Commission Implementing Decision (EU) 2018/1547 of 15 October 2018 laying down th... (32018D1547)
EU - Rechtsakte: 19 Area of freedom, security and justice

COMMISSION IMPLEMENTING DECISION (EU) 2018/1547

of 15 October 2018

laying down the specifications for the connection of the central access points to the Entry/Exit System (EES) and for a technical solution to facilitate the collection of data by Member States for the purpose of generating statistics on the access to the EES data for law enforcement purposes

THE EUROPEAN COMMISSION,
Having regard to the Treaty on the Functioning of the European Union,
Having regard to Regulation (EU) 2017/2226 of the European Parliament and of the Council of 30 November 2017 establishing an Entry/Exit System (EES) to register entry and exit data and refusal of entry data of third-country nationals crossing the external borders of the Member States and determining the conditions for access to the EES for law enforcement purposes and amending the Convention implementing the Schengen Agreement and Regulation (EC) No 767/2008 and Regulation (EU) No 1077/2011 (1), and in particular Article 36(l) thereof,
Whereas:
(1) Regulation (EU) 2017/2226 established the Entry/Exit System (EES) as a system which registers electronically the time and place of entry and exit of third-country nationals admitted for a short stay to the territory of the Member States and which calculates the duration of their authorised stay.
(2) The EES aims to improve the management of external borders, to prevent irregular immigration and to facilitate the management of migration flows. The EES should, in particular, contribute to the identification of any person who does not fulfil or no longer fulfils the conditions of duration of the authorised stay on the territory of the Member States. Additionally, the EES should contribute to the prevention, detection and investigation of terrorist offences and of other serious criminal offences.
(3) Regulation (EU) 2017/2226 establishes the conditions of access to the EES data for the purposes of the prevention, detection or investigation of terrorist offences or of other serious criminal offences. Both Member States and Europol should make requests for access to EES data through the so called central access points, a body or entity entrusted by national law to exercise public authority and that should be capable of effectively verifying whether the conditions to request access to the EES are fulfilled in each case. The central access points should process the requests for access to the EES data for the purposes of the prevention, detection or investigation and transmit the EES data accessed to the requesting operating unit. In order to enable these data processing operations, each Member State should connect their respective central access points to the National Uniform Interface. Europol should also connect, and be responsible for the connection of, the Europol central access point to the EES.
(4) In accordance with Regulation (EU) 2017/2226, the European agency for the operational management of large-scale information systems in the area of freedom, security and justice established by Regulation (EU) No 1077/2011 of the European Parliament and of the Council (2) should be responsible for the development and operational management of the EES.
(5) Regulation (EU) 2017/2226 requires that prior to the development of the EES the Commission adopts measures necessary for the development and technical implementation of the EES. In this regard, Article 36(l) of Regulation (EU) 2017/2226 specifically refers to adoption of measures for the specifications for the connection of the central access points to the EES and for a technical solution to facilitate the collection of data by Member States for the purpose of generating statistics on the access to the EES data for law enforcement purposes.
(6) Based on those measures, the European agency for the operational management of large-scale information systems in the area of freedom, security and justice should then be able to define the design of the physical architecture of the EES including its Communication Infrastructure, as well as the technical specifications of the system and to develop the EES.
(7) In this framework, it is thus necessary to adopt measures laying down the specifications for technical solutions to be deployed to connect the central access points of the Member States to the National Uniform Interface and to connect the Europol central access point to the EES. The specifications for a technical solution facilitating the collection of data for the purpose of generating the statistics that Member States are required to produce on the access to the EES data for law enforcement purposes should also be adopted.
(8) The technical solution selected for implementing the EES should take into consideration the need to have a better integration of already existing and future Union border management systems, as well as the interoperability of these systems. These technical solutions should be scalable and enable further evolution in order to be capable, where required, to integrate additional functionalities, to manage bigger number of operations and to store more data.
(9) In accordance with Articles 1 and 2 of Protocol No 22 on the position of Denmark, annexed to the Treaty on European Union and to the Treaty on the Functioning of the European Union, Denmark did not take part in the adoption of Regulation (EU) 2017/2226 and is not bound by it or subject to its application. However, given that Regulation (EU) 2017/2226 builds upon the Schengen
acquis
, Denmark, in accordance with Article 4 of that Protocol, notified on 30 May 2018 its decision to implement Regulation (EU) 2017/2226 in its national law. Denmark is therefore bound under international law to implement this Decision.
(10) This Decision constitutes a development of the provisions of the Schengen
acquis
in which the United Kingdom does not take part, in accordance with Council Decision 2000/365/EC (3); the United Kingdom is therefore not taking part in the adoption of this Decision and is not bound by it or subject to its application.
(11) This Decision constitutes a development of the provisions of the Schengen
acquis
in which Ireland does not take part, in accordance with Council Decision 2002/192/EC (4); Ireland is therefore not taking part in the adoption of this Decision and is not bound by it or subject to its application.
(12) As regards Iceland and Norway, this Decision constitutes a development of the provisions of the Schengen
acquis
within the meaning of the Agreement concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the latter's association with the implementation, application and development of the Schengen
acquis
 (5), which fall within the area referred to in Article 1, point A of Council Decision 1999/437/EC (6).
(13) As regards Switzerland, this Decision constitutes a development of the provisions of the Schengen
acquis
within the meaning of the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation's association with the implementation, application and development of the Schengen
acquis
 (7), which fall within the area referred to in Article 1, point A of Decision 1999/437/EC, read in conjunction with Article 3 of Council Decision 2008/146/EC (8).
(14) As regards Liechtenstein, this Decision constitutes a development of the provisions of the Schengen
acquis
within the meaning of the Protocol between the European Union, the European Community, the Swiss Confederation and the Principality of Liechtenstein on the accession of the Principality of Liechtenstein to the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation's association with the implementation, application and development of the Schengen
acquis
 (9) which fall within the area referred to in Article 1, point A of Decision 1999/437/EC read in conjunction with Article 3 of Council Decision 2011/350/EU (10).
(15) As regards Cyprus, Bulgaria, Romania and Croatia, the operation of the EES requires the granting of passive access to the VIS and the putting into effect of all the provisions of the Schengen
acquis
relating to the SIS in accordance with the relevant Council Decisions. Those conditions can only be met once the verification in accordance with the applicable Schengen evaluation procedure has been successfully completed. Therefore, the EES should be operated only by those Member States which fulfil those conditions by the start of operations of the EES. Member States not operating the EES from the initial start of operations should be connected to the EES in accordance with the procedure set out in Regulation (EU) 2017/2226 as soon as all of those conditions are met.
(16) The European Data Protection Supervisor delivered an opinion on 23 April 2018.
(17) The measures provided for in this Decision are in accordance with the opinion of the Smart Borders Committee,
HAS ADOPTED THIS DECISION:

Article 1

Connection of the central access point(s) of each Member State

For the purposes of Articles 31 and 32 of Regulation (EU) 2017/2226, the central access point(s) referred to in Article 29(3) of Regulation (EU) 2017/2226 shall have access to the EES to process the requests of the operating units within the designated authorities.
In accordance with Article 38(1)(a) and (c) of Regulation (EU) 2017/2226, each Member State shall connect its central access point(s) to the respective national uniform interface in accordance with the technical specifications referred to in Article 37(1) of Regulation (EU) 2017/2226.

Article 2

Connection of the Europol central access point

For the purposes of Article 33 of Regulation (EU) 2017/2226, the Europol central access point referred to in Article 30(2) of Regulation (EU) 2017/2226 shall have access to the EES to process the requests of the Europol designated authority referred to in Article 30(1) of Regulation (EU) 2017/2226.
In accordance with Article 38(7) of Regulation (EU) 2017/2226, Europol shall connect its central access point to a dedicated Uniform Interface in accordance with the technical specifications referred to in Article 37(1) of Regulation (EU) 2017/2226.

Article 3

Collection of data for the purpose of generating the statistics referred to in Article 72(8) of Regulation (EU) 2017/2226

In order to facilitate the collection of the data needed to generate the statistics that Member States and Europol have to produce pursuant to Article 72(8) of Regulation (EU) 2017/2226, a technical solution shall be made available by eu-LISA to the central access point(s) referred to Article 29(3) and Article 30(2) of that Regulation. The use of this solution shall be optional. If used, each Member State and Europol shall be responsible for the national deployment as well as for the technical and operational management of this solution. This solution shall allow the collection of the following statistical data for each request for access to the EES:
(a) designated authority, central access point and operating unit initiating the request referred to in Article 29(5) of Regulation (EU) 2017/2226;
(b) flag informing if the request led to a successful match;
(c) flag mentioning if the consultation was carried out for the purpose of identification or for entry/exit records;
(d) flag informing if the consultation was carried out using the urgency procedures referred to in Article 31(2) of Regulation (EU) 2017/2226 and in the second subparagraph of Article 32(2) of Regulation (EU) 2017/2226 and flag informing if the urgency was not accepted by the
ex post
verification carried out by the central access point;
(e) the type of terrorist offence or serious criminal offence as defined in points (24) and (25) of Article 3(1) of the Regulation (EU) 2017/2226 that led to the consultation;
(f) the grounds given to substantiate the suspicion that the person concerned was covered by Regulation (EU) 2017/2226 by selecting a value from a code table with the possibility to select ‘other’ value complemented by a free text field;
(g) the grounds given not to launch the search in other Member States' automated fingerprint identification systems under Decision 2008/615/JHA in accordance with point (b) of Article 32(2) of Regulation (EU) 2017/2226 by selecting a value from a code table with the possibility to select ‘other’ value complemented by a free text field.
This information shall be stored at local level, by the central access point(s) to support the generation of statistics referred to in Article 72(8) of Regulation (EU) 2017/2226.
The data inserted in the technical solution shall be used by each Member State or by Europol to generate its statistics referred to in Article 72(8) of Regulation (EU) 2017/2226.

Article 4

Entry into force and applicability

This Decision shall enter into force on the twentieth day following that of its publication in the
Official Journal of the European Union
.
Done at Brussels, 15 October 2018.
For the Commission
The President
Jean-Claude JUNCKER
(1)  
OJ L 327, 9.12.2017, p. 20
.
(2)  Regulation (EU) No 1077/2011 of the European Parliament and of the Council of 25 October 2011 establishing a European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice (
OJ L 286, 1.11.2011, p. 1
).
(3)  Council Decision 2000/365/EC of 29 May 2000 concerning the request of the United Kingdom of Great Britain and Northern Ireland to take part in some of the provisions of the Schengen
acquis
(
OJ L 131, 1.6.2000, p. 43
).
(4)  Council Decision 2002/192/EC of 28 February 2002 concerning Ireland's request to take part in some of the provisions of the Schengen
acquis
(
OJ L 64, 7.3.2002, p. 20
).
(5)  
OJ L 176, 10.7.1999, p. 36
.
(6)  Council Decision 1999/437/EC of 17 May 1999 on certain arrangements for the application of the Agreement concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the association of those two States with the implementation, application and development of the Schengen
acquis
(
OJ L 176, 10.7.1999, p. 31
).
(7)  
OJ L 53, 27.2.2008, p. 52
.
(8)  Council Decision 2008/146/EC of 28 January 2008 on the conclusion, on behalf of the European Community, of the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation's association with the implementation, application and development of the Schengen
acquis
(
OJ L 53, 27.2.2008, p. 1
).
(9)  
OJ L 160, 18.6.2011, p. 21
.
(10)  Council Decision 2011/350/EU of 7 March 2011 on the conclusion, on behalf of the European Union, of the Protocol between the European Union, the European Community, the Swiss Confederation and the Principality of Liechtenstein on the accession of the Principality of Liechtenstein to the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation's association with the implementation, application and development of the Schengen
acquis
, relating to the abolition of checks at internal borders and movement of persons (
OJ L 160, 18.6.2011, p. 19
).
Markierungen
Leseansicht