The Schengen Information System Luc Vandamme EU Council Secretariat DG H Justice and home affairs SIS division Introduction to the SIS 1+ and the SIS II • Why the SIS • Who participates • The Schengen convention • Data categories and data content Why the SIS ? • Schengen agreement of 1985 • Gradual abolition of checks at common borders. • A compensatory measure foreseen after the opening of the borders Who participates? • SISI+:13 Member states + Iceland and Norway • SISI4ALL: 22 Member states +Iceland, Norway and Switserland • SISII: All Member states (UK and IRL partialy) + Iceland,Norway and Switzerland Main categories of data in the SIS • Persons • Objects Object categories in the SIS1+ • For seizure or for use as evidence (art. 100) – Motor vehicles – Trailers and caravans – Firearms – Blank official documents – Issued documents (residence permits, travel documents, vehicle registration certificates and number plates) – Banknotes • For discreet surveillance or specific checks (art. 99) – Vehicles Categories of persons • Wanted for arrest and extradition (art. 95) • Unwanted aliens (art. 96) • Minors and vulnerable adults (art. 97) • Communication of information on place of residence (art. 98) • For discreet surveillance or specific checks (art. 99) Information about persons (mostly entered as codes) • surname and forenames, any aliases possibly entered separately; • any specific objective and physical characteristics not subject to change; • first letter of second forename; • date and place of birth; • sex; • nationality; • whether the persons concerned are armed; • whether the persons concerned are violent; • reason for the alert; • action to be taken. Practical operation • Alerts • SIRENE office: exchange of supplementary information • Reasons for request • Hits – action to be taken SIS1+ and SIS II : differences SIS1+ • Intergovernmental cooperation, paid by the MS • Composed of national copies (N.SIS) and a central function (C.SIS) that is established to keep the N.SIS identical • Queries are done at the N.SIS (national side) • All queries on personal data are logged (national side) SIS1+ and SIS II : differences SIS II • No longer intergovernmental, but community budget managed by the Commission • Member States may work with national copies, but can also query the central system directly • Logging for local query : locally • Logging for central query : centrally SIS1+ and SIS II : differences SIS II • More categories of objects • Boats and aircrafts, trailers, caravans,outboard engines, containers • Linking between alerts • Art 52 (ex. Stolen car / wanted person) • Biometrics (first only for verification) • Access to more authorities • Europol, eurojust, car registration, … Data protection measures • General data security • Installation of log(s) • Deletion procedure at expiration of validity • Separation of information flows by – Separate information channels – Profiles depending on user functions – Architectural measures – Software filters Data protection in the SIS1+(1) • Title IV, Chapter 3 and title VI of the Schengen convention • JSA for the central part and for opinions • National DP authorities for national systems • The rights of the data subjects described in the Schengen convention • Evaluation missions Data protection in the SIS1+(2) • right of access : art. 109 • right of correction or deletion : art. 110 • enforcement of rights : art. 111 • national DP authority and the data subject : art. 114 • liability and compensation : art. 116 Data protection in the SIS1+(3) • Art. 109 (1) : The right of persons to have access to data entered in the SIS which relate to them shall be exercised in accordance with the law of the Contracting Party before which they invoke that right. If national law so provides, the national supervisory authority provided for in Article 114(1) shall decide whether information shall be communicated and by what procedures.[…] Data protection in the SIS1+(4) • Art. 111(1) : Any person may, in the territory of each Contracting Party, bring before the courts or the authority competent under national law an action to correct, delete or obtain information or to obtain compensation in connection with an alert involving them. Data protection in the SIS II • Largely copied from the existing convention • Managed by the Commission = competence of the EDPS for the central part • EDPS is competent for Ist pillar; SIS is a mixed pillar DB • National DP authorities remain competent for national side and use made by end users • Data remain nationally owned Conclusions • SIS : In practice and in evolution • Thank you for your attention • Any questions ?