BETA

75 Amendments of Marina KALJURAND related to 2022/0425(COD)

Amendment 28 #
Proposal for a regulation
Recital 1
(1) The transnational dimension of serious and organised crime and the continuous threat of terrorist attacks on European soil call for action at Union level to adopt appropriate measures to ensure security within an area of freedom, security and justice without internal borders. Information on air travellers, such as Passenger Name Records (PNR) and in particular Advance Passenger Information (API), is essential in orderhelps to identify high-risk travellers, including those who are not otherwise known to law enforcement authorities, and to establish links between members of criminal groups, and countering terrorist activities.
2023/09/06
Committee: LIBE
Amendment 29 #
Proposal for a regulation
Recital 2
(2) While Council Directive 2004/82/EC27 establishes a legal framework for the collection and transfer of API data by air carriers with the aims of improving border controls and combating illegal immigration, it also states that Member States may use API data for law enforcement purposes. However, only creating such a possibility leads to several gaps and shortcomings. In particular, it means that, despite its relevance for law enforcement purposes,This means that API data is not in all casessystematically collected and transferred by air carriers for those purposes. It also means that, wlaw enforcement purposes. Where Member States have acted upon the possibility, air carriers are faced with diverging requirements under national law as regardsing when and how to collect and transfer API data for this purpose. Those divergences lead not only to unnecessary costs and complications for the air carriers, but they are also prejudicial tomay also complicate the Union’s internal security and effective cooperation between the competent law enforcement authorities of the Member States. Moreover, in view of the completely different nature of the purposes of facilitating border controls and law enforcement, it is appropriate to establish a distinct legal framework for the collection and transfer of API data for each of thoselaw enforcement purposes. _________________ 27 Council Directive 2004/82/EC of 29 April 2004 on the obligation of carriers to communicate passenger data (OJ L 261, 6.8.2004, p. 24).
2023/09/06
Committee: LIBE
Amendment 32 #
Proposal for a regulation
Recital 3
(3) Directive (EU) 2016/681 of the European Parliament and of the Council28 (‘PNR Directive') lays down rules on the use of PNR data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime. Under that Directive, Member States must adopt the necessary measures to ensure that air carriers transfer PNR data, including any API data collected, to the national Passenger Information Unit (‘PIU’) established under thatPNR Directive to the extent that they have already collected such data in the normal course of their business. Consequently, that Directive does not guarantee the collection and transfer of API data in all cases, as air carriers do not have any business purpose to collect a full set of such data. Ensuring that PIUs receive API data together with PNR data is important, since the joint processing of such data is needed for the competent law enforcement authorities of the Member States to be able to effectively prevent, detect, investigate and prosecute terrorist offences and serious crimfor the purposes of the Directive. In particular, such joint processing allows for the accurate identification of those passengers that may need to be further examined, in accordance with the applicable law, by those authorities. In addition, thate PNR Directive does not specify in detail which information constitutes API data. For those reasons, complementary rules should be established requiring air carriers to collect and subsequently transfer a specifically defined set of API data, which.These requirements should apply to the extent that the air carriers are bound under that Directive to collect and transfer PNR data on the same flight. _________________ 28 Directive (EU) 2016/681 of the European Parliament and of the Council of 27 April 2016 on the use of passenger name record (PNR) data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime (OJ L 119, 4.5.2016, p. 132).
2023/09/06
Committee: LIBE
Amendment 34 #
Proposal for a regulation
Recital 4
(4) It is therefore necessary to establish at Union level clear, harmonised and effective rules at the Union level on the collection and transfer of API data for the purpose of preventing, detecting, investigating and prosecuting terrorist offences and serious crime.
2023/09/06
Committee: LIBE
Amendment 36 #
Proposal for a regulation
Recital 5
(5) Considering the close relationship between both acts, this Regulation should be understood as complementing the rules provided for in the PNR Directive (EU) 2016/681. Therefore, API data is to be collected and transferred in accordance with the specific requirements of this Regulation, including as regards to the situations and the manner in which that is to be done. However, the rules of thate PNR Directive apply in respect of matters not specifically covered by this Regulation, especially regarding the rules on the subsequent processing of the API data received by the PIUs, exchange of information between Member States, conditions of access by the European Union Agency for Law Enforcement Cooperation (Europol), transfers to third countries, retention and depersonalisation, as well as the protection of personal data. Insofar as those rules apply, the rules of that Directive on penalties and the national supervisory authorities apply as well. This Regulation should leave those rules unaffected.
2023/09/06
Committee: LIBE
Amendment 37 #
Proposal for a regulation
Recital 6
(6) The collection and transfer of API data affects the privacy of individuals and entails the processing of their personal data. In order to fully respect their fundamental rights, in particular the right of respect for private life and the right to the protection of personal data, in accordance with the Charter of Fundamental Rights of the European Union (‘Charter’), adequate limits and safeguards should be provided for. In particular, any processing of API data and, in particular, API data constituting personal data, should remain strictly limited to what is necessary for and proportionate to achieving the objectives pursued by this Regulation. In addition, it should be ensured that the APIprocessing of any API data collected and transferred under this Regulation do not lead to any form of discrimination precluded by the Charter.
2023/09/06
Committee: LIBE
Amendment 44 #
Proposal for a regulation
Recital 7
(7) In view of the complementary nature of this Regulation in relation to the PNR Directive (EU) 2016/681, the obligations of air carriers under this Regulation should apply in respect of all flights for which Member States are to require air carriers to transmit PNR data under the Directive (EU) 2016/681, namely flights, including both scheduled and non- scheduled flights, both between Member States and third countries (extra-EU flights), and between severalcertain Member States (intra-EU flights) insofar as those flights have been selected in accordance with the PNR Directive (EU) 2016/681, irrespective of the place of establishment of the air carriers conducting those flights.
2023/09/06
Committee: LIBE
Amendment 47 #
Proposal for a regulation
Recital 8
(8) Accordingly, given that the PNR Directive (EU) 2016/681 does not cover domestic flights, that is, flights that depart and land on the territory of the same Member State without any stop-over in the territory of another Member State or a third country, and in view of the transnational dimension of the terrorist offences and the serious crime covered by this Regulation, such flights should not be covered by this Regulation either. This Regulation should not be understood as affecting the possibility for Member States to provide, under their national law and in compliance with Union law, for obligations on air carriers to collect and transfer API data on such domestic flights.
2023/09/06
Committee: LIBE
Amendment 49 #
Proposal for a regulation
Recital 9
(9) In view of the close relationship between the acts of Union law concerned and in the interest of consistency and coherence, the definitions set out in this Regulation should as much possible be aligned with, and be interpreted and applied in the light of, the definitions set out in the PNR Directive (EU) 2016/681 andand the Regulation (EU) [API border management] 29 . _________________ 29 OJ C , , p. .
2023/09/06
Committee: LIBE
Amendment 52 #
Proposal for a regulation
Recital 10
(10) In particular, the items of information that jointly constitute the API data to be collected and subsequently transferred under this Regulation should be the same as those listed clearly and exhaustively in Regulation (EU) API [border management], covering both information relating to each passenger and information on the flight of that traveller. Under this Regulation, such flight information should cover information on the border crossing point of entry into the territory of the Member State concerned only where applicable, that is, not when the API data relate to intra-EU flights.
2023/09/06
Committee: LIBE
Amendment 56 #
Proposal for a regulation
Recital 11
(11) In order to ensure as consistent approach as possible on the collection and transfer of API data by air carriers as much as possible, the rules set out in this Regulation should be aligned with those set out in the Regulation (EU) [API border management] where appropriate. Thatis concerns, in particular, the rules on data quality, the air carriers’ use of automated means for such collection, the precise manner in which they are to transfer the collected API data to the router and the deletion of the API data. The collection of API data by automated means should be strictly limited to the alphanumercial data contained in the travel document and should not lead to the collection of any biometric data from it. As the collection of API data is part of the check-in process, either online or at the airport, it should not imply any checks of the traveller at the moment of boarding. Compliance with this regulation should not imply any obligation to carry a travel document at the moment of boarding.
2023/09/06
Committee: LIBE
Amendment 62 #
Proposal for a regulation
Recital 12
(12) In order to ensure the joint processing of API data and PNR data to effectively fight terrorism and serious crime in the Union, and at the same time minimise the interference with passengers’ fundamental rights protected under the Charter, the PIUs should be the sole competent authorities in the Member States that are entrusted to receive, and subsequently further process and protect, API data collected and transferred under this Regulation. In the interest of efficiency and to minimise any security risks, the router, as designed, developed, hosted and technically maintained by the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA) in accordance with Regulation (EU) [API border management], should transmit the API data, collected and transferred to it by the air carriers under this Regulation, to the relevant PIUs. Given the necessary level of protection of API data constituting personal data, including to ensure the confidentiality of the information concerned, the API data should be transmitted by the router to the relevant PIUs in an automated manner.
2023/09/06
Committee: LIBE
Amendment 67 #
Proposal for a regulation
Recital 13
(13) For the extra-EU flights, the PIU of the Member State on thwhose territory of which the flight will land and or from twhe territory of whichre the flight will depart should receive the API data from the router for all those flights, given that that PNR data is collected for all those flights, in accordance with the PNR Directive (EU) 2016/681. The router should identify the flight and the corresponding PIUs using the information contained in the PNR record locator, a data element common to both the API and PNR data sets allowing for the joint processing of API data and PNR data by the PIUs.
2023/09/06
Committee: LIBE
Amendment 68 #
Proposal for a regulation
Recital 13 a (new)
(13a) In order to allow for the effective supervision of the compliance of the Member States with the requirements of the Court of Justice of the European Union (‘CJEU’) by the national data protection authorities, this Regulation lays down a common methodology for carrying out the threat assessment based on which the Member States should operate a selection of intra-EU flights. In order to avoid divergent practices among Member States, this Regulation also sets out a list of criteria, regarding both quantitative and qualitative evidence, to be used by Member States when carrying out such assessment. Given that API can be processed for the purpose of this Regulation only insofar as PNR data is processed, the outcome of the threat assessment should be valid for the transfer and processing of both API and PNR data.
2023/09/06
Committee: LIBE
Amendment 73 #
Proposal for a regulation
Recital 14
(14) As regards to the intra-EU flights, in line with the case law of the Court of Justice of the European Union (CJEU)JEU, in order to avoid unduly interfering with the relevant fundamental rights of the travellers protected under the Charter and to ensure compliance with the requirements of the Union law on the free movement of persons and the abolition of internal border controls, a selective approach should be provided for. In view of the importance of ensuring that API data can be processed together with PNR data, that approach should be aligned with that of the PNR Directive (EU) 2016/681. For those reasons, API data on those flights should only be transmitted from the router to the relevant PIUs, where the Member States have selected the flights concerned in application of Article 2 of the PNR Directive (EU) 2016/681. As recalled by the CJEU, the selection entails Member States targeting the obligations in question only at, inter alia, certain routes, travel patterns or airports, subject to thea regular review of that selection.
2023/09/06
Committee: LIBE
Amendment 78 #
Proposal for a regulation
Recital 15
(15) In order to enable the application of that selective approach under this Regulation in respect of intra-EU flights, the Member States should be required to draw up and submit to the eu-LISA the lists of the flights they selected, so that eu- LISA can ensure that API data of only for those flights API data is transmitted from the router to the relevant PIUs and that the API data on other intra-EU flights is immediately and permanently deleted.
2023/09/06
Committee: LIBE
Amendment 82 #
Proposal for a regulation
Recital 16
(16) In order not to endanger the effectiveness of the system that relies on the collection and transfer of API data set up by this Regulation, and of PNR data under the system set up by Directive (EU) 2016/681, for the purpose of preventing, detecting, investigating and prosthe PNR Direcuting terrorist offences and serious crimve, in particular by creating the risk of circumvention, information on which intra- EU flights the Member States have selected should be treated in a confidential manner. For that reason, such information should not be shared with the air carriers and they should therefore be required to collect API data on all flights covered by this Regulation, including all intra-EU flights, and then transfer it to the router, where the necessary selection should be enacted. Moreover, by collecting API data on all intra-EU flights, passengers are not made aware on which selected intra-EU flights API data, and hence also PNR data, is transmitted to the PIUs in accordance with the assessment of Member States’ assessment. That approach also ensures that any changes relating to that selection can be implemented swiftly and effectively, without imposing any undue economic and operational burdens on the air carriers. Nonetheless, API data should not be collected and transferred on those flights where neither the Member State of departure nor the Member State of arrival of intra-EU flights have notified the Commission with their decision to apply PNR Directive to intra-EU flights, pursuant to Article 2 of that Directive. Since such notifications are published in the Official Journal of the Union, and hence known to the public, there is in these cases no risk of circumvention.
2023/09/06
Committee: LIBE
Amendment 84 #
Proposal for a regulation
Recital 17
(17) In the interest of ensuring compliance with the fundamental right tof the travellers to the protection of their personal data and in line with Regulation (EU) [API border management], this Regulation should identify the controllers. In the interest of effective monitoring, ensuring adequate protection of personal data and minimising security risks, rules should also be provided for on logging, security of processing and self-monitoring. Where they relate to the processing of personal data, those provisions should be understood as complementing the generally applicable acts of Union law on the protection of personal data, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council 30 , Directive (EU) 2016/680 of the European Parliament and the Council31 and Regulation (EU) 2018/1725 of the European Parliament and the Council32 . Those acts, which also apply to the processing of personal data under this Regulation in accordance with the provisions thereof, should not be affected by this Regulation. Taking due consideration of the right of the travellers to be informed of the processing of their personal data for the purposes of this Regulation, the air carriers should inform travellers, at the moment of booking and at the moment of check-in, of the purpose of the collection of their personal data and of their rights as data subjects. _________________ 30 Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), OJ L 119, 4.5.2016, p. 1. 31 Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA, OJ L 119, 4.5.2016, p. 89. 32 Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC, OJ L 295, 21.11.2018, p. 39
2023/09/06
Committee: LIBE
Amendment 87 #
Proposal for a regulation
Recital 18
(18) The router to be created and (18) operated underIn order to avoid that air carriers have to establish and maintain multiple connections with the competent border authorities of the Member States’ for the transfer of API data and PNR data collected under this Regulation, and to avoid the related inefficiencies and security risks, provision should be made for a single router, created and operated at the Union level, that should serve as a connection and distribution point for those transfers. The router to be created and operated under this Regulation and Regulation (EU) [API border management] should reduce and simplify the technical connections needed to transfer API and PNR data, limiting them to a single connection per air carrier and per PIU. Therefore, this Regulation provides for the obligation for the PIUs and air carriers to each establish such a connection to, and achieve the required integration with, the router, so as to ensure that the system for transferring API and PNR data established by this Regulation can function properly. To provide for the same level of clarity and certainty, the provisions related to the router, security and support tasks by the eu-LISA should be mirrored in this Regulation and Regulation (EU) [API border management], as eu-LISA should build and maintain only one router for the purposes of both Regulations.
2023/09/06
Committee: LIBE
Amendment 90 #
Proposal for a regulation
Recital 20
(20) In accordance with Regulation (EU) 2018/1726, Member States may entrust eu-LISA with the task of facilitating connectivity wiorder to allow both the air carriers and the PIUs to make the most efficient use of their connections to the router, to prevent any duplication of passenger data transfers and processing, and to ensure compliance with the CJEU case-law and enhance the related monitoring and supervision, this Regulation provides for the mandatory use of the router by the air carriers in order to assist Member States in the implementation of Directive (EU) 2016/681, particularly by collecting andfor transferring PNR data, and for the PIUs for receiving such data. This should constitute the only necessary and available means for the Member States to require air carriers to comply with the obligations related to transferring of PNR data via the routeras foreseen by the PNR Directive.
2023/09/06
Committee: LIBE
Amendment 92 #
Proposal for a regulation
Recital 21
(21) It cannot be excluded that, due to exceptional circumstances and despite all reasonable measures having been taken in accordance with this Regulation and, as regards the router, Regulation (EU) [API border management], the router or the systems or infrastructure connecting the PIUs and the air carriers thereto fail to function properly, thus leading to a technical impossibility to use the router to transmit API and PNR data. Given the unavailability of the router and that it will generally not be reasonably possible for air carriers to transfer the API and PNR data affected by the failure in a lawful, secure, effective and swift manner through alternative means, the obligation for air carriers to transfer that API and PNR data to the router should cease to apply for as long as the technical impossibility persist. In order to minimise the duration and negative consequences thereof, the parties concerned should in such a case immediately inform each other and immediately take all necessary measures to address the technical impossibility. This arrangement should be without prejudice to the obligations under this Regulation of all parties concerned to ensure that the router and their respective systems and infrastructure function properly, as well as the fact that air carriers are subject to penalties when they fail to meet those obligations, including when they seek to rely on this arrangement where such reliance is not justified. In order to deter such abuse and to facilitate supervision and, where necessary, the imposition of penalties, air carriers that rely on this arrangement on account of the failure of their own system and infrastructure should report thereon to the competent supervisory authority.
2023/09/06
Committee: LIBE
Amendment 93 #
Proposal for a regulation
Recital 22
(22) In order to ensure that the rules of this Regulation are applied effectively by air carriers, provision should be made for the designation and empowerment of national authorities charged with the supervision of those rules. The rules of this Regulation on such supervision, including as regards to the imposition of penalties where necessary, should leave the tasks and powers of the supervisory authorities established in accordance with Regulation (EU) 2016/679 and Directive (EU) 2016/680 unaffected, including in relation to the processing of personal data under this Regulation.
2023/09/06
Committee: LIBE
Amendment 95 #
Proposal for a regulation
Recital 23
(23) Effective, proportionate and dissuasive penalties, including financial ones, should be provided for by Member States against those air carriers failing to meet their obligations regarding the collection and transfer of API and PNR data under this Regulation.
2023/09/06
Committee: LIBE
Amendment 96 #
Proposal for a regulation
Recital 23 a (new)
(23a) In order to store reports and statistics of the router on the Common Repository for Reporting and Statistics, it is necessary to amend Regulation (EU) 2019/817 of the European Parliament and of the Council.1a The Common Repository for Reporting and Statistics should only provide statistics based on API data for the implementation and effective supervision of this Regulation. The data that the router automatically transmits to the Common Repository for Reporting and Statistics to that end should not allow for the identification of the travellers concerned. The router should not transmit any data to the Common Repository for Reporting and Statistics for those intra-EU flights that have not been selected by a Member State based on an assessment in compliance with the criteria and methodology for the selection of intra-EU flights set out in this Regulation. _________________ 1a Regulation (EU) 2019/817 of the European Parliament and of the Council of 20 May 2019 on establishing a framework for interoperability between EU information systems in the field of borders and visa and amending Regulations (EC) No 767/2008, (EU) 2016/399, (EU) 2017/2226, (EU) 2018/1240, (EU) 2018/1726 and (EU) 2018/1861 of the European Parliament and of the Council and Council Decisions 2004/512/EC and 2008/633/JHA (OJ L 135, 22.5.2019, p. 27).
2023/09/06
Committee: LIBE
Amendment 100 #
Proposal for a regulation
Recital 25
(25) All interested parties, and in particular the air carriers and the PIUs, should be afforded sufficient time to make the necessary preparations to be able to meet their respective obligations under this Regulation, taking into account that some of those preparations, such as those regarding the obligations on the connection to and integration with the router, can only be finalised when the design and development phases of the router have been completed and the router starts operations. Therefore, this Regulation should apply only from an appropriate date after the date at which the router starts operations, as specified by the Commission in accordance with this Regulation and the Regulation (EU) [API border management]. However, it should be possible for the Commission to adopt delegated acts under this Regulation already from an earlier date, so as to ensure that the system set up by this Regulation is operational as soon as possible.
2023/09/06
Committee: LIBE
Amendment 107 #
Proposal for a regulation
Article 1 – paragraph 1 – point c
(c) the transmission from the router to the Passenger Information Units (‘PIUs’) of the API data and PNR data on extra-EU flights and selected intra-EU flights.
2023/09/06
Committee: LIBE
Amendment 117 #
Proposal for a regulation
Article 3 – paragraph 1 – point c
(c) ‘intra-EU flight’ means any flight as defined in Article 3, point (3), of Directive (EU) 2016/681, with the exception of those flights for which neither the Member State from where the flight is scheduled to depart, nor the Member State where the flight is scheduled to land, have notified their decision to apply Directive 2016/681 to intra-EU flights, pursuant to Article 2 of that Directive;
2023/09/06
Committee: LIBE
Amendment 120 #
Proposal for a regulation
Article 3 – paragraph 1 – point g
(g) ‘crew’ means any person as defined in Article 3, point (hi), of Regulation (EU) [API border management];
2023/09/06
Committee: LIBE
Amendment 124 #
Proposal for a regulation
Article 3 – paragraph 1 – point h
(h) ‘traveller’ means any person as defined in Article 3, point (ij), of Regulation (EU) [API border management];
2023/09/06
Committee: LIBE
Amendment 125 #
Proposal for a regulation
Article 3 – paragraph 1 – point i
(i) ‘advance passenger information data’ or ‘API data’ means the data as defined in Article 3, point (jk), of Regulation (EU) [API border management];
2023/09/06
Committee: LIBE
Amendment 126 #
Proposal for a regulation
Article 3 – paragraph 1 – point n
(n) ‘the router’ means the router as defined in Article 5c (new) and Article 3, point (km) of Regulation (EU) [API border management];
2023/09/06
Committee: LIBE
Amendment 128 #
Proposal for a regulation
Article -4 (new)
Article-4 API data to be collected by air carriers 1. Air carriers shall collect API data of travellers, consisting of the traveller data and the flight information specified in paragraphs 2 and 3 of this Article, respectively, on the flights referred to in Article 2, for the purpose of transferring that API data to the router in accordance with Article 4(6). 2. The API data shall consist of the following traveller data relating to each traveller on the flight: (a) the surname (family name), first name or names (given names); (b) the date of birth, sex and nationality; (c) the type and number of the travel document and the three-letter code of the issuing country of the travel document; (d) the date of expiry of the validity of the travel document; (e) whether the traveller is a passenger or a crew member (traveller’s status); (f) the number identifying a passenger name record used by an air carrier to locate a passenger within its information system (PNR record locator); (g) the seating information, such as the number of the seat in the aircraft assigned to a passenger, where the air carrier collects such information; (h) baggage information, such as number of checked bags, where the air carrier collects such information. 3. The API data shall also consist of the following flight information relating to the flight of each traveller: (a) the flight identification number or, if no such number exists, other clear and suitable means to identify the flight; (b) when applicable, the border crossing point of entry into the territory of the Member State; (c) the code of the airport of entry into the territory of the Member State; (d) the initial point of embarkation; (e) the local date and estimated time of departure; (f) the local date and estimated time of arrival.
2023/09/06
Committee: LIBE
Amendment 129 #
Proposal for a regulation
Article 4 – title
Collection, tTransfer and deletion of API data by air carriers
2023/09/06
Committee: LIBE
Amendment 130 #
Proposal for a regulation
Article 4 – paragraph 1
1. Air carriers shall collect API data of travellers on the flights referred to in Article 2, for the purpose of transferring that API data to the router in accordance with paragraph 6. Where the flight is code-shared between one or more air carriers, the obligation to transfer the API data shall be on the air carrier that operates the flight.deleted
2023/09/06
Committee: LIBE
Amendment 138 #
Proposal for a regulation
Article 4 – paragraph 3 – subparagraph 1
Air carriers shall collect the alphanumerical API data referred to in Article 43a(new)(2), points (a) to (d), of Regulation (EU) [API border management] using automated means to collect the machine- readable data of the travel document of the traveller concerned. Air carriers shall collect that data during the check-in procedures, either as part of the online check-in or as part of the check-in at the airport. They shall do so in accordance with the detailed technical requirements and operational rules referred paragraph 5, where such rules have been adopted and are applicable. Specifically, the collection of API data with automated means shall not lead to the collection of any biometric data contained in the travel document. The collection of API data shall not imply any checks at the moment of boarding of the traveller. Compliance with this Regulation shall not imply any obligation to carry a travel document at the moment of boarding.
2023/09/06
Committee: LIBE
Amendment 143 #
Proposal for a regulation
Article 4 – paragraph 3 – subparagraph 2
However, wWhere suchthe use of automated means is not possible due to the travel document not containing machine-readable data, air carriers shall collect that data manually, in such a manner as to ensure compliance with paragraph 2.
2023/09/06
Committee: LIBE
Amendment 148 #
Proposal for a regulation
Article 4 – paragraph 5
5. The Commission is empowered to adopt delegated acts in accordance with Article 19 to supplement this Regulation by laying down detailed technical requirements and operational rules for the collection of the API data referred to in Article 43a(new)(2), points (a) to (d), of Regulation (EU) [API border management] using automated means in accordance with paragraphs 3 and 4 of this Article.
2023/09/06
Committee: LIBE
Amendment 161 #
Proposal for a regulation
Article 4 – paragraph 8 – subparagraph 2
Where the air carriers obtain the awareness referred to in point (a) of the first subparagraph of this paragraph after having completed the transfer of the data in accordance with paragraph 6, they shall immediately inform the European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice (eu-LISA). Upon receiving such information, eu-LISA shall immediately inform the PIUs that received thesuch API data transmitted through the router.
2023/09/06
Committee: LIBE
Amendment 164 #
Proposal for a regulation
Article 4 – paragraph 9 a (new)
9a. In accordance with Directive 2016/681, air carriers shall also transfer PNR data to the router, insofar as these data are collected in the normal course of their business, for the transmission of these data from the router to the respective PIUs in accordance with Article 5(4). This shall be the only necessary and available means for air carriers to transfer PNR data in accordance with Article 8(1) of Directive 2016/681.
2023/09/06
Committee: LIBE
Amendment 167 #
Proposal for a regulation
Article 5 – paragraph 1 – subparagraph 1
The router shall, immediately and in an automated manner, transmit the API data, transferred to it by air carriers pursuant to Article 4, to the PIUs of the Member State on thwhose territory of which the flight will land or from the territory of which the flight will depart from, or to both in the case of intra- EU-flights. Where a flight has one or more stop-overs at the territory of another Member States than the one from which it departed, the router shall transmit the API data to the PIUs of all the Member States concerned.
2023/09/06
Committee: LIBE
Amendment 171 #
Proposal for a regulation
Article 5 – paragraph 1 – subparagraph 2
For the purpose of such transmissions, eu- LISA shall establish and keep up-to-date a table of correspondence between the different airports of origin and destination and the countries to which they belong.
2023/09/06
Committee: LIBE
Amendment 175 #
Proposal for a regulation
Article 5 – paragraph 1 – subparagraph 3
However, for intra-EU flights, the router shall only transmit theonly API data to that PIU in respect of the flights included in the list referred to in paragraph 2 to the applicable PIUs.
2023/09/06
Committee: LIBE
Amendment 184 #
Proposal for a regulation
Article 5 – paragraph 3 a (new)
3a. This provision shall apply mutatis mutandis to the transmission of PNR data from the router to the PIUs of the Member States in accordance with Article 8(1) of Directive 2016/681. This shall be the only means for PIUs to receive PNR data from air carriers.
2023/09/06
Committee: LIBE
Amendment 186 #
Proposal for a regulation
Article 5 a (new)
Article5a Methodology for the selection of intra-EU flights 1. For the purpose of establishing the list referred to in paragraph 2 of Article 5, Member States shall carry out a thorough threat assessment. 2. Such threat assessment shall be carried out in an objective, duly reasoned and non-discriminatory manner. In particular such assessment shall not be purely based on the nationality, sex, age, race, colour, ethnic origin, language, religion or belief, or membership of a national minority of the travellers. 3. The outcome of that threat assessment shall be subject to regular review. Its validity shall be limited in time to what is strictly necessary and shall in any case not exceed 3 months unless it is extended, based on objective necessity. The frequency of the review shall reflect the nature of information referred to in 5b(new)(2)(b). 4. Member States shall keep all relevant documentation justifying the outcome of the threat assessment and its possible prolongation. In order to allow for effective supervision, Member States shall make that documentation available to the competent national data protection authorities referred to in article 41 of Directive 2016/680.
2023/09/06
Committee: LIBE
Amendment 188 #
Proposal for a regulation
Article 5 b (new)
Article5b Substantive criteria for the selection of intra-EU flights 1. Member States shall base their threat assessment, referred to in Article 5a(new) on information and considerations regarding: a. the proportionality of interferening with the fundamental rights laid down in Articles 7 and 8 of the Charter in relation to the importance of the objective of general interest;b. the duration of the selection and thus interference with fundamental rights;c. the general level of threat identified at national and Union level, solely in relation to terrorist and serious criminal offences within the scope of this Regulation; and d. the specific level of threat identified on a particular intra-EU flight, in the context of one or several terrorist and serious criminal offences within the scope of this Regulation, relating, inter alia, to a certain route, travel pattern or airport. 2. When assessing the specific level of threat identified on a particular flight, Member States shall use: a. Statistical information on the previous results of the automated processing of PNR data of passengers on that particular flight or route; b. Objective, duly reasoned, non- discriminatory and documented information received by their authorities competent for the prevention, detection, investigation and prosecution of terrorist offences and serious crime, such as information on new criminal trends and changes in the modus operandi. Such assessment shall not be purely based on the nationality sex, age, race, colour, ethnic origin, language, religion or belief, or membership of a national minority of the travellers.
2023/09/06
Committee: LIBE
Amendment 191 #
Proposal for a regulation
Chapter 2 a (new)
2a PROVISIONS RELATING TO THE ROUTER
2023/09/06
Committee: LIBE
Amendment 192 #
Proposal for a regulation
Article -6 (new)
Article-6 The router 1. eu-LISA shall design, develop, host and technically manage, in accordance with Articles 11a(new) and 11b(new), a router for the purpose of facilitating the transfer of API and PNR data by the air carriers to the PIUs in accordance with this Regulation. 2. The router shall be composed of: (a) a central infrastructure, including a set of technical components enabling the transmission of API and PNR data; (b) a secure communication channel between the central infrastructure and the competent border authorities and the PIUs, and a secure communication channel between the central infrastructure and the air carriers, for the transfer of API and PNR data and for any communications relating thereto. 3. Without prejudice to Article 5d(new) of this Regulation, the router shall, to the extent technically possible, share and re- use the technical components, including hardware and software components, of the web service referred to in Article 13 of Regulation (EU) 2017/2226 of the European Parliament and of the Council1a, the carrier gateway referred to in Article 6(2), point (k), of Regulation (EU) 2018/1240, and the carrier gateway referred to in Article 2a, point (h), of Regulation (EC) 767/2008 of the European Parliament and of the Council1b. 4. eu-LISA shall design and develop the router in a way that for any transfer of API and PNR data from the air carriers to the router in accordance with Article 4, and for any transmission of API and PNR data from the router to the PIUs in accordance with Article 5 and to the central repository for reporting and statistics in accordance with Article 16a(new)(2), the API and PNR data is end-to-end encrypted during transit. _________________ 1a Regulation (EU) 2017/2226 of the European Parliament and of the Council of 30 November 2017 establishing an Entry/Exit System (EES) to register entry and exit data and refusal of entry data of third-country nationals crossing the external borders of the Member States and determining the conditions for access to the EES for law enforcement purposes, and amending the Convention implementing the Schengen Agreement and Regulations (EC) No 767/2008 and (EU) No 1077/2011 (OJ L 327, 9.12.2017, p. 20). 1b Regulation (EC) No 767/2008 of the European Parliament and of the Council of 9 July 2008 concerning the Visa Information System (VIS) and the exchange of data between Member States on short-stay visas (VIS Regulation) (OJ L 218, 13.8.2008, p. 60).
2023/09/06
Committee: LIBE
Amendment 193 #
Proposal for a regulation
Article -6 a (new)
Article-6a Exclusive use of the router Notwithstanding the use of the router in Article 10 of Regulation (EU) [API border management], the router shall only be used by air carriers to transfer API and PNR data, and by PIUs to receive API and PNR data for extra-EU flights and selected intra-EU flights, in accordance with this Regulation.
2023/09/06
Committee: LIBE
Amendment 194 #
Proposal for a regulation
Article -6 b (new)
Article-6b Deletion of API data from the router API data, transferred to the router pursuant to this Regulation, shall be stored on the router only insofar as necessary to complete the transmission to the PIUs and shall be deleted from the router, immediately, permanently and in an automated manner, in both of the following situations: (a) where the transmission of the API data to the relevant PIUs has been completed; (b) where the API data relates to other intra-EU flights than those included the lists referred to in Article 5(2) of that Regulation. The router shall automatically inform eu-LISA of the immediate deletion of these intra-EU flights for the purposes of the statistics referred to in Article 16a(1).
2023/09/06
Committee: LIBE
Amendment 195 #
Proposal for a regulation
Article 6 – paragraph -1 (new)
-1. eu-LISA shall keep logs of all processing operations relating to the transfer of API data through the router under this Regulation. Those logs shall cover the following: (a) the air carrier that transferred the API data to the router; (b) the competent authorities and PIUs to which the API data was transmitted through the router; (c) the date and time of the transfers referred to in points (a) and (b), and place of transfer; (d) any access by staff of eu-LISA necessary for the maintenance of the router, as refererred to in Article 11b(3); (e) any other information relating to those processing operations necessary to monitor the security and integrity of the API data and the lawfulness of those processing operations. Those logs shall not include any personal data, other than the information necessary to identify the relevant member of the staff of eu-LISA, referred to in point (d) of the first subparagraph.
2023/09/06
Committee: LIBE
Amendment 198 #
Proposal for a regulation
Article 6 – paragraph 4 – subparagraph 2
However, if those logs are needed for procedures for monitoring or ensuring the security and integrity of the API data or the lawfulness of the processing operations, as referred to in paragraph 2, and those procedures have already begun at the moment of the expiry of the time period referred to in the first subparagraph, air carriers mayshall keep those logs for as long as necessary for those procedures. In that case, they shall immediately delete those logs when they are no longer necessary for those procedures.
2023/09/06
Committee: LIBE
Amendment 201 #
Proposal for a regulation
Article 7 – paragraph 2 a (new)
1. Collection and processing of personal data in accordance with this Regulation and Regulation (EU) [API border management] by air carriers and competent authorities shall not result in discrimination against persons on the grounds of sex and gender, race, colour, ethnic or social origin, genetic features, language, religion or belief, political or any other opinion, membership of a national minority, property, birth, disability, age or sexual orientation. 2. This Regulation shall fully respect human dignity and the fundamental rights and principles recognised by the Charter of Fundamental Rights of the European Union, including the right to respect for one’s private life, to the protection of personal data and to freedom of movement. 3. Particular attention shall be paid to children, the elderly, persons with a disability and vulnerable persons. The best interests of the child shall be a primary consideration when implementing this Regulation.
2023/09/06
Committee: LIBE
Amendment 203 #
Proposal for a regulation
Article 7 a (new)
Article7a Personal data processor eu-LISA shall be the processor within the meaning of Article 3, point (9), of Directive 2016/680 (EU) 2018/1725 for the processing of API data constituting personal data through the router in accordance with this Regulation.
2023/09/06
Committee: LIBE
Amendment 205 #
Proposal for a regulation
Article 7 b (new)
Article7b Information to travellers In accordance with the right of information in Article 13 of Regulation (EU) 2016/679, air carriers shall provide travellers, on flights covered by this Regulation, with information on the purpose of the collection of their personal data, the type of personal data collected, the recipients of the personal data and the means to exercise the data subject rights. This information should be communicated to travellers in writing and in an easily accessible format at the moment of booking and at the moment of check-in, irrespective of the means used to collect the personal data at the moment of check-in, in accordance with Article 4.
2023/09/06
Committee: LIBE
Amendment 206 #
Proposal for a regulation
Article 7 c (new)
Article7c Fundamental Rights 1. Collection and processing of personal data in accordance with this Regulation and Regulation (EU) [API border management] by air carriers and competent authorities shall not result in discrimination against persons on the grounds of sex and gender, race, colour, ethnic or social origin, genetic features, language, religion or belief, political or any other opinion, membership of a national minority, property, birth, disability, age or sexual orientation. 2. This Regulation shall fully respect human dignity and the fundamental rights and principles recognised by the Charter of Fundamental Rights of the European Union, including the right to respect for one’s private life, to the protection of personal data and to freedom of movement. 3. Particular attention shall be paid to children, the elderly, persons with a disability and vulnerable persons. The best interests of the child shall be a primary consideration when implementing this Regulation.
2023/09/06
Committee: LIBE
Amendment 207 #
Proposal for a regulation
Article 8 – paragraph 1
1. PIUs and air carriers shall ensure the security of the API data, in particular API data constituting personal data, that they process pursuant to this Regulation.
2023/09/06
Committee: LIBE
Amendment 209 #
2. PIUs and air carriers shall cooperate, in accordance with their respective responsibilities and in compliance with Union law, with each other and with eu- LISA to ensure such security.
2023/09/06
Committee: LIBE
Amendment 210 #
Proposal for a regulation
Article 8 – paragraph 2 a (new)
2a. eu-LISA shall ensure the security of the API data, in particular API data constituting personal data, that it processes pursuant to this Regulation. The competent border authorities and the air carriers shall ensure the security of the API data, in particular API data constituting personal data, that they process pursuant to this Regulation. eu- LISA, the competent border authorities and the air carriers shall cooperate, in accordance with their respective responsibilities and in compliance with Union law, with each other to ensure such security.
2023/09/06
Committee: LIBE
Amendment 211 #
Proposal for a regulation
Article 8 – paragraph 2 b (new)
2b. In particular, eu-LISA shall take the necessary measures to ensure the security of the router and the API data, in particular API data constituting personal data, transmitted through the router, including by establishing, implementing and regularly updating a security plan, a business continuity plan and a disaster recovery plan, in order to: (a) physically protect the router, including by making contingency plans for the protection of critical components thereof; (b) prevent any unauthorised processing of the API data, including any unauthorised access thereto and copying, modification or deletion thereof, both during the transfer of the API data to and from the router and during any storage of the API data on the router where necessary to complete the transmission, in particular by means of appropriate encryption techniques; (c) ensure that it is possible to verify and establish to which competent border authorities or PIUs the API data is transmitted through the router; (d) properly report to its Management Board any faults in the functioning of the router; (e) monitor the effectiveness of the security measures required under this Article and under Regulation (EU) 2018/1725, and assess and update those security measures where necessary in the light of technological or operational developments. The measures referred to in the first subparagraph of this paragraph shall not affect Article 33 of Regulation (EU) 2018/1725 and Article 32 of Regulation (EU) 2016/679.
2023/09/06
Committee: LIBE
Amendment 213 #
Proposal for a regulation
Article 9 a (new)
Article9a Personal data protection audits 1. The competent national data protection authorities referred to in Article 41 of Directive 2016/680 shall ensure that an audit of processing operations of API data constituting personal data performed by the PIUs for the purposes of this Regulation is carried out, in accordance with relevant international auditing standards, at least once every two years. 2. The European Data Protection Supervisor shall ensure that an audit of processing operations of API data constituting personal data performed by eu-LISA for the purposes of this Regulation is carried out in accordance with relevant international auditing standards at least once every year. A report of that audit shall be sent to the European Parliament, to the Council, to the Commission, to the Member States and to eu-LISA. eu-LISA shall be given an opportunity to make comments before the reports are adopted. 3. In relation to the processing operations referred to in paragraph 2, upon request, eu-LISA shall supply information requested by the European Data Protection Supervisor, shall grant the European Data Protection Supervisor access to all the documents it requests and to the logs referred to in Article 6, and shall allow the European Data Protection Supervisor access to all eu-LISA’s premises at any time.
2023/09/06
Committee: LIBE
Amendment 217 #
Proposal for a regulation
Article 11 a (new)
Article11a eu-LISA’s tasks relating to the design and development of the router 1. eu-LISA shall be responsible for the design of the physical architecture of the router, including defining the technical specifications. 2. eu-LISA shall be responsible for the development of the router, including for any technical adaptations necessary for the operation of the router. The development of the router shall consist of the elaboration and implementation of the technical specifications, testing and overall project management and coordination of the development phase. 3. eu-LISA shall ensure that the router is designed and developed in such a manner that the router provides the functionalities specified in this Regulation, and that the router starts operations as soon as possible after the adoption by the Commission of the delegated acts provided for in 4(5) and (9), Article 5(3), Article 10(2), Article 11(2). 4. Where eu-LISA considers that the development phase has been completed, it shall, without undue delay, conduct a comprehensive test of the router, in cooperation with the competent border authorities, PIUs and other relevant Member States’ authorities and air carriers and inform the Commission of the outcome of that test.
2023/09/06
Committee: LIBE
Amendment 219 #
Proposal for a regulation
Article 11 b (new)
Article11b eu-LISA’s tasks relating to the hosting and technical management of the router 1. eu-LISA shall host the router in its technical sites. 2. eu-LISA shall be responsible for the technical management of the router, including its maintenance and technical developments, in such a manner as to ensure that the API data are securely, effectively and swiftly transmitted through the router, in compliance with this Regulation . The technical management of the router shall consist of carrying out all the tasks and enacting all technical solutions necessary for the proper functioning of the router in accordance with this Regulation, in an uninterrupted manner, 24 hours a day, 7 days a week. It shall include the maintenance work and technical developments necessary to ensure that the router functions at a satisfactory level of technical quality, in particular as regards availability, accuracy and reliability of the transmission of API data, in accordance with the technical specifications and, as much as possible, in line with the operational needs of the competent border authorities, PIUs and air carriers. 3. eu-LISA shall not have access to any of the API data that is transmited through the router. However, that prohibition shall not preclude eu-LISA from having such access insofar as strictly necessary for the maintenance of the router. 4. Without prejudice to paragraph 3 of this Article and to Article 17 of Council Regulation (EEC, Euratom, ECSC) No 259/681a, eu-LISA shall apply appropriate rules of professional secrecy or other equivalent duties of confidentiality to its staff required to work with API data transmitted through the router. This obligation shall also apply after such staff leave office or employment or after the termination of their activities. _________________ 1a Regulation (EEC, Euratom, ECSC) No 259/68 of the Council of 29 February 1968 laying down the Staff Regulations of Officials and the Conditions of Employment of Other Servants of the European Communities and instituting special measures temporarily applicable to officials of the Commission (OJ L 56, 4.3.1968, p. 1).
2023/09/06
Committee: LIBE
Amendment 220 #
Proposal for a regulation
Article 11 c (new)
Article11c eu-LISA’s support tasks relating to the router 1. eu-LISA shall, upon their request, provide training to competent border authorities, PIUs and other relevant Member States’ authorities and air carriers on the technical use of the router. 2. eu-LISA shall provide support to the competent border authorities and PIUs regarding the reception of API data through the router pursuant to this Regulation, in particular as regards the application of Articles 5 and 10 of this Regulation
2023/09/06
Committee: LIBE
Amendment 221 #
Proposal for a regulation
Article 12 – title
Costs of eu-LISA and of Member States’ costs
2023/09/06
Committee: LIBE
Amendment 222 #
Proposal for a regulation
Article 12 – paragraph 1 – subparagraph 1
Costs incurred by eu-LISA and the Member States in relation to their connections to and integration with the router referred to in Article 10 shall be borne by the general budget of the Union.
2023/09/06
Committee: LIBE
Amendment 226 #
Proposal for a regulation
Article 14 a (new)
Article14a Start of operations of the router The Commission shall determine, without undue delay, the date from which the router starts operations by means of an implementing act once eu-LISA has informed the Commission of the successful completion of the comprehensive test of the router referred to in Article 11a(new)(4). That implementing act shall be adopted in accordance with the examination procedure referred to in Article 18a(new)(2). The Commission shall set the date referred to in the first subparagraph to be no later than 30 days from the date of the adoption of that implementing act.
2023/09/06
Committee: LIBE
Amendment 227 #
Proposal for a regulation
Article 14 b (new)
Article14b Voluntary use of the router in application of Directive 2004/82/EC 1. Air carriers shall be entitled to use the router to transmit the information referred to in Article 3(1) of Directive 2004/82/EC to one or more of the responsible authorities referred to therein, in accordance with that Directive, provided that the responsible authority concerned has agreed with such use, from an appropriate date set by that authority. That authority shall only agree after having established that, in particular as regards both its own connection to the router and that of the air carrier concerned, the information can be transmitted in a lawful, secure, effective and swift manner. 2. Where an air carrier starts using the router in accordance with paragraph 1, it shall continue using the router to transmit such information to the responsible authority concerned until the date of application of this Regulation referred to in Article 39, second subparagraph. However, that use shall be discontinued, from an appropriate date set by that authority, where that authority considers that there are objective reasons that require such discontinuation and has informed the air carrier accordingly. 3. The responsible authority concerned shall: (a) consult eu-LISA before agreeing with the voluntary use of the router in accordance with paragraph 1; (b) except in situations of duly justified urgency, afford the air carrier concerned an opportunity to comment on its intention to discontinue such use in accordance with paragraph 2 and, where relevant, also consult eu-LISA thereon; (c) immediately inform eu-LISA and the Commission of any such use to which it agreed and any discontinuation of such use, providing all necessary information, including the date of the start of the use, the date of the discontinuation and the reasons for the discontinuation, as applicable.
2023/09/06
Committee: LIBE
Amendment 228 #
Proposal for a regulation
Article 14 c (new)
Article14c Use of the router for PNR data The provisions of Chapters 3 and 4 shall apply mutatis mutandis to the mandatory transfer and transmission of PNR data through the router.
2023/09/06
Committee: LIBE
Amendment 232 #
Proposal for a regulation
Article 16 a (new)
Article16a Statistics 1. To support the implementation and supervision of this Regulation, and based on the statistical information referred to in paragraph 5 of this Article and the information referred to in Article 5e(new)(b), eu-LISA shall publish statistics every quarter on the functioning of the router and on compliance by air carriers. The stastistics shall show, in particular, the number of flights for which the router transmitted API and PNR data to the PIUs, indicating the number of intra-EU flights. The statistics shall also show the number of flights for which the air carriers did not transfer API or PNR data, and the number of the travellers who boarded the aircraft with inaccurate, incomplete or no longer up- to-date API or PNR data. 2. For the purposes set out in paragraph 1, the router shall automatically transmit the data listed in paragraph 5 to the central repository for reporting and statistics established in Article 39 of Regulation (EU) 2019/817 without the data allowing for the identification of the travellers concerned. This automated transmission shall take place after the immediate deletion of the API and PNR data of those intra-EU flights that have not been selected by a Member State in accordance with Article 5e(new)(b). No data collected on those non-selected intra- EU flights shall be transmitted to the central repository for reporting and statistics. 3. At the end of each year, to support the implementation and supervision of this Regulation, eu-LISA shall compile statistical data in an annual report for that year. It shall publish that annual report and transmit it to the European Parliament, the Council, the Commission, the European Data Protection Supervisor, and the national supervisory authorities referred to in Article 29. 4. At the request of the Commission, eu- LISA shall provide it with statistics on specific aspects related to the implementation of this Regulation as well as the statistics pursuant to paragraph 3. 5. The central repository for reporting and statistics shall provide eu-LISA with the statistical information necessary for the reporting referred to in Article 38 and for generating statistics in accordance with the present Article, based on the following data element, and without such statistical information allowing for the identification of the travellers concerned: (a) whether the traveller is passenger or a crew member; (b) the date and initial point of embarkation, and the date and point of arrival; (c) the number of travellers checked-in on the same flight; (d) whether the flight is a scheduled or a non-scheduled flight; (e) whether the personal data of the traveller is accurate, complete and up-to- date. 6. For the the purposes of the reporting referred to in Article 38 and for generating statistics in accordance with the present Article, the central repository for reporting and statistics shall store for a period of three years the data listed in paragraph 5 that it received automatically from the router in accordance with paragraph 2, without the data allowing for the identification of the travellers concerned. 7. The procedures put in place by eu- LISA to monitor the development and the functioning of the router referred to in Article 39(1) of Regulation (EU) 2019/817 shall include the possibility to produce regular statistics to ensure that monitoring. 8. The use of statistical data referred to in this Article for risk analysis, profiling or predictive risk assessment shall be prohibited.
2023/09/06
Committee: LIBE
Amendment 237 #
Proposal for a regulation
Article 18 a (new)
Article18a Committee procedure 1. The Commission shall be assisted by a committee. That committee shall be a committee within the meaning of Regulation (EU) No 182/2011. 2. Where reference is made to this paragraph, Article 5 of Regulation (EU) No 182/2011 shall apply. Where the committee delivers no opinion, the Commission shall not adopt the draft implementing act and Article 5(4), the third subparagraph, of Regulation (EU) No 182/2011 shall apply.
2023/09/06
Committee: LIBE
Amendment 240 #
Proposal for a regulation
Article 20 – paragraph -1 (new)
-1. eu-LISA shall ensure that procedures are in place to monitor the development of the router in light of objectives relating to planning and costs, and to monitor the functioning of the router in light of objectives relating to the technical output, cost-effectiveness, security and quality of service.
2023/09/06
Committee: LIBE
Amendment 241 #
Proposal for a regulation
Article 20 – paragraph -1 a (new)
-1a. By [one year after the date of entry into force of this Regulation] and every year thereafter during the development phase of the router, eu-LISA shall produce a report, and submit it to the European Parliament and to the Council on the state of play of the development of the router. That report shall contain detailed information about the costs incurred and about any risks which may impact the overall costs to be borne by the general budget of the Union in accordance with Article 12.
2023/09/06
Committee: LIBE
Amendment 242 #
Proposal for a regulation
Article 20 – paragraph -1 b (new)
-1b. Once the router starts operations, eu-LISA shall produce a report and submit it to the European Parliament and to the Council explaining in detail how the objectives, in particular relating to planning and costs, were achieved as well as justifying any divergences.
2023/09/06
Committee: LIBE
Amendment 247 #
Proposal for a regulation
Article 21 – paragraph 2
It shall apply from two years from the date at which the router starts operations, specified by the Commission in accordance with Article 27 of Regulation (EU) [API border management]14a(new).
2023/09/06
Committee: LIBE
Amendment 248 #
However, Article 4(5) and (9), Article 5(3), Article 10(2), Article 11(2), Article 18a(new) and Article 19 shall apply from [Date of entry into force of this Regulation].
2023/09/06
Committee: LIBE