(EP BRIEFING) Revision of the Schengen Information System for law enforcement

ORIGINAL PUBLISHED HERE (PDF FILE)

by Costica Dumbrava (Members’ Research Service)

OVERVIEW

The Schengen Information System (SIS) is a large-scale information database that supports external border control and law enforcement cooperation in the Schengen states. It enables competent authorities, such as police and border guards, to enter and consult alerts on certain categories of wanted or missing persons and lost or stolen property. In December 2016, the European Commission adopted a package of proposals aimed at responding more effectively to new migration and security challenges. One of these proposals is focused on improving and extending the use of the SIS in the field of police cooperation and judicial cooperation in criminal matters. It clarifies procedures, creates new alerts and checks, extends the use of biometrics, and enlarges access for law enforcement authorities. The proposal is part of a legislative package that includes a proposal to revise the rules of the SIS in the field of border checks and a proposal for establishing a new role of the SIS in the return of illegally staying third-country nationals.

Proposal for a regulation of the European Parliament and of the Council on the establishment, operation and use of the Schengen Information System (SIS) in the field of police cooperation and judicial cooperation in criminal matters, amending Regulation (EU) No 515/2014 and repealing Regulation (EC) No 1986/2006, Council Decision 2007/533/JHA and Commission Decision 2010/261/EU
Committee responsible: Civil Liberties, Justice and Home Affairs (LIBE) COM(2016) 883 21.12.2016
Rapporteur: To be appointed 2016/0409(COD)
Shadow rapporteurs: Next steps expected: To be appointed

Initial discussions in committee

Ordinary legislative procedure (COD) (Parliament and Council on equal footing – formerly ‘co-decision’)

 

Introduction

The Schengen Information System (SIS) was established by the Convention implementing the Schengen Agreement in 1990, as a primary compensatory measure for the abolition of controls at the internal borders in the Schengen area. SIS II – the current version of the SIS – was established in 2006 and became operational in 2013. Its legal basis is currently defined by Regulation (EC) No 1987/2006 on alerts on persons, Regulation (EC) No 1986/2006 on alerts on vehicles, and Council Decision 2007/533/JHA on alerts on missing and wanted persons and objects.

To respond more effectively to new migration and security challenges in recent years, the European Union (EU) has decided to implement a set of measures aimed at strengthening its external borders, and enhancing cooperation and information exchange between Member States. One such measure was the proposal for a European Border and Coast Guard Agency in 2015 which resulted in the guard being launched in October 2016. Similarly, in December 2015, the European Commission proposed a targeted modification of the Schengen Borders Code to establish mandatory systematic checks for all travellers entering or exiting the EU, and put forward a proposal for a directive on combating terrorism. In January 2016, the European Commission launched a proposal for a directive on the European criminal records information system. In May 2016, the European Commission proposed a revision of the Eurodac Regulation to allow the Eurodac database to be used for identifying illegally staying third-country nationals who do not claim asylum in the EU.

The proposal for a European travel information and authorisation system, put forward in November 2016, is aimed at introducing a mechanism requiring visa-exempt third-country nationals to obtain authorisation to travel to the Schengen area.
In December 2016, the European Commission launched a proposal to establish an EU entry/exit system for recording data on the entry and exit of third-country nationals crossing the EU’s external borders.
The proposal on the revision of the SIS in the field of police cooperation and judicial cooperation is part of a legislative package along with a proposal to revise the SIS in the field of border checks and a proposal to use the SIS for the return of illegally staying third-country nationals.
The first two proposals contain a number of identical provisions and would constitute the new legal basis for the SIS. The Commission announced it will launch a second set of proposals, to further improve the interoperability of the SIS with other information technology (IT) systems, in mid-2017.

 DeathForTerrorism

Figure 1 -Terrorism-related arrests, attacks and deaths

Data source: Europol, 2014; 2015; 2016.

Context

In 2015, Frontex recorded 1.8 million detections of irregular crossings of the EU’s external borders (about 1 million irregular migrants). Despite EU efforts to stop the flow of irregular migrants, about 0.5 million detections are estimated to have been made in 2016. The number of terrorist attacks in the EU – foiled, failed and completed attacks – increased from 152 to 211 from 2013 to 2015, while the number of persons arrested on terrorism-related charges has doubled in the same period (see Figure 1). At least 151 persons were killed in terrorist attacks in 2015 and the number of deaths caused by such attacks remained high in 2016. Although the majority of perpetrators were EU citizens, many had links with terrorist organisations from outside the EU, and some entered the EU irregularly by exploiting weaknesses of the EU external borders. According to Europol, the perpetrators of the Charlie Hebdo attacks in Paris had links to Al-Qaeda in the Arabian Peninsula (AQAP) in Yemen, while a number of the suspects involved in the November 2015 Paris attacks had previously travelled to and been trained in Syria. The growing phenomenon of foreign fighters (EU citizens travelling to conflict zones abroad to engage in fighting) reveals another dimension of the complex relationship between migration and cross-border crime. In 2015, about 5 000 EU citizens travelled abroad to engage in terrorist activities. The crackdown against the self-proclaimed ‘Islamic State’ in Iraq and Syria (ISIL/Da’esh) has raised serious concerns about the return to Europe of many of these foreign fighters.

Existing situation

Characteristics of the SIS

The SIS consists of three components: 1) a central system; 2) national systems in each Member State that communicate with the central system; and 3) a communication infrastructure. Member States can enter, update, delete, and search data via their national systems, and exchange information via the supplementary information request at the national entry bureaux (Sirene). Member States are responsible for setting up, operating and maintaining their national systems and national Sirene bureaux. The EU Agency for large-scale IT systems in the area of freedom, security and justice (eu-LISA) is responsible for the operational management of the central system and the communication infrastructure. The Commission is responsible for the general oversight and evaluation of the system and for the adoption of implementing measures. The European Data Protection Supervisor (EDPS) monitors the application of the data protection rules for the central system, while the national data protection authorities supervise the application of the data protection rules in their respective countries.

SIS alerts cover the following categories of persons and objects:

  • refusal of entry or stay to third-country nationals who are not entitled to enter or stay in the Schengen area;
  • persons for whom a European arrest warrant or an extradition request (in the case of associated countries) has been issued;
  • missing persons, in view of placing them under protection, if necessary;
  • persons sought to assist with criminal judicial procedures;
  • persons and objects for discreet or specific checks, in view of prosecuting criminal offences and preventing threats to public or national security;
  • objects for seizure or use as evidence in criminal procedures.

SIS alerts consist of three types of data: identification data for the person or object an alert is about; information about why the person or object is being sought; and instructions for concrete action to be taken by officers on the ground when the person or object is found.

Access to data is given to national authorities responsible for border control, police, customs, visa and vehicle registration and, by extension, to national judicial authorities when this is necessary for the performance of their tasks.

The European Police Office (Europol) and the European Union’s Judicial Cooperation Unit (Eurojust) have limited access rights for performing certain types of queries. SIS checks are mandatory for the processing of short-stay visas, for border checks for third-country nationals and, on a non-systematic basis, for EU citizens and other persons enjoying the right of free movement. Every police check on the territory of a Schengen state should include a check in the SIS. Any person has the right to access SIS data related to them, as provided for by the national law of the Member State concerned. Access may only be refused when this is indispensable for the performance of a lawful task related to an alert, and for protecting the rights and freedoms of other people. Individuals may bring actions before the courts or other authorities competent under the national law to access, correct, delete or retrieve information, or to obtain compensation in connection with an alert relating to them.

Identified shortcomings

According to eu-LISA reports, the total number of alerts inserted in the SIS increased between December 2013 and December 2015 (see Figure 2). These alerts have been distributed unevenly across Member States.

In 2015, three countries had more than half of the total number   of   alerts:   Italy   (18 million), Germany     (9.5 million)     and     France (6.5 million). Despite an increase in the total number of SIS alerts between 2013 and 2015, the number of alerts on persons  has slightly decreased. The number of searches   in   the   SIS   increased   from 1.2 billion to 2.9 billion between April 2013 and December 2015. Member States do not use the SIS equally: in 2015, three Member States conducted about half of the searches: France (555 million), Spain (398 million) and Germany (393 million).
Currently, identity checks in the SIS are based on alphanumeric searches (name and date of birth).
Fingerprints can be used only in order to verify and confirm the identity of a person who has already been identified by name. The SIS legal framework allows the use of facial images and fingerprints in order to verify identity, provided that the necessary technology is available.
In 2016, the European Commission asked eu-LISA to start working on implementing the fingerprint functionality in the SIS. In its March 2016 report, the European Counter-terrorism Coordinator (ECTC) pointed to problems related to the absence of common standards for inserting alerts, interpreting and reporting information in SIS.
With regard to using SIS to combat terrorism, the ECTC noted that Member States continue to apply different standards and did not enter systematically in SIS identified foreign terrorist fighters.
The European Commission has made several legal and technical improvements to the SIS to enable real-time communication from the ground to relevant services in other Member States, and to improve information exchange on terrorist suspects.
In 2015, the Commission revised the Schengen handbook and finalised a set of common risk indicators to be used during border checks in order to detect foreign terrorist fighters. The proposal for a directive on combating terrorism obliges Member States to enter systematically in the SIS alerts on suspected or convicted terrorist offenders.
Currently, there is little interoperability and interconnection between different information systems. The ECTC reported a discrepancy between the numbers of SIS alerts on national security grounds and the number of entries on foreign terrorist fighters in the Europol’s European information system (EIS). All SIS alerts related to terrorism should, by default, also be recorded in the EIS. The Commission announced that it would start working towards introducing a single search interface to allow simultaneous searches to be performed in all relevant systems without changing existing access rights.

Parliament’s starting position

The European Parliament has consistently advocated more effective cooperation between Member States’ law enforcement authorities, provided that appropriate safeguards on data protection and privacy are maintained.
In its resolution of 17 December 2014 on renewing the EU internal security strategy, the Parliament called on the Member States to make better use of valuable existing instruments, including through ‘more expeditious and efficient sharing of relevant data and information’.
In its resolution of 11 February 2015 on anti-terrorism measures, the Parliament restated its call on the Member States to make optimal use of existing databases, and reiterated that ‘all data collection and sharing, including by EU agencies such as Europol, should be compliant with EU and national law and based on a coherent data protection framework offering legally binding personal data protection standards at an EU level’.
In its resolution of 6 July 2016 on the strategic priorities for the Commission work programme 2017, the Parliament called on the Commission to present proposals to improve and develop existing information systems, address information gaps and move towards interoperability.

Council and European Council starting positions

The European Council has repeatedly called to reinforce the management of the EU’s external borders in order to cope with migration pressure and security challenges.
The European Council’s strategic guidelines for justice and home affairs of June 2014 identified the need to improve the link between the EU’s internal and external policies, and called for the intensification of operational cooperation among Member States, ‘while using the potential of information and communication technologies’ innovations’.
In its conclusions of 15 October 2015, the European Council called for devising ‘technical solutions to reinforce the control of the EU’s external borders to meet both migration and security objectives, without hampering the fluidity of movement’. In its conclusions of 17- 18 December 2015, the European Council urged to address the shortcomings at the external borders, notably by ensuring systematic security checks with relevant databases.
On 16 September 2016, the 27 Heads of State or Government attending the Bratislava Summit adopted the Bratislava declaration and roadmap, in which they called for the intensification of cooperation and information exchange, and urged the ‘adoption of the necessary measures to ensure that all persons, including nationals from EU Member States, crossing the Union’s external borders will be checked against the relevant databases, that must be interconnected’.
The Council also called for ‘reinforc[ing] border security through systematic and coordinated checks against the relevant databases based on risk assessment’, and for ‘improving information exchange and accessibility, especially by ensuring the interoperability of different information systems’ in its conclusions of 10 June 2015 on the renewed European Union internal security strategy 2015-2020.
On 6 June 2016, the Council Presidency put forward a roadmap to enhance information exchange and information management including interoperability solutions in the area of justice and home affairs. In a note on IT measures related to border management, presented on 3 October 2016, the Council Presidency maintained that well-functioning information architecture constituted a prerequisite for effective border management.

Preparation of the proposal

In April 2016, the European Commission adopted a communication on stronger and smarter information systems for borders and security, in which it identified a number of key shortcomings in the existing information systems and explored options on how existing and future information systems could enhance external border management and internal security.
With regard to the SIS, the communication outlined several possible developments: the creation of SIS alerts on irregular migrants subject to return decisions; the use of facial images for biometric identification; the automatised transmission of information on a hit following a check; and the creation of a new alert category on ‘wanted unknown persons’.
In June 2016, the high-level expert group on information systems and interoperability (HLEG) was established to work on a joint strategy to make data management in the EU more effective and efficient. The HLEG is composed of high-level representatives of the Commission, Member States, associated members of the Schengen area (Iceland, Norway and Switzerland), EU agencies (eu-LISA, Frontex, the European Union Agency for Fundamental Rights (FRA), the European Asylum Support Office (EASO) and Europol) and the Counter-terrorism Coordinator.
The Council Secretariat and representatives of the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs (LIBE) participate as observers.
The HLEG’s interim report, presented in December 2016, emphasised the need to raise the standards of data quality and data usage, and identified priority options to be considered in promoting information systems interoperability.
The comprehensive evaluation of the SIS II, finalised by the Commission in December 2016, found that, despite the ‘obvious success’ of the system, changes were needed in order to provide a better response to ongoing security and migration challenges.
The report emphasised the need to reinforce the use of the SIS for counter-terrorism purposes, to clarify the situation of children who are under threat of parental abduction, to extend the use of biometric identifiers and to enhance security standards, data quality and the transparency of SIS.
In the preparation of the proposal, the Commission took into account the results of consultations with relevant stakeholders, such as the SISVIS committee, the SIS II supervision coordination group, and the Member States’ national data protection authorities. The Commission did not carry out an impact assessment but relied on the findings of three independent studies.

The changes the proposal would bring

New alerts and checks

The proposal would introduce a new alert category of ‘unknown wanted persons’ who are connected to a crime, for example persons whose fingerprints are found on a weapon used in a crime.
The scope of the existing alert on missing persons would be extended to allow national authorities to issue preventive alerts for children who are at high risk of parental abduction. The proposal would establish an obligation on the Member States to create SIS alerts for cases related to terrorist offences.
A new ‘inquiry check’ would allow authorities to question a person more thoroughly than in the case of a discreet check, in order to gather more information about the person and to decide on whether further action should be taken. This new type of check is intended to support measures to counter terrorism and serious crime. The proposal would further expand the list of objects for which alerts can be issued, to cover, for example, blank official documents, issued identity papers, vehicles, falsified documents and falsified banknotes.

Extended use of biometrics

The proposal would provide for more effective use of existing biometrics, such as facial imaging and fingerprints and introduce new elements of biometric identifiers, such as palm prints and DNA profiles. It would be mandatory to carry out a fingerprint search if the identity of the person cannot be ascertained in any other way. The system would allow for the storage of fingerprints of ‘unknown wanted persons’. DNA profiles could be used in the case of missing persons who need to be placed under protection when fingerprint or palm prints are not available.

Wider access for law enforcement authorities

The proposal would grant access to SIS to national authorities responsible for examining conditions, and taking decisions, relating to entry, stay, and return of third-country nationals on the territory of Member States.
The extension of access to various immigration authorities would enable the consultation of SIS in relation to irregular migrants who have not been checked at a regular border control. Registration authorities for boats and aircraft would receive limited access to SIS to carry out their tasks, provided that they are governmental services. Europol would receive full access rights to SIS, including to alerts on missing persons. The European border and coast guard agency and its teams would be allowed to access SIS when carrying out operations in support of Member States.

Enhanced data protection and security

The proposal would allow to enter more detailed information in alerts, such as whether a person is involved in terrorism-related activities (as defined by Articles 1-4 of Council Framework decision 2002/475/JHA on combating terrorism), details of a person’s identity or travel documents, and other person-related remarks.
It would expand the list of personal data to be entered and processed in SIS for the purpose of dealing with misused identities. It would provide for the recording of the details of data subjects’ personal identification documents and make it possible to categorise missing children according to the circumstances of their disappearance.
The proposal would introduce additional safeguards to ensure that the collection and processing of, and access to, data is limited to what is strictly necessary, in full respect of EU legislation and fundamental rights. It would provide for specific alert-deletion rules and reduce the retention period for object alerts.
According to the proposal, Member States would be prohibited from copying data entered by another Member State into other national data files.
The proposal would establish a uniform set of rules and obligations for end-users (officers on the ground) on how to access and process SIS data in a secure way. In order to ensure proper monitoring of SIS, eu-LISA would be charged with providing daily, monthly and annual statistics on how the system is used.

Budgetary implications

The estimated costs related to the proposal amount to €64.3 million for the 2018-2020 period and would serve to cover, among other things, implementing the changes provided for in the proposed revision of SIS in the field of police cooperation and judicial cooperation in criminal matters. Each Member State would receive a lump sum of €1.2 million to upgrade its national system. The budget would be secured through a re-programming of the smart borders envelope of the Internal Security Fund.

Advisory committees
The advisory committees are not mandatorily consulted on this proposal.

National parliaments
To date, none of the national parliaments has submitted a reasoned opinion on the compatibility of the proposal with the principle of subsidiarity.

Stakeholders’ views
This section aims to provide a flavour of the debate and is not intended to be an exhaustive account of all different views on the proposal. Additional information can be found in related publications listed under EP supporting analysis.
No major stakeholder has issued a position on the Commission’s proposal so far.

Legislative process
The legislative proposal (COM(2016) 883), adopted on 21 December 2016, falls under the ordinary legislative procedure (2016/0409(COD)) and, within the European Parliament, has been assigned to the Committee on Civil Liberties, Justice and Home Affairs (LIBE). Work in the committee is still at an early stage. In the Council, the working party for Schengen matters is likewise still at an early stage in its examination of the proposal.

EP supporting analysis
– Bakowski, P., Puccio, L., Foreign fighters – Member State responses and EU action, EPRS, March 2016.
– van Ballegooij, W., The cost of non-Schengen: Civil liberties, justice and home affairs aspects, EPRS, September 2016.
– Gatto, A., Carmona, J., European Border and Coast Guard System, EPRS, October 2016.
– Gatto, A., Goudin, P., Niemenen, R., Schengen area: Update and state of play, EPRS, March 2016.
– Malmersjo, G., Remáč, M., Schengen and the management of the EU’s external borders, Implementation appraisal, EPRS, April 2016.
– Voronova, S., Combating terrorism, EPRS, July 2016.

Other sources
Schengen Information System (SIS) in the field of police cooperation and judicial cooperation in criminal matters, European Parliament, Legislative Observatory (OEIL).

Disclaimer and Copyright
The content of this document is the sole responsibility of the author and any opinions expressed therein do not necessarily represent the official position of the European Parliament. It is addressed to the Members and staff of the EP for their parliamentary work. Reproduction and translation for non-commercial purposes are authorised, provided the source is acknowledged and the European Parliament is given prior notice and sent a copy.
© European Union, 2017.

eprs@ep.europa.eu http://www.eprs.ep.parl.union.eu (intranet) http://www.europarl.europa.eu/thinktank (internet) http://epthinktank.eu (blog)
First edition. The EU Legislation in Progress briefings are updated at key stages throughout the legislative procedure.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s