Visa Information System (VIS) and exchange of data between Member States on short-stay visas (VIS Regulation)

The Commission adopted a report on the implementation of Regulation (EC) No 767/2008 of the European Parliament and of the Council establishing the Visa Information System (VIS), the use of fingerprints at external borders and the use of biometrics in the visa application procedure/REFIT Evaluation

The current legal framework: the legal framework adopted to establish the VIS includes the following acts:

• Council Decision 2004/512/EC established the VIS itself;
• Regulation (EC) No 767/2008 laying down the VIS’s purpose, functionalities and responsibilities and the conditions and procedures for the exchange of visa data between Member States;
• Regulation (EC) No 810/2009 (the Visa Code) setting out the rules on the registration of biometric identifiers in the VIS.

The VIS is instrumental in order to:

1. improve the implementation of the common visa policy, consular cooperation and consultation between central authorities to prevent threats to internal security and ‘visa shopping’;
2. facilitate the fight against fraud and checks at external border crossing points and within the Member States’ territory;
3. assist in the identification and return of illegal immigrants;
4. facilitate the application of the Dublin Regulation.

The VIS specifically contributes to safeguarding the Member States’ internal security and combating terrorism and illegal immigration by improving and facilitating the procedures for issuing visas.

Visa statistics: at the moment, around 16 million Schengen visas are issued every year by the 26 Member States and Schengen associated countries. By the end of March 2016 data on close to 23 million visa applications and 18.8 million fingerprints had been entered in the VIS.

Assessment and monitoring: the VIS legal framework provided for an evaluation of the relevant acts.  On this basis, and considering as well the overall principles and criteria for carrying an evaluation of EU policy instruments in the context of the Regulatory and Fitness (REFIT) programme, the Commission launched in 2015 the first evaluation of the system since its entry into operation (2011).

This evaluation was performed internally by the Commission. A number of different data collection tools were used to gather information, which included the opinions of third-country nationals and governments of countries under visa obligation worldwide.

Main conclusions and recommendations: overall, the findings of the evaluation point to the fact that the introduction of the VIS has led to:

• a simplification and facilitation of the visa application process by ensuring that data gathered by all Member States are stored and exchanged via a common system ;
• a reduction in the administrative burden of national administrations ; and
• clear, smooth and effective procedures when dealing with processing visa applications, performing checks at external borders or in the territory, identifying third country nationals for migration or return purposes or examining asylum applications.

A majority of Member States concurred that the introduction of the VIS facilitated the checks at external border crossing points and within the Member States’ territory. Furthermore, many Member States felt that the introduction of the VIS had supported the application of the Dublin Regulation by helping to determine which Member State was responsible for examining an asylum application in cases where a visa had been issued by a Member State to the asylum applicant.

For almost half of the responding Member States the introduction of the VIS had a positive impact on the prevention of threats to the Member States’ internal security.

Problems revealed by the evaluation: the evaluation has, however, shown that there is are some deficiencies in the system, the main ones being as follows:

• data quality: quality problems have been found for both alphanumeric and biometric data: these problems (recurrent since the launch of VIS) are at the top of the list of priority areas identified by the evaluation;
• monitoring and statistics: finding informative and reliable statistics was one of the major hurdles encountered while gathering information for the evaluation. However, this is essential for the system to function properly;
• use of the VIS when collecting the data: while the evaluation found that the VIS significantly facilitated the fight against visa fraud, the system was not conceived to prevent fraud  during a visa application. Given that the obligation to check travellers’ fingerprints makes it harder for fraudsters to cross the border using fraudulent visa stickers, a possible knock-on effect could be a shift from the use of fraudulent visa stickers towards the use of visas obtained under false pretences in consulates (at the time of applying for a visa). To prevent this, consulates should verify the applicant’s identity before taking the fingerprints;
• use of the data for law enforcement purposes: access to VIS for law enforcement purposes remains fragmentary in most Member States. In particular, the possibility for fingerprint searches is not yet used;
• data protection in the VIS: ensuring that data subjects can access, rectify and erase data held about them increases the transparency of data processing for them. A notable phenomenon identified by the evaluation was the absence, or very low number, of requests by data subjects to exercise their rights to access, correct or delete their personal data stored in the VIS. The finding could be explained by Member States’ good performance on the protection of personal data.

To ensure that these problems might be rectified, the Commission proposes a series of short and long-term measures.

For example, as regards the quality of fingerprints, the system needs to be technically adjusted so that it can better distinguish between cases where fingerprints are not required for legal reasons and cases where there is a factual reason why they cannot be provided. Alternative standards could also be put in place, such as taking photographs directly when applying for a visa. As a short term solution, the Commission proposes that eu-LISA should be entrusted with a role, including the task of producing data quality reports.

With respect to access to the VIS for law enforcement purposes, the Commission suggests that law enforcement authorities could be given the possibility to search the VIS using latent fingerprints and photographs.

It goes on to propose a series of other solutions to the problems discussed. However, certain problems cannot be resolved without a revision of the legal basis of the VIS. These include:

• transferring the responsibility for producing statistics to eu-LISA;
• interconnectivity with other systems;
• improved data quality rules and the production of data quality reports;
• scrapping obsolete provisions of the current law (e.g. on the roll-out, the setup and transition to VIS Mail or various transition periods).

Where a legislative revision is envisaged, the Commission will conduct an impact assessment.