The background to the complaint

1. The complaint, submitted to the Ombudsman by an MEP in June 2013, concerned Europol's refusal in August 2012 to grant public access, under Europol's rules on public access to documents, to a document related to the implementation of the EU-US Terrorist Finance Tracking Program (TFTP) Agreement[1]. The document is a March 2012 report of an audit carried out in November 2011 by Europol's Joint Supervisory Body (JSB)[2].

The inquiry

2. The Ombudsman opened an inquiry into the complaint and identified the following allegation and claim:

1) Europol wrongly refused public access to the JSB report in question.

2) Europol should reconsider its decision and grant full or partial access to the report.

3. Europol refused public access to the report arguing that one of the exceptions to access, set out in the rules adopted by the Europol management board on access to Europol documents[3], applied. In order for the Ombudsman to be able to determine whether these rules had in fact been correctly applied by Europol, the Ombudsman informed Europol that she needed to inspect the report. The Ombudsman's Statute entitles the Ombudsman to carry out such an inspection[4].

4. In the course of the inquiry, the Ombudsman received the opinion of Europol on the complaint and, subsequently, the comments of the complainant in response to Europol's opinion. Europol also cooperated with the Ombudsman by agreeing, in advance, the necessary security arrangements so as to enable the Ombudsman's services to inspect the document in question.

5. At the same time, Europol informed the Ombudsman that "technical modalities"[5] agreed between the European Commission and the US under the TFTP Agreement required Europol to obtain the permission of the US authorities before showing the document to the Ombudsman. Europol therefore asked the US authorities to agree that the Ombudsman should be allowed to inspect the document.

6. The US authorities then refused Europol's request to let the Ombudsman inspect the document. They argued that "the decision by the JSB to draft, without US knowledge or consent, a classified report and then circulate a public [summary] of that report without prior written authorization from the information owner (in this case the Treasury Department) breached the security protocols associated with the TFTP. In light of this experience, we are concerned that further sharing of US classified information beyond what is authorized in the TFTP Agreement may potentially undermine the relationship of trust needed to share sensitive information between enforcement agencies."  

7. In light of the above, Europol therefore decided that the inspection by the Ombudsman could not take place.

8. The Ombudsman then met with the US ambassador to the EU to ensure that the US authorities were fully aware of the European Ombudsman's role under the EU Treaties. At this meeting, the US authorities continued to refuse to allow the Ombudsman to see the document. The Ombudsman notes, in this context, that the document is a report drafted by an EU body, the JSB, relating to how data concerning EU citizens and residents is transferred to the US.  

The Ombudsman's assessment

9. The Ombudsman acknowledges that Europol has fully cooperated with her services throughout the inquiry. In particular, the Ombudsman notes that Europol did its utmost to convince the US authorities of the necessity for the Ombudsman to inspect the document concerned.

10. In carrying out inspections, the Ombudsman and her staff are subject to a legally enforceable duty of confidentiality. The document concerned, and its contents, would thus not have become available to the complainant, or to any third party, as a result of an inspection by the Ombudsman. Europol and the Ombudsman made this important procedural safeguard abundantly clear to the US authorities. Notwithstanding these firm reassurances, the US authorities refused to agree that the Ombudsman could inspect the document.

11. The TFTP Agreement provides, in Article 4(9), that the parties shall "jointly coordinate with regard to the technical modalities necessary to support the Europol verification process" (that is, the process by which Europol verifies that a US request for data necessary for the purpose of the prevention, investigation, detection, or prosecution of terrorism or terrorist financing, complies with a number of requirements set out in the TFTP Agreement). The Ombudsman understands that such technical modalities were negotiated and agreed upon by the Commission and the US authorities immediately after the TFTP Agreement came into force. The US authorities consider that these technical modalities are legally binding on the EU.

12. Point d), paragraph 6, of the technical modalities sets out that "no information transmitted by the U.S. Treasury Department, including information regarding types or categories of messages, is permitted to be shared either with EU Member States or with other parties without the express written authorization of the U.S. Treasury Department".

13. The Ombudsman notes that the "technical modalities", which were negotiated and agreed upon by the Commission, were never approved by the EU legislator, namely by the Council and the Parliament.

14. In this context, the key question is whether the provisions of the "technical modalities" are indeed legally binding on the EU in the same way as are the terms of the TFTP Agreement itself. If they are legally binding, notwithstanding that they have not been approved by the Council or by Parliament, the US authorities would indeed have been granted a legal right to prevent the inspection of the document by the Ombudsman.  

15. The Ombudsman notes that it is arguable that an international agreement can be considered invalid only when it is agreed upon in manifest violation of internal laws of fundamental importance regarding competence to conclude international treaties.[6] It is arguable that the Commission had the legal competence to negotiate and agree on the "technical modalities". It is thus arguable that the Commission was not acting outside its legal competences when it agreed upon the technical modalities with the US authorities.

16. As the US authorities refused Europol's request to allow the Ombudsman to inspect the JSB report, the Ombudsman has not been able to determine whether the content of the report justified the refusal to make the report public. It has therefore become impossible for the Ombudsman to inquire further into this case. The Ombudsman therefore has no alternative but to close the case, and to communicate her concerns to the European Parliament in order to allow Parliament the opportunity to consider the appropriate action to take.

Concluding remarks

17. Given that the "technical modalities" negotiated and agreed upon by the Commission allow for the setting aside of the Ombudsman's right to inspect documents, and given that the "technical modalities" have thereby prevented the Ombudsman from carrying out her inquiry in the present case, the Ombudsman is concerned that the  Commission ever agreed to these "technical modalities". She notes that the Commission did not choose to submit these "technical modalities" to the EU legislature, namely to the Council and the European Parliament, for their approval. She thus considers that the manner in which the "technical modalities were adopted, even if their adoption were considered to be formally "legal", reflects a democratic deficit at the level of the EU which must be addressed.  

18. The Ombudsman notes that the technical modalities set out that they "may be subject to modifications, as necessary". Therefore, it is certainly open to the Commission to seek to renegotiate the technical modalities, including the terms which purport to prevent the Ombudsman from exercising her powers of inquiry.

19. Separate from the above, the Ombudsman also notes the fact that the complainant, a Member of the European Parliament, felt the need to invoke the right of public access to documents in an effort to exercise scrutiny over Europol’s activities under the TFTP Agreement. In at least some EU Member States, as well as in the United States, there are arrangements that allow the Legislature, through specially constituted Committees, to obtain access to secret information in order to be able to exercise proper democratic scrutiny of the Executive. Neither the TFTP Agreement nor the technical modalities, however, refer to scrutiny by the European Parliament (the TFTP Agreement merely provides for Parliament to receive reports of joint reviews carried out by the Commission and the US authorities[7]).

20. In light of all of the above, the Ombudsman suggests that Parliament may wish to consider the various issues raised in this case. These include whether it is acceptable for arrangements to be agreed with a foreign government which have the consequence of undermining mechanisms established by or under the EU Treaties for the control of EU executive action. Parliament may also wish to consider recommending that any future TFTP agreement, or any other similar agreements to be entered into in future, should contain a specific provision to ensure adequate scrutiny of EU executive action by EU control bodies.

21. The Ombudsman has written to the President of the European Parliament, drawing his attention to the above.

Conclusion

On the basis of the inquiry into this complaint, the Ombudsman closes it with the following conclusion:

No further inquiries by the Ombudsman are possible into the present case.

The complainant and Europol will be informed of this decision.

Emily O'Reilly