It has become boringly predictable: after each terrorist attack, in a knee-jerk reflex one minister after the other urgently and loudly demand more collection of personal data. Last year French Prime Minister Manuel Valls was on a crusade for the mass collection of flight passenger data (PNR), this week Belgian Interior Minister Jan Jambon uses the Berlin terrorist attacks to push for a scheme that had been on his wish list for some time: the collection of all travel data of passengers on international bus and train trips.
Before that, it was bank account data, mass surveillance of the internet and telecommunication, biometric data, or any other personal data you can think of. Each time "fighting terrorism" is the justification for more mass surveillance. Anyone who dares to ask critical questions about necessity, proportionality, fundamental rights or indeed effectiveness of those schemes, is lambasted for hampering the fight against terrorism. Courts who actually apply the law, and limit the storage of data of innocent people, are called "out of touch with reality" (by people who clearly have no regard for the separation of powers).
But with the same predictability, after each attack it turns out the terrorists were already on the radar screen of the authorities. The information was already available. But systematically, the risks were underestimated, or information had not been exchanged. In the case of Anis Amri, the terrorist who created havoc on the Berlin Christmas market, it turned out the Italian authorities had not registered him in Eurodac, the EU data base of finger prints of asylum seekers.
This too is a systemic problem: EU member states push very hard for the creation of European data bases, like Eurodac or SIS (Schengen Information System), but then fail - or even refuse - to feed all relevant information into those systems. After the Paris and Brussels attacks, it transpired that member states had been seriously dragging their feet when it comes the actual feeding of information into the Schengen Information System. The failure of Italy to enter Amri's fingerprints into Eurodac is particulary painful, as the national governments a few years ago loudly demanded a change in the Eurodac regulation, allowing the use of Eurodac for law enforcement purposes. The European Parliament was sceptical, but in the end accepted it reluctantly. Now that it is there, member states fail to use it.
After the Paris and Brussels attacks, it transpired that only a handful of member states actually fed information into the Schengen Information System, which means terrorists could remain below the radar. After Paris and Brussels, member states pushed very hard for new systematic checks at the external Schengen borders. However, member states refused to accept the obligation to fill the SIS, as proposed by the European Parliament.
In an area without internal borders, terrorism can be fought effectively only by sharing information. Information sharing is now the new buzz word. But in reality member states have no appetite for sharing information. Instead, they prefer, like Mr Valls and Mr Jambon, to pull up a smoke screen, and loudly call for more data collection, knowing full well that the lack of information is not the problem. The lack of sharing and using the available information is.
The Council counter terrorism coordinator, Mr Gilles Dekerchove, is always calling for more and more and more mass surveillance, like a broken record. But instead of his insatiable data hunger, he should make sure that the member states actually start filling the EU data bases, and sharing information on a systematic and compulsory basis.
In addition, the European Commission should focus its energy not on pressurising the European Parliament in signing the umpteenth data collection scheme, but on starting infringement procedures for member states who fail to use the existing data bases.
Instead of deliberately deluding the public into thinking that more and more mass surveillance will enhance security, responsible politicians should push very hard for true information exchange and cooperation.