Saturday 21 December 2019

The AG Opinion in Schrems II: Facebook, national security and data protection law

Lorna Woods, Professor of Internet Law, University of Essex

Last week a CJEU Advocate-General gave an opinion in the case of Schrems II, the latest challenge to US national security rules as they apply to transfers of personal data from the EU (via Facebook). The original Schrems case (discussed here) shocked the data protection world when the Court of Justice of the EU (ECJ) ruled that the adequacy decision with regards to the United States (which simplified personal data transfers between the EU and the US) was invalid and – effectively - that US practices were incompatible with the EU Charter. Companies transferring data to the US turned to other legal mechanisms to legitimise the transfer of data and Schrems II (Data Protection Commissioner v. Facebook Ireland Limited, Maximillian Schrems (Case C-311/18)) concerns one of these mechanisms: standard contractual clauses (SCCs). Surely, given the similar context and the fact that those under US jurisdiction must comply with US law, the outcome must be the same?

The Facts

Max Schrems aimed to stop the transfer of his personal data from the EU to the US under SCCs, following on from the finding in Schrems I that US law did not provide sufficient safeguards for individuals’ privacy rights in the context of bulk surveillance. This resulted in an action being brought by the Irish Data Protection Commissioner (DPC). The DPC took the view that her assessment of whether the transfers were valid depended on whether the model SCCs (established by the European Commission by Decision 2010/87/EU) were valid and she brought an action before the Irish courts, which resulted in an 152 page judgment and a reference to the ECJ, to determine this.

The reference comprised 11 questions, which the Advocate General bundled into a number of topics:

-          the applicability of EU law when data transferred is processed for national security purposes in third countries;
-          the level of protection required;
-          the impact of the non-binding nature of an SCC on the authorities of a third country on the validity of Decision 2010/87;
-          the validity of Decision 2010/87 in the light of the EU Charter; and
-          an assessment of the Privacy Shield decision (the replacement adequacy decision for transfers to the US, following the finding in Schrems I that the previous decision, known as ‘Safe Harbour’, was invalid).

The Opinion

The first issue was whether the fact that the concerns regarding privacy occur in the policy space of national security (an area outwith EU competence) affects the applicability of the data protection directive (DPD) or the replacement law, the GDPR. Those rules are designed for the commercial sphere. As the Advocate General noted,

The significance of that question … lies in the fact that, if such a transfer fell out side the scope of EU law, all the objections raised ...would be rendered baseless [101].

Given the Court’s approach in Schrems I, it is unsurprising that the answer here was that the locus of regulation was the commercial activity that was being undertaken. The purpose of the transfer was not that of allowing the data to be processed for national security [106]. So, ‘the possibility that the data will undergo processing by the authorities of the third country of destination for the purposes of the protection of national security does not render EU law inapplicable...’ [108].

The second issue at which the Advocate General looked was that of the level of protection. He accepted that the approach of the Court in Schrems I to adequacy decisions (under Article 25(6) DPD, and now Article 45(3) GDPR) is also relevant to SCCs so that the ‘appropriate safeguards’ envisaged by Article 46 GDPR should ensure data subjects benefit from a level of protection ‘essentially equivalent’ to that which follows from the GDPR [115]. While the adequacy decision mechanism and the SCC mechanism both aim towards the same objective, the way they each achieve it may be different: the underlying difference between the mechanisms is that the adequacy decision considers whether the protections provided by law in the destination country are adequate; the SCCs accept that they are not and provide other safeguards [120, see also 123-4].

Validity of Decision 2010/87

Moving on to the question of validity of Decision 2010/87 in the light of the EU Charter, the fact that SCCs are not binding on the third country undermines the ability of the recipient of the data always to respect the data protection safeguards contained in the SCC. The Advocate General considered this in the context of the question the Irish Court raised regarding the obligations on the national supervisory authority to suspend transfer [122]. The Advocate General proposed that:

-          SCCs may be assessed only on the ‘soundness of the safeguards’ they each provide;
-          safeguards may be reduced/eliminated as a result of the law of the third country;
-          the mechanism imposes on the exporter/controller or the national supervisory authorities, on a case-by-case basis, to prohibit or suspend transfers.

The Advocate General concluded that this did not invalidate the Decision but rather raised the question of ‘whether there are sufficiently sound mechanisms to ensure that transfers based on the standard contractual clauses are suspended or prohibited where those clauses are breached or impossible to honour’ [127]. He also highlighted the requirement in Article 46(1) GDPR that data subjects’ rights must be enforceable and remedies available.

Obligations on data controllers

The SCC imposes obligations on exporter and importer to comply with the terms of the contract. Given the obligations on the data controller (the person in control of the uses to which the data is put) imposed by the GDPR, where the exporter is aware that the importer cannot honour the terms of the SCC, the controller does not have a choice to suspend transfer but is required to do so [132]. The Advocate General also suggested that the parties should carry out an examination into whether the law of the third country would entail such a breach [135]. The rights of the data subject are ensured as against the exporter/controller under the SCC in Decision 2010/87 and the data subject may also apply to the national supervisory authorities.

Obligations on the supervisory authorities

The Advocate General proposed that national supervisory authorities are required to order the suspension of the transfer. Specifically, the right to suspend is not only to be used in exceptional cases (this follows amendment of the SCC terms in the light of Schrems I) and recital 11 of Decision 2010/87 is ‘obsolete’ [143].  The Advocate General emphasised that

‘the exercise of the powers to suspend and prohibit transfers …. is no longer merely an option left to the supervisory authorities’ discretion’ [144].

Article 58(2) GDPR, which sets out the powers of supervisory authorities, should be understood in the light of Article 8(3) EUCFR and Article 16(2) TFEU (both of which provide that compliance with data protection law should be overseen by an independent authority) – the Advocate General inferred that this meant the authorities have to act in such a way as to ensure the proper application of the GDPR. This imposes a due diligence requirement on the authorities, as well as an obligation to react appropriately to infringements. Failure to do so can lead to judicial action, and this re-emphasises that the obligation on the national supervisory authorities is ‘strict’, not discretionary [150].

The DPC had contended that this obligation is insufficient: it fails to address the systemic problems of inadequate safeguards; and that the approach leaves unprotected those whose data have already been transferred. The Advocate General disagreed; while problems existed they were not sufficient to invalidate the decision. He stated that:

EU law does not require that a general and preventive solution be applied for all transfers to a given third country that might entail the same risks of violation of fundamental rights [154].

As regards, effective redress for those already affected, the Advocate General emphasised the roles of the supervisory authorities to take corrective measures and the rights under Article 82 GDPR.

Privacy Shield

The Advocate General than took the view that it was unnecessary to consider the ‘Privacy Shield’ decision, in part because it assumes that the general level of law and protection in the recipient state need to afford adequate protection for SCCs to be available – a point which the Advocate General had already rejected.  Nonetheless the Advocate General did produce some guidance for the Court were it to consider the issue.

The finding of adequacy under the Privacy Shield does not preclude a national supervisory authority from exercising its powers. A number of parties challenged (directly or indirectly) the finding of adequacy in relation to the Privacy Shield. He suggested that when considering the comparison between the law and safeguards of the third country the appropriate comparison would be with the approach of the Member States to their own national security within the framework of the European Convention on Human Rights (ECHR) [207] and that those standards must be known in advance. The Advocate General discussed the scope of the national security exception, defined as:

activities connected with the protection of national security in so far as they constitute activities of the State or of States authorities that are unrelated to fields in which individuals are active [para 210, citing inter alia Tele2 Sverige and Watson (Cases C-203/15 and C-698/15, discussed here)].

The Advocate General suggests that the exclusion covers measures ‘that are directly implemented by the State for the purposes of national security, without imposing specific obligations on private operators’ [211]. He notes that where private operators are involved the law is less clear with the earlier PNR judgment (Parliament v Council and Commission (Cases C-317/04 and C-318/04)) seemingly pointing in a different direction from more recent jurisprudence including Tele2/Watson.  He proposed a number of ways to reconcile the two lines of cases:

-          Tele2/Watson arose where operators were required to keep data; the airlines kept the data for their own commercial purposes [218];
-          Tele2/Watson arises where operators are required to cooperate as regards the access to the data, irrespective of whether there is a prior obligation to retain data - because the provision required the operators to engage in data processing [219-220].

The Advocate General favoured the second approach, suggesting it was also in line with Schrems I and that, once national authorities have the data and engage in further processing of them, such processing is not caught by the scope of the GDPR. In this view of the Advocate General, this means verification must take place by reference first to the GDPR and Charter and secondly by reference to the ECHR.

A further issue was whether continuity of protection means that measures must be in place during transit (e.g. through submarine cables). Article 44 GDPR refers to ‘after transfer’ which could mean after arrival or once transfer has been initiated. Relying on a teleological interpretation, the Advocate-General adopted the second interpretation.

Moving on to the validity of the Commission’s assessment of adequacy, the Advocate General assessed whether the Commission’s findings warranted the adoption of an adequacy decision, recalling the principles set down in Schrems I allowing for ‘a certain flexibility in order to take the various legal and cultural traditions into account’ but ‘that certain minimum safeguards and general requirements for the protection of fundamental rights that follow from the Charter and the ECHR have an equivalent ...’ [249].  It was this essential equivalence that the referring court challenged. The Advocate General re-stated case law from both Courts that recognised the existence of an interference, and as far as the ECJ is concerned it does not matter whether the data are sensitive. Further:

the obligation to make the data available to the NSA, in so far as it derogates from the principle of confidentiality of communications, entails in itself an interference even if those data are not subsequently consulted and used by the intelligence authorities [259].

As regards the requirement that interferences must be provided for by law, the Advocate General – treating the approach of the ECJ and ECtHR together states that this test means that:

regulations which entail an interference … lay down clear and precise rules governing the scope and application of the measure at issue and imposing a minimum of requirements, in such a way as provide the persons concerned with sufficient guarantees to protect their data against the risks of abuse and also against any unlawful access to or use of data [para 265, citing Digital Rights Ireland (discussed here), Tele 2 Sverige, Opinion 1/15 (discussed here), Weber and Saravia, Zakharov (discussed here) and Szabo and Vissy].

The Advocate General doubted whether the US framework met this threshold [266].  Following existing jurisprudence, however, the Advocate General accepted that the very essence of Article 7 or 8 was not compromised.  In this, the Advocate General noted that the position of the ECtHR was that such surveillance could, in principle, be capable of justification [282].

National security has long been accepted as a legitimate public interest ground justifying interferences with rights. The scope of ‘national security’ was challenged. The Advocate General accepted that some aspect of foreign affairs might fall within ‘national security’; further objectives dealt with under ‘foreign intelligence information’ could constitute other public interest objectives but that these would have a lesser weighting in a proportionality analysis. However, ‘it may be asked whether those measures are defined sufficiently clearly and precisely to prevent the risk of abuse and to permit a review of the proportionality.’ [289].

The Advocate General nonetheless considered the necessity and proportionality aspects, within the framing set down by Schrems I in particular. The Advocate General also noted the safeguards required by Article 23(2) GDPR. He doubted whether the selection criteria were sufficiently clear and precise and whether there were sufficient guarantees to prevent the risk of abuse noting in particular the difference between the requirement that an activity be ‘as tailored as feasible’ is not the same as an activity which is strictly necessary [300], nor does it necessarily forewarn data subjects [307]. There is no prior review. He therefore concluded that he had doubts about the adequacy of protection provided.

The next issue was the right to an effective remedy and the impact of the introduction of the Ombudsperson Mechanism which is intended to compensate for some of the deficiencies in the US system.  The Advocate General noted that the Article 47 right is in addition to the requirement that there be independent oversight/authorisation of surveillance activities. Re-iterating Schrems I, where there is no possibility to pursue legal remedies, the national rules do not respect the essence of the right. The right include that of receiving confirmation from national authorities whether or not they are processing data as well as being notified about an investigation once it would no longer jeopardise that investigation (though the ECtHR has not made this aspect a requirement). The US system is deficient in these aspects. The Advocate General considered whether the Ombudsperson Mechanism compensates but was not convinced. Such a body to be effective must be established by law and be independent. The Advocate General noted that the mechanism satisfied neither requirement and is not subject to judicial control.


A cursory look at the conclusion to the Opinion might suggest that there will be no change in the approach to data transfers and that in general this was a bit of a defeat for Schrems. This would mis-characterise the position (and also overlook the fact that it was the DPC that was arguing for invalidity of the SCC decision, not Schrems).  The Opinion is divided broadly into two topics: the first which deals the legality of the SCC decision and the second which deals with the Privacy Shield adequacy decision. 

The Advocate General may have suggested that the Decision underlying the SCCs should not be considered invalid but this does not mean that those transferring data to the US can ignore the privacy concerns. The response of the Advocate General - in avoiding challenging the underlying system itself - is to rely on decentralised, and ultimately private, enforcement by the exporter/data controllers, but also by the national supervisory authority.  This obligation is described in rather strong terms; certainly a data exporter cannot be passive but must investigate conditions and if it finds problems it must act to suspend transfers. A head in the sand approach – if the Court follows the reasoning of the Advocate General – is unlikely to be successful. For national supervisory authorities the obligation seems still stronger and the obligation to assess on a case by case basis potentially increases their workload. Underpinning this again is the threat of legal action by data subjects. While empowering data subjects is probably to be regarded as positive, viewing private enforcement of regulation as an essential element of that scheme is problematic.  It assumes data subjects have the energy and the resources to take action – a real weakness in this approach, despite the possibility for class actions.

It is noteworthy that while the Advocate General heads the section on the acceptability of the Decision as its acceptability under the Charter, in practice his analysis focuses on the right to a remedy. This leaves the impact of the transfers on privacy and data protection (especially against a backdrop of bulk surveillance) under-considered.  Further, the Advocate-General seems to assume that the ability to sue in the EU (under Article 80 causes of action) compensates for the difficulties in standing and lack of remedies in the relevant third country, and assumes that compensation is adequate (as opposed to more behavioural remedies such as ceasing processing).  This aspect of the analysis is in marked contrast to the considerations discussed under the Privacy Shield section.

While the ruling on the impact of national security in the early part of the Opinion may not come of much surprise, it is potentially significant for the UK. At the moment, as a member of the EU, the activities of its security and intelligence services mainly lie outside the ECJ’s purview (though note pending reference on scope of this: Privacy International v Secretary of State for Foreign and Commonwealth Affairs (Case C-623/17)); once it becomes a third country (and subject to any negotiated agreement) national security becomes a relevant consideration.  This difference between EU States and third countries did not escape the attention of those making representations before the court. On this difference, the Advocate General when discussing the comparison that must take place to come to any decision on whether a third State’s data privacy protections are essentially equivalent argues that, in regards to interferences arising in the context of national security (which falls outside EU law and therefore the scope of the Charter), the relevant standards are to be found in the ECHR. 

As noted, however, that boundary is somewhat uncertain and consequently the extent to which it is consistent with earlier jurisprudence, including Schrems I, open to question. The approach of the Advocate General does seem to move away from the approach in the PNR judgment, which was based on looking at the provision’s purpose to determine whether it fell within the national security exception. Perhaps the forthcoming cases will develop a clear and consistent line on this point going forward. The significance of drawing a boundary between the EU Charter and the ECHR lies in the extent of difference in approach of the Strasbourg and Luxembourg courts to bulk surveillance, especially that in relation to communications data. On this, the Big Brother Watch case (discussed here and here) is heading to the ECtHR Grand Chamber.

As regards the second aspect, having noted that the Advocate General seeks to avoid commenting on the Privacy Shield, some of his comments in this regard (made ‘in the alternative’) highlight some real problems for that system. In his discussion he beds his reasoning both in the ECJ’s jurisprudence but also that of the ECtHR.  The Opinion constitutes a clear statement as to the applicability of the law to ‘automated’ surveillance and also as to the requirement of legality (which is not particularly clear as regards the Strasbourg jurisprudence).  In this, as well as in the context of necessity and proportionality of the measures the Advocate General was not convinced the US framework passed the tests. This is not just one problem to fix, but many.  While the Advocate General did not the difference in the jurisprudence between the two courts, this difference did not seem to lead to a different outcome in terms of his assessment of the acceptability of the US regime.

If the Court chooses to consider this question, there will be some serious difficulties going forward for data flows.  Whether the approach will stick is a question; the ECJ has been under pressure to step back from its stance on bulk collection and automated assessment of data in particular. Some of the surveillance issues will be returning to the Court in a bevy of cases: in addition to Privacy International see La Quadrature du Net & Ors v Commission (Case T-738/16); La Quadrature du Net & Ors and French Data Network & Ors (Cases C-511-12/18); and Ordre des barreaux francophones et germanophone, Académie Fiscale ASBL, UA,  Liga voor Mensenrechten ASBL, Ligue des Droits de l’Homme ASBL, VZ, WY,  XX v Conseil des ministres (Case C-520/18). Further Advocates-General opinions in several of these cases are set for January.

Barnard & Peers: chapter 9
Photo credit: Forbes

Friday 13 December 2019

Video surveillance in flats and data protection law: the CJEU's recent judgment in TK

Lorna Woods, Professor of Internet Law, University of Essex

There is an increasing incidence of the use of video-surveillance and with it a need to find a framework in which the conflicting rights or those who are subject to such surveillance may be balanced.  While there is increasing case law surrounding state surveillance the position as regards private actors – beyond the fact that data protection laws may well apply – is less well-developed.  The recent case of TK deals with such a balance, but the ruling of the Court of Justice is far from ground-breaking.

The Facts

Three video cameras were installed in the common areas of a block of flats to deal with issues of vandalism and burglaries.  The owner of one of the flats in that block objected and sought to have the cameras removed.  National law permitted the use of video-surveillance without the data subject’s consent for specified uses including the prevention and countering of crime and the safety and protection of persons, property and assets.  The national court referred a number of questions concerning the national law’s compatibility with the Data Protection Directive (Directive 95/46) (DPD) and provisions of the EU Charter.

The Judgment

The ECJ determined that the questions the national court referred should be understood together as asking whether Article 6(1)(c) and Article 7(f) DPD, read in the light of Articles 7 and 8 of the EU Charter, preclude national provisions which authorise the installation of a system of video surveillance installed in the common parts of a residential building, for the purposes of pursuing legitimate interests of ensuring the safety and protection of individuals and property, without the data subject’s consent.

These provisions of the DPD concern respectively the principle of data minimisation (Article 6(1)(c)), which requires that personal data must be ‘adequate, relevant and not excessive in relation to the purposes for which they are collected and/or further processed’, and the permissibility of processing personal data where ‘necessary for the purposes of the legitimate interests pursued by the [data] controller [ie, the person who decides on the purposes and means of data processing] or by the third party or parties to whom the data are disclosed, except where such interests are overridden by the interests for fundamental rights and freedoms of the data subject’ (Article 7(f)). The subsequent EU data protection law, the GDPR, has not significantly amended these rules, so there is no reason to believe that the judgment would have been different under the GDPR.

The Court confirmed the position in Ryneš (Case C-212/13), a 2014 judgment concerning the use of a home security camera (discussed here), that the system of surveillance cameras constitutes the automatic processing of personal data, but left it to the national court to assess whether the characteristics identified in Ryneš were satisfied here. It also reiterated that processing must fall within one of the six cases identified in Article 7 DPD. Considering Article 7(f), the Court – citing Rīgas satiksme (Case C-13/16), a 2017 judgment concerning personal data in the context of a dispute over liability for an accident – identified a three stage test:

-          the pursuit of a legitimate interest by the data controller or by the third party or parties to whom the data are disclosed;
-          the need to process personal data for the purposes of the legitimate interests pursued; and
-          the fundamental rights and freedoms of the person concerned by the data protection do not take precedence over the legitimate interest pursued.

Consent of the data subject is not required.  While a legitimate interest has been claimed, the referring court was uncertain as to whether that interest must be ‘proven’ and be ‘present and effective at the time of the data processing’.  The court agreed that hypothetical interests would not satisfy Article 7(f) but in this case the requirement of a present and effective interest is satisfied given the instances of theft and vandalism prior to the installation of the CCTV.

Considering the second element of the test, this in line with existing case law must be interpreted strictly, that is that the legitimate aims cannot reasonably be as effectively achieved by other means less restrictive of fundamental rights. It must also be understood in the light of the principle of data minimisation in Article 6(1)(c) DPD.  While previous means of dealing with the vandalism and thefts have been ineffective, and the CCTV relates only to the common parts of the building, the Court noted that the proportionality assessment also must take into account the specific methods or installing and operating that device – for example, limiting the hours with the CCTV operates, or obscuring some images.

The final element constitutes a balance between the opposing interests, and this will be fact specific bearing in mind the significance of the data subject’s rights and specifically the seriousness of any infringement [56]. Member States may not prescribe, for certain categories of data, the outcome of any such balancing (see Breyer (Case C-582/14), para 62 – a 2016 judgment about IP addresses as personal data, discussed here). The Court also distinguished between personal data available from public sources and that from non-public sources, with the latter constituting a more serious infringement.  It ‘implies that information relating to the data subject’s private life will thereafter be known by the data controller and, as the case may be, by the third party or parties to whom the data are disclosed’[55].  The Court also identified the following factors:

-          the nature of the personal data at issue, in particular of the potentially sensitive nature of those data
-          the nature and specific methods of processing the data at issue, in particular
-          the number of persons having access to those data and the methods of accessing them
-          reasonable expectations that his or her personal data will not be processed
-          the importance of the legitimate interests pursued.

These factors are for the national court to balance and to determine the legitimacy of the processing.  The DPD does not per se preclude such a system.


The Court did not strike the national regime down.  This should not be read as a ruling in favour of those who seek to place their neighbours under surveillance. In the end, the Court leaves it to the national court to decide on the facts.  This acceptance of the boundary between the competence of the national courts (in re facts and national law) and the Court of Justice (in re EU law) does not mean that the national law is automatically acceptable from the perspective of EU law. Crucially the national law in issue itself contained a balancing requirement, so that individual instances in which CCTV was to be deployed should be assessed in light of the impact on the data subjects’ rights.  A national rule that did not contain such a requirement could be seen to fall foul of the position in Breyer, noted by the Court here, of specifying the outcome of a conflict between interests.

As noted above, this chamber judgment, based on the DPD, presumably will apply also to the relevant provisions of the GDPR (Article 6(1)(f)), so it may have future relevance. What can be learned?  The Court’s approach is to try to base its reasoning in existing case law.  Of note is the reiteration of the point that an ‘images allowing natural persons to be identified’ can be personal data [35]. As a small point of detail, the phraseology is slightly different from that in Rynes: in Rynes the Court explained its reasoning by suggesting that “…the image of a person recorded by a camera constitutes personal data … inasmuch as it makes it possible to identify the person concerned...” (Rynes, para 22). Whether there is a significance in this difference is unclear.  Arguably, in Rynes the identification point seems to explain why an image is personal data; in TK it could be read as limiting the circumstances in which images could be personal data.  It is not as clear as the individuation argument accepted in the recent English High Court decision in Bridges, concerning automatic facial recognition.

The main body of the judgment is focused on the legitimate interest ground, analysing it according to a three-staged test.  In this the Court relies on the inter-connectedness of the requirements in Article 6 (concerning data quality) and Article 7 DPD (legitimacy of processing). The judgment gives some light as to when the legitimate interests of the processer are real or not; in this instance there had been instances of vandalism and theft, but the Court expressly notes that it’ cannot, however, be necessarily required, at the time of examining all the circumstances of the case, that the safety of property and individuals was previously compromised’ [44].  This does not however give us much guidance as to how far away from hypothetical such a case would need to be to be ‘present and effective’.

The second element focuses on ‘necessity’, which the Court reminds us should be ‘strictly necessary’.  Yet, the Court’s explanation of this requirement seems to adopt a lower standard, that of reasonableness.  It states the requirement thus: that the objective ‘cannot reasonably be as effectively achieved by other means less restrictive of the fundamental freedoms’ [47].  The Court also equates this element to a proportionality principle, understood in the light of the data minimisation principle. The Court states that proportionality has been taken into account because a previous system (using access cars to access the common areas) had been tried and failed. This, however, seems to refer to necessity.

The Court then does consider the operation of the CCTV system, and whether constant surveillance is required, implicitly at this point considering data minimisation.  It is suggested that this issue has relevance for the balancing of rights, though it is not a factor listed as relevant for the third element of the test by the court.  The third stage lists some familiar considerations but does not go beyond their identification, giving the national court little guidance as to what these considerations might mean, how they might inter-relate and their respective importance.   It may be that the Court did not want to have to get into the difficult consideration of private space, especially shared private space. In this context, note that Rynes considered the impact of private surveillance on public space, but for the assessment of a different question: the extent of the household exemption.  Nonetheless, while the Court notes the relevance of Articles 7 and 8 of the Charter it gives no separate consideration to the issue of the right to a private life and data protection seen as a fundamental right.  For this, the judgment might be legitimately criticised.

Barnard & Peers: chapter 9
Photo credit: Deacon Insurance

Thursday 5 December 2019

Pilate washing his hands. The CJEU on pre-trial detention

By Adriano Martufi (Assistant Professor, Leiden University) and Christina Peristeridou (Assistant Professor, Maastricht University)


The very recent ruling of the CJEU in DK (C-653/19 PPU, 28 November 2019) came to verify two quite depressing suspicions about the current status of European criminal law. First, Directive 2016/343 on the presumption of innocence remains an instrument with staggeringly limited applicability especially in the field of pre-trial detention. Second, pre-trial detention stands as a political and legal hot potato: neither the CJEU nor the EU legislator are eager to provide common standards on pre-trial detention, even if the lack of these standards is partly to blame for problems of mutual trust between judicial authorities in the Member States.

The facts

In DK, the Bulgarian Specialised Criminal Court requested a preliminary ruling for the compatibility of the national code of criminal procedure with Article 6 of the Directive on the presumption of innocence, and Articles 6 (right to liberty) and 47 (fair trial and effective remedy) of the EU Charter of Fundamental Rights. In Bulgarian criminal procedure, when the case of an already detained suspect reaches trial, the trial court is responsible to deal with the detention, next to the merits of the case. Once the trial court finds the detention lawful, it becomes indefinite and can only be reviewed on application of the defendant; in such application the defendant must convince the court of changed circumstances that would justify release.

The Bulgarian court wonders whether this national rule shifts the onus from the prosecution to the defendant in providing evidence for release, thereby conflicting with Article 6 of the Directive on the burden of proof, which states that the burden of proof in proving guilt is for the prosecution. DK has been in custody since 11 June 2016 and has filed various applications for release to the trial courts (first and second instances). All of these were rejected since he failed to provide evidence of changed circumstances pointing towards release.

The ruling

The Court, ruling under the urgent procedure, delivered a short and to the point judgement where it found that Article 6 of the Directive on the presumption of innocence and Articles 6 and 47 of the Charter do not apply to the situation at hand (para 42). The syllogism is based on a collection of arguments from the wording of the Directive together with previous jurisprudence. First, the Directive only provides for minimum harmonisation and it does not lay down rules on pre-trial detention exhaustively. Indeed, in previous case law the Court verified that the examination of reasonable suspicion, the evidence used and the judicial reasoning in ordering pre-trial detention remain subject to national law (Milev). Second, a grammatical reading of Articles 4 and 6, and recitals 16 and 22 of the Directive reveals, according to the Court, an implicit distinction between judicial decisions on guilt and other procedural acts such as remand procedures. Following AG Pitruzzella’s Opinion, the argument is that, in contrast with Article 4 (public reference of guilt) which applies only to decisions of pre-trial nature, Article 6 (burden of proof) applies solely to decisions on guilt. Thus, the burden of proof must be borne by the prosecution only for judicial decisions pertaining to a finding of guilt, and not for other decisions of pre-trial nature. Third, since this case falls outside the realm of the Directive – and thus EU law – the Charter is not applicable (Article 51). Articles 6 and 47 of the Charter cannot be invoked ad hoc, as there is no application of EU law.


The Court in DK confirms the European Union legislator’s view on the presumption of innocence being a thin, limited concept. The Directive on the presumption of innocence had little ambition, putting forward a minimalistic presumption. To this extent, DK has no transformative effect: there is no brave expansion of EU law with some sort of judicial activism. The Court upholds the status quo. Yet this mundane result does not sit well with the increasing discomfort of having judicial cooperation without common pre-trial detention standards. Given that the overuse of detention on remand has become increasingly problematic in numerous EU legal systems – even leading to exceptions to the once unyielding mutual trust in Aranyosi – one could hope that this Directive would form a stepping stone to regulate certain aspects of pre-trial detention.

After all, the ECtHR has repeatedly linked the presumption of innocence and pre-trial detention, as the latter may negatively affect the former. In the absence of legislative harmonisation, it would arguably fall to the CJEU to fill the ‘gaps’ of protection left by the EU legislator. DK could offer such opportunity: very recent ECtHR case law has taken aim at practices of shifting the burden of proof within remand proceedings similar to those seen in DK. It would have been quite easy for the CJEU to fall back to ECHR standards, which seemed tailored to the problem raised in DK. Yet the Court did not engage into a carpe diem moment. What is more, the arguments developed by the Luxembourg judges are far from flawless and deserve closer scrutiny.

Interpretation of the Directive

To begin with, the Court held that the situation in DK escapes the scope of the Directive in a simplified and incomplete manner. The Court draws the strength of its arguments from the grammatical reading of the Directive as provided by AG Pitruzzella. According to the latter, while some provisions of the Directive cover trial and pre-trial measures alike, others target exclusively trial measures. This is extracted from references made in Article 4 (public references to guilt) to all ‘judicial decisions’ other the one on guilt. An all-encompassing notion is surely not repeated by Article 6 (burden of proof) and the elucidations on this article provided by the preamble. This grammatical analysis, according to the AG and the Court, points to the conclusion that the two provisions are meant to apply to different stages of criminal process. It is indeed the case that Article 6 speaks of the ‘burden of proof for establishing the guilt’ of the suspect, and not of any burden of proof. Having said that, one could argue that if the legislator had made such distinction between pre-trial and trial stage pertinent for the applicability of these articles, it would have made that more explicit in the text.

In light of the above, it is perplexing that in the previous case of RH the Court dealt with the issue quite differently. There it provided a different reading of Article 6 of the Directive by stating that this provision broadly refers to ‘any obligation on the judge or the competent court to seek both elements of inculpatory and exculpatory evidence’ (para 56 in RH). In doing so, it established a conceptual connection between Articles 4 and 6 of the Directive, implying that Article 6 would be relevant for pre-trial detention. By contrast, the Court in DK tried to nuance this link, in an effort to rule out the relevance of Article 6 for pre-trial detention proceedings. This is however surprising as, in reality, the presumption of innocence does indeed apply to those proceedings under ECHR standards and under most, if not all, national legal systems.

Conclusively, even if the Court’s reading of the Directive is not prime facie implausible, the lack of any further argumentation against extending Article 6 to pre-trial detention leaves much to be desired. All in all, the AG’s Opinion offers a more complete and holistic account to support such a thin understanding of the presumption of innocence. The travaux preparatoires showed that the Commission had insisted on excluding pre-trial detention from this Directive all together (point 33 of Opinion). The Court's reading of the Directive would have appeared less legalistic and more convincing, had it explained its change of heart from RH by referring to the telos of the Directive as intended by the drafters.

The Charter

But the Court was also asked to interpret Articles 6 (right to liberty) and – surprisingly – 47 (effective remedy and fair trial) of the Charter. Based on the facts of the case, one would have expected the Bulgarian court to request the interpretation of Article 48 (presumption of innocence). It is not apparent why the right to an effective remedy (or generally to a fair trial) is relevant here, although one may argue that the shift of the burden of proof described above challenges the effectiveness of the remedy: being in custody, DK could not easily provide new circumstances to challenge his detention. Having said that, an (additional) argument including the presumption of innocence (Article 48 Charter) would have been stronger. This is confirmed by the Opinion, as AG Pitruzzella groups Articles 47 and 48 together although no reference to Article 48 was made by the referring court.

In spite of these inconsistencies, the Court’s way of dealing with the interpretation of the Charter is bizarrely introvert. With a few laconic sentences (para 40-41), it dismisses the national court's requests stating that the situation at hand did not fall under EU law (the Directive) and therefore the Charter's safeguards could not be consistently triggered. Relying on Article 51, the Court aseptically reiterates that the Charter comes into play only when national authorities are ‘implementing EU law’.

Yet, the Court has taken the view in the past that the Charter could be applicable not only when EU law is implemented, but also when a more tenuous connection exists. In our case, whereas pre-trial detention is not exhaustively regulated by the Directive, some parts are indeed affected (Article 4 prohibits references to guilt in pre-trial detention orders). Thus, a connection with EU law does exist, and there could be an argument in favour of using further the Charter following Åkeberg Fransson. Furthermore, the Charter has been used in the past to cover lacunas. In Aranyosi, while the EAW Framework Decision did not provide any ground for refusal on grounds of (potential) fundamental rights' violations, the Court used the Charter to fill up this lacuna and substantially created one.

In Aranyosi, the Court followed a more principled approach, even going against a literal or teleological interpretation of the legal instrument in question. Remarkably, this happened even though the Luxembourg judges were under huge pressure to uphold mutual trust and maintain the EAW procedure unaltered. Why didn’t the Court do the same in DK?

Notably, we are not the only ones to raise this question. AG Pitruzzella himself criticises heavily (and in a rather strong tone) the lack of common standards for pre-trial detention and urges the EU legislator to move forward with this subject (points 20-22). Quite interestingly, however, he concedes that he has ‘no choice’ but to conclude that the facts in DK fall outside Union law. Similar remarks were expressed by the Opinion in Milev, with AG Wathelet disagreeing strongly with the Commission’s view that the Directive did not include any substantial provisions for pre-trial detention (points 55-57).

Explanation of Court’s approach

So why didn’t the Court extend Article 6 application on the burden of proof to pre-trial detention, following an application of the Charter?

One plausible explanation is that the Charter is not automatically conducive to an expansion of the protective scope of this Directive. The Court has reiterated in Milev (para 47) and in DK that harmonisation is not exhaustive. In this sense, this Directive provides for a partial (and minimum) harmonisation as only certain aspects of the presumption of innocence are dealt with. Thus, in this case the Charter cannot expand the scope of the harmonisation more than the way the Directive already defines it. In constitutional terms, one could argue that the Court may have been wary to step beyond the red lines set by the principles of subsidiarity and conferral. Of course, the Luxembourg judges could easily shield themselves behind the inherent vagueness of the presumption of innocence. This is a notoriously elusive concept, poorly implemented in practice and theoretically divisive. Some national laws hardly go any further that a statement of principle and, despite sincere and sophisticated efforts, scholarship is deeply divided on its meaning. In this sense, the EU legislator was quite brave to consider touching upon it. In our view, the Directive would have enjoyed more success and less uncertainty, had the harmonisation of the presumption of innocence been complete.

A second explanation for not following a principled approach may derive from a general unwillingness to engage in judicial activism, especially in light of the delicate legal issue underlying the preliminary ruling. Pre-trial detention is a controversial topic, as the debate on its harmonisation at EU level clearly reveals. On multiple occasions, the EU has indicated that it may adopt minimum rules in these matters (Green Paper, EP Resolution), and yet so far the reaction by Member States has been lukewarm. Pre-trial detention is regarded as being incredibly diverse and therefore complicated to harmonise, so that EU legislator has chosen to focus on the less troubling alternative measures (with the so-called ESO Framework Decision).

Arguably, in the case at hand, the Court is reluctant to touch upon pre-trial detention given the strong opposition of both the Commission and the Council to include this within the scope of the Directive. But pre-trial detention does have a strong human component that is difficult to ignore: before excluding the situation at hand from Union law, AG Pitruzzella half-heartedly admits that the defendants in the domestic proceeding had as only option to bring their case before the ECtHR – a scenario which, as the AG himself recognises, may take years to materialise (point 21). This is a simple but powerful remark, shifting the perspective from the European courts, with their intricacies and conflicts, to the one of the defendant. The question – implicitly but ever so powerfully posed – is whether or not the time has come for the EU to address pre-trial detention as an EU matter.

A third explanation invites us to look at DK in the light of the prior case law concerning references issued by Bulgarian courts. Before DK, two more cases were raised by the same court, challenging the compatibility of domestic pre-trial detention regime with EU law. Both in Milev and in RH, the Bulgarian court requested clarification for the same national legislation and its relation to the Directive. As explained by AG Wathelet in Milev, the pre-trial detention regime had been amended due to ECtHR developments but the status quo divided the judges. In RH, the Bulgarian court even revealed some details of the internal judicial struggles amongst the Bulgarian Supreme Court and the lower courts: the former had ordered the latter not to wait for the response of the preliminary reference procedure, in order to rule on the pending status of the detention ‘within reasonable time’. Due to the defiance of the lower court, even disciplinary proceedings were launched. This occurrence was even put forward as a question to the CJEU regarding judicial independence (a rather fashionable topic these days), with regard to the power to prevent lower courts from waiting for the CJEU’s response in preliminary reference procedure. With this background in mind, we could see DK as a request for the CJEU to play the referee for a national debate. This may provide further leads to understand the Court's reluctance to rule on this topic.

But leaving aside the domestic quarrels between Bulgarian courts, the fact remains that a struggle is taking place in that country to uphold human rights standards and enhance their level of protection in criminal proceedings. It is only natural that the Directive on the presumption of innocence – especially in light of the wider interpretation given in RH – would be used by Bulgarian judges as a breeding ground to achieve that result. DK could in fact be the opportunity for the CJEU to exercise its role as ‘competence regulator’ – aiguilleur des compétences (point 21 Opinion). Referring to Vedel’s theory of constitutional control, AG Pitruzzella advised the Court to seize this opportunity and give an indication to the national authorities of the right path for reforming their national procedure on pre-trial detention. As has become apparent, the Court did not follow his advice.

DK might have the effect of discouraging national courts to follow up with more questions on the application of the Directive in relation to pre-trial detention. Yet it is a wonderful addition to previous case law, demonstrating that pre-trial detention is increasingly becoming a candidate for intervention by the EU; the question of harmonising pre-trial detention cannot be ignored much longer if national courts keep asking the CJEU to intervene.

Barnard & Peers: chapter 9, chapter 25
JHA4: chapter II:4
Art credit: Jan Lieven, via Wikicommons 

Wednesday 4 December 2019

The European Commission proposals on “Green” finance and the financial regulators’ initiatives on sustainability

As green politics have gained greater public attention and support, investors who mandate financial intermediaries to take investment decisions on their behalf are calling for more sustainable products and greater transparency about how and where their money is invested. 

To accommodate investors’ request, financial intermediaries are offering financial products labelled as “green”.  These products are in the process of being regulated by the European Commission whose aim is to encourage capital flows towards sustainability and to provide investors with more clarity on what constitutes a sustainable investment.

In December 2018, the European Commission mandated a group of social, financial and academic experts to develop a strategy on sustainable finance which incorporates Environmental, Social and Governance (ESG) considerations into investment decisions and ensures that clients are accurately informed.

To implement the sustainable strategy, the European Commission adopted a package of proposed measures:

- Regulation on the establishment of a framework to facilitate sustainable investment (the “Taxonomy Regulation”)

- Regulation on disclosures relating to sustainable investments and sustainability risks and amending Directive (EU) 2016/2341 (the “Disclosure Regulation”)

- Regulation amending the benchmark regulation (the “Low Carbon Benchmark Regulation”)

This article analyses each proposed Regulation, explains the proposed requirements for a product to be labelled and branded as “green” and the regulators’ initiatives towards sustainability.

The Taxonomy Regulation

The Taxonomy Regulation establishes uniform criteria to determine whether an economic activity is environmentally sustainable and can, therefore, be labelled as green.  When offering green funds, financial intermediaries must indicate the extent to which the criteria for environmentally sustainable economic activities were used.  This is to avoid raising capital for “green” purposes without clear benefits to the environment.

The Taxonomy Regulation applies to the Union, Member States and financial market participants.  Manager of UCITS, AIFs, EuVECA and EuSEF, insurers and pension products providers fall within the definition of financial market participants and are referred to in this article as participants. 

Environmentally sustainable investment

To be considered as environmentally sustainable, an investment must fund one or more economic activities which:

- contribute substantially to one or more of the environmental objectives
- do not significantly harm any of these objectives
- comply with the minimum safeguards and the technical screening criteria

The environmental objectives set out in the Taxonomy Regulation are climate change mitigation, climate change adaptation, sustainable use and protection of water and marine resources, transition to a circular economy, waste prevention and recycling, pollution prevention and control and protection of healthy ecosystems.

The above activities must comply with the criteria set out in Article 12 of the Taxonomy Regulation which determines whether an economic activity harms any of the environmental objectives significantly.

Minimum safeguards

The economic activities must be carried out respecting the minimum social and governance safeguards, being the principles and rights set out in the International Labour Organisation’s declaration on Fundamental Rights and Principles at Work.

This is to ensure that financial intermediaries do not neglect social factors while promoting environmentally sustainable products.

Technical screening criteria

The economic activities must comply with the technical screening criteria set out in Article 14 of the Taxonomy Regulation:

- identify the most relevant potential contributions to the given environmental objective, over the short and long-term impacts 

- specify the minimum requirements to avoid significant harm to other objectives 

- be qualitative or quantitative, or both, and contain thresholds where possible

- build upon Union labelling and certification schemes, methodologies for assessing environmental footprint, and EU statistical classification systems, and take into account any relevant existing EU legislation

- be based on conclusive scientific evidence, high quality research and market experience

- consider the life-cycle of an economy activity 

- take into account the nature and the scale of the economic activity 

- consider the potential impact on liquidity in the market, the risk of certain assets becoming stranded as a result of losing value due to the transition to a more sustainable economy, as well as the risk of creating inconsistent incentives

- cover all relevant economic activities within a specific sector and ensure that those activities are treated equally if they contribute equally towards one or more environmental objectives, to avoid distorting competition in the market

- be set so as to facilitate the verification of compliance with those criteria whenever possible

If the investment funds one or more of the environmental objectives without causing significant harm to any of them and complies with the minimum safeguards and technical screening criteria, that investment can be labelled as green and EU compliant.

It must be noted that the Taxonomy Regulation considers E (environmental) factors only.  Social and governance related investments are expected to be regulated through separate legislative proposals.

The Disclosure Regulation

While the Taxonomy Regulation establishes the framework to define an environmentally sustainable activity, the Disclosure Regulation sets out how managers must disclose certain information to provide greater clarity and transparency to investors.


Participants are required to publish policies on the integration of sustainability risks in their investment decision-making process on their websites and keep these policies up to date. 

The website must have:

- a description of the sustainable investment target
- information on the methodologies used to assess, measure and monitor the impact of the sustainable investments, including its data sources, screening criteria for the underlying assets and the relevant sustainability
- an index or target as appropriate
- the information included in the periodical reports (discussed below) 

The methodology used for calculation of indexes and benchmarks must be made readily available for investors. 

Pre-contractual disclosures

The following descriptions must be included in pre-contractual disclosures:

- the procedures and conditions applied for integrating sustainability risks in investment decisions
- the extent to which sustainability risks are expected to have a relevant impact on the returns of the financial products made available
- how the participants’ remuneration policies are consistent with the integration of sustainability risks and are in line, where relevant, with the sustainable investment target of the financial product

Financial products with an index

If a financial product has as its target sustainable investments or investments with similar characteristics and an index is designated as a reference benchmark, the information to be disclosed must be accompanied by the following:

- information on how the designated index is aligned with that target

- an explanation as to why the weighting and constituents of the designated index aligned with that target differ from a broad market index

Financial products with no index

If a financial product has as its target sustainable investments or investments with similar characteristics and no index is designated as a reference benchmark, the information must include an explanation of how that target is reached.

Periodical reports

Periodic reports (i.e. annual and/or interim) must include:

- the overall sustainability-related impact of the financial product by means of relevant sustainability indicators

- if an index is designated as a reference benchmark, a comparison between the overall impact of the financial product with the designated index and a broad market index in terms of weighting, constituents and sustainability indicators

The Low Carbon Benchmark Regulation

The Low Carbon Benchmark Regulation establishes a new category of benchmarks comprising low-carbon and positive carbon impact benchmarks, which provides investors with better information on the carbon footprint of their investments. 

A low-carbon benchmark is defined as a benchmark for which the underlying assets are selected to have fewer carbon emissions than the assets that comprise a standard capital-weighted benchmark.

A positive carbon impact benchmark, by comparison, is defined as a benchmark for which the underlying assets are selected on the basis that their carbon emissions savings exceed the asset's carbon footprint.

Recently, there has been an increase in ESG benchmarks.  The users of those benchmarks do not always have the necessary information on the extent to which the methodology used to establish the benchmark considers ESG objectives.  The Low Carbon Benchmark Regulation requires disclosure of how the methodology takes into account the ESG factors for each benchmark or family of benchmarks to enable investors to make well-informed choices.

Technical report on the Taxonomy

The European Commission mandated a technical expert group (TEG)  to develop a unified classification system known as a Taxonomy.

In June 2019, the TEG published a report containing technical screening criteria for 67 activities that can make a substantial contribution to climate change mitigation across the sectors of agriculture, forestry, manufacturing, energy, transportation, water and waste, ICT and buildings. 

The report also contains methodologies and worked examples for evaluating substantial contribution to climate change adaptation, guidance and case studies.

The TEG’s mandate was extended until the end of the year to refine and further develop some incomplete aspects of the proposed technical screening as well as issuing further guidance on the implementation and use of the Taxonomy.

While the TEG is working on finalising the criteria, in order to avoid disproportionate costs for participants, a number of provisions were put in place to ensure that the Taxonomy will only be used once it is stable and mature.  Each activity fund managers would like to invest in must be analysed carefully to ensure that it satisfies the criteria set out in the Taxonomy.

The financial regulators’ initiatives towards sustainability

While some countries are regularly monitoring the EU’s proposed regulations on green finance, others have already enacted domestic legislation to safeguard investors in green products.  This will be analysed alongside third countries’ initiatives like China and Hong Kong that are significantly contributing towards a greener economy.

EU Member States


France is the most active country when it comes to sustainability.  Article 173-VI of the Law on Energy Transition for Green Growth (LTECV) requires asset management companies and institutional investors to provide information on the social and environmental consequences of their activities.  This includes disclosing impact on climate change, social factors, the circular economy, the fight against food waste, discrimination and promoting diversity.  However, the “comply or explain” principle applies to Article 173-VI giving flexibility to asset management companies and institutional investors to providing valid reasons for the non-compliance (Article 173-VI: Understanding the French regulation on investor climate reporting).

In July 2019, the Autorité des Marchés Financiers (AMF), the financial regulator in France, established the AMF’s Climate and Sustainable Finance Commission made up of experts mandated to ensure collective progress in understanding the challenges around sustainability. 

The AMF is reviewing KIIDs and prospectuses of French authorised funds to ensure that the information provided by asset management companies on their investment strategy and climate-related risks is clear, accurate and not misleading.  The AMF’s supervisory power was reinforced by the law on Business Growth and Transformation (the “PACTE Law”).

United Kingdom

The Financial Conduct Authority (FCA), the financial regulator in the United Kingdom, issued a Discussion Paper (18/8) on Climate Change and Green Finance last month saying it will challenge firms which provide misleading information on their “green” activities to investors.  The FCA will take appropriate action (e.g. issuing further policy and guidance) to prevent consumers from being misled and to align UK rules with EU regulations.  

The UK’s exit from the EU should, in theory, not compromise the UK's compliance with the EU legislative proposals.  The Taxonomy Regulation, the Disclosure Regulation and the Low Carbon Benchmark Regulation were all listed in the Financial Services (Implementation of Legislation) Bill 2017-2019 as pending EU legislation to be onshored.  It is likely that these regulations will be onshored into UK law under the legislation relating to the UK’s withdrawal from the EU and for the purposes and duration of any transitional or implementation period. 


The Commissione Nazionale per le Società e la Borsa (CONSOB), the financial regulator in Italy, recently established a Steering Committee to regularly monitor EU proposals, studies, researches and analysis on sustainable finance.

As to the domestic legislation, the Regulation establishing the provisions for implementation of Legislative Decree no. 58 of February 24, 1998, on intermediaries (Decree 58) requires intermediaries to provide accurate information (i.e. objectives and characteristics, general criteria for selection, policies in exercising voting rights, income generated) on products and services defined as “ethical” or “socially responsible”.  That information must be made available on the firm's website and disclosed yearly. 

Non-EU Member States


In December 2017, the China Securities Regulatory Commission (CSRC) issued standards for the content and format of the information provided in the semi-annual and annual reports produced by listed companies.  These standards include requirements for companies to report on relevant ESG matters. The requirements are mandatory for key polluters and apply on a comply-or-explain basis for all other listed companies.  CSRC is expected to introduce requirements for all listed companies and bond issuers to disclose environmental risks associated with their operations by 2020 and the requirement will become mandatory for all listed companies by then.

It is important to note that China’s guidelines for establishing a green financial system encourage securities regulators to increase penalties for listed enterprises and bond issuers that falsify environmental information (Sustainable Stock Exchanges Initiative).

Hong Kong

The Securities and Futures Commission of Hong Kong (SFC) issued a circular applicable to SFC-authorized funds incorporating ESG factors into their investment objective or strategy.

Under this circular, offering documents of SFC-authorized funds must contain information (i.e. description of key investment focus, relevant green or ESG criteria or principles…) necessary for investors to make an informed judgement of whether or not to invest in these products.  The manager of a green fund must regularly monitor and evaluate the underlying investments to ensure their fund meets the investment objective and requirements set out in the SFC’s circular.

The SFC is also in the process of launching a central datable of green funds on a dedicated webpage on its website.  Only SFC-authorized green funds complying with the requirements set out in the SFC’s circular will be listed.  The webpage is expected to be launched by the end of this year.


An analysis of the European Commission proposals is required for managers who are or will be offering financial products branded as green.  These products will have to comply with the criteria set out in the Taxonomy Regulation and participants disclose clear and accurate information so that investors can make well-informed decisions.  The Taxonomy Regulation will apply to climate change mitigation and adaptation activities from 1 July 2020 and appropriate measures must be taken by financial intermediaries if their funds invest in one or both of these economic activities. 

The European Commission will permit EU Member States to enact domestic legislation on green products.  This may help countries establishing national frameworks to facilitate sustainable investments, for example, issuing a special tax regime for green funds. 

However, the International Organization of Securities Commissions (IOSCO) has identified some discrepancies amongst domestic legislation on sustainable finance and this may undermine investors’ confidence.  The European Securities and Markets Authority (ESMA) stresses that coordination should be sought between countries and sustainability promoted and implemented by global regulators.  Similar and consistent measures across different jurisdictions would encourage financial intermediaries to market their green funds across the world enhancing capital flows towards sustainability.  

The Taxonomy could be a viable solution for establishing a unified and consistent classification system across several jurisdictions.  However, more actions must be taken to enhance investors’ confidence.  The SFC’s dedicated webpage listing ESG compliant funds should be considered by other regulators as this might have a positive impact on investing in green funds.

The CSRC’s initiative to making these requirements mandatory and to penalise financial intermediaries who provide misleading information could also be considered by EU regulators.  If the EU requirements become mandatory and the EU introduces penalties to financial intermediaries for non-compliance, investors would be properly safeguarded.  This would discourage financial intermediaries from offering funds labelled as green which do not have clear benefits to the environment.

Further reading:

European commission, Green Finance: Overview.  Available at

Barnard & Peers: chapter 23
Photo credit: