Will border safety be at risk if the UK loses access to a vital EU database of wanted persons and police alerts, asks Monica Horten (LSE)?
Parliamentary Committees heard last week that instantaneous border security checks via the vital Schengen Information System (SIS II) database are likely to cease from 1 January. Evidence given to Parliamentary committees reveals a lack of preparedness and no alternative system on the same scale. Is losing access inevitable or is it a political decision?
SIS II is a vital component of our national security. It has over 90 million alerts from 31 countries. More than 600 million checks are made by UK authorities. Losing access would leave a significant ‘capability gap’ in the IT functionality serving the UK’s border and law enforcement authorities. What’s at stake is the UK’s ability to keep its borders safe. Specifically, this concerns the ability to identify terrorists, sex offenders and other criminals who are wanted in other European countries and stop them at the border. In a normal year, 140 million people travel to the UK from abroad. A majority of the 600+ million UK accesses are likely to be at the border. A fast automated system is required to carry out checks at that scale.
In the House of Commons Home Affairs Select Committee last week, Kevin Foster, the Home Office Minister responsible for border security, gave evidence about his department’s readiness to have an alternative to SIS II in place at the border from 1 January. He was asked several times by the Chair, Yvette Cooper, what was being implemented and what database would be available. Neither the Minister nor the Home Office officials were able to give reassurance that there would be a suitable alternative database system in place. Mr Foster said merely that there would be ‘domestic fallbacks’ and alternative arrangements. Home Office officials were also unable to provide further information, although they did say they would ‘get back’. The Home Office did say they ‘intended’ to use the Interpol system, but could not confirm whether it would be able to conduct real-time checks like SIS II. Based on the evidence given by the former head of the National Crime Agency, David Armond, to the Foreign Affairs Committee on 20 October, the Interpol system does not have the sophisticated functionality of SIS II and would not be as effective.
Yvette Cooper commented that the Minister had failed to describe the scale of the operational challenge. She concluded: “Currently, as the Minister responsible, you do not seem to even know what work is being done to keep our borders safe. You do not seem to be able to describe the scale of the challenge in terms of losing this crucial information about people who may be involved in serious organised crime, people who may be sex offenders or people who may be involved in extremism, and you cannot describe to us any new alternative database that might have this information on it so that Border Force can take these crucial decisions. “ […] “I slightly despair about the lack of reassurance you are able to give us about what practical measures are going to be in place to keep our borders safe,” she said.
Evidence from law enforcement officers, heard in the House of Lords Security and Justice Committee, suggested that the loss of SIS II access will create a ‘capability gap’. Any alternatives would be slower, more bureaucratic and ‘more clunky’. Sir Rob Wainwright, former head of Europol, said it would be will be ‘a loss of strategic resilience’ from a perspective of counter-terrorism and tackling serious and organised crime, who increasingly operate across borders. Deputy Assistant Commissioner Richard Martin, who leads on Brexit for the Metropolitan Police, old the committee that there is an operational will to co-operate with the UK.
These evidence sessions follow a statement by Michael Gove, the Cabinet Minister responsible for the negotiations with the EU, in the House of Commons recently. Mr Gove confirmed to Parliament on 19th October that we would be losing SIS II access when he said, in response to former Prime Minister Theresa May: “the EU is insisting that, before we have access to systems such as the Schengen information system II, that we have to accept the jurisdiction of the European Court of Justice. We cannot accept that.” His statement begs the question of whether it was a political choice to leave SIS II?
Notably, Lord Frost, giving evidence to the Select Committee on the Future Relationship with the EU, on 7 October, said UK was leaving SIS II for legal reasons: “it is known that the EU takes a firm view that it is not legally possible for a non-member, non-Schengen country to join that. That is a pity. It made that clear right from the start and it appears to be a constraint, […] that appears to be a firm part of the landscape”. In other words, once the UK has left the EU, it cannot legally be allowed to access the SIs II system.
Is this the case, or might, paradoxically, both be true? The UK’s access to SIS II is facilitated under a protocol negotiated in the 1990s under the Amsterdam Treaty (See this article by Steve Peers). SIS II is the EU’s border control system for countries within the so-called Schengen area – that is the countries that have agreed to be part of an open-border regime. Those countries include two non-Member States, Norway, Iceland and Switzerland, which have separate Treaties for membership of the Schengen area. Within the Schengen area, checks at national borders have been abolished, in order to facilitate the free movement of people. However, the SIS system was developed because the EU recognised there would be a need to tackle criminal activity across borders within the Schengen area.
The UK opted out of the Schengen area right at the start back in the 1990s. The UK controls its own borders and may refuse entry to people coming here from the EU, if, for example, they are travelling on a stolen passport or are a known sex offender. However, it secured an opt-in to the aspects of Schengen relating to law enforcement and policing. The opt-in allows the UK to join law enforcement and security co-operation mechanisms, and so for example, it is part of the European Arrest Warrant system that facilitates extradition. Hence, the UK only has access to the law enforcement elements of SIS II.
SIS II is governed by rules that are set out in EU law (e.g. Regulation 1862 of 28 November 2018). The law establishes, among other things, what types of data will be collected and who can access it. Access is limited to law enforcement and border control and judicial authorities. EU official information says that SIS II cost over €167 million, with the development cost alone amounting to over €85 million and the network €45 million.
SIS II is managed by Euro-LISA, an EU agency. The Withdrawal Agreement established that the UK left all EU Agencies on 31 January 2020. As from that date, the UK has been outside of all EU decision-making bodies. All of the above suggests that David Frost was correct when he said that there are legal reasons why the UK could not keep its SIS II access. The UK is able to continue using SIS II until the end of the so-called ‘transition’ period that ends on 31 December this year, but from 1 January, as things stand, it will have no access. Operationally, it would be a mammoth task to replace SIS II, with over 91 million alerts. It’s not just a matter of entering the alerts, it’s about getting them from the different countries which will need legal and operational co-operation, as well as building out the system at scale.
However, there is nothing to preclude a new arrangement being made, according to the Centre for European Reform. The Withdrawal Agreement (Political Declaration) also provided for the negotiation of a security co-operation agreement. This is highly unusual, indeed unique. It would be an opportunity for the UK to mitigate the loss of access not only to SIS II but to other databases and activities, but there is one further hurdle and it concerns data protection and human rights commitments. That is what Michael Gove means when he refers to the ECJ.
SIS II also covered by EU data protection law, under the Directive on law enforcement and privacy, which twins with the GDPR. In order to obtain SIS II access, the UK will have to abide by the same rules. In that regard, the UK needs to obtain what’s known as an ‘adequacy decision’ on its data protection regime, in order to be able to move ahead. There are already question marks around the UK’s use of bulk surveillance powers and the situation is not made easier by allegations in an internal EU document, reported by EU Observer in 2018, that UK police had unlawfully copied SIS II data. The UK will also need to give a firm and unequivocal commitment to remaining in the European Convention on Human Rights, a commitment that Michael Gove has, to date, hedged when responding to Select Committee questions. Any divergence and the EU would terminate an agreement on accessing SIS II and the same would apply to any security or law enforcement co-operation.
So indeed, there is a legal reason why the UK would lose access as a third country. On the other hand, there is an open offer to make a security agreement. Negotiations have apparently taken place. There is a choice. The loss of access looks like being a political decision. It reminds me of the Galileo satellite situation – see Ground control to Mrs May – have we lost the signal? – the UK government, huffing and puffing to leave, is failing to consider rationally what is the country’s best interest.
This post represents the views of the author and not those of the Brexit blog, nor the LSE. It also appeared on the author’s blog. Image by Elliott Killingbeck, Creative Commons Attribution-Share Alike 3.0 Unported.