REPORT on the proposal for a regulation of the European Parliament and of the Council establishing an Entry/Exit System (EES) to register entry and exit data and refusal of entry data of third country nationals crossing the external borders of the Member States of the European Union and determining the conditions for access to the EES for law enforcement purposes and amending Regulation (EC) No 767/2008 and Regulation (EU) No 1077/2011

8.3.2017 - (COM(2016)0194 – C8-0135/2016 – 2016/0106(COD)) - ***I

Committee on Civil Liberties, Justice and Home Affairs
Rapporteur: Agustín Díaz de Mera García Consuegra


Procedure : 2016/0106(COD)
Document stages in plenary
Document selected :  
A8-0057/2017

DRAFT EUROPEAN PARLIAMENT LEGISLATIVE RESOLUTION

on the proposal for a regulation of the European Parliament and of the Council establishing an Entry/Exit System (EES) to register entry and exit data and refusal of entry data of third country nationals crossing the external borders of the Member States of the European Union and determining the conditions for access to the EES for law enforcement purposes and amending Regulation (EC) No 767/2008 and Regulation (EU) No 1077/2011

(COM(2016)0194 – C8-0135/2016 – 2016/0106(COD))

(Ordinary legislative procedure: first reading)

The European Parliament,

–  having regard to the Commission proposal to Parliament and the Council (COM(2016)0194),

–  having regard to Article 294(2) and Article 77(2)(b) and (d), Article 87(2)(a) and Article 88(22)(a) of the Treaty on the Functioning of the European Union, pursuant to which the Commission submitted the proposal to Parliament (C8-0135/2016),

–  having regard to Article 294(3) of the Treaty on the Functioning of the European Union,

–  having regard to the opinion of the European Economic and Social Committee of 21 September 2016[1],

–  after consulting the Committee of the Regions ,

–  having regard to Rule 59 of its Rules of Procedure,

–  having regard to the report of the Committee on Civil Liberties, Justice and Home Affairs and the opinion of the Committee on Budgets (A8-0057/2017),

1.  Adopts its position at first reading hereinafter set out;

2.  Calls on the Commission to refer the matter to Parliament again if it replaces, substantially amends or intends to substantially amend its proposal;

3.  Instructs its President to forward its position to the Council, the Commission and the national parliaments.

Amendment    1

Proposal for a regulation

Recital 6 a (new)

 

Text proposed by the Commission

Amendment

 

(6a)  With a view to further improving the management of the external borders and, in particular, in order to verify the respect of the provisions on an authorised period of stay within the Schengen area, a system which registers electronically the time and place of entry and exit of third-country nationals admitted for a short stay to the Schengen area and which calculates the duration of their authorised stay should be established.

Justification

A recital which sets out the overall rationale of a setting up the EES should be added.

Amendment    2

Proposal for a regulation

Recital 7

 

Text proposed by the Commission

Amendment

(7)  It is necessary to specify the objectives of the Entry/Exit System (EES) and its technical architecture, to lay down rules concerning its operation and use and to define responsibilities for the system, the categories of data to be entered into the system, the purposes for which the data are to be entered, the criteria for their entry, the authorities authorised to access the data and further rules on data processing and the protection of personal data.

(7)  It is necessary to specify the objectives of the Entry/Exit System (EES), the categories of data to be entered into the system, the criteria for their entry, the authorities authorised to access the data, further rules on data processing and the protection of personal data as well as the technical architecture of the system, rules concerning its operation and use and interoperability with other information systems. It is also necessary to define responsibilities for the system.

Amendment    3

Proposal for a regulation

Recital 8 a (new)

 

Text proposed by the Commission

Amendment

 

(8a)  Precise rules should be laid down as regards the responsibilities for the development and operation of the EES and the responsibilities of the Member States for the connection to the EES. Member States should be able to use resources available through their national programmes under the Internal Security Fund for the development and operation of the EES at national level. The Agency for the operational management of large-scale information systems in the area of freedom, security and justice, established by Regulation (EU) No 1077/2011 of the European Parliament and of the Council1a, should be responsible for the development and operational management of a centralised EES in accordance with this Regulation and the relevant provisions of Regulation (EU) No 1077/2011 should be amended accordingly.

 

__________

 

1a  Regulation (EU) No 1077/2011 of the European Parliament and of the Council of 25 October 2011 establishing a European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice (OJ L 286, 1.11.2011, p 1).

Amendment    4

Proposal for a regulation

Recital 9

 

Text proposed by the Commission

Amendment

(9)  The EES should have the objective of improving the management of external borders, preventing irregular immigration and facilitating the management of migration flows. The EES should, in particular and when relevant, contribute to the identification of any person who does not or no longer fulfils the conditions of duration of stay within the territory of the Member States.

(9)  The objective of the EES should be to improve the management of external borders, to prevent irregular immigration and to facilitate the management of migration flows. The EES should, in particular and when relevant, contribute to the identification of any person who does not or no longer fulfils the conditions of duration of the authorised stay within the territory of the Member States. Additionally, the EES should contribute to the prevention, detection and investigation of terrorist offences and of other serious criminal offices.

Amendment    5

Proposal for a regulation

Recital 9 a (new)

 

Text proposed by the Commission

Amendment

 

(9a)  The EES should consist of a Central System, which operates a computerised central database of biometric and alphanumeric data, a National Uniform Interface in each Member State, a Secure Communication Channel between the EES Central System and the Central Visa Information System (VIS Central System) of the Visa Information System (VIS), established by Council Decision 2004/512/EC1a, and the secure and encrypted Communication Infrastructure between the Central System and the National Uniform Interfaces. Each Member State should connect its national border infrastructures to the National Uniform Interface in a secure manner. In order to enable third country nationals and carriers to verify at any moment the remaining authorised period of stay a web service should be developed. Relevant stakeholders should be consulted in the development phase of the web service.

 

_______________

 

1a Council Decision 2004/512/EC of 8 June 2004 establishing the Visa Information System (VIS) (OJ L 213, 15.6.2004, p.5).

Amendment    6

Proposal for a regulation

Recital 9 b (new)

 

Text proposed by the Commission

Amendment

 

(9b)  Interoperability should be established between the EES and the VIS by way of a direct communication channel between the VIS Central System and the EES Central System to enable the border authorities using the EES to consult the VIS in order to retrieve visa-related data to create or update the individual file, to enable the border authorities to verify the validity of the visa and the identity of the visa holder by means of fingerprints directly against the VIS at the external borders and to enable the border authorities to verify the identity of visa exempt third country nationals against the VIS with fingerprints. Interoperability should also enable the border authorities using the VIS to directly consult the EES from the VIS for the purposes of examining visa applications and decisions relating to those applications and enabling visa authorities to update the visa-related data in the EES in the event that a visa is annulled, revoked or extended. Regulation (EC) No 767/2008 of the European Parliament and of the Council1a should be amended accordingly.

 

_________

 

1a  Regulation (EC) No 767/2008 of the European Parliament and of the Council of 9 July 2008 concerning the Visa Information System (VIS) and the exchange of data between Member States on short-stay visas (VIS Regulation) (OJ L 218, 13.8.2008, p.60).

Justification

The order of the recitals is changed in order to reflect the order of the Articles. Ex-recital 13 is not modified.

Amendment    7

Proposal for a regulation

Recital 9 c (new)

 

Text proposed by the Commission

Amendment

 

(9c)  In order to structurally improve the Union's data management architecture for border control and security, the Commission’s Communication of 6 April 2016 entitled 'Stronger and Smarter Information Systems for Borders and Security' presented a process towards the interoperability of information systems. The High-level Expert Group on Information Systems and Interoperability, set up as announced in this Communication, is expected to present its results in the spring of 2017. Those results might be relevant for the further development of the EES and, where this is the case, the Commission is invited to propose any appropriate measures concerning the EES.

Amendment    8

Proposal for a regulation

Recital 9 d (new)

 

Text proposed by the Commission

Amendment

 

(9d)  This Regulation should define the authorities of the Member States which may be authorised to have access to the EES to enter, amend, delete or consult data for the specific purposes of the EES and to the extent necessary for the performance of their tasks.

Justification

The order of the recitals is changed in order to reflect the order of the Articles. Ex-recital 14 is not modified.

Amendment    9

Proposal for a regulation

Recital 9 e (new)

 

Text proposed by the Commission

Amendment

 

(9e)  Any processing of EES data should be proportionate to the objectives pursued and necessary for the performance of the tasks of the competent authorities. When using the EES, the competent authorities should ensure that the human dignity and integrity of the person whose data are requested, are respected and should not discriminate against persons on grounds of sex, race, colour, ethnic or social origin, genetic features, language, religion or belief, political or any other opinion, membership of a national minority, property, birth, disability, age or sexual orientation.

Amendment    10

Proposal for a regulation

Recital 10

 

Text proposed by the Commission

Amendment

(10)  To meet those objectives, the EES should process alphanumeric data and biometric data (fingerprints and facial image). The use of biometrics, despite its impact on the privacy of travellers, is justified for two reasons. Firstly, biometrics are a reliable method to identify third country nationals within the territory of the Member States not in possession of travel documents or any other means of identification, a common modus operandi of irregular migrants. Secondly, biometrics provide for the more reliable matching of entry and exit data of legal travellers. Where facial images are used in combination with fingerprint data, it allows for the reduction of fingerprints registered while enabling the same result in terms of accuracy of the identification.

(10)  The EES should collect and process alphanumeric data and biometric data (fingerprints and facial image) primarily for the purposes of improving the management of external borders, preventing irregular immigration and facilitating the management of migration flows. Personal data collected in the EES may be further processed to contribute to the prevention, detection and investigation of terrorist offences and of other serious criminal offices only under the conditions laid down in this Regulation. The use of biometrics, despite its impact on the privacy of travellers, is justified for two reasons. Firstly, biometrics are a reliable method to identify third country nationals within the territory of the Member States not in possession of travel documents or any other means of identification, a common modus operandi of irregular migrants. Secondly, biometrics provide for the more reliable matching of entry and exit data of legal travellers. Where facial images are used in combination with fingerprint data, it allows for the reduction of fingerprints registered while enabling the same result in terms of accuracy of the identification.

Amendment    11

Proposal for a regulation

Recital 11

 

Text proposed by the Commission

Amendment

(11)  Four fingerprints of visa exempt third country nationals should be enrolled in the EES, if physically possible, to allow for accurate verification and identification (ensuring that the third country national is not already enrolled under another identity or with another travel document) and to guarantee that sufficient data is available in every circumstance. The check of the fingerprints of visa holders will be done against the Visa Information System. (VIS) established by Council Decision 2004/512/EC4. The facial image of both visa exempt and visa holding third country nationals should be registered in the EES and it should be used as the main biometric identifier for verifying the identity of third country nationals who have been previously registered in the EES and for as long as their individual file has not been deleted. Alternatively, that verification should be performed using fingerprints.

(11)  Four fingerprints of visa exempt third country nationals should be enrolled in the EES, if physically possible, to allow for accurate verification and identification (ensuring that the third country national is not already enrolled under another identity or with another travel document) and to guarantee that sufficient data is available to achieve the objectives of the EES. The check of the fingerprints of visa holders will be done against the VIS. The facial image of both visa exempt and visa holding third country nationals should be registered in the EES and it should be used as the main biometric identifier for verifying the identity of third country nationals who have been previously registered in the EES and for as long as their individual file has not been deleted. Alternatively, that verification should be performed using fingerprints.

__________

__________

4  Council Decision 2004/512/EC of 8 June 2004 establishing the Visa Information System (VIS) (OJ L 213, 15.6.2004, p.5).

 

Amendment    12

Proposal for a regulation

Recital 12

 

Text proposed by the Commission

Amendment

(12)  The EES should consist of a Central System, which will operate a computerised central database of biometric and alphanumeric data, a National Uniform Interface in each Member State, a Secure Communication Channel between the EES Central System and the VIS Central System and the Communication Infrastructure between the Central System and the National Uniform Interfaces. Each Member State should connect its national border infrastructures to the National Uniform Interface.

deleted

Justification

This recital is moved.

Amendment    13

Proposal for a regulation

Recital 13

 

Text proposed by the Commission

Amendment

(13)  Interoperability should be established between the EES and the VIS by way of a direct communication channel between the Central Systems to enable the border authorities using the EES to consult the VIS in order to retrieve visa-related data to create or update the individual file; to enable the border authorities to verify the validity of the visa and the identity of a visa holder by means of fingerprints directly against the VIS at the external borders and to enable the border authorities to verify the identity of visa exempt third country nationals against the VIS with fingerprints. Interoperability should also enable the border authorities using the VIS to directly consult the EES from the VIS for the purposes of examining visa applications and decisions relating to those applications and enable visa authorities to update the visa-related data in the EES in the event that a visa is annulled, revoked or extended. Regulation (EC) No 767/2008/EC of the European Parliament and of the Council should be amended accordingly.

deleted

Justification

This recital is moved.

Amendment    14

Proposal for a regulation

Recital 14

 

Text proposed by the Commission

Amendment

(14)  This Regulation should define the authorities of the Member States which may be authorised to have access to the EES to enter, amend, delete or consult data for the specific purposes of the EES and to the extent necessary for the performance of their tasks.

deleted

Justification

This recital is moved.

Amendment    15

Proposal for a regulation

Recital 15

 

Text proposed by the Commission

Amendment

(15)  Any processing of EES data should be proportionate to the objectives pursued and necessary for the performance of tasks of the competent authorities. When using the EES, the competent authorities should ensure that the human dignity and integrity of the person, whose data are requested, are respected and should not discriminate against persons on grounds of sex, colour, ethnic or social origin, genetic features, language, religion or belief, political or any other opinion, membership of a national minority, property, birth, disability, age or sexual orientation.

deleted

Justification

This recital is moved.

Amendment    16

Proposal for a regulation

Recital 16

 

Text proposed by the Commission

Amendment

(16)  In the fight against terrorist offences and other serious criminal offences, it is imperative that law enforcement authorities have the most up-to-date information if they are to perform their tasks. Access to VIS data for law enforcement purpose has already proven its usefulness in identifying people who died violently or for helping investigators to make substantial progress in cases related to human being trafficking, terrorism or drug trafficking. Access to the information contained in the EES is necessary to prevent, detect and investigate terrorist offences as referred to in Council Framework Decision 2002/475/JHA6 or other serious criminal offences as referred to in Council Framework Decision 2002/584/JHA7. The data generated by the EES may be used as an identity verification tool both in cases where the third country national has destroyed his/her documents and where law enforcement authorities are investigating a crime through the use of fingerprints or facial image and wish to establish an identity. It may also be used as a criminal intelligence tool to construct evidence by tracking the travel routes of a person suspected of having committed a crime or a victim of crime. Therefore, the data in the EES should be available, to the designated authorities of the Member States and the European Police Office ('Europol'), subject to the conditions set out in this Regulation.

(16)  In the fight against terrorist offences and other serious criminal offences, it is necessary that designated law enforcement authorities have the most up-to-date information if they are to perform their tasks. Access to VIS data for law enforcement purpose has already proven its usefulness in identifying people who died violently or for helping investigators to make substantial progress in cases related to human being trafficking, terrorism or drug trafficking. Access to the information contained in the EES is necessary to prevent, detect and investigate terrorist offences as referred to in Council Framework Decision 2002/475/JHA6 or other serious criminal offences as referred to in Council Framework Decision 2002/584/JHA7. The data generated by the EES may be used as an identity verification tool both in cases where the third country national has destroyed his/her documents and where law enforcement authorities are investigating a crime through the use of fingerprints or facial image and wish to establish an identity. It may also be used as a tool to construct evidence by tracking the travel routes of a person suspected of having committed a crime or a victim of crime. Therefore, the data in the EES should be available, to the designated authorities of the Member States and the European Police Office ('Europol'), subject to the conditions set out in this Regulation. From the perspective of the law enforcement purposes and in order to prevent, detect and investigate terrorist offences or other serious criminal offences a search of the database is proportionate if there is an overriding public security concern. Any search must be duly justified and proportionate in the light of the interest invoked.

___________

___________

6  Council Framework Decision 2002/475/JHA of 13 June 2002 on combatting terrorism (OJ L 164, 22.6.2002 p.6).

6  Council Framework Decision 2002/475/JHA of 13 June 2002 on combatting terrorism (OJ L 164, 22.6.2002 p.6).

7  Council Framework Decision 2002/584/JHA of 13 June 2002 on the European arrest warrant and the surrender procedures between Member State (OJ L 190, 18.7.2002, p. 1).

7  Council Framework Decision 2002/584/JHA of 13 June 2002 on the European arrest warrant and the surrender procedures between Member State (OJ L 190, 18.7.2002, p. 1).

Amendment    17

Proposal for a regulation

Recital 17

 

Text proposed by the Commission

Amendment

(17)  Moreover, Europol plays a key role with respect to cooperation between Member States’ authorities in the field of cross-border crime investigation in supporting Union-wide crime prevention, analyses and investigation. Consequently, Europol should also have access to the EES within the framework of its tasks and in accordance with Council Decision 2009/371/JHA. 8

(17)  Moreover, Europol plays a key role with respect to cooperation between Member States’ authorities in the field of cross-border crime investigation in supporting Union-wide crime prevention, analyses and investigation. Consequently, Europol should also have access to the EES within the framework of its tasks and in accordance with Regulation (EU) 2016/794 of the European Parliament and of the Council.8 The European Data Protection Supervisor should monitor the processing of data by Europol and ensure full compliance with applicable data protection rules.

___________________

___________________

8  Council Decision 2009/371/JHA of 6 April 2009 establishing the European Police Office (Europol) (OJ L 121, 15.5.2009, p. 37).

8  Regulation (EU) 2016/794 of the European Parliament and of the Council 11 May 2016 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA (OJ L 135, 24.5.2016, p. 53).

Amendment    18

Proposal for a regulation

Recital 19

 

Text proposed by the Commission

Amendment

(19)  Comparisons of data on the basis of a latent fingerprint, which is the dactyloscopic trace which may be found at a crime scene, is fundamental in the field of police cooperation. The possibility to compare a latent fingerprint with the fingerprint data which is stored in the EES in cases where there are reasonable grounds for believing that the perpetrator or victim may be registered in the EES should provide the law enforcement authorities of the Member States with a very valuable tool in preventing, detecting or investigating terrorist offences or other serious criminal offences, when for example the only evidence at a crime scene are latent fingerprints.

(19)  Comparisons of data on the basis of a latent fingerprint, which is the dactyloscopic trace which may be found at a crime scene, is fundamental in the field of police cooperation. The possibility to compare a latent fingerprint with the fingerprint data which is stored in the EES in cases where there are reasonable grounds for believing that the perpetrator or victim may be registered in the EES is necessary for the law enforcement authorities of the Member States to prevent, detect or investigate terrorist offences or other serious criminal offences, when for example the only evidence at a crime scene are latent fingerprints.

Amendment    19

Proposal for a regulation

Recital 24 a (new)

 

Text proposed by the Commission

Amendment

 

(24a)  Member States should ensure that border guards have access to Interpol’s Stolen and Lost Travel Documents database, and the relevant national and Union databases. They should also ensure that border guards make full use of their right to access those databases when registering travellers from third countries entering or exiting the territory of the Union.

Amendment    20

Proposal for a regulation

Recital 25

 

Text proposed by the Commission

Amendment

(25)  The personal data stored in the EES should be kept for no longer than is necessary for the purposes of the EES. It is appropriate to keep the data related to third country nationals for a period of five years for border management purposes in order to avoid the need for third country nationals to re-enrol in the EES before that period has lapsed. For third country nationals who are family members of a Union citizen to whom Directive 2004/38/EC10 applies or of a national of a third country enjoying the right of free movement under Union law and who do not hold a residence card referred to under Directive 2004/38/EC, it is appropriate to store each coupled entry/exit reccord for a maximum period of one year after the last exit.

(25)  The personal data stored in the EES should be kept for no longer than strictly necessary for the purposes for which the data are processed. It is sufficient to keep the data related to third country nationals who have lawfully used the EES and for third-country nationals whose entry for a short stay {or on the basis of a touring visa} has been refused for a period of two years for border management purposes in order to avoid the need for third country nationals to re-enrol in the EES before that period has lapsed. The two-year data retention period will reduce the frequency of re-enrolments and will be beneficial for all travellers as both the average border crossing time and the waiting time at border crossing points will decrease. Even for a traveller entering only once in the Schengen area, the fact that other travellers already registered in the EES do not have to re-enrol before the expiry of this two-year period will reduce the waiting time at the border crossing point. This two-year data retention period is also necessary to facilitate border crossings by using process accelerators and self-service systems. For third country nationals who are family members of a Union citizen to whom Directive 2004/38/EC10 applies or of a national of a third country enjoying the right of free movement under Union law and who do not hold a residence card referred to under Directive 2004/38/EC, it is appropriate to store each coupled entry/exit record for a maximum period of one year after the last exit. Following the expiry of the relevant data retention periods the data should be automatically erased.

___________

___________

10  Directive 2004/38/EC of the European Parliament and of the Council of 29 April 2004 on the right of citizens of the Union and their family members to move and reside freely within the territory of the Member States amending Regulation (EEC) No 1612/68 and repealing Directives 64/221/EEC, 68/360/EEC, 72/194/EEC, 73/148/EEC, 75/34/EEC, 75/35/EEC, 90/364/EEC, 90/365/EEC and 93/96/EEC (OJ L 158, 30.4.2004, p. 77).

10  Directive 2004/38/EC of the European Parliament and of the Council of 29 April 2004 on the right of citizens of the Union and their family members to move and reside freely within the territory of the Member States amending Regulation (EEC) No 1612/68 and repealing Directives 64/221/EEC, 68/360/EEC, 72/194/EEC, 73/148/EEC, 75/34/EEC, 75/35/EEC, 90/364/EEC, 90/365/EEC and 93/96/EEC (OJ L 158, 30.4.2004, p. 77).

Amendment    21

Proposal for a regulation

Recital 25 a (new)

 

Text proposed by the Commission

Amendment

 

(25a)  A retention period of four years is necessary for data on third-country nationals who have not exited the territory of the Member States within the authorised period of stay in order to support the identification and return process. The data should be automatically erased after the period of four years, unless there are grounds to delete it earlier.

Amendment    22

Proposal for a regulation

Recital 26

 

Text proposed by the Commission

Amendment

(26)  A five year data retention period is necessary to allow the border guard performing the necessary risk analysis requested by the Schengen Borders Code before authorising a traveller entering the Schengen area. The processing of visa application in consular posts requires also analysing the travel history of the applicant to assess the use of previous visas and the respect of the conditions of stay. The abandoning of passport stamping will be compensated by a consultation of the EES. The travel history available in the system should therefore cover a period of time which is sufficient for the purpose of visa issuance. The five year data retention period will reduce the re-enrolment frequency and will be beneficial for all travellers as the average border crossing time will decrease as will do the waiting time at border crossing points. Even for a traveller entering only once in the Schengen area, the fact that other travellers being already registered in the EES will not have to re-enrol will reduce the waiting time at border. This data retention period will also be necessary to allow for facilitation for the border crossing by using process accelerators and self-service systems. Such facilitation is dependent of the data registered in the system. A shorter data retention period would have a negative impact on the duration of border controls. A shorter data retention period would also reduce the group of travellers that can benefit of such facilitation and thereby undermine the stated objective of EES to facilitate border crossing.

(26)  A two year data retention period for the personal data of third-country nationals who have lawfully used the EES and of third-country nationals whose entry for a short stay {or on the basis of a touring visa} has been refused and a four year data retention period for the personal data of third country nationals who have not exited the territory of the Member States within the authorised period of stay are necessary to allow the border guard to perform the necessary risk analysis requested by the Schengen Borders Code before authorising a traveller to enter the Schengen area. The processing of visa applications in consular posts also requires analysing the travel history of the applicant to assess the use of previous visas and whether the conditions of stay have been respected. The abandoning of passport stamping will be compensated by a consultation of the EES. The travel history available in the system should therefore cover a period of time which is sufficient for the purpose of visa issuance. While performing the risk analysis at the border and while processing a visa application, the travel history of third-country nationals should be checked in order to determine whether they have exceeded the maximum duration of their authorised stay in the past. It is thus necessary to retain the personal data of third-country nationals who have not exited the territory of the Member States within the authorised period of stay for the longer period of four years compared to that for the personal data of the third-country nationals who have lawfully used the system and of third-country nationals whose entry for a short stay {or on the basis of a touring visa} has been refused.

Amendment     23

Proposal for a regulation

Recital 27

Text proposed by the Commission

Amendment

(27)  The same retention period of five years would be necessary for data on persons who have not exited the territory of the Member States within the authorised period of stay in order to support the identification and return process and for persons whose entry for a short stay {or on the basis of a touring visa} has been refused. The data should be deleted after the period of five years, unless there are grounds to delete it earlier.

deleted

Amendment    24

Proposal for a regulation

Recital 28

 

Text proposed by the Commission

Amendment

(28)  Precise rules should be laid down as regards the responsibilities for the development and operation of the EES and the responsibilities of the Member States for the connection to the EES. The Agency for the operational management of large-scale information systems in the area of freedom, security and justice, established by Regulation (EU) No 1077/2011 of the European Parliament and of the Council , should be responsible for the development and operational management of a centralised EES in accordance with this Regulation and the relevant provisions of Regulation (EU) No 1077/2011 should be amended accordingly.

deleted

Justification

This recital is moved.

Amendment    25

Proposal for a regulation

Recital 30

 

Text proposed by the Commission

Amendment

(30)  Directive 95/46/EC of the European Parliament and of the Council12 applies to the processing of personal data by the Member States in application of this Regulation unless such processing is carried out by the designated or verifying authorities of the Member States for the purposes of the prevention, detection or investigation of terrorist offences or of other serious criminal offences.

(30)  Regulation (EU) 2016/679 of the European Parliament and of the Council12 applies to the processing of personal data by the Member States in application of this Regulation unless such processing is carried out by the designated or verifying authorities of the Member States for the purposes of the prevention, investigation, detection or prosecution of terrorist offences or of other serious criminal offences.

___________________

___________________

12  Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (OJ L 281, 23.11.1995, p. 31).

12  Regulation (EU) 2016/679 of 27 April 2016 of the European Parliament and of the Council on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, p. 1).

Amendment    26

Proposal for a regulation

Recital 31

 

Text proposed by the Commission

Amendment

(31)   The processing of personal data by the authorities of the Member States for the purposes of the prevention, detection or investigation of terrorist offences or of other serious criminal offences pursuant to this Regulation should be subject to a standard of protection of personal data under their national law which complies with Council Framework Decision 2008/977/JHA13.

(31)  The national laws, regulations and administrative provisions adopted pursuant to Directive (EU) 2016/680 of the European Parliament and of the Council12a apply to the processing of personal data by the competent authorities of the Member States for the purposes of the prevention, investigation, detection or prosecution of terrorist offences or of other serious criminal offences pursuant to this Regulation.

___________________

___________________

 

12a Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA (OJ L 119, 4.5.2016, p. 89).

13 Council Framework Decision 2008/977/JHA of 27 November 2008 on the protection of personal data processed in the framework of police and judicial co-operation in criminal matters (OJ L 350, 30.12.2008, p. 60).

 

Amendment    27

Proposal for a regulation

Recital 34

 

Text proposed by the Commission

Amendment

(34)  The independent supervisory authorities established in accordance with Article 28 of Directive 95/46/EC should monitor the lawfulness of the processing of personal data by the Member States, whilst the European Data Protection Supervisor as established by Regulation (EC) No 45/2001 should monitor the activities of the Union institutions and bodies in relation to the processing of personal data. The European Data Protection Supervisor and the supervisory authorities should cooperate with each other in the monitoring of the EES.

(34)  The independent supervisory authorities established in accordance with Article 51 of Regulation (EU) 2016/679 should monitor the lawfulness of the processing of personal data by the Member States, whilst the European Data Protection Supervisor as established by Regulation (EC) No 45/2001 should monitor the activities of the Union institutions and bodies in relation to the processing of personal data. The European Data Protection Supervisor and the supervisory authorities should cooperate with each other in the monitoring of the EES.

Amendment    28

Proposal for a regulation

Recital 35

 

Text proposed by the Commission

Amendment

(35)  National supervisory authorities established in accordance with Article 25 of Council Framework Decision 2008/977/JHA should monitor the lawfulness of the processing of personal data for law enforcement purposes by the Member States, and the national supervisory authorities established in accordance with Article 33 of Decision 2009/371/JHA should monitor the lawfulness of data processing activities performed by Europol.

(35)  National supervisory authorities established in accordance with Article 41 of Directive (EU) 2016/680 should monitor the lawfulness of the processing of personal data for law enforcement purposes by the Member States.

Justification

Monitoring of the lawfulness of processing by Europol is a competence of EDPS, according to Article 43 of the Europol Regulation, and not of national supervisory authorities.

Amendment    29

Proposal for a regulation

Recital 36

 

Text proposed by the Commission

Amendment

(36)  "(...) The European Data Protection Supervisor was consulted in accordance with Article 28(2) of Regulation (EC) No 45/2001 and delivered an opinion on

(36)  The European Data Protection Supervisor was consulted in accordance with Article 28(2) of Regulation (EC) No 45/2001 and delivered an opinion on 21 September 2016.

Amendment    30

Proposal for a regulation

Recital 37

 

Text proposed by the Commission

Amendment

(37)  The proposal establishes strict access rules to the EES system and the necessary safeguards. It also sets out the individuals' rights of access, correction, deletion and redress, in particular the right to a judicial remedy and the supervision of processing operations by public independent authorities. This Regulation therefore respects the fundamental rights and observes the principles recognised by the Charter of Fundamental Rights of the European Union, in particular the right to dignity (Article 1 of the Charter); the prohibition of slavery and forced labour (Article 5 of the Charter); the right to liberty and security (Article 6 of the Charter), respect for private and family life (Article 7 of the Charter), the protection of personal data (Article 8 of the Charter), the right to non-discrimination (Article 21 of the Charter), the rights of the child (Article 24 of the Charter), the rights of elderly (Article 25 of the Charter ), the rights of persons with disabilities (article 26 of the Charter) and the right to an effective remedy (Article 47 of the Charter).

(37)  The proposal establishes strict access rules to the EES system and the necessary safeguards. It also sets out the individuals' rights of access, rectification, completion, erasure and redress, in particular the right to a judicial remedy and the supervision of processing operations by public independent authorities. This Regulation therefore respects the fundamental rights and observes the principles recognised by the Charter of Fundamental Rights of the European Union, in particular the right to dignity (Article 1 of the Charter); the prohibition of slavery and forced labour (Article 5 of the Charter); the right to liberty and security (Article 6 of the Charter), respect for private and family life (Article 7 of the Charter), the protection of personal data (Article 8 of the Charter), the right to non-discrimination (Article 21 of the Charter), the rights of the child (Article 24 of the Charter), the rights of elderly (Article 25 of the Charter ), the rights of persons with disabilities (article 26 of the Charter) and the right to an effective remedy (Article 47 of the Charter).

Amendment     31

Proposal for a regulation

Recital 37 a (new)

Text proposed by the Commission

Amendment

 

(37a)  Access to data contained in the EES should in no circumstances be used by Member States as a ground to circumvent their international obligations under the Geneva Convention Relating to the Status of Refugees of 28 July 1951, as supplemented by the New York Protocol of 31 January 1967, and should not be used to deny asylum seekers safe and effective legal avenues to Union territory to exercise their right to international protection.

Amendment    32

Proposal for a regulation

Recital 39 a (new)

 

Text proposed by the Commission

Amendment

 

(39a)  By the start operations it should be assumed that all remaining internal border controls have been lifted and that all the current Schengen Member States apply Title III of Regulation (EU) 2016/399 of the European Parliament and of the Council1a . The EES as a border management tool enhancing the efficiency of border checks by calculating and monitoring the duration of the authorised stay should therefore be developed and its integration into national border infrastructures be prepared on the basis of one common area without internal border controls in which persons may move freely for one defined period of authorised stay.

 

___________________

 

1a Regulation (EU) 2016/399 of the European Parliament and of the Council of 9 March 2016 on a Union Code on the rules governing the movement of persons across borders (Schengen Borders Code) (OJ L 77, 23.3.2016, p. 1).

Amendment    33

Proposal for a regulation

Recital 43

 

Text proposed by the Commission

Amendment

(43)  This Regulation establishing the EES replaces the obligation to stamp passports of third country nationals which is applicable by all acceding Member States. Stays in Member States which are not yet fully applying the Schengen acquis in accordance with their respective Acts of Accession should not be taken into account in the calculation of the duration of the authorised stay in the Schengen area. Such Member States should register in the EES the stay of third country nationals but the automated calculator in the system should not compute it as part of the authorised length of stay.

(43)  This Regulation establishing the EES replaces the obligation to stamp passports of third country nationals which is applicable by all acceding Member States.

Amendment     34

Proposal for a regulation

Recital 44

Text proposed by the Commission

Amendment

(44)  This Regulation is without prejudice to the application of Dreictive 2004/38/EC.

(44)  This Regulation is without prejudice to the application of Directive 2004/38/EC.

Amendment    35

Proposal for a regulation

Recital 51

 

Text proposed by the Commission

Amendment

(51)  This Regulation constitutes an act building upon, or otherwise relating to, the Schengen acquis within, respectively, the meaning of Article 3(2) of the 2003 Act of Accession, Article 4(2) of the 2005 Act of Accession and Article 4(2) of the 2011 Act of Accession,

deleted

Amendment    36

Proposal for a regulation

Article 1 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  This Regulation establishes an 'Entry/Exit System' (EES) for the recording and storage of information on the date, time and place of entry and exit of third country nationals crossing the external borders of the Member States, for the calculation of the duration of their stay, and for the generation of alerts to Member States when authorised periods for stay have expired as well as for the recording of the date, time and place of refusal of entry of third country nationals whose entry for a short stay {or on the basis of a touring visa} has been refused as well as the authority of the Member State which refused the entry and the reasons for the refusal.

1.  This Regulation establishes an 'Entry/Exit System' (EES) for the recording and storage of information on the date, time and place of entry and exit of third country nationals crossing the external borders of the Member States, for the calculation of the duration of their authorised stay, and for the generation of alerts to Member States when authorised periods for stay have expired as well as for the recording of the date, time and place of refusal of entry of third country nationals whose entry for a short stay {or on the basis of a touring visa} has been refused as well as the authority of the Member State which refused the entry and the reasons for the refusal.

Amendment     37

Proposal for a regulation

Article 1 – paragraph 2

Text proposed by the Commission

Amendment

2.  This Regulation also lays down in its Chapter IV the conditions under which Member States' designated law enforcement authorities and the European Police Office (Europol) may obtain access for consultation of the EES for the purposes of the prevention, detection and investigation of terrorist offences or of other serious criminal offences.

2.  For the purposes of the prevention, detection and investigation of terrorist offences or of other serious criminal offences, this Regulation also lays down in its Chapter IV the conditions and limitations under which Member States' designated law enforcement authorities and the European Police Office (Europol) may obtain access for consultation of the EES.

Amendment    38

Proposal for a regulation

Article 3 – paragraph 1 – point 4 a (new)

 

Text proposed by the Commission

Amendment

 

(4a)  ‘designated law enforcement authorities’ means the authorities responsible for the prevention, detection or investigation of terrorist offences or of other serious criminal offences designated by the Member States pursuant to Article 26;

Amendment    39

Proposal for a regulation

Article 3 – paragraph 1 – point 8

 

Text proposed by the Commission

Amendment

(8)  ‘short stay visa’ means an authorisation issued by a Member State with a view to an intended stay on the territory of the Member States of a duration of no more than 90 days in any 180 day period;

(8)  ‘short stay visa’ means visa as defined in point (a) of point 2 of Article 2 of Regulation (EC) No 810/2009 of the European Parliament and of the Council1a;

 

___________________

 

1a Regulation (EC) No 810/2009 of the European Parliament and of the Council of 13 July 2009 establishing a Community Code on Visas (Visa Code) (OJ L 243, 15.9.2009, p. 1).

Justification

Instead of defining “short stay visa” a cross-reference to the Visa Code is proposed.

Amendment    40

Proposal for a regulation

Article 3 – paragraph 1 – point 9

 

Text proposed by the Commission

Amendment

(9)  ‘touring visa’ means an authorisation issued by a Member State with a view to an intended stay in the territory of two or more Member States for a duration of more than 90 days in any 180 day period, provided that the applicant does not intend to stay for more than 90 days in any 180 day period in the territory of the same Member State;

(9)  ‘touring visa’ means an authorisation issued by a Member State with a view to an intended stay in the territory of two or more Member States for a duration of 12 months in any 15 month period, provided that the applicant does not stay for more than 90 days in any 180 day period in the territory of the same Member State;

Justification

This definition of touring visa is adjusted to the LIBE report thereon.

Amendment    41

Proposal for a regulation

Article 3 – paragraph 1 – point 15

 

Text proposed by the Commission

Amendment

(15)  ‘fingerprint data’ means the data relating to fingerprints of the index, middle finger, ring finger and little finger from the right hand, where present, and otherwise from the left hand, or a latent fingerprint;

(15)  ‘fingerprint data’ means the data relating to fingerprints of the index, middle finger, ring finger and little finger from the right hand, where present, and otherwise from the left hand, with sufficient image resolution and quality to be used in automated biometric matching, or a latent fingerprint;

Amendment    42

Proposal for a regulation

Article 3 – paragraph 1 – point 20

 

Text proposed by the Commission

Amendment

(20)  'Frontex' means the European Agency for the Management of Operational Cooperation at the External Borders of the Member States of the European Union established by Regulation (EC) No 2007/2004;

(20)  'Frontex' means the European Border and Coast Guard Agency established by Regulation (EU) 2016/1624 of the European Parliament and of the Council1a;

 

___________________

 

1a Regulation (EU) 2016/1624 of the European Parliament and of the Council of 14 September 2016 on the European Border and Coast Guard and amending Regulation (EU) 2016/399 of the European Parliament and of the Council and repealing Regulation (EC) No 863/2007 of the European Parliament and of the Council, Council Regulation (EC) No 2007/2004 and Council Decision 2005/267/EC (OJ L 251, 16.9.2016, p. 1).

Amendment    43

Proposal for a regulation

Article 3 – paragraph 1 – point 21

 

Text proposed by the Commission

Amendment

(21)  'supervisory authority' means the supervisory authorities established in accordance with Article 28 of Directive 95/46/EC;

deleted

Amendment     44

Proposal for a regulation

Article 3 – paragraph 1 – point 22

Text proposed by the Commission

Amendment

(22)  ‘national supervisory authority’ as regards law enforcement purposes means the supervisory authorities established in accordance with Article 25 of Council Framework Decision 2008/977/JHA;

deleted

Amendment     45

Proposal for a regulation

Article 3 – paragraph 1 – point 23

Text proposed by the Commission

Amendment

(23)  ‘national supervisory body’ means the supervisory bodies established in accordance with Article 33 of Decision 2009/371/JHA;

deleted

Amendment    46

Proposal for a regulation

Article 3 – paragraph 2

 

Text proposed by the Commission

Amendment

2.  The terms defined in Article 2 of Directive 95/46/EC shall have the same meaning in this Regulation in so far as personal data are processed by the authorities of Member States for the purpose laid down in Article 5 of this Regulation.

2.  The terms defined in Article 4 of Regulation (EU) 2016/679 shall have the same meaning in this Regulation in so far as personal data are processed by the authorities of Member States for the purposes laid down in Article 5(1) of this Regulation.

Amendment    47

Proposal for a regulation

Article 3 – paragraph 3

 

Text proposed by the Commission

Amendment

3.  The terms defined in Article 2 of Framework Decision 2008/977/JHA shall have the same meaning in this Regulation in so far as personal data are processed by the authorities of the Member States for law enforcement purposes.

3.  The terms defined in Article 3 of Directive (EU) 2016/680 shall have the same meaning in this Regulation in so far as personal data are processed by the authorities of the Member States for law enforcement purposes laid down in Article 5(1a) of this Regulation.

Amendment    48

Proposal for a regulation

Article 4 – title

 

Text proposed by the Commission

Amendment

Set-up of the EES

Development and operational management of the EES

Amendment     49

Proposal for a regulation

Article 4 – paragraph 1

Text proposed by the Commission

Amendment

The Agency for the operational management of large-scale information systems in the area of freedom, security and justice ('eu-LISA') shall develop the EES and ensure its operational management, including the functionalities for processing biometric data referred to in Article 14(1)(f) and Article 15.

The Agency for the operational management of large-scale information systems in the area of freedom, security and justice ('eu-LISA') shall develop the EES and ensure its operational management, including the functionalities for processing biometric data referred to in Article 14(1)(f) and Article 15, as well as adequate security.

Amendment    50

Proposal for a regulation

Article 5 – title

 

Text proposed by the Commission

Amendment

Purpose of the EES

Objectives of the EES

Amendment     51

Proposal for a regulation

Article 5 – paragraph 1 – introductory part

Text proposed by the Commission

Amendment

By recording, storing and providing access to Member States to the date, time and place of the entry and exit and refusals of entry of third country nationals at external borders, the EES shall:

1.  By recording, storing and providing Member States with access to the date, time and place of the entry and exit and refusals of entry of third country nationals at external borders, the EES shall:

 

 

Amendment     52

Proposal for a regulation

Article 5 – paragraph 1 – point c

Text proposed by the Commission

Amendment

(c)  allow to identify and detect overstayers (also within the territory) and enable competent national authorities of the Member States to take appropriate measures including to increase the possibilities for return

(c)  allow the identification and detection of overstayers and enable competent national authorities of the Member States to take appropriate measures;

 

 

Amendment    53

Proposal for a regulation

Article 5 – paragraph 1 – point e

 

Text proposed by the Commission

Amendment

(e)  free up border control resources from performing checks that can be automated and enable better focus on the assessment of third country nationals;

(e)  enable the automation of border checks on third-country nationals;

Amendment     54

Proposal for a regulation

Article 5 – paragraph 1 – point j

Text proposed by the Commission

Amendment

(j)  contribute to the prevention, detection and investigation of terrorist offences or of other serious criminal offences;

deleted

Amendment     55

Proposal for a regulation

Article 5 – paragraph 1 – point k

Text proposed by the Commission

Amendment

(k)  enable identifying and apprehending terrorist, criminal suspects as well as of victims crossing the external borders;

deleted

Amendment     56

Proposal for a regulation

Article 5 – paragraph 1 – point l

Text proposed by the Commission

Amendment

(l)  enable generating information on travel histories of terrorist, criminal suspects as well as of victims for investigations related to terrorism or serious crime.

deleted

Amendment    57

Proposal for a regulation

Article 5 – paragraph 1 a (new)

 

Text proposed by the Commission

Amendment

 

1a.  By granting access to law enforcement authorities in accordance with the conditions set out in this Regulation, the EES shall:

 

(a)  contribute to the prevention, detection and investigation of terrorist offences or of other serious criminal offences;

 

(b)  enable identifying and apprehending terrorist and criminal suspects as well as identifying victims crossing the external borders;

 

(c)  enable the generation of information on the travel histories of terrorist and criminal suspects as well as of victims for investigations related to terrorism or serious crime.

Amendment     58

Proposal for a regulation

Article 5 – paragraph 1 b(new)

Text proposed by the Commission

Amendment

 

1b.  In order to facilitate border crossing for third-country nationals who frequently travel and have been pre-vetted, Member States may establish national facilitation programmes in accordance with Article 8e of Regulation 2016/399 and connect them to the EES.

 

The EES shall enable the national competent authorities referred to in Article 8e of Regulation (EU) 2016/399 to have access to information on previous short stays or refusals of entry for the purposes of the examination of applications for access to national facilitation programmes and the adoption of decisions referred to in Article 23.

Amendment    59

Proposal for a regulation

Article 6 – paragraph 1 – point b

 

Text proposed by the Commission

Amendment

(b)  a National Uniform Interface (NUI) in each Member State based on common technical specifications and identical for all Member States enabling the connection of the Central System to the national border infrastructures in Member States;

(b)  a National Uniform Interface (NUI) in each Member State based on common technical specifications and identical for all Member States enabling the connection of the Central System to the national border infrastructures in Member States in a secure manner;

Amendment    60

Proposal for a regulation

Article 6 – paragraph 1 – point d

 

Text proposed by the Commission

Amendment

(d)  a Communication Infrastructure between the Central System and the National Uniform Interfaces.

(d)  a secure and encrypted Communication Infrastructure between the Central System and the National Uniform Interfaces.

 

(Horizontal change: wording to be applied throughout the text.)

Amendment    61

Proposal for a regulation

Article 7 – paragraph 2 – point b

 

Text proposed by the Commission

Amendment

(b)  retrieve and import the visa related data directly from the VIS in order to update the EES in the event that a visa is annulled, revoked or extended in accordance with Article 17 of this Regulation and Articles 13, 14 and 18a of Regulation (EC) No 767/2008;

(b)  retrieve and import the visa related data directly from the VIS in order to update the EES record in the event that a visa is annulled, revoked or extended in accordance with Article 17 of this Regulation and Articles 13, 14 and 18a of Regulation (EC) No 767/2008;

Amendment    62

Proposal for a regulation

Article 7 – paragraph 2 – point c

 

Text proposed by the Commission

Amendment

(c)  verify the authenticity and validity of the visa or whether the conditions for entry to the territory of the Member States in accordance with Article 6 of Regulation (EU) 2016/399 are fulfilled pursuant to Article 21 of this Regulation and Article 18(2) of Regulation (EC) No 767/2008;

(c)  verify at the external borders the authenticity and validity of the visa or whether the conditions for entry to the territory of the Member States in accordance with Article 6 of Regulation (EU) 2016/399 are fulfilled pursuant to Article 21 of this Regulation and Article 18(2) of Regulation (EC) No 767/2008;

Justification

Clarification of the text.

Amendment     63

Proposal for a regulation

Article 9 – paragraph 2

Text proposed by the Commission

Amendment

2.  Each competent authority shall ensure that in using the EES, it does not discriminate against third country nationals on the grounds of sex, racial or ethnic origin, religion or belief, disability, age or sexual orientation and that it fully respects human dignity and the integrity of the person. Particular attention shall be paid to the specific situation of children, the elderly and persons with a disability. In particular, when retaining a child's data, the best interest of the child shall be a primary consideration.

2.  Each competent authority shall ensure that in using the EES, it does not discriminate against third country nationals on the grounds of sex, race, colour, ethnic or social origin, genetic features, language, religion or belief, political or any other opinion, membership of a national minority, property, birth, disability, age or sexual orientation and that it fully respects human dignity and the integrity of the person. Particular attention shall be paid to the specific situation of children, the elderly and persons with a disability. In particular, when retaining a child's data, the best interest of the child shall be a primary consideration.

Justification

Aligned with the Charter of Fundamental Rights.

Amendment    64

Proposal for a regulation

Article 9 – paragraph 2 a (new)

 

Text proposed by the Commission

Amendment

 

2a.  Border guards shall, when capturing biometric data for the EES, fully respect human dignity, in particular in the event of difficulties encountered in the capturing of facial images or the taking of fingerprints.

Amendment     65

Proposal for a regulation

Article 10 – paragraph 4

Text proposed by the Commission

Amendment

4.  Stays in Member States which are not yet fully applying the Schengen acquis in accordance with their respective Acts of Accession shall not be taken into account in the calculation of the duration of the authorised stay in the Schengen area. Those Member States shall register the stays of third country nationals in the EES. The automated calculator in the system shall not however compute stays in Member States which are not yet fully applying the Schengen acquis as part of the authorised length of stay.

deleted

Amendment    66

Proposal for a regulation

Article 11 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  The EES shall include a mechanism that shall automatically identify which entry/exit records do not have exit data immediately following the date of expiry of the authorised length of stay and identify records for which the maximum stay allowance has been exceeded.

1.  The EES shall include a mechanism that shall automatically identify which entry/exit records do not have exit data immediately following the date of expiry of the authorised length of stay and identify records for which the maximum authorised stay allowance has been exceeded.

Amendment     67

Proposal for a regulation

Article 11 – paragraph 2 a (new)

Text proposed by the Commission

Amendment

 

2a.  In accordance with Article 31, Member States shall be automatically informed three months in advance of the scheduled deletion of data on overstayers in order for them to adopt the appropriate measures.

Amendment    68

Proposal for a regulation

Article 12 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  In order to enable third country nationals to verify at any moment the remaining authorised length of stay, a secure internet access to a web service hosted by eu-LISA in its two technical sites shall allow those third country nationals to provide the data required pursuant to Article 14(1)(b) together with the anticipated entry and exit dates. On that basis, the web service shall provide them with an OK/NOT OK answer. The web service shall use a separate read-only database updated on a daily basis via a one-way extraction of the minimum necessary subset of EES data.

1.  In order to enable third country nationals to verify at any moment the remaining authorised length of stay, a secure internet access to a web service hosted by eu-LISA in its two technical sites shall allow those third country nationals to provide the data required pursuant to Article 14(1)(b) together with the anticipated entry and exit dates. On that basis, the web service shall provide them with an OK/NOT OK answer. The web service shall use a separate read-only database updated on a daily basis via a one-way extraction of the minimum necessary subset of EES data. eu-LISA shall be the controller responsible for the security of the web service, for the security of the personal data it contains and the process to extract the personal data from the central system into the web service. eu-LISA shall perform an information security risk assessment in order to define the specific security needs of the web service.

Justification

Clarification suggested by the EDPS.

Amendment    69

Proposal for a regulation

Article 12 – paragraph 2

 

Text proposed by the Commission

Amendment

2.  Carriers may use the secure internet access to the web service referred to in paragraph 1 to verify whether or not third country nationals holding a single or double entry visa have already used the visa. The carrier shall provide the data listed in Article 14(1)(d). The web service shall on that basis provide the carriers with an OK/NOT OK answer. Carriers may store the information sent and the answer received.

2.  Carriers may use the secure internet access to the web service referred to in paragraph 1 to verify whether or not third country nationals holding a single or double entry visa have already used the visa. The carrier shall provide the data listed in Article 14(1)(d). The web service shall on that basis provide the carriers with an OK/NOT OK answer. Carriers shall establish an authentication scheme to ensure that only authorised staff may access the web service. Carriers may store the information sent and the answer received for a maximum of 48 hours, following which the data shall be automatically deleted, for the sole purpose of informing the third country nationals concerned.

Amendment    70

Proposal for a regulation

Article 13 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  Border authorities shall verify, in accordance with Article 21, whether a previous individual file has been created in the EES for the third country national as well as their identity. Where a third country national uses a self-service system for pre-enrolment of data or for the performance of border checks [should this self-service system not be defined or explained?] , a verification may be carried out through the self service system.

1.  Border authorities shall verify, in accordance with Article 21, whether a previous individual file has been created in the EES for the third country national as well as their identity. Where a third country national uses a self-service system for pre-enrolment of data or for the performance of border checks, a verification may be carried out through the self service system.

Amendment     71

Proposal for a regulation

Article 13 – paragraph 2

Text proposed by the Commission

Amendment

2.  Where a previous individual file has been created, the border authority shall, if necessary, update the individual file data, enter an entry/exit record for each entry and exit in accordance with Articles 14 and 15 or, where applicable, a refusal of entry record in accordance with Article 16. That record shall be linked to the individual file of the third country national concerned. Where applicable, the data referred to in Article 17(1) shall be added to the individual file and the data referred to in Article 17(3) and (4) shall be added to the entry/exit record of the third country national concerned. The different travel documents and identities used legitimately by a third country national shall be added to the third country national's individual file. Where a previous file has been registered and the third country national presents a travel document which differs from the one which was previously registered, the data referred under Article 14(1)(f) shall also be updated if the facial image reccorded in the chip of the new travel document can be extracted electronically.

2.  Where a previous individual file has been created, the border authority shall, if necessary, update the individual file data, enter an entry/exit record for each entry and exit in accordance with Articles 14 and 15 or, where applicable, a refusal of entry record in accordance with Article 16. That record shall be linked to the individual file of the third country national concerned. Where applicable, the data referred to in Article 17(1) shall be added to the individual file and the data referred to in Article 17(3) and (4) shall be added to the entry/exit record of the third country national concerned. The different travel documents and identities used legitimately by a third country national shall be added to the third country national's individual file. Where a previous file has been registered and the third country national presents a valid travel document which differs from the one which was previously registered, the data referred to in Article 14(1)(f) shall also be updated if the facial image recorded in the chip of the new travel document can be extracted electronically.

Amendment     72

Proposal for a regulation

Article 13 – paragraph 3

Text proposed by the Commission

Amendment

3.  Where it is necessary to create or update the individual file data of a visa holder, the border authorities may retrieve and import the data provided for in Article 14(1) (d), (e) and (g) directly from the VIS in accordance with Article 18a of Regulation (EC) No 767/2008.

3.  Where it is necessary to create or update the individual file data of a visa holder, the border authorities may retrieve and import the data provided for in Article 14(1) (d) to (g) directly from the VIS in accordance with Article 18a of Regulation (EC) No 767/2008.

Amendment    73

Proposal for a regulation

Article 13 – paragraph 5

 

Text proposed by the Commission

Amendment

5.   Where a third country national uses a self-service system for pre-enrolment of data, Article 8c of Regulation (EU) 2016/399 shall apply. In that case, the third country national may pre-enrol the individual file data or, if applicable, the data that needs to be updated. The data shall be confirmed by the border guard when the decision to authorise or to refuse entry has been taken in accordance with Regulation (EU) 2016/399. The verification referred to in paragraph 1 of this Article shall be carried out through the self service system. The data listed in Article 14(1), (d), (e) and (g) may be retrieved and imported directly from the VIS.

5.   Where a third country national uses a self-service system for pre-enrolment of data, Article 8c of Regulation (EU) 2016/399 shall apply. In that case, the third country national may pre-enrol the individual file data or, if applicable, the data that needs to be updated. The data shall be confirmed by the border guard when the decision to authorise or to refuse entry has been taken in accordance with Regulation (EU) 2016/399. The verification referred to in paragraph 1 of this Article shall be carried out through the self service system. The data listed in Article 14(1), (d) to (g) may be retrieved and imported directly from the VIS.

Amendment    74

Proposal for a regulation

Article 14 – title

 

Text proposed by the Commission

Amendment

Personal data for visa holders

Personal data for third country nationals subject to a visa requirement to cross the external borders

Amendment    75

Proposal for a regulation

Article 14 – paragraph 1 – introductory part

 

Text proposed by the Commission

Amendment

1.  The border authority shall create the individual file of the visa holding third country national by entering the following data:

1.  The border authority shall create the individual file of the third country national subject to a visa requirement to cross the external borders by entering the following data:

Amendment    76

Proposal for a regulation

Article 14 – paragraph 1 – point b

 

Text proposed by the Commission

Amendment

(b)  type, number and three letter code of the issuing country of the travel document or documents;

(b)  type and number of the travel document or documents and three letter code of the issuing country of the travel document or documents;

Justification

Clarification of the text.

Amendment    77

Proposal for a regulation

Article 14 – paragraph 1 – point f

 

Text proposed by the Commission

Amendment

(f)   the facial image, where possible extracted electronically from the eMRTD, and where this is not possible, taken live;

(f)  the facial image with sufficient image resolution and quality to be used in automated biometric matching, where possible extracted electronically from the eMRTD or the VIS, and where this is not possible, taken live;

Amendment    78

Proposal for a regulation

Article 14 – paragraph 2 – introductory part

 

Text proposed by the Commission

Amendment

2.  On each entry of the visa holding third country national, the following data shall be entered in an entry/exit record. That record shall be linked to the individual file of that third country national using the individual reference number created by the EES upon creation of that file:

2.  On each entry of the third country national subject to a visa requirement to cross the external borders, the following data shall be entered in an entry/exit record which shall be linked to the individual file of that third country national using the individual reference number created by the EES upon creation of that file:

Amendment    79

Proposal for a regulation

Article 14 – paragraph 4

 

Text proposed by the Commission

Amendment

4.  Where there is no exit data immediately following the date of expiry of the authorised length of stay, the entry/exit record shall be identified with a mark or flag by the system and the data of the visa holding third country national identified as an overstayer shall be entered into the list referred to in Article 11.

4.  Where there is no exit data immediately following the date of expiry of the duration of authorised stay, the entry/exit record shall be identified with a mark or flag by the system and the data of the visa holding third country national identified as an overstayer shall be entered into the list referred to in Article 11.

Amendment    80

Proposal for a regulation

Article 14 – paragraph 5

 

Text proposed by the Commission

Amendment

5.  In order to create the individual file of a visa holding third country national the data provided for in paragraph 1 (d), (e) and (g) may be retrieved and imported directly from the VIS by the border authority in accordance with Article 18a of Regulation (EC) No 767/2008.

5.  In order to create or update the entry/exit record on the individual file of a third country national subject to a visa requirement to cross the external borders the data provided for in paragraph 1 (d) to (g) may be retrieved and imported directly from the VIS by the border authority in accordance with Article 18a of Regulation (EC) No 767/2008.

Amendment     81

Proposal for a regulation

Article 14 – paragraph 5 a (new)

Text proposed by the Commission

Amendment

 

5a.  Where a visa holding third country national benefits from the national facilitation programme of a Member State in accordance with Article 8e of Regulation (EU) 2016/399, the Member State concerned may insert a notification in the individual file of that third country national specifying the national facilitation programme concerned.

Justification

Knowing whether a person has been pre-vetted and accepted to a national facilitation programme in one of the Member States would be a valuable piece of information to border guards.

Amendment    82

Proposal for a regulation

Article 15 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  For third country nationals exempt from the visa obligation, the border authority shall enter into their individual file the data provided for in Article 14(1)(a), (b), (c) and (f). In addition it shall enter into that individual file the four fingerprint of the index, middle-finger, ring-finger and little finger from the right hand, and where this is not possible the same fingers from the left hand, in accordance with the specifications for the resolution and use of fingerprints adopted by the Commission in accordance with Article 61(2). For third country nationals exempt from the visa obligation, Articles 14(2) to 14(4) shall apply.

1.  For third country nationals exempt from the visa obligation, the border authority shall enter into their individual file the data provided for in Article 14(1)(a), (b), (c) and (f). In addition it shall enter into that individual file the four fingerprint of the index, middle-finger, ring-finger and little finger from the right hand, and where this is not possible the same fingers from the left hand, in accordance with the specifications for the resolution and use of fingerprints adopted by the Commission in accordance with Article 61(2). For third country nationals exempt from the visa obligation, Articles 14(2) to 14(4) shall apply accordingly.

Amendment     83

Proposal for a regulation

Article 15 – paragraph 3 – subparagraph 2

Text proposed by the Commission

Amendment

However, where the physical impossibility is of a temporary nature, the person shall be required to give the fingerprints at the subsequent entry. The border authorities shall be entitled to request further clarification on the grounds for the temporary impossibility to provide fingerprints.

However, where the physical impossibility is of a temporary nature, the person shall be required to give the fingerprints at the subsequent entry. The border authorities shall be entitled to request further clarification on the grounds for the temporary impossibility to provide fingerprints. Such grounds shall be stored in the individual file until such time as the person is able to give fingerprints but no longer than the retention period for that individual file.

Amendment    84

Proposal for a regulation

Article 15 – paragraph 4

 

Text proposed by the Commission

Amendment

4.  Where the person concerned is exempt from the requirement to give fingerprints for legal or factual reasons pursuant to paragraphs 2 or 3, the specific data field shall be marked as ‘not applicable’. The system shall allow a distinction to be made between the cases where fingerprints are not required to be provided for legal reasons and the cases where they cannot be provided for factual reasons.

4.  Where the person concerned is exempt from the requirement to give fingerprints for legal or factual reasons pursuant to paragraphs 2 or 3, the specific data field shall be marked as ‘not applicable’. The system shall allow a distinction to be made between the cases where fingerprints are not required to be provided for legal reasons and the cases where they cannot be provided for factual reasons. The fact that the physical impossibility to give fingerprints is of a temporary nature shall be recorded.

Amendment     85

Proposal for a regulation

Article 16 – paragraph 1

Text proposed by the Commission

Amendment

1.  Where a decision has been taken by the border authority, in accordance with Article 14 of Regulation (EU) 2016/399 and Annex V thereto, to refuse the entry of a third country national referred to in Article 2(2) of this Regulation to the territories of the Member States, and where no previous file has been registered in the EES for that third country national the border authority shall create an individual file in which it shall enter the data required pursuant to Article 14(1) in the case of visa holding third country nationals and the data required pursuant to Article 15(1) in the case of visa exempt third country nationals.

1.  Where a decision has been taken by the border authority, in accordance with Article 14 of Regulation (EU) 2016/399 and Annex V thereto, to refuse the entry of a third country national referred to in Article 2(2) of this Regulation to the territories of the Member States, and where no previous file has been registered in the EES for that third country national the border authority shall create an individual file in which it shall enter the alphanumeric data required pursuant to Article 14(1) in the case of visa holding third country nationals and the alphanumeric data required pursuant to Article 15(1) in the case of visa exempt third country nationals.

Justification

There is no valid reason to collect and retain biometric personal data from third country nationals who have been refused entry the territory of a Member State and do not cross an external border.

Amendment    86

Proposal for a regulation

Article 17 – paragraph 3 – point b

 

Text proposed by the Commission

Amendment

(b)  any other decision taken by the competent authorities of the Member State, in accordance with national legislation, resulting in the removal or departure of the third country national who does not fulfil or no longer fulfils the conditions for the entry into or for the stay in the territory of the Member States.

(b)  any other decision taken by the competent authorities of the Member State, in accordance with national legislation, resulting in the removal or voluntary departure of the third country national who does not fulfil or no longer fulfils the conditions for the entry into or for the stay in the territory of the Member States.

Justification

Alignment of the terminology to the Return Directive.

Amendment    87

Proposal for a regulation

Article 18 – paragraph 2

 

Text proposed by the Commission

Amendment

In that case Article 12 of Regulation (EU) 2016/399 shall apply and if that presumption is rebutted by proof that the third country national concerned has respected the conditions relating to the condition of short stay, the competent authorities shall create an individual file for that third country national in the EES if necessary, or update the latest entry/exit record by entering the missing data in accordance with Articles 14 and 15 or delete an existing file where Article 32 applies.

In that case Article 12 of Regulation (EU) 2016/399 shall apply and if that presumption is rebutted in accordance with Article 12(3) of that Regulation, the competent authorities shall create an individual file for that third country national in the EES if necessary, or update the latest entry/exit record by entering the missing data in accordance with Articles 14 and 15 or delete an existing file where Article 32 applies.

Justification

Instead of rewriting the provisions a cross-reference to the applicable provision in the Schengen Borders Code is added.

Amendment     88

Proposal for a regulation

Article 23 – paragraph 3

Text proposed by the Commission

Amendment

3.  If the search with the data set out in paragraph 2 indicates that data on the third country national are recorded in the EES, the competent authority shall be given access to consult the data of the individual file of that third country national and the entry/exit records linked to it.

3.  If the search with the data set out in paragraph 2 indicates that data on the third country national are recorded in the EES, the competent authority shall be given access to consult the data of the individual file of that third country national and the entry/exit records and refusals of entry records with justifications linked to it.

Amendment    89

Proposal for a regulation

Article 25 – paragraph 1 – subparagraph 3

 

Text proposed by the Commission

Amendment

Where the fingerprints of that third country national cannot be used or the search with the fingerprints and the facial image has failed, the search shall be carried out with the data referred to in Article 14(1)(a) or (b) or in both.

Where the fingerprints of that third country national cannot be used or the search with the fingerprints and the facial image has failed, the search shall be carried out with the data referred to in Article 14(1)(a) or (b) or in Article 14(1)(a) and (b).

Amendment     90

Proposal for a regulation

Article 26 – paragraph 3 – subparagraph 2

Text proposed by the Commission

Amendment

The designated authority and the central access point may be part of the same organisation if permitted under national law, but the central access point shall act independently when performing its tasks under this Regulation. The central access point shall be separate from the designated authorities and shall not receive instructions from them as regards the outcome of the verification.

The designated authority and the central access point may be part of the same organisation if permitted under national law, but the central access point shall be independent and act fully independently when performing its tasks under this Regulation. The central access point shall be separate from the designated authorities and shall not receive instructions from them as regards the outcome of the verification.

Amendment     91

Proposal for a regulation

Article 28 – paragraph 2

Text proposed by the Commission

Amendment

2.  In an exceptional case of urgency, where there is a need to prevent an imminent danger associated with a terrorist offence or another serious criminal offence, the central access point(s) shall process the request immediately and shall only verify ex post whether all the conditions of Article 29 are fulfilled, including whether an exceptional case of urgency actually existed. The ex post verification shall take place without undue delay after the processing of the request.

2.  In an exceptional case of urgency, where there is a need to prevent an imminent danger associated with a terrorist offence or another serious criminal offence, the central access point(s) shall process the request immediately and shall only verify ex post whether all the conditions of Article 29 are fulfilled, including whether an exceptional case of urgency actually existed. The ex post verification shall take place without undue delay and in any event no later than 48 hours after the processing of the request.

Amendment     92

Proposal for a regulation

Article 29 – paragraph 1 – point a

Text proposed by the Commission

Amendment

(a)  access for consultation is necessary for the purpose of the prevention, detection or investigation of a terrorist offences or another serious criminal offence, thus making a search of the database proportionate if there is an overriding public security concern;

(a)  access for consultation is necessary for the purpose of the prevention, detection, investigation or prosecution of a terrorist offence or another serious criminal offence;

Amendment     93

Proposal for a regulation

Article 29 – paragraph 1 – point b

Text proposed by the Commission

Amendment

(b)  access for consultation is necessary in a specific case;

(b)  access for consultation is necessary and proportionate in a specific case;

Amendment     94

Proposal for a regulation

Article 29 – paragraph 1 – point c

Text proposed by the Commission

Amendment

(c)  reasonable grounds exist to consider that the consultation of the EES data may substantially contribute to the prevention, detection or investigation of any of the criminal offences in question, in particular where there is a substantiated suspicion that the suspect, perpetrator or victim of a terrorist offence or other serious criminal offence falls under a category covered by this Regulation;

(c)  evidence or reasonable grounds exist to consider that the consultation of the EES data will substantially contribute to the prevention, detection, investigation or prosecution of any of the criminal offences in question, in particular where the suspect, perpetrator or victim of a terrorist offence or other serious criminal offence falls under a category covered by this Regulation;

Amendment     95

Proposal for a regulation

Article 29 – paragraph 2 – introductory part

Text proposed by the Commission

Amendment

2.  The access to the EES as a criminal identification tool for the purpose of identifying an unknown suspect, perpetrator or suspected victim of a terrorist offence or other serious criminal offence shall be allowed when the conditions listed in paragraph 1 are met and the following additional conditions are met:

2.  The access to the EES as a tool for the purpose of identifying an unknown suspect, perpetrator or suspected victim of a terrorist offence or other serious criminal offence shall be allowed when the conditions listed in paragraph 1 are met and the following additional conditions are met:

Amendment     96

Proposal for a regulation

Article 29 – paragraph 2 – subparagraph 2

Text proposed by the Commission

Amendment

However, that prior search does not have to be conducted where there are reasonable grounds to believe that a comparison with the systems of the other Member States would not lead to the verification of the identity of the data subject. Those reasonable grounds shall be included in the electronic request for comparison with EES data sent by the designated authority to the central access point(s).

However, that prior search does not have to be conducted where there are reasonable grounds to believe that a comparison with the systems of the other Member States would not lead to the verification of the identity of the data subject or in exceptionally urgent cases where it is necessary to avert an imminent danger arising from a terrorist offence or other serious criminal offence. Those reasonable grounds shall be included in the electronic request for comparison with EES data sent by the designated authority to the central access point(s).

Amendment     97

Proposal for a regulation

Article 29 – paragraph 3

Text proposed by the Commission

Amendment

3.  The access to the EES as a criminal intelligence tool to consult the travel history or the periods of stay in the Schengen area of a known suspect, perpetrator or suspected victim of a terrorist offence or other serious criminal offence shall be allowed when the conditions listed in paragraph 1 are met and where there is a duly justified need to consult the entry/exit records of the person concerned.

3.  The access to the EES as a tool to consult the travel history or the periods of stay in the Schengen area of a known suspect, perpetrator or suspected victim of a terrorist offence or other serious criminal offence shall be allowed when the conditions listed in paragraph 1 are met and where there is a duly justified need to consult the entry/exit records of the person concerned.

Amendment    98

Proposal for a regulation

Article 29 – paragraph 4 – introductory part

 

Text proposed by the Commission

Amendment

4.   Consultation of the EES for identification shall be limited to searching in the application file with any of the following EES data:

4.  Consultation of the EES for identification as referred to in paragraph 2 shall be limited to searching in the application file with any of the following EES data:

Justification

A cross-reference is added to clarify the text.

Amendment    99

Proposal for a regulation

Article 29 – paragraph 5 – introductory part

 

Text proposed by the Commission

Amendment

5.   Consultation of the EES for the travel history of the third country national concerned shall be limited to searching with any of the following EES data in the individual file or in the entry/exit records:

5.  Consultation of the EES for the travel history of the third country national concerned as referred to in paragraph 3 shall be limited to searching with any of the following EES data in the individual file or in the entry/exit records:

Justification

A cross-reference is added to clarify the text.

Amendment     100

Proposal for a regulation

Article 30 – paragraph 1 – point a

Text proposed by the Commission

Amendment

(a)  the consultation is necessary to support and strengthen action by Member States in preventing, detecting or investigating terrorist offences or other serious criminal offences falling under Europol's mandate, thus making a search of the database proportionate if there is an overriding public security concern;

(a)  the consultation is necessary to support and strengthen action by Member States in preventing, detecting or investigating terrorist offences or other serious criminal offences falling under Europol's mandate;

Amendment     101

Proposal for a regulation

Article 30 – paragraph 1 – point b

Text proposed by the Commission

Amendment

(b)  the consultation is necessary in a specific case;

(b)  the consultation is necessary and proportionate in a specific case;

Amendment     102

Proposal for a regulation

Article 30 – paragraph 1 – point c

Text proposed by the Commission

Amendment

(c)  reasonable grounds exist to consider that the consultation may substantially contribute to the prevention, detection or investigation of any of the criminal offences in question, in particular where there is a substantiated suspicion that the suspect, perpetrator or victim of a terrorist offence or other serious criminal offence falls under a category covered by this Regulation.

(c)  evidence or reasonable grounds exist to consider that the consultation will substantially contribute to the prevention, detection, investigation or prosecution of any of the criminal offences in question, in particular where the suspect, perpetrator or victim of a terrorist offence or other serious criminal offence falls under a category covered by this Regulation.

Amendment     103

Proposal for a regulation

Article 30 – paragraph 1 a (new)

Text proposed by the Commission

Amendment

 

1a.  Access to the EES as a tool for the purpose of identifying an unknown suspect, perpetrator or suspected victim of a terrorist offence or other serious criminal offence shall be allowed where the conditions listed in paragraph 1 are met and the consultation, as a matter of priority, of the data stored in the databases that are technically and legally accessible by Europol has not made it possible to verify the identity of the person concerned.

 

Since fingerprint data of visa-holding third-country nationals are only stored in the VIS, a request for consultation of the VIS on the same data subject may be submitted in parallel to a request for consultation of the EES in accordance with the conditions laid down in Decision 2008/633/JHA provided that the consultation, as a matter of priority, of the data stored in the databases that are technically and legally accessible by Europol has not made it possible to verify the identity of the person concerned.

Amendment     104

Proposal for a regulation

Article 30 – paragraph 2

Text proposed by the Commission

Amendment

2.  The conditions laid down in Article 29 (2) to (5) shall apply accordingly.

2.  The conditions laid down in Article 29 (3) to (5) shall apply accordingly.

Amendment     105

Proposal for a regulation

Article 31 – paragraph 1

Text proposed by the Commission

Amendment

1.  Each entry/exit record or refusal of entry record linked to an individual file shall be stored for five years following the date of the exit record or of the refusal of entry record, as applicable.

1.  Each entry/exit record or refusal of entry record linked to an individual file shall be stored in the EES Central System for two years following the date of the exit record or of the refusal of entry record, as applicable.

Amendment     106

Proposal for a regulation

Article 31 – paragraph 2

Text proposed by the Commission

Amendment

2.  Each individual file together with the linked entry/exit record(s) or refusal of entry records shall be stored in the EES for five years and one day following the date of the last exit record if there is no entry record within five years from that last exit record or refusal of entry record.

2.  Each individual file together with the linked entry/exit record(s) or refusal of entry records shall be stored in the EES Central System for two years and one day following the date of the last exit record if there is no entry record within two years from that last exit record or refusal of entry record.

Amendment     107

Proposal for a regulation

Article 31 – paragraph 3

Text proposed by the Commission

Amendment

3.  If there is no exit record following the date of expiry of the authorised period of stay, the data shall be stored for a period of five years following the last day of the authorised stay. The EES shall automatically inform the Member States three months in advance of the scheduled deletion of data on overstayers in order for them to adopt the appropriate measures.

3.  If there is no exit record following the date of expiry of the authorised period of stay, the data shall be stored for a period of four years following the last day of the authorised stay. In accordance with the information mechanism provided for in Article 11, the EES shall automatically inform the Member States three months in advance of the scheduled deletion of data on overstayers in order for them to adopt the appropriate measures.

Amendment     108

Proposal for a regulation

Article 31 – paragraph 4

Text proposed by the Commission

Amendment

4.  By way of derogation to paragraphs (2) and (3), the entry/exit record(s) generated by third country nationals in their condition of family members of a Union citizen to whom Directive 2004/38/EC applies or of a national of a third country enjoying the right of free movement under Union law and who do not hold a residence card referred to under Directive 2004/38/EC, shall be stored in the EES for a maximum of one year after the last exit record.

4.  By way of derogation from paragraphs (2) and (3), the entry/exit record(s) generated by third country nationals who are family members of a Union citizen to whom Directive 2004/38/EC applies or of a national of a third country enjoying the right of free movement under Union law and who do not hold a residence card referred to under Directive 2004/38/EC, shall be stored in the EES for a maximum of one year after the last exit record.

Amendment     109

Proposal for a regulation

Article 31 – paragraph 5

Text proposed by the Commission

Amendment

5.  Upon expiry of the retention period referred to in paragraphs 1 and 2 such data shall automatically be erased from the Central System

5.  Upon expiry of the retention period referred to in paragraphs 1 to 4 such data shall automatically be erased from the Central System.

Amendment    110

Proposal for a regulation

Article 32 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  The Member State responsible shall have the right to amend data which it has introduced into the EES, by correcting or deleting such data.

1.  The Member State responsible shall have the right to amend data which it has introduced into the EES, by rectifying, completing or erasing such data.

Amendment    111

Proposal for a regulation

Article 32 – paragraph 2

 

Text proposed by the Commission

Amendment

2  If the Member State responsible has evidence to suggest that data recorded in the EES are factually inaccurate or that data were processed in the EES in contravention of this Regulation, it shall check the data concerned and, if necessary, amend or erase them without delay from the EES and, where applicable, from the list of identified persons referred to in Article 11. This may also be done at the request of the person concerned in accordance with Article 46.

2  If the Member State responsible has evidence to suggest that data recorded in the EES are factually inaccurate, incomplete or that data were processed in the EES in contravention of this Regulation, it shall check the data concerned and, if necessary, shall rectify, complete or erase them without delay from the EES and, where applicable, from the list of identified persons referred to in Article 11. This may also be done at the request of the person concerned in accordance with Article 46.

Amendment    112

Proposal for a regulation

Article 32 – paragraph 3

 

Text proposed by the Commission

Amendment

3.  By way of derogation from paragraphs 1 and 2, if a Member State other than the Member State responsible has evidence to suggest that data recorded in the EES are factually inaccurate or that data were processed in the EES in contravention of this Regulation, it shall check the data concerned if it is possible to do this without consulting the Member State responsible and, if necessary, amend or erase them from the EES without delay and, where applicable, from the list of identified persons referred to in Article 11. Otherwise the Member State shall contact the authorities of the Member State responsible within a time limit of 14 days and the Member State responsible shall check the accuracy of the data and the lawfulness of its processing within a time limit of one month. This may also be done at the request of the person concerned in accordance with Article 46.

3.  By way of derogation from paragraphs 1 and 2, if a Member State other than the Member State responsible has evidence to suggest that data recorded in the EES are factually inaccurate, incomplete or that data were processed in the EES in contravention of this Regulation, it shall check the data concerned if it is possible to do this without consulting the Member State responsible and, if necessary, rectify, complete or erase them without delay from the EES and, where applicable, from the list of identified persons referred to in Article 11. Otherwise the Member State shall contact the authorities of the Member State responsible within a time limit of 7 days and the Member State responsible shall check the accuracy of the data and the lawfulness of its processing within a time limit of 14 days. This may also be done at the request of the person concerned in accordance with Article 46.

Amendment    113

Proposal for a regulation

Article 32 – paragraph 4

 

Text proposed by the Commission

Amendment

4.  In the event that the Member State responsible or a Member State other than the Member State responsible has evidence to suggest that visa-related data recorded in the EES are factually inaccurate or that such data were processed in the EES in contravention of this Regulation they shall first check the accuracy of these data against the VIS and if necessary shall amend them in the EES. Should the data recorded in the VIS be the same as in the EES, they shall inform the Member State responsible for entering those data in the VIS immediately through the infrastructure of the VIS in accordance with Article 24(2) of Regulation (EC) No 767/2008. The Member State responsible for entering the data in the VIS shall check the data concerned and if necessary correct or delete them immediately from the VIS and inform the Member State responsible or the Member State to which the request has been made which shall, if necessary, amend or delete them from the EES without delay and, where applicable, from the list of identified overstayers referred to in Article 11.

4.  In the event that the Member State responsible or a Member State other than the Member State responsible has evidence to suggest that visa-related data recorded in the EES are factually inaccurate, incomplete or that such data were processed in the EES in contravention of this Regulation they shall first check the accuracy of these data against the VIS and if necessary shall rectify, complete or erase them in the EES. Should the data recorded in the VIS be the same as in the EES, they shall inform the Member State responsible for entering those data in the VIS immediately through the infrastructure of the VIS in accordance with Article 24(2) of Regulation (EC) No 767/2008. The Member State responsible for entering the data in the VIS shall check the data concerned and if necessary rectify, complete or erase them immediately from the VIS and inform the Member State responsible or the Member State to which the request has been made which shall, if necessary, rectify, complete or erase them from the EES without delay and, where applicable, from the list of identified persons referred to in Article 11.

Amendment    114

Proposal for a regulation

Article 32 – paragraph 5

 

Text proposed by the Commission

Amendment

5   The data of identified persons referred to in Article 11 shall be deleted without delay from the list referred to in that Article and shall be corrected in the EES where the third country national provides evidence, in accordance with the national law of the Member State responsible or of the Member State to which the request has been made, that he or she was forced to exceed the authorised duration of stay due to unforeseeable and serious events, that he or she has acquired a legal right to stay or in case of errors. The third country national shall have access to an effective judicial remedy to ensure the data is amended.

5   The data of identified persons referred to in Article 11 shall be erased without delay from the list referred to in that Article and shall be rectified or completed in the EES where the third country national provides evidence, in accordance with the national law of the Member State responsible or of the Member State to which the request has been made, that he or she was forced to exceed the authorised duration of stay due to unforeseeable and serious events, that he or she has acquired a legal right to stay or in case of errors. The third country national shall have access to an effective judicial remedy to ensure the data is rectified, completed or erased.

Amendment    115

Proposal for a regulation

Article 32 – paragraph 6 – introductory part

 

Text proposed by the Commission

Amendment

6.  Where a third country national has acquired the nationality of a Member State or has fallen under the scope of Article 2(3) before the expiry of the period referred to in Article 31, the individual file and the records linked to it in accordance with Articles 14 and 15 shall be deleted without delay from the EES as well as, where applicable, from the list of identified persons referred to in Article 11:

6.  Where a third country national has acquired the nationality of a Member State or has fallen under the scope of Article 2(3) before the expiry of the period referred to in Article 31, the individual file and the records linked to it in accordance with Articles 14 and 15 shall without delay and in any event no later than 48 hours from the moment the relevant Member State becomes aware of that fact, be deleted from the EES as well as, where applicable, from the list of identified persons referred to in Article 11:

Amendment     116

Proposal for a regulation

Article 33 – paragraph 1 – introductory part

Text proposed by the Commission

Amendment

The Commission shall adopt the following measures necessary for the development and technical implementation of the Central System, the National Uniform Interfaces, and the Communication Infrastructure, in particular measures for:

The Commission shall adopt the following measures necessary for the development and technical implementation of the Central System, the National Uniform Interfaces, and the secure and encrypted Communication Infrastructure, in particular measures for:

Amendment    117

Proposal for a regulation

Article 33 – paragraph 1 – point a a (new)

 

Text proposed by the Commission

Amendment

 

(aa)  the quality standard and specifications for the use of the facial image including where extracted electronically from the eMRTD or the VIS;

Amendment    118

Proposal for a regulation

Article 33 – paragraph 1 – point g

 

Text proposed by the Commission

Amendment

(g)   the specifications and conditions for the web-service referred to in Article 12;

(g)  the specifications and conditions for the web-service referred to in Article 12, including provisions for the protection of the data where provided by or to carriers;

Amendment    119

Proposal for a regulation

Article 34 – paragraph 1 – subparagraph 1

 

Text proposed by the Commission

Amendment

eu-LISA shall be responsible for the development of the Central System, the National Uniform Interfaces, the Communication Infrastructure and the Secure Communication Channel between the EES Central System and the VIS Central System. It shall also be responsible for the development of the web service referred to in Article 12 in accordance with the specifications and conditions adopted in accordance with the examination procedure referred to in Article 61(2).

eu-LISA shall be responsible for the development of the Central System, the National Uniform Interfaces, the secure and encrypted Communication Infrastructure and the Secure Communication Channel between the EES Central System and the VIS Central System. It shall also be responsible for the development of the web service referred to in Article 12 in accordance with the specifications and conditions adopted in accordance with the examination procedure referred to in Article 61(2).

Justification

In line with the amendment on Article 6 – paragraph1 – point d where “secure and encrypted” is added. Legal coherence.

Amendment    120

Proposal for a regulation

Article 34 – paragraph 1 – subparagraph 2

 

Text proposed by the Commission

Amendment

eu-LISA shall define the design of the physical architecture of the system including its Communication Infrastructure as well as the technical specifications and their evolution as regards the Central System, the Uniform Interfaces, the Secure Communication Channel between the EES Central System and the VIS Central System and the Communication Infrastructure, which shall be adopted by the Management Board, subject to a favourable opinion of the Commission. eu-LISA shall also implement any necessary adaptations to the VIS deriving from the establishment of interoperability with the EES as well as from the implementation of the amendments to Regulation (EC) No 767/2008 referred to in Article 55.

eu-LISA shall define the design of the physical architecture of the system including its secure and encrypted Communication Infrastructure as well as the technical specifications and their evolution as regards the Central System, the Uniform Interfaces, the Secure Communication Channel between the EES Central System and the VIS Central System and the secure and encrypted Communication Infrastructure. eu-LISA shall also implement any necessary adaptations to the VIS deriving from the establishment of interoperability with the EES as well as from the implementation of the amendments to Regulation (EC) No 767/2008 referred to in Article 55.

Justification

In line with the amendment on Article 6 – paragraph1 – point d where “secure and encrypted” is added. Legal coherence.

Amendment    121

Proposal for a regulation

Article 34 – paragraph 1 – subparagraph 3

 

Text proposed by the Commission

Amendment

eu-LISA shall develop and implement the Central System, the National Uniform Interfaces, the Secure Communication Channel between the EES Central System and the VIS Central System, and the Communication Infrastructure as soon as possible after the entry into force of this Regulation and the adoption by the Commission of the measures provided for in Article 33.

eu-LISA shall develop and implement the Central System, the National Uniform Interfaces, the Secure Communication Channel between the EES Central System and the VIS Central System, and the secure and encrypted Communication Infrastructure as soon as possible after the entry into force of this Regulation and the adoption by the Commission of the measures provided for in Article 33.

Justification

In line with the amendment on Article 6 – paragraph1 – point d where “secure and encrypted” is added. Legal coherence.

Amendment    122

Proposal for a regulation

Article 34 – paragraph 1 – subparagraph 3 a (new)

 

Text proposed by the Commission

Amendment

 

By developing and implementing the Central System, the National Uniform Interfaces, the Secure Communication Channel between the EES Central System and the VIS Central System, and the secure and encrypted Communication Infrastructure, eu –LISA shall:

 

(a)  perform a risk assessment as part of the development of the EES;

 

(b)  follow the principles of privacy by design and by default during the entire lifecycle of the system development;

 

(c)  update the risk assessment for the VIS to take into account the new connection with the EES and follow up by implementing any additional security measures highlighted by the updated risk assessment.

Justification

In line with the amendment on Article 6 – paragraph1 – point d where “secure and encrypted” is added. Legal coherence.

Amendment    123

Proposal for a regulation

Article 34 – paragraph 3 – subparagraph 1

 

Text proposed by the Commission

Amendment

eu-LISA shall be responsible for the operational management of the Central System, the Secure Communication Channel between the EES Central System and the VIS Central System and the National Uniform Interfaces. It shall ensure, in cooperation with the Member States, at all times the best available technology, subject to a cost-benefit analysis. eu-LISA shall also be responsible for the operational management of the Communication Infrastructure between the Central system and the National Uniform Interfaces and for the web-service referred to in Article 12.

eu-LISA shall be responsible for the operational management of the Central System, the Secure Communication Channel between the EES Central System and the VIS Central System and the National Uniform Interfaces. It shall ensure, in cooperation with the Member States, that at all times the best available technology, subject to a cost-benefit analysis, is used for the Central System, the Secure Communication Channel between the EES Central System and the VIS Central System and the National Uniform Interfaces. eu-LISA shall also be responsible for the operational management of the secure and encrypted Communication Infrastructure between the Central system and the National Uniform Interfaces and for the web-service referred to in Article 12.

Justification

The sentence is completed and references to the different components of the system are added.

Amendment     124

Proposal for a regulation

Article 35 – paragraph 1 – point b

Text proposed by the Commission

Amendment

(b)  the organisation, management, operation and maintenance of its existing national border infrastructure and of its connection to the EES for the purpose of Article 5 excepted points (j), (k) and (l);

(b)  the organisation, management, operation and maintenance of its existing national border infrastructure and of its connection to the EES for the purpose of Article 5 with the exception of Article 5(1a);

Amendment     125

Proposal for a regulation

Article 35 – paragraph 2

Text proposed by the Commission

Amendment

2.  Each Member State shall designate a national authority, which shall provide the competent authorities referred to in Article 8 with access to the EES. Each Member State shall connect that national authority to the National Uniform Interface. Each Member State and Europol shall connect their respective central access points referred to in Article 26 and 27 to the National Uniform Interface.

2.  Each Member State shall designate an independent national supervisory authority, which shall provide the competent authorities referred to in Article 8 with access to the EES. Each Member State shall connect that national authority to the National Uniform Interface. Each Member State and Europol shall connect their respective central access points referred to in Article 26 and 27 to the National Uniform Interface.

Amendment     126

Proposal for a regulation

Article 35 – paragraph 4 a (new)

Text proposed by the Commission

Amendment

 

4a.  Member States shall not process the data collected in or retrieved from the EES for purposes other than those laid down in this Regulation.

Amendment    127

Proposal for a regulation

Article 36 – title

 

Text proposed by the Commission

Amendment

Responsibility for the use of data

Responsibility for data processing

Justification

Aligned with data protection legislation. Same wording used in Eurodac too

Amendment    128

Proposal for a regulation

Article 36 – paragraph 1 – subparagraph 1

 

Text proposed by the Commission

Amendment

In relation to the processing of personal data in the EES, each Member State shall designate the authority which is to be considered as controller in accordance with Article 2(d) of Directive 95/46/EC and which shall have central responsibility for the processing of data by this Member State. Each Member State shall communicate the details of this authority to the Commission.

In relation to the processing of personal data in the EES, each Member State shall designate the authority which is to be considered as controller in accordance with Article 4(7) of Regulation (EU) 2016/679 and which shall have central responsibility for the processing of data by this Member State. Each Member State shall communicate the details of this authority to the Commission.

Amendment     129

Proposal for a regulation

Article 36 – paragraph 1 – subparagraph 2 – introductory part

Text proposed by the Commission

Amendment

Each Member State shall ensure that the data recorded in the EES is processed lawfully, and in particular that only duly authorised staff have access to the data for the performance of their tasks. The Member State responsible shall ensure in particular that:

Each Member State shall ensure that the data collected and recorded in the EES is processed lawfully, and in particular that only duly authorised staff have access to the data for the performance of their tasks. The Member State responsible shall ensure in particular that:

Amendment    130

Proposal for a regulation

Article 36 – paragraph 2 – point a

 

Text proposed by the Commission

Amendment

(a)  take the necessary measures to ensure the security of the Central System and the Communication Infrastructure between the Central System and the National Uniform Interface, without prejudice to the responsibilities of each Member State;

(a)  take the necessary measures to ensure the security of the Central System and the secure and encrypted Communication Infrastructure between the Central System and the National Uniform Interface, without prejudice to the responsibilities of each Member State;

Amendment    131

Proposal for a regulation

Article 37 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  A Member State may keep the alphanumeric data which that Member State entered into the EES, in accordance with the purposes of the EES in its national files and national entry exit system in full respect of Union Law.

1.  Data retrieved from the EES may be kept in national files only where necessary in an individual case, in accordance with the purpose of the EES and relevant Union law, in particular on data protection, and for no longer than necessary in that individual case. A Member State may keep the alphanumeric data which that Member State entered into the EES, in accordance with the purposes of the EES in its national entry exit system in full respect of Union Law.

Justification

It should be clarified that data related to entries and exits is normally kept only in the EES except if it is necessary to keep it in national files in an individual case. Provision taken from VIS.

Amendment     132

Proposal for a regulation

Article 37 – paragraph 2

Text proposed by the Commission

Amendment

2.  The data shall not be kept in the national files or national entry/exit systems longer than it is kept in the EES.

2.  The data shall not be kept in the national files or national entry/exit systems for longer than strictly necessary for their individual purposes and, in any event, for longer than they are kept in the EES.

Amendment    133

Proposal for a regulation

Article 38 – paragraph 2 – point a

 

Text proposed by the Commission

Amendment

(a)  the Commission has adopted a decision on the adequate protection of personal data in that third country in accordance with Article 25(6) of Directive 95/46/EC, or a readmission agreement is in force between the Community and that third country, or Article 26(1)(d) of Directive 95/46/EC applies;

(a)  the Commission has adopted a decision on the adequate protection of personal data in that third country in accordance with Article 45(3) of Regulation (EU) 2016/679, or a readmission agreement is in force between the Union and that third country;

Amendment     134

Proposal for a regulation

Article 38 – paragraph 2 – point b

Text proposed by the Commission

Amendment

(b)  the third country or international organisation agrees to use the data only for the purpose for which they were provided;

(b)  the third country or international organisation explicitly agrees to use the data and is able to guarantee that the data are used only for the purpose for which they were provided;

Amendment     135

Proposal for a regulation

Article 38 – paragraph 2 – point c

Text proposed by the Commission

Amendment

(c)  the data are transferred or made available in accordance with the relevant provisions of Union law, in particular readmission agreements, and the national law of the Member State which transferred or made the data available, including the legal provisions relevant to data security and data protection;

(c)  the data are transferred or made available in accordance with the relevant provisions of Union law, in particular data protection and readmission agreements, and the national law of the Member State which transferred or made the data available, including the legal provisions relevant to data security and data protection;

Amendment    136

Proposal for a regulation

Article 38 – paragraph 2 – point d

 

Text proposed by the Commission

Amendment

(d)  the Member State which entered the data in the EES has given its consent.

(d)  the Member State which entered the data in the EES has given its consent and the individual concerned has been informed that his or her personal information may be shared with the authorities of a third country; and

Amendment     137

Proposal for a regulation

Article 38 – paragraph 2 – point d a (new)

Text proposed by the Commission

Amendment

 

(da)  a final decision ordering the return of the third-country national has been issued by the appropriate competent authority of the Member State in which the third-country national has been staying.

Justification

It is imperative to ensure that before personal data on third-country nationals is shared with a third-country that the return of that third-country national has been determined by the appropriate competent authority for return decisions and that such a decision is final.

Amendment    138

Proposal for a regulation

Article 38 – paragraph 4

 

Text proposed by the Commission

Amendment

4.  Personal data obtained from the Central System by a Member State or by Europol for law enforcement purposes shall not be transferred or made available to any third country, international organisation or private entity established in or outside the Union. The prohibition shall also apply if those data are further processed at national level or between Member States within the meaning of Article 2(b) of Framework Decision 2008/977/JHA.

4.  Personal data obtained from the Central System by a Member State or by Europol for law enforcement purposes shall not be transferred or made available to any third country, international organisation or private entity established in or outside the Union. The prohibition shall also apply if those data are further processed at national level or between Member States pursuant to Directive (EU) 2016/680.

Amendment    139

Proposal for a regulation

Article 39 – paragraph 2 – point b

 

Text proposed by the Commission

Amendment

(b)  deny unauthorised persons access to national installations in which the Member State carries out operations in accordance with the purposes of the EES;

(b)  deny unauthorised persons access to data-processing equipment and national installations in which the Member State carries out operations in accordance with the purposes of the EES;

Justification

Amendment    140

Proposal for a regulation

Article 39 – paragraph 2 – point d a (new)

 

Text proposed by the Commission

Amendment

 

(da)  prevent the use of automated data-processing systems by unauthorised persons using data communication equipment;

Justification

Aligned to Eurodac proposal.

Amendment    141

Proposal for a regulation

Article 39 – paragraph 2 – point f

 

Text proposed by the Commission

Amendment

(f)  ensure that persons authorised to access the EES have access only to the data covered by their access authorisation, by means of individual user identities and confidential access modes only ;

(f)  ensure that persons authorised to access the EES have access only to the data covered by their access authorisation, by means of individual and unique user identities and confidential access modes only;

Justification

Aligned to Eurodac proposal.

Amendment    142

Proposal for a regulation

Article 39 – paragraph 2 – point j a (new)

 

Text proposed by the Commission

Amendment

 

(ja)  ensure that, in the event of an interruption, installed systems can be restored to normal operation;

Justification

Aligned to Eurodac proposal.

Amendment    143

Proposal for a regulation

Article 39 – paragraph 2 – point j b (new)

 

Text proposed by the Commission

Amendment

 

(jb)  ensure reliability by making sure that any faults in the functioning of the EES are properly reported and that necessary technical measures are put in place to ensure that personal data can be restored in the event of corruption due to a malfunctioning of the system;

Amendment    144

Proposal for a regulation

Article 39 – paragraph 2 a (new)

 

Text proposed by the Commission

Amendment

 

2a.  Member States shall inform eu-LISA of security incidents detected on their systems without prejudice to the notification and communication of a personal data breach pursuant to Article 33 of Regulation (EU) No 2016/679. eu-LISA shall inform the Member States in the event of a security incident on the EES Central System. Where a security incident leads to a personal data breach, the European Data Protection Supervisor shall also be informed. The Member States concerned, and eu-LISA shall collaborate in the event of a security incident.

Amendment    145

Proposal for a regulation

Article 39 – paragraph 3 a (new)

 

Text proposed by the Commission

Amendment

 

3a.  eu-LISA and the Member States shall cooperate in order to ensure a harmonised data security approach based on a security risk management process encompassing the entire EES as referred to in Article 6.

Justification

Provision recommended by the EDPS.

Amendment    146

Proposal for a regulation

Article 40 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  Any person or Member State that has suffered damage as a result of an unlawful processing operation or any act incompatible with this Regulation shall be entitled to receive compensation from the Member State which is responsible for the damage suffered. That Member State shall be exempted from its liability, in whole or in part, if it proves that it is not responsible for the event which gave rise to the damage.

1.  Any person or Member State that has suffered material or immaterial damage as a result of an unlawful processing operation or any act incompatible with this Regulation shall be entitled to receive compensation from the Member State which is responsible for the damage suffered. That Member State shall be exempted from its liability, in whole or in part, if it proves that it is not in any way responsible for the event which gave rise to the damage.

Amendment    147

Proposal for a regulation

Article 41 – paragraph 3

 

Text proposed by the Commission

Amendment

3.  Such records may be used only for the data protection monitoring of the admissibility of data processing as well as to ensure data security. Those records shall be protected by appropriate measures against unauthorised access and deleted one year after the retention period referred to in Article 31 has expired, if they are not required for monitoring procedures which have already begun.

3.  Such records may be used only for the data protection monitoring of the admissibility of data processing as well as to ensure data security pursuant to Article 39. Those records shall be protected by appropriate measures against unauthorised access and deleted one year after the retention period referred to in Article 31 has expired, unless they are required for monitoring procedures which have already begun.

Amendment    148

Proposal for a regulation

Article 43 a (new)

 

Text proposed by the Commission

Amendment

 

Article 43a

 

Data Protection

 

1.  Regulation (EC) No 45/2001 shall apply to the processing of personal data by eu-LISA on the basis of this Regulation.

 

2.  Regulation (EU) 2016/679 shall apply to the processing of personal data by national authorities on the basis of this Regulation, with the exception of processing for the purposes referred to in points (j) to (l) of Article 5.

 

3.  Directive (EU) 2016/680 shall apply to the processing of personal data by Member States’ designated authorities on the basis of this Regulation for the purposes referred to in points (j) to (l) of Article 5.

 

4.  Regulation (EU) 2016/794 shall apply to the processing of personal data by Europol on the basis of this Regulation.

Justification

Horizontal provision on data protection, inspired by Article 49 of the ETIAS proposal.

Amendment    149

Proposal for a regulation

Article 44 – paragraph 1 – introductory part

 

Text proposed by the Commission

Amendment

1.  Without prejudice to the right of information in Article 10 of Directive 95/46/EC, third country nationals whose data are recorded in the EES shall be informed by the Member State responsible in writing of the following:

1.  Without prejudice to the right of information in Article 13 of Regulation (EU) 2016/679, third country nationals whose data are recorded in the EES shall be informed by the Member State responsible in writing and in a concise, transparent, intelligible and easily accessible form of the following:

Amendment    150

Proposal for a regulation

Article 44 – paragraph 1 – point e

 

Text proposed by the Commission

Amendment

(e)  the right of access to data relating to them, the right to request that inaccurate data relating to them be corrected or that unlawfully processed data relating to them be deleted, including the right to receive information on the procedures for exercising those rights and contact details of the national supervisory authorities, or of the European Data Protection Supervisor if applicable, which shall hear claims concerning the protection of personal data.

(e)  the existence of the right to request from the controller access to data relating to them, the right to request that inaccurate data relating to them be rectified and that incomplete personal data relating to them be completed or that unlawfully processed personal data concerning them be erased or restricted, as well as the right to receive information on the procedures for exercising those rights, including the contact details of the controller and the national supervisory authorities, or of the European Data Protection Supervisor if applicable, which shall hear complaints concerning the protection of personal data.

Amendment    151

Proposal for a regulation

Article 44 – paragraph 1 – point e a (new)

 

Text proposed by the Commission

Amendment

 

(ea)  an explanation of the fact that EES data shall be accessed for border management and facilitation purposes, specifying that overstays will automatically lead to the addition of the third-country national’s data to a list, as well as the possible consequences of overstaying;

Justification

Provision recommended by the EDPS.

Amendment    152

Proposal for a regulation

Article 44 – paragraph 1 – point e b (new)

 

Text proposed by the Commission

Amendment

 

(eb)  the data retention period set for entry and exit records and for individual files pursuant to Article 31;

Justification

Provision recommended by the EDPS.

Amendment    153

Proposal for a regulation

Article 44 – paragraph 1 – point e c (new)

 

Text proposed by the Commission

Amendment

 

(ec)  the right for overstayers to have their personal data erased where they provide evidence that they exceeded the authorised duration of stay due to unforeseeable and serious events; and

Amendment    154

Proposal for a regulation

Article 44 – paragraph 1 – point e d (new)

 

Text proposed by the Commission

Amendment

 

(ed)  the right to lodge a complaint to the supervisory authority.

Amendment    155

Proposal for a regulation

Article 44 – paragraph 2

 

Text proposed by the Commission

Amendment

2  The information provided in paragraph 1 of this Article shall be provided at the time when the individual file of the person concerned is being created in accordance with Articles 14, 15 or 16.

2  The information provided in paragraph 1 of this Article shall be provided by means of the leaflet referred to in paragraph 3 or by any other appropriate means which ensure that the third-country national concerned is informed of his or her rights at the time when the individual file of that person concerned is being created in accordance with Articles 14, 15 or 16.

Amendment    156

Proposal for a regulation

Article 44 – paragraph 3 – subparagraph 1

 

Text proposed by the Commission

Amendment

A common leaflet and a website containing at least the information referred to in paragraph 1 of this Article shall be drawn up and set up by the Commission in accordance with the examination procedure referred to in Article 61(2). The leaflet and the content of the website shall be clear and simple and available in a linguistic version the person concerned understands or is reasonably supposed to understand.

A common leaflet and a website containing at least the information referred to in paragraph 1 of this Article shall be drawn up and set up by the Commission in accordance with the examination procedure referred to in Article 61(2). The leaflet and the content of the website shall be clear and simple, drafted in a concise, transparent, intelligible and easily accessible form and available in a linguistic version the person concerned understands or is reasonably supposed to understand.

Amendment    157

Proposal for a regulation

Article 44 – paragraph 3 – subparagraph 2

 

Text proposed by the Commission

Amendment

The leaflet and the website shall be established in such a manner as to enable Member States to complete them with additional Member State specific information. That Member State specific information shall include at least the rights of the data subject, the possibility of assistance by the national supervisory authorities, as well as contact details of the office of the controller and national supervisory authorities.

The leaflet and the website shall be established in such a manner as to enable Member States to complete them with additional Member State specific information. That Member State specific information shall include at least the rights of the data subject, the possibility of assistance by the national supervisory authorities, as well as contact details of the office of the controller and of the data protection officer and the supervisory authorities.

Amendment    158

Proposal for a regulation

Article 45 – paragraph 1

 

Text proposed by the Commission

Amendment

The Commission shall, in cooperation with the national supervisory authorities and the European Data Protection Supervisor, accompany the start of the EES operation with an information campaign informing the public about the objectives, the data stored, the authorities having access and the rights of persons.

The Commission shall, in cooperation with the national supervisory authorities and the European Data Protection Supervisor, accompany the start of the EES operation with an information campaign informing the public and, in particular, third country nationals about the objectives, the data stored, the authorities having access and the rights of persons. Such information campaigns shall be conducted regularly.

Justification

Given the scope of the EES covering third country nationals they should be specifically mentioned as target group of the information campaign.

Amendment    159

Proposal for a regulation

Article 46 – title

 

Text proposed by the Commission

Amendment

Right of access, correction and deletion

Right of access to, rectification, completion and erasure of personal data and of restriction of the processing of personal data

Amendment    160

Proposal for a regulation

Article 46 – paragraph 1

 

Text proposed by the Commission

Amendment

1.   Without prejudice to Article 12 of Directive 95/46/EC any third country national shall have the right to obtain the data relating to him or her recorded in the EES and of the Member State which transmitted it to the EES.

1.  Without prejudice to Articles 15, 16, 17 and 18 of Regulation (EU) 2016/679 any third country national shall have the right to obtain the data relating to him or her recorded in the EES and of the Member State which transmitted it to the EES and may request that data relating to him or her which are inaccurate be rectified or completed and that data recorded unlawfully be erased. The Member State responsible shall reply to such requests within two months of receipt of the request.

Amendment    161

Proposal for a regulation

Article 46 – paragraph 2

 

Text proposed by the Commission

Amendment

2.  If a request for correction or deletion is made to a Member State other than the Member State responsible, the authorities of the Member State to which the request has been made shall check the accuracy of the data and the lawfulness of the data processing in the EES within a time limit of one month if that check can be done without consulting the Member State responsible. Otherwise the Member State other than the Member State responsible shall contact the authorities of the Member State responsible within a time limit of 14 days and the Member State responsible shall check the accuracy of the data and the lawfulness of the data processing within a time limit of one month.

2.  If a request for rectification, completion or erasure of personal data or restriction of the processing of personal data is made to a Member State other than the Member State responsible, the authorities of the Member State to which the request has been made shall check the accuracy of the data and the lawfulness of the data processing in the EES within a time limit of 14 days if that check can be done without consulting the Member State responsible. Otherwise the Member State other than the Member State responsible shall contact the authorities of the Member State responsible within a time limit of seven days and the Member State responsible shall check the accuracy of the data and the lawfulness of the data processing within a time limit of 14 days.

Amendment    162

Proposal for a regulation

Article 46 – paragraph 3 – subparagraph 1

 

Text proposed by the Commission

Amendment

In the event that data recorded in the EES are factually inaccurate or have been recorded unlawfully, the Member State responsible or, where applicable, the Member State to which the request has been made shall correct or delete the data in accordance with Article 32. The Member State responsible or, where applicable, the Member State to which the request has been made shall confirm in writing to the person concerned without delay that it has taken action to correct or delete data relating to him.

In the event that data recorded in the EES are factually inaccurate, incomplete or have been recorded unlawfully, the Member State responsible or, where applicable, the Member State to which the request has been made shall rectify, complete or erase the personal data or restrict the processing of personal data in accordance with Article 32. The Member State responsible or, where applicable, the Member State to which the request has been made shall confirm in writing to the person concerned without delay that it has taken action to rectify, complete or erase the personal data concerning him or her or to restrict the processing of such personal data.

Amendment    163

Proposal for a regulation

Article 46 – paragraph 3 – subparagraph 2

 

Text proposed by the Commission

Amendment

In the event that visa-related data recorded in the EES are factually incorrect or have been recorded unlawfully, the Member State responsible or, where applicable, the Member State to which the request has been made shall first check the accuracy of these data against the VIS and if necessary will amend them in the EES. Should the data recorded in the VIS be the same as in the EES, the Member State responsible or the Member State to which the request was made, shall contact the authorities of the Member State responsible for entering these data in the VIS within a time limit of 14 days. The Member State responsible for entering the data in the VIS shall check the accuracy of the visa related data and the lawfulness of its processing in the EES within a time limit of one month and inform the Member State responsible or the Member State to which the request has been made which shall, if necessary, amend or erase them without delay from the EES and, where applicable, from the list of persons referred to in Article 11(2).

In the event that visa-related data recorded in the EES are factually incorrect, incomplete or have been recorded unlawfully, the Member State responsible or, where applicable, the Member State to which the request has been made shall first check the accuracy of these data against the VIS and if necessary will amend them in the EES. Should the data recorded in the VIS be the same as in the EES, the Member State responsible or the Member State to which the request was made, shall contact the authorities of the Member State responsible for entering these data in the VIS within a time limit of seven days. The Member State responsible for entering the data in the VIS shall check the accuracy of the visa related data and the lawfulness of its processing in the EES within a time limit of one month and inform the Member State responsible or the Member State to which the request has been made which shall, if necessary, rectify, complete or erase the personal data concerning him or her or restrict the processing of such data without delay from the EES and, where applicable, from the list of persons referred to in Article 11(2).

Amendment    164

Proposal for a regulation

Article 46 – paragraph 4

 

Text proposed by the Commission

Amendment

4.  If the Member State responsible or, where applicable, the Member State to which the request has been made does not agree that data recorded in the EES are factually inaccurate or have been recorded unlawfully, that Member State shall adopt an administrative decision explaining in writing to the person concerned without delay why it is not prepared to correct or delete data relating to him.

4.  If the Member State responsible or, where applicable, the Member State to which the request has been made does not agree that data recorded in the EES are factually inaccurate, incomplete or have been recorded unlawfully, that Member State shall adopt an administrative decision explaining in writing to the person concerned without delay why it is not prepared to rectify, complete or erase the personal data relating to him or her or restrict the processing of such data.

Amendment    165

Proposal for a regulation

Article 46 – paragraph 5

 

Text proposed by the Commission

Amendment

5.  The Member State responsible or, where applicable, the Member State to which the request has been made shall also provide the person concerned with information explaining the steps which he can take if he does not accept the explanation for the decision pursuant to paragraph 5. This shall include information on how to bring an action or a complaint before the competent authorities or courts of that Member State and any assistance, including from the supervisory authorities, that is available in accordance with the laws, regulations and procedures of that Member State.

5.  The Member State responsible or, where applicable, the Member State to which the request has been made shall also provide the person concerned with information explaining the steps which he or she can take if he or she does not accept the explanation for the decision pursuant to paragraph 4. This shall include information on how to bring an action or a complaint before the competent authorities or courts of that Member State and any assistance, including from the supervisory authorities, that is available in accordance with the laws, regulations and procedures of that Member State.

Amendment    166

Proposal for a regulation

Article 46 – paragraph 6

 

Text proposed by the Commission

Amendment

6.  Any request made pursuant to paragraphs 1 and 2 shall contain the necessary information to identify the person concerned, including fingerprints. That information shall be used exclusively to enable t the exercise of the rights referred to in paragraphs 1 and 2 and shall be erased immediately afterwards.

6.  Any request made pursuant to paragraphs 1 and 2 shall contain the minimum information necessary to identify the person concerned. Fingerprints may be requested for this purpose only in duly justified cases where there are substantive doubts as to the identity of the applicant. That information shall be used exclusively to enable the exercise of the rights referred to in paragraphs 1 and 2 and shall be erased immediately afterwards.

Amendment     167

Proposal for a regulation

Article 46 – paragraph 7

Text proposed by the Commission

Amendment

7.  Whenever a person requests data relating to him in accordance with paragraph 2, the competent authority shall keep a record in the form of a written document that such a request was made and how it was addressed and by which authority and shall make that document available to the national supervisory authorities without delay.

7.  Whenever a person requests data relating to him in accordance with paragraph 2, the competent authority shall keep a record in the form of a written document that such a request was made and how it was addressed and by which authority and shall make that document available to the national supervisory authorities within seven days. A copy of that document shall also be issued to the person concerned.

Amendment    168

Proposal for a regulation

Article 47 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  The competent authorities of the Member States shall cooperate actively to enforce the rights laid down in Article 46(3), (4) and (5).

1.  The competent authorities of the Member States shall cooperate actively to enforce the rights laid down in Article 46.

Amendment    169

Proposal for a regulation

Article 47 – paragraph 2 – subparagraph 1

 

Text proposed by the Commission

Amendment

In each Member State, the supervisory authority shall, upon request, assist and advise the person concerned in exercising his right to correct or delete data relating to him in accordance with Article 28(4) of Directive 95/46/EC.

In each Member State, the supervisory authority shall, upon request, assist and advise the data subject in exercising his or her right to rectify, complete or erase personal data relating to him or her or to restrict such data in accordance with Regulation (EU) 2016/679.

Amendment    170

Proposal for a regulation

Article 48 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  In each Member State any person shall have the right to bring an action or a complaint before the competent authorities or courts of that Member State which refused the right of access to or the right of correction or deletion of data relating to him, provided for in Article 46.

1.  Without prejudice to Articles 77 to 82 of Regulation (EU) 2016/679, in each Member State any person shall have the right to bring an action or a complaint before the competent authorities or courts of that Member State which refused the right of access to or the right of rectification, completion or erasure of data relating to him, provided for in Article 46. The right to bring such an action or complaint shall also apply in cases where requests for access, correction or deletion were not answered within the deadlines provided for in Article 46 or were never dealt with by the data controller.

Amendment    171

Proposal for a regulation

Article 49 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  Each Member State shall ensure that the national supervisory authority or authorities designated pursuant to Article 28(1) of Directive 95/46/EC shall monitor the lawfulness of the processing of personal data referred to in Articles 13 to 19 by the Member State concerned, including their transmission to and from the EES.

1.  Each Member State shall ensure that the national supervisory authority or authorities designated pursuant to Article 51(1) of Regulation (EU) 2016/679 shall independently monitor the lawfulness of the processing of personal data referred to in Chapters II, III and V of this Regulation by the Member State concerned, including their transmission to and from the EES.

Justification

Data according to this Regulation is not only processed under Articles 13-19.

Amendment    172

Proposal for a regulation

Article 49 – paragraph 2

 

Text proposed by the Commission

Amendment

2.  The supervisory authority shall ensure that an audit of the data processing operations in the National System is carried out in accordance with relevant international auditing standards at least every four years.

2.  The supervisory authority or authorities shall ensure that an audit of the data processing operations in the national border infrastructure is carried out in accordance with relevant international auditing standards at least every two years.

Amendment     173

Proposal for a regulation

Article 49 – paragraph 3

Text proposed by the Commission

Amendment

3.  Member States shall ensure that their supervisory authority has sufficient resources to fulfil the tasks entrusted to it under this Regulation.

3.  Member States shall ensure that their independent supervisory authority or authorities have sufficient resources to fulfil the tasks entrusted to them under this Regulation.

Amendment    174

Proposal for a regulation

Article 49 – paragraph 4

 

Text proposed by the Commission

Amendment

4.  In relation to the processing of personal data in the EES, each Member State shall designate the authority which is to be considered as controller in accordance with Article 2(d) of Directive 95/46/EC and which shall have central responsibility for the processing of data by this Member State. Each Member State shall communicate the details of this authority to the Commission.

deleted

Amendment    175

Proposal for a regulation

Article 49 – paragraph 5

 

Text proposed by the Commission

Amendment

5.  Each Member State shall supply any information requested by the supervisory authorities and shall, in particular, provide them with information on the activities carried out in accordance with Articles 35, 36(1) and 39. Each Member State shall grant the supervisory authorities access to their records pursuant to Article 30 and allow them access at all times to all their EES related premises.

5.  Each Member State shall supply any information requested by the supervisory authorities and shall, in particular, provide them with information on the activities carried out in accordance with Articles 35, 36(1) and 39. Each Member State shall grant the supervisory authorities access to their records pursuant to Article 41 and allow them access at all times to all their EES related premises.

Justification

Correction of cross-reference.

Amendment    176

Proposal for a regulation

Article 49 – paragraph 5 a (new)

 

Text proposed by the Commission

Amendment

 

5a.  Each Member State shall ensure that its supervisory authority or authorities have access to advice from persons with sufficient knowledge of biometric data.

Justification

Aligned to Eurodac

Amendment    177

Proposal for a regulation

Article 50 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  The European Data Protection Supervisor shall ensure that the personal data processing activities of eu-LISA concerning the EES are carried out in accordance with this Regulation.

1.  The European Data Protection Supervisor shall be responsible for monitoring the personal data processing activities of eu-LISA concerning the EES and for ensuring that such activities are carried out in accordance with Regulation (EC) No 45/2001 and with this Regulation.

Justification

Aligned to Article 49 on supervisory authority. Also aligned to Europol Regulation (Article 43) to have both “monitoring and ensuring”.

Amendment    178

Proposal for a regulation

Article 50 – paragraph 2

 

Text proposed by the Commission

Amendment

2.  The European Data Protection Supervisor shall ensure that an audit of the Agency's personal data processing activities is carried out in accordance with relevant international auditing standards at least every four years. A report of that audit shall be sent to the European Parliament, the Council, eu-LISA, the Commission and the national supervisory authorities. eu-LISA shall be given an opportunity to make comments before the report is adopted.

2.  The European Data Protection Supervisor shall ensure that an audit of eu-LISA's personal data processing activities is carried out in accordance with relevant international auditing standards at least every two years. A report of that audit shall be sent to the European Parliament, the Council, the Commission, eu-LISA and the supervisory authorities. eu-LISA shall be given an opportunity to make comments before the report is adopted.

Amendment    179

Proposal for a regulation

Article 51 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  The national supervisory authorities and the European Data Protection Supervisor shall actively cooperate within the framework of their responsibilities and shall ensure coordinated supervision of the EES and the National Systems.

1.  The national supervisory authorities and the European Data Protection Supervisor shall, each acting within the scope of their respective competences, cooperate actively in the framework of their responsibilities and shall ensure coordinated supervision of the EES and the national border infrastructures.

 

(Horizontal change to change “national systems” to “national border infrastructures” with the exception of Article 58.)

Justification

Adjustment of the terminology to Article 6 and to eurodac wording.

Amendment    180

Proposal for a regulation

Article 51 – paragraph 2

 

Text proposed by the Commission

Amendment

2.  They shall exchange relevant information, assist each other in carrying out audits and inspections, examine difficulties over the interpretation or application of this Regulation, assess problems in the exercise of independent supervision or the exercise of the rights of the data subject, draw up harmonised proposals for joint solutions to any problems and promote awareness of data protection rights, as necessary.

2.  They shall exchange relevant information, assist each other in carrying out audits and inspections, examine difficulties over the interpretation or application of this Regulation, assess problems in the exercise of independent supervision or in the exercise of the rights of the data subject, draw up harmonised proposals for joint solutions to any problems and promote awareness of data protection rights, as necessary.

Amendment    181

Proposal for a regulation

Article 52 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  Each Member State shall ensure that the provisions adopted under national law implementing Framework Decision 2008/977/JHA are also applicable to the access to EES by its national authorities in line with Article 1(2).

1.  Each Member State shall ensure that the provisions adopted under national law implementing Directive (EU) 2016/680 are also applicable to the access to EES by its national authorities in line with Article 1(2).

Amendment    182

Proposal for a regulation

Article 52 – paragraph 2

 

Text proposed by the Commission

Amendment

2.  The monitoring of the lawfulness of the access to personal data by the Member States for the purposes listed in Article 1(2) of this Regulation, including their transmission to and from the EES, shall be carried out by the national supervisory authorities designated pursuant to Framework Decision 2008/977/JHA.

2.  The monitoring of the lawfulness of the access to personal data by the Member States for the purposes listed in Article 5(1a) of this Regulation, including their transmission to and from the EES, shall be carried out by the national supervisory authorities designated pursuant to Directive (EU) 2016/680.

Amendment    183

Proposal for a regulation

Article 52 – paragraph 3

 

Text proposed by the Commission

Amendment

3.  The processing of personal data by Europol shall be carried out in accordance with Decision 2009/371/JHA and shall be supervised by an independent external data protection supervisor. Articles 30, 31 and 32 of that Decision shall be applicable to the processing of personal data by Europol pursuant to this Regulation. The independent external data protection supervisor shall ensure that the rights of the third country national are not infringed.

3.  The processing of personal data by Europol pursuant to this Regulation shall be carried out in accordance with Regulation (EU) 2016/794 and shall be supervised by the European Data Protection Supervisor.

Justification

With respect to Article 43 of the Europol Regulation.

Amendment    184

Proposal for a regulation

Article 52 – paragraph 4

 

Text proposed by the Commission

Amendment

4.  Personal data accessed in the EES for the purposes laid down in Article 1(2) shall only be processed for the purposes of the prevention, detection or investigation of the specific case for which the data have been requested by a Member State or by Europol.

4.   Personal data accessed in the EES for the purposes laid down in Article 5(1a) shall only be processed for the purposes of the prevention, detection or investigation of the specific case for which the data have been requested by a Member State or by Europol.

Amendment    185

Proposal for a regulation

Article 52 – paragraph 5

 

Text proposed by the Commission

Amendment

5.   The Central System, the designated authorities, the central access points and Europol shall keep records of the searches for the purposes of enabling the national data protection authorities and the European Data Protection Supervisor to monitor the compliance of data processing with Union data protection rules. Other than for such purpose, personal data, as well as the records of the searches, shall be erased in all national and Europol files after a period of one month, unless those data and records are required for the purposes of the specific ongoing criminal investigation for which they were requested by a Member State or by Europol.

5.  The Central System, the designated authorities, the central access points and Europol shall keep records of the searches for the purposes of enabling the national data protection authorities and the European Data Protection Supervisor to monitor the compliance of data processing with Union data protection rules, including for the purpose of maintaining records in order to prepare the annual reports referred to in Article 64(8). Other than for such purpose, personal data, as well as the records of the searches, shall be erased in all national and Europol files after a period of one month, unless those data and records are required for the purposes of the specific ongoing criminal investigation for which they were requested by a Member State or by Europol.

Amendment    186

Proposal for a regulation

Article 53 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  Each Member State and Europol shall ensure that all data processing operations resulting from requests to access to EES data for the purposes laid down in Article 1(2) are logged or documented for the purposes of checking the admissibility of the request, monitoring the lawfulness of the data processing and data integrity and security, and self-monitoring.

1.  Each Member State and Europol shall ensure that all data processing operations resulting from requests to access to EES data for the purposes laid down in Article 5(1a) are logged or documented for the purposes of checking the admissibility of the request, monitoring the lawfulness of the data processing and data integrity and security, and self-monitoring.

Amendment    187

Proposal for a regulation

Article 53 – paragraph 2 – introductory part

 

Text proposed by the Commission

Amendment

2.  The log or documentation shall show:

2.  The log or documentation shall show, in all cases:

Amendment    188

Proposal for a regulation

Article 53 – paragraph 2 – point d a (new)

 

Text proposed by the Commission

Amendment

 

(da)  the name of the authority having requested access for comparison and the responsible person who made the request and processed the data;

Amendment    189

Proposal for a regulation

Article 53 – paragraph 2 - point h

 

Text proposed by the Commission

Amendment

(h)  in accordance with national rules or with Decision 2009/371/JHA, the identifying mark of the official who carried out the search and of the official who ordered the search or supply.

(h)  in accordance with national rules or with Regulation (EU) 2016/794, the identifying mark of the official who carried out the search and of the official who ordered the search or supply.

Amendment    190

Proposal for a regulation

Article 53 – paragraph 3

 

Text proposed by the Commission

Amendment

3.  Logs and documentation shall be used only for monitoring the lawfulness of data processing and for ensuring data integrity and security. Only logs containing non-personal data may be used for the monitoring and evaluation referred to in Article 64. The competent national supervisory authorities responsible for checking the admissibility of the request and monitoring the lawfulness of the data processing and data integrity and security shall have access to those logs at their request for the purpose of fulfilling their duties.

3.  Logs and documentation shall be used only for monitoring the lawfulness of data processing and for ensuring data integrity and security. Only logs which do not contain personal data may be used for the monitoring and evaluation referred to in Article 64. The competent national supervisory authorities responsible for checking the admissibility of the request and monitoring the lawfulness of the data processing and data integrity and security shall have access to these logs at their request for the purpose of fulfilling their duties.

Amendment    191

Proposal for a regulation

Article 55 – paragraph 1 – point 4

Regulation (EU) No 767/2008

Article 17a – paragraph 1

 

Text proposed by the Commission

Amendment

1.  From the start of operations of the EES referred to in Article 60(1) of [Regulation establishing an Entry/Exit System (EES)], interoperability between the EES and the VIS is established to ensure more efficiency and rapidity of border checks. To this effect eu-LISA shall establish a Secure Communication Channel between the EES Central System and the VIS Central System to enable interoperability between the EES and the VIS. Direct consultation between the systems shall only be possible if both this Regulation and Regulation (EC) No 767/2008 provide for it.

1.  From the start of operations of the EES referred to in Article 60(1) of [Regulation establishing an Entry/Exit System (EES)], interoperability between the EES and the VIS is established to ensure more efficiency and rapidity of border checks with due respect for the purpose limitation principle. To this effect eu-LISA shall establish a Secure Communication Channel between the EES Central System and the VIS Central System to enable interoperability between the EES and the VIS. Direct consultation between the systems shall only be possible if both this Regulation and Regulation (EC) No 767/2008 provide for it.

Amendment    192

Proposal for a regulation

Article 55 – paragraph 1 – point 4

Regulation (EU) No 767/2008

Article 17a – paragraph 4

 

Text proposed by the Commission

Amendment

4.  In accordance with Article 33 of the [Regulation establishing an Entry/Exit System (EES)], the Commission shall adopt the measures necessary for the establishment and the high level design of the interoperability in accordance with Article 34 of the [Regulation establishing an Entry/Exit System (EES)]. In order to establish the interoperability with the EES, the Management Authority shall develop the required evolutions and/or adaptations of the Central Visa Information System, the National Interface in each Member State, and the communication infrastructure between the Central Visa Information System and the National Interfaces. The national infrastructures shall be adapted and/or developed by the Member States.

4.  In accordance with Article 33 of the [Regulation establishing an Entry/Exit System (EES)], the Commission shall adopt the measures necessary for the establishment and the high level design of the interoperability in accordance with Article 34 of the [Regulation establishing an Entry/Exit System (EES)]. In order to establish the interoperability with the EES, eu-LISA shall develop the required evolutions and/or adaptations of the Central Visa Information System, the National Interface in each Member State, and the communication infrastructure between the Central Visa Information System and the National Interfaces. The national infrastructures shall be adapted and/or developed by the Member States.

Amendment    193

Proposal for a regulation

Article 55 – paragraph 1 – point 5

Regulation (EU) No 767/2008

Article 18 – paragraph 3 – introductory part

 

Text proposed by the Commission

Amendment

3.  If the search with the data listed in paragraph 1 indicates that the VIS stores data on one or more issued or extended visa(s)), which are under their validity period and are territorially valid for the border crossing, the competent border control authority shall be given access to consult the following data of the concerned application file as well as of linked application file(s) pursuant to Article 8(4), solely for the purposes referred to in paragraph 1:

3.  If the search with the data listed in paragraph 1 indicates that data on the visa holder are recorded in the VIS, the competent border control authority shall be given access to consult the following data of the concerned application file as well as of linked application file(s) pursuant to Article 8(4), solely for the purposes referred to in paragraph 1:

Justification

Paragraphs 3 and 4 are merged to simplify the text.

Amendment    194

Proposal for a regulation

Article 55 – paragraph 1 – point 5

Regulation (EU) No 767/2008

Article 18 – paragraph 4

 

Text proposed by the Commission

Amendment

4.  If the search with the data listed in paragraph 1 indicates that data on the person are recorded in the VIS but that the visa(s) recorded are not valid, the competent border authority shall be given access to consult the data of the application file(s) as well as of the linked application file(s) pursuant to Article 8(4), solely for the purposes referred to in paragraph 1:

deleted

(a)  the status information and the data taken from the application form, referred to in Article 9(2) and (4);

 

(b)  photographs;

 

(c)  the data entered in respect of the visa(s) issued, annulled, revoked or whose validity is extended, referred to in Articles 10, 13 and 14.

 

Justification

Paragraphs 3 and 4 are merged to simplify the text.

Amendment    195

Proposal for a regulation

Article 55 – paragraph 1 – point 5

Regulation (EU) No 767/2008

Article 18 – paragraph 5 – point a – point ii

 

Text proposed by the Commission

Amendment

(ii)  the technology is not available at the border crossing point for the use of live facial image and therefore the identity of the visa holder cannot be verified against the EES;

(ii)  the technology is temporarily not available at the border crossing point for the use of live facial image and therefore the identity of the visa holder cannot be verified against the EES;

Justification

As the technology is required to be available at any border crossing point, there can only be a temporary unavailability of the technology

Amendment    196

Proposal for a regulation

Article 55 – paragraph 1 – point 8 – introductory part

 

Text proposed by the Commission

Amendment

(8)  In Article 20, paragraph 1 is replaced by the following:

(8)  In Article 20, the first subparagraph of paragraph 1 is replaced by the following:

Amendment    197

Proposal for a regulation

Article 55 – paragraph 1 – point 9

Regulation (EU) No 767/2008

Article 26 – paragraph 3a

 

Text proposed by the Commission

Amendment

3a.  [Six months after the entry into force of Regulation establishing an Entry/Exit System (EES)], the Management Authority shall be responsible for the tasks referred to in paragraph 3 of this Article.

3a.   [Six months after the entry into force of Regulation establishing an Entry/Exit System (EES)], eu-LISA shall be responsible for the tasks referred to in paragraph 3 of this Article.

Amendment    198

Proposal for a regulation

Article 55 – paragraph 1 – point 10

Regulation (EU) No 767/2008

Article 34 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  Each Member State and the Management Authority shall keep records of all data processing operations within the VIS. These records shall show the purpose of access referred to in Article 6(1) and in Articles 15 to 22, the date and time, the type of data transmitted as referred to in Articles 9 to 14, the type of data used for interrogation as referred to in Articles 15(2), 17, 18(1), 18 (5), 19(1), 19a(2), 19a(5), 20(1), 21(1) and 22(1) and the name of the authority entering or retrieving the data. In addition, each Member State shall keep records of the staff duly authorised to enter or retrieve the data.

1.  Each Member State and eu-LISA shall keep records of all data processing operations within the VIS. These records shall show the purpose of access referred to in Article 6(1) and in Articles 15 to 22, the date and time, the type of data transmitted as referred to in Articles 9 to 14, the type of data used for interrogation as referred to in Articles 15(2), 17, 18(1), 18 (5), 19(1), 19a(2), 19a(5), 20(1), 21(1) and 22(1) and the name of the authority entering or retrieving the data. In addition, each Member State shall keep records of the staff duly authorised to enter or retrieve the data.

Amendment     199

Proposal for a regulation

Article 57 – paragraph 1 – introductory part

Text proposed by the Commission

Amendment

1.  The duly authorised staff of the competent authorities of Member States, the Commission, eu-LISA and Frontex shall have access to consult the following data, solely for the purposes of reporting and statistics without allowing for individual identification:

1.  The duly authorised staff of the competent authorities of Member States, the Commission and eu-LISA shall have access to consult the following data, solely for the purposes of reporting and statistics without allowing for individual identification or profiling and the duly authorised staff of the European Border and Coast Guard Agency shall have access to consult the following data for the purpose of carrying out risk analyses and vulnerability assessments as referred to in Articles 11 and 13 of Regulation (EU) 2016/1624:

Amendment     200

Proposal for a regulation

Article 57 – paragraph 1 – point b

Text proposed by the Commission

Amendment

(b)  nationality, gender and date of birth of the third country national;

(b)  nationality, gender and year of birth of the third country national;

Amendment    201

Proposal for a regulation

Article 57 – paragraph 2 – subparagraph 1

 

Text proposed by the Commission

Amendment

2.  For the purpose of paragraph 1, eu-LISA shall establish, implement and host a central repository in its technical sites containing the data referred to in paragraph 1 which would not allow for the identification of individuals and would allow the authorities listed in paragraph 1 to obtain customisable reports and statistics on the entries and exits, refusals of entry and overstay of third country nationals to improve the assessment of the risk of overstay, to enhance the efficiency of border checks, to help consulates processing the visa applications and to support evidence-based Union migration policymaking. The repository shall also contain daily statistics on the data referred to in paragraph 4. Access to the central repository shall be granted by means of secured access through S-TESTA with control of access and specific user profiles solely for the purpose of reporting and statistics.

2.  For the purpose of paragraph 1, eu-LISA shall establish, implement and host a repository at a central level in its technical sites containing the data referred to in paragraph 1 which would not allow for the identification of individuals and would allow the authorities listed in paragraph 1 to obtain customisable reports and statistics on the entries and exits, refusals of entry and overstay of third country nationals to enhance the efficiency of border checks, to help consulates processing the visa applications and to support evidence-based Union migration policymaking. The repository shall also contain daily statistics on the data referred to in paragraph 4. Access to the central repository shall be granted by means of secured access through S-TESTA with control of access and specific user profiles solely for the purpose of reporting and statistics.

Amendment     202

Proposal for a regulation

Article 57 – paragraph 4

Text proposed by the Commission

Amendment

4.  Every quarter, eu-LISA shall publish statistics on the EES showing in particular the number, nationality and border crossing point of entry of overstayers, of third country nationals who were refused entry, including the grounds for refusal, and of third country nationals whose stays were revoked or extended as well as the number of third country nationals exempt from the requirement to give fingerprints.

4.  Every quarter, eu-LISA shall publish statistics on the EES showing in particular the number, nationality, age, gender, duration of stay and border crossing point of entry of overstayers, of third country nationals who were refused entry, including the grounds for refusal, and of third country nationals whose stays were revoked or extended as well as the number of third country nationals exempt from the requirement to give fingerprints.

Amendment    203

Proposal for a regulation

Article 57 – paragraph 5

 

Text proposed by the Commission

Amendment

5.  At the end of each year, statistical data shall be compiled in the form of quarterly statistics for that year. The statistics shall contain a breakdown of data for each Member State.

5.  At the end of each year, statistical data shall be compiled in an annual report for that year. The statistics shall contain a breakdown of data for each Member State. The report shall be published and transmitted to the European Parliament, to the Council, to the Commission, to the European Data Protection Supervisor and to the national supervisory authorities.

Amendment     204

Proposal for a regulation

Article 57 – paragraph 6

Text proposed by the Commission

Amendment

6.  At the request of the Commission, eu-LISA shall provide it with statistics on specific aspects related to the implementation of this Regulation as well as the statistics pursuant to paragraph 3.

6.  At the request of the Commission and the European Parliament, eu-LISA shall provide them with statistics on specific aspects related to the implementation of this Regulation as well as the statistics pursuant to paragraph 3.

Amendment     205

Proposal for a regulation

Article 58 – paragraph 1

Text proposed by the Commission

Amendment

1.  The costs incurred in connection with the establishment and operation of the Central System, the Communication Infrastructure and the National Uniform Interface shall be borne by the general budget of the Union.

1.  The costs incurred in connection with the establishment and operation of the Central System, the secure and encrypted Communication Infrastructure and the National Uniform Interface shall be borne by the general budget of the Union.

Amendment    206

Proposal for a regulation

Article 58 – paragraph 2 – subparagraph 2 – point b

 

Text proposed by the Commission

Amendment

(b)  hosting of national systems (space, implementation, electricity, cooling);

(b)  hosting of national systems and border infrastructures (space, implementation, electricity, cooling);

Justification

Adjustment of the terminology to Article 6.

Amendment    207

Proposal for a regulation

Article 58 – paragraph 2 – subparagraph 2 – point c

 

Text proposed by the Commission

Amendment

(c)  operation of national systems (operators and support contracts);

(c)  operation of national systems and border infrastructures (operators and support contracts);

Amendment    208

Proposal for a regulation

Article 59 – paragraph 6

 

Text proposed by the Commission

Amendment

6.  Commission shall make the information notified pursuant to paragraph 1 available to the Member States and the public by a constantly updated public website.

6.  The Commission shall publish the information referred to in paragraphs 1 to 4 in the Official Journal of the European Union. Where there are amendments thereto, the Commission shall publish once a year an updated consolidated version of this information. The Commission shall maintain a constantly updated public website containing this information.

Amendment    209

Proposal for a regulation

Article 64 – paragraph 2

 

Text proposed by the Commission

Amendment

2.  By [Six months after the entry into force of this Regulation – OPOCE, please replace with the actual date] and every six months thereafter during the development phase of the EES, eu-LISA shall submit a report to the European Parliament and the Council on the state of play of the development of the Central System, the Uniform Interfaces and the Communication Infrastructure between the Central System and the Uniform Interfaces. Once the development is finalised, a report shall be submitted to the European Parliament and the Council explaining in detail how the objectives, in particular relating to planning and costs, were achieved as well as justifying any divergences.

2.  By [Six months after the entry into force of this Regulation – OPOCE, please replace with the actual date] and every six months thereafter during the development phase of the EES, eu-LISA shall submit a report to the European Parliament and the Council on the state of play of the development of the Central System, the Uniform Interfaces and the secure and encrypted Communication Infrastructure between the Central System and the Uniform Interfaces. This report shall contain detailed information about the costs incurred and information as to any risks which may impact on the overall costs of the system. Once the development is finalised, a report shall be submitted to the European Parliament and the Council explaining in detail how the objectives, in particular relating to planning and costs, were achieved as well as justifying any divergences.

Justification

Given the previous experiences, especially with SISII, costs should be closely monitored.

Amendment     210

Proposal for a regulation

Article 64 – paragraph 5

Text proposed by the Commission

Amendment

5.  Three years after the start of operations of the EES and every four years thereafter, the Commission shall produce an overall evaluation of the EES. This overall evaluation shall include an examination of results achieved against objectives and the impact on fundamental rights, and assessing the continuing validity of the underlying rationale, the application of the Regulation, the security of the EES and any implications on future operations, and shall make any necessary recommendations. The Commission shall transmit the evaluation report to the European Parliament and the Council.

5.  Three years after the start of operations of the EES and every four years thereafter, the Commission shall produce an overall evaluation of the EES. This overall evaluation shall include an examination of results achieved against objectives and the impact on fundamental rights, and assessing the continuing validity of the underlying rationale, the application of the Regulation, the security of the EES and any implications including those with a budgetary impact on future operations, and shall make any necessary recommendations. The Commission shall transmit the evaluation report to the European Parliament, the Council, the European Data Protection Supervisor and the European Agency for Fundamental Rights.

Amendment     211

Proposal for a regulation

Article 64 – paragraph 8 – point f a (new)

Text proposed by the Commission

Amendment

 

(fa) the number of requests for corrections of data, the action subsequently taken and the number of corrections made in response to requests by the persons concerned

Amendment    212

Proposal for a regulation

Article 65 – subparagraph 1

 

Text proposed by the Commission

Amendment

This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union. This Regulation shall be binding in its entirety and directly applicable in the Member States in accordance with the Treaties.

This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.

 

This Regulation shall apply from the date determined by the Commission in accordance with Article 60, with the exception of Articles 4, 33, 34, 35, 56, 58, 59, 60 and 61, which shall apply from the date of entry into force of this Regulation.

 

This Regulation shall be binding in its entirety and directly applicable in the Member States in accordance with the Treaties.

Justification

The Articles which are required for the development of the EES should be directly applicable. The entire Regulation should become applicable once the EES starts operations.

  • [1]  OJ C 487, 28.12.2016, p. 66.

EXPLANATORY STATEMENT

Introduction

The increase in traveller flows at the EU’s external borders in recent years has highlighted the inefficiency of the current border control systems, something which could get worse as the number of travellers rises, which is predicted to happen over the coming years. The number of third country nationals legally travelling to Schengen countries for a short-term visit is forecast to be around 300 million by 2025. Air traffic alone is predicted to grow at a rate of 2.6% annually over the next 20 years in Europe. Our traveller management systems need to be modernised, so that they become not only more flexible and efficient but also more secure, based on the premise that re-nationalising information and border control systems is not an option. The viability of these controls cannot depend exclusively on travellers’ passports or on stamps inside them, which could have been falsified or could be illegible, and which are a heavy burden on the border authorities since they distract them from their actual work, thus compromising security. Not doing anything would lead, in the medium-term, to the collapse of our border crossing points and would require heavy investment in infrastructure and staff to cope with the flows.

Setting up a European Entry/Exit System (EES) will benefit passengers by reducing their waiting time at border crossing points; Member States, by processing bona fide passengers more quickly at the same time as tightening border security; infrastructure operators, by providing shorter connections in transit areas, with the direct and indirect economic benefits that this entails; border point operators, who would be able to optimise their resources, and carriers, whose work would be made easier. All of this while safeguarding the necessary protection of fundamental rights and of the data held in the system.

The European Agenda on Migration already identified ‘border management’ as one of the ‘four pillars to manage migration better’. The transnational threats that the EU has been facing in recent times have shown that in a borderless area, the external borders need to be efficiently controlled. The link between effective border control and the strengthening of internal security is increasingly evident. The rapporteur is in favour of granting security forces access to the EES, with the aim of fighting against serious crime and terror threats, providing it with added value. This access needs to be controlled, necessary, proportional and should meet the appropriate safeguards for rights and data protection. A balance can and must be found between speeding-up border crossings and improving their security.

The rapporteur’s position

1.- Objectives

The legislative proposal under review is to establish a system to facilitate border crossings, help to combat irregular migration among people exceeding the legal period of stay and support the fight against organised crime and terrorism. These objectives must be guaranteed and made compatible with the protection of data collected in the EES in terms of proportionality and necessity.

2.- Architecture

The rapporteur is pleased with the changes brought in by the legislative proposal, many of which provide answers to the doubts raised during the preparatory work. However, he does not understand the decision to scrap the RTP, which Parliament saw as a bold way of speeding up border crossings.

3.- Interoperability with the VIS

One of the most important parts of this proposal is the interoperability of the EES with the VIS, which points to the future structure of relations between the different information systems. Given that the principle of proportionality is upheld, this interoperability does not interfere in any way with the rights enshrined in Articles 7 and 8 of the Charter of Fundamental Rights (CFR).

Without advocating interoperability with the SIS II at this stage, clarification is needed regarding the procedure to be followed in connection with alerts signalling travellers who have exceeded their authorised stay in the Schengen area.

4.- Budget

The EES will undoubtedly be expensive, but if no measures were taken it would be much more so in terms of spending on infrastructure and staff in order to cope with the increasing passenger flows, and also in terms of the Member States’ security. The rapporteur supports budgetary rationalisation and expresses concern over the possible deviations that could occur throughout the implementation process, which entails the need for greater ex ante and ex post control.

5.- Biometrics

The test phase revealed that the best option for combining speed and security in border crossings would be the combination of four fingerprints and facial image recognition. In line with the views expressed by Parliament, the number of biometric data collected is to decrease, allowing the data already held in the VIS to be imported, and resulting in less data-capturing and fewer duplications of the data stored. High quality standards must be ensured so that the data collected can be put to full use for their intended purposes.

6.- Data and fundamental rights protection

This regulation must guarantee protection for the data stored in the EES, in line with the CFR. In this regard, in order to be in compliance with Articles 7 and 8 of the CFR, the EES must fulfil the following criteria: have an appropriate legal basis; respect the principles of the charter, pursue a general interest; be proportionate and necessary. One of the ways in which this can be achieved is through measures such as reducing the amount of data registered in the system, the role of national and European data protection authorities (EDPS), correction and deletion procedures and methods and authorisations for accessing the system. It might be pointed out that the CJEU has recognised the objectives of the EES (border and migration control, the fight against serious organised crime and terrorism) as being of general interest.

7.- Data retention period

The EES must uphold the principles of necessity and proportionality. The 181-day retention period which was initially proposed would hinder the system’s effectiveness. From the traveller’s point of view, this would not meet the objective of speeding up border traffic, since such a short period would require the data of frequent third country national travellers to be recorded repeatedly, slowing down the process. From the point of view of consulates and border authorities, there would no longer be any possibility of analysing travel histories and carrying out risk analyses, which are intrinsic to decision making; and from the point of view of the security forces, relevant data, essential in the fight against serious crime and terrorism, would be destroyed.

The proposed timeframe is consistent with the system’s objectives, and would facilitate interoperability with the VIS. However, the necessary guarantees must be given so that data subjects can access, correct and/or delete data where necessary.

8.- Security forces’ access to the system

Granting national security forces and Europol access to the system from the start as a means of fighting organised crime and terrorism will give the system a huge added value. Making this possibility compatible with facilitating border crossings is necessary and legally viable, in line with the European legal system. The survival of the Schengen area partly depends on the protection of its external borders. The most useful tool we have in the fight against organised crime is intelligence and information: the ability to be prepared.

It is true that today some security forces are not making full use of the systems that exist, but it is also a reality that investment in training, the exchange of best practices and building mutual trust result in these systems being used more extensively and more effectively. During the system’s implementation period, the authorities which will have access to it will need to receive some training.

9.- The impact on carriers and travellers

The role of carriers is crucial for the system’s viability. They must have proportionate and restricted access to data in the EES that will help them carry out their tasks, with sufficient guarantees that the system’s security will not be compromised.

Travellers must be able to see how long they have left to legally remain in the country. Setting up a system so that this information could be viewed online would be very useful. Accessing it must be simple and secure so only the traveller can view this information. eu-LISA would be responsible for managing this web service using a secure network, and should assess the possible risks so as to be able to identify the service’s specific needs.

10.- Governance

eu-LISA will have to play an important role in the development and maintenance of the EES. Security, control and responsibility standards will have to be adapted during the implementation of the system and once it is running. Parliament must be involved in the various cycles of the EES, within the scope its competences.

MINORITY OPINION

pursuant to Rule 52a(4) of the Rules of Procedure

Marie-Christine Vergiat

In keeping with the stated aim of making it easier to cross the EU’s external borders, the EES will be used to draw up a register of the third-country nationals entering and leaving the EU, facilitating interoperability with other databases and creating a vast system for the collection of data, in particular biometric data, including for children as young as 12. This constitutes a clear breach of international law and sets a dangerous precedent.

Police forces will be able to access the data in the same way as border guard services. This arrangement, which disregards the principles of necessity and proportionality and lumps together the issues of migration, terrorism and crime, will give rise to confusion between two very different objectives (monitoring borders and combating crime).

There will be ‘good travellers’ who enter EU territory on the basis of ad hoc administrative procedures, and there will be all the others, who will be presumed to be irregular, in a departure from the principle that each individual’s circumstances should be considered. This will affect vulnerable persons in particular, whose presence will automatically be notified to the Member States.

Given the nature and significance of the proposal, and in view of the threat posed to the fundamental rights of thousands of men, women and children, the circumstances in which it has been considered have been prejudicial to proper legislative work.

At the very least, better account should have been taken of the recommendations of the European Data Protection Supervisor.

OPINION of the Committee on Budgets (9.12.2016)

for the Committee on Civil Liberties, Justice and Home Affairs

on the proposal for a regulation of the European Parliament and of the Council establishing an Entry/Exit System (EES) to register entry and exit data and refusal of entry data of third country nationals crossing the external borders of the Member States of the European Union and determining the conditions for access to the EES for law enforcement purposes and amending Regulation (EC) No 767/2008 and Regulation (EU) No 1077/2011
(COM(2016)0194) – C8-0135/2016 – 2016/0106(COD))

Rapporteur: Monika Hohlmeier

SHORT JUSTIFICATION

The rapporteur is of the opinion that a better, more modern and efficient border management of our EU-external borders is essential, to guarantee a precise overview of the entries and exits of third country nationals. Furthermore, it is an instrument to accelerate border - checks, reducing waiting time at the borders and enhancing freedom of movement while at the same time enhancing internal security, stepping up the fight against terrorism and severe cross-border-crime and to detect illegal border crossings, identity fraud or overstayers. In particular, the Rapporteur stresses that there is an important gap in the landscape of existing information systems, which has to be addressed in order to efficiently secure the EU’s external borders. No Member State acting alone is able to achieve an effective monitoring of entry/exit of third country nationals within the whole Schengen area. Therefore, an efficient European instrument urgently needs to be developed and implemented in all Member States.

In this regard, the Rapporteur welcomes the Commission’s revised proposal for the Entry/Exit System (EES), which promotes interoperability and synergies of information systems in order to speed up, facilitate and reinforce check procedures for non-EU nationals travelling to the EU.

The Rapporteur welcomes the Technical Study on Smart Borders of the European Commission and the Final Report of the Smart Borders Pilot Project of eu-LISA which addresses the Parliament’s concerns from 2013 by assessing, in concrete terms, the financial, technical and organisational challenges for each policy option as well as by operating a testing phase entrusted to eu-LISA.

The rapporteur recalls that in the 2013 proposals, 1.1 billion EUR was earmarked in the EU budget as an indicative amount for the development of an EES and an RTP. For the revised proposal, based on the preferred option of a single EES system including the law enforcement access, the estimated amount needed is EUR 480 million. The outcome of the financial analysis seems more precise than in the former proposal. This amount is subject to the outcome of procurement procedure and the project analysis (integration of existing national systems and construction of the new system in all Member States).

The rapporteur favours that the financial support from the EU budget would cover not only the costs of central components at EU level for the entire MFF period (EUR 288 million - at EU level, both development and operational cost via indirect management) but also costs for integration of the existing national border infrastructures in Member States with the EES via the National Uniform Interfaces (EUR 120 million via direct management). In contrast to the proposal of the Commission the rapporteur recommends the installation of a crisis mechanism to guarantee that Member States with organisational and financial difficulties are enabled to establish the system in the foreseen time period.

The rapporteur also supports that once the EES would be in place, future operational costs in the Member States should be supported by their national programmes in the framework of the ISF (shared management), and encourages the Member States to identify cost efficient solutions.

Finally, the rapporteur suggests stronger rules on reporting back to the Parliament and the Council during and after the development of the EES, including an obligatory update on budgetary and cost developments, to ensure full parliamentary scrutiny and oversight of the process and to minimise the risk of cost overruns and delays.

AMENDMENTS

The Committee on Budgets calls on the Committee on Civil Liberties, Justice and Home Affairs, as the committee responsible, to take into account the following amendments:

Amendment    1

Proposal for a regulation

Recital 6 a (new)

Text proposed by the Commission

Amendment

 

(6a)  In its communication of 6 April 2016 on 'Stronger and Smarter Information Systems for Borders and Security', the Commission presented a process aimed at achieving the interoperability of information systems in order to improve structurally the Union's data management architecture for border control and security.

Amendment    2

Proposal for a regulation

Recital 7

Text proposed by the Commission

Amendment

(7)  It is necessary to specify the objectives of the Entry/Exit System (EES) and its technical architecture, to lay down rules concerning its operation and use and to define responsibilities for the system, the categories of data to be entered into the system, the purposes for which the data are to be entered, the criteria for their entry, the authorities authorised to access the data and further rules on data processing and the protection of personal data.

(7)  It is necessary to specify the objectives of the Entry/Exit System (EES) and its technical architecture, to lay down rules concerning its operation, use and interoperability with other information systems and to define responsibilities for the system, the categories of data to be entered into the system, the purposes for which the data are to be entered, the criteria for their entry, the authorities authorised to access the data and further rules on data processing and the protection of personal data.

Amendment    3

Proposal for a regulation

Recital 12

Text proposed by the Commission

Amendment

(12)  The EES should consist of a Central System, which will operate a computerised central database of biometric and alphanumeric data, a National Uniform Interface in each Member State, a Secure Communication Channel between the EES Central System and the VIS Central System and the Communication Infrastructure between the Central System and the National Uniform Interfaces. Each Member State should connect its national border infrastructures to the National Uniform Interface.

(12)  The EES should consist of a Central System, which will operate a computerised central database of biometric and alphanumeric data, a National Uniform Interface in each Member State, a Secure Communication Channel between the EES Central System and the VIS Central System and between the EES Central System and the Eurodac Central System and the Communication Infrastructure between the Central System and the National Uniform Interfaces. Each Member State should connect its national border infrastructures to the National Uniform Interface. Member States' national border infrastructures include the Schengen Information System, Interpol’s Stolen and Lost Travel Documents database (STLD) and Europol databases and the national databases of law enforcement authorities.

Amendment    4

Proposal for a regulation

Recital 13 a (new)

Text proposed by the Commission

Amendment

 

(13a)  Interoperability should be established between the EES and Eurodac by way of a direct communication channel between the Central Systems to allow the automatic transfer from the EES to Eurodac of the data of persons having exceeded the authorised period of stay;

Justification

The new Eurodac Regulation provides for the registration of the data of each third-country national staying illegally on the territory of a Member State.

Under Article 11 of this Regulation, the EES will generate a list of persons who have exceeded the authorised length of their stay and are thus staying illegally. The automated data transfer will reduce duplication.

Amendment    5

Proposal for a regulation

Recital 43

Text proposed by the Commission

Amendment

(43)  This Regulation establishing the EES replaces the obligation to stamp passports of third country nationals which is applicable by all acceding Member States. Stays in Member States which are not yet fully applying the Schengen acquis in accordance with their respective Acts of Accession should not be taken into account in the calculation of the duration of the authorised stay in the Schengen area. Such Member States should register in the EES the stay of third country nationals but the automated calculator in the system should not compute it as part of the authorised length of stay.

(43)  This Regulation establishing the EES replaces the obligation to stamp passports of third country nationals which is applicable by all acceding Member States. Stays in Member States which are not applying the provisions of the Schengen acquis under Title III of Regulation (EU) 2016/399 should be taken into account in the calculation of the duration of the authorised stay of 90 days in any period of 180 days.

Justification

Excluding a stay in one of these States from the calculation of the authorised length of stay would lead either to having 5 calculation systems:

one for States fully applying the Schengen acquis and 4 for the others not applying it fully. This would lead to considerable unnecessary costs and mean that a TCN could reside on EU territory continuously by moving from a Schengen State to a non-Schengen State. Or having a single calculation system exclusively reserved for those States that fully apply the Schengen acquis, but with the abolition of passport stamp this option would mean that the 4 non-Schengen States would not benefit from the EES and be without any means to calculate the length of stay.

Amendment    6

Proposal for a regulation

Article 6 – paragraph 1 – point b

Text proposed by the Commission

Amendment

(b)  a National Uniform Interface (NUI) in each Member State based on common technical specifications and identical for all Member States enabling the connection of the Central System to the national border infrastructures in Member States;

(b)  a National Uniform Interface (NUI) in each Member State based on common technical specifications and identical for all Member States enabling the connection of the Central System to the national border infrastructures in Member States; Member States' national border infrastructures include the Schengen Information System, Interpol’s SLTD and Europol databases and the national databases of law enforcement authorities;

Amendment    7

Proposal for a regulation

Article 6 – paragraph 1 – point c

 

Text proposed by the Commission

Amendment

(c)  a Secure Communication Channel between the EES Central System and the VIS Central System;

(c)  a Secure Communication Channel between the EES Central System, the VIS and the SIS Central Systems;

Justification

Next to full interoperability between EES and VIS, it is also necessary to include the Schengen Information System (SIS) to enable full data exchange.

Amendment    8

Proposal for a regulation

Article 6 – paragraph 1 – point c a (new)

Text proposed by the Commission

Amendment

 

(ca)  a Secure Communication Channel between the EES Central System and the Eurodac Central System;

Amendment    9

Proposal for a regulation

Article 7 a (new)

Text proposed by the Commission

Amendment

 

Article 7a

 

Interoperability with Eurodac

 

1.  eu-LISA shall establish a Secure Communication Channel between the EES Central System and the Eurodac Central System to allow interoperability between the two systems.

 

2.  This interoperability requirement shall allow the automated transfer from the EES Central System to the Eurodac Central System of the data referred to in Articles 14 and 15 concerning all persons having exceeded the permitted length of stay.

Amendment    10

Proposal for a regulation

Article 10 – paragraph 4

Text proposed by the Commission

Amendment

4.  Stays in Member States which are not yet fully applying the Schengen acquis in accordance with their respective Acts of Accession shall not be taken into account in the calculation of the duration of the authorised stay in the Schengen area. Those Member States shall register the stays of third country nationals in the EES. The automated calculator in the system shall not however compute stays in Member States which are not yet fully applying the Schengen acquis as part of the authorised length of stay.

4.  Stays in Member States which are not applying the provisions under Title III of Regulation (EU) 2016/399 shall be taken into account in the calculation of the duration of the authorised stay.

Justification

Excluding a stay in one of these States from the calculation of the authorised length of a stay would lead either to having 5 calculation systems: one for States fully applying the Schengen acquis and 4 for the others not applying it fully. This would lead to considerable unnecessary costs and mean that a TCN could reside on EU territory continuously by moving from a Schengen State to a non-Schengen State. Or having a single calculation system exclusively reserved for those States that fully apply the Schengen acquis, but with the abolition of passport stamp this option would mean that the 4 non-Schengen States would not benefit from the EES and be without any means to calculate the length of stay.

Amendment    11

Proposal for a regulation

Article 11 – paragraph 2 a (new)

Text proposed by the Commission

Amendment

 

2a.  The data referred to in Articles 14 and 15 concerning all persons having exceeded by more than 15 days the permitted length of stay and whose entry/exit record contains no exit data shall be automatically transferred to the Eurodac Central System.

Amendment    12

Proposal for a regulation

Article 34 – paragraph 1 – subparagraph 1

Text proposed by the Commission

Amendment

eu-LISA shall be responsible for the development of the Central System, the National Uniform Interfaces, the Communication Infrastructure and the Secure Communication Channel between the EES Central System and the VIS Central System. It shall also be responsible for the development of the web service referred to in Article 12 in accordance with the specifications and conditions adopted in accordance with the examination procedure referred to in Article 61(2).

eu-LISA shall be responsible for the development of the Central System, the National Uniform Interfaces, the Communication Infrastructure and the Secure Communication Channel between the EES Central System and the VIS Central System and between the EES Central System and the Eurodac Central System. It shall also be responsible for the development of the web service referred to in Article 12 in accordance with the specifications and conditions adopted in accordance with the examination procedure referred to in Article 61(2).

Amendment    13

Proposal for a regulation

Article 34 – paragraph 1 – subparagraph 2

Text proposed by the Commission

Amendment

eu-LISA shall define the design of the physical architecture of the system including its Communication Infrastructure as well as the technical specifications and their evolution as regards the Central System, the Uniform Interfaces, the Secure Communication Channel between the EES Central System and the VIS Central System and the Communication Infrastructure, which shall be adopted by the Management Board, subject to a favourable opinion of the Commission. eu-LISA shall also implement any necessary adaptations to the VIS deriving from the establishment of interoperability with the EES as well as from the implementation of the amendments to Regulation (EC) No 767/2008 referred to in Article 55.

eu-LISA shall define the design of the physical architecture of the system including its Communication Infrastructure as well as the technical specifications and their evolution as regards the Central System, the Uniform Interfaces, the Secure Communication Channel between the EES Central System and the VIS Central System and between the EES Central System and the Eurodac Central System and the Communication Infrastructure, which shall be adopted by the Management Board, subject to a favourable opinion of the Commission. eu-LISA shall also implement any necessary adaptations to the VIS deriving from the establishment of interoperability with the EES as well as from the implementation of the amendments to Regulation (EC) No 767/2008 referred to in Article 55.

Amendment    14

Proposal for a regulation

Article 34 – paragraph 1 – subparagraph 3

Text proposed by the Commission

Amendment

eu-LISA shall develop and implement the Central System, the National Uniform Interfaces, the Secure Communication Channel between the EES Central System and the VIS Central System, and the Communication Infrastructure as soon as possible after the entry into force of this Regulation and the adoption by the Commission of the measures provided for in Article 33.

eu-LISA shall develop and implement the Central System, the National Uniform Interfaces, the Secure Communication Channel between the EES Central System and the VIS Central System and between the EES Central System and the Eurodac Central System, and the Communication Infrastructure as soon as possible after the entry into force of this Regulation and the adoption by the Commission of the measures provided for in Article 33.

Amendment    15

Proposal for a regulation

Article 34 – paragraph 3 – subparagraph 1

Text proposed by the Commission

Amendment

eu-LISA shall be responsible for the operational management of the Central System, the Secure Communication Channel between the EES Central System and the VIS Central System and the National Uniform Interfaces. It shall ensure, in cooperation with the Member States, at all times the best available technology, subject to a cost-benefit analysis. eu-LISA shall also be responsible for the operational management of the Communication Infrastructure between the Central system and the National Uniform Interfaces and for the web-service referred to in Article 12.

eu-LISA shall be responsible for the operational management of the Central System, the Secure Communication Channel between the EES Central System and the VIS Central System and between the EES Central System and the Eurodac Central System and the National Uniform Interfaces. It shall ensure, in cooperation with the Member States, at all times the best available technology, subject to a cost-benefit analysis. eu-LISA shall also be responsible for the operational management of the Communication Infrastructure between the Central system and the National Uniform Interfaces and for the web-service referred to in Article 12.

Amendment    16

Proposal for a regulation

Article 34 a (new)

 

Text proposed by the Commission

Amendment

 

Article 34a

 

Crisis mechanism

 

The Commission and the Member States shall design a crisis mechanism to be activated in the event that a Member State is faced with organisational and financial difficulties. This mechanism shall guarantee that the development and integration of national systems, the completeness of the project planning, the interoperability with the VIS and the SIS Central Systems and the implementation of this Regulation are achieved simultaneously and in a timely manner. Furthermore, it shall ensure that all Member States fully participate in the system.

Justification

To ensure the full operation, it is crucial that all Member States can run the system independently from their financial situation.

Amendment    17

Proposal for a regulation

Article 34 b (new)

Text proposed by the Commission

Amendment

 

Article 34 b

 

Without prejudice to Article 58, the Commission shall ensure that each Member State is provided with sufficient financial support with a view to integrating the existing national border infrastructures with the EES via the National Uniform Interfaces. This financial support shall cover all national integration costs and expenses related to the implementation of this Regulation and shall be proportionate to the individual administrative needs of each Member State.

Amendment    18

Proposal for a regulation

Article 58 – paragraph 1

 

Text proposed by the Commission

Amendment

1.  The costs incurred in connection with the establishment and operation of the Central System, the Communication Infrastructure and the National Uniform Interface shall be borne by the general budget of the Union.

1.  The costs incurred in connection with the establishment and operation of the Central System, the Communication Infrastructure and the National Uniform Interface shall be borne by the general budget of the Union. Before starting the procurement procedure the Commission shall undertake a precise analysis of the technical requirements for the integration of existing national systems, of the technical standards, of the requirements concerning the content and the accessibility of the EES.

Justification

The digitalisation of border controls is a growing trend at national level in the EU and in third countries. 11 EU Schengen Members as well as Bulgaria, Romania and the UK operate entry/exit-like systems usually limited to selected airports. However, experience with the development of other large-scale IT systems at EU level like the SIS II and VIS systems revealed that these initiatives experienced escalating costs. Therefore, it is important to clarify the costs as precise as possible beforehand in order to minimise the risk of cost overruns.

Amendment    19

Proposal for a regulation

Article 64 – paragraph 2

 

Text proposed by the Commission

Amendment

2.  By [Six months after the entry into force of this Regulation – OPOCE, please replace with the actual date] and every six months thereafter during the development phase of the EES, eu-LISA shall submit a report to the European Parliament and the Council on the state of play of the development of the Central System, the Uniform Interfaces and the Communication Infrastructure between the Central System and the Uniform Interfaces. Once the development is finalised, a report shall be submitted to the European Parliament and the Council explaining in detail how the objectives, in particular relating to planning and costs, were achieved as well as justifying any divergences.

2.  By [Six months after the entry into force of this Regulation – OPOCE, please replace with the actual date] and every six months thereafter during the development phase of the EES, eu-LISA shall submit a report to the European Parliament and the Council on the state of play of the development of the Central System, the Uniform Interfaces and the Communication Infrastructure between the Central System and the Uniform Interfaces. The report shall include an overview of budgetary and cost developments with a detailed technical and financial assessment, precise information on cost increases and changes in design requirements and the reasons for these divergences. Where the crisis mechanism is triggered, the report shall state the reasons for and ramifications of the triggering. Once the development is finalised, a report shall be submitted to the European Parliament and the Council explaining in detail how the objectives, in particular relating to planning and costs, were achieved as well as justifying any divergences.

Justification

Experience with the development of other large-scale IT systems at EU level like the SIS II and VIS systems revealed that these initiative experienced long delays and escalating costs. To ensure full parliamentary scrutiny and oversight of the process and to minimise the risk of cost overruns and delays, it is suggested that the eu.LISA’s reporting back to the Parliament and the Council during the development of the EES, will include an obligatory update on budgetary and cost developments

Amendment    20

Proposal for a regulation

Article 64 – paragraph 5

 

Text proposed by the Commission

Amendment

5.  Three years after the start of operations of the EES and every four years thereafter, the Commission shall produce an overall evaluation of the EES. This overall evaluation shall include an examination of results achieved against objectives and the impact on fundamental rights, and assessing the continuing validity of the underlying rationale, the application of the Regulation, the security of the EES and any implications on future operations, and shall make any necessary recommendations. The Commission shall transmit the evaluation report to the European Parliament and the Council.

5.  Three years after the start of operations of the EES and every four years thereafter, the Commission shall produce an overall evaluation of the EES. This overall evaluation shall include an examination of results achieved against objectives and the impact on fundamental rights, and assessing the continuing validity of the underlying rationale, the application of the Regulation, the security of the EES and any implications, in particular those with a budgetary impact, on future operations, and shall make any necessary recommendations. The Commission shall transmit the evaluation report to the European Parliament and the Council.

Justification

To ensure full parliamentary scrutiny, budgetary oversight and planning and in order to detect possible changes with a budgetary impact as early as possible, it is suggested that the overall evaluations include an overview of possible budgetary implications of future operations.

PROCEDURE – COMMITTEE ASKED FOR OPINION

Title

Establishing an Entry/Exit System (EES) to register entry and exit data and refusal of entry data of third country nationals crossing the external borders of the Member States of the EU and determining the conditions for access to the EES for law enforcement purposes

References

COM(2016)0194 – C8-0135/2016 – 2016/0106(COD)

Committee responsible

       Date announced in plenary

LIBE

9.5.2016

 

 

 

Opinion by

       Date announced in plenary

BUDG

9.5.2016

Rapporteur

       Date appointed

Monika Hohlmeier

25.4.2016

Date adopted

8.12.2016

 

 

 

Result of final vote

+:

–:

0:

19

11

0

Members present for the final vote

Nedzhmi Ali, Richard Ashworth, Jean-Paul Denanot, Gérard Deprez, José Manuel Fernandes, Eider Gardiazabal Rubial, Ingeborg Gräßle, Monika Hohlmeier, Zbigniew Kuźmiuk, Vladimír Maňka, Clare Moody, Paul Rübig, Petri Sarvamaa, Patricija Šulin, Eleftherios Synadinos, Indrek Tarand, Monika Vana, Marco Zanni

Substitutes present for the final vote

Xabier Benito Ziluaga, Bill Etheridge, Ivana Maletić, Andrey Novakov, Nils Torvalds, Derek Vaughan, Tomáš Zdechovský

Substitutes under Rule 200(2) present for the final vote

Clara Eugenia Aguilera García, José Blanco López, Valentinas Mazuronis, József Nagy, Claudia Schmidt

PROCEDURE – COMMITTEE RESPONSIBLE

Title

Establishing an Entry/Exit System (EES) to register entry and exit data and refusal of entry data of third country nationals crossing the external borders of the Member States of the EU and determining the conditions for access to the EES for law enforcement purposes

References

COM(2016)0194 – C8-0135/2016 – 2016/0106(COD)

Date submitted to Parliament

6.4.2016

 

 

 

Committee responsible

       Date announced in plenary

LIBE

9.5.2016

 

 

 

Committees asked for opinions

       Date announced in plenary

BUDG

9.5.2016

 

 

 

Rapporteurs

       Date appointed

Agustín Díaz de Mera García Consuegra

20.4.2016

 

 

 

Discussed in committee

24.5.2016

8.12.2016

27.2.2017

 

Date adopted

27.2.2017

 

 

 

Result of final vote

+:

–:

0:

38

7

1

Members present for the final vote

Caterina Chinnici, Daniel Dalton, Agustín Díaz de Mera García Consuegra, Frank Engel, Tanja Fajon, Raymond Finch, Kinga Gál, Ana Gomes, Nathalie Griesbeck, Jussi Halla-aho, Brice Hortefeux, Eva Joly, Dietmar Köster, Barbara Kudrycka, Juan Fernando López Aguilar, Roberta Metsola, Claude Moraes, József Nagy, Soraya Post, Judith Sargentini, Birgit Sippel, Branislav Škripek, Csaba Sógor, Sergei Stanishev, Bodil Valero, Marie-Christine Vergiat, Josef Weidenholzer, Cecilia Wikström, Kristina Winberg

Substitutes present for the final vote

Carlos Coelho, Ignazio Corrao, Gérard Deprez, Jeroen Lenaers, Angelika Mlinar, Salvatore Domenico Pogliese, Christine Revault D’Allonnes Bonnefoy, Barbara Spinelli, Jaromír Štětina

Substitutes under Rule 200(2) present for the final vote

Carlos Iturgaiz, Josu Juaristi Abaunz, Seán Kelly, Verónica Lope Fontagné, Antonio López-Istúriz White, Ivana Maletić, Christel Schaldemose, Martina Werner

Date tabled

8.3.2017

FINAL VOTE BY ROLL CALL IN COMMITTEE RESPONSIBLE

38

+

ALDE

Gérard Deprez, Nathalie Griesbeck, Angelika Mlinar, Cecilia Wikström

ECR

Jussi Halla-aho, Branislav Škripek

EFDD

Ignazio Corrao, Kristina Winberg

PPE

Carlos Coelho, Agustín Díaz de Mera García Consuegra, Frank Engel, Kinga Gál, Brice Hortefeux, Carlos Iturgaiz, Seán Kelly, Barbara Kudrycka, Jeroen Lenaers, Verónica Lope Fontagné, Antonio López-Istúriz White, Ivana Maletić, Roberta Metsola, József Nagy, Salvatore Domenico Pogliese, Csaba Sógor, Jaromír Štětina

S&D

Caterina Chinnici, Tanja Fajon, Ana Gomes, Dietmar Köster, Juan Fernando López Aguilar, Claude Moraes, Soraya Post, Christine Revault D'Allonnes Bonnefoy, Christel Schaldemose, Birgit Sippel, Sergei Stanishev, Josef Weidenholzer, Martina Werner

7

-

EFDD

Raymond Finch

GUE/NGL

Josu Juaristi Abaunz, Barbara Spinelli, Marie-Christine Vergiat

Verts/ALE

Eva Joly, Judith Sargentini, Bodil Valero

1

0

ECR

Daniel Dalton

Key to symbols:

+  :  in favour

-  :  against

0  :  abstention