National Programmes for Mass Surveillance of Personal Data in EU Member States and their Compatibility with EU Law
In the wake of the disclosures surrounding PRISM and other US surveillanceprogrammes, this study makes an assessment of the large-scale surveillancepractices by a selection of EU member states: the UK, Sweden, France,Germany and the Netherlands. Given the large-scale nature of surveillancepractices at stake, which represent a reconfiguration of traditional intelligencegathering, the study contends that an analysis of European surveillanceprogrammes cannot be reduced to a question of balance between dataprotection versus national security, but has to be framed in terms of collectivefreedoms and democracy. It finds that four of the five EU member statesselected for in-depth examination are engaging in some form of large-scaleinterception and surveillance of communication data, and identifies parallels anddiscrepancies between these programmes and the NSA-run operations. Thestudy argues that these surveillance programmes do not stand outside therealm of EU intervention but can be engaged from an EU law perspective via (i)an understanding of national security in a democratic rule of law frameworkwhere fundamental human rights standards and judicial oversight constitute keystandards; (ii) the risks presented to the internal security of the Union as awhole as well as the privacy of EU citizens as data owners, and (iii) the potentialspillover into the activities and responsibilities of EU agencies. The study thenpresents a set of policy recommendations to the European Parliament.