As London was responding to it's fourth terrorist attack this year, David Davis announced that DexEU was drawing up proposals for a new treaty between the EU and the UK on cooperation to combat crime and terrorism. It should be clear to everyone that the security of people in the U.K. And Europe should not be compromised by Brexit. But, aside from the timing of this announcement- 6 months in to a highly pressured negotiating timetable, there are a number of issues in the current UK stance on Brexit that make this announcement difficult to deliver in practice.
David Davis says that this treaty would be based on shared standards of human rights and data protection. But he seems to have conveniently forgotten the case he initiated before the CJEU (which he withdrew from when appointed as Brexit secretary) that resulted in the CJEU finding that U.K. laws on surveillance were not compatible with EU data protection standards in December last year (the Watson judgment). A new case on the same points was referred to the CJEU in relation to the new Investigatory Powers Act just last week. The potential incompatibility of U.K. domestic legislation in this sphere with EU data protection standards causes a problem for any effective treaty with the EU. This is exacerbated by the Government's Proposals in the EU Withdrawal Bill to disapply the provisions of the EU Charter on Fundamental Rights. While many of the rights contained in the Charter are reflected in the provisions of the European Convention on Human Rights, the Charter does contain explicit protection for personal data that the CJEU has used to provide more stringent protection in the EU context. The decision not to bring Charter rights into domestic law as retained EU law in the Withdrawal Bill does not give a strong signal of an intention to remain on the same course as the EU in this area.
Similarly, the U.K.'s intransigent approach to the jurisdiction of the CJEU would make it difficult for the EU to reach an acceptable agreement in this area. Despite the rhetoric, the reality is that EU agreements with third countries have to comply with EU law and can be successfully challenged before the CJEU (for example the agreement with Canada on Passenger Name Records). The Government needs to make this clear in its stance on the CJEU if it is not to sacrifice security for domestic political posturing.
Finally, even if the issues around data protection and the CJEU could be resolved, there can be no excuse for leaving it so late to start talking about a treaty in this crucial area - over a year after the referendum result. This proposal is unprecedented and it would require significant time and attention to detail to negotiate effectively. The treaty would need to include provisions covering a wide range of aspects of cooperation set down in dozens of pieces of legislation that Theresa May, as Home Secretary, said were essential for our security. To give a sense of the scale of the task ahead, it took 13 years to negotiate an agreement with Norway and Iceland on just one issue - the surrender of persons through a system similar to the European Arrest Warrant. That agreement is not as comprehensive as the EAW and is still not in force more than three years after agreement. These are not the kind of issues that can be addressed as part of a 'quickie divorce'.
Whatever proposals DexEU can produce will need to be acceptable to the EU and in accordance with EU law as interpreted by the CJEU. It is time for the government to get serious about the implications of Brexit and to engage on the detail - sound bites and political sniping will not be enough to keep us safe after Brexit.
The Department for Exiting the European Union (DExEU) has drawn up proposals for the new treaty to give legal backing to intelligence, law enforcement and criminal justice partnerships after 2019 – the deadline for the Brexit negotiations. The department added it will release a paper calling for a “comprehensive model” for cooperation between the UK and the EU, “reflecting that Britain’s operational processes and data sharing systems are uniquely aligned with those of the EU and its member states.”