Delivering on the commitment of fighting against terrorism and countering radicalisation, the Commission adopted the European Agenda on Security on 28 April 2015. The Agenda sets out the main actions to ensure an effective EU response to terrorism and security threats in the European Union over the period of 2015-2020. It is part of the renewed Internal Security Strategy that was adopted by the Council on 16 June 2015.
Following the Brussels attacks, President Juncker announced on 23 March that Europe needs a Security Union to effectively combat the threat of terrorism, building on the European Agenda on Security. On 20 April, the Commission set out the way forward towards an effective and genuine EU Security Union.
On the occasion of President Juncker's 2016 State of the Union address, the Commission on 14 September set out how the European Union can enhance security in Europe by improving the exchange of information in the fight against terrorism and strengthening external borders.
This Memo highlights the actions already completed as well as steps that still need to be taken as a matter of urgency in view of the current security challenges.
What actions have been completed since the adoption of the European Agenda on Security in April 2015?
Tackling terrorism and preventing radicalisation
In December 2015, the Commission adopted measures aimed at stepping up the fight against terrorism and organised crime, including a proposal for a Directive on combating terrorism, revising the existing Framework Decision. The Directive provides for common definitions of terrorist offences ensuring a common response to the phenomenon of foreign terrorist fighters, enhancing the deterrent effect across the EU and ensuring that perpetrators are effectively sanctioned. It will strengthen the EU's arsenal in preventing terrorist attacks by criminalising preparatory acts such as training and travel abroad for terrorist purposes as well as aiding or abetting, inciting and attempting terrorist acts. Member States reached a common position on the Directive in March, and the responsible Committee in the European Parliament (LIBE) voted on its amendments on 4 July. Trilogues started on 14 July and all parties called for a swift agreement to be reached before the end of the Slovak presidency.The Commission will work with the co-legislators to conclude discussions as soon as possible.
The Commission finalised a first set of Common Risk Indicators concerning foreign terrorist fighters in June 2015, in close cooperation with national experts, the EEAS, EU Agencies and Interpol, with a view to better detecting terrorist travel. Common Risk Indicators support the work of national border authorities when conducting checks on persons. To operationalise the Common Risk Indicators, FRONTEX developed a handbook in January 2016 to support the border authorities of Member States and Schengen Associated countries.
In May 2014 the Commission and the EU Airport Police network completed work on an EU Airport Soft Target Protection manual. This manual has been distributed to all relevant police forces so that the recommendations can be used to better secure airports against attacks similar to that of 22 March 2016. Similar work has been launched in October 2015 by the Commission to develop guidance material on protection of other soft target areas such as rail and metro and other areas of high public concentration (sports venues, shopping centres, etc.).
Detection and protection trials have been launched by the Commission together with several Member States in February 2015 in different operational environments such as transport hubs, sports events and public buildings. New trials scheduled for 2016 are ongoing.
The European Counter Terrorism Centre (ECTC) in Europol was launched on 1 January 2016. The aim is to step up support to Member States fighting terrorism and radicalisation by facilitating coordination and operational cooperation between national authorities. As the Commission has recalled on several occasions, sufficient and relevant expertise needs to be made available by Member States. The Commission proposed to reinforce the European Counter Terrorism Centre with 25 staff members, and an amending budget was adopted for 2016 worth €2 million.
Priority actions: In the light of the achievements of the Centre, and as announced in the Security Union Communication of 20 April 2016, the Commission decided today to bring forward a number of measures to reinforce the ECTC and strengthen information sharing, notably between law enforcement and the intelligence community. The new Communication stresses the importance of upgrading the current capabilities of the ECTC within Europol, in particular concerning Europol's access to databases, its governance and its cooperation with partners within the EU and beyond, as well as financial and human resources. Furthermore, it underlines the need to build a bridge between the parallel tracks of the law enforcement community and the intelligence community, to allow for a more systematic interaction between both communities and therefore an enhanced operational cooperation in Europe.
On 2 February 2016, the Commission adopted an Action Plan on urgent measures against terrorist financing, announcing a wide range of measures to avoid the misuse of EU financial systems, to cut terrorists off from their sources of revenue and to trace terrorists through their financial activities. Among the immediate priorities in the Action Plan are measures to enhance the effectiveness of sanctions and asset freezing measures within the EU and in third countries.
As a first deliverable of the Action Plan, the Commission adopted on 5 July 2016, a proposal to further reinforce EU rules on anti-money laundering to counter terrorist financing and increase transparency about who really owns companies and trusts. On 14 July 2016, the European Commission also formally adopted a list of third countries having strategic deficiencies in their regimes on anti-money laundering and countering terrorist financing. Banks will now have to carry out additional checks (‘enhanced due diligence measures’) on financial flows from these 11 countries. Furthermore the EU is planning targeted technical assistance to third countries in order to enhance their capacity to counter the financing of terrorism and improve anti-money laundering measures.
A platform bringing together Financial Intelligence Units from the Member States is now in place. Its purpose is to detect and disrupt terrorist finance and money laundering activities. It meets on a regular basis with the Commission services with a view to enhance cooperation, develop common tools and better identify suspicious financial transactions. The Financial Intelligence Units have developed well-performing IT tools for direct information exchange (FIU.NET), which has been embedded in EUROPOL's European Counter Terrorism Centre since 1 January 2016.
Priority actions: In the second half of 2016, the Commission intends to propose EU legislation against illicit cash movements, including possible limits on cash or assets carried or transported across borders. Other measures include a proposal on the mutual recognition of criminal asset freezing and confiscation orders, a proposal on combatting fraud and counterfeiting on non-cash means of payment and, in early 2017, a proposal on the powers of customs authorities to address terrorism financing from trade in goods, and a proposal to combat illicit trade in cultural goods. The Commission also intends to complete the existing instruments to prevent money laundering and terrorist financing as laid down in the Fourth Anti-Money Laundering Directive (AMLD) with a legislative proposal on the harmonisation of money laundering offences. The Commission will present updated reports on other potential measures for depriving terrorists of financial means, including an EU Terrorist financing tracking system and an EU asset freezing regime complementing existing regimes under the Common Foreign and Security Policy (CFSP).
On 14 June 2016, the European Commission presented a Communication outlining actions in seven specific areas where cooperation at EU level can effectively support Member States in preventing and countering radicalisation. These areas are: countering terrorist propaganda and illegal hate speech online; addressing radicalisation in prisons; promoting inclusive education and common EU values; promoting an inclusive, open and resilient society and reaching out to young people; strengthening international cooperation; boosting research, evidence building, monitoring and networks; and focusing on the security dimension of radicalisation. In addition, the Communication includes a number of external actions, notably the strengthening of cooperation with third countries facing similar threats in both bilateral and multilateral frameworks.
Building on the longstanding work of the Radicalisation Awareness Network, on 1 October 2015 the Commission launched a Centre of Excellence within the Network. The aim of the Centre is: (i) to facilitate and enhance the exchange of experiences and cooperation between the relevant stakeholders through the Radicalisation Awareness Network (inside and outside the EU); (ii) to support the EU and Member States in their prevention efforts through different support services, practical tools and policy contributions; and (iii) to consolidate, disseminate and share expertise, best practices and targeted research in the field of preventing radicalisation. The Centre has stepped up its support to Member States and to priority third countries, with a focus on the Middle East and North Africa, the Western Balkans and Turkey. It has been reinforced with a budget of €25 million for the next 4 years.
The Commission provided €8 million in 2015 and 2016 to support the development of rehabilitation and de-radicalisation programmes inside and outside prisons, risk assessment tools and training of professionals. To prevent radicalisation through education and youth outreach, priority is now given under the Erasmus+ programme to projects fostering inclusion and promoting fundamental values. Up to €400 million has been made available for this purpose, and a specific €13 million call was launched in March 2016 to identify and share best practices.
To counter online terrorist propaganda, on 3 December 2015, the Commission launched theEU Internet Forum, bringing together Ministers and representatives of major internet companies and other internet actors. It provides a framework for more efficient cooperation with the industry. The aim is to contribute to (i) reducing the accessibility of terrorist material online (removal of content) and (ii) empowering civil society partners to challenge the terrorist narrative (development and dissemination of narratives which counter and challenge extremists and provide positive alternative narratives). Work is now underway to improve the speed and volume of referrals, and prevent removed material from being uploaded elsewhere. The 2nd High Level meeting of the EU Internet Forum will take place on 8 December. This will include a stocktake of progress achieved in the last year, and look ahead to priorities for 2017, including on the development of a Joint Referral Platform and the Civil Society Empowerment Programme. Furthermore, the Commission is keen to bring additional companies on-board and support them in preventing their platforms from being exploited by terrorist networks. The EU Internet Referral Unit (see below) plays a key role in this process whereas the Radicalisation Awareness Network, will be supporting the development of alternative narratives through the exchange of best practices and guidance.
On 1 July 2015, the EU Internet Referral Unit at Europol was established to help reduce the volume of terrorist material online. One year on, the Internet Referral unit is playing a key role in delivering the EU Internet Forum's objective of reducing accessibility to terrorist content online. It has assessed over 13,000 pieces of material online and made over 12,000 referrals. Whilst this is a voluntary approach, in the majority of cases the material is swiftly removed (94% success rate). The Commission will continue to support the unit in improving the referrals process and in reaching out to more internet companies.
The Commission is also intensifying work to tackle the problem of online hate speech in cooperation with internet companies, Member States and civil society. On 31 May, IT companies signed a Code of Conduct, committing to tackling quickly and efficiently illegal hate speech online. The IT Companies and the Commission have committed to assessing the public commitments in the code of conduct on a regular basis, including their impact. A preliminary assessment of the implementation of the code will be reported to the High Level Group on Combating Racism, Xenophobia and all forms of intolerance by the end of 2016, to which Member States and civil society are part. Improving transparency in the application of notice and take down procedures and supporting alternative narratives are also under discussions.
EU Passenger Name Record (PNR) is a crucial instrument to enhance the collective security of Europe's citizens by helping Member State authorities to fight terrorism and serious crime. Following the positive vote of the European Parliament on 14 April 2016, Justice and Home Affairs Ministers adopted the EU PNR Directive on 21 April 2016. The Commission is working with Member States to ensure its implementation as a matter of urgency. Member States will need to comply with the Directive by 25 May 2018.
In view of the importance of cross-border information exchange for law enforcement purposes within the EU and the challenges that such exchanges raise, the Commission continues to pursue the enforcement of the existing Prüm framework (an information exchange tool that allows for automated comparison of DNA profiles, fingerprint data and vehicle registration data) as a matter of urgency. A more systematic use of Interpol's Stolen and Lost Travel Documents database is also a high priority.
In 2015 the Commission carried out legal and technical improvements to the Schengen Information System (SIS) to provide for real-time communication from controls on the ground to the competent services in other Member States and more effective identification of persons. The Commission is also adding a new function that allows fingerprint searches. The Commission has urged Member States to make full use of all alert categories and measures, including expulsion, refusal of entry or removal from the territory of a Member State.
The Commission proposed on 19 January 2016 to amend the European Criminal Records Information System (ECRIS), EU system for the exchange of information on criminal convictions, to render it more effective for the exchange of criminal records of third country nationals. The Commission has invited the European Parliament and Council to agree on the Commission's proposal as a matter of urgency.
The Commission presented on 6 April 2016 a Communication on Stronger and Smarter Information Systems for Borders and Security. It is designed to address shortcomings identified in the current systems, gaps in the architecture and limited interoperability, while fully complying with data protection rules. In its Communication, the Commission announced the establishment of a High Level Expert Group on Information Systems and Interoperability with EU Agencies, national experts and relevant institutional stakeholders. The Expert Group has started its work to address the current shortcomings and knowledge gaps caused by the complexity and fragmentation of information systems at the European level. It will elaborate on the legal, technical and operational aspects of the different options proposed in the Communication to achieve interoperability of information systems. It will also take due account of the roadmap on information exchange endorsed by the JHA Council of June 2016.
Priority actions: The roadmap on information exchange endorsed by the Justice and Home Affairs Council in June 2016 covers the use of SIS in relation to foreign terrorist fighters. The General-Secretariat of the Council was tasked to set up a database to monitor entry bans in SIS based on the UN sanctions. This database will be available by 2018 at the latest. Later this year the Commission will propose a revision of the SIS on return of irregular migrants and entry bans, the use of facial images for biometric identification and the creation of new alerts for wanted unknown persons, which will improve the added value of the system for law enforcement purposes. By mid-2017 it will also add an automated fingerprint search functionality to the system, as already foreseen by the existing legal framework.
The Commission will work together with the European Parliament and Council, experts and other stakeholders to develop a common EU approach to determining jurisdiction of law enforcement authorities when they directly access data stored or located abroad, including legislative measures if needed. In line with the June Justice Council conclusions on improving criminal justice in cyberspace, the Commission will report on progress by the end of 2016 in view of preparing proposals for a common EU approach by June 2017.
Research and Innovation
Over the past year the Commission has granted around €200 million to over 30 research projects that will offer innovative security solutions, under the Horizon 2020 Secure Societies research and innovation programme. These activities involve academia, industry and security practitioners, and pave the way for coping with evolving and innovative security threats in the future.
The European Agenda on Security underlined that a competitive EU security industry can also contribute to the EU's autonomy in meeting its security needs. The EU has encouraged the development of innovative security solutions, for example through standards and common certificates. The Commission also made proposals in September 2016 on EU certification of airport screening equipment, to remove barriers to the Single Market and to enhance the competitiveness of the EU security industry in export markets.
The Commission also took action, in close cooperation with the External Action Service and the EU Counter Terrorism Coordinator, to ensure further coherence between internal and external actions in the field of security.
Security and counter-terrorism experts have been deployed in the EU delegations of Algeria, Morocco, Tunisia, Nigeria, Iraq, Jordan, Pakistan and Turkey. A decision to expand the network was adopted and the process of selection has been launched for experts to be deployed in the second half of 2016 into EU Delegations in Lebanon and Pakistan, with bilateral mandates, as well as Chad and Bosnia and Herzegovina, with regional mandates for the Sahel and the Western Balkans.
Targeted and upgraded security and counter-terrorism dialogues in which relevant EU agencies such as Europol, Eurojust, Frontex and CEPOL participated have been established, in particular with Lebanon, Tunisia and Turkey. Concrete and bespoke action plans are being developed to address issues of mutual interest and importance such as prevention of radicalisation and violent extremism, police and judicial cooperation, terrorism financing and terrorist travel.
In addition to this, Counter Terrorism cooperation is being built up with other countries in the MENA region and the Southern Neighbourhood, as well as regional organisation like the League of Arab States and the Organisation of Islamic Cooperation. With the Western Balkans, counter terrorism and the fight against organised crime will be part of the next multi-annual regional Instrument of pre-accession.
On 6 April 2016, the Commission and the High Representative presented a Joint Framework to address hybrid threats more effectively with a coordinated response at EU level by using EU policies and instruments.
Disrupting organised crime
Firearms and explosive precursors
On 18 November 2015, the Commission presented a proposal to revise Directive 477/91 on the legal framework for firearms. The revision aims to restrict the availability of some of the most powerful types of semi-automatic weapons and those that could be easily converted into fully automatic weapons, as well as to enhance the exchange of information between Member States and improve traceability and marking rules for firearms. On 10 June, Member States reached a common position on the proposal and the responsible Committee in the European Parliament Committee for Internal Market and Consumer Protection (IMCO) voted on its amendments on 13 July. The Commission will work with the co-legislators to conclude discussions as soon as possible.
The Commission also adopted on 18 November 2015 an implementing Regulation on common firearms deactivation standards. This entered into force on 8 April 2016 and will ensure that deactivated firearms are rendered irreversibly inoperable. To fulfil its security objectives, the Regulation covers both domestic and cross-border situations.
Furthermore, on 2 December 2015 the Commission presented an Action Plan on firearms and explosives that called for a number of measures to prevent terrorist attacks such as those that occurred in Paris and Brussels. These include: (i) specific actions on the use of detection technology and standardising its use (for soft targets, critical infrastructures, public areas, etc.); (ii) development of innovative detection tools; (iii) strengthening of existing measures and creation of new ones for increasing the security of passengers on different modes of transport; (iv) use of existing tools for better gathering and sharing of information.
As regards explosives, the Commission has identified gaps in the implementation by Member States of Regulation 98/2013 on explosives precursors and is taking steps to address them. The Commission will also assess the need to revise this Regulation. The Precursors regulation is being revised this autumn with the addition of some substances to the list of suspicious transaction (via delegated acts). The report on its implementation is being advanced to early 2017.
Since the adoption of the EU Cybersecurity Strategy in 2013, the European Commission has stepped up its efforts to better protect Europeans online. The EU has put in place several institutions and organisation strengthening the cooperation between Member States in the field of cybersecurity.
Among them, Platform on Network and Information Security (NIS platform), a voluntary mechanism bringing together relevant European public and private stakeholders, the European Union Agency for Network and Information Security (ENISA), set up in 2004 to contribute to the overall goal of ensuring a high level of network and information security within the EU and Europol’s European Cybercrime Centre, which started its activities in January 2013 and works towards strengthening the law enforcement response to cybercrime in the EU and helping protect European citizens, businesses and governments.
In 2012, the EU also set up the EU Computer Emergency Response Team (CERT-EU) with the aim to provide effective and efficient response to information security incidents and cyber threats for the EU institutions, agencies and bodies.
On the legislative side, the 2013 Directive on attacks against information systems criminalises the use of tools such as malicious software and strengthens the framework for information exchange on attacks. The Directive provides a common European criminal law framework in this area. The Commission is currently monitoring Member States' implementation of the Directive and will report to the Parliament and Council in 2017.
The Directive on Security of Network and Information Systems ('NIS Directive'), adopted by the European Parliament on 6 July, represents the first EU-wide rules on cybersecurity. Ensuring closer cooperation between Member States is one of the three pillars proposed in the Directive.
In the past year, the Commission has further strengthened its approach by placing cybercrime as a key component of the Digital Single Market Strategy, presented in May 2015, in full synergy with the European Agenda on Security.
Protecting the external borders of the European Union
On 22 June 2016, the European Parliament, Council and Commission reached political agreement on the Commission's proposal of 15 December 2016 on a European Border and Coast Guard. Following formal adoption of the Regulation this week, everything is now ready for the European Border and Coast Guard to roll out its full operation. The European Commission and Frontex have already started intensive preparations for the implementation of the new Regulation to ensure that no time is lost. The European Border and Coast Guard will combine a new reinforced Agency, building on the foundations laid by Frontex, with the ability to draw on a reserve pool of people and equipment provided by national authorities. Member States will continue to keep their competence and sovereignty over their borders and will continue to manage the external border. The European Border and Coast Guard will provide support to all Member States and will be able to identify and intervene to address weaknesses in advance, and not when it is too late.
Alongside the European Border and Coast Guard proposal, on 15 December 2015 the Commission proposed a targeted revision of the Schengen Borders Code to introduce systematic checks against relevant databases for all people entering or exiting the Schengen area. As trilogues on the proposal are ongoing, the modification of Schengen Borders Code will help to manage the EU's external borders and protect the freedom of movement within Schengen area. In its Communication on enhancing security in a world of mobility, the Commission called upon the European Parliament and the Council to agree on the proposed amendment to the Schengen Borders Code by the end of October.
The Commission presented on 6 April 2016 a revised proposal for establishing an Entry-Exit System as well as the subsequent technical changes to the Schengen Border Code. The Entry-Exit System will strengthen and at the same time speed up border check procedures for non-EU nationals travelling to the EU. The Entry-Exit System will also improve the quality and efficiency of the Schengen Area external border controls, helping Member States deal with ever increasing traveller flows without having to increase accordingly the number of border guards, and it will allow the systematic identification of over-stayers and will reinforce internal security and the fight against terrorism and serious crime. The adoption of the proposals by the European Parliament and Council should be finalised by the end of 2016 in order for the Entry-Exit System to be operational by early 2020.
The Commission has revised the Schengen Handbook to clarify "non-systematic checks" during border controls and provided guidance to help border guards identify and seize false documents.
On 4 May, the Commission also proposed to adapt and reinforce the Eurodac system, as part of the reform of the Common European Asylum System. The proposal allows Member States to store more data in Eurodac, thus helping to address the current migration crisis by facilitating access to information for the relevant immigration and asylum authorities.
In April, the Commission launched the idea of developing a European Travel Information and Authorisation System (ETIAS), an automated pre-departure security check. ETIAS will allow for a pre-travel assessment of the individual migration or security risk for visa-exempt third-country nationals. Aspects that need to be considered include the costs of developing and running the system, the type of data to be collected and assessed, the interoperability with other existing and future systems, operational aspects at borders and in relation of the processing of data, legal aspects (including data protection considerations), human resources implications and the impact on tourism or business. To this end, the Commission has launched a feasibility study on ETIAS, with results due in October 2016 and intends to present by November 2016 a legislative proposal for the establishment of ETIAS.
Secure travel and identity documents are crucial whenever it is necessary to establish without doubt the identity of a person. Better management of free movement, migration and mobility relies on robust systems to prevent abuses and threats to internal security through failings in document security. As outlined in today's Communication, the Commission is pursuing new ways to enhance electronic document security and identity document management. By December 2016, the Commission will adopt an Action Plan on document security to make residence cards, identity documents and Emergency Travel Documents (ETD) more secure. It also calls upon the co-legislators to adopt the proposals on a new design and enhanced security features for the uniform formats for visas and residence permits by the end of 2016.
For more information