This document is an excerpt from the EUR-Lex website
Document 32021R1152
Regulation (EU) 2021/1152 of the European Parliament and of the Council of 7 July 2021 amending Regulations (EC) No 767/2008, (EU) 2017/2226, (EU) 2018/1240, (EU) 2018/1860, (EU) 2018/1861 and (EU) 2019/817 as regards the establishment of the conditions for accessing other EU information systems for the purposes of the European Travel Information and Authorisation System
Regulation (EU) 2021/1152 of the European Parliament and of the Council of 7 July 2021 amending Regulations (EC) No 767/2008, (EU) 2017/2226, (EU) 2018/1240, (EU) 2018/1860, (EU) 2018/1861 and (EU) 2019/817 as regards the establishment of the conditions for accessing other EU information systems for the purposes of the European Travel Information and Authorisation System
Regulation (EU) 2021/1152 of the European Parliament and of the Council of 7 July 2021 amending Regulations (EC) No 767/2008, (EU) 2017/2226, (EU) 2018/1240, (EU) 2018/1860, (EU) 2018/1861 and (EU) 2019/817 as regards the establishment of the conditions for accessing other EU information systems for the purposes of the European Travel Information and Authorisation System
PE/17/2021/REV/1
OJ L 249, 14.7.2021, p. 15–37
(BG, ES, CS, DA, DE, ET, EL, EN, FR, GA, HR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)
In force
|
14.7.2021 |
EN |
Official Journal of the European Union |
L 249/15 |
REGULATION (EU) 2021/1152 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL
of 7 July 2021
amending Regulations (EC) No 767/2008, (EU) 2017/2226, (EU) 2018/1240, (EU) 2018/1860, (EU) 2018/1861 and (EU) 2019/817 as regards the establishment of the conditions for accessing other EU information systems for the purposes of the European Travel Information and Authorisation System
THE EUROPEAN PARLIAMENT AND THE COUNCIL OF THE EUROPEAN UNION,
Having regard to the Treaty on the Functioning of the European Union, and in particular points (a), (b) and (d) of Article 77(2) thereof,
Having regard to the proposal from the European Commission,
After transmission of the draft legislative act to the national parliaments,
Acting in accordance with the ordinary legislative procedure (1),
Whereas:
|
(1) |
Regulation (EU) 2018/1240 of the European Parliament and of the Council (2) established the European Travel Information and Authorisation System (‘ETIAS’) for third-country nationals exempt from the requirement to be in possession of a visa when crossing the external borders of the Union. That Regulation laid down the conditions and procedures for issuing or refusing a travel authorisation under ETIAS. |
|
(2) |
ETIAS enables consideration of whether the presence of those third-country nationals on the territory of the Member States would pose a security, illegal immigration or high epidemic risk. |
|
(3) |
In order to enable the ETIAS Central System to process application files as referred to in Regulation (EU) 2018/1240, it is necessary to establish interoperability between the ETIAS Information System, on the one hand, and the Entry/Exit System (‘EES’), the Visa Information System (‘VIS’), the Schengen Information System (‘SIS’), Eurodac and the European Criminal Record Information System – Third-Country Nationals (‘ECRIS-TCN’) (‘other EU information systems’), and Europol data as defined in that Regulation (‘Europol data’), on the other hand. |
|
(4) |
This Regulation, together with Regulations (EU) 2021/1150 (3) and (EU) 2021/1151 (4) of the European Parliament and of the Council, lays down rules on the implementation of the interoperability between the ETIAS Information System, on the one hand, and other EU information systems and Europol data, on the other hand, and the conditions for the consultation of data stored in other EU information systems and Europol data by ETIAS for the purpose of automatically identifying hits. As a result, it is necessary to amend Regulations (EC) No 767/2008 (5), (EU) 2017/2226 (6), (EU) 2018/1240, (EU) 2018/1860 (7), (EU) 2018/1861 (8) and (EU) 2019/817 (9) of the European Parliament and of the Council in order to connect the ETIAS Central System to other EU information systems and to Europol data and to specify the data that will be sent between those EU information systems and Europol data. |
|
(5) |
The European Search Portal (ESP), established by Regulation (EU) 2019/817 and Regulation (EU) 2019/818 of the European Parliament and of the Council (10), will enable the data stored in ETIAS and the data stored in the other EU information systems concerned to be queried in parallel. |
|
(6) |
Technical arrangements should be established to enable ETIAS to regularly and automatically verify in other EU information systems whether the conditions for the retention of application files, as laid down in Regulation (EU) 2018/1240, are still fulfilled. |
|
(7) |
It is necessary, for the purposes of ensuring the full attainment of the objectives of ETIAS, as well as to further the objectives of SIS, set out in Regulation (EU) 2018/1860, to include in the scope of the automated verifications a new alert category introduced by that Regulation, namely the alert on third-country nationals subject to a return decision. |
|
(8) |
The return of third-country nationals who do not fulfil or no longer fulfil the conditions for entry to, stay or residence on the territory of the Member States, in accordance with Directive 2008/115/EC of the European Parliament and of the Council (11), is an essential component of the comprehensive efforts to tackle irregular migration and represents an important reason of substantial public interest. |
|
(9) |
In order to ensure a high level of data accuracy and reliability, it is important to report false hits generated at the level of the ETIAS Central Unit. |
|
(10) |
In order to supplement certain detailed technical aspects of Regulation (EU) 2018/1240, the power to adopt acts in accordance with Article 290 of the Treaty on the Functioning of the European Union (TFEU) should be delegated to the Commission in respect of the specification of the conditions for the correspondence between the data present in a record, alert or file of the other EU information systems consulted and the data present in an ETIAS application file. It is of particular importance that the Commission carry out appropriate consultations during its preparatory work, including at expert level, and that those consultations be conducted in accordance with the principles laid down in the Interinstitutional Agreement of 13 April 2016 on Better Law-Making (12). In particular, to ensure equal participation in the preparation of delegated acts, the European Parliament and the Council receive all documents at the same time as Member States’ experts, and their experts systematically have access to meetings of Commission expert groups dealing with the preparation of delegated acts. |
|
(11) |
In order to ensure uniform conditions for the implementation of Regulation (EU) 2018/1240, implementing powers should be conferred on the Commission to establish the technical arrangements for the implementation of certain provisions related to data retention and to detail further the rules relating to the support to carriers to be provided by the ETIAS Central Unit. Those powers should be exercised in accordance with Regulation (EU) No 182/2011 of the European Parliament and of the Council (13). |
|
(12) |
In order to ensure uniform conditions for the implementation of Regulation (EU) 2017/2226, implementing powers should be conferred on the Commission to lay down the details of the fall-back procedures in the case of technical impossibility to access data by carriers and to detail further the rules relating to the support to carriers to be provided by the ETIAS Central Unit. Those powers should be exercised in accordance with Regulation (EU) No 182/2011. |
|
(13) |
It is possible to revoke ETIAS travel authorisations following the registration in SIS of new alerts on refusal of entry and stay, or concerning a travel document reported as lost, stolen, misappropriated or invalidated. In order for the ETIAS Central System to be informed automatically by SIS of such new alerts, an automated process should be established between SIS and ETIAS. |
|
(14) |
With a view to rationalising and simplifying the work of border guards through the implementation of a more uniform border control process for all third-country nationals seeking to enter the territory of the Member States for a short stay and following the adoption of Regulations (EU) 2017/2226 and (EU) 2018/1240, it is desirable to align the way the EES and ETIAS work together with the way the EES and the VIS are integrated with one another for the purpose of border control and registering border crossings in the EES. |
|
(15) |
The conditions, including access rights, under which the ETIAS Central Unit and ETIAS National Units are able to consult data stored in other EU information systems for the purposes of ETIAS should be safeguarded by clear and precise rules regarding access by the ETIAS Central Unit and ETIAS National Units to the data stored in other EU information systems, the types of query and the categories of data, all of which should be limited to what is strictly necessary for the performance of their duties. Member States’ access via the ETIAS National Units to the other EU information systems should be in accordance with the participation in the respective legal instruments. In the same vein, the data stored in ETIAS application files should be visible only to those Member States that operate the underlying information systems in accordance with the arrangements for their participation. As an example, the provisions of this Regulation relating to SIS and the VIS constitute provisions building upon all the provisions of the Schengen acquis, for which the Council Decisions 2010/365/EU (14), (EU) 2017/733 (15), (EU) 2017/1908 (16) and (EU) 2018/934 (17) on the application of the provisions of the Schengen acquis relating to SIS and the VIS are relevant. |
|
(16) |
Where technical difficulties make it impossible for carriers to access the ETIAS Information System through the carrier gateway, the ETIAS Central Unit should provide operational support to carriers in order to limit the impact on passenger travel and carriers to the extent possible. For that reason, it is necessary to align the fall-back procedures in the case of technical impossibility, including operational support, provided for in the VIS, ETIAS and the EES. |
|
(17) |
Pursuant to Regulation (EU) 2018/1240, the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA), established by Regulation (EU) 2018/1726 of the European Parliament and of the Council (18), is to be responsible for the design and development phase of the ETIAS Information System. |
|
(18) |
This Regulation is without prejudice to Directive 2004/38/EC of the European Parliament and of the Council (19). |
|
(19) |
In accordance with Articles 1 and 2 of Protocol No 22 on the position of Denmark, annexed to the Treaty on European Union (TEU) and to the TFEU, Denmark is not taking part in the adoption of this Regulation and is not bound by it or subject to its application. Given that this Regulation builds upon the Schengen acquis, Denmark shall, in accordance with Article 4 of that Protocol, decide within a period of six months after the Council has decided on this Regulation whether it will implement it in its national law. |
|
(20) |
This Regulation constitutes a development of the provisions of the Schengen acquis in which Ireland does not take part, in accordance with Council Decision 2002/192/EC (20); Ireland is therefore not taking part in the adoption of this Regulation and is not bound by it or subject to its application. |
|
(21) |
As regards Iceland and Norway, this Regulation constitutes a development of the provisions of the Schengen acquis within the meaning of the Agreement concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the latters’ association with the implementation, application and development of the Schengen acquis (21) which fall within the areas referred to in Article 1, points A, B, C and G, of Council Decision 1999/437/EC (22). |
|
(22) |
As regards Switzerland, this Regulation constitutes a development of the provisions of the Schengen acquis within the meaning of the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen acquis (23) which fall within the areas referred to in Article 1, points A, B, C and G, of Decision 1999/437/EC read in conjunction with Article 3 of Council Decision 2008/146/EC (24). |
|
(23) |
As regards Liechtenstein, this Regulation constitutes a development of the provisions of the Schengen acquis within the meaning of the Protocol between the European Union, the European Community, the Swiss Confederation and the Principality of Liechtenstein on the accession of the Principality of Liechtenstein to the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen acquis (25) which fall within the areas referred to in Article 1, points A, B, C and G, of Council Decision 1999/437/EC read in conjunction with Article 3 of Council Decision 2011/350/EU (26). |
|
(24) |
As regards Cyprus, Bulgaria, Romania and Croatia, the provisions of this Regulation relating to the VIS, SIS and the EES constitute provisions building upon, or otherwise relating to, the Schengen acquis within, respectively, the meaning of Article 3(2) of the 2003 Act of Accession, Article 4(2) of the 2005 Act of Accession and Article 4(2) of the 2011 Act of Accession read in conjunction with Decisions 2010/365/EU, (EU) 2017/733, (EU) 2017/1908 and (EU) 2018/934. |
|
(25) |
Regulations (EC) No 767/2008, (EU) 2017/2226, (EU) 2018/1240, (EU) 2018/1860, (EU) 2018/1861 and (EU) 2019/817 should therefore be amended accordingly. |
|
(26) |
Since the objectives of this Regulation, namely to amend Regulations (EC) No 767/2008, (EU) 2017/2226, (EU) 2018/1240, (EU) 2018/1860, (EU) 2018/1861 and (EU) 2019/817 in order to connect the ETIAS Central System to the other EU information systems and to Europol data and to specify the data that will be sent between those EU information systems and Europol data, cannot be sufficiently achieved by the Member States but can rather, by reason of their scale and effects, be better achieved at Union level, the Union may adopt measures, in accordance with the principle of subsidiarity as set out in Article 5 TEU. In accordance with the principle of proportionality as set out in that Article, this Regulation does not go beyond what is necessary in order to achieve those objectives. |
|
(27) |
The European Data Protection Supervisor was consulted, in accordance with Article 41(2) of Regulation (EU) 2018/1725 of the European Parliament and the Council (27), |
HAVE ADOPTED THIS REGULATION:
CHAPTER I
AMENDMENTS TO REGULATION (EU) 2018/1240
Article 1
Amendments to Regulation (EU) 2018/1240
Regulation (EU) 2018/1240 is amended as follows:
|
(1) |
in Article 3(1), the following point is added:
(*1) Regulation (EC) No 767/2008 of the European Parliament and of the Council of 9 July 2008 concerning the Visa Information System (VIS) and the exchange of information between Member States on short-stay visas, long-stay visas and residence permits (VIS Regulation) (OJ L 218, 13.8.2008, p. 60)." (*2) Regulation (EU) 2018/1860 of the European Parliament and of the Council of 28 November 2018 on the use of the Schengen Information System for the return of illegally staying third-country nationals (OJ L 312, 7.12.2018, p. 1)." (*3) Regulation (EU) 2018/1861 of the European Parliament and of the Council of 28 November 2018 on the establishment, operation and use of the Schengen Information System (SIS) in the field of border checks, and amending the Convention implementing the Schengen Agreement, and amending and repealing Regulation (EC) No 1987/2006 (OJ L 312, 7.12.2018, p. 14)." (*4) Regulation (EU) 2018/1862 of the European Parliament and of the Council of 28 November 2018 on the establishment, operation and use of the Schengen Information System (SIS) in the field of police cooperation and judicial cooperation in criminal matters, amending and repealing Council Decision 2007/533/JHA, and repealing Regulation (EC) No 1986/2006 of the European Parliament and of the Council and Commission Decision 2010/261/EU (OJ L 312, 7.12.2018, p. 56)." (*5) Regulation (EU) No 603/2013 of the European Parliament and of the Council of 26 June 2013 on the establishment of ‘Eurodac’ for the comparison of fingerprints for the effective application of Regulation (EU) No 604/2013 establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person and on requests for the comparison with Eurodac data by Member States’ law enforcement authorities and Europol for law enforcement purposes, and amending Regulation (EU) No 1077/2011 establishing a European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice (OJ L 180, 29.6.2013, p. 1)." (*6) Regulation (EU) 2019/816 of the European Parliament and of the Council of 17 April 2019 establishing a centralised system for the identification of Member States holding conviction information on third-country nationals and stateless persons (ECRIS-TCN) to supplement the European Criminal Records Information System and amending Regulation (EU) 2018/1726 (OJ L 135, 22.5.2019, p. 1).’;" |
|
(2) |
Article 4 is amended as follows:
|
|
(3) |
in Article 6(2), the following point is inserted:
|
|
(4) |
Article 7 is amended as follows:
|
|
(5) |
Article 11 is replaced by the following: ‘Article 11 Interoperability with other EU information systems and Europol data 1. Interoperability between the ETIAS Information System, on the one hand, and other EU information systems and Europol data, on the other hand, shall be established to enable the automated verifications pursuant to Article 20, Article 23, point (c)(ii) of Article 24(6), Article 41 and point (b) of Article 54(1) of this Regulation and shall rely on the European Search Portal (‘ESP’), established by Article 6 of Regulation (EU) 2019/817 and Article 6 of Regulation (EU) 2019/818 of the European Parliament and of the Council (*7), from the date referred to in Article 72(1b) of Regulation (EU) 2019/817 and Article 68(1b) of Regulation (EU) 2019/818. 2. For the purpose of proceeding with the verifications referred to in point (i) of Article 20(2), the automated verifications pursuant to Article 20, point (c)(ii) of Article 24(6) and point (b) of Article 54(1) shall enable the ETIAS Central System to query VIS with the following data provided by applicants under points (a), (aa), (c) and (d) of Article 17(2):
3. For the purpose of proceeding with the verifications referred to in points (g) and (h) of Article 20(2), the automated verifications pursuant to Article 20, point (c)(ii) of Article 24(6), Article 41 and point (b) of Article 54(1) shall enable the ETIAS Central System to query the EES with the following data provided by applicants under points (a) to (d) of Article 17(2):
4. For the purpose of proceeding with the verifications referred to in points (c), (m)(ii) and (o) of Article 20(2) and in Article 23 of this Regulation, the automated verifications pursuant to Article 20, Article 23, point (c)(ii) of Article 24(6), Article 41 and point (b) of Article 54(1) of this Regulation shall enable the ETIAS Central System to query SIS, as established by Regulations (EU) 2018/1860 and (EU) 2018/1861, with the following data provided by applicants under points (a) to (d) and (k) of Article 17(2) of this Regulation:
5. For the purpose of proceeding with the verifications referred to in points (a), (d) and (m)(i) of Article 20(2) and in Article 23(1) of this Regulation, the automated verifications pursuant to Article 20, Article 23, point (c)(ii) of Article 24(6), Article 41 and point (b) of Article 54(1) of this Regulation shall enable the ETIAS Central System to query SIS, as established by Regulation (EU) 2018/1862, with the following data provided by applicants under points (a) to (d) and (k) of Article 17(2) of this Regulation:
6. For the purpose of proceeding with the verifications referred to in point (n) of Article 20(2), the automated verifications pursuant to Article 20, point (c)(ii) of Article 24(6), and point (b) of Article 54(1) shall enable the ETIAS Central System to query ECRIS-TCN with the following data provided by applicants under points (a) to (d) of Article 17(2):
7. For the purpose of proceeding with the verifications referred to in point (j) of Article 20(2), the automated verifications pursuant to Article 20, point (c)(ii) of Article 24(6) and point (b) of Article 54(1) shall enable the ETIAS Central System to query Europol data with the data referred to in points (a), (aa), (b), (c), (d), (f), (g), (j), (k) and (m) of Article 17(2) and in Article 17(8). 8. Where the automated verifications pursuant to Articles 20 and 23 report a hit, the ESP shall provide the ETIAS Central Unit with temporary read-only access to the results of those automated verifications. In the case of the automated verifications pursuant to Article 20, that access shall be provided in the application file until the end of the manual processing pursuant to Article 22(2). Where the data made available correspond to those of the applicant or where, after the automated verifications pursuant to Articles 20 and 23, doubts remain, the unique reference number of the record in the queried EU information systems of the data having triggered the hit shall be kept in the application file. Where the automated verifications pursuant to Article 20 report a hit, those automated verifications shall receive the appropriate notification in accordance with Article 21(1a) of Regulation (EU) 2016/794. 9. A hit shall be triggered where all or some of the data from the application file used for the query correspond fully or partially to the data present in a record, alert or file of the other EU information systems consulted. The Commission shall adopt delegated acts in accordance with Article 89 in order to specify the conditions for the correspondence between the data present in a record, alert or file of the other EU information systems consulted and an application file. 10. For the purpose of paragraph 1 of this Article, the Commission, shall, by means of an implementing act, establish the technical arrangements for the implementation of point (c)(ii) of Article 24(6) and point (b) of Article 54(1) related to data retention. That implementing act shall be adopted in accordance with the examination procedure referred to in Article 90(2). 11. For the purpose of Articles 25(2), 28(8) and 29(9), when registering the data related to hits in the application file, the origin of the data shall be indicated by the following data:
The data referred to in points (a) to (d) of the first subparagraph shall only be accessible and visible by the ETIAS Central Unit where the ETIAS Central System is not able to identify the Member State responsible. (*7) Regulation (EU) 2019/818 of the European Parliament and of the Council of 20 May 2019 on establishing a framework for interoperability between EU information systems in the field of police and judicial cooperation, asylum and migration and amending Regulations (EU) 2018/1726, (EU) 2018/1862 and (EU) 2019/816 (OJ L 135, 22.5.2019, p. 85).’;" |
|
(6) |
the following articles are inserted: ‘Article 11b Support of the objectives of the EES For the purpose of Articles 6, 14, 17 and 18 of Regulation (EU) 2017/2226, an automated process, using the secure communication channel referred to in point (da) of Article 6(2) of this Regulation, shall query and import from the ETIAS Central System the information referred to in Article 47(2) of this Regulation, as well as the application number and the expiry date of the ETIAS travel authorisation, and shall create or update the entry/exit record or the refusal of entry record in the EES accordingly. Article 11c Interoperability between ETIAS and the EES for the purpose of the revocation of an ETIAS travel authorisation at the request of an applicant 1. For the purpose of implementing Article 41(8), an automated process, using the secure communication channel referred to in point (da) of Article 6(2), shall query the EES Central System to verify that applicants requesting the revocation of their travel authorisations are not present on the territory of the Member States. 2. Where the outcome of the verification in the EES Central System under paragraph 1 indicates that the applicant is not present on the territory of the Member States, the revocation shall be effective immediately. 3. Where the outcome of the verification under paragraph 1 of this Article indicates that the applicant is present on the territory of the Member States, Article 41(8) shall apply. The EES Central System shall record the fact that a notification is to be sent to the ETIAS Central System as soon as an entry/exit record indicating that the applicant having requested revocation of the travel authorisation has left the territory of the Member States has been created.’; |
|
(7) |
Article 12 is replaced by the following: ‘Article 12 Querying the Interpol databases 1. The ETIAS Central System shall query the Interpol Stolen and Lost Travel Document database (SLTD) and the Interpol Travel Documents Associated with Notices database (TDAWN). 2. Any queries and verification shall be performed in such a way that no information is revealed to the owner of the Interpol alert. 3. If the implementation of paragraph 2 is not ensured, the ETIAS Central System shall not query the Interpol databases.’; |
|
(8) |
in Article 17(4), point (a) is replaced by the following:
|
|
(9) |
Article 20(2) is replaced by the following: ‘2. The ETIAS Central System shall launch a query by using the ESP to compare the relevant data referred to in points (a), (aa), (b), (c), (d), (f), (g), (j), (k) and (m) of Article 17(2) and in Article 17(8) to the data present in a record, file or alert registered in an application file stored in the ETIAS Central System, SIS, the EES, the VIS, Eurodac, ECRIS-TCN, Europol data and in the Interpol SLTD and TDAWN databases. In particular, the ETIAS Central System shall verify:
|
|
(10) |
Article 22 is amended as follows:
|
|
(11) |
Article 23 is amended as follows:
|
|
(12) |
the following article is inserted: ‘Article 25a Use of other EU information systems for the manual processing of applications by the ETIAS National Units 1. Without prejudice to Article 13(1), the duly authorised staff of the ETIAS National Units shall have direct access to and may consult, in a read-only format, the other EU information systems for the purposes of examining applications for travel authorisation and adopting decisions relating to those applications in accordance with Article 26. The ETIAS National Units may consult:
2. Insofar as a hit results from the verification pursuant to point (n) of Article 20(2), the duly authorised staff of the ETIAS National Units shall also have access, directly or indirectly, in accordance with national law, to the relevant data from the national criminal records of their own Member State in order to obtain information on third-country nationals, as defined in Regulation (EU) 2019/816, convicted of a terrorist offence or any other criminal offence listed in the Annex to this Regulation, for the purposes referred to in paragraph 1 of this Article.’; |
|
(13) |
Article 26 is amended as follows:
|
|
(14) |
in Article 28(3), the following subparagraph is added: ‘For the purpose of the manual processing pursuant to Article 26, the reasoned positive or negative opinion shall only be visible by the ETIAS National Unit of the Member State consulted and by the ETIAS National Unit of the Member State responsible.’; |
|
(15) |
Article 37(3) is replaced by the following: ‘3. Applicants who have been refused a travel authorisation shall have the right to appeal. Appeals shall be conducted in the Member State that has taken the decision on the application and in accordance with the national law of that Member State. During the appeal procedure, the appellant shall be given access to the information in the application file in accordance with the data protection rules referred to in Article 56 of this Regulation. The ETIAS National Unit of the Member State responsible shall provide applicants with information regarding the appeal procedure. That information shall be provided in one of the official languages of the countries listed in Annex II to Regulation (EC) No 539/2001 of which the applicant is a national.’; |
|
(16) |
Article 41(3) is replaced by the following: ‘3. Without prejudice to paragraph 2, where a new alert is entered in SIS concerning a refusal of entry and stay or concerning a travel document reported as lost, stolen, misappropriated or invalidated, SIS shall inform the ETIAS Central System. The ETIAS Central System shall verify whether that new alert corresponds to a valid travel authorisation. Where this is the case, the ETIAS Central System shall transfer the application file to the ETIAS National Unit of the Member State having entered the alert. Where a new alert for refusal of entry and stay has been entered, the ETIAS National Unit shall revoke the travel authorisation. Where the travel authorisation is linked to a travel document reported as lost, stolen, misappropriated or invalidated in SIS or the Interpol SLTD database, the ETIAS National Unit shall manually process the application file.’; |
|
(17) |
Article 46 is amended as follows:
|
|
(18) |
in Article 47(2), point (a) is replaced by the following:
|
|
(19) |
in Article 64, the following paragraph is added: ‘7. The right of access to personal data under this Article is without prejudice to Article 53 of Regulation (EU) 2018/1861 and Article 67 of Regulation (EU) 2018/1862.’; |
|
(20) |
in Article 73(3), the third subparagraph is replaced by the following: ‘eu-LISA shall develop and implement the ETIAS Central System, including the ETIAS watchlist, the NUIs, the communication infrastructure, and the secure communication channel between the ETIAS Central System and the EES Central System, as soon as possible after the entry into force of this Regulation and the adoption by the Commission of:
|
|
(21) |
Article 88 is amended as follows:
|
|
(22) |
Article 89 is amended as follows:
|
|
(23) |
Article 90(1) is replaced by the following: ‘1. The Commission shall be assisted by the committee established by Article 68 of Regulation (EU) 2017/2226. That committee shall be a committee within the meaning of Regulation (EU) No 182/2011.’; |
|
(24) |
in Article 92, the following paragraph is inserted: ‘5a. One year after the end of the transition period referred to in Article 83(1), and every four years thereafter, the Commission shall evaluate the querying of ECRIS-TCN through the ETIAS Central System. The Commission shall transmit those evaluations, together with the opinion of the ETIAS Fundamental Rights Guidance Board and any necessary recommendations, to the European Parliament and to the Council. In order to assess the extent to which the querying of ECRIS-TCN through the ETIAS Central System has contributed to the achievement of the objective of ETIAS, the evaluations referred to in the first subparagraph shall include the following:
The ETIAS Fundamental Rights Guidance Board shall provide opinions as regards the evaluations referred to in this paragraph. The evaluations may be accompanied, where necessary, by legislative proposals.’; |
|
(25) |
in Article 96, the following paragraph is inserted after the second paragraph: ‘Article 11b shall apply from 3 August 2021.’. |
CHAPTER II
AMENDMENT TO OTHER UNION INSTRUMENTS
Article 2
Amendments to Regulation (EC) No 767/2008
Regulation (EC) No 767/2008 is amended as follows:
|
(1) |
Article 6(2) is replaced by the following: ‘2. Access to the VIS for consulting the data shall be reserved exclusively for the duly authorised staff of:
Such access shall be limited to the extent to which the data are required for the performance of the tasks of those authorities and Union bodies in accordance with those purposes and proportionate to the objectives pursued.’; |
|
(2) |
the following articles are inserted: ‘Article 18b Interoperability with ETIAS 1. From the date of the start of operations of ETIAS, as determined in accordance with Article 88(1) of Regulation (EU) 2018/1240, the VIS shall be connected to the ESP to enable the automated verifications pursuant to Article 20, point (c)(ii) of Article 24(6), and point (b) of Article 54(1) of that Regulation. 2. The automated verifications pursuant to Article 20, point (c)(ii) of Article 24(6), and point (b) of Article 54(1) of Regulation (EU) 2018/1240 shall enable the verifications provided for in Article 20 of that Regulation and the subsequent verifications provided for in Articles 22 and 26 of that Regulation. For the purpose of proceeding with the verifications referred to in point (i) of Article 20(2) of Regulation (EU) 2018/1240, the ETIAS Central System shall use the ESP to compare the data stored in ETIAS with the data stored in the VIS, in accordance with Article 11(8) of that Regulation, using the data listed in the correspondence table set out in Annex II to this Regulation. Article 18c Access to VIS data by the ETIAS Central Unit 1. For the purpose of performing the tasks conferred on it by Regulation (EU) 2018/1240, the ETIAS Central Unit shall have the right to access and search relevant VIS data in accordance with Article 11(8) of that Regulation. 2. Where a verification by the ETIAS Central Unit in accordance with Article 22 of Regulation (EU) 2018/1240 confirms a correspondence between data recorded in the ETIAS application file and VIS data or where after such verification doubts remain, the procedure set out in Article 26 of that Regulation shall apply. Article 18d Use of the VIS for the manual processing of applications by the ETIAS National Units 1. ETIAS National Units, as referred to in Article 8(1) of Regulation (EU) 2018/1240, shall consult the VIS using the same alphanumerical data as those used for the automated verifications pursuant to Article 20, point (c)(ii) of Article 24(6) and point (b) of Article 54(1) of that Regulation. 2. The ETIAS National Units shall have temporary access to consult the VIS, in a read-only format, for the purpose of examining applications for travel authorisation pursuant to Article 8(2) of Regulation (EU) 2018/1240. The ETIAS National Units may consult the data referred to in Articles 9 to 14 of this Regulation. 3. Following consultation of the VIS by ETIAS National Units, as referred to in Article 8(1) of Regulation (EU) 2018/1240, duly authorised staff of the ETIAS National Units shall record the result of the consultation only in the ETIAS application files.’; |
|
(3) |
the following article is inserted: ‘Article 34a Keeping of logs for the purposes of interoperability with ETIAS Logs of each data processing operation carried out within the VIS and ETIAS pursuant to Article 20, point (c)(ii) of Article 24(6), and point (b) of Article 54(1) of Regulation (EU) 2018/1240 shall be kept in accordance with Article 34 of this Regulation and Article 69 of Regulation (EU) 2018/1240.’; |
|
(4) |
the Annex is numbered as Annex I and the following annex is added: ‘ANNEX II Correspondence table
|
Article 3
Amendments to Regulation (EU) 2017/2226
Regulation (EU) 2017/2226 is amended as follows:
|
(1) |
in Article 6(1), the following point is added:
(*8) Regulation (EU) 2018/1240 of the European Parliament and of the Council of 12 September 2018 establishing a European Travel Information and Authorisation System (ETIAS) and amending Regulations (EU) No 1077/2011, (EU) No 515/2014, (EU) 2016/399, (EU) 2016/1624 and (EU) 2017/2226 (OJ L 236, 19.9.2018, p. 1).’;" |
|
(2) |
the following articles are inserted: ‘Article 8a Automated process with ETIAS 1. An automated process, using the secure communication channel referred to in point (da) of Article 6(2) of Regulation (EU) 2018/1240, shall enable the EES to create or update the entry/exit record or the refusal of entry record of a visa exempt third-country national in the EES in accordance with Articles 14, 17 and 18 of this Regulation. Where an entry/exit record or a refusal of entry record of a visa exempt third-country national is created, the automated process referred to in the first subparagraph shall enable the EES Central System:
2. An automated process, using the secure communication channel referred to in point (da) of Article 6(2) of Regulation (EU) 2018/1240, shall enable the EES to process queries received from the ETIAS Central System and to send the corresponding answers in accordance with Article 11c and Article 41(8) of that Regulation. Where necessary, the EES Central System shall record the fact that a notification is to be sent to the ETIAS Central System as soon as an entry/exit record indicating that the applicant having requested revocation of the travel authorisation has left the territory of the Member States has been created. Article 8b Interoperability with ETIAS 1. From the date of the start of operations of ETIAS, as determined in accordance with Article 88(1) of Regulation (EU) 2018/1240, the EES Central System shall be connected to the ESP to enable the automated verifications pursuant to Article 20, point (c)(ii) of Article 24(6), Article 41 and point (b) of Article 54(1) of that Regulation. 2. Without prejudice to Article 24 of Regulation (EU) 2018/1240, the automated verifications pursuant to Article 20, point (c)(ii) of Article 24(6), Article 41 and point (b) of Article 54(1) of that Regulation shall enable the verifications provided for in Article 20 of that Regulation and the subsequent verifications provided for in Articles 22 and 26 of that Regulation. For the purpose of proceeding with the verifications referred to in points (g) and (h) of Article 20(2) of Regulation (EU) 2018/1240, the ETIAS Central System shall use the ESP to compare the data stored in ETIAS with EES data, in accordance with Article 11(8) of that Regulation, using the data listed in the correspondence table set out in Annex III to this Regulation. The verifications referred to in points (g) and (h) of Article 20(2) of Regulation (EU) 2018/1240 shall be without prejudice to the specific rules provided for in Article 24(3) of that Regulation.’; |
|
(3) |
in Article 9, the following paragraph is inserted: ‘2a. The duly authorised staff of the ETIAS National Units, designated pursuant to Article 8 of Regulation (EU) 2018/1240, shall have access to the EES to consult EES data in a read-only format.’; |
|
(4) |
the following article is inserted: ‘Article 13a Fall-back procedures in the case of technical impossibility to access data by carriers 1. Where it is technically impossible to proceed with the verification referred to in Article 13(3), because of a failure of any part of the EES, the carriers shall be exempt from the obligation to verify whether the third-country national holding a short-stay visa issued for one or two entries has already used the number of entries authorised by their visa. Where such a failure is detected by eu-LISA, the ETIAS Central Unit shall notify the carriers and the Member States. It shall also notify the carriers and the Member States when the failure is remedied. Where such a failure is detected by the carriers, they may notify the ETIAS Central Unit. The ETIAS Central Unit shall inform the Member States without delay about the notification of the carriers. 2. Where, for other reasons than a failure of any part of the EES, it is technically impossible for a carrier to proceed with the verification referred to in Article 13(3) for a prolonged period of time, the carrier shall notify the ETIAS Central Unit. The ETIAS Central Unit shall inform the Member States without delay about the notification of that carrier. 3. The Commission shall, by means of an implementing act, lay down the details of the fall-back procedures referred to in this Article. That implementing act shall be adopted in accordance with the examination procedure referred to in Article 68(2). 4. The ETIAS Central Unit shall provide operational support to carriers in relation to paragraphs 1 and 2. The ETIAS Central Unit shall establish standard operational procedures setting out how such support is to be provided. The Commission shall, by means of implementing acts, adopt further detailed rules relating to the support to be provided and to the means to provide such support. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 68(2).’; |
|
(5) |
in Article 17(2), the following subparagraph is added: ‘The following data shall also be entered in the entry/exit record:
|
|
(6) |
in Article 18(1), point (b) is replaced by the following:
|
|
(7) |
the following articles are inserted: ‘Article 25a Access to EES data by the ETIAS Central Unit 1. For the purpose of performing the tasks conferred on it by Regulation (EU) 2018/1240, the ETIAS Central Unit shall have the right to access and search EES data in accordance with Article 11(8) of that Regulation. 2. Where a verification by the ETIAS Central Unit in accordance with Article 22 of Regulation (EU) 2018/1240 confirms a correspondence between data recorded in the ETIAS application file and EES data or where after such verification doubts remain, the procedure set out in Article 26 of that Regulation shall apply. Article 25b Use of the EES for the manual processing of applications by the ETIAS National Units 1. ETIAS National Units, as referred to in Article 8(1) of Regulation (EU) 2018/1240, shall consult the EES using the same alphanumerical data as those used for the automated verifications pursuant to Article 20, point (c)(ii) of Article 24(6), Article 41 and point (b) of Article 54(1) of that Regulation. 2. The ETIAS National Units shall have access to and may consult the EES, in a read-only format, for the purpose of examining applications for travel authorisation, pursuant to Article 8(2) of Regulation (EU) 2018/1240. The ETIAS National Units may consult the data referred to in Articles 16 to 18 of this Regulation, without prejudice to Article 24 of Regulation (EU) 2018/1240. 3. Following consultation of the EES by ETIAS National Units, as referred to in Article 8(1) of Regulation (EU) 2018/1240, duly authorised staff of the ETIAS National Units shall record the result of the consultation only in the ETIAS application files.’; |
|
(8) |
Article 28 is replaced by the following: ‘Article 28 Keeping of data retrieved from the EES Data retrieved from the EES pursuant to Articles 24, 25, 26 and 27 may be kept in national files and data retrieved from the EES pursuant to Articles 25a and 25b may be kept in the ETIAS application files only where necessary in an individual case in accordance with the purpose for which they were retrieved and in accordance with relevant Union law, in particular on data protection, and for no longer than strictly necessary in that individual case.’; |
|
(9) |
in Article 46(2), the following subparagraph is added: ‘Logs of each data processing operation carried out within the EES and ETIAS pursuant to Articles 8a, 8b and 25a of this Regulation shall be kept in accordance with this Article and Article 69 of Regulation (EU) 2018/1240.’; |
|
(10) |
The following annex is added: ANNEX III Correspondence table
|
Article 4
Amendment to Regulation (EU) 2018/1860
In Regulation (EU) 2018/1860, Article 19 is replaced by the following:
‘Article 19
Applicability of Regulation (EU) 2018/1861
Insofar as not established in this Regulation, the entry, processing and updating of alerts, the provisions on responsibilities of the Member States and eu-LISA, the conditions concerning access and the review period for alerts, data processing, data protection, liability and monitoring and statistics, as laid down in Articles 6 to 19, Article 20(3) and (4), Articles 21, 23, 32 and 33, Article 34(5) and Articles 36a, 36b, 36c and 38 to 60 of Regulation (EU) 2018/1861, shall apply to data entered and processed in SIS in accordance with this Regulation.’.
Article 5
Amendments to Regulation (EU) 2018/1861
Regulation (EU) 2018/1861 is amended as follows:
|
(1) |
the following article is inserted: ‘Article 18b Keeping of logs for the purposes of interoperability with ETIAS Logs of each data processing operation carried out within SIS and ETIAS pursuant to Articles 36a and 36b of this Regulation shall be kept in accordance with Article 18 of this Regulation and Article 69 of Regulation (EU) 2018/1240 of the European Parliament and of the Council (*9). (*9) Regulation (EU) 2018/1240 of the European Parliament and of the Council of 12 September 2018 establishing a European Travel Information and Authorisation System (ETIAS) and amending Regulations (EU) No 1077/2011, (EU) No 515/2014, (EU) 2016/399, (EU) 2016/1624 and (EU) 2017/2226 (OJ L 236, 19.9.2018, p. 1).’;" |
|
(2) |
in Article 34(1), the following point is added:
|
|
(3) |
the following articles are inserted: ‘Article 36b Access to SIS data by the ETIAS Central Unit 1. For the purpose of performing the tasks conferred on it by Regulation (EU) 2018/1240, the ETIAS Central Unit, established within the European Border and Coast Guard Agency in accordance with Article 7 of that Regulation, shall have the right to access and search relevant data entered in SIS in accordance with Article 11(8) of that Regulation. Article 36(4) to (8) of this Regulation shall apply to that access and search. 2. Without prejudice to Article 24 of Regulation (EU) 2018/1240, where a verification by the ETIAS Central Unit in accordance with Article 22 of that Regulation confirms a correspondence between data recorded in the ETIAS application file and an alert in SIS or where after such verification doubts remain, the procedure set out in Article 26 of that Regulation shall apply. Article 36c Interoperability with ETIAS 1. From the date of the start of operations of ETIAS, as determined in accordance with Article 88(1) of Regulation (EU) 2018/1240, the Central SIS shall be connected to the ESP to enable the automated verifications pursuant to Article 20, Article 23, point (c)(ii) of Article 24(6), Article 41 and point (b) of Article 54(1) of that Regulation and the subsequent verifications provided for in Articles 22 and 26 of that Regulation. 2. For the purpose of proceeding with the verifications referred to in points (c), (m)(ii) and (o) of Article 20(2) of Regulation (EU) 2018/1240, the ETIAS Central System shall use the ESP to compare the data referred to in Article 11(4) of that Regulation to data in SIS in accordance with Article 11(8) of that Regulation. 3. For the purpose of proceeding with the verifications referred to in point (c)(ii) of Article 24(6) and point (b) of Article 54(1) of Regulation (EU) 2018/1240, the ETIAS Central System shall use the ESP to regularly verify whether an alert for refusal of entry and stay entered in SIS which gave rise to the refusal, annulment or revocation of a travel authorisation has been deleted. 4. Pursuant to Article 41(3) of Regulation (EU) 2018/1240, where a new alert for refusal of entry and stay is entered in SIS, Central SIS shall transmit the data referred to in points (a) to (d), (f) to (i) and (s) to (v) of Article 20(2) of this Regulation to the ETIAS Central System, using the ESP, in order to verify whether that new alert corresponds to a valid travel authorisation.’. |
Article 6
Amendment to Regulation (EU) 2019/817
In Article 72 of Regulation (EU) 2019/817, the following paragraph is inserted:
‘1b. Without prejudice to paragraph 1 of this Article, the ESP shall start operations, for the purposes of the automated verifications pursuant to Article 20, Article 23, point (c)(ii) of Article 24(6), Article 41 and point (b) of Article 54(1) of Regulation (EU) 2018/1240 only, once the conditions laid down in Article 88 of that Regulation have been met.’.
CHAPTER III
FINAL PROVISIONS
Article 7
Entry into force
This Regulation shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.
This Regulation shall be binding in its entirety and directly applicable in the Member States in accordance with the Treaties.
Done at Strasbourg, 7 July 2021.
For the European Parliament
The President
D. M. SASSOLI
For the Council
The President
A. LOGAR
(1) Position of the European Parliament of 8 June 2021 (not yet published in the Official Journal) and decision of the Council of 28 June 2021.
(2) Regulation (EU) 2018/1240 of the European Parliament and of the Council of 12 September 2018 establishing a European Travel Information and Authorisation System (ETIAS) and amending Regulations (EU) No 1077/2011, (EU) No 515/2014, (EU) 2016/399, (EU) 2016/1624 and (EU) 2017/2226 (OJ L 236, 19.9.2018, p. 1).
(3) Regulation (EU) 2021/1150 of the European Parliament and of the Council of 7 July 2021 amending Regulations (EU) 2018/1862 and (EU) 2019/818 as regards the establishment of the conditions for accessing other EU information systems for the purposes of the European Travel Information and Authorisation System (see page 1of this Official Journal).
(4) Regulation (EU) 2021/1151 of the European Parliament and of the Council of 7 July 2021 amending Regulations (EU) 2019/816 and (EU) 2019/818 as regards the establishment of the conditions for accessing other EU information systems for the purposes of the European Travel Information and Authorisation System (see page 7 of this Official Journal).
(5) Regulation (EC) No 767/2008 of the European Parliament and of the Council of 9 July 2008 concerning the Visa Information System (VIS) and the exchange of information between Member States on short-stay visas, long-stay visas and residence permits (VIS Regulation) (OJ L 218, 13.8.2008, p. 60).
(6) Regulation (EU) 2017/2226 of the European Parliament and of the Council of 30 November 2017 establishing an Entry/Exit System (EES) to register entry and exit data and refusal of entry data of third-country nationals crossing the external borders of the Member States and determining the conditions for access to the EES for law enforcement purposes, and amending the Convention implementing the Schengen Agreement and Regulations (EC) No 767/2008 and (EU) No 1077/2011 (OJ L 327, 9.12.2017, p. 20).
(7) Regulation (EU) 2018/1860 of the European Parliament and of the Council of 28 November 2018 on the use of the Schengen Information System for the return of illegally staying third-country nationals (OJ L 312, 7.12.2018, p. 1).
(8) Regulation (EU) 2018/1861 of the European Parliament and of the Council of 28 November 2018 on the establishment, operation and use of the Schengen Information System (SIS) in the field of border checks, and amending the Convention implementing the Schengen Agreement, and amending and repealing Regulation (EC) No 1987/2006 (OJ L 312, 7.12.2018, p. 14).
(9) Regulation (EU) 2019/817 of the European Parliament and of the Council of 20 May 2019 on establishing a framework for interoperability between EU information systems in the field of borders and visa and amending Regulations (EC) No 767/2008, (EU) 2016/399, (EU) 2017/2226, (EU) 2018/1240, (EU) 2018/1726 and (EU) 2018/1861 of the European Parliament and of the Council and Council Decisions 2004/512/EC and 2008/633/JHA (OJ L 135, 22.5.2019, p. 27).
(10) Regulation (EU) 2019/818 of the European Parliament and of the Council of 20 May 2019 on establishing a framework for interoperability between EU information systems in the field of police and judicial cooperation, asylum and migration and amending Regulations (EU) 2018/1726, (EU) 2018/1862 and (EU) 2019/816 (OJ L 135, 22.5.2019, p. 85).
(11) Directive 2008/115/EC of the European Parliament and of the Council of 16 December 2008 on common standards and procedures in Member States for returning illegally staying third-country nationals (OJ L 348, 24.12.2008, p. 98).
(12) OJ L 123, 12.5.2016, p. 1.
(13) Regulation (EU) No 182/2011 of the European Parliament and of the Council of 16 February 2011 laying down the rules and general principles concerning mechanisms for control by the Member States of the Commission’s exercise of implementing powers (OJ L 55, 28.2.2011, p. 13).
(14) Council Decision 2010/365/EU of 29 June 2010 on the application of the provisions of the Schengen acquis relating to the Schengen Information System in the Republic of Bulgaria and Romania (OJ L 166, 1.7.2010, p. 17).
(15) Council Decision (EU) 2017/733 of 25 April 2017 on the application of the provisions of the Schengen acquis relating to the Schengen Information System in the Republic of Croatia (OJ L 108, 26.4.2017, p. 31).
(16) Council Decision (EU) 2017/1908 of 12 October 2017 on the putting into effect of certain provisions of the Schengen acquis relating to the Visa Information System in the Republic of Bulgaria and Romania (OJ L 269, 19.10.2017, p. 39).
(17) Council Decision (EU) 2018/934 of 25 June 2018 on the putting into effect of the remaining provisions of the Schengen acquis relating to the Schengen Information System in the Republic of Bulgaria and Romania (OJ L 165, 2.7.2018, p. 37).
(18) Regulation (EU) 2018/1726 of the European Parliament and of the Council of 14 November 2018 on the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA), and amending Regulation (EC) No 1987/2006 and Council Decision 2007/533/JHA and repealing Regulation (EU) No 1077/2011 (OJ L 295, 21.11.2018, p. 99).
(19) Directive 2004/38/EC of the European Parliament and of the Council of 29 April 2004 on the right of citizens of the Union and their family members to move and reside freely within the territory of the Member States amending Regulation (EEC) No 1612/68 and repealing Directives 64/221/EEC, 68/360/EEC, 72/194/EEC, 73/148/EEC, 75/34/EEC, 75/35/EEC, 90/364/EEC, 90/365/EEC and 93/96/EEC (OJ L 158, 30.4.2004, p. 77).
(20) Council Decision 2002/192/EC of 28 February 2002 concerning Ireland’s request to take part in some of the provisions of the Schengen acquis (OJ L 64, 7.3.2002, p. 20).
(21) OJ L 176, 10.7.1999, p. 36.
(22) Council Decision 1999/437/EC of 17 May 1999 on certain arrangements for the application of the Agreement concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the association of those two States with the implementation, application and development of the Schengen acquis (OJ L 176, 10.7.1999, p. 31).
(23) OJ L 53, 27.2.2008, p. 52.
(24) Council Decision 2008/146/EC of 28 January 2008 on the conclusion, on behalf of the European Community, of the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen acquis (OJ L 53, 27.2.2008, p. 1).
(25) OJ L 160, 18.6.2011, p. 21.
(26) Council Decision 2011/350/EU of 7 March 2011 on the conclusion, on behalf of the European Union, of the Protocol between the European Union, the European Community, the Swiss Confederation and the Principality of Liechtenstein on the accession of the Principality of Liechtenstein to the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen acquis, relating to the abolition of checks at internal borders and movement of persons (OJ L 160, 18.6.2011, p. 19).
(27) Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (OJ L 295, 21.11.2018, p. 39).