The Schengen Information System contains 79 million entries on persons and objects. These can now also be used by the EU agencies. A new regulation allows simple police officers to question people.

With the publication in the Official Journal of the European Union three new regulations for the Schengen Information System (SIS) have entered into force. The participating national authorities are now obliged to issue a warning for all cases involving terrorist offences. If hits are found during a query, the police agency Europol must be informed in any case. However, this regulation will not be binding until the end of 2019.

The SIS is the largest European information system in the field of internal security. All 28 EU Member States participate, plus Iceland, Norway, Liechtenstein and Switzerland. More than 79 million people and objects are currently being searched in the SIS. Most entries (20 million) in 2017 came from Italy, followed by France (11 million) and Germany (over 10 million). According to the European Agency for the Management of Large IT Systems (eu-LISA), which manages the SIS, the database was queried more than five billion times in the same year.

New category “inquiry check”

The searches provided for in Article 36 of the SIS II Council Decision will also be extended. Member States can now use a new alert category “inquiry check”. Persons found during a check may therefore be questioned by all border or police officers “on the basis of information or specific questions” entered into the search by the authorities issuing the alert. The “inquiry check” thus complements the “specific check”, where the person herself, her luggage or the vehicle in which she travels can be searched. It is also possible to carry out “discreet checks”, in which the police officers proceed secretly and from which the persons concerned are not to learn anything.

Searches under Article 36 have increased significantly in recent years. At the end of 2017, 129,412 persons were listed in the SIS. Alerts have been available for “immediate reporting” for three years now. The interested authority must indicate a reference in the search and will then be informed of a hit as quickly as possible. An alert for a “specific check” can also be flagged as an “activity related to terrorism”, for example to warn police forces of the dangers of a search of a person or their vehicle.

Not all countries participating in the SIS allow “specific checks”, which can also be requested by intelligence services. According to the new regulation, an ” inquiry check” should then be made automatically. Even if these are not permitted under the law of the executing Member State, at least a “discreet check” should be carried out.

Search for fingerprints

Further new functions of the SIS will be implemented gradually. For example, one of the regulations now in force allows the alerting of unknown persons when they are wanted in connection with a serious or terrorist offence. This can now also be done using complete or incomplete sets of fingerprints or palm prints. After a two-year trial period, the SIS received an automatic identification system to search the 165,000 fingerprints it already has. In addition to fingerprints, facial images will increasingly be used for identification at regular border crossing points. The Commission is invited to present a report on the availability, reliability and operational readiness of these technologies.

The entry of decisions on impending deportation will also become mandatory. The SIS will receive a new alert category “Return Decisions” for this purpose, in which persons concerned are stored after their asylum application has been rejected. The same applies to entry bans into the Schengen area, which are imposed on third-country nationals after deportation but expulsion, among other things.

In addition to searches for missing persons, “preventive alerts” for children and adults in need of protection are also possible. A DNA profile may be added to the call for proposals which comes from relatives in a straight ascending or descending line or from siblings. DNA profiles stored in the SIS may also be used to confirm the identity of a person during a check.

Privileged access for Europol

In addition to the competent authorities of the Member States, the access of EU agencies to data in the SIS will also be extended. The European Judicial Cooperation Agency (Eurojust) and Europol already have a corresponding technical interface, now the European Border and Coastguard Agency is also to establish a direct link with the central SIS. If hits are found by the agencies, the Member State issuing the alert will be informed.

Europol’s access is more extensive than that of the Border Guard and Coast Guard and Eurojust. Among other things, the police agency may use “supplementary information” entered in the SIS when an alert is issued, which contains information on the crime committed, but also procedures for handing over wanted information. Europol is to be connected to the encrypted SIRENE network through which SIS participants communicate. Europol may use the “supplementary information” for comparison with all its own databases, including project-related analysis files. However, this requires the consent of the Member State issuing the alert.

Restructuring of EU databases under “interoperability”

The extension of the SIS followed an evaluation, according to which the European Commission proposed operational and technical improvements in 2016. Two years ago, these led to a legislative proposal, which was adopted by the Council in November 2018 following a positive decision by the European Parliament. All measures must be implemented by the Member States by 2021 at the latest.

The new SIS Regulation is part of the fundamental reorganisation of EU databases in the field of justice and home affairs. All information systems with biometric data will be partially merged under the keyword “interoperability”. The SIS, the fingerprint database Eurodac, the visa database (VIS), the criminal record ECRIS and the “Entry/Exit System” (EES) to be set up will merge in a “Common Identity Repository” in which fingerprints and facial images containing personal data are stored in a single searchable file.

A common “Biometric Matching System” is also planned to check each new entry against existing data. There will also be a single “European Search Portal” which will query several databases at the same time when a police request is made. Finally, a “Multiple Identity Detector” will be introduced to compare fingerprints and facial images with personal data.

Image: All rights reserved European Council.