Access to European Union law
<a href="https://eur-lex.europa.eu/content/help/eurlex-content/experimental-features.html" target="_blank">More about the experimental features corner</a>
Choose the experimental features you want to try
EUR-Lex
Access to European Union law

This document is an excerpt from the EUR-Lex website

You are here
Use quotation marks to search for an "exact phrase". Append an asterisk (*) to a search term to find variations of it (transp*, 32019R*). Use a question mark (?) instead of a single character in your search term to find variations of it (ca?e finds case, cane, care).
Search tips
Need more search options? Use the Advanced search

Document 52016XX0525(03)

    Executive Summary of the Recommendations of the European Data Protection Supervisor on the proposed European Border and Coastal Guard Regulation

    IO C 186, 25.5.2016, p. 10–12 (BG, ES, CS, DA, DE, ET, EL, EN, FR, HR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)

    Date of document:
    25/05/2016; Dáta foilsithe
    Author:
    An Maoirseoir Eorpach ar Chosaint Sonraí
    Form:
    Achoimre

    25.5.2016   

    EN

    Official Journal of the European Union

    C 186/10

    Executive Summary of the Recommendations of the European Data Protection Supervisor on the proposed European Border and Coastal Guard Regulation

    (The full text of this Opinion can be found in English, French and German on the EDPS website www.edps.europa.eu)

    (2016/C 186/06)

    Executive Summary

    Europe is today faced with a pressing migration crisis and increased terrorist threats. The EU therefore wants to strengthen management of its external borders. In that context, the proposed European Border and Coast Guard Regulation aims to establish general principles of European integrated border management and will reinforce the mandate of the Frontex agency.

    The EDPS recognises this need for more effective manage of migration and for reinforcing internal security, which requires processing of personal data. However, the Commission’s Proposal could also create a serious intrusion into the rights of migrants and refugees, a vulnerable group of people in particular need of protection.

    This Opinion address the five main data protection concerns and calls for further improvements of the proposed text to ensure full compliance with data protection principles. The EDPS considers that such compliance will be a key to the success of the initiative and its ability to withstand legal scrutiny. We specifically recommend:

    on the purposes of the Proposal, separate assessments of the necessity and proportionality of the measures for meeting the two identified aims of migration and security, noting that the aims will trigger the application of different data protection rules;

    on the collection of personal data, clarification of the scale and scope of processing activities by the Agency, since the current Proposal implies that the new Agency will turn into a personal data hub where massive amounts of personal information would be;

    clear delineation of responsibilities between the new Agency and the EU Member States so that there is no blurring of accountability in the data protection obligations of each controller;

    clarifications on transfers of personal data to third countries and international organisations, bearing in mind that such transfers must be based either on an adequacy assessment or on the use of appropriate safeguards;

    on the respect for fundamental rights of migrants and refugees, guarantees on the ground that migrants and refugees are informed of their rights in way that they can reasonably understand and exercise those rights.

    Overall, the new Agency must be sufficiently equipped and capable of discharging its responsibilities for complying with data protection rules and safeguarding the interests and rights of individuals to whom the personal data being processed relates.

    1.   Context of the Proposal

    1.

    On 15 December 2015, the Commission released an important set of measures better known as the ‘Borders Package’ (1), with the objective to strengthen the management of the European Union’s external borders and better protect the Schengen area. The main initiative of this package is the Proposal for a regulation establishing a European Border and Coast Guard (2) (hereinafter ‘the Proposal’), which provides for the general principles of European integrated border management and is a follow up to the Commission’s own Agenda on Migration (3) and to some extent to its Agenda on Security (4), both tabled earlier in Spring 2015.

    2.

    On 17 December 2015, the European Council called for a swift adoption of the Proposal and asked the Council of the EU to reach a political agreement before the term of the current Presidency (5). The co-legislators have accelerated their deliberations on the Proposal. The Dutch Presidency intends to meet the requested deadline (6), while the European Parliament has tentatively scheduled a plenary sitting to scrutinise the Proposal in early June (7).

    3.

    The EDPS acknowledges the migration crisis and terrorist threats that the EU is today facing, and the importance of taking swift and meaningful measures to tackle this situation at EU level. He welcomes the efforts of the European Commission to react swiftly to the current turn of events. Nevertheless, it is the EDPS’ role to recall the importance of respecting the fundamental right to data protection and to advice on better ways to include data protection safeguards in new legislative measures, in the light of Articles 7 and 8 of the Charter of Fundamental Rights of the EU (8) (hereinafter ‘the Charter’) and Article 16 of the Treaty of the Functioning of the European Union. We regret that the above mentioned agenda has not allowed for the consultation of the EDPS at an earlier stage of the legislative process.

    4.

    In the present Opinion, the EDPS has identified five main areas of concern which require further improvements of the proposed text so as to ensure compliance with the data protection framework. He will focus his comments on the purposes of the Proposal, the collection of personal data, the responsibility for processing personal data, transfers of personal data to third countries and international organisations, and the respect for fundamental rights of migrants and refugees. Finally he will highlight aspects of the Proposal where important clarifications are needed.

    8.   Conclusion

    The EDPS welcomes several aspects of the Proposal, especially the fact that some safeguards have been included in the text, for instance to limit the data retention periods. However, considering the impact of the interference with fundamental rights of migrants and refugees, the EDPS considers more generally that a separate assessment of the necessity and proportionality of the processing activities envisaged for each purpose of the Proposal should be carried out. The compatibility in between the different purposes for processing envisaged in Article 45(1) of the Proposal should be verified as well.

    In order to ensure legal certainty and compliance with data protection principles, the EDPS recommends, in particular, that the following improvements and clarifications be introduced in the final text of the initiative:

    Purpose specification and limitation

    detail more explicitly and separately the two purposes pursued by the Proposal throughout the text;

    ensure compatibility in the way data are being processed and refer explicitly to the compatibility of purposes in Article 45(1);

    redraft Article 45(3) to explicitly forbid personal data retained being further processed for other purposes than the ones defined in Article 45(1);

    Responsibilities of the Agency

    clarify the extent of processing activities by the Agency upon personal data collected during joint operations and other operational tasks, by exhaustively listing in Article 46 the categories of data that could be used and/or pass through the Agency;

    avoid ambiguity as to the accountability for processing activities and compliance between the Agency, the host Member State and home Member States in case of joint operations;

    clarify in Article 46 in which circumstances data collected at the border by Member States will be transmitted to the Agency, thus triggering its responsibility as controller;

    Quality and security of data

    clarify Article 46(1)(c) so it will not be interpreted as a general authorisation to collect such data irrespective of the categories of persons defined in Article 46(1)(a) and (b);

    clearly define the responsibility for the security of the equipment used by the EBCG and referred to in Articles 37 and 38 at all steps of the equipment lifecycle;

    Transfers

    make reference to international organisations in Article 44(4) as regards the prohibition to transfer personal data, and bring Article 51(4) in line;

    clarify Article 51 by redrafting its paragraph 4 and by dividing it in two provisions in order to address cooperation of entities within the EU and cooperation with international organisations separately;

    Rights of data subjects

    specify in Article 72 that data protection rights and related complaints will be dealt with separately by the DPO;

    ensure that information provided to data subjects in this context is conveyed in an age appropriate manner, using clear and simple language and avoiding legal terminology;

    include national data protection authorities in the list of authorities referred to provide for by Article 15, (3), l);

    remove the possibility for liaison officers to access national and European information systems from Article 11(4) if evidence of such need is not provided.

    Done at Brussels, 18 March 2016.

    Giovanni BUTTARELLI

    European Data Protection Supervisor

    (1)  The Borders Package includes in total 13 legislative documents: a proposal to establish the European Border and Coast Guard accompanied by a Commission Communication, a proposal to amend the Schengen Borders Code to introduce mandatory systematic checks on EU citizens entering and leaving the EU, a proposal to establish a European travel document for the return of illegally staying third country nationals, a Practical Handbook for implementing and managing the European Border Surveillance System, a Progress Report on the Implementation of the hotspots in Greece, a Progress Report on the Implementation of the hotspots in Italy, a proposal for a temporary suspension of Sweden’s obligations under the EU relocation mechanism, a Commission Recommendation for a voluntary humanitarian admission scheme with Turkey, a Report on the follow-up to the Leaders’ Meeting on refugee flows along the Western Balkans Route, a proposal to amend the establishing act of the Community Fisheries Control Agency and a proposal to amend the establishing act of the European Maritime Safety Agency. All documents are available at: http://ec.europa.eu/dgs/home-affairs/what-we-do/policies/securing-eu-borders/index_en.htm

    (2)  Proposal for a Regulation of the European Parliament and of the Council on the European Border and Coast Guard and repealing Regulation (EC) No 2007/2004, Regulation (EC) No 863/2007 and Council Decision 2005/267/EC (COM(2015) 671 final).

    (3)  Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions ‘A European Agenda on Migration’, Brussels, 13 May 2015, COM(2015) 240 final; at that time, the Commission had already identified that: ‘The scaling up of action in the Mediterranean exposes the reality of the management of external borders increasingly being a shared responsibility. As well as a European System of Border Guards, this would cover a new approach to coastguard functions in the EU, looking at initiatives such as asset sharing, joint exercises and dual use of resources as well as a the possibility of moving towards a European Coastguard.’

    (4)  Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions ‘The Agenda on Security’, Strasbourg, 28 April 2015, COM(2015) 185 final.

    (5)  See Conclusions of the European Council meeting on 17 and 18 December 2015 available at: http://data.consilium.europa.eu/doc/document/ST-28-2015-INIT/en/pdf

    (6)  See main results of the Justice and Home Affairs Council meeting on 25 February 2016 available on the Council website at: http://www.consilium.europa.eu/en/meetings/jha/2016/02/25/

    (7)  See the dedicated webpage to the file on the European Parliament Legislative Observatory: http://www.europarl.europa.eu/oeil/popups/ficheprocedure.do?lang=&reference=2015/0310(COD)

    (8)  Charter of Fundamental Rights of the European Union (OJ C 364, 18.12.2000, p. 1).

    Top