Schengen Agreement
SCHENGEN AREA
It is an area without internal borders, named after the Schengen city in Luxembourg, where the Schengen Agreement was signed. Lithuania became a member of the Schengen Area in 2007.
THE SCHENGEN AGREEMENT
On 14 June 1985, five Member States: Belgium, the Netherlands, Luxembourg, Germany and France signed the Schengen Agreement on the gradual abolition of border controls (the Schengen Agreement). The main purpose of the Schengen Agreement was to abolish controls on persons who are nationals of Member States crossing the common borders and to facilitate the movement of transport and goods. A few years later other Member States, except the United Kingdom and Ireland, acceded to the Schengen Agreement. Two countries (Norway and Iceland) which are not Member States of the European Union (hereinafter - EU) have also acceded to the Schengen Agreement.
Most EU Member States (except Bulgaria, Cyprus, Ireland and Romania) as well as Iceland, Norway, Liechtenstein and Switzerland are currently parties to the Schengen Agreement. Croatia acceded to the Schengen Agreement on 1 January 2023.
SCHENGEN CONVENTION
The Convention implementing the Schengen Agreement of 14 June 1985 between the Governments of the States of the Benelux Economic Union, the Federal Republic of Germany and the French Republic on the gradual abolition of checks at their common borders (Convention implementing the Schengen Agreement), was signed on 19 June 1990. It forms the basis for the establishment of the Schengen Information System and facilitates the implementation of the principle of free movement by establishing the Schengen Area.
EU LEGISLATION
- Regulation (EU) 2018/1860 on the use of the Schengen Information System for the return of illegally staying third-country nationals;
- Regulation (EU) 2018/1861 on the establishment, operation and use of the Schengen Information System (SIS) border checks;
- Regulation (EU) 2018/1862 on the establishment, operation and use of the Schengen Information System (SIS) in the field of police cooperation and judicial cooperation in criminal matters.
SCHENGEN INFORMATION SYSTEM
The Schengen Information System (hereinafter - SIS) is an EU information system which processes personal data in order to ensure a high level of security in the EU, to maintain public security and public order, to ensure security in the territories of the EU Member States and to apply the rules relating to the movement of persons within the territory of the EU Member States.
SIS consists of a central system, national SIS systems in all countries using SIS and a communication infrastructure between the central and national systems. The information entered by the competent national authorities in SIS is transmitted through the Central System to all Schengen States.
SIS processes information on persons who may have been involved in serious crimes or who have entered (trying to enter) the Schengen States illegally or do not have the right to reside in the EU. It also contains alerts on missing persons, in particular children, and information on certain objects such as banknotes, vehicles, firearms and identity documents that may have been stolen, misappropriated or lost.
On 7 March 2023, an updated SIS became operational with new alerts, more data and improved functionalities: biometric data shall be used to confirm and verify the identity of persons registered in the system: photographs, palm prints, fingerprints, DNA records (for missing persons only).
Fingerprints and palm prints are used for biometric searches through the automated fingerprint identification system in SIS.
More information is being shared on persons and objects involved in terrorism-related activities.
Competent authorities may issue alerts on missing persons containing additional data. They may also enter preventive alerts into the system to protect certain categories of vulnerable persons (e.g. children at risk of abduction or potential victims of terrorism, information on trafficking in human beings, gender-based violence or armed conflict and/or hostile actions).
SIS also shares return decisions in order to improve the effective enforcement of these decisions.
The competent national authorities responsible for registering ships, aircraft and firearms may use SIS to verify the legal status of the items submitted to them for registration.
EUROPOL shall have access to all categories of SIS alerts and shall, within the scope of its competence, exchange supplementary information with countries on alerts related to criminal offences.
The Schengen Information System. Guaranteeing Freedom, Security and Justice (leaflet in English)>>
RIGHTS OF DATA SUBJECTS IN SIS
The SIS alert contains information about a particular person or object together with instructions for the authorities on what to do when the person or object has been found.
All data subjects have a right to:
- access data relating to them;
- correct inaccurate data or
- erase data unlawfully stored in the system.
Anyone who is the subject of alerts for returns or alerts for refusal of entry and stay has the right to be informed about the alert.
All data subjects have a right to bring proceedings before the courts or competent authorities to access, correct or delete data or to obtain compensation for damages suffered from breaches of data protection law in any of the countries that use SIS.
“The Schengen Information System. A Guide for Exercising Data Subjects’ Rights: The Right of Access, Rectification and Erasure”>>
WHICH AUTHORITIES HAVE ACCESS TO SIS DATA?
Access to SIS is limited to the national border control, police, customs, judicial, visa and vehicle registration authorities. These authorities may only access the SIS data that they need for the specific performance of their tasks. The European Agencies EUROPOL and EUROJUST also have limited access rights to SIS data.
HOW IS THE PROTECTION OF PERSONAL DATA ENSURED?
Authorities using SIS in each country are obliged to check the quality of the information they enter into the system. There are strict data protection requirements in the Schengen area. If data about a person is entered into the SIS, that person has the right to request access to this data and make sure that it is correct and lawfully entered. If not, the person has the right to request rectification or erasure of data related to him or her. Access may only be refused when strictly necessary for the performance of a legitimate task related to the request and for the exercise of the rights and freedoms of others.
- Request for access to your personal data processed in the Schengen Information System (SIS)
- Request for rectification of your personal data processed in the Schengen Information System (SIS)
- Request to delete your personal data processed in the Schengen Information System (SIS)
HOW IS THE PROTECTION OF PERSONS LEGALLY CROSSING THE BORDERS OF THE SCHENGEN STATES ENSURED IF THEIR IDENTITY IS APPROPRIATED BY A PERSON INVOLVED IN A CRIME OR ILLEGAL ENTRY INTO THE SCHENGEN AREA?
Sometimes false identity is used to commit crimes or attempt to enter or stay in the Schengen area. Such misuse includes lost or stolen identity documents. In such a situation, a query entered in SIS may create difficulties for an innocent person whose identity has been stolen. The SIS allows authorities to search using fingerprints to determine whether non-EU citizens are entitled to enter or stay in the EU by checking possible falsified documents. SIS will also include data on forged documents, including travel documents and visa stickers. In this case, specific procedures are used to ensure the protection of the interests of innocent persons.
HOW TO APPLY FOR ACCESS, RECTIFICATION, MODIFICATION AND UNLAWFUL USE OF PERSONAL DATA?
If you consider that your personal data has been misused, it needs to be rectified or deleted, you can apply for access to this data in any Schengen country by contacting the competent organisation or authority (usually, the national data protection authority or authority responsible for the quality of the national data entered in SIS). If you are outside the Schengen area, you can contact the consulate of a Schengen country in the country where you currently live. You will be informed of the progress of your request within three months at the latest.
SCHENGEN SUPERVISORY COORDINATION GROUP
The Schengen Supervisory Coordination Group shall be composed of the national data protection supervisory authorities and the European Data Protection Supervisor, who shall:
- exchange relevant information;
- assist each other in carrying out audits and inspections;
- examines difficulties of interpretation or application of applicable EU legislation;
- analyse problems identified in the context of independent supervision or in the exercise of data subjects’ rights;
- develop harmonised proposals for common problem-solving;
- raise awareness of data protection rights, as appropriate.
The supervisory authorities and the European Data Protection Supervisor shall meet at least twice a year as part of the European Data Protection Board.
NATIONAL SUPERVISORY AUTHORITY
The purpose of the national supervisory authority shall be to independently monitor the lawfulness of the processing of SIS personal data on their territory and the transfer of SIS personal data from their territory and the further lawfulness of the exchange and processing of supplementary information.
The State Data Protection Inspectorate has been designated as responsible for the independent verification of the lawfulness of the processing of personal data in the national SIS. One of the functions of the State Data Protection Inspectorate is to exercise control over the lawfulness of the processing of personal data in the national SIS.
For more information, please contact:
State Data Protection Inspectorate
L. Sapiegos str. 17
LT-10312 Vilnius, Lithuania
Phone: + 370 5 271 2804
https://vdai.lrv.lt
[email protected]
AUTHORITIES RESPONSIBLE FOR CARRYING OUT THE FUNCTIONS OF THE SCHENGEN CONVENTION:
Last updated: 11-09-2023