A black box since the 80s, the elusive Club de Berne has been influencing European and other states’ intelligence activities with little public knowledge or consent for decades. The once informal organisation bringing together heads of EU security services is morphing into a proper institution. Operating transnationally, the Club evades the few legal and regulatory frameworks that exist on international intelligence cooperation.

In November 2019, the Austrian Newspaper “Oesterreich” published an internal document of the Club de Berne (CdB), thus giving the ominous secret service club the biggest leak in its history. Until then, the little official information about the CdB was always the same; it was described as an “informal club” that brings together the heads of the secret services of the EU states, as well as Switzerland and Norway. However, as recent research proved, the Club is much more than that. An as yet unpublished document shows that at least in 2011, the FBI, the CIA, and the Israeli foreign intelligence service Mossad, among others, were involved in exchanges of information within the CdB.

The active involvement of non-European services in the CdB stands in sharp contrast with the publicly portrayed image of an inner-European exchange between intelligence services. Even though the CdB has grown significantly over the past years, it acts outside any democratic control – not in Switzerland and not in the other nations that have their services participate in the CdB. It has never been embedded into an institutional framework despite constantly acquiring new areas of responsibility. Due to the growing area of executive activity that is out of reach for the public, i.e. independent oversight and effective remedy, the Club de Berne is not tenable, for it equips government actors with unchallenged power. This must change.



The influential transnational guild

Swiss historian Aviva Guttmann has intensively studied the founding phase of the Club de Berne as part of her research work on Swiss counter-terrorism. Her research shows that the Club exchanged information beyond Europe already shortly after its foundation in 1969. At that time, nine Western European secret services shared information about Palestinian terrorists and their supporters with the Israeli domestic and foreign secret services Shin Beth and Mossad, as well as the American FBI. The exchange took place via an encrypted telegram system called Kilowatt. From 1974 onwards, a second telegram system called Megaton existed, which concerned non-Palestinian terrorism.

“To date, neither the public, nor Parliament, nor other departments have been informed of the existence, let alone the extent, of the practices of this secret service exchange”, Guttmann notes. Her research work in the Swiss Federal Archives however, does not go beyond the 1980s, as more recent files are subject to the usual 30- to 50-year retention period for documents held by federal authorities. Since then, the CdB has largely been a black box.



Beyond Europe

Because official information provided by political authorities on the Club is scarce and misleading, the secret CdB document — made public last November by ‘Oesterreich’ — is all the more revealing. Specifically, the case concerns a security check carried out by the CdB in February 2019 at the Austrian secret service BVT (Federal Office for the Protection of the Constitution and Counter-Terrorism). The audit gave the BVT a miserable report. There were considerable shortcomings in the area of building security and in the security checks on staff; above all, cyber security was rated as absolutely negligent. It assessed that even moderately talented hackers could use the internal BAT network to penetrate “Poseidon”, the CdB’s IT-network.

The leaked report offers an unprecedented insight into the inner workings of the Club. Responsible for the security assessment that took place on 13 February 2019, at the Vienna BVT headquarters, is “Soteria”, an internal group of the CdB. This group included the secret services of Switzerland, Great Britain, Germany and Lithuania. The event in Vienna shows how the CdB has expanded its remit and how its self-image no longer squares with that of an informal ‘old boys’ strategy club. In addition — and contradictory to the Club’s official claims that it is a purely intra-European cooperation — a previously unknown document from 2011 shows that since the 1970s the CdB has grown into a larger network.

Within the Club’s communication network, a list called “Capriccio” organises the exchange on Islamic extremism. In 2011, in addition to 27 EU services and the services from Switzerland and Norway, several non-European secret services were listed in the following code number order: 06 Mossad (Tel Aviv), 12 CSIS (Ottawa), 19 FBI (Washington), 22 ASIO (Canberra), 25 NZSIS (Wellington), 28 CIA (Brussels) and 94 ISA (Tel Aviv). A second document, also from 2011, reveals another mailing list: “Toccata” is used for the exchange of information on non-Islamic terrorism. Unlike “Capriccio”, however, it does not include the Mossad, the CIA, or the ISA (Israeli Security Agency). The same document proves that the Club is also exchanging information on left and right wing extremism through the mailing list “RILE”.



The Counter Terrorist Group: having your cake and eating it too

The massive extension of the CdB’s competences and infrastructure over the last decades can best be seen by a subgroup of the Club: the Counter Terrorist Group (CTG).

A press release of the Swiss Federal Police (Fedpol) about a 2004 meeting of the Club in Switzerland mentions the institutionalisation of the CTG. The latter had been founded in 2001 as a CdB subgroup – aimed to become an interface with the EU in the area of counter-terrorism. “The CTG will play a key role in pursuing the key objectives set out in the European Council Declaration on Combating Terrorism”, says the press release. Furthermore, the CTG is a “forum for experts to develop practical cooperation and a better understanding of terrorist threats”.

In other words, since 2004, the Club, or rather its CTG subgroup, has been an important source for terrorist threat analyses by the European security authorities. The CTG produces “threat analyses for leading politicians at EU level”, based “on information from member services that have access to all relevant intelligence”. This makes it clear that through its analyses, the CTG significantly influences the focus of national security and representative bodies – and thus also the political security discourse within its Member States.

The CdB is morphing into a proper transnational institution with administrative structures and executive powers without that process being accompanied by statutory provisions and oversight mechanisms. In general, the CTG’s field of activity is constantly expanding. In the 2018 Annual Report of the Europol Police Agency, two table-top exercises were identified with the CTG, in which the Centre for Counter-Terrorism (ECTC), the Centre for Migrant Smuggling (EMSC), and the Europol Internet Content Disclosure Office also participated. This cooperation is to be further “improved”. Regardless of the fact that the EU has no mandate to do so, clearly EU institutions cooperate with the CTG and, therefore, also with the CdB.

The Austrian historian and intelligence expert Thomas Riegler finds this extremely problematic: “Since they are not officially embedded in the institutional architecture of the EU, nor are they based on a contractual agreement, both institutions — the Club de Berne and the Counter Terrorist Group — are merely bound by the national laws of their respective states. There is no uniform regulation on this”, he says. Many Member States have only very fragmented and not yet extensive laws on the dos and don’ts when it comes to intelligence cooperation.

“That makes the legal question very difficult. The Club and CTG do not follow any overriding rules. And since the national laws differ greatly, control becomes impossible”, Riegler notes. “Who are the services actually working for? It gives the impression that they are working for themselves rather than serving the public and the government”. It is important to understand that senior officials within the services often accumulate massive power and pursue their own interests. An alegal — neither legal nor illegal, since there are so few rules — platform like Club de Berne reinforces this effect.



Stonewalling

In light of these untenable circumstances of denial and accountability evasion, it is irritating that governments and other officials steadfastly refused to practically share any information with the public, referring to the so-called “Third Party Rule”. In mid-March, Andrej Hunko, member of the German Bundestag, asked the federal government about the scope of the exchange of information in the Club de Berne. He wanted to know whether the federal government tried “to obtain a release request to the services” in order to “meet Parliament’s need for information”. Once again, the questions remained unanswered with reference to the welfare of the state. Hunko continues to insist on clarification: “With the CTG operational platform, the German domestic secret service — the Federal Office for the Protection of the Constitution (BfV) — has become a de facto foreign secret service since 2016. This requires publicity, because it is a serious problem of democracy if nothing is allowed to be known about this shift”.

The situation looks similar in Switzerland, where in-depth questions were raised, based on the results of the research done by the two authors. The Swiss intelligence service replied extremely succinctly: “FIS works together with over 100 foreign partner services. This list is approved by the Federal Council and is classified, which is why the FIS does not comment in principle on cooperation with its partner services”.

Further, in November 2016, netzpolitik.org reported in detail for the first time on an “operational platform” that the CTG now maintains at the headquarters of the Dutch secret service AIVD, near The Hague. When asked, AIVD also stonewalled, “we never comment on Club de Berne”. Thus far, only the Dutch oversight body has been granted access to the site where the CTG’s operational platform sits. They too, it is worth noting, feel there needs to be multilateral oversight.

In addition, questions were sent to Switzerland’s “independent supervisory authority on intelligence activities”, the AB-ND, the parliamentary supervisory body GPDel (business audit delegation), and the Swiss Federal Data Protection Commissioner. All three supervisory authorities confirm that they are aware of the Club and the CTG and all refused to comment on the topic.

At CTG’s operational platform near The Hague, the services involved exchange information on measures and threats in real time. Also present are “joint operations teams in various formats and on various topics”, as Dutch Intelligence Director Rob Bertholee noted in a speech. Two years later, the Dutch supervisory authority CTIVD published an audit report on the CTG database “Phoenix”, which collects personal data on jihadists. The report found, for example, that the quality management of the data fed into the database was inadequate. It also revealed that U.S. intelligence services enjoy “observer status” within the CTG – but what exactly this means remains unclear. The authors of this article submitted a total of seven requests for their report to the CTIVD, all of which remain unanswered.



The tip of the iceberg

What emerges from these different snippets of information is that the Club de Berne has turned into an ever-consolidated intelligence organisation. This encompasses an operational platform in The Hague, joint operation teams, and an exchange of information, which also includes non-European services. As the Swiss historian Adrian Hänni traces in an essay, the CdB is incidentally only the tip of the iceberg of secretly operating platforms: “These clubs, which operate almost exclusively in secret and hardly ever appear in media coverage, include the Club de Berne’s Counter Terrorist Group (CTG), the Paris-based group SIGINT Seniors, the Police Working Group on Terrorism (PWGOT), and the G 13+”.

National laws, such as the new Swiss Intelligence Service Act, allow cooperation with foreign services and the disclosure of personal data to such services. However, there is no legal basis for multilateral intelligence cooperation within the CdB. Consequently, there is no provision for supervision. As the example from Vienna shows, the Club is not accountable to anyone. Furthermore, as Thorsten Wetzling, in his capacity as head researcher on democratic surveillance governance at Stiftung Neue Verantwortung, pointed out in his interview for our newspaper WOZ, this vacuum of supervision is dangerous in terms of the democratic legitimacy of European security and intelligence politics. He sees an urgent need to work towards the harmonisation of legal protection standards across Europe, including a modernisation and extension of supervisory powers.



A lack of restraint

In the end, many — too many — questions of public interest remain unanswered about Club de Berne. What is clear to us, however, is that the apparent balancing between monitoring telephone conversations and internet activity on the one hand and stronger safeguards and effective oversight on the other hand in the 2017 Swiss intelligence law, is a pure illusion. The law was intended to give intelligence bodies a massive increase in their powers, but also to include stronger supervision. We are convinced that the reality is different: the Swiss secret service is unleashed, and through its international entanglements such as the CdB and the CTG, operates in a room without supervision. So far, the controlling authorities not only tolerate this, they justify it. Whether supranational legal regulations will be able to change this and curb the power of secret services remains to be seen.