Considerations on COM(2013)95 - Entry/Exit System (EES) to register entry and exit data of third country nationals crossing the external borders of the Member States of the EU

Please note

This page contains a limited version of this dossier in the EU Monitor.

 
 
(1) The Communication of the Commission of 13 February 2008 entitled preparing the next steps in border management in the European Union[18] outlined the need, as part of the European integrated border management strategy, to establish an Entry/Exit System which registers electronically the time and place of entry and exit of third-country nationals admitted for a short stay to the Schengen area and which calculates the duration of their authorised stay.

(2) The European Council of 19 and 20 June 2008 underlined the importance of continuing to work on the development of the EU's integrated border management strategy, including better use of modern technologies to improve the management of external borders.

(3) The Communication of the Commission of 10 June 2009, entitled An area of freedom, security and justice serving the citizens, advocates establishing an electronic system for recording entry to and exit from Member States' territory via the crossing of external borders to ensure more effective management of access to this territory.

(4) The European Council of 23 and 24 of June 2011 called for work on 'smart borders' to be pushed forward rapidly. The Commission published a Communication "Smart borders – options and the way ahead" on 25 October 2011.

(5) It is necessary to specify the objectives of the Entry/Exit System (EES) and its technical architecture, to lay down rules concerning its operation and use and to define responsibilities for the system, the categories of data to be entered into the system, the purposes for which the data are to be entered, the criteria for their entry, the authorities authorised to access the data, the interlinking of alerts and further rules on data processing and the protection of personal data.

(6) The EES should not apply to third country nationals who are family members of Union citizens holding a residence card as provided for in Directive 2004/38/EC of the European Parliament and of the Council of 29 April 2004 on the right of citizens of the Union and their family members to move and reside freely within the territory of the Member States[19], or to holders of residence permits referred to in the Schengen Borders Code as their stay is not limited to 90 days within 180 days.

(7) The EES should have the objective of enhancing border control, preventing illegal immigration and facilitating the management of migration flows. The EES should in particular contribute to the identification of any person who may not, or may no longer fulfil the conditions of duration of stay whithin the territory of the Member States.

(8) To meet those objectives, the EES should process alphanumeric data and, after a transitional period, fingerprints. The impact on the privacy of travellers which the fingerprinting constitutes is justified by two reasons. Fingerprints are a reliable method to identify persons who are found within the territory of the Member States not in possession of their travel documents or any other means of identification, a common modus operandi of irregular migrants. Fingerprints also provide for more reliable matching of entry and exit data of legal travellers.

(9) Ten fingerprints should be enrolled in the EES, if physically possible, to allow for accurate verification and identification and to guarantee that sufficient data is available in every circumstance.

(10) The use of fingerprints should be subject to a transitional period to allow Member States to adapt the border check process and handling of passenger flows to avoid increasing waiting time at the border.

(11) The technical development of the system should provide for the possibility of access to the system for law enforcement purposes should this Regulation be amended in the future to allow for such access.

(12) The Agency for the operational management of large-scale information systems in the area of freedom, security and justice, established by Regulation (EU) No 1077/2011 of the European Parliament and of the Council of 25 October 2011[20], should be responsible for the development and operational management of a centralised EES. Such a system should consist of a Central Unit, a Back-up Central Unit, the Uniform Interfaces in each Member State, and the Communication Infrastructure between the Central EES and the Network Entry Points. Member States should be responsible for the development and operational management of their own national systems.

(13) To allow synergies and cost-efficiency, the EES should, to the extent possible, be implemented in parallel with the Registered Traveller System established pursuant to Regulation COM(2013)97 final.

(14) This Regulation should define the authorities of the Member States which can be authorised to have access to the EES to enter, amend, delete or consult data for the specific purposes of the EES and to the extent necessary for the performance of their tasks.

(15) Any processing of EES data should be proportionate to the objectives pursued and necessary for the performance of tasks of the competent authorities. When using the EES, the competent authorities should ensure that the human dignity and integrity of the person, whose data are requested, are respected and should not discriminate against persons on grounds of sex, racial or ethnic origin, religion or belief, disability, age or sexual orientation.

(16) The personal data stored in the EES should be kept for no longer than is necessary for the purposes of the EES. It is appropriate to keep the data for six months since it is the minimum period required for the calculations of the duration of the stay. A longer period of maximum five years would be necessary for persons who have not exited the territory of the Member States within the authorised period of stay. The data should be deleted after the period of five years, unless there are grounds to delete it earlier.

(17) Precise rules should be laid down as regards the responsibilities for the development and operation of the EES, the responsibilities of the Member States for the national systems and the access to data by the national authorities.

(18) Rules on the liability of the Member States in respect to damage arising from any breach of this Regulation should be laid down. The liability of the Commission in respect of such damage is governed by the second paragraph of Article 340 of the Treaty.

(19) Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data[21] applies to the processing of personal data by the Member States in the application of this Regulation.

(20) Regulation (EC) No 45/2001 of 18 December 2000 of the European Parliament and the Council on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data[22] applies to the activities of the Union institutions or bodies when carrying out their tasks as responsible for the operational management of EES.

(21) The independent supervisory authorities established in accordance with Article 28 of Directive 95/46/EC should monitor the lawfulness of the processing of personal data by the Member States, whilst the European Data Protection Supervisor as established by Regulation (EC) No 45/2001 should monitor the activities of the Union institutions and bodies in relation to the processing of personal data. The European Data Protection Supervisor and the supervisory authorities should cooperate with each other in the monitoring of the EES.

(22) This Regulation respects the fundamental rights and observes the principles recognised by the Charter of Fundamental Rights of the European Union, in particular the protection of personal data (Article 8 of the Charter), the right to liberty and security (Article 6 of the Charter), the respect for private and family life (Article 7 of the Charter), the right to asylum (Article 18 of the Charter), protection in the event of removal, expulsion or extradition (Article 19 of the Charter), the right to an effective remedy (Article 47 of the Charter) and has to be applied in accordance with those rights and principles.

(23) The effective monitoring of the application of this Regulation requires evaluation at regular intervals. The conditions of giving access to the data stored in the system for law enforcement purposes and to third countries, and of retaining the data for different periods should further be evaluated in order to assess whether and, if so, how the system can contribute most effectively in the fight against terrorist offences and other serious criminal offences. Given the high number of personal data contained in the EES and the need to fully respect the private life of individuals whose personal data are processed in the EES, this evaluation should take place two years after the start of operations and take into consideration the results of the implementation of the VIS.

(24) The Member States should lay down rules on penalties applicable to infringements of the provisions of this Regulation and ensure that they are implemented.

(25) In order to ensure uniform conditions for the implementation of this Regulation, implementing powers should be conferred on the Commission. Those powers should be exercised in accordance with Regulation (EU) No 182/2011 of the European Parliament and of the Council of 16 February 2011 laying down the rules and general principles concerning mechanisms for control by Member States of the Commision's exercise of implementing powers[23].

(26) The establishment of a common EES at the level of the area without controls at internal borders and the creation of common obligations, conditions and procedures for use of data cannot be sufficiently achieved by the Member States and can therefore, by reason of the scale and impact of the action, be better achieved at Union level in accordance with the principle of subsidiarity as set out in Article 5 of the Treaty on European Union. In accordance with the principle of proportionality, as set out in that Article, the Regulation does not go beyond what is necessary in order to achieve this objective.

(27) In accordance with Articles 1 and 2 of the Protocol (No 22) on the position of Denmark, annexed to the Treaty on European Union and to the Treaty on the Functioning of the European Union, Denmark is not taking part in the adoption of this Regulation and is not bound by it or subject to its application. Given that this Regulation builds upon the Schengen acquis, Denmark shall, in accordance with Article 4 of that Protocol, decide within a period of six months after the Council has decided on this Regulation whether it will implement it in its national law.

(28) This Regulation constitutes a development of the provisions of the Schengen acquis in which the United Kingdom does not take part, in accordance with Council Decision 2000/365/EC of 29 May 2000 concerning the request of the United Kingdom of Great Britain and Northern Ireland to take part in some of the provisions of the Schengen acquis[24]; the United Kingdom is therefore not taking part in its adoption and is not bound by it or subject to its application.

(29) This Regulation constitutes a development of the provisions of the Schengen acquis in which Ireland does not take part, in accordance with Council Decision 2002/192/EC of 28 February 2002 concerning Ireland’s request to take part in some of the provisions of the Schengen acquis[25]; Ireland is therefore not taking part in its adoption and is not bound by it or subject to its application.

(30) As regards Iceland and Norway, this Regulation constitutes a development of the provisions of the Schengen acquis within the meaning of the Agreement concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the latters' association with the implementation, application and development of the Schengen acquis[26], which fall within the area referred to in Article 1, point A of Council Decision 1999/437/EC of 17 May 1999 on certain arrangements for the application of that Agreement[27].

(31) As regards Switzerland, this Regulation constitutes a development of the provisions of the Schengen acquis within the meaning of the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation's association with the implementation, application and development of the Schengen acquis[28] which fall within the area referred to in Article 1, point A of Council Decision 1999/437/EC of 17 May 1999 read in conjunction with Article 3 of Council Decision 2008/146/EC[29].

(32) As regards Liechtenstein, this Regulation constitutes a development of the provisions of the Schengen acquis, as provided for by the Protocol between the European Union, the European Community, the Swiss Confederation and the Principality of Liechtenstein on the accession of the Principality of Liechtenstein to the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation's association with the implementation, application and development of the Schengen acquis[30] which fall within the area referred to in Article 1, point A of Council Decision 1999/437/EC of 17 May 1999 read in conjunction with Article 3 of Council Decision 2011/350/EU[31].