* Enhancing the exchange of personal and strategic information and criminal intelligence between EU civilian crisis management missions and relevant EU agencies, namely Europol, Eurojust and Frontex. How can data-sharing be enhanced in a context where civilian CSDP missions have no legal personality, information is often classified, Frontex is not allowed to exchange personal data, and only some of Europol’s formal agreements with third countries extend to the sharing of personal data?
* Involving JHA actors, including COSI and the relevant agencies in the early phase of the planning process, during the conduct and the review process of EU civilian crisis management missions including lessons learned. What are the main political and legal barriers that prevent FSJ actors from contributing to the planning and monitoring of CSDP civilian missions in third countries? How can FSJ actors be involved in the drafting of Crisis Management Concepts (CMC) and Concepts of Operations (CONOPS)?
* Integrating threat and risk assessments supplied by a variety of actors. The EU has anexcellent opportunity to utilise its current resources; crisis management missions, both civilian and military, have been developing their analysis capabilities, and it is suggested developing a toolkit to support the implementation of an ILP process in host countries where civilian CSDP missions are deployed. How can the various intelligence products supplied by specialised actors and agencies, such as SITCEN’s country and thematic reports, EUROPOL’s (S)OCTAs and TE-SAT reports, FRONTEX’s risk assessments and the Mission Analytical Capabilities’ (MAC) assessments, be streamlined so that actors dealing with the internal and externalaspects of European security have access to the relevant information? How does the confidentiality of reporting affect actors’ access to such products?
* Advocating the interests of CSDP and FSJ actors in the EU’s changing data protection landscape. Article 16 of the TFEU on data protection applies fully to the former first and third pillars, i.e. the internal market and police and judicial cooperation in criminal matters, but it only partially covers the CFSP area, including the CSDP. Europol, Eurojust and Frontex have their own data protection supervisory mechanisms. In view of the Commission’s intention to issue in 2011 a proposal on a comprehensive new legal framework on the protection of personal data in the EU, how will the EU’s changing legal landscape affect the exchange of personal data between CSDP and JHA actors?
Another note from the General Council secretariat to COSI includes an interesting report on the cooperation between JHA agencies in 2010. The agencies prepared a report focusing on ‘future cooperation and improvements’ in 2010, and used a scorecard to implement the provisions of this report.
The scorecard includes some interesting potential points of further cooperation, especially from the point of sharing of classified information between agencies.
1. Exploring the possible use of the secure communication link between Eurojust and Europol for the exchange of information between Eurojust national desks and Europol Liaison Bureaux. Eurojust is now exploring the possibility of exchanging information directly via a SIENA account. Europol offered Eurojust the possibility to install mailboxes for 27 Liaison Bureaux for Eurojust’s direct information exchange via SIENA.
2. Undertaking the necessary steps for a possible exchange of classified information above the level of ‘restricted’. In this context progress has been made between Europol and Eurojust to agree on a table
of equivalence to exchange classified information above the level of ‘EU
3. Frontex is implementing a Secure Area Network for up to the level of EU RESTRICTED, which is foreseen to implement the handling of classified information as of beginning of 2011. Once the network is stable and all the relevant applications are installed, the next step is to interconnect the network with Member States and third parties, such as Europol, which is foreseen to be fully available by May 2011. Europol has suggested Frontex consider the possibility of becoming part of, or that they make use of, the existing accredited Europol network, which provides a secure communication channel with Member States.
Frontex was subject to an EC/Council security inspection in September 2010: The exchange of information at level RESTRICTED can be permitted between SGC and Frontex or EC and Frontex. The fact that Frontex has implemented all the security measures to properly process RESTRICTED information was recognised by Europol even at an earlier stage. The cooperation agreement between Europol and Frontex, signed on 29 March 2008, approves the exchange of classified information at a RESTRICTED level.
Exchange of CONFIDENTIAL or above should only be envisaged after the recommendations are implemented. Recommendations were accepted by Frontex and are in the implementation phase. Frontex expects to be ready for the second EC/Council security inspection at the beginning of 2011. The outcome of the inspection may be used for concluding an agreement with Europol for exchanging classified information at level CONFIDENTIEL UE or higher.