Schengen Information System (SIS) in the field of border checks  
2016/0408(COD) - 21/12/2016  

PURPOSE: to reform the Schengen Information System (SIS) in order to enhance the general provisions of EU border management.

PROPOSED ACT: Regulation of the European Parliament and of the Council.

ROLE OF THE EUROPEAN PARLIAMENT: the European Parliament decides in accordance with the ordinary legislative procedure and on an equal footing with the Council.

BACKGROUND: in 2016, the Commission carried out a comprehensive evaluation of SIS, three years after the entry into operation of its second generation. This evaluation showed that SIS has been a genuine operational success.

Nonetheless, the effectiveness and efficiency of the system should be further strengthened. To this end, the Commission is presenting a first set of three proposals to improve and extend the use of SIS as result of the evaluation while continuing its work to make existing and future law enforcement and border management systems more interoperable.

These proposals cover the use of the system for:

CONTENT: the present proposal and the supplementary proposal on the use of the SIS for police and judicial cooperation in criminal matters lay down rules covering the comprehensive end-to-end use of SIS, including the Central SIS managed by eu-LISA Agency, but also the needs of the end-user.

End-to-end use of SIS: with over 2 million end-users in the competent authorities across Europe, SIS is an extremely widely used and effective tool for information exchange. This proposal as well as the parallel proposals include rules covering the complete end-to-end operation of the system, including Central SIS operated by eu-LISA, the national systems and the end-user applications. It addresses not only the central and national systems themselves, but also the end-users' technical and operational needs.

In order to use SIS to its full effectiveness Member States should ensure that each time their end-users are entitled to carry out a search in a national police or immigration database, they also search SIS in parallel. This way SIS can fulfil its objective as the main compensatory measure in the area without internal border controls and Member States can better address the cross-border dimension of criminality and the mobility of criminals.

Data quality: the proposal maintains the principle that the Member State, which is the data owner, is also responsible for the accuracy of the data entered in SIS. It is, however, necessary to provide for a central mechanism managed by eu-LISA which allows Member States to regularly review those alerts in which the mandatory data fields may raise quality concerns.

The proposal empowers eu-LISA to produce data quality reports to Member States at regular intervals.

Photographs, facial images, dactylographic data and DNA profiles: the possibility to search with fingerprints with a view to identify a person is already set out in existing Regulation.  Two new proposals make this search mandatory if the identity of the person cannot be ascertained in any other way.

Currently, facial images can only be used to confirm a person's identity following an alphanumeric search, rather than as the basis for a search. Furthermore, changes make provision for facial images, photographs and palm prints to be used to search the system and identify people, when this becomes technically possible. Dactylography refers to the scientific study of fingerprints as a method of identification. Palm prints can be used to establish a person's identity in the same way that fingerprints can be used.

The use of facial images for identification will ensure greater consistency between SIS and the proposed EU Entry Exit System, electronic gates and self-service kiosks. This functionality will be limited to the regular border crossing points.

Access by authorities to SIS – institutional users: this section is intended to describe the new elements in access rights with regard to EU Agencies (institutional users). Appropriate safeguards are put in place to ensure that the data in the system is properly protected (including the provisions requiring that these bodies may only access the data they need to carry out their tasks). 

The access rights of competent national authorities have not been amended.

Refusal of entry and stay: currently, a Member State may insert an alert in SIS in respect of persons subject to an entry ban based on a failure to comply with national migration legislation. With the new proposal, it shall be required that an alert be entered in SIS in any case in which an entry ban has been issued to an illegally staying third country national (this provision is inserted in order to avoid that entry bans are visible in SIS while the third-country national concerned is still present on the EU territory).

This proposal is closely linked with the Commission proposal concerning the use of SIS for the return of illegally staying third country nationals.

In order to allow entering such alerts it was necessary to require the minimum data necessary for the identification of the person, namely surname and date of birth which was not obligatory in the former legislation.

Data protection and security: the proposal clarifies responsibility for preventing, reporting and responding to incidents that might affect the security or integrity of SIS infrastructure, SIS data or supplementary information. It provides that the Commission remains responsible for the contractual management of the SIS communication infrastructure, including tasks which will be transferred to eu-LISA.

Categories of data and data processing: in order to provide more and more precise information to the end-users to facilitate and accelerate the required action as well as to allow the better identification of the alert subject this proposal expands the types of information that can be held about people for whom an alert has been issued.

The proposal also expands the list of personal data that may be entered and processed in SIS for the purpose of dealing with misused identities as more data facilitates the victim and the perpetrator of misused identity. The extension of this provision entails no risk as all these data can only be entered upon the consent of the victim of misused identity.

This will now also include:

  • facial images;
  • palm prints;
  • details of identity documents;
  • the victim's address;
  • the names of the victim's father and mother.

The proposal sets out the rights for data subjects to access data, rectify inaccurate data and erase unlawfully stored data.

Lastly, provisions are laid down as regards statistics on the use of the SIS.

BUDGETARY IMPLICATIONS: the estimated cost is EUR 64.3 million from 2018-2020.