EUROPEAN

COMMISSION

Brussels, 24.7.2020
COM(2020) 605 final

COMMUNICATION FROM THE COMMISSION TO THE EUROPEAN

PARLIAMENT, THE EUROPEAN COUNCIL, THE COUNCIL, THE EUROPEAN
ECONOMIC AND SOCIAL COMMITTEE AND THE COMMITTEE OF THE
REGIONS

on the EU Security Union Strategy

EN EN
I. Introduction

The Commission’s Political Guidelines made clear that we can leave no stone unturned
when it comes to protecting our citizens. Security is not only the basis for personal safety, it
also protects fundamental rights and provides the foundation for confidence and dynamism
in our economy, our society and our democracy. Europeans today face a security landscape
in flux, impacted by evolving threats as well as other factors including climate change,
demographic trends and political instability beyond our borders. Globalisation, free
movement and the digital transformation continue to bring prosperity, make our lives easier,
and spur innovation and growth. But alongside these benefits come inherent risks and costs.
They can be manipulated by terrorism, organised crime, the drugs trade and human
trafficking, all direct threats to citizens and our European way of life. Cyber-attacks and
cybercrime continue to rise. Security threats are also becoming more complex: they feed on
the ability to work cross-border and on inter-connectivity; they exploit the blurring of the
boundaries between the physical and digital world; they exploit vulnerable groups, social
and economic divergences. Attacks can come at a moment’s notice and may leave little or
no trace; both state and non-state actors can deploy a variety of hybrid threats 1; and what
happens outside the EU can have a critical impact on security inside the EU.
The COVID-19 crisis has also reshaped our notion of safety and security threats and
corresponding policies. It has highlighted the need to guarantee security both in the physical
and digital environments. It has underlined the importance of open strategic autonomy for
our supply chains in terms of critical products, services, infrastructures and technologies. It
has reinforced the need to engage every sector and every individual in a common effort to
ensure that the EU is more prepared and resilient in the first place and has better tools to
respond when needed.
Citizens cannot be protected only through Member States acting on their own. Building on
our strengths to work together has never been more essential, and the EU has never had
more potential to make a difference. It can lead by example, by enhancing its overall crisis
management system and working within and outside its borders to contribute to global
stability. While primary responsibility for security lies with Member States, recent years
have brought an increasing understanding that the security of one Member State is the
security of all. The EU can bring a multidisciplinary and integrated response, helping
security actors in Member States with the tools and the information they need.2
The EU can also ensure that security policy remains grounded in our common European
values – respecting and upholding the rule of law, equality3 and fundamental rights and
guaranteeing transparency, accountability and democratic control – to give policies the right
foundation of trust. It can build an effective and genuine Security Union in which the rights
and freedoms of individuals are well protected. Security and respect for fundamental rights
are not conflicting aims, but consistent and complementary. Our values and fundamental
rights must be the basis of security policies, ensuring the principles of necessity,

1
While definitions of hybrid threats vary, it aims to capture the mixture of coercive and subversive activity,
conventional and unconventional methods (i.e. diplomatic, military, economic, technological), which can
be used in a coordinated manner by state or non-state actors to achieve specific objectives (while remaining
below the threshold of formally declared warfare). See JOIN(2016) 18 (final).
2
For example through the services delivered by the EU’s space programme such as Copernicus, providing
Earth observation data and applications for border surveillance, maritime security, law enforcement, anti-
piracy, drug-smuggling deterrence and emergency management.
3
A Union of Equality: Gender Equality Strategy 2020-2025, COM(2020) 152.

1
proportionality and legality, and with the right safeguards for accountability and judicial
redress, while enabling an effective response to protect individuals, particularly the most
vulnerable.
Significant legal, practical and support tools are already in place, but need to be both
strengthened and better implemented. Much progress has been made to improve the
exchange of information and intelligence cooperation with Member States and to close
down the space in which terrorists and criminals operate. But fragmentation remains.
The work must also go beyond the EU’s boundaries. Protecting the Union and its citizens is
no longer only about ensuring security within the EU borders, but also about addressing the
external dimension of security. The EU’s approach to external security within the
framework of the Common Foreign and Security Policy (CFSP) and the Common Security
and Defence Policy (CSDP) will remain an essential component of EU efforts to enhance
security within the EU. Cooperation with third countries and at global level to address
common challenges is central to an effective and comprehensive response, with stability and
security in the EU’s neighbourhood critical to the EU’s own security.
Building on the previous work of the European Parliament4, Council5 and the Commission6,
this new strategy shows that a genuine and effective Security Union needs to combine a
strong core of instruments and policies to deliver security in practice with a recognition that
security has implications for all parts of society and all public policies. The EU needs to
ensure a secure environment for everyone, whatever their racial or ethnic origin, religion,
belief, gender, age or sexual orientation.
This Strategy covers the period 2020-2025 and focuses on building capabilities and
capacities to secure a future-proof security environment. It sets out a whole-of-society
approach to security that can effectively respond to a rapidly-changing threat landscape in a
coordinated manner. It defines strategic priorities and the corresponding actions to address
digital and physical risks in an integrated manner across the whole Security Union
ecosystem, concentrating on where the EU can bring further value. Its goal is to offer a
security dividend to protect everyone in the EU.

II. A rapidly changing European security threat landscape

The safety, prosperity and well-being of citizens depend on being secure. The threats to that
security depend on the extent to which their lives and livelihoods are vulnerable. The greater
the vulnerability, the greater the risk that it can be exploited. Both vulnerabilities and threats
are in a state of constant evolution, and the EU needs to adapt.
Our daily lives depend on a wide variety of services – such as energy, transport, and finance,
as well as health. These rely on both physical and digital infrastructure, adding to the
vulnerability and the potential for disruption. During the COVID-19 pandemic, new
technologies have kept many businesses and public services running, whether keeping us
connected through remote working or maintaining the logistics of supply chains. But this
4
For example, the work of the European Parliament’s TERR committee which reported in November 2018.
5
From the Council Conclusions of June 2015 on a “renewed internal security strategy “to the more recent
Council outcomes of December 2019.
6
“Delivering on the European Agenda on Security to fight against terrorism and pave the way towards an
effective and genuine Security Union” COM(2016) 230 final, 20.4.2016. See the recent appraisal of the
implementation of legislation in the internal security field: Implementation of Home Affairs legislation in
the field of internal security - 2017-2020 (SWD(2020) 135).

2
has also opened the door to an extraordinary increase in malicious attacks, attempting to
capitalise on the disruption of the pandemic and the shift to digital home working for
criminal purposes.7 Shortages of goods have created new openings for organised crime. The
consequences could have been fatal, disrupting essential health services at a time of the most
intense pressure.
The ever-increasing ways in which digital technologies benefit our lives has also made the
cybersecurity of technologies an issue of strategic importance.8 Homes, banks, financial
services and enterprises (notably small and medium enterprises) are heavily affected by
cyber-attacks. The potential damage is multiplied still further by the interdependence of
physical and digital systems: any physical impact is bound to affect digital systems, while
cyber-attacks on information systems and digital infrastructures can bring essential services
to a halt.9 The rise of the Internet of things and the increased use of artificial intelligence
will bring new benefits as well as a new set of risks.
Our world relies on digital infrastructures, technologies and online systems, which allow us
to create business, consume products and enjoy services. All rely on communicating and
interaction. Online dependency has opened the door to a wave of cybercrime.10
‘Cybercrime-as-a-service’ and the underground cybercriminal economy give easy access to
cybercrime products and services online. Criminals quickly adapt to use new technologies to
their own ends. For example, counterfeit and falsified medicines have infiltrated the
legitimate supply chain of pharmaceuticals.11 The exponential growth of child sexual abuse
material online12 has shown the social consequences of changing patterns of crime. A recent
survey showed that most people in the EU (55 %) are concerned about their data being
accessed by criminals and fraudsters.13
The global environment also accentuates these threats. Assertive industrial policies by third
countries, combined with the continued cyber-enabled theft of intellectual property, are
changing the strategic paradigm for protecting and advancing European interests. This is
accentuated by the rise of dual-use applications – making a strong civilian technology sector
a strong asset for defence and security capability. Industrial espionage has a significant
impact on the EU’s economy, jobs and growth: cyber theft of trade secrets is estimated to
cost the EU €60 billion14. This calls for a thorough reflection of how dependencies and the
increased exposure to cyber threats affect the EU’s capacity to protect individuals and
businesses alike.

7
Europol: Beyond the pandemic. How COVID-19 will shape the serious and organised crime landscape in
the EU (April 2020).
8
Commission Recommendation on the Cybersecurity of 5G networks, C(2019) 2335; Communication on
Secure 5G deployment in the EU - Implementing the EU toolbox, COM(2020) 50.
9
In March 2020 the Brno University Hospital in Czechia suffered a cyber attack which forced it to reroute
patients and postpone surgery (Europol: Pandemic Profiteering. How criminals exploit the COVID-19
crisis). Artificial intelligence may be misused for digital, political and physical attacks as well as
surveillance. Internet of Things data collection can be used for the surveillance of individuals (smart
watches, virtual assistants, etc.).
10
According to some projections, costs of data breaches will reach $5 trillion annually by 2024, up from $3
trillion in 2015 (Juniper Research, The Future of Cybercrime & Security).
11
One 2016 study (Legiscript) estimated that globally only 4% of internet pharmacies operate lawfully, with
EU consumers top targets for the 30,000-35,000 illicit online pharmacies active online.
12
EU Strategy for a more effective fight against child sexual abuse, COM(2020) 607.
13
European Union Agency for Fundamental Rights (2020), Your rights matter: Security concerns and
experiences, Fundamental Rights Survey, Luxembourg, Publications Office.
14
The scale and impact of industrial espionage and theft of trade secrets through cyber, 2018.

3
The COVID-19 crisis has also underlined how social divisions and uncertainties create a
security vulnerability. This increases the potential for more sophisticated and hybrid
attacks by state and non-state actors, with vulnerabilities exploited through a mix of cyber-
attacks, damage to critical infrastructure15, disinformation campaigns, and radicalisation of
the political narrative.16
At the same time, more long-established threats continue to evolve. There was a downward
trend in terrorist attacks in the EU in 2019. However, the threat to EU citizens of jihadist
attacks from or inspired by Da’esh and al-Qaeda and their affiliates remains high.17 In
parallel, the threat of violent right wing extremism is also growing. 18 Attacks inspired by
racism must be a cause for serious concern: the deadly anti-Semitic terror attacks in Halle
were a reminder of the need to step up the response in line with the 2018 Council
Declaration.19 One in five people in the EU are very worried about a terrorist attack in the
next 12 months.20 The vast majority of recent terrorist attacks were “low tech” attacks, lone
actors targeting individuals in public spaces, while terrorist propaganda online took on a
new significance with the live streaming of the Christchurch attacks.21 The threat posed by
radicalised individuals remains high – potentially bolstered by returning foreign terrorist
fighters and by extremists released from prison.22
The crisis has also shown how existing threats can evolve in new circumstances. Organised
crime groups have exploited shortages of goods providing an opening to create new illicit
markets. The trade in illicit drugs remains the largest criminal market in the EU, estimated at
a minimum retail value of €30 billion per year in the EU.23 Trafficking in human beings
persists: estimates show an annual global profit for all forms of exploitation of almost €30
billion.24 International trade in counterfeit pharmaceuticals reached €38.9 billion.25 At the
same time, low rates of confiscation allow criminals to continue expanding their criminal
activities and infiltrating the legal economy.26 Criminals and terrorists find it easier to access
firearms, from the online market and through new technologies such as 3-D printing.27 Use
of Artificial Intelligence, new technologies and robotics will further increase the risk that
criminals exploit the benefits of innovation for malicious ends28.

15
Critical infrastructures are essential for vital societal functions, health, safety, security, economic or social
well-being, whose disruption/destruction has a significant impact (Council Directive 2008/114/EC).
16
97% of EU citizens have been confronted to fake news, 38% on a daily basis. See JOIN (2020) 8 final.
17
A total of 119 completed, failed and foiled terrorist attacks were reported by 13 EU Member States, with
ten deaths and 27 injuries (Europol, European Union Terrorism Situation and Trend Report, 2020).
18
2019 saw six right-wing terrorist attacks (one completed, one failed, four foiled: three Member States),
compared to only one in 2018, with further deaths in cases not classified as terrorism (Europol, 2020).
19
See also the Council Declaration on the fight against antisemitism and the development of a common
security approach to better protect Jewish communities and institutions in Europe.
20
EU Agency for Fundamental Rights: Your rights matter: Security concerns and experiences, 2020.
21
From July 2015 until the end of 2019, Europol found terrorist content on 361 platforms (Europol, 2020).
22
Europol: A Review of Transatlantic Best Practices for Countering Radicalisation in Prisons and Terrorist
Recidivism, 2019.
23
EMCDDA and Europol EU Drugs Market Report 2019.
24
Europol’s Report on Trafficking in Human Beings, Financial Business Model (2015).
25
EU Intellectual Property Office and OECD report on Trade in counterfeit pharmaceutical products
26
Report on Asset recovery and confiscation: Ensuring that crime does not pay, COM(2020) 217.
27
In 2017, firearms were used in 41% of all terrorist attacks (Europol, 2018).
28
In July 2020, French and Dutch law enforcement and judicial authorities, alongside Europol and Eurojust,
presented the joint investigation to dismantle EncroChat, an encrypted phone network used by criminal
networks involved in violent attacks, corruption, attempted murders and large-scale drug transports.

4
These threats cut across categories and strike different parts of society in different ways.
They all represent a major threat to individuals and businesses and require a comprehensive
and coherent response at EU level. When security vulnerabilities can come even from small
inter-connected household items such as an internet connected fridge or coffee machine, we
can no longer rely on traditional state actors alone to ensure our security. Economic
operators must take greater responsibility for the cybersecurity of products and services they
place on the market; while individuals too need to have at least a basic understanding of
cybersecurity to be able to protect themselves.

III. An EU coordinated response for the whole of society

The EU has already shown how it can bring real added value. Since 2015, the Security
Union brought new linkages in the way security policies are addressed at EU level. But
more needs to be done to engage the whole of society, including governments at all levels,
business in all sectors and individuals in all Member States. The increasing awareness of the
risks of dependency29 and the need for a strong European industrial strategy30 point to an EU
with a critical mass of industry, technology production and supply chain resilience. Strength
also means full respect of fundamental rights and EU values: they are a prerequisite of
legitimate, effective and sustainable security policies. This Security Union strategy sets out
concrete work streams to take forward. It is built around the following common objectives:
 Building capabilities and capacities for early detection, prevention and rapid response
to crises: Europe needs to be more resilient to prevent, protect and withstand future
shocks. We need to build capabilities and capacities for early detection and rapid
response to security crises through an integrated and coordinated approach, both
globally and through sector-specific initiatives (such as for the financial, energy,
judiciary, law enforcement, healthcare, maritime, transport sectors) and building on
existing tools and initiatives.31 The Commission will also come forward with proposals
for a wide-ranging crisis management system within the EU, which could also be
relevant for security.
 Focusing on results: A performance-driven strategy needs to be based around careful
threat and risk assessment to target our efforts to best effect. It needs to define and apply
the right rules and the right tools. It needs reliable strategic intelligence as a basis for
EU security policies. Where EU legislation is required, it needs to be followed up so
that it is implemented in full, to avoid fragmentation and gaps left to be exploited. The
effective implementation of this Strategy will also depend on securing appropriate
funding in the next programming period 2021-2027, including for related EU agencies.
 Linking all players in the public and private sectors in a common effort: Key players
in both the public and private sectors have been reluctant to share security-relevant
information, whether for fear of compromising national security or competitiveness.32

29
Risks of foreign dependence involve an increased exposure to potential threats, from exploitation of
vulnerabilities of IT infrastructures compromising critical infrastructures (e.g. energy, transport, banking,
health) or taking control of industrial control systems, to increased capacity for data theft or espionage.
30
Commission Communication A New Industrial Strategy for Europe, COM(2020) 102.
31
Such as Integrated Political Crisis Response (IPCR), the Emergency Response Coordination Centre,
Commission Recommendation on Coordinated Response to Large Scale Cybersecurity Incidents and Crises
(C(2017) 6100), the EU operational protocol for countering hybrid threats (EU Playbook) SWD(2016) 227.
32
Joint Communication on Resilience, Deterrence and Defence: Building strong cybersecurity for the EU,
JOIN(2017) 450.

5
 But we are most effective when all are harnessed to support each other. In the first
place, this means a more intense cooperation between Member States, involving law
enforcement, judicial and other public authorities, and with EU institutions and
agencies, to build the understanding and exchange needed for common solutions.
Cooperation with the private sector is also key, all the more so given that industry owns
an important part of the digital and non-digital infrastructure central to fighting crime
and terrorism effectively. Individuals themselves can also contribute, for example
through building the skills and awareness to combat cybercrime or disinformation.
Finally, this common effort must extend beyond our borders, building closer ties with
like-minded partners.

IV. Protecting Everyone in the EU: Strategic priorities for the Security Union

The EU is uniquely well-placed to respond to these new global threats and challenges. The
threat analysis above points to four inter-dependent strategic priorities to be taken forward at
the EU level, in full respect of fundamental rights: (i) a future proof security environment,
(ii) tackling evolving threats, (iii) protecting Europeans from terrorism and organised crime,
(iv) a strong European security ecosystem.

1. A future-proof security environment

Critical infrastructure protection and resilience

Individuals rely on key infrastructures in their daily lives, to travel, to work, to benefit from
essential public services such as hospitals, transport, energy supplies, or to exercise their
democratic rights. If these infrastructures are not sufficiently protected and resilient, attacks
can cause huge disruption – whether physical or digital – both in individual Member States
and potentially across the entire EU.
The EU’s existing framework for protection and resilience of critical infrastructures 33 has
not kept pace with evolving risks. Increasing interdependencies mean that disruptions in one
sector can have an immediate impact on operations in others: an attack on electricity
production could knock out telecommunications, hospitals, banks or airports, while an attack
on digital infrastructure could lead to disruptions in networks for power or finance. As our
economy and society increasingly move ever more online, risks such as these grow all the
more acute. The legislative framework needs to address this increased interconnectedness
and interdependency, with robust critical infrastructure protection and resilience measures,
both cyber and physical. Essential services, including those based on space infrastructures
must be adequately protected against current and anticipated threats, but also be resilient.
This implies the ability of a system to prepare and plan for, absorb, recover from, and more
successfully adapt to adverse events.
At the same time, Member States have exercised their margin of discretion by implementing
existing legislation in different ways. The resulting fragmentation can undermine the
internal market and make cross-border coordination more difficult – most obviously in
border regions. Operators providing essential services in different Member States have to
comply with different reporting regimes. The Commission is looking into whether new

33
Directive 2016/1148 concerning measures for a high common level of security of network and information
systems across the Union, OJ L 194, 19.7.2016; Council Directive 2008/114/EC on the identification and
designation of European critical infrastructures and the assessment of the need to improve their protection.

6
frameworks for both physical and digital infrastructures could bring more consistency
and a more coherent approach to ensuring the reliable provision of essential services. This
framework needs to be accompanied by sector-specific initiatives to tackle the specific
risks faced by critical infrastructures such as in transport, space, energy, finance and
health34. Given the high dependence of the financial sector on IT services and its high
vulnerability to cyber-attacks, a first step will be an initiative on the digital operational
resilience for financial sectors. Due to the particular sensitivities and impact of the energy
system, a dedicated initiative will support a stronger resilience of critical energy
infrastructure against physical, cyber and hybrid threats, ensuring a level playing field for
energy operators across borders.
Security-relevant effects of foreign direct investments likely to affect critical infrastructures
or critical technologies will also be subject to the assessments carried out by EU Member
States and the Commission under the new European framework for foreign direct
investments screening.35
The EU can also build new tools to support the resilience of critical infrastructures. The
global internet has so far shown a high level of resilience, in particular as regards the ability
to support increased traffic volumes. However, we need to be prepared for possible future
crises threatening the security, stability and resilience of the internet. Making sure that the
internet remains up and running means being robust against cyber incidents and malicious
online activities, and limiting dependency on infrastructures and services located outside
Europe. This will require a combination of legislation, with the review of existing rules to
ensure a high common level of security of network and information systems in the EU;
increased investment in research and innovation; and looking at the deployment or
hardening of core internet infrastructures and resources, notably the Domain Name
System.36
A key element to protect key EU and national digital assets is to offer critical infrastructures
a channel for secure communications. The Commission is working with Member States to
put in place a certified secure end-to-end quantum infrastructure, terrestrial and space-based,
in combination with the secure governmental satellite communications system laid out in the
Space Programme regulation.37
Cybersecurity
The number of cyber-attacks continues to rise38. These attacks are more sophisticated than
ever, come from a wide range of sources inside and outside the EU, and target areas of
maximum vulnerability. State or state-backed actors are frequently involved, targeting key
34
Given the fact that the health sector has been under strain particularly during the COVID-19 crisis, the
Commission will also consider initiatives to strengthen the EU health security framework and responsible
EU agencies to respond to serious cross-border health threats.
35
With its entry into full application on 11 October 2020, Regulation (EU) 2019/452 of the European
Parliament and of the Council of 19 March 2019 establishing a framework for the screening of foreign
direct investments into the Union, will equip the EU with a new cooperation mechanism on direct
investments from outside of the EU which are likely to affect security or public order. Under the
Regulation, Member States and the Commission will assess potential risks linked with such FDI and, where
appropriate and relevant for more than one Member State, propose adequate means to mitigate those risks.
36
A domain name system (DNS) is a hierarchical and decentralised naming system for computers, services,
or other resources connected to the Internet or a private network. It translates domain names to the IP
addresses needed for locating and identifying computer services and devices.
37
Proposal for a Regulation establishing the space programme of the Union and the European Union Agency
for the Space Programme. COM(2018) 447.
38
https://www.enisa.europa.eu/publications/enisa-threat-landscape-report-2018

7
digital infrastructures like major Cloud providers.39 Cyber risks have emerged as a
significant threat to the financial system as well. The International Monetary Fund has
estimated the annual loss due to cyber-attacks at 9% of banks’ net income globally, or
around $100 billion.40 The move to connected devices will bring great benefits for users: but
with less data stored and processed in data centres, and more processed closer to the user ‘at
the edge’41, cybersecurity will no longer be able to focus on protecting central points.42
In 2017, the EU put forward an approach to cybersecurity with resilience-building, rapid
response and effective deterrence at its core.43 The EU now needs to make sure that its
cybersecurity capabilities keep pace with reality, to deliver both resilience and response.
This calls for a real whole-of-society approach, with EU institutions, agencies and bodies,
Member States, industry, academia and individuals giving cybersecurity the priority it
needs.44 This horizontal approach again needs to be complemented by sector-specific
cybersecurity approaches for areas such as energy, financial services, transport or health.
The next phase of the EU’s work should be drawn together in a revised European
Cybersecurity Strategy.
Exploring new and enhanced forms of cooperation between intelligence services, EU
INTCEN, and other organisations involved in security should be part of efforts to enhance
cybersecurity, as well as combatting terrorism, extremism, radicalism and hybrid threats.
Given the ongoing roll-out of the 5G infrastructure across the EU and the potential
dependence of many critical services on 5G networks, the consequences of systemic and
widespread disruption would be particularly serious. The process put in place by the
Commission’s 2019 Recommendation on the Cybersecurity of 5G networks45 has now led to
specific Member State action on the key measures set out in a 5G toolbox.46
One of the most important long-term needs is to develop a culture of cybersecurity by
design, with security built into products and services from the start. An important
contribution to this will be the new cybersecurity certification framework under the
Cybersecurity Act47. The framework is already under way, with two certification schemes
already in preparation, and priorities for further schemes to be defined later this year.
Cooperation between the EU Agency for Cybersecurity (ENISA), the data protection
authorities and the European Data Protection Board48 is of key importance in this area.

39
Distributed Denial of Service attacks remain a permanent threat: Major providers had to mitigate massive
DDoS attacks such as an attack against Amazon Web services in February 2020.
40
https://blogs.imf.org/2018/06/22/estimating-cyber-risk-for-the-financial-sector/.
41
Edge computing is a distributed, open IT architecture that features decentralised processing power,
enabling mobile computing and Internet of Things (IoT) technologies. In edge computing, data is processed
by the device itself or by a local computer or server, rather than being transmitted to a data centre.
42
Communication on A European strategy for data, COM(2020) 66 final.
43
Joint Communication on Resilience, Deterrence and Defence: Building strong cybersecurity for the EU,
JOIN (2017) 450.
44
The report “Cybersecurity – our digital Anchor” of the Joint Research Centre provides multidimensional
insights into the growth of cybersecurity over the last 40 years.
45
Commission Recommendation on the Cybersecurity of 5G networks, COM(2019) 2335 final. The
Recommendation foresees its review in the last quarter of 2020.
46
See Report by the NIS cooperation group on the implementation of the Toolbox, of 24 July 2020.
47
Regulation 2019/881 on ENISA (the European Union Agency for Cybersecurity) and on information and
communications technology cybersecurity certification (Cybersecurity Act).
48
Communication on Data protection as a pillar of citizens’ empowerment and the EU’s approach to the
digital transition - two years of application of the General Data Protection Regulation, COM(2020) 264.

8
The Commission has already identified the need for a Joint Cyber Unit to provide
structured and coordinated operational cooperation. This could include a mutual assistance
mechanism in times of crisis at EU level. Building on the implementation of the Blueprint
recommendation49, the Joint Cyber Unit could build trust between the different actors in the
European cybersecurity ecosystem and offer a key service to Member States. The
Commission will launch discussions with relevant stakeholders (starting with Member
States) and set out a clear process, milestones and timeline by the end of 2020.
Also important are common rules on information security and on cybersecurity for all EU
institutions, bodies and agencies. The aim should be to create mandatory and high common
standards for the secure exchange of information and the security of digital infrastructures
and systems across all EU institutions, bodies and agencies. This new framework should
underpin a strong and efficient operational cooperation on cybersecurity across the EU
institutions, bodies and agencies, centred on the role of the Computer Emergency Response
Team (CERT-EU) for the EU institutions, bodies and agencies.
Given its global nature, building and maintaining robust international partnerships is
fundamental to further prevent, deter and respond to cyber-attacks. The framework for a
joint EU diplomatic response to malicious cyber activities (“cyber diplomacy toolbox”)50
sets out measures under the Common Foreign and Security Policy, including restrictive
measures (sanctions), which can be used against activities that harm its political, security
and economic interests. The EU should also deepen its work through development and
cooperation funds to provide capacity building to support partner states in strengthening
their digital ecosystems, adopting national legislative reforms and adhering to international
standards. This increases the resilience of the overall community and its ability to counter
and respond effectively to cyber threats. This includes specific work to promote the EU
standards and relevant legislation to increase the cybersecurity of partner countries in the
neighbourhood.51
Protecting public spaces
Recent terrorist attacks have focused on public spaces, including places of worship and
transport hubs, exploiting their open and accessible nature. The rise of terrorism triggered by
political or ideologically motivated extremism has made this threat even more acute. This
calls for both stronger physical protection of such places and adequate detection systems,
without undermining citizens’ freedoms.52 The Commission will enhance public-private
cooperation for the protection of public spaces, with funding, the exchange of experience
and good practices, specific guidance53 and recommendations.54 Awareness raising,
performance requirements and testing of detection equipment and enhancing background
checks to address insider threats will also be part of the approach. An important aspect to
reflect is the fact that minorities and vulnerable individuals can be disproportionately
affected including persons targeted because of their religion or gender, and therefore require

49
Commission Recommendation 2017/1584 on coordinated response to large-scale cybersecurity incidents
and crises.
50
http://data.consilium.europa.eu/doc/document/ST-9916-2017-INIT/en/pdf
51
See the EU External Cyber Capacity Building Guidelines adopted in Council conclusions on 26 June 2018.
52
Remote biometric identification systems deserve specific scrutiny. The Commission’s initial views are
outlined in the Commission White Paper of 19 February 2020 on Artificial Intelligence, COM(2020) 65.
53
As for example the Guidance on selecting proper security barrier solutions for public space protection
(https://publications.jrc.ec.europa.eu/repository/bitstream/JRC120307/hvm_v3.pdf).
54
Guidance on good practices is given in SWD(2019) 140, including a section on public-private cooperation.
Funding under ISF-Police has a special focus on enhancing the public-private cooperation.

9
particular attention. Regional and local public authorities have an important role to improve
security of public spaces. The Commission is also helping foster cities’ innovation in
security in public spaces55. The launch of a new Urban Agenda56 partnership on “security in
public spaces” in November 2018 reflects the strong commitment of Member States,
Commission and cities to better address threats to security in the urban space.
The market for drones continues to expand, with many valuable and legitimate uses.
However, they also have the potential to be misused by criminals and terrorists, with public
spaces under particular threat. Targets can include individuals, gatherings of people, critical
infrastructure, law enforcement authorities, borders or public spaces. Knowledge about the
use of drones in conflict could find its way back to Europe either directly (via returning
Foreign Terrorist Fighters) or online. Rules already developed by the European Aviation
Safety Agency are an important first step in areas including the registration of drone
operators and the mandatory remote identification of drones. With drones becoming ever
more widely available, more affordable and more capable, there is a need for additional
action. This could include information sharing, guidance and good practice for use by all,
including law enforcement, as well as more testing of drone countermeasures. 57 In addition,
the privacy and data protection implications of the use of drones in public spaces should be
further analysed and addressed.
Key actions
 Legislation on the protection and resilience of critical infrastructure
 Revision of the Network Information Systems Directive
 An initiative on the operational resilience of the financial sector
 Protection and cybersecurity of critical energy infrastructure and network code on
cybersecurity for cross-border electricity flows
 A European Cybersecurity Strategy
 Next steps towards the creation of a Joint Cyber Unit
 Common rules on information security and cybersecurity for EU institutions, bodies and
Agencies
 Stepped up cooperation for the protection of public spaces, including places of worship
 Sharing of best practices on addressing misuse of drone

2. Tackling evolving threats

Cybercrime
Technology brings new opportunities for society. It also offers new tools for the judiciary
and for law enforcement. But at the same time, it opens doors for criminals. Malware, the
theft of personal or business data by hacking, and the shutting off of digital activity causing
financial or reputational damage, are all on the rise. The resilient environment created by
strong cybersecurity is the first defence. Law enforcement authorities need to be able to

55
Three cities (Piraeus in Greece, Tampere in Finland and Turin in Italy) will be testing new solutions as part
of the Urban Innovative Actions, co-funded by the European Regional Development Fund (ERDF).
56
The Urban Agenda for the EU represents a new multi-level working method promoting cooperation
between Member States, cities, the European Commission and other stakeholders to stimulate growth,
livability and innovation in the cities of Europe and to identify and successfully tackle social challenges.
57
A multi-year testing programme to support Member States in developing a common methodology and test
platform in this area was recently established.

10
work in the sphere of digital investigations with clear rules to investigate and prosecute
crimes and affording victims the necessary protection. This work should build on the Joint
Cybercrime Action Task Force in Europol and the Law Enforcement Emergency response
Protocol created to coordinate response to large-scale cyber-attacks. Effective mechanisms
enabling public-private partnerships and cooperation are also key.
In parallel, the fight against cybercrime should become a strategic communication priority
across the EU, to alert Europeans to the risks and to the preventive measures they could
take. This should be part of a proactive approach. An essential step is also the full
implementation of the current legal framework58: the Commission will be ready to use
infringement procedures as appropriate, as well as keeping this framework under review to
ensure it remains fit for purpose. The Commission will also explore, together with Europol
and the EU Agency for Cybersecurity ENISA, the feasibility of an EU cybercrime-related
rapid alert system that could ensure the flow of information and swift reactions when
cybercrimes surge.
Cybercrime is a global challenge where effective international cooperation is necessary. The
EU supports the Council of Europe’s Budapest Convention on cybercrime, which is an
effective, well-established framework that allows all countries to identify what systems and
communication channels they need to put in place to be able to work effectively with each
other.
Nearly half of EU citizens worry about data misuse59 and identity theft is a major
concern.60 The fraudulent use of identity for financial gain is one aspect, but there can also
be a major personal and psychological impact, with illegal postings made by the identity
thief able to stay online for years. The Commission will explore possible practical measures
to protect victims against all forms of identity theft, taking account of the upcoming
European Digital Identity initiative.61
Tackling cybercrime means looking ahead. As society uses new technological developments
to strengthen the economy and society, criminals can also look to exploit these tools to
negative ends. For example, criminals can use artificial intelligence to detect and identify
passwords or to simplify the creation of malware, to exploit images and audio that can be
then used for identity theft or fraud.
Modern law enforcement
Law enforcement and justice practitioners need to adapt to new technology. Technological
developments and emerging threats require law enforcement authorities to have access to
new tools, acquire new skills and develop alternative investigative techniques. To
complement legislative actions aiming at improving cross-border access to electronic
evidence for criminal investigations, the EU can help law enforcement authorities to develop
the necessary capacity to identify, secure and read the data needed to investigate crimes and
to use that data as evidence in court. The Commission will explore measures to enhance law
enforcement capacity in digital investigations, defining how to make the best use of
research and development to create new tools for law enforcement; and how training can

58
Directive 2013/40/EU on attacks against information systems.
59
46% (Eurobarometer on Europeans’ attitudes towards cyber security, January 2020).
60
The vast majority of respondents to the 2018 Eurobarometer ‘Europeans’ attitudes towards Internet
security’ (95%) saw identity theft as a serious crime, and seven in ten say that it is a very serious crime.
The Eurobarometer published in January 2020 confirmed concerns about cybercrime, online fraud and
identity theft: with two thirds of respondents concerned about banking fraud (67%) or identity theft (66%)
61
Communication of 19 February 2020 on Shaping Europe’s Digital Future, COM(2020) 67.

11
offer the right skill set to law enforcement and the judiciary. This will also include providing
stringent scientific evaluations and testing methods through the Commission’s Joint
Research Centre.
Common approaches can also ensure that artificial intelligence, space capabilities, Big
Data and High Performance Computing are integrated into security policy in a way
which is effective both in fighting crimes and in ensuring fundamental rights. Artificial
intelligence could act as a powerful tool to fight crime, creating enormous investigative
capabilities by analysing large amounts of information and identifying patterns and
anomalies.62 It can also provide concrete tools, such as to help identify online terrorist
content, discover suspicious transactions in the sales of dangerous products or offer
assistance to citizens in emergencies. Realising this potential means bringing together
research, innovation and users of artificial intelligence with the right governance and
technical infrastructure, actively involving the private sector and academia. It also means
ensuring the highest standards of compliance with fundamental rights while ensuring an
effective protection of citizens. In particular, decisions impacting individuals must be
subject to human review and comply with the relevant applicable EU law.63
Electronic information and evidence is needed in about 85% of investigations into serious
crimes, while 65% of the total requests go to providers based in another jurisdiction.64 The
fact that traditional physical traces have moved online further expands the gap between the
law enforcement and criminals’ capabilities. Putting in place clear rules for cross-border
access to electronic evidence for criminal investigations is essential. This is why swift
adoption by the European Parliament and Council of the e-evidence proposals is key to
provide practitioners with an efficient tool. Cross-border access to e-evidence through
multilateral and bilateral international negotiations is also key, to establish compatible rules
at international level65.
Access to digital evidence also depends on the availability of information. If the data is
erased too quickly, important evidence may disappear, so that the possibility to identify and
locate suspects and criminal networks (as well as victims) no longer exists. On the other
hand, data retention schemes raise questions of protection of privacy. Depending on the
outcome of the cases pending before the European Court of Justice, the Commission will
assess the way forward on data retention.
Access to Internet domain name registration information (‘WHOIS data’)66 is important for
criminal investigations, cybersecurity and consumer protection. However, access to this
information is becoming more difficult, pending the adoption of a new WHOIS policy by
the Internet Corporation for Assigned Names and Numbers (ICANN). The Commission will
continue to work with the ICANN and the multi-stakeholder community to ensure that
legitimate access seekers, including law enforcement, can obtain efficient access to WHOIS
data in line with EU and international data protection regulations. This will include

62
For example, in financial crimes.
63
This means compliance with existing legislation, including the General Data Protection Regulation (EU)
2016/679 as well as the Data Protection Law Enforcement Directive (EU) 2016/680 regulating the
processing of personal data for detecting, preventing investigating and prosecuting criminal offences or the
execution of criminal penalties.
64
Commission SWD(2018) 118 final.
65
In particular, the Second Additional Protocol to the Council of Europe ‘Budapest’ Convention on
Cybercrime and an agreement between the EU and the United States on cross-border access to e-evidence.
66
Stored in databases maintained by 2.500 registry and registrar operators based all around the world.

12
assessing possible solutions, including whether legislation may be necessary to clarify rules
for accessing such information.
Law enforcement and judicial authorities also need to be equipped to obtain the necessary
data and evidence once the 5G architecture for mobile telecommunications is fully
deployed in the EU, in a way which respects the confidentiality of communications. The
Commission will support an enhanced and coordinated approach when building
international standards, defining best practices, process, and technical interoperability in key
technological areas such as AI, internet of things or blockchain technologies.
Today, a substantial part of investigations against all forms of crime and terrorism involve
encrypted information. Encryption is essential to the digital world, securing digital systems
and transactions and also protecting a series of fundamental rights, including freedom of
expression, privacy and data protection. However, if used for criminal purposes, it may also
mask the identity of criminals and hide the content of their communications. The
Commission will explore and support balanced technical, operational and legal solutions to
the challenges and promote an approach which both maintains the effectiveness of
encryption in protecting privacy and security of communications, while providing an
effective response to crime and terrorism.
Countering illegal content online
Bringing the security of the online and physical environments in line means continued steps
in countering illegal content online. More and more, core threats to citizens such as
terrorism, extremism or child sexual abuse rely on the digital environment: this calls for
concrete action and a framework to ensure respect for fundamental rights. An essential first
step is swiftly concluding the negotiations on the proposed legislation on terrorist content
online67 and ensuring its implementation. Strengthening voluntary cooperation between law
enforcement and the private sector in the EU Internet Forum is also key to fight the misuse
of the internet by terrorists, violent extremists and criminals. The EU Internet Referral Unit
in Europol will continue to play a crucial role in monitoring the activity of terrorist groups
online and the action taken by platforms,68 as well as in further developing the EU Crisis
Protocol69. In addition, the Commission will continue to engage with international partners
including by participating in the Global Internet Forum to Counter Terrorism to tackle
these challenges at global level. Work will continue to support the development of
alternative and counter narratives through the Civil Society Empowerment Programme.70
To prevent and counter the spread of illegal hate speech online, the Commission launched in
2016 the Code of Conduct on countering illegal hate speech online, with a voluntary
commitment by online platforms to remove hate speech content. The latest evaluation shows
that companies assess 90% of flagged content within 24 hours and remove 71% of the
content deemed to be illegal hate speech. However, the platforms need to improve further
transparency and feedback to users and to ensure consistent evaluation of flagged content71.
The EU Internet Forum will also facilitate exchanges on existing and developing technology
to address the challenges related to child sexual abuse online. Tackling child sexual abuse
online is at the heart of a new Strategy to step up the fight against child sexual abuse72,

67
Proposal on preventing the dissemination of terrorist content online, COM(2018) 640, 12 September 2018.
68
Europol, November 2019.
69
A Europe that protects - EU Crisis Protocol: responding to terrorist content online. (October 2019).
70
Linked to the work of the Radicalisation Awareness Programme, see section IV.3 below.
71
https://ec.europa.eu/info/sites/info/files/codeofconduct_2020_factsheet_12.pdf
72
EU Strategy for a more effective fight against child sexual abuse, COM(2020) 607.

13
which will seek to maximise the use of tools available at EU level to fight against these
crimes. Companies must be able to continue their work to detect and remove child sexual
abuse material online, and the damage caused by this material calls for a framework setting
out clear and permanent obligations to tackle the problem. The Strategy will also announce
that the Commission will also start preparing sector-specific legislation to tackle child
sexual abuse online more effectively, in full respect of fundamental rights.
More generally, the forthcoming Digital Services Act will also clarify and upgrade the
liability and safety rules for digital services and remove disincentives holding back actions
to address illegal content, goods or services.
In addition, the Commission will continue to engage with international partners and with the
Global Internet Forum to Counter Terrorism, including through the independent
advisory committee, to discuss how to tackle these challenges at global level while
preserving EU values and fundamental rights. New topics should also be addressed such as
algorithms or online gaming.73
Hybrid threats
The scale and diversity of hybrid threats today is unprecedented. The COVID-19 crisis saw
more proof of this, with several state and non-state actors seeking to instrumentalise the
pandemic – in particular through manipulation of the information environment and
challenging core infrastructures. This risks weakening social cohesion and undermining trust
in EU institutions and Member States’ governments.
The EU approach to hybrid threats is set out in the 2016 Joint Framework74 and the 2018
Joint Communication on bolstering hybrid resilience.75 Action at EU level is underpinned by
a sizeable toolbox covering the internal-external nexus, based on a whole-of-society
approach and on close cooperation with strategic partners, notably NATO and G7. A report
on the implementation of the EU approach on hybrid threats is published together with this
Strategy.76 Based on the mapping77 presented in parallel to this Strategy, the Commission
services and the European External Action Service will create a restricted online platform
for Member States’ reference on counter-hybrid tools and measures at EU level.
Whereas responsibility for countering hybrid threats lies primarily with Member States –
due to the intrinsic links with national security and defence policies – some vulnerabilities
are common to all Member States and some threats extend across borders, such as targeting
cross-border networks or infrastructure. The Commission and the High Representative will
set out an EU approach to hybrid threats that integrates the external and internal dimension
in a seamless flow and brings the national and EU-wide considerations together. This must
cover the full spectrum of action – from early detection, analysis, awareness, building
resilience and prevention through to crisis response and consequence management.
In addition to reinforced implementation, with hybrid threats in constant evolution, a
particular focus will be to mainstream hybrid considerations into policy making, to keep
up to speed with dynamic developments and to ensure that no potentially relevant initiative
73
Terrorists are increasingly using the messaging system of gaming platforms for exchanges and young
terrorists also re-play violent attacks in video games.
74
Joint Framework on Countering Hybrid Threats – a European Union response, JOIN (2016) 18.
75
Increasing Resilience and Bolstering Capabilities to Address Hybrid Threats, JOIN (2018) 16.
76
SWD(2020) 153 Report on the implementation of the 2016 Joint Framework on countering hybrid threats
and the 2018 Joint Communication on increasing resilience and bolstering capabilities to address hybrid
threats
77
SWD(2020) 152 Mapping of the measures related to enhancing resilience and countering hybrid threats.

14
is overlooked. The effects of new initiatives will also be assessed through hybrid lenses,
including initiatives in areas that have so far been outside the remit of the counter hybrid
framework such as education, technology and research. This approach would benefit from
the work done on the conceptualisation of hybrid threats, which provides a comprehensive
view of the various tools that adversaries may use.78 The aim should be to ensure that the
decision-making process is underpinned by regular, comprehensive intelligence-based
reporting on the evolution of hybrid threats. This will rely heavily on Member States’
intelligence and on further enhancing intelligence cooperation with Member States’
competent services through EU INTCEN.
To develop situational awareness, the Commission services and the European External
Action Service will explore options to streamline information flows from different sources,
including Member States, as well as EU agencies such as ENISA, Europol and Frontex. The
EU Hybrid Fusion Cell will remain the EU focal point for hybrid threat assessments.
Building resilience is central to preventing and protecting against hybrid threats. It is
therefore crucial to systematically track and objectively measure progress in this area. A first
step will be to identify sectoral hybrid resilience baselines for both Member States and EU
institutions and bodies. Finally, to step up hybrid crisis response preparedness, the
existing protocol should be reviewed, as defined in the 2016 EU Playbook79, reflecting a
broader review and strengthening of the EU crisis response system currently under
consideration.80 The aim is to maximise the effect of EU action by swiftly bringing together
sectoral responses and ensuring seamless cooperation with our partners, NATO in the first
place.
Key actions

 Ensuring that the cybercrime legislation is implemented and fit for purpose
 A Strategy for a more effective fight against child sexual abuse
 Proposals on the detection and removal of child sexual abuse material
 An EU approach on Countering Hybrid Threats
 Review of the EU operational protocol for countering hybrid threats (EU Playbook)
 Assessment of how to enhance law enforcement capacity in digital investigations

3. Protecting Europeans from terrorism and organised crime

Terrorism and radicalisation

The terrorist threat in the EU remains high. Despite the decrease in the number of attacks
overall, these can still have a devastating effect. Radicalisation can also more broadly
polarise and destabilise social cohesion. Member States retain the primary responsibility in
the fight against terrorism and radicalisation. However, the ever-increasing cross-
border/cross sectorial dimension of the threat calls for further steps in EU cooperation and
coordination. Effective implementation of EU counter-terrorism legislation, including

78
The Landscape of Hybrid Threats: A conceptual Model, JRC117280, jointly developed by the Joint
Research Centre and the Centre of Excellence for Countering Hybrid Threats.
79
EU operational protocol for countering hybrid threats (EU Playbook), SWD(2016) 227.
80
Following their video conference on 26 March 2020, the Members of the European Council adopted a
Statement on EU actions in response to the COVID-19 outbreak, inviting the Commission to make
proposals a more ambitious and wide-ranging crisis management system within the EU.

15
restrictive measures81, is a priority. It remains an objective to extend the mandate of the
European Public Prosecutor’s Office to cross-border terrorist crimes.
Fighting terrorism starts with addressing the root causes. The polarisation of society, real or
perceived discrimination and other psychological and sociological factors can reinforce
people’s vulnerability to radical discourse. In this context, tackling radicalisation goes hand
in hand with fostering social cohesion at local, national and European level. Several
impactful initiatives and policies have been developed in the last decade, in particular
through the Radicalisation Awareness Network and the EU Cities against Radicalisation
Initiative.82 It is time now to consider actions to streamline EU policies, initiatives and funds
to tackle radicalisation. Such actions can support the development of capabilities and skills,
enhance cooperation, strengthen the evidence base and help evaluate progress, involving all
relevant stakeholders, including first line practitioners, policy makers and academia.83 Soft
policies such as education, culture, youth and sports could contribute to the prevention of
radicalisation, providing opportunities for at-risk youth and cohesion inside of the EU.84
Priority areas include work on early detection and risk management, resilience building and
disengagement, as well as rehabilitation and reintegration in society.
Terrorists have sought to acquire and to “weaponise” chemical, biological, radiological
and nuclear (CBRN)85 materials, as well as to develop the knowledge and capacity to use
them.86 The potential of CBRN attacks features prominently in terrorist propaganda. With
the potential damage so high, particular attention is needed. Building on the approach used
to regulate access to explosive precursors, the Commission will look into restricting access
to certain dangerous chemicals that could be used to carry out attacks. The development of
EU civil protection response (rescEU) capacities in the field in CBRN will also be key.
Cooperation with third countries is also important to enhance a common culture of CBRN
safety and security, making full use of the EU global CBRN Centres of Excellence. This
cooperation will include national gap and risk assessments, support to national and regional
CBRN action plans, exchanges of good practices and CBRN capacity building activities.
The EU has developed the most advanced legislation in the world to restrict access to
explosives precursors87 and detect suspicious transactions aiming to build improvised
explosive devices. But the threat from home-made explosives remains high, used in multiple
attacks throughout the EU.88 The first step must be implementation of the rules, as well as
ensuring that the online environment does not allow the by-passing of controls.
The effective prosecution of those who have committed terrorist crimes, including Foreign
Terrorist Fighters currently in Syria and Iraq, is also an important element of
counterterrorism policy. While these issues are primarily dealt with by Member States, EU

81
The Council adopted restrictive measures with respect to ISIL (Da'esh) and Al-Qaida, as well as specific
restrictive measures directed against certain persons and entities with a view to combating terrorism. See
the EU Sanctions Map (https://www.sanctionsmap.eu/#/main) for an overview of all restrictive measures.
82
The pilot initiative “EU Cities against Radicalisation” has the double objective to foster the exchange of
expertise among EU cities and to gather feedback on how to best support local communities at EU level.
83
For example funding under the European Security Fund and the Citizenship programme.
84
EU actions such as the Erasmus+ Virtual Exchanges, e-twinning.
85
In the past two years there have been for instance several cases both in Europe (France, Germany, Italy)
and elsewhere (Tunisia, Indonesia) involving biological agents (usually plant-based toxins).
86
The Council adopted restrictive measures against the proliferation and use of chemical weapons.
87
Chemicals that could be misused to manufacture homemade explosives. These are regulated in Regulation
(EU) 2019/1148 2019 on the marketing and use of explosives precursors.
88
Some examples of such devastating attacks include attacks in Oslo (2011), Paris (2015), Brussels (2016),
and Manchester (2017). An attack with a homemade explosive in Lyon (2019) wounded 13 people.

16
coordination and support can help Member States to address common challenges. The steps
under way to fully implement border security legislation89 and make full use of all relevant
EU databases to share information on known suspects will be an important step. As well as
identifying high-risk individuals, a reintegration and rehabilitation policy is needed. Cross-
professional cooperation, including with prison and probation staff, will reinforce the
judicial understanding of the processes of radicalisation to violent extremism and the
judicial sector’s approach to sentencing and alternatives to detention.
The challenge of foreign terrorist fighters is emblematic of the link between internal and
external security. Cooperation on counterterrorism and preventing and countering
radicalisation and violent extremism is central to security inside the EU. 90 Further steps to
develop counterterrorism partnerships and cooperation with countries in the neighbourhood
and beyond is needed, drawing on the expertise of the Network of EU Counter-
Terrorism/Security Experts. The Joint Action Plan on Counter-terrorism for the Western
Balkans is a good reference for such targeted cooperation. In particular, efforts should be
made to support partner countries’ capacity to identify and locate foreign terrorist fighters.
The EU will also continue to promote multilateral cooperation, working with the leading
global actors in this field, such as the United Nations, NATO, the Council of Europe,
Interpol and the OSCE. It will also engage with the Global Counterterrorism Forum and the
Global Coalition against Da’esh, as well as relevant civil society actors. The Union’s
external policy instruments, including development and cooperation, play also an important
role when working with third countries to prevent terrorism and piracy. International
cooperation is also essential to cut off all sources of terrorism financing, for example
through the Financial Action Task Force.
Organised crime
Organised crime comes at a huge economic and personal cost. The economic loss due to
organised crime and corruption has been estimated to represent between €218 and €282
billion annually.91 More than 5,000 organised crime groups were under investigation in
Europe in 2017 – a 50% rise compared to 2013.92 Organised crime is increasingly operating
cross-border including from the immediate neighbourhood of the EU, calling for intensified
operational cooperation and information exchange with partners in the neighbourhood.
New challenges are emerging and taking crime online: the COVID-19 pandemic saw a huge
rise in online scams on vulnerable groups, as well as health and sanitary products being
targeted in thefts and burglaries.93 The EU needs to step up its work against organised crime,
including at international level, with more tools to dismantle organised crime’s business
model. Fighting organised crime also requires close cooperation with local and regional
administrations as well as civil society, who are key partners in crime prevention as well as
in providing assistance and support to victims, with a particular need amongst
administrations in border regions. This work will be brought together in an Agenda for
tackling organised crime.

89
Including the new mandate of the European Border and Coast Guard Agency (Frontex).
90
Council conclusions of 16 June 2020 underlined the need to protect EU citizens against terrorism and
violent extremism, in all their forms and irrespective of their origin, and to further strengthen the EU’s
external counter-terrorism engagement and action in certain priority geographic and thematic areas.
91
In terms of Gross Domestic Product (GDP); Europol report: “Does crime still pay?” – Criminal asset
recovery in the EU, 2016.
92
Europol, Serious and Organised Threat Assessments (SOCTA), 2013 and 2017.
93
Europol, 2020.

17
More than one third of the organised crime groups active in the EU are involved in the
production, trafficking or distribution of drugs. Drugs addiction led to over eight thousand
overdose deaths in the EU in 2019. The bulk of drug trafficking operates across borders
with many of the profits infiltrating the legal economy.94 A new EU Agenda on Drugs95 will
strengthen the efforts of the EU and Member States in the areas of drug demand and supply
reduction, defining joint actions addressing a common problem and reinforcing the dialogue
and cooperation between the EU and external partners on drug issues. Following an
evaluation of the European Monitoring Centre on Drugs and Drugs Addiction, the
Commission will assess whether its mandate needs updating to meet new challenges.
Organised crime groups and terrorists are also key players in the trade of illegal firearms.
Between 2009 and 2018, 23 mass-shooting incidents occurred in Europe, which killed over
340 people.96 Firearms are often trafficked into the EU through its immediate
neighbourhood.97 This points to a need to reinforce coordination and cooperation both
within the EU and with international partners, particularly Interpol, to harmonise the
collection of information and reporting on firearm seizures. It is also essential to improve the
traceability of weapons, including on the internet, and ensure information exchange between
licensing and law enforcement authorities. The Commission is putting forward a new EU
Action Plan against firearms trafficking98 and will also assess whether the rules on export
authorisation and import and transit measures for firearms are still fit for purpose.99
Criminal organisations treat migrants and people in need of international protection as a
commodity. 90% of the irregular migrants arriving in the EU are facilitated by a criminal
network.100 Migrant smuggling is also often intertwined with other forms of organised
crime, in particular trafficking in human beings.101 Apart from the huge human cost of
trafficking, Europol estimates that globally the generated annual profit for all forms of
exploitation from human trafficking amounts to €29.4 billion. This is a transnational crime
feeding on illegal demands from within and outside the EU and impacting all EU Member
States. The poor record in identifying, prosecuting and convicting these crimes requires a
new approach to step up action. A new comprehensive approach to trafficking in human
beings will draw together the threads of action. In addition, the Commission will present a
new EU Action Plan against migrant smuggling for 2021-2025. Both strands will focus
on combatting criminal networks, boosting cooperation and support the work of law
enforcement.

Organised crime groups – as well as terrorists – also seek opportunities in other fields,
especially those generating high profits at a low detection risk, such as environmental
crime. Illicit hunting and trading of wildlife, illegal mining, logging, and illegal waste
disposal and shipments, have become the fourth largest criminal business around the

94
EMCDDA and Europol, EU Drug Markets Report 2019. (November 2019).
95
EU Drugs Agenda and Action Plan 2021-2025, COM(2020) 606.
96
Flemish Peace Institute, Armed to kill. (October 2019).
97
The EU has funded the fight against the proliferation and trafficking of small arms and light weapons in the
region since 2002; it is notably funded the South-East Europe Firearms Expert Network (SEEFEN). Since
2019, Western Balkan partners have been fully involved in the Firearms priority of the European
Multidisciplinary Platform Against Criminal Threats (EMPACT).
98
COM(2020) 608.
99
Regulation (EU) No 258/2012 implementing Article 10 of the United Nations’ Protocol against the illicit
manufacturing of and trafficking in firearms.
100
Source: Europol.
101
Europol, EMSC, 4th Annual Report.

18
world.102 There has also been criminal exploitation of emission trading schemes and energy
certificate systems, as well as the misuse of funding allocated to environmental resilience
and sustainable development. As well as promoting action by the EU, Member States and
the international community to step up efforts against environmental crime 103, the
Commission is assessing whether the Environmental Crime Directive104 is still fit for
purpose. Trafficking in cultural goods has also become one of the most lucrative criminal
activities, a source of funding for terrorists as well as organised crime and it is on the rise.
Steps should be explored to improve the online and offline traceability of cultural goods in
the internal market and cooperation with third countries where cultural goods are looted as
well as providing active support to law enforcement and academic communities.
Economic and financial crimes are highly complex, but they affect millions of citizens and
thousands of companies in the EU every year. Combatting fraud is crucial and requires EU-
level action. Europol, along with Eurojust, the European Public Prosecutor’s Office and the
European Anti-Fraud Office support Member States and the EU in protecting the economic
and financial markets and safeguarding EU taxpayers’ money. The European Public
Prosecutor’s Office will become fully operational late in 2020 and investigate, prosecute and
bring to judgment crimes against the EU budget, such as fraud, corruption and money
laundering. It will also tackle cross-border VAT fraud costing taxpayers at least €50 billion
every year.
The Commission will also support the development of expertise and of a legislative
framework in emerging risks, such as crypto-assets and new payment systems. In particular,
the Commission will look at the response to the emergence of crypto-assets such as bitcoin
and the effect these new technologies will have on how financial assets are issued,
exchanged, shared and accessed.
There should be zero tolerance for illicit money within the European Union. Over thirty
years, the EU has developed a solid regulatory framework for preventing and combatting
money laundering and terrorist financing, in full respect of the need to protect personal
data. Nevertheless, there is growing consensus that the implementation of the current
framework needs to be significantly improved. Major divergences in the way it is applied
and serious weaknesses in the enforcement of the rules need to be addressed. As detailed in
the Action Plan of May 2020105, work is under way to assess options to enhance the EU’s
framework for anti-money laundering and countering terrorist financing. Areas to explore
include the interconnection of national centralised bank account registries, which could
significantly speed up access to the financial information for Financial Intelligence Units
and competent authorities.
Profits of organised crime groups are estimated at €110 billion per year in the EU. The
current response includes harmonised legislation on confiscation and asset recovery, 106 to
improve the freezing and confiscation of criminal assets in the EU and to facilitate mutual
trust and effective cross-border cooperation between Member States. However, only about
1% of these profits are confiscated107, which allows organised crime groups to invest in the
expansion of their criminal activities and to infiltrate the legal economy, and in particular
small and medium enterprises, which have difficulties in access to credit, are a key target for
102
UNEP-INTERPOL Rapid Response Assessment: The Rise of Environmental Crime, June 2016.
103
See The European Green Deal COM(2019) 640 final.
104
Directive 2008/99/EC on the protection of the environment through criminal law.
105
Action Plan on preventing money laundering and terrorist financing COM(2020) 2800.
106
EU law requires Asset Recovery Offices to be established in all Member States.
107
Report on Asset recovery and confiscation: ensuring that crime does not pay, COM(2020) 217 final.

19
money laundering. The Commission will analyse the implementation of the legislation108
and the possible need for further common rules, including on non-conviction based
confiscation. The Asset Recovery Offices109, key actors in the asset recovery process, could
also be equipped with better tools to identify and trace assets in a speedier way across the
EU in order to step up confiscation rates.
There is a strong link between organised crime and corruption. It has been roughly
estimated that corruption alone costs the EU economy €120 billion per year. 110 The
prevention and fight against corruption will continue to be subject to regular monitoring
under the rule of law mechanism as well as the European Semester. The European semester
has assessed challenges in the fight against corruption such as public procurement, public
administration, the business environment or healthcare. The Commission’s new annual rule
of law report will cover the fight against corruption and enable a preventive dialogue with
national authorities and interested stakeholders at EU and national level. Civil society
organisations can also play a key role in stimulating the action of public authorities in
preventing and fighting organised crime and corruption, and these groups could usefully be
brought together in a common forum. Due to their cross-border nature, another key
dimension is cooperation and assistance on organised crime and corruption with
neighbouring regions to the EU.
Key actions
 Counter-Terrorism Agenda for the EU, including renewed anti-radicalisation actions in
the EU
 New cooperation with key third countries and international organisations against
terrorism
 Agenda on tackling organised crime, including trafficking in human beings
 EU Agenda on Drugs and Action Plan 2021-2025
 Assessment of the European Monitoring Centre for Drugs and Drug Addiction
 2020-2025 EU Action Plan on Firearms trafficking
 Review of legislation on freezing and confiscation and on Asset Recovery Offices
 An assessment of the Environmental Crime Directive
 An EU Action Plan against Migrant Smuggling, 2021-2025

4. A strong European security ecosystem

A genuine and effective Security Union must be the common endeavour of all parts of
society. Governments, law enforcement, the private sector, education and citizens
themselves need to be engaged, equipped, and properly connected to build preparedness and
resilience for all, particularly the most vulnerable, victims and witnesses.
All policies need a security dimension and the EU can make a contribution at all levels. In
the home, domestic violence is one of the most serious security risks. In the EU 22% of
women have experienced violence by an intimate partner.111 EU accession to the Istanbul

108
Directive 2014/42/EU on the freezing and confiscation of instrumentalities and proceeds of crime.
109
Council Decision 2007/845/JHA on cooperation between Asset Recovery Offices of the Member States in
the field of tracing and identification of proceeds from, or other property related to, crime.
110
Estimating the total economic costs of corruption is difficult, though efforts have been made by bodies
including International Chamber of Commerce, Transparency International, UN Global Compact, and the
World Economic Forum, suggesting that corruption amounts to 5% of global GDP.
111
A Union of Equality: Gender Equality Strategy 2020-2025, COM(2020) 152.

20
Convention on preventing and combatting violence against women and domestic violence
remains a key priority. Should the negotiations remain blocked, the Commission will take
other measures to achieve the same objectives as the Convention, including proposing to add
violence against women to the list of EU crimes defined in the Treaty.
Cooperation and information exchange
One of the most critical contributions the EU can make to protecting citizens is through
helping those responsible for security to work well together. Cooperation and information
sharing are the most powerful tools to combat crime and terrorism and pursue justice. To be
efficient, it needs to be targeted and timely. To be trusted, it needs to be used with common
safeguards and controls.
A number of EU instruments and sector specific strategies112 have been set up to further
develop operational law enforcement cooperation between Member States. One of the
main EU instruments supporting law enforcement cooperation between Member States is the
Schengen Information System, used to exchange data on wanted and missing persons and
objects in real time. The results have been felt in the arrest of criminals, seizures of drugs
and the rescuing of potential victims.113 However, the level of cooperation could still be
improved through streamlining and upgrading the available instruments. Most of the EU
legal framework underpinning operational law enforcement cooperation was designed 30
years ago. A complex web of bilateral agreements between Member States, many outdated
or underused, risks fragmentation. In smaller or landlocked countries, law enforcement
officers working across borders have to carry out operational actions following, in some
cases, up to seven different sets of rules: the result is that some operations, such as hot
pursuits of suspects over internal borders, simply do not happen. Operational cooperation on
new technologies such as drones are also not covered by the current EU framework.
Operational effectiveness can be supported by specific law enforcement cooperation, which
may also help to provide key support to other policy goals – such as providing security input
for the new assessment of foreign direct investment. The Commission will look at how a
Police Cooperation Code might support this. Member States’ law enforcement authorities
have increasingly made use of support and expertise at EU level, while EU INTCEN has
played a key role in promoting the exchange of strategic intelligence between Member
States Intelligence and Security Services providing intelligence situational awareness in
favour of EU institutions.114 Europol can also play a key role in expanding its cooperation
with third countries to counter crime and terrorism in coherence with other EU external
polices and tools. However, Europol today faces a number of serious constraints – notably
as regards the direct exchange of personal data with private parties – which hinders it from
effectively supporting Member States in combating terrorism and crime. Europol’s mandate
is now being assessed to see how it should be improved to ensure that the Agency can fully
perform its tasks. In this context, relevant authorities at EU level (such as OLAF, Europol,
Eurojust and the European Public Prosecutor’s Office) should also cooperate more closely
and improve the exchange of information.
Another key connection is with the further development of Eurojust to maximise the
synergy between law enforcement cooperation and judicial cooperation. The EU would also

112
Such as the EU Maritime Security Strategy Action Plan which led to important achievements with the
cooperation on coast-guard functions between relevant EU Agencies.
113
The EU fight against organised crime in 2019 (Council, 2020).
114
EU INTCEN serves as the only gateway for Member States Intelligence and Security Services to provide
intelligence-led situational awareness to the EU.

21
benefit from more strategic coherence: EMPACT115, the EU policy cycle for serious and
international organised crime, provides a criminal intelligence-led methodology for
authorities to jointly tackle the most important criminal threats affecting the EU. It has
resulted in important operational results116 in the past decade. Based on practitioners’
experience, the existing mechanism should be streamlined and simplified to better address
the most pressing and evolving criminal threats for a new Policy Cycle 2022-2025.
Timely and relevant information is key for the daily work of pursuing crime. Despite the
development of new EU level databases for security and border management, much
information is still located in national databases or exchanged outside these tools. The result
is a significant additional workload, delays, and an increased risk that key information is
missed. Better, quicker and simplified processes, involving all the security community,
would bring better results. The right tools are essential if information exchange is to meet its
potential in the effective pursuit of crime with the necessary safeguards so that data sharing
respects data protection laws and fundamental rights. In light of technological, forensic and
data protection developments, and changed operational needs, the EU could consider if there
is a need to modernise instruments such as the 2008 Prüm Decisions, establishing
automated exchange of DNA, fingerprint and vehicle registration data, to enable the
automated exchange of additional data categories that are already available in Member
States’ criminal or other databases for the purpose of criminal investigations. In addition, the
Commission will look into the possibility to exchange police records to help identify if any
police record on a person exists in other Member States, and facilitate access to these
records once identified, with all the necessary safeguards.
Information on travellers has helped to improve border controls, reduce irregular
migration, and identify persons posing security risks. Advanced Passenger Information data
are the biographic data for each passenger collected by air carriers during check-in and sent
in advance to the border control authorities at destination. The revision of the legal
framework117 could allow for more effective use of the information, while ensuring
compliance with data protection legislation and facilitating the flow of passengers.
Passenger Name Records (PNR) is the data provided by passengers when booking flights.
The implementation of the PNR Directive118 is key, and the Commission will continue to
support and enforce this. Moreover, as a mid-term action, the Commission will launch a
review of the current approach on PNR data transfer to third countries.
Judicial cooperation is a necessary complement to police efforts to fight cross-border
crime. Judicial cooperation has gone through a more profound change in the last 20 years.
Bodies such as the European Public Prosecutor’s Office and Eurojust need to have the
means to function to their fullest extent or be reinforced. Co-operation between judicial
practitioners could also be enhanced, through further steps on the mutual recognition of
judicial decisions, judicial training, and information exchange. The goal should be increased
mutual trust among judges and prosecutors, central to smooth cross-border proceedings. The
use of digital technologies can also improve the efficiency of our justice systems. A new
digital exchange system is being set up to transmit European Investigation Orders, mutual
legal assistance requests and related communications between Member States, supported by

115
EMPACT stands for European Multidisciplinary Platform Against Criminal Threats.
116
https://data.consilium.europa.eu/doc/document/ST-7623-2020-INIT/en/pdf.
117
Council Directive 2004/82/EC on the obligation of carriers to communicate passenger data.
118
Directive 2016/681 on the use of passenger name record (PNR) data for the prevention, detection,
investigation and prosecution of terrorist offences and serious crime.

22
Eurojust. The Commission will work with Member States to accelerate the roll-out of the
necessary IT systems at the national level.
International cooperation is also key to effective law enforcement and judicial cooperation.
Bilateral agreements with key partners play a key role in securing information and evidence
from beyond the EU. Interpol, one of the largest inter-governmental criminal police
organisations, has an important role. The Commission will look at possible ways of
reinforcing cooperation with Interpol, including possible access to Interpol databases and the
strengthening of operational and strategic cooperation. Law enforcement authorities in the
EU also rely upon key partner countries to detect and investigate criminals and terrorists.
Security partnerships between the EU and third countries could be stepped up in order
to increase cooperation to counter shared threats such as terrorism, organised crime,
cybercrime, child sexual abuse and trafficking in human beings. Such an approach would be
based on common security interests and builds on established cooperation and security
dialogues.
As well as information, exchange of expertise can be of particular value in increasing the
preparedness of law enforcement to non-traditional threats. As well as encouraging
exchanges of best practice, the Commission will explore a possible EU-level coordination
mechanism for police forces in case of force majeure events such as pandemics. The
pandemic has also proven that Digital Community Policing, accompanied by legal
frameworks to facilitate online policing, will be fundamental in tackling crime and
terrorism. Police-community partnerships, off and online, can prevent crime and mitigate the
impact of organised crime, radicalisation and terrorist activities. The connection from local
to regional to national and EU police solutions is a key success factor for the EU Security
Union as a whole.
The contribution of strong external borders
Modern and efficient management of external borders has the dual benefit of maintaining
the integrity of Schengen and providing security for our citizens. Engaging all relevant
actors to make the most of security at the border can have a real impact on the prevention of
cross-border crime and terrorism. Joint operational activities of the recently strengthened
European Border and Coast Guard119 contribute to the prevention and detection of cross-
border crime at the external borders and beyond the EU. Customs activities in detecting
safety and security risks in all goods before they arrive in the EU and in controlling goods
when they arrive are crucial in the fight against cross-border crime and terrorism. The
forthcoming Action Plan on the Customs Union will announce actions to also strengthen risk
management and to enhance internal security, including in particular by assessing the
feasibility of a link between relevant information systems for security risk analysis.
The framework for interoperability between EU information systems in the area of
justice and home affairs was adopted in May 2019. This new architecture seeks to improve
the efficiency and effectiveness of the new or upgraded information systems.120 It will lead
to faster, more systematic information for law enforcement officers, border guards and
migration officials. It will help correct identification and contribute to fighting identity
fraud. To make this a reality, implementation of interoperability should be a priority, both at

119
Composed of European Border and Coast Guard Agency (Frontex) and the Member States’ border guard
authorities and coast guard authorities.
120
The Entry Exit System (EES), the European Travel Information and Authorization System (ETIAS), the
extended European Criminal Records Information System (ECRIS-TCN), the Schengen Information
System, the Visa Information System and the future updated Eurodac.

23
political and technical level. Close cooperation between EU agencies and all Member States
will be paramount in order to achieve the goal of full interoperability by 2023.
Travel document fraud is considered one of the most frequently committed crimes. It
facilitates the clandestine movement of criminals and terrorists, and plays a key role in
trafficking in human beings and in the drugs trade.121 The Commission will explore how to
extend existing work on the security standards of EU residence and travel documents,
including through digitalisation. As of August 2021, Member States will start issuing
identity cards and residence documents according to harmonised security standards,
including a chip containing biometric identifiers that can be verified by all EU border
authorities. The Commission will monitor the implementation of these new rules, including
the gradual replacement of documents currently in circulation.
Strengthening security research and innovation
Work to ensure cybersecurity and to combat organised crime, cybercrime and terrorism all
rely heavily on developing tools for this future: to help create safer and more secure new
technologies, to address the challenges brought about by technologies, and to support the
work of law enforcement. This in turn relies on private partners and industries.
Innovation should be seen as a strategic tool to counter current threats and to anticipate both
future risks and opportunities. Innovative technologies can bring new tools to help law
enforcement and other security actors. Artificial intelligence and big data analytics could
harness high-performance computing to offer better detection and quick, comprehensive
analysis.122 A key precondition to develop reliable technologies is high quality data sets,
available to the competent authorities to train, test and validate algorithms.123 More
generally, the risk of technological dependence today is strong – the EU is for example a net
importer of cybersecurity products and services, with all this entails for the economy and for
critical infrastructures. To master technology and guarantee continuity of supply also in case
of adverse events and crises, Europe needs presence and capacity in the critical parts of the
relevant value chains.
EU research, innovation and technological development offer the opportunity to take the
security dimension into account as these technologies and their application are developed.
The next generation of EU funding proposals can act as a major stimulus.124 Initiatives on
European data spaces and cloud infrastructures have security factored in from the start. The
European Cybersecurity Industrial, Technology and Research Competence Centre and the
Network of National Coordination Centres125 aim to set up an effective and efficient
structure to pool and share cybersecurity research capacities and outcomes. The EU Space

121
The link between document fraud and human trafficking is set out in Second report on the progress made in
the fight against trafficking in human beings, COM(2018) 777 and the accompanying SWD(2018) 473 and
Europol, Situation Report Trafficking in human beings in the EU, 2016.
122
This should draw on the Commission’s strategy on Artificial Intelligence.
123
A European strategy for data, COM(2020) 66 final.
124
The Commission’s proposals for Horizon Europe, the Internal Security Fund, the Integrated Border
Management Fund, the EUInvest Programme, the European Regional Development Fund and the Digital
Europe Programme will all support the development and deployment of innovative security technologies
and solutions along the security value chain.
125
Proposal of 12 September 2018 establishing the European Cybersecurity Industrial, Technology and
Research Competence Centre and the Network of National Coordination Centres, COM(2018) 630.

24
programme delivers services supporting the security of the EU, its Member States and
individuals.126
With over 600 projects launched for an overall value close to €3 billion since 2007, EU-
funded security research is a key instrument to drive technology and knowledge in support
of security solutions. As part of the review of Europol’s mandate, the Commission will look
into the creation of a European Innovation hub for internal security127 that would seek to
deliver common solutions to shared security challenges and opportunities, which Member
States might not be able to exploit alone. Cooperation is fundamental to focus investment to
best effect and to develop innovative technologies with both a security and an economic
benefit.
Skills and awareness raising
Awareness of security issues and acquiring the skills to deal with potential threats are
essential to build a more resilient society with better prepared enterprises, administrations
and individuals. Challenges to IT infrastructure and e-systems have revealed the need to
improve our human capacity for cybersecurity preparedness and response. The pandemic
has also highlighted the importance of digitalisation across all areas of the EU economy and
society.
Even a basic knowledge of security threats and how to combat them can have a real
impact on society’s resilience. Consciousness of the risks of cybercrime and the need to
protect oneself from it can work together with protection from service providers to counter
cyber-attacks. Information about the dangers and risks of drug trafficking can make it more
difficult for criminals to succeed. The EU can stimulate the spread of best practice such as
through the network of Safer Internet Centres128 and ensure that such goals are factored into
its own programmes.
The future Digital Education Action Plan should include targeted measures to build security
IT skills for the whole population. The recently adopted Skills Agenda129 supports skills
building throughout life. It includes dedicated actions to increase the number of graduates in
science, technology, engineering, arts and mathematics needed in cutting-edge areas such as
cybersecurity. Additional actions, financed by the Digital Europe Programme will allow
professionals to keep pace with evolutions in the security threat landscape and, at the same
time, fill the shortages in this field the EU labour market. The overall impact will be to allow
individuals to acquire skills to deal with security threats and businesses to find the
professionals they need in this area. The upcoming European Research Area and European
Education Area will also promote careers in science, technology, engineering, arts and
mathematics.
Also important is victims’ access to their rights; they must receive the necessary assistance
and support they need given their specific circumstances. Particular efforts are required

126
For instance, Copernicus provides services allowing the surveillance of EU external borders and maritime
surveillance which helps action against piracy and smuggling, as well as supporting critical infrastructures.
Once fully operational, this will be a key enabler for civil and military missions and operations.
127
This would work also with EBCGA/Frontex, CEPOL, eu-LISA and the Joint Research Centre.
128
See www.betterinternetforkids.eu: the central portal and the national Safer Internet Centres are currently
funded under CEF/Telecom, future funding has been proposed under Digital Europe Programme.
129
European Skills Agenda for sustainable competitiveness, social fairness and resilience, COM(2020) 274
final

25
when it comes to minorities and the most vulnerable victims, such as children or women
trafficked for sexual exploitation or exposed to domestic violence.130
There is a particular role for enhanced skills in law enforcement. The current and new
technological threats calls for more investment in upskilling law enforcement personnel at
the earliest stage and throughout their career. CEPOL is an essential partner to assist
Member States in this task. Law enforcement training related to racism and xenophobia, and
citizens’ rights more generally, must be an essential component of an EU culture of security.
National justice systems and justice practitioners must also be equipped to adapt and
respond to unprecedented challenges. Training is essential to allow authorities on the ground
to exploit these tools in an operational situation. In addition, all efforts should be made to
reinforce gender mainstreaming and strengthen women’s participation in law enforcement.

Key actions
 Strengthening of Europol mandate
 Exploring an EU ‘Police Cooperation Code’ and police coordination in times of crisis
 Strengthening Eurojust to link judicial and law enforcement authorities
 Revision of the Advance Passenger Information Directive
 Communication on the external dimension of Passenger Name Records
 Strengthening cooperation between the EU and Interpol
 A framework to negotiate with key third countries on sharing of information
 Better security standards for travel documents
 Exploring a European Innovation hub for internal security

V. Conclusions
In an increasingly turbulent world, the European Union is still widely regarded as one of the
safest and most secure places. However, this is not something that can be taken for granted.
The new Security Union strategy lays the foundations for a security ecosystem that spans the
entire breadth of European society. It is grounded in the knowledge that security is a shared
responsibility. Security is an issue that affects everyone. All government bodies, businesses,
social organisations, institutions and citizens must fulfil their own responsibilities in order to
make our societies more secure.
Security issues now need to be viewed from a much broader perspective than in the past.
False distinctions between the physical and digital need to be overcome. The EU Security
Union Strategy brings together the full range of security needs and focuses on the areas most
critical to EU security in the years to come. It also acknowledges that security threats do not
respect geographical borders, as well as the increasing inter-connection between internal and
external security.131 In that context, it will be important for the EU to cooperate with
international partners for the safeguard of all the EU citizens and to maintain close
coordination with EU external action in the implementation of this Strategy.
Our security is linked to our fundamental values. All the proposed actions and initiatives in
this strategy will fully respect fundamental rights and our European values. These are the
foundation of our European way of life and must remain at the core of all our work.

130
See Gender equality strategy, COM(2020) 152; Victims’ rights strategy, COM(2020) 258; and the
European Strategy for Better Internet for Children, COM(2012) 196.
131
See the EU Global Strategy

26
Lastly, the Commission remains fully aware of the fact that any policy or action is only ever
as good as its implementation. Relentless emphasis is therefore needed on the proper
implementation and enforcement of existing and future legislation. This will be monitored
through regular Security Union reports and the Commission will keep the European
Parliament, the Council and stakeholders fully informed and engaged in all relevant actions.
In addition, the Commission stands ready to participate in and organise joint debates with
the institutions on the Security Union Strategy in order to take stock together of progress
achieved while looking together at the challenges ahead.
The Commission invites the European Parliament and the Council to endorse this Security
Union Strategy as the basis for cooperation and joint action on security in the next five
years.

27