EMCDDA-Europol working arrangement, 2018

Draft Working Arrangement establishing cooperative relations between

the European Monitoring Centre for Drugs and Drug Addiction (EMCDDA)

and

the European Union Agency for Law Enforcement Cooperation (Europol)

The European Monitoring Centre for Drugs and Drug Addiction, hereinafter referred as “the EMCDDA” and the European Union Agency for Law Enforcement Cooperation, hereinafter referred to as “Europol”, hereinafter jointly referred to as “The Parties”,

Aware of the urgent problems arising from international organised crime, especially terrorism, and other forms of serious crime, and the significant role the production, trafficking and distribution of drugs, drug precursors and new psychoactive substances can have in this regard,

Considering that the Europol Management Board has determined the list of Union Bodies with which Europol may conclude Working Arrangements, thereby having given Europol the authorisation to enter into negotiations on a Working Arrangement with the EMCDDA,

Considering Articles 23 and 24 of the Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Law Enforcement Cooperation as well as that the Europol Management Board has on (date) approved the present Working Arrangement between the EMCDDA and Europol,

Whereas the Management Board of the EMCDDA, after receiving the favourable opinion of the European Commission, provided the EMCDDA Director at its meeting of (date) with a mandate to sign the present Working Arrangement,

Having regard to the Regulation (EU) 2017/2101 of the European Parliament and of the Council amending Regulation (EC) No 1920/2006 as regards information exchange on, and an early warning system and risk assessment procedure for, new psychoactive substances, and in particular Article 5b paragraph 5 and 8 according to which the details of the cooperation between the EMCDDA and Europol on the collection of information on the involvement of criminal groups in the manufacture, distribution and distribution methods, and trafficking of the new psychoactive substance, and in any use of the new psychoactive substance shall be governed by working arrangements to be concluded in accordance with the second paragraph of Article 20 of the EMCDDA Regulation,

Whereas it is necessary to replace the cooperation agreements signed between the Parties in 2001 and 2005,

Have agreed as follows:

Article 1

Purpose

The purpose of this Working Arrangement is to establish cooperative relations between Europol and the EMCDDA within the existing limits of the respective legal frameworks in particular through the exchange of information between the Parties. The cooperation will not extend or go beyond the Parties’ respective mandates, and will not include the exchange of personal data.

Article 2

Definitions

For the purpose of this Arrangement:

1. “Europol Regulation” shall mean Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA;
2. “personal data” means any information relating to an identified or identifiable natural person, an identifiable person being a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data or an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person;
3. “information” means non-personal data.

Chapter I – Scope

Article 3

Areas of criminality

The cooperation as established in this Working Arrangement shall relate to the relevant areas of criminality within the mandate of both Parties. Due to specifically the significant overlap of drug-related criminality with other areas of criminality and the actors engaging in it, the cooperation between the Parties may also include terrorism, migrant smuggling and trafficking in human beings and other areas of criminality where links to drugs, whether systematic or not, have been identified.

Article 4

Areas of cooperation

1. The cooperation may, additional to the exchange of information under the conditions laid down in this Working Arrangement, in particular include the exchange of specialist knowledge, general situation reports, results of strategic analysis, information on criminal investigation procedures, information on crime prevention methods, and participation in training activities.
2. Cooperation between the Parties will be focused on drugs and related matters, in particular, information regarding the production, trafficking and distribution of drugs, drug precursors and new psychoactive substances (including online activities).
3. The Parties shall work together to improve the collection of drug-related data and information from the EU Member States.
4. The Parties shall cooperate in the preparation of joint analyses and the dissemination of information, including rapid threat assessments, early warning notifications and targeted briefings either upon request of the European institutions, a Member State or on their own initiative.
5. The Parties shall cooperate to produce a joint in-depth strategic analysis of EU Drug Markets and publish a report every three years.
6. The Parties may request each other’s expertise and assistance in respect of areas of mutual concern, including training activities and technical missions.

Article 5

Cooperation in relation to Regulation 2017/2101

1. In accordance with Article 5 of Regulation (EU) 2017/2101, Member States are foreseen to provide EMCDDA and Europol with their available information on new psychoactive substances in a timely manner and without undue delay. The EMCDDA, in cooperation with Europol, shall collect, collate, analyse and assess the information and communicate it in a timely manner to the national focal points and the Europol national units as well as to the Commission with a view to providing them with any information required for the purposes of early warning and for the purposes of allowing the EMCDDA to draw up the initial report or the combined initial report pursuant to Article 5b of said Regulation.
2. Upon request by the EMCDDA, for the purpose of preparing the initial report foreseen in Article 5b of Regulation (EU) 2017/2101, Europol shall, within three weeks of receiving the request, provide in line with its legal framework, information to the EMCDDA on any involvement of criminal groups in the manufacture, distribution, distribution methods and trafficking of the new psychoactive substance subject to the just reference report, and in any use of the new psychoactive substance

Chapter II – Mode of cooperation

Article 6

Point of Contact

The Parties will designate a single point for official contact in order to maintain institutionally coordinated cooperation while affording technical experts the freedom to exchange information in accordance with the terms of this document.

Article 7

Consultations and closer cooperation

The Parties agree that to further the cooperation and enhance as well as monitor the development of the provisions of this Arrangement, regular exchanges, as appropriate, are integral. Specifically:

1. High level meetings between Europol and the EMCDDA shall take place regularly to discuss issues relating to this Arrangement and the cooperation in general.
2. The EMCDDA and Europol shall consult each other regularly on policy issues and matters of common interest for the purpose of realising their objectives and coordinating their respective activities.

Chapter III - Information exchange

Article 8

General provisions

1. Exchange of information between the Parties can only take place in accordance with their respective legal framework and in accordance with the provisions of this Arrangement.
2. Parties shall only supply information to each other which was collected, stored and transmitted in accordance with their respective legal framework and has not been clearly obtained in obvious violation of human rights.
3. Requests for public access to information transmitted on the basis of the present Arrangement shall be submitted to the transmitting Party for their advice as soon as possible.

Article 9

Use of the information

1. Information if transmitted with a purpose may be used only for the purpose for which it was transmitted and any restriction on its use, deletion or destruction, including possible access restrictions in general or specific terms must be respected by the Parties.
2. Use of information for a different purpose than the purpose for which the information was transmitted must be authorised by the transmitting Party.

Article 10

Onward transmission of the information received

Any onward transmission, including to Union bodies, third States and international organisations, must receive the prior explicit authorisation by the Parties, in specific or in general terms. Such consent may only be given when allowed under the applicable legal framework of the transmitting Party.

Article 11

Assessment of the source and of the information

1. When information is supplied by the Parties on the basis of this Arrangement, the reliability of the source of the information shall be indicated as far as possible on the basis of the following criteria:
   1. Where there is no doubt of the authenticity, trustworthiness and competence of the source, or if the information is supplied by a source who, in the past, has proved to be reliable in all instances;
   2. Source from whom information received has in most instances proved to be reliable;

3. Source from whom information received has in most instances proved to be unreliable;

10. The reliability of the source cannot be assessed.

2. When information is supplied by the Parties on the basis of this Arrangement, the accuracy of the information shall be indicated as far as possible on the basis of the following criteria:

1. Information whose accuracy is not in doubt;
2. Information known personally to the source but not known personally to the official passing it on;
3. Information not known personally to the source but corroborated by other information already recorded;
4. Information which is not known personally to the source and cannot be corroborated.

3. If either of the Parties, on the basis of information already in its possession, comes to the conclusion that the assessment of information supplied by the other Party needs correction, it shall inform the other Party and attempt to agree on an amendment to the assessment. Neither of the Parties shall change the assessment of information received without such agreement.
4. If a Party receives information without an assessment, it shall attempt as far as possible and in agreement with the transmitting Party to assess the reliability of the source or the information on the basis of information already in its possession.
5. If no reliable assessment can be made, or no agreement in general terms exists, the information shall be evaluated as at paragraph 1 (X) and paragraph 2 (4) above.

Article 12

Data security

The Parties shall ensure that the information exchanged or received is protected through technical and organisational measures. Such measures shall only be necessary where the effort they involve is proportionate to the objective they are designed to achieve in terms of protection, and will be designed to:

1. 1. 1. 1. deny unauthorised persons access to data processing equipment used for processing personal data (equipment access control);
         2. prevent the unauthorised reading, copying, modification or removal of data media (data media control);
         3. prevent the unauthorised input of personal data and the unauthorised inspection, modification or deletion of stored personal data (storage control);
         4. prevent the use of automated data- processing systems by unauthorised persons using data- communication equipment (user control);
         5. ensure that persons authorised to use an automated data- processing system have access only to the personal data covered by their access authorisation (data access control);
         6. ensure that it is possible to verify and establish to which bodies personal data may be or have been transmitted using data communication equipment (communication control);
         7. ensure that it is possible to verify and establish what data have been accessed by which member of personnel and at what time (access log);
         8. ensure that it is possible to verify and establish which personal data have been input into automated data- processing systems and when and by whom the personal data were input (input control);
         9. prevent the unauthorised reading, copying, modification or deletion of personal data during transfers of personal data or during transportation of data media (transport control);
         10. ensure that installed systems may, in the event of interruption, be restored immediately (recovery);
         11. ensure that the functions of the system perform without fault, that the appearance of faults in the functions is immediately reported (reliability) and that stored personal data cannot be corrupted by system malfunctions (integrity).

Chapter IV – Confidentiality of information

Article 13

Principles of security and confidentiality

Each Party shall:

1. protect and safeguard unclassified information subject to this Working Arrangement and the Agreement on Confidentiality referred to in Article 14, with the exception of information which is expressly marked or is clearly recognisable as being public information, by various measures including the obligation of discretion and confidentiality, limiting access to authorised personnel and general technical and procedural measures;
2. protect and safeguard classified information subject to this Arrangement and the Agreement on Confidentiality referred to in Article 14;
3. ensure that it has a security organisation, framework and measures in place. The Parties mutually accept and apply the basic principles and minimum standards implemented in their respective security systems and procedures to ensure that at least an equivalent level of protection is granted for classified information subject to this Arrangement;
4. ensure that the premises where information subject to this Arrangement is kept have an appropriate level of physical security in accordance with the respective legal framework of the Party;
5. ensure that access to and possession of information is restricted to those persons who by reason of their duties or obligations need to be acquainted with such information or need to handle it;
6. ensure that all persons who, in the conduct of their official duties require access or whose duties or functions may afford access to classified information shall be subject to a basic security screening in accordance with the respective legal framework of the Party;
7. be responsible for the choice of the appropriate classification level for information supplied to the other Party;
8. ensure that classified information subject to this Arrangement keeps the classification level given to it by the originating Party. The receiving Party shall protect and safeguard the classified information according to its legal framework for the protection of classified information holding an equivalent classification level;
9. not use or permit the use of classified information subject to this Arrangement except for the purposes and within any limitations stated by or on behalf of the originator, without the written consent of the originator;
10. not disclose or permit the disclosure of classified information subject to this Arrangement to third parties, without the prior written consent of the originator.

Article 14

Agreement on Confidentiality

The protection of the information exchanged between the Parties, shall be regulated by specific provisions on confidentiality to be agreed between the EMCDDA Director and the Executive Director of Europol implementing the principles outlined in this Chapter. These shall include, in particular, provisions on the Parties’ security organisation, education and training, standards of security screening, table of equivalence, handling of classified information and values of information assurance. Exchange of classified information is conditional upon the conclusion of the agreement on the aforementioned provisions on confidentiality.

Chapter V - Disputes and liability

Article 15

Liability

1. The Parties shall be liable, in accordance with their respective legal frameworks, for any damage caused to an individual as a result of legal or factual errors in information exchanged. In order to avoid its liability under their respective legal frameworks vis-à-vis an injured party, neither Party may plead that the other had transmitted inaccurate information.
2. If these legal or factual errors occurred as a result of information erroneously communicated or of failure on the part of the other Party to comply with their obligations, they shall be bound to repay, on request, any amounts paid as compensation under paragraph 1 above, unless the information was used by the other Party in breach of this Arrangement.
3. The Parties shall not require each other to pay for punitive or non-compensatory damages under paragraphs 1 and 2 above.

Article 16

Settlement of disputes

1. All disputes which may emerge in connection with the interpretation or application of the present Arrangement shall be settled by means of consultations and negotiations between representatives of the Parties.
2. In the event of serious failings of either Party to comply with the provisions of this Arrangement, or a Party is of the view that such a failing may occur in the near future, either Party may suspend the application of this Arrangement temporarily, pending the application of paragraph 1. Obligations inherent upon the Parties under the Arrangement will nonetheless remain in force.

Chapter VI - Final provisions

Article 17

Secure communication line

1. The establishment, implementation and operation of a secure communication line for the purpose of exchange of information between Europol and EMCDDA is agreed upon between the Parties. It is regulated in a Memorandum of Understanding.
2. Without prejudice to Article 15 of this Arrangement, a Party shall be liable for damage caused to the other Party as a result of wrongful actions relating to the establishment, the implementation or the operation of the secure communication line.
3. Any dispute between the Parties concerning the interpretation or application of provisions relating to the establishment, implementation and operation of a secure communication line shall be settled in accordance with Article 16 of this Arrangement.

Article 18

Expenses

The Parties shall bear their own expenses which arise in the course of implementation of the present Arrangement, unless otherwise stipulated in this Arrangement.

Article 19

Amendments and supplements

This Working Arrangement may be amended in writing, at any time by mutual consent between the Parties. Any amendments must receive the approval of the Parties’ respective governing bodies.

Article 20

Entry into force and validity

This Working Arrangement shall enter into force on the date of [the last] signature.

Article 21

Repeal of Existing Cooperation Agreement

The present Working Arrangement repeals and replaces the Cooperation Agreement concluded by the Parties on 19/11/2001. The legal effect already produced by these agreements shall remain in force. The legal instruments concluded between the Parties in relation thereto shall remain into force until repealed.

Article 22

Termination of the Arrangement

1. This Working Arrangement may be terminated in writing by either of the Parties with three months’ notice.
2. In case of termination, the Parties shall reach agreement on the continued use and storage of the information that has already been communicated between them. If no agreement is reached, either of the two Parties is entitled to require that the information which it has communicated be destroyed or returned to the transmitting Party.
3. Without prejudice to paragraph 1 above, in case of termination of this Working Arrangement the legal effects already produced by the latter shall remain in force.

Done at Lisbon, [insert date] Done at The Hague, [insert date]

In duplicate in English