175 Amendments of Cornelia ERNST related to 2017/0351(COD)
Amendment 195 #
Proposal for a regulation
–
–
The European Parliament rejects the Commission proposal.
Amendment 196 #
Proposal for a regulation
Title 1
Title 1
Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on establishing a framework for interoperabilconnectivity between EU information systems (borders and visa) and amending Council Decision 2004/512/EC, Regulation (EC) No 767/2008, Council Decision 2008/633/JHA, Regulation (EU) 2016/399 and Regulation (EU) 2017/2226 {SWD(2017) 473} {SWD(2017) 474} (The change from ‘interoperability’ to ‘interconnectivity’ applies throughout the text. Adopting it will necessitate corresponding changes throughout.)
Amendment 203 #
Proposal for a regulation
Recital 9
Recital 9
(9) With a view to improve the management of the external borders, to contribute to preventing and combating irregular migration and to contribute to a high level of security within the area of freedom, security and justice of the Union, including the maintenance of public security and public policy and safeguarding the security in the territories of the Member States, interoperabilityinteraction between EU information systems, namely [the Entry/Exit System (EES)], the Visa Information System (VIS), [the European Travel Information and Authorisation System (ETIAS)], Eurodac, the Schengen Information System (SIS), and the [European Criminal Records Information System for third-country nationals (ECRIS-TCN)] should be established in order for these EU information systems and their data to supplement each other. To achieve this, a European search portal (ESP), a shared biometric matching service (shared BMS), a common identity repository (CIR) and a multiple-identity detector (MID) should be established as interoperability components. should be established maintaining all the requirements of the existing legal instruments, namely access rights and purpose limitation. (The deletion of references to EURODAC and ECRIS-TCN applies throughout the text. Adopting it will necessitate corresponding changes throughout.)
Amendment 206 #
Proposal for a regulation
Recital 10
Recital 10
(10) The interoperabilconnectivity between the EU information systems should allow said systems to supplementcrosscheck each other in order to facilitate the correct identification of persons, contribute to fighting identity fraud, improve and harmonise data quality requirements of the respective EU information systems, facilitate the technical and operational implementation by Member States of existing and future EU information systems, strengthen and simplify the data security and data protection safeguards that govern the respective EU information systems, streamline the law enforcement access to the EES, the VIS, the [ETIAS] and Eurodac, and support the purposes of the EES, the VIS, the [ETIAS], Eurodac, the SIS and the [ECRIS-TCN system].
Amendment 210 #
Proposal for a regulation
Recital 11
Recital 11
(11) The interoperabilconnectivity components should cover the EES, the VIS, the [ETIAS], Eurodac, the SIS, and the [ECRIS-TCN system]. They should also cover the Europol data to the extent of enabling it to be queried simultaneously with these EU information systems and the SIS.
Amendment 212 #
Proposal for a regulation
Recital 12
Recital 12
Amendment 216 #
Proposal for a regulation
Recital 13
Recital 13
(13) The European search portal (ESP) should be established to facilitate technically the ability of Member State authorities and EU bodies to have fast, seamless, efficient, systematic and controlled access to the relevant EU information systems, the Europol data and the Interpol databases needed to perform their tasks,always in accordance with their access rights, and to support the objectives of the EES, the VIS, the [ETIAS], Eurodac, the SIS, the [ECRIS-TCN system] and the Europol data. Enabling the simultaneous querying of all relevant EU information systems in parallel, as well as of the Europol data and the Interpol databasepurpose limitations. Enabling the simultaneous querying of all relevant EU information systems in parallel, in full respect of the access control and data protection requirements of the underlying systems, the ESP should act as a single window or ‘message broker’ to search various central systems and retrieve the necessary information seamlessly and in full respect of the access control and data protection requirements of the underlying systems.
Amendment 219 #
Proposal for a regulation
Recital 14
Recital 14
Amendment 220 #
Proposal for a regulation
Recital 15
Recital 15
(15) The European search portal (ESP) should be developed and configured in such a way that it fully respects purpose and access limitations and, additionally, does not allow the use of fields of data for the query that are not related to persons or travel documents or that are not present in an EU information system, in the Europol data or in the Interpol database.
Amendment 221 #
Proposal for a regulation
Recital 16
Recital 16
(16) To ensure fast and systematic use of all relevant EU information systems, the European search portal (ESP) should be used to query the common identity repository, the EES, the VIS, [the ETIAS], Eurodac and [the ECRIS-TCN system]. However, the national connection to the different relevant EU information systems should remain in order to provide a technical fall back. The ESP should also be used by Union bodies to query the Central SIS in accordance with their access rights and in order to perform their tasks. The ESP should be an additional means to query the Central SIS, the Europol data and the Interpol systems, complementing the existing dedicated interfaces.
Amendment 224 #
Proposal for a regulation
Recital 17
Recital 17
Amendment 225 #
Proposal for a regulation
Recital 17
Recital 17
(17) Biometric data, such as fingerprints and facial images, are unique and therefore much more reliable than alphanumeric data for identifying a person. The shared biometric matching service (shared BMS) should be a technical tool to reinforce and facilitate the work of the relevant EU information systems and the other interoperability components. The main purpose of the shared BMS should be to facilitate the identification of an individual who may be registered in different databases, by matching their biometric data across different systems and by relying on one unique technological component instead of five different ones in each of the underlying systems. The shared BMS should contribute to security, as well as financial, maintenance and operational benefits by relying on one unique technological component instead of different ones in each of the underlying systems. All automated fingerprint identification systems, including those currently used for Eurodac, the VIS and the SIS, use biometric templates comprised of data derived from a feature extraction of actual biometric samples. The shared BMS should regroup and store all these biometric templates in one single location, facilitating cross-system comparisons using biometric data and enabling economies of scale in developing and maintaining the EU central systems.
Amendment 230 #
Proposal for a regulation
Recital 18
Recital 18
(18) Biometric data and biometric templates constitute sensitive personal data. This regulation should lay down the basis for and the safeguards for processing of such data and templates for the purpose of uniquely identifying the persons concerned.
Amendment 231 #
Proposal for a regulation
Recital 19
Recital 19
(19) The systems established by Regulation (EU) 2017/2226 of the European Parliament and of the Council57 ,and Regulation (EC) No 767/2008 of the European Parliament and of the Council58 , [the ETIAS Regulation] for the management of the borders of the Union, the system established by [the Eurodac Regulation] to identify the applicants for international protection and combat irregular migration, and the system established by [the ECRIS-TCN system Regulation] require in order to be effective to rely on the accurate identification of the third- country nationals whose personal data are stored therein. _________________ 57 Regulation (EU) 2017/2226 of the European Parliament and of the Council of 30 November 2017 establishing an Entry/Exit System (EES) to register entry and exit data and refusal of entry data of third-country nationals crossing the external borders of the Member States and determining the conditions for access to the EES for law enforcement purposes, and amending the Convention implementing the Schengen Agreement and Regulations (EC) No 767/2008 and (EU) No 1077/2011 (EES Regulation) (OJ L 327, 9.12.2017, p. 20–82). 58 Regulation (EC) No 767/2008 of the European Parliament and of the Council of 9 July 2008 concerning the Visa Information System (VIS) and the exchange of data between Member States on short-stay visas (VIS Regulation) (OJ L 218, 13.8.2008, p. 60).
Amendment 235 #
Proposal for a regulation
Recital 20
Recital 20
Amendment 236 #
Proposal for a regulation
Recital 21
Recital 21
(21) Personal data stored in these EU information systems may relate to the same persons but under different or incomplete identities. Member States dispose of efficient ways to identify their citizens or registered permanent residents in their territory, but the same is not true for third-country nationals. The interoperability between EU information systems should contribute to the correct identification of third-country nationals. The common identity repository (CIR) should store the personal data concerning third-country nationals present in the systems that are necessary to enable the more accurate identification of those individuals, therefore including their identity, travel document and biometric data, regardless of the system in which the data was originally collected. Only the personal data strictly necessary to perform an accurate identity check should be stored in the CIR. The personal data recorded in the CIR should be kept for no longer than is strictly necessary for the purposes of the underlying systems and should be automatically deleted when the data is deleted in the underlying systems in accordance with their logical separation.
Amendment 240 #
Proposal for a regulation
Recital 22
Recital 22
Amendment 243 #
Proposal for a regulation
Recital 23
Recital 23
Amendment 248 #
Proposal for a regulation
Recital 24
Recital 24
Amendment 252 #
Proposal for a regulation
Recital 25
Recital 25
Amendment 254 #
Proposal for a regulation
Recital 26
Recital 26
Amendment 256 #
Proposal for a regulation
Recital 27
Recital 27
Amendment 262 #
Amendment 267 #
Proposal for a regulation
Recital 29
Recital 29
Amendment 274 #
Proposal for a regulation
Recital 31
Recital 31
(31) Full access to the necessary data contained in the EU information systems necessary for the purposes of preventing, detecting and investigating terrorist offences or other serious criminal offences, beyond the relevant identity data covered under common identity repository (CIR) obtained using biometric data of that person taken during an identity check, should continue to be governed by the provisions in the respective legal instruments. The designated law enforcement authorities and Europol do not know in advance which of the EU information systems contains data of the persons they need to inquire upon. This results in delays and inefficiencies in the conduct of their tasks. The end-user authorised by the designated authority should therefore be allowed to see in which of the EU information systems the data corresponding to the query introduced are recorded. The concerned system would thus be flagged following the automated verification of the presence of a hit in the system (a so-called hit-flag functionality).
Amendment 278 #
Proposal for a regulation
Recital 32
Recital 32
(32) The logs of the all queries of the common identity repository should indicate the purpose of the query. Where such a query was performed using the two- step data consultation approach, the logs should include a reference to the national file of the investigation or case, therefore indicating that such query was launched for the purposes of preventing, detecting and investigating terrorist offences or other serious criminal offences.
Amendment 282 #
Proposal for a regulation
Recital 33
Recital 33
(33) The query of the common identity repository (CIR) by Member State designated authorities and Europol in order to obtain a hit-flag type of response indicating the data is recorded in the EES, the VIS, or [the ETIAS] or Eurodac requires automated processing of personal data. A hit-flag would not reveal personal data of the concerned individual other thanin the form of an indication that some of his or her data are stored in one of the systems if the end-user has access rights to the database/system that these data are stored in. No adverse decision for the concerned individual should be made by the authorised end-user solely on the basis of the simple occurrence of a hit-flag. Access by the end-user of a hit-flag would therefore realise a very limited interference with the right to protection of personal data of the concerned individual, while it would be necessary to allow the designated authority and Europol to address its request for access for personal data more effectively directly to the system that was flagged as containing it while respecting purpose limitation and access rights .
Amendment 284 #
Proposal for a regulation
Recital 34
Recital 34
Amendment 288 #
Proposal for a regulation
Recital 35
Recital 35
Amendment 291 #
Proposal for a regulation
Recital 36
Recital 36
(36) The possibility to achieve the objectives of the EU information systems is undermined by the current inabilidifficulty for the authorities using these systems to conduct sufficiently reliable verifications of the identities of the third-country nationals whose data are stored in different systems. That inabilidifficulty is determined by the fact that the set of identity data stored in a given individual system may be fraudulent, incorrect, or incomplete, and that there is currently no possibility to detect such fraudulent, incorrect or incomplete identity data by way of comparison with data stored in another system. To remedy this situation it is necessary to have a technical instrument at Union level allowing accurate identification of third-country nationals for these purposes.
Amendment 293 #
Proposal for a regulation
Recital 37
Recital 37
Amendment 295 #
Proposal for a regulation
Recital 38
Recital 38
(38) This Regulation provides for new data processing operations aimed at identifying the persons concerned correctly. This constitutes an interference with their fundamental rights as protected by Articles 7 and 8 of the Charter of Fundamental Rights. Since the effective implementation of the EU information systems is dependent upon correct identification of the individuals concerned, such interference is justified by the same objectives for which each of those systems have been established, the effective management of the Union’s borders, the internal security of the Union, the effective implementation of the Union’s asylum and visa policies and the fight against irregular migration.
Amendment 298 #
Proposal for a regulation
Recital 39
Recital 39
Amendment 300 #
Proposal for a regulation
Recital 40
Recital 40
Amendment 303 #
Proposal for a regulation
Recital 41
Recital 41
Amendment 310 #
Proposal for a regulation
Recital 43
Recital 43
(43) For the links obtained in relation to the Schengen Information System (SIS) related to the alerts in respect of persons wanted for arrest or for surrender or extradition purposes, on missing or vulnerable persons, on persons sought to assist with a judicial procedure, on persons for discreet checks or specific checks or on unknown wanted persons, the authority responsible for the verification of multiple identities should be the SIRENE Bureau of the Member State that created the alert. Indeed those categories of SIS alerts are sensitive and should not necessarily be shared with the authorities creating or updating the data in one of the other EU information systems. The creation of a link with SIS data should be without prejudice to the actions to be taken in accordance with the [SIS Regulations]. A link should only be created for types of alerts relating to serious criminal offences as defined in Article 4 (25) and (26) of the current Regulation and cannot be created for types of alerts that concern EU or dual citizens.
Amendment 312 #
Proposal for a regulation
Recital 44
Recital 44
(44) eu-LISA should establish automated data quality control mechanisms and common data quality indicators. eu- LISA should be responsible to develop a central monitoring capacity for data quality and to produce regular data analysis reports to improve the control of implementation and application by Member States of EU information systems. The common quality indicators should include the minimum quality standards to store data in the EU information systems or the interoperability components. The goal of such a data quality standards should be for the EU information systems and interoperability components to automatically identify apparently incorrect or inconsistent data submissions so that the originating Member State is able to verify the data and carry out any necessary remedial actions.
Amendment 314 #
Proposal for a regulation
Recital 45
Recital 45
(45) The Commission should evaluate eu-LISA quality reports and should issue recommendations to Member States where appropriate. Member States should be responsible for preparing an action plan describing actions to remedy any deficiencies in data quality and fundamental rights and should report on its progress regularly.
Amendment 317 #
Proposal for a regulation
Recital 47
Recital 47
Amendment 322 #
Proposal for a regulation
Recital 51
Recital 51
(51) The national supervisory authorities established in accordance with [Regulation (EU) 2016/679] or Directive (EU) 2016/680 should monitor the lawfulness of the processing of personal data by the Member States, whilst the European Data Protection Supervisor as established by Regulation (EC) No 45/2001 should monitor the activities of the Union institutions and bodies in relation to the processing of personal data. The European Data Protection Supervisor and the supervisory authorities should cooperate with each other in the monitoring of the processing of personal data by interoperability components.
Amendment 325 #
Proposal for a regulation
Recital 56
Recital 56
Amendment 330 #
Proposal for a regulation
Recital 58
Recital 58
Amendment 332 #
Proposal for a regulation
Recital 59
Recital 59
Amendment 335 #
Proposal for a regulation
Recital 60
Recital 60
(60) To support the purposes of statistics and reporting on possible negative impact on fundamental rights, it is necessary to grant access to authorised staff of the competent authorities, institutions and bodies identified in this Regulation to consult certain data related to certain interoperability components without enabling individual identification.
Amendment 337 #
Proposal for a regulation
Recital 61
Recital 61
(61) In order to allow competent authorities and the EU bodies to adapt to the new requirements on the use of the European search portal (ESP), it is necessary to provide for a transitional period. Similarly, in order to allow for the coherent and optimal functioning of the multiple-identity detector (MID), transitional measures should be established for the start of its operations.
Amendment 344 #
Proposal for a regulation
Recital 64
Recital 64
(64) In order to ensure uniform conditions for the implementation of this Regulation, implementing powers should be conferred on the Commission to adopt detailed rules on: automated data quality control mechanisms, procedures and indicators; development of the UMF standard; procedures for determining cases of similarity of identities; the operation of the central repository for reporting and statistics; and cooperation procedure in case of security incidents. Those powers should be exercised in accordance with Regulation (EU) No 182/2011 of the European Parliament and of the Council63 . _________________ 63 Regulation (EU) No 182/2011 of the European Parliament and of the Council of 16 February 2011 laying down the rules and general principles concerning mechanisms for control by the Member States of the Commission’s exercise of implementing powers (OJ L 55, 28.2.2011, p. 13).
Amendment 352 #
Proposal for a regulation
Article 1 – paragraph 1
Article 1 – paragraph 1
1. This Regulation, together with [Regulation 2018/xx on interoperability police and judicial cooperation, asylum and migration], establishes a framework to ensure the interoperability between the Entry/Exit System (EES), the Visa Information System (VIS), [the European Travel Information and Authorisation System (ETIAS)], Eurodac, and the Schengen Information System (SIS), and [the European Criminal Records Information System for third-country nationals (ECRIS-TCN)] in order for those systems and data to supplement each other.
Amendment 357 #
Proposal for a regulation
Article 1 – paragraph 2 – point c
Article 1 – paragraph 2 – point c
Amendment 361 #
Proposal for a regulation
Article 1 – paragraph 2 – point d
Article 1 – paragraph 2 – point d
Amendment 363 #
Proposal for a regulation
Article 1 – paragraph 3
Article 1 – paragraph 3
3. This Regulation also lays down provisions on data quality requirements, and on a Universal Message Format (UMF), on a central repository for reporting and statistics (CRRS) and lays down the responsibilities of the Member States and of the European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice (eu-LISA), with respect to the design and operation of the interoperability components.
Amendment 364 #
Proposal for a regulation
Article 1 – paragraph 3
Article 1 – paragraph 3
3. This Regulation also lays down provisions on data quality requirements, and on a Universal Message Format (UMF), on a central repository for reporting and statistics (CRRS) and lays down the responsibilities of the Member States and of the European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice (eu-LISA), with respect to the design and operation of the interoperability components.
Amendment 371 #
Proposal for a regulation
Article 2 – paragraph 1 – point b
Article 2 – paragraph 1 – point b
Amendment 374 #
Proposal for a regulation
Article 2 – paragraph 1 – point c
Article 2 – paragraph 1 – point c
(c) to contribute to a high level of security within the area of freedom, security and justice of the Union including the maintenance of public security and public policy and safeguarding the security in the territories of the Member States;
Amendment 375 #
Proposal for a regulation
Article 2 – paragraph 1 – point e
Article 2 – paragraph 1 – point e
Amendment 381 #
Proposal for a regulation
Article 2 – paragraph 2 – point a
Article 2 – paragraph 2 – point a
Amendment 384 #
Proposal for a regulation
Article 2 – paragraph 2 – point b
Article 2 – paragraph 2 – point b
Amendment 392 #
Proposal for a regulation
Article 2 – paragraph 2 – point e
Article 2 – paragraph 2 – point e
(e) strengthening and simplifying and making more uniform the data security and data protection conditions that govern the respective EU information systems;
Amendment 393 #
Proposal for a regulation
Article 2 – paragraph 2 – point f
Article 2 – paragraph 2 – point f
Amendment 397 #
Proposal for a regulation
Article 2 – paragraph 2 – point g
Article 2 – paragraph 2 – point g
(g) supporting the purposes of the EES, the VIS, [the ETIAS], Eurodac, the SIS and [the ECRIS-TCN system]SIS.
Amendment 399 #
Proposal for a regulation
Article 3 – paragraph 2
Article 3 – paragraph 2
Amendment 401 #
Proposal for a regulation
Article 3 – paragraph 2 a (new)
Article 3 – paragraph 2 a (new)
2a. This Regulation shall not apply to personal data relating to an identified or identifiable citizen of the EU.
Amendment 402 #
Proposal for a regulation
Article 4 – paragraph 1 – point 7
Article 4 – paragraph 1 – point 7
(7) ‘third-country national’ means a person who is not a citizen of the Union within the meaning of Article 20(1) of the Treaty, or a stateless person not residing in the EU or a person whose nationality is unknown;
Amendment 404 #
Proposal for a regulation
Article 4 – paragraph 1 – point 9
Article 4 – paragraph 1 – point 9
(9) ‘identity data’ means the data referred to in Article 27(3)(a) to (h);: names, nationality, date and place of birth.
Amendment 409 #
Proposal for a regulation
Article 4 – paragraph 1 – point 20
Article 4 – paragraph 1 – point 20
(20) ‘Interpol databases’ means the Interpol Stolen and Lost Travel Document database (SLTD) and the Interpol Travel Documents Associated with Notices database (Interpol TDAWN);
Amendment 414 #
Proposal for a regulation
Article 4 – paragraph 1 – point 35
Article 4 – paragraph 1 – point 35
Amendment 416 #
Proposal for a regulation
Article 4 – paragraph 1 – point 36
Article 4 – paragraph 1 – point 36
Amendment 418 #
Proposal for a regulation
Article 4 – paragraph 1 – point 37
Article 4 – paragraph 1 – point 37
Amendment 428 #
Proposal for a regulation
Article 5 – paragraph 1
Article 5 – paragraph 1
Processing of personal data for the purposes of this Regulation shall not result in discrimination against persons on any grounds such as sex, social, racial or ethnic origin, religion or belief, disability, age or sexual orientation. It shall fully respect human dignity and integrity. Particular attention shall be paid to children, the elderly and persons with a disability.
Amendment 430 #
Proposal for a regulation
Article 5 – paragraph 1 – subparagraph 1 (new)
Article 5 – paragraph 1 – subparagraph 1 (new)
To this end, no biometric data of children, elderly and persons with disabilities shall be processed.
Amendment 435 #
Proposal for a regulation
Article 6 – paragraph 2 – point c
Article 6 – paragraph 2 – point c
(c) a secure communication infrastructure between the ESP and the EES, the VIS, [the ETIAS], Eurodac, the Central- SIS, [the ECRIS-TCN system], the Europol data and the Interpol databases as well as between the ESP and the central infrastructures of the common identity repository (CIR) and the multiple-identity detector.
Amendment 439 #
Proposal for a regulation
Article 7 – paragraph 1
Article 7 – paragraph 1
1. The use of the ESP shall be reserved to the Member State authorities and EU bodies having access to the EES, [the ETIAS], the VIS, the SIS, Eurodac and [the ECRIS-TCN system], to the CIR and the multiple-identity detectorSIS, as well as the Europol data and the Interpol databases in accordance with Union or national law governing such access.
Amendment 444 #
Proposal for a regulation
Article 7 – paragraph 2
Article 7 – paragraph 2
2. The authorities referred to in paragraph 1 shall use the ESP to search data related to persons or their travel documents in the central systems of the EES, the VIS and [the ETIAS] in accordance with their access rights under Union and national law. They shall also use the ESP to query the CIR in accordance with their access rights under this Regulation for the purposes referred to in Articles 20, 21 and 22.
Amendment 452 #
Proposal for a regulation
Article 8 – paragraph 1 – point a a (new)
Article 8 – paragraph 1 – point a a (new)
(aa) the purpose for which the EU information systems, the Europol data and the Interpol databases may be accessed;
Amendment 458 #
Proposal for a regulation
Article 9 – paragraph 1
Article 9 – paragraph 1
1. The users of the ESP shall launch a query by introducing data in the ESP in accordance with their user profile and access rights. Where a query has been launched, the ESP shall query simultaneously, with the data introduced by the user of the ESP, the EES, [the ETIAS], the VIS, the SIS, Eurodac, [the ECRIS-TCN system] and the CIR as well as the Europol data and the Interpol databases.
Amendment 464 #
Proposal for a regulation
Article 9 – paragraph 4
Article 9 – paragraph 4
4. The EES, [the ETIAS], the VIS, the SIS, Eurodac, [the ECRIS-TCN system], the CIR and the multiple-identity detector, as well as the Europol data and the Interpol databases, shall provide the data that they contain resulting from the query of the ESP.
Amendment 473 #
Proposal for a regulation
Article 10 – paragraph 1 – introductory part
Article 10 – paragraph 1 – introductory part
1. Without prejudice to [Article 46 of the EES Regulation], Article 34 of Regulation (EC) No 767/2008, [Article 59 of the ETIAS proposal] and Articles 12 and 18 of the Regulation on SIS in the field of border checks, eu-LISA shall keep logs of all data processing operations within the ESP. Those logs shall include, in all cases and in particular, the following:
Amendment 475 #
Proposal for a regulation
Article 10 – paragraph 1 – point b a (new)
Article 10 – paragraph 1 – point b a (new)
(ba) the exact purpose of the query;
Amendment 477 #
Proposal for a regulation
Article 10 – paragraph 1 – point d
Article 10 – paragraph 1 – point d
(d) in accordance with national rules or when applicable, Regulation (EU) 45/2001, the identifying mark of the person who carried out the query.., the name of the authority which requested the query and of the official who ordered it;
Amendment 480 #
Proposal for a regulation
Article 10 – paragraph 2
Article 10 – paragraph 2
2. The logs may be used only for data protection monitoring, including checking the admissibility of a query and the lawfulness of data processing, and for ensuring data security pursuant to Article 42. Those logs shall be protected by appropriate measures against unauthorised access and erased onthree years after their creation, unles datasets they are required for monitoring procedures that have already begunfer to have been deleted.
Amendment 495 #
Proposal for a regulation
Article 12 – paragraph 1
Article 12 – paragraph 1
1. A shared biometric matching service (shared BMS) storing biometric templates and enabling querying with biometric data across severalrelevant EU information systems is established for the purposes of supporting the CIR and the multiple-identity detector and the objectives of the EES, the VIS, Eurodac, the SIS and [the ECRIS-TCN system].
Amendment 499 #
Proposal for a regulation
Article 12 – paragraph 2 – point a
Article 12 – paragraph 2 – point a
(a) a central infrastructure, including a search engine and the storage ofsearch engine in order to query the relevant EU databases with the data referred to in Article 13;
Amendment 504 #
Proposal for a regulation
Article 12 – paragraph 2 – point b
Article 12 – paragraph 2 – point b
(b) a secure communication infrastructure between the shared BMS, and the Central-SIS and the CIR.
Amendment 509 #
Proposal for a regulation
Article 13 – paragraph 1 – point c
Article 13 – paragraph 1 – point c
(c) [the datafingerprints referred to in Article 20(2)(w) and (x) of the Regulation on SIS in the field of border checks;
Amendment 513 #
Proposal for a regulation
Article 13 – paragraph 1 – point d
Article 13 – paragraph 1 – point d
(d) the data referred to in Article 20(3)(w) and (x) of the Regulation on SIS in the field of law enforcement;
Amendment 514 #
Proposal for a regulation
Article 13 – paragraph 1 – point e
Article 13 – paragraph 1 – point e
(e) the datafingerprints referred to in Article 4(3)(t) and (u) of the Regulation on SIS in the field of illegal return];
Amendment 518 #
Proposal for a regulation
Article 13 – paragraph 2
Article 13 – paragraph 2
2. The shared BMS shall include in each biometric template a reference to the information systems in which the corresponding biometric data is stored. In all cases, in full respect of purpose limitation, the officer launching a query in the BMS shall only be able to see the references to those information system that he or she is authorised to access.
Amendment 522 #
Proposal for a regulation
Article 14
Article 14
Amendment 528 #
Proposal for a regulation
Article 15 – paragraph 1
Article 15 – paragraph 1
The data referred to in Article 13 shall be stored in the shared BMS for as long as the corresponding biometric data is stored in the CIR or the SISSIS and automatically deleted when the data retention time, as regulated in the individual IT system, expires.
Amendment 533 #
Proposal for a regulation
Article 16 – paragraph 1 – point c a (new)
Article 16 – paragraph 1 – point c a (new)
(ca) the exact purpose of the query;
Amendment 534 #
Proposal for a regulation
Article 16 – paragraph 1 – point g
Article 16 – paragraph 1 – point g
(g) in accordance with national rules or, when applicable, Regulation (EU) 45/2001, the identifying mark of the person who carried out the query. and the name of the authority which requested the query and of the official who ordered it;
Amendment 539 #
Proposal for a regulation
Article 16 – paragraph 2
Article 16 – paragraph 2
2. The logs may be used only for data protection monitoring and monitoring the impact on fundamental rights, including checking the admissibility of a query and the lawfulness of data processing, and for ensuring data security pursuant to Article 42. Those logs shall be protected by appropriate measures against unauthorised access and erased one year after their creation, unless they are required for monitoring procedures that have already begun. The logs referred to in paragraph 1(a) shall be erased once the data is erased.
Amendment 541 #
Amendment 547 #
Proposal for a regulation
Article 18
Article 18
Amendment 551 #
Proposal for a regulation
Article 19
Article 19
Adding, amending and deleting data in the common identity repository 1. Where data is added, amended or deleted in the EES, the VIS and [the ETIAS], the data referred to in Article 18 stored in the individual file of the CIR shall be added, amended or deleted accordingly in an automated manner. 2. detector creates a white or red link in accordance with Articles 32 and 33 between the data of two or more of the EU information systems constituting the CIR, instead of creating a new individual file, the CIR shall add the new data to the individual file of the linked data.rticle 19 deleted Where the multiple-identity
Amendment 554 #
Proposal for a regulation
Article 20
Article 20
Amendment 571 #
Proposal for a regulation
Article 21
Article 21
Access to the common identity repository for the detection of multiple identities 1. in a yellow link in accordance with Article 28(4), the authority responsible for the verification of different identities determined in accordance with Article 29 shall have access, solely for the purpose of that verification, to the identity data stored in the CIR belonging to the various information systems connected to a yellow link. 2. in a red link in accordance with Article 32, the authorities referred to in Article 26(2) shall have access, solely for the purposes of fighting identity fraud, to the identity data stored in the CIR belonging to the various information systems connected to a red link.rticle 21 deleted Where a query of the CIR results Where a query of the CIR results
Amendment 576 #
Proposal for a regulation
Article 22
Article 22
Amendment 586 #
Proposal for a regulation
Article 23
Article 23
Amendment 592 #
Proposal for a regulation
Article 24
Article 24
Amendment 603 #
Proposal for a regulation
Article 25
Article 25
Amendment 609 #
Proposal for a regulation
Article 25 – paragraph 3 a (new)
Article 25 – paragraph 3 a (new)
3a. Eu-LISA(and the competent authorities of the Member States) should use appropriate procedures for the profiling, implement technical and organizational measures appropriate to ensure, in particular, that factors which result in inaccuracies in personal data are corrected and the risk of errors is minimized, secure personal data in a manner that takes account of the potential risks involved for the interests and rights of the data subject and that prevents discriminatory effects on natural persons on the basis of social, racial or ethnic origin, political opinion, religion or beliefs, trade union membership, genetic or health status or sexual orientation, or that result in measures having such effect.
Amendment 610 #
Proposal for a regulation
Article 25 – paragraph 3 b (new)
Article 25 – paragraph 3 b (new)
3b. The process of creating links for the purpose of multiple-identity detection constitutes profiling within the meaning of Article 4(4) of Regulation (EU) 2016/679 and Article 3(4) of Directive (EU) 2016/680. Transparency towards the individuals and adequate safeguards, as provided by relevant EU law, in particular Article 22 of Regulation (EU) 2016/679 and Article 11 of Directive (EU) 2016/680 should be therefore guaranteed.
Amendment 611 #
Proposal for a regulation
Article 26
Article 26
Access to the mulrtipcle-identity detector 1. identity verification referred to in Article 29, access to the data referred to in Article 34 stored in the MID shall be granted to: (a) or updating an individual file as provided for in Article 14 of the [EES Regulation]; (b) in Article 6(1) and (2) of Regulation 767/2008 when creating or updating an application file in the VIS in accordance with Article 8 of Regulation (EC) No 767/2008; (c) ETIAS National Units when carrying out the assessment referred to in Articles 20 and 22 of the ETIAS Regulation;] (d) (e) Member State creating a [SIS alert in accordance with the Regulation on SIS in the field of border checks]; (f) 2. bodies having access to at least one EU information system included in the common identity repository or to the SIS shall have access to the data referred to in Article 34(a) and (b) regarding any red links as referred to in Article 32. 26 deleted For the purposes of the manual border authorities when creating competent authorities referred to [the ETIAS Central Unit and the – (not applicable); the SIRENE Bureaux of the – (not applicable). Member State authorities and EU
Amendment 618 #
Proposal for a regulation
Article 27
Article 27
Amendment 632 #
Proposal for a regulation
Article 28
Article 28
Amendment 635 #
Proposal for a regulation
Article 28 – paragraph 5
Article 28 – paragraph 5
5. The Commission shall lay down the procedures to determine the cases where identity data can be considered as identical or similar in implementing acts. Those implementing acts shall be adopted in accordance with the examination procedure referred to indelegated acts. Such delegated acts should be designed in a manner that protects persons with multiple lawful identities against discrimination. Those delegated acts shall be adopted in accordance with Article 64(2)3.
Amendment 636 #
Proposal for a regulation
Article 29
Article 29
Amendment 639 #
Proposal for a regulation
Article 29 – paragraph 1 – subparagraph 1 – point e
Article 29 – paragraph 1 – subparagraph 1 – point e
(e) the SIRENE Bureaux of the Member State for hits that occurred when creating or updating a SIS alert in accordance with the [Regulations on SIS in the field of border checks];
Amendment 644 #
Proposal for a regulation
Article 29 – paragraph 2 – subparagraph 1 (new)
Article 29 – paragraph 2 – subparagraph 1 (new)
The responsible Sirene Bureau is immediately informed when a yellow link has to be manually verified by it.
Amendment 648 #
Proposal for a regulation
Article 29 – paragraph 3
Article 29 – paragraph 3
3. Without prejudice to paragraph 4, the authority responsible for verification of different identities shall have access to the related data contained in the relevant identity confirmation file and to the identity data linked in the common identity repository and, where relevant, in the SIS, and shall assess the different identities and shall update the link in accordance with Articles 31, 32 and 33 and add it to the identity confirmation file without delay, in any case within 24 hours.
Amendment 653 #
Proposal for a regulation
Article 30
Article 30
Amendment 657 #
Proposal for a regulation
Article 31
Article 31
Amendment 661 #
Proposal for a regulation
Article 32
Article 32
Amendment 662 #
Proposal for a regulation
Article 32 – paragraph 1 – point a
Article 32 – paragraph 1 – point a
(a) the linked data shares the same biometric but different identity data and the authority responsible for the verification of different identities concluded it refers unlawfully to the same person who has evidently provided false information with the intent of committing a serious criminal offence;
Amendment 665 #
Proposal for a regulation
Article 32 – paragraph 1 – point b
Article 32 – paragraph 1 – point b
(b) the linked data has similar identity data and the authority responsible for the verification of different identities concluded it refers unlawfully to the same person who has evidently provided false information with the intent of committing a serious criminal offence.
Amendment 670 #
Proposal for a regulation
Article 32 – paragraph 4
Article 32 – paragraph 4
4. Without prejudice to the provisions related to the handling of alerts in the SIS referred to in the [Regulations on SIS in the field of border checks, on SIS in the field of law enforcement and on SIS in the field of illegal return], and without prejudice to limitations necessary to protect security and public order, prevent crime and guarantee that any national investigation will not be jeopardised, in accordance with Article 13 of Directive (EU) 2016/680 and Article 23 of Regulation (EU) 2016/679 and other relevant EU legislation, where a red link is created, the authority responsible for verification of different identities shall inform the person of the presence of multiple unlawful identities.
Amendment 673 #
Proposal for a regulation
Article 32 – paragraph 5 a (new)
Article 32 – paragraph 5 a (new)
5a. A third-country national shall be notified of the existence of a red link as soon as such a notification can no longer jeopardize on-going investigations or proceedings.
Amendment 675 #
Proposal for a regulation
Article 33
Article 33
Amendment 681 #
Proposal for a regulation
Article 34
Article 34
Amendment 683 #
Proposal for a regulation
Article 35
Article 35
Amendment 685 #
Proposal for a regulation
Article 35 – paragraph 1
Article 35 – paragraph 1
The identity confirmation files and its data, including the links, shall be stored in the multiple-identity detector (MID) only for as long as the linked data is stodeleted after their use, except if thered in two or more EU information systemss a green link.
Amendment 687 #
Proposal for a regulation
Article 36
Article 36
Amendment 697 #
Proposal for a regulation
Article 37 – paragraph 3
Article 37 – paragraph 3
3. eu-LISA shall provide regular reports on the automated data quality control mechanisms and procedures and the common data quality indicators to the Member States and the European Data Protection Board. eu-LISA shall also provide a regular report to the Commission covering the issues encountered and the Member States concerned.
Amendment 698 #
Proposal for a regulation
Article 37 – paragraph 4
Article 37 – paragraph 4
4. The details of the automated data quality control mechanisms and procedures and the common data quality indicators and the minimum quality standards to store data in the EES, the [ETIAS], the VIS, the SIS, the shared BMS, the CIR and the MID, in particular regarding biometric data, shall be laid down in implementing acts. Those implementing acts shall be adopted in accordance with the examination procedure referred to in Article 64(2).
Amendment 708 #
Proposal for a regulation
Article 39
Article 39
Amendment 724 #
Proposal for a regulation
Article 40 – paragraph 3 a (new)
Article 40 – paragraph 3 a (new)
3a. eu-LISA shall also be considered to be a controller in relation to all processing under this Regulation. Relevant provisions of Regulation (EC) 45/2001 shall apply.
Amendment 725 #
Proposal for a regulation
Article 41
Article 41
Amendment 734 #
Proposal for a regulation
Article 44 – paragraph 3
Article 44 – paragraph 3
3. Without prejudice to the notification and communication of a personal data breach pursuant to Article 33 of Regulation (EU) 2016/679, Article 30 of Directive (EU) 2016/680, or both, Member States shall notify the Commission, eu- LISA and the European Data Protection Supervisor of security incidents. In the event of a security incident in relation to the central infrastructure of the interoperability components, eu-LISA shall notify the Commission and the European Data Protection Supervisor as well as national supervisory authorities concerned.
Amendment 739 #
Proposal for a regulation
Article 44 – paragraph 3 a (new)
Article 44 – paragraph 3 a (new)
3a. The Commission shall report serious incidents immediately to the European Parliament and the Council. These reports shall be classified as EU RESTRICTED/RESTREINT UE in accordance with applicable security rules.
Amendment 740 #
Proposal for a regulation
Article 44 – paragraph 3 b (new)
Article 44 – paragraph 3 b (new)
3b. Where a security incident is caused by the misuse of data, Member States or the relevant EU Agencies shall ensure that penalties or disciplinary measures are imposed in accordance with Union and national law.
Amendment 744 #
Proposal for a regulation
Article 45 a (new)
Article 45 a (new)
Article 45a Penalties Member States shall take the necessary measures to ensure that any use of data in a manner contrary to this Regulation is punishable by effective, proportionate and dissuasive penalties in accordance with national law, Article 84 of Regulation (EU) 2016/679 and Article 57 of Directive (EU) 2016/680 as well as [relevant Article of new] Regulation 45/2001.
Amendment 750 #
Proposal for a regulation
Article 46 – paragraph 1
Article 46 – paragraph 1
1. Without prejudice to the right of information referred to in Articles 11 and 12 of Regulation (EC) 45/2001 and Articles 13 and 14 of Regulation (EU) 2016/679, as well as Article 13 of Directive (EU) 2016/680, persons whose data are stored in the shared biometric matching service, the common identity repository or the multiple-identity detector shall be informed by the authority collecting their data, at the time their data are collected, about the processing of personal data for the purposes of this Regulation, including about identity and contact details of the respective data controllers, and about the procedures for exercising their rights of access, rectification and erasure, as well as about the contact details of the European Data Protection Supervisor and of the national supervisory authority of the Member State responsible for the collection of the data.
Amendment 752 #
Proposal for a regulation
Article 46 – paragraph 2 – introductory part
Article 46 – paragraph 2 – introductory part
2. Persons whose data is recorded in the EES, the VIS or [the ETIAS] shall be informed about the processing of data for the purposes of this Regulation in accordance with paragraph 1 when:.
Amendment 753 #
Proposal for a regulation
Article 46 – paragraph 2 – point a
Article 46 – paragraph 2 – point a
Amendment 754 #
Proposal for a regulation
Article 46 – paragraph 2 – point b
Article 46 – paragraph 2 – point b
Amendment 755 #
Proposal for a regulation
Article 46 – paragraph 2 – point c
Article 46 – paragraph 2 – point c
Amendment 756 #
Proposal for a regulation
Article 46 – paragraph 2 a (new)
Article 46 – paragraph 2 a (new)
2a. The data subject should also be informed about the relevant retention periods, the automated decision-making and the fact that personal data is not transferred or made available to third countries, international organizations or private parties.
Amendment 757 #
Proposal for a regulation
Article 46 – paragraph 2 b (new)
Article 46 – paragraph 2 b (new)
2b. The information referred to in this Article shall be given in a language that the person understands. The information shall be provided to children in an age-appropriate manner. The provision of the information shall also take into account specific needs of a person concerned.
Amendment 758 #
Article 46a Information Campaign The Commission shall, in cooperation with the supervisory authorities and the European Data Protection Supervisor, accompany the start of operations of each interconnectivity component with an information campaign informing the public and, in particular, third-country nationals, about the objectives and the functioning of those components, the authorities having access and the conditions for such access, and the rights of persons concerned. Such information campaigns shall be conducted continuously.
Amendment 759 #
Proposal for a regulation
Article 47 – title
Article 47 – title
Right of access, correction and erasure to, rectification, completion and erasure of personal data, and of restriction of the processing thereof
Amendment 762 #
Proposal for a regulation
Article 47 – paragraph 1
Article 47 – paragraph 1
1. In order to exercise their rights under Articles 13, 14, 15 and 16 of Regulation (EC) 45/2001 and Articles 15, 16, 17 and 18 of Regulation (EU) 2016/679, any person shall have the right to address him or herself to the Member State responsible for the manual verification of different identities or of any Member State, who shall examine and reply to the requests well as under Articles 14 and 16 of Directive (EU) 2016/689, any person shall have the right to address him or herself to any controller in accordance with Article 40.
Amendment 772 #
Proposal for a regulation
Article 47 – paragraph 3
Article 47 – paragraph 3
3. If a request for correction, restriction of processing or erasure of personal data is made to a Member State other than the Member State responsible, the Member State to which the request has been made shall contact the authorities of the Member State responsible within seven days and the Member State responsible shall check the accuracy of the data and the lawfulness of the data processing within 3021 days of such contact.
Amendment 776 #
Proposal for a regulation
Article 47 – paragraph 4
Article 47 – paragraph 4
4. Where, following an examination, it is found that the data stored in the multiple-identity detector (MID) are factually inaccurate or have been recorded unlawfully, the Member State responsible or, where applicable, the Member State to which the request has been made shall correct or delete these data. The Member State to which the request has been made shall inform the data subject about the correction or deletion without delay.
Amendment 794 #
Proposal for a regulation
Article 48 – paragraph 1
Article 48 – paragraph 1
Personal data stored in or accessed by the interoperability components shall not be transferred or made available to any third country, to any international organisation or to any private party, with the exception of transfers to Interpol for the purpose of carrying out the automated processing referred to in [Article 18(2)(b) and (m) of the ETIAS Regulation] or for the purposes of Article 8(2) of Regulation (EU) 2016/399. Such transfers of personal data to Interpol shall be compliant with the provisions of Article 9 of Regulation (EC) No 45/2001 and Chapter V of Regulation (EU) 2016/679.
Amendment 799 #
Proposal for a regulation
Article 49 – paragraph 1
Article 49 – paragraph 1
1. The supervisory authority or authorities designated pursuant to Article 49 of Regulation (EU) 2016/679 or pursuant to Article 41 of Directive (EU) 2016/680 shall ensure that an audit of the data processing operations by the responsible national authorities is carried out in accordance with relevant international auditing standards at least every four years.
Amendment 802 #
Proposal for a regulation
Article 49 – paragraph 1 a (new)
Article 49 – paragraph 1 a (new)
1 a. Each Member State shall ensure that the supervisory authority or authorities designated pursuant to Article 51 of Regulation (EU) 2016/679 and Article 41 of Directive (EU) 2016/680 shall monitor the lawfulness of the processing of personal data under this Regulation.
Amendment 809 #
Proposal for a regulation
Article 50 – paragraph 1 a (new)
Article 50 – paragraph 1 a (new)
The EDPS should be provided with sufficient resources to fulfil the tasks entrusted to it under this Regulation.
Amendment 810 #
Proposal for a regulation
Article 51 – title
Article 51 – title
Cooperation between national supervisory authorities and the European Data Protection Supervisorand supervision
Amendment 811 #
Proposal for a regulation
Article 51 – paragraph 1
Article 51 – paragraph 1
1. The European Data Protection Supervisor shall act in close cooperation with national supervisory authorities with respect to specific issues requiring national involvement, in particular if the European Data Protection Supervisor or a national supervisory authority finds major discrepancies between practices of Member States or finds potentially unlawful transfers using the communication channels of the interoperability components, or in the context of questions raised by one or more national supervisory authorities on the implementation and interpretation of thisin accordance with Article 61 of Regulation (EU) XXXX/2018 [revised Regulation 45/2001].
Amendment 813 #
Proposal for a regulation
Article 51 – paragraph 2
Article 51 – paragraph 2
2. In the cases referred to in paragraph 1, cCoordinated supervision shall be ensured in accordance with Article 62 of Regulation (EU) XXXX/2018 [revised Regulation 45/2001].
Amendment 818 #
Proposal for a regulation
Article 52 – paragraph 3 – subparagraph 4
Article 52 – paragraph 3 – subparagraph 4
The development shall consist of the elaboration and implementation of the technical specifications, testing and overall project coordination, including the provision of technical solutions that would exclude the creation of links on EU or dual citizens that are recorded in the SIS or for types of alerts that are not relating to terrorist offences or serious criminal offences as defined in the present Regulation.
Amendment 819 #
Proposal for a regulation
Article 52 – paragraph 3 – subparagraph 4 a (new)
Article 52 – paragraph 3 – subparagraph 4 a (new)
eu-LISA shall ensure the application of the principle of privacy by design during design and development stage.
Amendment 820 #
Proposal for a regulation
Article 52 – paragraph 5 – subparagraph 1 a (new)
Article 52 – paragraph 5 – subparagraph 1 a (new)
Where relevant, experts to provide independent advise in matters relating to data protection shall be invited to the meetings.
Amendment 898 #
Proposal for a regulation
Article 55f
Article 55f
Amendment 923 #
Proposal for a regulation
Article 55g
Article 55g
Amendments to Regulation (EU) 2018/XX [the Regulation on SIS in the field of border checks] [...] rticle 55g deleted Or. en Justification
Amendment 938 #
Proposal for a regulation
Article 55h
Article 55h
Amendments to Regulation (EU) 2018/XX [Regulation on eu-LISA] [...]rticle 55h deleted
Amendment 944 #
Proposal for a regulation
Article 56 – paragraph 1 – introductory part
Article 56 – paragraph 1 – introductory part
1. The duly authorised staff of the competent authorities of Member States, the Commission and eu-LISA shall have access to consult the following data related to the European search portal (ESP), solely for the purposes of reporting and statistics without enabling individual identification and in accordance with the safeguards related to non-discrimination referred to in Article 5:
Amendment 948 #
Proposal for a regulation
Article 56 – paragraph 2 – point b
Article 56 – paragraph 2 – point b
Amendment 952 #
Proposal for a regulation
Article 56 – paragraph 3 – point a
Article 56 – paragraph 3 – point a
Amendment 955 #
Proposal for a regulation
Article 56 – paragraph 5
Article 56 – paragraph 5
5. For the purpose of paragraph 1 of this Article, eu-LISA shall store the data referred to in paragraph 1 of this Article in the central repository for reporting and statistics referred to in Chapter VII of this Regulation. The data included in the repositoryThe data shall not enable the identification of individuals, but it shall allow the authorities listed in paragraph 1 of this Article to obtain customisable reports and statistics to enhance the efficiency of border checks, to help authorities and processing of visa applications and to support evidence-based policymaking on migration and security in the Union. The data shall also be made available to supervisory authorities to facilitate fulfilment of their tasks. When storing the data, eu-LISA shall take into account the principle of privacy by design and take proactive measures to ensure that the data will not lead to the identification of individuals.
Amendment 957 #
Proposal for a regulation
Article 56 – paragraph 5 a (new)
Article 56 – paragraph 5 a (new)
5 a. Meaningful summaries shall be made available to the Agency for Fundamental Rights in order to evaluate the impact on fundamental rights of this Regulation.
Amendment 960 #
Proposal for a regulation
Article 58
Article 58
Amendment 963 #
Proposal for a regulation
Article 59
Article 59
Amendment 967 #
Proposal for a regulation
Article 60 – paragraph 1
Article 60 – paragraph 1
1. The costs incurred in connection with the establishment and operation of the ESP, the shared biometric matching service, the common identity repository (CIR) and the MID shall be borne by the general budget of the Union.
Amendment 973 #
Proposal for a regulation
Article 61 – paragraph 1 – subparagraph 2
Article 61 – paragraph 1 – subparagraph 2
A consolidated list of those authorities shall be published in the Official Journal of the European Union within a period of three months from the date on which each interoperability component commenced operations in accordance with Article 62. Where there are amendments to the list, eu- LISA shall publish an updated consolidated list once a year. The list shall include the date of notification for each authority listed.
Amendment 975 #
Proposal for a regulation
Article 62 – paragraph 1 – point -a (new)
Article 62 – paragraph 1 – point -a (new)
(-a) following the successful completion of a pilot project
Amendment 982 #
Proposal for a regulation
Article 63 – paragraph 2
Article 63 – paragraph 2
2. The power to adopt delegated acts referred to in Articles 8(2), 9(7) and 9(728(5) shall be conferred on the Commission for an indeterminate period of time from [the date of entry into force of this Regulation].
Amendment 985 #
Proposal for a regulation
Article 63 – paragraph 6
Article 63 – paragraph 6
6. A delegated act adopted pursuant to Articles 8(2), 9(7) and 9(728(5) shall enter into force only if no objection has been expressed either by the European Parliament or the Council within a period of [twohree months] of notification of that act to the European Parliament and the Council or if, before the expiry of that period, the European Parliament and the Council have both informed the Commission that they will not object. That period shall be extended by [two months] at the initiative of the European Parliament or of the Council.
Amendment 986 #
Proposal for a regulation
Article 65 – paragraph 1
Article 65 – paragraph 1
An Advisory Group shall be established by eu-LISA in order to provide it with the expertise related to interoperability, including its fundamental rights dimension, in particular in the context of the preparation of its annual work programme and its annual activity report. During the design and development phase of the interoperability instruments, Article 52(4) to (6) shall apply.
Amendment 989 #
Proposal for a regulation
Article 67 – paragraph 1 a (new)
Article 67 – paragraph 1 a (new)
The practical handbook should provide guidance to Member States on how to deal with yellow links that are the results of inconsistencies with the identity data contained in ETIAS. Such modalities should not create disproportionate burdens on persons who, without any intention to deceive the authorities, have entered inaccurate or ambiguous data in ETIAS.
Amendment 992 #
Proposal for a regulation
Article 68 – paragraph 2
Article 68 – paragraph 2
2. By [Six months after the entry into force of this Regulation — OPOCE, please replace with the actual date] and every six months thereafter during the development phase of the interoperability components, eu-LISA shall submit a report to the EDPS, European Parliament and the Council on the state of play of the development of the interoperability components. Once the development is finalised, a report shall be submitted to the European Parliament and the Council explaining in detail how the objectives, in particular relating to planning and costs, were achieved as well as justifying any divergences.
Amendment 995 #
Proposal for a regulation
Article 68 – paragraph 3
Article 68 – paragraph 3
3. For the purposes of technical maintenance, eu-LISA shall have access to the necessary information relating to the data processing operations performed in the interoperability components. Access to personal data shall be subject to strict safeguards. Any access to personal data under this provision shall be logged.
Amendment 999 #
Proposal for a regulation
Article 68 – paragraph 4
Article 68 – paragraph 4
4. Four years after the start of operations of each interoperability component and every four years thereafter, eu-LISA shall submit to the EDPS, European Parliament, the Council and the Commission a report on the technical functioning of the interoperability components, including the security thereof.
Amendment 1001 #
Proposal for a regulation
Article 68 – paragraph 5 – subparagraph 1 – point b
Article 68 – paragraph 5 – subparagraph 1 – point b
(b) an examination of the results achieved against objectives and the impact on fundamental rights, in particular the right to protection of personal data, the right to non-discrimination, the rights of the child and the right to an effective remedy;
Amendment 1009 #
Proposal for a regulation
Article 68 – paragraph 8 – subparagraph 1 – introductory part
Article 68 – paragraph 8 – subparagraph 1 – introductory part
While respecting the provisions of national law on the publication of sensitive information, as well as the EU's obligation to act with outmost transparency, each Member State and Europol shall prepare annual reports on the effectiveness of access to data stored in the common identity repository for law enforcement purposes, containing information and statistics on: