INT/1062
Enhancing research security
OPINION
Section for the Single Market, Production and Consumption
Proposal for a Council recommendation on enhancing research security
[COM(2024) 26 final - 2024/0012 (NLE)]
Rapporteur: Stefano PALMIERI
|
Referral
|
European Commission, 29/5/2024
|
|
Legal basis
|
Article 304 of the Treaty on the Functioning of the European Union
|
|
|
|
|
Section responsible
|
Single Market, Production and Consumption
|
|
Adopted in section
|
26/6/2024
|
|
Outcome of vote
(for/against/abstentions)
|
76/0/1
|
|
Adopted at plenary session
|
D/M/YYYY
|
|
Plenary session No
|
…
|
|
Outcome of vote
(for/against/abstentions)
|
…/…/…
|
1.Conclusions and recommendations
1.1The European Economic and Social Committee (EESC) welcomes the proposal for a Council recommendation on enhancing security in the internationalisation of technological research and innovation (R&I) and agrees that there is a need to raise awareness among the Member States on this topic, while also taking action to increase the coordination of Member States’ activities.
1.2The EESC believes that openness and the dissemination of knowledge at national as well as international level are cornerstones of research. Therefore, while understanding the vulnerability of the R&I sector to possible malign interference from state and non-state actors in the context of certain R&I international cooperation activities, the Committee considers that a fair balance should be struck between the need for security and the need to maintain the international openness of the sector.
1.3The EESC believes that efforts to bolster the security of R&I should never run counter to asserting the principles of academic freedom and institutional autonomy. In the EESC’s view, it is crucial to ensure that the principle of ‘freedom with accountability’ for researchers and innovators is upheld through effective, efficient and transparent self-governance by the actors in the sector.
1.4The EESC would like to see the full autonomy of R&I develop within a uniform and coherent reference framework for the EU Member States.
1.5The EESC believes that a multilevel governance approach (vertical and horizontal) should be adopted that can provide a proper risk assessment and identify effective measures to be taken in the various activities of research, innovation, higher education and training. Thus, the EESC hopes that the European Centre of Expertise on Research Security, in addition to coordinating with the other national support structures, will carry out the essential activity of acting as a platform for the collection and sharing of documents on due diligence, risk assessment and possible alerts, in full respect of mutual transparency between R&I sector actors. The Centre should also organise training and further training courses in the field of research security.
1.6While expecting that the recommendation would have included more detailed guidelines to support the activities of R&I actors in: (i) due diligence; (ii) risk profiling; (iii) drawing up memoranda of understanding with R&I international partner organisations, the EESC considers that the lack of such guidelines could be resolved later through the European Centre of Expertise on Research Security’s future activities.
1.7In the EESC’s view, the objective of guaranteeing secure international cooperation for R&I should never give rise to discriminatory and/or unfair practices towards R&I actors, nor should it be in conflict with labour rights and the safeguarding of working conditions for those working in the R&I sector in the EU.
1.8The EESC considers that proper training for sector actors is required, that can provide methodologies for a responsible internationalisation of research and informed R&I security risk assessment.
1.9The EESC is willing to organise, together with the European Centre of Expertise on Research Security, thematic meetings with R&I sector actors, civil society organisations and the social partners of the stakeholders concerned.
1.10For the EESC, in order to ensure the strengthening of R&I security: (i) the intellectual property of innovations – financed through R&I investments – must be protected and such innovations must be capable of guaranteeing national security; (ii) the screening of foreign direct investments must be extended to companies subject to M&A (mergers and acquisitions) and operating within the ten critical areas and dual-use items sector.
2.General comments
2.1The EESC considers that, in light of recent geopolitical changes, potential hybrid threats from state and non-state actors have led to the need for EU open strategic autonomy to be applied, not just in the field of defence and security but also in other sectors: the economy (finance, industry, trade), energy, research and technological innovation, information and communications technologies, networks etc. In this context, the EESC is of the view that enhancing security in the internationalisation of R&I is of paramount importance to guarantee the proper functioning of the EU’s global resilience ecosystem.
2.2The EESC agrees that the very nature of R&I, based on openness and the free sharing of knowledge, including through its internationalisation, is the reason why R&I is successful in being self-sustaining. However, it also recognises the implicit weakness in this, as it could make the R&I sector vulnerable to malicious interference and misuse. For this reason, the EESC believes that the measures taken should strike a fair balance between security requirements and maintaining international openness of R&I.
2.3The EESC believes that measures aimed at ensuring R&I security should never undermine the principles of academic freedom and institutional autonomy, and agrees with the proposal’s statement that: ‘responsibility for international research and innovation cooperation [...] lies with higher education institutions and other research performing organisations’ and that, in this context, the EESC stands by the principle of ‘freedom with accountability’ for researchers and innovators through effective, efficient and transparent self-governance by the actors in the sector.
2.4The EESC welcomes the proposal on enhancing research security in R&I internationalisation, through greater coordination of the activities carried out by the individual Member States. The EESC believes that a Council recommendation is the appropriate instrument to begin to raise real awareness of the problem among all Member States, while also ensuring efficient coordination of the actions undertaken. The EESC hopes that the 2027 biennial report will provide the opportunity to carry out an assessment on whether or not a legally binding initiative – directive or regulation – should be drawn up to ensure a uniform, effective and coherent approach within the EU.
2.4.1In order to guarantee that R&I is actually strengthened, all Member States, without exception, must provide the same levels of security to avoid a dangerous domino effect, whereby certain Member States do not have the same awareness of the risks and fail to apply the same security standards.
2.5For the EESC, a vertical (EU, national, regional) and a horizontal (national support structures for R&I security; higher education institutions; public and private research performing organisations; national funding organisations; relevant trade unions; national security agencies etc.) multilevel governance approach must be guaranteed, to ensure that risks are properly assessed and effective measures taken in the various areas of research, innovation, higher education and training. In this context, the EESC hopes that the European Centre of Expertise on Research Security will coordinate the vertical multi-level governance approach by ensuring the coherence of measures taken by the Member States with a uniform, consistent approach that lays down clear principles and responsibilities within the R&I community.
2.5.1The EESC wonders whether, while fully respecting the autonomy of R&I actors and, at the same time, ensuring the application of a single, global approach to R&I security, it would be more appropriate for the Council to provide the Member States with more specific guidance (guidelines rather than guiding principles) on the tasks and functions of the European Centre of Expertise on Research Security and of the national support structures, and on the criteria regarding drawing up the national action plans, so that these plans operate within the same reference framework.
2.5.2The EESC would have expected the recommendation to give more detailed guidance:
2.5.2.1to support due diligence activities and relevant risk profiling of:
a)the EU-based partner organisation;
b)the international partner organisation;
c)the country of the international partner;
d)the four critical technology areas of R&I for which there is international cooperation (currently: advanced semiconductors, artificial intelligence, quantum and biotechnologies) and dual-use items.
2.5.2.2for drawing up Memorandums of Understanding with R&I international partner organisations, in order to safeguard academic freedom, reciprocity and arrangements on intellectual asset management and on the unlawful transfer of knowledge and technology.
2.5.3The EESC believes that while it is true that decisions on risk assessment will be made fully autonomously by the public and/or private national organisations who are involved in R&I, they must be implemented within a coherent and uniform reference framework, which can only be provided for at EU level.
2.5.4The EESC believes that due diligence activities and risk profiling, carried out by R&I actors in each Member State – fully autonomously and transparently – to mitigate the risks of misuse of R&I internationalisation, will be crucial. For this reason, the EESC regrets that the Council recommendation does not set out specific instruments (questionnaires, check lists, etc.) and suggestions for best practices that could support R&I actors in due diligence and risk assessment activities.
2.6The EESC believes that the legitimate objective of guaranteeing secure international cooperation for R&I should never translate into discriminatory and/or unfair practices towards R&I actors. For this reason, the EESC considers that the objective of enhancing R&I security should never be in conflict with labour rights and the safeguarding of working conditions for those working in the R&I sector in the EU. Moreover, the EESC sees the need to include – for sector actors – adequate training that is capable of providing methodologies for: responsible internationalisation of research and an informed R&I security risk assessment.
2.7The EESC warns against using any instrument for the enhancement of R&I security in order to apply protectionist practices to EU products and services.
2.8The EESC agrees that an impact assessment of the proposal would be futile at this point in time, since the proposal will be tested on subsequent actions undertaken by the Member States (in national action plans and by national support centres for R&I security) and by R&I sector actors. For this reason, the EESC believes that the biennial reports on the Global Approach to Research and Innovation will be useful for monitoring and subsequently assessing progress in efforts to boost R&I security.
3.Challenges and issues
3.1The EESC believes that there would be great value in assessing – at EU level – the risks that can be identified in relation to the internationalisation of R&I, in order to be able to take action to mitigate such risks.
3.2In this particular context, risk profiling is the key activity for mitigating R&I risks and, for this reason, we believe further clarification is necessary for certain risk factors. The EESC is of the view that, as part of this activity, higher education institutions and research actors must take due account of the risks involved in international R&I cooperation:
a)risks that could undermine the functioning of the global resilience system of the EU and its Member States;
b)risks linked to reinforcing foreign military arsenals or the weakening of the EU’s military capacity;
c)risks related to the proliferation of weapons of mass destruction;
d)risks linked to terrorist activities;
e)risks linked to the ten critical technology areas and dual-use items;
f)risks linked to the availability and research in the field of critical raw materials.
3.3The EESC is conscious of the fact that risk assessment in R&I security must always be conducted on a case-by-case basis, fully autonomously, by higher education institutions and public and private research performing organisations. The EESC considers that, when carrying out a case-by-case assessment, the risks posed by international R&I cooperation should be duly accompanied by a proper assessment of the risks involved in not engaging in such cooperation.
3.4The EESC considers that one of the tasks of the European Centre of Expertise on Research Security should be to establish as soon as possible guidelines for international R&I cooperation. The Centre should also:
a.organise regular coordination meetings with the other 27 national structures providing support for enhancing R&I security, in order to ensure that there is a uniform and coordinated strategy for taking action in terms of risk mitigation in the EU;
b.develop and update an information database per sector and per critical/problematic or not-like minded country with whom cooperation in R&I activities could involve serious R&I security issues (such as TIM Dual Use, the Chinese Defence Universities Tracker of the Australian Strategic Policy Institute (ASPI), Iran Watch, the lists provided by the Academic Freedom Index in the World and by the World Justice Project Rule of Law Index, etc.) to support the due diligence activities of Member States’ R&I organisations, through its own website;
c.act as a platform for collecting and sharing documents on due diligence and risk assessment activities, so that all European R&I entities can reap the knowledge of such documents;
d.report and share alerts for cases where R&I security breaches have occurred in the Member States;
e.map funding received from non-EU countries for every higher education institution and for public and private organisations carrying out R&I activities;
f.act as a knowledge platform, providing information on the experience that is being gained in the Member States as well as other countries (including on cybersecurity), and identifying the best practices to be considered;
g.organise training and further training courses in the field of R&I security for the various actors;
h.regularly hold think tanks, round tables, seminars, etc., involving sector actors, in order to compare ideas and practices relating to enhancing R&I security in the EU.
3.5The EESC believes that the scope of application of R&I security should not just cover the four critical technology areas for the EU’s economic security, but should also cover the other six areas mentioned in the annex to the relevant Commission recommendation: advanced connectivity, navigation and digital technologies; advanced sensing technologies; space and propulsion technologies; energy technologies; robotics and autonomous systems; advanced materials, manufacturing and recycling technologies.
3.6The EESC considers that international R&I cooperation activities should be based on fair labour mobility and fully comply with the European Code of Conduct for Research Integrity and the Bonn Declaration on Freedom of Scientific Research, ensuring that high standards for R&I in the European Union are maintained and further strengthened.
3.7The EESC agrees that maintaining international cooperation with students and professors from non-EU countries is of crucial importance for the growth of European R&I knowledge. For this reason, in the context of responsible internationalisation of R&I, any risk assessment on international collaboration (students, researchers and professors) should mainly be carried out by higher education institutions and public and private organisations carrying out R&I activities. This would avoid any sort of arbitrary discrimination – on grounds such as gender, ethnic origin, religion, political opinions, disability, age, sexual orientation, personal and social conditions.
3.8The EESC believes that R&I security should be safeguarded in relations with non-EU countries by fostering the principles of reciprocity and transparency, to provide a level playing field for all R&I actors and the countries involved in international cooperation.
3.9The EESC considers that, while it will require the responsibilities and the relevant competences in the chain of command and control to be clearly established, the autonomy of research and the resulting interactions with other bodies (such as ministries, national security agencies, military bodies etc.), should always be guided by the ‘principle of autonomy and freedom with accountability’ through effective, efficient and transparent self-governance by the actors in the sector.
3.10The EESC considers that the risks involved in the internationalisation of R&I in the case of non‑EU countries where civil research is not separate from military research, should be carefully assessed.
3.11In the EESC’s view, efforts to enhance R&I security should be considered structured action and not a one-off, temporary intervention.
3.12The EESC believes that enhancing R&I security should be achieved through close coordination of foreign direct investment control and analysis activities. Enhancing R&I security will involve cybersecurity being suitably strengthened. In this case too, the cooperation that is carried out through multilevel governance will enable appropriate levels of security to be achieved so that the IT equipment of the various R&I actors can be strengthened (using means that the individual actors deem to be most appropriate: cyber-certified equipment, ‘zero-trust’ or ‘defence in depth’ systems, etc.).
3.13The EESC also believes that, as part of R&I security, safeguards for private companies operating in the ten critical technology areas and in the dual-use items sector must be provided for. In this context: (i) the intellectual property of innovations – financed through R&I investments – must be protected and such innovations must be capable of guaranteeing national security; (ii) the screening of foreign direct investments must be extended to companies subject to M&A and which operate in the ten critical areas and dual-use items sector.
Brussels, 27 June 2024.
The president of the Section for the Single Market, Production and Consumption
Sandra PARTHIE
_____________