REPORT on the proposal for a Council decision concerning access for consultation of the Visa Information System (VIS) by the authorities of Member States responsible for internal security and by Europol for the purposes of the prevention, detection and investigation of terrorist offences and of other serious criminal offences

21.5.2007 - (COM(2005)0600 – C6‑0053/2006 – 2005/0232(CNS)) - *

Committee on Civil Liberties, Justice and Home Affairs
Rapporteur: Sarah Ludford

Procedure : 2005/0232(CNS)
Document stages in plenary
Document selected :  
A6-0195/2007

DRAFT EUROPEAN PARLIAMENT LEGISLATIVE RESOLUTION

on the proposal for a Council decision concerning access for consultation of the Visa Information System (VIS) by the authorities of Member States responsible for internal security and by Europol for the purposes of the prevention, detection and investigation of terrorist offences and of other serious criminal offences

(COM(2005)0600 – C6‑0053/2006 – 2005/0232(CNS))

(Consultation procedure)

The European Parliament,

–   having regard to the Commission proposal (COM(2005)0600)[1],

–   having regard to Articles 30(1)(b) and 34(2)(c) of the EU Treaty,

–   having regard to Article 39(1) of the EU Treaty, pursuant to which the Council consulted Parliament (C6‑0053/2006),

–   having regard to the Protocol integrating the Schengen acquis into the framework of the European Union, pursuant to which the Council consulted Parliament,

–   having regard to Rules 93 and 51 of its Rules of Procedure,

–   having regard to the report of the Committee on Civil Liberties, Justice and Home Affairs (A6‑0195/2007),

1.  Approves the Commission proposal as amended;

2.  Approves the annexed Council statements;

3   Calls on the Commission to alter its proposal accordingly, pursuant to Article 250(2) of the EC Treaty;

4.  Calls on the Council to notify Parliament if it intends to depart from the text approved by Parliament;

5.  Calls on the Council to consult Parliament again if it intends to amend the Commission proposal substantially;

6.  Instructs its President to forward its position to the Council and Commission.

AMENDMENTS BY PARLIAMENT[2]

to the Commission proposal for a

COUNCIL DECISION

concerning access for consultation of the Visa Information System (VIS) by designated authorities of Member States ▌and by Europol for the purposes of the prevention, detection and investigation of terrorist offences and of other serious criminal offences

THE COUNCIL OF THE EUROPEAN UNION,

Having regard to the Treaty on European Union, and in particular Article 30 (1) (b) and Article 34 (2) (c) thereof,

Having regard to the proposal from the Commission[3],

Having regard to the opinion of the European Parliament[4],

Whereas:

(1) Council Decision 2004/512/EC of 8 June 2004 establishing the Visa Information System (VIS)[5] established the VIS as a system for the exchange of visa data between Member States. The establishment of the VIS represents one of the key initiatives within the policies of the European Union aimed at establishing an area of Justice, Freedom and Security. The VIS should have the purpose of improving the implementation of the common visa policy and should also contribute towards internal security and to combating terrorism under clearly defined and monitored circumstances.

(2) During its meeting of 7 March 2005 the Council adopted conclusions stating that ‘in order to achieve fully the aim of improving internal security and the fight against terrorism’, Member State authorities responsible for internal security should be guaranteed access to the VIS, ‘in the course of their duties in relation to the prevention, detection and investigation of criminal offences, including terrorist acts and threats’, ‘subject to strict compliance with the rules governing the protection of personal data’.[6]

(3) It is essential in the fight against terrorism and other serious crimes for the relevant services to have the fullest and most up-to-date information in their respective fields. The Member States’ competent national services need information if they are to perform their tasks. The information contained in the VIS may be necessary for the purposes of preventing and combating terrorism and serious crimes and should therefore be available, subject to the conditions set out in this Decision, for consultation by the designated authorities.

(4) Moreover, the European Council has stated that Europol has a key role with respect to cooperation between Member States' authorities in the field of cross-border crime investigation in supporting Union-wide crime prevention, analyses and investigation. Consequently, Europol should also have access to VIS data within the framework of its tasks and in accordance with the Convention of 26 July 1995 on the Establishment of a European Police Office[7].

(5) This Decision complements the Regulation of the European Parliament and of the Council concerning the Visa Information System (VIS) and the exchange of data between Member States on short stay-visas 2005/XX/EC[8] (hereinafter referred to as the “VIS Regulation”) insofar as it provides for a legal base under Title VI of the Treaty on European Union authorizing the access to the VIS for designated authorities and by Europol.

(6) It is necessary to designate the competent Member States’ authorities as well as the central access points through which access is done and to keep a list of the operating units within the designated authorities that are authorised to access the VIS for the specific purposes of the prevention, detection and investigation of terrorist offences and other serious criminal offences as referred to in the Framework Decision on the European Arrest Warrant. It is essential to ensure that the duly empowered staff with a right to access the VIS is limited to those who 'have a need to know' and possess appropriate knowledge about data security and data protection rules.

(6a)    Requests for access to the VIS should be made by the operating units within the designated authorities to the central access points. These central access points should then process the requests to the VIS following a verification whether all conditions for access are fulfilled. In an exceptional case of urgency the central access points shall process the request immediately and only do the verification afterwards.

(7) For the purposes of protection of personal data, and in particular to exclude routine access, the processing of VIS data should only be on a case-by-case basis. Such a specific case exists in particular when the access for consultation is connected to a specific event or to a danger associated with serious crime, or to (a) specific person(s) in respect of whom there are serious grounds for believing that the person(s) will commit or has (have) committed terrorist offences or other serious criminal offences or that the person(s) has (have) a relevant connection with such (a) person(s). The designated authorities and Europol should thus only search data contained in the VIS when they have reasonable grounds to believe that such a search will provide information that will substantially assist them in preventing, detecting or investigating serious crime.

(7a)    Once the proposed Framework Decision on the protection of personal data processed in the framework of police and judicial co-operation in criminal matters[9] has entered into force it should apply to the personal data which are processed pursuant to this Decision. However, until the rules set out in the Framework Decision are applicable and in order to supplement them, adequate provisions have to be provided for to ensure the necessary data protection. Each Member should ensure an adequate data protection level in its national law which at least corresponds to that resulting from the Council of Europe Convention of 28 January 1981 for the Protection of Individuals with regard to Automatic Processing of Personal Data and the corresponding case law pursuant to Article 8 of the ECHR and, for those Member States which have ratified it, the Additional Protocol of 8 November 2001 to that Convention, and shall take into account Recommendation No. R (87) 15 of 17 September 1987 of the Committee of Ministers of the Council of Europe Regulating the Use of Personal Data in the Police Sector.

(8) The effective monitoring of the application of this Decision should be evaluated at regular intervals.

(9) Since the objectives of the action to be taken, namely the creation of obligations and conditions for access for consultation of VIS data by Member States’ designated authorities and by Europol cannot be sufficiently achieved by the Member States and can, therefore, by reason of the scale and effects of the action, be better achieved at the level of the European Union, the Council may adopt measures in accordance with the principle of subsidiarity, referred to in Article 2 of the Treaty on European Union and defined in Article 5 of the Treaty establishing the European Community. In accordance with the principle of proportionality, this Decision does not go beyond what is necessary in order to achieve those objectives.

(10) In accordance with Article 47 of the Treaty on the European Union, thisDecision does not affect the competences of the European Community, in particular as exercised in the VIS Regulation and in Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data[10].

(11) This Decision constitutes a development of provisions of the Schengen acquis in which the United Kingdom does not take part in accordance with Council Decision 2000/365/EC of 29 May 2000, concerning the request of the United Kingdom of Great Britain and Northern Ireland to take part in some of the provisions of the Schengen acquis[11]; the United Kingdom is therefore not taking part in its adoption and is not bound by it or subject to its application.

(12) This Decision constitutes a development of provisions of the Schengen acquis in which Ireland does not take part in accordance with Council Decision 2002/192/EC of 28 February 2002 concerning Ireland's request to take part in some of the provisions of the Schengen acquis[12]; Ireland is therefore not taking part in its adoption and is not bound by it or subject to its application.

(13) However, in accordance with Framework Decision 2006/960/JHA[13], information contained in the VIS can be provided to the United Kingdom and Ireland by the competent authorities of the Member States whose designated authorities have access to the VIS pursuant to this Decision and information held in the national visa registers of the United Kingdom and Ireland can be provided to the competent law enforcement authorities of the other Member States. Any form of direct access for central authorities of the United Kingdom and Ireland to the VIS would, under the present state of their participation in the Schengen acquis, require an Agreement between the Community and those Member States, possibly to be supplemented by other rules specifying the conditions and procedures for such access. As regards Iceland and Norway, this Decision constitutes, with the exception of Article 7, a development of provisions of the Schengen acquis within the meaning of the Agreement concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the association of those two States with the implementation, application and development of the Schengen acquis[14], which fall within the area referred to in Article 1, point B of Council Decision 1999/437/EC of 17 May 1999 on certain arrangements for the application of the Agreement concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the association of those two States with the implementation, application and development of the Schengen acquis[15].

(14) As regards Switzerland, this Decision constitutes, with the exception of Article 7, a development of the provisions of the Schengen acquis within the meaning of the Agreement signed by the European Union, the European Community and the Swiss Confederation concerning the association of the Swiss Confederation with the implementation, application and development of the Schengen acquis which fall within the area referred to in Article 1, point B of Council Decision 1999/437/EC of 17 May 1999 read in conjunction with Article 4 (1) of the Council Decision 2004/849/EC on the signing, on behalf of the European Union, and on the provisional application of certain provisions of that Agreement[16].

(15a)  This Decision, save its Article 6, constitutes an act building on the Schengen acquis or otherwise related to it within the meaning of Article 3(2) of the 2003 Act of Accession and Article 4(2) of the 2005 Act of Accession.

(15) This Decision respects the fundamental rights and observes the principles reflected in particular in the Charter of Fundamental Rights of the European Union.

HAS DECIDED AS FOLLOWS:

Article 1

Subject matter and scope

This Decision lays down the conditions under which Member States’ designated authorities and the European Police Office (Europol) may obtain access for consultation of the Visa Information System for the purposes of the prevention, detection and investigation of terrorist offences and of other serious criminal offences.

Article 2

Definitions

1.          For the purposes of this Decision, the following definitions shall apply:

(1)       ‘Visa Information System (VIS)’ means the Visa Information System as established by Council Decision 2004/512/EC;

(2)       ’Europol’ means the European Police Office as established by the Convention of 26 July 1995 on the Establishment of a European Police Office (“the Europol Convention”);

(3)       ‘terrorist offences’ means the offences under national law which correspond or are equivalent to the offences in Articles 1 to 4 of Council Framework Decision 2002/475/JHA on combating terrorism[17];

(4)       ‘serious criminal offences’ means the forms of crime which correspond or are equivalent to those referred to in Article 2(2) of the Framework Decision of 13 June 2002 on the European Arrest Warrant;

(5)       ‘designated authorities’ means authorities which are responsible for the prevention, detection or investigation of terrorist offences or of other serious criminal offences and designated by the Member States pursuant to Article 3 of this Decision.

2.          The definitions in the VIS Regulation shall also apply.

Article 3

Designated authorities and central access points

1.        Member States shall designate the authorities referred to in Article 2(1)(e) which are authorised to access VIS data pursuant to this Decision.

1a.      Every Member State shall keep a list of the designated authorities. Within three months after this Decision enters into force every Member State shall notify in a declaration to the Commission and the General Secretariat of the Council their designated authorities and may at any time amend or replace its declaration by another declaration.

1b.      Every Member State shall designate the central access point(s) through which the access is done. Member States may designate more than one central access point to reflect their organisational and administrative structure in fulfilment of their constitutional or legal requirements. Within three months after this Decision enters into force every Member State shall notify in a declaration to the Commission and the General Secretariat of the Council their central access point(s) and may at any time amend or replace its declaration by another declaration.

2.        The Commission shall publish the declarations referred to in Articles 1a. and 1b. in the Official Journal of the European Union.

3.        At national level, each Member State shall keep a list of the operating units within the designated authorities that are authorised to access the VIS through the central access point(s).

4.        Only duly empowered staff of the operational units as well as the central access point(s) shall be authorised to access the VIS in accordance with Article 4a.

Article 4a

Process for access to the VIS

1.        Where the conditions of Article 5 are fulfilled the operating units referred to in Article 3(3) shall submit a reasoned written or electronic request to the central access points referred to in Article 3(1b) to access the VIS. Upon receipt of a request for access the central access point(s) shall verify whether the conditions for access referred to in Article 5 are fulfilled. If all conditions for access are fulfilled, the duly authorised staff of the central access point(s) shall process the requests. The VIS data accessed shall be transmitted to the operating units referred to in Article 3(3) in such a way as not to compromise the security of the data.

2.        In an exceptional case of urgency, the central access point(s) may receive written, electronic or oral requests. In such a case, the central access point(s) shall process the request immediately and only verify ex-post whether all the conditions of Article 5 are fulfilled, including that an exceptional case of urgency existed. The ex-post verification shall take place without undue delay after the processing of the request.

Article 5

Conditions for access to VIS data by designated authorities of Member States

1.        Access to the VIS for consultation by designated authorities shall take place within the scope of their powers and if the following conditions are met:

(1)       access for consultation must be necessary for the purpose of the prevention, detection or investigation of terrorist offences or other serious criminal offences;

(2)       access for consultation must be necessary in a specific case;(3)         if there are reasonable grounds to consider that consultation of VIS data will substantially contribute to the prevention, detection or investigation of any of the criminal offences in question.

2.        Consultation of the VIS shall be limited to searching with any of the following VIS data in the application file:

(a)       surname, surname at birth (earlier surname(s)); first names; sex; date, place and country of birth;

(b)       current nationality of the applicant; nationality at birth;

(c)       type and number of the travel document, the authority which issued it and the date of issue and of expiry;

(d)       main destination and duration of the intended stay;

(e)       purpose of travel;

(f)        date of arrival and departure;

(g)       border of first entry or transit route;

(h)       residence;

(i)        

(j)        fingerprints;

(k)       type of visa and the number of the visa sticker

(l)       details of the person issuing an invitation and/or liable to pay costs of living during the stay

           and shall, in case of a hit, give access to all of the above data as well as to

(a)       any other data taken from the application form;

(b)       the data entered in respect of any visa issued, refused, annulled, revoked or extended.

Article 6

Conditions for access to VIS data by designated authorities of a Member State in respect of which the VIS Regulation has not yet been put into effect

1.        Access to the VIS for consultation by designated authorities of a Member State in respect of which the VIS Regulation has not yet been put into effect shall take place within the scope of their powers and

(a)       subject to the same conditions as referred to in Article 5 (1) (b) to (d); and

(b)       by a duly motivated written or electronic request to a designated authority of a Member State to which the VIS Regulation applies; that authority shall then request the national central access point(s) to consult the VIS.

2.        A Member State in respect of which the VIS Regulation has not yet been put into effect shall make its visa information available to Member States to which the VIS Regulation applies, on the basis of a duly reasoned written or electronic request, subject to compliance with the conditions laid down in Article 5(1) (b) to (d).

2a.      Article 8(1), (2a), (5), (6) and (7), Article 8a(1), Article 8b(1) and (3), Article 8d, Article 8e(1) and (3) of this Decision apply accordingly.

Article 7

Conditions for access to VIS data by Europol

1.        Access to the VIS for consultation by Europol shall take place within the limits of its mandate and

(a)       when necessary for the performance of its tasks pursuant to Article 3(1), point 2 of the Europol Convention and for the purposes of a specific analysis as referred to in Article 10 of the Europol Convention or

(b)       when necessary for the performance of its tasks pursuant to Article 3(1), point 2 of the Europol Convention and for an analysis of a general nature and of a strategic type, as referred to in Article 10 of the Europol Convention, provided that VIS data is rendered anonymous by Europol prior to such processing and retained in a form in which identification of the data subjects is no longer possible.

2.          Article 5(2) of this Decision applies accordingly.

3.        Europol shall designate a specialised unit for the purpose of this Decision with duly empowered Europol officials to act as the central access point to access the VIS for consultation.

4.        Processing of information obtained by Europol from access to the VIS shall be subject to the consent of the Member State which has entered that data in the VIS. Such consent shall be obtained via the Europol national unit of that Member State.

Article 8

Protection of personal data

1.        The processing of personal data consulted under this Decision shall be subject to the following rules and to the national law of the consulting Member State. With regard to the processing of personal data consulted under this Decision, each Member State shall ensure an adequate data protection level in its national law which at least corresponds to that resulting from the Council of Europe Convention of 28 January 1981 for the Protection of Individuals with regard to Automatic Processing of Personal Data and, for those Member States which have ratified it, the Additional Protocol of 8 November 2001 to that Convention, and shall take into account Recommendation No. R (87) 15 of 17 September 1987 of the Committee of Ministers of the Council of Europe Regulating the Use of Personal Data in the Police Sector.

2.        The processing of personal data by Europol pursuant to this Decision shall be in accordance with the Europol Convention and the rules adopted in implementation thereof and supervised by the independent joint supervisory body established by Article 24 of the Convention.

2a.      Personal data obtained pursuant to this Decision from the VIS shall only be processed for the purposes of the prevention, detection, investigation and prosecution of terrorist offences or other serious criminal offences.

3.          

4.          

5.        Personal data obtained pursuant to this Decision from the VIS shall not be transferred or made available to a third country or to an international organisation. However, in an exceptional case of urgency such data may be transferred or made available to a third country or an international organisation, exclusively for the purposes of the prevention and detection of terrorist offences and of other serious criminal offences and under the conditions set out in Article 5(1) of this Decision, subject to the consent of the Member State having entered the data into the VIS and in accordance with the national law of the Member State transferring the data or making them available. In accordance with national law, Member States shall ensure that records are kept of such transfers and make them available to national data protection authorities on request. The transfer of data by the Member State that entered the data in the VIS according to the Regulation is subject to national law of that Member State.

6.        The competent body or bodies, which in accordance with national law are charged with the supervision of the processing of personal data by the authorities designated under this Decision shall monitor the lawfulness of the processing of personal data pursuant to this Decision. The Member States shall ensure that these bodies have sufficient resources to fulfil the tasks entrusted to them under this Decision.

6a.      The bodies referred to in paragraph 6 shall ensure that at least every four years an audit of the processing of personal data pursuant to this Decision is carried out, where applicable according to international auditing standards.

7.        Member States and Europol shall allow the competent body or bodies referred to in paragraphs 2 and 6 to obtain the necessary information to enable them to carry out their tasks in accordance with this article.

8.        Before being authorised to process data stored in the VIS, the staff of the authorities having a right to access the VIS shall receive appropriate training about data security and data protection rules and shall be informed of any relevant criminal offences and penalties.

Article 8a

Data security

1.        The Member State responsible shall ensure the security of the data during the transmission to, and when received by, the designated authorities.

2.        Each Member State shall adopt the necessary security measures with respect to data to be retrieved from the VIS pursuant to this Decision and to be subsequently stored, in particular in order to:

(a)      physically protect data, including by making contingency plans for the protection of critical infrastructure;

(b)      deny unauthorised persons access to national installations in which the Member State store data (checks at entrance to the installation)

(c)       prevent the unauthorised reading, copying, modification or removal of data media (data media control);

(d)       prevent the unauthorised inspection, modification or deletion of stored personal data (storage control);

(e)       prevent the unauthorised processing of data from the VIS (control of data processing);

(f)       ensure that persons authorised to access the VIS have access only to the data covered by their access authorisation, by means of individual and unique user identities and confidential access modes only (data access control);

(g)       ensure that all authorities with a right of access to VIS create profiles describing the functions and responsibilities of persons who are authorised to access and search the data and make these profiles available to the national supervisory authorities referred to in Article 8(6) without delay upon their request (personnel profiles);

(h)      ensure that it is possible to verify and establish to which bodies personal data may be transmitted using data communication equipment (communication control);

(i)       ensure that it is possible to verify and establish what data has been retrieved from the VIS, when, by whom and for what purpose (control of data recording);

(j)        (prevent the unauthorised reading and copying of personal data during their transmission from the VIS, in particular by means of appropriate encryption techniques (transport control);

(k)       monitor the effectiveness of the security measures referred to in this paragraph and take the necessary organisational measures related to internal monitoring to ensure compliance with this Decision (self-auditing).

Article 8b

Liability

1.        Any person who, or Member State which, has suffered damage as a result of an unlawful processing operation or any act incompatible with this Decision shall be entitled to receive compensation from the Member State which is responsible for the damage suffered. That State shall be exempted from its liability, in whole or in part, if it proves that it is not responsible for the event giving rise to the damage.

2.        If any failure of a Member State to comply with its obligations under this Decision causes damage to the VIS, that Member State shall be held liable for such damage, unless and insofar as another Member State participating in VIS failed to take reasonable measures to prevent the damage from occurring or to minimise its impact.

3.        Claims for compensation against a Member State for the damage referred to in paragraphs 1 and 2 shall be governed by the provisions of national law of the defendant Member State.

Article 8c

Self-monitoring

Member States shall ensure that each authority entitled to access VIS data takes the measures necessary to comply with this Decision and cooperates, where necessary, with the national body or bodies referred to in Article 8(6).

Article 8d

Penalties

Member States shall take the necessary measures to ensure that any use of VIS data contrary to the provisions of this Decision is punishable by penalties, including administrative and/or criminal penalties, that are effective, proportionate and dissuasive.

Article 8e

Keeping of VIS data in national files

1.        Data retrieved from the VIS may be kept in national files only when necessary in an individual case in accordance with the purposes set out in this Decision and in accordance with the relevant legal provisions including those concerning data protection and for no longer than it is necessary in the individual case.

2.        Paragraph 1 shall not prejudice the provisions of national law of a Member State concerning the entry by its designated authorities in their national files of data which that Member State entered in the VIS according to the Regulation.

3.        Any use of data which does not comply with paragraphs 1 and 2 shall be considered a misuse under the national law of each Member State.

Article 8f

Right of access, correction and deletion

1.        The right of persons to have access to data relating to them obtained from the VIS pursuant to this Decision shall be exercised in accordance with the law of the Member State before they invoke that right.

2.        If national law so provides, the national supervisory authority shall decide whether information is to be communicated and by what procedures.

3.        A Member State other than that which has entered the data into the VIS according to the Regulation may communicate information concerning such data only if it first gives the Member State entering the data an opportunity to state its position.

4.        Information shall not be communicated to the data subject if this is indispensable for the performance of a lawful task in connection with the data or for the protection of the rights and freedoms of third parties.

5.        Any person has the right to have factually inaccurate data relating to him corrected or unlawfully stored data relating to him deleted. If the designated authorities receive such a request or if they have any other evidence to suggest that data processed in the VIS is inaccurate they shall immediately inform the visa authority of the Member State which has entered the data in the VIS, who shall check the data concerned and, if necessary, correct or delete it immediately, pursuant to Article 21 of the VIS Regulation.

6.        The individual concerned shall be informed as soon as possible and in any event not later than 60 days from the date on which he applies for access or sooner if national law so provides.

7.        The individual shall be informed about the follow‑up given to the exercise of his rights of correction and deletion as soon as possible and in any event not later than three months from the date on which he applies for correction or deletion or sooner if national law so provides.

8.        In each Member State any person shall have the right to bring an action or a complaint before the competent authorities or courts of that Member State which refused the right of access to or the right of correction or deletion of data relating to him, provided for in this Article.

Article 9

Costs

Each Member State and Europol shall set up and maintain at their expense, the technical infrastructure necessary to implement this Decision, and be responsible for bearing the costs resulting from access to the VIS for the purposes of this Decision.

Article 10

Keeping of records

1. Each Member State and Europol shall ensure that all data processing operations resulting from access to the VIS for consultation pursuant to this Decision are recorded for the purposes of checking whether the search is admissible or not, for the purpose of monitoring the lawfulness of data processing, for self-monitoring, ensuring the proper functioning data integrity and security.

Those records shall show:

         the exact purpose of the access for consultation referred to in Article 5(1)(b), including the concerned form of crime as defined in Article 2(1)(c) and (d), and for Europol, the exact purpose of the access for consultation referred to in Article 7(1)(a) or (b) of this Decision

         the respective national file reference;

         the date and exact time of access;

         where applicable that use has been made of procedure referred to in Article 4a(2);

         the data used for consultation;

         the type of data consulted;

         according to national rules or the rules of the Europol Convention the identifying mark of the official who carried out the search and of the official who ordered the search or supply.

2. Such records containing personal data shall be used only for the data protection monitoring of the legality of data processing as well as to ensure data security. Only such records containing data of a non-personal nature may be used for the monitoring and evaluation referred to in Article 12 of this Decision.

3.        These records shall be protected by appropriate measures against unauthorised access and abuse and deleted after a period of one year after the five year retention period referred to in Article 20(1) of the VIS Regulation has expired, unless they are required for monitoring procedures referred to in paragraph 2 of this Article which have already begun.

Article 11

Advisory Committee

Article 12

Monitoring and evaluation

1.        The Management Authority referred to in the VIS Regulation shall ensure that systems are in place to monitor the functioning of the VIS pursuant to this Decision against objectives, in terms of outputs, cost-effectiveness, security and quality of service.

1a.      For the purpose of technical maintenance, the Management Authority shall have access to the necessary information relating to the processing operations performed in the VIS.

2.        Two years after the VIS is brought into operations and every two years hereafter, the Management Authority shall submit a report to the European Parliament, the Council and the Commission on the technical functioning of the VIS pursuant to this Decision. That report shall include information on the performance of the VIS against quantitative indicators predefined by the Commission, and in particular on the need and use made of Article 4a(2).

3.        Three years after the VIS is brought into operation and every four years thereafter, the Commission shall produce an overall evaluation of the VIS pursuant to this Decision. This evaluation shall include an examination of the results achieved against objectives and an assessment of the continuing validity of the underlying rationale behind this Decision, the application of this Decision in respect of the VIS, the security of the VIS and any implications for future operations. The Commission shall transmit the evaluation reports to the European Parliament and the Council.

4.        The Member States and Europol shall provide to the Management Authority and the Commission the information necessary to draft the reports referred to in paragraph 2 and 3. This information may never jeopardise working methods nor include information that reveals sources, staff members or investigations of the designated authorities.

4a.      The Management Authority shall provide the Commission with the information necessary to produce the overall evaluations referred to in paragraph 3.

4b.      During a transitional period before the Management Authority takes up its responsibilities, the Commission shall be responsible for producing and submitting the reports referred to in paragraph 2.

Article 13

Entry into force and date of application

1.        This Decision shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.

2.        This Decision shall apply from the date to be determined by the Council once the Commission has informed the Council that the VIS Regulation has entered into force and is applicable.

The General Secretariat of the Council shall publish that date in the Official Journal of the European Union.

Done at Brussels,

                                                                      For the Council

                                                                  The President

ANNEX 2

Council Declaration concerning the Council Framework Decision on the protection of personal data processed in the framework of police and judicial co-operation in criminal matters

The Council recognises the importance of the existence of a comprehensive and coherent set of rules at the level of the European Union concerning the high level of protection of personal data processed in the framework of police and judicial co-operation in criminal matters, as a part of the Union's ever increasing regulatory set of instruments on such co-operation. These rules will constitute an important development of the minimum data protection principles set by the Convention of 28 January 1981 for the protection of individuals with regard to automatic processing of personal data, and in Recommendation (87)15 regulating the use of personal data in the police sector, both adopted in the framework of the Council of Europe.

Therefore, the Council continues to give priority to the examination of the proposal for a Council Framework Decision on the protection of personal data processed in the framework of police and judicial co-operation in criminal matters, and intends to reach a political agreement on the proposal as soon as possible and at the latest by the end of 2007.

ANNEX 3

Council Declaration concerning the right of access to the VIS

by the United Kingdom and Ireland in the Council Decision

The Council recognises that the shared security of Member States will be strengthened by the reciprocal access of the United Kingdom and Ireland to the Visa Information System and emphasizes the importance of the United Kingdom and Ireland access for law enforcement purposes to the Visa Information System. The Council will therefore keep the position of the United Kingdom and Ireland under review, including in relation to relevant jurisprudence and will in the light of the outcome of the Court Decisions adopt such provisions as may be necessary or appropriate to enable the United Kingdom and Ireland to have access to the Visa Information System on the same footing as the other Member States.

______________

  • [1]               Not yet published in OJ.
  • [2]               Bold and italics marks new or replacement text while deleted text is marked with the symbol .
  • [3]               OJ C , , p. .
  • [4]               OJ C , , p. .
  • [5]               OJ L 213, 15.6.2004, p. 5.
  • [6]               Conclusions of the meeting Council Competitiveness 7.3.2005, doc. 6811/05.
  • [7]               OJ C 316, 27.11.1995, p. 2, as last amended by the Protocol, drawn up on the basis of Article 43(1) of the Convention on the establishment of a European Police Office (Europol), amending that Convention - OJ C 2, 6.1.2004, p. 3.
  • [8]               OJ C, p
  • [9]               COM(2005)475
  • [10]             OJ L 281, 23.11.1995, p. 31.
  • [11]             OJ L 131, 1.6.2000, p. 43.
  • [12]             OJ L 64, 7.3.2002, p. 20.
  • [13]             OJ L 386, 18.12.2006, p. 89.
  • [14]             OJ L 176, 10.7.1999, p. 36.
  • [15]             OJ L 176, 10.7.1999, p. 31.
  • [16]             OJ L 368, 15.12.2004, p. 26.
  • [17]             OJ L 164, 22.6.2002, p.3.

PROCEDURE

Title

Access for consultation of the Visa Information System (VIS)

References

COM(2005)0600 - C6-0053/2006 - 2005/0232(CNS)

Date of consulting Parliament

10.2.2006

Committee responsible

       Date announced in plenary

LIBE

16.2.2006

Rapporteur(s)

       Date appointed

Sarah Ludford

23.1.2006

 

 

Discussed in committee

24.1.2006

23.3.2006

27.4.2006

4.5.2006

 

12.7.2006

27.11.2006

19.12.2006

1.2.2007

 

28.2.2007

11.4.2007

23.4.2007

 

Date adopted

14.5.2007

 

 

 

Result of final vote

+:

–:

0:

25

0

2

Members present for the final vote

Philip Bradbourn, Mihael Brejc, Fausto Correia, Esther De Lange, Panayiotis Demetriou, Agustín Díaz de Mera García Consuegra, Roland Gewalt, Jeanine Hennis-Plasschaert, Ewa Klamt, Magda Kósáné Kovács, Wolfgang Kreissl-Dörfler, Stavros Lambrinidis, Henrik Lax, Sarah Ludford, Viktória Mohácsi, Inger Segelström, Adina-Ioana Vălean, Ioannis Varvitsiotis, Tatjana Ždanoka

Substitute(s) present for the final vote

Inés Ayala Sender, Charlotte Cederschiöld, Gérard Deprez, Genowefa Grabowska, Sophia in ‘t Veld, Sylvia-Yvonne Kaufmann, Herbert Reul

Substitute(s) under Rule 178(2) present for the final vote

Manolis Mavrommatis