This document is an excerpt from the EUR-Lex website
Document 52016XX0525(03)
Executive Summary of the Recommendations of the European Data Protection Supervisor on the proposed European Border and Coastal Guard Regulation
Executive Summary of the Recommendations of the European Data Protection Supervisor on the proposed European Border and Coastal Guard Regulation
Executive Summary of the Recommendations of the European Data Protection Supervisor on the proposed European Border and Coastal Guard Regulation
OJ C 186, 25.5.2016, p. 10–12
(BG, ES, CS, DA, DE, ET, EL, EN, FR, HR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)
|
25.5.2016 |
EN |
Official Journal of the European Union |
C 186/10 |
Executive Summary of the Recommendations of the European Data Protection Supervisor on the proposed European Border and Coastal Guard Regulation
(The full text of this Opinion can be found in English, French and German on the EDPS website www.edps.europa.eu)
(2016/C 186/06)
Executive Summary
Europe is today faced with a pressing migration crisis and increased terrorist threats. The EU therefore wants to strengthen management of its external borders. In that context, the proposed European Border and Coast Guard Regulation aims to establish general principles of European integrated border management and will reinforce the mandate of the Frontex agency.
The EDPS recognises this need for more effective manage of migration and for reinforcing internal security, which requires processing of personal data. However, the Commission’s Proposal could also create a serious intrusion into the rights of migrants and refugees, a vulnerable group of people in particular need of protection.
This Opinion address the five main data protection concerns and calls for further improvements of the proposed text to ensure full compliance with data protection principles. The EDPS considers that such compliance will be a key to the success of the initiative and its ability to withstand legal scrutiny. We specifically recommend:
|
— |
on the purposes of the Proposal, separate assessments of the necessity and proportionality of the measures for meeting the two identified aims of migration and security, noting that the aims will trigger the application of different data protection rules; |
|
— |
on the collection of personal data, clarification of the scale and scope of processing activities by the Agency, since the current Proposal implies that the new Agency will turn into a personal data hub where massive amounts of personal information would be; |
|
— |
clear delineation of responsibilities between the new Agency and the EU Member States so that there is no blurring of accountability in the data protection obligations of each controller; |
|
— |
clarifications on transfers of personal data to third countries and international organisations, bearing in mind that such transfers must be based either on an adequacy assessment or on the use of appropriate safeguards; |
|
— |
on the respect for fundamental rights of migrants and refugees, guarantees on the ground that migrants and refugees are informed of their rights in way that they can reasonably understand and exercise those rights. |
Overall, the new Agency must be sufficiently equipped and capable of discharging its responsibilities for complying with data protection rules and safeguarding the interests and rights of individuals to whom the personal data being processed relates.
1. Context of the Proposal
|
1. |
On 15 December 2015, the Commission released an important set of measures better known as the ‘Borders Package’ (1), with the objective to strengthen the management of the European Union’s external borders and better protect the Schengen area. The main initiative of this package is the Proposal for a regulation establishing a European Border and Coast Guard (2) (hereinafter ‘the Proposal’), which provides for the general principles of European integrated border management and is a follow up to the Commission’s own Agenda on Migration (3) and to some extent to its Agenda on Security (4), both tabled earlier in Spring 2015. |
|
2. |
On 17 December 2015, the European Council called for a swift adoption of the Proposal and asked the Council of the EU to reach a political agreement before the term of the current Presidency (5). The co-legislators have accelerated their deliberations on the Proposal. The Dutch Presidency intends to meet the requested deadline (6), while the European Parliament has tentatively scheduled a plenary sitting to scrutinise the Proposal in early June (7). |
|
3. |
The EDPS acknowledges the migration crisis and terrorist threats that the EU is today facing, and the importance of taking swift and meaningful measures to tackle this situation at EU level. He welcomes the efforts of the European Commission to react swiftly to the current turn of events. Nevertheless, it is the EDPS’ role to recall the importance of respecting the fundamental right to data protection and to advice on better ways to include data protection safeguards in new legislative measures, in the light of Articles 7 and 8 of the Charter of Fundamental Rights of the EU (8) (hereinafter ‘the Charter’) and Article 16 of the Treaty of the Functioning of the European Union. We regret that the above mentioned agenda has not allowed for the consultation of the EDPS at an earlier stage of the legislative process. |
|
4. |
In the present Opinion, the EDPS has identified five main areas of concern which require further improvements of the proposed text so as to ensure compliance with the data protection framework. He will focus his comments on the purposes of the Proposal, the collection of personal data, the responsibility for processing personal data, transfers of personal data to third countries and international organisations, and the respect for fundamental rights of migrants and refugees. Finally he will highlight aspects of the Proposal where important clarifications are needed. |
8. Conclusion
The EDPS welcomes several aspects of the Proposal, especially the fact that some safeguards have been included in the text, for instance to limit the data retention periods. However, considering the impact of the interference with fundamental rights of migrants and refugees, the EDPS considers more generally that a separate assessment of the necessity and proportionality of the processing activities envisaged for each purpose of the Proposal should be carried out. The compatibility in between the different purposes for processing envisaged in Article 45(1) of the Proposal should be verified as well.
In order to ensure legal certainty and compliance with data protection principles, the EDPS recommends, in particular, that the following improvements and clarifications be introduced in the final text of the initiative:
|
— |
Purpose specification and limitation
|
|
— |
Responsibilities of the Agency
|
|
— |
Quality and security of data
|
|
— |
Transfers
|
|
— |
Rights of data subjects
|
Done at Brussels, 18 March 2016.
Giovanni BUTTARELLI
European Data Protection Supervisor
(1) The Borders Package includes in total 13 legislative documents: a proposal to establish the European Border and Coast Guard accompanied by a Commission Communication, a proposal to amend the Schengen Borders Code to introduce mandatory systematic checks on EU citizens entering and leaving the EU, a proposal to establish a European travel document for the return of illegally staying third country nationals, a Practical Handbook for implementing and managing the European Border Surveillance System, a Progress Report on the Implementation of the hotspots in Greece, a Progress Report on the Implementation of the hotspots in Italy, a proposal for a temporary suspension of Sweden’s obligations under the EU relocation mechanism, a Commission Recommendation for a voluntary humanitarian admission scheme with Turkey, a Report on the follow-up to the Leaders’ Meeting on refugee flows along the Western Balkans Route, a proposal to amend the establishing act of the Community Fisheries Control Agency and a proposal to amend the establishing act of the European Maritime Safety Agency. All documents are available at: http://ec.europa.eu/dgs/home-affairs/what-we-do/policies/securing-eu-borders/index_en.htm
(2) Proposal for a Regulation of the European Parliament and of the Council on the European Border and Coast Guard and repealing Regulation (EC) No 2007/2004, Regulation (EC) No 863/2007 and Council Decision 2005/267/EC (COM(2015) 671 final).
(3) Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions ‘A European Agenda on Migration’, Brussels, 13 May 2015, COM(2015) 240 final; at that time, the Commission had already identified that: ‘The scaling up of action in the Mediterranean exposes the reality of the management of external borders increasingly being a shared responsibility. As well as a European System of Border Guards, this would cover a new approach to coastguard functions in the EU, looking at initiatives such as asset sharing, joint exercises and dual use of resources as well as a the possibility of moving towards a European Coastguard.’
(4) Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions ‘The Agenda on Security’, Strasbourg, 28 April 2015, COM(2015) 185 final.
(5) See Conclusions of the European Council meeting on 17 and 18 December 2015 available at: http://data.consilium.europa.eu/doc/document/ST-28-2015-INIT/en/pdf
(6) See main results of the Justice and Home Affairs Council meeting on 25 February 2016 available on the Council website at: http://www.consilium.europa.eu/en/meetings/jha/2016/02/25/
(7) See the dedicated webpage to the file on the European Parliament Legislative Observatory: http://www.europarl.europa.eu/oeil/popups/ficheprocedure.do?lang=&reference=2015/0310(COD)
(8) Charter of Fundamental Rights of the European Union (OJ C 364, 18.12.2000, p. 1).