Ref. Ares(2019)5885061 - 20/09/2019
EUROPEAN COMMISSION
NEIGHBOURHOOD AND ENLARGEMENT NEGOTIATIONS
The Director-General
Brussels,
Subject:
Your application for access to documents – Ref. GestDem 2019/4520
Dear Mr Omanovic,
I refer to your application dated 2 August 20191, registered on the same date under the
above-mentioned reference number2, in which you make a request for access to:
‘documents which contain the following information
-
A list of companies and entities which were rewarded contracts for
establishing the system for legal interception of communications located in
the State Investigation and Protection Agency (SIPA) in Bosnia-Herzegovina,
how much that entity was rewarded, and for what purpose;
-
Due diligence checks or risk assessments which were conducted prior to the
establishment of the system;
-
A copy of any privacy or data protection impact assessments conducted
regarding the establishment of the system’.
Regarding your first query, please be informed that only one company was awarded a
contract in relation to the action that you describe, and this company was Ericsson Nikola
Tesla d.d of Croatia. The contract in question was Supply Contract for European
Community External Actions No 2006/131-530 and the total maximum contract price
was EUR 986,791.25.
1 Ref. Ares(2019)5084553.
2 Ref. Ares(2019)5087414.
Mr Edin Omanovic
Privacy International
62 Britton Street
London EC1M 5UY
United Kingdom
Advance copy by email:
xxxxxxxxxxxxxxxxxxxxxxxxx@xxxxxxxx.xxx
Commission européenne/Europese Commissie, 1049 Bruxelles/Brussel, BELGIQUE/BELGIË - Tel. +32 22991111
I regret to inform you that access cannot be granted to any document that contains
information on the exact purpose of this contract. Article 4(1)(a), first indent of
Regulation (EC) No 1049/20013 imposes on the Commission the obligation to refuse
access to a document, where its disclosure would undermine the protection of the public
interest as regards public security. I consider that the disclosure of such document would
indeed jeopardize public security in Bosnia and Herzegovina. The confidential nature of
the information contained therein lies in the fact that the equipment supplied, provided
the investigation and intelligence agencies of Bosnia and Herzegovina with the capability
to lawfully intercept fixed and mobile line telephony, a crucial tool in modern criminal
and terrorism investigations. Dissemination of the information included in the technical
specifications would necessarily reveal certain strategic aspects of the fight against crime
and terrorism in Bosnia and Herzegovina, such as the sources of information, the nature
of that information or the level of surveillance to which suspected persons are subjected.
Therefore, I conclude that the information in question must not be disclosed to the public
in order not to prejudice the effectiveness of the operational fight against crime and
terrorism in Bosnia and Herzegovina and thus, undermine the protection of public
security.
With regard to the second and third indents of your application, please be aware that the
Commission does not hold any documents that contain information on due diligence
checks, risk assessments, or privacy / data protection impact assessments conducted in
relation to the establishment of the system described in your query. The contract in
question only concerns the purchase of the equipment. The responsibility for the
implementation of the project lies with the competent authorities in Bosnia and
Herzegovina thus, the legal requirements with regard to the functioning of the system,
including data protection, should be in line with the applicable legal framework in Bosnia
and Herzegovina.
In fact, a clear legal framework for the implementation of the project was established
towards this end. The Law on Communications of Bosnia and Herzegovina was amended
accordingly (Official Gazette of Bosnia and Herzegovina, No. 31/03 and 75/06). In
addition, two decision were adopted by the Council of Ministers of Bosnia and
Herzegovina for the same purpose, among others setting up a Joint Steering Committee
for the lawful interception of telecommunications.4 The Joint Steering Committee
includes representatives of the Intelligence – Security Agency of Bosnia and
Herzegovina, SIPA and the Ministry of Security. Furthermore, a series of working
groups reporting to the Joint Steering Committee have been established order to oversee
the implementation of specific aspects of the project.
3 Regulation (EC) No 1049/2001 of the European Parliament and of the Council of 30 May 2001 regarding
public access to European Parliament, Council and Commission documents, OJ L 145, 31.5.2001, p. 43.
4 Decision on special obligations of legal and physical persons that provide telecommunications services,
administer telecommunication networks and perform telecommunications activities, in relation to
providing and maintaining capabilities to enable authorised agencies to carry out lawful interception, as
well as in relation to the retention and provision of telecommunications data which was adopted by the
Council of Ministers on 14 November 2006, as amended by the Decision adopted by the Council of
Ministries on 31 May 2007; and
Decision on the composition of the Joint steering Committee for lawful interception of telecommunications
and the manners of performing its activities, which was adopted by the Council of Ministers, on 31 May
2007.
2
As specified in Article 2(3) of Regulation (EC) No 1049/2001, the right of access as
defined in that regulation applies only to existing documents in the possession of the
institution.
Given that no such documents, corresponding to the description given in your
application, are held by the Commission, the Commission is not in a position to fulfil
your request.
In accordance with Article 7(2) of Regulation (EC) No 1049/2001, you are entitled to
make a confirmatory application requesting the Commission to review this position.
Such a confirmatory application should be addressed within 15 working days upon
receipt of this letter to the Secretariat-General of the Commission at the following
address:
European Commission
Secretariat-General
Transparency, Document Management & Access to Documents (SG.C.1)
BERL 7/076
B-1049 Bruxelles
or by email to: xxxxxxxxxx@xx.xxxxxx.xx
Yours sincerely,
(e-signed)
Christian Danielsson
3
Electronically signed on 20/09/2019 15:08 (UTC+02) in accordance with article 4.2 (Validity of electronic documents) of Commission Decision 2004/563