EUROPEAN COMMISSION

Brussels,16.5.2018

SWD(2018) 195 final

COMMISSION STAFF WORKING DOCUMENT

IMPACT ASSESSMENT

Accompanying the document

Proposal for a Regulation of the European Parliament and of the Council

amending Regulation (EC) No 767/2008, Regulation (EC) No 810/2009, Regulation (EU) 2017/2226, Regulation (EU) 2016/399, Regulation XX/2018 [Interoperability Regulation], and Decision 2004/512/EC and repealing Council Decision 2008/633/JHA

{COM(2018) 302 final}

{SWD(2018) 196 final}

Table of contents

1.Introduction: Political and legal context

1.1.Visa Information System and the security of the Schengen area

1.2.Closing the information gap on long-stay visas and residence documents

1.3.The VIS setup

1.4.VIS REFIT Evaluation

1.5.Consequences for the VIS

2.Problem definition

2.1.What are the problems?

2.2.What are the problem drivers?

2.3.How will the problem evolve?

3.Why should the EU act?

3.1.Legal basis

3.2.Subsidiarity: Necessity of EU action

3.3.Subsidiarity: Added value of EU action

4.Objectives: What is to be achieved?

4.1.General objectives of the revised VIS proposal

4.2.Specific objectives

5.What are the available policy options?

5.1.What is the baseline from which options are assessed?

5.2.Description of the policy options

5.3.Options discarded at an early stage

6.What are the impacts of the policy options?

6.1.Assessment of policy options

7.How do the options compare?

7.1.Copy of the travel document

7.2.Fingerprinting of minors

7.3.Long-stay visas and residence documents

7.4.Migration and security checks

8.Preferred options

8.1.Copy of the travel document

8.2.Fingerprinting of minors

8.3.Long-stay visas and residence documents

8.4.Migration and security

8.5.REFIT (simplification and improved efficiency)

9.How will actual impacts be monitored and evaluated?

ANNEX 1: Procedural information

ANNEX 2: Stakeholder consultation

ANNEX 3: Who is affected and how?

Annex 4: REFIT

Annex 5: Methodology

Annex 6: Monitoring and Evaluation

Annex 7: Executive Summary of the Study on Storing a Scanned Copy of the Visa Applicants' Travel Document in the Visa Information System (VIS)

Annex 8: Executive Summary of the Study on Feasibility and Implications of Lowering the Fingerprinting age for Children

1.Analysis of the problems102

2.Objectives102

3.Policy options102

4.Assessment of impacts103

Annex 9: Executive Summary of the Legal Analysis on the Necessity and Proportionality of Extending the Scope of the Visa Information System (VIS) to Include Data on Long Stay Visas and Residence Documents107

1.Context of the study107

2.What is the problem?109

3.What are the objectives of the initiative?112

4.Why an EU action?112

5.What are the options to address the problem?113

5.Findings and conclusions of the study114

6.The way forward/what are the next steps118

Annex 10: Considerations on the Use of Biometric Data (topic 3)119

Annex 11: Available policy options overview (preferred option in bold)121

Glossary

1.Introduction: Political and legal context

1.1.Visa Information System and the security of the Schengen area

The abolition of checks at internal borders of the states forming part of the Schengen area is one of the most valued achievements of EU integration. To uphold this achievement and as a response to the increase of irregular migration to the EU and the threat to internal security, in recent years EU information systems for border management and security have been considerably strengthened, new ones are being developed, and the interoperability between them has been established 1 with the aim of creating a framework for fast, seamless and systematic communication to face these challenges.

The common visa policy for short-stay visas is one of the Schengen area's "flanking measures" (together with the harmonisation of the external border controls, enhanced cross-border police cooperation, and the creation of the Schengen Information System (SIS)) accompanying the establishment of a common area without checks at internal borders. The common visa policy encompasses a set of harmonised rules 2 , allowing the Member States 3 to mutually recognise short-stay visas issued.

As stated in the Commission Communication on the Delivery of the European Agenda on Migration 4 , the EU's common visa policy is not only an essential element to facilitate tourism and business, but also a key tool to prevent security risks and risks of irregular migration to the EU.

Around 18 million applications for short stays are lodged with the Member States every year by nationals of the over 100 countries around the world under visa obligation, and more than 90% of them are issued a visa. In an area without internal border controls, the risk of irregular migration and the risk to security and public order of one Member State have an impact on the other Member States. This is why the decision to issue a visa is a decision taken by national authorities, who should take into account not only their own interests but that of all Member States. The VIS was established in 2004, following several calls by the Council to have a common system to store visa data and it is operational since 2011. By January 2018, data on more than 52 million visa applications, with 52.27 million facial-images and nearly 50 million fingerprint sets had been entered in the VIS. 5

In line with the April 2016 Communication on Stronger and Smarter Information Systems for Borders and Security, the Commission proposed additional information systems in the area of border management. The Entry/Exit System (EES) Regulation 6 will register entry, exit and refusal of entry information of third country nationals crossing the external borders of the Schengen area, thus identifying overstayers. The EES Regulation also amends the VIS Regulation and stipulates rules on interoperability between EES and VIS, establishing a direct communication channel between the two systems for the use of border and visa authorities. This will allow border authorities to verify the validity of the visa and the identity of a visa holder directly against the VIS at the external borders. Consular authorities will be able to consult the EES file of an applicant to verify the use made of previous visas.

The Commission also presented a proposal for a European Travel Information and Authorisation System (ETIAS) 7 aiming at a more efficient management of the EU’s external borders, and improved internal security by introducing advance checks on all visa-free travellers before their arrival at the external borders.

In December 2017, the Commission presented a proposal to ensure interoperability between EU information systems for security, border and migration management 8 . The proposal also seek to facilitate and streamline access by law enforcement authorities to non-law enforcement information systems at EU level including the VIS, where necessary for the prevention, investigation, detection or prosecution of serious crime and terrorism. However, ensuring various information systems are interoperable is only the first step. In order to make use of interoperability, concrete measures need to be taken to make interoperable IT systems work together.

In addition to these legislative developments, in September 2017, the Commission Communication on the Delivery of the European Agenda on Migration 9 acknowledged the need to further adapt the common visa policy to current challenges, taking into account new IT solutions and balancing the benefits of facilitated visa and visa-free travel with improved migration, security and border management, and making full use of interoperability. In this context, the Commission presented a Communication on adapting the common visa policy to new challenges on 14 March 2018, 10 in parallel with a proposal to amend the Visa Code. 11 The proposal to amend the Visa Code aims to simplify and strengthen the visa application procedure, to make it easier for tourists and business travellers to come to Europe with a visa while strengthening the prevention of security and irregular migration risks, most notably by linking visa policy with the return policy. The VIS fits into this context as the electronic processing tool supporting the visa procedure. The March Communication also announced the work towards enhancing security by revising the VIS and making full use of interoperability. It furthermore announced the three main modalities in which enhanced security would be achieved: 1. by enhancing checks in visa processing using interoperability; 2. by closing remaining information gaps for borders and security through the inclusion of long-stay visas and residence documents in the VIS and 3. by addressing remaining information gaps in short-stay visa processing, in respect of fingerprinting age of applicants and keeping copies of travel documents.

1.2.Closing the information gap on long-stay visas and residence documents

The Commission's April 2016 Communication on Stronger and Smarter Information Systems for Borders and Security 12  identified a need to address information gaps in the EU's architecture of data management, including on third country nationals holding a long-term visa. This Communication also signalled a shift from the principle of disconnected databases towards their inter-operability in full compliance with fundamental rights. On the other hand, the EU has also strengthened its data protection rules by adopting the General Data Protection Regulation and the Data Protection Directive for the police and criminal justice sector in 2016 13 . The new rules are based on principles of data protection by default and by design (privacy and data protection as key considerations from the earliest stages of development of any system).

On 10 June 2016, the Justice and Home Affairs (JHA) Council endorsed a roadmap to enhance information exchange and information management 14 . One of the objectives was to address the existing information gap in the documents issued to third-country nationals. The Roadmap concluded that the fragmentation of information through different Member States and systems is inefficient and could lead to errors when assessing a third-country national’s situation and makes the border-crossing procedure more difficult.

The Final Report of the High-Level Expert Group on Information Systems and Interoperability (HLEG) 15 of May 2017 further described the existence of the information gap at EU level and recommended the Commission to undertake, as a matter of priority, a feasibility study on the establishment of a central EU repository containing information on the documents which allow a TCN to stay for a longer period than the 90 days within any 180 days allowed by the short-stay visa in a given Member State and whose issuance falls under national competence.

In its Conclusions of 9 June 2017 on the way forward to improve information exchange and ensure the interoperability of EU information systems 16 , the Council acknowledged that new measures might be needed in order to fill the current information gaps for border management and law enforcement, such as in relation to border crossings by holders of long-stay visas, residence cards and residence permits. The Council invited the Commission to undertake a feasibility study as a matter of priority for the establishment of a central EU repository containing information on long-stay visas, residence cards and residence permits, as recommended in the Final Report of the HLEG.

The Report on the VIS Evaluation adopted in 2016 17 already included a recommendation for further development of the VIS to include these documents.

In response, the Commission undertook a study to assess the need for a centralised EU repository containing information on long-stay visas, residence permits and residence cards, including its necessity, technical feasibility and proportionality. It analysed whether including long-stay visas and residence documents in a central database was technically feasible and desirable, compared to the creation of a new database to store data on these documents. The study concluded that re-using the VIS structure to include these documents would be the most feasible option in terms of IT security, ease of implementation and cost-effectiveness. 18 The study also concluded on the need to further analyse the necessity and proportionality of such a measure, which is done in this impact assessment.

1.3.The VIS setup

A comprehensive legal framework was adopted to establish the Visa Information System (VIS) as a large-scale IT-system for exchanging short-stay visa data between Member States 19 . The VIS was created for the purpose of processing data on short-stay visa applications. The purpose, functionalities and responsibilities accompanying the VIS are specified in the VIS Regulation and in a number of implementing acts 20 . The overall objectives of the VIS are to improve the implementation of the common visa policy, consular cooperation and consultation between central visa authorities by facilitating the exchange of data between Member States on applications and on the decisions relating thereto, in order to:

·Facilitate the visa application procedure;

·Prevent ‘visa shopping’;

·Facilitate the fight against identity fraud;

·Facilitate checks at external border crossing points and within the Member States’ territory;

·Assist in the identification of any person who may not, or may no longer, fulfil the conditions for entry to, stay or residence on the territory of the Member States;

·Facilitate the application of the Dublin Regulation 21 ;

·Contribute to the prevention of threats to the internal security of any of the Member States.

The variety of the purposes requires that the VIS is used by different authorities (migration, law enforcement, and border control authorities) in full respect of access safeguards. The VIS allows to verify that the person presenting a visa is indeed its rightful holder, and that the visa is valid. Furthermore, by using VIS checks and issuance of visas are made easier and abuses can be better detected. In addition, asylum authorities can consult the VIS to determine the Member State responsible for the asylum procedures and migration authorities can use it to identify unambiguously third country nationals subject to a return procedure. Finally, law enforcement authorities (national and Europol) may consult the VIS when there are suspicions of terrorism or serious criminal offences (see Figure 1 below for VIS process and access). 22

The VIS central system was developed by the Commission and handed over to eu-LISA 23 in December 2012. It was gradually rolled out in all Member States' consulates around the world between October 2011 and February 2016.

As one of the centralised EU information systems for security, border and migration management, the VIS is an integral part of the Commission's new approach to the management of data for borders and security 24 that seeks to ensure that border guards, law enforcement officers, immigration officials and judicial authorities have the necessary information at their disposal to better protect the external borders and enhance internal security for the benefit of all citizens. To achieve that, there is a need to maximise the benefits of existing information systems including the VIS, to develop the system to address information gaps including on long-stay visas, residence permits and residence cards, and improve the interoperability of EU information systems, in line with the April 2016 Communication on stronger and smarter information systems for borders and security 25 and the call by the European Council of 23 June 2017 to improve the interoperability between databases. 26

Figure 1: VIS process and access: current situation 

1.4.VIS REFIT Evaluation

As required by the VIS legal basis 27 and as part of the Commission’s REFIT programme, in 2015, the Commission launched an evaluation of the system. The results of the evaluation and the ensuing recommendations to improve the functioning of the system were transmitted to the European Parliament and the Council on 14 October 2016. 28

Overall, the VIS evaluation showed that the system is effective in meeting its objectives, in particular as regards simplifying and facilitating the visa application process, reducing the administrative burden of national administrations, helping to fight fraud, facilitating at external border crossing and within the territory of the Member States and identifying third country nationals for migration or return purposes or examining asylum applications.

The evaluation also demonstrated a need to further develop the VIS in order to better respond to new challenges in visa, border and security policies, including by seeking to establish interconnectivity with existing and upcoming IT systems and exploring ways to have information on national long-stay visas, including biometrics, registered in the VIS. It also showed the need for improvements in particular in relation to the monitoring of data quality and the production of statistics.

As regards the protection of personal data processed in the VIS, the evaluation found that the VIS has a very good track record: inspections on the spot by the European data Protection Supervisor 29 to monitor the lawfulness of the processing of personal data and security audits of the VIS central system have not led to identify any data protection concern. After five years of being in charge of the operation of VIS, eu-LISA has not received any complaint related to data protection in VIS. VIS has been subject to two auditing inspections by the EDPS – in 2012 and 2015. Furthermore, regular meetings (twice a year) of VIS Supervisory Coordination Group are held, where national data protection authorities and the Commission are gathered to discuss data protection issues arising from the activity of the VIS, providing a forum to raise any data protection concerns.

1.5.Consequences for the VIS

The migratory and security challenges faced by the EU in the recent years together with the update of EU information systems for border management and security and the development of new ones require the update of the VIS. A number of changes to be introduced in the VIS stem directly from the 2016 evaluation. Most of them are of a technical nature and serve to further align the system with the new legislative proposals in this area, while not presenting a significant economic, social or fundamental rights impact. Therefore a detailed assessment of the impact of these technical improvements is not needed. These changes mainly concern: 1) improvement of data quality; 2) integrating the VISMail functionality into the VIS; 3) centralising the consultation and representation functions; 4) support for facial image recognition or with latent fingerprints and 5) set up of a reporting and statistics engine based on VIS data. The study on all envisaged technical impacts resulting from the VIS evaluation was carried out by eu-LISA between October 2016 and July 2017 and its input was factored into this impact assessment to the extent relevant.

However, several issues identified in that evaluation report require not only a technical analysis, but also a further analysis of relevant impacts. There are four such key issues:

1.the experienced difficulties to complete procedures to return irregular migrants to their countries of origin in case travel documents are missing;

2.the risks of irregular migration and visa fraud, including in particular for reasons of trafficking in human beings and other abuse involving children 30 under 12 years old when applying for a visa;

3.the difficulties regarding the verification of long stay visas and residence documents and their holders, by border or migration authorities;

4.the information gap on checks for irregular migration and security risks when processing visa applications.

In order to analyse them two studies were contracted. The first one addressed aspects 1 and 2 and the second one aspect 3. In addition, it also seems necessary to update the VIS to take into account the evolution that took place after the 2016 evaluation regarding EU information systems for border management and security. Therefore, in striving to align the initiative with the recently adopted (EES), proposed (recast Eurodac proposal, ETIAS, interoperability) or envisaged Commission proposals (ECRIS-TCN 31 ), a possibility to enable automatic consultation of the other existing databases in the area of security and borders for visa processing was raised, which is further analysed as problem 4. The analysis builds upon the findings of ETIAS feasibility study, therefore no new studies were contracted.

2.Problem definition

2.1.What are the problems?

2.1.1.Lack of travel document as evidence in return proceedings

Currently Member States have different national practices regarding the storing the travel document presented when applying for a short-stay visa. Many of them require applicants to submit hard copies of the bio data page (as a minimum) of the document, which are then archived for an average period of 1-3 years in the consulates’ archives. However, national authorities have no information regarding the existence of those copies kept by other Member States and there are no EU-wide rules regulating their exchange. In the absence of a valid travel document (or copy thereof), return proceedings for TCNs irregularly found on EU territory and who entered the EU using a visa are slow and often unsuccessful.

The common EU rules governing return proceedings are stipulated in the Return Directive 32 , which contains clear, transparent and common rules for the return and removal of the irregularly staying migrants, while fully respecting the human rights and fundamental freedoms of the persons concerned.

In the wake of the migration crisis of 2015, the numbers of irregular migrants in the EU expected to return to their home country has grown considerably. In the six-year period of 2011-2016, 2 891 260 persons were ordered to leave, out of which 1 118 385 were returned to third countries. This means that 1 772 875 persons were not returned, out of which 600 925 in 2015-2016 alone. It can be assumed that the majority of these persons remain in the territory of the EU Member States. 33  Irregular migrants staying in the territory of the Member States and waiting for return to their home country cause high costs for Member States in terms of housing, food, medical expenses and related expenses, as well as administrative costs, hampering in addition fast and effective procedures for legal migration and asylum seekers. The failure to efficiently return migrants to their home country is also an incentive for further irregular migration. The dangers along the road to Europe are often disregarded by irregular migrants because they know that the risk of being returned once in Europe is relatively low. The proposal to amend the Visa Code has also pursued options on how to better link visa policy and return.

Among third country nationals (TCN) to be returned, there is a number of TCN who overstayed their visa and became subject to return procedures. The total number of detected overstayers at EU-level is estimated at around 294 000 cases across the EU, on average. 34

Visa overstayers who no longer possess a travel document

Based on the data provided by the Member States, it is estimated that roughly 10 to 20% of all visa overstayer return cases involve TCN visa holders who no longer possess, or fail to produce their travel document on request. This amounts to an estimated 26 445 – 52 891 cases of missing travel documents (as of December 2017).

Stakeholder testimony 35 further suggests that a significant number of return decisions are not executed due the authorities’ inability to obtain satisfactory evidence proving the nationality of the third country national in question. If it is estimated that between 60% to 75% of such return cases are not implemented on these grounds. This amounts to an estimated 15 867 to 39 668 returns of visa overstayers that could not be executed, which represents a high administrative burden for Member States. 36

The 2016 VIS evaluation revealed that 8 out of 26 Member States had never even accessed the VIS for the purpose of identifying TCN for return. Furthermore, 3 out of the 19 responding Member States declared that they communicated VIS data to non-EU countries or international organisations for the purpose of return. It has to be noted that non-EU countries usually do not accept information extracted from VIS as prima facie evidence of nationality for return purposes. Recent trends 37 showed an increased use of the VIS as an instrument which provides a proof of identity necessary in a return procedure. However, there is currently no mechanism in place to mutually inform and to exchange travel document copies of TCN between Member States, when needed to complete a return procedure in cases where the Member State which has to execute the return is different from the Member State which issued the visa. The absence of such a mechanism means that Member States have both practical and legal difficulties when exchanging travel document copies to this end.

Figure 2: Problem tree: storing a copy of the travel document in the VIS

Difficulties faced by Member States to acquire a copy of the travel document from the diplomatic/consular representations of the issuing countries places a high burden on them as they have to devote considerable time and resources to confirm the identity and nationality of a TCN. 38 Not having a copy of the travel document means that it is disproportionately difficult to carry out the return of TCNs issued return decisions in practice. In this way, lack of travel document copies in VIS undermines the smooth functioning of the EU return policy and, due to its role to prevent and respond to the risk of irregular migration, indirectly also on the visa policy.

2.1.2.Lack of fingerprinting data allowing to identify minors

Current EU legislation on the visa application procedure for short-stay visas exempts children under the age of 12 from providing fingerprints. This was mainly due to technical limitations regarding fingerprinting children available at the time the provisions were set in law. 39 However, the legislator requested the Commission in Article 57(4) of the Visa Code to address in the future the issue of sufficient reliability for identification and verification purposes of fingerprints of children under the age of 12. Without fingerprints it is more difficult to unambiguously verify the identity of a child holding a visa at the border or within the Schengen territory. This phenomenon is exponentially amplified by the fact that a Schengen visa can go up to 5 years validity, which means that a child who applied with 12 years old can obtain a multiple entry visa with validity until the age of 17. On average, children under 12 make up 10 to 15 % of visa applicants 40 , meaning that between 1.4 and 2.1 million new visas are granted to children under 12 each year. Out of this category, it is estimated that between 0.7 and 1.05 million are children younger than 6 years.

On the other hand, based on available data 41 , it is estimated that on a yearly basis there could be between 1 500 and 2 000 TCN children <12 victim of trafficking in the Schengen area. Although there is no precise information possible on how many of these child trafficking victims have travelled with a visa to the Schengen area or come from countries subject to the visa obligation (but have tried and failed to obtain such a visa), extrapolations can be made on the basis of information available regarding the main countries of origin 42 of the trafficked children according to which it is likely that around 25 % of them went through the visa process (375-500 children on a yearly basis 43 ). Furthermore, a multiplying factor should be taken into account, given that with a MEV valid for up to 5 years, the real scope of the problem is extended potentially to children up to 17 years old. For this age group figures on children victims of trafficking climb up to 3200-4250 44 on a yearly basis. Taking all these factors into considerations, it can be estimated that between 820-1000 trafficked children arrive with a visa which was taken without fingerprints each year.

The Commission Report on the progress made in the fight against trafficking in human underlined that traffickers exploit loopholes in enforcement or control and that tools, such as the VIS can assist in identifying victims of trafficking in human beings and detecting traffickers. “When a person regularly requests a new visa or has been issued with a multiple-entry visa and is travelling repeatedly with different 'other' persons (for example other children), there could be a suspicion of trafficking. The biometric data in the VIS makes it furthermore impossible for multiple persons (looking alike) to travel on the same visa or passport.”  45

Due to the lack of fingerprints for TCN children under 12, VIS benefits to prevent visa fraud and facilitate checks at external borders and within the territory of the Member States or asylum examination do not extend to all children. This is a loophole which can be used by fraudsters and traffickers and does not contribute to ensure the protection of TCN (<12 years of age at the time of applying for a visa) children at risk of abuse, either from trafficking with the help of a visa, or in case they are found in Schengen territory in a situation where their rights may be or have been violated (through trafficking, missing children, unaccompanied minors applying for asylum).

2.1.3.Lack of sufficient information on long-stay visas and residence documents

The issuance of long stay visas and residence documents is not fully harmonised at EU level, since only for certain categories of third-country nationals admission conditions and procedures are regulated under EU law. 49 Such authorisations give the right to the holder to stay and move freely within the entire Schengen territory for 90 days in any 180-day period 50 , provided they fulfil the entry conditions set out in the Schengen Border Code. Residence documents include residence permits 51 – issued to third country nationals for stays longer than 90 days in 180 days for reasons varying from study, research, work, to family reunification by third country nationals, and residence cards 52 – issued to third country nationals who are family members of mobile EU citizens (i.e. those who have exercised the right to free movement).

Currently, only TCN who applied for short-stay visas are in the VIS, as it is a centralised mechanism at EU level containing short-stay visa applications and visas issued. Long-stay visas, residence permits are residence cards are not contained in any EU system.

The lack of a centralised mechanism at EU level enabling Member States to exchange information on these documents and their applicants or holders result in a two-fold problem:

1.authorities at borders others than of the Member State who issued a document have difficulties to effectively and efficiently verify the authenticity of these documents in connection with their rightful owner, or to fully ascertain the identity of the person holding them. Identity and document fraud are the major risks in this respect (as elaborated further down).

2.Member States do not have access to nor can exchange, in an effective and efficient manner, information enabling them to properly check whether the person is not a threat to the security of the Member States before or when the person reaches the external border (see further below).

Figure 3: Information gap on a category of third-country nationals

From a border-control point of view and for checks carried out within the territory of the Member States, it is crucial to be able to ascertain the authenticity and validity of the documents and the legitimate relation with the holder. Currently, this is done, for the documents provided with security features, by verifying these elements. Of the three types of documents (long-stay visas, residence permits, residence cards), only some residence permits and residence cards issued in a residence permit format have a chip 53 , which allows electronic verification and the possibility to verify the bearer identity 54 . Frontex observes that both the quantity and quality of fraudulent residence documents (2546 detections in 2017 on both permits and cards) circulating in the EU have increased in recent years.

Moreover, an unsuccessful document authentication procedure based exclusively on verifying the security features of the document does not automatically establish a fraud case, and because it implies further second line checks, does not help to carry out a smooth and fast border check procedure.

In addition, while many residence permits and long-stay visas formats are harmonised, and for the residence cards measures to harmonise and secure them are under way 55 , this is not yet the case for all these documents. Thus, the visual inspection of the document’s security features is made difficult by the different formats and – for some documents – the rarity with which they appear at certain border-crossing points, in addition to the heterogeneous use of security features.

The border guards have different tools to gather information to assess the validity of a document, some automated (SIS and SLTD for lost, stolen, misappropriated and invalidated documents), others to be used at second-line border checks (like the FADO 56 for images of authentic and forged documents). However, the information provided by these systems is very limited and the objective of border checks cannot be achieved on this basis in an efficient and effective manner. The SIS (which is the only EU centralised databased used at borders) does not provide information on previous fraud attempt(s) by an applicant and cannot provide information on documents that have not been reported as stolen or lost, it does it include information on withdrawn documents, nor any information on long stay visas.

In case of a doubt concerning the document or its holder, border guards have to rely on bilateral contacts with the issuing Member States, via communication channels like SIRENE 57 , the Police and Customs Cooperation Centres National Contact Centre (NCC), phone, emails or fax 58 , which is limited by inherent constraints like language barriers and waiting times for the traveller, 59 who sometimes runs the risk of being wrongly denied entry or passage.

Moreover, the issuance of a residence document constitutes the enactment of a right established under legal migration or freedom of movement legislation to enter and stay on the territory of the Member States. The document is thus also a material proof that the right exists, but it is not to be confused with the right A person may lose the document or the document may expire (as it is the case with the validity of a residence card), but this is not equivalent to the holder losing the right enacted by that document. However, in case of expiry, loss or theft, the person cannot prove its right to enter, stay or move freely within the territory of the Member States, and currently existing systems to be checked at borders and within the territory cannot provide evidence to support the person ascertain its rights in such cases.

Ultimately, this situation leads to inefficient border-crossing procedures, which are not in the spirit of freedom of movement of bona fide TCN who have a right to enter and reside in the territory of a Member State (Article 21 of TFEU and Directive 2004/38). Consulted Member States 60 complained about these procedures as being time-consuming and inefficient. For the large majority (80%) the lack of shared information on these documents was a hurdle to their day-to day activities and as such creates administrative burden.

The absolute majority of respondents to the open public consultation also perceive the identified information gap as leading to problems in the management of external borders and irregular migration within the EU 61 . The lack of centralised storage of data on these documents renders them more likely to be tampered with, thus more susceptible to being misused. In order to be able to assess whether the person could pose a threat to the security of the Member States or whether he or she could be an identity fraudster, it is important to have access to relevant information on the previous applications made by that person and which were rejected by other Member States on grounds of national security or because of established fraudulent claims (of identity or documents). When a TCN applies for a short stay visa, a full picture of the history of movements, enabling to assess security and migration risks, including fraud, is possible by connecting information from either VIS or (in the future) ETIAS with EES, ETIAS, Eurodac and VIS. However, there is no similar possibility if the same TCN applies for a long stay document, as this information is not connected with any central system. Information is not flowing either from the short stay history of a person into a long stay assessment, nor vice versa. Apart from checking national systems, the only EU-level exchange of information migration authorities have at their disposal is the SIS for alerts on entry bans. There is no tool to share information on applications and reasons for refusal for long stay applicants, which might lead to identity fraud or security risks. This also affects negatively the efficiency of checks against the integrated IT systems for borders, i.e. checks against the border and security systems using interoperability is not possible if the information on the document is not present in at least one of these systems.

Criminals are taking advantage of this loophole in the information exchange between Member States. Consultations with Europol and national law enforcement authorities revealed that due to the lack of information sharing between Member States on long stay documents, combined with the lack of checks between the various centralised systems, the exact size of the security risk posed by TCN holders of long stay visas or residence documents is difficult to measure. However, individual national authorities provided information 62 on cases involving serious criminality by TCN going through various legal migration/asylum/residence statuses in the territories of Member States, which indicate that the phenomenon is real and raises serious concerns 63 .

In addition to the two main problems identified above, this information gap 65 and the persisting fraud problem that comes with it can create spill over effects in the form of blind spots in the border-management security framework, thus ultimately creating increased risks for internal security and irregular migration. According to Frontex’s 2017 Annual Risk Analysis 66 , smugglers frequently provide migrants with fraudulent travel and identity documents. Fraud is used by organised crime as a means for a series of related serious offences, notably for terrorism, trafficking in human beings, migrant smuggling or drug 67 and firearm trafficking 68 . Smugglers are supported by criminal networks with access to expert counterfeiters who, financed by the strong demand, have set up print shops.

Figure 4: Problem tree – long stay documents

Finally, this gap also entails costs for the society as people obtaining residency through fraudulent means make wrongful use of social security benefits or gain unjustified access to the labour market.

2.1.4.Lack of sufficient checks on migration and security risks when processing visa applications

Currently the visa procedure is not taking into account the possibilities offered by available large-scale IT systems nor interoperability between them. For instance, when assessing a visa application, SIS is checked as part of the risk assessment for irregular migration pursuant to the Visa Code. However, only the checks against alerts for the purpose of refusing entry are currently done because this is an automatic ground for refusal under the Visa Code. In practice, Member States' implementation of SIS and other national databases checks depend on the technical availability and national arrangements in any case, varying from direct access to SIS in consulates to consultations of national police authorities, who themselves carry out a number of checks for migration or security risks purposes, including larger checks against SIS categories, as well as SLTD, TDAWN, as well as a number of national migration and security databases. However this remains in all cases a manual non-automated operation.

This leads to different checks carried out by each Member State, which creates an uneven playing field for visa applicants who are subject to more or less stringent checks, depending on each Member State and consequently could lead to undetected security risks and granting a right to enter the territory to (see case on page 21 also relevant for this problem).

This problem is worsened by the fact that in some third countries e.g. West Balkan, Caucasus countries but also in some EU countries the legal change of personal data, either family or first names, is rather easy and cheap administrative procedure. International criminals convicted or wanted for arrest in EU can change their names and get new identities. It is therefore cheaper for them to legally change identity than to use alias identities and forged documents. They can obtain genuine biometric travel documents, which do not yield any hit against previously known identities for irregular migration or criminal acts carried out with alpha-numeric data only.

Furthermore, this situation does not ensure the same minimum level of checks against large-scale databases in the field of border and security to which visa free TCNs – who in principle pose lower risks in terms of security or irregular migration – will be submitted through ETIAS 69 , nor those to which EU nationals are currently subject when crossing an external border 70 , both at entry and exit.

Moreover, the current system of checks during the visa examination is no longer adequate for the new layered border management strategy comprising a number of large-scale IT systems, as illustrated in Figure 5, which depicts the role that different IT systems currently have for visa-required (VIS) and visa-exempt travellers (ETIAS), in combination with the upcoming EES, as part of EU integrated border management.

Not having the possibility of direct, seamless and efficient checks of other databases adds to the burden of visa application processing, making it more cumbersome. In this way it is hampering the functioning of the common visa policy.

Figure 5: Place of VIS in the EU layered border management strategy

2.2.What are the problem drivers?

2.2.1.Lack of travel document as evidence in return proceedings

Two main drivers were identified in the course of the study.

·Driver 1: The absence of a legal framework allowing Member States to exchange/transfer information on travel documents of TCN subject to return.

Currently, EU legislation – including in the areas of visa policy and migration – does not provide for the storage of digital copies (i.e. scanned pages) of the visa applicants’ travel document in a centralised European system, nor for making them available to other Member States. Member States may, however, establish such an obligation in their national legislation. 71 In practice, many Member States systematically require applicants to submit such copies of the bio data page (as a minimum), which are stored in paper or digital format by the individual Member States (i.e. there is no central storage of travel documents associated to the visa).

·Driver 2: Insufficient (or non-existent) and/or slow cooperation of third countries in return procedures in the absence of a (copy of) the travel document.

The consensus view among consulted stakeholders is that the degree to which third countries cooperate in this field is critically dependent on the quality of relations between the third country and the returning Member State, or the EU more broadly. Bilateral return agreements between Member States and countries of origin and EU readmission agreements (EURAs) are one of the tools that can be used to ensure cooperation with countries of origin for the effective and smooth implementation of return decisions. However, even in the context of EURAs and bilateral readmission agreements, Member States face practical challenges to their implementation in the absence of valid travel documents which can prove the nationality of the person to be returned. 72 In particular, Member States have reported that third countries often do not issue travel documents to enable the readmission / return, do not reply within deadlines or they require different levels of evidence to confirm a person without travel documents as their national. 73

2.2.2.Lack of fingerprinting data allowing to identify minors

The lack of a legal basis allowing to collect fingerprints from children under 12 and check with these data was identified as the main driver behind this problem. Competent authorities are having difficulty to identify or verify the identity of some of the third country nationals below 17 who enter or try to enter the EU territory using a short stay visa because the EU legal framework does not allow for collecting fingerprints for TCN visa applicants under 12.

The inclusion of biometric identifiers, comprising the facial image and ten fingerprints in the VIS is provided for in Article 13(2) of the Visa Code. However, children under 12 are exempt from this obligation to have their fingerprints taken. Therefore, competent authorities have difficulties to identify and/or verify the identity of third country nationals under the age of 17 (taking into account the possible 5-year validity of the visa) who enter or have tried to enter the EU using a visa. Current legislative framework does not correspond to the technological progress either – taking fingerprints of children under 12 was not technically feasible at the time of the adoption of the original VIS legal act, as will be demonstrated later when presenting the rationale for policy options.

2.2.3.Lack of sufficient information on long-stay visas and residence documents

The identified problem driver has to do with the lack of and fragmentation of the information on long-stay and residence documents.

Data on long-stay visas and residence documents are kept at national level. They allow border guards to check the information on a document presented against these systems and a match occurs when the document is valid and issued by the same Member State. However, border guards and migration authorities have no fast and systematic access to information on documents issued by another Member State. The available data is partial and scattered in different systems and tools (SIS, SLTD, FADO, bilateral contacts between Member States etc.) which leads to lengthy procedures to collect all the necessary data for the day-to-day activities of national authorities. Member States and the respondents to the public consultation 74 confirmed this: 86% agreed with the identified information gap that leads to problems in management of external borders and irregular migration within the EU.

2.2.4.Lack of sufficient checks on migration and security risks when processing visa applications

The problem stems from the changed security and migratory context, legislative developments, such as ETIAS and new technical feasibility stemming from interoperability. Furthermore, the outcome of the Schengen evaluation shows that Member States would welcome the security cross-check against other applications as a way of enhancing security. This also leads to difficulties when assessing irregular migration and security risk in the process of issuing short-term visas. It also leads to less stringent, less harmonised and less evidence-based assessment of these risks because of the impossibility to use automated database-searching.

2.3.How will the problem evolve?

2.3.1.Lack of travel document as evidence in return proceedings

Return of a TCN to the country of origin or to another country of transit requires an individual assessment of the person's situation and in particular an unequivocal establishment of his nationality. In the absence of solid proof such as a travel document, third country authorities are usually unwilling to confirm that a TCN subject to return is their national, which further hampers cooperation in return procedures. As regards TCN subject to a visa, their identity and nationality could currently be established on the basis of a biometric match against the VIS, which is however not an acceptable evidence for third countries. These two factors: no systematic obligation for storage and the unwillingness of third countries to accept VIS data instead of copy of travel document lead to the problem of difficult returns and accrued additional costs. This, in turn, leads to hampering of the return and indirectly of the common visa policy.

Based on forecast data on future trends in visa applications, it is estimated that, in the absence of further action at EU level, the proportion of visa overstayers in 2019 will increase to more than 350 000, between 30 000 to 60 000 of which will find themselves in return proceedings without valid travel documents. 75 It can be assumed that the political pressure to enforce return decisions will grow accordingly.

2.3.2.Lack of fingerprinting data allowing to identify minors 

In the continuous absence of fingerprinting from the visa application procedure and consequently of the means to verify the identity of a TCN child going up to the age of 17 years, the identified problems will continue and might even grow, as networks of irregular migration and trafficking could become increasingly aware of the existing gap and would try to exploit it.

As organised criminal networks are increasingly professionalising and modernising their modus operandi and there are no indications of a reversal in migration trends 76 , the number of children that are at risk of being trafficked will probably remain high or even increase. Under the assumption of the continuation of the current scenario, it is expected that the trafficking of TCN children (<17 and who therefore potentially entered with a visa obtained without fingerprints, thus making their subsequent identification nearly impossible) into the EU using genuine visas will remain high – or may even rise further due to the increasing number of applications and the involvement of organised criminal networks, which are becoming more professional. 77  

2.3.3.Lack of sufficient information on long-stay visas and residence documents

The risks for internal security and irregular migration created by the information gap regarding long stay visas and residence documents may increase with the existing and ongoing strengthening of border checks for other categories of travellers (e.g. ETIAS for short-stay visa-exempt travellers and EES for all short stay visitors, combined with the existing VIS for short-stay visa holders). This has an impact on overall security and safety of the Schengen Area, as well as the freedom of movement. These developments could motivate irregular travellers to look for other, less secure types of documents that would still allow them to enter the Schengen area and move across Member States. This phenomenon has already been observed with ID cards, whereby fraudsters target less secure EU ID cards for intra-Schengen movements 78  (fraud based on the ‘weakest link’ approach).

2.3.4.Lack of sufficient checks on migration and security risks when processing visa applications

If all the envisaged proposals are finally adopted and subsequently implemented (EES, ETIAS, interoperability proposal), it would lead to an asymmetric situation where automated checks would be mandatory for visa-free TCN in ETIAS against all EU information systems 79 and other databases 80 , whereas for visa required TCN – who are considered, in general, to pose a higher irregular migration or security risk, which is why they need a visa to enter the EU, there is no possibility of automated checks. This would have an impact on a better assessment of migration and security risks when deciding on an application, and would create a less favourable treatment for visa-free TCN in comparison with TCN under visa obligation, as well as lead to additional administrative burden for Member States when trying to overcome the lack of direct means to properly assess migration and security risks.

3.Why should the EU act?

3.1.Legal basis

The current legal basis of the VIS is provided in Article 77 (2) (a) and (b), Article 87(2)(a) and Article 88(2)(a). Similar to other recent proposals in the area of IT systems for security and borders, Article 16(2) could be added in the revised VIS Regulation, as a horizontal principle. Article 74, and Article 77(2)(c) and (d) of the Treaty on the Functioning of the European Union can be added to the legal basis for amending the VIS Regulation. Article 78(2), and Article 79(2) (c), and (d) correspond to ancillary objectives of the VIS and could also be added.

3.2.Subsidiarity: Necessity of EU action 81

The objectives of the revised VIS Regulation, to set up a common system and common procedures for the exchange of visa data between Member States, cannot be sufficiently achieved by the Member States and can therefore, by reason of the scale and impact of the action, be better achieved at EU level. The further improvement of these common procedures and rules on the exchange of data consequently requires EU action.

The problems elaborated in the previous sections are unlikely to disappear in the near future and they are directly related to the current provisions of the VIS. Amendments of the VIS legal framework and related legislation are only possible at EU level. By reason of the scale, effects and impact of the envisaged actions, the fundamental objectives can only be achieved efficiently and systematically at EU level. As regards in particular the copy of the travel document and fingerprinting of minors, the subsequent analysis of the option will further demonstrate how non-EU action cannot sufficiently address the problem, as they require a solution through a centralised storage and access to data that none of the MS taken individually can achieve. As regards in particular the problem of long-stay visas and residence documents, more than 90% of the Member States consulted considered necessary an EU legislative response to address the information gap. As regards migration and security checks, it relies by its nature on an immediate access to all other MS information, which can only be achieved through EU action.

The initiative will further develop and improve the rules in the VIS, which implies the highest degree of harmonised rules that cannot be solved by Member States acting alone and can only be addressed at EU level.

3.3.Subsidiarity: Added value of EU action 82

As described in the baseline scenario(s) below, the continued application of the current legal framework is not going to lead to resolving these problems.

Regarding taking fingerprints for visa applicants under 12, the Member States cannot unilaterally decide on changing the system because the VIS Regulation is already stipulating a number of rules.

National action is possible, and desirable, to try to obtain better cooperation of third countries on matters of return of irregular migrants. Nevertheless, it is unlikely that any such activities will achieve the same effect as making the travel document available in VIS for duly justified purposes.

Regarding long-stay visas and residence documents, it is unlikely that national action would address the problem; Member States could act on an individual basis, by strengthening their documents, their issuance process, document checks at border-crossing points or by reinforcing or systematising bilateral cooperation. However, this approach has inherent limitations, as will be explained further below.

Regarding automated checks of other databases, Member States are free to develop solutions to consult both their national, as well as EU and international databases. However, harmonising those rules at EU level seems preferable in order to enable Member States to apply the common Schengen rules in a coordinated way.

4.Objectives: What is to be achieved?

This section lists the general and specific objectives any initiative should have to address the above-mentioned problems faced by Member States and visa applicants.

4.1.General objectives of the revised VIS proposal

·Contribute to the implementation of the common visa policy;

·Facilitate the checks at EU external borders and the subsequent movement within the area without internal borders;

·Improve security within the EU and at its borders;

·Improve the management of the Schengen external border.

4.2.Specific objectives

The specific objectives are defined for each area for which problems and problem drivers were described.

4.2.1.For copy of the travel document 

·Contribute to improving the identification and return of third country nationals that do not, or no longer fulfil the conditions for entry to, or stay on the territory of the Member States in accordance with the Return Directive. 

·Improve the efficiency of the VIS for the purposes of facilitating return procedures.

Achieving these objectives would lead to lowering administrative burden for Member States – with positive impacts in terms of cost savings for Member States public authorities (in terms of housing, food, administration and related expenses), better acceptance of the EU migration policy by the European public and a deterrent effect on potential future irregular migrants, thus reinforcing EU common visa policy.

4.2.2.For fingerprinting of minors 

Two specific objectives are defined:

·Better achieving the VIS objectives in relation to the facilitation of the fight against fraud, facilitation of checks at external border crossing points and facilitation of the application of the Dublin II Regulation.

·Strengthen the prevention and fight against children's rights abuses, such as trafficking, in particular the identification/verification of identity of TCN children who are found in Schengen territory in a situation where their rights may be or have been violated (through trafficking).

4.2.3.For long-stay visas and residence documents

Figure 6: Schematic representation of the specific objectives

4.2.4.For migration and security checks

Making full use of interoperability, granting fast, seamless and systematic access to other IT systems in the area of migration, border management and security would contribute to lowering the burden for Member States and contributing to the objective of a more secure common visa policy by facilitating and improving the assessment of the risk of irregular migration and security in the visa procedure (while following the rules stipulated by the Visa Code).

5.What are the available policy options?

5.1.What is the baseline from which options are assessed?

General considerations concerning data protection aspects

Data protection is closely linked to respect for private and family life protected by Article 7 of the Charter. This is reflected by Article 1(2) of the General Data Protection Regulation 83 , which indicates that the EU protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data. It has also to be noted that the Court of Justice of the EU 84 has stated that the right to the protection of personal data is not an absolute right, but must be considered in relation to its function in society 85 .

The GDPR, and, where relevant, Directive (EU) 2016/68054 apply to the processing of personal data carried out for the purpose of processing the visa application by the Member States and by the EU institutions, bodies and agencies involved, respectively.

According to the Commission Communication of July 2010 on information management in the area of freedom, security and justice, data protection rules should be embedded in any new instruments relying on the use of information technology. This implies the inclusion of appropriate provisions limiting data processing to what is necessary for the specific purpose of that instrument and granting data access only to those entities that ‘need to know’. It also implies the choice of appropriate and limited data retention periods depending solely on the objectives of the instrument and the adoption of mechanisms ensuring an accurate risk management and effective protection of the rights of data subjects.

In this respect, the VIS revision is based on data protection by design and by default 86 . The importance of the concepts of data protection by design and by default 87 was repeatedly highlighted by the European Data Protection Supervisor regarding the e-Privacy reform 88 .

Safeguards are already part of the current VIS setup, namely:

-Data protection is embedded into the design and architecture of the existing VIS and apply to all new functionalities added to it.

-Specified purposes should be clear, limited and relevant to the circumstances (purpose specification); the collection of personal information is limited to that which is necessary for the specified purposes (collection limitation); the collection of personally identifiable information is kept to a strict minimum (data minimisation); the use, retention, and disclosure of personal information is limited to the relevant purposes (use, retention and disclosure limitation).

It is important to note that the safeguards currently present in VIS (baseline scenario) will also be part of the revised VIS, for any of the proposed options.

Each of the proposed measures will be assessed against the following three criteria:

(a) Whether they meet an objective of general interest;

(b) whether they are necessary;

(c) If so, whether they are proportional.

When assessing these criteria, a series of principles are taken into account under the terms of the GDPR, including respect of the data minimisation principle (Article 5(1)(c)), according to which access to personal data must be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed, data accuracy (Article 5(1)(d)) and purpose limitation (Article 5(1)(b)), according to which data is to be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.

For the purpose of understanding the ensuing data protection considerations, it is important to clarify the scope of current data processing in the VIS:

- the VIS processes and stores data from the application form, 89 which includes biographical information of the person;

- picture

- fingerprints

- decision of Member States on the application, i.e. visa issued, visa refused, visa revoked or annulled.

No information is stored on supporting documents (secure messaging system VISMail is used to exchange additional information, upon request).The VIS setup already includes a robust set of data protection safeguards, such as limited and strictly controlled access to the data (Article 6), limited retention period with clear deletion deadlines (Article 23), advanced data deletion in case the data subject has acquired the nationality of a Member State (Article 25), responsibility for the use of data (Article 29), rights to request amendments and deletion of data and obligations for the Member States to do so in case of unlawfully or erroneously processing (Articles 24 and 38), strict data security rules (Article 32), strict embargo on transfer to third countries (Article 31) – except for very limited situations in case of return (further explained in section 2.1.1), strict rules on the liability in case of misuse of data (Article 33), detailed rules on keeping of records (Article 34), self-monitoring by Member States (Article 35), cooperation between Member States to ensure the right to data protection of the applicants is upheld (Article 39), right to effective remedy in respect of the personal data (Article 40), as along with a supervisory framework, both by National Supervisory Authorities (Article 41) and by the European Data Protection Supervisor (Article 42).

5.1.1.Copy of the travel document 

The current divergent approaches taken by Member States regarding the collection and storage of copies of visa applicants’ travel documents during the visa application procedure and the possibility of making them available to other Member States will continue. This would lead to an increased backlog of TCN under return procedure, with increased administrative burden and costs for Member States. The TCN under return procedure will remain in limbo, often in administrative detention. The inefficiency of the return policy will lead more TCN staying irregularly in the territory of the Member States. .

5.1.2.Fingerprinting of minors 

Current VIS rules regarding taking fingerprints from children under 12 remain unchanged. Technological progress and available means are not taken into account, while the risk of children right's abuses, such as trafficking of children, remains insufficiently addressed, given the available possibilities. Relevant authorities would continue to have challenges both to identify or verify the identity of young children and to offer appropriate protection if case of suspected trafficking, and to use more effective means enabling to detect and fight against trafficking networks.

5.1.3.Long-stay visas and residence documents 

In the current situation Member States do not share information prior to or upon issuance of a long stay document. SIS is the only system required to be checked in respect of a TCN applying for a visa or residence document, but only as regards refusals of entry and stay (i.e. entry bans). However, no means are in place to check whether the holder of the document is not a threat to the security of the Member States other than the one that issued the visa or residence document.

Current inefficient border-crossing procedures will continue. In case of doubt on the document or the bearer (i.e. document unknown to the border guard due to the non-uniform format, expired document, document with non-functioning chip or simply a document holder who lost the document), there are no rapid and effective means at the border to verify the identity of the traveller. This has consequences on the waiting time for the traveller with negative consequences on the right to move freely of bona fide TCN who have a right to enter and reside in the territory of a Member State (Article 21 of TFEU and Directive 2004/38). Consulted Member States 90 complained about these procedures as being time-consuming and inefficient. For the large majority (80%) the lack of shared information on these documents was a hurdle to their day-to day activities and as such create administrative burden.

5.1.4.Migration and security checks

As regards the assessment of the irregular migration and security risks at the time of application, Member States will continue to rely on national checks and on existing bilateral exchange of information on a case-by-case basis. Member States would still have to check SIS (manually), as there would be no possibility of automated checks and, depending on their national rules, check their national or other international databases. A full assessment of the risks is not possible, which leads to both an uneven playing field for the applicant (i.e. conditions are more or less stringent, depending on the Member State of application) and security gaps are possible, depending on checks carried out by Member States.

5.2.Description of the policy options

5.2.1.Copy of the travel document

Policy options to address the problem of lack of travel documents for return should ensure that the Member States' need for a travel document to certify the identity and nationality of a TCN is covered in each individual case.

·Option 1.0 – Status quo – this situation corresponds to the baseline situation described above.

·Option 1.1 – Include a digital copy of the travel document in the central VIS (centralised)

Under this option, the digital copy of the visa applicants’ travel document would be systematically stored in the VIS system. The competent authorities for identification (and/or verification within the territory) and return – namely migration and return authorities – and which already have access to search the system using the fingerprints of the apprehended TCN, would be able to retrieve this copy, subject to strict access rules.

Article 2(e) of the VIS Regulation foresees that one of the objectives of VIS is ‘to assist in the identification of any person who may not, or may no longer, fulfil the conditions for entry to, stay or residence on the territory of the Member States.’ Article 31(2) enables the Member States to transfer or to make available a limited set of these data to a third country for the purpose of proving the identity of third-country nationals for the purpose of return. 91 Thus, although not explicitly defined in Article 2, when taken together, these provisions foresee that the VIS can be used to facilitate both the identification of the irregular migrant and the return itself. 92

·Option 1.2 – Include a digital copy of the travel document in national visa systems (decentralised)

Under this option the digital copy would be stored in the national visa systems (NS-VIS) of the Member States with which the application for a visa was lodged. When a VIS hit is obtained in respect of a TCN subject to return procedure, the MS responsible would submit a request to the MS that owns the data. In this scenario, a fast and secure channel of communication must exist between the Member States' authorities allowing them to send the request and receive the information. This channel could be ensured by the existing VISMail facility within the VIS.

In addition to the main options, two additional sub-options were defined regarding the scope of the data to be stored in VIS:

·Sub-option A – Storage of biographical page only

This sub-option will involve the incorporation of the standardised MRTD size 3 data page. 93  

·Sub-option B – Storage of all used pages of the applicant’s travel document 

Another approach would be to scan and store a digital copy of all used visa pages of the applicants’ travel document, i.e. those containing visa stamps and stickers. Blank pages and any other pages in the TD (i.e. annotations, the back-side of the biographic data page, the page adjacent to the data page) would not be stored in VIS.

The two sub-options can be applied to both Option 1.1 and Option 1.2 described above.

5.2.2.Fingerprinting of minors

Policy options to address this problem should ensure that children having obtained a Schengen visa before they were 12 years old have their verification of identity correctly made at the border or within the territory, or are correctly identified in case found victims of trafficking or other forms of abuse. The reason for taking fingerprints stems from the fact that misidentification is more likely when based exclusively on alphanumeric data. Adding fingerprints to the file reduces the likelihood of misidentification to virtually zero. By storing fingerprints in the VIS the system provides a secure link to the identity to the visa applicant through biometrics. This applies to adults as well as children. Consultations with stakeholders that technological developments, including on the collection and use of biometrics, could contribute and should be used to enhance the protection of children. A majority of the respondents also consider fingerprinting children applying for a short-stay visa necessary or useful to address or prevent trafficking or other forms of abuse 94 .

·Option 2.0 – Status quo – this situation corresponds to the baseline situation described above.

·Option 2.1 – Lowering the fingerprinting age to 6 years 95

Under this scenario, fingerprints will be taken from every visa applicant from 6 years of age and above, thereby effectively increasing the group of applicants by adding the age-group of 6 to 11 year-old.

This option is based on technological progress: in 2013 the European Commission’s Joint Research Centre (JRC) 96 carried out a study on the question whether or not automated fingerprint recognition for children is possible with recognition rates similar to those reached for adults. The JRC study concluded that fingerprint recognition of children aged between 6 and 12 years is achievable with a satisfactory level of accuracy under appropriate conditions. One such condition would be, for example, to ensure an appropriate level of training of operators to acquire high quality images.

·Option 2.2 – Lowering the fingerprinting age including all ages

Under this scenario, fingerprints would be taken from visa applicants of all ages thereby effectively increasing the group of applicants by adding the age-group of 0 to 11 year-old.

In the same JRC study evidence is presented from other studies that it is feasible to take reliable fingerprints of children even younger than 6, although this would have an impact on the reliability of the fingerprints and be more challenging in terms of technical and procedural requirements.

5.2.3.Long-stay visas and residence documents 

The policy options to address the identified problem should ensure that verifications of the irregular migration and security risks for a TCN applying for a long stay visa or residence document, verifying the entry conditions at external border, as well as any subsequent exchange of information on the person are done in an efficient and effective manner.

·Option 3.0 – Status quo – corresponds to the baseline situation described above

Non-legislative options:

·Option 3.1.a – Improve the exchange of bilateral information on a case-by-case basis

This would mean strengthening the ways MS currently exchange information in case of a doubt on long-stay or residence documents at a border check or during an application process. The main means of collaboration are via phone, fax, email and through existing networks; SIRENE, national liaison offices, Police and Customs Cooperation Centres (PCCC), National Contact Centre (NCC), etc.). However, this would overload already busy communication networks, like SIRENE, while not meeting the policy objectives. Since stakeholders described it as burdensome and inefficient, this option did not meet sufficiently the objectives to be further assessed.

·Option 3.1.b – Improve the feeding and use of information in the SIS as regards alerts on withdrawn long-stay and residence documents

This option would entail improving the amount and quality of data fed into the SIS. Article 38.2(e) of Council Decision on the establishment, operation and use of the second generation Schengen Information System (SIS II) requires MS to log “issued identity papers such as passports, identity cards, driving licenses, residence permits and travel documents which have been stolen, misappropriated, lost or invalidated''. Although undoubtedly beneficial, this option would not make the exchange of information systematic and would only focus on SIS alerts. Since it does not contribute to the objective of addressing the lack of cooperation and information exchange at time of issuance it is also discarded from further analysis.

·Option 3.1.c – Promote the use of security features for the documents containing a chip: Passive Authentication and Extended Access Control

This option would promote the necessity among MS to perform the systematic authentication of the content of the electronic chip of the documents that have a chip. Even if used at its full extent and in combination with the harmonisation of residence cards, would not have any benefits for long-stay visas (since they do not contain a chip). As well as the previous option, it cannot address the objective of cooperation and information exchange at time of issuance and it only partially addresses the objective of fast and effective border controls. This is why it was not further assessed.

Legislative options:

·Option 3.2 – Further harmonise and secure long-stay and residence documents

Residence permits 97 and long-stay visas 98 are already issued in harmonised format throughout the Schengen area. Both legal bases have been reinforced in 2017. In practice, this sub-option would mean strengthening the format and security features of the remaining residence cards 99 issued without the harmonised format of residence permit. During the adoption of Regulation 380/2008, Member States committed 100 to use the uniform format for residence permits for residence cards. However, some Member States still do not apply this approach (7/25). 101  

·Option 3.3 – Create an interconnection between national databases that would allow all MSs to query each other’s relevant national databases

This option entails setting up a distributed database 102 system by interconnecting the existing national databases of long stay visas and residence documents. A distributed database system would allow all MS to query each other’s relevant databases when assessing a long-stay visas or residence document together with the identity of a document holder at an external border crossing point (at second line border check).

·Option 3.4.A and 3.4.B – Integration in the VIS

This option is the integration of data on long-stay visas, residence permits and residence cards from national systems into the VIS. Whether to store data or not on applications differentiates the two sub-options analysed 3.4.A (without data on rejected applications) or 3.4.B (with data on rejected applications, which would allow to support future assessment procedures).

Long-stayers as a category are now the only TCN category not covered in any of the IT-systems (as was already illustrated with ''missing piece of the puzzle'' in Figure 3, section 2.1.3). By including the category of documents in VIS would ensure they are included in a EU IT-system, under a comparable regime for the same TCN for documents issued either under visa-free conditions (the category of TCN whose data will already be in ETIAS, and EES) and visa-required (TCN coming for a short-stay, whose data is already in VIS, as well as EES). Since long-stayers are not covered by EES, VIS would be the only system where their data could be checked.

5.2.4.Migration and security checks

For visa-free travellers, the ETIAS proposal stipulates automatic consultation of ''the data present in a record, file or alert registered in the ETIAS Central System, the Schengen Information System (SIS), [the Entry/Exit System (EES)], the Visa Information System (VIS), [the Eurodac], [the European Criminal Records Information System (ECRIS)], the Europol data, the Interpol Stolen and Lost Travel Document database (SLTD) and the Interpol Travel Documents Associated with Notices database (Interpol TDAWN)''.

The same principle could by analogy be applied to checks on visa required travellers through VIS by extending its possibility to query additional databases. In this respect, several options exist:

·Option 4.0 – Status quo

In this option the current situation of uneven and manual checks against other non-connected systems would persist. Depending on which Member State is doing the checks, the visa applicants would be checked against different national and European databases. As compared to visa-free travellers, fewer checks will be carried out against centralised European databases.

·Option 4.1 – Systematic and automated check against available databases (ETIAS model)

Since the VIS is also part of the legal framework setting up interoperability, technical possibilities have opened up to explore the practical communication between various databases in a fast, seamless and systematic manner by authorised users. In fact, after the interoperability proposal was presented, this is the first time that this framework is applied to an EU policy line. In this way, the option 4.1 is building on the benefits opened by the interoperability proposal.

VIS automated database check would follow the same logic as ETIAS. When verifying and assessing the information submitted by applicants, the system would automatically cross-check each application against each of the above mentioned systems (also illustrated in Table 1 below), as well as a dedicated watchlist and would consist of data related to persons who are suspected of having committed or taken part in a criminal offence or persons regarding whom there are factual indications or reasonable grounds to believe that they will commit criminal offences.

In this option, the interoperability components will be used. The risk assessment based on checks against databases will be performed in an automated manner using the interoperability component (European Search Portal).

Table 1: Databases to be checked for the purpose of VIS risk assessment

·Option 4.2 – Automated cross-checks + screening rules

In addition to automated cross-checks of other databases (option 4.1), automated processing through introducing screening rules in VIS could be envisaged, analogous to the ones used in ETIAS. The screening rules is a new tool, which would be an algorithm enabling the comparison of data in the applications for a short stay visa with specific risk indicators. The screening rules would thus contain on the one hand data analytics rules, and on the other specific values provided by Member States as well as statistics generated from other relevant border management and security databases. This would enhance risk-assessment capability and in particular to allow for the data-analytics method to be applied. The screening rules would not contain any personal data and would be based on statistics and information provided by Member States concerning risk indicators or threats, abnormal rates of refusal or overstay by certain categories of TCN and public health risks.

As was stated for the option 4.1, this option is also about applying the interoperability framework, building even further on the benefits opened by the interoperability initiative.

5.3.Options discarded at an early stage

·Copy of the travel document

Regarding travel documents, the option of incorporating a digital copy of the travel document in another system, e.g. EES, was discarded, because there are no other large-scale IT systems, existing or planned, which could be used to obtain the same result in respect of the same target population.

·Long-stay visas and residence documents

Three non-legislative options were discarded early on:

·Option 3.1.a – Improve the exchange of bilateral information on a case-by-case basis.

·Option 3.1.b – Improve the feeding and use of information in the SIS as regards alerts on withdrawn long-stay and residence documents

·Option 3.1.c – Promote the use of security features for the documents containing a chip: Passive Authentication and Extended Access Control

To sum up, while acknowledging their benefits, none of the non-legislative options would fully support the objective of exchange of information, therefore they would not reduce the fragmentation of the information available on TCNs during the issuance process of a new document 107 .

6.What are the impacts of the policy options?

A summary of different impacts (including fundamental rights, social impacts and economic impacts) can be found in Annex 3.

A detailed consideration on the available data, categories impacted by the envisaged measures and general considerations on data protection are presented in Annex 5.

6.1.Assessment of policy options

6.1.1.Copy of the travel document 

Economic costs and benefits

Two cost estimates were provided during the study 108 on all relevant costs (both one-off and recurrent, as well as recurrent compliance costs) from the options and their sub-options. Eu-LISA estimates the one-off cost for the central system (option 1.1) between € 3,3 – 4 m, while the study places it above € 5 m. For the decentralized system (option 1.2) the study suggests it would entail costs as high as € 200 m. As regards operational costs, eu-LISA places them at around € 375,000 – 560,000 / year.

As shown in the following table, the measures will also produce several important economic benefits for consulates as well as Member States’ migration and return authorities. If implemented, they would reduce administrative burden for processing return cases, reduce delays in the procedure and eliminate inefficient procedures involved with retrieving, scanning, zipping and coding hard copies. In fact, both options would be very feasible in practice, since the vast majority Member States are already storing copies of travel document – the options would simply impose a harmonised rule on such storing. Such a change of administrative procedures would in many cases lead to simplification of storing (digital storage). Furthermore, rules on the retention of the travel document (which currently vary among Member States which store copies of it) would be harmonised, which implies moderate changes in national administrative practices.

The identified economic benefits are primarily driven by the choice of main option. While Option 1.1 (centralized storage) performs marginally better compared to Option 1.2 (decentralized storage), both options would significantly reduce inefficiencies associated with the current procedures, reflected in significant cost savings (reflected in Table 2 below).

Table 2: Summary of benefits of the policy options    

In terms of the impact on duration and timeliness of return proceedings, both options would significantly reduce the waiting time of migration and return authorities during the process of confirming the identity of TCNs. Under Option 1.1, the delays will be effectively eliminated, resulting in a delay reduction of up to 14 days. Option 1.2 would have a slightly lower impact as Member States’ authorities may still be required to wait for several hours before receiving a reply from the responsible national authority for storing the travel document. The potential benefits to be realised from both options will be sufficiently substantial to offset the costs incurred to implement and comply with the respective options, especially for option 1.1 (centralised storage).

Policy impacts

Whereas the baseline scenario could not achieve any of the two objectives, the storage of visa applicants’ travel documents in VIS will improve the implementation of the objective of facilitating returns of TCNs who have been issued with a return decision. Both Option 1.1 and Option 1.2 will enable Member States to obtain the necessary evidence for proving the nationality of TCN visa overstayers who have been issued with return decisions, but who lack a valid travel document, to equal effect. Moreover, the VIS is the only EU instrument storing data on TCN outside the EU borders, i.e. in the country of origin or another country where the person applies for a visa, therefore the only EU instrument that could provide, in a systematic manner, the necessary data to achieve the stated policy objectives in this case. No other measure is currently available at EU level enabling authorities to obtain a copy of the TCN's travel document.

As regards the change of return effectiveness, the copy of the TCN’s travel document will be extremely useful as a means of evidence for the third country regarding the identity and nationality of the person to be returned and thus sufficient for facilitating the return. As return effectiveness hinges also on external factors, such as general cooperativeness of third countries on return, the actual impact is not easy to measure.

Table 3: Effectiveness in meeting the objectives

Based on inputs provided during the stakeholder consultation, the contracted study cautiously assumed that the proportion of effectively executed returns of TCN visa overstayers without travel documents will increase by 50% to 75% as a result of the proposed options.

·If the proportion of effectively executed returns increases by 50%, then the benefit is an additional 7.934 to 19.834 TCNs returned compared to the current situation.

·If the proportion increases by 75%, then benefit is an additional 11.900 to 29.751 persons returned.

These considerations are reflected in considering the scoring of the options for meeting the objectives in Table 3 (above).

Table 4:    Estimated benefits for the implementation of returns

Fundamental rights impacts

The storage of a digital copy of the visa applicants’ travel document in the central VIS (Option 1.1) or national VIS (Option 1.2) can have a positive impact for the right to asylum (Article 18 CFR) and the protection of the principle of non-refoulement (Article 19 CFR) by providing designated authorities which already have access to the VIS with access to additional evidence to prove an asylum seekers’ identity. The sub-options could be useful to asylum authorities for verifying the identity of a person in need of international protection (sub-option A) or for the assessment of merits of asylum cases (sub-option B). The existing safeguard which bans the transfer of personal data to third countries if that person has requested international protection continues to apply (Article 31(3)), mitigating the risk of serious harm for asylum applicants or their families.

Sub-options A and B would create an interference with the right to privacy and family life (Article 7 CFR) and the right to the protection of personal data (Article 8 CFR), as it involves the processing of personal data and access to these data by public authorities. Sub-option A implies the processing, of nearly the same amount and type of personal data as is processed in the current situation, merely stored in a different format. The additional category of data is limited to the personal (national) identification number of the document holder. This additional information does not further affect the privacy of the person, and for this reason the limitation to the right to privacy is modest. With respect to the right to data protection, storing a copy of the passport involved further data processing of the image of the document; however, it does not extend the information already available to authorities and the existing rules and conditions of access to this information.

Sub-option B involves the processing of a larger amount of new data, consisting in images of used visa pages in addition to data in sub-option A, for all TCNs under visa obligation. Both sub-options meet the objective of enhancing the return rate of TCN under visa obligation and do not go beyond what is necessary to achieve this objective.

Existing safeguards, including prohibiting the further processing of these data by authorities as well as to prevent unauthorised access and unlawful sharing with third parties should limit any potential negative impacts implied by both sub-options. As regards sub-option B, additional safeguards should explicitly prohibit the sharing of these data with third parties, given that it is not foreseen to positively contribute to the objective of facilitating return.

For both option 1.1 and 1.2 risks with regard to purpose limitation and accessibility of personal information can be mitigated by introducing strict safeguards against unauthorised access.

6.1.2.Biometric data of minors

Economic costs and benefits

In terms of costs, the one-off costs are higher for option 2.2 (taking fingerprints of all children) than for option 2.1 (lowering the fingerprinting age to 6). This is due to the fact that taking fingerprints of children younger than 6 is likely to require a new, different type of scanners and software.

Table 5: Overview cost-benefits option 1 and 2

Policy impacts

Taking fingerprints of children under 12 would support border authorities in detecting identity fraud as it would help them to ascertain whether the child present at the border is the child that has been granted a visa, which means options 2.1 and 2.2 would satisfy the VIS objectives. However, the JRC study on fingerprints concluded that the reliability of fingerprints is lower for children under the age of 6. This is reflected in the scoring of whether the measures would meet the objectives (lowering the fingerprinting age to all ages thus scores lower since fingerprint reliability cannot be guaranteed).

Fingerprints constitute a child protection safeguard since collecting and storing them facilitates the identification of traffickers and trafficking networks, as the file of the child in the VIS is linked to that of the parent/adult that accompanied the child. However, as already mentioned in the Eurostat Report on Trafficking in Human Beings, only 2% of victims of trafficking are under 12 years old. On the other hand, 17% of victims are in the 12-17 age range and this much more significant percentage of victims can already be helped if fingerprinting is lowered under 12 years, to take into account the 5-year maximum duration of the validity of the visa (i.e. the 12 to 17 age range for visa holders, corresponds to a potential range of applicants between 7 and 12 years of age). These two factors taken together: lower reliability of fingerprints for children under 6 and relatively lower number of children which could be helped with this measure means that options 2.1 and 2.2 would satisfy the objective of fighting child trafficking to a different degree – as reflected in the scoring:. option 2.2. is less effective in fighting child trafficking than option 2.1.

The prevention of identity fraud is raised by several consulates consulted as part of the supporting study as the main potential benefit of the proposed measure, which means stakeholders recognize it as a positive measure.

Table 6: Effectiveness in meeting the objectives

Under the baseline scenario the fingerprints of each incoming TCN child are not checked nor verified at Schengen entry ports, which means that the baseline scenario 2.0 does not help to meet either of the objectives (neither with VIS objectives nor with the fight against trafficking).

Fingerprints contribute to the subsequent identification and verification of the identity of TCN children who were <12 when applying for the visa, on Schengen territory, hereby allowing for family unity within and outside the Schengen area, verifying the family relationship, Dublin and asylum examination (i.e. VIS objectives).

Moreover, the VIS is the only EU instrument storing data on TCN children of nationalities subject to a visa obligation, and collecting these data outside the EU borders, i.e. in the country of origin or another country where the person applies for a visa. Hence the VIS is the only means to ensure, in a systematic manner, that the necessary data to achieve the stated policy objectives of the visa policy. No other instrument is currently available at EU level enabling authorities to perform identifications on TCN children or to provide such information in case needed for identifying victims of trafficking or launching SIS alerts on missing children.

Fundamental rights impacts

Both options 2.1 and 2.2 should have an overall positive impact on the protection of fundamental rights. Fingerprints would assist in protecting children against trafficking and in identifying children who have gone missing, or who are abducted or became victims of human traffickers. It would also facilitate reuniting these children to reunite with their family members (but only if it is in their best interest).

Although the existing VIS legal basis has no explicit purpose in regard to protecting children, VIS procedures and the application of the VIS should, like all EU actions, in all times respect the best interests of children as stipulated in Article 24 of the EU Charter of Fundamental Rights. Explicit safeguards in this respect will be added in the Visa Code and the VIS Regulation as regards carrying out the application procedure for children. These safeguards are part of both proposed options (against the benchmark of the baseline scenario – which already contains strong safeguards, as explained in section 5.1).

FRA provided insights into the impact on children 109 in relation to the proposal for a revised Eurodac Regulation, which also provides a lowering of the fingerprinting age for children in the asylum process to 6 years of age, which is why the comments are valid for this proposal as well. FRA reminded that, as is stated in the Article 3 of the United Nations (UN) Convention on the Rights of the Child, for all actions and decisions concerning children, the child’s best interests must be a primary consideration. Children are an extremely vulnerable group and the storage of biometric data could have both positive and negative impacts, therefore lowering the age can only be justified if it explicitly pursues a child protection objective and sufficient safeguards are in place.

Both option 2.1 and 2.2 will also have an impact on the rights to human dignity and privacy and personal data protection. It concerns the collection and storage of further sensitive data (fingerprints) of a particularly vulnerable group in a large scale IT system. However, fingerprints are the only means to unambiguously identify a child and, in this way, to better prevent child related abuses using visa, such as using false identities to traffic children into the EU.

Furthermore, the processing of fingerprint data for children will be subject to the strict safeguards, which already exist for the processing of biometric data of TCN visa applicants above the age of 12.

As described earlier, cases of children entering or attempting to enter the EU on a visa who are victims of child trafficking or other abuses, could be detected by a more complete information file in the VIS. This objective requires that the relevant or designated authorities would need access to search and process the data stored in VIS. Child protection authorities currently do not have access to the VIS.

Fingerprints must be taken in full respect of human dignity and in a manner that is appropriate to the child’s age and maturity. A provision to the Visa Code could be included explicitly requiring that fingerprints be taken in a child-friendly and child-sensitive manner by personnel who have been specifically trained to collect biometric data from children.

6.1.3.Long-stay visas and residence documents

Economic costs and benefits

The Feasibility Study 110 already looked at the feasibility of different options for storing long-stay documents and assessed IT-security, ease of implementation, management and costs of different options, namely a decentralised and centralised database (corresponding to options 3.3 and 3.4a/b). It concluded that a central repository as part of the VIS would score higher in all the criteria, especially at technical and operational levels. The impact that the repository (option 3.4.a / 3.4.b) would have on the existing VIS is low when considering the data model, services and overall capacity. The eu-LISA study on the technical and budgetary impacts of the VIS developments estimated an on-off cost of 10-12M€ for the repository. Economic costs and benefits of further harmonisation (option 3.2) are analysed in more detail in the IA for residence document harmonisation by DG JUST. 111

Policy impacts

With non-legislative options already discarded for not meeting the proposed objectives, all retained options would meet the general objectives, as seen below in Table 7. Whereas, the baseline scenario 3.0 meets neither of the two specific objectives, further harmonisation of documents (option 3.2), would help to strengthen checks at external borders / in the territory, but it would not be helpful with improving security though better information exchange, which is reflected in the scoring. In fact, the objective of information exchange can only be achieved if there is a data-base of documents, which means that only options 3.3, 3.4.a/3.4.b meet this objective, as is reflected in the Table 7 below.

Table 7: Effectiveness in meeting the objectives

Impact on fundamental rights

Impacts on fundamental rights mainly focus on data protection and are assessed for the options and sub-options that meet the two main policy objectives (non-legislative options were already discarded for not meeting the proposed objectives, as was the case with the baseline scenario). Therefore, the analysis focuses only on options 3.2, 3.3, 3.4.a and 3.4.b.

Table 8: Analysis of impacts on fundamental rights (against Articles of EU Charter of Fundamental Rights )

Option 3.2 (further document harmonisation) would have a limited impact on personal data protection, as it would not significantly change data processing as compared to the baseline. The situation is different for the options which entail collecting and storing data in a database.

Whether to store data or not on applications differentiates the sub-options 3.4.a (without rejected applications) and 3.4.b (with data on rejected applications) (see Figure below). In order to understand the impact of data processing, it is important to explain which data will be collected. The following categories of data will be collected: biographical data of the holder or applicant, travel document data, decision data, issued document data.

Figure 7: Dataset for long stay visa/ residence permit file

In the case of option 3.4.b, the data stored upon applying for a long-stay document would be a combination of the biographical and travel document data presented above and would also include: the fact that an application for a certain type of document was lodged, when, where and with which Member State authority.

Figure 8: Dataset for residence card file

Residence cards are a special case: as regards the residence card file, information will only be stored upon issuing the document (i.e. the residence cards). Authorities responsible for issuing these documents (consulates or legal migration authorities) would have access to introduce and store data upon application/ issuance (of the residence card), and subsequently to amend, and update the file. Border authorities and authorities responsible for checks within the territory, would only have access to check with the data provided by the person and would not have access to carry out modifications of the personal data.

The table 9 below summarises the processing applicable to the options.

Table 9: Data processing

Option 3.3 would have an impact on data protection, as it would add an additional access to existing data 114 (and thus more processing, and more risks of unlawful access to or use of the data).

Option 3.4.a would have a stronger impact on data protection, as, in addition to access, it entails the collection and storage of data. 115

Finally, option 3.4.b would have a slightly stronger impact on data protection compared with option 3.4.a as it involves the processing of application data in addition to issued document data. It would thus entail the processing of a larger dataset.

Both options 3.4.a and 3.4.b entail more risks to data than option 3.3 as they rely on a central database (the VIS) for storage. 116 However, it also has to be taken into account that while more data is at risk, the likelihood of a breach is smaller as there is only one system to protect and monitor. This consideration should nevertheless be qualified, as both option 3.4.a and 3.4.b propose a limited dataset: as per the current proposal, they would entail the processing of 16, 11 respectively, data items, most of which are based on the document dataset. The dataset does not encompass the special categories of data that are considered as particularly sensitive. 117 The “reason for the negative decision” might, if left as a free text field, reveal data related to private life or sensitive data on rare occasions. The use of a drop-down menu, tick boxes or another technical feature of the form will prevent this as an additional safeguard. The reasons for the negative decision should be provided in a manner that is limited to allowing the designated authority to achieve the purpose of carrying out the assessment of security and irregular migration checks (through verifications on whether the person is registered in the system with previous refusal due to identity or document fraud or for being a threat to the national security of one or more Member States), subject to the existing limitations in law. Additional safeguards will be included to ensure that the use of the data is fully in line with applicable legislation in the field of legal migration or freedom of movement, as applicable, at either EU or national level, notably that a previous refusal of a document should not automatically lead to a new refusal and that each application should be considered on its own merits.

Options 3.3 and 3.4 would not affect the right of the individuals to access their personal data, rectification and objection. No derogation to the general data protection regime of Member States or of the VIS Regulation would be created. All existing provisions and safeguards would apply, including for option 3.3 the ones present in the current VIS Regulation, among which Article 38 (Right of access, correction and deletion).

Options 3.3, 3.4.a and 3.4.b would not affect the right of the individuals to access their personal data, rectification and objection. No derogation to the general data protection regime of Member States or of the VIS Regulation would be created. All existing provisions and safeguards would apply, including for option 3.3.

Only a limited data set would be collected, at most, on about 22 million documents 118  (including residence cards). It must be taken into account that this figure does not represent net new sets of personal data as compared to what is already registered in the EU large scale IT systems for borders and migration:

-As regards TCN under a visa obligation, depending also on the regime in place in each Member State, there is a high likelihood that a person applying for a residence document has already access the territory of the Member States with a short stay visa in order to apply for the residence document. In those cases, these persons are already registered in the VIS.

-As regards a visa-free TCN, with the entry into operations of ETIAS the data of each person travelling for a short stay to EU will be registered (except fingerprints). With the entry into operations of EES, the data of all visa free TCN entering the EU territory, including biometric (live facial image and four fingerprints), will also be registered in this system, with the exception of holders of residence cards (who are exempted from registration in the EES as in their respect the obligation of stays on the territory not exceeding 90 days in any 180 days does not apply).

The above considerations also imply that for the persons applying for a long stay document (visa or residence permit), the personal data is already recorded in a centralised database, VIS and in the future ETIAS and EES, and therefore creating the file for the long stay application will entail reusing personal data, including biometrics, where available, from existing records.

Right to life (Article 2 CFR): options 3.2, 3.3 and both sub-options under 3.4 may have a positive impact on the right to life by increasing security. The extent of the link between long-stay and residence documents fraud and the right to life of EU residents is difficult to assess, due to limited data available.

Option 3.2 would have a positive impact on the right to life, as it would reinforce the security of the EU through making long-stay and residence documents more secure;

·Options 3.3 and 3.4.a would have a similar positive impact on the right to life, as they would both reinforce the security of the EU through the access of border guards, law enforcement and migration authorities to long-stay and residence document data. This positive impact may be more significant than the one of option 3.2 since the options would create a “white list” of valid documents adding another level of security on top of existing security features;

·Option 3.4.b would have, compared to options 3.3 and 3.4.a, a more significant positive impact on the right to life, as it would further reinforce EU residents’ security via the consideration, during the issuance process of long-stay visas or residence permits, of relevant information linked to the person’s previous applications.

Similarly, access by law enforcement authorities for preventing terrorism and other serious criminal offences could also have a further positive impact on this right.

Right to privacy (Article 7 CFR):

·Option 3.2 would have a limited impact on the right to privacy, as it would not significantly change data processing as compared to the baseline;

·Option 3.3 would have a more significant negative impact on the right to privacy than 3.2, as it entails additional access to and use of existing data by public authorities 119 ;

·Option 3.4.a would have a more significant negative impact on the right to privacy than 3.3, as the option entails the storing, access and use by a public authority of data related to private life 120 .

·Option 3.4.b would have a more significant negative impact on the right to privacy than 3.4.a, as the option entails the same processing by public authorities as 3.4.a, but for a larger dataset.

Right of freedom of movement and of residence (Article 21 TFUE, Directive 2004/38, and Article 45.2 CFR) 121 : options 3.2, 3.3, and 3.4 (both sub-options) would have a positive impact on this right if residence cards are included in their scope. It would lead to facilitation and time savings during external border checks (and internal ones, when they are exceptionally carried out as border guard would more easily recognise the validity of the residence card.

·Option 3.3 would have a slightly more significant, positive impact on the right than 3.2, as the check to the database would also solve issues related to technical problems in reading the chips and thus prevent lengthy second-line checks in such cases;

·Option 3.4 (both sub-options) would have a more significant, positive impact on the right than 3.3, as the check to a central database would be quicker than a check to a decentralised one, therefore time and convenience as facilitation gained would be more important.

As regards the inclusion of TCN members of family of a mobile EU citizen (i.e. of residence cards data), it must be underlined that this impact assessment treats the situation of all categories of TCN in a non-discriminatory manner. The distinction made between family members of mobile EU nationals and the other TCN, family members of an EU national or not, is driven by the difference in the residence document that is issued, i.e. a card for the first category, a permit for the second. The difference between these two categories of documents comes from the different conditions of issuance, i.e. based on EU legislation which distinguishes between the conditions applied to issuing residence permits to family members of EU nationals in general (the Family Reunification Directive), and the conditions applied to issuing cards to family members of mobile EU nationals (Directive 38/2004).

However, this initiative is without prejudice to the conditions or grounds of issuance of these documents. Instead, it focuses on two objectives (faciliting checks at borders and ensuring the security of the Schengen area) which stem from the conditions of crossing an external border to which all TCN, irrespective of the reasons for which a document of residence was issued to them, are subject.

There is currently no mechanism in place to exchange information among Member States enabling them to assess at borders and even before a residence document is issued, whether the person could pose a security risk or is an identity fraudster, as the current assessment is based exclusively on national information. Hence, if this category of TCN was left outside the scope of this initiative, the information gap and thus the security gap identified in the problem definition would be reduced, but not closed and advantage of this could be taken in order to obtain an easier, less checked and more comprehensive (due to extensive rights attached to it) access to enter, freely move and reside in the EU territory.

Considerations on biometric data in option 3.4

Adding biometric data, and particularly fingerprints, to the data set to be accessible in the database would have the advantage of allowing identification of the bearer of the residence permit, residence card or long-stay visa 122 with a level of certainty much higher than as it would be without (relying solely on visual identification and/or identification based on biographical data). It would thus ensure that these documents are solely used by the genuine bearer. Border guards, law enforcement or migration authorities would be able to detect cases of multiple identities across systems using biometrics in line with the interoperability proposal recently tabled by the Commission 123 and similarly to what already happens for short stay travellers whose biometrics are collected in the EES and VIS.

However, the collection and storage of long-stay travellers’ biometric data by Member States is currently not harmonised. While some Member States collect and store fingerprints in national databases, some other Member States delete the biometric data from their databases after placing it on a residence permit or a card. Therefore, while for some persons biometric data is available, for some others it is not. The number of fingerprints may also vary depending on the Member State. Due to this situation, collecting biometric data from national databases to store them in the EU database would lead to differences in the collected data set depending on the person and the Member State that collects it.

According to the strict necessity principle in data protection, if the system can achieve the objectives without biometric data for some persons (e.g. when they are not available, as some Member States have not stored them in a database), it means that biometric data is not strictly necessary. However, given that biometrics of most of the TCN affected by this measure are or will be available in the central EU databases and that with the proposed Shared BMS of the interoperability proposals there would be no technical issue in handling different types and different combinations of biometrics, the impact on data protection is significantly limited. The system could work with just storing the minimum denominator of biometrics per documents (e.g. two fingerprints and facial image for residence permits, facial image for long stay visa and residence cards).

6.1.4.Migration and security checks

Economic costs and benefits

The budgetary impact of this measure could be estimated on the basis of extensive existing analysis of the similar measure in ETIAS. However, it must be taken into account that significant differences exist: there are no setup costs for the VIS, which is already up and running. Costs to be taken into account would include the search interface to other systems to be developed. In option 4.1 the interoperability platform will be reused. This will reduce the overall cost in a consistent manner and would avoid natural redundancies of heterogeneous elements.

Based on similarities with ETIAS (although for a size of the population of about half that of ETIAS) – and taking interoperability development costs as already incurred, a high level estimate would place the investment for the central system (eu-LISA implementation) for implementing option 4.1 (automated and systematic checks against multiple databases) at € 10 m. Regarding the business impacts for the MS, the interface and process for the ETIAS may be reused, thus significantly limiting the costs and complexity for MS integration.

Both option 4.1 and 4.2 (automated cross-checks + screening rules) would entail similar costs from this perspective.

Policy impacts

The legitimate public interest of ensuring a high level of security is positively affected by the implementation of automated data-base check. A better and more accurate identification of the security risk of TCN crossing the external border of the Schengen area supports the detection of cross border criminality, and it more generally facilitates the identification of persons whose presence in the Schengen area would pose a security, migration or public health threat. It would thus contribute to improving the security of the citizens present in the Schengen area and enhancing internal security in the EU.

Benefiting from interoperability proposal, it would be illogical to enable such cross-checks for visa-exempt TCN, yet choose not to use it for visa required TCN, who by definition come from countries with a higher migratory-security risk for the EU. Thus, the proposed measure, for both options 4.1 and 4.2, is rebalancing a potential unbalanced treatment between visa-exempt travellers and visa-required travellers, whereas option 4.0 (the baseline) does not meet this objective.

Table 10: Effectiveness in meeting the objectives

Fundamental rights impacts

The proposed measure (for options 4.1. and 4.2 which entail taking action) has an impact (positive, negative or both) on each of the following fundamental rights: right to liberty and security (Article 6 of the Charter), the protection of personal data (Article 8 of the Charter), the right to non-discrimination (Article 21 of the Charter), and the right to an effective remedy (Article 47 of the Charter).

As mentioned by FRA in its report on interoperability 124 : "Receiving the full picture about a person contributes to better decision-making. To this end, safeguards need to be in place to ensure the quality of the information stored about the person and the purpose of the data processing. Such safeguards should prevent unauthorised access and unlawful sharing of information with third parties. To ensure the right to an effective remedy, practical possibilities to rebut a false assumption by the authorities and to have inaccurate data corrected need to be in place." At the same time, this measure guarantees non-discriminatory checks for all short stay visa applicants, irrespective of the Member State with which they are applying – which is currently not the case. The VIS Regulation already contains guarantees ensuring information for the person who submitted an application and effective remedies (as explained in section 5.1 in the baseline description).

The proposed measure aims at enhancing security and irregular migration checks, hence contributing to the legitimate public interest of ensuring a high level of security. As such, it can contribute to the protection of people’s right to life (Article 2 of the Charter). A better and more accurate identification of the security risk posed by TCN applying for a visa allowing them to cross the external border and move freely within the Schengen area facilitates the identification of persons whose presence in the Schengen area would pose a security threat. This way the proposed measure would contribute to improving the security of the citizens present in the Schengen area and enhancing internal security in the EU.

The proposed checks against a number of migration and security databases do not entail collecting new data from the applicants, however they entail new processing, by checking their bio-data, in particular biometrics, against a number of large-scale databases which were previously not part of the compulsory checks in the visa procedure. However, these checks are currently either already done by national authorities (SIS, Eurodac, SLTD, TDAWN) within the consulates (at an uneven or ad-hoc basis) or at borders (compulsory), or will become compulsory checks in the future (ETIAS). The only new system that will be checked against is ECRIS-TCN, which is however included as a compulsory check for ETIAS applicants.

Given the purpose of the visa examination procedure which entails an assessment of the security and migratory risk of the visa applicant, and that all the above mentioned databases respond to this purpose, the processing against databases will be limited to what is necessary to attain the objective of ensuring a high level of security of the visa processing. The checks will be carried out with a limited sub-set of biographical data together with fingerprints, thus limiting significantly the possibility of false matches. Moreover, the searches will be foreseen so as to return an informative result to the visa processing authority. They will not trigger an automatic refusal of the visa and cannot, taken alone, constitute a reason for refusal.

The search results will not be stored, therefore no possible breach of its integrity or of the confidentiality of the data subject could take place. The measure is also subject to the purpose limitation principle, as the data that will be used for these checks will not be further processed in a manner that is incompatible with the stated purposes. The envisaged data processing is therefore adequate, relevant and not excessive in relation to the purposes defined. Finally, all existing VIS safeguards regarding the right of the data subject, including the right to access, deletion and the effective remedy will apply to this procedure as well.

As regards the screening rules, they are devised on the exact same conditions as those applied in ETIAS to visa free TCN. They do not entail processing of personal data, only a check against a number of statistical indicators, based on a model customarily used in migratory and risk assessments (e.g. Frontex annual risk assessment). Specific safeguards ensuring that the right to non-discrimination based on a person’s race, colour, ethnic or social origin, genetic features, language, political or any other opinions, religion or philosophical belief, trade union membership, membership of a national minority, property, birth, disability, or sexual orientation will be expressly provided. To ensure the supervision of the set up and application of the screening rules and in particular of the non-discrimination principle, the specific risk indicators on the basis of which the screening rules will be developed, will be defined, established, assessed ex ante, implemented, evaluated ex post, revised and deleted based on the appraisal and recommendations of the Fundamental Rights Guidance Board established by the ETIAS Regulation, and which is composed of the Fundamental Rights Officer of the European Border and Coast Guard Agency, a representative of the consultative forum on fundamental rights of the European Border and Coast Guard Agency, a representative of the EDPS, a representative of the European Data Protection Board and a representative of the Fundamental Rights Agency.

In terms of proportionality, limitations to privacy and data protection brought about by options 4.1 and 4.2 (which is similar to 4.1 in terms of data protection impact, as the screening mechanism does not entail processing personal data) preserve the essence of the rights.

7.How do the options compare?

The options for all four problems analysed will be scored for their effectiveness in meeting the objectives; the efficiency (the result of striking a balance between costs and benefits); their social impact and impact on fundamental rights – given the fact that the measures involve a trade-off between fundamental rights impacts and gains in other terms (i.e. security); and lastly for their coherence with overarching EU policies.

7.1.Copy of the travel document

Efficiency and effectiveness

Both Option 1.1 (centralised storage of travel document copy) and Option 1.2 (decentralised storage), as well as their sub-options, can contribute to the identified objectives of general interest, though Option 1.1 performs moderately better and in a far more cost-efficient manner than Option 1.2. This is reflected in the scoring for cost efficiency and effectiveness in meeting the objectives, in Table 11 below.

Beyond improvements that would be achieved by sub-option A – which would already be sufficient for the identified purposes of facilitating return procedures, sub-option B would translate into an improvement when it comes to proving the travel history, which is important for VIS's ancillary purposes in return and asylum procedures.

Social impacts and fundamental rights

The analysis of impacts fundamental rights (section 6.1.1.) showed that the all proposed options would have a positive effect on asylum procedures (to identify persons in need of international protection).

In terms of negative effects on fundamental rights, storing a copy of the travel document would entail further processing of personal data. These considerations are also reflected in the scoring for fundamental rights in the Table 11 below.

Necessity and proportionality

For options 1.1, Option 1.2 and Sub-option A the measure would be demonstrably suitable with respect to achieving its purpose, therefore both options satisfy the proportionality test. The travel document data page is precisely what is required by third country authorities as proof of nationality in the absence of a valid travel document.

While both options will achieve the same level of effectiveness in fulfilling the objectives, Option 1.1 achieves a higher level of efficiency (timeliness, cost-efficiency and security). Furthermore, Option 1.2 (decentralised storage) cannot necessarily be considered as less intrusive given that the same information would ultimately be made available to the designated return authorities in all Member States. No matter which technical architecture is selected, the measure is intended to enable a Member State’s authority to access data stored by (an)other Member State during the visa procedure.

As to the proportionality of the sub-options, the scope of personal data to be stored under sub-option A is both relevant and necessary for the stated purposes of facilitating returns. The intrusiveness of the proposed sub-option is in itself very modest, as the same data are already entered in VIS in the current situation, albeit in a different format.

As regards sub-option A, assuring that appropriate safeguards prevent against the processing of these new data, the interference on the right to privacy and the protection of personal data would not be greater than the current VIS system, for which no complaint on data protection has been registered to date 125 , and adequate safeguards have been put in place. By contrast, the data implied by sub-option B is more intrusive and it would not substantially contribute to the explicit objective of the measure, which is to facilitate the return of TCNs without a valid travel document. Since sub-option B is more intrusive and no more effective for achieving the identified objectives it could be concluded that the processing of these data is considered disproportionate if it were to be stored centrally. Therefore, the necessity and proportionality of a measure involving storage – either at central level (Option 1.1) or decentral level (Option 1.2) – of a digital copy of the data page of the visa applicants’ travel document in the VIS system would be justified.

Coherence

All proposed options and sub-options are coherent with other EU policies also in particular the return policy, as well as the asylum policy. They are also fully coherent with the visa policy and the proposal amending the Visa Code. 126

Table 11: Overall comparison of policy options (1)

7.2.Fingerprinting of minors

Efficiency and effectiveness

As stated when describing the impacts in the section 6.1.2, lowering the fingerprinting age of children in VIS meets the objectives, which is why both option 2.1 and 2.2 are considered to be effective. Option 2.1 is more effective because research shows that the fingerprints of children under the age of 6 are not as reliable as fingerprints of the children above the age of 6. This scientific finding, coupled with the fact that there is a relatively low number of children affected by abuse of rights phenomena (including trafficking) in this age group (i.e. meaning below the age of 11 years, taking into account the maximum period of validity of a granted visa), means that the option 2.2. is less effective in meeting the objectives, which is reflected in the score for effectiveness in Table 12 below.

From the description of the costs/benefits in section 6.1.2, results that option 2.1 (lowering fingerprinting age to 6) involves much less economic costs than option 2.2 (including all ages), which is fully reflected in the rating of efficiency in the Table 12 below.

Social impacts and fundamental rights

The analysis of fundamental rights impacts (section 6.1.2) showed that the measure includes a trade-off between positive and negative impacts: it would have a positive impact for the protection of the fundamental rights of children, protecting them against human trafficking or protecting the right to family life by reuniting trafficked children with their family members. However, storing such sensitive personal data of a vulnerable age-group would naturally also entail negative impacts, as was duly stated in the analysis. However it was considered that the positive impacts outweigh the negative ones. The rating of the fundamental rights in Table 12 reflects these considerations.

Necessity and proportionality

From a data protection point of view, both options are found to be appropriate, strictly necessary and not excessive for the objective of border checks, by providing the only means available to allow an unambiguous identification of the child at the border or within the territory, both to prevent trafficking but also allowing to identify and return to the family children that had gone missing or were found victims of trafficking.

Option 2.1 – Taking into account the immense positive impact for protecting the right to family life and best interests of the child, this option can be considered a proportional measure under specified purposes and given the strict conditions and safeguards existing on data protection ensuring that the fingerprints are only accessed under the visa and border procedures provided by law and otherwise only used to protect children from trafficking or identify and protect trafficked children and missing children.

Option 2.2 – Since all children are entitled to protection, this option would have a positive impact with regards to the protection of all TCN children under 6 having applied for a visa. However, there are several limitations: the number of potentially affected (i.e. trafficked) children appears to be relatively low, for this age group there is less reliability of the fingerprints taken and there would be significantly higher practical hurdles in carrying out fingerprinting in a child-friendly and adequate manner for very young children. This hampers the overall effectiveness of the measure: the effectiveness of the measure for all children from 0 to 12 years is lower than for children between 6 and 12 alone. In conclusion, whereas taking fingerprints of children below the age of 6 would still meet the policy objective to a certain degree, it appears to be less proportionate in view of the technical limitations it entails, as well as the relatively low number of children targeted in this age group.

In light of these considerations, the data collected under option 2.1 is relevant and needed to contribute to the first objective of improving the implementation of the common visa policy, whereas the option 2.2 does not reach this threshold.

Coherence

Both proposed options are coherent with other EU policies – namely the visa policy, and also respect for the principle of primary consideration of the best interests of the child, which should be taken into account in all EU action. Additionally, option 2.1 presents full coherence with the recent Eurodac proposal which provides for lowering the fingerprinting age for children in asylum procedure or found in irregular migration process from the (current) 14 years of age to 6 years. Taken together, the data registered in the VIS (covering children arriving on EU territory as part of a regular migration process) and Eurodac (covering children arriving with irregular flows or seeking asylum) cover to a very large extent the spectrum of third country national children arriving on EU territory and that could be identified in case they are found as victims of trafficking or other forms of abuse or who had been reposted as missing. To complement this framework, the SIS that contains alerts on missing persons (including children) could be fed with identity information, including biometrics, from the VIS, to support the search operations, in case the child that had gone missing is a TCN under visa obligation.

Table 12: Overall comparison of policy options (2)

7.3.Long-stay visas and residence documents

Efficiency and effectiveness

Effectiveness: Ultimately, sub-option 3.4.b (Integrate in the VIS) is the only option that fully addresses the second objective (i.e. information exchange), as storing data on documents and applications would offer migration authorities a complete picture on the situation of the TCN applying for a new document. It would be effective regarding false documents, including forged documents, as in these cases the information in the database would differ from the information in the document presented to the border guard. And would be effective regarding letting migration authorities know of security issues encountered by other Member States with previous applications or use of the document by the TCN.

Concerning Option 3.3 (the distributed database), it would allow improving security within the EU and provide border guards and officers carrying checks within the territory access to a “white list” of valid documents. However, its complexity and difficulty of implementation, together with the difficulties in delivering high performance searches with such setup, would reduce its effectiveness in addressing the policy objectives.

While taking into account the upcoming Commission proposal to further harmonise the format of the residence cards, the Option 3.2 (further harmonisation of the format) would meet the general and the specific objectives related to checks at external border as it will make it more difficult to forge or counterfeit the document - and thus improve security within the EU. This option would also make it easier for border guards to recognise valid residence document. However it does not meet the specific objective of exchanging information between Member States on third-country national holders of, or applying for, long-stay and residence documents, and cannot fully address the problem at borders either. 127 These considerations are reflected in the scoring of options for effectiveness in Table 13 below.

Efficiency: Option 3.2 – Further document harmonisation scores positively for efficiency in securing borders 128 , albeit limited to the documents that are subject to harmonisation and contain security features. However, for this option it must be emphasized that the objective of facilitating the exchange of information for enhancing the security of the Schengen area is not met (which is reflected in the score given to this option for effectiveness).

Option 3.3 – creating a decentralised database – will be complex and overly costly to implement, due to major difficulties deriving from the different governance, legal basis, languages and technical solutions used across national systems. These difficulties could delay implementation by several years. Moreover, it would not leverage on the existing infrastructure of the VIS.

Option 3.4 – (either sub-option a/b) offers significant advantages and a much better cost-benefit. In particular, only this option would allow ''triangular verification'' (person <=> document <=> system), which has proven to be a successful approach for the efficient tackling of unlawful use of documents through the correct assessment of (i) their validity and authenticity and of (ii) the identity of the holder. It provides a higher level of security than reinforcing the security of documents, as it cannot be affected by material damage (e.g. broken chip in a residence document) or loss of the document. This approach also allows accurate identification (in particular if biometrics are stored in the central database – as explained in section 6.1.3 in the consideration on biometrics) in a less cumbersome manner than using fingerprints stored in the chip. Overall, this option would have a positive societal impact both on EU citizens who would benefit of the additional security of the Schengen Area, and on TCNs who would benefit of an automated and potentially faster border crossing. Furthermore, this option is supported by the public consultation: a majority of the respondents who consider that an EU solution should be given to address the identified information gap would also support a repository of long stay visas and residence documents as part of the already existing Visa Information System, while respecting the principle of separation of data and access rights by the various authorities 129 .

Table 13: Overall comparison of policy options (3)

Additional benefits of VIS stem from the fact that it is already used and well known by Member States 131 and it serves similar business processes. As part of the new interoperability platform, the inclusion of data in the VIS opens the possibility for detection of multiple identities of TCN applying for one of these documents, and to police identity checks within the territory. With this option, MS would be able to benefit of its search services offered centrally, in a proven, controlled and highly performing manner. It would maximise the re-use of existing infrastructure, including benefitting from ancillary services such as logging, reporting, data quality, statistic extractions, access control etc.

For border checks: The central system would be consulted by border guards to verify the documents arriving at the borders against a centralised system and the travel document of the holder (triangular verification). It would simplify the administrative burden, by enabling fast, electronic checks via the central system. It would also reduce the need of bilateral exchanges triggered by doubts on the documents. It would also help efficiently implement the future Carrier Gateway of EES and ETIAS – in the absence of these documents in the system, the gateway would give a false negative as a short stay visa or an ETIAS travel authorisation would not be found for that traveller, thus generating confusion for the carriers, adding to the administrative burden of procedure and potential negative consequences for the TCN that would then have the burden of proof that they do not require them.

For migration and security assessment: By centralising information, this option would mitigate the information gap and support the cooperation among MS during the assessment of new applications, by enabling them to perform upstream checks on the applicant, in particular to assess irregular migration and security risks e.g. by accessing information on previous applications in other Member States, the use made of previously issued documents, or to use VIS's interoperability to other databases to perform basic security checks and detect identity fraud. Additionally, the information on long-stay and residence document holders could support the examination of asylum applications and determining the MS responsible for such applications (similarly to what is already done for short-stay visas in the VIS 132 ). Furthermore, the stakeholders' consultation confirmed the need for developing a shared EU repository that would contribute to reducing identity and document fraud, combatting irregular migration, and preventing, detecting and investigating terrorist offences and other serious criminal offences 133 .

Social impact and fundamental rights

In terms of social impacts and fundamental rights there is a trade-off between increased security for the society and impact on fundamental rights (namely through processing of personal data): by helping to increase security of the EU through information-exchange, the options which meet the objective of information exchange (options 3.3, 3.4.a and 3.4.b) also score high for their social impacts, whereas option 3.2 and the baseline 3.0 do not meet the security objective, so they score much less in terms of benefits on social impacts. As analysed in greater detail in section 6.1.3 under impacts on fundamental rights, the options which include putting personal data in a repository (3.3., 3.4.a/b) will have an impact on fundamental rights. However, already existing and proposed safeguards will minimise these impacts, as is explained in more detail in the next section on the necessity and proportionality of the options. These considerations are reflected in the scores in Table 13. It is important to note that option 3.4.b (centralised repository, with data on applications) scores best in terms of trading off positive social impacts and impacts on fundamental rights (on the other hand, option 3.2 of document harmonisation entails less impacts on fundamental rights, but positive social impacts are all minimized as well).

Necessity and proportionality

In an area without internal borders, no Member State alone is able to cope with irregular immigration and to cover for the risks to the security of this area, including international terrorism and serious crime. A person may enter the Schengen area using a document issued under national competence by one Member State and circulate freely to the territory of the other Member States. A comprehensive verification of the compliance with EU rules on crossing external borders therefore cannot be ensured by Member States acting alone.

While Member States will retain fully their current competence in issuing long stay visas and residence documents in accordance with national legislation and applicable EU law, in particular data protection rules, storing data on these documents in the VIS would allow Member State authorities to access data on third-country nationals who cross the EU external border with a document issued by another Member State in an easy, safe, secure and streamlined manner, as well as use the data stored on previous applications to take informed decisions on whether the person could be a threat to the security of the Schengen area or an identity or document fraudster.

By reusing the VIS technical setup and infrastructure, the investments necessary are kept to a minimum and will only entail connections between the national systems and the VIS. As regards the former, the national visa systems are already fully interconnected to the VIS, for the issuance of short stay visas. Therefore, only connection of national systems will only be necessary in those cases and for those Member States that have separate national systems for managing residence documents. Therefore the preferred option is also proportionate in terms of costs, taking into account the benefits the system will provide to all Member States in managing the common external border and protecting the area without internal borders.

As regards fundamental rights, including the protection of personal data, the preferred option based on a VIS solution, whose concept is driven by the privacy by design, is proportionate in terms of the right to protection of personal data in that it does not require the collection and storage of more data and for a longer period than is currently the case for the same categories of affected TCN in similar processes – short stay visas, ETIAS, EES – and absolutely necessary to allow the system to function and meet its objectives, including what a border guard currently sees when checking a long-term visa, residence card or permit presented at the border. Only personal data that is adequate and relevant for the purposes of the processing would be collected and processed 134 .

Similar to what happens today with all existing EU information systems, the rights of the TCN applying for these documents are affected to a limited extent 135 . These limitations are necessary to achieve the general and specific objectives described in section 4 and so are necessary and proportionate. They will however be accompanied by all the safeguards and mechanisms required for the effective protection of the fundamental rights of TCN concerned, in particular the protection of their private life and personal data will be foreseen and implemented.

Thus, the limitation is justified as the advantages outweigh the disadvantages caused with respect to the exercise of fundamental rights; therefore, the limitation is deemed proportionate.

Coherence 

All options (except the discarded status quo baseline 3.0) are coherent with the overarching objectives of EU policies at least to some extent. Option 3.2 on further harmonising the residence documents is fully coherent with existing and upcoming developments in the area of harmonising documents and securing them 136 . Option 3.3 on the decentralised database is coherent with the general efforts to increase the cooperation between national administrations. Option 3.4 is fully coherent with the EU policy on the gradual introduction of an integrated management system for external borders and on the checks to which persons crossing external borders are subject. Moreover, this option is also coherent with the EU policies in the field and return and asylum, respectively. This is reflected in scoring in the Table 13.

7.4.Migration and security checks

Efficiency and effectiveness

Both proposed options meet the objectives of conducting robust migration/security assessment, whereas the baseline scenario does not guarantee that this objective is uniformly met (as analysed in section 6.1.4). These considerations are reflected in the scoring for effectiveness in Table 14 below. Both proposed options are building upon the costs undertaken for the interoperability proposal (as mentioned in section 6.1.4), which is reflected in their score for cost efficiency in Table 14.

Social impact and fundamental rights

In terms of social impacts and fundamental rights there is a trade-off between increased security (due to more thorough security assessments of TCN) and negative impacts on fundamental rights of the TCN (since their personal data would be subject to new types of processing). Achieving the goal of increased security prevails in this case, since all appropriate safeguards will in place to limit the negative impacts on fundamental rights (as explained in the description of the baseline scenario and further developed below in the section on necessity and proportionality). These considerations are reflected in the score for social impacts and fundamental rights in the Table 14.

Necessity and proportionality

The assessment of whether additional systems should be queried during the assessment of a visa application and whether such searches are proportionate and necessary as part of migration and security risk assessment reveals that the measure is needed to properly assess migratory risk and fraud and to ensure a level playing field across Member States. It is not a disproportionate measure since at least the same amount of checks would need to be carried out on visa applicants as would be done for visa free travellers under ETIAS and very similar to the systematic checks upon entry and exit to which every EU citizen is currently subject.

The VIS will be interoperable with other police, judicial and immigration systems in order to cross-check information contained in VIS against information recorded in these systems. From a data-protection point of view, it can be noted that cross-checking data available in the VIS with all information contained in other systems may not be relevant for the VIS purposes. Therefore as an additional safeguard, provisions will be added to the VIS Regulation defining precisely with which set of limited data a search will be launched against other systems, and include biometrics in order to obtain the most accurate answer and avoid false positives. The Visa Code provisions in this respect will define precisely which information in other systems is relevant to the purposes of these checks and therefore which types of data will have to be returned by the checks, in order to strictly limit the cross-check of VIS data with this information. The existing safeguards in the VIS Regulation and the Visa Code in respect of data processing, fundamental rights and purpose limitation will apply (i.e. the information obtained will be strictly used for the purpose of checking whether the conditions of entry as set out in Article 21(3) of the Visa Code, while refusal of a visa must strictly correspond to one of the grounds laid down in Article 32 Visa Code).

Coherence

The proposed options 4.1 and 4.2 are using synergies created by the interoperability logic; therefore it is fully coherent with other EU existing legislation and proposals in the area of border management. A similar mechanism has been proposed 137 to support the processing of the ETIAS authorisation for visa-free TCN. The introduction of the automated checks and screening rules for TCN subject to a visa obligation would therefore ensure that at least the same level of checks done for visa free TCN and thus ensure coherence between the regime applicable to the two categories of TCN by EU policies.

By enabling authorities to have readily available and streamlined security and migration information on the applicant during the examination procedure, the mechanism of automated checks accompanied by screening rules enables the detection of any irregular migration or security risk early on in the process and thus contributes to the prevention of irregular migration and security risks on EU territory and is thus also coherent with the EU policies in these areas.

Furthermore, views from stakeholders support the introduction of options 4.1 and 4.2. During regular Schengen evaluations, Member States and border management authorities stated they would welcome automatization of the security cross-check against other applications in order to facilitate the border check procedure while enhancing security; additionally to this, introducing screening rules in VIS would allow for an advanced risk assessment 138 .

Table 14: Overall comparison of policy options (4)

8.Preferred options

8.1.Copy of the travel document

The preferred option to emerge from this study is Option 1.1.A – Centralised storage of a digital copy of the bio-data page of the visa applicants’ travel document in the VIS.

The contracted study concluded that sub-option B is more intrusive and no more effective for achieving the identified objectives and that as a result, the processing of the additional data (all used passport pages) was considered disproportionate if it were to be stored centrally.

8.2.Fingerprinting of minors

The preferred option is Option 2.1 – Lowering the fingerprinting age to 6 years.

Option 2.1 (lowering fingerprinting age to 6 – thus covering visa holders as of 11 years of age, which is at the start of the age segment, 12 to 17 years of age, which is the most affected by trafficking and other abuse of rights phenomena) contributes to the policy objectives as identified; it facilitates the protection of these children while traveling with a visa and after arrival in the Schengen area, while attaining necessity and proportionality thresholds.

8.3.Long-stay visas and residence documents

Option 3.4.b – Extend the scope of the VIS to include long-stay visas and residence documents – Store also data on all applications is the preferred option since it satisfies the criteria of necessity and proportionality, while also meeting the criteria of coherence, effectiveness and efficiency more than any other alternative. While option 3.2 – further harmonisation of residence documents – is not the preferred option for this IA, the analysis carried out recognises its significant contribution to the achievement of the specific objective related to an increased security at borders. Ideally, all documents allowing a TCN to cross the external border, stay and/or reside in the territory of the Member States should be harmonised, to facilitate border checks. Exchanging information on TCN applying an entry and residence document ensures upstream verification of the person and its bona fide intentions, while harmonisation of the issued documents ensures downstream proper verification at the border or within the territory. Therefore, important synergies exist between these two options, taking into account in particular the Commission legislative initiative to harmonise and secure the residence cards, which would advance significantly the further harmonisation of documents and thus further contribute to the objective of an increased security at borders.

Through facilitating the systematic and better exchange of information among Member States on TCNs holding or applying for long stay visas and residence documents, the second specific objective would result in enhancing the internal security of the Schengen area, thus closing the identified information gap. When records of long-stay or residence documents are placed in a central system and accessible to all relevant Member State authorities, each Member State would be able to make a more precise and impartial assessment of the security risk, based on the records found in the system while checking TCNs at the border crossing points or assessing the application. 139

The second specific objective also presents a dimension of support to fraud detection linked to obtaining authentic documents on the basis of false breeder documents, 140 as better information exchange between Member States could help identify these cases and pass the information to all Member States. Currently if a person tries to apply to a long-stay visa or residence document in one MS with falsified application documents, there is no systematic ways for other MS to know about the situation of this TCN.

In addition, facilitating the better and systematic exchange of information among MS would also minimize administrative burden and overcome the language barrier when contacting another MS to verify authenticity of the TCN’s document..

8.4.Migration and security

The preferred Option is 4.2 – Automated cross-checks + screening rules. This option meets the objectives by allowing for proper migratory and security checks for TCN to be conducted uniformly across the EU. Furthermore, the option puts the recently proposed interoperability initiative to practical use, by making interoperable IT-systems work together. The selected option is necessary and proportionate to meet the objectives, since the trade-off between negative impacts on fundamental rights and the gains in terms of improved security is offset by tight safeguards (already existing and newly developed as part of the proposed option).

8.5.REFIT (simplification and improved efficiency)

The 2016 REFIT evaluation of the Visa Information System (VIS) looked into the legal framework of the VIS and examined whether this instrument is fit for purpose, delivers on its objectives at reasonable cost, is relevant, coherent and has EU added value. The evaluation shows that the VIS was effective in meeting its objectives.

The evaluation concluded that the VIS meets its objectives and functions well. The VIS’s benefits were found to outweigh its costs, and the system remains relevant and continues to have EU added value. No specific problems of regulatory changes were identified, or administrative burden that needs to be cut. The Report recommended that the VIS be maintained and further developed to respond to the new challenges in visa, border and migration policy.

The measures proposed by the Commission under the present initiative entail both measures addressing the problems identified in the evaluation, as well as new initiatives, that extend the scope of the VIS beyond its current application (see notably topics 1 and 3 addressed under the present IA).

As regards the costs and benefits provided by the measures analysed by the current IA, they are presented in the tables in section 2 of annex 3. As regards the benefits, for a vast number of areas impacted, these are non-quantifiable by nature and so figures could not be provided.

As regards the costs for additional technical measures which will be dealt with by the proposal but which were not identified with a major economic, social or fundamental rights impact (and are thus not analysed by this IA), an estimate of the costs entailed for the central system to operate the proposed modifications was made by eu-LISA in its 2017 "study on VIS developments" and are presented in the tables in Annex 4.

9.How will actual impacts be monitored and evaluated?

The Commission will ensure that systems are in place to monitor the functioning of the VIS and evaluate its main policy objectives. Four years after the start of the application of the revised VIS Regulation and every four years after, the Commission will submit a report to the European Parliament and to the Council. The report will present an overall evaluation of the functioning of the system, including its direct and indirect impacts and practical implementation on fundamental rights. It should examine results achieved against objectives, assess the progress with respect to the four main problem areas, and assess the continuing validity of the underlying rationale and any implications for future options.

The table in Annex 6 provides a list of operational objectives, its detailed performance indicators, sources and methods for data collection. The monitoring will be facilitated through three main channels. The proposal is introducing a central repository of data for the purposes of reporting and statistics which will allow for collecting data without causing an additional administrative burden. The monitoring indicators are essentially expected to be collected on an ongoing basis by the systems or technical components themselves. This will provide precise data on detected use of fraudulent documents, system security checks and successful hits, and identification for the purpose of a return/readmission procedure. Secondly, Member States and Europol will prepare annual reports on the effectiveness of access to VIS data for law enforcement purposes containing information and statistics on the consultation including the type of terrorist or serious criminal offence, the number of requests for access to the VIS and cases which have ended in successful identification, including child TCN. In addition to this, consultations with stakeholders, such as FRONTEX and Member States' visa-issuing authorities, will compliment monitoring activities at the EU level and provide the Commission with their input on the impact of the proposed policy measures.

ANNEX 1: Procedural information

1.Lead DG, Decide Planning/CWP references

The lead DG is Directorate-General for Migration and Home Affairs (DG HOME). The Decide Planning reference is 2017/HOME/208. The initiative is mentioned in the Commission Work Programme for 2017 – COM(2016) 710 final, Annex 2, No 18. Visa Information System, and in the Commission Work Programme for 2018 – COM(2017) 650 final, Annex 1, No 20. Delivering on the EU Agenda on Migration.

2.Organisation and timing

Work to prepare the draft proposal and the impact assessment began in 2017. The Interservice Steering Group for the impact assessment was composed of the representatives from JUST, SG and SJ. Several meetings were held between 15 March 2017, and 15 March 2018 to discuss the ToRs, interim and final reports of the individual studies, as well as the draft COM IA Report, with numerous written consultations in between.

3.Consultation of the RSB

The draft Impact Assessment was submitted to the Regulatory Scrutiny Board on 16 March 2018. The Board examined the Impact Assessment on 28 March and delivered its opinion on XXX.

4.Evidence, sources and quality

This initiative builds on the evaluation of the VIS 141 which analysed its performance as a system, its implementation in practice and the extent to which it has reached its policy objectives, including its added value to the common visa policy. On the basis of this evaluation, the Commission issued recommendations regarding the need for revision or extension of the VIS functions. Despite the very good performance of the common system for storing, processing and exchanging visa data, the evaluation demonstrated a need to further develop the system in order to respond to new challenges in visa, border and security policies. The evaluation further demonstrated a need for a number of improvements in particular in relation to monitoring of data quality and production of statistics.

In order to collect widespread evidence, two open public consultations were launched by the Commission. The Schengen evaluation and monitoring mechanism consisting of the on-site visits and questionnaires also provided the Commission with valuable first-hand evince and the opportunity to carry direct stakeholder consultations right at the borders, the in-depth knowledge has been exploited wherever possible. Additional specific data, including opinions and testimonies of directly involved stakeholders, were collected in the scope of studies carried out by external contractors.

A specific study was commissioned in order gather additional data on the necessity, proportionality and implications of lowering the fingerprinting age of children and of storing a digital (i.e. scanned) copy of the travel document in the VIS. Findings of the study on technical feasibility of all possible VIS developments carried out by eu-LISA during November 2016 and February 2017 were also taken into account. Furthermore, a Feasibility study on Integrated Border Management (IBM) for persons not recorded in EES and a study on legal analysis on the necessity and proportionality of extending the scope of the VIS to include data on long stay visas and residence documents have been conducted.

The data collection process was designed to meet the information needs; however, several limitations were encountered in the data collection process, which have implications for the ensuing analysis. While Member States collect various data on two topics under investigation, methods and definitions can differ significantly across Member States, thus making data difficult to compare. Moreover, where collected, the data generally do not distinguish between cases of TCNs who have entered on a visa and those who have entered the EU via irregular channels. Also available data often do not distinguish between the different age categories.

For the quantification of key impacts, a methodology was developed to assess the main changes that can be expected from the proposed measures relative to a continuation of the baseline scenario. The quantitative analysis was, however, conducted separately for each policy area, and therefore the presented quantification does not include considerable cost reduction aspects, such as economies of scale and potential investment overlaps, which would finally result from implementing the combination of preferred policy options.

The calculation of costs incurred by the different stakeholders is mostly based on a simplified estimation model relating to assumptions on the amount of time that might be reasonably taken to perform the additional activities, which would be required to comply with the proposed changes. The evidence base underlying these assumptions draws from the results of the in-depth interviews with Member States’ competent authorities and consular staff, in combination with available statistics.

ANNEX 2: Stakeholder consultation

In preparation of the revision of the Visa Information System legal basis and the accompanying Impact Assessment, the Commission services conducted directly and indirectly through its contractors a number of surveys and consultations. The objectives were to gather and analyse views, experience and suggestions for better practice from the main stakeholders in order to tackle the identified problem drivers in the most comprehensive manner. Additionally, findings of the previous studies, documents referring to one of the four policy aspects covered in this Impact Assessment, related consultations and Schengen evaluation have been taken into account. The summary of the stakeholder consultations is presented bellow following the four respective policy aspects.

The European Commission also launched two open public consultations on (1) lowering the fingerprinting age for children in the visa procedure from 12 years to 6 years and (2) extending the scope of the Visa Information System to include data on long stay visas and residence documents for a period of 12 weeks. The consultations were conducted through an online questionnaire published on the internet in all EU official languages, with the exception of Gaelic. The results of the open public consultations are summarized below.

The Inception Impact Assessment was published on the European Commissions' webpage on 28 March 2017 with the feedback period from 29 March 2017 to 26 April 2017. No feedback was received.

1.Stakeholders

In the course of the study on lowering the fingerprinting age for children and on storing a digital copy of the visa applicants' travel document in VIS 142 , a number of interviews were conducted with following entities:

·EU Agency of Fundamental Rights (FRA)

·European Data Protection Supervisor (EDPS)

·eu-LISA (and VIS Advisory Working Groups)

·Europol

·Frontex (EBCG)

·Missing Children

The study team also performed field visits to 4 third countries. Interviews were carried out with consulates of the pre-selected Schengen States. The following four countries were visited:

·The mission to Rabat, Morocco took place from 13 – 15 November, 2017. A total of 9 interviews were carried out with a combination of MS consulate staff, ESPs and the EU Delegation.

·The Nigeria mission took place from 26 – 29 November 2017. A total of 6 interviews were carried, including with 4 consulates, one ESP and the EU Delegation to Abuja.

·The mission to Moscow, Russia took place from 4 – 6 December, 2017. A total of 8 interviews were carried out, including 6 with consulate representatives, 1 with immigration liaison officers and 1 with the EU Delegation.

·The mission to Istanbul, Turkey took place from 20 – 23 November, 2017. A total of 7 interviews were carried out with consulate officials and one ESP.

In addition to the field visits, an intensive interview programme in 8 Schengen Member States (BE, DE, EL, ES, FR, IT, LT, PL) was conducted in order to gather the necessary inputs. Consulted stakeholders represented departments responsible for managing National VIS connection, ESPs (where relevant), migration authorities 143 , consular affairs departments 144 , border police authorities, return authorities, law enforcement authorities dealing with terrorism and/or serious crime, National Data Protection Authorities, Ministry/department of the rights of the child, Anti-trafficking authorities, and Ombudsperson for Children.

The results of the stakeholder consultation revealed that Member States’ authorities overwhelmingly agree that if digital copies of scanned travel documents were systematically available and accessible to the relevant authorities, it would:

(I)greatly reduce the burden to confirm this category of TCNs’ identity and facilitate the return process;

(II)reduce delays associated with ad hoc communications and exchange between Member States’ authorities and the consulates; and

(III)eliminate inefficient procedures involved with retrieving, scanning, zipping and coding hard copies.

An annual average of 1,100 to 17,445 visa overstayers was detected in the consulted Member States between 2014 and 2016. 145 As a percentage of visas issued, the 6 Member States for which data was available indicate a rather consistent average of 2%. Indeed, one Member State estimates that the number of detected overstayers represents just 40% of all visa overstayers (i.e. the undetected population). According to stakeholders interviewed, around 90% of visa overstayers eventually become subject to return proceedings, and it is estimated that 10% to 20% of these cases involve TCNs without travel documents at the time of apprehension; and that more than half will not be executed due to Member States’ inability to obtain satisfactory evidence to prove the nationality of the third country national in question.

According to interviewed Member States’ authorities, the effort involved in confirming the identity of TCNs who no longer possess a valid travel document, or who fail to produce it on request, can be significant in the current situation. In such cases, Member States need to obtain a digital copy of the visa holders’ travel document that provided the basis for issuing the visa from the issuing Embassy. Regardless of which route of communication is utilised, interviews with Member States and Consular officials indicate that the average response time on the part of the consulates varies and is highly dependent on the workload at the respective consulate. As a result, return procedures may be delayed by 2 days during low-seasons, and up to 2 weeks during busier periods. Whereas the proposed policy options would effectively eliminate this step enabling Member States to directly or indirectly search in the VIS for the required documents.

Moreover, in the experience of several authorities interviewed, the consulates' and border authorities' staffs are not immune to making mistakes when it comes to translations. These problems are multiplied in the event of court proceedings, or if other Member States require the information. Three Member States indicate that personal data used for a query does not always return any matches because the TCN received a visa in another Member State using different personal data. The consultations also revealed further unnecessary administrative burdens related to the current practice of retrieving, scanning, zipping and coding hard copies. The workload associated with each request may vary depending on the number of archived files at the consulate, the accessibility of the files, etc. For example, one Member State indicated that the paper copies are not destroyed by the diplomatic representations, but rather continue to pile up, thus adding to an increasingly cumbersome retrieval process.

As for lowering the fingerprinting age for children, according to the interviewed Member States' authorities the main benefits of the proposed policy measure reside in unambiguously identifying these children allowing for:

(I)family unification of children found unaccompanied with parents, family or care givers within and outside the Schengen area;

(II)verifying the family relationship between a child and adults presenting themselves as parents or guardians;

(III)determining which Member State is responsible for examining an application for international protection under the Dublin Regulation; and

(IV)preventing visa fraud or irregular migration involving children.

In the current legislative context it was impossible for interviewed stakeholders to have readily available data on this phenomenon; however, stakeholders' testimonies did reveal example cases and suggested potential benefits of the proposed initiative.

A general statement of one Member States' authority summarised the initiative as following: “the optimization of identification procedures for children at risk, irrespective of where they are located, has decisive impact, on the one hand for the protection of children on the other hand for the prevention of further victimization and ultimately the consolidation of the sense of security among the public”.

Field visit in Morocco did not allow to obtain conclusive information on the issue of lowering the age for taking fingerprints. Interviewees in Turkey noted that the proposed measure would have more impact when fingerprints were taken and checked at Schengen borders.

On the contrary, lowering the fingerprinting age of children was unanimously considered a positive measure by all consulates and interviewees during the field visit in Nigeria, and apparently would not take much additional effort as it may take one to a few minutes per child to process the fingerprints. The necessary equipment is already available. It would not be necessary to create separate booths for this purpose, as experience shows that children are generally excited to ‘do what the adults do’ and want to give their fingerprints eagerly.

The interviewees in Russia were not aware of cases of child trafficking, smuggling, or related trends of TCNs who enter the EU on a Schengen visa, all but one Member State are in favour of the measure. As one interviewee noted, the Member States should not be reluctant to increase the arsenal of tools available for the purposes of protecting children; thus, various databases, authorities and countries shall be coordinated to be effective.

In the course of feasibility study on including additional documents into the VIS 146 , stakeholders were consulted via a questionnaire sent to the Member States in May 2017. The questionnaire was divided into five sections: a general set of questions on the current situation at external borders, the main added value for the repository and its main uses and four sets of questions focusing on the documents analysed (“as-is” situation, national repository, situation at the borders, data included…). 17 Members States answered to the survey; additionally, another 21 answers to a European Migration Network survey sent in April 2017 were also taken into account.

All Member States answered that the repository would be useful/very useful, in particular for border control purposes.

Table 1: Answers from MS about the possible objectives for the repository

Additionally, on the utility to include the different documents in the repository, the Member States replied the following:

Table 2: Preliminary table summarising the MS questionnaire on the added value of the documents

One Member State also included an additional objective in the questionnaire: support to the decision-making process for asylum authorities. These authorities could use the biometric data to check if a TCN applying for asylum is known as a holder of a document issued by another country. This practice is of common use with the information contained in the VIS (art. 22 of the VIS Regulation), so reusing the system would allow for this objective to be met with less implementation complexity.

The questionnaire from January 2018 revealed that all Member States have detected cases of false/counterfeit/forged long-stay visas, residence permits and residence cards issued by other Member State; documents and impostors being mostly counterfeit. Visual inspection, verification of the documents' security features and checks against SIS are the most common ways to check its authenticity at the border; whereas, only 5 out of 16 Member States use passive authentication to verify residence permits and only 6 out of 13 residence cards. When it comes to contacting other MS, the most common tools are National Contact Points (11/12), emails (11/12), followed by telephone (7/12), SIRENE (6/12); some Member States noted that they contact the issuing embassy if necessary. Additionally, some Member States argued that the major obstacles of contacting other MS are the language barrier and poor reachability between some Member States. The majority of responding MS (12 out of 15) noted that there is the lack of shared information on the long-stay visas, residence permits and residence cards that hurdle day-to-day activities; this is mostly seen for border control checking residence permits and for processing a new application of long-stay visas and residence permits.

A majority of responding Member States (13 out of 16) answered that an EU legislative response is needed for the extension of the VIS to long-stay visas, residence permits and residence cards, two MS noted that that a non-legislative response at EU level would suffice (better use of existing tools), and one MS abstained. The proposed legislative option to extend the scope of the VIS to include long-stay visas and residence documents was rated highest score by the responding Member States.

The Schengen evaluation and monitoring mechanism consisting of the on-site visits and questionnaires provides the Commission with the first-hand evince on weaknesses of the Schengen acquis application by Member States and direct stakeholder consultation right at the borders. One of the main findings of the evaluation presented by the Commission in October 2016 was the low quality and insufficient scope of data in VIS. Moreover, verifying authenticity of the TCNs' documents and performing systematic security and risk checks against other applications and national databases revealed to be an additional administrative burden; especially concerning the current migration flows and security situation at the external borders. The Member States and border management authorities would therefore welcome automatization of the security cross-check against other applications in order to facilitate the border check procedure while enhancing security; additionally to this, introducing screening rules in VIS would allow for an advanced risk assessment.

2.Open public consultation

The European Commission launched an open public consultation on lowering the fingerprinting age for children in the visa procedure from 12 years to 6 years on 17 August 2017 which closed on 9 November 2017 and attracted a total of 25 responses. 15 respondents replied as individuals and 10 in their professional capacity or on behalf of an organisation.

The respondents didn't agree whether children should be submitted to the same procedures when applying for a Schengen visa as adults; however, 60% of respondents would support lowering the fingerprinting age 149 . A majority of respondents consider fingerprinting children applying for a short stay visa, by helping with their identification, necessary or useful to address or prevent – trafficking, child abduction, children going missing, irregular migration, visa fraud, and identity fraud. More than a half of respondents would consider specific or additional protection safeguards in place when collecting, biometric/fingerprint data of third country national children 150 . Finally, the majority of respondents agree that technological developments, including on the collection and use of biometrics, could contribute to and should be used to enhance the protection of children 151 .

Table 3: To what extent do you consider that fingerprinting children applying for a short stay visa, by helping with their identification, is necessary or useful to address or prevent?

The open public consultation on extending the scope of the Visa Information System (VIS) to include data on long stay visas and residence documents was opened from 17 November 2017 to 09 February 2018. The consultation attracted a total of 28 replies out of which 19 respondents replied as individuals and 9 in their professional capacity or on behalf of an organisation.

86% of respondents agreed with the identified information gap 152 (i.e. currently Member States do not share information on long stay visas and residence documents they issue with other Member States) that leads to problems in management of external borders and irregular migration within the EU. A majority of respondents noted that it is necessary to share the data contained in long-stay visas, residence permits and residence cards among Member States authorities in order to allow their verification at the border and within the territory of the Member States. A shared EU repository is necessary first and foremost to combat irregular migration according to the most of respondents (92%), followed by better informing visa and migration authorities for an authorization to enter EU territory by a third-country national (89%).

Full sharing of information between Member States' authorities in order to enable them to check their authenticity and validity was selected as the most appropriate mean to address the gap by 55% of respondents, better cooperation between national authorities by 29%, and reinforcing security features of the documents by 9%. As for a proper EU tool to address the identified gap, 52% respondents support a repository of long stay visas and residence documents as part of the already existing VIS, followed by 35% respondents in favour of storing long stay visas in the VIS, together with short stay visas and creating a separate new instrument to store residence documents. Furthermore, the stakeholders consultation revealed that the public considers a shared EU repository necessary for reducing identity and document fraud 153 , combatting irregular migration 154 , better informing visa and migration authorities as to the history of previous documents for an authorization to enter EU territory by a third-country national 155 , and preventing, detecting and investigating terrorist offences and other serious criminal offences 156 .

ANNEX 3: Who is affected and how?

1.Practical implications of the initiative

1.1.Including a copy of the travel document in the VIS

1.2.Lowering the fingerprinting age for children

1.3.Repository of long-stay visas and residence documents

1.4.Migration and security checks for when processing applications of visa required TCN

2.Summary of costs and benefits

The tables below summarise the costs and benefits for the preferred option. Given the lack of available data, the tables have been filled to the extent possible.

The quantitative analysis was conducted separately for each policy area. The bellow presented overview of costs does not therefore take into account considerable cost reduction aspects, such as economies of scale and potential investment overlaps, which would finally result from implementing the combination of preferred policy options.

Annex 4: REFIT

*Table with summary of estimated costs provided in the feasibility study on "VIS Evolutions" of July 2017 by eu-LISA.

As regards the benefits for implementing these measures, they are non-quantifiable and summarised in the table below:

Annex 5: Methodology

1.Available data

A general caveat has to be stated regarding data collection. Both studies reported difficulties in finding reliable data because of scarcity of readily available data. Most notably, the number of TCN children that accessed the EU territory with a visa and who subsequently became victims of trafficking or other forms of abuse cannot be quantified precisely. Similarly, there are no figures currently available and no processed to collect that on third country nationals that accessed the EU territory legally and who subsequently became irregular. This is why extrapolations and assumptions were used when complete data was not at hand, as duly noted in the supporting studies and in this report.

The following assumptions were used calculating the costs of the policy options.

Storing a copy of the travel document

·Additional servers:

oOption 1 – Number of entries within the 10 year period would approximately double; estimate based on the Smart Border study 158 ;

oOption 2 – Estimates based on interview feedback with relevant stakeholders 159 ;

·Additional VIS storage – Assumed storage cost is EUR 1,200 / 1 TB;

oSub-option A requires additional 1100 TB storage;

oSub-option B requires additional 4160 TB storage;

·Scanning equipment – Estimated cost of one new scanning system is EUR 2,500;

oConsulates – 1881 consulates;

oEPSs – 2,683 VFS Global and TLS Contact application centres;

§Sub-option B assumes that 20-30% of ESPs will require more than one additional scanner;

·Training and awareness raising – Based on interviewee feedback and findings from relevant studies 160 ;

·System operational cost

oOption 1 – The current operational cost of the VIS infrastructure is EUR 35 m. in FY2017 161 ;

oOption 2 – Estimates based on interview feedback with relevant stakeholders;

·Workload impact – Consulates handle approximately 10% of applications themselves (1.76m.) whereas the remaining 90% are outsourced to ESPs (15.8m.);

oConsulates – the labour costs is EUR 26 / hour;

§Sub-option A requires additional 40 s / application;

§Sub-option B requires additional 190 s / application;

oESPs – the labour cost is EUR 17 / hour;

§Sub-option A requires additional 70 s / application;

§Sub-option B requires additional 220 s / application.

Table 1: Summary of investment (one-off) and recurrent compliance costs (thousands EUR)

Lowering the fingerprinting age for children

·Child-friendly equipment – Assumed cost is EUR 3,000 / 1 new system;

oConsulates – 1,651 consulates 162 ;

oESPs – 2,683 VFS Global and TLS Contact application centres;

·Additional VIS storage – Assumed storage cost is EUR 1,200 / 1 TB;

oOption 1 requires additional increase of storage by 4,4%, i.e. 7.7 TB;

oOption 2 requires additional increase of storage by 8,8%, i.e. 15.4 TB;

·Training and awareness raising – Based on interviewee feedback and findings from relevant studies 163 ;

·System operational costs – Assumed increase in operational costs is 4,4%, 8,8% respectively;

·Workload impact – The number of children applicants is estimated 0.7-1.05m. with the average of 875,000; consulates handle approximately 10% of applications themselves (1.76m.) whereas the remaining 90% are outsourced to ESPs (15.8m.);

oOption 1 requires additional 0.2-1 min.;

oOption 2 requires additional 0.4-2 min.

Table 2: Summary of investment (one-off) and recurrent compliance costs (EUR)

2.Assessment criteria

In line with the better regulation guidelines on impact assessments, the methodology underpinning the present report and its supporting studies focused on the significant social, economic, and fundamental rights impacts. Depending on each problem area scrutinised by the present study, the exact categories of persons and processes impacted by the foreseen measure could vary. This is why the impact of the measure will be examined separately under each problem area, to take account of its specificity.

The VIS concerns mainly two types of actors: visa applicants and Member States' authorities and hence these are the two categories most impacted by the envisaged measures. These impacts in turn can have broader consequences for the societies of EU Member States and the EU's external relations.

3.Categories impacted by the envisaged measures

The first group which is directly affected are applicants for a short stay visa, i.e. third-country nationals who are under the visa requirement and who apply for a short-stay visa at one of the Schengen consulates. As regards checks against migration and security databases, applicants will experience any change in the checks that they are subject of when applying only indirectly. As regards the travel document, the obligation currently exist for them to present it in a consulate and most MSs consulates already make copies of it, therefore this change will not be immediately experienced by the applicant. However, if this is to be used as evidence of nationality and identity in a return procedure, the impact on the person will be direct. As regards the possibility to lower the fingerprinting age for children, this will have a direct impact on children under 12 and their families. The family member(s) accompanying the child will have to be physically present in a consulate with the child at least for the first application, in order to submit fingerprints.

Under the proposed measure to include data on long stay visas and residence permits and their holders, a new category of data subjects will be added to the VIS. The impact on this category of TCN will not be direct, as the procedure to apply for these documents will not be changed. However, they will be indirectly impacted by the fact that their data will be placed in a centralised database and checked against other databases in an automated manner.

The second group directly affected are Member States' authorities, mainly consulates in third countries as the visa-issuing authorities, as well as border, migration (including return), asylum (including Dublin) and in some cases law enforcement authorities. These authorities are directly impacted by all four measures. Additionally, the measure to extend the VIS to long stay visas and residence document may require access by authorities that currently are not involved in the VIS process (authorities issuing residence permits or cards, depending on national organisation). If the VIS is to be used for identifying children victims of trafficking or contribute to preventing this phenomenon, anti-trafficking authorities and child protection authorities may also be granted access.

There are further consequences on the society at large. Reinforced migration and security checks will impact the integrity of the visa processing and consequently the security of the Schengen area. Similarly, increased leverage for the EU readmission policy and better return rates will improve migration management, and thus the reliability and credibility of the EU migration policy. As many people travel to the EU to visit their family members, the protection of family life 164 will also be indirectly affected by increased or reduced possibilities for travel.

Ultimately, the cumulative effect of changes on the categories of TCN and the number of checks performed will have positive or negative impact on the EU's relations with third countries and the EU's image in the world. This is particularly relevant regarding the link between visa policy and readmission policy.

4.Summary of possible impacts of the policy options

The following table summarises the possible impacts of the policy options:

Table 4: Possible impacts of policy options

The different possible interventions in the three problem areas are not likely to all have noteworthy impacts in all of the above-mentioned areas. Therefore the assessment for each problem area is focused on the fields where the different policy options are likely to have significant impacts. A selection of the most relevant impacts will be established for each problem area. However, given its significant impact on persons subject to VIS procedure and the horizontal nature of its principles, the following sub-section will focus in particular on the data protection aspects, which will thereafter be specifically analysed under each policy option.

Annex 6: Monitoring and Evaluation

Annex 7: Executive Summary of the Study on Storing a Scanned Copy of the Visa Applicants' Travel Document in the Visa Information System (VIS)

Article 2(e) of the VIS Regulation (EC) No 767/2008 foresees that one of the objectives of VIS is ‘to assist in the identification of any person who may not, or may no longer, fulfil the conditions for entry to, stay or residence on the territory of the Member States.’ Article 31(2) enables the Member States – via the designated competent authorities for carrying out checks at external border or within the territory of the Member States are allowed to access certain VIS data for verification and identification purposes (specified in Article 19 and 20) – to transfer or to make available a limited set of these data to a third country for the purpose of proving the identity of third-country nationals for the purpose of return. 165 Thus, although not explicitly defined in Article 2, when taken together, these provisions foresee that the VIS can be used to facilitate both the identification of the irregular migrant and the issuing of travel documents for return. 166

In its report on the implementation of VIS of October 2016, the European Commission found that the use of VIS in return procedures has so far been limited, whereas recent trends underline an increased need to use this instrument which provides a proof of identity necessary in a return procedure. 167  

1.Analysis of the problems

Under topic 1, two main problems are identified as contributing to a situation in which Member States face high barriers to complete return procedures regarding third country nationals who overstay their visa and fail to produce a valid travel document on request. These two problems are:

Problem 1: In the absence of a valid travel document (or copy thereof), return proceedings for TCNs who entered the EU using a visa are slow and often unsuccessful;

Problem 2: Delays in the return process result in increased costs and administrative burdens realised by the Member States.

Although visa applicants, and subsequent visa holders, are under strong obligation to establish their identity by presenting a valid travel document during both the application process and upon entry to the EU, Member States report that many TCNs visa overstayers who become subject to a (forced) return are no longer in possession of their travel document, or fail to produce it upon request. In such cases, the sending Member State must file an application for a replacement travel document, or laissez-passer, either with the in-country diplomatic representation of the country of origin, or directly with the competent authorities of the country of origin, pending the positive identification of the foreign national in question. Most third country diplomatic representatives only issue an emergency travel document once the identity and nationality of the TCN can be verifiably proven by the sending Member State. Notably, the authorities of the majority of third countries currently do not accept the information that can be extracted from the VIS as sufficient evidence to verify the person as one of ‘their’ nationals, and they request a scanned copy of the TCN’s travel document as proof. In this context, Member States can prove nationality by providing a scanned copy of the TCN’s travel document that provided the basis for issuing the Schengen visa.

Indeed, in the absence of a valid travel document, the scanned copy of a former visa holders’ travel document is key to being able to prove the nationality of a TCN. This is particularly necessary for facilitating returns to traditionally non-cooperative countries of origin in respect of readmission of their nationals. In the current situation, the process by which Member States obtain the travel document copy is hampered by the absence of a legal framework allowing Member States to exchange or transfer such information, as well as the slow or non-existent cooperation on the part of third country authorities. While the effectiveness of the measure ultimately depends on the willingness of third countries to cooperate with the Member States, the evidence suggests that the measure would make it more difficult for third countries to deny return, as both the information in VIS, as well as copies of the travel documents would be available.

The study estimates that the total number of visa holders becoming irregular migrants by overstaying their visa is approximately 294 000 persons per annum. According to stakeholders interviewed for this study, around 90% of visa overstayers (i.e. 264 453) will become subject to return proceedings, and we estimate that 10% to 20% of these cases involve TCNs without travel documents at the time of apprehension; and that more than half will not be executed due to Member States’ inability to obtain evidence to prove the TCN’s nationality.

On this basis, the number of return decisions concerning TCNs who entered the territory on a visa, and that could not be implemented due to missing travel documents, is estimated between 15 867 to 39 668 cases Error! Reference source not found. in chapter Error! Reference source not found.. This represents roughly 13% to 33% of effective returns of visa-required third country nationals. 168  While the actual number of estimated cases is low, based on our calculations, the impact of undetected cases is potentially high. Indeed, one Member State estimates that the number of detected overstayers represents just 40% of all visa overstayers (i.e. the undetected population). Moreover, according to migration officers that have run simultaneous searches of VIS against EURODAC for asylum searches, about 30-35% of asylum seekers can be identified using the VIS. 169  

2.Objectives

The general objectives of the proposed adaptations to the VIS system are the following: 

Contribute to assisting in the identification and return of third country nationals that do not, or no longer fulfil the conditions for entry to, or stay on the territory of the Member States in accordance with the Return Directive. 

Improve efficiency of the VIS for the purposes of facilitating return procedures.

The specific objectives of the proposed measure may be formulated as follows:

·Facilitate that Member States’ authorities are able to confirm the identity and prove the nationality of TCN visa overstayers who lack or fail to produce a copy of their travel document upon apprehension

·Improve the return rate of third country nationals found in a return / readmission procedure 

3.Policy options

The following policy options were investigated:

Option 0. Baseline (no change)

Option 1. Include a scanned copy of the travel document in the central VIS (centralised)

Option 2. Include a digital copy of the travel document in national visa systems (decentralised)

In addition to the main options, two additional sub-options were defined regarding the scope of the data to be recorded in VIS:

Sub-option A. Storage of biographical page only

Sub-option B. Storage of all used pages of the applicant’s travel document

The two sub-options can be applied to both Option1 and Option 2 described above.

4.Assessment of impacts

Economic Costs

Table 1 and Table 2 present an overview of all relevant costs (both one-off and recurrent, as well as recurrent compliance costs) from the options and their sub-options. The cost estimations are based on various sources (experience of related initiatives, stakeholder consultation) and derive from a number of assumptions, which have been detailed in Chapter 3.5.1 and in Annex III.

Table 1     Summary of investment (one-off) and recurrent compliance costs (millions)    

Source: Ecorys calculations based on data provided during stakeholder interviews.

Note: Calculations may not add up due to rounding.

Table 2 Summary of additional workload-related costs    

Source: Ecorys calculations based on data provided during stakeholder interviews.

Note: Calculations may not add up due to rounding.

Both options and the two sub-options require some one-off costs, both to implement the proposed change and to train the relevant personnel and raise awareness along the chain of stakeholders.

One-off investment costs are significantly higher for Option 2 than for Option 1, as the former would involve the expansion or setting up of national systems. The study notes, however, that since the history of previous applications can be easily checked in the VIS, no new copies are requested from the applicant if documents have already been submitted during a previous application, and if that document has not yet expired and been replaced with a new one. This suggests that required investments in storage capacity under Option 2 may be substantially lower than the calculations suggest. The study was unable to collect data enabling an accurate estimation of the investments required at national level due to the late inclusion of this option in the analysis. Regarding the sub-options, the technical infrastructure to be added at ESPs and consulates is limited to a document scanner connected to a computer.

On-going compliance costs are summarised as follows:

Costs incurred by visa authorities and ESPs stem from the additional time spent to (a) make the scanned copy of the travel document, (b) transfer the data to the consulate and (c) to transfer the data (digitised copies) from the consulate to the NS-VIS. The costs are driven by the choice of sub-option; the main options do not affect the workload of the consulates and ESPs. Thus, the costs for consulates and ESPs are substantially higher under sub-option B compared to both sub-option A and the current situation (baseline scenario).

Costs incurred by third country nationals are similarly driven by the two sub-options. In the event that sub-option B is implemented, ESPs and consulates may pass additional workload costs onto the TCNs in the form of increased visa service fees charged to applicants. Given that the average service fee charged to applicants today is approximately € 25,00, the average fee increase will range from € 1,00 to € 5,00 per applicant under sub-option B. By contrast, sub-option A would result in only a marginal increase in the workload of ESPs relative to the current situation, therefore the ESPs are unlikely to increase the service fee levied on visa applicants. Visa applicants may additionally experience increased wait time at the application centres due to the increase in time spent by ESP personnel for receiving each application. The identified opportunity costs are, however, minor compared to the current situation.

Economic benefits

As shown in Table , the measures will produce several important economic benefits for Consulates (and ESPs, as a result of the additional visa fees) as well as Member States’ migration and return authorities. Implementation of a measure to systematically include scanned copies of visa applicants’ travel document in the VIS, which would be either directly or indirectly searchable and accessible to the relevant authorities, will:

·Greatly reduce the burden to confirm this category of TCNs’ identity and facilitate the return process while facilitating the likely cooperation on the part of third country authorities to issue an emergency travel document to return their nationals;

·Reduce delays associated with ad hoc communications and exchange between Member States’ authorities and the consulates; and

·Eliminate inefficient procedures involved with retrieving, scanning, zipping and coding hard copies.

The identified economic benefits are primarily drive by the choice of main option (Option 1 and Option 2). While Option 1 performs marginally better on these objectives compared to Option 2, both measures will significantly reduce inefficiencies associated with the current procedures.

Table 3 Summary of benefits of the policy options    

The saved costs for consulates from the reduced number of supporting document assistance requests is estimated to range between € 0,7 million to € 2,8 million across all Schengen consulates worldwide. The impact is the same across both main options.

The saved costs for migration and return authorities from the reduced workload associated with contacting the consulates and obtaining the scanned copy of the via applicants’ travel document is valued higher under Option 1 than under Option 2. This is due to the fact that under Option 2, Member States will still need to request the information from the national authorities responsible for storing the scanned copy, a procedure that would require an estimated 15 minutes or less to carry out. Option 1 is therefore marginally more efficient than Option 2.

The cost savings from executing a higher proportion of returns (in less time) will also increase under both of the main options. The benefits are only marginally lower under Option 2, due to the remaining workload associated with making requests to the storing authority, as shown in Table 3 (lower benefit from slightly less efficient procedures). The full impact is difficult to estimate with any accuracy as it is wholly dependent on the cooperativeness of the third country authorities.

In terms of the impact on duration and timeliness of return proceedings, both options would significantly reduce the wait time imposed on migration and return authorities during the process of confirming the identity of TCNs. Under Option 1, the delays will be effectively eliminated, resulting in a delay reduction of up to 14 days. Option 2 would have a slightly lower impact as Member States’ authorities may still be required to wait for several hours before receiving a reply from the responsible national authority for storing the travel document. The potential benefits to be realised from both options will be sufficiently substantial to offset the costs incurred to implement and comply with the respective options.

Policy impacts

The storage of visa applicants’ travel documents in VIS will improve the implementation of the objective of facilitating returns of TCNs who have been issued with a return decision. Both Option 1 and Option 2 will enable Member States to Member States to obtain the necessary evidence for proving the nationality of TCN visa overstayers who have been issued with return decision, but who lack a valid travel document, to equal effect. This is because both options entail the systematic collection and storage of the visa applicants’ travel document that provided the basis for issuing the Schengen visa in VIS. In both cases, however, the effective change is highly dependent on the third country in question.

The experience of Member States to date indicates that there is a direct correlation between the rate of effective returns based on VIS matches combined with a copy of the travel document on the one hand, and the level of historical cooperation with the given country of origin on the other. In other words, if a return is theoretically feasible (due to positive confirmation of identity), and the country in question is typically cooperative in dealing with returns, then the information in the VIS matches coupled with a copy of the TCN’s travel document will be extremely useful and sufficient for facilitating the return. However, if the country in questions is non-cooperative on returns in general, Member States have few recourses to compel the return.

Based on inputs provided during the stakeholder consultation, the study cautiously assumes that the proportion of effectively executed returns of TCN visa overstayers without travel documents will increase by 50% to 75% as a result of the proposed options.

If the proportion of effectively executed returns increases by 50%, then the benefit is an additional 7.934 to 19.834 TCNs returned compared to the current situation.

If the proportion increases by 75%, then benefit is an additional 11.900 to 29.751 persons returned.

Table 4 Estimated benefits for the implementation of returns