Friday 27 September 2024

So long, no thanks to all the fash: review of Character Limit: How Elon Musk Destroyed Twitter, by Kate Conger and Ryan Mac



Professor Steve Peers, Royal Holloway University of London

Photo credit: mikemacmarketing, image via vpnsrus

 

Full disclosure first: After exactly ten and a half years, I stopped posting on X (formerly Twitter) on August 10, 2024. I could not accept the owner’s view that those encouraging race riots in Britain online should not be punished, his promotion of those who held such views, or his racist memes about the British justice system that sought to bring them to account. I was not alone: X lost 30% of its UK users in the last year, and 20% of its US users. How did the supposed ‘global public square’ end up in this position?

The answer is obviously the owner, Elon Musk; and the new book by Kate Conger and Ryan Mac, Character Limit, recounts the story in detail. They divide the book into three acts. In Act One, dominated by former boss Jack Dorsey – depicted here as a diffident dude phoning in his governance from tropical islands – the story is retold until Musk makes his bid for Twitter. Act Two recounts the process of that bid, culminating in his purchase of the company. Act Three covers the subsequent developments: the frantic cost cutting, the frenzied management style, the fast-disappearing advertisers. The book ends in late 2023, with a short epilogue from early 2024 in which the authors astutely note that Musk has replaced Trump on the platform – in effect taking his place as Twitter’s main character. Musk’s personality – a fragile, petty, vicious, paranoid, narcissistic man-child – drives the narrative of the book. Musk’s legion of fanboys are frequently referred to, largely murmuring offstage like a Greek chorus manifesting as a Simpsons meme.

The book is highly readable – compelling the reader to turn its pages in much the same way that legal academic books don’t. It’s a highly personalised retelling of events, and one can easily imagine a Netflix version of its cinematic story – with its ending scene matching Hearst’s deathbed sled revelations, or Zuckerberg’s obsessive page refreshing, with Musk’s very public suggestion that advertisers “go fuck yourself”.

There’s a detailed account of sources, but in the journalistic tradition some of them are off the record interviews. One thing this academic would have liked to have seen would have been some broader analysis of why things developed as they did: was this all an inevitable consequence of the political and social media dynamics of the last few years, or an example of the (not so) great man theory of history?

If the latter, what explains Musk’s behaviour exactly? Drug use is mentioned – in a passage appearing so heavily lawyered that it has its own sharp and useless look about it. Nevertheless, the reader will notice Musk’s obvious extreme mood swings and erratic behaviour. At first, the prospect of saving Twitter financially may be have been taken seriously: the authors usefully remind the reader that Twitter often lost money even before Musk’s takeover (it also had controversies about hate speech already, and the previous management was planning to cut staff before Musk did). But that motivation is hard to take seriously for long, as advertisers (Twitter’s main source of income) started fleeing from the outset, with no lessons learned from their exit. Rather, it seems that the main incentive was Musk’s personal obsession with Twitter, also mentioned at several points; the political objectives that many have suggested are not much explored.

Having said that, this is a very readable book, for those interested in the fate of this well-known social network over the last decade. And one striking feature for this reader is the role of the law in all this.

It’s obvious throughout that Musk cares nothing, and knows less, about the law; he shares these traits with such luminaries as Donald Trump, Boris Johnson, and Dominic Cummings. Although he has an early victory when a jury inexplicably clears him of defaming a critic of his Thai cave rescue attempt as a ‘pedo’, other litigation and regulatory struggles are a constant theme. Musk is only compelled to complete his purchase of Twitter due to litigation brought by its board (bound, as the authors frequently point out, by their fiduciary duty to shareholders) to enforce the deal Musk signed without undertaking prior due diligence. Compliance with an FTC consent order regarding privacy is an ongoing issue. Massive staff cuts lead to litigation over employment law and executive compensation. Twitter stops paying Thorn – a specialist in detecting online child abuse material. Conflict with a Brazilian judge over Twitter’s refusal to take down tweets backing Bolsonaro’s coup attempt leads to well-known consequences (although they occur after the book’s finale). Refusal to pay rent sparks legal challenges worldwide. And having cancelled the cleaners and crammed staff into less space in Twitter’s headquarters to save on office costs, the washrooms are soon overused. As cockroaches scuttle from the drains, desperate staff bring toilet paper from home or flee to nearby coffee shop loos to avoid those in Twitter offices. Cory Doctorow famously developed a thesis about the ‘enshittification’ of online businesses; he probably never expected it to be quite so literal.

I think it’s possible that future brushes with the law will concern in particular the EU’s Digital Services Act (DSA) – which, in a remarkable coincidence, was published in the EU’s Official Journal on the same day that Musk completed his takeover of Twitter. X is already the subject of the first preliminary findings of a breach of the Act on some issues, and investigations into further issues – including illegal content, the one thing that could get X suspended in the EU – are ongoing. I wonder if the risk assessments required by the Act should take specific account of the personal behaviour of the owner of a very large online platform – given Musk’s direct role in spreading disinformation and the negative effect of his posts on civic discourse, electoral process and gender-based violence. Recently, Musk threatened to give Taylor Swift a baby; but regulators gonna regulate.

A particular issue throughout the book – and an implied obligation under the DSA – is content moderation. It raises a series of inherent contradictions. Reflecting the sometimes conflicting human rights of freedom of expression and equality, the DSA requires very large online platforms to ensure free speech while considering the need to limit it. As for users, the book makes clear that content moderation repels free speech advocates while attracting opponents of hate speech; it costs money but its absence loses revenue, as advertisers are alarmed to see their ads appearing next to Nazis. But it is also clear from the book that Musk’s supposed free speech fundamentalism is hypocritical, as he bans and fires critics while acceding to censorship demands of the Indian government. As so often with authoritarians, there is an in-group which the law protects but does not bind – and an out-group which it binds but does not protect.

One final thought about the consequences of unlimited speech, returning to the reason why I stopped posting on the platform. When defending the ‘rights’ of those encouraging race riots in Britain, Musk and his fans compared those supporting limits on such speech to communists and Nazis. Let’s put this in historical context. After I flew to Vienna for a holiday after departing X, I visited the Sigmund Freud museum and was struck by the fact that his four sisters, staying behind in Vienna after he fled to London, all died in 1942-3. Their deaths were not caused by those who tried to censor Nazis, but by the Nazis themselves. And the postwar allies were not confused about this: Julius Streicher was tried, convicted and executed at Nuremberg for publishing the extremely anti-semitic Der Sturmer. Incitement played a role in the Holocaust. Words have consequences; and the real extremists are those who demand that the advocacy of hatred and violence should not be effectively limited.

Tuesday 30 July 2024

Bringing a claim of compensation for harm suffered as a result of alleged psychological harassment by the Head of Mission and his Deputy before the EU Courts: Montanari v Eucap Sahel Niger (Case T-371/22)

 

 

 

Antje Kunst*

* Antje Kunst is an international lawyer and barrister of a UK based Chambers, specialised in EU and international public law, human rights and litigation. She is admitted to the Bar of England and Wales, and the Bar of Berlin, advising and representing individuals in a wide range of matters including in staff disputes with EU missions and agencies before the EU Courts. She has appeared in numerous cases before both the Court of Justice and the General Court, within the Court of Justice of the European Union.

Photo credit: European Commission, via Wikimedia Commons

 

Introduction

On 17 July 2024 in Montanari v Eucap Sahel Niger (Case T-371/22)** the General Court ruled it has jurisdiction regarding a claim for compensation brought by a former staff seconded by a member state to Eucap Sahel Niger, an EU Mission established under the Common Foreign Security Policy (CFSP). This ruling on jurisdiction is  based on an important Grand Chamber judgment H v Council et al,  Case C- 455/14 ECLI:EU:C:2016:569.

Related to the substance of the case the General Court applied by analogy provisions of the EU Staff Regulations  to the dispute. EU Staff Regulations are not applicable to EU staff seconded by a member state to an EU Mission. Applying the EU Staff Regulations in analogy was based on the principle of equal treatment. In this respect the General Court followed its own case law, as established in H v Council in Case T-271/10 RENV II ECLI:EU:T:2020:548.

There is hardly any case law by the General Court regarding actions against EU missions by seconded staff from member states. Consequently, its judgment in Montanari holds significant importance, considering also that the majority of personnel in EU missions are seconded by member states.

The Montanari case represents yet another instance where the General Court had to address multiple jurisdictional and admissibility issues, despite well-established case law on certain aspects. Nonetheless, the General Court's detailed response to the defendant's plea of lack of jurisdiction and the pleas of inadmissibility will undoubtedly be useful for future similar cases brought by seconded staff to EU missions.

The clarifications by the General Court will hopefully dissuade EU missions from raising such pleas in the future, allowing the Court to focus its judicial review on substantive matters, as it regularly does in EU civil service cases brought under Article 270 TFEU. Ultimately, this would allow the EU judiciary to deliver judgments in these types of cases more swiftly, which are EU civil service type staff disputes, resulting in faster dispute resolution for the parties and reduced litigation costs for the applicants.

The Montanari case offers valuable insights into how the General Court will address the merits of similar cases in the future, including which set of rules it will apply and how it will interpret those rules in relation to seconded staff. This may include staff’s fundamental rights under the Charter, the Code of Conduct applicable to all staff serving in EU missions, seconded or contracted, the operational plan of EU missions (‘OPLAN’) and provisions of the EU Staff Regulations (see the reference to these rules in para. 209 of the Judgment).

Further the General Court’s judgment makes clear that it will apply the case-law specific to the EU civil service having similar staff disputes to staff seconded to EU Missions (see para. 224 of the Judgment).

It is highly desirable for the General Court's judicial review process to eventually align closely with its review of cases brought by civil service litigation pursuant to Article 270 TFEU. Such alignment would ensure consistency, predictability, and fairness in the adjudication of disputes involving staff seconded by member states, thereby strengthening the legal framework governing EU missions.

The unsuccessful plea of lack of jurisdiction – no complaint relating to the secondment

Eucap Sahel Niger argued that the General Court does not have jurisdiction to hear the action because the applicant performed the duties of political adviser within the Mission as an expert seconded by the Italian Ministry of Foreign Affairs, in accordance with Article 7(2) of Council Decision 2012/392/CFSP of 16 July 2012 on the European Union CSDP mission in Niger. This provision foresees that it is for the seconding Member State to respond to any complaint relating to the secondment to an EU Mission, and for complainants to bring any action against the Member State. But the applicant’s complaint did not relate to his secondment as such – so the position was similar to that of H, the applicant in the Grand Chamber case H v Council et al, who was a former seconded member of staff of the EU Police Mission in Bosnia who was complaining about her subsequent redeployment after being seconded.

The applicant’s complaint in the case at hand was about alleged psychological harassment by the Mission’s leadership, which is a matter for the EU Courts. The problem was that for staff seconded to EU missions, there was no legal basis for the EU Courts to review staff management acts of EU missions – like Article 270 TFEU, which would otherwise apply to staff under the EU Staff Regulations.

The Grand Chamber Judgment in H v Council et al recognized that H, a prosecutor and her colleagues seconded to EU missions, faced a gap of judicial protection. The Court of Justice rightly decided to step in to close this gap to ensure a “complete system of legal remedies and procedures”. It determined that it has jurisdiction for actions by seconded staff challenging acts of EU missions pursuant to Article 263 TFEU and seeking compensation based on Article 268 and 340 TFEU from them, taking into account its role under Article 19(1) TEU to ensure that ‘the law is observed’ and the fundamental right of effective judicial protection pursuant to Article 47 of the Charter of Fundamental Rights. This guaranteed that the acts of EU missions involving seconded staff do not escape judicial review and ensuring compliance with EU law.

After 2016 no seconded staff to an EU Mission has ever brought a complaint based on the Grand Chamber’s important ruling, Mr. Montanari is the first applicant. However, the landmark ruling of the Grand Chamber has been applied by analogy in subsequent cases (e.g., SatCen v KF, Case C‑14/19 P, ECLI:EU:C:2020:492 and discussed extensively in literature as for example here and here.

In the case at hand the General Court delved into the Mission’s jurisdictional arguments but dismissed them based on the H v Council et al judgment, accepting jurisdiction pursuant to Articles 263, and 268 and 340 TFEU, ‘taking into account Article 19(1) TEU and Article 47 of the Charter’ (see paras. 40-55 of the  Judgment).

Furthermore, it dismissed the Mission’s position that the national courts, here the Italian courts, have jurisdiction.  It agreed with the applicant that his claim before the EU Court was not about his secondment by the Italian Government but about alleged misconduct by the EU mission, alleged psychological harassment by the Mission’s leadership. That is why as in H’s case national courts do not have jurisdiction.

Legal interest for annulment of rejection of request for compensation

The applicant sought under Articles 268 and 340 TFEU compensation for alleged damage resulting from psychological harassment and violations of the right to good administration and the duty to have regard to the welfare of officials.  Equally he sought the annulment of the Mission's decision rejecting his claim for compensation based on Article 263 TFEU.

The General Court clarified, based on its case law, that claims seeking annulment of the refusal of an EU body to grant compensation which a claimant also asserts under Articles 268 TFEU and 340 TFEU, must be dismissed as inadmissible. That is why the Court held that the applicant had not justified a legal interest in seeking, in addition to his claims for compensation, the annulment of the Mission's decision rejecting his claim for compensation. Accordingly, the application for annulment was dismissed as inadmissible. (paras. 58-66 of the Judgment)

Unsuccessful plea of inadmissibility that certain acts are not attributable to the Mission

Mr. Montanari alleged not only that the EU Mission took decisions in relation to him which constituted psychological harassment, but also that the Mission's Civilian Operations Commander (see explanations on his or her role here) had breached the right to good administration and the duty to have regard for the welfare of officials when dealing with his reports of psychological harassment which he had made against the Head and Deputy Head of Mission. The Mission’s response to this was that Mr. Montanari had complained of actions or inactions of the Civil Operations Commander which were not attributable to it.

The General Court rejected this and found that the applicant was right to bring his action for damages against the Mission also regarding the failings of the Civilian Operations Commander.

This is a correct finding as the Civilian Operations Commander exercises command and control of the Mission at the strategic level, and he ensures at theatre level the proper and effective implementation of the Council's decisions and those of the Political and Security Committee (PSC), see also here.

Additionally, the Code of Conduct applicable to seconded staff across EU missions establishes a specific complaint mechanism directed to the Civilian Operations Commander for allegations of misconduct against a Head of Mission and their Deputy. In this context, it can be said that the actions or inactions of the Civilian Operations Commander effectively represent the actions and inactions of the Mission itself. (see paras. 67-87 of the Judgment)

Applicability of EU Staff Regulations to disputes between secondees and EU missions

After having concluded that the claim for compensation was admissible, the General Court went on to review in an elaborate manner the merits of the claim, examining in detail the applicant’s allegations of psychological harassment and the failings of the mission in this regard. (see paras.111-321 of the Judgement)

The General Court emphasized importantly that staff seconded to EU Missions by Member States, although not governed by the EU Staff Regulations pursuant to Article 270 TFEU, are nonetheless subject to the same rules as those applicable to staff seconded by the EU institutions, i.e. the EU Staff Regulations. (para. 117 of the Judgment).  It rightly ruled that the applicant must benefit from the same level and the same rules of protection against psychological harassment.

‘By virtue of the principle of equal treatment, the General Court is required to apply to the applicant's situation, by analogy, the provisions of the Staff Regulations relating to psychological harassment and the functional protection of officials and temporary or contract staff and the case-law based on those provisions’ (Para. 125 of the Judgement)

Also for the duty to have regard for the welfare of officials  the General Court reiterated that

‘the principle of equal treatment requires application by analogy to the case of national staff seconded to a body or agency such as a Mission of certain provisions of the Staff Regulations and the case-law specific to the matter of the European Union civil service, where such staff are placed in a situation comparable to that of staff subject to the Staff Regulations and the difference in situation between the two cannot objectively justify the former not benefiting from the same level and rules of protection as the latter when carrying out their duties in the theatre of operations.’ (Para. 224 of the Judgement)

Following a thorough examination of the facts, reviewing the alleged infringements of Montanari’s rights as set out inter alia in the EU Staff Regulations and the EU Charter (e.g., related to psychological harassment), taking into account the OPLAN and the Code of Conduct in light of its settled case law on EU staff cases, the General Court partially ruled in favour of the applicant. It determined the matter as it would have done in a typical EU civil service case, awarding him €6,000 for non-material damages.

Conclusion

The Montanari Judgment serves as a critical reminder to the highest levels of the European Union (EU) Missions, including the Civilian Operations Commander that there is a court before they can, and should, be held accountable for any actions or inactions that contravene EU law. It highlights the EU judiciary's role in ensuring compliance and accountability within EU Missions.

Moreover, the Montanari Judgment opens the door for the potential judicial review of any staff misconduct by or against a seconded staff member as set out in the Code of Conduct whilst in the performance of their duties in the ‘theatre of operations’. Such case law ensures that EU Missions and their staff operate within the bounds of EU law, reinforcing the principles of transparency and accountability that are fundamental to the effective functioning of EU missions.

**Citations of findings of the General Court are unofficial translations.

 

Wednesday 24 July 2024

A ‘conditional payment’ is still a payment: the Court of justice rules again on online order buttons (Case C-400/22, Conny)

 


 

Alessandra Fratini and Giorgia Lo Tauro, FratiniVergano European Lawyers

Photo creditNamakkalshowroom, via Wikimedia Commons

 

 

Introduction

On 30 May 2024, the Court of Justice of the European Union issued its judgment in Conny (Case C-400/22), which concerned the labelling requirements for online order buttons under Article 8 of the Consumer Rights Directive (Directive 2011/83). The Court ruled that the order button, or any similar function on an online platform, must clearly indicate that by clicking on it the consumer commits to a payment obligation, even if the obligation is subject to further conditions.

The paragraphs below, after a short overview of the case-law touching upon Article 8, review the peculiarities of the Conny case and the findings of the Advocate General and the Court, and conclude on  the importance of consumer rights’ awareness in online transactions.

 

Article 8(2) and the earlier case-law

The Consumer Rights Directive aims at approximating Member States’ provisions related to contracts concluded between consumers and traders, to contribute to the proper functioning of the internal market through the achievement of a high level of consumer protection (Article 1). To this purpose, its Article 8 sets ‘formal requirements for distance contracts’, also when concluded by electronic means, that traders shall comply with.

Under Article 8(2), first subparagraph, if the contract places the consumer under an obligation to pay, the trader shall make the consumer aware ‘in a clear and prominent manner’, and directly before placing the order, of the related information (i.e., the main characteristics of the goods or services, the total price, the duration of the contract and, where applicable, the minimum duration of the consumer’s obligations), making sure that the consumer, when placing the order, is explicitly aware that such an order implies an obligation to pay. The second subparagraph clarifies that ‘[i]f placing an order entails activating a button or a similar function, the button or similar function shall be labelled in an easily legible manner only with the words ‘order with obligation to pay’ or a corresponding unambiguous formulation indicating that placing the order entails an obligation to pay the trader. If the trader has not complied with this subparagraph, the consumer shall not be bound by the contract or order’ (for ease of reading, the following references to Article 8(2) shall be read as to the second subparagraph).

Despite its intended clarity, this provision raised interpretative doubts which were submitted to the Court before Conny. In Fuhrmann-2 (Case C-560/20), the Court addressed for the first time the interpretation of the formal requirement related to the ‘order button’ laid down in Article 8(2). The case concerned the booking of hotel rooms in Germany via an online accommodation booking platform: the hotel charged a cancellation fee to a consumer who, after having clicked on the ‘I’ll reserve’ button, entered personal details of the guests and then clicked on a button labelled with the words ‘complete booking’, had not showed up on the planned day. For the purpose of determining whether a formulation displayed on the order button such as ‘complete booking’ could be considered as ‘corresponding’ to the words ‘order with obligation to pay’ according to the Consumer Rights Directive, the referring court asked the Court whether only the words appearing on that button or the overall circumstances of the booking process should be taken into account.

The Court relied on the systematic interpretation of the provision and insisted on the objectives of the Consumer Rights Directive. It first explained that the formulation ‘order with an obligation to pay’ laid down in Article 8(2) serves as an example, so that Member States are permitted to allow traders to use any other corresponding formulation of their choice, provided that it is unambiguous and entirely clear as to the creation of an obligation to pay (paras. 26-27). It went on to clarify that it is the button or similar function that must be labelled with such a formulation, so that only the words appearing on that button or similar function must be taken into account for determining whether the trader has fulfilled its obligation to ensure that the consumer explicitly acknowledges that the order implies an obligation to pay, emphasising the consumer’s attention in that respect, as required by recital 39 of the Directive (paras. 28-29). Taking the objective of the Directive into account, which is to guarantee a high level of consumer protection as regards information, the Court found that ‘it would effectively undermine that objective if, when activating a button or similar function, the consumer were required to infer from the circumstances of that process that he or she was giving a binding undertaking to pay, although the words appearing on that button or similar function are not such as to enable the consumer to identify such consequences with absolute certainty’ (para. 30).

In Sofatutor (Case C-565/22), which concerned the interpretation of the right of withdrawal (Article 9), the Court reiterated the importance of information and formal requirements for distance contracts. By clarifying that the consumer’s right to withdraw from an initially free subscription made via distance contract is guaranteed only once, the Court specified that this is only the case if the consumer, when concluding that contract, has been informed in a clear, comprehensible and explicit manner by the trader that, after that initial free period, payment will be required for the performance of services (paras. 50-51). It repeated the traders’ obligation to ensure that the consumer explicitly acknowledges that the order implies an obligation to pay (via a button or a similar function). In the absence, the consumer is not to be bound by the contract or order (para. 45).

 

The peculiar ‘condition’ of the Conny case

In Conny, the Court was called again to rule on the ‘button or a similar function’ indicating the obligation to pay the trader. Interestingly, different from the cases above, in Conny it was not the consumer but a third party, who was interested in questioning the validity of a contract concluded by the former with a trader, that had invoked consumer protection rules.

Conny is a debt recovery company governed by German law. It offers a service whereby tenants may enter into an agency contract via its website and assign their rights to reclaim any overpayments of rent (i.e., in case the maximum rent ceiling under national law is exceeded) in favour of Conny, who shall attempt to reclaim such overpayments from landlords on the tenant’s behalf. To enter into the agency contract on Conny’s website, tenants must tick a box to approve the general terms and conditions, where reference is made to the pecuniary nature of the contract (tenants must pay the company a third of the annual rent saved, where the company’s attempts to assert their rights are successful) and then click on a button to place the order. So did the tenant in this case, who also signed a form provided by Conny (‘Confirmation, power of attorney and assignment, authorisation’), which did not contain any information on obligation to pay on the tenant’s part (para. 14 of the judgment).

Conny asserted the tenant’s rights against the landlords. In the ensuing dispute, the latter claimed that Conny could not act on behalf of the tenant because the agency contract was ‘null and void’ (para. 18 of the judgment), since it did not comply with the formal requirements laid down in the national law transposing the Consumer Rights Directive (Section 312j (3) and (4) BGB, which requires the fulfilment of the trader’s obligation in order for the contract to be validly in place). In particular, the order button was not labelled with an explicit mention of the obligation to pay associated with the order.

In those circumstances, where the contract concluded at a distance entailed only a possible obligation to pay on the part of the consumer, i.e. that obligation was subject to the fulfilment of certain future conditions, the referring court had doubt as to the applicability of the formal requirements under Article 8(2) concerning the order button, and referred that question to the Court of justice. The referring court also underlined that the transposing legislation was not interpreted uniformly in national case-law (para. 22 of the judgment).

 

The Opinion of the Advocate General: ‘protective nullity’ and consumer protection at all costs

The Advocate General took into account the peculiarity of the case, including the fact that consumer protection was invoked by a third party against the validity of a contract concluded by a consumer seeking protection. In his Opinion, he noted that, in the event that the contract was considered invalid due to order button lacking any explicit mention of the obligation to pay, it was also necessary to ascertain whether the applicable national provision, according to Article 8(2) of the Directive, allowed the referring court to maintain the effects of the contract where the consumer objects to the disapplication of the disputed clause (para. 22 of the Opinion). In fact, under Section 312j(4) BGB, contracts shall be formed ‘only if’ traders fulfil the required obligation. Against this background, the Advocate General identified two legal issues to be examined in order to answer the preliminary question: (a) whether the ‘conditional payment’ case falls within Article 8(2) of the Directive; and (b) if so, the effects of the infringement of the requirement laid down therein on the signed contract, especially as regards the consumer’s will and the standing of a third party to rely on the possible invalidity (para. 24).

In addressing the first issue, the Advocate General found that both the textual and systematic interpretation and the objectives of the Directive lead to the same solution: the formal requirements of Article 8(2) also apply where the payment is subject to the fulfilment of a specific condition outside the consumer’s sphere of influence (para. 38). And this is because the contractual relationship, which is the legal condition of the obligation to pay, arises at the moment at which the consumer manifests the will, i.e. the click on the button to sign the order (para. 44). This view would also be supported by an interpretation based on the effectiveness of the provision: compliance with formal requirements even in the case of ‘conditional payment’ is the only way of ensuring sufficient information and safety in commercial relations between consumers and traders, otherwise the scope of the protection established by the Directive would be undermined (para. 45), while no extension of the text of the button in cases of conditional payments is needed to accomplish the requirement (para. 48).

As regards the second issue, i.e. the effects of the infringement of the requirement on the validity of the main contract, the Advocate General recalled that according to settled case-law of the Court ‘unfair terms must not be applied, unless the consumer objects’, otherwise this would have distortive effects vis-à-vis the purpose of the Directive (para. 52), and that the scope of Article 8 is not unconditional, but is limited by the will of the consumer (para. 53). Therefore, in the Advocate General’s opinion, since the invalidity of the term is specifically designed for consumer protection, and ‘the invalidity provided for in the consumer protection directives may be attributed to the category of ‘protective nullity’, irrespective of the exact classification under national law,’ the referring court shall take its decision in accordance with the wishes of the consumer, i.e. even maintaining the effects of the term and the contract’ (para. 55). On this point, the Advocate General addressed the question of the differences in wording between the national provision and the Directive and concluded that it is for the national court to ascertain, by considering the whole body of domestic law, whether an interpretation of national law in conformity with the wording and spirit of Directive is possible. Guided by the consumer’s wish to remain bound by the order placed on the trader’s website, the Advocate General also suggested that the referring court interpret national law in line with the possibility of maintaining the effects of the contract at issue (paras. 57-61).

The twofold analysis proposed by the Advocate General paved the way for a consumer protection-oriented interpretation of Article 8(2), while at the same time paying due attention to the effective protection of the consumer in the case pending before the national judge.

 

Judgment of the Court: a consumer protection-oriented interpretation and the relevance of the consumer’s will

In its judgment, the Court followed the Advocate General’s Opinion and confirmed the consumer protection-oriented approach when it comes to online contracts.

The Court recalled the case-law on the formulation on the order button or similar function, that shall clearly indicate the obligation to pay, and added that the formal requirement under Article 8(2) ‘does not make any distinction between payment obligations subject to conditions and those which are unconditional. On the contrary, it is apparent from that wording that the obligation to provide information laid down in that provision applies since an order placed ‘implies’ an obligation to pay. Consequently, it may be inferred therefrom that the obligation on the trader to inform the consumer arises when he or she agrees to be bound by an irrevocable obligation to pay in the event of satisfaction of a condition over which he or she has no control, even if that condition has not yet been satisfied.’ (paras. 46-47). A different interpretation would lead to the trader being required to fulfil the information obligation not while the consumer can still abandon the order, but only subsequently, when payment becomes due, therefore allowing the trader to disregard such an obligation at the very time when it may prove useful to the consumer (paras. 52-53). Therefore, the Court concluded that the obligation on traders under Article 8(2) also applies in cases of conditional payments.

In addition, on the second issue identified by the Advocate General, the Court clarified that the requirement under Article 8(2) merely provides that the consumer is not bound by the contract concerned, and this does not affect the national rules on the validity, formation or effect of a contract, according to Article 3(5) of the same Directive. Therefore, without prejudice to the interpretation given by the Court to the provisions of Article 8(2) of the Directive, the consumer in the main proceedings may decide to maintain the effects of the contract or order which was not binding, because of the failure of the trader (paras. 54-55), in so far as it, in essence, best serves the rationale of the Directive, namely consumer protection.

 

Concluding remarks

In a nutshell, the judgment restates the Directive’s aim of ensuring a high level of consumer protection in online transactions, by requiring the unambiguous acknowledgment of payment obligations by consumers for them to be bound, irrespective of the conditions which the payment is subject to.

It validates the importance of awareness of, and compliance with, EU consumer protection rules for both consumers and traders when concluding distance contracts. At the same time, it highlights the prominence of the consumer’s will, which national courts shall take into account in cases where the contract or order, because of the trader’s failure to comply, is not binding on the consumer.

 

Thursday 18 July 2024

A Dilemma of Two Communities: How the Portuguese-speaking Countries Mobility Agreement Might be Conflicting with EU Law

 


 

Ana Rita Gil*, Aylin Yildiz Noorda** & Lucas Ricardo***

 

* Professor, Law Faculty of the University of Lisbon, Portugal. Researcher at the Lisbon Public Law. Email: anaritagil@fd.ulisboa.pt.

** Postdoctoral Researcher at the Lisbon Public Law Research Centre, University of Lisbon, Portugal / Non-resident Research Fellow at the World Trade Institute (WTI) and the Oeschger Centre for Climate Change Research (OCCR), University of Bern, Switzerland. Email: aylin.yildiz@wti.org. This research has been funded by the Swiss National Science Foundation (SNSF) under grant no P500PS_210910.

*** Investment Policy Consultant at UNCTAD. Email: narciso_lucas@hotmail.com

 

Photo credit: Donatas Dabravolskas, via Wikimedia Commons

 

The recent decision of the European Commission to launch infringement procedures against Portugal concerning the provisions of the Community of Portuguese-speaking Countries (CPLP) Mobility Agreement has placed this new framework in the spotlight. Concluded by Portugal, Angola, Brazil, Cape Verde, Guinea-Bissau, Mozambique, São Tomé and Príncipe, Timor-Leste and Equatorial Guinea in 2021, the CPLP Mobility Agreement facilitates the movement of the citizens of the CPLP member states within the boundaries of ‘the same language space’. As the CPLP Executive Secretary Zacarias da Costa put it, the agreement goes ‘way beyond a set of piecemeal measures’, establishing a legal framework with a flexible and variable system suited to each state’s specificities. Notably, the Mobility Agreement aims to streamline the process for acquiring temporary residence visas and permits, with around 150,000 applications reportedly undergoing processing by the Portuguese Foreigners and Border Service (SEF). In this post, we examine the adoption, content, and implementation of the Mobility Agreement, commencing with a brief introduction to the CPLP.

 

Founding the CPLP

 

The inception of the CPLP traces back to early 1980s when the Portuguese Minister of Foreign Affairs at the time, during an official visit to Cabo Verde, endorsed decentralised tricontinental dialogues as a means to formalise the connections between Portugal and its former colonies. This initiative gained momentum in the 1990s, primarily due to the dedicated effort of the Brazilian ambassador to Portugal at the time, and resulted in the creation of the organisation in 1996. Although the CPLP was ostensibly established with benign objectives, centred on fostering cooperation across various areas rooted in a professed shared language and culture, it appeared to be the ‘political face’ of the Lusophone world. In this regard, it bears a resemblance to its French- and English-speaking counterparts, albeit neither the Organisation internationale de la Francophonie nor the Commonwealth of Nations have adopted a mobility agreement of the kind seen within the CPLP.

 

Initially comprising seven member states, the CPLP expanded with the admission of the newly independent state of Timor-Leste in 2002 and Equatorial Guinea in 2014. Brazil stands as the largest member state in terms of territory, population and economy, boasting the highest number of Portuguese speakers. However, projections indicate that by the close of the 21st century, the majority of Portuguese speakers will likely reside in Africa, attributed to demographic growth in Angola and Mozambique. While the list of potential future CPLP members may seem to have been exhausted, the CPLP has proactively introduced the category of an ‘observer’, enabling international organisations and interested countries to participate in CPLP summits and Council of Foreign Affairs Ministers meetings, albeit without voting rights.

 

Adopting the Mobility Agreement

 

The CPLP’s founding texts had already established the objective of ‘contributing to the strengthening of human ties, solidarity and fraternity among Peoples who have the Portuguese Language as one of the foundations of their specific identity and, in this sense, promoting measures that facilitate the movement of citizens of Member Countries within the CPLP space’. Acting on this, the CPLP member states agreed to explore possible avenues for policy development in mobility issues in the Praia Declaration in 1998. Two years later, a working group was established to facilitate intra-CPLP mobility and to ensure the equality of social and political rights among CPLP member state citizens. Several agreements followed soon after, including on common maximum requirements for short-term visa applications in 2002 and student visas in 2007. During this period, the goal to institute a Lusophone or CPLP citizenship status garnered much attention but has not reached a consensus. In the meantime, the path was laid for a mobility agreement, which was eventually signed in Luanda, Angola, on 17 July 2021, following seven sessions of text-based deliberations.

 

Facilitating Three Types of Movement

 

The Mobility Agreement does not create a free movement regime. Instead, the CPLP member states have established minimum standards to facilitate three types of movement: short stay, temporary stay, and residency. Although short stays do not necessitate prior administrative authorisation, temporary stays (with a duration not exceeding 12 months) are conditional upon such authorisation. Conversely, the streamlining of residency contemplates a novel documentation category called the ‘CPLP residence permit’, which may be granted subsequent to the authorisation of a ‘CPLP residence visa’.

 

Sitting at the heart of this framework are the applicable terms and conditions. Essentially, each state is free to choose mobility modalities and categories. This allows the states to undertake obligations gradually and with varying degrees of integration across one or more mobility modalities and/or categories of people, tailoring them to internal circumstances. Each state retains the authority to define, based on its internal legislation, the necessary documentation required to apply for the CPLP residence visa. Furthermore, none of the states are obligated to undertake commitments that are incompatible with their international commitments or regional integration agreements.

 

Implementation by Portugal

 

Portugal approved the CPLP Mobility Agreement by Resolution of the Assembly of the Republic No. 313/2021 of 9 December, implementing it by enacting Acts No. 4/2022 of 30 September, and No. 18/2022 of 25 August.

 

Accordingly, CPLP member state citizens may apply for a temporary-stay visa, work-seeker visa or a CPLP residence visa. Such requests shall be granted outright, unless the applicant is identified in the Schengen Information System as the subject of an alert for return or an alert for refusal of entry and stay. In other words, the applicants no longer need to apply for a visa in person, and are exempted from the prior decision of SEF (which has recently been replaced by AIMA).

 

Furthermore, as of March 2023, certain CPLP member state nationals have been able to apply for a temporary residence permit online. This is not an automatically granted visa, but rather a temporary residence permit granted to CPLP member state nationals who already had migration processes pending at SEF/AIMA or had visas issued by Portuguese consulates. Similarly, those with a CPLP residence visa are entitled to apply for a CPLP residence permit.

 

The decision to grant a CPLP temporary residence permit to citizens who were already staying in the territory, and who were waiting for a residence permit, was also taken with the aim to respond to the high number of pending applications made under the permanent regularisation scheme existing in Portugal. Indeed, Articles 88 and 89 of the Immigration Law establish a ‘right to regularisation’ to citizens who are illegally staying in the territory and who have a labour contract or a promissory agreement to formalize a labour contract. These legal norms attracted a high number of migrants, mainly from Brazil, that entered Portugal with the purpose of seeking job opportunities, and stayed illegally there, waiting for their regularisation. The number of pending procedures amounted to more than 120,000 and the waiting time was exceeding two years. The dissatisfaction among the immigrants’ community was growing, and the Ombudsman reported an extreme rise of complaints against SEF. With the CPLP scheme, the Government was expecting to solve this backlog, that was seriously jeopardizing the good functioning of the services and raising social discontent.

 

European Commission’s Infringement Procedure against Portugal

 

In September 2023, the Commission started an infringement procedure against Portugal. The Commission considers that the Mobility Agreement provides for a residence permit which is not compliant with the uniform format for residence permits for third-country nationals under Council Regulation 1030/2002. Furthermore, the Commission contends that both the residence permits as well as the long-stay visas issued for job-seeking purposes to nationals of the CPLP States do not allow their holders to travel within the Schengen area, in contradiction with EU law.

 

The CPLP ‘residence permit’ consists of a document which simply states that its holder has authorisation to reside in Portugal under the CPLP mobility agreement. The fact that it does not follow the EU’s residence permit format has also contributed to raise several uncertainties in the daily lives of its holders. In fact, it was common for private or even public entities not recognising the document and denying access to some rights, such as opening bank accounts or renting houses. Also, it was very frequent that holders of CPLP residence permits were denied embarkment in international flights or even returning to Portugal by foreigner airports’ officials, who were not familiarised with the document.

 

Portugal has two months to respond to the letter and address the shortcomings identified by the Commission. Portuguese Secretary of State for European Affairs, Tiago Antunes, has already denied incompatibility between the Mobility Agreement and the Schengen regime, and announced that the implementation of the agreement would continue. In the absence of ‘a satisfactory response’ by Portugal, the Commission may decide to issue a reasoned opinion, which is a formal request to comply with EU law. In case the country in question does not comply with the reasoned opinion, the Commission may decide to refer the matter to the Court of Justice of the EU.

 

Conclusion: Is CPLP Mobility Agreement one of a kind or part of a larger trend?

 

The CPLP Mobility Agreement may be seen as a distinctive framework, emanating from a political and cultural cooperation organisation rather than an integrated trade bloc. Integrated trade blocs, such as the EU, African Union (AU), Southern Common Market (MERCOSUR), and the Economic Community of West African States (ECOWAS), have established their own systems of free movement, albeit at various stages of implementation. While trade agreements designed between developed and developing nations have been observed to facilitate human mobility to a certain extent, the extent of such facilitation is typically more limited. The CPLP Mobility Agreement echoes the conventional observation that states operating at differing levels of development tend to facilitate human mobility to a more restricted degree.

 

Nonetheless, the CPLP Mobility Agreement has been observed as being unique for putting an end to an unjustifiable limit to the right to work for certain non-EU citizens in an EU country. In this sense, it can be viewed as part of a larger trend in favour of international cooperation on migration issues. This issue topped the UN agenda particularly post-2015, leading to the adoption of the legally non-binding Global Compact for Safe, Orderly and Regular Migration (GCM) in 2018. All CPLP member states have voted in favour of adopting the GCM during the historic UN General Assembly vote, with the exception of São Tomé and Príncipe and Timor-Leste which did not vote. Furthermore, three CPLP member states (Portugal, Cabo Verde and Guinea-Bissau) have submitted voluntary national reports on the implementation of the GCM. In their reports, Portugal and Guinea-Bissau make references to the CPLP Mobility Agreement as instances of successful implementation of the objective on enhancing the availability and flexibility of pathways for regular migration. Also, both states mention in their reports that they have accepted to become a ‘GCM Champion country’ and to contribute to achieving the objectives of the GCM.

 

 

Thursday 11 July 2024

Mass hacking and fundamental rights: a missed opportunity for the CJEU?



Hugo Partouche, Attorney-at-law (avocat) at the Paris Bar, and Chloé Berthélémy, Senior Policy Advisor, EDRi

 

Photo credit: hacker-silhoutte, via Wikimedia commons

 

*A first version of this article was published in French by Actualité Juridique (AJ) Pénal, Dalloz Revues here.

 

On 30 April 2024, the Court of Justice of the European Union (CJEU) published its decision in the ‘EncroChat’ case.

 

The case emerged from recent European police cooperation operations against organised crime, involving the mass interception of encrypted communications by means of spyware (‘hacking’). They enabled the collection, for EncroChat alone, of millions of messages associated with 32,000 users in 122 countries, including nearly 4,600 in Germany, and leading to more than 6,500 arrests and 3,800 legal proceedings in the Union.[1]

 

The Berlin Regional Court (the ‘Berlin court’) referred questions to the CJEU, asking whether a German European Investigation Order (‘EIO’) concerning the transmission of data collected by French investigators using hacking techniques was compatible with fundamental rights.

 

The Court's response is based primarily on the principle of mutual trust, which guarantees the effectiveness of European judicial cooperation.[2] Unfortunately, it carefully avoids linking this decision to its case law on the rights to privacy and data protection in criminal matters developed since the entry into force of the EU Charter of Fundamental Rights (the ‘Charter’).

 

Thus, the Court considers that EU law is of very little assistance to the fundamental rights issues at stake, since the transmission of data between two Member States in the context of an EIO is subject only to the rules applicable to a similar procedure within the issuing State (here, Germany). Similarly, the proportionality of an EIO is analysed solely in light of the law of the issuing State, particularly with regard to the evidence that should be considered sufficient to order such a measure. This question is considered to be distinct from the debate on the integrity of the data before the court hearing the case, which alone is capable of assessing whether the defence is able to comment effectively on the evidence – which is an ability that EU law prescribes.[3]

 

    1. The EncroChat investigation

 

‘EncroChat’ was a closed network of encrypted communications using modified telephones, used for organised crime, whose servers were in France. In April 2020, the French authorities set up a joint investigation team with the Netherlands, under the aegis of Eurojust, with the support of Europol, and obtained a judicial authorisation to install Trojan horse software on the servers and then directly on the terminals (the phones). The investigators informally announced via Europol's messaging system (SIENA) that they were going to intercept data located beyond their own territory. The German criminal police (BKA) expressed an interest in the data.

 

On the basis of this information, the Berlin court took the view that the investigation should be seen as a single European project with the aim of dismantling the EncroChat service and enabling criminal proceedings to be brought against all European users in their respective countries. It supports this analysis using a variety of indicators: the cooperation between France and the Netherlands starting in 2018, the support of Eurojust and Europol, the development of a complex interception technique, the prior knowledge of the German authorities that the interception would extend over its territory and, above all, the opening in 2020 of an ‘empty shell’ procedure by the Frankfurt public prosecutor's office, intended to receive information on German users, who would then be prosecuted in separate procedures on the basis of information accessed from Europol’s servers.

 

Furthermore, the technical characteristics of the hacking[4] are not known because the method used is classified as a French national defence secret.[5] A large part of the file is also being kept confidential by the German public prosecutor's office, which refused to inform the Berlin court of what information had actually been shared between national authorities before the interception measure was launched.[6] Lastly, numerous errors have been identified in the data (message senders, time stamps, etc.).[7]

 

2. The limited added value of the judgment on the data protection jurisprudence

 

According to the Berlin court, the course of the investigation suggests that the transmission of the data motivated the collection and not vice versa. With concerns, the referring court suggested that the EIO Directive could not, in such circumstances, separate collection and transmission and that only an independent court could review the proportionality of the latter. However, in the Court's view, the distinction between transmission and collection is clear and the EIO Directive is to be interpreted literally in that it subjects the admissibility of an EIO for the purposes of transmission solely to the law of the issuing State (§92), so that a German public prosecutor may be regarded as competent (§77).

 

The Court did not take the opportunity offered to draw on its own case law relating to Directive 2002/58, known as the ‘ePrivacy’ Directive, interpreted in the light of the Charter (in the context of mass data retention). (See, for example, the judgments in Prokuratuur and La Quadrature du Net and others). Indeed, the retention of and access to telecommunications data are both data processing operations involving serious interference with the fundamental rights to respect for private life and to the protection of personal data. This means that they are subject to EU law criteria, independently of national rules, in particular with regards to the control of proportionality and to the competent authority.

 

The Berlin court noted that the infringement of rights was even more serious in the EncroChat case because of the collection of the content of communications, which is considered sensitive, the long collection period, the massive and indiscriminate nature of the targeting without any specific and individualised suspicion and the immediate collection by law enforcement authorities without any action on the part of the service provider.

 

However, the CJEU refuses to follow this reasoning and to transpose its own criteria in the data protection field to a transfer of data between law enforcement authorities. For the Court, the logic of European judicial cooperation takes precedence over the protection of privacy when the competent authority is dealing with another judicial authority and not with a telecommunications operator.[8] As a result, there is a risk of a significant disparity between the levels of protection and guarantees afforded to different data processing operations during a cross-border telecommunications interception operation.

 

The laundering of EncroChat data from its original controversial method of collection is of importance in the current debate at EU level on the (illegal) use by several Member States of spyware such as Pegasus and Predator, and their compliance with EU law. The technical characteristics and practical impact on privacy of the Trojan Horse software used to target EncroChat bear many similarities to these contentious spywares. The European Data Protection Supervisor is even of the view that they threaten the very essence of the right to privacy and would therefore be contrary to EU law. As modern state hacking techniques became ever more intrusive, the adequacy of current European instruments for police and judicial cooperation to preserve fundamental rights can be reasonably put into question.

 

It is also regrettable that the conditions under which EncroChat data is stored by the national authorities and by Europol are not mentioned. Such storage constitutes an autonomous infringement of fundamental rights. This question is all the more relevant as the 2022 reform of Europol's mandate allows the agency to derogate exceptionally from its own data protection rules to process large datasets (e.g. data collected in bulk) and authorises the long-term storage of investigative data. This enables Europol and investigating authorities to regularly draw on databases without, however, having to demonstrate the existence of concrete evidence of individualised suspicions, or to comply with the requirements of necessity and proportionality.

 

3. Minimum review of proportionality and right to a fair trial

 

To assess the proportionality of the EIO measure, the Berlin court asks the CJEU to assess the related infringements of procedural rights.[9]

 

With regard to the right to privacy, the Berlin court held that in order for an EIO ordering the transmission of data to satisfy the conditions of necessity and proportionality set out in the EIO Directive, it is not sufficient to have evidence of multiple offences committed by unidentified persons.

 

The Court replied that: ‘By using the terms “under the same conditions” and “in the context of a similar national procedure”, Article 6(1)(b) of Directive 2014/41 [the EIO Directive] makes the determination of the precise conditions required for the issuing of a European investigation order depend solely on the law of the issuing State’. It concludes that, if the law of the issuing State makes the transmission of data subject to the existence of concrete indications that the person being prosecuted has committed serious offences or to the admissibility of the evidence, the adoption of an EIO is subject to those same conditions. It can be inferred from the request for preliminary ruling that the Berlin court holds that very position, whereas other German courts don’t.

 

With regard to the right to a fair trial, the Berlin court asked the Court of Justice whether the principle of proportionality precluded the issuing of an EIO where the integrity of the data obtained could not be verified because of the confidentiality of the technical bases, and the defence might not, for that reason, be able to comment effectively on that data in subsequent criminal proceedings. The Court replied that it follows from Article 4 of the EIO Directive that the necessity and proportionality of the measure are to be assessed in the light of the law of the issuing State. The Court explains that if the transmission of evidence were to appear either disproportionate or not in conformity with the framework of the ‘similar’ national proceedings, the consequences would be those of national law (§103).

 

However, and it may be one of the most important contributions of this judgment to the many ongoing EncroChat proceedings across Europe, the Court reasserts that if a party ‘is unable effectively to comment on evidence which is capable of having a preponderant influence on the assessment of the facts, that court must find that there has been a breach of the right to a fair hearing and exclude that evidence in order to avoid such a breach.’ (§105).

 

Unfortunately, the CJEU refuses to outline an enhanced control, whether substantive or procedural (§89), in the area of technically complex cross-border investigative measures. It limits the control on this point to the question of judicial review of compliance with fundamental rights provided for in Article 14 of the EIO (§§101 et seq.).

 

However, the Berlin court’s questions seemed particularly relevant on two fronts. First, it follows from the Court's case-law that the practical ease of an interference is not sufficient to make it proportionate.[10] Secondly, the limitation of a Charter right, while presumed proportionate, ‘may prove to be disproportionate if the criteria governing it are imprecisely drafted and if they do not lay down genuinely objective and controllable conditions’.[11] These concepts are not used in the judgment.

 

The Court's reasoning, however unsatisfactory in its minimalism, is not surprising: it seizes every opportunity to defend the principle of mutual trust rather than to seek in the Charter the elements for a full review of the implementation of judicial cooperation tools. And for good reason: that is the inherent logic of these tools.

 

However, the complexity of the EncroChat investigation had given the opportunity to the Court to develop its case law. The Court started applying in the Aranyosi and Caldararu case what some commentators have described as the principle of acquired mutual trust rather than blind mutual trust,[12] particularly with regard to the risk of forum shopping.

 

4. Wilful blindness to the risk of forum shopping?

 

In the Court's view, the singular structure of the investigative measures does not present any particularity of relevance to the EIO Directive.

 

Although it acknowledges that the data was collected on behalf of Germany and on its territory, the Court does not explain why it completely rules out the risk that Germany might have opportunistically subcontracted the collection to France where data interception is less regulated. In the Court's view, the EIO Directive does not take into account the location of the data collection (§98). This allows the Court to not assess the risk of forum shopping, that implies taking advantage of the difference in rules between collection and transmission in the State where the data are collected (here, Germany).

 

In those circumstances, it is particularly surprising that the judgment states, without giving any reasons, that ‘in the present case, it does not appear that the purpose or effect of the collection and transmission, by means of a European Investigation Order, of the evidence thus collected was such circumvention, which it is for the referring court to ascertain’ (§97). The Court is ruling on a point that it considers to be outside its purview.

 

However, the Berlin Court was rather clear about the genuine risk of circumvention, particularly since it would have been more logical for an EIO to have been issued prior to collection and, in such a case, the authorisation of an independent court would have been required under German law (on the basis of the CJEU judgment of 16 December 2021, Spetsializirana prokuratura (Traffic and location data)). The referring court therefore finds itself on the receiving end of a paradoxical answer to its question.

 

The Court's ambivalence stems from its overreliance on the principle of mutual recognition in this context. This principle, which is itself based on mutual trust, justifies that the referring court is not authorised to review the validity of the procedure by which an EIO was issues to the executing State for the purpose of transmission (§§99-100). This was the Advocate General's position, according to whom the ‘interception took place independently of the EIOs at issue’ (paras 15-16 of the opinion).

 

As said, however, it was specifically questioned in cases where mutual trust, instead of merely facilitating cooperation between two States, serves as a screen for opaque police strategies. No control over such strategies and their impact on fundamental rights would therefore come directly from EU law, despite the fact that EU law has been able to act as a bulwark against the protection of privacy in relation to new technologies.

 

Could it be that the Court has missed its appointment with complex and new technical issues destined to change the economics of European judicial cooperation?



[1]https://www.europarl.europa.eu/RegData/etudes/ATAG/2022/739268/EPRS_ATA(2022)739268_EN.pdf  The spyware made it possible to intercept their traffic and location data, as well as the content of communications, including those stored on the devices prior to the operation. Given the massive scale of the data extraction, many lawyers have publicly questioned the lawfulness of the data interception measures, as well as the reliability and admissibility of the resulting evidence: https://www.computerweekly.com/news/252526497/Dutch-lawyers-raise-human-rights-concerns-over-hacked-cryptophone-data

       https://www.fairtrials.org/articles/news/encrochat-hack-fair-trials-denounces-lack-of-transparency-and-oversight/

[2]The Court has vigorously defended this principle because of its role in European integration, allowing only exceptional circumstances to derogate from it. See also: https://www.eurojust.europa.eu/20-years-of-eurojust/recent-jurisprudence-cjeu-judicial-independence-and-european-arrest-warrant

[3]Note D. Berlin, La Semaine Juridique Edition Générale n° 19, 13 May 2024, act. 606.

       Note V. Barbault, Lexis « EncroChat : précisions de la CJUE sur la transmission et l'utilisation de preuves dans les affaires pénales transfrontalières »

[4]But also the storage, allocation and filtering of data by the French authorities or by Europol.

[5]French law provides minimal control over hacking measures, as demonstrated by Decision no. 2022-987 QPC of April 8, 2022 (M. Saïd Z. ), dealing in particular with the provisions of article 706-102-1 of the French Code of Criminal Procedure, and a ruling by the French Supreme Court (Cour de cassation) on the nullity of interception and capture operations carried out on the basis of this same text, as well as on the failure to include the master procedure in the proceedings (Crim. October 11, 2022, no. 21-85.148).

[6]The Berlin Court explains that this opacity explains a divergent decision by the Federal Court of Justice on March 2, 2022.

[7]For a technical analysis of the practical impossibility of effectively commenting on the data and possible errors: V. R. Stoykova, Encrochat: The hacker with a warrant and fair trials?, Forensic Science International: Digital Investigation 46 (2023) 301602

[8]H. Christodoulou, Issuance of a European investigation order for the transmission of telecommunications data possessed by the executing State: sufficiency of the prosecutor's control, CJEU Apr. 30, 2024, aff. C-670/22, Dalloz Actualité, 31 May 2024

[9]It is regrettable that the Berlin Regional Court did not use Article 52(1) of the Charter, which is intended to verify that the infringement of a fundamental right does not affect the essence of that right, which in principle takes precedence over the examination of the necessity and proportionality of the interference.

[10] P. Gilliaux, Droit général des droits fondamentaux de l’Union européenne, Bruylant, 2024, §770

[11]Ibid. §784.  In this respect, by submitting such a complex investigative technique to the Court for the first time, the Encrochat case could have provided an opportunity to reinforce the standard of equality of arms by abandoning the idea that it is sufficient for the defendant to be able to "comment" on information from investigations carried out by foreign authorities.

[12] V. Mitsilegas, Trust (2020) German Law Review 69. This consideration is not, however, absent from the decision, which recalls that the presumption of respect for fundamental rights in the executing State is rebuttable (§99).