Forslag til europaparlaments- og rådsforordning om fastsettelse av betingelser for tilgang til de andre EU-informasjonssystemer og om endring av forordning (EU) 2018/1862 og forordning (EU) ..../.... [ECRIS-TCN]
Proposal for Regulation of the European Parliament and of the Council establishing the conditions for accessing the other EU information systems and amending Regulation (EU) 2018/1862 and Regulation (EU) .../... [ECRIS-TCN]
Svensk departementsnotat offentliggjort 28.1.2019
BAKGRUNN (fra kommisjonsforslaget, engelsk utgave)
Reasons for and objectives of the proposal
In September 2018, the Council and the European Parliament adopted two legislative acts, a Regulation establishing the European Travel Information and Authorisation System (‘ETIAS’) and an amendment of the Europol Regulation for the purpose of establishing ETIAS.
Establishing ETIAS is among efforts undertaken in recent years at EU level to enhance the security of citizens and prevent irregular migration in an open Europe, securing and continuing to strengthen the management of external borders. The context and the establishment of the system were announced in the 2016 State of the Union speech. President Juncker said: ‘We will defend our borders […] with strict controls […] on everyone crossing them. Every time someone enters or exits the EU, there will be a record of when, where and why. In November  we will propose a European travel information and authorisation system – an automated system to determine who will be allowed to travel to Europe. That way we will know who is travelling to Europe before they even get here”.
ETIAS will fill the information gap on travellers exempt from the requirement of being in possession of a visa when crossing the external borders. ETIAS will determine the eligibility of visa-exempt third-country nationals prior to their travel to the Schengen Area and whether such travel poses a security, irregular migration or high epidemic risk. ETIAS will also give travellers confidence that they would be able to cross the borders smoothly. If needed, ETIAS travel authorisation could be denied by ETIAS National Units.
The assessment of such risks will involve automated processing of personal data provided in the applications for travel authorisation. The ETIAS Regulation establishes that personal data in the applications will be compared with the data present in records, files or alerts registered in EU information systems or databases (the ETIAS Central System, Schengen Information System (‘SIS’), the Visa Information System (‘VIS’), the Entry/Exit System ‘(EES’) or Eurodac), in Europol data or in the Interpol databases (the Interpol Stolen and Lost Travel Document database (‘SLTD’) or the Interpol Travel Documents Associated with Notices database (‘TDAWN’)).
While the Regulation defines in its Article 20 which group of data from the ETIAS application files can be used to consult the other systems, not all those data are collected or recorded in the same way in the other EU information systems and Europol data. For instance in one of the systems, ‘country of issue of the travel document’ is collected while in another the same data is recorded in another way, e.g. as ‘three letter code of the issuing country of the travel document’. In other instances, a category of data is collected in one system but not in the other. For instance, ‘first names of parents of applicants’ are collected by ETIAS, but not in most of the other systems to be queried by ETIAS.
Also at the time the ETIAS proposal was adopted, the situation as regards the different EU information systems to be queried by ETIAS was different from today. At the time the ETIAS proposal was adopted, two other new EU information technology systems had been proposed to be set up: discussions were ongoing on the EES Regulation while the Commission’s proposal on the European Criminal Records Information System – Third Country Nationals (‘ECRIS-TCN’) was just about to be proposed. As regards existing information systems, the legal texts of the SIS were evolving due to the proposed revisions to the SIS legal framework in December 2016, finally adopted by co-legislators in November 2018. The recast of the Eurodac Regulation had also been proposed by the Commission as part of the reform of the Common European Asylum System, but had not yet been adopted by co-legislators. The recast Eurodac Regulation still remains to be adopted by co-legislators today.
Based on these considerations, the ETIAS Regulation stipulates, in its Article 11(2) that: “The amendments to the legal acts establishing the EU information systems that are necessary for establishing their interoperability with ETIAS as well as the addition of corresponding provisions in this Regulation shall be the subject of a separate legal instrument”.
The present proposal therefore aims to set out the technical amendments necessary to fully set up the ETIAS system by amending the legal acts of the EU information technology systems ETIAS queries. The present proposal also sets out coresponding provisions and amends the ETIAS Regulation accordingly.
First, the present initiative sets out amendments to the Regulation on ECRIS-TCN, on which recently, an ‘agreement in principle’ was found by the co-legislators. Thus, in line with the intention expressed by co-legislators in the ETIAS Regulation it is now possible to include in ETIAS the necessary provisions on the relationship between ETIAS and ECRIS-TCN and to amend ECRIS-TCN accordingly.
Secondly, the present initiative also aims to establish the relations between ETIAS and the SIS. The revised SIS legal framework has been adopted in November 2018. The present proposal includes consequential amendments resulting from the adoption of the new SIS Regulations. In line with the new SIS legal framework it is proposed to include the new alert category on inquiry checks for the assessment of applications. It is not proposed to include the alert category on return decisions as such alerts are erased at the moment a return decision is implemented. This means that persons that apply for an ETIAS authorisation after having left the EU will – by definition – not have a return record in the SIS. Thirdly, the present initiative seeks to amend the EES Regulation to establish technically its relationship with ETIAS.
Fourthly, the initiative also aims at amending the VIS Regulation in order to allow VIS to receive, process and answer ETIAS queries. Although in May 2018, the Commission presented a proposal to amend the VIS Regulation in order to upgrade that database, the present initiative puts forward amendments to the VIS Regulation currently in force, as the negotiations on the proposal for the upgraded VIS are not sufficiently advanced. However, if the proposal to amend the VIS Regulation were to be adopted first, it could become necessary to introduce some technical changes in the present proposal to align it with the amended version of the VIS Regulation. If the present proposal is adopted first, some technical changes could be required in the proposal amending the VIS Regulation before its adoption.
In addition, following the adoption of both the EES Regulation and ETIAS Regulation, it is now required to align the way EES and ETIAS are working together on the way EES and VIS are integrated for the purpose of border control process and registration of border crossings in EES. This will rationalise and simplify the work of border guards through the implementation of a more uniform border control process for all third-country national entering for a short stay.
The present initiative however does not include the amendments related to Eurodac, the EU asylum and irregular migration database, given that discussions have not yet been concluded on the May 2016 legislative proposal to strengthen Eurodac. Furthermore, the data available in the current Eurodac are not sufficient for ETIAS purposes, given that the existing Eurodac only stores biometric data and a reference number, but no other personal data (e.g. name(s), age, date of birth) that would allow for contributing to the objectives of ETIAS. The May 2016 legislative proposal for a recast Eurodac Regulation seeks to extend the purpose of the database to the identification of illegally staying third-country nationals and those who have entered the EU irregularly. In particular, it provides for the storage of personal data such as the name(s), age, date of birth, nationality, and identity documents. These identity data are essential to ensure that Eurodac will be able to contribute to the objectives of ETIAS.
Once the co-legislators reach political agreement on the recast Eurodac Regulation, the recast Eurodac Regulation will need to be supplemented with the necessary amendments to connect Eurodac to ETIAS. Additionally, once the co-legislators adopt the Commission’s legislative proposals for the interoperability of information systems for security, border and migration management, and following political agreement on the proposal for a recast Eurodac Regulation, the Commission will apply the same approach with regards to the necessary amendments to make Eurodac part of the interoperability of information systems.
Finally, in line with the April 2016 Communication on "Smarter Information Systems for borders and security", ETIAS is to be built based on a re-use of hardware and software components developed for the EES. This is also the approach followed by the legislative proposals on the interoperability of information systems. The technical development of the common identity repository and the European search portal as foreseen by the legislative proposals on the interoperability of information systems would be developed on the basis of the EES/ETIAS components.
This proposal therefore presents amendments to the ETIAS Regulation to specify that the ETIAS Central System would build upon the EES Central System’s hardware and software components in order to establish a shared identity repository for the storage of the identity alphanumeric data of both ETIAS applicants and third-country nationals registered in EES. This shared identity repository would be the basis for the implementation of the common identity repository once the co-legislators adopt the legislative proposals on the interoperability of information systems. Moreover, during a transitional period, before the European search portal is available, the automated processing of ETIAS applications would rely on a tool, which would be used as the basis for the development and implementation of the European search portal.
Due to the variable geometry in Member States' participation in EU policies in the area of freedom, security and justice, it is necessary to adopt two separate legal instruments which will nonetheless work seamlessly together to enable the comprehensive operation and use of the system.
Justis- og beredskapsdepartementet