Improved effectiveness, enhanced interoperability and synergies between European databases
Commission Communication of 24 November 2005 on improved effectiveness, enhanced interoperability and synergies among European databases in the area of Justice and Home Affairs [COM(2005) 597 final - not published in the Official Journal].
This Communication is the Commission's response to the invitations of the European Council and the Council of the European Union to submit proposals for improving effectiveness and enhancing interoperability and synergy among European databases. The need to make greater use of biometrics in this field has also been stressed.
The main objectives of this Communication are:
to improve technical interoperability and synergy between the existing IT systems (SIS II, VIS, EURODAC) in the field of justice and home affairs;
to show how these systems could support policies on free movement and combating terrorism and crime, while respecting the need to protect fundamental rights;
to trigger in-depth debate on the shape and architecture of the IT systems.
Definitions of terms used
Interoperability is the "ability of IT systems and of the business processes they support to exchange data and to enable the sharing of information and knowledge."
Connectivity is a term for connecting devices in order to transfer data.
Synergy has different meanings, depending on whether one is speaking in technical, economic or organisational terms. In technical terms it means a mutually advantageous conjunction of several elements. Economically, it means an increase in the value of assets or an economy of scale. Organisationally, it means combining previously distinct resources or streamlining the existing organisation to achieve greater efficiency.
Availability refers to the principle whereby the Member State authorities responsible for security or Europol officials should obtain the information they need from another Member State if it is accessible there.
SIS II, VIS and EURODAC: status and purpose
The second generation Schengen Information System (SIS II) should make it possible to combine freedom of movement and security within the EU and to improve the exchange of information between Member States. The information will be used for controls of persons (at external borders or on national territory) and for the issue of visas and residence permits, as well as for police and judicial cooperation in criminal matters.
The main purposes of the visa Information System (VIS) are:
to improve visa issuing procedures;
to administer the common visa policy;
to improve consular cooperation to prevent threats to internal security and "visa shopping" *;
to facilitate the fight against fraud;
to assist in the identification and return of illegal immigrants;
to facilitate the application of the Dublin II Regulation.
The purpose of EURODAC, the cornerstone of the EU's asylum arrangements, is to assist in determining which Member State is responsible for examining an asylum application under the Dublin II Regulation and to facilitate application of that Regulation.
Combating terrorism and crime: shortcomings identified
At present, not all the potential of the existing systems is exploited, particularly in terms of data processing and exchange.
The limitation to alphanumeric searches *, which are less precise the more data the base contains, call for many people to be involved in verifying jobs, which is not always possible in the context of border controls.
Bona fide and frequent travellers generally find that their chances of speeding up the processing of a Schengen visa application are limited. Moreover, if their travel documents are lost or stolen, they are too often required to go through a complicated process to acquire new ones.
It is also difficult to identify illegal immigrants. As they generally have no ID or use counterfeit or falsified documents, the identification process is often long and costly. If travel documents have been destroyed, the authorities currently have no system for checking identity.
There is a problem with applying the Dublin II Regulation in that Member States do not currently have any efficient means of checking whether an asylum applicant has had a visa issued by another Member State, verifying the identity of the person, or determining the validity of the visa.
The fact that asylum, immigration and visa data cannot be used for internal security purposes is an obstacle to the effective operation of the existing IT systems.
Checks on identity and legal entry need to be extended to all categories of non-EU nationals, whereas at present only non-EU nationals subject to visa applications are subject to these checks.
Monitoring of the entry and exit of non-EU nationals is incomplete. As VIS (like SIS II) keeps no records of entries and exits, it does not help to identify persons who are residing illegally on EU territory.
In the context of the fight against terrorism and crime, the absence of biometric identification tools is a severe handicap.
The current system has limitations in dealing with the problem of identity theft in the absence of registration of citizens at EU level.
Lastly, there is no comprehensive database that would allow for the identification of disaster victims and unidentified bodies. It has been suggested that the Interpol database might be used, although this would not cover all cases.
To remedy these shortcomings effectively, it is essential to improve use of the existing systems through:
better quality control of data input;
more coherence as regards input of data categories;
wider and more direct consultation of Member States;
exchange of best practices.
Further effective development of existing and planned systems must also be promoted at three separate levels:
biometric searches in SIS II;
more comprehensive access to VIS and SIS II for asylum and immigration authorities;
more comprehensive access to the various IT systems for the internal security authorities.
In the longer term it is also planned to:
create a European criminal Automated Fingerprints Identification System (AFIS)
establish an entry-exit system and introduce a border-crossing facilitation scheme for frequent border crossers;
develop one or more EU registers of travel and ID documents.
These developments will inevitably entail changes in the architecture and organisation of the EU's IT systems. Firstly, changes to produce an essentially service-oriented architecture, for two reasons:
in order to maximise synergies while containing investment at a realistic level;
and to allow functions to be shared in a flexible and cost-efficient way without having to merge existing systems.
At organisational level, bringing daily management activities within a single organisation would also bring about further synergy effects.
Human rights: data protection
In terms of the compatibility between better identification of wanted persons and the protection of personal data, the principle of proportionality requires that the internal security authorities should consult the databases of the various IT systems (EURODAC, SIS II immigration data, VIS) only if the offence committed by the criminal or terrorist to be identified is serious enough to justify searching a database where people with clean criminal records are registered.
As far as the comparison of DNA profiles is concerned, the limitation to a hit/no hit check against the DNA profile alone, without any other personal information, allows the principle of proportionality to be fully respected. The creation of an EU register of travel and identity documents should only be envisaged if access to the register is strictly limited and searching it must be justified by an imperative public security interest.
All the possible measures must be closely supervised by the competent data protection bodies, and in any case, when making any proposals on these subjects the Commission will carry out specific impact studies on respect for fundamental rights in accordance with Communication COM(2005) 172.
Proposal of 4 October 2005 for a Council framework decision on the protection of personal data processed in the framework of police and judicial cooperation in criminal matters [ COM(2005) 475 final - Not published in the Official Journal - CNS/2005/0202 ].
Communication of 16 June 2004 from the Commission to the Council and the European Parliament: Towards enhancing access to information by law enforcement agencies [ COM(2004) 429 final - Not published in the Official Journal].
Commission Communication of 16 December 2003 to the Council and the European Parliament: Transfer of Air Passenger Name Record (PNR) data: a Global EU Approach [ COM(2003) 826 final - Not published in the Official Journal].
Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) [Official Journal L 201, 31.7.2002].
Regulation (EC) 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data [Official Journal L 8, 12.1.2001].
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data [Official Journal L 281, 23.11.1995].