52009PC0342

[pic] | COMMISSION OF THE EUROPEAN COMMUNITIES |

Brussels, 10.9.2009

COM(2009) 342 final

2008/0242 (COD)

Amended proposal for a

REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

concerning the establishment of 'EURODAC' for the comparison of fingerprints for the effective application of Regulation (EC) No […/…] [establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person]

(Recast version)

{COM(2009) 344 final}{SEC(2009) 936}{SEC(2009) 937}

EXPLANATORY MEMORANDUM

INTRODUCTION

EURODAC was established by Regulation (EC) No 2725/2000 concerning the establishment of "Eurodac" for the comparison of fingerprints for the effective application of the Dublin Convention [1] . A recast proposal which aimed at amending this Regulation was adopted by the Commission in December 2008 [2] (hereafter the December 2008 proposal).

This proposal was designed to ensure a more efficient use of the EURODAC database for the purpose of determining the Member State responsible for examining an asylum claim (i.e. provide a more efficient support to the application of the Dublin Regulation) and to properly address data protection concerns.

It also aligned the IT management framework to that of the SIS II and VIS Regulations by providing for the taking over of the tasks of the operational management for EURODAC by the future Agency for the operational management of large-scale IT systems in the area of freedom, security and justice[3] (hereinafter: IT Agency).

The December 2008 proposal also proposed to repeal the Implementing Regulation and to include its content in the EURODAC Regulation.

Finally, changes were introduced to take into account developments in the asylum acquis and technical progress which took place since the adoption of the Regulation in 2000.

The proposal was sent to European Parliament and the Council on 3 December 2008. The European Parliament referred the proposal to its Committee on Civil Liberties, Justice and Home Affairs (LIBE).

At its sitting on 7 May 2009, the European Parliament adopted a legislative resolution[4] endorsing the Commission proposal subject to a number of amendments.

Amended proposal

The current proposal amends the December 2008 proposal in order to, on the one hand, take into account the resolution of the European Parliament and the results of negotiations in the Council, and, on the other hand, introduce the possibility for Member States' law enforcement authorities and Europol to access the EURODAC central database for the purposes of prevention, detection and investigation of terrorist offences and other serious criminal offences.

In case a person suspected to have committed an act of terrorism or a serious crime has been previously registered as an asylum seeker but is not in any other database or is only registered with alphanumerical data (which might be incorrect, for example if that person has given a wrong identity or used forged documents), the only information available to identify him/her might be the biometric information contained in EURODAC.

The intention is now to allow consultation of EURODAC by law enforcement authorities for the purpose of prevention, detection and investigation of terrorist offences and other serious criminal offences. In order to do this it is necessary to amend the EURODAC Regulation to include explicitly this additional purpose.

Therefore, the current proposal introduces a bridging clause to permit this access for law enforcement purpose as well as the necessary accompanying provisions and amends the December 2008 proposal.

Comparison of fingerprints in possession of Member States' designated law enforcement authorities and Europol with those stored in the EURODAC database will only be possible in case of necessity of such comparison in a specific case under well-defined circumstances. Provisions on access to data and data security take into account access for law enforcement purposes.

Since the European Parliament issued its report on the recast proposal in first reading on7 May 2009, it is understood that it should have the possibility of issuing a new report in first reading on the current proposal which includes the content of the December 2008 proposal alongside the abovementioned modifications.

This proposal is presented at the same time as the Proposal for a Council Decision on requesting comparisons with EURODAC data by Member States' law enforcement authorities and Europol for law enforcement purposes (hereafter: Council Decision No […/…]JHA [EURODAC law enforcement Decision , spelling out the exact modalities of access for law enforcement purposes .

General context

The Hague Programme called for the improvement of the cross-border exchange of data by law enforcement authorities, also by extending the access to existing data filing systems of the European Union.

The conclusions of the Mixed Committee of the JHA Council of 12-13 June 2007 invited the Commission to present as soon as possible the necessary proposals to achieve the aim of granting access under certain conditions to EURODAC to Member States' law enforcement authorities and Europol, to assist them in the course of their duties in relation to the prevention, detection and investigation of terrorist offences and other serious criminal offences.

The impacts of the access for law enforcement purposes introduced in the present amended proposal are assessed by an Impact Assessment attached to this proposal.

CONSISTENCY WITH OTHER POLICIES

This proposal is fully in line with the Hague programme of 2004, the European Pact on Immigration and Asylum endorsed by the European Council of 15-16 October 2008 and the Charter of Fundamental Rights of the European Union, in particular as regards the right to asylum and protection of personal data.

Furthermore, this proposal is in line with the Commission's Communication to the Council and the European Parliament on improved effectiveness, enhanced interoperability and synergies among European databases in the area of Justice and Home Affairs [5] , which noted that the Council and the law enforcement community identifies the absence of access by internal security authorities to VIS, SIS II immigration and EURODAC data as a shortcoming, which results in a serious gap in the identification of suspected perpetrators of terrorist or serious crimes. Since the adoption of the Communication in 2005, the VIS Decision was adopted in order to grant law enforcement authorities and Europol access to that database.

Compliance with the Charter of Fundamental Rights

During the drafting exercise, due attention was given to fundamental rights. The right to asylum and protection of personal data were considered in the Impact Assessment attached to the proposal.

As regards the right to asylum, amendments to the provisions of the Regulation on the information to be given to asylum seekers on the application of the Dublin system enables them to effectively exercise their right to asylum. The new provision that requires Member States to indicate in EURODAC the fact that they apply the discretionary clauses of the Dublin Regulation, facilitates communication amongst Member States and therefore prevents uncertainty for the asylum seeker, by making clarity about which Member States handles his case. As regards the protection of personal data, by allowing for efficient management of deletions of data , the proposal ensures that no data should be kept in a form which allows the identification of data subjects for longer than is necessary for the purposes for which data were collected. The same principle is underpinning the amendment aligning the storage period for data on third country nationals or stateless persons fingerprinted in connection with the irregular crossing of an external border with the period until which the Dublin Regulation allocates responsibility on the basis of that information.

With regard to the special situation of persons seeking international protection, for instance, the concern was raised that data extracted from EURODAC for law enforcement purposes could end up in the hands of the countries from which the applicants fled and fear persecution. This could have adverse effects on the applicant, his relatives and friends, thus potentially discouraging refugees from formally applying for international protection in the first place. As a result of this scrutiny, the proposal contains a specific prohibition of sharing personal data obtained pursuant to this proposal with third countries, organisations or entities. In addition, an extensive monitoring and evaluation mechanism of the proposal is foreseen. This evaluation will include whether the operation of the search functionality for law enforcement purposes will have led to the stigmatisation of persons seeking international protection. Furthermore, in order to ensure that the processing of personal data for law enforcement purposes does not contravene the fundamental right to the protection of personal data, in particular the necessity and the proportionality, the proposal sets out strict conditions with regard to the access to EURODAC data by law enforcement authorities, which excludes that the EURODAC database be searched on a routine basis. The proposal also prohibits the further processing for law enforcement purposes by clearly defining the kind of crimes which will allow access to EURODAC. It also lays down strict security measures to ensure the security of personal data processed and establishes supervision of the processing activities by independent public data protection authorities. The proposal also states that Directive 95/46/EC and Regulation 45/2001/EC apply to the processing of personal data carried out under the Regulation and that the processing of personal data carried out by law enforcement authorities on EURODAC data once have been extracted is subject to Council Framework Decision 2008/977/JHA.

Therefore, this proposal is fully in line with the Charter of Fundamental Rights of the European Union, in particular as regards the right to asylum (Article 18) and protection of personal data (Article 8) and has to be applied accordingly.

CONSULTATION OF INTERESTED PARTIES

The Commission published the Green Paper on the future Common European Asylum System[6] in June 2007, which proposed options concerning the future features of the Dublin and EURODAC Regulations. In the framework of the wide public consultation on the Green Paper, 89 contributions were received from a wide range of stakeholders.

The Commission services discussed the outcome of the Evaluation Report and the outline of the planned amendments to the Regulation with the Member States in the Committee on Immigration and Asylum (CIA) in March 2008 as well as in two informal expert meetings with Member States’ practitioners dedicated to the conclusions of the Evaluation Report in October 2007 and April 2008.

UNHCR, the European Council on Refugees and Exiles (ECRE) as well as the EDPS were also informally consulted in the preparation of the amendment of the Regulation.

During the drafting of the present amended proposal, the Commission consulted the States applying the Dublin acquis, i.e. the Member States, Iceland, Norway and Switzerland, as well as to Europol by way of two questionnaires and an expert meeting which took place in Brussels on 25-26 September 2007, during which the experts had the opportunity to clarify the replies to the questionnaire and express further views. Several intergovernmental organisations, non-governmental organisations and other experts working in the area of asylum, fundamental rights were consulted during a meeting in Brussels on 8 October 2007. Representatives of the national data protection authorities of the States that implement the Dublin acquis , as well as the Joint Supervisory Body of Europol and the European Data Protection Supervisor were consulted in the framework of a meeting held in Brussels on 11 October 2007.

A detailed list of consulted parties is included in the Impact Assessment attached to this proposal.

Legal basis

This proposal amends the Commission Proposal for a Regulation of the European Parliament and of the Council concerning the establishment of 'Eurodac' for the comparison of fingerprints for the effective application of Regulation (EC) No […/…] [establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person] - COM(2008) 825.

The present amended proposal uses the same legal base as the original proposal, namely Article 63(1)(a) of the Treaty establishing the European Community.

Title IV of the Treaty is not applicable to the United Kingdom and Ireland, unless those two countries decide otherwise, in accordance with the provisions set out in the Protocol on the position of the United Kingdom and Ireland attached to the Treaties.

The United Kingdom and Ireland are bound by Council Regulation (EC) No 343/2003 following their notice of their wish to take part in the adoption and application of that Regulation based on the above-mentioned Protocol. The position of these Member States with regard to the current Regulation does not affect their possible participation with regard to the amended Regulation.

In accordance with Articles 1 and 2 of the Protocol on the position of Denmark attached to the Treaties, Denmark does not take part in the adoption of this Regulation and is not bound by it nor subject to its application. However, given that Denmark applies the current Dublin Regulation, following an international agreement[7] that it concluded with the EC in 2006, it shall, in accordance with Article 3 of that agreement, notify the Commission of its decision whether or not to implement the content of the amended Regulation.

IMPACT OF THE PROPOSAL ON NON EU MEMBER STATES ASSOCIATED TO THE DUBLIN SYSTEM

In parallel to the association of several non-EU Member States to the Schengen acquis, the Community concluded, or is in the process of doing so, several agreements associating these countries also to the Dublin/EURODAC acquis:

- the agreement associating Iceland and Norway, concluded in 2001[8];

- the agreement associating Switzerland, concluded on 28 February 2008[9];

- the protocol associating Liechtenstein, signed on 28 February 2008[10].

In order to create rights and obligations between Denmark –which as explained above has been associated to the Dublin/EURODAC acquis via an international agreement – and the associated countries mentioned above, two other instruments have been concluded between the Community and the associated countries[11].

In accordance with the three above-cited agreements, the associated countries shall accept the Dublin/EURODAC acquis and its development without exception. They do not take part in the adoption of any acts amending or building upon the Dublin acquis (including therefore this proposal) but have to notify to the Commission within a given time-frame of their decision whether or not to accept the content of that act, once approved by the Council and the European Parliament. In case Norway, Iceland, Switzerland or Liechtenstein do not accept an act amending or building upon the Dublin/EURODAC acquis, the "guillotine" clause is applied and the respective agreements will be terminated, unless the Joint/Mixed Committee established by the agreements decides otherwise by unanimity.

Since the amendment of the EURODAC Regulation to include a bridging clause to allow law enforcement access constitutes a development of the Dublin/EURODAC acquis within the terms of the abovementioned agreements, the described procedure applies also as concerns this proposal.

SUBSIDIARITY PRINCIPLE

Due to the transnational nature of the problems related to asylum and refugee protection, the EU is well placed to propose solutions in the framework of the Common European Asylum System (CEAS) to the issues described above as problems regarding the EURODAC Regulation. Although an important level of harmonization was reached in the Regulation adopted in 2000, there is still room for developing the support that EURODAC provides to the implementation of the Dublin Regulation. The need for EU action regarding the management of an EU database which was created for assisting in the implementation of a Regulation dealing with transnational movements of asylum seekers seems clear.

An amendment of the EURODAC Regulation is also required in order to add a secondary purpose thereto, namely allow access for the purpose to fight against terrorism and crime to data stored in the EURODAC central database. This objective cannot be sufficiently achieved by the Member States, since such amendment can only be proposed by the Commission.

Proportionality principle

The impact assessment published along with the December 2008 proposal[12] assessed each sub-option regarding the problems identified so as to represent an ideal proportion between practical value and efforts needed. It concluded that opting for EU action does not go beyond what is necessary to achieve the objective of solving those problems.

The relevant Impact Assessment concluded that access of law enforcement authorities to EURODAC is the only timely, accurate, secure and cost-efficient way to identify whether and if so, where data about asylum seekers are available in the Member States. No reasonable efficient alternative to EURODAC exists to establish or verify the exact identity of an asylum seeker that allows law enforcement authorities to obtain the same result.

DETAILED EXPLANATION OF THE PROPOSAL

Modifications introduced following the European Parliament resolution

In its legislative resolution, the European Parliament broadly supported the Commission proposal and proposed mostly editorial amendments along with some substantial ones. The amendments are for the most part acceptable or partly acceptable, with some exceptions. The position of the Commission on each the amendments is detailed hereafter.

Amendments accepted

Amendments 3, 5, 6, 10, 13, 15, 19, 20, 21, 22, 26, 27, 30, 39

These amendments are accepted since they aim to correct inaccuracies and ensure consistency of the proposal.

Amendments 12 and 29

These amendments are inserted in a new Article 8 (information on the status of the data subject) which merges Article 6(2) and 17(6) of the December 2008 proposal.

Amendment 16, 17 and 18

Although with slightly different wording, the substance of these amendments is accepted in article 12.

Amendment 35

This amendment, aiming to ensure that information is provided to the persons concerned 'in a language he or she understands or may reasonably be presumed to understand', is accepted in Article 25(1).

Amendments 37 and 38

These amendments are accepted since they contain clarifications of text concerning rights of the data subject (Article 25 of the present proposal).

Amendments partly accepted

Amendment 1

As it appears from recital 2 of the present proposal, this amendment is accepted as far as a reference to " international protection" is concerned, but not as far as the deletion of the expression "forced by circumstances" is concerned, for reasons of consistency with Council Directive 2005/85/EC of 1 December 2005 on minimum standards on procedures in Member States for granting and withdrawing refugee status[13].

Amendment 11

The first part of the amendment, which splits the deadline for taking and sending fingerprints in two parts, is not acceptable, since such an approach could create practical difficulties for Member States. However, it is accepted to extend the deadline for transmission to 72 hours (in conformity with the EP proposal of 48 hours plus 24 hours) and Article 7 is modified accordingly. The second part of the amendments which proposes exceptions to the general rule is generally acceptable, but a different wording is proposed in order to take into account the results of the discussion in the Council.

Amendment 25

The first part of the amendment adding a new reference to the reference number used when searching a transaction on a third country national or stateless person found illegally present in a Member State is accepted (in Article 18(3) of the present proposal).

Amendment 42

The wording of this amendment is reflected in Article 5(4).

Amendments which cannot be accepted

Amendment 4 and 14

The amendments on Article 9 and the related recital 11 of the December 2008 proposal (recital 17 and Article 11 in the present proposal) suggest that persons who obtained long term residence status in accordance with Council Directive 2003/109/EC of 25 November 2003 concerning the status of third-country nationals who are long-term residents[14] (Long-term Residence Directive) be erased from EURODAC. The Long-term Residence Directive explicitly excludes from its scope of application the applicants and beneficiaries of international protection: for this reason it is not possible to accept those amendments. In addition, these amendments cannot be considered admissible since they are introduced in the text untouched by the recast .

Amendment 8

The amendment is not accepted since the purpose of Article 5 paragraph 7 is not to determine the scope of the IT Agency, but to clarify that the Management Authority referred to in the present Regulation is the same as the one referred to in the SIS II and VIS Regulations.

Amendment 9

This amendment (related to Article 5 of the present proposal) is not accepted since its subject is relevant for the proposal on the establishment of the IT Agency and not for this one.

Amendment 23

The amendment, which proposes to add a reference to some additional articles of Council Directive 2004/83/EC of 29 April 2004 on minimum standards for the qualification and status of third country nationals or stateless persons as refugees or as persons who otherwise need international protection and the content of the protection granted [15] in Article 16 (2) of the present proposal, is not considered necessary, as those situations are already covered in the current drafting.

Amendment 28

The amendment aims at introducing the obligation to inform the EDPS of each 'false hit'. Since it is the task of the national data protection authorities and not of the EDPS to directly monitor the everyday operation of the system, this amendment (not requested by the EDPS in his opinion on the proposal) is not accepted.

Amendment 31

This amendment aims at introducing a provision prohibiting the transfer of data to authorities of third countries. By stipulating that only MSs' designated authorities can have access to EURODAC and by explicitly forbidding, in its Article 22, the transfer of such data to third countries, the Regulation in force is already clear that such data cannot be accessed by third countries. Therefore this amendment is not accepted because it is not needed and actually it might give the impression that previously it was possible to transfer data to third countries.

Amendment 32

This amendment aims at introducing a requirement that the Management Authority lay down "a common set of requirements to be fulfilled by persons in order to be granted authorisation to access EURODAC". The suggested provision is unclear and could create unnecessary administrative burden for the Management Authority, since the screening of personnel accessing EURODAC is more efficiently performed at national level.

Amendment 33

This amendment aims at introducing an obligation for Member States to notify changes in their list of authorities within a maximum of 30 days after the change took effect. This is regarded as an unnecessary burden and the deadline proposed as unrealistic. In addition, it is not in line with similar provision in the Dublin Regulation.

Amendment 40

This amendment aims to ensure the supervision of the Management Authority by the EDPS. This is not the subject matter of the EURODAC Regulation .

Modifications introduced following the outcome of negotiations in the Council

Article 8

This new Article was introduced in order to provide information to Member States on the status of the data subject. First of all, it includes provisions which already figured in the December 2008 proposal, namely Article 6(2) and Article 17(6) thereof, which refer to information on persons transferred following a take back procedure and the application of the sovereignty clause of the Dublin Regulation. In addition, the article foresees that Member States are also informed if a given person, whose data is stored in the database, was transferred following a take charge procedure, or if he or she left the territory of the Member States, either voluntarily or as the result of a return decision or removal order.

This new Article will therefore facilitate Member States' task to determine the Member State responsible under the Dublin Regulation.

Article 12

The modifications introduced in this article aim to clearly spell out which third country nationals or stateless persons have to be fingerprinted and at what point in time. The introduced change will help harmonising practices between Member States and ensure that as soon as a person is allowed entry on the territory of the Member States, his/her fingerprints need to be taken and sent to the EURODAC database.

Article 30

Until the start of operation of the IT Agency, the Commission will continue to produce the two types of reporting foreseen in the Regulation in force, ie. the annual reports (containing the analysis of annual statistics) and the evaluation reports (along with the respective evaluation of the Dublin Regulation).

Other changes

Modifications were also introduced to recitals 3, 19 and 32 and Articles 5 (1) and (4), and 19 (1) in order to take into account drafting suggestions put forward during the negotiations in Council which the Commission considered could be accepted.

Modifications to allow access for law enforcement purposes

Article 1

Paragraph 2 is amended in order to reflect the addition of a new purpose of the system.

Article 2

Paragraph 1(c)(iv) is added in order to ensure that the authorities designated for accessing EURODAC for a law enforcement purpose will also comply with the provisions on responsibility for data use and data security. In points (f) and (g), the National Access Point and verifying authority is defined.

Article 3

This new article introduces a bridging clause in order to allow access for law enforcement purposes by providing a link between a third pillar instrument (Council Decision No […/…]JHA [EURODAC law enforcement Decision] ) and the present first pillar Regulation.

Article 6

Points (i) and (j), introduce the obligation to collect statistics on the number of law enforcement searches and the number of hits these produced.

In order to better facilitate the purposes of law enforcement access, the present proposal entails a technical amendment to the EURODAC central system, ie. a new functionality to search on the basis of a so-called latent[16].

Article 13

In the second indent of paragraph 1, a reference is made to Article 3 in order to take note of the possibility of access for law enforcement purposes.

Article 19

The scope of paragraph 4 was extended in order to take note of the possibility of access for law enforcement purposes.

Article 22

The new paragraph 2 ensures the new type of search in the system: during access for law enforcement purposes, the data entered is searched against all fingerprints stored in the central database.

Article 25

The amendment of paragraph 1(b) ensures that upon taking his or her fingerprints, the data subject is also informed about the possibility of his or her data be accessed for law enforcement purposes.

Article 30

Paragraph 5 was amended in order to extend the overall evaluation of the EURODAC Regulation so as to include the mechanism of access for law enforcement purposes. This extended evaluation can examine in particular whether the mechanism introduced in Article 3 has been used in a proportionate manner, whether the rights of individuals have been duly safeguarded, and whether its application has led to stigmatisation of asylum seekers. The evaluation can also take account of the reports prepared by the European Data Protection Supervisor and the national data protection authorities, as well as the Joint Supervisory Body of Europol with regard to their supervisory tasks. In light of this evaluation the Commission may present appropriate proposals.

BUDGETARY IMPLICATIONS

The present proposal entails a technical amendment to the EURODAC central system in order to provide for the possibility to carry out comparisons for law enforcement purposes. A new functionality to search on the basis of a latent is also proposed.

The financial statement attached to this proposal is also valid for the proposal concerning the request for comparison with EURODAC data by Member States' law enforcement authorities and by Europol for the purposes of prevention, detection and investigation of terrorist offences and other serious criminal offences - COM(2009) 344.

The cost estimate of 2,415 million euros includes costs of 3 years of technical maintenance, and consists of IT-related services, software and hardware and would cover the upgrade and customisation to allow searches for law enforcement purposes and also the changes for the original asylum purpose unrelated to law enforcement access. The amounts of the EURODAC recast proposal adopted on 3 December 2008 are kept in the present financial statement for the sake of clarity.

ê 2725/2000/EC (adapted)

2008/0242 (COD)

Amended proposal for a

REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

concerning the establishment of 'EURODAC' for the comparison of fingerprints for the effective application of the Dublin Convention Ö Regulation (EC) No […/…] [establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person] Õ

THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION,

Having regard to the Treaty establishing the European Community, and in particular Article 63 point (1)(a) thereof,

Having regard to the proposal from the Commission[17],

Acting in accordance with the procedure laid down in Article 251 of the Treaty[18],

Whereas

ò new

(1) A number of substantive changes are to be made to Council Regulation (EC) No 2725/2000 of 11 December 2000 concerning the establishment of "Eurodac" for the comparison of fingerprints for the effective application of the Dublin Convention[19] and Council Regulation (EC) No 407/2002 of 28 February 2002 laying down certain rules to implement Regulation (EC) No 2725/2000 concerning the establishment of "Eurodac" for the comparison of fingerprints for the effective application of the Dublin Convention[20]. In the interest of clarity, those Regulations should be recast.

ê 2725/2000/EC recital 1

(1) Member States have ratified the Geneva Convention of 28 July 1951, as amended by the New York Protocol of 31 January 1967, relating to the Status of Refugees.

ê 2725/2000/EC recital 2 (adapted)

(2) Member States have concluded the Convention determining the State responsible for examining applications for asylum lodged in one of the Member States of the European Communities, signed in Dublin on 15 June 1990 (hereinafter referred to as "the Dublin Convention").

ò new

(2) A common policy on asylum, including a Common European Asylum System, is a constituent part of the European Union's objective of progressively establishing an area of freedom, security and justice open to those who, forced by circumstances, legitimately seek international protection in the Community.

(3) The European Council of 4 November 2004 adopted The Hague Programme which sets the objectives to be implemented in the area of freedom, security and justice in the period 2005-2010. The European Pact on Immigration and Asylum endorsed by the European Council of 15-16 October 2008 called for the completion of the establishment of a Common European Asylum System by creating a single asylum procedure comprising common guarantees and a uniform status for refugees and the beneficiaries of subsidiary protection.

(4) The Hague Programme called for the improvement of access to existing data filing systems of the European Union.

(5) In its Communication to the Council and the European Parliament on improved effectiveness, enhanced interoperability and synergies among European data bases in the area of Justice and Home Affairs[21] of 24 November 2005 the Commission indicated that authorities responsible for internal security could have access to EURODAC in well defined cases, where there is a substantiated suspicion that the perpetrator of a terrorist offence or other serious criminal offence has applied for asylum.

(6) In order to prevent, detect and investigate terrorist offences and other serious criminal offences, it should be possible to access fingerprint data stored in the EURODAC central database for law enforcement purposes.

(7) Such access should only be granted to law enforcement authorities designated by Member States and to Europol in specific, well-defined cases where no other, less intrusive measures are available and only after the Member States have consulted their national databases and have followed the procedure laid down in Council Decision 2008/615/JHA of 23 June 2008 on the stepping up of cross-border cooperation, particularly in combating terrorism and cross-border crime[22].

(8) No mass comparison of fingerprints for the purposes of prevention, detection or investigation of terrorist offences and of other serious criminal offences should be conducted in EURODAC.

ê 2725/2000/EC recital 3 (adapted)

ð new

(9) For the purposes of applying the Dublin Convention Ö Council Regulation (EC) No […/…] [establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person][23]Õ, it is necessary to establish the identity of applicants for asylum ð international protection ï and of persons apprehended in connection with the unlawful crossing of the external borders of the Community. It is also desirable, in order effectively to apply the Dublin Convention Ö Council Regulation (EC) No […/…] [establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person] Õ, and in particular points (c) and (e) (b) and (d) of Article 10(1)18(1) thereof, to allow each Member State to check whether an alien Ö third country national or stateless person Õ found illegally present on its territory has applied for asylum ð international protection ï in another Member State.

ê 2725/2000/EC recital 4

(10) Fingerprints constitute an important element in establishing the exact identity of such persons. It is necessary to set up a system for the comparison of their fingerprint data.

ê 2725/2000/EC recital 5

ð new

(11) To this end, it is necessary to set up a system known as ""EurodacEURODAC", consisting of a Central Unit ð System ï, to be established within the Commission and which will operate a computerised central database of fingerprint data, as well as of the electronic means of transmission between the Member States and the central database ð Central System ï.

ò new

(12) In view of ensuring equal treatment for all applicants and beneficiaries of international protection, as well as in order to ensure consistency with current EU asylum acquis, in particular with Council Directive 2004/83/EC of 29 April 2004 on minimum standards for the qualification and status of third country nationals or stateless persons as refugees or as persons who otherwise need international protection and the content of the protection granted and Regulation (EC) No […/…] [establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person], it is appropriate to extent the scope of this Regulation to order to include applicants for subsidiary protection and persons enjoying subsidiary protection.

ê 2725/2000/EC recital 6 (adapted)

ð new

(13) It is also necessary to require the Member States promptly to take ð and transmit ï fingerprints ð data ï of every applicant for asylum ð international protection ï and of every alien Ö third country national or stateless person Õ who is apprehended in connection with the irregular crossing of an external border of a Member State, if they are at least 14 years of age.

ê 2725/2000/EC recital 7 (adapted)

ð new

(14) It is necessary to lay down precise rules on the transmission of such fingerprint data to the Central Unit ð System ï , the recording of such fingerprint data and other relevant data in the Central Unit ð System ï , their storage, their comparison with other fingerprint data, the transmission of the results of such comparison and the blockingð marking ï and erasure of the recorded data. Such rules may be different for, and should be specifically adapted to, the situation of different categories of aliens Ö third country national or stateless persons Õ.

ò new

(15) Hits obtained from EURODAC should be verified by a fingerprint expert in order to ensure both the accurate determination of responsibility under Regulation (EC) No […/…] [establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person] and the exact identification of the criminal suspect whose data might be stored in EURODAC.

ê 2725/2000/EC recital 8 (adapted)

ð new

(16) Aliens Ö Third country nationals or stateless persons Õ who have requested asylum ð international protection ï in one Member State may have the option of requesting asylum ð international protection ï in another Member State for many years to come. Therefore, the maximum period during which fingerprint data should be kept by the Central Unit ð System ï should be of considerable length. Given that most aliens Ö third country nationals or stateless persons Õ who have stayed in the Community for several years will have obtained a settled status or even citizenship of a Member State after that period, a period of ten years should be considered a reasonable period for the conservation of fingerprint data.

ê 2725/2000/EC recital 9 (adapted)

(17) The conservation period should be shorter in certain special situations where there is no need to keep fingerprint data for that length of time. Fingerprint data should be erased immediately once aliens Ö third country nationals or stateless persons Õ obtain citizenship of a Member State.

ò new

(18) It is appropriate to store data relating to those data subjects whose fingerprints were initially recorded in EURODAC upon lodging their applications for international protection and who have been granted international protection in a Member State in order to allow data recorded upon lodging an application for international protection to be compared against them.

(19) In the long term, and following an impact assessment, containing a substantive analysis of alternatives from financial, operational and organisational perspective, the establishment of a Management Authority responsible for the operational management of EURODAC should be foreseen. Until then, the Commission should remain responsible for the management of the Central System and for the Communication Infrastructure .

ê 2725/2000/EC recital 10 (adapted)

ð new

(20) It is necessary to lay down clearly the respective responsibilities of the Commission ð and the Management Authority ï , in respect of the Central Unit ð System ï ð and the Communication Infrastructure ï, and of the Member States, as regards data use, data security, access to, and correction of, recorded data.

ò new

(21) It is necessary to draw up statistics on the number of comparisons requested for law enforcement purposes, as well as the number of hits such requests produced in EURODAC.

(22) The data subject should be informed of the possibility that his data will be searched by law enforcement authorities for the purposes of prevention, detection and investigation of terrorist offences and other serious criminal offences.

ê 2725/2000/EC recital 11

(23) While the non-contractual liability of the Community in connection with the operation of the EurodacEURODAC system will be governed by the relevant provisions of the Treaty, it is necessary to lay down specific rules for the non-contractual liability of the Member States in connection with the operation of the system.

ê 2725/2000/EC recital 12

(24) In accordance with the principle of subsidiarity as set out in Article 5 of the Treaty, the objective of the proposed measures, namely the creation within the Commission of a system for the comparison of fingerprint data to assist the implementation of the Community's asylum policy, cannot, by its very nature, be sufficiently achieved by the Member States and can therefore be better achieved by the Community. In accordance with the principle of proportionality as set out in the said Article, this Regulation does not go beyond what is necessary to achieve that objective.

ê 2725/2000/EC recital 15 (adapted)

(25) Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data[24] applies to the processing of personal data by the Member States Ö carried out in application of this Regulation Õ within the framework of the Eurodac system.

ê 2725/2000/EC recital 16

(16) By virtue of Article 286 of the Treaty, Directive 95/46/EC also applies to Community institutions and bodies. Since the Central Unit will be established within the Commission, that Directive will apply to the processing of personal data by that Unit.

ê 2725/2000/EC recital 17

(26) The principles set out in Directive 95/46/EC regarding the protection of the rights and freedoms of individuals, notably their right to privacy, with regard to the processing of personal data should be supplemented or clarified, in particular as far as certain sectors are concerned.

ò new

(27) Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data[25] should apply to the processing of personal data by the Community institutions and bodies carried out pursuant to this Regulation . However, certain points should be clarified in respect of the responsibility for the processing of data and of the supervision of data protection.

(28) It is appropriate that national supervisory authorities monitor the lawfulness of the processing of personal data by the Member States, whilst the European Data Protection Supervisor, appointed pursuant to Decision 2004/55/EC of the European Parliament and of the Council of 22 December 2003 appointing the independent supervisory body provided for in Article 286 of the EC Treaty[26], should monitor the activities of the Community institutions and bodies in relation to the processing of personal data in view of the limited tasks of the Community institutions and bodies with regard to the data themselves.

ê 2725/2000/EC recital 18

ð new

(29) It is appropriate to monitor and evaluate the performance of EurodacEURODAC ð at regular intervals ï.

ê 2725/2000/EC recital 19 (adapted)

ð new

(30) Member States should provide for a system of Öeffective, proportionate and dissuasiveÕ penalties to sanction the use of data ÖenteredÕ in the central database ð Central System ï contrary to the purpose of EurodacEURODAC.

ò new

(31) It is necessary that Member States are informed of the status of particular asylum procedures, with a view to facilitating the adequate application of Regulation (EC) No […/…] [establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person].

(32) This Regulation respects and has to be applied in accordance with fundamental rights and observes the principles recognised in particular by the Charter of Fundamental Rights of the European Union. In particular, this Regulation fully respects the protection of personal data and the right to asylum.

ê 2725/2000/EC recital 22 (adapted)

(33) It is appropriate to restrict the territorial scope of this Regulation so as to align it on the territorial scope of the Dublin Convention Ö Regulation (EC) No […/…] [establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person] Õ .

ê 2725/2000/EC (adapted)

ð new

HAVE ADOPTED THIS REGULATION:

CHAPTER I

GENERAL PROVISIONS

Article 1

Purpose of " EurodacEURODAC"

1. A system known as "EurodacEURODAC" is hereby established, the purpose of which shall be to assist in determining which Member State is to be responsible pursuant to the Dublin Convention Ö Regulation (EC) No […/…] [establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person] Õ for examining an application for asylum ð international protection ï lodged in a Member State ð by a third country national or a stateless person ï, and otherwise to facilitate the application of the Dublin Convention Ö Regulation Õ under the conditions set out in this Regulation

2. Eurodac shall consist of:

(a) the Central Unit referred to in Article 3;

(b) a computerised central database in which the data referred to in Article 5(1), Article 8(2) and Article 11(2) are processed for the purpose of comparing the fingerprint data of applicants for asylum and of the categories of aliens referred to in Article 8(1) and Article 11(1);

(c) means of data transmission between the Member States and the central database.3.2. Without prejudice to the use of data intended for EurodacEURODAC by the Member State of origin in databases set up under the latter's national law, fingerprint data and other personal data may be processed in EurodacEURODAC only for the purposes set out in Article 15(1)32(1) of the Dublin Convention Ö Regulation Õ ð and for the purpose of the prevention, detection and investigation of terrorist offences and other serious criminal offences, under the conditions set out in Article 3 of this Regulation and in Council Decision No […/…]JHA [EURODAC law enforcement Decision] ï.

Article 2

Definitions

1. For the purposes of this Regulation:

(a) "the Dublin Convention Ö Regulation Õ" means the Convention determining the State responsible for examining applications for asylum lodged in one of the Member States of the European Communities, signed at Dublin on 15 June 1990 Ö Regulation (EC) No […/…] [establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person] Õ;

(b) an "applicant for asylum ð international protection ï" means an alien Ö third-country national or a stateless person Õ who has made an application for asylum or on whose behalf such an application has been made ð international protection as defined in Article 2(g) of Council Directive 2004/83/EC in respect of which a final decision has not yet been taken ï;

(c) "Member State of origin" means:

(i) in relation to an applicant for asylum Ö person covered by Article 7 Õ , the Member State which transmits the personal data to the Central Unit ð System ï and receives the results of the comparison;

(ii) in relation to a person covered by Article 8 12 , the Member State which transmits the personal data to the Central Unit ð System ï ;

(iii) in relation to a person covered by Article 11 15 , the Member State which transmits such data to the Central Unit ð System ï and receives the results of the comparison;

ò new

(iv) in relation to the tasks covered by Article 17 and Article 21

- the Member State which transmits the personal data to the Central System and receives the results of the comparison,

- the Member States' and Europol's authorities designated in accordance with Article 4(1) and (4) of Council Decision No […/…]JHA [EURODAC law enforcement Decision] ;

ê 2725/2000/EC (adapted)

ð new

(d) "refugee" ð "person granted international protection" ï means a Ö third country national or a stateless Õ person who has been recognised as a refugee in accordance with the Geneva Convention on Refugees of 28 July 1951, as amended by the New York Protocol of 31 January 1967 ð entitled to international protection as defined in Article 2(a) of Council Directive 2004/83/EC ï;

(e) "hit" shall mean the existence of a match or matches established by the Central Unit ð System ï by comparison between fingerprint data recorded in the databank Ö central database Õ and those transmitted by a Member State with regard to a person, without prejudice to the requirement that Member States shall immediately check the results of the comparison pursuant to Article 4(6) 19(4).

ò new

(f) 'National Access Point' means the designated national system which communicates with the Central System.

(g) 'Verifying authority' means the single national body designated by a Member State or by Europol in accordance with Article 4 of Decision No […/…]JHA [EURODAC law enforcement Decision] .

ê 2725/2000/EC (adapted)

2. The terms defined in Article 2 of Directive 95/46/EC shall have the same meaning in this Regulation.

3. Unless stated otherwise, the terms defined in Article 1 2 of the Dublin Convention Ö Regulation Õ shall have the same meaning in this Regulation.

ò new

Article 3

Availability of data for the prevention, detection and investigation of terrorist offences and other serious criminal offences

1. Where comparison with data stored in its national fingerprint database and access to Automated Fingerprint Databases of other Member States under the Council Decision 2008/615/JHA of 23 June 2008 on the stepping up of cross-border cooperation, particularly in combating terrorism and cross-border crime[27] (Prüm Decision) return negative results, Member States' and Europol authorities designated in accordance with Article 3(1) and 5(2) of Decision No […/…]JHA [EURODAC law enforcement Decision] , may within the scope of their powers in case it is necessary in a specific case and following a reasoned written or a reasoned logged electronic request, ask for comparison of fingerprint data with data stored in the EURODAC central database referred to in Articles 9 and 12(2) if there are reasonable grounds to consider that consultation of data stored in the EURODAC central database will substantially contribute to the prevention, detection or investigation of terrorist offences and of other serious criminal offences.

2. The comparison referred to in paragraph 1 shall be carried out through the verifying authority referred to in Article 4 of Decision No […/…]JHA [EURODAC law enforcement Decision] .which screens and forwards requests by the designated authorities to the National Access Point. The verifying authority shall be responsible for ensuring that the conditions for requesting comparisons of fingerprints with EURODAC data established in Decision No […/…]JHA [EURODAC law enforcement Decision] are fulfilled. In an exceptional case of urgency, the verifying authority may receive reasoned written or reasoned logged electronic requests and only verify ex-post whether all the conditions for access are fulfilled, including whether an exceptional case of urgency existed. The ex-post verification shall take place without undue delay after the processing of the request.

3. Neither the hit, nor data obtained from EURODAC pursuant to Decision No […/…]JHA [EURODAC law enforcement Decision] shall be transferred or made available to a third country, international organisation or a private entity established in or outside the European Union.

4. Without prejudice to Article 23(2), the Central System shall not store the fingerprint data which is transmitted to it under this Article, and shall delete the data immediately upon completion of the transmission of the results of the comparison.

ê 2725/2000/EC (adapted)

Article 4

Central Unit Ö System architecture and basic principles Õ

1. A Central Unit shall be established within the Commission which shall be responsible for operating the central database referred to in Article 1(2)(b) on behalf of the Member States. The Central Unit shall be equipped with a computerised fingerprint recognition system.

ò new

1. EURODAC shall consist of:

(a) a computerised central fingerprint database (Central System) composed of

- a Central Unit,

- a Business Continuity System.

(b) a communication infrastructure between the Central System and Member States that provides an encrypted virtual network dedicated to EURODAC data (Communication Infrastructure).

2. Each Member State shall have a single National Access Point.

ê 2725/2000/EC (adapted)

ð new

2.3. Data on applicants for asylum, persons covered by Articles 8 and persons covered by Article 11 7, 12 and 15 which are processed in the Central Unit ð System ï shall be processed on behalf of the Member State of origin under the conditions set out in this Regulation Ö and separated by appropriate technical means Õ.

ê 2725/2000/EC Article 1(2) third subparagraph

ð new

4. The rules governing EurodacEURODAC shall also apply to operations effected by the Member States as from the transmission of data to the Central Unit ð System ï until use is made of the results of the comparison.

ê 2725/2000/EC Article 4(1) second sentence

ð new

5. The procedure for taking fingerprints shall be determined ð and applied ï in accordance with the national practice of the Member State concerned and in accordance with the safeguards laid down in ð the Charter of Fundamental Rights of the European Union, in the Convention for the Protection of Human Rights and Fundamental Freedoms and ï the European Convention on Human Rights and in the United Nations Convention on the Rights of the Child.

ò new

Article 5

Operational management by the Management Authority

1. A Management Authority, funded from the general budget of the European Union, shall be responsible for the operational management of EURODAC . The Management Authority shall ensure, in cooperation with the Member States, that at all times the best available technology, subject to a cost-benefit analysis, is used for the Central System.

2. The Management Authority shall also be responsible for the following tasks relating to the Communication Infrastructure:

(a) supervision;

(b) security;

(c) the coordination of relations between the Member States and the provider.

3. The Commission shall be responsible for all other tasks relating to the Communication Infrastructure, in particular:

(a) tasks relating to implementation of the budget;

(b) acquisition and renewal;

(c) contractual matters.

4. Before the Management Authority takes up its responsibilities, the Commission shall be responsible for all tasks attributed to the Management Authority by this Regulation .

5. Operational management of EURODAC shall consist of all the tasks necessary to keep EURODAC functioning 24 hours a day, 7 days a week in accordance with this Regulation, in particular the maintenance work and technical developments necessary to ensure that the system functions at a satisfactory level of operational quality, in particular as regards the time required for interrogation of the Central System.

6. Without prejudice to Article 17 of the Staff Regulations of Officials of the European Communities, the Management Authority shall apply appropriate rules of professional secrecy or other equivalent duties of confidentiality to all its staff required to work with EURODAC data. This obligation shall also apply after such staff leave office or employment or after the termination of their activities.

7. The Management Authority referred to in this Regulation shall be the Management Authority competent for SIS II under Regulation (EC) No 1987/2006 of the European Parliament and of the Council of 20 December 2006 on the establishment, operation and use of the second generation Schengen Information System (SIS II) and for VIS under Regulation (EC) No 767/2008 of the European Parliament and of the Council of 9 July 2008 concerning the Visa Information System (VIS) and the exchange of data between Member States on short-stay visas.

ê 2725/2000/EC (adapted)

ð new

Article 63

Ö Statistics Õ

3. The Central Unit Ö Management Authority Õ shall draw up statistics on its Ö the Õ work Ö of the Central System Õ every quarter ð month ï, indicating ð in particular ï :

(a) the number of data sets transmitted on persons referred to in Articles 7(1), 8(1) and 11(1) 12(1) and 15(1) ;

(b) the number of hits for applicants for asylum ð international protection ï who have lodged an application for asylum ð international protection ï in another Member State;

(c) the number of hits for persons referred to in Article 8(1) 10(1) who have subsequently lodged an application for asylum ð international protection ï;

(d) the number of hits for persons referred to in Article 11(1) 13(1) who had previously lodged an application for asylum ð international protection ï in another Member State;

(e) the number of fingerprint data which the Central Unit ð System ï had to ð repeatedly ï request a second time from the Member States of origin because the fingerprint data originally transmitted did not lend themselves to comparison using the computerised fingerprint recognition system;.

ò new

(f) the number of data sets marked in accordance with Article 16(1);

(g) the number of hits for persons referred to in Article 16(1);

(h) for whom hits have been recorded under (b),(c),(d) and (g);

(i) the number of comparisons requested in accordance with Article 3;

(j) the number of hits obtained in application of Article 3.

ê 2725/2000/EC

ð new

At the end of each year, statistical data shall be established in the form of a compilation of the ð monthly ï quarterly statistics drawn up since the beginning of Eurodac's activities ð for that year ï, including an indication of the number of persons for whom hits have been recorded under (b), (c), and (d) ð (g) and (i) ï .

The statistics shall contain a breakdown of data for each Member State.

4. Pursuant to the procedure laid down in Article 23(2), the Central Unit may be charged with carrying out certain other statistical tasks on the basis of the data processed at the Central Unit.

ê 2725/2000/EC (adapted)

ð new

CHAPTER II

APPLICANTS FOR ASYLUM Ö INTERNATIONAL PROTECTION Õ

Article 7 4

Collection, transmission and comparison of fingerprints

1. Each Member State shall promptly take the fingerprints of all fingers of every applicant for asylum ð international protection ï of at least 14 years of age and shall promptly ð as soon as possible and no later than 72 hours after the lodging of that application for international protection as defined by Article 20(2) of the Dublin Regulation ï transmit Ö them together with Õ the data referred to in points (a) (b) to (f) (g) of Article 5(1) 9 to the Central Unit ð System ï.

ò new

ð Non compliance with the 72 hours time limit does not relieve Member States of the obligation to take and transmit the fingerprints to the Central System. Where the condition of the fingertips does not allow to take the fingerprints in a quality ensuring appropriate comparison under Article 19 of this Regulation, the Member State of origin shall retake the fingerprints of the applicant and resend them as soon as possible and no later than 48 hours after they have been successfully taken. ï

ê 2725/2000/EC

(2) The data referred to in Article 5(1) shall be immediately recorded in the central database by the Central Unit, or, provided that the technical conditions for such purposes are met, directly by the Member State of origin.

ò new

2. By way of derogation from paragraph 1, where it is not possible to take the fingerprints of an applicant on account of measures taken to ensure the health of the applicant or the protection of public health, Member States shall take and send the fingerprints of the applicant as soon as possible and no later than 48 hours after these grounds no longer prevail.

ê 2725/2000/EC (adapted)

ð new

3. Fingerprint data within the meaning of point (b) (a) of Article 5(1) 9, transmitted by any Member State, Ö with exception to those transmitted in accordance with Article 8 point (b) Õ shall be compared ð automatically ï with the fingerprint data transmitted by other Member States and already stored in the Ccentral database ð System ï.

4. The Central Unit ð System ï shall ensure, on the request of a Member State, that the comparison referred to in paragraph 3 covers the fingerprint data previously transmitted by that Member State, in addition to the data from other Member States.

5. The Central Unit ð System ï shall forthwith ð automatically ï transmit the hit or the negative result of the comparison to the Member State of origin. Where there is a hit, it shall transmit for all data sets corresponding to the hit, the data referred to in Article 5(1) 9(a) to (ð g ï), although in the case of the data referred to in Article 5(1)(b), only insofar as they were the basis for the hit ð along with, where appropriate, the mark referred to in Article 16(1) ï.

Direct transmission to the Member State of origin of the result of the comparison shall be permissible where the technical conditions for such purpose are met.

7. The implementing rules setting out the procedures necessary for the application of paragraphs 1 to 6 shall be adopted in accordance with the procedure laid down in Article 22(1).

ò new

Article 8

Information on the status of the data subject

The following information shall be sent to the Central System in order to be stored in accordance with Article 10 for the purpose of transmission under Article 7(5):

(a) When an applicant for international protection or another person as referred to in Article 18(1)(d) of the Dublin Regulation arrives in the responsible Member State following a transfer pursuant to a decision acceding to a request to take him/her back as referred to in Article 24 of the Dublin Regulation, the responsible Member State shall update its dataset recorded in conformity with Article 9 relating to the person concerned by adding his/her date of arrival .

(b) When an applicant for international protection arrives in the responsible Member State following a transfer pursuant to a decision acceding to a request to take charge of him/her as referred to in Article 22 of the Dublin Regulation, the responsible Member State shall send a dataset in conformity with Article 9 relating to the person concerned and include his/her date of arrival.

(c) As soon as the Member State of origin can establish that the person concerned whose data was recorded in EURODAC in accordance with Article 9 has left the territory of the Member States, it shall update its dataset recorded in conformity with Article 9 relating to the person concerned by adding the date when the person left the territory, in order to facilitate the application of Articles 19(2) and 20(5) of the Dublin Regulation.

(d) As soon as the Member State of origin ensures that the person concerned whose data was recorded in EURODAC in accordance with Article 9 has left the territory of the Member States in compliance with a return decision or removal order it issued following the withdrawal or rejection of the application as provided for in Article 19 (3) of the Dublin Regulation, it shall update its dataset recorded in conformity with Article 9 relating to the person concerned by adding the date of his/her removal or when the person left the territory.

(e) The Member State which assumes responsibility in accordance with Article 17(1) of the Dublin Regulation shall update its dataset recorded in conformity with Article 9 relating to that applicant by adding the date when the decision to examine the application was taken.

ê 2725/2000/EC

ð new

Article 95

Recording of data

1. Only the following data shall be recorded in the cCentral database ð System ï :

(ab) fingerprint data;

(ba) Member State of origin, place and date of the application for asylum ð international protection; in the cases referred to in Article 8 point (b), the date of application shall be the one entered by the Member State who transferred the applicant ï;

(c) sex;

(d) reference number used by the Member State of origin;

(e) date on which the fingerprints were taken;

(f) date on which the data were transmitted to the Central Unit ð System ï;

(g) date on which the data were entered in the central database ;

ò new

(g) operator user ID.

ê 2725/2000/EC

ð new

(h) details in respect of the recipient(s) of the data transmitted and the date(s) of transmission(s).

(h) where applicable in accordance with Article 8 point (a) or point (b), the date of the arrival of the person concerned after a successful transfer;

(i) where applicable in accordance with Article 8 point (c), the date when the person concerned left the territory of the Member States;

(j) where applicable in accordance with Article 8 point (d), the date when the person concerned left or was removed from the territory of the Member States;

(k) where applicable in accordance with Article 8 point (e), the date when the decision to examine the application was taken.

2. After recording the data in the central database, the Central Unit shall destroy the media used for transmitting the data, unless the Member State of origin has requested their return.

Article 10 6

Data storage

Each set of data, as referred to in Article 5(1) 9, shall be stored in the Ccentral ð System ï database for ten years from the date on which the fingerprints were taken.

Upon expiry of this period, the Central Unit ð System ï shall automatically erase the data from the Ccentral database ð System ï.

Article 11 7

Advance data erasure

1. Data relating to a person who has acquired citizenship of any Member State before expiry of the period referred to in Article 6 10 shall be erased from the Central Unit ð System ï, in accordance with Article 15(3) 22(4) as soon as the Member State of origin becomes aware that the person has acquired such citizenship.

ò new

2. The Central System shall inform all Member States of origin about the erasure of data for the reason specified in paragraph 1 by another Member State of origin having produced a hit with data which they transmitted relating to persons referred to in Article 7(1) or Article 12(1).

ê 2725/2000/EC (adapted)

ð new

CHAPTER III

ALIENS Ö THIRD COUNTRY NATIONALS OR STATELESS PERSONS Õ APPREHENDED IN CONNECTION WITH THE IRREGULAR CROSSING OF AN EXTERNAL BORDER

Article 12 8

Collection and transmission of fingerprint data

1. Each Member State shall, in accordance with the safeguards laid down in the European Convention on Human Rights and in the United Nations Convention on the Rights of the Child promptly take the fingerprints of all fingers of every alien Ö third country national or stateless person Õ of at least 14 years of age who is apprehended by the competent control authorities in connection with the irregular crossing by land, sea or air of the border of that Member State having come from a third country and who is not turned ð or who remains physically on the territory of the Member States and who is not kept in custody, confinement or detention during the entirety of the period between apprehension and removal on the basis of the decision to turn them back ï ..

2. The Member State concerned shall promptly ðas soon as possible and and no later than 72 hours from the date of apprehension ï transmit to the Central Unit ð System ï the following data in relation to any alien Ö third country national or stateless person Õ, as referred to in paragraph 1, who is not turned back:

(ab) fingerprint data;

(ba) Member State of origin, place and date of the apprehension;

(c) sex;

(d) reference number used by the Member State of origin;

(e) date on which the fingerprints were taken;

(f) date on which the data were transmitted to the Central Unit ð System ï;

ò new

(g) operator user ID.

3. By way of derogation from paragraph 2, as regards persons apprehended in the manner described in paragraph 1 who remain physically on the territory of the Member States but are kept in custody, confinement or detention upon their apprehension for a period exceeding 72 hours, the transmission of the data specified in paragraph 2 relating to those persons shall take place before their release from custody, confinement or detention.

4. Non compliance with the 72 hours time limit referred to in paragraph 2 does not relieve Member States of the obligation to take and transmit the fingerprints to the Central System. Where the condition of the fingertips does not allow to take the fingerprints in a quality ensuring appropriate comparison under Article 19 of this Regulation, the Member State of origin shall retake the fingerprints of such person and resend them as soon as possible and no later than 48 hours after they have been successfully taken.

5. By way of derogation from paragraph 1, where it is not possible to take the fingerprints of such person on account of measures taken to ensure the health of the person or the protection of public health, the Member State concerned shall take and send the fingerprints of the person, in accordance with the deadline set out in paragraph 2, once these grounds no longer prevail.

ê 2725/2000/EC (adapted)

ð new

Article 13 9

Recording of data

1. The data referred to in Article 5(1)(g) and in Article 8(2) 12(2) shall be recorded in the central database ð Central System ï.

Without prejudice to Article 3(3)6 ð and Article 3 ï , data transmitted to the Central Unit ð System ï pursuant to Article 8(2) 12(2) shall be recorded for the sole purpose of comparison with data on applicants for asylum ð international protection ï transmitted subsequently to the Central Unit ð System ï.

The Central Unit ð System ï shall not compare data transmitted to it pursuant to Article 8(2) 12(2) with any data previously recorded in the central database ð Central System ï, nor with data subsequently transmitted to the Central Unit ð System ï pursuant to Article 8(2) 12(2).

2. The procedures provided for in Article 4(1), second sentence, Article 4(2) and Article 5(2) as well as the provisions laid down pursuant to Article 4(7) shall apply. As regards the comparison of data on applicants for asylum ð international protection ï subsequently transmitted to the Central Unit ð System ï with the data referred to in paragraph 1, the procedures provided for in Article 4(3), (5) and (6) 7(3) and (5) and in Article 19(4) shall apply.

Article 14 10

Storage of data

1. Each set of data relating to an alien Ö third country national or stateless person Õ as referred to in Article 8(1) 12(1) shall be stored in the central database ð Central System ï for ð one year ï two years from the date on which the fingerprints of the alien Ö third country national or stateless person Õ were taken. Upon expiry of this period, the Central Unit ð System ï shall automatically erase the data from the central database ð Central System ï.

2. The data relating to an alien Ö third country national or stateless person Õ as referred to in Article 8(1) 12(1) shall be erased from the central database ð Central System ï in accordance with Article 15(3) 22(3)Ö as soon as Õ the Member State of origin becomes aware of one of the following circumstances before the two ð one ï-year period mentioned in paragraph 1 has expired:

(a) the alien Ö third country national or stateless person Õ has been issued with a residence permit;

(b) the alien Ö third country national or stateless person Õ has left the territory of the Member States;

(c) the alien Ö third country national or stateless person Õ has acquired the citizenship of any Member State.

ò new

3. The Central System shall inform all Member States of origin about the erasure of data for the reason specified in paragraph 2(a) or (b) by another Member State of origin having produced a hit with data which they transmitted relating to persons referred to in Article 12(1).

4. The Central System shall inform all Member States of origin about the erasure of data for the reason specified in paragraph 2(c) by another Member State of origin having produced a hit with data which they transmitted relating to persons referred to in Article 7(1) or Article 12(1).

ê 2725/2000/EC (adapted)

ð new

CHAPTER IV

ALIENS Ö THIRD COUNTRY NATIONALS OR STATELESS PERSONS Õ FOUND ILLEGALLY PRESENT IN A MEMBER STATE

Article 15 11

Comparison of fingerprint data

1. With a view to checking whether an alien Ö third country national or a stateless person Õ found illegally present within its territory has previously lodged an application for asylum ð international protection ï in another Member State, each Member State may transmit to the Central Unit ð System ï any fingerprint data relating to fingerprints which it may have taken of any such alien Ö third country national or stateless person Õ of at least 14 years of age together with the reference number used by that Member State.

As a general rule there are grounds for checking whether the alien Ö third country national or stateless person Õ has previously lodged an application for asylum ð international protection ï in another Member State where:

(a) the alien Ö third country national or stateless person Õ declares that he/she has lodged an application for asylum ð international protection ï but without indicating the Member State in which he/she made the application;

(b) the alien Ö third country national or stateless person Õ does not request asylum ð international protection ï but objects to being returned to his/her country of origin by claiming that he/she would be in danger, or

(c) the alien Ö third country national or stateless person Õ otherwise seeks to prevent his/her removal by refusing to cooperate in establishing his/her identity, in particular by showing no, or false, identity papers.

2. Where Member States take part in the procedure referred to in paragraph 1, they shall transmit to the Central Unit ð System ï the fingerprint data relating to all or at least the index fingers, and, if those are missing, the prints of all other fingers, of aliens Ö third country nationals or stateless persons Õ referred to in paragraph 1.

3. The fingerprint data of an alien Ö third country national or a stateless person Õ as referred to in paragraph 1 shall be transmitted to the Central Unit ð System ï solely for the purpose of comparison with the fingerprint data of applicants for asylum ð international protection ï transmitted by other Member States and already recorded in the central database ð Central System ï.

The fingerprint data of such an alien Ö third country national or a stateless person Õ shall not be recorded in the central database ð Central System ï, nor shall they be compared with the data transmitted to the Central Unit ð System ï pursuant to Article 8(2) 12(2).

4. As regards the comparison of fingerprint data transmitted under this Article with the fingerprint data of applicants for asylum ð international protection ï transmitted by other Member States which have already been stored in the Central Unit ð System ï, the procedures provided for in Article 4(3) (5) and (6) 7(3) and (5) as well as the provisions laid down pursuant to Article 4(7) shall apply.

5. Once the results of the comparison have been transmitted to the Member State of origin, the Central Unit shall forthwith:

(a) erase the fingerprint data and other data transmitted to it under paragraph 1; and

(b) destroy the media used by the Member State of origin for transmitting the data to the Central Unit, unless the Member State of origin has requested their return.

CHAPTER V

RECOGNISED REFUGEESÖ PERSONS GRANTED INTERNATIONAL PROTECTION Õ

Article 12

Blocking of data

1. Data relating to an applicant for asylum which have been recorded pursuant to Article 4(2) shall be blocked in the central database if that person is recognised and admitted as a refugee in a Member State. Such blocking shall be carried out by the Central Unit on the instructions of the Member State of origin.

As long as a decision pursuant to paragraph 2 has not been adopted, hits concerning persons who have been recognised and admitted as refugees in a Member State shall not be transmitted. The Central Unit shall return a negative result to the requesting Member State.

2. Five years after Eurodac starts operations, and on the basis of reliable statistics compiled by the Central Unit on persons who have lodged an application for asylum in a Member State after having been recognised and admitted as refugees in another Member State, a decision shall be taken in accordance with the relevant provisions of the Treaty, as to whether the data relating to persons who have been recognised and admitted as refugees in a Member State should:

(a) be stored in accordance with Article 6 for the purpose of the comparison provided for in Article 4(3); or

(b) be erased in advance once a person has been recognised and admitted as a refugee.

3. In the case referred to in paragraph 2(a), the data blocked pursuant to paragraph 1 shall be unblocked and the procedure referred to in paragraph 1 shall no longer apply.

4. In the case referred to in paragraph 2(b):

(a) data which have been blocked in accordance with paragraph 1 shall be erased immediately by the Central Unit; and

(b) data relating to persons who are subsequently recognised and admitted as refugees shall be erased in accordance with Article 15(3), as soon as the Member State of origin becomes aware that the person has been recognised and admitted as a refugee in a Member State.

5. The implementing rules concerning the procedure for the blocking of data referred to in paragraph 1 and the compilation of statistics referred to in paragraph 2 shall be adopted in accordance with the procedure laid down in Article 22(1).

ò new

Article 16

Marking of data

1. The Member State of origin which granted international protection to an applicant for international protection whose data were previously recorded pursuant to Article 9 in the Central System shall mark the relevant data in conformity with the requirements for electronic communication with the Central System established by the Management Authority. This mark shall be stored in the Central System in accordance with Article 10 for the purpose of transmission under Article 7(5).

2. The Member State of origin shall unmark data concerning a third country national or stateless person whose data were previously marked in accordance with paragraph 1 if his or her status is revoked or ended or renewal of his status is refused under Article 14 or 19 of Council Directive 2004/83/EC.

ê 2725/2000/EC (adapted)

ð new

CHAPTER VI

DATA USE, DATA PROTECTION AND LIABILITY

Article 17 13

Responsibility for data use

1. The Member State of origin shall be responsible for ensuring that:

(a) fingerprints are taken lawfully;

(b) fingerprint data and the other data referred to in Article 5(1) 9, Article 8(2) 12(2) and Article 11(2) 15(2) are lawfully transmitted to the Central Unit ð System ï;

(c) data are accurate and up-to-date when they are transmitted to the Central Unit ð System ï;

(d) without prejudice to the responsibilities of the Commission ð Management Authority ï , data in the central database ð Central System ï are lawfully recorded, stored, corrected and erased;

(e) the results of fingerprint data comparisons transmitted by the Central Unit ð System ï are lawfully used.

2. In accordance with Article 1412, the Member State of origin shall ensure the security of the data referred to in paragraph 1 before and during transmission to the Central Unit ð System ï as well as the security of the data it receives from the Central Unit ð System ï.

3. The Member State of origin shall be responsible for the final identification of the data pursuant to Article 4(6) 19(4).

4. The Commission ð Management Authority ï shall ensure that the Central Unit ð System ï is operated in accordance with the provisions of this Regulation and its implementing rules. In particular, the Commission ð Management Authority ï shall:

(a) adopt measures ensuring that persons working ð with ï in the Central Unit ð System ï use the data recorded Ö therein Õ in the central database only in accordance with the purpose of EurodacEURODAC as laid down in Article 1);

(b) ensure that persons working in the Central System comply with all requests from Member States made pursuant to this Regulation in relation to recording, comparison, correction and erasure of data for which they are responsible;

(b) (c) take the necessary measures to ensure the security of the Central Unit ð System ï in accordance with Article 14 12;

(c) (d) ensure that only persons authorised to work ð with ï in the Central Unit ð System ï have access Ö thereto Õ to data recorded in the central database, without prejudice to Article 20 and the powers of the independent supervisory body which will be established under Article 286(2) of the Treaty Ö the competences of the European Data Protection Supervisor Õ.

The Commission ð Management Authority ï shall inform the European Parliament and the Council of the measures it takes pursuant to the first subparagraph.

ê 407/2002/EC Article 2 (adapted)

ð new

Article 182

Transmission

1. Fingerprints shall be digitally processed and transmitted in the data format referred to in Annex I. As far as it is necessary for the efficient operation of the Central Unit ð System ï, the Central Unit Ö Management Authority Õ shall establish the technical requirements for transmission of the data format by Member States to the Central Unit ð System ï and vice versa. The Central Unit Ö Management Authority Õ shall ensure that the fingerprint data transmitted by the Member States can be compared by the computerised fingerprint recognition system.

2. Member States should Ö shall Õ transmit the data referred to in Article 5(1) 9(1), Article 12(2) and Article 15(2) of the Eurodac Regulation electronically. ð The data referred to in Article 9(1) and Article 12(2) shall be automatically recorded in the Central System. ï As far as it is necessary for the efficient operation of the Central Unit ð System ï, the Central Unit Ö Management Authority Õ shall establish the technical requirements to ensure that data can be properly electronically transmitted from the Member States to the Central Unit ð System ï and vice versa. Transmission of data in paper form using the form set out in Annex II or by other means of data support (diskettes, CD-ROM or other means of data support which may be developed and generally used in future) should be limited to situations in which there are continuous technical problems.

3. The reference number referred to in Article 5(1)(d) 9(d) and Article 12(2)(d) and 15(1) of the Eurodac Regulation shall make it possible to relate data unambiguously to one particular person and to the Member State which is transmitting the data. In addition, it shall make it possible to tell whether such data relate to an asylum seeker or a person referred to in Article 8 or Article 11 of the Eurodac Regulation7, Article 12 or Article 15.

4. The reference number shall begin with the identification letter or letters by which, in accordance with the norm referred to in Annex I, the Member State transmitting the data is identified. The identification letter or letters shall be followed by the identification of the category of person. "1" refers to data relating to asylum seekers Ö persons referred to in Article 7(1) Õ, "2" to persons referred to in Article 8 12(1) of the Eurodac Regulation and "3" to persons referred to in Article 11 15 of the Eurodac Regulation.

5. The Central Unit Ö Management Authority Õ shall establish the technical procedures necessary for Member States to ensure receipt of unambiguous data by the Central Unit ð System ï.

64. The Central Unit ð System ï shall confirm receipt of the transmitted data as soon as possible. To this end the Central Unit Ö Management Authority Õ shall establish the necessary technical requirements to ensure that Member States receive the confirmation receipt if requested.

Article 193

Carrying out comparisons and transmitting results

1. Member States shall ensure the transmission of fingerprint data in an appropriate quality for the purpose of comparison by means of the computerised fingerprint recognition system. As far as it is necessary to ensure that the results of the comparison by the Central Unit ð System ï reach a very high level of accuracy, the Central Unit ð Management Authority ï shall define the appropriate quality of transmitted fingerprint data. The Central Unit ð System ï shall, as soon as possible, check the quality of the fingerprint data transmitted. If fingerprint data do not lend themselves to comparison using the computerised fingerprint recognition system, the Central Unit ð System ï shall, as soon as possible, ð inform ï the Member State. ð The Member State concerned shall ï transmit fingerprint data of the appropriate quality ð using the same reference number of the previous set of fingerprint data ï..

2. The Central Unit ð System ï shall carry out comparisons in the order of arrival of requests. Each request must be dealt with within 24 hours. In the case of data which are transmitted electronically, a A Member State may for reasons connected with national law require particularly urgent comparisons to be carried out within one hour. Where these times cannot be respected owing to circumstances which are outside the Central Unit ð Management Authority's ï responsibility, the Central Unit ð System ï shall process the request as a matter of priority as soon as those circumstances no longer prevail. In such cases, as far as it is necessary for the efficient operation of the Central Unit ð System ï , the Central Unit ð Management Authority ï shall establish criteria to ensure the priority handling of requests.

3. As far as it is necessary for the efficient operation of the Central Unit ð System ï , the Central Unit ð Management Authority ï shall establish the operational procedures for the processing of the data received and for transmitting the result of the comparison.

ê 2725/2000/EC Article 4(6) (adapted)

ð new

4. The results of the comparison shall be immediately checked in the Member State of origin. Final identification shall be made by the Member State of origin in cooperation with the Member States concerned, pursuant to Article 1532 of the Dublin Convention Ö Regulation Õ ð and Decision No […/…]JHA [EURODAC law enforcement Decision] ï .

Information received from the Central Unit ð System ï relating to other data found to be unreliable shall be erased or destroyed as soon as the unreliability of the data is established.

ò new

5. Where final identification in accordance with paragraph 4 reveal that the result of the comparison received from the Central System is inaccurate, Member States shall communicate this fact to the Commission and to the Management Authority.

ê 407/2002/EC (adapted)

ð new

Article 204

Communication between Member States and the Central Unit ð System ï

Data transmitted from the Member States to the Central Unit ð System ï and vice versa shall use IDA generic services referred to in Decision No 1719/1999/EC of the European Parliament and of the Council of 12 July 1999 on a series of guidelines, including the identification of projects of common interest, for trans-European networks for the electronic interchange of data between administrations (IDA) ð the EURODAC Communication Infrastructure ï. As far as it is necessary for the efficient operation of the Central Unit ð System ï, the Central Unit Ö Management Authority Õ shall establish the technical procedures necessary for the use of IDA generic services ð the Communication Infrastructure ï.

ê 2725/2000/EC

Article 14

Security

1. The Member State of origin shall take the necessary measures to:

(a) prevent any unauthorised person from having access to national installations in which the Member State carries out operations in accordance with the aim of Eurodac (checks at the entrance to the installation);

(b) prevent data and data media in Eurodac from being read, copied, modified or erased by unauthorised persons (control of data media);

(c) guarantee that it is possible to check and establish a posteriori what data have been recorded in Eurodac, when and by whom (control of data recording);

(d) prevent the unauthorised recording of data in Eurodac and any unauthorised modification or erasure of data recorded in Eurodac (control of data entry);

(e) guarantee that, in using Eurodac, authorised persons have access only to data which are within their competence (control of access);

(f) guarantee that it is possible to check and establish to which authorities data recorded in Eurodac may be transmitted by data transmission equipment (control of transmission);

(g) prevent the unauthorised reading, copying, modification or erasure of data during both the direct transmission of data to or from the central database and the transport of data media to or from the Central Unit (control of transport).

2. As regards the operation of the Central Unit, the Commission shall be responsible for applying the measures mentioned under paragraph 1.

ò new

Article 21

Data security

1. The Member State of origin shall ensure the security of the data before and during transmission to the Central System. Each Member State shall ensure the security of the data which it receives from the Central System.

2. Each Member State shall, in relation to its national system, adopt the necessary measures, including a security plan, in order to:

(a) physically protect data, including by making contingency plans for the protection of critical infrastructure;

(b) deny unauthorised persons access to national installations in which the Member State carries out operations in accordance with the purpose of EURODAC (checks at entrance to the installation);

(c) prevent the unauthorised reading, copying, modification or removal of data media (data media control);

(d) prevent the unauthorised input of data and the unauthorised inspection, modification or deletion of stored personal data (storage control);

(e) prevent the unauthorised processing of data in EURODAC and any unauthorised modification or deletion of data processed in EURODAC (control of data entry);

(f) ensure that persons authorised to access EURODAC have access only to the data covered by their access authorisation, by means of individual and unique user identities and confidential access modes only (data access control);

(g) ensure that all authorities with a right of access to EURODAC create profiles describing the functions and responsibilities of persons who are authorised to access, enter, update, delete and search the data and make these profiles available to the National Supervisory Authorities referred to in Article 26 without delay at their request (personnel profiles);

(h) ensure that it is possible to verify and establish to which bodies personal data may be transmitted using data communication equipment (communication control);

(i) ensure that it is possible to verify and establish what data have been processed in EURODAC, when, by whom and for what purpose (control of data recording);

(j) prevent the unauthorised reading, copying, modification or deletion of personal data during the transmission of personal data to or from EURODAC or during the transport of data media, in particular by means of appropriate encryption techniques (transport control);

(k) monitor the effectiveness of the security measures referred to in this paragraph and take the necessary organisational measures related to internal monitoring to ensure compliance with this Regulation (self-auditing).

3. The Management Authority shall take the necessary measures in order to achieve the objectives set out in paragraph 2 as regards the operation of EURODAC, including the adoption of a security plan.

ê 2725/2000/EC

ð new

Article 22 15

Access to, and correction or erasure of, data recorded in EurodacEURODAC

1. The Member State of origin shall have access to data which it has transmitted and which are recorded in the central database ð Central System ï in accordance with the provisions of this Regulation.

No Member State may conduct searches in the data transmitted by another Member State, nor may it receive such data apart from data resulting from the comparison referred to in Article 4(5) 7(5).

ò new

2 By way of derogation from paragraph 1, Member States' designated authorities and Europol's specialised unit designated in accordance with Article 4(1) and (4) of Decision No […/…]JHA [EURODAC law enforcement Decision] may conduct searches in all data stored in the central database regardless of their Member State of origin and may receive such data in accordance with Article 3 of this Regulation and Decision No […/…]JHA [EURODAC law enforcement Decision] .

ê 2725/2000/EC (adapted)

ð new

3. The authorities of Member States which, pursuant to paragraph 1, have access to data recorded in the central database ð Central System ï shall be those designated by each Member State ð for the purpose of Article 1(1). This designation shall specify the exact unit responsible for carrying out tasks related to the application of this Regulation. ï Each Member State shall without delay communicate to the Commission ð and the Management Authority ï a list of those authorities ð and any amendments thereto. The Management Authority shall publish the consolidated list in the Official Journal of the European Union. Where there are amendments thereto, the Management Authority shall publish once a year an updated consolidated list. ï

4. Only the Member State of origin shall have the right to amend the data which it has transmitted to the Central Unit ð System ï by correcting or supplementing such data, or to erase them, without prejudice to erasure carried out in pursuance of Article 6, Article 10(1) or Article 12(4)(a) 10 or Article 14(1).

Where the Member State of origin records data directly in the central database, it may amend or erase the data directly.

Where the Member State of origin does not record data directly in the central database, the Central Unit shall amend or erase the data at the request of that Member State.

5. If a Member State or the Central Unit ð Management Authority ï has evidence to suggest that data recorded in the central database ð Central System ï are factually inaccurate, it shall advise the Member State of origin as soon as possible.

If a Member State has evidence to suggest that data were recorded in the central database ð Central System ï contrary to this Regulation, it shall similarly advise ð the Management Authority, the Commission and ï the Member State of origin as soon as possible. The latter shall check the data concerned and, if necessary, amend or erase them without delay.

6. The Central Unit ð Management Authority ï shall not transfer or make available to the authorities of any third country data recorded in the central database ð Central System ï, unless it is specifically authorised to do so in the framework of a Community agreement on the criteria and mechanisms for determining the State responsible for examining an application for asylum ð international protection ï.

Article 21

Implementing rules

1. The Council shall adopt, acting by the majority laid down in Article 205(2) of the Treaty, the implementing provisions necessary for

- laying down the procedure referred to in Article 4(7),

- laying down the procedure for the blocking of the data referred to in Article 12(1),

- drawing up the statistics referred to in Article 12(2).

In cases where these implementing provisions have implications for the operational expenses to be borne by the Member States, the Council shall act unanimously.

2. The measures referred to in Article 3(4) shall be adopted in accordance with the procedure referred to in Article 23(2).

Article 23 16

Keeping of records by the Central Unit

1. The Central Unit ð Management Authority ï shall keep records of all data processing operations within the Central Unit ð System ï. These records shall show the purpose of access, the date and time, the data transmitted, the data used for interrogation and the name of both the unit putting Ö entering Õ in or retrieving the data and the persons responsible.

2. Such records may be used only for the data-protection monitoring of the admissibility of data processing as well as to ensure data security pursuant to Article 14 12. The records must be protected by appropriate measures against unauthorised access and erased after a period of one year ð after the retention period referred to in Article 10 and in Article 14(1) has expired ï, if they are not required for monitoring procedures which have already begun.

ò new

3. Each Member State shall take the necessary measures in order to achieve the objectives set out in paragraph 1 and 2 in relation to its national system. In addition, each Member State shall keep records of the staff duly authorised to enter or retrieve the data.

ê 2725/2000/EC (adapted)

ð new

Article 22

Committee

1. The Commission shall be assisted by a committee.

2. In the cases where reference is made to this paragraph, Articles 5 and 7 of Decision 1999/468/EC shall apply.

The period laid down in Article 5(6) of Decision 1999/468/EC shall be set at three months.

3. The committee shall adopt its rules of procedure.

Article 24 17

Liability

1. Any person who, or Member State which, has suffered damage as a result of an unlawful processing operation or any act incompatible with the provisions laid down in this Regulation shall be entitled to receive compensation from the Member State responsible for the damage suffered. That State shall be exempted from its liability, in whole or in part, if it proves that it is not responsible for the event giving rise to the damage.

2. If failure of a Member State to comply with its obligations under this Regulation causes damage to the central database ð Central System ï, that Member State shall be held liable for such damage, unless and insofar as the Commission ð Management Authority or another Member State ï failed to take reasonable steps to prevent the damage from occurring or to minimise its impact.

3. Claims for compensation against a Member State for the damage referred to in paragraphs 1 and 2 shall be governed by the provisions of national law of the defendant Member State.

Article 25 18

Rights of the data subject

1. A person covered by this Regulation shall be informed by the Member State of origin ð in writing, and where appropriate, orally, in a language which he or she understands or may reasonably be presumed to understand ï of the following:

(a) the identity of the controller and of his representative, if any;

(b) ÖregardingÕ the purpose for which the Ö his or her Õ data will be processed within EurodacEURODAC ð including a description of the aims of the Dublin Regulation, in accordance with Article 4 of that Regulation and of the aims of Article 3 of this Regulation and of Decision No […/…]JHA [EURODAC law enforcement Decision] ï.

(c) the recipients of the data;

(d) in relation to a person covered by Article 4 7 or Article 8 12, the obligation to have his/her fingerprints taken;

(e) the existence of the right of access to, and the right to rectify, the data Örelating to him/herÕconcerning him/herÖ , and the right to request that inaccurate data relating to him/her be corrected Õ ð or that unlawfully processed data relating to them be erased, as well as the right to receive information on the procedures for exercising those rights including the contact details of the controller and the National Supervisory Authorities referred to in Article 26(1) ï.

In relation to a person covered by Article 4 7 or Article 8 12, the information referred to in the first subparagraph shall be provided when his/her fingerprints are taken.

In relation to a person covered by Article 11 15, the information referred to in the first subparagraph shall be provided no later than the time when the data relating to the person are transmitted to the Central Unit ð System ï. This obligation shall not apply where the provision of such information proves impossible or would involve a disproportionate effort.

ò new

Where a person covered by this Regulation is a minor, Member States shall provide the information in an age-appropriate manner.

ê 2725/2000/EC

ð new

2. In each Member State any data subject may, in accordance with the laws, regulations and procedures of that State, exercise the rights provided for in Article 12 of Directive 95/46/EC.

Without prejudice to the obligation to provide other information in accordance with point (a) of Article 12 of Directive 95/46/EC, the data subject shall have the right to obtain communication of the data relating to him/her recorded in the central database ð Central System ï and of the Member State which transmitted them to the Central Unit ð System ï. Such access to data may be granted only by a Member State.

3. In each Member State, any person may request that data which are factually inaccurate be corrected or that data recorded unlawfully be erased. The correction and erasure shall be carried out without excessive delay by the Member State which transmitted the data, in accordance with its laws, regulations and procedures.

4. If the rights of correction and erasure are exercised in a Member State, other than that, or those, which transmitted the data, the authorities of that Member State shall contact the authorities of the Member State, or States, in question so that the latter may check the accuracy of the data and the lawfulness of their transmission and recording in the central database ð Central System ï.

5. If it emerges that data recorded in the central database ð Central System ï are factually inaccurate or have been recorded unlawfully, the Member State which transmitted them shall correct or erase the data in accordance with Article 15(3) 22(3). That Member State shall confirm in writing to the data subject without excessive delay that it has taken action to correct or erase data relating to him/her.

6. If the Member State which transmitted the data does not agree that data recorded in the central database ð Central System ï are factually inaccurate or have been recorded unlawfully, it shall explain in writing to the data subject without excessive delay why it is not prepared to correct or erase the data.

That Member State shall also provide the data subject with information explaining the steps which he/she can take if he/she does not accept the explanation provided. This shall include information on how to bring an action or, if appropriate, a complaint before the competent authorities or courts of that Member State and any financial or other assistance that is available in accordance with the laws, regulations and procedures of that Member State.

7. Any request under paragraphs 2 and 3 shall contain all the necessary particulars to identify the data subject, including fingerprints. Such data shall be used exclusively to permit the exercise of the rights referred to in paragraphs 2 and 3 and shall be destroyed immediately afterwards.

8. The competent authorities of the Member States shall cooperate actively to enforce promptly the rights laid down in paragraphs 3, 4 and 5.

ò new

9. Whenever a person requests data relating to him or her in accordance with paragraph 2, the competent authority shall keep a record in the form of a written document that such a request was made, and shall make this document available to the National Supervisory Authorities referred to in Article 26(1) without delay, upon their request.

ê 2725/2000/EC (adapted)

ð new

9. 10. In each Member State, the national supervisory authority shall ð on the basis of his/her request, ïassist the data subject in accordance with Article 28(4) of Directive 95/46/EC in exercising his/her rights.

10. 11. The national supervisory authority of the Member State which transmitted the data and the national supervisory authority of the Member State in which the data subject is present shall assist and, where requested, advise him/her in exercising his/her right to correct or erase data. Both national supervisory authorities shall cooperate to this end. Requests for such assistance may be made to the national supervisory authority of the Member State in which the data subject is present, which shall transmit the requests to the authority of the Member State which transmitted the data. The data subject may also apply for assistance and advice to the joint supervisory authority set up by Article 20.

11. 12. In each Member State any person may, in accordance with the laws, regulations and procedures of that State, bring an action or, if appropriate, a complaint before the competent authorities or courts of the State if he/she is refused the right of access provided for in paragraph 2.

12. 13. Any person may, in accordance with the laws, regulations and procedures of the Member State which transmitted the data, bring an action or, if appropriate, a complaint before the competent authorities or courts of that State concerning the data relating to him/her recorded in the central database ð Central System ï, in order to exercise his/her rights under paragraph 3. The obligation of the national supervisory authorities to assist and, where requested, advise the data subject, in accordance with paragraph 10 13 , shall subsist throughout the proceedings.

Article 26 19

Ö Supervision by the Õ National Ssupervisory Aauthority

1. Each Member State shall provide that the national supervisory authority or authorities designated pursuant to Article 28(1) of Directive 95/46/EC shall monitor independently, in accordance with its respective national law, the lawfulness of the processing, in accordance with this Regulation, of personal data by the Member State in question, including their transmission to the Central Unit ð System ï.

2. Each Member State shall ensure that its national supervisory authority has access to advice from persons with sufficient knowledge of fingerprint data.

ò new

Article 2 7

Supervision by the European Data Protection Supervisor

1. The European Data Protection Supervisor shall check that the personal data processing activities of the Management Authority are carried out in accordance with this Regulation. The duties and powers referred to in Articles 46 and 47 of Regulation (EC) No 45/2001 shall apply accordingly.

2. The European Data Protection Supervisor shall ensure that an audit of the Management Authority's personal data processing activities is carried out in accordance with international auditing standards at least every four years. A report of such audit shall be sent to the European Parliament, the Council, the Management Authority, the Commission and the National Supervisory Authorities. The Management Authority shall be given an opportunity to make comments before the report is adopted.

Article 28

Cooperation between National Supervisory Authorities and the European Data Protection Supervisor

1. The National Supervisory Authorities and the European Data Protection Supervisor, each acting within the scope of its respective competences, shall cooperate actively in the framework of their responsibilities and shall ensure coordinated supervision of EURODAC.

2. They shall, each acting within the scope of its respective competences, exchange relevant information, assist each other in carrying out audits and inspections, examine difficulties of interpretation or application of this Regulation, study problems with the exercise of independent supervision or in the exercise of the rights of data subjects, draw up harmonised proposals for joint solutions to any problems and promote awareness of data protection rights, as necessary.

3. The National Supervisory Authorities and the European Data Protection Supervisor shall meet for that purpose at least twice a year. The costs and servicing of these meetings shall be for the account of the European Data Protection Supervisor. Rules of procedure shall be adopted at the first meeting. Further working methods shall be developed jointly as necessary. A joint report of activities shall be sent to the European Parliament, the Council, the Commission and the Management Authority every two years.

ê 2725/2000/EC (adapted)

ð new

CHAPTER VII

FINAL PROVISIONS

Article 29 21

Costs

1. The costs incurred in connection with the establishment and operation of the Central Unit ð Central System and the Communication Infrastructure ï shall be borne by the general budget of the European Union.

2. The costs incurred by ð verifying authorities and ï national ð access points ï units and the costs for connection to the central database ð Central System ï shall be borne by each Member State.

3. The costs of transmission of data from the Member State of origin and of the findings of the comparison to that State shall be borne by the State in question.

Article 30 24

Annual report:, mMonitoring and evaluation

1. The Commission ð Management Authority ï shall submit to the European Parliament and the Council an annual report on the activities of the Central Unit ð System ï. The annual report shall include information on the management and performance of EurodacEURODAC against pre-defined quantitative indicators for the objectives referred to in paragraph 2.

2. The Commission ð Management Authority ï shall ensure that Ö procedures Õ systems are in place to monitor the functioning of the Central Unit ð System ï against objectives Ö relating to Õ in terms of outputs, cost-effectiveness and quality of service.

3. The Commission shall regularly evaluate the operation of the Central Unit in order to establish whether its objectives have been attained cost-effectively and with a view to providing guidelines for improving the efficiency of future operations.

4. One year after Eurodac starts operations, the Commission shall produce an evaluation report on the Central Unit, focusing on the level of demand compared with expectation and on operational and management issues in the light of experience, with a view to identifying possible short-term improvements to operational practice.

ò new

3. For the purposes of technical maintenance, reporting and statistics, the Management Authority shall have access to the necessary information relating to the processing operations performed in the Central System.

4. Every two years, the Management Authority shall submit to the European Parliament, the Council and the Commission a report on the technical functioning of the Central System, including the security thereof.

ê 2725/2000/EC

ð new

5. Three years after Eurodac starts operations ð the start of application of this Regulation as provided for in Article 35(2) ï and every six ð four ï years thereafter, the Commission shall produce an overall evaluation of EurodacEURODAC, examining results achieved against objectives and assessing the continuing validity of the underlying rationale, ð including in respect of the mechanism introduced by Article 3, the application of this Regulation in respect of the Central System, the security of the Central System , ï and any implications for future operations ð , as well as make any necessary recommendations ï . ð The Commission shall transmit the evaluation to the European Parliament and the Council. ï

ò new

6. Member States shall provide the Management Authority and the Commission with the information necessary to draft the reports referred to in paragraph 4 and 5.

7. The Management Authority shall provide the Commission with the information necessary to produce the overall evaluations referred to in paragraph 5.

8. Until the Management Authority provided for in Article 5 is established, the Commission will only produce reports in accordance with paragraph 1 and 5.

ê 2725/2000/EC (adapted)

ð new

Article 31 25

Penalties

Member States shall Ö take the necessary measures to Õ ensure that Ö any Õ use of data recorded Ö entered Õ in the central database ð Central System ï contrary to the purpose of EurodacEURODAC as laid down in Article 1(1) shall be subject to appropriate penalties Ö is punishable by penalties, including administrative and/or criminal penalties in accordance with national law, that are effective, proportionate and dissuasive Õ.

Article 32 26

Territorial scope

The provisions of this Regulation shall not be applicable to any territory to which theDublin Convention Ö Regulation Õ does not apply.

ò new

Article 33

Transitional provision

Data blocked in the Central System in accordance with Article 12 of Council Regulation (EC) No 2725/2000/EC shall be unblocked and marked in accordance with Article 14(1) of this Regulation on the date provided for in Article 35(2).

ê

Article 34

Repeal

Council Regulation (EC) No 2725/2000 of 11 December 2000 concerning the establishment of 'Eurodac' for the comparison of fingerprints for the effective application of the Dublin Convention and Council Regulation (EC) No 407/2002 of 28 February 2002 laying down certain rules to implement Regulation (EC) No 2725/2000 concerning the establishment of "Eurodac" for the comparison of fingerprints for the effective application of the Dublin Convention are repealed with effect from the date provided for in Article 35(2).

References to the repealed Regulations shall be read in accordance with the correlation table in Annex III.

ê 2725/2000/EC Article 27 (adapted)

ð new

Article 35 27

Entry into force and applicability

1. This Regulation shall enter into force on the Ö twentieth Õ day Ö following that Õ of its publication in the Official Journal of the European Communities Ö Union Õ.

2. This Regulation shall apply, and Eurodac shall start operations, from the date which the Commission shall publish in the Official Journal of the European Communities Ö Union Õ, when the following conditions are met:

(a) each Member State has notified the Commission that it has made the necessary technical arrangements to transmit data to the Central Unit ð System ï in accordance with Ö this Regulation Õ the implementing rules adopted under Article 4(7) and to comply with the implementing rules adopted under Article 12(5); and

(b) the Commission has made the necessary technical arrangements for the Central Unit ð System ï to begin operations in accordance with Ö this Regulation Õ the implementing rules adopted under Article 4(7) and Article 12(5).

ò new

3. Member States shall notify the Commission as soon as the arrangements referred to in paragraph 2(a) have been made, and in any event no later than 12 months from the date of the entry into force of this Regulation.

ê 2725/2000/EC

4. This Regulation shall be binding in its entirety and directly applicable in the Member States in accordance with the Treaty establishing the European Community.

Done at Brussels,

For the European Parliament For the Council

The President The President

ê 407/2002/EC

ð new

Annex I

Data format for the exchange of fingerprint data

The following format is prescribed for the exchange of fingerprint data:

ANSI/NIST - CSL 1 1993 ð ANSI/NIST-ITL 1a-1997, Ver.3, June 2001 (INT-1) ï and any future further developments of this standard.

Norm for Member State identification letters

The following ISO norm will apply: ISO 3166 - 2 letters code.

Annex II

[pic]

é

ANNEX II Repealed Regulations (referred to in Article 32)

Council Regulation (EC) No 2725/2000/EC Council Regulation (EC) No 407/2002/EC | (OJ L 316, 15.12.2000, p. 1.) (OJ L 062, 05.03.2002 p. 1.) |

ANNEX III Correlation table

Regulation 2725/2000/EC | This Regulation |

Article 1(1) | Article 1(1) |

Article 1(2), first subparagraph | Article 4(1) |

Article 1(2), second subparagraph | Article 4(4) |

Article 1(3) | Article 1(2) |

Article 3(1) | deleted |

Article 2 | Article 2 |

Article 3(2) | Article 4(3) |

Article 3(3) | Article 6 |

Article 3(4) | deleted |

Article 4(1) | Article 7(1) |

Article 4(2) | Deleted |

Article 4(3) | Article 7(3) |

Article 4(4) | Article 7(4) |

Article 4(5) | Article 7(5) |

Article 4(6) | Article 19(4) |

Article 5 | Article 9 |

Article 6 | Article 10 |

Article 7 | Article 11 |

Article 8 | Article 12 |

Article 9 | Article 13 |

Article 10 | Article 14 |

Article 11(1)-(4) | Article 15(1)-(4) |

Article 11(5) | deleted |

Article 12 | - Article 16 |

Article 13 | Article 17 |

Article 14 | - Article 21 |

Article 15 | Article 22 |

Article 16 | Article 23 |

Article 17 | Article 24 |

Article 18 | Article 25 |

Article 19 | Article 26 |

Article 20 | Article 27 |

Article 21 | Article 29 |

Article 22 | deleted |

Article 23 | deleted |

Article 24 | Article 30 |

Article 25 | Article 31 |

Article 26 | Article 32 |

Article 27 | Article 35 |

- | Annex II |

Regulation 407/2002/EC | This Regulation |

Article 2 | Article 16 |

Article 3 | Article 17 |

Article 4 | Article 18 |

Article 5(1) | Article 3(2) |

Annex I | Annex I |

Annex II | - |

ANNEX IV LEGISLATIVE FINANCIAL STATEMENT

1. NAME OF THE PROPOSAL:

Proposal for a Regulation of the European Parliament and the Council concerning the establishment of 'Eurodac' for the comparison of fingerprints for the effective application of Regulation (EC) No […/…][28]

2. ABM / ABB FRAMEWORK

Policy Area: Area of Freedom, Security and Justice (title 18)

Activities:

Migration flows — Common immigration and asylum policies (chapter 18.03)

3. BUDGET LINES

3.1. Budget lines (operational lines and related technical and administrative assistance lines (ex- B.A lines)) including headings:

Financial framework 2007-2013: Heading 3A

Budget line: 18.03.11 - Eurodac

3.2. Duration of the action and of the financial impact:

The entry into force of the EURODAC Regulation is linked to the entry into force of the Dublin Regulation. This can also be foreseen in 2011 the earliest.

3.3. Budgetary characteristics:

Budget line | Type of expenditure | New | EFTA contribution | Contributions from applicant countries | Heading in financial perspective |

18.03.11. | Non-comp | Diff[29] | NO | NO | NO | 3A |

4. SUMMARY OF RESOURCES

4.1. Financial Resources

4.1.1. Summary of commitment appropriations (CA) and payment appropriations (PA)

EUR million (to 3 decimal places)

Expenditure type | Section no. | Year 2010 | 2011 | 2012 | 2013 | n+4 | n + 5 and later | Total |

Operational expenditure[30] |

Commitment Appropriations (CA) | 8.1. | a | 0.000 | 2.415 | 0.000 | 0.000 | 2.415 |

Payment Appropriations (PA) | b | 0.000 | 2.415 | 0.000 | 0.000 | 2.415 |

Administrative expenditure within reference amount[31] |

Technical & administrative assistance (NDA) | 8.2.4. | c | 0.000 | 0.000 | 0.000 | 0.000 | 0.000 |

TOTAL REFERENCE AMOUNT |

Commitment Appropriations | a+c | 0.000 | 2.415 | 0.000 | 0.000 | 2.415 |

Payment Appropriations | b+c | 0.000 | 2.415 | 0.000 | 0.000 | 2.415 |

Administrative expenditure not included in reference amount[32] |

Human resources and associated expenditure (NDA) | 8.2.5. | d | 0.000 | 0.244 | 0.122 | 0.122 | 0.488 |

Administrative costs, other than human resources and associated costs, not included in reference amount (NDA) | 8.2.6. | e | 0.000 | 0.084 | 0.020 | 0.000 | 0.104 |

Total indicative financial cost of intervention |

TOTAL CA including cost of Human Resources | a+c+d+e | 0.000 | 2.743 | 0.142 | 0.122 | 3.007 |

TOTAL PA including cost of Human Resources | b+c+d+e | 0.000 | 2.743 | 0.142 | 0.122 | 3.007 |

Co-financing details

No co-financing is anticipated.

EUR million (to 3 decimal places)

Co-financing body | Year n | n + 1 | n + 2 | n + 3 | n + 4 | n + 5 and later | Total |

…………………… | f |

TOTAL CA including co-financing | a+c+d+e+f |

4.1.2. Compatibility with Financial Programming

X Proposal is compatible with existing financial programming.

( Proposal will entail reprogramming of the relevant heading in the financial perspective.

( Proposal may require application of the provisions of the Interinstitutional Agreement[33] (i.e. flexibility instrument or revision of the financial perspective).

4.1.3. Financial impact on Revenue

X Proposal has no financial implications on revenue

( Proposal has financial impact – the effect on revenue is as follows:

EUR million (to one decimal place)

Prior to action [Year n-1] | Situation following action |

Total number of human resources | 0 | 2.0 | 1.0 | 1.0 |

5. CHARACTERISTICS AND OBJECTIVES

5.1. Need to be met in the short or long term

In order to facilitate prevention, detection and investigation of terrorist offences and other serious criminal offences, access for consultation for law enforcement purposes to EURODAC will be allowed.

5.2. Value-added of Community involvement and coherence of the proposal with other financial instruments and possible synergy

This proposal will provide a solution to the concerns of the Council and the law enforcement community about the absence of access by internal security authorities to EURODAC data, seen as a shortcoming, which results in a serious gap in the identification of suspected perpetrators of terrorist or serious crimes.

Introducing the possibility of running law enforcement searches with latents in EURODAC depends on the migration of EURODAC to a new IT system, the Biometric Matching System. BMS will serve as a common platform providing biometric matching services to the Schengen Information System II (SIS II), Visa Information System (VIS) and EURODAC. The integration of EURODAC in BMS is expected to start in 2011.

5.3. Objectives, expected results and related indicators of the proposal in the context of the ABM framework

The main objectives of the proposal is to to facilitate prevention, detection and investigation of terrorist offences and other serious criminal offences, access for consultation for law enforcement purposes.

The indicators would be the statistics on the operation of EURODAC, eg. those on comparisons of fingerprints requested for law enforcement purposes.

5.4. Method of Implementation (indicative)

( Centralised Management

( directly by the Commission

( indirectly by delegation to:

( executive Agencies

( bodies set up by the Communities as referred to in art. 185 of the Financial Regulation

( national public-sector bodies/bodies with public-service mission

( Shared or decentralised management

( with Member states

( with Third countries

( Joint management with international organisations (please specify)

In the future, the operational management of EURODAC could transferred to a Agency responsible for SIS II, VIS and other IT systems in the area of Freedom, Security and Justice. Regarding the setting up of this Agency, a separate proposal will be presented by the Commission, assessing the relevant costs.

6. MONITORING AND EVALUATION

6.1. Monitoring system

Monitoring of the efficiency of the changes introduced by the present proposal is to be performed in the framework of the annual reports on the activities of the EURODAC Central Unit, as well as the evaluation of the practices of access for law enforcement purposes.

Monitoring of data protection issues will be performed by the European Data Protection Supervisor.

6.2. Evaluation

6.2.1. Ex-ante evaluation

The ex-ante evaluation has been included in the impact assessment.

6.2.2. Measures taken following an intermediate/ex-post evaluation (lessons learned from similar experiences in the past)

The Commission published its report on the evaluation of the Dublin system in June 2007, covering the first 3 years of the operation of EURODAC (2003-2005). Whilst acknowledging that the Regulation is applied in a generally satisfactory way, it identified certain issues related to the efficiency of the current legislative provisions and announced the issues which have to be tackled in order to improve EURODAC's support to facilitate the application of the Dublin Regulation.

6.2.3. Terms and frequency of future evaluation

Regular evaluation is proposed to be ensured by the Commission and, after its set-up, also the Management Authority.

7. ANTI-FRAUD MEASURES

In order to combat fraud, corruption and other unlawful activities, the provisions of Regulation (EC) No 1037/1999 shall apply without restriction.

8. DETAILS OF RESOURCES

8.1. Objectives of the proposal in terms of their financial cost

Commitment appropriations in EUR million (to 3 decimal places)

Year 2010 | Year 2011 | Year 2012 | Year 2013 | Year n+4 | Year n+5 |

Officials or temporary staff[36] (XX 01 01) | A*/AD | 0 | 0 | 0.0 | 0.0 |

B*, C*/AST | 0 | 2.0 | 1.0 | 1.0. |

Staff financed[37] by art. XX 01 02 |

Other staff[38] financed by art. XX 01 04/05 |

TOTAL | 0 | 2.0 | 1.0 | 1.0 |

8.2.2. Description of tasks deriving from the action

Deal with administrative and financial issues related to the contract with the system provider.

Follow-up the implementation of the changes on the EURODAC IT system.

Follow-up the tests by the Member States.

Helpdesk towards Member States for new users.

8.2.3. Sources of human resources (statutory)

( Posts currently allocated to the management of the programme to be replaced or extended

( Posts pre-allocated within the APS/PDB exercise for year n

( Posts to be requested in the next APS/PDB procedure

( Posts to be redeployed using existing resources within the managing service (internal redeployment)

( Posts required for year n although not foreseen in the APS/PDB exercise of the year in question

8.2.4. Other Administrative expenditure included in reference amount (XX 01 04/05 – Expenditure on administrative management)

EUR million (to 3 decimal places)

Budget line (number and heading) | Year n | Year n+1 | Year n+2 | Year n+3 | Year n+4 | Year n+5 and later | TOTAL |

Other technical and administrative assistance |

- intra muros |

- extra muros |

Total Technical and administrative assistance |

8.2.5. Financial cost of human resources and associated costs not included in the reference amount

EUR million (to 3 decimal places)

Type of human resources | Year 2010 | Year 2011 | Year 2012 | Year 2013 | Year n+4 | Year n+5 and later |

Officials and temporary staff (18 01 01) | 0.000 | 0.244 | 0.122 | 0.122 |

Staff financed by Art XX 01 02 (auxiliary, END, contract staff, etc.) (specify budget line) |

Total cost of Human Resources and associated costs (NOT in reference amount) | 0.000 | 0.244 | 0.122 | 0.122 |

Calculation– Officials and Temporary agents financed under art. 18 01 01 01 AD/AST – 122.000 EUR per year x 2.0 persons = 244.000 EUR (2011) AD/AST – 122.000 EUR per year x 1.0 persons =122.000 EUR (2012-2013) |

8.2.6. Other administrative expenditure not included in reference amount

EUR million (to 3 decimal places)

Year 2010 | Year 2011 | Year 2012 | Year 2013 | Year n+5 | Year n+5 and later | TOTAL |

18 01 02 11 01 – Missions | 0.000 | 0.004 | 0.000 | 0.000 | 0.004 |

XX 01 02 11 02 – Meetings & Conferences | 0.000 | 0.080 | 0.020 | 0.000 | 0.100 |

XX 01 02 11 03 – Committees[40] |

XX 01 02 11 04 – Studies & consultations |

XX 01 02 11 05 - Information systems |

2 Total Other Management Expenditure (XX 01 02 11) |

3 Other expenditure of an administrative nature (specify including reference to budget line) |

Total Administrative expenditure, other than human resources and associated costs (NOT included in reference amount) | 0.000 | 0.084 | 0.020 | 0.000 | 0.104 |

[1] OJ L 062, 05.03.2002, p. 1.

[2] Proposal for a Regulation of the European Parliament and of the Council concerning the establishment of 'Eurodac' for the comparison of fingerprints for the effective application of Regulation (EC) No […/…] [establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person], COM(2008(825) final.

[3] The Proposal for a Regulation of the European Parliament and of the Council establishing an Agency for the operational management of large-scale IT systems in the area of freedom, security and justice [COM(2009) 293 final] was adopted on 24 June 2009.

[4] Establishment of 'Eurodac' for the comparison of fingerprints (recast), P6_TA(2009)0378.

[5] COM(2005) 597.

[6] COM(2007) 301.

[7] Agreement between the European Community and the Kingdom of Denmark on the criteria and mechanisms for establishing the State responsible for examining a request for asylum lodged in Denmark or any other Member State of the European Union and “Eurodac” for the comparison of fingerprints for the effective application of the Dublin Convention (OJ L 66, 8.3.2006).

[8] Agreement between the European Community and the Republic of Iceland and the Kingdom of Norway concerning the criteria and mechanisms for establishing the State responsible for examining a request for asylum lodged in a Member State or in Iceland or Norway (OJ L 93, 3.4.2001, p. 40).

[9] Agreement between the European Community and the Swiss Confederation concerning the criteria and mechanisms for establishing the State responsible for examining a request for asylum lodged in a Member State or in Switzerland (OJ L 53, 27.2.2008, p. 5).

[10] Protocol between the European Community, the Swiss Confederation and the Principality of Liechtenstein on the accession of Liechtenstein to the Agreement between the European Community and Switzerland concerning the criteria and mechanisms for establishing the State responsible for examining a request for asylum lodged in a the Member State or in Switzerland - COM(2006) 754, conclusion pending.

[11] Protocol between the European Community, the Swiss Confederation and the Principality of Liechtenstein to the Agreement between the European Community and the Swiss Confederation concerning the criteria and mechanisms for establishing the State responsible for examining a request for asylum lodged in a Member State or in Switzerland (2006/0257 CNS, concluded on 24.10.2008, publication in OJ pending) and Protocol to the Agreement between the Community, Republic of Iceland and the Kingdom of Norway concerning the criteria and mechanisms for establishing the State responsible for examining a request for asylum lodged in a Member State, Iceland and Norway (OJ L 93, 3.4.2001).

[12] SEC(2008) 2981.

[13] OJ L 326, 13.12.2005, p. 13-34.

[14] OJ L 16, 23.1.2004, p. 44–53.

[15] OJ L 304, 30.09.2004, p. 12-23.

[16] A latent print is the chance reproduction of the friction ridges deposited on the surface of an item. Latent prints are often fragmentary and may require chemical methods, powder, or alternative light sources in order to be visualised.

[17] COM(2008) XXX.

[18] OJ C […], […], p. […].

[19] OJ L 316, 15.12.2000, p. 1.

[20] OJ L 62, 5.3.2002, p. 1.

[21] COM(2005) 597 final of 24 November 2005

[22] OJ L 210, 6.8.2008, p. 1.

[23] COM(2008)XXX.

[24] OJ L 281, 23.11.1995, p. 31.

[25] OJ L 8, 12.1.2001, p. 1.

[26] OJ L 12, 17.1.2004, p. 47.

[27] OJ L 210, 6.8.2008, p. 1.

[28] The present legislative financial statement only deals with the costs foreseen to occur with respect to the changes introduced by the present amendment, hence it does not deal with the costs of regular management of EURODAC.

[29] Differentiated appropriations

[30] Expenditure that does not fall under Chapter xx 01 of the Title xx concerned.

[31] Expenditure within article xx 01 04 of Title xx.

[32] Expenditure within chapter xx 01 other than articles xx 01 04 or xx 01 05.

[33] See points 19 and 24 of the Interinstitutional agreement.

[34] Additional columns should be added if necessary i.e. if the duration of the action exceeds 6 years

[35] As described under Section 5.3.

[36] Cost of which is NOT covered by the reference amount.

[37] Cost of which is NOT covered by the reference amount.

[38] Cost of which is included within the reference amount.

[39] Reference should be made to the specific legislative financial statement for the Executive Agency(ies) concerned.

[40] Specify the type of committee and the group to which it belongs.