Capital Skopje
Time Zone CET (GMT+1)
Country Code 389
Mobile Codes 70,71,72,75,76,78
ccTLD .mk
Currency Denar (1EUR = 61.5MKD)
Land Area 25,713 sq km
Population 2.1 million
Language Macedonian
Major Religions Orthodox Christianity, Islam

Europe’s Macedonian Intervention, Part 3: The Priebe Report in Context

By Chris Deliso

The reasons why the Hahn Commission perceived the Macedonian crisis as specifically a “rule-of-law” issue were discussed in this series’ previous article. The present analysis reveals that, far from a sudden change of policy, this technocratic perception existed since 2010, and was influenced by both EU legal norms and anti-government lobbying that created a chronic groupthink in Brussels.

The EU’s intervention from 2010 was driven by reaction to key legislation on interception of communications. This legislation itself followed the government’s procurement and use of Israeli-made SIGINT equipment- a system that was later compromised internally, leading to the bogus ‘wiretap affair’ that would be used to destroy state institutions in 2015-16.

In addition to the divergent interests of other players, the Zaev affair gave the EU an excuse to demand that Macedonia’s security architecture be radically reconfigured- though this conclusion had not been made in original 2010 analysis by the EU, and though it risks returning state security to the previous era, when the Deutsche Telecom monopoly was the country’s essential SIGINT gatekeeper.

The present analysis will document the development of this EU process, revealing how it led directly to the ill-conceived 2015 expedition of ‘experts’ discussed in the next part of this series.

The SIGINT Apple of Enmity

It is not clear when the Gruevski government, first elected in 2006, initially considered a SIGINT upgrade, but with its 2008 re-election the interior ministry received a large financial boost; this was criticized in summer 2008 by some diplomats, opposition, and ‘civil society’ groups. The Israeli-made communications interception equipment was purchased without tender, which is legally permissible for state investments where state secrets were involved. preserves the historical record, as we specifically raised the issue in an interview with then-Interior Minister Gordana Jankulovska, on April 2, 2009. Before recounting several successful high-profile counter-terrorism and organized crime cases undertaken by the MOI, Jankulovska noted that before her tenure, “the police were working in the same old ways, with the same old equipment, and getting the same results. In the 21st century, it’s impossible to fight today’s sophisticated forms of crime with 20-year-old equipment.”

She was referring to outdated analog equipment being used then by both the ministry and Telecom. Interestingly, the interview also recalls that by summer 2008 the opposition SDSM’s talking points, shared with local diplomats and Brussels officials, already were warning that the government sought to create a ‘police state.’ This contention would deeply infect the discourse and SDSM/civil society public relations with Brussels since then.

For the sake of inclusiveness of views, we raised this concern in 2009. Minister Jankulovska replied that “believe me, the police has more than enough work to do fighting the existing criminal and security threats- we have neither the time nor intention to deal with anything else.”

This context is essential because it helps explain why the EU (and Western media) so eagerly and credulously lapped up Zoran Zaev’s February 2015 “government wiretapping” allegations. The psychological conditioning had been going on for years, as the historical record and personal experience prove; all that anti-government forces needed was a convenient excuse.

Macedonian SIGINT as a Threat to the Balance of Regional Power

However, there is more to the story than simple animosity towards a particular government or party. The greater danger for Western powers was that improved security capacities would give Macedonia too much independence. Macedonian modernization also threatened to upset the carefully-maintained balance of regional (in)stability and intelligence capacities. The fact that Macedonian had purchased the gear from Israel, neither a NATO nor EU member, did not go unnoticed either by EU governments or the corporate lobbyists that control them.

In any country, SIGINT equipment fascinates the public. Deeper than that, Macedonia’s new acquisition actually caused serious concerns within rival intelligence agencies. For example, it reduced the BND’s competitive advantage, as the local Deutsche Telecom investment had, as said, served as gatekeeper. Aside from giving the Germans what they wanted, the set-up severely hampered Macedonian investigative capacities.

“It was very frustrating,” recalls one senior Macedonian intelligence official active during the period for “Even after the prosecutor’s office gave us permission [to request wiretaps], it might be weeks or months before the operator would cooperate. So the intelligence was not any longer useful in many cases after such a delay.”

The Germans were not the only losers. Macedonian law enforcement was becoming too successful; a long period of peace, stability and prosperity would reduce the capacity of foreign powers to influence government towards pre-determined policies. It was a very frustrating time for foreign operators as several violent disruption plots were destroyed in pre-planning phases.

However, rather than kill the system that was causing such irritation, some clever major players decided to just take it over, to use local assets to compromise the system from within. is aware of the identity of these people and the approximate date when the operation began, though there are still some grey areas. It is also possible that the foreign operators lost control over their local assets after a certain point; what is sure is that it will take more time and context to tell the whole story.

Having a local asset inside a SIGINT system is also useful in that the content it provides is from a ‘unique’ and unrelated source. Thus while big entities like NSA or GCHQ can and do tap everything on earth, their own primary data does not ‘exist’ as far as the public is concerned; therefore, to ensure ‘plausible deniability,’ it is helpful for big players to have local protégés working from their own systems. Thus even if the data is identical, there is a layer of separation between two simultaneous operations, meaning that only the local one need ever be referenced or identified for media or political i/ops. This is probably what happened in Macedonia.

EU Orientation

For its part, while influenced by member states and specific diplomats, the EU was, as usual, living in its own rarified universe. It sought to do what it does best and regulate, criticize, and parse legal terms in regular meetings with officials and on annual progress reports.

Such reports are informed by data from Delegation offices (such as monthly Pre-Accession Reports) and Brussels desk analysts. When compiling the annual progress reports for candidate countries, they go down a well-defined set of categories and insert their interpretation of reality. This comes from both original research and political lobbying; in Macedonia’s case, owing to the name issue, Greek Commission officials are always vigilant to police the wording of every text involving the country and can introduce their own particular scrutiny, which often causes internal discord.

Explaining the EU’s “Rule-of-Law Issue” Perception: the Importance of Section 4.24

The fact that the 2015 Expert Team’s focus on rule-on-law issues was decided before, and not after, the team had even begun its investigations does not primarily reflect the EU’s historic disdain for the Gruevski government. It was simply easier for the bureaucracy to categorize the issue. Zaev’s allegations made the report content fit comfortably within a specific section of reports on candidate countries- Section 4.24.

As discussed by the CEP here, Chapter 24 of the EU acquis tracks applicant countries’ progress on issues involving Justice, Freedom and Security.  A careful comparison of the relevant sections of each annual progress report from 2009-2014 indicates that the EU did not get antagonistic until October 2010- in part, influenced by an internal document from that June, which we will reveal for the first time. The two major issues, then and now, have been parliamentary oversight of the intelligence services, and the legal requirements of telecom operators to provide data access to the security services.

Section 4.24 of the 2009 Progress Report on Macedonia concludes on a rather positive note that “the weaknesses in parliamentary control over the security and counter-intelligence administration have been addressed. Deficiencies in judicial control over the security and counter-intelligence administration with regard to executing the orders of the public prosecutor to monitor communications, notably concerning the location of the relevant equipment, have been addressed.”

Further, the 2009 report adds, “the Law on Monitoring of Communications is being implemented smoothly, although the relevant parliamentary committee has not been very active. Work on establishing an integrated intelligence system for inter-agency use is in progress. This should remedy the existing shortcomings in sharing intelligence and in mutual access to databases at interagency level.”

Things would seem well and good; however, 2010 saw a fundamental (and permanent) change in the EU’s approach to Macedonia on the SIGINT issue, which would eventually explode in the pages of the Priebe Report in 2015.

The change in tone is visible in Section 4.24 of the November 2010 EU Progress Report on Macedonia. “Amendments to the Law on electronic communications have been enacted, including technical provisions on the obligations of the telecommunication operators regarding the implementation of interception orders.”

However, while “the implementation of the Law on interceptions has strengthened the effectiveness of investigations,” the EU report continued, “the direct involvement of the Ministry for the Interior in authorising the use of interceptions is against EU standards. Moreover, the external [i.e., parliamentary] oversight mechanism needs to be strengthened.”

These criticisms resumed in Section 4.24 of the October 2011 EU Progress Report on Macedonia. “The direct involvement of the Minister of Interior in authorising the use of interceptions remains in place and the Law on interception of communications has yet to be amended,” stated the EU.

“Moreover the existing parliamentary oversight over the use of interception orders needs to be strengthened. The overly restrictive and centralised application of the interceptions inadequately addresses the increasing threat of organised crime.”

In the next two years, legislative challenges and amendments were noted but the criticism remains similar in the October 2013 EU Progress Report on Macedonia. It notes that while “amendments to the Law on Interception of Communications, removing the direct involvement of the Minister of Interior in authorising interceptions, entered into force,” nevertheless, “the secondary legislation regulating its enforcement in detail and safeguarding against undue influence in the execution of interception orders, remains to be adopted.”

The 2013 EU report added that “the Law on Electronic Communications still needs to be amended to take into account the Constitutional Courts annulment of certain articles which imposed overly broad obligations on operators to provide access to communications networks.”

However, in its final report before the crisis, the EU in its October 2014 progress report noted that “the Law on Electronic Communications was amended, taking into account the Constitutional Court’s 2010 annulment of certain articles relating to access to communication networks.” Yet if the EU was satisfied by legislative developments in 2014, why did the backlash months later rely on opinions from earlier years?

The 2010 EU Delegation Internal Document

The formative period of 2009-2010 for EU attitudes on SIGINT in Macedonia is attested in a document leaked to by a European official back in 2010. Uploaded by here, it is the May-June PAR (Pre-Accession Report) crafted by the EU Delegation in Skopje at the time. All of the persons involved in writing it at that time are listed within.

These regular PAR reports cover the specific acquis criteria in order, referring to recent developments. While the authors covered the whole range of local topics in the report, they took special interest to provide a lengthy analysis of the SIGINT issue. Their observations then directly shaped the 2010 annual report mentioned above- and the trajectory of subsequent EU intervention in 2015. Available now for the first time, this internal document might thus be the best resource for understanding the historic development of EU policy in this regard in Macedonia.

The 2010 Reaction to Amendments of the Law on Electronic Communications

The PAR report noted that parliament in June had enacted the amendments to the law on electronic communications, which had been passed in 2005. The main problem with that law, the EU report noted, was that “initially it comprised only one article referring to the obligations of the operators” in their responsibility “to provide adequate equipment and interface for the implementation of interceptions.” What the 2010 amendments did, therefore, was to clarify the operators’ role and responsibility before the state security bodies.

Interestingly, even the EU report confirms what intelligence sources (such as the officer mentioned above) attested. “Before the enactment of these amendments MoI was confronted with some difficulties as regards the operators’ responsiveness towards the interception requests (i.e. their obligations were not clearly set up in the law and therefore there were cases when for ex. the operators sent the traffic-related data to MoI after an excessive period of time when the information became obsolete for the investigations).”

While the EU was thus indisputably aware even in 2010 of the problems faced by law enforcement, it also noted protests made by “civil society” groups claiming that the amendments would lead to what has been cheaply packaged since 2015 as a ‘police state.’

“ The provisions most contested by the civil society stipulate, among others, that the telecommunication operators are obliged to deliver traffic-related data upon request of the competent authorities in the course of pre-investigations or during criminal proceedings or when required by security and defence reasons,” the PAR report thus continued.

The Main Issue in 2010: ‘Continuous and Direct Access’

“Operators are also obliged to provide ‘continuous and direct access’ of the competent authorities to their electronic communication networks, as well as conditions for independent taking over of traffic-related data,” the report added. “The same is provided for the information on the geographical, physical and logistic location of the terminal equipment of the subscribers. Another controversial provision regards the period of time during which traffic-related data may be kept (i.e. 24 months).”

The EU report also noted that, even then, the Committee for the oversight of the use of interception of communications had “a composition dominated by the opposition parties,” which unsurprisingly “issued a negative opinion on the amendments to law.” From this comment and from personal memory, it is clear that the EU Skopje Delegation was lobbied by such opposition figures to similarly disapprove of the amendments.

Future EU reports would reveal that the ‘continuous and direct access’ clause was a major sticking point. And, while announcing the “NGO sector” would issue a challenge to the Constitutional Court, it also noted that the then-general public prosecutor, Ljupco Svrgovski, stated that with the amendments, “the Ministry of Interior (MoI) is thus put in a privileged position as the only institution which is implementing interception orders, since the public prosecutors have no technical capacity to enforce the interceptions.”

However, as the report also noted, the Ministry of Transport and Communications, the MoI and the representatives of the Basic Public Prosecutor’s Office for Fight against Corruption and Organised Crime “pointed out that interceptions are regulated by the law on interception of communications and that the law on electronic communications sets up simply the obligations of the operators. According to the above-mentioned authorities, the law on electronic communications does not replace or add to any provision to the law on interceptions, i.e. no interception can be carried out without court or public prosecutor order.”

In its analysis, the EU noted that “all interceptions carried out without court or public prosecutor order are illegal and cannot be used as evidence in criminal proceedings.” This remained the essential issue in 2015 and was the reason for legal impasses regarding Zaev’s leaked material: according to both his side and the government’s, these wiretapped conversations had been created illegally. They just disagreed on who had done so.

For the EU in June 2010, “the most disputable provisions” of the amended law were “the ones according to which ‘the operators of public communication networks and public communication service providers shall be obliged to provide the competent authorities continuous and direct access to their electronic communication networks, as well as conditions for independent taking over of traffic-related data.’

The EU averred than that “the very wide and ambiguous formulation of the provisions on access to network may lead to abusive use of interceptions by the police or by the operators. This might be even more confusing since for some articles like the ones covering the data on location there is an express reference to the conditions of the law (i.e. on interception of communications) while for the article on access to network this reference is omitted.”

In its analysis, the EU continued to add that “the interception equipment is placed solely within the MoI which is the only institution that implements the interception orders,” and such enjoyed “a privileged position as opposed to other law enforcement agencies which are entitled according to the law to perform interceptions.”

These arguments were directly made, not only by successive annual reports, but by the 2015 Priebe report. However, as of June 2010, the EU report only noted this location issue as a fact, not necessarily an existential problem.

“According to the law on interception of communications, Customs Administration and Financial Police would also be entitled to implement interceptions, but they have no equipment to apply such investigative measures.” The June 2010 report assessed. “Public prosecutors do not have interception equipment at their disposal either.” Although it did not elaborate, a possible solution for this imbalance would simply be to recommend these bodies get their own equipment.

In the end, the June 2010 report concluded that the law’s “ambiguous legal wording” regarding the terms ‘continuous’ and ‘direct’ access to communication networks “may create the premise for an even more uneven distribution of powers among the law enforcement agencies as far as interceptions are concerned.”

Intriguingly, however, the Skopje Delegation did not seem particularly concerned about the actual SIGINT equipment’s use – only the legalese surrounding its use and accessability. It was other states and interests, not the EU technocrats, who considered the equipment as a threat to the balance of international power.

For example, regarding the stipulated ‘independent’ take over of traffic-related data by the MoI, the EU admitted that “even before the entry into force of this law interception of communications were being carried out by two modalities: either through the operator or through direct access of the MoI (i.e. with their own equipment) to the communication networks (the latter being most frequently used, since it is the safest to avoid any possible leak of information and since MoI is endowed with its own equipment and has staff specialised on these matters). Inious this context, ‘conditions for independent taking over of traffic-related data’ refers to this latter modality of implementing interceptions.”

The Fundamental Difference between Previous EU Policy and the Priebe Report’s Suggestions

In other words, while it did not endorse the MOI’s use of its own SIGINT equipment, the EU did not state that its existence was a problem in and of itself. While the June 2010 did predict certain possible scenarios for vulnerabilities related to legal wording and the “tensions” between law enforcement groups that might result from perceived centralization of SIGINT control, it did not suggest that the equipment itself be removed from the MOI and given to the telecom operators.

The Priebe Report, however, would demand precisely the latter: that since the ministry (and by close extension, the government) had been acting like a naughty child, its toys should be taken away.

As we will see in the next installment of this series, five years of constant opposition lobbying in Brussels would not fail to have an effect. The EU ‘experts’ who were credulous enough to take Zoran Zaev’s charges at face value simply built on the existing paperwork and came up with an arbitrary punitive measure that neither reflected the reality of the situation, nor offered a sustainable and realistic way forward for Macedonian state security.

Yet even before the team made these final sweeping recommendations in its 2015 report – which political parties have treated as some kind of indisputable, sacred book – it had had its own problematic elements. These elements, which will be examined in the following article, further call into question the objectivity and credibility of the report and everything that its findings set into motion from June 2015.