Supervision of European information systems

The Member States of the European Union (EU) exchange personal data to monitor the borders of the Schengen area and to carry out police and judicial tasks. Such as issuing visas, determining which Member State is examining an asylum application or detecting and prosecuting criminal offences. The competent authorities in the Member States (such as police, investigative services and judicial authorities) exchange this data through different information systems.

The following systems to exchange information are in place: 

• Schengen Information System (SIS): this system contains information on alerts within the Schengen area, such as data on wanted or missing persons or on stolen vehicles.
  For more information, please see: Schengen Information System (SIS) and Schengen Information System (SIS): Exercising your rights.
• Eurodac: this system contains fingerprints of, inter alia, persons applying for asylum in an EU Member State. 
• Visa Information System (VIS): this system contains data for issuing visas. 
  For more information, please see: Visa Information System (VIS): Exercising your rights.
• Customs Information System (CIS): this system contains data to enforce customs regulations. 

The EU is also implementing a number of new information systems. In addition, several existing systems are being adapted. For more information, please see: New European information systems.

Supervision

European large-scale information systems process (sensitive) personal data of millions of people. In addition, processing of incorrect data can have a major impact. For example, if someone is unjustly refused entry into the Schengen area. Or if someone is wrongly identified as a suspect of a crime.

It is therefore important that the use of these systems is properly monitored. The protection of personal data is a fundamental right. This supervision of European information systems is the responsibility of the European data protection authorities, including the Dutch Data Protection Authority (DDPA).

Central and national part

Most European information systems consist of: 

• A central European system. The European Data Protection Supervisor (EDPS) oversees the central systems.
• A national part of the system. National privacy supervisors monitor the exchange of data in their own country and the exchange of data from their home country with parties in other countries. In the Netherlands, this monitoring is the task of the DDPA.

Cooperation supervisory authorities

The EDPS and all national data protection authorities work together in the Coordinated Supervision Committee (CSC). That is to ensure that every national authority supervises in the same way.

The CSC meets several times a year in Brussels. The CSC has a work programme in which supervisors identify common priorities and concerns.