Schengen System

The Schengen area and cooperation

The Schengen area and cooperation are founded on the Schengen Agreement of 1985. The Schengen area represents a territory where the free movement of persons is guaranteed. The signatory states to the agreement have abolished all internal borders in lieu of a single external border. Here common rules and procedures are applied with regard to visas for short stays, asylum requests and border controls. Simultaneously, to guarantee security within the Schengen area, cooperation and coordination between police services and judicial authorities have been stepped up. Schengen cooperation has been incorporated into the European Union (EU) legal framework by the Treaty of Amsterdam of 1997. However, all countries cooperating in Schengen are not parties to the Schengen area. This is either because they do not wish to eliminate border controls or because they do not yet fulfil the required conditions for the application of the Schengen acquis.

During the 1980s, a debate began over the meaning of free movement of persons. Some Member States felt the concept should apply to European Union (EU) citizens only, which would involve keeping internal border checks in order to distinguish between citizens of the EU and non-EU nationals. Others argued in favour of free movement for everyone, which would mean an end to internal border checks altogether. Since Member States could not reach agreement, France, Germany, Belgium, Luxembourg and the Netherlands decided in 1985 to create a territory without internal borders. This became known as the “Schengen area”, after the town in Luxembourg where the first agreements were signed. Following the signing of the Treaty of Amsterdam, this intergovernmental cooperation was incorporated into the EU framework on 1 May 1999.

Development of Schengen cooperation and extension of the Schengen area

The first agreement between the five original group members was signed on 14 June 1985. A further convention was drafted and signed on 19 June 1990. When it took effect in 1995, it abolished checks at the internal borders of the signatory states and created a single external border where immigration checks for the Schengen area are carried out in accordance with identical procedures. Common rules regarding visas, right of asylum and checks at external borders were adopted to allow the free movement of persons within the signatory states without disrupting law and order.

Accordingly, in order to reconcile freedom and security, this freedom of movement was accompanied by so-called “compensatory” measures. This involved improving cooperation and coordination between the police and the judicial authorities in order to safeguard internal security and, in particular, to fight organised crime. With this in mind, the Schengen Information System (SIS) was set up. SIS is a sophisticated database used by authorities of the Schengen member countries to exchange data on certain categories of people and goods.

The Schengen area gradually expanded to include nearly every Member State. Italy signed the agreements on 27 November 1990, Spain and Portugal joined on 25 June 1991, Greece followed on 6 November 1992, then Austria on 28 April 1995 and Denmark, Finland and Sweden on 19 December 1996. The Czech Republic, Estonia, Latvia, Lithuania, Hungary, Malta, Poland, Slovenia and Slovakia joined on 21 December 2007 and the associated country Switzerland on 12 December 2008. Bulgaria, Cyprus and Romania are not yet fully-fledged members of the Schengen area; border controls between them and the Schengen area are maintained until the EU Council decides that the conditions for abolishing internal border controls have been met. (Details of the position of the United Kingdom (1) and Ireland are given below.)

Measures adopted by the Member States as part of cooperation under Schengen

Key rules adopted within the Schengen framework include:

removal of checks on persons at the internal borders;
a common set of rules applying to people crossing the external borders of the EU Member States;
harmonisation of the conditions of entry and of the rules on visas for short stays;
enhanced police cooperation (including rights of cross-border surveillance and hot pursuit);
stronger judicial cooperation through a faster extradition system and transfer of enforcement of criminal judgments;
establishment and development of the Schengen Information System (SIS).

The Schengen Information System (SIS)

At the heart of the Schengen mechanism, an information system was set up. It allows national border control and judicial authorities to obtain information on persons or objects.

Member States supply information to the system through national networks (N-SIS) connected to a central system (C-SIS). This IT system is supplemented by a network known as SIRENE (Supplementary Information Request at the National Entry), which is the human interface of the SIS.

Incorporating the Schengen acquis into the EU framework

A protocol attached to the Treaty of Amsterdam incorporates the developments brought about by the Schengen Agreement into the EU framework. The Schengen area is now within the legal and institutional framework of the EU. Thus, it comes under parliamentary and judicial scrutiny, and attains the objective of free movement of persons enshrined in the Single European Act of 1986, while ensuring democratic parliamentary control and giving citizens accessible legal remedies when their rights are challenged (Court of Justice and/or national courts, depending on the area of law).

In order to make this integration possible, the Council of the EU took a number of decisions. First, as set out in the Treaty of Amsterdam, the Council took the place of the Executive Committee created under the Schengen Agreements. With its Decision 1999/307/EC of 1 May 1999, the Council established a procedure for incorporating the Schengen Secretariat into the General Secretariat of the Council, including arrangements relating to Schengen Secretariat staff. Subsequently, new working groups were set up to help the Council manage the work.

One of the Council’s most important tasks in incorporating the Schengen area was to choose those provisions and measures taken by the signatory states that formed a genuine acquis, or body of law, and that could serve as a basis for further cooperation. A list of the elements that make up the acquis, setting out the corresponding legal basis for each of them in the Treaties (EC Treaty or the Treaty on the European Union), was adopted by Council Decisions 1999/435/EC and 1999/436/EC of 20 May 1999. Most of these acts are published in the Official Journal. Since then, the Schengen legislation has been further developed. For example, some articles of the Schengen Convention have been replaced by new EU legislation (e.g. the Schengen Borders Code).

The participation of Denmark

Although Denmark has signed the Schengen Agreement, it can choose whether or not to apply any new measures taken under Title IV of the EC Treaty within the EU framework, even those that constitute a development of the Schengen acquis. However, Denmark is bound by certain measures under the common visa policy.

The participation of Ireland and the United Kingdom (1)

In accordance with the protocol to the Treaty of Amsterdam, Ireland and the United Kingdom (1) can take part in some or all of the Schengen arrangements, if the Schengen Member States and the government representative of the country in question vote unanimously in favour within the Council.

In March 1999, the United Kingdom (1) asked to cooperate in some aspects of Schengen, namely police and judicial cooperation in criminal matters, the fight against drugs and the SIS. The Council Decision 2000/365/EC approving the request by the United Kingdom was adopted on 29 May 2000.

In June 2000, Ireland too asked to take part in some aspects of Schengen, roughly corresponding to the aspects covered by the United Kingdom’s (1) request. The Council adopted the Decision 2002/192/EC approving Ireland’s request on 28 February 2002. The Commission had issued opinions on the two applications, stressing that the partial participation of these two Member States should not reduce the consistency of the acquis as a whole.

After evaluating the conditions that must precede implementation of the provisions governing police and judicial cooperation, the Council consented with its Decision 2004/926/EC of 22 December 2004 that this part of the Schengen acquis could be implemented by the United Kingdom (1).

Relations with third countries: common principles

The gradual expansion of the Schengen area to include all EU Member States has led third countries that have particular relations with the EU to take part in Schengen cooperation. The precondition for association with the Schengen acquis by non-EU countries is an agreement on free movement of persons between those states and the EU (this is provided for by the Agreement on the European Economic Area in the cases of Iceland, Norway and Liechtenstein and by the Agreement on the free movement of persons in the case of Switzerland).

For these countries this participation involves:

being included in the area without checks at internal borders;
applying the provisions of the Schengen acquis and of all Schengen-relevant texts adopted pursuant to it;
being involved in decisions relating to Schengen-relevant texts.
In practice, this involvement takes the form of mixed committees that meet alongside the working parties of the EU Council. They comprise representatives of the Member States’ governments, the Commission and the governments of third countries. Associated countries therefore participate in discussions on the development of the Schengen acquis, but do not take part in voting. Procedures for notifying and accepting future measures or acts have been laid down.

Relations with Iceland and Norway

Together with Sweden, Finland and Denmark, Iceland and Norway belong to the Nordic Passport Union, which has abolished internal border checks. Iceland and Norway have been associated with the development of the Schengen Agreements since 19 December 1996. Although they did not have voting rights in the Schengen Executive Committee, they were able to express opinions and formulate proposals. To extend this association, the agreement on Iceland’s and Norway’s association with the implementation, application and development of the Schengen acquis, as based on the Council Decision 1999/439/EC of 17 May 1999, was signed between Iceland, Norway and the EU on 18 May 1999.

An agreement approved by the Council on 28 June 1999 covers relations between Iceland and Norway on the one hand, and Ireland and the United Kingdom (1) on the other, in the areas of the Schengen acquis applying to Iceland and Norway [Official Journal L 15 of 20.1.2000].

The Council Decision 2000/777/EC of 1 December 2000 provides for the application of the Schengen acquis arrangements to the five countries of the Nordic Passport Union as from 25 March 2001.

The participation of Switzerland and Liechtenstein

The EU concluded an agreement with Switzerland on its participation in the Schengen area [Official Journal L 53 of 27.2.2008]; consequently, Switzerland joined on 12 December 2008. It has the same associate status as Norway and Iceland. A protocol on the participation of Liechtenstein in the Schengen area was signed on 28 February 2008.

The second-generation Schengen Information System (SIS II)

As the SIS has been operational since 1995, work is in progress on a new system with enhanced functionalities and based on new technology. This new system (SIS II) is currently undergoing extensive tests in cooperation with Member States.

The Council adopted two legislative instruments on 6 December 2001: Regulation (EC) No 2424/2001 and Decision 2001/886/JHA, making the Commission responsible for developing SIS II and providing for the related expenditure to be covered by the general budget of the EU. These instruments were modified in 2006, extending the period of their validity until 31 December 2008.

The Commission published a communication [COM(2001) 720] on 18 December 2001 examining ways of creating and developing SIS II. Following studies and discussions relating to the architecture and functionalities of the future system, the Commission presented three proposals for legislative instruments in 2005. Two of the instruments in this package (Regulation (EC) No 1987/2006 on 1st pillar aspects of the establishment, operation and use of SIS II and Regulation (EC) No 1986/2006 on access to SIS II by the services responsible for issuing vehicle registration certificates) were adopted on 20 December 2006. The third instrument (Decision 2007/533/JHA determining 3rd pillar aspects of the establishment, operation and use of SIS II) was adopted on 12 June 2007.

The Justice and Home Affairs Council of December 2006 endorsed the SISone4all project (a joint effort by Member States coordinated by Portugal). SISone4all was a temporary solution, which enabled nine EU Member States that joined the EU in 2004 to connect to the current SIS system (SIS1+), with some technical adjustments. The successful completion of SISone4all, in conjunction with the positive Schengen evaluations, allowed the lifting of internal border controls with these new countries at the end of 2007 for land and sea borders and in March 2008 for air borders.

The lifting of internal border controls paved the way for implementing alternative and less risky approaches for migrating from SIS1+ to SIS II. Following requests by the Member States to allow more time for testing the system and to adopt a less risky strategy for migration from the old system to the new one, the Commission presented proposals for a regulation and a decision defining the tasks and responsibilities of the various parties involved in preparing for the migration to SIS II (including testing and any further development work needed during this phase). These proposals were adopted by the Council on 24 October 2008.

Strengthening the Schengen area

The objectives of the European strategy for strengthening the Schengen area are to improve the application of common rules and to better deal with exceptional threats at external borders.

Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions of 16 September 2011, Schengen governance – strengthening the area without internal border control (COM(2011) 561 final – Not published in the Official Journal).

The so-called Arab Spring revolutions in 2011 led to a significant influx of immigrants into some European Union (EU) Member States. These events highlighted the need to strengthen the application of the Schengen area’s common rules and to regulate the reintroduction of controls at internal borders in exceptional circumstances, especially when the overall functioning of the Schengen area is put in danger.

In 2011, the Commission published a communication and two legislative proposals to address this. The latter were eventually adopted in October 2013.

Better evaluating the application of Schengen area rules

The free movement of citizens within the Schengen area relies on mutual trust whereby each participating country is ready and able to apply the entire body of common rules on controls of external borders, visas, police and judicial cooperation, measures concerning the Schengen Information System, etc. (the Schengen acquis).

To achieve this, it has become essential firstly to strengthen the evaluation mechanism designed to control the application of the Schengen acquis by EU Member States and secondly to ensure there is appropriate monitoring and control of the recommendations set out in the evaluation reports, notably when a failure or shortcoming is identified. The Commission is responsible for carrying out this control and monitoring work.

The system for this was introduced through Regulation (EU) No 1053/2013 on establishing an evaluation and monitoring mechanism. EU Member States and the Commission are jointly responsible for implementing the mechanism, even though the Commission plays a coordination role.

Temporary reintroduction of controls at internal borders

The Schengen Borders Code already provides the option, for an EU Member State, to temporarily reintroduce controls at its internal borders in the event of a serious threat to public order and internal security (e.g. terrorist threats or threats linked to organised crime).

Regulation (EU) No 1051/2013 extends this option to cases of serious deficiencies related to controlling external borders and identified in the framework of Regulation (EU) No 1053/2013. However, in this case, the initiative for reintroduction falls to the Commission and the Council.

When such deficiencies are identified in an evaluation report, the Commission can make a recommendation to the country evaluated to take certain measures, such as deploying European border guard teams. As a last resort, it can also initiate the procedure described below.
When the overall functioning of the Schengen area is put in danger due to the serious and ongoing deficiencies of external border controls, the Council, following a proposal from the Commission, can make a recommendation to one or more EU Member States to temporarily reintroduce internal border controls.

RELATED ACTS

Council Regulation (EU) No 1053/2013 of 7 October 2013 establishing an evaluation and monitoring mechanism to verify the application of the Schengenacquisand repealing the Decision of the Executive Committee of 16 September 1998 setting up a Standing Committee on the evaluation and implementation of Schengen (Official Journal L 295 of 6 November 2013).

Regulation (EU) No 1051/2013 of the European Parliament and of the Council of 22 October 2013 amending Regulation (EC) No 562/2006 in order to provide for common rules on the temporary reintroduction of border control at internal borders in exceptional circumstances (Official Journal L 295 of 6 November 2013).

Report from the Commission to the European Parliament and the Council: Fifth biannual report on the functioning of the Schengen area 1 November 2013-30 April 2014 (Not published in the Official Journal). COM(2014) 292 final -Not published in the Official Journal).

Following the communication of 16 September 2011, the Commission presents bimonthly reports to the European Parliament and the Council on the functioning of the Schengen area. In its latest report, it notably indicates that the preparations for implementation of the new evaluation mechanism are under way and that the first evaluations under the new mechanism are expected to be conducted from January 2015 onwards.

A strengthened Schengen Information System

Regulation (EU) 2018/1860 on the use of the Schengen Information System (SIS) for the return of illegally staying third-country nationals

Regulation (EU) 2018/1861 on the establishment, operation and use of the SIS in the field of border checks, and amending the Convention implementing the Schengen Agreement

Regulation (EU) 2018/1862 on the establishment, operation and use of the SIS in the field of police cooperation and judicial cooperation in criminal matters

The Schengen Information System (SIS), created in 1995 following the abolition of internal border controls in the EU, is a large-scale database supporting external border control and law enforcement cooperation between member countries of the Schengen Agreement.

The 3 regulations are designed to strengthen the existing measures in SIS II — established in 2006 and operational from 2013 — particularly in light of the new migration and security challenges. They will replace the current legislation laid down in Regulations (EC) No 1986/2006 and (EC) No 1987/2006, and Decision 2007/533/JHA.

This summary describes how the SIS will operate once the 3 new regulations are fully in force.

KEY POINTS

Architecture

SIS consists of:

a central system (Central SIS) with
a technical support function (CS-SIS), containing a database (SIS database) performing technical supervision and administrative tasks, and a backup CS-SIS;
a uniform national interface (NI-SIS) in each country which members use to enter, update, delete and search SIS data;
a national system (N.SIS) in each country to communicate with Central SIS, including at least one national or shared backup N.SIS. It is not possible to search data files in another N.SIS, unless the countries concerned have agreed to share the file;
a communication infrastructure between CS-SIS, backup CS-SIS and NI-SIS provides an encrypted virtual network for SIS data and their exchange between SIRENE bureaux.

The European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA):

implements technical solutions to strengthen the uninterrupted availability of SIS;
in exceptional circumstances, may develop an additional copy of the SIS database;
must present a report no later than 28 December 2019 on options for technical solutions, containing an independent impact assessment and cost-benefit analysis;
publishes a list of the N.SIS offices and SIRENE Bureaux.

Procedural rules state:

alerts should remain in SIS only as long as required for their specific purpose and be deleted when they achieve their purpose;
alerts must be reviewed within defined periods. The member country may then decide to prolong them, otherwise they are automatically deleted. The review periods are
5 years: persons wanted for arrest for surrender or extradition purposes and missing persons who may, or may not, need to be placed under protection
3 years: people sought to assist with a judicial procedure and unknown wanted persons
1 year: children at risk, vulnerable persons who need to be protected from travelling and persons for discreet, inquiry or specific checks
10 years: objects for discreet inquiry or specific checks or for seizure or use as evidence in criminal proceedings;
categories of data to be entered into the system. These are designed to help end-users take decisions quickly. They include minimum requirements (surname, date of birth, reason for the alert and action to be taken) and other data, such as type of offence, photographic and dactyloscopic* information, if available;
use of biometric and dactyloscopic data must respect EU law and fundamental rights, and meet minimum quality standards and technical specifications;
a case must be adequate, relevant and sufficiently important to warrant an SIS alert, for example, an alert linked to a terrorist offence meets these criteria;
only the issuing member country may modify, add to, correct, update or delete data in SIS;
a country which considers acting on an alert would be incompatible with its national law, international obligations or essential interests may attach a flag* to the alert. This indicates it will not take any action on its territory.

Costs:

the EU budget covers the operational, maintenance and development costs of Central SIS and the communication infrastructure;
Schengen member countries cover the operational, maintenance and development costs of their own N.SIS.

Alert categories per regulation

Regulation (EU) 2018/1860 strengthens enforcement of the EU’s return policy and reduces incentives for illegal immigration into the EU:

it lays down common conditions and procedures for entering and processing alerts and exchanging supplementary information on non-EU nationals subject to return decisions*;
it requires national authorities to enter alerts as soon as a return decision is taken;
it establishes harmonised procedures on
categories of data to be included in the alert
verification if a return decision has been complied with and, if not, the follow-up between the relevant authorities
retention and deletion of alerts to ensure there is no delay between the departure of a non-EU national and the activation of an entry ban
compulsory consultation between national authorities before
granting or extending a residence permit or long-stay visa for a non-EU national who may be the subject of a return alert in another EU country
entering an alert on a return decision if the person is legally staying elsewhere in the EU.

Regulation (EU) 2018/1861 covers the use of SIS for entry bans and border checks:

it establishes the conditions and procedures for entering and processing alerts and exchange of supplementary information* on non-EU nationals refused entry or the right to stay in the EU;
it introduces harmonised procedures on
categories of data to be included in the alert
compulsory entry of an alert when a non-EU national is refused entry or the right to stay because they pose a security threat or are subject to a restrictive order preventing entry into, or transit through, an EU country
non-EU nationals with the right of free movement within the EU
mandatory consultation between national authorities before granting or extending a residence permit or long-stay visa to a non-EU national refused the right of entry or stay in another EU country;
it guarantees non-EU nationals the right to be informed in writing if they are the subject of an alert.

Regulation 2018/1862 improves and extends the use of SIS for cooperation between police and judicial authorities:

it establishes the conditions and procedures for entering and processing alerts in the SIS on people and objects, and for exchanging supplementary information and data in police and judicial cooperation on criminal matters;
it covers procedures on alerts on:
people wanted for arrest, for surrender or extradition purposes;
missing persons;
vulnerable persons who need to be prevented from travelling, either for their own protection or to prevent a threat to public order or security;
children at risk, notably of abduction, trafficking or becoming involved in terrorism;
individuals being sought to assist with a judicial procedure as witnesses or because they have been summoned in connection with criminal proceedings;
unknown wanted persons whose identity is being sought;
discreet or specific checks and inquiries to prevent, detect, investigate or prosecute criminal offences, execute a criminal sentence or prevent threats to public security;
items to be seized or used as evidence in criminal proceedings, especially readily identifiable objects such as cars, boats, aircraft, firearms, identity documents and banknotes.

Data rights

Individuals have the right to:

know whether or not their personal data are being processed, for what purposes and under what conditions;
lodge a complaint with a supervisory authority;
correction of inaccurate personal data without undue delay;
erasure of personal data if their use is no longer necessary or these have been unlawfully processed;
take action to access, rectify, erase, obtain information or compensation for an alert that concerns them;
compensation from a member country for any material or non-material damage they suffer from unlawful processing of their personal data.

SIS member governments:

are committed to enforcing rulings on data protection rights;
report annually to the European Data Protection Board on the number of requests they receive to access data and correct inaccuracies, and the volume of court cases and their outcome.
Independent supervisory authorities monitor the legality of national processing of personal data in SIS; the European Data Protection Supervisor set up under Regulation (EU) 2018/1725 performs the same role for eu-LISA. The two cooperate to ensure coordinated supervision of SIS.

Data processed in SIS and related supplementary information may not be transferred or made available to non-EU countries or international organisations.
Regulation (EU) 2018/1725 applies to personal data processed by eu-LISA, the European Border and Coast Guard Agency and Eurojust.
Regulation (EU) 2016/679 and Directive (EU) 2016/680 apply to personal data processed by national competent authorities and services.

The following have access to data in SIS:

National authorities responsible for
border control, police and customs checks;
prevention, detection, investigation or prosecution of terrorist acts or other serious criminal offences;
decisions, including on residence permits and long-stay visas, on the entry, stay and return of non-EU nationals;
security checks on non-EU nationals applying for international protection;
naturalisation decisions;
public prosecutions in criminal proceedings and judicial inquiries;
issuing registration certificates for vehicles, boats, aircraft and firearms;
the EU agencies below have the right to access and search for the data in SIS they require to carry out their responsibilities. They inform the issuing member country when a search reveals the existence of an alert. They may not connect parts of SIS or transfer any of its data to their own system
Europol: may access all data, not just some as previously. SIS member countries must inform the law enforcement agency of any hits or alerts relating to terrorist offences;
Eurojust, which handles judicial cooperation of criminal matters;
European Border and Coast Guard, teams involved in return-related tasks and migration management support teams.

The European Commission evaluates every 5 years the use these agencies make of SIS.

Responsibilities

Each SIS member country:

ensures the data are accurate, up-to-date and entered and stored in SIS lawfully, and respect general data processing rules;
sets up, operates, maintains and develops its N.SIS, according to common standards, protocols and technical procedures, and connects it to NI-SIS;
ensures the uninterrupted availability of SIS data to end-users;
transmits its alerts through its N.SIS;
designates an N.SIS Office with central responsibility to ensure the smooth operation and security of its N.SIS, access of the competent authorities to the SIS, overall compliance with the regulation and appropriate availability of the SIS for all end-users;
appoints a national authority (the SIRENE Bureau) as a single contact point operational 24/7 for the exchange and availability of all supplementary information on alerts and to facilitate follow-up action;
adopts security, business continuity and disaster recovery plans to protect data and prevent unauthorised access;
applies professional secrecy and confidentiality rules, including close monitoring of external contractors. Private companies and organisations are banned from operational management of the N.SIS;
keeps electronic logs, normally deleted after 3 years, on alerts, access and exchange of personal data to check whether the search was lawful and ensure data integrity and security;
operates a national SIS training programme for staff with access to SIS on data security, fundamental rights, including data protection, and data processing rules and regulations.

The Commission:

adopts implementing and delegated acts on technical aspects of SIS and updates these as necessary;
under Regulation (EU) No 1053/2013, has an overall coordinating role for the evaluation and monitoring mechanism it implements with EU governments to ensure Schengen rules are fully applied nationally. This includes evaluation of the SIS;
will submit a report to the European Parliament and EU governments by 28 December 2019, and every year thereafter, until decides on the date for SIS operations to start, on the state of play of preparations for full implementation of the updated SIS regulation 2018/1862;
carries out an overall evaluation of Central SIS, the supplementary information exchange between national authorities, including an assessment of the automated fingerprint identification system (AFIS) and the SIS information campaigns 3 years after the regulation comes into force and every 4 years thereafter.

eu-LISA is responsible for:

Central SIS: its operational management, including quality checks on the data it contains, and all the tasks necessary to ensure it functions 24/7 every day of the year;
communication infrastructure: key aspects, notably supervision, security, coordination between member countries and providers, and budgetary and contractual issues;
SIRENE Bureaux: coordinating, managing and supporting testing activities, maintaining and updating technical specifications on supplementary information exchange between the Bureaux and the communication infrastructure, and managing technical change;
adopting the necessary measures to protect data and prevent unauthorised access or use, including security, business continuity and disaster recovery plans for Central SIS and the communication infrastructure;
applying professional secrecy and confidentiality rules, and maintenance of electronic logs on the same conditions as national authorities;
making publicly available via the EU’s Official Journal a list of national authorities authorised to search for data in SIS;
producing daily, monthly and annual statistics on the number of records per category of alerts, omitting any personal data. Its reports are made public.

Information campaign

The Commission, in cooperation with supervisory authorities and the European Data Protection Supervisor, runs the campaign. This is launched when the legislation comes into force and is repeated at regular intervals, to inform the public on:
the aims of SIS;
the data it holds;
the authorities with access to it;
individuals’ data rights.
The Commission maintains a publicly available website with all relevant information on SIS.
EU countries, working with their supervisory authorities, must inform the public about SIS.

FROM WHEN DO THE REGULATIONS APPLY?

They shall apply gradually and in entirety they shall be fully operational byno later than 28 December 2021. The date is to be decided by the Commission after the verification that the following conditions have been met:

implementing acts have been adopted;
national authorities have made the necessary arrangements to process SIS data and the exchange of supplementary information;
eu-LISA has successfully completed all its testing requirements.

BACKGROUND

While based on different pieces of legislation, the SIS is a single system for sharing data and requests among its members.
It is the most widely used and largest security and border management information sharing system in Europe. In 2018, it contained some 82.2 million records, had been accessed more than 6.1 billion times and secured 267,239 hits.
It operates in 30 European countries: all EU members apart from Cyprus and Ireland, and in Iceland, Liechtenstein, Norway and Switzerland.
Communication from the Commission — COVID-19 Guidance on the implementation of the temporary restriction on non-essential travel to the EU, on the facilitation of transit arrangements for the repatriation of EU citizens, and on the effects on visa policy

Alert: a set of data enabling authorities to identify a person or object and act accordingly.
Dactyloscopic data: data on palm and fingerprints.
Flag: suspension of the validity of an alert at national level.
Return decisions: judicial or administrative decision on a non-EU national considered to be staying illegally who should return to their home country.
Supplementary information: information not forming part of the alert data in SIS, but connected to it.

DOCUMENTS

Regulation (EU) 2018/1860 of the European Parliament and of the Council of 28 November 2018 on the use of the Schengen Information System for the return of illegally staying third-country nationals(OJ L 312, 7.12.2018, pp. 1-13)

Regulation (EU) 2018/1861 of the European Parliament and of the Council of 28 November 2018 on the establishment, operation and use of the Schengen Information System (SIS) in the field of border checks, and amending the Convention implementing the Schengen Agreement, and amending and repealing Regulation (EC) No 1987/2006 (OJ L 312, 7.12.2018, pp. 14-55)

Successive amendments to Regulation (EU) 2018/1861 have been incorporated into the original document. This consolidated version is of documentary value only.

Regulation (EU) 2018/1862 of the European Parliament and of the Council of 28 November 2018 on the establishment, operation and use of the Schengen Information System (SIS) in the field of police cooperation and judicial cooperation in criminal matters, amending and repealing Council Decision 2007/533/JHA, and repealing Regulation (EC) No 1986/2006 of the European Parliament and of the Council and Commission Decision 2010/261/EU (OJ L 312, 7.12.2018, pp. 56-106)

Regulation (EU) 2018/1726 of the European Parliament and of the Council of 14 November 2018 on the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA), and amending Regulation (EC) No 1987/2006 and Council Decision 2007/533/JHA and repealing Regulation (EU) No 1077/2011 (OJ L 295, 21.11.2018, pp. 99-137)

Directive (EU) 2017/541 of the European Parliament and of the Council of 15 March 2017 on combating terrorism and replacing Council Framework Decision 2002/475/JHA and amending Council Decision 2005/671/JHA (OJ L 88, 31.3.2017, pp. 6-21)

Regulation (EU) 2016/1624 of the European Parliament and of the Council of 14 September 2016 on the European Border and Coast Guard and amending Regulation (EU) 2016/399 of the European Parliament and of the Council and repealing Regulation (EC) No 863/2007 of the European Parliament and of the Council, Council Regulation (EC) No 2007/2004 and Council Decision 2005/267/EC (OJ L 251, 16.9.2016, pp. 1-76)

Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (OJ L 119, 4.5.2016, pp. 1-88)

Regulation (EU) 2016/399 of the European Parliament and of the Council of 9 March 2016 on a Union Code on the rules governing the movement of persons across borders (Schengen Borders Code) (OJ L 77, 23.3.2016, pp. 1-52)

Council Regulation (EU) No 1053/2013 of 7 October 2013 establishing an evaluation and monitoring mechanism to verify the application of the Schengen acquis and repealing the Decision of the Executive Committee of 16 September 1998 setting up a Standing Committee on the evaluation and implementation of Schengen (OJ L 295, 6.11.2013, pp. 27-37)

Directive 2008/115/EC of the European Parliament and of the Council of 16 December 2008 on common standards and procedures in Member States for returning illegally staying third-country nationals (OJ L 348, 24.12.2008, pp. 98-107)

The Schengen acquis as referred to in Article 1(2) of Council Decision 1999/435/EC of 20 May 1999 (OJ L 239, 22.9.2000, pp. 1-473)

The European Travel Information and Authorisation System (ETIAS)

Regulation (EU) 2018/1240 — establishing a European Travel Information and Authorisation System (ETIAS)

Regulation (EU) 2018/1241 — amending Regulation (EU) 2016/794 for the purpose of establishing a European Travel Information and Authorisation System (ETIAS)

They aim to strengthen security checks on non-EU citizens travelling visa free to the Schengen area contributing to:

a high level of security;
the prevention of illegal immigration;
the protection of public health;
more-effective border checks;
the objectives of the Schengen Information System;
the prevention, detention and investigation of terrorist offences or other serious crimes.

KEY POINTS

ETIAS is an automated IT system created to identify any security or irregular migratory risks posed by visa-exempt visitors travelling to the Schengen area whilst ensuring fundamental rights and data protection.
It will be developed by eu-LISA and aims to be operational by 2022.

Non-EU nationals who do not need a visa to travel to the Schengen area will have to apply for a travel authorisation (ETIAS) prior to their trip.
After filling in an online application form, the system will conduct checks against EU information systems for borders and security.

Prior verification of visa-exempt non-EU citizens will:
facilitate border checks;
avoid bureaucracy and delays for travellers when presenting themselves at the borders;
ensure a coordinated and harmonised risk assessment of non-EU nationals; and
substantially reduce the number of refusals of entry at border crossing points.
Authorisation

The ETIAS travel authorisation costs €7.00 and is valid for 3 years. The travel authorisation can be revoked, should the conditions for issuing it be no longer met, or cancelled where the conditions were not met at the time of issuance.
If travel authorisation is refused, the applicant retains the right to appeal. Appeals can be launched in the EU country which took the decision on the application, in accordance with its national law.

FROM WHEN DO THE REGULATIONS APPLY?

These regulations will apply from the date determined by the European Commission (on the basis of certain conditions being fulfilled) with the exception of certain articles of Regulation (EU) 2018/1240 which have applied since 9 October 2018.

DOCUMENTS

Regulation (EU) 2018/1240 of the European Parliament and of the Council of 12 September 2018 establishing a European Travel Information and Authorisation System (ETIAS) and amending Regulations (EU) No 1077/2011, (EU) No 515/2014, (EU) 2016/399, (EU) 2016/1624 and (EU) 2017/2226 (OJ L 236, 19.9.2018, pp. 1-71)

Successive amendments to Regulation (EU) 2018/1240 have been incorporated in the original text. This consolidated version is of documentary value only.

Regulation (EU) 2018/1241 of the European Parliament and of the Council of 12 September 2018 amending Regulation (EU) 2016/794 for the purpose of establishing a European Travel Information and Authorisation System (ETIAS) (OJ L 236, 19.9.2018, pp. 72-73)

Regulation (EU) 2019/817 of the European Parliament and of the Council of 20 May 2019 on establishing a framework for interoperability between EU information systems in the field of borders and visa and amending Regulations (EC) No 767/2008, (EU) 2016/399, (EU) 2017/2226, (EU) 2018/1240, (EU) 2018/1726 and (EU) 2018/1861 of the European Parliament and of the Council and Council Decisions 2004/512/EC and 2008/633/JHA (OJ L 135, 22.5.2019, pp. 27-84)

Regulation (EU) 2019/818 of the European Parliament and of the Council of 20 May 2019 on establishing a framework for interoperability between EU information systems in the field of police and judicial cooperation, asylum and migration and amending Regulations (EU) 2018/1726, (EU) 2018/1862 and (EU) 2019/816 (OJ L 135, 22.5.2019, pp. 85-135)

Regulation (EU) 2017/2226 of the European Parliament and of the Council of 30 November 2017 establishing an Entry/Exit System (EES) to register entry and exit data and refusal of entry data of third-country nationals crossing the external borders of the Member States and determining the conditions for access to the EES for law enforcement purposes, and amending the Convention implementing the Schengen Agreement and Regulations (EC) No 767/2008 and (EU) No 1077/2011 (OJ L 327, 9.12.2017, pp. 20-82)

Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA and 2009/968/JHA (OJ L 135, 24.5.2016, pp. 53-114)

Regulation (EC) No 767/2008 of the European Parliament and of the Council of 9 July 2008 concerning the Visa Information System (VIS) and the exchange of data between Member States on short-stay visas (VIS Regulation) (OJ L 218, 13.8.2008, pp. 60-81)

Access of vehicle registration services to SIS II

Regulation (EC) No 1986/2006 on access to the Second Generation Schengen Information System (SIS II) by EU countries’ services responsible for issuing vehicle registration certificates

It allows services in European Union (EU) countries that are responsible for issuing vehicle registration certificates access to the Second Generation Schengen Information System (SIS II).
This is for the sole purpose of checking whether a vehicle presented for registration has not been stolen and/or is not sought as evidence in criminal proceedings.

KEY POINTS

The regulation gives the right to vehicle registration services to access data in SIS II concerning:
motor vehicles with a cylinder capacity exceeding 50 cc (cubic centimetres);
trailers with an unladen weight exceeding 750 kg and caravans;
vehicle registration certificates and vehicle number plates which have been stolen, misappropriated, lost or invalidated.

Vehicle registration services that are not public services have access to the data in SIS II only through one of the authorities referred to in the SIS II Decision (i.e. Council Decision 2007/533/JHA). These authorities include border control authorities, police and customs.
The SIS II Decision lays down the action to be taken, should SIS II bring to light a vehicle that has been stolen or is being sought as evidence in criminal proceedings.

It has applied since 17 January 2007.

BACKGROUND

EU countries are required to assist one another in the implementation of Council Directive 1999/37/EC on the registration documents for vehicles. They may exchange information to check a vehicle’s legal status in the country in which it was previously registered.

Regulation (EC) No 1987/2006 and Decision 2007/533/JHA concerning the establishment, operation and use of SIS II (SIS II Regulation and Decision) replaced all but one article of the Convention implementing the Schengen Agreement of 14 June 1985. That article concerns access to the Schengen Information System by the authorities and services in the EU countries responsible for issuing registration certificates for vehicles. This third act completes the SIS II legal framework, ensuring that EU countries’ vehicle registration services have access to SIS II once operational.

DOCUMENT

Regulation (EC) No 1986/2006 of the European Parliament and of the Council of 20 December 2006 regarding access to the Second Generation Schengen Information System (SIS II) by the services in the Member States responsible for issuing vehicle registration certificates (OJ L 381, 28.12.2006, pp. 1-3)

Subsequent amendments to Regulation (EC) No 1986/2006 have been incorporated into the basic text. This consolidated version is of documentary value only.

Strengthening the Schengen area

The objectives of the European strategy for strengthening the Schengen area are to improve the application of common rules and to better deal with exceptional threats at external borders.

In 2011, the Commission published a communication and two legislative proposals to address this. The latter were eventually adopted in October 2013.