16.10.2018   

EN

Official Journal of the European Union

L 259/39

COMMISSION IMPLEMENTING DECISION (EU) 2018/1548

of 15 October 2018

laying down measures for the establishment of the list of persons identified as overstayers in the Entry-Exit System (EES) and the procedure to make that list available to Member States

THE EUROPEAN COMMISSION,

Having regard to the Treaty on the Functioning of the European Union,

Having regard to Regulation (EU) 2017/2226 of the European Parliament and of the Council of 30 November 2017 establishing an Entry/Exit System (EES) to register entry and exit data and refusal of entry data of third-country nationals crossing the external borders of the Member States and determining the conditions for access to the EES for law enforcement purposes and amending the Convention implementing the Schengen Agreement and Regulation (EC) No 767/2008 and Regulation (EU) No 1077/2011 (1), and in particular Article 36(k) thereof,

Whereas:

(1)

Regulation (EU) 2017/2226 established the Entry/Exit System (EES) as a system which registers electronically the time and place of entry and exit of third-country nationals admitted for a short stay to the territory of the Member States and which calculates the duration of their authorised stay.

(2)

The EES aims to improve the management of external borders, to prevent irregular immigration and to facilitate the management of migration flows. The EES should, in particular, contribute to the identification of any person who does not fulfil or no longer fulfils the conditions of duration of the authorised stay on the territory of the Member States. Additionally, the EES should contribute to the prevention, detection and investigation of terrorist offences and of other serious criminal offences.

(3)

Regulation (EU) 2017/2226 specifies the objectives of the EES, the categories of data to be entered into the EES, the purposes for which the data are to be used, the criteria for their entry, the authorities authorised to access the data, further rules on data processing and the protection of personal data, as well as the technical architecture of the EES, rules concerning its operation and use, and interoperability with other information systems. It also defines responsibilities for the EES.

(4)

According to Regulation (EU) 2017/2226, the European agency for the operational management of large-scale information systems in the area of freedom, security and justice, established by Regulation (EU) No 1077/2011 of the European Parliament and of the Council (2) should be responsible for the development and operational management of the EES.

(5)

Regulation (EU) 2017/2226 requires that prior to the development of the EES the Commission adopts measures necessary for the development and technical implementation of the EES. In this regard, Article 36(k) of Regulation (EU) 2017/2226 specifically refers to adoption of measures for the establishment of the list of persons identified as overstayers in the EES and the procedure to make that list available to Member States.

(6)

Based on those measures, the European agency for the operational management of large-scale information systems in the area of freedom, security and justice should then be able to define the design of the physical architecture of the EES including its Communication Infrastructure, as well as the technical specifications of the system and to develop the EES.

(7)

In this framework it is thus necessary to adopt measures for the establishment of the list of persons identified as overstayers by the EES and the procedure to make that list available to Member States.

(8)

The access to the list of overstayers should be limited to competent authorities responsible, in accordance with national law, for checking within the territory of the Member States whether the conditions for entry to, or stay on, the territory of the Member States are fulfilled or for examining the conditions for, and taking decisions related to, the residence of third-country nationals on the territory of the Member States or for the return of third-country nationals to a third country of origin or transit.

(9)

In accordance with Articles 1 and 2 of Protocol No 22 on the position of Denmark, annexed to the Treaty on European Union and to the Treaty on the Functioning of the European Union, Denmark did not take part in the adoption of Regulation (EU) 2017/2226 and is not bound by it or subject to its application. However, given that Regulation (EU) 2017/2226 builds upon the Schengen acquis, Denmark, in accordance with Article 4 of that Protocol, notified on 30 May 2018 its decision to implement Regulation (EU) 2017/2226 in its national law. Denmark is therefore bound under international law to implement this Decision.

(10)

This Decision constitutes a development of the provisions of the Schengen acquis in which the United Kingdom does not take part, in accordance with Council Decision 2000/365/EC (3); the United Kingdom is therefore not taking part in the adoption of this Decision and is not bound by it or subject to its application.

(11)

This Decision constitutes a development of the provisions of the Schengen acquis in which Ireland does not take part, in accordance with Council Decision 2002/192/EC (4); Ireland is therefore not taking part in the adoption of this Decision and is not bound by it or subject to its application.

(12)

As regards Iceland and Norway, this Decision constitutes a development of the provisions of the Schengen acquis within the meaning of the Agreement concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the latter's association with the implementation, application and development of the Schengen acquis (5), which fall within the area referred to in Article 1, point A of Council Decision 1999/437/EC (6).

(13)

As regards Switzerland, this Decision constitutes a development of the provisions of the Schengen acquis within the meaning of the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation's association with the implementation, application and development of the Schengen acquis (7), which fall within the area referred to in Article 1, point A of Decision 1999/437/EC, read in conjunction with Article 3 of Council Decision 2008/146/EC (8)

(14)

As regards Liechtenstein, this Decision constitutes a development of the provisions of the Schengen acquis within the meaning of the Protocol between the European Union, the European Community, the Swiss Confederation and the Principality of Liechtenstein on the accession of the Principality of Liechtenstein to the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation's association with the implementation, application and development of the Schengen acquis (9) which fall within the area referred to in Article 1, point A of Decision 1999/437/EC read in conjunction with Article 3 of Council Decision 2011/350/EU (10)

(15)

As regards Cyprus, Bulgaria, Romania and Croatia, the operation of the EES requires the granting of passive access to the VIS and the putting into effect of all the provisions of the Schengen acquis relating to the SIS in accordance with the relevant Council Decisions. Those conditions can only be met once the verification in accordance with the applicable Schengen evaluation procedure has been successfully completed. Therefore, the EES should be operated only by those Member States which fulfil those conditions by the start of operations of the EES. Member States not operating the EES from the initial start of operations should be connected to the EES in accordance with the procedure set out in Regulation (EU) 2017/2226 as soon as all of those conditions are met.

(16)

The European Data Protection Supervisor delivered an opinion on 23 April 2018.

(17)

The measures provided for in this Decision are in accordance with the opinion of the Smart Borders Committee,

HAS ADOPTED THIS DECISION:

Article 1

Content and generation of the list

The EES shall generate automatically a list of all third-country nationals referred to in Article 12(3) of Regulation (EU) 2017/2226 who do not fulfil or no longer fulfil the conditions relating to the duration of their authorised short stay on the territory of the Member States. The list shall be constantly and automatically updated so as to accurately reflect any amendment or erasure of EES data referred to in Article 16(1)(a), (b) and (c), Article 16(2)(a), (b), (d) and (f), second subparagraph of Article 16(2), and Article 17(1)(a) of Regulation (EU) 2017/2226.

For each third-country national identified as overstayer by the EES, the list shall contain the following data:

(a)

surname (family name); first name or names (given names); date of birth; nationality or nationalities; sex;

(b)

the type and number of the travel document or documents and the three letter code of the issuing country of the travel document or documents;

(c)

the date of expiry of the validity of the travel document or documents;

(d)

the individual reference number created by the EES upon creation of the individual file of the third country national;

(e)

for the last entry of the third-country national:

the date and time of the entry;

the border crossing point of the entry and the authority that authorised the entry;

(f)

three letter code of the Member State issuing visa;

(g)

the date when the third-country national was entered on the list.

Where a third-country national included in the list exits the territory of the Member States, his or her data shall be automatically and immediately erased from the list.

Where a Member State rectifies or completes the EES data of a third-country national included in the list, restricts the processing of such data, or erases such data, the corresponding data on the list shall be amended accordingly or, where applicable, erased from the list by the EES with no delay and through an automated process.

The mechanisms to produce automatically the list shall comply with the privacy by design principle that will be further developed in the technical specifications referred to in Article 37(1) of Regulation (EU) 2017/2226. This list shall be generated in the EES Central System.

Article 2

Procedure to make the list available to the competent authorities of the Member States

The competent national authorities designated as immigration authorities as defined in point (4) of Article 3(1) of Regulation (EU) 2017/2226 shall be responsible for accessing the list of persons identified by the EES as overstayers.

The EES shall make available to the designated immigration authorities the continuously updated list of persons identified by the EES as overstayers in the form of a report. That report shall be securely stored in the National Uniform Interface.

The EES shall control, at the level of the National Uniform Interface, the access to the report so as to ensure that only the designated immigration authorities can access and consult them.

All data processing operations carried out within the report shall be logged in accordance with Article 46 of Regulation (EU) 2017/2226.

Article 3

Format of the report

The content of the report shall be presented in a structured and workable format which can be searched and can be transmitted via the Communication Infrastructure in accordance with the technical specifications referred to in Article 37(1) of Regulation (EU) 2017/2226.

Article 4

Entry into force and applicability

This Decision shall enter into force on the twentieth day following that of its publication in the Official Journal of the European Union.

Done at Brussels, 15 October 2018.

For the Commission

The President

Jean-Claude JUNCKER

(1)   OJ L 327, 9.12.2017, p. 20.

(2)  Regulation (EU) No 1077/2011 of the European Parliament and of the Council of 25 October 2011 establishing a European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice (OJ L 286, 1.11.2011, p. 1).

(3)  Council Decision 2000/365/EC of 29 May 2000 concerning the request of the United Kingdom of Great Britain and Northern Ireland to take part in some of the provisions of the Schengen acquis (OJ L 131, 1.6.2000, p. 43).

(4)  Council Decision 2002/192/EC of 28 February 2002 concerning Ireland's request to take part in some of the provisions of the Schengen acquis (OJ L 64, 7.3.2002, p. 20).

(5)   OJ L 176, 10.7.1999, p. 36.

(6)  Council Decision 1999/437/EC of 17 May 1999 on certain arrangements for the application of the Agreement concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the association of those two States with the implementation, application and development of the Schengen acquis (OJ L 176, 10.7.1999, p. 31).

(7)   OJ L 53, 27.2.2008, p. 52.

(8)  Council Decision 2008/146/EC of 28 January 2008 on the conclusion, on behalf of the European Community, of the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation's association with the implementation, application and development of the Schengen acquis (OJ L 53, 27.2.2008, p. 1).

(9)   OJ L 160, 18.6.2011, p. 21.

(10)  Council Decision 2011/350/EU of 7 March 2011 on the conclusion, on behalf of the European Union, of the Protocol between the European Union, the European Community, the Swiss Confederation and the Principality of Liechtenstein on the accession of the Principality of Liechtenstein to the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation's association with the implementation, application and development of the Schengen acquis, relating to the abolition of checks at internal borders and movement of persons (OJ L 160, 18.6.2011, p. 19).