Council of the European Union Brussels, 30 November 2020 (OR. en)

9617/04 DCL 1

LIMITE

SCH-EVAL 33 COMIX 344

DECLASSIFICATION of document: 9617/04 RESTREINT UE dated: 17 May 2004 new status: LIMITE Subject: Questionnaire – Questions to UK on data protection arrangements relating to the UK’s national implementation of the Schengen Information System. - Answers from the UK

Delegations will find attached the declassified version of the above document.

The text of this document is identical to the previous version.

9617/04 DCL 1 KAL SMART 2.C.S1 LIMITE EN

RESTREINT UE

COUNCIL OF Brussels, 17 May 2004 THE EUROPEAN UNION

9617/04

RESTREINT UE

SCH-EVAL 33 COMIX 344

NOTE from : UK delegation to : Schengen Evaluation Working Party No. prev. doc. : 9227/04 SCH-EVAL 25 COMIX 308 + ADD 1 Subject : Questionnaire – Questions to UK on data protection arrangements relating to the UK’s national implementation of the Schengen Information System. - Answers from the UK

The United Kingdom has asked the Schengen Evaluation Group to undertake an evaluation of the data protection arrangements which it has in place to support the introduction of the Schengen Information System to the UK. As the UK’s technical solution to the SIS has not yet been finalised, the questions relate only to data protection arrangements. Questions relating to the management and handling of the data will be answered in the context of the full SIS evaluation which will take place once the UK’s national solution has been fully implemented.

1. Provide the list of services with access to SIS data

See Annex A and Annex B

9617/04 WvdR/kve 1 DG H RESTREINT UE EN RESTREINT UE

2. Has the list of authorities authorised to consult the SIS been amended recently?

A provisional list has been adopted at the time of our original application, but this has now been amended. The final list is the one provided under question 1.

3. Describe the legislative and regulatory provisions adopted to set up the N.SIS;

No legislation was needed to set up the UK N.SIS, except for the purpose of extending the Information Commissioner's right to inspect personal data recorded in the UK sections of the SIS (and also the EIS and the CIS) without a warrant. These provisions are set out in Section 81 of the Crime (International Co-operation) Act 2003.

4. Describe the legislative and regulatory provisions adopted to set up the SIRENE Bureau; Same answer as for previous question.

5. Is there in your country a national supervisory authority within the meaning of Article 114 of the Convention? If not, when is one to be set up?

Yes, the Information Commissioner's Office (ICO) will act as a national supervisory authority within the meaning of Article 114. The Office is also responsible for overseeing compliance with the Data Protection Act 1998.

9617/04 WvdR/kve 2 DG H RESTREINT UE EN RESTREINT UE

6. Has the supervisory authority used its right of access to the national part of the SIS? Is access occasional or frequent?

As the UK does not yet have the SIS in place, the answer to this question would be no. However, as an illustration, the Supervisory Authority, the Information Commissioner’s Office [I.C.O.] (who acts equally for SIS and Europol) has used its right of access to the national part of the Europol system twice in the last 5 years. This was as part of their on-going commitment to audit and inspection. They are currently in the pre-inspection stage for a third evaluation of Europol. As NCIS will host both Europol and SIS in the future, we would expect a similar level and frequency of inspection. The ICO envisages that there will be occasional, general inspections of the data, as well as any access that is needed to respond to specific requests from individuals for their data to be checked.

7. Can this right of access be used in situ? Would it be possible to have supervision organised in parallel (one person in the SIRENE Bureau and the other with the final user)?

The ICO was offered a facility for direct access to the national section of SIS to enable it to perform its functions. It turned down the offer for security reasons. Access will be obtained via a suitable final user or at the SIRENE Bureau. It should be possible for checks to be organised in parallel where this is considered necessary. This could be provided either with NCIS, as an end user in its own right, or with any other end user. NCIS will cooperate with any such request made by the ICO. The ICO does not have a general power to inspect data processing but does have a specific power to inspect any personal data recorded in the SIS. This power is set out in Section 81 of the Crime (International Co-operation) Act 2003.

As mentioned before, the ICO has had experience of inspecting the UK national unit for Europol. On those occasions, the inspectors have been allowed full access to the national part of the system. They have been given access to the records (although trained staff have navigated the Europol system on their behalf) both in London and The Hague, and been able to compare results. Europol staff have been questioned regarding their training and knowledge of Data Protection.

9617/04 WvdR/kve 3 DG H RESTREINT UE EN RESTREINT UE

8. In cases of subject access on the basis of Article 109 of the Schengen Convention, does the national supervisory authority also play a supervisory role or does it simply act as the authorised representative of the applicant?

Under UK law individuals make their own subject access requests to the data controller. In the case of the SIS this is the National Criminal Intelligence Service (NCIS). The role of the ICO is, on receipt of a complaint from an individual, to make an assessment as to whether NCIS has met its legal obligations under UK law and the Schengen convention. If appropriate the ICO will then take enforcement action to bring about compliance e.g. an order to release information to the individual. Individuals can also enforce their rights through the courts.

9. Does the role of the national supervisory authority in such cases relate to the legality of the procedure or does it also relate to the validity of the grounds for the alert?

The ICO will investigate whatever aspects of compliance the individual complains about. This may be any or all of the following;  whether the individual has received a response from NCIS within the time limits set down by law  whether the individual has been supplied with all the data to which he/she is entitled  whether there are valid grounds for the alert  whether the information forming the alert is accurate and up to date.

10. What arrangements will there be for co-operation between your national supervisory authority and other national supervisory authorities if it transpires that another Schengen country has recorded a person and your national SIRENE Bureau does not have the complete file?

The ICO has well established arrangements for co-operation with other supervisory authorities in the Schengen area. These cover the general exchange of information on matters that are of common as well as on the investigation of individual cases where there is a cross border element.

9617/04 WvdR/kve 4 DG H RESTREINT UE EN RESTREINT UE

11. Will every tenth transmission of personal data be recorded for the purposes of supervising the admissibility of the query?

As a matter of policy the UK records 100% of its queries for the purpose of ensuring the admissibility of such actions. One of the identified tasks of the Sirene Bureau is conducting an on- going sampling of such queries and checking their validity and admissibility with end users. The records will be available to the ICO for their inspection.

12. a) What rules will be applied for retaining data in the national system? b) What happens to the paper files relating to the SIS alert? c) Are they archived? Are they destroyed? After how long?

a) Data (i.e. the Alert itself) held in the N.SIS will follow the retention rules outlined in Article 112 and 113, unless the national weeding rules for PNC records dictate a shorter period of retention. Records supporting the application of such alerts will be held locally by the initiating force/agency.

The Supplementary data relating to the alert will be kept by the Sirene Bureau for a maximum of 7 years if it is data relating to a UK national/ UK crime. This follows standard practice for UK law enforcement.

b) With the exception of a hard copy of the EAW it is anticipated that there will be no paper files kept in the Sirene bureau; an electronic case management system will support the storage of additional information where required for the designated retention period

c) Where the Supplementary Information relates to a UK national or UK crime or where the UK has taken action on the alert the 7 year rule will apply. Otherwise this information will be deleted in a systematic manner by the case management system. It is anticipated this process will be completed within 7 days of Sirene Bureau being notified of the deletion of the alert. The hard copy of the EAW would be destroyed by shredding at this point.

9617/04 WvdR/kve 5 DG H RESTREINT UE EN RESTREINT UE

13. Will the authorities responsible for recording vehicle registrations have access to the SIS?

At present the authorities responsible for recording vehicle registrations, the Driver and Vehicle Licensing Agency, will not have access to the SIS.

14. How do you resolve the conflict between the need for transparency of public action and the protection of data entered in the SIS?

The balance of this is always difficult to achieve, however it is believed that the generous publicity campaign (website, leaflets and pamphlets provided by Sirene UK and the ICO) allow for the citizens to be well informed of the rights under this convention, especially in terms of subject access and their additional rights of rectification and deletion. Subject access procedures across UK LEA’s are mature in their processes, and transparency of service to the citizen is paramount. It is expected that the protection of the data entered onto the SIS, will be monitored and audited by both staff at the Sirene bureau and local force Data Protection Officers as part of a nationally agreed service to ensure compliance with the requirements of the Convention.

15. How many people have asked to be informed of data concerning them? In how many cases did corrections have to be made?

Figures for this are obviously unavailable from the UK, however, the following diagram shows the figures of requests to the National Identification Service for checks on our Police National Database. This would indicate a possible trend that might be adopted for future SIS checks. Unfortunately the figures for requests for alterations or amendments are not available at this time. 2001 2002 2003 2004 January 15,047 17,650 16,290 14,170 February 13,237 16,406 3,805* 13,202 March 17,508 14,521 12,595 15,142 April 15,321 16,393 15,461 13,399 May 21,092 18,097 22,738 June 19,200 17,286 17,189 July 16,814 20,240 18,923 August 16,676 17,751 19,180

9617/04 WvdR/kve 6 DG H RESTREINT UE EN RESTREINT UE September 16,417 15,752 16,460 October 19,262 17,486 14,045 November 20,390 14,254 15,010 December 12,591 11,195 13,373 TOTAL for 203,555 197,031 185,069 55,913 year * closed 03.02.03-09.02.03

16. Have rules been established concerning duplication of SIS data? Is there a technical copy or a copy "for technical purposes" which would allow user services to access the SIS? Which procedures are put in place in order to guarantee that data provided for in Articles 95 to 100 are only used for the purposes laid down for each category of alerts referred to in those Articles? Which procedures are put in place in order to guarantee that there is no copy of the SIS data in other national data files and no “administrative" use?

The design of the UK N.SIS includes a technical copy. However users do not have access to this copy as they will continue to query the (PNC). PNC will generate the check against the SIS data and return any results to the end user. As part of the review to establish authorities with access to the SIS it was decided that only those who could action directly/or indirectly the alert would be granted access. No extracts of data nor direct searching on the SIS database held in the N.SIS are allowed.

The N.SIS is designed to ensure that no copying is possible. As a consequence no administrative use of the SIS data is possible. Full audit procedures available to the ICO make this situation fully transparent.

9617/04 WvdR/kve 7 DG H RESTREINT UE EN RESTREINT UE

17. Which procedures have been put in place in order to protect the rights of individuals?

Please refer the answer given in response to Q. 14. The UK has gone to considerable lengths to ensure individuals are aware of their rights in respect of subject access to the SIS. The rights of individuals are set out in the Data Protection Act 1998. The ICO has an ongoing programme to raise individuals' awareness of their rights and how to exercise them. This includes advertising, publications and the ICO's website. A section of the site dealing specifically with the right of access to data in the SIS, and other European third pillar systems, is currently under preparation. A dedicated unit within Sirene Bureau will ensure data quality and supervise end users input to the system.

18. Which procedures have been put in place for the update and correction of data?

In terms of data transferred to the SIS from the national system a dedicated unit within Sirene Bureau will be responsible for updating and correcting any data that is necessary.

------

9617/04 WvdR/kve 8 DG H RESTREINT UE EN RESTREINT UE ANNEX A- Agencies with access to SIS

Constabularies and Police Forces

Avon &

Bedfordshire

Cambridgeshire

Cheshire

City of London

Cleveland

Cumbria

Derbyshire

Devon & Cornwall

Dorset

Durham

Essex

Gloucestershire

Greater Manchester

Hampshire

9617/04 WvdR/kve 9 DG H RESTREINT UE EN RESTREINT UE Hertfordshire

Humberside

Kent

Lancashire

Leicestershire

Lincolnshire

Merseyside

Metropolitan

Metropolitan2

Norfolk

North Yorkshire

Northamptonshire

Northumbria

Nottinghamshire

South Yorkshire

Staffordshire

Suffolk

9617/04 WvdR/kve 10 DG H RESTREINT UE EN RESTREINT UE Surrey

Sussex

Thames Valley

Warwickshire

West Mercia

West Midlands

West Yorkshire

Wiltshire

Dyfed-Powys

Gwent

North Wales

South Wales

Central

Dumfries & Galloway

Fife

Grampian

9617/04 WvdR/kve 11 DG H RESTREINT UE EN RESTREINT UE Lothian & Borders

Northern

Strathclyde

Tayside

British Transport Police (and Royal Parks )

Ministry of Defence Police

Police Service of

Port of Police

U.K. Atomic Energy Authority Constabulary

Others (includes national police units, police training, joint police/other units, other law enforcement agencies

Assets Recovery Agency

Bramshill College

Centrex (for PNC training purposes)

Customs & Excise

Disclosure Scotland

Immigration & Nationality Directorate (Status 2)

9617/04 WvdR/kve 12 DG H RESTREINT UE EN RESTREINT UE

National Criminal Intelligence Service

National Identification Service (at New )

National Crime Squad

National Ports Office

Scottish Criminal Records Office

Scottish Drug Enforcement Agency

National Joint Unit

9617/04 WvdR/kve 13 DG H RESTREINT UE EN RESTREINT UE ANNEX B

Police agencies accessing SIS data via a third party (Police force in which agency is situated)

Royal Botanic Gardens Constabulary Historic Scotland (Holyrood, Linlithgow) Port of Tilbury Harbour Police Belfast International Airports Constabulary Port of Police Larne Harbour Police Port of Police Tees & Hartepool Port Authority Ltd

9617/04 WvdR/kve 14 DG H RESTREINT UE EN