Considerations on COM(2022)658 - Amending various regulations as regards the digitalisation of the visa procedure - Main contents
Please note
This page contains a limited version of this dossier in the EU Monitor.
| dossier | COM(2022)658 - Amending various regulations as regards the digitalisation of the visa procedure. |
|---|---|
| document | COM(2022)658  |
| date | November 22, 2023 |
| (2) | This Regulation is in line with the Union’s policy to encourage the modernisation and digitalisation of public services and the communication of the Commission of 9 March 2021 entitled ‘2030 Digital compass: the European way for the digital decade’. Since the entry into force of Regulation (EC) No 810/2009 of the European Parliament and of the Council (4) in 2010 and the start of operations of the Visa Information System (VIS) in 2011 under Regulation (EC) No 767/2008 of the European Parliament and of the Council (5), the context in which visa policy operates has considerably changed. In addition, significant technological developments provide new opportunities to make the application process for Schengen visas smoother and more effective for third-country nationals, as well as more cost effective for Member States. |
| (3) | The COVID-19 pandemic, which slowed down Schengen visa operations worldwide, partly due to the difficulty of receiving visa applicants in consulates and in Visa Application Centres, prompted Member States to call upon the Commission to speed up work on the digitalisation of visa procedures. |
| (4) | The New Pact on Migration and Asylum, proposed by the Commission on 23 September 2020, set the objective of fully digitalising the visa procedure by 2025, with a digital visa and the ability to submit visa applications online. |
| (5) | While visa processing is already partially digitalised, with applications and decisions recorded in the VIS, two important steps remain paper-based: the visa application process and the issuance of the visa to the applicant by means of a visa sticker. The paper-based steps create a burden for all stakeholders, in particular for Member State authorities that issue visas and for visa applicants. Member States are aware of that burden and some of them have already implemented digital solutions in order to provide applicants with a modern and user-friendly application procedure and to improve the efficiency of handling visa applications. |
| (6) | A single technical solution, namely the EU Visa Application Platform (EU VAP), should be developed to allow visa applicants to apply for a visa online, regardless of the Member State of destination. It should automatically determine which Member State is competent to examine an application, in particular in cases where the applicant intends to visit several Member States. In such cases, Member States would only need to check whether the tool determined the correct competent Member State. |
| (7) | A digital platform, common to all Member States, would significantly contribute to improving the image of the Union. |
| (8) | The EU VAP should provide the applicant with up-to-date and easily accessible information and the conditions for entry on the territory of the Member States, in formats that take into account visual impairments. It should also provide a guidance tool with which the applicant can find all the necessary information regarding visa requirements and procedures, such as, but not limited to whether and what type of visa is required; the amount of the visa fee; the Member State competent for handling the application; which supporting documents are required; whether an appointment is necessary to collect biometric identifiers and whether it is possible to apply online without an appointment. The EU VAP should provide the applicant with documents in a printable format and should include a communication mechanism, such as a chatbot, to answer questions of the applicants. That chatbot will not constitute the only means by which the applicant could get information on the visa procedure. The EU VAP should also provide information on the processing of personal data in the context of the VIS. The EU VAP should also allow secure electronic communication between the applicant and the competent consulate or the central authorities of the competent Member State, if additional documents or an interview with the applicant is necessary. |
| (9) | Member States should ensure that the service offered to the public in the course of the visa application process is of a high standard and follows good administrative practice. Member States should ensure that a ‘one-stop shop’ principle is applied to all applicants. |
| (10) | Visa applicants should be able to submit their application and provide the data required in the application form, an electronic copy of the travel document, supporting documents and travel medical insurance in digital format through the EU VAP. In order to enable applicants to save information relating to their application, the EU VAP should be able to store data temporarily and strictly for as long as this is necessary for the completion of relevant tasks. Once the applicant submits the online application and the Member States perform the appropriate checks, the application file should be transferred to the national system of the competent Member State and stored there. Consulates or the central authorities are to consult the information stored at a national level and enter only the required data in the central VIS. |
| (11) | Appearing in person at the consulate or external service provider should, in principle, be mandatory only for first time applicants and applicants who have acquired a new travel document which needs to be verified, and for the collection of biometric identifiers. However, in cases of doubt concerning the travel document, supporting documents, or both, or in individual cases in a particular location where there is a high incidence of fraudulent documents, Member States should retain the possibility to ask the applicant to appear in person. |
| (12) | Repeat applicants should be able to apply fully online within a period of 59 months after their initial application, provided that they apply with the same travel document. Once that period has elapsed, biometric identifiers should be collected again, in accordance with Regulation (EC) No 810/2009, which provides that biometric data are, in principle, to be collected every 59 months, starting from the date of the first collection. |
| (13) | Specific provisions apply to third-country nationals subject to a visa requirement who are family members of citizens of the Union to whom Directive 2004/38/EC of the European Parliament and of the Council (6) applies or of third-country nationals enjoying the right to free movement equivalent to that of Union citizens under an agreement between the Union and its Member States, on the one hand, and a third country, on the other, and who do not hold a residence card pursuant to Directive 2004/38/EC, or of UK nationals who are beneficiaries of the Agreement on the withdrawal of the United Kingdom of Great Britain and Northern Ireland from the European Union and the European Atomic Energy Community (7) (EU-UK Withdrawal Agreement) in relation to their host State, as defined in the EU-UK Withdrawal Agreement, and who do not hold a EU-UK Withdrawal Agreement residence document. |
| (14) | Article 21(1) of the Treaty on the Functioning of the European Union (TFEU) stipulates that every citizen of the Union has the right to move and reside freely within the territory of the Member States, subject to the limitations and conditions laid down in the Treaties and by the measures adopted to give them effect. Directive 2004/38/EC lays down limitations and conditions relating to those rights. As confirmed by the Court of Justice of the European Union, family members of citizens of the Union to whom Directive 2004/38/EC applies have not only the right to enter the territory of the Member State, but also to obtain an entry visa for that purpose. Member States are required to grant such persons every facility to obtain the necessary visas, which are to be issued free of charge as soon as possible, on the basis of an accelerated procedure and with due regard to the procedural safeguards that apply to them. Against this background, such family members should, in particular, be entitled to lodge their visa application, their application for a confirmation of a valid visa in a new travel document or their application for an extension of their visa without using the EU VAP, as this could facilitate their visa application. In such a case, they should be entitled to choose to lodge their applications in person at the consulate or at the external service providers. In addition, the EU VAP should fully take into account the rights and facilitations granted to the beneficiaries of the free movement acquis. The same applies with regard to family members of UK nationals who are beneficiaries of the EU-UK Withdrawal Agreement in relation to their host State, as defined in the EU-UK Withdrawal Agreement, by virtue of Article 14(3) of that Agreement. |
| (15) | Special provisions should apply for humanitarian reasons, in justified individual cases, in cases of force majeure, or to Heads of State or government and members of a national government with accompanying spouses, and the members of their official delegation when they are invited by Member States’ governments or by international organisations for an official purpose, sovereigns and other senior members of a royal family, when they are invited by Member States’ governments or by international organisations for an official purpose, and for visas applied for at the external border or that might be extended in the territory of the Member States. |
| (16) | The special provisions which apply for humanitarian reasons could also cover all types of digital accessibility issues, limited access to internet or no internet penetration, or limited digital literacy. Particular attention should be paid to persons with a disability. |
| (17) | A third person duly authorised by the visa applicant or empowered by law to represent them, where appropriate, should be able to lodge an application on behalf of the visa applicant, provided that the identity of that third person is included in the application form. |
| (18) | Each applicant should submit a completed application form using the EU VAP. The online application form, including a declaration of the authenticity, completeness, correctness and reliability of the data submitted and a declaration of the veracity and reliability of the statements made, should be signed electronically by ticking the appropriate box in the application form. Each applicant should also state that they have understood the conditions for entry referred to in Regulation (EU) 2016/399 of the European Parliament and of the Council (8) and that they could be requested to provide the relevant supporting documents at each entry. Applicants should confirm that they agree to receive communications via the EU VAP. For that purpose they should access the EU VAP on a regular basis. Application forms for minors should be submitted and electronically signed by a person exercising permanent or temporary parental authority or legal guardianship. |
| (19) | When applying for a visa, applicants should provide proof of supporting documents. For the purposes of this Regulation, this encompasses both the digital and physical submission of documents. Taking into consideration the established case-law of the Court of Justice of the European Union on the grounds of refusal of a visa, a flagged IP address alone or the potential duplication of IP addresses is not to be of relevance for the purpose of the examination of the application. |
| (20) | The payment of the visa fee should be made by using a gateway linked to the EU VAP and the payments would be directly transferred, in their entirety, to the appropriate Member State. The data required for securing the electronic payment should not form part of data stored in the VIS. Where an electronic payment is not possible, the visa fee should be collected by the consulates or the external service provider entrusted with that task. |
| (21) | The EU VAP should also contain an appointment tool for Member States to use to manage appointments at their consulates or the external service providers. While the use of such tool should remain optional, as it might not be appropriate across all locations and for all consulates, Member States should nevertheless use local Schengen cooperation to discuss whether a harmonised approach regarding the use of the appointment tool could be followed in specific third countries or specific locations. |
| (22) | Local Schengen cooperation should also determine in specific cases the use of widely spoken unofficial languages for the translation of the application form. Local Schengen cooperation should also discuss arrangements for the transfer of electronic data for external service providers or representing Member States where under national laws third countries prohibit such transfers outside of their territory. |
| (23) | The EU VAP should conduct an automated admissibility pre-check to verify whether the information provided by the applicant fulfils the admissibility requirements for the requested visa. It should notify the applicant if any information is missing and provide the applicant with the possibility to correct the application. |
| (24) | The EU VAP should conduct an automated competence pre-check to pre-determine the competent Member State on the basis of the information provided by the applicant. However, the applicant should be able to indicate that the application be processed by another Member State on the basis of the main purpose of stay. The consulate or the central authorities of that other Member State concerned should then verify whether they are competent to examine the application. |
| (25) | Where the consulate or the central authorities of the Member State find that they are competent to examine the application, they should accept it and the data should be imported into the national system from the temporary storage as established by the VIS Regulation and, with the exception of contact data, deleted from that temporary storage. |
| (26) | The architecture of the EU VAP should ensure data protection by design and by default, the respect of the principle of data minimisation and that, when operational, the EU VAP is implemented in a way that respects access rights under the relevant existing national and Union law. |
| (27) | In order for the personal data inserted in the EU VAP to be of the necessary minimum quality, a specific procedure to verify the quality of that data is necessary. Having a uniform approach to check quality is important not only to ensure an equal level of data quality across the Member States, but also to ensure that applicants receive the same treatment whichever competent authority they address. |
| (28) | It is necessary to clarify the role and the responsibilities of the different actors involved in the processing of the data collected from applicants and visa holders. Member States will be the final users of the data to be collected by the EU VAP and will make the final decision on the basis of the data provided by applicants and visa holders. Member States should therefore be joint controllers for the processing of the personal data in the temporary storage in accordance with Article 26 of Regulation (EU) 2016/679 of the European Parliament and of the Council (9). Each Member State should designate a competent authority which should be a controller. Member States should communicate those authorities to the Commission, the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA), established by Regulation (EU) 2018/1726 of the European Parliament and of the Council (10), and other Member States. eu-LISA should operate and provide technical solutions for the EU VAP and should process data submitted by visa applicants on behalf of the Member States issuing Schengen visas. eu-LISA should therefore be a processor as defined in Article 3, point (12), of Regulation (EU) 2018/1725 of the European Parliament and of the Council (11). |
| (29) | When there is new information regarding the application or visa, the applicant should be informed by electronic message. The decision taken by the competent Member State, in accordance with Regulations (EC) No 810/2009 and (EC) No 767/2008, indicating whether the visa is issued, refused, confirmed to a new travel document, extended, annulled or revoked, should be made available to the applicant in a secure account service on the EU VAP. Access to the secure account on the EU VAP should be protected by technical means, for example by means of a multi-factor authentication. |
| (30) | A well-established principle in case-law is that no right is to be prejudiced in consequence of the expiry of a time limit if the party concerned proves the existence of unforeseeable circumstances or force majeure. Therefore, applicants’ rights are not to be prejudiced where it is not possible to use the secure account for technical reasons, provided that the applicant concerned proves the existence of unforeseeable circumstances or of force majeure. |
| (31) | In order to reduce security risks related to the misuse of visa stickers, counterfeited and stolen visa stickers, a visa should be issued in digital format and no longer as a visa sticker affixed to the travel document. |
| (32) | In order to ensure maximum security and to prevent counterfeiting or forgery, the notification of digital visa should be in the form of a 2D barcode which is cryptographically signed by the Country Signing Certificate Authority (CSCA) of the issuing Member State. Thus, in the event that VIS were unavailable, checks could be carried out on the basis of that 2D barcode. |
| (33) | Where the travel document of the visa holder is lost, stolen, has expired or has been invalidated and the visa is still valid, the visa holder should be able to apply via the EU VAP for confirmation of the valid visa in a new travel document, provided that the new travel document is of the same type and is issued by the same country as the lost, stolen, expired or invalidated travel document. The visa holder should appear in person before the consulate or the external service provider to present the new travel document in order to verify the authenticity of that travel document. |
| (34) | Data stored in the EU VAP should be safeguarded using privacy-enhancing implementation measures. |
| (35) | External service providers should have access to the EU VAP only to retrieve and review applications; verify data temporarily stored, for example a scan of a travel document; check and upload relevant personal data from the chip of the travel document; collect and upload biometric identifiers; perform quality checks on the uploaded supporting documents; confirm that an application has been reviewed and thus make it available to the consulate for further processing. External service providers should not have access to data stored in the VIS. |
| (36) | It is necessary to determine the date from which operations start, including of the digital visa and the EU VAP. A transitional period should be provided for, during which it should be possible for a Member State to decide not to avail itself of the EU VAP. That transitional period should be for 7 years from the date of the start of operations. Nevertheless, it should be possible for a Member State to notify the Commission and eu-LISA that it wishes to join the EU VAP before the end of the transitional period. During the transitional period, if a Member State decides not to avail itself of the EU VAP, visa holders should still be able to verify the digital visas using the web service of the EU VAP. |
| (37) | eu-LISA should ensure sufficient capacities and functionalities of the EU VAP in order to enable Member States to join the EU VAP during the transitional period. The development of the EU VAP by eu-LISA should take into account the future use of the EU VAP by Member States which do not yet apply the Schengen acquis in full. The EU VAP should be set up so as to enable those Member States to seamlessly connect with it and smoothly use the EU VAP as soon as a Council decision in accordance with Article 3(2) of the 2003 Act of Accession or Article 4(2) of the 2005 Act of Accession has been adopted. To this end, eu-LISA should have regard, in particular, to the storage capacity of the EU VAP and the interconnection of the EU VAP with the national visa information systems. The competent authorities of the Member States concerned should be fully involved with the development of the EU VAP from the outset in the same way as the competent authorities of the other Member States. |
| (38) | A Member State which does not apply the Schengen acquis in full should be able to request eu-LISA to introduce links to the relevant national application procedure of the Member State concerned through the inclusion of a Uniform Resource Locator (URL) in the EU VAP. |
| (39) | The EU VAP should contain a functionality for applicants and other entities, such as employers or universities or local authorities, to verify the digital visas. |
| (40) | In order to enable the application of Decision No 565/2014/EU of the European Parliament and of the Council (12), Bulgaria, Cyprus and Romania should have read-only access of digital visas stored in the VIS. |
| (41) | eu-LISA should be responsible for the technical development and operational management of the EU VAP and its components, as part of the VIS. |
| (42) | The system architecture of the EU VAP should reuse, to the fullest extent possible, the existing and upcoming systems that form part of the new framework for interoperability, and in particular the European Travel Information and Authorisation System (ETIAS) and the Entry-Exit System (EES), while respecting the current limitations of technology and the investments already made by Member States in their own national systems. |
| (43) | The development by eu-LISA of the EU VAP and of its interconnection with the national visa information systems and the operation, including maintenance, by eu-LISA, of the EU VAP should be financed under the general budget of the Union. Regarding necessary adaptations by the Member States to the existing national visa information systems, Member States should be able to use the Instrument for Financial Support for Border Management and Visa Policy to finance this category of costs. |
| (44) | The checking of digital visas at the border should rely on the existing and upcoming EU system architecture for border management and should consist of the visa holder’s information stored in the VIS. That information should be verified by means of biometric data by Member States authorities. |
| (45) | The format for short-stay visas, as set by Council Regulation (EC) No 1683/95 (13), is also used for long-stay visas. Therefore, the Convention implementing the Schengen Agreement (14) should be amended to enable long-stay visas also to be issued in digital format. |
| (46) | Facilitated Transit Documents (FTD) and Facilitated Rail Transit Documents (FRTD) are documents equivalent to transit visas, authorising the holder to enter in order to pass through the territories of Member States in accordance with the provisions of the Schengen acquis concerning the crossing of external borders. FTD and FRTD are issued in uniform formats and the application procedure is paper-based. In order to reflect digitalisation developments, Council Regulations (EC) No 693/2003 (15) and (EC) No 694/2003 (16) should be amended to enable digital applications and FTD and FRTD to be issued in digital format. |
| (47) | In order to amend certain aspects of Regulation (EC) No 767/2008, the power to adopt acts in accordance with Article 290 of the TFEU should be delegated to the Commission to specify the content of simplified application forms for the confirmation of valid visas in a new travel document and for the extension of visas. It is of particular importance that the Commission carry out appropriate consultations during its preparatory work, including at expert level, and that those consultations be conducted in accordance with the principles laid down in the Interinstitutional Agreement of 13 April 2016 on Better Law-Making (17). In particular, to ensure equal participation in the preparation of delegated acts, the European Parliament and the Council receive all documents at the same time as Member States’ experts, and their experts systematically have access to meetings of Commission expert groups dealing with the preparation of delegated acts. |
| (48) | In order to ensure uniform conditions for the implementation of Regulation (EC) No 810/2009, implementing powers should be conferred on the Commission to adopt the minimum standards for verification of travel documents and for processing chip data, and to adopt rules for filling in the data fields of digital visas. Those powers should be exercised in accordance with Regulation (EU) No 182/2011 of the European Parliament and of the Council (18). |
| (49) | In order to ensure uniform conditions for the implementation of Regulation (EC) No 767/2008, implementing powers should be conferred on the Commission to lay down measures necessary for the technical implementation of the functionalities of the EU VAP, to adopt model contingency plans in case it is technically impossible to access data at the external borders, and to specify the responsibilities and relationships between Member States as joint controllers for the processing of personal data in EU VAP, the relationship between the joint controllers and the processor, and the responsibilities of the processor in accordance with Article 28 of Regulation (EU) 2016/679 and Article 29 of Regulation (EU) 2018/1725. Those powers should be exercised in accordance with Regulation (EU) No 182/2011. |
| (50) | Since the objectives of this Regulation, namely the establishment of the EU VAP and the introduction of a digital visa, build on other initiatives aiming, on the one hand, at streamlining and harmonising the procedures in the context of the common visa policy and, on the other hand, at aligning travel, entry requirements and border checks within the Schengen Area with the new digital era, the amendments of the related legislation cannot be achieved by the Member States acting alone but can rather only be achieved at Union level and as a part of the Schengen acquis, the Union may therefore adopt measures in accordance with the principle of subsidiarity as set out in Article 5 of the Treaty on European Union (TEU). In accordance with the principle of proportionality, as set out in that Article, this Regulation does not go beyond what is necessary in order to achieve those objectives. |
| (51) | This Regulation is without prejudice to the application of Directive 2004/38/EC and of Part Two of the EU-UK Withdrawal Agreement. |
| (52) | This Regulation respects fundamental rights and observes the principles recognised in particular by the Charter of Fundamental Rights of the European Union. The introduction of the EU VAP and of a digital visa will fully respect the right to protection of personal data, the respect for private and family life, the rights of the child, and the protection of vulnerable persons. All safeguards on fundamental rights included in Regulation (EC) No 767/2008 will remain fully applicable in the context of the EU VAP and of the digital visa, in particular regarding the rights of the child. The EU VAP will have to take into account the requirements laid down in the Directive (EU) 2016/2102 of the European Parliament and of the Council (19) to ensure an easy access for people with disabilities. Particular attention should be given to people with limited digital literacy and internet access issues. |
| (53) | In accordance with Articles 1 and 2 of the Protocol No 22 on the Position of Denmark, annexed to the TEU and to the TFEU, Denmark is not taking part in the adoption of this Regulation and is not bound by it or subject to its application. Given that this Regulation builds upon the Schengen acquis, Denmark shall, in accordance with Article 4 of that Protocol, decide within a period of six months after the Council has decided on this Regulation whether it will implement it in its national law. |
| (54) | This Regulation constitutes a development of the provisions of the Schengen acquis in which Ireland does not take part in accordance with Council Decision 2002/192/EC (20); Ireland is therefore not taking part in the adoption of this Regulation and is not bound by it or subject to its application. |
| (55) | As regards Iceland and Norway, this Regulation constitutes a development of the provisions of the Schengen acquis within the meaning of the Agreement concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the latters’ association with the implementation, application and development of the Schengen acquis (21) which fall within the area referred to in Article 1, point B, of Council Decision 1999/437/EC (22). |
| (56) | As regards Switzerland, this Regulation constitutes a development of the provisions of the Schengen acquis within the meaning of the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen acquis (23) which fall within the area referred to in Article 1, point B, of Decision 1999/437/EC read in conjunction with Article 3 of Council Decision 2008/146/EC (24). |
| (57) | As regards Liechtenstein, this Regulation constitutes a development of the provisions of the Schengen acquis within the meaning of the Protocol between the European Union, the European Community, the Swiss Confederation and the Principality of Liechtenstein on the accession of the Principality of Liechtenstein to the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen acquis (25) which fall within the area referred to in Article 1, point B, of Decision 1999/437/EC read in conjunction with Article 3 of Council Decision 2011/350/EU (26). |
| (58) | As regards Cyprus, Bulgaria and Romania, this Regulation constitutes an act building upon, or otherwise relating to, the Schengen acquis within, respectively, the meaning of Article 3(2) of the 2003 Act of Accession and Article 4(2) of the 2005 Act of Accession. |
| (59) | The European Data Protection Supervisor was consulted in accordance with Article 42(1) of Regulation (EU) 2018/1725 and delivered an opinion on 21 June 2022 (27), |