Council Regulation (EC) No 1104/2008 of 24 October 2008 on migration from the Schengen Information System (SIS 1+) to the second generation Schengen Information System (SIS II)

1.

Text

8.11.2008   

EN

Official Journal of the European Union

L 299/1

 

COUNCIL REGULATION (EC) No 1104/2008

of 24 October 2008

on migration from the Schengen Information System (SIS 1+) to the second generation Schengen Information System (SIS II)

THE COUNCIL OF THE EUROPEAN UNION,

Having regard to the Treaty establishing the European Community, and in particular Article 66 thereof,

Having regard to the proposal from the Commission,

Having regard to the opinion of the European Parliament (1),

Whereas:

 

(1)

The Schengen Information System (SIS) set up pursuant to the provisions of Title IV of the Convention of 19 June 1990 implementing the Schengen Agreement of 14 June 1985 between the Governments of the States of the Benelux Economic Union, the Federal Republic of Germany and the French Republic on the gradual abolition of checks at their common borders (2) (the Schengen Convention), and the further development, thereof, SIS 1+, constitute essential tools for the application of the provisions of the Schengen acquis as integrated into the framework of the European Union.

 

(2)

The development of the second generation Schengen Information System (SIS II) was entrusted to the Commission pursuant to Council Regulation (EC) No 2424/2001 (3) and Decision 2001/886/JHA (4). Those instruments expire on 31 December 2008. This Regulation should therefore supplement them until a date to be fixed by the Council acting in accordance with Regulation (EC) No 1987/2006 of the European Parliament and of the Council of 20 December 2006 on the establishment, operation and use of the second generation Schengen Information System (SIS II) (5).

 

(3)

SIS II was established by Regulation (EC) No 1987/2006 and by Council Decision 2007/533/JHA of 12 June 2007 on the establishment, operation and use of the second generation Schengen Information System (SIS II) (6). This Regulation should be without prejudice to the provisions of those acts.

 

(4)

Certain tests of SIS II are provided for in Council Regulation (EC) No 189/2008 (7) and in Decision 2008/173/EC (8).

 

(5)

The development of SIS II should be continued and should be finalised in the framework of the SIS II global schedule endorsed by the Council on 6 June 2008.

 

(6)

A comprehensive test of SIS II should be conducted in full cooperation between the Member States and the Commission, in accordance with the provisions of this Regulation. As soon as possible after its completion, the test should be validated as provided for by Regulation (EC) No 1987/2006 and Decision 2007/533/JHA.

 

(7)

Member States should perform a test on the exchange of supplementary information.

 

(8)

As regards SIS 1+, the Schengen Convention provides for a technical support function (C.SIS). As regards SIS II, Regulation (EC) No 1987/2006 and Decision 2007/533/JHA provide for a Central SIS II composed of a technical support function and a uniform national interface (NI-SIS). The technical support function of Central SIS II should be located in Strasbourg (France) and a backup in St Johann im Pongau (Austria).

 

(9)

In order to better manage the potential difficulties brought about by the migration from SIS 1+ to SIS II, an interim migration architecture for the Schengen Information System should be established and tested. The interim migration architecture should have no impact on the operational availability of SIS 1+. A converter should be provided by the Commission.

 

(10)

The Member State issuing an alert should be responsible for ensuring that the data entered into the Schengen Information System is accurate, up to date and lawful.

 

(11)

The Commission should remain responsible for Central SIS II and its communication infrastructure. This responsibility includes the maintenance and continuation of the development of SIS II and its communication infrastructure, including at all times the correction of errors. The Commission should provide coordination and support for the joint activities. The Commission should provide, in particular, the necessary technical and operational support to the Member States at Central SIS II level including the availability of a helpdesk.

 

(12)

The Member States are and should remain responsible for the development and maintenance of their national systems (N.SIS II).

 

(13)

France should remain responsible for the technical support function of SIS 1+, as expressly provided for in the Schengen Convention.

 

(14)

Representatives of the Member States participating in SIS 1+ should coordinate their actions within the framework of the Council. It is necessary to set out a framework for that organisational action.

 

(15)

The Commission should be empowered to contract out to third parties, including national public bodies, tasks conferred upon it by this Regulation and tasks relating to the implementation of the budget, in accordance with Council Regulation (EC, Euratom) No 1605/2002 of 25 June 2002 on the Financial Regulation applicable to the general budget of the European Communities (9).

Any such contract should respect the rules of data protection and data security and take into account the role of the relevant data protection authorities applicable to the SIS, in particular the provisions of the Schengen Convention and of this Regulation.

 

(16)

Regulation (EC) No 45/2001 of the European Parliament and of the Council of 18 December 2000 on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data (10) applies to the processing of personal data by the Commission.

 

(17)

The European Data Protection Supervisor, appointed pursuant to Decision 2004/55/EC of the European Parliament and of the Council of 22 December 2003 appointing the independent supervisory body provided for in Article 286 of the EC Treaty (11), is competent to monitor the activities of the Community institutions and bodies in relation to the processing of personal data. The Schengen Convention contains specific provisions on the protection and security of personal data.

 

(18)

Since the objectives of setting up the interim migration architecture and the migration of data from SIS 1+ to SIS II, cannot be sufficiently achieved by the Member States and can, therefore, by reason of the scale and effects of the action, be better achieved at Community level, the Community may adopt measures in accordance with the principle of subsidiarity, as set out in Article 5 of the Treaty establishing the European Community. In accordance with the principle of proportionality, as set out in that Article, this Regulation does not go beyond what is necessary to achieve those objectives.

 

(19)

This Regulation respects the fundamental rights and observes the principles recognised in particular by the Charter of Fundamental Rights of the European Union.

 

(20)

The Schengen Convention should be amended to allow the integration of SIS 1+ into the interim migration architecture.

 

(21)

In accordance with Articles 1 and 2 of the Protocol on the position of Denmark annexed to the Treaty on European Union and the Treaty, Denmark does not take part in the adoption of this Regulation and is therefore not bound by it or subject to its application. Given that this Regulation builds upon the Schengen acquis under the provisions of Title IV of Part Three of the Treaty establishing the European Community, Denmark should, in accordance with Article 5 of the said Protocol, decide within a period of six months after the adoption of this Regulation whether it will implement it in its national law.

 

(22)

This Regulation constitutes a development of provisions of the Schengen acquis in which the United Kingdom does not take part, in accordance with Council Decision 2000/365/EC of 29 May 2000 concerning the request of the United Kingdom of Great Britain and Northern Ireland to take part in some of the provisions of the Schengen acquis  (12); the United Kingdom is therefore not taking part in its adoption and is not bound by it or subject to its application.

 

(23)

This Regulation constitutes a development of provisions of the Schengen acquis in which Ireland does not take part, in accordance with Council Decision 2002/192/EC of 28 February 2002 concerning Ireland’s request to take part in some of the provisions of the Schengen acquis  (13); Ireland is therefore not taking part in its adoption and is not bound by it or subject to its application.

 

(24)

This Regulation is without prejudice to the arrangements for the United Kingdom’s and Ireland’s partial participation in the Schengen acquis as determined by Council Decisions 2000/365/EC and 2002/192/EC respectively.

 

(25)

As regards Iceland and Norway, this Regulation constitutes a development of provisions of the Schengen acquis within the meaning of the Agreement concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the association of those two States with the implementation, application and development of the Schengen acquis  (14), which fall within the area referred to in Article 1, point G of Council Decision 1999/437/EC (15) on certain arrangements for the application of that Agreement.

 

(26)

As regards Switzerland, this Regulation constitutes a development of provisions of the Schengen acquis within the meaning of the Agreement concluded between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen acquis  (16), which fall within the area referred to in Article 1, point G of Decision 1999/437/EC read in conjunction with Article 3 of Council Decision 2008/146/EC (17) on the conclusion, on behalf of the European Community, of the Agreement.

 

(27)

As regards Liechtenstein, this Regulation constitutes a development of the provisions of the Schengen acquis within the meaning of the Protocol between the European Union, the European Community, the Swiss Confederation and the Principality of Liechtenstein on the accession of the Principality of Liechtenstein to the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen acquis which fall within the area referred to in Article 1, point G of Council Decision 1999/437/EC of 17 May 1999 read in conjunction with Article 3 of Council Decision 2008/261/EC of 28 February 2008 on the signature, on behalf of the European Community, and on the provisional application of certain provisions of the Protocol between the European Union, the European Community, the Swiss Confederation and the Principality of Liechtenstein on the accession of the Principality of Liechtenstein to the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen acquis  (18),

HAS ADOPTED THIS REGULATION:

Article 1

General purpose

  • 1. 
    The Schengen Information System (SIS), set up pursuant to the provisions of Title IV of the 1990 Schengen Convention (SIS 1+), shall be replaced by a new system, the Schengen Information System II (SIS II), the establishment, operation and use of which is regulated by Regulation (EC) No 1987/2006.
  • 2. 
    In accordance with the procedures and the division of tasks set out in this Regulation, SIS II shall be developed by the Commission and the Member States as a single integrated system and shall be prepared for operations.

Article 2

Definitions

For the purposes of this Regulation, the following definitions shall apply:

 

(a)

‘Central SIS II’ means the technical support function of SIS II containing a database, the ‘SIS II database’, and a uniform national interface (NI-SIS);

 

(b)

‘C.SIS’ means the technical support function of SIS 1+, containing the reference database for SIS 1+ and the uniform national interface (N.COM);

 

(c)

‘N.SIS’ means the national system of SIS 1+, consisting of the national data systems which communicate with C.SIS;

 

(d)

‘N.SIS II’ means the national system of SIS II, consisting of the national data systems which communicate with Central SIS II;

 

(e)

‘converter’ means a technical tool to allow consistent and reliable communication between C.SIS and Central SIS II, ensuring the functionalities provided for in Article 10(3);

 

(f)

‘comprehensive test’ means the test referred to in Article 55(3)(c) of Regulation (EC) No 1987/2006;

 

(g)

‘test on supplementary information’ means functional tests between the Sirene Bureaux.

Article 3

Subject matter and scope

This Regulation defines the tasks and responsibilities of the Commission and the Member States participating in SIS 1+ with respect to the following tasks:

 

(a)

the maintenance and continuation of the development of SIS II;

 

(b)

a comprehensive test of SIS II;

 

(c)

a test on supplementary information;

 

(d)

the continuation of the development and testing of a converter;

 

(e)

the establishment and testing of a provisional migration architecture;

 

(f)

the migration from SIS 1+ to SIS II.

Article 4

Technical components of the migration architecture

In order to ensure the migration from SIS 1+ to SIS II, the following components are necessary:

 

(a)

the C.SIS and the connection to the converter;

 

(b)

the communication infrastructure for SIS 1+ allowing the C.SIS to communicate with the N.SIS;

 

(c)

the N.SIS;

 

(d)

Central SIS II, NI-SIS and the communication infrastructure for SIS II allowing the Central SIS II to communicate with N.SIS II and the converter;

 

(e)

the N.SIS II;

 

(f)

the converter.

Article 5

Main responsibilities in the development of SIS II

  • 1. 
    The Commission shall continue to develop the Central SIS II, the communication infrastructure and the converter.
  • 2. 
    France shall make available and operate C.SIS in accordance with the provisions of the Schengen Convention.
  • 3. 
    The Member States shall continue to develop N.SIS II.
  • 4. 
    The Member States participating in SIS 1+ shall maintain N.SIS in accordance with the provisions of the Schengen Convention.
  • 5. 
    The Member States participating in SIS 1+ shall make available and operate the communication infrastructure for SIS 1+.
  • 6. 
    The Commission shall coordinate the activities and provide the necessary support for the implementation of the tasks and responsibilities referred to in paragraphs 1 to 3.

Article 6

Continuing development

The measures necessary to continue the development of SIS II as referred to in Article 5(1), in particular measures necessary for the correction of errors, shall be adopted in accordance with the procedure defined in Article 17(2).

The measures necessary to continue the development of SIS II as referred to in Article 5(3), insofar as it concerns the uniform national interface ensuring the compatibility of N.SIS II with Central SIS II, shall be adopted in accordance with the procedure defined in Article 17(2).

Article 7

Main activities

  • 1. 
    The Commission together with Member States participating in SIS 1+ shall conduct a comprehensive test.
  • 2. 
    An interim SIS migration architecture shall be set up and a test of that architecture shall be performed by the Commission together with France and the other Member States participating in SIS 1+.
  • 3. 
    The Commission and the Member States participating in SIS 1+ shall perform the migration from SIS 1+ to SIS II.
  • 4. 
    The Member States participating in SIS 1+ shall perform a test on the exchange of supplementary information.
  • 5. 
    The Commission shall provide the necessary support at Central SIS II level for the activities in paragraphs 1 to 4.
  • 6. 
    The activities in paragraphs 1 to 3 shall be coordinated by the Commission and the Member States participating in SIS 1+ acting within the Council.

Article 8

Comprehensive test

  • 1. 
    The comprehensive test shall not start before the Commission has declared that it considers that the level of success of the tests referred to in Article 1 of Regulation (EC) No 189/2008 is sufficient to begin such a test.
  • 2. 
    A comprehensive test aiming at confirming, in particular, the completion by the Commission and the Member States participating in SIS 1+ of the necessary technical arrangements to process SIS II data and the demonstration that the level of performance of SIS II is at least equivalent to that achieved with SIS 1+ shall be performed.
  • 3. 
    The comprehensive test shall be executed by the Member States participating in SIS 1+ for the N.SIS II and by the Commission for the Central SIS II.
  • 4. 
    The comprehensive test shall follow a detailed schedule defined by Member States participating in SIS 1+ acting within the Council in cooperation with the Commission.
  • 5. 
    The comprehensive test shall be based on the technical specifications defined by the Member States participating in SIS 1+ acting within the Council in cooperation with the Commission.
  • 6. 
    The Commission and the Member States participating in SIS 1+ acting within the Council shall define the criteria for determining whether the necessary technical arrangements to process SIS II data are completed and the level of performance of SIS II is at least equivalent to that achieved with SIS 1+.
  • 7. 
    The test results shall be analysed using the criteria mentioned in paragraph 6, by the Member States participating in SIS 1+ acting within the Council and the Commission. The test results shall be validated in accordance with Article 55(3)(c) of Regulation (EC) No 1987/2006.
  • 8. 
    Member States not participating in SIS 1+ may participate in the comprehensive test. Their results shall not affect the overall validation of the test.

Article 9

Test on supplementary information

  • 1. 
    The Member States participating in SIS 1+ shall conduct functional Sirene tests.
  • 2. 
    The Commission shall make available Central SIS II and its communication infrastructure during the execution of the test on supplementary information.
  • 3. 
    The test on supplementary information shall follow a detailed schedule defined by Member States participating in SIS 1+ acting within the Council.
  • 4. 
    The test on supplementary information shall be based on the technical specifications defined by the Member States participating in SIS 1+ acting within the Council.
  • 5. 
    The test results shall be analysed by the Member States participating in SIS 1+ acting within the Council.
  • 6. 
    Member States not participating in SIS 1+ may participate in the test on supplementary information. Their results shall not affect the overall validation of the test.

Article 10

Interim migration architecture

  • 1. 
    An interim SIS migration architecture shall be set up. The converter connects Central SIS II and C.SIS for a transitional period. The N.SIS are connected to C.SIS, the N.SIS II to Central SIS II.
  • 2. 
    The Commission shall provide a converter, the Central SIS II and its communication infrastructure as part of the interim SIS migration architecture.
  • 3. 
    The converter shall convert data in two directions between the C.SIS and Central SIS II and keep C.SIS and Central SIS II synchronised.
  • 4. 
    The Commission shall test the communication between Central SIS II and the converter.
  • 5. 
    France shall test the communication between C.SIS and the converter.
  • 6. 
    The Commission and France shall test the communication between Central SIS II and C.SIS via the converter.
  • 7. 
    France, together with the Commission, shall connect C.SIS via the converter to Central SIS II.
  • 8. 
    The Commission, together with France and the other Member States participating in SIS 1+, shall test the interim SIS migration architecture as a whole in accordance with a test plan provided by the Commission.
  • 9. 
    France shall make available data for test purpose, if necessary.

Article 11

Migration from SIS 1+ to SIS II

  • 1. 
    For the migration from C.SIS to Central SIS II, France shall make available the SIS 1+ database and the Commission shall introduce the SIS 1+ database into Central SIS II.
  • 2. 
    The Member States participating in SIS 1+ shall migrate from N.SIS to N.SIS II using the interim migration architecture, with the support of France and of the Commission, by 30 September 2009 at the latest. If necessary, this date may be changed in accordance with the procedure defined in Article 17(2).
  • 3. 
    The migration of the national system from SIS 1+ to SIS II consists of the data loading of N.SIS II, when that N.SIS II is to contain a data file, the national copy, containing a complete or partial copy of the SIS II database, followed by a switchover from N.SIS to N.SIS II for each Member State. The migration shall follow a detailed schedule provided by the Commission and the Member States participating in SIS 1+ acting within the Council.
  • 4. 
    The Commission shall assist in coordination and support of the common activities during the migration.
  • 5. 
    The switchover foreseen in the migration process shall be carried out after the validation mentioned in Article 8(7).

Article 12

Substantive legal framework

During the migration, the provisions of Title IV of the Schengen Convention shall continue to apply to the Schengen Information System.

Article 13

Cooperation

  • 1. 
    The Member States and the Commission shall cooperate for the execution of all the activities covered by this Regulation in accordance with their respective responsibilities.
  • 2. 
    The Commission shall in particular provide the necessary support at Central SIS II level for the testing and migration of N.SIS II.
  • 3. 
    Member States shall in particular provide the necessary support at N.SIS II level for the testing of the interim migration infrastructure.

Article 14

Keeping of records in Central SIS II

  • 1. 
    Without prejudice to the relevant provisions of Title IV of the Schengen Convention, the Commission shall ensure that every access to and all exchanges of personal data within Central SIS II are recorded for the purposes of checking whether or not the search is lawful, monitoring the lawfulness of data processing and ensuring the proper functioning of Central SIS II and of national systems, data integrity and security.
  • 2. 
    The records shall show, in particular, the date and time of the data transmitted, the data used to perform searches, the reference to the data transmitted and the name of the competent authority responsible for processing the data.
  • 3. 
    The records may only be used for the purposes referred to in paragraph 1 and shall be deleted at the earliest one year, and at the latest three years after their creation.
  • 4. 
    Records may be kept longer if they are required for monitoring procedures that are already under way.
  • 5. 
    The competent authorities in charge of checking whether or not a search is lawful, monitoring the lawfulness of data processing, self-monitoring and ensuring the proper functioning of Central SIS II, data integrity and security, shall have access, within the limits of their competence and at their request, to those records for the purpose of fulfilling their tasks.

Article 15

Costs

  • 1. 
    The costs arising from migration, the comprehensive test, the test on supplementary information, maintenance and development measures at Central SIS II level or concerning the communication infrastructure shall be borne by the general budget of the European Union.
  • 2. 
    The costs arising from migration, testing, maintenance and development of the national systems shall be borne by each Member State concerned.
  • 3. 
    The costs arising from activities at SIS 1+ level, including supplementary activities of France, acting on behalf of the Member States participating in SIS 1+, shall be borne in accordance with the provisions of Article 119 of the Schengen Convention.

Article 16

Amendment of the provisions of the Schengen Convention

The provisions of the Schengen Convention are hereby amended as follows.

 

1.

The following Article shall be inserted:

‘Article 92A

  • 1. 
    As from the entry into force of Council Regulation (EC) No 1104/2008 (19) and Council Decision 2008/839/JHA (20) and relying on the definitions in Article 2 of that Regulation, the technical architecture of the Schengen Information System may be supplemented by:
 

(a)

an additional central system composed of:

 

technical support function (Central SIS II), located in France and backup Central SIS II located in Austria, containing the SIS II database and a uniform national interface (NI-SIS),

 

a technical connection between the C.SIS and the Central SIS II via the converter allowing the conversion and synchronisation of data between the C.SIS and the Central SIS II;

 

(b)

a national system (N.SIS II), consisting of the national data systems, which communicates with the Central SIS II;

 

(c)

an infrastructure for communication between Central SIS II and the N.SIS II connected to the NI-SIS.

  • 2. 
    The N.SIS II may replace the national section referred to in Article 92 of this Convention, in which case the Member States need not hold a national data file.
  • 3. 
    The central SIS II database shall be available for the purpose of carrying out automated searches in the territory of each Member State.
  • 4. 
    In case any of the Member States replace their national section by N.SIS II, the compulsory functions of the technical support function towards that national section as mentioned in Article 92(2) and (3) become compulsory functions towards Central SIS II, without prejudice to the obligations referred to in Decision 2008/839/JHA and in Articles 5(1), 10(1), (2) and (3) of Regulation (EC) No 1104/2008.
  • 5. 
    Central SIS II shall provide the services necessary for the entry and processing of SIS data, the online update of N.SIS II national copies, the synchronisation of and consistency between N.SIS II national copies and the Central SIS II database and provide operations for initialisation and restoration of N.SIS II national copies.
  • 6. 
    France, responsible for the technical support function, the other Member States and the Commission shall cooperate to ensure that a search in the data files of N.SIS II or in the SIS II database produces a result equivalent to that of a search in the data file of the national sections referred to in Article 92(2).
 

2.

In Article 119 first paragraph, the first sentence shall be replaced by the following:

‘The costs of installing and operating the technical support function referred to in Article 92(3), including the cost of lines connecting the national sections of the Schengen Information System to the technical support function, and of activities performed in conjunction with tasks conferred upon France in application of Decision (JHA) 2008/839/JHA and of Regulation (EC) No 1104/2008 shall be borne jointly by the Member States.’

 

3.

In Article 119, the second paragraph shall be replaced by the following:

‘The costs of installing and operating the national section of the Schengen Information System and of tasks conferred upon national systems under Decision 2008/839/JHA and Regulation (EC) No 1104/2008 shall be borne by each Member State individually.’

Article 17

Committee

  • 1. 
    The Commission shall be assisted by the Committee established by Article 51 of Regulation (EC) No 1987/2006.
  • 2. 
    Where reference is made to this paragraph, Articles 5 and 7 of Decision 1999/468/EC shall apply, having regard to the provisions of Article 8 thereof.

The period provided for in Article 5(6) of Decision 1999/468/EC shall be three months.

Article 18

Reporting

The Commission shall submit by the end of every six month period, and for the first time by the end of the first six month period of 2009, a progress report to the European Parliament and the Council concerning the development of SIS II and the migration from SIS 1+ to SIS II.

Article 19

Entry into force and applicability

This Regulation shall enter into force on the third day following its publication in the Official Journal of the European Union. It shall expire on a date to be fixed by the Council, acting in accordance with Article 55(2) of Regulation (EC) No 1987/2006, and in any case no later than on 30 June 2010.

This Regulation shall be binding in its entirety and directly applicable in the Member States in accordance with the Treaty establishing the European Community.

Done at Luxembourg, 24 October 2008.

For the Council

The President

  • M. 
    ALLIOT-MARIE
 

  • (1) 
    Opinion of 24 September 2008, not yet published in the Official Journal.
 

2.

Related dossiers

 
 

3.

Full version

This page is also available in a full version containing de juridische context.

The full version is available for registered users of the EU Monitor by ANP and PDC Informatie Architectuur.

4.

EU Monitor

The EU Monitor enables its users to keep track of the European process of lawmaking, focusing on the relevant dossiers. It automatically signals developments in your chosen topics of interest. Apologies to unregistered users, we can no longer add new users.This service will discontinue in the near future.