Fourth progress report towards an effective and genuine Security Union

This is the fourth monthly report on the progress made towards building an effective and genuine Security Union and covers developments under two main pillars: tackling terrorism and organised crime and the means that support them; and strengthening our defences and building resilience against those threats. This report focusses on four key areas, information systems and interoperability, soft target protection, cyber threat and data protection in the context of criminal investigations.

The December 2016 Berlin Christmas market attack has again highlighted serious weaknesses in our information systems that need urgently to be addressed, in particular at EU level, to help national border and law enforcement authorities on the ground to do their demanding jobs more effectively. The fact that the different information systems are not interconnected – allowing attackers to use multiple identities to move undetected, including when crossing borders - and that that information is not routinely uploaded by Member States into the relevant EU databases are practical implementation weaknesses that need urgently to be remedied. Furthermore, when it comes to law enforcement measures on the borders and returning persons whose asylum requests have been rejected, further work is also needed.

In terms of soft target protection, the Commission will accelerate the work it is doing to bring together experts from Member States to share best practice and agree standard guidelines.

The cyber threat facing the EU is receiving widespread media coverage and this report looks at the various different work strands in this area already underway. This covers both the prevention side – through work with industry to promote security by design and implementation of the Network Information Security Directive – and fostering cooperation between Member States and with international organisations and partners on dealing with cyber-attacks as they happen. In the coming months, the Commission and the High Representative of the Union for Foreign Affairs and Security Policy will identify the actions needed to provide an effective EU-wide response to these threats, building on the 2013 EU Cybersecurity Strategy.

The protection of individuals' privacy and personal data is a key fundamental right and thus a cornerstone in any action towards a genuine Security Union. The Data Protection Directive for the police and criminal justice field adopted in April 2016 ensures a common high standard of data protection and will therefore facilitate smooth exchange of relevant data between Member States' law enforcement authorities.

The Commission has also launched a revision of the ePrivacy Directive as part of its Data Package to extend the Directive's coverage to include all electronic communication providers and to bring its provisions in line with the General Data Protection Regulation. The proposal is designed to ensure privacy of electronic communication while also setting out the grounds under which restrictions of the scope of the ePrivacy Regulation can be envisaged, including for reasons of national security or criminal investigations.

• Primary Source