EU opens its biggest database for secret services from third countries

In the Schengen Information System, police and secret services may, inter alia, issue alerts for secret monitoring. Authorities from non-EU states can now have searches carried out via a detour. The German government remains silent about the exact role of its own secret service.

The Schengen Information System (SIS) is the largest European database, which has been used for 25 years by border, police, customs or immigration authorities and secret services. Today’s SIS II involves 26 EU Member States (all except Ireland and Cyprus) as well as Iceland, Norway, Liechtenstein and Switzerland. As of 1 January 2020, more than 90 million people and objects were stored. Most of the entries, which increase every year, come from Italy, followed by France and Germany. The number of searches is also growing rapidly, with almost seven billion of them reported last year. That is about 220 searches per second.

Each Member State is responsible for the accuracy of its entries and must respect deadlines for deletion. Information that is stored in SIS II may also come from third countries, which is part of the normal practice of police forces and secret services. Last year, however, the European Union launched a pilot project to extend these entries to selected „trusted third countries“ and to find a uniform procedure for handling them.

„Battlefield data“

Initially, the project was concerned with lists from Western Balkan states, but in the meantime US authorities should also be able to issue invitations to tender. This was suggested by the Finnish Council Presidency at a joint meeting of the Council working groups on Terrorism, Schengen affairs and SIS/SIRENE last summer. This concerns so-called „foreign fighters“ in Syria, some of whom also hold the citizenship of an EU Member State. US secret services and military are collecting information on them as so-called „battlefield data“, and in a civil-military cooperation, the US police authority FBI and Europol are also involved.

The Czech Republic and Italy are among the SIS participants that issue alerts for non-EU states within the framework of the pilot project. These are the findings of a Council document published online by the British civil rights organisation Statewatch. According to the paper, the two countries have received „biographic and biometric data“ from „selected trusted third countries“.

German government confirms cooperation

It is not clear from the document which alerts the Italian authorities issued and from which countries they came. It would be possible, for example, to search under Article 24 of the SIS II Regulation, which prohibits entry into the entire Schengen area.

Somewhat more is known about the Czech Republic, which has received and entered into SIS II at least 243 records on „foreign fighters“ from the Western Balkans region. The German Ministry of Interior confirms this in its answer to a parliamentary question, but does not want to give any further details. The refusal is explained with the so-called „Third-Party Rule“, according to which no information is given about the cooperation of partner secret services with the Federal Office for the Protection of the Constitution (BfV).

Indirectly, the German government thus confirms that the EU pilot project with third countries is a cooperation of secret services, because the „Third-Party Rule“ does not apply to police cooperation. The answer also suggests that, in addition to Italy and the Czech Republic, Germany is also involved. The BfV is the German domestic secret service and has only been allowed to cooperate with foreign partners since 2016 on the basis of a new law. The “ Third-Party Rule“ makes it considerably more difficult to control this cooperation.

Who checks the conditions for storage?

The magazine „EU Observer“ also writes that the alerts from third countries are not police requests. According to an report, the alerts for discreet checks issued by the Czech Republic are based on Article 36(3) of the SIS II Regulation, which specifies entries by secret services.

Under no circumstances should the persons concerned learn of this covert investigation. If they are found at a border or traffic control, the authority issuing the alert receives a discreet message about the route and the fellow travellers. The number of Article 36 searches carried out by the secret services of the EU Member States is increasing dramatically every year, as is the number of police searches carried out under Article 36(2) of the SIS II Regulation.

It is unclear how the Czech authorities check whether the lists of persons to be added to the SIS II really contain „foreign fighters“ and thus whether the conditions for storage are met. After all, alerts must be withdrawn if they prove to be false. The issuing authority must also delete alerts that are no longer necessary and sort out duplicate entries that occur due to incorrect spelling. It is also unknown under what terms the third country from which the information originates receives results (so-called „post-hits“) on its alerts.

Europol with key role

Europol plays a central role in the pilot project. The police agency based in The Hague is currently not allowed to make its own entries in SIS II, but it could ask individual Member States to do so. This would involve Europol subsequently being informed of „hits“, which also the procedure in the existing pilot project: Europol receives a discreet notification from the Czech and Italian authorities when the persons for whom an alert has been issued are found somewhere in the European Union.

The police agency stores these incidents in its own Information System and in a separate file for „foreign fighters“ called „Traveller“. It is managed by the „Anti-Terrorism Centre“ (ECTC), which was established at Europol in 2016.

Europol is likely to be responsible for receiving lists of third country nationals to be put on alert. The police agency has seconded liaison officers for Serbia, Albania and Bosnia-Herzegovina and, in the case of Albania, has even stationed them there. However, Europol is not actually permitted to cooperate directly with secret services, and the European Union has no competence under the EU Treaties to coordinate secret services.

Uncontrollable cooperation

However, even without intelligence expertise, Europol is cooperating with a unit of the „Counter Terrorism Group“ (CTG), also established in 2016, where all domestic secret services of the Schengen member states are organised. The CTG is part of the „Club de Berne“, a clandestine association of European heads of secret services. It is conceivable that Europol coordinate requests for SIS II alerts from third countries via the CTG, since Europol cooperates with the CTG on strategic matters and regulary visits each other. However, this questionable and possibly illegal cooperation is also incomprehensible because of the „Third-Party Rule“.

Like the German government, the EU Commission does not want to answer questions about which other SIS II member states have issued alerts for the Western Balkans or the USA and from which authorities these alerts originated. Although the basic practice is admitted, all other information remains secret „to protect national and public security“.

According to the Council document that has become public, „at least four other Member States“ in addition to Italy and the Czech Republic have expressed their willingness to enter information from third countries into the SIS II. Now the current Croatian Council Presidency is looking for additional interested parties.

Image: CC0, pxhere

Autor: Matthias Monroy

Knowledge worker, activist, editor of the German civil rights journal Bürgerrechte & Polizei/CILIP.