Since 1992, the Maastricht Treaty has established the free movement of goods, services, capital, and persons. Travelling to the territory of another Member State is a great opportunity for young people to develop themselves, boost their future professional opportunities, learn from others, make contacts, and complement their culture. In an ever-changing world, the need to adapt and be mobile is even more relevant for today's youth. However, as a French student studying in the Netherlands, I realized that many students, including myself, were not aware of their rights under EU law. We are all aware of our national citizenship, but few know much about their European citizenship, which was introduced in 1992 and is now codified in Art. 20 (1) TFEU that reads:

Citizenship of the Union is hereby established. Every person holding the nationality of a Member State shall be a citizen of the Union. Citizenship of the Union shall be additional to and not replace national citizenship.

This article aims to inform young people about their rights given by European citizenship in higher education, which may encourage them to consider a period of study abroad. For this reason, it will solely focus on EU nationals and not on third-country nationals. 

To provide guidance and make these complex terms more understandable, an example of a German student named Alix, wishing to start her bachelor's degree in European Studies in Maastricht, starting in September 2022 will be used.

 Right to free movement

Article 18 TFEU states that “any discrimination on grounds of nationality shall be prohibited.” It means that everyone should be treated the same, irrespective of their nationality and that any direct or indirect discrimination, is forbidden. Direct discrimination occurs when people are discriminated against because of their nationality, that is, when a national and a foreign student are treated differently in law and fact. Indirect discrimination occurs when, nationals and foreign students are treated equally in law but in fact, the foreign person must deal with an extra burden. In the case law Commission v Austria C-147/03, students had to provide evidence of a diploma and show that they would have satisfied entrance to their home-country university. The court ruled that this requirement is likely to affect nationals of other Member States more than nationals of the Member State concerned so that the difference in treatment established by that national rule entails indirect discrimination contrary to the principle of non-discrimination on grounds of nationality contained in Article 18 TFEU. 

However, this type of discrimination can sometimes be justified by justification laid down in cases Bressol C-73/08 and Commission v Austria C-147/03, as long as the measure is proportionate. It must be suitable to achieve the aim, meaning that there is no less restrictive measure able to do it.

In the case where Alix would like to study in another Member State in the EU (the Netherlands), she should not face obstacles that run counter to the principle of equal treatment. She must not be refused access to university purely based on her nationality; she must be subject to the same acceptance criteria to which all nationals are entitled.

Residence rights of students

Let us assume that Alix has been accepted into her university in the Netherlands and, she is looking for housing. She is wondering whether she has the right to reside in the Netherlands, or if she should apply for a visa.

Articles 20 and, more specifically, 21 TFEU highlight that any citizen of the Union shall enjoy the right of free movement. Article 21(1) TFEU reads:

“Every citizen of the Union shall have the right to move and reside freely within the territory of the Member States”.

This provision is further elaborated in Directive 2004/38/EC which expands the treaty provisions and lays down specific conditions and limitations. To take advantage of the benefits of the Directive, Alix must satisfy its personal and material scope. The personal scope corresponds to the beneficiaries of the Directive. Article 3(1) states that “This Directive shall apply to all Union citizens who move to or reside in a Member State other than that of which they are a national, and to their family members as defined in point 2 of Article 2 who accompany or join them.” Alix is an EU citizen moving from Germany to the Netherlands, thus the personal scope is fulfilled. Moving on, the material scope is what the Directive covers substantively. It provides for the conditions of lawful residence. The Directive does not cover wholly internal situations but only when there is a cross-border element. This is also fulfilled, as Alix wishes to cross the German-Dutch border in to study in the Netherlands, a country which is not the Member State of her nationality. Therefore, as an EU citizen wishing to study in another Member State, she can rely on this Directive.

If a student wants to stay in another Member State for three months, article 6(1) states that a Union citizen shall enjoy the right of residence on the territory of another Member State for the period of three months without conditions other than a valid identity document.

If a student wants to stay in another Member State between three months and 5 years, which is the most common situation for the students, they can rely on article 7(1)(c) of the directive. They need to fulfil certain conditions:

• Be enrolled in a private or public establishment, accredited, or financed by the host Member State;

• Have comprehensive sickness insurance cover in the host Member State and must inform the relevant national authorities in line with the national rule, and

• Have enough resources not to become a burden on the social assistance system of the host Member State.

If a student wants to stay in another Member state for more than 5 years, article 16 applies. A student who has registered legally for a continuous period of 5 years in the host Member State can acquire the right to live there permanently and be treated the same way as a national.

Eligibility for benefits

Assuming that Alix is enrolled at a university and knows that she can legally reside in the Netherlands, she is wondering if she is eligible for any study benefits.

The financial benefit from the home Member State 

Many Member States provide loans or grants to help their own students with their living costs when studying. Under the current law, the choice to grant such aid lies with the Member States. If they decide to do so, they must not restrict or discourage a student from exercising their right to free movement within the European Union (Thiele Menes C-220/12).

The financial aid from the host Member State 

The issue of financial aid from the host Member State (the State to which a student moves) is explained in Directive 2004/38/EC. This Directive explicitly excludes maintenance grants and loans from the principle of equal treatment. Article 24 states that host Member States are not obliged to extend social assistance, to grant maintenance aid for studies, including vocational training constituting student grants or student loans to students prior to the acquisition of the right of permanent residence, equivalent to 5 years residence.

Conclusion 

Summing up the above considerations and applying them to the case of Alix, she is now aware of her rights under EU law. She knows that she has as much chance as nationals to be accepted in a school in another EU country. She can also reside lawfully in that Member State where she is studying. However, most likely she will not receive financial aid from the host country, the Netherlands. She will have to ask her home Member State Germany if she is eligible for benefits.

This article was inspired by the EU Law II course given in the second year of the European Studies bachelor programme at Maastricht University, coordinated by Dr Andrea Broderick.

The war in Ukraine has sparked global attention because of the physical harm that affected Ukrainian civilians and cities. European media focused on the impact of tanks, ballistic missiles, military convoys, drones, and fighter jets that the Russian Federation deployed on Ukrainian territory.  Nevertheless, if Europe believes these to be the overarching menaces to European security, we might have missed a much wider scope of threats that are already affecting us directly. Along with what it called a “special military operation”, Russia launched a range of Distributed Denial of Services (DDoS) attacks on Ukraine, which are cyberattacks that disrupt the normal functioning of a server or network. DDOS aimed at introducing malware into Ukraine’s banking system, government-related websites, civilian infrastructure, and spreading disinformation. NATO and EU Member States sent dozens of teams of experts in cybersecurity to help respond to such non-conventional attacks by Russian hackers. Moreover, some 300,000 volunteers from all over the world have joined Ukraine’s IT Army, sponsored by the Ukrainian defence ministry. Unfortunately, these efforts might not be enough if you consider the quantity of data available in cyberspace. 

A key term that increasingly appears in the debate about cybersecurity is ‘granularity’ – the level, or scale, of precision and detail of a given data structure. At first glance, data does not provide any strategically valuable insight, however, if combined with other data structures it can reveal very sensitive information. For example, in the U.S. some police officers were able to find out in a few minutes who were the individuals attacking Capitol Hill on January 6 last year or to identify those who participated in riots after George Floyd was killed. It was done by aggregating facial recognition from billions of pictures, allowing them to identify and track the individuals they were looking for. Alternatively, in 2017, an Australian hacker decided to amuse himself by posting information on social media that revealed the activities of secret U.S. military bases in Afghanistan. The same person released personal data of individuals working in a French base in Niger, and an Italian one in Djibouti. 

This aggregation of relevant data structures is explained by the ‘mosaic theory’. It establishes that when apparently meaningless parcels of data are selectively merged, a single coherent piece of information can be derived from it. This data is readily collected not only through our phones and computers, but also from smart-watches, -refrigerators, -showers, -cars, -bikes, -lamps, -toilets, -speakers, etc. The Internet of Things (IoT) is an awesome tool as it enables physical objects with sensors and processing ability to exchange data with each other on the Internet, thus enhancing the ability of those products to mutually help each other in order to better satisfy our needs. But the IoT still allows our geopolitical rivals, such as Russia, to be aware of where we are, how we are behaving, and for how long. If Russians would manage to merge huge amounts of EU citizens’ personal data, they could draw very precise conclusions about us, Europeans. They are already observing our social media contents, our search engine tendencies, our pictures, and our apps. By combining all this information into a single mosaic, they are going to improve their ability to design strategies to harm us with DDoS and disinformation campaigns.

Now, this is no longer possible since the European Parliament and Council found a consensus on the Artificial Intelligence Act. This piece of legislation, which is the first-ever regulatory framework for AI technologies, is primarily related to data protection and harmonisation of the AI market between the Member States. Firstly, it establishes what kind of personal (granular) data can be collected from consumers, how and where it can be processed, and with whom and for what purposes it can be shared. Secondly, it harmonises the regulatory framework concerning the use of algorithms, previously decided by the Member States, in products that include AI technology. What needs to be stressed with this long introduction to cybersecurity, however, is that the AI Act completely avoids addressing AI’s importance in cybersecurity. The legal basis that was used by the Commission to propose the AI Act is Art. 114 of the Treaty on the Functioning of the EU (TFEU). This Treaty provision is the most widely used legal basis since it relates to the functioning of the internal market, which prevents market-oriented legislation from being interpreted in light of the current geopolitical situation. 

No matter how market-oriented this legislation might be, the AI Act inevitably and unintentionally assumes a geopolitical value. It limits foreign actors’ ability to access EU citizens’ data, which restrains their success in carrying out DDoS and disinformation campaigns. The comparative advantage in cyber warfare is represented by the amount of data available to one actor relative to the amount available to all other actors: the more parcels you have, the better you can be at obtaining a ‘mosaic’ that gives you a strategic advantage over the others. If hackers can architect their attacks on a smaller amount of data, the impact of their actions will be lessened, since they will be able to target individuals, firms and governments less precisely and on less relevant fronts. Therefore, by limiting the amount of data that stems from products that involve AI technology (especially in the IoT), the AI Act protects us from being attacked in an effective manner, ultimately preventing the EU’s Internet infrastructure from suffering major disruptions. 

Summing up, the lessons that can be derived from the impact of the AI Act on geopolitics and on European cybersecurity are twofold:

1. Privacy is not just individual liberty and a right that EU citizens enjoy in the form of a legal principle, but is also a tool to be used to prevent foreign actors from acquiring precise ‘mosaics’ about EU citizens’ behaviour. Data protection must be relevant not only in an economic and commercial context, where firms are prevented from using data to extensively target customers, engage in unfair competition, and use algorithms in a discriminatory and unethical manner. It is also a security tool to prevent our geopolitical rivals from acquiring too much strategic advantage over the EU itself. The AI Act will make things much harder for Russian hackers to attack our IoT network and algorithms (through DDoS), or to use our data entailed in it in order to obtain clearer mosaics about us.

2. Art. 114 TFEU is a legal basis that can be used for purposes related to the functioning of the internal market, such as competition, regulation, and safety, but it can be intelligently used in order to pass legislation that would have geopolitical significance, as the AI Act turned out to do. The EU’s Common Foreign and Security Policy (CFSP) and Common Security and Defence Policy (CSDP) tend to be shortcomings in relation to the EU’s security needs, and are often adopting the lowest common denominators of all Member States: such policy areas are strictly intergovernmental and anyone can veto EU action. Both the EU and NATO have been cohesive in responding to Russia’s aggression on Ukraine, but is this likely to last forever? Some geopolitical issues, such as cybersecurity, can be solved by regulating relevant parts of the market. Therefore, it is better to avoid the legal framework of CFSP and CDSP, and to bring legislation under the scope of consumer protection and the internal market (Art. 114 TFEU); where the bargaining power is more distributed, negotiations are smoother, and legislation is more likely to be adopted. 

The EU has the largest market in the world, which gives it immense regulatory power. Decisions related to products and services taken by the EU are likely to have repercussions in many other jurisdictions because they import our regulatory standards through market forces. Even if the EU seems reluctant and divided when it comes to geopolitics, it does not mean that it is unable to affect geopolitics and the global security architecture through its market power. The AI Act shows how the EU, by simply regulating its internal market, can (in some sectors) affect the distribution of power in international geopolitical conflicts, and defend itself from actors that want to disrupt our European sovereignty.  

by Lucrezia Nicosia, 7 minutes

The protection of human rights represents one of the main values of the European Union, as laid down in the Treaty on the European Union (TEU) and in the Treaty on the Functioning of the European Union (TFEU).

The main provision outlining the concept is Article 2 TEU, which states:

The Union is founded on the values of respect for human dignity, freedom, democracy, equality, the rule of law and respect for human rights.

Furthermore, according to the wording of Article 3(5) TEU:

[The EU] shall contribute to peace, security, the sustainable development of the Earth, solidarity and mutual respect among peoples, free and fair trade, eradication of poverty and the protection of human rights, in particular the rights of the child, as well as to the strict observance and the development of international law, including respect for the principles of the United Nations Charter.

For what concerns the area of common foreign and security policy, and according to Article 21 TEU (later confirmed in Article 205 TFEU):

The Union's action on the international scene shall be guided by the principles which have inspired its own creation, development and enlargement, and which it seeks to advance in the wider world: democracy, the rule of law, the universality and indivisibility of human rights and fundamental freedoms, respect for human dignity, the principles of equality and solidarity, and respect for the principles of the United Nations Charter and international law.

Two specific legal instruments play an important role when discussing the topic of human rights protection within the European Union: the European Convention on Human Rights (ECHR) and the Charter of Fundamental Rights of the European Union (EU Charter). While being closely connected to each other, they have been issued by two different entities: the Council of Europe and the European Union respectively. 

This article aims at explaining how the European Union guarantees the protection of the human rights of its citizens/residents. This will be done by explaining the scope and content of the EU Charter, its similarities with the ECHR, and the main bodies involved. 

What is the European Convention on Human Rights?

The ECHR is a regional instrument drafted on the 4th November 1950 and to which all Contracting Parties that belong to the Council of Europe (CoE) are parties. The CoE is an international organization primarily concerned with developing and spreading awareness on human rights around Europe and which must not be confused with the European Council or the Council of the European Union. Indeed, while these institutions are part of the EU, the CoE is an independent organization that comprises 47 States, including all 27 EU Member States. 

The ECHR forms part of the general principles common to all the Member States now in Article 6(3) TEU: 

Fundamental rights, as guaranteed by the European Convention for the Protection of Human Rights and Fundamental Freedoms [ECHR] and as they result from the constitutional traditions common to the Member States, shall constitute general principles of the Union's law.

This way, within the framework of the European Court of Human Rights (ECtHR), an international court of the CoE which interprets and applies the provisions of the ECHR, the EU Member States hold a so-called “presumption of equivalent protection”. The latter was elaborated in the Bosphorus case and it has been used by the ECtHR in order to balance the Contracting States’ obligations under the ECHR and EU law: when a case against an EU Member State is brought before the ECtHR, and the alleged violation concerns the application of EU law, the Court will presume that there has been equivalent protection of the ECHR. However, such presumption may be rebutted if there are signs of manifest deficiency.

What is the Charter of Fundamental Rights of the European Union?

The Charter of Fundamental Rights of the European Union was initially proposed by the European Council in 1999 and it was solemnly proclaimed on 7 December 2000 by the European Parliament, the Council of Ministers and the European Commission. Nevertheless, it was initially not legally binding, but taken into consideration as soft law. The EU Charter gained full legal effects on EU Member States when the Treaty of Lisbon entered into force in December 2009. Currently, the EU Charter is considered, together with the TEU and the TFEU, as part of EU primary law.

The EU Charter is divided into six chapters, which divide the different categories of rights:

1. Dignity (e.g. human dignity, right to life, right to integrity of the person, prohibition of torture and inhuman or degrading treatment or punishment);

2. Freedoms (e.g. right to liberty and security, respect for private life and family life, freedom of thought, conscience and religion);

3. Equality (e.g. equality before the law, non-discrimination)

4. Solidarity (e.g. workers’ right to information and consultation, fair and just working conditions)

5. Citizen’s rights (e.g. right to vote, right to good administration, right of access to documents held by any EU institutions)

6. Justice (e.g. right to an effective remedy and to a fair trial, presumption of innocence and right of defence)

As laid down in Article 51 EU Charter:

The provisions of this Charter are addressed to the institutions and bodies of the Union with due regard for the principle of subsidiarity and to the Member States only when they are implementing Union law.

Therefore, Member States are bound by EU human rights standards at the moment that they implement EU law, when national legislation falls into the scope of EU law, and when they derogate from fundamental freedoms. 

Member States technically have the possibility to opt out from legislation or treaties of the European Union, meaning they do not have to participate in certain policy areas. This seems to have happened to the United Kingdom and Poland according to Protocol no. 30 EU Charter. However, this cannot be considered an actual opt-out, but better as a “clarification” since the Protocol cannot exempt the UK and Poland from human rights standards already recognized by EU case law and that belong to the general principles of law under Article 6(3) TEU. Indeed, EU Member States are always bound, when acting within the scope of EU law, by the human rights standards already recognized by EU case law and that belong to the general principles of law under Article 6(3) TEU.

To review the progress in implementing and respecting human rights standards, the European Commission draws up annual reports prepared in close collaboration with all institutions and relevant stakeholders on the application of the EU Charter by the Member States. 

Furthermore, the EU Agency for Fundamental Rights (FRA) covers an important role in this field. On the one hand, it gives independent advice to EU institutions and the Member States on the rights set out in the Charter; on the other hand, it conducts legal and social research to better improve the level of protection of human rights in the EU and to align them to international standards. 

What are the main differences between ECHR and EU Charter?

1. The ECHR was drafted by the Council of Europe, an international organization that includes 47 Contracting Parties. On the other hand, the EU Charter is an instrument of the European Union, applicable only to EU member states. 

2. Contracting Parties to the ECHR are bound by it in all actions or omissions within their jurisdiction, while Member States are bound to the EU Charter only when acting within the scope of EU law.

3. The EU Charter enshrines some rights that are not guaranteed in the ECHR, as for example the right to asylum or the right to data protection. Although the latter is not expressly governed in the ECHR, there is a lot of ECtHR case-law on the matter on the basis of Article 8 ECHR.

4. Within the framework of the ECHR, there is a specific court that checks on the observance of the Convention. Indeed, individuals whose rights have been violated can take the case to the European Court of Human Rights. On the contrary, within the system of the EU Charter, there is no court to which individuals can apply directly. This can be done only indirectly through the work of the Court of Justice of the European Union. 

That being said, the system of the European Union and of the Council of Europe are intertwined because the provisions laid down in the ECHR have been used as a basis for the EU Charter of Fundamental Rights. Furthermore, all 27 EU Member States are also members of the Council of Europe and therefore bound by its human rights standards. 

Every seven years the member states of the European Union come together and decide on the new multiannual financial framework or the budget of the European Union (EU). The last budget ran out at the end of 2020, in the middle of the Covid-19 pandemic, and member states had to come together and negotiate the new framework for the 2021-2027 budget period. This article will cover the new budget in detail and will offer a short explanation of the budget in general. 

What is the multiannual financial framework? 

The so-called multiannual financial framework (or short MFF) has been used in the EU since 1988. The MFF usually runs for seven years (the required minimum is five years) and touches upon basically every aspect of the EU. For example, programs such as Erasmus or Horizon Europe are funded by the MFF. The MFF sets a yearly limit on commitments and payments that the EU can make. However, in the case of unforeseen circumstances, such as a sudden crisis, the EU has several financial instruments at its disposal to address these sufficiently. 

But who makes the initial proposal of the budget and who are the key players in the decision-making process? The Commission starts the process of passing the budget by presenting an initial proposal. This initial proposal will then move on to the Council which may change the proposal by the Commission. Thus, the member states play a central role in the budget decision-making process and can influence the budget. After the Council is done with changing the proposal from the Commission, the budget moves on to the European Parliament. However, it cannot make any official changes to the proposal at this stage since it is not a co-legislator but rather is only asked for consent since the MFF is following the consent procedure. Thus, the Parliament needs to inofficially influence the budget while the EU member states are negotiating it in the Council. After the European Parliament has given its consent to the budget, the Council needs to adopt the budget through a unanimous vote. The legal basis for this is article 312 in the TFEU. 

The new budget 2021-2027

In 2020 the member states had to pass the new budget for the period of 2021-2027. The new budget will encompass €1.211 trillion which are combined with €806.9 billion in the recovery package. The recovery package is what makes this MFF particularly interesting. Due to the unprecedented Covid-19 crisis and its impact on the European economy, the member states have decided to set up a recovery package to limit the negative effects of the Covid-19 crisis on European economies and help the states that have been hit the hardest by the pandemic. The influence of the pandemic on the MFF will be covered in detail below.

The MFF has seen some changes since the first budget was adopted in 1988. Whereas the first three decades had seen a focus on the Common Agricultural Policy and Cohesion Policy, the new budget will shift its focus to new priorities. These new priorities include investments into research and innovation, combating climate change, the transition to the new digital era and the recovery from the Covid-19 pandemic. This exemplifies the new focus on the budget and Figure 2 shows that these new priorities are receiving the largest share in the 2021-2027 MFF. If you want to dive into the details of the new MFF, this brochure by the EU is a good starting point. 

Another new addition to the 2021-2027 MFF is the so-called “conditionality regulation”. This new regulation has been introduced to address rule of law breaches by member states. An example of a rule of law breach would be if a certain member state does not implement rulings by the Court of Justice. However, this conditionality only applies if “a given member state threaten the EU financial interests” (Source: European Commission). Thus, rule of law breaches that do not threaten the EU’s financial interests are not affected by the new conditionality regulation. 

Yet, if a member state should threaten the financial interests of the EU, the Commission is responsible for proposing appropriate measures to the Council to address the breaches by the member state in question. After the Commission has proposed measures to the Council, the Council will make a final decision on the proposal. 

The Covid recovery package

Due to the Covid-19 crisis and its huge economic impact on the European economy, the EU has decided to include a recovery package in combination with the new MFF. The main aims of this recovery package are to limit the negative effects of the Covid-19 pandemic and to transform Europe into a digital and sustainable continent. The funds that are allocated under the Recovery and Resilience Facility are directly paid to the member states after the member states have submitted a Recovery and Resilience plan. These plans need to address several challenges including climate change and digitalisation. Once a member state has submitted its plan the Commission will assess it and the European Council will approve it. Once the plan has been approved by the European Council, the member state will receive its allocated funds. 

As aforementioned, most of the funds will be used to increase Europe’s digital capabilities and to make European economies ‘green’ and sustainable. Figure 3 showcases several areas that will receive funding under the Recovery and Resilience Facility such as improving digitalisation in public administration or investing in renewable technologies such as solar energy.