Brussels, 19/04/2001 (Agence Europe) - As previously indicated (see EUROPE of 21 March, p.4), the Council adopted, through a decision last 19 March, a security regulation that covers both general security measures, the classification of documents, the protection of communications, the use of information technologies as well as relations with the Member States of the European Union, third countries and international organisations. This regulation, which has just been published in Official Journal L101 on 11 April, applies as of 1 December 2001. Rather tedious reading, the 66 pages of this decision, including 12 sections and 6 annexes, seems to betray a strong move in favour of security. If the Council took the care to re-organise the other institutions and says that it wants to respect Article 225 of the Treaty (public access to documents), the decision none the less offers a framework that significantly exceeds the needs of the security and defence policy and allows to guarantee wide ranging confidentiality to all manoeuvres undertaken within the institution.
Those studying this decision let is be known that in practice, most of the EU information classified at the "EU CONFIDENTIAL" level and above concern the common policy in terms of security and defence (ESDP). They also express the Council's desire to re-organise the other institutions: - the Commission, which is invited to adopt a global system that is in accordance with the annexes of the Council decision; - the Parliament, which the Council admits must be associated, if need be, to the regulation and the standards of confidentiality that are not necessary to protect the interests of the Union and its Member States. The decision, which is passed without prejudice to Article 225 of the Treaty, nor the instruments implementing it, foresee that the regulation should be applied by the Council in its offices, but also by the Member States, which must take steps to ensure its respect by the members of the Permanent Representations, the members of the national delegations present at Council meetings and the other members of the national administrations. The regulation underlines two principals that seem legitimate, especially in the field of security and defence: - the principals according to which the release of confidential documents must only occur according to a "need to know basis"; - moderation in the use of a high classifications in order to avoid any loss of confidence in the system. Though it also foresees the creation of two bodies attached to the Secretary General: (1) a Council security committee formed of representatives from the national security authorities and (2) a security office with the General Secretariat responsible for carrying out regular inspections within the General Secretariat and in the decentralised bodies of the EU as well as, in conjunction with the national authorities, in the Permanent Representations of the Member States. The regulation also specifies that the classification of information as well as all declassifying or future declassifying is incumbent to the sole authority of origin.
Though it is only as of Section IV, dedicated to physical security, that this regulation provides a detailed vision of the fortress it proposes to build. It is right to protect, through the appropriate physical security measures each area, office, building, room, communications and information system, etc. where classified EU information and material are stored or processed, it details before setting out the rules that apply to two categories of "security areas". To these areas placed under high surveillance, are added an administrative area that surrounds it or precedes it and which is less protected, though it is located in a perimeter with controlled access. Only unclassified information and that bearing the stamp "EU RESTRICTED" will be able to be processed and stored. The text then reviews: - the rounds; - the categories of furniture and safes, that will have to be certified; - the locks (also certified and divided into three groups); - the keys and combinations; - the tools for intruder detection; - protection against prying eyes ("All the measures necessary will have to be taken, day and night, to ensure that classified EU information cannot be seen, even accidentally, by unauthorised persons"); - protection against eavesdropping.
Section IX, which deals with security during meetings that will take place outside Brussels and Luxembourg, foresees the integration of installations provided for the press and areas for eating and lodging in the administrative area. When a national delegation wants to receive a visitor within the security area, this person will have to be permanently accompanied by a security guard or by the person who invited them. The permanent wearing of a badge is required during external meetings, while it is not mentioned in the section that covers the Council premises. It should be noted that security experts also feel that a systematic checking of the pass during access to an area is clearly more effective than a visual check made from a distance.
In Section V (general rules concerning the need to know principal and the security clothing), we learn that: people needing access to classified EU information are warned as of their taking up their duties, and then periodically: a) of the dangers to security represented in indiscreet conversations; b) precautions to be taken in relations with the press; c) the threat represented by the secret services that target the EU and the Member States and which are interested in classified information and the activities of the EU.
Section VII brings numerous details concerning the preparation, release, transmission, archiving and destruction of classified EU material. In it we find various kinds of stamps that will be stamped in the header and footer of each page of a classified document. The documents will have to be passed on from one Member State to another through the diplomatic or military postal services, but could be passed within a Member State through the ordinary post (if the county's regulations allow this). Furthermore, the texts specified that documents cannot be read in public places, for example in a plane or a train. Annex 3 provides a "practical guide to classification", which allows to stamp the mark "EU RESTRICTED" on any document when it risks, for example: - damaging diplomatic relations; - causing significant suffering to people; - causing financial losses and leading to the obtaining of gains or undue advantages in trade or strategic negotiations; - blocking the drafting or effective functioning of EU policies; - compromise the good management of the EU and its activities. To be classified "EU CONFIDENTIAL", it would suffice for a document to: - give rise to official protests; - compromise in a significant manner the financial viability of major organisations; - move heavily against the financial, monetary, economic and trade interests of the EU or its Member States; - significantly disturb in whatever manner the important activities of the EU. All the documents likely, among others, to (1) provoke international tensions, (2) seriously damage relations with friendly governments, (3) directly threatens human lives or to seriously affect public order or the security or the freedom of people could bear the mark "EU SECRET". As for the "EU VERY SECRET", it will notably be applied to documents whose release risks: - directly threatening the internal stability of the EU or of one of its Member States or friendly countries; - cause an exceptional prejudice to the operational efficiency or security of the armed forces; - cause a serious long-term prejudice to the economy of the EU or the Member States.