This document is an excerpt from the EUR-Lex website
Document 52012XX1106(03)
Executive summary of the Opinion of the European Data Protection Supervisor on the proposal for a Council regulation on migration from the Schengen Information System (SIS) to the second generation Schengen Information System (SIS II) (recast)
Executive summary of the Opinion of the European Data Protection Supervisor on the proposal for a Council regulation on migration from the Schengen Information System (SIS) to the second generation Schengen Information System (SIS II) (recast)
Executive summary of the Opinion of the European Data Protection Supervisor on the proposal for a Council regulation on migration from the Schengen Information System (SIS) to the second generation Schengen Information System (SIS II) (recast)
OJ C 336, 6.11.2012, p. 10–12
(BG, ES, CS, DA, DE, ET, EL, EN, FR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)
6.11.2012 |
EN |
Official Journal of the European Union |
C 336/10 |
Executive summary of the Opinion of the European Data Protection Supervisor on the proposal for a Council regulation on migration from the Schengen Information System (SIS) to the second generation Schengen Information System (SIS II) (recast)
(The full text of this Opinion can be found in English, French and German on the EDPS website: http://www.edps.europa.eu)
2012/C 336/06
1. Introduction
1.1. Consultation of the EDPS
1. |
On 30 April 2012, the Commission adopted a proposal concerning a recast of Council Regulation (EC) No 1104/2008 of October 2008 on Migration from the Schengen Information System (SIS) to the second generation Schengen Information System (SIS II) (1) (‘the proposal’). |
2. |
The EDPS already issued an Opinion on the three proposals setting up the second generation Schengen Information System on 19 October 2005 (2). At the time, the EDPS focused his analysis on the need to limit access rights and retention periods, as well as the need to supply information to data subjects. He also pointed out that the new functionality of links between records must not lead to an extension of access rights. On the technical design of SIS II, he recommended improvements of the security measures and cautioned against the use of national copies. |
3. |
The EDPS takes note of the Council conclusions on migration to SIS II (3). The Council invited, inter alia, Member States to:
|
4. |
Before the adoption of the present Commission proposal, the EDPS was given the possibility to provide informal comments on the draft proposal. In these comments, the EDPS expressed his concerns on different aspects of the migration that in his view should be clarified. Unfortunately, the adopted text did not take into account the comments made during the informal stage and has therefore not provided the required clarifications. |
3. Conclusions
61. |
Migration of the data contained in SIS to SIS II is an operation likely to involve specific risks from the point of view of data protection. While the EDPS welcomes the efforts made to ensure that this migration will happen fully in accordance with the law, he has some recommendations to make to further improve the proposal. |
62. |
The EDPS particularly welcomes that under the new provisions, the legal framework for SIS II enters into force once the first Member State has successfully completed the switchover. This is relevant as under the old legislation, the SIS II legal framework would only have come into force once all Member States have completed the migration to SIS II, which would have created legal ambiguity particularly with regard to new functions. |
63. |
This approach has to be also assessed from the point of view of supervision. In the view of the EDPS, it will result in a transfer of responsibilities during the migration that could have negative effects and impinge on the safeguards that supervision provides at the moment when it is needed most. Therefore, the EDPS recommends that the coordinated supervision mechanism should be applicable from the start of the migration. The recast should provide for this approach. |
64. |
The EDPS is of the opinion that essential aspects of the migration should be further clarified in the text of the Regulation and not left for other instruments such as the migration plan. In particular, this concerns:
|
65. |
The EDPS recommends that the Regulation should strengthen the testing obligations by clarifying:
|
66. |
Preventive security measures are especially welcomed, and the EDPS recommends introducing in the text of the recast a specific provision requiring the Commission and the Member States to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks represented by the migration and also by the specific nature of the personal data to be processed, based on the requirements of Article 22 of Regulation (EC) No 45/2001.
|
Done at Brussels, 9 July 2012.
Peter HUSTINX
European Data Protection Supervisor
(1) COM(2012) 81 final.
(2) EDPS Opinion of 19 October 2005 on three proposals regarding the second generation Schengen Information System (SIS II) (OJ C 91, 19.4.2006, p. 38).
(3) 3135th Justice and Home Affairs Council meeting, Brussels, 13 and 14 December 2011, Council conclusions.