INTRODUCTION

Free movement of EU citizens and the abolition of checks at the internal borders of the Schengen Area are among the most tangible achievements of the European Union. The Commission recently made proposals to strengthen the overall governance of the Schengen area[1] so as to ensure that this major achievement is further enhanced and developed in a truly common European framework.

The integrity of the Union’s external borders is a prerequisite for the Schengen area as we know it today and will remain a prerequisite also in the future. Measures to manage the external borders must meet the dual objectives of enhancing security and facilitating travel. The potential offered by new technologies in this regard was addressed in the Commission’s 2008 Communication "Preparing the next steps in border management in the European Union"[2], setting out the possible components of what has become known as the "smart borders" initiative and inviting the views of the European Parliament and the Council.

Further consultations with Member States both at expert and ministerial level, as well as with members of the European Parliament, took place in 2011. On 7 July 2011 the European Data Protection Supervisor (EDPS), in his opinion[3] on the communication of the Commission on Migration,[4] stressed the need to assess the use of existing systems and to prove the necessity for an entry/exit system in particular.

Taking these views into account, the Commission has now reached the stage where it could soon be ready to propose specific measures. However, in view of the long term commitment and the significant investment that would be involved, the Commission is first presenting this Communication which sets out the main options, summarises the main implications and the possible way forward. With this approach, the Commission also intends to promote a common understanding of the issues at stake and the decisions to be taken. It does not prejudge any future specific proposals, which will be accompanied by a full impact assessment.

This Communication also provides the first response to the European Council which called, at its meeting on 23 and 24 June 2011[5], for work on “smart borders” to be pushed forward rapidly.

Finally, as also foreseen by the 2008 Communication, and as requested by the Council, the Commission has examined the feasibility of an EU Electronic System for Travel Authorisation (ESTA). This Communication therefore also serves to reflect the results of this examination and the intended follow up.

THE OBJECTIVES OF A SMART BORDERS INITIATIVE

Every year, some 700 million external border crossings are made via land, sea and air borders. About a third of these border crossings are made by third country nationals who are checked thoroughly at the border crossing point[6]. Promoting swift and secure border crossings is a common concern for the EU and its Member States and there is no doubt that border crossings will continue to rise significantly, especially at airports. In the most likely scenario, Eurocontrol expects an increase from 400 million in 2009 to 720 million border crossings at the air borders in 2030[7] This means that at the European airports in 2030, 720 million travellers must be checked. This major increase cannot be addressed only by hiring additional border guards.

The development of the Union's policies on visas and relations with third countries must also be considered. Over recent years the Union has successfully lifted the visa obligation for the citizens of a number of third countries, concluded several visa facilitation agreements, and modernised the acquis including i.a. providing for a more extended use of multiple-entry visas. The visa liberalisation for the Western Balkans has been accompanied by a monitoring system with the support of FRONTEX and Europol to collect statistics on travel flows and to assess any risks of abuse. These efforts go a long way in improving access to the territory of the Union for large groups of travellers, but have so far not been matched by any efforts to simplify the actual border crossing for those groups. This raises several questions:

- whether the development of the Union's policy on border control is at this point in time able to support its visa policies;

- whether Member States have the capacity to manage the increased travel flows that these efforts will result in without longer waiting times at the border; and

- whether the Union needs to improve on the tools at its disposal to gather more detailed information on travel flows into and out of the Schengen area.

There are two challenges in particular: how to efficiently monitor travel flows and movements of third-country nationals across the external border for the Schengen area as a whole, as a part of a comprehensive approach to the overall governance of the Schengen area and how to ensure that border crossings are fast and simple for the growing number of regular travellers that constitute the vast majority of border crossers, i.e. those fulfilling all entry conditions.

Under current rules:

- The same checks are applied to third country nationals entering the Schengen area regardless of the level of risk e.g. of overstay of each individual traveller;

- There are no means to record a traveller’s cross border movements. The authorised stay is calculated based on manual stamps in the traveller’s passport or travel documents and the entry and exit dates are not centrally recorded.

As a consequence, delays at border crossings can be long and information on “overstayers”, i.e. travellers who stay beyond their authorised stay, is often missing. This is a real problem as overstayers are the main source of irregular migration in the EU. Reliable data on the number of irregular immigrants within the EU is not available, but conservative estimates vary between 1.9 and 3.8 million[8]. In 2010 Member States (EU27) issued 540 000 orders to leave their territory but only 226 000 were effectively carried out.[9]

The fact that all third-country nationals have to go through the same border checks, regardless of the level of risk they present or their frequency of travel, does not represent an efficient use of border guards. Seeking to increase security and to speed up travel flows just by increasing the number of border guards is not a viable option for many Member States as they strive to curb budget deficits.

The long queues, especially at airports, present a poor image to visitors to the European Union and both airport operators and airline companies consistently request faster and smoother passenger flows for increasingly shorter connection times.

The Smart Borders initiative would improve the management and control of travel flows at the border by reinforcing checks while speeding up border crossings for regular travellers. This would enable border guards to cope with the ever-rising number of border crossings - without an unrealistic increase in human resources needed for border control and without compromising security. It has two components: an entry/exit system (EES) and a registered traveller programme (RTP):

An EES would allow the accurate and reliable calculation of authorised stay as well as the verification of the individual travel history for both visa holders and visa exempted travellers as an essential part of first line risk-assessment. It would do so by replacing the current system of stamping passports with an electronic registry of the dates and places of third country national admitted for short stays. While the main purpose of the system would be to monitor respect of the authorised stay of third country nationals, the system would also contribute to optimising border check procedures and enhance the security at the moment of the crossing of the external borders.

A RTP would significantly facilitate border crossings for frequent, pre-vetted and pre-screened third-country travellers at the Schengen external border. It would reduce the time spent at the border crossing points and facilitate travel and cross-border contacts. As far as possible, it would make use of new technologies such as Automated Border Control systems (used also for EU travellers).

MOVING TOWARDS EU SMART BORDERS

Before looking at possible new systems, and with a view to limit costs as far as possible, consideration needs first to be given to whether the smart borders objectives can be met by means of existing systems or tools:

Using existing European or national systems and tools

Visa policy and VIS

Visa Policy

Increased use of the possibilities offered by the Visa Code to issue multiple-entry visas, as well as by visa facilitation agreements where relevant, can contribute to simplify and facilitate travel for greater numbers of third-country nationals. However, this facilitation is only relevant for the pre-departure stage, relieving the third-country national from having to visit the consulate to get a new visa for each visit to the EU. Multiple-entry visas do not speed up the actual border crossing.

VIS

The Visa Information System (VIS) as such will not speed up entry procedures nor help in identifying overstayers. However, the fact that the biometric data of all visa holders will be registered in the VIS means that any undocumented visa holder found within the territory can be more easily identified, increasing the possibilities for return. After a transitional period, biometric data will also be used in the border check process, to verify that the person is the one to whom the visa has been issued.

Expanding the VIS to encompass an EES and RTP is not a desirable option for three reasons. First there are the data protection implications and the potential "function creep" which a system that included both visa holders and visa-exempt persons might lead to. Secondly the current capacity limitations of the VIS could only be overcome by significant further investments. Thirdly, purpose limitation restrictions would not allow the VIS to store data on visa-exempt third country nationals. Nevertheless, in developing the smart borders systems intelligent use could be made of possible synergies with technical equipment that is serving VIS purposes.

Schengen Information System (SIS)

Relying on alerts on overstayers in the SIS will have limited value. It will not help in identifying persons present in the Schengen area who have exceeded their authorised stay. The main source of information for entering such alerts would be the exit controls, where a situation of overstay can be detected by a border guard by checking the stamps in the passports of a given traveller. However, one detected overstay cannot in isolation lead to the issuance of an entry ban for a given period of time for that individual. The travel history taken as a whole of a given individual should be taken into account, together with all other relevant factors, when deciding whether to grant the person a visa and entry at the external border.

The use of the SIS (and the future SIS II) is therefore not an alternative to an entry/exit system.

Advanced Passenger Information and Passenger Name Record

Data collected on travellers via Advance Passenger Information (API) and Passenger Name Record (PNR) is not directly relevant for the entry/exit system and the registered traveller programme.

Carriers have an obligation to communicate API data at the request of the border control authorities of the Member States in order to enhance border control and to fight irregular migration. The passenger data is transmitted by the end of check-in. As the data submitted is too limited and sent in most cases already after departure it does not allow any appropriate pre-screening granting access to facilitated border control procedures. Data are collected from carriers or entered by the traveller himself; therefore the quality of the data does not meet the requirements of the entry/exit system or the registered traveller programme. Furthermore, it is not possible to apply the system to land borders.

PNR data is collected and submitted to the Member States' competent authorities, notably to law enforcement authorities, by air carriers. The data are collected at the same time when the flight is booked via carriers' reservation systems. The aim of PNR is to fight terrorism and serious crime; PNR is not a border control instrument. The data is sent 48 to 24 hours before the scheduled flight departure and immediately after flight closure. PNR data are not relevant for the entry/exit system and the registered traveller programme for the same reasons as mentioned above. PNR does not give any confirmed information as to whether the person has actually crossed the border.

National Entry/Exit Systems and national Registered Travellers Programmes

Eleven Member States[10] are currently implementing national entry/exit systems, which systematically collect all entry and exit records of third-country nationals crossing their respective external borders. However, entry and exit records can be matched only when a person lawfully exits in the same Member State through which he or she entered. These national systems are not linked to similar systems in other Member States.

Some Member States are speeding up border checks for EU citizens by implementing automated border checks (e.g. on the basis of e-passports) or establishing other systems for pre-registered travellers[11]. Seven Member States have implemented a form of national RTP for EU citizens[12].

These systems cannot be used for third-country nationals. Current EU rules require border guards to interview a traveller and manually stamp his/her travel document, processes which cannot be automated.

Hence the only existing initiatives for third-country nationals involve semi-automated border checks, i.e. a combination of automated gates and a manual element which includes the stamping and the possibility to ask questions as part of the thorough border check.

A further limitation is that membership of a national RTP in one Member State will not allow the traveller to benefit from a facilitated border crossing in another. A third-country national frequently travelling to several Member States each year would therefore have to apply for membership in the national RTP of each Member State, which would be costly and cumbersome.

Electronic System for Travel Authorisation (ESTA)

Such a system would mean that a traveller would need to apply, via the internet, for an authorisation to travel based on certain criteria. Four options for an EU ESTA were examined in the study carried out for the Commission:

- An ESTA for visa-exempted third country nationals;

- An ESTA for certain countries whose nationals are visa-exempted;

- A combination of an ESTA with electronic visas;

- The substitution of the visa requirement by an ESTA.

Based on the results of the study, the Commission considers that the establishment of an ESTA for visa-exempted third country nationals should be discarded at this stage as the potential contribution to enhancing the security of the Member States would neither justify the collection of personal data at such a scale nor the financial cost and the impact on international relations. As for the gradual substitution of the visa requirement by an EU ESTA, it seems unfeasible for the foreseeable future, given the difficulty to assess the migratory risk and the problems linked to internet access and the use of electronic identification. In addition, for establishing an ESTA, a fully functioning EES would be a pre-requisite.

It is clear that any EU ESTA is not an alternative for an entry/exit system as it cannot be used to monitor actual border crossings. Neither is it relevant for facilitating such border crossings, as the use of biometrics would make a system of electronic applications impractical. Besides, in accordance with the rationale for an RTP, registered travellers should in principle be exempt from the ESTA requirement.

As regards the contribution an EU ESTA could make to the further development of the common visa policy, the Commission intends to revert to this issue at a later stage as foreseen by the Stockholm programme. It will therefore not proceed further with preparations for the development of an EU ESTA at this stage.

Developing specific systems: EES and RTP

The section above illustrated why existing systems and tools cannot meet the smart borders objectives. This section addresses the implications, the costs and benefits and options where relevant, of developing an EES and an RTP.

Legal aspects

Both systems would be founded on Regulations based on Article 77 of the TFEU (and thus require adoption by the European Parliament and the Council by ordinary legislative procedure). For both systems the provisions of the Schengen Borders Code[13] on border checks on persons would need to be amended.

Technical aspects

A fully operational and developed VIS is a prerequisite for the implementation of a Smart Borders system. Indeed, the EES and the RTP would make maximum use of existing systems and tools, such as the Biometric Matching System which underpins the VIS and the fingerprint scanners which are used for this system.

From a legal and technical point of view, it would be possible to proceed with the Entry Exit System ahead of the Registered Travellers Programme. However, that would represent a one-sided development of the EU's border management policy in that it would only reinforce security without facilitating travel of third country nationals. As concerns the RTP facilitation is linked to the greater use of automated border control. The only way to monitor the authorised stay of registered travellers while allowing for fully automated border control would be to record the entry and exit dates electronically. This would need to occur at EU level to allow for matching an entry record from one Member State with an exit record from another. Therefore, setting up an RTP effectively depends on setting up an EES. There are also significant economies in total development costs if the two systems are built simultaneously, using similar infrastructure at the central level (see annex 1).

In designing the systems, a number of key choices will need to be made:

Centralised or decentralised interoperable systems

A centralised architecture comprises a central database and national interfaces of Member States connected to it, whereas a de-centralised architecture requires setting up 27+ national systems and interconnecting them to each other.

In the case of an EES, the electronic recording of the entry and exit information at central level would allow for automatically calculating the authorised length of stay of a person and it would provide all Member State authorities at the same time with accurate information on where a person has entered the Schengen area and where he/she has exited. Recording the entry and exit information at national level first would necessitate the replication of this information in 27+ other national systems in order to keep them all updated with matching entry and exit records. This might be burdensome and time-consuming when persons enter and leave Schengen via different Member States.

Similarly, in the case of an RTP, a decentralised architecture would mean that the registration of the traveller would occur in a national system and then be replicated in 27+ other national systems to take into account that the traveller can enter the Schengen area via any Schengen border-crossing point.

In conclusion, a decentralised architecture would not be technically effective.

RTP: centralised or decentralised storage of data?

There are two basic options for storing the data of registered travellers, data which must be available at any border crossing point of the Schengen area to allow for an automated verification of the identity of the traveller: either to store the alphanumeric and biometric data in a central database or on a token issued to the traveller.

Both approaches have advantages and disadvantages in terms of data protection and data security. With a token, there would be no need to develop a central database at EU level. However, it has significant disadvantages with risks linked to missing, lost or stolen tokens, as well as cloning. The token option would also still have to be combined with storage of certain data in a database to allow for the overall management of applications and tokens. According to recent estimates, although the total cost of the token option would be around EUR 30 million cheaper to develop, in the mid- to long-term it would prove more expensive to operate, as it would have higher operating costs for the Member States in the order of EUR 20 million per year (for the Member States together).[14]

A way to avoid the negative effects and combine the advantages of these two options would be to opt for a combination of a central data base with a token containing only a unique identifier (i.e. application number) to be issued to the Registered Traveller. Alphanumeric and biometric data would be stored centrally but separately and with separate and distinct access rights for designated competent authorities. The biometric data would be linked to the unique identifier of the token and would only be used in order to verify the identity of the traveller when crossing the border.

This third option limits the data protection and data security drawbacks of the other options, but is around EUR 50 million more expensive to develop than the option with a centralised register.

EES: with or without biometrics and which type?

The system could either only record alphanumeric data (e.g. name, nationality and passport number) or also include biometric identifiers.

The inclusion of biometrics would make it easier for a system to identify undocumented persons not requiring a visa (as visa holders can be identified using the VIS). It would also provide a more precise matching of entry and exit records (e.g. in the case of persons travelling with two passports) by linking the travel history to a specific individual on the basis of a unique property shown by the biometric identifier.

On the other hand, a certain negative impact on border crossing times could occur because of requiring biometrics from all travellers not subject to the visa requirement.

The best way forward would therefore be to start in a first phase with alphanumeric data only. The biometric identifiers could be activated at a later stage, based on first evaluation results both in terms of the overall impact of the system and on border management. The development costs for such a transitional approach are generally comparable to activating biometrics from the start and only marginally more expensive than excluding biometrics from the start, a choice which cannot be reversed at a later stage.

As to the choice of biometric identifier, in line with the identifier used for EURODAC, the VIS, the SIS II, passports and residence permits, the most commonly used and reliable identifiers are fingerprints and (also in case a fingerprint is not available) a digital image of the face. This choice would also mean that full use could be made of already installed equipment, bringing about significant cost savings.

Costs

Costs for developing the systems will be influenced by which implementation options are chosen and, especially, whether the systems are developed together or separately. While waiting for the conclusion of an impact assessment and the presentation of a financial statement accompanying the future legislative proposals on the EES and the RTP it can be noted that at any rate, initial investment costs will be significant . See annex 1.

For an EES, development costs in total (three years) may be in the order of EUR 200 million. Over 75% of these costs relate to the development and setting up of the necessary infrastructure in each Member State. Yearly operating costs may be in the order of up to EUR 100 million, with a similar share of costs incurred at national level.

For an RTP, calculations are similar, although the costs for this system are more influenced by the implementation options chosen; this applies both to total costs but in particular the share of costs related to investments and operations at national and European level respectively.

These calculations do not include costs for examining applications for Registered Travellers status: the implementation of the Registered Travellers Programme would foresee an application fee, which should cover the administrative cost of handling RTP applications by the Member States.

Implementing a Registered Travellers Programme in practice would also mean that Member States would increase their investments in automated gates at the border. There would be no need to decide at European level where and how many such gates should be installed, and hence the total costs can only be estimated once the Member States will have decided upon the total number of these gates. However, the Commission will encourage Member States to install such gates where ever possible and reasonable to maximise the benefits of the RTP in practice. Investments in these gates could under certain conditions be co-financed by the future internal security fund.

The substantial costs forseen at this stage need to be considered alongside the benefits: for example, together with automating a substantial share of all border crossings, the RTP could reduce border control resources needed by around 40% (equivalent to EUR 500 million/year). Even if the calculation is based on more modest savings of EUR 250 million/year, Member States could have net cost savings already after the second year of operation[15].

The allocation proposed for the period 2014 – 2020 in the Commission proposals for the next MFF for the internal security fund takes also into account the setting up, development and initial operation of the two systems . The extent and share which the EU budget should cover of the costs incurred at national level for developing and/or operating the new systems will need to be further assessed, and will be discussed with the European Parliament and the Council.

Practical implementation: assessing effectiveness and impact

Last year’s Communication on an overview of information management in the area of freedom, justice and security set the conditions which the Commission will apply to any new information management system[16]. The Communication establishes that development should not start until the system’s purpose, scope, functions and technical details have been decided in the underlying legislation. The Communication also sets substantive and process principles[17] to serve as a benchmark in this area.

The most relevant principles to assess for the entry/exit system would be, firstly, necessity. The fact that an entry/exit system as such would solve the issue with monitoring the authorised stay of registered travellers is not a sufficient justification in itself for setting up an EES, as it requires storing the entry and exit data of all travellers. Moreover, as a result of this the amount of data to be stored will be significant.

An entry/exit system should allow for increasing the number of successful returns of irregularly staying third-country nationals, as the system will identify those that have overstayed. However, it will be difficult to predict how many persons will actually be apprehended as a result. However, the potential impact needs to be seen against the complete absence of data on overstayers currently available to the responsible national authorities. Also, the system should be used in conjunction with other measures, notably identity checks within the Schengen territory and the possibility to identify undocumented persons using the VIS.

Finally, the entry/exit system brings benefits in terms of allowing more evidence-based policymaking, for example, with regard to visa policy and visa facilitation, but also in the framework of the Partnership for Migration, Mobility and Security with certain neighbouring countries. It can be seen as a responsibility of the EU, for example, to justify maintaining the visa requirement on the nationals of a given third country by showing that there is a problem of overstaying and/or to reintroduce visas in the case of abuse of a visa-free regime.

The most relevant principles for a registered traveller programme would be, firstly, accurate risk management. The pre-screening will need to be sufficiently thorough to compensate for alleviating the border check process. The second key principle for this programme would be cost-effectiveness. The aim should be to facilitate travel for the greatest number of persons; eligibility criteria should therefore be wide, while pre-screening criteria needs to ensure a high level of security.

Data protection

Union legislation dealing with personal data has to respect the principles laid down in the Charter of Fundamental Rights of the European Union and in particular Articles 7 and 8 thereof. An EES and a RTP needs to respect the fundamental rights of all travellers including their right to data protection to the same extent. Therefore the legislation on smart borders has to comply with the legislation and the principles on the protection of personal data. Being useful is not sufficient to justify the implementation of systems like an EES and a RTP. Systems affecting fundamental rights including the right to private life and data protection must meet the standard of being necessary in a democratic society and comply with the principle of proportionality. Furthermore the processing of data should be limited to the extent that is necessary to achieve the purposes of the system. "Privacy by design" should be one of the leading principles when elaborating an EES and a RTP. The proposed option of combining a token with centrally stored data as described in section 3.2.2.2 for the RTP could be seen as an example of implementing this principle in practice.

Both for an EES and a RTP data would only be collected and processed by the designated competent visa and border authorities at consular posts and at border crossing points to the extent necessary for the performance of their tasks. Access to the data would be strictly defined and limited in compliance with current EU and national privacy and data protection legislation. Records of all data processing operations would be kept and be available for data protection monitoring. Measures for redress would be put in place to ensure that travellers can check and if necessary, rectify data contained in their Registered Traveller application or in their entry/exit record. Measures would be taken to ensure that the data is stored securely and to avoid any misuse. Data processing would be supervised by the European Data Protection Supervisor as far as EU institutions and bodies are involved, and by national data protection authorities, as far as Member States' authorities are involved. Access for law enforcement authorities (to the EES) could only be foreseen in cases clearly defined by the future EU legislation and under the same strict rules.

NEXT STEPS

The Union must continue to improve the management of its external borders. The smart borders concept as outlined in this Communication could be part of this.

The implementation of an EES would provide the Union with accurate data on travel flows in and out of the Schengen area at all parts of its external borders and on overstayers. Evidence-based evaluation of visa liberalisation measures, visa facilitation agreements, and roadmaps for future such initiatives would become possible. In conjunction with the VIS, this would make the Union's efforts to address irregular migration and increase the number of successful returns more effective.

The RTP would speed up the border crossings of 4-5 million travellers per year[18] and lay the basis for enhanced investments in automated border control technologies at major border crossing points. Based on the experiences of Member States having tested automated border control for EU citizens, the average time for border crossings can be cut from the current 1-2 minutes to below 30 seconds. While many third countries are investing in automated border control technology, none has taken a step equivalent to the EU RTP outlined in this Communication: offering simplified automated border crossings to any third-country national meeting the defined pre-screening criteria, providing a tangible confirmation of the EU's openness to the world and commitment to facilitating travel and cross-border contacts including for business.

Based on the initial assessment of options in this Communication, and without prejudice to the full impact assessment which will accompany specific proposals, it appears that the best way forward involves developing the Entry Exit System and the Registered Travellers programme together, to activate the use of biometrics in the Entry Exit System after a transitional period, and to use a combination of a token and a central database for the Registered Travellers Programme. The choice of biometric identifier for both systems will be fingerprints and the digital facial image, following the choices already made in the relevant EU legislation adopted by the European Parliament and the Council by the EU for EURODAC, the VIS, the SIS II, passports and residence permits.

However, it must be stressed that no work will be done on the development of the EES and the RTP until the European Parliament and the Council have adopted the legal basis for the systems setting out clearly their specifications. Moreover, in order to ensure the highest quality and to limit possible risks such as those which have arisen during the development of the SIS II and the VIS, the newly established IT Agency would be responsible for the development and operational management of the systems.

The new systems' magnitude would require substantial investment by the EU and the Member States in terms of IT development and public expenditure and considerable efforts to ensure the highest level of standards for the protection of personal data. Lessons learned from the development of other large-scale IT projects like the SIS II and the VIS must also be taken into account for the future development of the systems. At the same time, the new systems would offer significant opportunities to contribute to meeting the dual objective of enhancing security and facilitating border crossing. Moreover, with the expected growth in the number of third country nationals, including those who do not need a visa, the systems can enable Member States to maintain efficient border crossings without having to incur unrealistic and very costly increase in staffing levels.

The EU must prepare itself to meet the challenges of the increasing numbers of travellers in an ever globalising world. New technologies could provide new opportunities to meet these challenges. The Commission looks forward to further discussions with the European Parliament, the Council and the European Data Protection Supervisor and intends to present proposals for an EES and an RTP in the first half of 2012.

Annex - Estimated costs of the systems

A full assessment of the costs of a number of options will be contained in the impact assessment accompanying specific proposals. The table below, based on a study carried out for the Commission in 2010, sets out the one-time development costs for one of the options, the yearly recurring costs for operations and the accumulated total costs for three years of development followed by five years of operations. It is based on the option of implementing an RTP with alphanumeric data stored in a token and biometric data stored in a central repository and implementing an EES as a centralised system with biometrics added later,

The Commission legislative proposals could be presented in 2012; should the co-legislators agree them by 2014, the development of the systems could start in 2015. These estimates are provided on an indicative basis only. The decisions to be taken by the co-legislators on the nature of the systems could increase or decrease the costs.

One-time development cost at central and national level (3 years of development) (in EUR million ) | Yearly operational cost at central and national level (5 years of operation) (in EUR million ) | Total costs at central and national level (in EUR million ) |

RTP: Option – Data (unique number) stored in a token and (biometrics and data from applications) in a repository | 207 (MS- 164 – Central- 43) | 101 (MS- 81 – Central- 20) | 712 |

EES: Option – Centralised system with biometrics added later | 183 (MS- 146 – Central- 37) | 88 (MS- 74 – Central- 14) | 623 |

The total costs would however be about 30% lower if the two systems were to be built together (i.e. on the same technical platform).

[1] COM(2011)559 final, COM(2011)560 final,COM(2011) 561 final

[2] COM (2008) 69 final.

[3] C(2011)-0445

[4] COM(2011)248 final

[5] EUCO 23/11

[6] Figures based on statistics of the External Borders Fund and on data from a data collection exercise carried out at all external border crossing points between 31 August and 6 September 2009.

[7] Eurocontrol's "long-term forecast for the next 20 years (until 2030)" was published on 17.12.2010: (http://www.eurocontrol.int/statfor/gallery/content/public/forecasts/Doc415-LTF10-Report-Vol1.pdf),

[8] Results of the Clandestino project sponsored by the EU and implemented by the International Centre for Migration Policy Development. Figures, are an accumulated total at the time of the study (2008, EU 27). http://clandestino.eliamep.gr

[9] SEC (2011) 620, Table 2; Data provided by Eurostat and the European Migration Network (EMN). The reason for the discrepancy of the figures is not only a lack of information on overstayers but also other factors such as the lack of cooperation of certain third countries, humanitarian reasons etc.

[10] Finland, Estonia, Latvia, Lithuania, Poland, Slovakia, Hungary, Romania, Bulgaria, Cyprus, Portugal

[11] Germany, Spain, France, Netherlands, Portugal, Finland and United Kingdom.

[12] For example, the Netherlands (Privium), France (PARAFES), the United Kingdom (Iris) and Germany (ABG) have this kind of programme.

[13] Regulation (EC) No 562/2006

[14] For 28 countries – the 22 Member States and 3 associated countries currently fully participating in Schengen plus Romania, Bulgaria and Liechtenstein.

[15] Calculation of Commission services based on experiences and data provided by Member States already running RTP pilots.

[16] COM (2010)385 final

[17] (1) Safeguarding fundamental rights, in particular the right to privacy and data protection; (2) necessity; (3) subsidiarity; (4) accurate risk management; (5) cost-effectiveness; (6) bottom-up policy design; (7) clear allocation of responsibilities; (8) and review and sunset clauses

[18] On the assumption that at least 20% out of all persons issued a multiple-entry visa – yearly around 10 million – would apply for RT status, and an equivalent number of persons not requiring a visa would apply also.