Fifth Annual Activity Report (March 2000-December 2001)
Fifth Annual Activity Report (March 2000-December 2001)
Condividi
FIFTH ANNUAL REPORT ON THE ACTIVITIES
OF THE JOINT SUPERVISORY AUTHORITY
MARCH 2000 - DECEMBER 2001
CONTENTS:
PREFACE
SECTION 1: BACKGROUND
SECTION 2: A YEAR OF JSA ACTIVITIES
CHAPTER I: OPINIONS AND RECOMMENDATIONS
I.1. Security of the SIRENE Bureaux
I.2. Opinion on archiving documents after an alert has been deleted
I.3. Opinion on entering an alert in the Schengen Information System on persons whose identity has been usurped
I.4 Access to the SIS for vehicle registration authorities
I.5 Granting observer status to the United Kingdom
I.6 Putting the Schengen acquis into effect in the Nordic countries
I.7 Draft Council Resolution on the personal data protection rules in instruments under the third pillar of the European Union
1.8 Implementation of the Schengen Information System in the United KingdomCHAPTER II: INSPECTION WORK
II.1. C.SIS inspection
II.2. Technical and expert groups
II.3. Encryption of SIS links
II.4. List of authorities authorised to consult the SIS directlyCHAPTER III: INFORMATION CAMPAIGN 18
III.1. Campaign informing citizens of their rights vis-à-vis the SIS
III.2. JSA Internet page
III.3. Presentation of the fourth JSA Annual Report at the press conference in BrusselsCHAPTER IV: INTEGRATION INTO THE EUROPEAN UNION AND THE JSA ACQUIS
CHAPTER V: JSA OPERATIONS
V.1. Meetings
V.2. Election of Chairman and Vice-Chairman
V.3. JSA´s budget and the Secretariat´s assistance to the JSA
V.4. Rules of ProcedureSECTION 3: THE JSA´s RELATIONS WITH SCHENGEN AND NON-SCHENGEN BODIES AND WITH THE COUNCIL
I.1. Relations with the European Parliament´s Committee on Civil Liberties
I.2. Relations with the Article 36 Committee, the Permanent Representatives Committee and the Council
I.3. Evaluation Committee - Nordic countries
I.4. Position of the United Kingdom and Ireland
SECTION 4: REACTIONS OF THE SCHENGEN AUTHORITIES TO THE JSA´s ANNUAL REPORT
SECTION 5: THE FUTURE OF THE JSA IN ITS NEW INSTITUTIONAL
FRAMEWORK
ANNEXES
1. List of members of the Joint Supervisory Authority
2. Overview of JSA opinions and reactions of the decision-making and technical bodies
3. List of decisions, recommendations, opinions and reports of the Schengen´s Joint Supervisory Authority with a view to the integration of the Schengen acquis, in accordance with the protocol integrating the Schengen acquis into the framework of the European Union, annexed to the AmsterdamTreaty
4. Data entered in the SIS
PREFACE
True to its tradition of transparency and democratic openness, the Schengen Joint Supervisory Authority (JSA) has sought to present, for the fifth time, a report on its activities. Between March 2000 and December 2001 the upholding of the interests of individuals in the protection of their privacy was once again at the centre of the JSA´s activities, thus confirming the special nature of its place in the Schengen edifice.
Both in terms of the Schengen Information System (SIS)- security measures and the defence of the interests of individuals as mentioned above, or indeed the fulfilment of public information requirements, as well as the verification of compliance with the preconditions for putting the Schengen acquis into effect in the new countries, the JSA has made several proposals and suggestions on the basis of reports, recommendations or opinions.
In the past period, the discussions on the development of a new SIS show that there is a strong wish to extend the content and the use of the SIS.
In order to be able to contribute constructively in these developments, it is imperative that those involved with the developments of the SIS recognise the importance of involving the JSA at an early stage. This is an essential condition for the development of a new SIS with a well-positioned balance between the contents and use of the SIS and data protection.
The JSA notices with satisfaction that an attitude of involving the JSA is developing in a positive way.
During the past year the JSA has raised its profile considerably through its contacts with the European Parliament´s Committee on Civil Liberties. Another opportunity to emphasise the importance of its role was afforded by the numerous press contacts generated by the entry of the Nordic countries as full members of the JSA on 25 March 2001.
The Council´s decision to establish a joint secretariat for all supervisory authorities in the European police sector (Schengen, Europol, the Customs Information System, etc.) is clearly a step in the right direction and can only be welcomed by the JSA. It will enable the supervisory authorities concerned, including the JSA, to receive greater backup from the Secretariat, which the JSA has been calling for since 1995. Although the decision is not coupled with separate budget resources, the JSA is confident that it will derive greater autonomy from it, to the benefit of the protection of the citizen´s rights to privacy.
Brussels, January 2002
Giovanni Buttarelli
Chairman
SECTION 1: BACKGROUND
Fifteen years have gone by since the Schengen Agreement was signed in the village on the Moselle in Luxembourg after which the agreement was named.
As a forerunner to the area of freedom, security and justice that was to be established later by the Treaty of Amsterdam, the Schengen Agreement has been a real success, judging by the growing number of countries that have adhered to it and to the Schengen Convention signed in 1990. The five signatory States to the Agreement in 1985 were joined by ten more, the last on 25 March 2001.
It will be recalled that the Schengen Agreement and the Schengen Convention set out to abolish checks at the Schengen States´ internal borders, thus creating a vast area of free movement of persons. In order to attain this objective, while maintaining at least the same level of security that existed previously in this area, the Schengen Convention lays down countervailing measures. These measures include: harmonising policy on the issue of visas; establishing common policy on determining the State responsible for processing an asylum application; improving police and judicial cooperation; stepping up the fight against drug trafficking; harmonising the level of control at Schengen´s external borders; and setting up a Schengen Information System (SIS).
The SIS is a joint system that links up all the States applying the Schengen Convention and gives end-users (services with police duties; embassies and consulates; immigration offices, etc.) real-time access to the information they need to perform their duties, which has been entered in the system by one of the States applying the Convention.
This information relates both to persons (wanted for arrest for the purpose of extradition; on whom there is an alert for the purpose of refusing admission; who are missing; wanted for the purpose of discreet surveillance, etc.) and to objects (vehicles, arms, documents, bank notes, which have been stolen, misappropriated or lost).
At the same time that the SIS was created, a Joint Supervisory Authority was set up to protect personal data and, in particular, to ensure that the provisions in the Schengen Convention relating to the technical-support function of the SIS (Article 115) were complied with. The JSA is made up of two representatives from each Contracting Party´s national supervisory authority and has been assigned an advisory role and the task of harmonising national practice and interpretation.
In June 1992 a Provisional Joint Supervisory Authority was set up on the basis of a ministerial decision and this authority laid the groundwork for applying data-protection principles.
On 26 March 1995, when the Schengen Convention was brought into force in the seven member countries that met the preconditions, the Provisional Joint Supervisory Authority became a permanent supervisory authority, namely the Joint Supervisory Authority (JSA) of Schengen as provided for in Article 115 of the Schengen Convention.
Ever since the Convention was implemented on 26 March 1995, the JSA has had an uphill struggle in getting its competence and independence recognised by the decision-making bodies of Schengen. Its first annual report bore witness to this, in particular by stressing the hurdles encountered in obtaining its own budget, or the problems encountered by the experts entrusted with inspecting the central part of the SIS (C.SIS) located in Strasbourg. More than a year after this inspection of the C.SIS took place, the JSA had still not received a response from the decision-making bodies of Schengen to the recommendations made in the light of the inspection, only a response from France´s Ministry of the Interior. The JSA did not begin to receive the information relating to the SIS that it required to perform its tasks until February 1998, as the authorities in charge of the SIS were studying each request for information separately.
Although there has been some progress, much remains to be done. While the JSA´s inspection visits to the central system in Strasbourg in 1996 and 1999 revealed that the system as a whole was functioning well, they also brought other problems to the fore, some of which raise serious problems of integrity. Another weakness in the system is indicated by the difficulties encountered by the legitimate holders of usurped identities entered in the SIS.
These problems noted by the JSA take on particular significance given that the number of Schengen States applying the Convention rose from 7 to 10 at the end of 1997 and to 15 on 25 March 2001. The amount of data entered in the SIS is increasing as a result (see Annex 4).
Police intelligence systems are evolving, including Schengen´s. Moreover, access to the SIS has been extended to new services, and discussions are under way on extending it to non-governmental services and adding new data categories to the existing data. The role of the independent supervisory authorities concerned must be enhanced in pace with these changes. The integration of Schengen into the European Union as ensuing from the Treaty of Amsterdam must afford greater transparency and guarantees with regard to the fundamental rights of citizens. National parliaments and the European authorities are now in a position to play a more active part in attaining these objectives.
SECTION 2: A YEAR OF JSA ACTIVITIES
CHAPTER I: OPINIONS AND RECOMMENDAfsTIONS
I.1. Security of the SIRENE Bureaux
The security of SIRENE Bureaux is the direct responsibility of the national data-protection supervisory authorities. The task of harmonisation assigned to the JSA by the Convention has led the JSA to become involved in this matter, especially after documents and information were leaked from one of the SIRENE Bureaux in 1997.
On the basis of inspection reports on the SIRENE Bureaux drawn up by the national authorities, the JSA issued 10 recommendations for improving the security of SIRENE Bureaux and sent them to the relevant Schengen bodies. In their response 1, the national authorities said that "the Member States feel that a large number of the JSA´s recommendations are already put into practice in the SIRENE Bureaux" and that they would not be implementing recommendations which they regarded as "rather cumbersome from a technical and organisation point of view in proportion to the objective they are designed to achieve".
The JSA noted this response and agreed to continue its efforts to ensure that the security of SIRENE Bureaux was improved and standardised. It drew up a standard questionnaire to enable national supervisory authorities to carry out their checks in a harmonised fashion. The questionnaire was approved by the JSA on 30 June 2000
2. It will be used as a basis for the national authorities´ inspections of SIRENE Bureaux, having already been used by the Europol Supervisory Body in 2000.
I.2. Opinion on archiving documents after an alert has been deleted
In 1997 one of its members asked the JSA how to interpret Article 102(1) of the Schengen Convention, on the archiving of documents after the alert has been deleted. It emerged that the Schengen States were in fact interpreting this provision differently, as some were keeping documents relating to alerts after they had been deleted and were using these documents to supplement their police records.
Article 102(1) forbids the Contracting Parties from using the data provided for in Articles 95 to 100 for purposes other than those set for each type of alert referred to in these Articles.
In its Opinion 98/1 of 3 February 1998 the JSA requested that all Contracting Parties should destroy any related dossiers immediately an alert was deleted, pursuant to Article 112 of the Schengen Convention, and that the SIRENE Manual should be revised to remove any provisions that were in breach of the Schengen Convention. It followed up this recommendation with a letter of 22 October 1999 emphasising the requirement to observe the original-purpose principle, whereby a dossier could not be used for any purposes other than those for which the alert was entered in the system. It said that these principles (observance of original purpose and holding of information exclusively for the purpose for which the alert was entered) were also set out in Article 5 of Council of Europe Convention No 108 of 28 January 1981, which is binding on all the States (Article 126(1) of the Schengen Convention).
At its meeting on 15 December 1999 the Article 36 Committee noted that, according to the Council Legal Service, "the JSA´s Opinion referred to the practice in certain States and not to the Council´s rules." The Article 36 Committee decided to consult the SIS Working Party to see whether the SIRENE Manual should be amended in the light of the JSA´s comments.
Although the JSA has not received any information since then, it has come to appreciate the Council´s difficulties in amending the Schengen acquis concerning the SIS, as in the case of the SIRENE Manual. When the legal basis of the Schengen acquis was being determined, no agreement was reached concerning the SIS, which thus has a dual legal basis (first and third pillars); this means that all development of the acquis in this area is on hold. The JSA therefore continues to hope that the Council will act on its Opinion, which is, moreover, observed by a majority of the Member States.
I.3. Opinion on entering an alert in the Schengen Information System on persons whose identity has been usurped
In the event of a usurped identity, some Schengen States enter the name of the legitimate holder of the usurped identity in the SIS, whereas it is the usurper who is actually wanted.
In other words, the system contains an alert on an identity that corresponds neither de facto nor de jure to the identity of the person actually sought but to the identity of the victim. However, the legitimate holder of the identity is not informed that data on his/her identity are contained in the SIS.
Some States would like personal data on a person whose identity has been usurped to be deleted immediately, whereas other States would like alerts on usurped identities to be kept even if the legitimate holder of the usurped identity entered in the SIS asks for the data to be deleted. The argument put forward by those in favour of keeping the alert is that the usurper must be found.
In its Opinion 98/1 of February 1998 the JSA reiterated the fundamental rights and principles of the Schengen Convention regarding data protection. It drew particular attention to the principle of proportionality, implying that a balance should be struck between respecting the rights of the person whose identity has been usurped and the need to detect the perpetrators.
The JSA suggested that until such time as SIS II came into operation a uniform solution should be sought and, if possible, that an indication should be given that the alert was on a usurped identity.
The Article 36 Committee responded to this Opinion by informing the JSA of the solutions that would be adopted to deal with this problem (in the near future: interim measures for SIS I+ at the end of the year 2000; and a permanent longer-term solution for SIS II).
On the basis of this information, JSA issued another opinion in March 2000. It reiterated the principle of proportionality whereby not all instances of usurped identity justify entering an alert on the names of the victims, and emphasised that personal data on people whose identity had been usurped could be processed only subject to the free and explicit consent or at the behest of the person concerned. Furthermore, provision had to be made for other measures, such as the possibility of issuing the legitimate holder of the usurped identity with a supplementary document (which could be attached to the passport, for example) stating that the holder was not the wanted person.
The JSA notes with regret that the interim measures promised for the end of 2000 are not very satisfactory, judging from the complaints that continue to be received by the national supervisory authorities.
I.4. Access to the SIS for vehicle registration authorities
The Chairman of the Article 36 Committee has responded to the opinion issued by the JSA in 1998 concerning access to the SIS for vehicle registration authorities 1. In a letter sent to the JSA on 28 April 2000 2 he described the various approaches adopted or planned by the Member States to enable their vehicle registration authorities to consult the SIS to see if a vehicle for which registration had been requested was the subject of an alert in the SIS. The JSA noted that these approaches were in line with its opinion on the subject but regretted that they were not harmonised.
I.5. Granting observer status to the United Kingdom
On 30 June 2000 the JSA took a vote on granting observer status to the United Kingdom. On 29 May 2000 the Council had adopted a Decision concerning the request of the United Kingdom of Great Britain and Northern Ireland to take part in some of the provisions of the Schengen acquis 1. After noting the content of the Decision, the JSA noted that the United Kingdom could seek to take part in the proceedings of the JSA as an observer. The vote, held in accordance with Article 2(2) of the JSA´s rules of procedure, showed that there was unanimous agreement on the United Kingdom´s participation in the proceedings of the JSA as an observer.
The United Kingdom´s request to take part in some of the provisions of the Schengen acquis will be followed by verification as to whether that country fulfils the preconditions for the implementing the acquis; the JSA should be associated with such verification (see below, Section 3, I.4).
I.6. Putting the Schengen acquis into effect in the Nordic countries
Putting the Schengen acquis into effect in the territory of a Member State requires that Member State to fulfil the preconditions set by the Schengen Convention. One of the preconditions concerns the existence of legislation on the protection of personal data in accordance with the requirements of the Convention (Article 117(2)). The Convention does not specify the procedures for verifying this requirement, or indeed for the other preconditions.
However, when it was set up in its provisional form, the JSA - which, under the Convention, has exclusive powers in the area of data protection - carried out verification in this area in seven countries in 1995, and subsequently in Italy, Austria and Greece. It then informed the Central Group that this precondition had been fulfilled
2. Since then, Evaluation Committees have been set up to check that the requirements of the Schengen acquis are properly fulfilled in the Member States applying it, especially as regards external border controls. Data protection, in connection with the inspection of SIRENE Bureaux and N.SIS, was added in 1998. The Schengen Executive Committee at that time did not specify the extent to which the JSA was to be associated with these controls. At the JSA´s request, the Chairman of the Central Group at that time nevertheless confirmed that the Chairman of the JSA could attend the planned meeting between the Evaluation Committee and the Chairman of the German Data Protection Authority but without taking part in the other aspects of the evaluation (N.SIS and SIRENE Bureaux). The JSA declined the offer, pointing out that the Chairman of the German Authority was a member of the JSA and that the Chairman of the JSA did not need Central Group permission to attend the meeting.
The Central Group´s attitude resulted in the task of enforcing the Convention´s data-protection principles being assigned to departmental representatives involved in the operation or utilisation of the SIS in the Member States that applied the Schengen acquis or were preparing to do so. At the time the JSA denounced what it saw as a violation of the Convention, which gave the JSA primary powers in the enforcement of the principles of data protection.
The evaluation of the Nordic countries took place in accordance with the same rules, and the Article 36 Committee did not seek - any more than the Central Group did in 1998 - to make this exercise accessible to the JSA by having it participate directly.
The JSA did, however, receive permission from the Chairman of the Central Group to take cognisance of the report of the Schengen evaluation visit concerning data protection and data security in the Nordic countries 1. At its meeting on 30 June 2000 it received this report and noted the JHA Council´s conclusions of 29 May 2000. The Council took stock of the evaluations that had taken place to date in connection with the Nordic countries´ preparations for putting Schengen fully into effect. It welcomed the considerable progress that had been made and noted that the Nordic countries´ preparations were proceeding in an appropriate manner. It took the view that, if all the objectives described in the reports were achieved within the period specified and if no diverging assessments were made in the meantime, there would no longer be any need to return to the topics that had been the subject of visits or answers to the questionnaire. It stated that the operation of the SIS would be verified in the first quarter of 2001, and confirmed the political objective of reaching a decision by the end of 2000 on putting the Schengen acquis fully into effect in the Nordic countries as from 25 March 2001.
At the same meeting the JSA looked at the replies that several of the Nordic countries had sent to the JSA Chairman´s letter of 4 May 2000 2. The request mainly concerned the Nordic countries´ follow-up to the JSA´s Opinions (the JSA´s acquis) on the legislative adjustments that had been made in order to meet the Schengen requirements and on the way in which the supervisory authority´s independence was guaranteed.
At its meeting on 11 October 2000 the JSA noted that the preconditions for putting the Schengen acquis into effect in the sphere of personal data protection had been fulfilled by five Nordic countries. It communicated this positive Opinion 3 to the Article 36 Committee and to the Council. The Council noted the JSA´s Opinion on 15 March 2001, at the same time as it confirmed the putting into effect of the Schengen acquis in the Nordic countries on 25 March 2001.
I.7. Draft Council Resolution on the personal data protection rules in instruments under the third pillar of the European Union
The JSA had asked for a progress report from the Working Party on Information Systems and Data Protection, which was examining a draft Council Resolution on the personal data protection rules in instruments under the third pillar of the European Union. On the basis of an oral report presented at its meeting on 2 February 2001, the JSA noted with satisfaction that the draft Resolution should be adopted by the Council in the near future. However, the JSA regretted that this instrument would serve merely as a guideline, inappropriate for harmonising data protection rules under the third pillar. The JSA Chairman expressed concern to the Chairman of the Article 36 Committee and the Chairman of the Working Party on Information Systems and Data Protection: their replies are awaited.
1.8 Implementation of the Schengen Information System in the United Kingdom
The JSA Schengen has reviewed a proposal of the UK concerning the technical implementation of the UK-participation with the SIS.
The UK solution involves sending all the SIS data to the UK. In view of the fact that the UK does not apply Article 96 of the Schengen Agreement, these data are filtered before the users have access to the data.
Basic principle in data protection is the principle of necessity. Application of this principle will lead
to the opinion that, given the fact that the original intentions of the Schengen Agreement as
stated in Article 92 do not exist in relation to some Contracting Parties, a Contracting Party may only process data as far as they are required to for the purposes laid down in Articles 95-100 and as far as that Contracting Party applies these articles.
The proposed UK solution leads to processing Article 96 data by the UK in breach of Article 94 of the Schengen Agreement.
In its opinion the JSA furthermore stressed that the principal that an individual can exercise his rights in every Schengen country must be uphold. A procedure must be developed that requests of access and verification relating to Article 96 data can be exercised via the Information Protection Commissioner in the UK.
CHAPTER II: INSPECTION WORK
II.1. C.SIS inspection
In 1999 a technical group comprising experts from the national supervisory authorities carried out an inspection of the C.SIS. The confidential inspection report was approved in February 2000 and was sent, with a summary, to the Article 36 Committee. It was examined by the Council´s SIS Working Party, whose response was forwarded to the JSA by the Article 36 Committee.
The JSA is encouraged by the follow-up given to its latest C.SIS inspection report, and especially its recommendations. It welcomes the fact that 10 of its recommendations have already been incorporated in C.SIS+1. However, it regrets that five of its recommendations cannot be implemented at present, although it notes that there should be positive developments in this situation, probably by the time SIS II comes into operation.
The JSA is aware of the problems posed by the implementation of some of its recommendations. However, the Convention gave it the task of verifying compliance with C.SIS security measures, and so it has a duty to make appropriate recommendations to ensure that the C.SIS maintains the highest possible standards of security. The four JSA recommendations that will not be implemented concern physical security, the blocking of terminals outside certain periods, the absence of barriers between interior ministry staff and the C.SIS, and the management of encryption and other communications units. The JSA has urged that the technical groups should continue to pay close attention to the consequences of their being sidelined, and should examine the security risks inherent in any continuation of the situations noted by the JSA.
II.2. Technical and expert groups
To be able to establish whether proper account was taken of the security aspects in connection with SIS II, the JSA asked to see the specifications of the future SIS II network. It also asked to be informed of any legal problems raised by the lack of a single legal basis for the SIS.
Regarding the lack of a legal basis, the JSA was informed at its meeting on 13 December 2000 that the Council had not succeeded in dividing up the provisions of the Schengen acquis when it adopted its Decision of 20 May 1999 determining, in conformity with the relevant provisions of the Treaty establishing the European Community and the Treaty on European Union, the legal basis for each of the provisions or decisions which constitute the Schengen acquis. During the discussions there had been fundamental disagreements between delegations, including the Commission, over the legal basis to be adopted for amending these provisions of the Schengen acquis. None of the delegations has since indicated any change in its position.
Since then, there have been a number of proposals for giving SIS II more functions than the current SIS. Several of them would involve amending the existing provisions of the Schengen acquis as integrated into the framework of the European Union, and there are still differences of opinion concerning them. These differences need to be resolved promptly and irreproachably if Member States want their proposals to succeed.
At its meeting on 2 February 2001, the JSA was given - again at its own request - an outline of the new functions envisaged for SIS II. It noted that the personal data protection issues which would be raised by some of the new functions would be discussed by the SIS Working Party at a later date. The JSA needs to be informed of these discussions in order to be able to ascertain that the Working Party´s conclusions are in line with the JSA´s Opinion and do not undermine the protection of data.
The operational requirements of the new network have not yet been determined.
II.3. Encryption of SIS links
In February 2000 the JSA asked for information on the encryption algorithm used for SIS links, which had been developed by the German federal office for information technology security 1 and Bosch Telekom. It received this information in July 2000 2, and in December that year 3 it asked for a study to be carried out so that a proper assessment could be made of the economic consequences and the organisational repercussions of the implementation (in the SISNET framework, to start with) of the necessary measures for periodically modifying the encryption keys. These have not been modified since the SIS came into operation, and the JSA believes that keeping them indefinitely could pose a serious risk to the security to data exchanged via the SIS. The most basic security standards would suggest that the strength of an encoded system depends directly on the time limit set for changing its keys. The JSA has also asked for information on the progress of the SISNET project and for documentation on the technical requirements of this new system whereby the keys will be renewed in future.
The JSA welcomes the fact that, on 23 March 2001, the Article 36 Committee approved a draft reply submitted by the SIS Working Party proposing that the JSA´s Opinion should be followed and the encryption keys modified periodically.
II.4. List of authorities authorised to consult the SIS directly
At its request, the JSA has obtained the updated list of authorities allowed to consult the SIS (5002/00 SIS 2 COMIX 2) which was submitted to the JHA Council on 27 March 2000.
The JSA has asked the Chairmen of the national supervisory authorities to investigate whether the conditions for access to the SIS are being observed, on the basis of Article 114 of the Convention. It has also reminded the Article 36 Committee of the role of the national authorities in updating the updated list of authorities allowed to consult the SIS.
CHAPTER III: INFORMATION CAMPAIGN
III.1. Campaign informing citizens of their rights vis-à-vis the SIS
In 1997 the JSA decided to launch a Schengen-wide public information campaign entitled "The Schengen Information System concerns you". The JSA had found that the general public rarely exercised its rights, in particular its right to access and verify data. One of the reasons for this shortcoming was the fact that the general public was not sufficiently informed. The JSA therefore decided to inform citizens of their rights vis-à-vis the SIS by distributing leaflets.
At the JSA´s request, the Schengen bodies supported the JSA´s information campaign by making the necessary arrangements for the leaflets to be printed and distributed at the external borders of Schengen.
The JSA has appraised the impact of this campaign on several occasions. Four years after the campaign was launched, JSA leaflets have now been distributed in seven of the States applying the Schengen acquis. The number of applications lodged by citizens for access to data on them when they are refused entry into Schengen territory has increased considerably since the campaign started, thus demonstrating its effectiveness. The Schengen States have received numerous requests for access to the data contained in alerts relating to citizens.
However, the JSA deplores the fact that the French and Luxembourg authorities have still not provided the necessary means for launching this public information campaign. The Nordic countries have said that they attach the greatest importance to the campaign and are examining their prospects to execute it. In some of the Nordic countries certain information activities have already been carried out together with the competent authorities.
In order to improve the processing of requests that required the co-operation procedure as defined by the JSA on the basis of Article 114(2) of the Schengen Convention, the group of experts who originally designed the leaflet drew up - on the basis of Member States´ replies - a draft handbook on citizens´ right of access to information contained in the SIS and co-operation between supervisory authorities. This should be finalised in the near future and will be of interest not only to national supervisory authorities but also to legal practitioners, who will find in it all relevant information on the procedures that an individual must follow to exercise his right of access to the data concerning himself which are contained in the SIS and his right to have the data corrected where necessary.
III.2. JSA Internet page
Out of the same concern to inform citizens of their rights, in 1998 the JSA decided to create an Internet page where the general public would be able to find information on the activities of the JSA and on their rights. Since the Schengen acquis has now been integrated into the framework of the European Union, the JSA page will be hosted on the Council website, once the project has undergone the necessary technical adjustments. The JSA page is being temporarily hosted and is accessible on the website of the Portuguese supervisory authority (http://www.cnpd.pt/schengen).
III.3. Presentation of the JSA Annual Report at the press conference in Brussels
The JSA presented its fourth annual report (March 1999 to February 2000) 1 at the press conference held in Brussels on 11 October 2000. The international press, especially from the candidate States for accession to the European Union, was particularly interested in the role and powers of the JSA in the Schengen system, the functioning of the SIS, the type of data contained in the SIS and the means available for citizens to access it, and also the future of the JSA.
The work of the JSA was the subject of interviews on Danish and Swedish television and in newspapers and specialist journals in Denmark, Norway and Sweden.
Copies of the report were disseminated by the national supervisory authorities through the same channels as those used for their own national reports, as well as via the Internet in some instances. The Chairman of the JSA also forwarded copies to the President of the European Parliament and to the European Parliament´s Committee on Civil Liberties. Some countries held press conferences to present the report and to heighten public awareness.
CHAPTER IV: INTEGRATION INTO THE EUROPEAN UNION AND THE JSA ACQUIS
According to the Protocol integrating the Schengen acquis into the European Union, annexed to the Treaty of Amsterdam, the Community acquis includes all decisions and declarations adopted by the Executive Committee and all acts adopted for the purpose of implementing the Schengen Convention by bodies which have been given decision-making powers by the Executive Committee. A number of these decisions relate to the JSA, in particular the recognition of its independent status, budget autonomy, annual budgets and the JSA´s access to Schengen documents and information, etc.
At the request of the Central Group of Schengen, the JSA drafted a list containing its acquis with a view to the integration of the Schengen acquis into the European Union (Annex 7). This list included the Opinions delivered by the JSA and the Decisions adopted by the executive bodies of Schengen relating to the functioning of the JSA and confirming its independence. The list was sent to the Council of the EU and to the Chairman of the Central Group on 18 May 1998; an additional note containing a reminder of the JSA´s institutional and operational acquis was sent in December 1998.
The Central Group did not discuss this matter at its meeting on 19 February 1999, or at any later date, despite a reminder sent by the JSA to the Central Group´s Chairman.
None of the JSA Opinions or decisions relating to the JSA was included in the Schengen acquis integrated into the European Union. On 20 May 1999, the Council of Ministers adopted a "Council Decision concerning the Joint Supervisory Authority set up under Article 115 of the Convention applying the Schengen Agreement of 14 June 1985, on the gradual abolition of checks at common borders, signed on 19 June 1990" 1. With this Decision the Council undertakes to act as Secretariat for the JSA and to provide the necessary facilities for meetings to be held in Brussels, and also undertakes to reimburse travelling expenses for its members attending JSA meetings in Brussels, or for its experts conducting inspections in Strasbourg. The Decision also states that the JSA will have to adapt its rules of procedure to the new situation.
The JSA continues to condemn this restrictive interpretation of the Protocol annexed to the Treaty of Amsterdam on the integration of the Schengen acquis into the European Union, whereby the JSA acquis is given the legal basis of the JSA itself.
The JSA therefore notes that its Opinions and recommendations constitute a whole whose legal basis is that of the JSA itself and which must be taken into consideration by the States currently applying the Schengen acquis as well as by any new State that might join them.
In its Opinion 2000/1 the JSA indicated that it would instruct the national supervisory authorities to verify that this acquis was complied with.
CHAPTER V: JSA OPERATIONS
V.1. Meetings
Since March 2000 the JSA has held eight plenary meetings, plus a meeting of the select working party on right of access and a meeting of experts on the inspection of the C.SIS and the SIRENE Bureaux.
V.2. Election of Chairman and Vice-Chairman
In December 2000 Mr B. De Schutter (Belgian delegation) and Mr G. Buttarelli (Italian delegation) were confirmed in their respective posts of Chairman and Vice-Chairman.
In December 2001 Mr.G. Buttarelli was elected as Chairman
V.3. JSA´s budget and the Secretariat´s assistance to the JSA
The JSA has still not recovered its autonomous budgetary heading. The budgets relating to the functioning of the SIS were, however, incorporated into the acquis, and the autonomous budgetary heading for the JSA complied with the definition of the Schengen acquis within the meaning of the Protocol annexed to the Treaty of Amsterdam.
The JSA deplores the fact that the Council´s Decision did not take into account the tasks assigned to the JSA by the Convention. Admittedly, the Decision does make it possible for JSA members´ travel expenses for plenary meetings in Brussels to be covered by the Council, but not subsistence expenses during C.SIS inspections, or the expenses incurred, for example, during a campaign informing citizens of their rights vis-à-vis the SIS. The JSA´s effectiveness depends to a large extent on the goodwill of the Council, and in particular the Presidency-in-Office, which, in turn, is faced with a hard choice between its own priorities - among which the JSA does not necessarily occupy first place - and the Council´s limited resources, especially in terms of the availability of meeting rooms and teams of interpreters.
Regarding the Secretariat´s assistance, the JSA shares since 1 September 2001 a joint secretariat with the Europol authority and the customs authority. By a Decision of 17 October 2000, the Council approved the establishment of a joint secretariat for the joint supervisory bodies existing under the third pillar of the Treaty on European Union 1. The staff of the secretariat (two persons from September 2001, to be joined by a third person a few months later) will divide their work between the three authorities - a considerable improvement on the present situation.
This Council Decision marks a first step towards a rapprochement between the joint supervisory authorities themselves. It will not be possible to proceed further without a far-reaching discussion on the role of the supervisory authorities established at European level and on the resources they are to be given to enable them to perform their essential role of guardian of citizens´ rights vis-à-vis a data-processing system at the European police level.
V.4. Rules of Procedure
The JSA´s Rules of Procedure are attached. They have not been amended as requested by the Council in its Decision of 20 May 1999, and they continue to be applied by the JSA insofar as this is compatible with situation created by the Council Decision. Any incompatibility between its Rules of Procedure and the Council Decision concerns only practical and organisational aspects, which are, moreover, questioned by the JSA.
SECTION 3: THE JSA´s RELATIONS WITH SCHENGEN AND NON-SCHENGEN BODIES AND WITH THE COUNCIL
I.1. Relations with the European Parliament´s Committee on Civil Liberties
In 1997 the JSA suggested to the Chair of the European Parliament´s Committee on Civil Liberties that the JSA should present its annual report to the Parliament. Copies of the annual report have been sent to the Committee every year since then. The Parliament invited the Chairman of the JSA to a hearing on "The European Union and data protection" on 22 and 23 February 2000. This gave him an opportunity to explain the role of the JSA and its main achievements. Particular attention was paid to the question of usurped identities. The JSA welcomes this initiative by the European Parliament, seeing it as a reflection of its own concern for transparency and the provision of information.
On 27 June 2000, together with a representative of the Portuguese Presidency, the Portuguese Chairman of the Working Party on Information Systems and Data Protection and his French successor, the Chairman of the JSA took part in a meeting with the MEP Mr Hernández Mollar, rapporteur of the Committee on Civil Liberties, to discuss the draft Decision on the joint secretariat for the supervisory authorities. The European Parliament was concerned about the question of the supervisory authorities´ independence, especially in budgetary matters. It was considering making a proposal to the effect that, like the Ombudsman, the supervisory authorities should be given their own budget heading.
The Chairman of the JSA was also invited to the sitting of the European Parliament´s Committee on Civil Liberties when it examined the draft Decision on 12 July 2000.
I.2. Relations with the Article 36 Committee, the Permanent Representatives Committee and the Council
Before Schengen was integrated into the European Union, the Central Group had agreed to involve the JSA in the preliminary study for the SIRENE Phase II network and SIS I+. This was to enable the JSA to ensure that the technical specifications necessary for the JSA to carry out its checks pursuant to the Convention were duly taken into account for the future. Since then, the technical groups´ proceedings have taken place without the involvement of the JSA: it has not been sent any information concerning the integration of the five Nordic countries into the SIS, and it has received information on the technical developments in preparation (SIS I+ and SIS II) only after repeated requests.
Since the integration of Schengen into the European Union, the Chairmen of the JSA have sought to establish informal contact with the Presidency-in-Office of the Council. The first meeting took place during the Finnish Presidency and focused on a plan for a joint secretariat for the joint supervisory authorities under the third pillar. The second meeting took place under the Portuguese Presidency and focused on evaluating personal-data protection in the Nordic States. No meeting took place during the French Presidency. The Swedish Presidency showed an encouraging openness, the Chairman of the Article 36 Committee having assured the Chairman of the JSA in February 2001 of his support for the JSA in its activities.
I.3. Evaluation Committee - Nordic countries
Further evaluation visits were made to the Nordic countries in January and February 2001. These concerned verification of the preconditions for putting the Schengen acquis into effect in the sphere of external border controls, and the operation of the SIS.
Although this exercise is of direct concern to the JSA, it has not been involved in any way. Nor has it even been informed officially of the findings.
I.4. Position of the United Kingdom and Ireland
These are the only two European Union countries not applying the Schengen acquis at the present time.
Article 4 of the Schengen Protocol allows the United Kingdom and Ireland, which have not signed up to the Schengen acquis, to ask to participate in all or some of the provisions of the acquis.
The United Kingdom invoked this provision in 1999 and, on that basis, will apply part of the Schengen acquis, in particular the SIS. The draft Decision provides for the data-protection arrangements under the Schengen Convention to apply to the United Kingdom in areas where that country applies the Schengen acquis. The current state of play is that only Article 96 of the Convention should be excluded from the scope of such application. The JSA gave the United Kingdom observer status on 30 June 2000 (see Section 2, I.5).
Ireland´s request to participate in some of the provisions of the Schengen acquis is under consideration.
The JSA hopes to be able to carry out its task by being involved in the verification of the preconditions for putting the Schengen acquis into effect in these two countries.
SECTION 4: REACTIONS OF THE SCHENGEN AUTHORITIES TO THE JSA´s ANNUAL REPORT
The JSA has not had any reaction from the Council´s subordinate bodies to its Fourth Annual Report.
SECTION 5: THE FUTURE OF THE JSA IN THE NEW INSTITUTIONAL FRAMEWORK
Information systems in Europe are evolving constantly. The Schengen Information System is applied in 15 countries, the Europol Convention has been brought into force and its supervisory body is functioning, and the customs information system and the Eurodac system will also be operational soon.
Against this background of increasing development, the processing of personal data in the sphere of police cooperation, the role of the JSA and the role of the Europol Joint Supervisory Body and the body created by the Convention on the Use of Information Technology for Customs Purposes are all essential to ensuring a balance between the proper functioning of the machinery of law enforcement on the one hand and the optimum protection of human rights on the other. While the creation of a single secretariat is an important first step towards consolidating the system of supervision, serious consideration should be given to the possibility of harmonising or even merging the supervisory bodies. The European Parliament´s new interest in this area and a greater awareness among ordinary citizens of the importance of guaranteeing that such bodies function properly are encouraging signs of a growing interest in the JSA´s activities in a European Union that is an area of freedom, security and justice.
1. LIST OF MEMBERS OF THE JOINT SUPERVISORY AUTHORITY
Updated: 31 December 2001
Chairman: Mr Bart DE SCHUTTER
Vice-Chairman: Mr Giovanni BUTTARELLI
AUSTRIA
MEMBERS
Ms Waltraut KOTSCHY
Ms Eva SOUHRADA-KIRCHMAYER
ALTERNATE
Ms Birgit HROVAT-WESNER
BELGIUM
MEMBERS
Mr Bart DE SCHUTTER
Ms Bénédicte HAVELANGE
DENMARK
MEMBERS
Ms Lotte N. JØRGENSEN
Mr Peter AHLESON
FINLAND
MEMBERS
Ms Maija KLEEMOLA
Mr Reijo AARNIO
ALTERNATE
Mr. Heiki HUHTINIEMI
FRANCE
MEMBERS
Mr Alex TÜRK
Ms Florence FOURETS
ALTERNATE
Mr Olivier COUTOR
GERMANY
MEMBERS
Mr Joachim JACOB
represented by Mr Wolfgang von POMMER-ESCHE
Mr Friedrich von ZEZSCHWITZ
represented by Ms Angelika SCHRIEVER-STEINBERG
GREECE
MEMBERS
Mr Constantinos DAFERMOS
ALTERNATES
Mr Georgios DELYANNIS
Mr Dimitrios GRITZALIS
ICELAND
MEMBERS
Ms Sigrun JÖHANNESDOTTIR
Ms Margret STEINARSDOTTIR
ITALY
MEMBERS
Mr Sebastiano NERI
Mr Giovanni BUTTARELLI
LUXEMBOURG
MEMBERS
Mr René FABER
ALTERNATES
Mr Jean WAGNER
Mr Georges WIVENES
NETHERLANDS
MEMBERS
Mr Peter HUSTINX
Mr Ulco van de POL
NORWAY
MEMBERS
Mr Georg APENES
Ms Guro SLETTEMARK
PORTUGAL
MEMBERS
Mr Luis BARROSO
Ms Isabel CRUZ
SPAIN
MEMBERS
Mr Juan Manuel FERNANDEZ LOPEZ
Mr Miguel Angel LOPEZ HERRERO
ALTERNATES
Mr Emilio ACED FELEZ
Ms María Concepción ROMERO CIQUE
SWEDEN
MEMBERS
Mr Leif LINDGREN
Ms Britt-Marie WESTER
ALTERNATES
Ms. Birgitta ABJORNSSON
Ms Anna-Karin WALDTON
