PURPOSE: the
establishment of SIS II and to lay down specific provisions on the processing
of data for police and judicial cooperation in criminal matters.
LEGISLATIVE
ACT: Council Decision 2007/533/JHA on the establishment, operation and use of
the second generation Schengen Information System (SIS II).
BACKGROUND:
this Decision forms part of a package of legislation defining the legal basis
for SIS II. Given the different policy areas involved and the cross-pillar
nature of the SIS, three legislative acts had to be adopted: two Regulations
and one third pillar Decision. The package is as follows:
The fact that the legislative package consists of
separate instruments does not, however, effect the principle that SIS II
constitutes one single information system and that it should operate as such.
Certain provisions of all three legislative acts are, as a result, identical.
The Schengen Information System (SIS), which was set up
in the mid 1980’s is an essential tool for the application of the Schengen acquis.
It allows the Member States, through an automatic query procedure, to obtain
information on a suspected person when an alert has been sent out.
Information thus obtained can be used:
- for
police and judicial cooperation in criminal matters;
- for
controls on persons both at the external borders of the EU or within a
national state;
- for
issuing visas and residence permits.
It acts as an indispensable component of Schengen by
offering those participating in the Schengen Agreement a high level of
security.
When first established SIS was organised on an
intergovernmental basis. However, in 2004 with the enlargement of the EU, it
was decided to assign the technical development of the second generation SIS
to the Commission. The necessary financial resources from the EU’s budget for
the realisation of this project were allocated accordingly. (See Council Regulation (EC) No 2424/2001).
CONTENT: the
purpose of this Decision, therefore, is the establishment of the second
generation Schengen Information System (SIS II) in order to ensure a high
level of security within the area of freedom, security and justice. It
constitutes the necessary legislative basis for governing SIS II.
This Decision
establishes the conditions and procedures for the entry and processing in SIS
II of:
- alerts on
persons and objects;
- the exchange
of supplementary information; and
- additional
data for the purpose of police and judicial cooperation in criminal
matters.
Specifically
the Decision also lay down provisions on:
- the
technical architecture of SIS II;
- the
responsibilities of the Member States and the Management Authorities;
- general data
processing;
- the rights
of persons concerned; and
- liability
issues.
The Decision
specifies the technical architecture and financing of SIS II; it lays down rules
concerning its operation and use; the categories of data to be entered into
the system; the purpose for which data is to be entered; the criteria for
their entry; the authorities authorised to access the data; the
interlinking of alerts and further rules on data processing and the
protection of personal data.
SIS II
includes a central system (Central SIS II) and national applications. The
expenditure involved in the operation of Central SIS II and related
communication infrastructure is to be charged to the general budget of the
EU.
In other
provisions, the Decision:
- establishes
a manual that sets out the detailed rules for the exchange of certain
supplementary information on alerts;
- awards the Commission,
for a transitional period only, responsibility for the operational
management of Central SIS II and parts of the communication
infrastructure. (The transitional period should last for no longer than
five years);
- specifies
that SIS II is to contain alerts on persons wanted for arrest for
surrender purposes and wanted for arrest for extradition purposes;
- sets out
provisions regarding the exchange of supplementary information,
particularly, data relating to the European Arrest Warrant;
- specifies that
SIS II should contain alerts on missing persons, on persons and objects
for discreet checks or specific checks, and on objects for seizure or
use as evidence in criminal proceedings;
- specifies
that alerts should not be kept on SIS II for longer than needed. As a
general principle, alerts should be erased from SIS II after a period of
three years. Alerts on objects entered for discreet checks or specific
checks should be automatically erased from SIS II after five years.
Alerts on objects seized for use as evidence should be automatically
erased from SIS II after a period of 10 years;
- allows for
the processing of biometric data in order to assist in the reliable
identification of individuals. By the same token SIS II will also allow
for the processing of data concerning individuals whose identify has
been misused in order to avoid inconvenience caused by the
misidentification;
- allows
Member States to add an indication, called a flag, to an alert, meaning
that the action to be taken on the basis of the alert will not be
taken on its territory. When a flag has been added and the whereabouts
of the person wanted for arrest for surrender becomes known, the
whereabouts should always be communicated to the issuing judicial
authority, which may decide to transmit a European Arrest Warrant;
- makes it
possible for Member States to establish links between alerts in SIS II;
- specifies
that data processed in connection with this Decision must not be
transferred, or made available, to third countries;
- states that
personal data processed in the context of this Decision should be
protected in accordance with the principles set out in the Council of
Europe Convention for the protection of individuals with regard to
automatic processing of personal data; as should Regulation (EC) No
45/2001 on the protection of individuals with regard to the processing
of personal data by the Community institutions and bodies and the free
movement of such data;
- states that
national supervisory authorities responsible for personal data will
monitor the processing of personal data relating to this Regulation; as
will the European Data Protection Supervisor;
- requires the
Member States and the Commission to draw up a security plan in order to
facilitate the implementation of security obligations and requires them
to cooperate with each other in order to address common security issues;
- allows
Europol and Eurojust direct access to SIS II data – subject to certain
conditions;
- requires the
Commission to prepare a report on the technical functioning of Central
SIS II and the communications infrastructure every two years. An overall
evaluation should be prepared by the Commission every four years;
- specifies
the technical rules on entering data, including data required for
entering an alert, updating, deleting and searching data, rules on
compatibility and priority of alerts, links between alerts and the
exchange of supplementary information etc. are to be prepared by the
Commission through implementing powers; and
- finally sets
out appropriate transitional provisions in respect of alerts issued in
SIS 1+, which are to be transferred to SIS II.
The Decision
applies to the United Kingdom, Ireland, Norway, Iceland and Switzerland.
ENTRY INTO
FORCE: 27 August 2007.
For countries
participating in SIS 1+ is will apply on a date to be fixed by the Council.