The European Parliament adopted a resolution drafted by Baroness Sarah LUDFORD (ALDE, UK) amending the proposed regulation on the Visa Information System (VIS) and the exchange of data between Member States on short-stay visas. Parliament’s text was the result of an agreement with Council aimed at ensuring that the legislative process is completed at the first reading stage. The key amendments were as follows:
- the aims of the VIS should include facilitating the visa application procedure and contributing to the prevention of threats to the internal security of any of the Member States;
- Parliament amended Article 3 relating to the availability of data for the prevention, detection and investigation of terrorist offences and other serious criminal offences. Designated authorities of the Member States and Europol may access data contained in the VIS in specific cases and following a substantiated written or electronic request, if this can contribute to the prevention, detection or investigation of terrorist offences and other serious criminal offences. This access will be indirect, via central access points which will have to check that all the relevant conditions for accessing the data are complied with. In exceptional cases of urgency, these checks can be made afterwards;
- a number of definitions were amended and Parliament inserted a definition for "alphanumeric data" ;
- each competent authority authorised to access the VIS shall ensure that the use of the VIS is necessary, appropriate and proportionate to the performance of tasks of the competent authorities. Each competent authority shall ensure that in using the VIS, it does not discriminate against applicants and visa holders on grounds of sex, racial or ethnic origin, religion or belief, disability, age or sexual orientation and that it fully respects the human dignity and the integrity of the applicant or of the visa h holder.
- where particular data is not required to be provided for legal reasons or factually cannot be provided, the specific data field(s) shall be marked as "not applicable". In the case of fingerprints, the system shall permit a distinction to be made between the cases where fingerprints are not required to be provided for legal reasons and the cases where they cannot be provided factually; after a period of four years this functionality shall expire unless it is confirmed by a Commission decision on the basis of the evaluation ;
- Parliament expanded the list of data to be provided upon lodging the application ;
- after a transitional period, a management authority funded from the general budget of the European Union, shall be responsible for the operational management of the Central VIS and the National Interfaces. The Management Authority shall ensure, in cooperation with the Member States, that at all times the best available technology, subject to a cost-benefit analysis, is used for the Central VIS and the National Interfaces ;
- during a transitional period before the Management Authority takes up its responsibilities, the Commission shall be responsible for the operational management of the VIS. The Commission may delegate that task and tasks relating to implementation of the budget to national public-sector bodies, in two different countries. The latter must meet specified selection critieria ;
- the principal Central VIS, which carries out technical supervision and administration, shall be located in Strasbourg (France) and a backup Central VIS, capable of ensuring all functionalities of the principal Central VIS in case of failure of this system, shall be located in Sankt Johann im Pongau (Austria) ;
- before being authorised to process data stored in the VIS, the staff of the authorities having a right to access the VIS shall receive appropriate training about data security and data protection rules and shall be informed of any relevant criminal offences and penalties. ;
- data processed in the VIS shall not be transferred or made available to a third country or to an international organisation. However, a derogation may be made in individual cases for the purpose of proving the identity of third-country nationals, including for the purpose of return, only where certain conditions are satisfied ;
- each application file shall be stored in the VIS for a maximum of five years
- each Member State must adopt a security plan ;
- access to VIS data by other authorities will be permitted for certain specific purposes such as verification at external borders, verification of the identity of the visa holder or the authenticity of the visa, examination of an asylum application, etc.;
- a new article provided for active cooperation between the National Supervisory Organisations and the European Data Protection Supervisor, which shall draw up a joint report of activities every two years.