Explanatory Memorandum to COM(2005)600 - Access for consultation of the Visa Information System (VIS) by the authorities of Member States responsible for internal security and by Europol for the purposes of the prevention, detection and investigation of terrorist offences and of other serious criminal offences - Main contents
Please note
This page contains a limited version of this dossier in the EU Monitor.
dossier | COM(2005)600 - Access for consultation of the Visa Information System (VIS) by the authorities of Member States responsible for internal ... |
---|---|
source | COM(2005)600 |
date | 24-11-2005 |
- Grounds for and objectives of the proposal
While progressively establishing an area of freedom, security and justice, the European Union shall ensure the free movement of persons and a high level of security. In this context, top priority has been given to the development and establishment of the Visa Information System (VIS) as a system for the exchange of visa data between Member States. It is one of the key initiatives within the EU policies aimed at achieving a higher level of security.
On 19 February 2004 the Council adopted conclusions on the development of the Visa Information System, underlining that one of the objectives of the VIS is to contribute towards improving the administration of the common visa policy and towards internal security and to combating terrorism.
On 8 June 2004 the Council adopted Council Decision 2004/512/EC establishing the Visa Information System (VIS), which constitutes the required legal basis to allow for the inclusion in the budget of the European Communities of the necessary appropriations for the development of VIS and the execution of that part of the budget, defines the architecture of the VIS and gives the Commission the mandate to develop the VIS at a technical level, assisted by the SIS II Committee. The national systems shall be adapted and/or developed by the Member States. In order to implement that Decision, the Commission presented on 28 December 2004 a proposal for a Regulation of the European Parliament and of the Council concerning the Visa Information System (VIS) and the exchange of data between Member States on short stay-visas.
The further development and establishment of the VIS, in particular within the domain of internal security, including the combating of terrorism, requires the elaboration of a comprehensive legal framework, complementing the VIS regulation.
During its meeting of 7 March 2005, and reiterated on 13 July 2005, the Council adopted conclusions that in order to achieve fully the aim of improving internal security and the fight against terrorism, Member State authorities responsible for internal security should be guaranteed access to VIS, 'in the course of their duties in relation to the prevention, detection and investigation of criminal offences, including terrorist acts and threats’, ’subject to strict compliance with the rules governing the protection of personal data’.
The objective of the present proposal is to establish the required legal basis under Title VI of the Treaty on the European Union to allow for and to lay down the conditions under which Member States' authorities responsible for internal security and the European Police Office (Europol) may access the Visa Information System (VIS). This will enable them to consult the VIS for the purposes of the prevention, detection and investigation of terrorist offences and the types of crime and the offences in respect of which Europol is competent to act pursuant to Article 2 of the Europol Convention.
- General context
The fight against terrorism is a priority for all Member States. The European Union is committed to jointly combating terrorism and to providing for the best possible protection for its citizens. The EU’s strategy must be comprehensive, covering a wide range of measures. These aim at increasing co-operation in fields ranging from intelligence sharing to law enforcement in order to make it easier to find, detain and bring to justice terror suspects, in promoting and ensuring security while preserving and reinforcing individual rights and freedoms.
- Existing provisions in the area of the proposal
- The Europol Convention of 1995. Article 2 states that the objective of Europol is to improve, by means of the measures referred to in that Convention, the effectiveness and cooperation of the competent Member State authorities to prevent and combat terrorism, and other serious forms of international and organised crime. Europol, however, currently does not have access to data stored in the VIS.
- The Proposal for a Council Framework Decision on the protection of personal data processed in the framework of police and judicial co-operation in criminal matters (COM(2005) 475) adopted by the Commission on 4 October 2005. This instrument provides for the legal framework for a effective protection of personal data in matters which fall under Title VI of the Treaty on European Union.
- Proposal for a Council Framework Decision on the exchange of information under the principle of availability (COM(2005) 490) adopted by the Commission on 4 October 2005. This instrument excludes from its scope the access to the VIS.
- Consistency with other policies and objectives of the Union
The present initiative does not go beyond what is necessary to achieve its objective and limits its scope to terrorist offences as laid down in Council Framework Decision 2002/475/JHA on combating terrorism and to crimes falling within the competence of Europol. It also restricts the conditions to the use of VIS data to specific cases only, thereby excluding routine access. It authorises only national authorities competent for the prevention, detection or investigation of criminal offences to have access to the VIS, and by obliging these authorities to go through a central access point which will consult the VIS on their behalf, on a case-by-case basis and after receipt of a duly motivated request. Furthermore these Authorities responsible for internal security and the central access points are clearly listed in the Annex to this Decision.
This Decision seeks to ensure full respect for the right to liberty and security, the right to respect for private and family life, the right to protection of personal data and the principles of legality and proportionality of criminal offences and penalties (Articles 6, 7, 8, 48 and 49 of the Charter of Fundamental Rights of the European Union).
The Council Framework Decision on the protection of personal data processed in the framework of police and judicial co-operation in criminal matters (2005/XX/JI), the Europol Convention and Regulation (EC) 45/2001 shall apply to the processing of personal data pursuant to this Decision. The Framework Decision requires Member States in particular to lay down effective, proportionate and dissuasive sanctions to be imposed in case of infringement of data protection provisions, including criminal sanctions for particularly serious and intentionally committed infringements.
- Consultation of interested parties
No formal consultation prior to the presentation of this proposal has been conducted due to the urgency of the matter since the Council had requested the Commission to present the proposal by November 2005 and the legislative process for the underlying VIS Regulation had been initiated.
On 24 October 2005, the Commission invited and consulted experts representing the Governments of the EU Member States. Information was also exchanged with representatives of the government of Norway on the question of the development of the Schengen acquis. Other relevant interested parties, such as the Article 29 Working Party i, had already expressed views on the general objective of this proposal in relation to the proposal for the VIS Regulation.
- Collection and use of expertise
Use has been made of the existing expertise assembled in relation to the proposal for the VIS Regulation.
- Impact assessment
Based on the Council conclusions of 7 March 2005, the following options were considered: not presenting a Commission legislative proposal and therefore taking no action; creating the legal basis for an unlimited access to the VIS for Member State authorities responsible for internal security and to Europol; or creating the legal basis for a limited access to the VIS for Member State authorities responsible for internal security and to Europol.
Not presenting a Commission legislative proposal and therefore taking no action would have meant that the common Visa Information System (VIS) as a system for the exchange of visa data between Member States would not be legally accessible for law enforcement purposes. However, the inefficiencies in combating visa shopping, fraud and in conducting checks are causing also inefficiencies in relation to the internal security of the Member States. Criminals and suspected persons may obtain a visa or have chances to use a falsified visa when entering the Schengen area. As the exchange of VIS data is not covered by the scope of the Council Framework Decision on the exchange of information under the principle of availability, Member States would increase the demand for further police cooperation in this area at EU level sooner or later.
The VIS is a system which capability is estimated – in particular as regards biometric data – to be able to contain, as of 2007, the data concerning about 20 million visa applications annually. This would result in 70 million fingerprint data to be stored in the system for the five-year term set forth in the current VIS Regulation proposal.
The creation of a legal basis for an unlimited access to the VIS, for Member State authorities responsible for internal security and to Europol, would mean that access would be granted to pursue any criminal offence, as defined by Member States themselves. This would transform the VIS into a regular crime fighting database, and could open the possibility for routine access by law enforcement authorities. However, this would not be in line with the main purpose of the original VIS and would unjustifiably impact on the fundamental rights of the individuals whose data are processed in the VIS and who are to be treated as innocent individuals and not as suspects in a criminal investigation.
The creation of a legal basis for a limited access to the VIS, for Member State authorities responsible for internal security and to Europol, would need a prohibition of routine access of authorities responsible for internal security, a de-central access to the VIS and a consultation which may only take place for specific purposes of the prevention, detection and investigation of clearly defined terrorist offences and of other serious criminal offences and limited to the extent the data are required for the performance of the tasks in accordance with these purposes. On top of that consultation would be limited to some basic VIS data; and only if further information is necessary under the specific circumstances of the case, additional relevant data could be consulted. As for the necessary specific safeguards, the Council Framework Decision on the protection of personal data processed in the framework of police and judicial co-operation in criminal matters (2005/XX/JI), Regulation (EC) 45/2001 and the Europol Convention shall apply to the processing of personal data pursuant to this Decision. The Framework Decision requires Member States in particular to lay down effective, proportionate and dissuasive sanctions to be imposed in case of infringement of data protection provisions, including criminal sanctions for particularly serious and intentionally committed infringements. Effective supervision is foreseen through the establishment of a yearly review by the relevant Data Protection Supervisory authorities.
To make sure that the impact on fundamental rights of the individuals whose data are processed in the VIS by the access of internal security authorities to these data for consultation is in effect lessened and that technical implications remain at a low level, a Decision concerning the limited, case-by-case access for consultation to the Visa Information System (VIS) to authorities of Member States responsible for internal security and to Europol for the purposes of the prevention, detection and investigation of terrorist offences and of other serious criminal offences is the only satisfactory option.
Contents
- Summary of the proposed action
The objective of the present proposal is to provide the legal basis to allow for and to lay down the conditions under which Member States' authorities responsible for internal security and the European Police Office (Europol) may access the Visa Information System (VIS) for consultation for the purposes of the prevention, detection and investigation of terrorist offences and the types of crime and the offences in respect of which Europol is competent to act pursuant to Article 2 of the Europol Convention (“serious criminal offences”).
- Legal basis
This Decision is based on Article 30 i (b) and Article 34 i (c) of the Treaty on European Union. In order to fulfil one of the objectives of the Union, namely to provide citizens with a high level of safety within an area of freedom, security and justice by preventing and combating crime, organised or otherwise, in particular terrorism, through closer cooperation between police forces, customs authorities and other competent authorities in the Member States, both directly and through the European Police Office (Europol), Article 30 i (b) provides for the collection, storage, processing, analysis and exchange of relevant information, in particular through Europol, subject to appropriate provisions on the protection of personal data. The data processed in the VIS can be relevant information in specific cases to achieve those purposes.
- Subsidiarity principle
The subsidiarity principle applies to the actions by the Union.
The objectives of the proposal cannot be sufficiently achieved by the Member States for the following reason:
There is no legal base for such action: as the VIS is a database established under the competence of the Community, no individual Member State could authorise on its own the access to the VIS by law enforcement authorities. Furthermore, existing national visa databases, which could be accessed by specific cooperation regimes between competent authorities for the exchange of visa data between Member States established under Title VI of the Treaty on European Union, do not have the same categories of data as in the VIS and only allow for a direct information flow from one Member State to another Member State. The “principle of availability” as established in the Proposal for a Council Framework Decision on the exchange of information under the principle of availability excludes from its scope the access to the VIS and its data.
Union action will better achieve the objectives of the proposal for the following reasons:
The objectives of the Decision, to provide for the only admissible legal basis under European law to allow for and to lay down the conditions under which Member States' authorities responsible for internal security and the European Police Office (Europol) may access the Visa Information System (VIS) for consultation for the purposes of the prevention, detection and investigation of terrorist offences and other serious criminal offences, cannot be sufficiently achieved by the Member States and can therefore, by reason of the scale and impact of the action, be better achieved at EU level.
The proposal therefore complies with the subsidiarity principle.
- Proportionality principle
The proposal complies with the proportionality principle for the following reasons:
The present initiative does not go beyond what is necessary to achieve its objective: This Decision seeks to ensure full respect for the fundamental rights. It also restricts the conditions to the use of VIS data to specific cases only, thereby excluding routine access.
The consultation of the data is exclusively reserved to duly authorised staff of the competent authorities of each Member State, and of Europol officials. Access to the VIS may only take place for specific purposes as defined in this Decision and limited to the extent the data are required for the performance of the tasks in accordance with these purposes. Consultation is initially limited to some enumerated VIS data; only if further information is necessary under the specific circumstances of the case, additional relevant data may be consulted.
Financial implications may be minimized as this proposal allows limited further access to an already existing Information System. As to the further cost it is foreseen that each Member State and Europol shall set up and maintain at their expense the technical infrastructure necessary to implement this Decision, and be responsible for bearing the costs resulting from access to the VIS for the purposes of this Decision.
- Choice of instruments
Proposed instruments: A Decision based on Article 30(1)(b) and Article 34 i (c) TEU.
Other means would not be adequate for the following reason:
The form of a Decision has been chosen because it is necessary to adopt an act of general application which is binding on the Member States in its entirety.
- Participation in this VIS Decision
The VIS Regulation covers the exchange of data on short stay visas between Member States 'which have abolished checks at their internal borders', based on Article 62 (2)(b)(ii) and Article 66 of the EC Treaty. This decision allows access to VIS data for the purposes of the prevention, detection and investigation of terrorist offences and the crimes and offences in respect of which Europol is competent to act, i.e. purposes which are not covered by the common visa policy.
However, this proposal governs the further use for a secondary purpose of data on short stay visas. Such data is Schengen data collected in the framework of the common visa policy. Creating further access rights to such data entails the necessity to protect such personal data within the meaning of Article 1, point F of Council Decision 1999/437/EC. Additionally, the Schengen acquis covers within the framework of police cooperation the assistance “for the purposes of preventing and detecting criminal offences” (Article 39 i Schengen Convention) and the exchange of information concerning “any information which may be important in helping it combat future crime and prevent offences against or threats to public policy and public security” (Article 46 i Schengen Convention). Therefore this decision constitutes a development of the Schengen acquis. The consequences for access to VIS data are as follows:
United Kingdom and Ireland :
As Ireland and the United Kingdom do not participate in the common visa policy and consequently are not Member States to which the VIS Regulation applies, authorities responsible for internal security of these Member States do not have direct access to the VIS for the purposes of this Decision. However it is appropriate that the VIS data is made available to the authorities responsible for internal security of the United Kingdom and Ireland.
Iceland and Norway:
The procedures laid down in the Association Agreement i concluded by the Council and the Republic of Iceland and the Kingdom of Norway concerning the latter’s association with the implementation, application and development of the Schengen acquis are applicable, since the present proposal builds on the Schengen acquis as defined in Annex A of that Agreement.
Switzerland:
This Decision constitutes a development of the provisions of the Schengen aquis within the meaning of the Agreement signed by the European Union, the European Community and the Swiss Confederation on the latter’s association with the implementation, application and development of the Schengen acquis i , which fall within the area referred to in Article 4 i of the Council Decision 2004/849/EC i on the signing, on behalf of the European Union, and on the provisional application of certain provisions of that Agreement.
The Agreement with Switzerland, signed on 26.10.2004, provides for provisional application of certain provisions upon signature, in particular the participation of Switzerland in the Mixed Committee dealing with the development of the Schengen acquis.
THE PROPOSAL HAS IMPLICATION FOR THE COMMUNITY BUDGET INSOFAR AS THE ADDITIONAL NUMBER OF ACCESS TO THE VIS GENERATED BY THE AUTHORITIES RESPONSIBLE FOR INTERNAL SECURITY VIA THE CENTRAL ACCESS POINTS HAS TO BE TAKEN INTO ACCOUNT WHEN SETTING UP AND MAINTAINING THE SYSTEM. THE IMPLEMENTATION OF THE PROPOSED DECISION WOULD ENTAIL ONLY A SMALL AMOUNT OF ADDITIONAL ADMINISTRATIVE EXPENDITURE, TO BE CHARGED TO THE BUDGET OF THE EUROPEAN COMMUNITIES, FOR MEETINGS OF AND THE SECRETARIAL SERVICES FOR THE NEW COMMITTEE SET UP REFERRED TO IN ARTICLE 10 OF THIS DECISION.
- Review/revision/sunset clause
The proposal includes a review clause.