Steve Peers
The idea of a “Panopticon,” a prison where guards could potentially see any inmate at any point, was conceived over two centuries ago by British philosopher Jeremy Bentham. He believed that the constant threat of observation would motivate prisoners to act appropriately. This concept is now often used to illustrate contemporary patterns in widespread monitoring and societal control.
The European Union’s (EU) initial move in this direction was the establishment of the Schengen Information System (SIS) during the 1990s. The SIS is a widely recognized EU-wide database used by law enforcement, immigration, and criminal justice agencies, containing vast quantities of data.
Previously, the UK did not have any access to the SIS. However, this week, the EU Council greenlit the UK’s involvement in the System, effectively connecting the EU’s most recognizable database with the origin of the panopticon concept. What are the specific outcomes and the larger implications of this decision?
Background
The primary goal of the Schengen system is to eliminate internal border controls among EU Member States, along with some associated non-EU nations. Currently, the complete set of Schengen rules applies to all EU members except the UK, Ireland, Cyprus, Romania, Bulgaria, and Croatia. These regulations also cover four associate nations: Norway, Iceland, Switzerland, and Liechtenstein.
All Member States, with the exception of the UK and Ireland, are obligated to eventually integrate into the Schengen system. These two Member States negotiated an exemption in the form of a specialized Protocol when the Schengen rules (established by the Schengen Convention, a treaty formed outside of the EU legal framework) were incorporated into the EU legal structure through the Treaty of Amsterdam (enacted in 1999).
The UK and Ireland aren’t entirely left out of the Schengen system. They negotiated the right to apply to join specific Schengen rules, with the Council needing unanimous approval for their application. Both countries essentially chose to participate in Schengen regulations related to policing and criminal justice, including the SIS, but not the rules about removing internal border controls or harmonizing regulations on external borders and short-term visas.
The UK’s application was accepted in 2000 (see Decision here), followed by Ireland’s in 2002 (see Decision here). However, a separate subsequent Council decision was required to put each decision into effect because the Schengen system can’t be expanded until thorough checks confirm the new member can effectively apply the rules. Based on this, the majority of the Schengen regulations applicable to the UK have been in effect since the beginning of 2005 (see Decision, including later modifications, here). The rules on the SIS, which the UK wasn’t prepared to apply at the time, are the exception. The UK ultimately abandoned its efforts to connect to the SIS after investing heavily in the endeavor, reasoning that the EU was already planning to replace the SIS with an upgraded system (SIS II). There is a wealth of background information in the House of Lords report on the UK’s intention to join the SIS (see here), for which I served as a special advisor. (Note that Ireland does not yet implement any of the Schengen rules).
The EU took a significant amount of time to launch SIS II, ultimately succeeding in April 2013 (see Decision here). Although the UK intended to join SIS II soon after it became operational, the process was made more complex by the UK’s decision to opt out of EU criminal law and policing measures implemented before the Treaty of Lisbon took effect, while simultaneously opting back into several of them on December 1st, 2014 (see a discussion of this process here). The SIS regulations were included in this opt-back.
With the conclusion of that political drama, the EU and the UK resumed their efforts to finalize the UK’s practical opt-in to SIS II. This week’s decision finalized that process, granting the UK access to SIS II data starting March 1st. The UK will be able to actively use that data and input its own data into the SIS beginning April 13th.
Consequences
What exactly does SIS membership entail? The 2007 Decision that governs the use of SIS II for law enforcement and criminal justice reasons lays forth the system’s specifics. Separate Regulations exist that control how SIS II is used for immigration-related purposes and for granting access to SIS II information to organizations that register vehicles. While the first regulation permits the recording of “alerts” about non-EU citizens who should, in principle, be refused a visa or prohibited from entering the EU, the latter regulation seeks to prevent the registration of vehicles stolen in one Member State from occurring in another. The UK participates in the latter Regulation but not the former because it could only access Schengen immigration alerts if it fully participated in the Schengen regulations regarding the removal of internal border controls. This is extremely unlikely to happen given current circumstances.
The SIS II Decision allows for the sharing of “alerts” regarding five primary groups of people or objects: people wanted for arrest for the purposes of surrender or extradition (mostly related to the European Arrest Warrant); people who have gone missing; people sought for assistance with legal proceedings; people and objects who ought to be subject to covert or specific checks (i.e., police surveillance); and objects intended for seizure or use as evidence in criminal proceedings. Additionally, regulations govern the sharing of extra information between law enforcement organizations after a “hit.” For instance, UK authorities could request more information from the issuing authority if they discover that a European Arrest Warrant has been issued for a certain individual.
On the other hand, the SIS does not, as is often assumed, offer a framework for disclosing criminal histories or other types of criminal justice data, despite the EU’s establishment of additional databases and information exchange mechanisms for such data. (See my prior blog post here for more information on criminal records in particular). Expanding the SIS to include new Member States (despite the fact that a new system wasn’t actually required for that purpose) and adding new features like fingerprint storage, which will most likely be implemented soon, were the main drivers behind the creation of the second-generation system.
The Crown Prosecution Service is expected to receive more European Arrest Warrants (EAWs) to process, and EAWs issued by the UK to other Member States should be handled more quickly as a result of the UK’s participation in SIS II. Additionally, it will be simpler to determine, for instance, whether a car or passport taken in the UK has surfaced on the continent or vice versa.
Broader context
Despite the fact that the UK is only now becoming a member of SIS, the System has existed for many years and has served as a model for numerous EU initiatives in this area. The SIS proved to be a “gateway drug” among EU surveillance measures: the harmless puff that inevitably led to the crack den of the data retention Directive.
Of course, intrusions on the right to privacy can be justified in the public interest of law enforcement and ensuring public safety, provided the intrusion is proportionate and legal. The SIS is very focused in comparison to, say, the data retention Directive and the proposed passenger name records system, concentrating solely on those people engaged in criminal justice procedures, police surveillance, or who are prohibited from entering EU territory. As a result, the system’s legitimacy depends on how accurate and legal the personal information it contains is, as well as the related data protection regulations. On this subject, the EU and national data protection authorities have reported that many individuals are unaware of the SIS II data held about them. They have created a guide to help them access their information stored in the system.
There is a fundamental conflict between the EU’s objective to establish the highest data protection standards in the world on the one hand and its development of numerous massive databases, information exchange systems, and surveillance laws on the other. It is as if the minds of the utilitarian Jeremy Bentham and the libertarian John Stuart Mill were vying for control of the same body, compelling it to draft blueprints for the Panopticon at the same time that it was storming the Bastille. If this conflict were portrayed in fiction, it would probably take the shape of a comedy about a vegetarian butcher or a chaste porn star. However, it is no laughing matter that we must guarantee that efforts to safeguard our security do not also destroy all of our freedoms.
*This blog post is linked to ongoing research on the upcoming 4th edition of EU Justice and Home Affairs Law (forthcoming, OUP).
Image credit: nytimes.com
Barnard & Peers: chapter 25