Member states’ foreign and defence ministries are today discussing future European Union military capabilities, including how to respond to “cyber threats”. The fodder for this “Strategic Dialogue” comes from the domestic and foreign intelligence services. MEPs are not allowed to see any of the top-secret documents.
The EU member states are working on new guidelines for the Common Security and Defence Policy (CSDP). These are to be summarised in a “Strategic Compass”, on the basis of which concrete measures and operations will then be decided. In this way, the governments are further expanding the initially rather defensive “EU Global Strategy”.
The Global Strategy adopted in 2016 envisages that the European Union will increase its arms expenditure and the number of its military missions. With the legally controversial Defence Fund and the Permanent Structured Cooperation (PESCO), the proposals were implemented in a relatively short time. PESCO defines concrete measures for research and development of military systems, including “cyber defence and response”, “reconnaissance and space” and drones at sea, on land and in the air.
Intelligence services provide “threat perceptions”
The Strategic Compass now under discussion was agreed upon by the governments in conclusions more than a year ago. It is intended to make defence efforts more concrete and operational and is therefore also part of the so-called Trio Programme of the successive presidencies of Germany, Portugal and Slovenia.
In a first step, the domestic and foreign secret services of the member states were to communicate what they considered to be the most urgent “threat perceptions”. These national assessments resulted according to the German Ministry of Defence in a “360-degree analysis” of the entire spectrum of “threats and challenges” to the European Union.
The EU intelligence situation centres INTCEN and EUMS INT were responsible for producing this so-called threat analysis. Both institutions report to the European External Action Service (EEAS) in Brussels. Together they form the “Single Analysis Process” (SIAC), which is supporting the Council in decision-making.
No parliamentary control possible
The non-military secret services of the member states cooperate in the INTCEN, which consists of the working units Analysis, Open Sources, Situation Centre and Consular Crisis Management. The EUMS INT, on the other hand, is considered the “intelligence unit of the military staff”.
The “threat analysis” presented on 9 November 2020 is classified as “secret”. This means that the document may not be viewed by EU parliamentarians. Parliamentary control by national parliaments is also impossible.
In Germany, according to the Law on Cooperation in European Union Affairs (EUZBBG), the federal government must make all important EU documents accessible to the Bundestag. However, this is not supposed to apply to the threat analysis. In its answer to a parlamentarian question, the Foreign Office cites the confidentiality promised to the intelligence services of other member states as the reason. A “violation of these agreements” would have serious consequences for the Bundesnachrichtendienst, the external secret service in Germany.
Expansion of the INTCEN
Also under strict secrecy, the consultations for the Strategic Compass began in January. In addition to the member states and the EEAS, the EU Commission and the European Defence Agency also participate in this “Strategic Dialogue”. It is divided into four focal points: crisis management, resilience, capacity development and partnerships. They are referred to as “baskets”.
Today, the EU defence ministers are discussing the basket on crisis management for the first time in the Council on Foreign Relations. According to the German “threat perceptions”, this includes cyber attacks. The government in Austria also announces that the talks are aimed at “strengthening collective resilience against cyber threats”.
To this end, the role of the INTCEN has already been expanded in that it is to support the attribution of cyber attacks and propose countermeasures. The Intelligence Situation Centre is also to prepare joint “threat analyses” with Europol, which will then be presented in the Council Working Group on Terrorism.
Instruments against “cyber threats”
One of the questions to be determined in the Strategic Compass is whether and how the EU responds to a threat in cyberspace with military or non-military means. Under German and Finnish leadership, the stakeholders are conducting workshops on this matter.
Within the framework of existing crisis management, governments can make use of instruments in the EU treaties. If one or more member states are affected by an event that exceeds their capacities, Article 222 of the Treaty on the Functioning of the European Union (TFEU) comes into play. The Council of the EU adopted “Arrangements for the implementation” of this Solidarity Clause in 2014. The article is considered a civilian crisis response, but also regulates the use of “military capabilities”, for example in the event of disasters or terrorist attacks.
However, the armed deployment of military forces within a member state is formulated in the framework of mutual assistance pursuant to Article 42 (7) TEU. This military case of alliance was first invoked by the French government after the terrorist attacks of 2015. However, whether this was actually an “armed attack” against an EU state’s territory is controversial.
The results of the Strategic Dialogue are to be consolidated by the end of this year. Responsible for this are the Political and Security Committee (PSC) and the Military Committee (EUMC), where high-ranking officials from the foreign and defence ministries of individual member states are organised. At the beginning of 2022, the Strategic Compass is to be adopted as a “basic security and defence policy document” under the French Council Presidency.