The European Parliament adopted a legislative resolution approving the Council position at first reading with a view to the adoption of a regulation of the European Parliament and of the Council amending Regulations (EC) No 767/2008, (EC) No 810/2009, (EU) 2016/399, (EU) 2017/2226, (EU) 2018/1240, (EU) 2018/1860, (EU) 2018/1861, (EU) 2019/817 and (EU) 2019/1896 of the European Parliament and of the Council and repealing Council Decisions 2004/512/EC and 2008/633/JHA, for the purpose of reforming the Visa Information System.
The Regulation amending the Visa Information System (VIS) aims to further develop the VIS in order to better respond to new challenges in the field of visa, border and security policies.
The VIS is the EU's information system for facilitating the procedure for issuing short-stay visas (Schengen visas) and for assisting visa, border, asylum and migration authorities in checking third-country nationals who require a visa to travel to the Schengen area.
Objective
The amending regulation has the following objectives:
- to facilitate the visa application procedure;
- to strengthen background checks before a decision is taken on a short or long stay visa and residence permit, as well as identity checks at external border crossing points and on the territory of the Member States; and
- to enhance the internal security of the Schengen area by facilitating the exchange of information between Member States on third-country nationals holding a long-stay visa or residence permit.
Scope of the VIS
The Council position at first reading includes in the revised VIS, in addition to short-stay visas, long-stay visas and residence permits, which, while being governed by national rules, allow free movement within the Schengen area. This broadening of the scope of the VIS will allow authorities of Member States other than the issuing authority to carry out a verification of this document and its holder at the borders or on the territory of the Member States.
Background checks
The Council position allows visa authorities to carry out automated checks in other databases using the interoperability framework. However, it provides for separate rules and procedures for searches in sensitive and non-sensitive databases. A delegated act will define the detailed rules for queries and verifications.
All applications registered in the VIS - whether for short-stay visas, long-stay visas or residence permits - will automatically be subject to checks in all other EU security and migration information systems.
Consequential amendments
The Council's position amends the regulations that form part of the Schengen acquis related to external borders (VIS, Entry/Exit System (EES), European Travel Information and Authorisation System (ETIAS), SIS return, SIS border and interoperability in the border area).
The amendments to the Regulations that are not part of the Schengen acquis or constitute texts relating to Schengen police cooperation (Eurodac, Europol Regulation, SIS police cooperation, ECRIS-TCN and police cooperation interoperability) are contained in a separate legal instrument, due to the variable geometry of Member States' participation in EU policies in the area of freedom, security and justice.
However, the two Regulations will be implemented together to ensure the smooth functioning and effective use of the VIS system.
Biometric data
The Council position lowers the age at which fingerprints can be taken from minors from 12 to 6 years, but also introduces an upper age limit for fingerprinting, set at 75 years. At the same time, the collection of biometric data from children is accompanied by stricter safeguards and a limitation of the purposes for which these data can be used to situations where the best interests of the child are at stake with, in particular, a limitation of the retention period of the data.
Live facial images will be stored in the Visa Information System and used for biometric matching, in particular to verify the identity of persons or to identify them by comparing their image with those stored in the Visa Information System, subject to certain conditions and strict safeguards.
Specific risk indicators
Specific risk indicators will be integrated into the Visa Information System as an automated mechanism, which will examine all short-stay visa applications.
These indicators will not contain any personal data and will be based on statistics and information provided by Member States on threats, abnormal rates of refusal or overstay for certain categories of third-country nationals, and risks to public health.
Law enforcement access to VIS data
Designated authorities and Europol will have more structured access to the VIS, including to long-stay visas and residence permits, for the purpose of the prevention, detection and investigation of terrorist offences or other serious crimes, under specific conditions and in accordance with EU data protection rules and other safeguards provided for in the VIS.
Contribution to the EU readmission policy
The VIS will contribute to the efficiency of the EU return policy: copies of the applicant's travel document will be stored in the VIS, a measure which will facilitate the identification and readmission of persons without travel documents who are subject to a return procedure. In addition, Frontex, and in particular the Frontex teams involved in return operations, will have access to the VIS.
Transporters
Carriers will have (limited) access to VIS data (OK/NOT OK response) via the carrier’s gateway for the purpose of checking visas and residence permits. Carriers should inform passengers denied boarding on how to request access to VIS data. A derogation from these provisions should apply to carriers transporting groups for the first 18 months after the application has been made.
Fundamental rights
The Council position expands the provisions on general principles in order to strengthen the protection of fundamental rights when personal data are processed in the VIS, in particular with regard to the prohibition of discrimination against applicants. It aligns the data protection provisions of the VIS with the standards set in the General Data Protection Regulation (GDPR).