U.S.-EU Cooperation Against Terrorism

U.S.-EU Cooperation Against Terrorism Kristin Archick Specialist in European Affairs July 9, 2010May 2, 2011 Congressional Research Service 7-5700 www.crs.gov RS22030 CRS Report for Congress Prepared for Members and Committees of Congress U.S.-EU Cooperation Against Terrorism Summary The September 11, 2001, terrorist attacks gave new momentum to European Union (EU) initiatives to combat terrorism and improve police, judicial, and intelligence cooperation among its member states. Since the 2001 attacks, the EU has sought to speed up its efforts to harmonize national laws and bring down barriers among member states’ law enforcement authorities so that information can be meaningfully shared and suspects apprehended expeditiously. Among other steps, the EU has established a common definition of terrorism and a common list of terrorist groups, an EU arrest warrant, enhanced tools to stem terrorist financing, and new measures to strengthen external EU border controls and improve aviation security. As part of its drive to improve its counterterrorism capabilities, the EU has also made improving cooperation with the United States a top priority. Washington has largely welcomed these efforts, recognizing that they may help root out terrorist cells and prevent future attacks against the United States or its interests abroad. U.S.-EU cooperation against terrorism has led to a new dynamic in U.S.-EU relations by fostering dialogue on law enforcement and homeland security issues previously reserved for bilateral discussions. Contacts between U.S. and EU officials on police, judicial, and border control policy matters have increased substantially since 2001. A number of new U.S.-EU agreements have also been reached; these include information-sharing arrangements between the United States and EU police and judicial bodies, two new U.S.-EU treaties on extradition and mutual legal assistance, and accords on container security and airline passenger data. In addition, the United States and the EU have been working together to clamp down on terrorist financing and to improve aviation and transport security. Despite U.S.-EU strides to foster closer counterterrorism and law enforcement cooperation, some challenges remain. Data privacy has been and continues to be a key sticking point. In February 2010, the European Parliament (EP) rejected a U.S.-EU agreement—known as the SWIFT accord— that would have continued allowing U.S. authorities access to financial data stored in Europe to help combat terrorism on the grounds that it did not contain sufficient protections to safeguard the personal data and privacy rights of EU citizens. For years, and for similar reasons, some Members Although the EP approved a revised U.S.-EU SWIFT agreement in July 2010, some Members of the European Parliament —for many years and for similar reasons—have also challenged a U.S.-EU agreement permitting airlines to share passenger name record (PNR) data with U.S. authorities. Although the European Parliament approved a revised U.S.-EU SWIFT agreement in July 2010, some observers worry that the Parliament may also initially reject the most recent U.S.-EU PNR agreement. Other points of U.S.-EU tension include issues related toU.S. and EU officials are currently negotiating revisions to the existing PNR accord in an effort to assuage EP concerns. Other issues that have led to periodic U.S.-EU tensions include terrorist detainee policies, differences in the U.S. and EU terrorist designation lists, and balancing border security with legitimate transatlantic travel and commerce and terrorist detainee policies. Nevertheless, both the United States and the EU appear committed to fostering closer cooperation in the areas of counterterrorism and other homeland security issues. Congressional decisions related to improving border controls and transport security, in particular, may affect how future U.S.-EU cooperation evolves. In addition, given the European Parliament’s growing influence in many of these policy areas, Members of Congress may be able to help shape Parliament’s views and responses through ongoing contacts and the existing Transatlantic Legislators’ Dialogue (TLD). This report examines the evolution of U.S.-EU counterterrorism cooperation and the ongoing challenges that may be of interest in the 111th112th Congress. For additional background, also see CRS Report RL31509, Europe and Counterterrorism: Strengthening Police and Judicial Cooperation, by Kristin Archick. Congressional Research Service U.S.-EU Cooperation Against Terrorism Contents Background on European Union (EU) Efforts Against Terrorism ..........................................................1 U.S.-EU Counterterrorism Cooperation: Progress to Date....................................... and Ongoing Challenges .....................3 Developing U.S.-EU Links....................................................................................................3 New Law Enforcement and Intelligence Cooperation Agreements .........................................4 StemmingTracking and Suppressing Terrorist Financing ...............................................................................................5 Border Control and Transport Security 5 Promoting Information-Sharing and Protecting Data Privacy...................................................6 The U.S.-EU SWIFT Accord...............................6 Container Security Initiative (CSI) ..................................................................................6 Passenger Name Record (PNR) Data...............................................................................6 Aviation Security ............................................................................................................6 Ongoing Challenges ....................................................................................................................7 Data Privacy .........................................................................................................................7 Tracking Terrorist Financing ...............................8 U.S.-EU Framework Agreement on Data Protection ...................................................... 10 Strengthening Border Controls and Transport Security ............................................................8 Sharing Airline Passenger Data 11 Aviation and Air Cargo Security.......................................................................................9 Possible U.S.-EU Framework Agreement on Data Protection 11 Maritime Cargo Screening ........................................ 10 Balancing Transatlantic Travel, Commerce, and Security .................................................... 1013 Visa Waiver Program (VWP) ........................................................................................ 11 Cargo Screening............................................................................................................ 1113 Detainee Issues and Civil Liberties...................................................................................... 11 Differences in the U.S. and EU Terrorist Lists ..................................................................... 1214 U.S. Perspectives and Issues for Congress ................................................................................. 1315 Contacts Author Contact Information ...................................................................................................... 1416 Congressional Research Service U.S.-EU Cooperation Against Terrorism Background on European Union (EU) Efforts Against Efforts Against Terrorism The September 11, 2001, terrorist attacks on the United States and the subsequent revelation of Al Qaeda cells in Europe gave new momentum to European Union (EU) initiatives to combat terrorism terrorism and improve police, judicial, and intelligence cooperation. The EU is a unique partnership that defines and manages economic and political cooperation among its 27 member states.1 The EU has long sought to harmonize policies among its members in the area of “justice and home affairs” (or JHA) as part of the Union’s drive toward further integration. Efforts in the JHA field are aimed at fostering common internal security measures while protecting the fundamental rights of EU citizens and promoting the free movement of persons within the EU. Among other policy areas, JHA encompasses countering terrorism and other cross-border crimes, police and judicial cooperation, border controls, and immigration and asylum issues. For many years, however, EU attempts to forge common JHA policies—especially in areas such as police and judicial cooperation and counterterrorism—were hampered by member state concerns that doing so could infringe on their national legal systems and sovereignty. Insufficient resources and a lack of trust among national law enforcement agencies also impeded progress in the JHA area. The 2001 terrorist attacks changed this status quo and served as a wake-up call for EU leaders and member state governments. In the weeks after the attacks, European law enforcement efforts to track down terrorist suspects and freeze financial assets—often in close cooperation with U.S. authorities—produced numerous arrests, especially in Belgium, France, Germany, Italy, Spain, and the United Kingdom. Germany and Spain were identified as key logistical and planning bases for the attacks on the United States. As a result, European leaders recognized that the EU’s largely open borders and Europe’s different legal systems enabled some terrorists and other criminals to move around easily and evade arrest and prosecution. For example, at the time of the 2001 attacks, most EU member states lacked anti-terrorist legislation, or even a legal definition of terrorism. Without strong evidence that a suspect had committed a crime common to all countries, terrorists or their supporters were often able to avoid apprehension in one EU country by fleeing to another with different laws and criminal codes. Moreover, although suspects could travel among EU countries quickly, extradition requests often took months or years to process. Since the 2001 attacks, the EU has sought to speed up its efforts to harmonize national laws and bring down barriers among member states’ law enforcement authorities so that information can be meaningfully shared and suspects apprehended expeditiously. Among other steps, the EU has established a common definition of terrorism and a list of terrorist groups, an EU arrest warrant, enhanced tools to stem terrorist financing, and new measures to strengthen external EU border controls and improve aviation security. The EU has been working to bolster Europol, its joint criminal intelligence body, and Eurojust, a unit charged with improving prosecutorial coordination in cross-border crimes in the EU. 1 The 27 members of the EU are: Austria, Belgium, Bulgaria, Cyprus, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, and the United Kingdom. For more information on the EU, its institutions, and policies, see CRS Report RS21372, The European Union: Questions and Answers, by Kristin Archick and Derek E. Mix. Congressional Research Service 1 U.S.-EU Cooperation Against Terrorism The March 2004 terrorist bombings in Madrid and the July 2005 attacks on London’s metro system injected a greater sense of urgency into EU counterterrorism efforts, and gave added impetus to EU initiatives aimed at improving travel document security and impeding terrorist traveltransport security, impeding terrorist travel, and combating Islamist extremism. In the wake of the Madrid attacks, the EU also created a newcreated the position of Counterterrorist Coordinator. Key among the Coordinator’s responsibilities are enhancing intelligence-sharing among EU members and promoting the implementation of already agreed EU anti-terrorism policies, some of which have bogged down in the legislative processes of individual member states. The July 2005 terrorist attacks on London’s mass transport system prompted additional EU efforts to improve police, judicial, and intelligence cooperation. In December 2005, the EU individual member states. Following the London attacks, the EU adopted a new counterterrorism strategy outlining EU goals to “prevent, protect, pursue, and respond to the international terrorist threat. The EU also set out threat,” as well as a plan to combat radicalization and terrorist recruitment. Following the disruption of a plot to use liquid explosives to blow up airliners flying from the UK to the United States in August 2006, the EU agreed on a package of new measures to further improve and harmonize air security among its member states; these new rules included prohibiting passengers from carrying most liquids on board planes. 2 In 2008, the and terrorist recruitment. Over the last several years, the EU has continued working to strengthen its counterterrorism capabilities and further improve police, judicial, and intelligence cooperation among its member states. In 2008, the EU expanded its common definition of terrorism to include three new offenses: terrorist recruitment, terrorist training, and public provocation to commit terrorism, including via the Internet. Among other recent initiatives, the EU has been workingseeking to improve the security of explosives and considering the development of an EU-wide system for the exchange of airline passenger data. Most observers view the EU has passenger data. In February 2010, the EU issued its first-ever internal security strategy, which highlights terrorism as a key threat facing the EU and aims to develop a coherent and comprehensive EU strategy to tackle not only terrorism, but also a wide range of organized crimes, cybercrime, money laundering, and natural and man-made disasters. Most observers view the EU as having made rapid progress since 2001 on forging political agreements on many counterterrorism initiatives and others in the JHA field that had been languishing for years. Indeed, the pace has been speedy for the EU, a traditionally slow-moving body because of its intergovernmental nature and largely consensus-based decision-making processes. Until recently, most decisions in the JHA field required the unanimous agreement of all 27 member states. However, the EU’s new institutional reform treaty—the Lisbon Treaty, which entered into force in December 2009—allows member states to use a qualified majority voting system for most JHA decisions in a bid to strengthen JHA further and speed EU decision-making. In practice, experts say that the EU will likely still seek consensus as much as possible on sensitive JHA policies, such as those related to countering terrorism. 32 Despite the political commitment of EU leaders to promote cooperation in the JHA field and improve its collective ability to better combat terrorism, the EU’s drive to forge common internal security policies still faces several hurdles. Implementation of EU policies in the JHA field is up to the member states, and, as noted above, considerable lag times often exist between when an agreement is reached in Brussels and when it is implemented at the national level. For example, 2 The EU first adopted common rules on aviation security in 2002, detailing measures regarding access to sensitive airport areas, aircraft security, passenger screening and baggage handling, among others. In April 2010, the EU revised its aviation security measures and plans to eliminate the prohibition on liquids in cabin baggage by 2013, following the introduction of liquid screening equipment in all EU airports. “EU To Ease Air Curbs Aimed at Liquid Explosives,” Reuters, April 29, 1010. 3 In addition, EU member states retain national control over their law enforcement and judicial authorities, and some national police and intelligence services remain reluctant to share information with each other. Consequently, efforts to promote greater EU-wide cooperation against terrorism and other cross-border crimes remain works in progress. 2 The Lisbon Treaty also adds an “emergency brake” that allows any member state to halt certain JHA measures it views as threatening its national legal system, and ultimately, to opt out. Despite these safeguards, the UK and Ireland essentially negotiated the right to choose those JHA policies they want to take part in and to opt out of all others; Denmark extended its existing opt-out in some JHA areas to all JHA issues. The Lisbon Treaty technically renames JHA as the “Area of Freedom, Security, and Justice,” although JHA remains the more commonly-used term. For more information on the Lisbon Treaty, see CRS Report RS21618, The European Union’s Reform Process: The Lisbon Treaty, by Kristin Archick and Derek E. Mix. Congressional Research Service 2 U.S.-EU Cooperation Against Terrorism several EU members did not meet the initial 2004 deadline for transposing the EU arrest warrant into national law due to civil liberty and data privacy concerns. In addition, EU member states retain national control over their law enforcement and judicial authorities, and some national police and intelligence services remain reluctant to share information with each other. As a result of these and other ongoing challenges, efforts to promote greater EU-wide cooperation against terrorism and other cross-border crimes remain works in progress. U.S.-EU Counterterrorism Cooperation: Progress to DateU.S.-EU Counterterrorism Cooperation: Progress to Date and Ongoing Challenges As part of the EU’s efforts to combat terrorism since September 11, 2001, the EU made improving law enforcement cooperation with the United States a top priority. The previous Bush Administration and many Members of Congress largely welcomed this EU initiative in the hopes that it would help root out terrorist cells in Europe and beyond that could be planning other attacks against the United States or its interests. Such growing U.S.-EU cooperation was in line with the 9/11 Commission’s recommendations that the United States should develop a “comprehensive coalition strategy” against Islamist terrorism, “exchange terrorist information with trusted allies,” and improve border security through better international cooperation. Some measures in the resulting Intelligence Reform and Terrorism Prevention Act of 2004 (P.L. 108458) and in the Implementing Recommendations of the 9/11 Commission Act of 2007 (P.L. 11053) mirrored these sentiments and were consistent with U.S.-EU counterterrorism efforts, especially those aimed at improving border controls and transport security. U.S.-EU cooperation against terrorism has led to a new dynamic in U.S.-EU relations by fostering dialogue on law enforcement and homeland security issues previously reserved for bilateral discussions. Despite some frictions, most U.S. policymakers and analysts view the developing partnership in these areas as positive. Like its predecessor, the Obama Administration has supported U.S. cooperation with the EU in the areas of counterterrorism, border controls, and transport security. At the November 2009 U.S.-EU Summit in Washington, DC, the two sides reaffirmed their commitment to work together to combat terrorism and enhance cooperation in the broader JHA field. In June 2010, the United States and the EU adopted a new “Declaration on Counterterrorism” aimed at deepening the already close U.S.-EU counterterrorism relationship and highlighting the commitment of both sides to combat terrorism within the rule of law. Nevertheless, some challenges remain in the evolving U.S.-EU counterterrorism relationship. Among the most prominent are data privacy and data protection concerns, which have complicated a range of U.S.-EU information-sharing agreements. Other issues that have led to periodic tensions include detainee policies, differences in the U.S. and EU terrorist designation lists, and balancing measures to improve border controls and border security with the need to facilitate legitimate transatlantic travel and commerce. Developing U.S.-EU Links Contacts between U.S. and EU officials—from the cabinet level to the working level—on police, judicial, and border control policy matters have increased substantially since 2001, and have played a crucial role in developing closer U.S.-EU ties. The U.S. Departments of State, Justice, Homeland Security, and the Treasury have been actively engaged in this process.43 The Secretary of State, U.S. Attorney General, and Secretary of Homeland Security meet at the ministerial level with their respective EU counterparts at least once a year, and a U.S.-EU working group of senior 43 On the U.S. side, the State Department has the lead in managing the interagency policymaking process toward enhancing U.S.-EU police, judicial, and border control cooperation, while the Justice and Homeland Security Departments provide the bulk of the legal and technical expertise. The Treasury Department has the lead on efforts to suppress terrorist financing. Congressional Research Service 3 U.S.-EU Cooperation Against Terrorism officials meets once every six months to discuss police and judicial cooperation against terrorism. In addition, the United States and the EU have developed a regular dialogue on terrorist financing and have established a high-level policy dialogue on border and transport security to discuss issues such as passenger data-sharing, cargo security, biometrics, visa policy, and sky marshals. In 2010, U.S. and EU officials began expert-level dialogues on critical infrastructure protection and resilience, and preventing violent extremism. U.S. and EU agencies have also established reciprocal liaison relationships. Europol has posted two liaison officers in Washington, DC, and the United States has stationed an FBI officer in The Hague, Netherlands, to work with Europol on counterterrorism. A U.S. Secret Service liaison posted in The Hague also works with Europol on counterfeiting issues. In November 2006, a U.S. liaison position was established at Eurojust headquarters in The Hague as part of a wider U.S.Eurojust agreement to facilitate cooperation between European and U.S. prosecutors on terrorism and other cross-border criminal cases. New Law Enforcement and Intelligence Cooperation Agreements U.S.-EU efforts against terrorism have produced a number of new accords that seek to improve police and judicial cooperation. In 2001 and 2002, two U.S.-Europol agreements were concluded to allow U.S. law enforcement authorities and Europol to share both “strategic” information (threat tips, crime patterns, and risk assessments) as well as “personal” information (such as names, addresses, and criminal records). U.S.-EU negotiations on the personal information accord proved especially arduous, as U.S. officials had to overcome worries that the United States did not meet EU data protection standards. The EU considers the privacy of personal data a basic right, and EU regulations are written to keep such data out of the hands of law enforcement authorities as much as possible. EU data protection concerns also reportedly slowed negotiations over the 2006 U.S.-Eurojust cooperation agreement noted above. In April 2007, the United States and the EU also signed an agreement that sets common standards for the security of classified information to facilitate the exchange of such information. In February 2010, two new U.S.-EU-wide treaties on extradition and mutual legal assistance (MLA) entered into force following their approval by the U.S. Senate and the completion of the ratification process in all EU member states.54 These treaties, signed by U.S. and EU leaders in 2003, seek to harmonize the bilateral accords that already exist between the United States and individual EU members, simplify the extradition process, and promote better information-sharing and prosecutorial cooperation. Washington and Brussels hope that these two agreements will be useful tools in combating not only terrorism, but other transnational crimes such as financial fraud, organized crime, and drug and human trafficking. In negotiating the extradition and MLA agreements, the U.S. death penalty and the extradition of EU nationals posed particular challenges. Washington effectively agreed to EU demands that 54 In September 2006, former U.S. President George W. Bush transmitted the U.S.-EU treaties on extradition and MLA to the Senate for its advice and consent, along with separate bilateral instruments signed by the United States and individual EU member states that reconciled the terms of existing bilateral extradition and MLA treaties with the new EU-wide treaties. The Senate gave its advice and consent in September 2008. All EU member states also had to transpose the terms of the U.S.-EU extradition and MLA accords into their national laws. Following the completion of this process in all EU members, the United States and the EU exchanged the instruments of ratification for both agreements in October 2009, thus allowing them to enter into force in 2010. Congressional Research Service 4 U.S.-EU Cooperation Against Terrorism suspects extradited from the EU will not face the death penalty, which EU law bans. U.S. officials also relented on initial demands that the treaty guarantee the extradition of any EU national. They stress, however, that the extradition accord modernizes existing bilateral agreements with individual EU members, streamlines the exchange of information and transmission of documents, and sets rules for determining priority in the event of competing extradition requests between the United States and EU member states. The MLA treaty will provide U.S. authorities access to European bank account and financial information in criminal investigations, speed MLA request processing, allow the acquisition of evidence (including testimony) by video conferencing, and permit the participation of U.S. authorities in joint EU investigations.65 Despite these growing U.S.-EU ties and agreements in the law enforcement area, some U.S. critics continue to doubt the utility of collaborating with EU-wide bodies given good existing bilateral relations between the FBI and CIA (among other agencies) and national police and intelligence services in EU member states. Many note that Europol lacks enforcement capabilities, and that its effectiveness to assess and analyze terrorist threats and other criminal activity largely depends on the willingness of national services to provide it with information. Meanwhile, European officials complain that the United States expects intelligence from others, but does not readily share its own. Others contend that European opposition to the U.S. death penalty or resistance to handing over their own nationals may still slow or prevent the timely provision of legal assistance and the extradition of terrorist suspects in some cases. StemmingTracking and Suppressing Terrorist Financing The United States and the EU have been active partners in efforts to track and stem terrorist financing. The two sides cooperate frequently in global forums, such as the United Nations and the the intergovernmental Financial Action Task Force, to suppress terrorist financing and to improve international financial investigative tools. U.S. and EU officials have also worked to bridge gaps in their respective lists of individuals and groups that engage in terrorist activities. The United States views doing so as important not only for its symbolic value, but also because of the assetfreezing requirements that the EU attaches to those on its list. The United States and the EU also The United States and the EU both benefit from an agreement that allows U.S. authorities access to financial data held by a Belgian-based consortium of international banks—known as SWIFT, or the Society for Worldwide Interbank Financial Telecommunications—as part of the U.S. Treasury Department’s Terrorist Finance Tracking Program (TFTP). U.S. authorities have shared over 1,550 leads resulting from the SWIFT data with European governments and many of these leads have helped in the prevention or investigation of terrorist attacks in Europe.7 However, in February 2010, U.S. access to much of the SWIFT data was essentially suspended following a vote by the European Parliament (a key EU institution) to reject a 2009 U.S.-EU SWIFT agreement on data privacy and civil liberty grounds. In late June 2010, the United States and the EU revised the U.S.-EU SWIFT accord to meet Parliament’s concerns and thereby allow U.S. authorities continued access to SWIFT data. The European Parliament approved this latest iteration of the accord on July 8, 2010. (For more information on the U.S.-EU SWIFT agreement, see “Tracking Terrorist Financing” in “Ongoing Challenges,” below). 6 6 However, the TFTP and the U.S.-EU agreement permitting the sharing of SWIFT data remains controversial in Europe due to ongoing data privacy concerns. The European Parliament (EP)—a key EU institution—has been particularly vocal in defending EU data protection standards and attempting to safeguard the privacy rights of EU citizens. (For more information on the U.S.-EU SWIFT agreement, see the “Promoting Information-Sharing and Protecting Data Privacy” section below). U.S. and EU officials have also worked together successfully since 2001 to bridge many gaps in their respective lists of individuals and groups that engage in terrorist activities. The United States views doing so as important not only for the symbolic value of presenting a united front, but also because of the financial sanctions that the EU attaches to those on its common terrorist list. All 5 U.S. Department of Justice Press Release, “U.S./EU Agreements on Mutual Legal Assistance and Extradition Enter into Force,” February 1, 2010. 76 U.S. Department of the Treasury, “Terrorist Finance Tracking Program: Questions and Answers,” available at http://www.ustreas.gov. Congressional Research Service 5 U.S.-EU Cooperation Against Terrorism Border Control and Transport Security The United States and the EU have also emphasized cooperation in the areas of border control and transport security, as seen by the creation of the high-level policy dialogue on these issues. The United States and the EU have pledged to enhance international information exchanges on lost and stolen passports and to promote travel document security through the use of interoperable biometric identifiers. Several agreements related to border controls and transport security have also been concluded. Container Security Initiative (CSI) In April 2004, the United States and EU signed a customs cooperation accord; among other measures, it calls for extending the U.S. Container Security Initiative (CSI) throughout the Union. CSI stations U.S. customs officers in foreign ports to help pre-screen U.S.-bound cargo containers to ensure that they do not contain dangerous substances such as weapons of mass destruction. Ten EU member states currently have ports that participate in CSI. Both the United States and the EU have also instituted programs with leading importers to pre-screen cargo shipments. Passenger Name Record (PNR) Data In May 2004, the United States and EU reached an initial agreement permitting airlines operating flights to or from the United States to provide U.S. authorities with passenger name record (PNR) data in their reservation and departure control systems within 15 minutes of a flight’s departure. This accord was controversial in Europe because of fears that it compromised EU citizens’ data privacy rights. As a result, the European Parliament lodged a case against the PNR agreement in the EU Court of Justice; in May 2006, the Court annulled the PNR accord on grounds that it had not been negotiated on the proper legal basis. EU officials stressed, however, that the Court did not rule that the agreement infringed on EU citizens’ privacy rights. In July 2007, the United States and the EU concluded negotiations on a new, seven-year agreement to ensure the continued transfer of PNR data. U.S. officials appeared pleased with several provisions of this new deal, such as: allowing U.S. Customs and Border Protection to share PNR data with other U.S. agencies engaged in the fight against terrorism; extending the length of time that the United States can store such data; and permitting the United States to access sensitive information about a passenger’s race, ethnicity, religion, and health in exceptional circumstances. The new accord also requires airlines to send data from their reservation systems to U.S. authorities at least 72 hours before a flight departs. Although this U.S.-EU PNR agreement has been provisionally in force since 2007, the European Parliament must still give its approval in order for this accord to be formally signed and remain in force (see “Sharing Airline Passenger Data” in “Ongoing Challenges,” for more information). 8 Aviation Security For many years, the United States and the EU have also worked together on measures to improve aviation security. This issue came to the forefront of U.S.-EU discussions again following the 8 “Travelers Face Greater Use of Personal Data,” Washington Post, July 27, 2007; “MEPs Suggest Postponing Vote on Transfer of Air Passenger Details,” Agence Europe, March 6, 2010. Congressional Research Service 6 U.S.-EU Cooperation Against Terrorism December 2009 attempt by a Nigerian to blow up an airliner en route from Amsterdam to Detroit. In January 2010, the United States and the EU issued a joint declaration on aviation security, pledging to enhance not only U.S.-EU cooperation further but also to intensify U.S.-EU efforts to strengthen aviation security measures and standards worldwide. As part of this endeavor, the United States and the EU have been discussing ways to improve security at European airports, including by installing full-body scanners. The United States has accelerated installation of body scanners at U.S. airports in the aftermath of the failed 2009 airline attack, and has encouraged the EU to follow suit. Although some EU countries and leaders support installing body scanners, other EU member states and some European Parliamentarians remain hesitant due to concerns that the scanners could compromise privacy rights and pose health dangers.9 In addition, the United States and the EU have discussed the use of armed air marshals on transatlantic flights. Some European countries objected to U.S. requirements issued in December 2003 for armed marshals on certain flights to and from the United States, viewing guns on board planes as increasing the security risks. Others, such as the U.K. and France, were more receptive to deploying armed air marshals. In April 2004, U.S. officials pledged to consider alternative measures for European countries opposed to armed air marshals. In November 2004, U.S. and EU officials agreed to exchange information about aviation security technologies , such as airline countermeasures against shoulder-fired ground-to-air missiles.10 Ongoing Challenges Despite U.S.-EU strides since 2001 to foster closer counterterrorism and law enforcement cooperation, and a shared commitment to do so, some challenges remain. Among the most prominent are: data privacy (especially in relation to the U.S.-EU SWIFT and PNR agreements); balancing security and transatlantic travel and commerce; and detainee and civil liberty issues. Differences in the U.S. and EU terrorist designation lists have also led to periodic tensions. Data Privacy Data privacy has been and continues to be a key U.S.-EU sticking point. As noted above, the EU considers the privacy of personal data a basic right; EU data privacy regulations set out common rules for public and private entities in the EU that hold or transmit personal data, and prohibit the transfer of such data to countries where legal protections are not deemed “adequate.” In the negotiation of many U.S.-EU agreements, from those related to Europol to PNR to SWIFT, many EU officials have been concerned about whether the United States could guarantee a sufficient level of protection for European citizen’s personal data. In particular, some Members of the European Parliament (MEPs) and many European civil liberty groups have long argued that elements of U.S.-EU information-sharing agreements violate the privacy rights of EU citizens. 9 For example, the UK, the Netherlands, France, and Italy reportedly plan to try out full-body scanners at their airports, while Germany, Spain, and some Nordic countries appear more cautious about using the scanners. See “EU Puts Off Reply To U.S. Request for Airport Body Scanners,” Agence France Presse, January 21, 2010; “U.S. Aims To Overcome Europe’s Doubts About Airport Body Scanners,” Deutsche Welle, January 21, 2010. 10 “U.S. Conciliatory in Air Marshal Demands,” Associated Press, April 26, 2004; John M. Doyle, “U.S., EU To Trade Information on Sensors, MANPADS Defense,” Homeland Security and Defense, November 24, 2004. Congressional Research Service 7 U.S.-EU Cooperation Against Terrorism Tracking Terrorist Financing Controversy over SWIFT and Europe’s role in the U.S. Terrorist Finance Tracking Program (TFTP) surfaced originally in 2006, following press reports that U.S. authorities had been granted secret access to SWIFT data since 2001. In an attempt to assure Europeans that their personal data was being protected, U.S. officials asserted that SWIFT data was used only for counterterrorism purposes, was obtained by the U.S. Treasury Department by administrative subpoena, and that no data mining occurred as part of the TFTP. In June 2007, the U.S. and EU reached a deal to allow continued U.S. access to SWIFT data for counterterrorism purposes, but it remained controversial for some European politicians and privacy groups.11 EU member states must freeze the assets of those named and ensure that financial resources are not made available to those on its common terrorist list. Nevertheless, some differences in the U.S. and EU terrorist designation lists persist. Most notably, some EU members continue to resist U.S. entreaties to add the Lebanon-based Hezbollah to the EU’s common terrorist list. The United States considers Hezbollah, which is backed by Syria and Iran, as a Foreign Terrorist Organization and applies financial and other sanctions to the group and its members. Those EU member states opposed to including Hezbollah on the EU’s common list argue that doing so would be counterproductive to managing relations with Lebanon and promoting peace and stability in the region. They note that some Lebanese consider Hezbollah a legitimate political force (it has members in the Lebanese parliament) and that the group provides needed social services in some of Lebanon’s poorest communities. In the past, the EU has also at times resisted U.S. calls to add suspected Hamas-related charities to its common terrorist list; some EU members have long viewed many of these charities as separate entities engaged in political or social work.7 Promoting Information-Sharing and Protecting Data Privacy Although the United States and the EU both recognize the importance of sharing information in an effort to track and disrupt terrorist activity, data privacy has been and continues to be a key U.S.-EU sticking point. As noted above, the EU considers the privacy of personal data a basic right; EU data privacy regulations set out common rules for public and private entities in the EU that hold or transmit personal data, and prohibit the transfer of such data to countries where legal protections are not deemed “adequate.” In the negotiation of several U.S.-EU information-sharing agreements, from those related to Europol to SWIFT to airline passenger data, some EU officials have been concerned about whether the United States could guarantee a sufficient level of protection for European citizens’ personal data. In particular, some Members of the European Parliament (MEPs) and many European civil liberty groups have long argued that elements of U.S.-EU information-sharing agreements violate the privacy rights of EU citizens. The U.S.-EU SWIFT Accord Controversy over Europe’s role in the U.S. Terrorist Finance Tracking Program surfaced originally in 2006, following press reports that U.S. authorities had been granted secret access to SWIFT financial data since 2001. In an attempt to assure Europeans that their personal data was being protected, U.S. officials asserted that SWIFT data was used only for counterterrorism purposes, was obtained by the U.S. Treasury Department by administrative subpoena, and that no data mining occurred as part of the TFTP. In June 2007, the United States and the EU reached a deal to allow continued U.S. access to SWIFT data for counterterrorism purposes, but it remained worrisome for some European politicians and privacy groups.8 7 The EU has listed Hamas’ military wing on its common terrorist list since 2001, and its political wing since 2003. In 2005, the EU added two charities believed to be related to Hamas to its common terrorist list. All 27 EU member states must agree in order for a group or individual to be added to the EU’s list. 8 “Frattini Claims Major Advance in Data Privacy Dispute,” European Report, June 29, 2007; David S. Cohen, U.S. Treasury Department Assistant Secretary for Terrorism and Financial Intelligence, Remarks to the Washington Institute for Near East Policy, April 7, 2010. Congressional Research Service 6 U.S.-EU Cooperation Against Terrorism In 2009, changes to SWIFT’s systems architecture—including a reduction in the amount of data stored on U.S. servers and the transfer of a large portion of data critical to the TFTP to a storage location in Europe—necessitated a new U.S.-EU agreement to permit the continued sharing of SWIFT data with the U.S. Treasury Department. In November 2009, the European Commission (the EU’s executive) reached ana new accord with the United States on SWIFT. However, under the EU’s new Lisbon Treaty, the European Parliament (EP)736-member European Parliament gained the right to approve or reject reject international agreements such as the SWIFT accord. As discussed previously, inagreement by majority vote. In February 2010, the EP rejected this new version of the U.S.-EU SWIFT agreement by a vote of 378 to 196 (with 31 abstentions); those ; those MEPs who opposed the accord claimed that it did not contain sufficient protections to safeguard the personal data and privacy rights of EU citizens. Given the EP’s long-standinglongstanding concerns about SWIFT and the TFTP, many observers were not surprised that some MEPs took the opportunity to both assert the Parliament’s new powers and to halt the transfer of SWIFT data to the United States U.S. access to much of the SWIFT data until their views regarding the protection of data privacy and civil liberties were taken on board more fully. TheIn May 2010, the European Commission and U.S. authorities began negotiating a newrevised U.S.-EU SWIFT agreement in May 2010. Two key EP that could garner the necessary EP support for approval. Two key EP concerns related to guaranteeing judicial remedy for European citizens in the United States forin the event of possible data abuse, and the use of “bulk data” transfers. Many MEPs wanted more targeted transfers and less data included in any transfer, but U.S. and EU officials contended that such “bulk” transfers were essentially how the SWIFT system worked and had to be maintained for technical reasons. Some MEPs also called for greater supervision by an “appropriate EU-appointedEUappointed authority” over U.S. access to SWIFT data.129 In mid-June 2010, U.S. and EU officials concluded a new draft agreement on SWIFT. Among other SWIFT agreement. Among other provisions, the draft provided for the possibility of administrative and legal redress for EU citizens in the United States and gave Europol the authority to approve or reject U.S. Treasury Department requests for SWIFT data. Press reports indicated, however, that some MEPs were still unhappy with several of the draft’s provisions. In order to avoid another “no” vote by the EP, EU and U.S. officials reportedly agreed to two additional changes to the draft: effectively guaranteeing that an independent observer appointed by the European Commission would be based in Washington, DC, to oversee, along with SWIFT personnel, the extraction of SWIFT data; and requiring the European Commission to present plans for an EU equivalent to the U.S. TFTP 11 “Frattini Claims Major Advance in Data Privacy Dispute,” European Report, June 29, 2007; David S. Cohen, U.S. Treasury Department Assistant Secretary for Terrorism and Financial Intelligence, Remarks to the Washington Institute for Near East Policy, April 7, 2010. 12 “MEPs Hail Historic Rejection of SWIFT Deal,” Agence Europe, February 13, 2010; “Countering Terrorist Threats—In the Air and on the Ground,” EU Insight, April 2010; “SWIFT: Commission To Negotiate Under Pressure from EP,” Europolitics, April 23, 2010. Congressional Research Service 8 U.S.-EU Cooperation Against Terrorism TFTP within a year. Such a “European TFTP” would be aimed at enabling the EU to extract SWIFT SWIFT data on European soil and send the targeted results onward to U.S. authorities, thereby avoiding avoiding “bulk data” transfers to the United States. in the longer term.10 As part of the new SWIFT accord, the United States has pledged its support and assistance in the event of an EU decision to develop its own TFTP. Some observers point out, however, that member states must ultimately approve a “European TFTP” and note that achieving member state agreement may be difficult given the likely financial costs of setting up such a system. Others suggest that a “European TFTP” would also probably entail more intelligence-sharing among EU member states, which some members and national intelligence services have long resisted. 9 “MEPs Hail Historic Rejection of SWIFT Deal,” Agence Europe, February 13, 2010; “Countering Terrorist Threats— In the Air and on the Ground,” EU Insight, April 2010; “SWIFT: Commission To Negotiate Under Pressure from EP,” Europolitics, April 23, 2010. 10 Toby Vogel, “SWIFT Deal on Data Sharing with U.S. Reopened,” European Voice, June 24, 2010; “SWIFT: Rapporteur Announces Last-Minute Agreement,” Europolitics, June 25, 2010. Congressional Research Service 7 U.S.-EU Cooperation Against Terrorism The EP approved the latest iteration of the U.S.-EU SWIFT accord on July 8, 2010, by 484 votes to 109 (with 12 abstentions). The agreement will enterentered into force on August 1, 2010, for a period of five years. If the EU decides to establish its own TFTP within this time period, the United States and the EU will consult to determine whether the agreement needs to be adjusted accordingly. 13 Sharing Airline Passenger Data Many U.S. and European officials have also been concerned that the EP will reject the U.S.-EU PNR agreement that has been provisionally in force since 2007. As noted above, Parliament must still give its approval to this accord for it to be formally signed and remain in force. Press reports indicate, however, that many MEPs recognize that rejecting the current U.S.-EU PNR agreement would create serious legal uncertainties and practical difficulties for both travelers and air carriers. As a result, in early May 2010, the EP postponed its vote on the 2007 PNR deal with the United States until the European Commission presents a new “PNR package.” The Commission’s “PNR package” will reportedly include a “global external PNR strategy” (or “single PNR model”) setting out general requirements for EU agreements with other countries and addressing EP concerns about the amount of PNR data transferred, the length of time such data can be kept, and the possibility for redress by European citizens of possible data misuse. The “PNR package” may also, consequently, propose adjustments to the EU’s existing PNR agreement with the United States in order to meet EP demands for stronger data protections. The EP had hoped that the Commission would present this new package in July 2010. Recent media reports suggest, however, that the Commission’s proposal for a PNR package will not be ready until September at the earliest. Some MEPs have expressed frustration with the delay. As with the U.S.-EU SWIFT agreement, many observers expect that the EP will press hard for changes to the existing U.S.-EU PNR accord to better guarantee the privacy rights of EU citizens. The EP has also been concerned with the issue of reciprocity, that is, that much of the data transferred in the PNR agreement flows from the EU to the United States, but not vice-versa. U.S. officials are reportedly “open” to a proposal for a similar EU-wide airline passenger data regime, in which the personal data of U.S. citizens flying into or out of the EU would be transmitted to European border and custom authorities for counterterrorism purposes. However, this proposed system would also likely be controversial in Europe. Although the European Commission first 13 Toby Vogel, “SWIFT Deal on Data Sharing with U.S. Reopened,” European Voice, June 24, 2010; “President Obama Backs Conclusion of SWIFT Agreement Between EU and US,” Agence Europe, June 25, 2010; “SWIFT: Rapporteur Announces Last-Minute Agreement,” Europolitics, June 25, 2010; European Parliament Press Release, “Parliament Gives Green Light for SWIFT II,” July 8, 2010. Congressional Research Service 9 U.S.-EU Cooperation Against Terrorism floated establishing an EU PNR system in November 2007, EU leaders have so far been unable to agree on a concrete proposal because of different member state sensitivities regarding data protection, privacy rights, and counterterrorism practices. The Commission will reportedly introduce a new proposal for an EU PNR system as part of its expected “PNR package.”14 Possible Some MEPs, however, continue to be concerned about the EU’s role in the U.S. TFTP and whether the SWIFT accord is being properly implemented. Several MEPs, for example, have recently criticized Europol for too readily approving vague U.S. requests for SWIFT data. As part of its recent review of the U.S.-EU SWIFT agreement, the European Commission has recommended certain measures to help make the TFTP more transparent, including by providing more information to Europol in writing; the United States is reportedly considering the Commission’s recommendations.11 Passenger Name Record (PNR) Data In May 2004, the United States and EU reached an initial agreement permitting airlines operating flights to or from the United States to provide U.S. authorities with passenger name record (PNR) data in their reservation and departure control systems within 15 minutes of a flight’s departure. This accord was controversial in Europe because of fears that it violated the privacy rights of EU citizens and did not contain sufficient protections to safeguard their personal data. As a result, the European Parliament lodged a case against the PNR agreement in the EU Court of Justice; in May 2006, the Court annulled the PNR accord on grounds that it had not been negotiated on the proper legal basis. EU officials stressed, however, that the Court did not rule that the agreement infringed on European privacy rights. In July 2007, the United States and the EU concluded negotiations on a new, seven-year agreement to ensure the continued transfer of PNR data. U.S. officials appeared pleased with several provisions of this new deal, such as: allowing the U.S. Department of Homeland Security to share PNR data with other U.S. agencies engaged in the fight against terrorism; extending the length of time that the United States can store such data (from 3½ to 15 years ultimately); and permitting the United States to access sensitive information about a passenger’s race, ethnicity, religion, and health in exceptional circumstances. The new accord also required airlines to send data from their reservation systems to U.S. authorities at least 72 hours before a flight departs. In a concession to the EU, the number of fields from which the United States will collect data were reduced from 34 to 19.12 Although this latest U.S.-EU PNR agreement has been provisionally in force since 2007, the European Parliament must still give its approval in order for the accord to be formally signed and remain in force. Many MEPs, however, object to key elements of the 2007 agreement, including: the amount of PNR data transferred; the length of time such data can be kept; and what they view as an inadequate degree of redress available for European citizens for possible data misuse. Some MEPs also worry that U.S. authorities might use PNR data for “data mining” or “data profiling” purposes. At the same time, many MEPs recognize that rejecting the U.S.-EU PNR agreement would create legal uncertainties and practical difficulties for both travelers and air carriers. As such, in May 2010, the EP agreed to postpone its vote on the 2007 PNR deal, calling instead upon the European Commission to present a “global external PNR strategy” setting out general 11 European Parliament Press Release, “Parliament Gives Green Light for SWIFT II,” July 8, 2010; James Kanter, “Europe Seeks More Openness from U.S. Anti-terror Program,” International Herald Tribune, March 18, 2011. 12 Paul Lewis and Spencer Hsu, “Travelers Face Greater Use of Personal Data,” Washington Post, July 27, 2007. Congressional Research Service 8 U.S.-EU Cooperation Against Terrorism requirements for all EU PNR agreements with other countries; the EP also essentially expected that the EU PNR deal with the United States (as well as ones pending with Australia and Canada) would be renegotiated to conform to the new PNR standards put forth by the Commission.13 In September 2010, the European Commission issued its “global external PNR strategy”14 and called for the renegotiation of the EU’s PNR agreements with the United States, Australia, and Canada. Among other general principles proposed in the “external PNR strategy,” the Commission asserted that PNR data should be used exclusively to combat terrorism and other serious transnational crimes, passengers should be given clear information about the exchange of their PNR data and have the right to effective administrative and judicial redress, and that a decision to deny a passenger the right to board an airplane must not be based solely on the automated processing of PNR data. The Commission also proclaimed that the categories of PNR data exchanged should be as limited as possible and that PNR data should be retained no longer than absolutely necessary. In November 2010, the European Parliament welcomed the Commission’s PNR strategy and endorsed the opening of new PNR negotiations with the United States. The EP emphasized, however, that the exchange of PNR data must be both “necessary” and “proportional,” reiterated that PNR data must not be used for data mining or profiling, and called on the Commission to also explore less intrusive alternatives. 15 In early December 2010, EU member states gave the Commission a green light to negotiate a revised PNR agreement with the United States. Although many U.S. officials had been wary about reopening negotiations on the PNR accord, the Obama Administration assented to discussing at least some adjustments, largely in recognition of the fact that the EP is unlikely to approve the 2007 agreement as it currently stands. U.S.-EU negotiations on a revised PNR accord were officially launched on December 8, 2010.16 U.S. officials continue to maintain that the 2007 accord already sufficiently protects both the data collected and individual privacy rights; they note that two joint reviews conducted by the U.S. Department of Homeland Security and the European Commission since 2004 have confirmed that the United States has not misused the PNR data. U.S. policymakers assert that any revised PNR agreement must not degrade the operational effectiveness of the current PNR program and should permit further enhancements. U.S. officials also caution that any new PNR agreement with the EU must not invalidate bilateral PNR deals that the United States has concluded with various EU member states. Some MEPs contend, however, that these bilateral PNR accords must be updated to comply with the EU-wide accord. As it did with the U.S.-EU SWIFT agreement, many observers believe that the EP will press hard for changes to the existing U.S.-EU PNR accord, especially in relation to the length of time PNR data is retained.17 The EP has also been concerned with the issue of reciprocity, that is, that much of the data transferred in the PNR agreement flows from the EU to the United States, but not vice-versa. U.S. 13 James Kanter, “Europe Acts on Privacy Front,” International Herald Tribune, April 7, 2010; “EP Suspends Vote on PNR,” Agence Europe, May 6, 2010. 14 Communication from the Commission on the Global Approach to Transfers of Passenger Name Record (PNR) Data to Third Countries, COM/2010/0492, September 21, 2010. 15 EP Resolution P7_TA-PROV(2010)0397, November 11, 2010. 16 The 2007 PNR agreement remains in effect during the course of the current negotiations. 17 “Will Napolitano Change 2007 PNR Accord?,” Europolitics Transport, October 12, 2010; Edward Cody, “Armed with New Treaty, Europe Amplifies Objections to U.S. Data-sharing Demands,” Washington Post, October 26, 2010; “MEPs Assent to Talks on Airline Passenger Information-sharing,” Agence Europe, November 13, 2010. Congressional Research Service 9 U.S.-EU Cooperation Against Terrorism officials are reportedly “open” to a proposal for a similar EU-wide airline passenger data regime, in which the personal data of U.S. citizens flying into or out of the EU would be transmitted to European border and custom authorities for counterterrorism purposes. However, this proposed system would also likely be controversial in Europe. Although the European Commission first floated establishing an EU PNR system in November 2007, progress has been slow because of different member state sensitivities regarding privacy rights and counterterrorism practices. In February 2011, the European Commission presented a new proposal for an EU-wide PNR system. It would oblige airline carriers to transfer the PNR data of passengers on international flights into and out of EU territory to the member state of arrival or departure, sets out common rules among EU member states for how to use PNR data, and establishes guidelines for transferring PNR data between member states. Some EU members, such as Belgium and the United Kingdom, already have their own PNR systems, while others are in the process of developing them; the Commission contends that common rules are necessary in order to prevent the creation of 27 divergent national systems and uneven levels of personal data protection. Some EU member states would like intra-EU flights to also be included in the proposed EU-wide PNR regime; however, other members and the European Parliament are unlikely to agree to such an expansion of the Commission’s proposal at this time amid concerns about costs and the sufficiency of data protection guarantees.18 U.S.-EU Framework Agreement on Data Protection Many U.S. and EU leaders believe that information-sharing agreements such as SWIFT and PNR are vital tools in the fight against terrorism. At the same time, U.S. officials have often been frustrated by the need for painstaking and often time-consuming negotiations with the EU on every individual agreement that involves sharing personal data between the two sides. For many years, Washington has sought to establish an umbrella agreement in which the EU would largely accept U.S. data privacy standards as adequate and which wouldthus make the transfer of personal data between EU and U.S. law enforcement authorities easier. Until recentlynegotiation of future datasharing accords easier. In the past, EU officials had largely resisted this idea, claiming that only tailored agreements could guarantee an “added level of protection” for EU citizens against possible U.S. infringements of their privacy rights. They argued that it would be burdensome for EU citizens to gain redress for any wrongs committed through the U.S. judicial system. In 2009, however, the European Parliament called for a U.S.-EU framework agreement to help better ensure the protection of civil liberties and personal data privacy. In late May 2010, the European Commission proposed a draft mandate for negotiating a broad accord with the United States on personal data protection that could apply to all U.S.-EU data-sharing agreements. Such an accord would likely build on the common personal data protection principles adopted by the United States and the EU in October 2009. However, the Commission asserts that any eventual framework agreement would not provide the legal basis for specific transfers of personal data between the EU and the United States; in other words, agreements on SWIFT or PNR would still be required. The Commission’s mandate must be approved by the member states before negotiations with the United States can begin. Some analysts suggest that the Commission’s proposal for a framework agreement with the United States is being driven, in part, by the recent difficulties in securing EP support for the SWIFT and PNR deals. Although any such broad U.S.EU deal would also need EP approval, the Commission likely hopes that it would put EP concerns about data privacy and U.S. protection standards to rest once and for all.15 Balancing Transatlantic Travel, Commerce, and Security With respect to several issues, U.S. and EU officials have been grappling with finding a balance between improving border security and facilitating legitimate transatlantic travel and commerce. 14 “EU Seeks Data on American Passengers,” Washington Post, November 4, 2007; James Kanter, “Europe Acts on Privacy Front,” International Herald Tribune, April 7, 2010; European Parliament Press Release, “SWIFT and PNR: Privacy Concerns Voiced Ahead of New Round of Negotiations,” April 22, 2010; “EP Getting Nervous Over Passenger Name Record,” Europolitics Transport, June 15, 2010. 15 U.S. Department of State Press Release, “U.S., EU Reach Agreement on Common Personal Data Protection Principles,” October 28, 2009; “Commission Seeks Comprehensive Data Protection Agreement,” Europolitics, May 27, 2010. Congressional Research Service 10 U.S.-EU Cooperation Against Terrorism The Commission asserts that any such framework agreement would not provide the legal basis for specific transfers of personal data between the EU and the United States; in other words, agreements on SWIFT or PNR would still be required. EU member states approved the Commission’s mandate in early December 2010; U.S.-EU negotiations on the data protection accord were officially launched on March 28, 2011. The member states and the European Parliament must ultimately approve any eventual U.S.-EU agreement for it to take effect. Many analysts believe that a U.S.-EU framework agreement on data protection will likely build on the common personal data protection principles adopted by the United States and the EU in 18 “EU Seeks Data on American Passengers,” Washington Post, November 4, 2007; “EU Wants Air Passenger Data for Terrorism Probes,” Reuters, February 2, 2011; Valentina Pop, “Member States To Clash with EU Parliament on Passenger Data,” EUObserver.com, April 4, 2011. Congressional Research Service 10 U.S.-EU Cooperation Against Terrorism October 2009. However, one key outstanding issue that the United States and the EU were unable to agree upon in the common principles is that of redress. Many EU officials and MEPs insist that European citizens need the right of judicial redress in the United States; some experts believe that the EU will likely push in negotiations over the new framework agreement for the U.S. Privacy Act of 1974 to be amended to extend judicial redress to EU citizens (currently, the U.S. Privacy Act limits judicial redress to U.S. citizens and legal permanent residents). U.S. experts doubt that the Obama Administration would agree to this potential EU demand, given the unlikelihood that Congress would be favorably inclined toward passing such an amendment to the Privacy Act. The Administration has long maintained that EU citizens may seek redress concerning U.S. government handling of personal information through agency administrative redress or judicial redress through the U.S. Freedom of Information Act. Another possible point of contention in U.S.-EU negotiations may be whether or not an eventual framework agreement should be applied retroactively to previous U.S.-EU data sharing arrangements. Some EU leaders and MEPs support its retroactive application. However, the United States opposes doing so, arguing that it would create unnecessary legal uncertainty.19 Strengthening Border Controls and Transport Security For many years, the United States and the EU have emphasized cooperation in the areas of border control and transport security. The United States and the EU have pledged to enhance international information exchanges on lost and stolen passports and to promote travel document security through the use of interoperable biometric identifiers. Several U.S.-EU agreements related to border controls and transport security have been concluded. At the same time, U.S. and EU officials continue to grapple with finding the appropriate balance between improving border security and facilitating legitimate transatlantic travel and commerce. Aviation and Air Cargo Security Since the 2001 terrorist attacks, both the United States and the EU have implemented a range of measures aimed at improving aviation and air cargo security.20 Although many U.S. and EU rules and regulations have coincided closely, the two sides have sought to work together to bridge gaps in their respective policies given the significant volume of transatlantic flights. For example, in 2008, the United States and the EU reached an agreement on coordinating air cargo security measures, in part to comply with a provision in the Implementing Recommendations of the 9/11 Commission Act of 2007 (P.L. 110-53) that mandates 100% screening of cargo transported on U.S. domestic and U.S.-bound international passenger flights equivalent to the level of security used for checked baggage. Among other measures in the 2008 accord, both sides pledged to 19 U.S. Department of State Press Release, “U.S., EU Reach Agreement on Common Personal Data Protection Principles,” October 28, 2009; “Commission Seeks Comprehensive Data Protection Agreement,” Europolitics, May 27, 2010; European Parliament News, “Data Protection in Transatlantic Relations: Searching for a Framework Agreement,” October 27, 2010. 20 The EU first adopted common rules on aviation security in 2002, detailing measures regarding access to sensitive airport areas, aircraft security, passenger screening and baggage handling, among others. These measures were revised and updated in April 2010. Congressional Research Service 11 U.S.-EU Cooperation Against Terrorism institute commensurate systems to ensure the security of all cargo on passenger flights between their respective territories by the end of 2010.21 Two recent events have brought aviation and air cargo security to the forefront of U.S.-EU discussions again: the December 2009 attempt by a Nigerian passenger to blow up an airliner en route from Amsterdam to Detroit with a device concealed in his underwear; and the thwarted October 2010 “Yemen bomb plot,” in which two Chicago-bound printer cartridge packages containing explosives were shipped from Yemen on various cargo and passenger flights (one package was transferred in Germany before being intercepted in the UK). In January 2010, the United States and the EU issued a joint declaration on aviation security, pledging to intensify U.S.-EU efforts to strengthen aviation security measures worldwide. In October 2010, U.S.-EU collaboration played a key role in forging an International Civil Aviation Organization (ICAO) declaration on aviation security, agreed to by 190 countries, aimed at better protecting the entire global aviation system from terrorist threats; as part of the ICAO declaration, signatories committed to work on further enhancing air cargo and supply chain security. Despite a shared commitment to promote U.S.-EU cooperation in the areas of aviation and air cargo security, some differences in perspective remain. In the aftermath of the failed 2009 attack, the United States accelerated installation of body scanners at U.S. airports and encouraged the EU to follow suit. Although some EU countries and leaders support installing body scanners at European airports, other EU member states and some European Parliamentarians remain hesitant due to concerns that the scanners could compromise privacy rights and pose health dangers. In June 2010, the European Commission issued a report on body scanners, asserting the need to develop a harmonized EU approach to the introduction of such devices at European airports but opposing making them mandatory in every EU country. The European Commission is reportedly now developing a proposal for a common EU body scanner policy, but a draft is not expected until summer 2011 at the earliest.22 Following the discovery of the “Yemen bomb plot,” the EU has also been taking steps to strengthen its existing air cargo security standards and controls, in particular with respect to transfer cargo originating outside EU territory. Like some Members of Congress, some European politicians have called for 100% physical screening of cargo transported on all-cargo aircraft. Most EU officials, however, contend that such 100% screening would be impractical, pose significant technical hurdles, and impose heavy financial burdens on the air cargo industry. Instead, they prefer implementation of risk-based approaches that seek to identify those shipments that require greater scrutiny and physical screening. Many U.S. homeland security policymakers agree with the risk-based approach, but some European officials worry of a potential conflict with the United States should Congress ultimately pass legislation requiring 100% screening of all air cargo.23 21 Ned Levi, “TSA To Finally Screen Air Cargo on Passenger Flights,” Consumer Traveler, November 4, 2008. For example, the UK, the Netherlands, France, and Italy reportedly plan to try out full-body scanners at their airports, while Germany, Spain, and some Nordic countries appear more cautious about using the scanners. See “EU Puts Off Reply To U.S. Request for Airport Body Scanners,” Agence France Presse, January 21, 2010; Robert Wall, “Body Scanner Policy Another Year Away for EU Airports,” Aviation Daily, July 2, 2010. 23 In November 2010, in the 111th Congress, legislation was introduced in both the House (H.R. 6410) and Senate (S. 3954) that would have required physical screening of cargo transported on all-cargo aircraft, including U.S.-bound international flights. For more information, see CRS Report R41515, Screening and Securing Air Cargo: Background and Issues for Congress, by Bart Elias. Also see, Daniel Michaels, “EU To Step Up Air-cargo Rules,” Wall Street Journal, November 30, 2010. 22 Congressional Research Service 12 U.S.-EU Cooperation Against Terrorism In addition, the United States and the EU continue to discuss the use of armed air marshals on transatlantic flights. Some European countries objected to U.S. requirements issued in December 2003 for armed marshals on certain flights to and from the United States, viewing guns on board planes as increasing the security risks. Others, such as the U.K. and France, were more receptive to deploying armed air marshals. In April 2004, U.S. officials pledged to consider alternative measures for European countries opposed to armed air marshals. In November 2004, U.S. and EU officials agreed to exchange information about aviation security technologies, such as airline countermeasures against shoulder-fired ground-to-air missiles.24 Maritime Cargo Screening In April 2004, the United States and the European Union signed a customs cooperation accord; among other measures, it calls for extending the U.S. Container Security Initiative (CSI) throughout the EU. CSI stations U.S. customs officers in foreign ports to help pre-screen U.S.bound maritime cargo containers to ensure that they do not contain dangerous substances such as explosives or other weapons of mass destruction. Ten EU member states currently have ports that participate in CSI. Both the United States and the EU have also instituted programs with leading importers to pre-screen cargo shipments. However, EU officials remain concerned with a provision in the Implementing Recommendations of the 9/11 Commission Act of 2007 (P.L. 110-53) that sets a five-year goal of scanning all container ships bound for the United States for nuclear devices. Although European leaders support the use of radiation detection and container imaging to increase cargo and freight security in principle, they view 100% container scanning as unrealistic, and argue that it could disrupt trade and place a heavy financial burden on EU ports and businesses. Some U.S. officials share these concerns about the cost and effectiveness of 100% scanning, suggesting that it could result in lower profits and higher transportation costs for U.S. importers; they also point out that the United States and Europe already have programs in place to identify high risk cargo shipments and target them for further inspection. Proponents of 100% scanning counter that the manifest data that U.S. and European authorities currently rely upon to determine which containers need closer scrutiny is not an adequate basis for determining risk. U.S. authorities will likely seek an extension of the 2012 100% scanning deadline. 25 Visa Waiver Program (VWP) For many years, the United States and the EU were at odds over the U.S. Visa Waiver Program (VWP) and the EU’s desire to have it applied equally to all EU members. The VWP allows for short-term visa-free travel for business or pleasure to the United States from 36 countries, most of which are in Europe. New EU members were eager to join the VWP, but most were excluded for years due to problems meeting the program’s statutory requirements. Although some Members of Congress had long expressed skepticism about the VWP in general because of security concerns (noting that terrorists with European citizenship have entered the United States on the VWP), other Members were more supportive of extending the VWP to new EU members (especially 24 “U.S. Conciliatory in Air Marshal Demands,” Associated Press, April 26, 2004; John M. Doyle, “U.S., EU To Trade Information on Sensors, MANPADS Defense,” Homeland Security and Defense, November 24, 2004. 25 “EU Hits at U.S. Plan To Scan Containers,” Financial Times, August 2, 2007; “U.S. Cargo Scanning Law Unfair,” Reuters, March 10, 2008; “Underwear Bomber Could Have Evaded Full Body Scanner,” Europolitics, March 29, 2010. Congressional Research Service 13 U.S.-EU Cooperation Against Terrorism those in central and eastern Europe) given their roles as U.S. allies in NATO and in the fight against terrorism. In July 2007, Congress passed the Implementing Recommendations of the 9/11 Commission Act of 2007 (P.L. 110-53), which included changes to the VWP aimed at both strengthening the program’s security components and allowing more EU members (and other interested states) to qualify. Among other measures, P.L. 110-53 called on VWP participants to meet certain security and passport standards and to sign on to a number of information-sharing agreements; at the same time, it eased other admission requirements to make it easier for some EU member states to join the VWP.16 As a result, 23 of the EU’s 27 member states now belong to the VWP, and U.S.-EU tensions over the VWP have subsided considerably. The EU, . The EU, however, continues to encourage the United States to admit the remaining four EU members (Bulgaria, Cyprus, Poland, and Romania) to the VWP as soon as possible. Cargo Screening EU officials also remain concerned with a separate provision in P.L. 110-53 that sets a five-year goal of scanning all container ships bound for the United States for nuclear devices. Although European leaders support the use of radiation detection and container imaging to increase cargo and freight security in principle, they view “100 percent” scanning as unrealistic, and argue that it could disrupt trade and would place a heavy financial burden on EU ports and businesses. Some U.S. officials share these concerns about the cost and effectiveness of “100 percent” scanning, suggesting that it could result in lower profits and higher transportation costs for U.S. importers; they also point out that the United States and Europe already have programs in place to identify “high risk” cargo shipments and target them for further inspection. Proponents of “100 percent” scanning counter that the manifest data that U.S. and European authorities currently rely upon to determine which containers need closer scrutiny is not an adequate basis for determining risk.17 to the VWP as soon as possible. Some European policymakers also remain irritated by new rules requiring visitors entering the United States under the VWP to submit biographical information to U.S. authorities through the web-based Electronic System for Travel Authorization (ESTA) at least two days before traveling. The creation of ESTA was mandated by Congress in P.L. 110-53 as one way to help increase the security of the VWP; ESTA became operational for all VWP countries in January 2009. ESTA checks the biographical information submitted against relevant law enforcement databases; those individuals not approved under ESTA must obtain a U.S. visa. Some EU officials contend that ESTA essentially comprises a new type of visa requirement, is a hardship for some last-minute business travelers, and infringes on EU privacy and data protection rules; many European policymakers and citizens also bristle at the $14 fee for ESTA processing imposed since September 2010. U.S. authorities counter that ESTA only requires the same information as that required on the current I-94W paper form that VWP visitors must complete en route to the United States, and that ESTA approval is good for two years and valid for multiple entries.26 Detainee Issues and Civil Liberties U.S. and European officials alike maintain that the imperative to provide freedom and security at home should not come at the cost of sacrificing core principles with respect to civil liberties and upholding common standards and commitments on human rights. At the same time, the status and treatment of suspected terrorist detainees has been a key point of U.S.-European tension. 16 For more information on the VWP, see CRS Report RL32221, Visa Waiver Program, by Alison Siskin. “EU Hits at U.S. Plan To Scan Containers,” Financial Times, August 2, 2007; “U.S. Cargo Scanning Law Unfair,” Reuters, March 10, 2008; “Underwear Bomber Could Have Evaded Full Body Scanner,” Europolitics, March 29, 2010. 17 Congressional Research Service 11 U.S.-EU Cooperation Against Terrorism Especially during the former Bush Administration, the U.S.-run detention facility at Guantánamo Bay, Cuba,; U.S. plans to try enemy combatants before military commissions,; and the use of “enhanced interrogation techniques” came under widespread criticism in Europe. The U.S. practice of “extraordinary rendition” (or extrajudicial transfer of individuals from one country to another, often for the purpose of interrogation) and the possible presence of CIA detention facilities in Europe also gripped European media attention and prompted numerous investigations by the European Parliament, national legislatures, and judicial bodies, among others. Many European leaders and analysts viewed U.S. terrorist detainee, interrogation, and “extraordinary rendition” policies as being in breach of international and European law and as degrading shared values regarding human rights and the treatment of prisoners. Moreover, they feared that such U.S. policies weakened U.S. and EU efforts to win the battle for Muslim “hearts 26 For more information on the VWP, see CRS Report RL32221, Visa Waiver Program, by Alison Siskin. Also see, Julia Werdigier, “European Officials Broadly Criticize U.S. Airport Security Methods,” New York Times, October 28, 2010. Congressional Research Service 14 U.S.-EU Cooperation Against Terrorism and minds,” considered by many to be a crucial element in countering terrorism. The Bush Administration, however, defended its detainee and rendition polices as important tools in combating the fight against terrorism, and vehemently denied allegations of violating U.S. human rights commitments, including the prohibition against torture. Bush Administration officials also acknowledged European concerns about Guantánamo and sought agreements with foreign governments to accept some Guantánamo detainees, but maintained that somecertain prisoners were too too dangerous to be released. U.S.-EU tensions over terrorist detainee policies and practices have subsided to some degree since the adventstart of the Obama Administration. EU and other European officials welcomed President President Obama’s announcement in January 2009 that the United States intended to close the detention facility at Guantánamo within a year. They were also pleased with President Obama’s executive order order banning torture and his initiative to review Bush Administration legal opinions regarding detention and interrogation methods. At the same time, the Obama Administration has faced significant challenges in its efforts to close Guantánamo. Although the one-year deadline has not been met, U.S. officials assert that they remain committed to closing the facility as soon as possible. In March 2009, the U.S. State Department appointed a special envoy tasked with persuading countries in Europe and elsewhere to accept detainees cleared for release but who can could not be repatriated to their country of origin for fear of torture or execution. Although some EU members have accepted (or pledged to accept) small numbers of released detainees, others have declined. Some observers contend that U.S. officials are frustrated with European reluctance to take in more detainees. Some U.S. officials also worry that allegations of U.S. wrongdoing and rendition-related criminal proceedings against CIA officers in some EU states (stemming from the Bush era) may put vital U.S.-European intelligence cooperation against terrorism at risk.18 Differences in the U.S. and EU Terrorist Lists As discussed previously, the United States and the EU have sought to bring their respective terrorist designation lists closer together in order to present a united front against these groups and to impede terrorist financing. Some differences, however, still persist. Most notably, some EU members continue to resist U.S. entreaties to add the Lebanon-based Hezbollah to the EU’s common terrorist list. The United States lists Hezbollah, which is backed by Syria and Iran, as a 18 “EU Investigation of CIA Flights May Threaten Intelligence Cooperation,” Associated Press, February 28, 2007; “Europeans Still Resisting Obama Over Guantanamo Inmates,” Deutsche Welle, February 17, 2010. Congressional Research Service 12 U.S.-EU Cooperation Against Terrorism Foreign Terrorist Organization and applies financial and other sanctions to the group and its members. Putting Hezbollah on the EU list would oblige EU member states to freeze the group’s assets and block financing to the group. Those EU members opposed to including Hezbollah on the EU’s common terrorist list argue that doing so would be counterproductive to managing relations with Lebanon and promoting peace and stability in the region. They note that some Lebanese consider Hezbollah a legitimate political force (it has members in the Lebanese parliament) and that the group provides needed social services in some of Lebanon’s poorest communities. In the past, the EU has also at times resisted U.S. calls to add suspected Hamasrelated charities to its common terrorist list; some EU members have long viewed many of these charities as separate entities engaged in political or social work.19 U.S. Perspectives and Issues for Congress Successive U.S. administrations and many Members of Congress have supported efforts to enhance U.S.-EU cooperation against terrorism since the 2001 terrorist attacks. Although some skeptics initially worried that such U.S.-EU collaboration could weaken strong U.S. bilateral law enforcement relationships with EU member states, the Bush Administration essentially determined that the political benefits of engaging the EU as an entity on police and judicial to take in more detainees. Congressional opposition to some elements of the Administration’s plan for closing Guantánamo has also posed obstacles. As a result of these various difficulties, the Obama Administration’s original one-year deadline for shutting down Guantánamo was not met. The Administration asserts that it remains committed to closing the detention facility, but in March 2011, President Obama signed an executive order that in effect creates a formal system of indefinite detention for those detainees at Guantánamo not charged or convicted but deemed to dangerous to free. The Administration also announced an end to its two-year freeze on new military commission trials for Guantánamo detainees. European reaction has been largely muted, but some European policymakers worry that as long as Guantánamo remains open, it helps serve as a recruiting tool for Al Qaeda and its affiliates. Meanwhile, some U.S. and European officials remain concerned that allegations of U.S. wrongdoing and rendition-related criminal proceedings against CIA officers in some EU states (stemming from the Bush era) continue to cast a long shadow and could put vital U.S.-European intelligence cooperation against terrorism at risk.27 U.S. Perspectives and Issues for Congress Successive U.S. administrations and many Members of Congress have supported efforts to enhance U.S.-EU cooperation against terrorism since the 2001 terrorist attacks. Although some skeptics initially worried that such U.S.-EU collaboration could weaken strong U.S. bilateral law enforcement relationships with EU member states, the Bush Administration essentially determined that the political benefits of engaging the EU as an entity on police and judicial 27 “EU Investigation of CIA Flights May Threaten Intelligence Cooperation,” Associated Press, February 28, 2007; “The Dark Pursuit of the Truth,” The Economist, July 30, 2009; “Europeans Still Resisting Obama Over Guantanamo Inmates,” Deutsche Welle, February 17, 2010; Peter Finn and Anne Kornblut, “Obama Creates Indefinite Detention System for Prisoners at Guantánamo Bay,” Washington Post, March 8, 2011. Congressional Research Service 15 U.S.-EU Cooperation Against Terrorism matters outweighed the potential risks. U.S. officials suggested that the Union’s renewed initiatives in the police and judicial field might be the first steps on a long road toward a common EU judicial identity. Thus, they asserted it was in U.S. interests to engage with the EU, given Europe’s role as a key U.S. law enforcement partner. They also hoped that improved U.S.-EU cooperation on border controls and transport security would help authorities on both sides keep better track of suspected terrorists and prevent them from entering the United States or finding sanctuary in Europe. At the same time, some observers note that U.S.-EU counterterrorism cooperation is complicated by different EU and member state competencies, and U.S. policy preferences. An increasing number of policy areas relevant to counterterrorism—including data protection, customs, and visas—fall under the competence of the Union (i.e., EU members adopt a common policy, agree to abide by its terms, and negotiate collectively with other countries). However, at times, the United States continues to prefer to negotiate on some issues—such as the VWP—bilaterally, and observers assert that this disconnect can lead to frictions in the U.S.-EU relationship. Nevertheless, both the United States and the EU appear committed to fostering closer cooperation in the areas of counterterrorism, law enforcement, border controls, and transport security. As noted above, the Obama Administration has largely continued the Bush Administration’s policy of engagement with the EU in these areas. Congressional decisions related to improving U.S. travel security and border controls, in particular, may affect how future U.S.-EU cooperation evolves. Data privacy, aviation and cargo security, and visa policy will continue to be salient issues for Congress in this respect. In addition, given the European Parliament’s growing influence in many of the areas related to counterterrorism and its new role in approving international agreements—such as the U.S.-EU 19 The EU has listed Hamas’ military wing on its common terrorist list since 2001, and its political wing since 2003. In 2005, the EU added two charities believed to be related to Hamas to its common terrorist list. All 27 EU member states must agree in order for a group or individual to be added to the EU’s list. Congressional Research Service 13 U.S.-EU Cooperation Against Terrorism SWIFT and PNR accords—Members of Congress may increasingly be able to help shape Parliament’s views and responses. Some Members of Congress have ongoing contacts with their EP counterparts, and the existing Transatlantic Legislators’ Dialogue (TLD) brings members of the European Parliament and the U.S. House of Representatives together twice a year to discuss a wide range of topical political and economic issues. Some Members of Congress and European Parliamentarians have recently expressed interest in strengthening ties and cooperation further. Such exchanges could provide useful opportunities for enhancing transatlantic dialogue on the wide range of counterterrorism issues facing both sides of the Atlantic. 2028 Author Contact Information Kristin Archick Specialist in European Affairs karchick@crs.loc.gov, 7-2668 2028 For more information, see CRS Report RS21998, The European Parliament, by Kristin Archick and Derek E. Mix. Congressional Research Service 1416