelligence authorities will be expected to both ensure that the local enforcement level -including police, border forces and other local authorities -have the necessary information, and to help manage the international dimension of these domestic threats.

This is a description of the vertical, “top-bottom”, aspect of internal security.

“Anticipatory policies” are intended to “allow disruption” of the threat, to pre-empt them by ”authorising covert actions” where “governments cannot afford to be seen to be directly involved”. To use these tactics to “disrupt” the activities of known terrorists or drug dealers is one thing. But if these same practices are extended to those who have “come to their notice” or friends of these people or to those who have radical views or are organising a demonstration on what is perceived to be a sensitive issues it is another matter altogether.

In the article Ormand says that modern national security needs three types of intelligence: traditional secret sources, open sources and an entirely new one: “personal protected data”.

Traditional secret sources: the “heart” of secret intelligence is human sources (HUMINT, undercover agents and paid/unpaid participants) and the interception of communications. These are backed by SIGINT (Signals intelligence), IMINT (photo­reconnaissance), ELINT (electronic intelligence) and MASINT(measurement and signature intelligence). However, these secret sources are increasingly ”dwarfed” by OSINT(Open source intelligence) trawled from the internet.

The new third category is PROTINT(“protected information”).

This is personal information about individuals that resides in databases, such as advance passenger information, airline bookings and other travel data, passport and biometric data, immigration, identity and border records, criminal records, and other governmental and private sector data, including financial and telephone and other communications records. Such information may be held in national records, covered by Data Protection legislation, but it might also be held offshore by other nations or by global companies, and may or may not be subject to international agreements.”

Ormand argues that PROTINT and the ability to use “data­mining and pattern recognition software” may be vital to pre­empt terrorism. However, the history of MI5, the internal security agency (and Special Branch) shows that capabilities developed to tackle terrorism are quickly extended to all areas of law and order.

PROTINT sources have always been made available when the police have hard evidence against a suspect but the:

application of modern data mining and processing techniques does involve examination of the innocent as well as the suspect to identify patterns of interest for further investigation (emphasis added).


Obtaining international agreement on the sharing of such data will become increasingly important in order to ensure access to these vital sources.

Ormand conceded that these kinds of intelligence operations are “finding out other people’s secrets” which breaks “everyday moral rules”. He concludes that:

public trust in the essential reasonableness of UK police, security and intelligence agency activity will continue to be essential. (emphasis added)

An historical view of the activities of UK state agencies suggests that the presumption of their “reasonableness” is not one to which everyone would subscribe. [4]

The challenge for the Security Strategy he suggests is how to gather intelligence on the “suspect” and the “innocent” (ie: all of us) with access to:

the full range of data relating to individuals, their movements, activities and associations in a timely, accurate, proportionate and legal way, and one acceptable in a democratic and free society

If you trust the “reasonableness of the police, security and intelligence agencies” this is fine. But in a democracy, such power and trust should never be given to agencies which are traditionally secretive, unaccountable and often act outside the rule of law.

The UK’s National Security Strategy and the role of its intelligence and security agencies is highly developed. The EU is now embarked on the same path though it is as yet in an embryonic stage.

The EU’s Internal Security Strategy

The EU has been waiting for years to launch its own Internal Security Strategy (ISS) and to create the Standing Committee on Internal Security (COSI), which will be responsible for developing the ISS -were both foreseen under the then-EU Constitution (later replaced by the Lisbon Treaty). Back in 2003 it was thought that the EU Constitution would be in place by 2005-6. In the event the Treaty and the Stockholm Programme both came into effect at the beginning of 2010.

What these two developments have in common is that they represent a sea-change in the fast-growing European state. The adoption at the beginning of 2010 by the Council of the European Union (the 27 governments) of an embryonic “Internal Security Strategy” was based on an unspoken assumption. Namely, that the EU state will lay down the matrix for coordinated analysis, planning and operations to be pursued at European, national, regional and local levels embracing all the “players”. The Council Presidency document, “Towards a European Security Model” [5], says that:

The concept of internal security must be understood as a wide and comprehensive concept which straddles multiple sectors

The “players” extend way beyond state agencies (police, immigration, internal security agencies and the military):

to reach an adequate level of internal security in a complex global environment requires the involvement of law-enforcement and border-management authorities, with the support of judicial cooperation, civil protection agencies and also of the political, economic, financial, social and private sectors, including non-governmental organisations.

The concept of internal security embraces horizontal and vertical cooperation both at the national and European level. Horizontally by linking all the main agencies in the national states and the European state to a common purpose, programme, intelligence and technology. Vertically, to link all active elements at regional, local and community level to the framework set out above. This includes law enforcement, the judiciary and civil protection, regional and local government, businesses, universities and schools and civil society.

Essential building blocks for an internal security strategy are the existing EU concepts of the “principle of availability” (state­held information and intelligence available to all national agencies), the “principle of operability” (ie: to allow automated access for national and EU databases) and the “principle of convergence” (ie: EU training for one-third of national police forces by 2014 and the purchase EU-wide software licences to save money).

The EU argues there is an intrinsic connection between “internal” and “external” security”. Of course there can be connections between “internal” and “external” threats. During the Cold War the Soviet Union and “communism” were perceived as an “external threat” and the Communist parties and their “sympathisers” seen as an “internal threat” in Western Europe. However, the common definition of “sympathisers” often extended to the extra-parliamentary left which openly opposed Soviet-style “communism”.

Today we see, for example, that people fleeing war, poverty and persecution in the Third World who seek to come to Europe are one of the major perceived “threats”. They are presented as potential terrorists or criminals or as an economic burden. Migrant communities, many of whom have been in the EU for decades, are similarly seen as potential threats.

The “fear” of “threats” is fuelled by EU agencies. A few years ago a Europol official was caught off-guard by the media and was quoted as saying that over 500,000 “illegal” migrants entered the EU every year. There was no factual basis for this statement as, logically, Europol had no idea how many undocumented migrants had entered the EU, it was a pure guess. Yet just this year the official “Joint Report by Europol, Eurojust and Frontex on the State of Internal Security in the EU” states that there are an:

estimated 900,000 illegal immigrants entering the EU each year [5]

Such statements are sheer guesswork, irresponsible, and serve to fuel racism.

Protestors have become another “threat” following the cross-border protests in Gothenburg and Genoa (2001), Davros, Heiligendamm at the G8 meeting in Germany, Copenhagen(2009) and recent protests in Brussels. And the EU is currently considering creating a database of suspected “violent troublemakers”.

Thus each generation of the EU elite finds new internal “threats” and ever changing “enemies within”.

Ideology and internal security

After 11 September 2001 the ideological rationale was first argued in terms of the “war on terrorism” - and more directly in terms of “counter-terrorism”. The EU lexicon now rarely uses “the war on terrorism”. Indeed the public is becoming tired of its constant use, according to the EU’s Counter-Terrorism Strategy:

Amid a string of other global crises with more immediate impact on peoples' lives, there seems to be a growing sense of "CT fatigue". [7]

This is reflected in changing terminology used by the Council. In the Hague Programme (2005-2009) there were twenty references to terrorism and ten to law enforcement agencies (LEAs). The Stockholm Programme (2010-2014) has just six mentions each of terrorism and LEAs and twenty-seven references to security and internal security.

Secondly, the emergence of internal security signals a change in the scope of what is termed “Home Affairs” in the Council (internal security, immigration, policing and criminal law) and Commission (where it covers internal security and immigration).

The post-Maastricht (1993) justice and home affairs categories of policing, criminal law and immigration and asylum will, in time, be incorporated as part of the internal security plan.

Concepts of “internal security” at national level (like the UK National Security Plan) take “an all-encompassing approach” (horizontal and vertical) and include:

- policing

- criminal law

- immigration, asylum and border control

- counter-terrorism

- crisis management (civil contingencies/civil protection)

- civil-military interface

- public-private interface

- national internal security agencies cooperation

-information and intelligence gathering and sharing within (and outside) the EU

One might think that the formally adopted Internal Security Strategy would clarify what it was to cover.[8] However, its scope is scattered throughout its 18 pages so Statewatch made a list for the sake of clarity:

- terrorism

- serious and organised crime

- drug trafficking,

- cyber crime

- trafficking in human beings

- sexual exploitation of minors and child pornography

- economic crime,

- corruption

- trafficking in arms

- natural and man-made disasters

- crime in general

- critical infrastructures

- document fraud

- money-laundering

- petty and property crime

- youth violence

- hooligan violence

- petty or property crime

- major international events (inc public order/protests)

- football matches and sports events

and “road traffic accidents”

This “list” is essentially pulling together of existing and ongoing initiatives which fall far short of being a comprehensive internal security strategy.

However, the first indication of how the Internal Security Strategy might develop is given in the draft Council Conclusions on the creation and implementation of an EU policy cycle for organised and serious crime. [9] This first “policy cycle” sets the structure:

- clarify “the division of tasks between the Union and the Member States

- follow the principle of solidarity

- have a “proactive and intelligence-led approach” and

- ensure “stringent” cooperation between the Union agencies including “improving their information exchange”.

The present Organised Crime Threat Assessment (OCTA) is to become EU SOCTA (EU Serious and Organised Crime Threat Assessment) from 2013 backed by Multi-Annual Strategic Plans (MASPs) and annual Operational Action Plans (OAP) in a four year policy cycle. Member States’ and EU agencies are to be tied into the EU’s SOCTA - for example, through integrated reporting mechanisms and “National Intelligence Models” are to be “Aligned” to the European Crime Intelligence Model (ECIM). [10]

Prevention and “anticipation”

A new, dangerous, concept, originating in the Future Group report on justice and home affairs, is that of “anticipation”.[11] The Stockholm Programme has over twenty mentions of “prevention” but the concept of:

prevention and anticipation (emphasis added) [12]

is new. It is spelt out in a section on the ISS which says it is based on a “proactive and intelligence-led approach”. One of the examples given is described as follows:

Cooperation should therefore be sought with other sectors like schools, universities and other educational institutions, in order to prevent young people from turning to crime…. Civil society organisations can also play a role in running public awareness campaigns.

This could employ analytical tools and early-warning system so:

that we are not only prepared for the outcomes of future threats but also able to establish mechanisms to detect them and prevent their happening in the first place.

This concept of “anticipation” implies built-in scenarios or profiles of people or activities which would require state intervention well prior to the assumed “threat” moving anywhere near to reality. For example, a group of people might discuss far-reaching ideas but this is a long way from actual planning or being prepared to act on them.

Information and “intelligence”

Supplementary to the adopted Internal Security Strategy are the Council Conclusions on an Information Strategy for EU Internal Security which uses very familiar arguments.[13]The “principle of availability”, developing IT to “support the collection, storage, processing and analysis and exchange of information” and the “principle of convergence”. They include this seemingly bland statement:

Effective and secure cross border exchange of information is a precondition to achieve the goals of internal security in the European Union” [14]

But a Footnote says:

In this context, information means information and criminal intelligence required by the competent authorities and available to them under the relevant framework for the objective of improving the EU internal security of the EU citizens. (emphasis added).

The term “information” could mean the exchange of “hard” information proposed in the European Criminal Record Information System” (ECRIS) of convictions.[15] Whereas the exchange of “criminal intelligence” may be “hard” and “reliable” or “soft” and from a dubious source [16] as proposed for the European Police Records Information System (EPRIS).

Modern Technologies and Security

It is the reference in the Council’s discussion on Modern Technologies and Security that indicates another new direction ­which is in line with the Future Group report and reflected in the Stockholm Programme.

This is based on an earlier key document on this issue from May 2009 which speaks of the “triangle of fundamental values”
– “protection of privacy, freedom of movement and security”.[17]. It said:

there is a general discussion on the adequacy of intrusions into privacy, effects on freedom of movement and the added value of the proposal for strengthening security (emphasis added) [18]

The crucial conclusion reached is who should be the driving force in the use of “modern technologies”. This is answered, under the “Practical requirements of the law enforcement community”:

The development of new technologies and systems must be the outcome of requirements and needs of these entities in MS. Therefore it is essential to focus on how newly proposed solutions will contribute to supporting the activities and strengthening cooperation of specific law enforcement entities and those ensuring internal security.

Thus the “users”, the law enforcement agencies and “those ensuring internal security” (an oblique reference to internal security agencies) determine the “needs” and “requirements” for new technologies. Not governments or parliaments or people but the agencies are to determine the direction and use of new technologies. Political decision-making and public discussion are not referred to. And the role of the “users”, based on a “business” model, is to be paramount.

“Common vales”

The underlying assumption throughout the discussion on the ISS is that the EU has, and will, “balance” freedom and security and that there is a common commitment to “security, freedom and privacy” based on the EU’s internal security “protecting people and the values of freedom and democracy”. This is summed up as constructing:

an internal security strategy which reflects the values and priorities we all share


Europe must consolidate a security model, based on the principles and values of the Union: respect for human rights and fundamental freedoms, the rule of law, democracy, dialogue, tolerance, transparency and solidarity.

These assumed principles and values are, however, contested by those who view the EU’s development since 2001 as having nearly always favoured security over liberty. Respect for human rights is in no way reflected in its immigration and asylum policies and practices; the rule of law has been bent or cast aside on numerous occasions; democracy is simply viewed as having a vote (which only a minority use) every five years; dialogue cannot take place if there is no transparency and openness in decision-making (ie: access to the documents under discussion); tolerance is a poor substitute for equality.


The EU state is beginning to flex its muscles with its emerging security-industrial complex [19], the state-private surveillance society and a free market in the exchange of personal information, [20] the proposed EU-PNR, EU-SWIFT and EU exit-entry system, and aggressive new agencies like FRONTEX. When it finally comes together the ISS will embrace these and other initiatives into its operational planning.

The development of internal security in the EU is in its infancy and so far largely brings together initiatives already underway. However, the detailed initiatives taken under the EU “policy circle” being drawn up by the new permanent Standing Committee on Internal Security (COSI) on serious and organised crime will shed light on how far-reaching and how deep the ISS is destined to become when applied to each and every operational area.


1 “Low Intensity operations: Subversion, insurgency and peacekeeping” by Brigadier Frank Kitson (Faber 1971)

2 “Beneath the City Streets” by Peter Laurie, p285.

3 The National Security Strategy: Implications for the UK intelligence community, IPPR, February 2009.

4 See The Poliical Police in Britain (1977) and the Coercive State (1988)

5 EU doc no: 5842/10

6 EU doc no: 9359/10

7 EU Counter-Terrorism Strategy - discussion paper, 15359/1/09.

8 Adopted draft Internal Security Strategy for the European Union: "Towards a European Security Model" (EU doc no: 7120/10,):

9 EU doc no: 13902/1/10

10 This initiative will be supplemented by the Stockholm Programme’s commitment to put 33% of national police officers, 50% of national judges and prosecutors and 50% of other national law enforcement professionals through a European Training Scheme by2015.

11 The “Future Group” report on Home Affairs set the tone for the Stockholm Programme:

12 EU doc no; 7120-10; oop.cit.

13 EU doc no: 16637/09

14 EU doc no: 16637/09

15 But see the problems with ECRIS, Statewatch News Online, January 2009

16 See “The Shape of Things to Come” (Statewatch, 2008)

17 EU doc no: 10143/09: Informal JHA Ministerial Meeting in the field of
Modern Technologies and Security

18 The term “adequacy of intrusions into privacy” appears not to be a slip of the pen as it also appears in earlier drafts

19 See: Neoconopticon: the EU security-industrial complex by Ben Hayes (Statewatch, 2009)

20 See The Shape of Things to Comeby Tony Bunyan (Statewatch, 2008)


Spotted an error? If you've spotted a problem with this page, just click once to let us know.

Report error