European Security Research Programme: Lacking democracy and transparency

By Chris Jones

By 2020, the European Union will have invested over €3 billion in the European Security Research Programme, which is supposed to develop “innovative technologies and solutions that address security gaps and lead to a reduction in the risk from security threats.”[1] In practice, the programme has been dominated by corporations and major national research institutes who seem intent on introducing a surveillance society in the name of public security – a particularly disturbing prospect in a Europe where increasingly illiberal governments are exploiting fears over terrorism and migration to ensure “exceptional and temporary powers [are] permanently embedded in ordinary criminal law.”[2]

The official name of the European Security Research Programme (ESRP) is “Secure societies – protecting freedom and security of Europe and its citizens”. It is worth €1.7 billion between 2014 and 2020 and is part of the €77 billion Horizon 2020 research and development budget. Its predecessor was part of the 2007-13 Seventh Framework Programme (FP7) and had a budget of €1.4 billion.

The ESRP is complemented by other multi-billion-euro internal security budgets that pay for the implementation of EU security policies. It is also foreseen that they will, eventually, finance the acquisition and use of technologies developed through the research programme. The ultimate vision is for a public-private, self-fulfilling loop of supply and demand based on the production and purchase of militarised security “solutions”.

High-tech security

ESRP research projects have included multi-million-euro investigations into border control robots and drones, biometric capture and identification technologies, new data-mining and predictive analysis systems for the police, all manner of remote sensing equipment to discover drugs, explosives, concealed people or goods, and even ways to transform public institutions to make them more accepting of new security “innovations” cooked up by the industry.

Recent notable projects include ROBORDER,[3] which aims to develop “swarms” of “unmanned mobile robots” for border surveillance. It will be complemented by CAMELOT,[4] which is developing the systems for managing the data collected by the “swarms”. Both projects are led by the Portuguese company Tekever, which promises its customers “field tested and battle proven” drone systems. It will be working alongside companies such as Thales, BAE Systems, DCNS and Elettronica. The projects will receive over €16 million from the EU budget.

In the realm of policing, a number of projects funded through the Horizon 2020 budget are exploring the possibilities of “big data”. TENSOR and DANTE are concerned with “detection and analysis of terrorist-related content on the Internet” through “data-mining and big data analytics.” The projects will receive €5 million each from the EU. Project partners include Finmeccanica, the European Organisation for Security (an industry lobby group) and Thales (TENSOR); and the UK Home Office alongside Greek and Austrian research institutes (DANTE). ASGARD (€12 million) and RAMSES (€3.5 million) are also looking at the potential uses of big data for law enforcement.

A broad examination of the projects funded to date suggests that little has changed between the FP7 and Horizon 2020 programmes.[5] Indeed, the main difference is simply the insertion of new topics (“external security” and “digital security”) and a wider use of grants for small- and medium-sized enterprises. The same themes as highlighted in previous critical research continue.[6]

A cash cow for corporations and research institutes

The most recent official figures for ESRP expenditure date from June 2017, at which point €578 million of the €1.7 billion Horizon 2020 budget had been allocated (34%). Put together with the expenditure under FP7, the five biggest corporate recipients of funding since the ESRP’s official beginning in 2007 have been:

  • Thales (77 projects, €35.7 million)
  • Selex (54 projects, €23.2m)
  • Airbus (36 projects, €18.8m)
  • Atos (33 projects, €14.6m)
  • Indra (16 projects, €12.3m)

Research institutes have also been major recipients of funding, the top five being:

  • Fraunhofer Institute (114 projects, €66.9m)
  • Swedish Defence Research Institute (58 projects, €36m)
  • TNO (65 projects, €34.7m)
  • Commisariat à l’énergie atomique et aux énergies alternatives (49 projects, €23.3m)
  • Austrian Institute of Technology (32 projects, €18.7m)

The Fraunhofer Institute was by far and away the most active participant in research projects under FP7 (it took part in 85 projects) and it remains at the top of the table under Horizon 2020 – as of June 2017, it had participated in 29 projects. Other notable German participants – although nowhere near as notable as Fraunhofer – include the Robert Koch Institute (7 projects worth €4.2m since 2007); the Berlin Technical University (9 projects, €4m); Dresden Technical University (6 projects, €3.4m) and the Bundeskriminalamt (9 projects, €1.8m).

The formal evaluation of the ESRP between 2007-13 found that each time private companies participated in a project, they took an average of almost 25% more money from the security programme than they did from counterpart research programmes such as health, ICT, energy, environment and transport. Research institutes took 10% more on average. In this respect, quite aside from anything else, the FP7 security budget appears to have been rather lucrative for these organisations.

Setting the agenda

Considering the way in which the research agendas have been set, the ESRP’ generous nature towards corporations and research institutes does not seem particularly surprising. Many of the most prominent organisations have held or do hold seats on the European Commission’s ‘Protection and Security Advisory Group’ (PASAG), the agenda-setting advisory panel for security research work programmes.

In mid-2016, the Commission appointed Alberto de Benedictis as chair of the group. Mr. de Benedictis previously worked with arms industry lobby group ASD, after a long stint at Finmeccanica (now known as Leonardo). The Commission’s justification for his appointment – that there was a need to increase “industry representation” – appeared rather absurd to long-term observers of the ESRP.

The security research programme was established in 2005 at the behest of a “group of personalities” featuring EU and Member State officials alongside representatives from arms and technology companies hoping to ride the “homeland security” wave that had arisen in Israel and the USA following the end of the Cold War. Subsequent developments were shaped by further proposals from informal public-private groups, the work of the PASAG, and industry lobbying.

A 2012 European Commission paper stated in clear and unequivocal terms: “A competitive EU security industry is the conditio sine qua non of any viable European security policy and for economic growth in general.” Yet while the Commission has long been enthusiastic about the corporate contribution to security policy, democracy and transparency have been somewhat lower on the EU’s list of priorities. This is something well-demonstrated by a host of new security systems introduced in recent years.

Surveillance by the back door

The “Eurosur” border surveillance system was in development for at least five years before legislation was approved in 2013, with numerous EU research projects helping put the pieces in place before Portuguese firm GMV won the multi-million-euro maintenance contract. The ongoing “smart borders” project, aiming to automate border controls and introduce biometric registration for all non-EU citizens, has followed a similar path – research projects helped develop the technology, but the legislation is only now being adopted.

The development of national Passenger Name Record (PNR) systems for air passenger surveillance and profiling tells a similar story. These were helped along with at least €50 million by the Commission years before an EU Directive was finally agreed on in April 2016. Despite serious questions over the Directive’s legality,[7] Member States are currently racing to implement PNR systems at the national level before the May 2018 deadline.

The €50 million for PNR systems came from an EU law enforcement budget known as ISEC that ran from 2007 to 2013 alongside the FP7 ESRP. ISEC had a border control counterpart in the External Borders Fund (EBF). €600m went to ISEC during those six years, while the EBF had €1.8 billion to spend. Neither programme has yet been fully evaluated (almost five years after they ended), but a mid-term review of the EBF found that between 2007 and 2010, it had paid for, amongst other things:

  • 3,153 vehicles (boats, helicopters, motorbikes, and more);
  • 545 border surveillance systems covering 8,279 kilometres of the EU’s external borders;
  • 22,347 items of “operating equipment for border surveillance” (for example thermal imaging systems, video surveillance equipment, night vision goggles, “camouflage and protection equipment”) and 212,881 items of “operating equipment for border checks” (such as document verification equipment and fibre-optic networks);
  • 710 new spaces in detention facilities;
  • upgrades to consulates (“210 visa sections newly built or renovated, 257 pieces of equipment purchased to upgrade security”);
  • the development of national systems connected to the EU’s Visa Information System, Schengen Information System II, and Eurosur; and
  • the training of 32,594 staff in EU border and visa legislation.

Bigger budgets, more security

Both ISEC and the EBF have been superseded by new, far larger budgets for the 2014-20 period. The Internal Security Fund – Police is worth €1bn, while its borders counterpart is worth €2.8bn. The national programmes for these funds were drafted by the European Commission and Member States’ officials before the legislation was even agreed on, in order to prevent delays with funding – an admirably efficient bureaucratic approach, but not exactly democratic.

However, the content of the programmes is perhaps more worrying than the procedure by which they were agreed on. Funding from the ISF-Borders budget is going towards the continual reinforcement of the EU’s model of “border management” – which will only increase the number of deaths at the EU’s borders. All other travellers, meanwhile, are to be subjected to an increasing number of biometric control and surveillance measures.

With regard to policing, Greece e.g. plans to use the ISF-Police budget for:

“The implementation of a contemporary intelligence-led policing model which is based on the information process and analysis, so as to encourage not only the suppression of criminality but also the predictive attitude towards crimes that have already been committed or will be committed in the future.”

The programme agreed on between Hungary and the Commission includes “data analysis and phishing of web content and social network sites”; Belgium is planning the “development or purchase of software for internet monitoring (e.g. websites of radical groups) and data analysis capacity”; Croatia has promised to purchase IMSI catchers and establish internet monitoring capability (amongst other things); while Malta’s options include “the procurement of systems facilitating the detection of patterns of crime, threats and risks.”

From theory to practice

Of course, what Member States say in their national programmes and what they actually do with the funding may be two very different things. In this respect it is imperative that more information be brought to light about the national use of EU internal security budgets. An audit of the 2007-13 External Borders Fund found numerous examples of misspending and failures in financial management, which demonstrates that the reality may not match what is on paper. Nevertheless, it is far from reassuring that, so far, the greatest constraint on the implementation of EU security seems to have been bureaucratic inefficiency.

Similar problems can be seen with the ESRP. One of the key aims of the programme is to develop new technologies to be sold on the security “market”. Yet the formal evaluation of the FP7 security research programme demonstrated serious failings in this respect.

Of all the research themes sitting under the FP7 ‘Cooperation’ heading (which also covers health, transport, space, and the environment, amongst other things), security research ranked “in the lower quartile” for all key performance indicators such as academic publications and intellectual property registrations (IPR). A case study included in the evaluation noted that there are a host of potential reasons behind this, but that nevertheless “given the largely applied, near-term nature of much of the Security Research programme, it is perhaps surprising that more projects are not reporting IPR.”

However, the report argued that these performance indicators did not “really capture the focus of the Security Research Actions.” The benefits instead may have been less tangible: “the programme has improved the connections between the providers [corporations and research institutes] and users [state agencies] of novel civil security solutions.” The FP7 programme thus appears as both a cash cow for corporations and research institutes and a €1.4 billion networking exercise. A recent mid-term evaluation of the ESRP in Horizon 2020 suggests that little has changed in this respect.

Time for a change

The failings of these programmes represent, on the one hand, a massive waste of public funding. On the other hand, given the undesirable vision that underpins them, this is perhaps to be welcomed. There is no doubt that new technologies contribute significantly to the empowerment of individuals and democratising societies – but when publicly-funded research and development is driven by profit-hungry corporations offering frightening possibilities to authoritarian-minded governments, the processes at work must be seriously questioned.

By May 2018, the European Commission is supposed to publish its proposal for the EU’s budgets for the 2021-27 period. This represents a once-in-seven-years chance to put forward a more progressive vision for security policies, prioritising human rights, democracy and equality – and, at the very least, transparency and accountability.  In July 2017, a wide variety of civil society organisations published an initial position paper on future EU research policy,[8] demanding that the security theme “institutes a meaningful balance between innovative security technologies on the one hand and research into fundamental rights, alternatives and root causes on the other.”

This is a good start – but coordinated efforts amongst civil society and progressive politicians, not to mention significant public pressure, will be required to ensure that the EU’s security policy stops prioritising corporate domination and technological determinism.