meaning of Article 1 of the EPD, but it would be, as they assert, an activity
outside the scope of the Treaty, by virtue of Article 1(3) of the EPD.
32.
As set out in paragraph 30 above, the Respondents’ case is based upon
Articles 4 and 5 of the TEU. The Union’s legal competence is governed by
the principle of conferral (Article 5). By Article 4(2) the Member States,
whose sole responsibility it remains, have not conferred the essential State
functions of national security on the Union. Hence by Article 16(2) TFEU the
European Parliament and Council have only the power to lay down rules
relating to the processing of personal data in relation to activities which fall
within the scope of EU law, as Article 1(3) of the EPD itself records (as does
Article 3(2) of the DPD). By Article 6 of TEU, the provisions of the Charter
do not extend the competences of the Union, and by Article 51 of the Charter
its provisions only apply to the Member States when they are implementing
Union Law. Consequently the activities of the Member States in relation to
national security, by way of requiring the supply of BCD and thereafter
accessing and using it, are not derogations from the Member States’
obligations under the Treaty, requiring strict construction and limitation, but
are outside the jurisdictional limit of the Treaty’s competence, and for the
Union to interfere consequently impacts on the sovereignty of the Member
State, and is likely to have the potential consequence that it cannot comply
with Treaty obligations with other countries e.g. for the sharing of intelligence.
The Watson Requirements plainly lay down conditions to be applied to
Member States e.g. at paragraphs 118 and 125, which, if applied in the
national security context, the Respondents assert to be matters outside the
jurisdiction of the Union.
Page 32