PURPOSE: to establish a single regulation :
PROPOSED ACT: Regulation of the European Parliament and of the Council.
BACKGROUND: setting out previous Commission proposals:
- December 2008: EURODAC was established by Regulation (EC) No 2725/2000 concerning the establishment of "Eurodac" for the comparison of fingerprints for the effective application of the Dublin Convention. A recast proposal for the amendment of the EURODAC Regulation was adopted by the Commission in December 2008 (see the summary of the 2008 proposal dated 03/12/2008). This proposal was designed to ensure a more efficient support to the application of the Dublin Regulation and to properly address data protection concerns. It also aligned the IT management framework to that of the SIS II and VIS Regulations by providing for the taking over of the tasks of the operational management for EURODAC by the future Agency for the operational management of large-scale IT systems in the area of freedom, security and justice. The December 2008 proposal also aimed to: (i) repeal the Implementing Regulation and to include its content in the EURODAC Regulation; (ii) take into account developments in the acquis on asylum and technical progress which took place after the adoption of the Regulation in 2000. The European Parliament endorsed the Commission proposal subject to a number of amendments.
- September 2009: the Commission adopted an amended proposal in September 2009 in order to, on the one hand, take into account the resolution of the European Parliament and the results of negotiations in the Council, and, on the other hand, introduce the possibility for Member States' law enforcement authorities and Europol to access the EURODAC central database for the purposes of prevention, detection and investigation of terrorist offences and other serious criminal offences. In particular, that proposal introduced a bridging clause to allow access for law enforcement purposes. The proposal was presented at the same time as the proposal for a Council Decision on requesting comparisons with EURODAC data by Member States' law enforcement authorities and Europol for law enforcement purposes, spelling out the exact modalities of such access. The European Parliament did not issue a legislative resolution on the September 2009 proposals.
- October 2010: with the entry into force of the Treaty on the Functioning of the European Union (TFEU) and the abolition of the pillar system, the proposal for a Council Decision lapsed. However, with a view to progressing on the negotiations on the asylum package and facilitating the conclusion of an agreement on the EURODAC Regulation, the Commission considered it more appropriate in 2010 to withdraw from the EURODAC Regulation those provisions referring to the access for law enforcement purposes and presented a new proposal on 11 October 2010 similar to the 2008 recast of the EURODAC Regulation.
The Commission noted that enabling the swifter adoption of the new EURODAC Regulation would also facilitate the timely set up of the Agency for the operational management of large-scale IT systems from 1 December 2012.
- Towards a new recast proposal: it has since become clear that including law enforcement access for EURODAC is needed as part of a balanced deal on the negotiations of the Common European Asylum System package in order to completing the package by the end of 2012. Accordingly the Commission has decided to present again proposals to permit law enforcement access to EURODAC, but on this occasion merged into a single new EURODAC Regulation as this is now possible since the entry into force of the TFEU and it is better legislative practice to present a single instrument.
Regulation (EU) No 1077/2011 of the European Parliament and the Council establishing a European Agency for the operational management of large-scale information systems in the area of freedom, security and justice provides that the Agency should perform the tasks relating to EURODAC conferred on the Commission as the authority responsible for the operational management of EURODAC in accordance with Regulations (EC) No 2725/2000 and (EC) No 407/2002 as well as certain tasks related to the communication infrastructure, namely, supervision, security and the coordination of relations between the Member States and the provider. The Agency should take up the tasks entrusted to it under this Regulation and the relevant provisions of Regulation (EU) No 1077/2011 should be amended accordingly.
May 2012: the current proposal therefore withdraws the 2010 proposal and replaces it with a new one in order to:
The intention is now to allow consultation of EURODAC by law enforcement authorities for the purpose of prevention, detection and investigation of terrorist offences and other serious criminal offences. This aims at enabling law enforcement authorities to request the comparison of fingerprint data with those stored in the EURODAC central database when they seek to establish the exact identity of or get further information on a person who is suspected of a serious crime or a crime victim. Fingerprint data constitute an important element of establishing the exact identity of a person and it is generally acknowledged as an important source of information for prevention, detection and investigation of terrorist offences and other serious criminal offences. Comparison of fingerprints in possession of Member States' designated law enforcement authorities and Europol with those stored in the EURODAC database will only be possible in case of necessity of such comparison in a specific case under well-defined circumstances.
IMPACT ASSESSMENT: the present amended proposal reinstates all of the provisions proposed in the lapsed draft Council Decision of 2009. In addition, it introduces two technical provisions relating to the asylum provisions. None of these elements is new and all were explored thoroughly in the impact assessments to the previous 2008 and 2009 proposals. Therefore, no new consultation and impact assessment were conducted specifically for the present proposal. However, the impact assessments of 2008 and 2009 are still valid for its purposes.
The relevant Impact Assessment concluded that access of law enforcement authorities to EURODAC is the only timely, accurate, secure and cost-efficient way to identify whether and if so, where data about asylum seekers are available in the Member States. No reasonable efficient alternative to EURODAC exists to establish or verify the exact identity of an asylum seeker that allows law enforcement authorities to obtain the same result.
LEGAL BASIS: Article 78 point (2) (e), Article 87 point (2) (a) and Article 88 point (2) (a) TFEU.
Article 78(2)(e) TFEU is the legal basis concerning criteria and mechanisms for determining which Member State is responsible for considering an application for asylum or subsidiary protection, which is the TFEU Article corresponding to the legal base of the original proposal (Article 63(1)(a) of the Treaty establishing the European Community) ;
Article 87(2)(a) is the legal basis for the elements related to the collation, storage, processing, analysis and exchange of relevant information for law enforcement purposes; and
Article 88(2) (a) is the legal basis for Europol's field of action and tasks including the collection, storage, processing, analysis and exchange of information.
CONTENT : this proposal amends the 2010 amended proposal for a Commission proposal for a Regulation of the European Parliament and of the Council concerning the establishment of 'Eudora' for the comparison of fingerprints for the effective application of Regulation (EC) No […/…] [establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person] – (see the summary of 11/10/2010).
It also amends Regulation (EU) No 1077/2011 of the European Parliament and of the Council establishing a European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice.
Main amending provisions
Marking of data: references to the "blocking" of data were changed in the 2008 recast to the "marking" of data concerning recognised beneficiaries of international protection. Under the original Regulation, the data of persons granted international protection remained on the EURODAC system but were blocked. As such, the EURODAC system recorded when there were hits concerning the fingerprints of recognised beneficiaries of international protection, but Member States were not informed of these hits. The new proposal was designed to "mark" these data instead of blocking, in order to inform the Member States if there is a hit for a marked data subject. This is to inform Member States if an existing beneficiary of international protection attempts to put in a fresh claim for asylum.
Law enforcement access to Eurodac: several of the amendments to the 2010 proposal are extracted directly from the lapsed September 2009 proposal on law enforcement access to EURODAC. As such, this part has been split into those areas amending the remainder of the proposal and amendments that are largely inspired by the September 2009 proposal, including their article references for ease of comparison.
The elements incorporated from the September 2009 proposal are the following:
The elements that were neither in the September 2009 proposal nor the 2010 proposal are the following:
Throughout the recast, the references to the "Management Authority" have been replaced with the "Agency".
Territorial provisions: Title V of the TFEU is not applicable to the United Kingdom and Ireland, unless those two countries decide otherwise, in accordance with the provisions set out in the Protocol on the position of the United Kingdom and Ireland annexed to the TEU and to the TFEU.
The United Kingdom and Ireland are bound by Council Regulation (EC) No 2725/2000 following their notice of their wish to take part in the adoption and application of that Regulation based on the above-mentioned Protocol. The position of these Member States with regard to the current Regulation does not affect their possible participation with regard to the amended Regulation.
Under the Protocol on the position of Denmark, annexed to the TEU and the TFEU, Denmark does not take part in the adoption by the Council of the measures pursuant to Title V of the TFEU (with the exception of "measures determining the third countries whose nationals must be in possession of a visa when crossing the external borders of the Member States, or measures relating to a uniform format for visas"). Therefore, Denmark does not take part in the adoption of this Regulation and is not bound by it or subject to its application. However, given that Denmark applies the current Eurodac Regulation, following an international agreement that it concluded with the EC in 2006, it shall, in accordance with Article 3 of that agreement, notify the Commission of its decision whether or not to implement the content of the amended Regulation.
The scope of association agreements with Iceland, Norway, Switzerland and Liechtenstein as well as the parallel agreement with Denmark does not cover law enforcement access to EURODAC. The current proposal, like the 2009 proposal, notes that the comparison of fingerprint data using EURODAC may only be made after national fingerprint databases and the Automated Fingerprint Databases of other Member States under Council Decision 2008/615/JHA (the Prüm Agreements) return negative results. This rule means that if any Member State has not implemented the above Council Decision and cannot perform a Prüm check, it also may not make a EURODAC check for law enforcement purposes. Similarly, any associated States that have not implemented or do not participate in the Prüm Agreements may not conduct such a EURODAC check.
BUDGETARY IMPLICATIONS: this proposal entails a technical amendment to the EURODAC central system in order to provide for the possibility of carrying out comparisons for law enforcement purposes. A new functionality to search on the basis of a latent is also proposed.
The proposal retains from the 2010 proposal the improvements of the system as regards new, asylum-focused functionalities regarding information on the status of the data subject (which were the outcome of negotiations in the Council). The financial statement attached to this proposal reflects this change and is also valid for the elements concerning the request for comparison with EURODAC data by Member States' law enforcement authorities and by Europol for the purposes of prevention, detection and investigation of terrorist offences and other serious criminal offences – see COM(2009)0344.
The non-administrative cost estimate of EUR 2,415 million (EUR 2,771 million including administrative / human resources costs) includes costs of 3 years of technical maintenance, and consists of IT-related services, software and hardware and would cover the upgrade and customisation to allow searches for law enforcement purposes and also the changes for the original asylum purpose unrelated to law enforcement access. The amounts of the EURODAC recast proposal adopted on 10 September 2009 have largely been reproduced in the present financial statement and only altered slightly to reflect the staffing costs in the IT Agency. Given the relatively small overall cost, no extra resources and no rectification of the Home Affairs budget will be sought and funding will be found from within existing budget lines, either of the IT Agency or from the Home Affairs budget.