During its June plenary, the European Data Protection Board (EDPB) adopted a joint opinion along with the European Data Protection Supervisor (EDPS), on the Artificial Intelligence Act. 

The EDPB and EDPS strongly welcome the proposal's scope and the fact that it extends to the provision and use of AI systems by EU institutions, bodies or agencies. However, the exclusion of international law enforcement cooperation from the scope set of the proposal raises serious concerns for the EDPB and EDPS, as such exclusion creates a significant risk of circumvention, such as  third countries or international organisations operating high-risk applications relied on by public authorities in the EU.

The EDPB and the EDPS welcome the risk-based approach underpinning the Commission's proposal. However, this approach should be clarified and the concept of “risk to fundamental rights” aligned with the GDPR and the Regulation (EU) 2018/1725 (EUDPR), since aspects related to the protection of personal data come into play, the two EU bodies stated.

On July 12, the Council approved conclusions on “A Globally Connected Europe”, highlighting the need for the EU to pursue a geostrategic and global approach to connectivity. The aim is to advance its economic, foreign and development policy and security interests and to promote European values.

The conclusions build on the 2018 Joint Communication and Council Conclusions, “Connecting Europe and Asia – building blocks for an EU Strategy”, reaffirming the same basic principle, that connectivity should be sustainable, comprehensive, and rules-based.

The Council conclusions highlighted the importance of connectivity for economic growth, security and resilience. Essentialy, better connectivity would contribute to the diversification of value chains, reduce strategic dependencies and boost competitiveness for the EU and its partners.

On June 7, the European Council approved two sets of conclusions dealing with the impact of the COVID-19 pandemic —one on internal security and a second on the threat posed by terrorism and violent extremism.

Internal security

The conclusions acknowledge the unpredictable threats and challenges that the crisis posed to the internal security landscape. Focusing on making better use of existing means of cooperation and building upon established structures, the Council urged member states to identify practical solutions to prevent difficulties to strategical operational and tactical cross-border law enforcement cooperation.

It further underlined the need to prevent the infiltration of criminal networks in the implementation of the Next Generation EU and encouraged CEPOL (EU Agency for Law Enforcement Training) and member states to develop scenario-based training and practical exercises to ensure preparedness and resilience for future pandemics and other crises.

Part of its internal security strategy, the Council counts on the Commission to support Europol and the innovation lab to set up a common, resilient and secure instrument for communications in the EU law enforcement cooperation framework. As for cyberwarfare, the Council advised member states to develop and promote awareness campaigns for their citizens to prevent the impact of cybercrime activities, as well as misinformation and hate speech.

Terrorism and violent extremism

So far the impact of the COVID-19 pandemic on the terrorist threat seems to have been limited. However, the protracted pandemic may increase member states’ vulnerabilities and the risks of radicalisation, the Council said.

However, the online presence of extremist groups is on the rise since the outbreak of the COVID-19 pandemic. Due to COVID-19, counter-terrorism authorities have had to increasingly rely on online capabilities rendering/making their work more difficult.

In the medium to long term, the pandemic and its socio-economic consequences may prove to be a favourable breeding ground for extremist narratives. Some (violent) far-left, far-right and Islamist extremist groups have already incorporated COVID-19 into their narratives, and this might pose security challenges in the medium and long term.

The European Union Agency for Cybersecurity — ENISA — welcomes the European Commission proposal to launch the new Joint Cyber Unit  (JCU) which will act as a platform to ensure an EU coordinated response to large-scale cyber incidents and crises.

The concept of the JCU, suggested two years ago by European Commission President von der Leyen, is an important step towards completing the European cybersecurity crisis management framework, ENISA stated.

“The EU Agency for Cybersecurity is committed to support the Union and its Member States in the response to cyberattacks. The Joint Cyber Unit will build stronger relationships within the cybersecurity ecosystem and shape an effective framework for crisis management. Our future local office in Brussels will operate closely with the Unit to coordinate response, create situational awareness and ensure preparedness in times of crisis", said Juhan Lepassaar, EU Agency for Cybersecurity Executive Director.