The committee adopted the report by Baroness Sarah LUDFORD (ALDE, UK) amending - under the 1st reading of the codecision procedure - the proposed regulation on the Visa Information System (VIS) and the exchange of data between Member States on short-stay visas. The text proposed by the committee was the result of an agreement with Council aimed at ensuring that the legislative process is completed at the first reading stage if the report is endorsed by the plenary:
- the aims of the VIS should include facilitating the visa application procedure and contributing to the prevention of threats to the internal security of any of the Member States;
- designated authorities of the Member States and Europol may access data contained in the VIS in specific cases and following a substantiated written or electronic request, if this can contribute to the prevention, detection or investigation of terrorist offences and other serious criminal offences. This access will be indirect, via central access points which will have to check that all the relevant conditions for accessing the data are complied with. In exceptional cases of urgency, these checks can be made afterwards;
- transfer of data to third countries or international organisations may take place only "in an exceptional case of urgency (...) exclusively for the purposes of the prevention and detection of terrorist offences and of other serious criminal offences", and will be subject to the conditions set out in the proposed Council Decision on access for consultation of the VIS (see procedure CNS/2005/0232). Moreover, such transfer may only take place if it is in accordance with the national law of the Member State which entered the data. Transfers will be fully recorded and made available to national data protection authorities. Transfers of personal data to third countries or international organisations shall not prejudice the rights of refugees and those requesting international protection, in particular as regards non-refoulement;
- a new article laid down general principles for access to the VIS by the competent authorities, which must ensure that the use of VIS data is "necessary, appropriate and proportionate" to the performance of their tasks. Moreover, the authorities must ensure that use of the data does not lead to discrimination against visa applicants and visa holders on grounds of sex, racial or ethnic origin, religion or belief, disability, age or sexual orientation, and that the human dignity and the integrity of the applicant or visa holder is fully respected;
- access to VIS data by other authorities will be permitted for certain specific purposes such as verification at external borders, verification of the identity of the visa holder or the authenticity of the visa, examination of an asylum application, etc.;
- the retention period for data storage shall be 5 years maximum;
- after a transitional period, the VIS database will be managed by a permanent Management Authority funded from the EU budget. The Authority will report to Parliament, the Commission and the Council every two years on the technical functioning of the VIS, including the security of the system. During the transitional period, the Commission will be responsible for the operational management of the VIS;
- the principal Central VIS, which carries out technical supervision and administration, will be located in Strasbourg (France), while a back-up Central VIS (in case of failure of the principal system) will be located in Sankt Johann im Pongau (Austria);
- a new article provided for active cooperation between the National Supervisory Organisations and the European Data Protection Supervisor, which shall draw up a joint report of activities every two years.