Council of the

European Union Brussels, 13 April 2018 (OR. en)

6134/01 DCL 1

SCH-EVAL 8 SIS 9 COMIX 112

DECLASSIFICATION of document: ST 6134/01 RESTREINT dated: 9 February 2001 new status: Public Subject: Draft report on the SIS evaluation visit to

Delegations will find attached the declassified version of the above document.

The text of this document is identical to the previous version.

6134/01 DCL 1 kal DGF 2C EN

COUNCIL OF Brussels, 9 February 2001 THE EUROPEAN UNION

6134/01

RESTREINT

SCH-EVAL 8 SIS 9 COMIX 112

NOTE from: the Survey Group - SIS to: Schengen Evaluation Working Group No. prev. doc. 6359/00 SCH-EVAL 13 COMIX 182 Subject : Draft report on the SIS evaluation visit to Iceland

This report is the result of the drafting committee of 9 February and includes the remarks of the Icelandic delegation.

6134/01 NP/ml 1 DG H EN

TABLE OF CONTENTS

1. Introduction

1.1 Mandate 1.2 Committee members of the Survey Group 1.3 Program of the visit

2. Visit to the Icelandic N SIS

2.1 Organisation 2.2 Security 2.3 Installation 2.4 User Interface 2.5 Decentralised periphery 2.6 Training

3. Visit to the Icelandic SIRENE

3.1 Organisation and structure 3.2 Security and data protection at SIRENE Bureau 3.3 Installation 3.4 Recruiting and Training of SIRENE-officers 3.5 Tasks of the SIRENE bureau 3.6 Workflow and responsibilities for entry and deletion of records 3.7 Statistics on alerts and hits

4. Visits to the users of the SIS

4.1 Visit to Keflavik International Airport 4.2 Visit to Reykjavik station and communications centre 4.3 Visit to Police District 4.4 Visit to Kopavogur police station

5. Remarks and conclusions

6134/01 NP/ml 2 DG H EN

1. INTRODUCTION

1.1. Mandate

In consultation with the Icelandic authorities, the Schengen evaluation Committee for ICELAND, represented by the survey group (as mentioned in the note concerning the setting up of the above mentioned for candidate countries, SCH/Com-ex (98) 26 def. of 1998 September 16th ), visited ICELAND between the 29th and the 31st of January 2001.

1.2. Committee members of the Survey Group

The committee chaired by France consisted of 16 members from the following countries:

 Mr Henri DELARUE – FRANCE (Chairman)  Mr Jacques GRAFF - BELGIUM  Mr Eckart BRAUER - GERMANY  Mr Martin TUFFNER - GERMANY  Mr José Luis MARIA DE FRUTOS - SPAIN  Mr Ricardo LLORENTE HERNAN-GOMEZ - SPAIN  Mr Bruno RIDET - FRANCE  Mr Jean-Marcel GUILLOT - FRANCE  Mr Enrico Maria FALCONE - ITALY  Mr Marco DI STEFANO - ITALY  Mr André VAN DER MEIJ – THE NETHERLANDS  Mr Popko NOORDHOFF – THE NETHERLANDS  Mr Florian BILEK - AUSTRIA  Mr Sebastião ALVES - PORTUGAL  Mrs Irene COLE – UNITED KINGDOM  Mr Brian DONALD – UNITED KINGDOM

One observer from the Nordic countries :  Mr Jan SEGERBERG – SWEDEN

One member of the General Secretariat of the Council  Mrs Nathalie PENSAERT

6134/01 NP/ml 3 DG H EN

1.3. Program of the visit

The survey group selected the locations they wished to visit and provided these details to the Icelandic authorities. The Icelandic authorities facilitated these visits by providing transport and other logistical support.

 The Icelandic NSIS  The Icelandic SIRENE Bureau  The operational use of the SIS

- 29 January 2001 visit to N.SIS in Reykjavik visit to Reykjavik police station and communications centre

- 30 January 2001 visit to Akureyri police district

- 31 January 2001 visit to SIRENE office visit to Keflavik International Airport visit to Kopavogur police station

The visit was well prepared by the host country. Cooperation with the Icelandic authorities was excellent. The survey group has been given all facilities to carry out its tasks in the best conditions possible. All concerned authorities gave a clear presentation of the work carried out during their preparation phase, in an open minded spirit of cooperation. The visit was conducted in total transparency and in a climate of mutual trust.

6134/01 NP/ml 4 DG H EN

2. VISIT TO THE ICELANDIC N SIS

The surveys conducted during the visits to the Icelandic N.SIS were directed primarily at IT infrastructures, organisational structures, personnel training and overall security.

2.1. Organisation

The Ministry of Justice is responsible for the through the National Commissioner of Police. The exception is that the Ministry of Foreign Affairs has responsibility for the Keflavik because of the status of this airport as a NATO military base.

The N.SIS is operated by the Icelandic Registration Office Ltd. (IRO - Skraningarstofan hf.), a company that is wholly owned by the Icelandic Government and their Board of Directors are appointed by the Ministry Of Justice (MOJ). The Board of Directors is not involved in the development, implementation and operation of the SIS in Iceland on a daily basis. This is managed by the IT team of the Icelandic Registration Office (IRO) under daily supervision and control of the Head of N.IS. The total IT operation is supervised by the Manager of IT Systems. The SIS operation in Iceland is being carried out in close co- operation with the Ministry of Justice and the National Commissioner of Police, who share the legal responsibility for the N.SIS. The N-SIS is managed by Vigfus Erlendsson.

The N.SIS support system consists of the IBM Helpdesk in Copenhagen as first line support and IBM Austria and hardware providers on second and third line support.

6134/01 NP/ml 5 DG H EN

2.2 Security

Physical access: The IRO is located at Bogartun 30, Reykjavik. Its computer department is located within a closed area with limited access. The computer room containing also the systems for the SIS is inside this closed area, on the 1st floor of the IRO building. Security cameras are now located within the IRO premises. A new and improved camera surveillance system with more cameras inside and outside the IRO premises will be set up. Special security features will be located on doors and windows where there is a greater risk of unauthorised entry (such as external fire escape stairs).

The computer room itself is divided into two security areas with an operator area outside the high security area where the computer systems are placed. Only a few operators with special security clearance have access to the high security area. The computer room is also equipped with an Uninterruptible Power Supply, UPS, a separate cooling system, smoke detectors and Inergen fire extinguishing system. The building and in particular the floor of the computer room is earthquake-proof and proved its value during last year's earthquake.

Access to the IRO premises and different areas is secured by a special access card system and security codes. Access cards are issued and controlled by the IRO Head System Manager in co-operation with the Head of N.SIS and the IRO Management.

No special security clearance procedure is foreseen for visitors. Guests are registered by name and company name and the date and hour of arrival and departure. Guests need to be escorted by IRO staff in the computer department office area at all times.

IRO staff and staff of the computer service providers are security cleared by a special security clearance procedure of the National Commissioner of Police (NCP). Cleaning personnel and permanent staff carrying out non-computer-related work are security cleared by a special internal security procedure of IRO. These personnel have special access cards and do not need to be escorted within IRO’s computer department office area.

All service providers (regardless of their security clearance) and guests must be escorted in the IRO computer room at all times.

No-one is present in the building outside office hours, but security is monitored by the company Securitas, who can arrive on site within 10-15 minutes. In case of intrusion, Securitas will call the nearby police station. The survey group finds that additional measures would be necessary to diminish the risk of someone achieving unauthorised access to the premises in less than 10 minutes. This could be done by reducing the response time of Securitas or enhancing the security of the doors to the computer room so that more time is needed to gain entry to the computer room. Another possibility would be have the premises monitored by cameras linked to the police station. The survey group finds that in all cases Securitas should call the police as soon as they respond to an alarm call.

6134/01 NP/ml 6 DG H EN

System Management access to N.SIS and ÍSIS is determined by the Head of N.SIS and controlled by the IRO Head System Administrator. The IRO Director, the Head of IT Department, the System managers and the Operators are security cleared by a special procedure by the National Commissioner of the Icelandic Police (NCP).

Access to ISIS is determined and controlled by NCP and administrated by IRO. Approx. 375 users will have access to SIS (art. 95-100) (National Commissioner of Police (NCP), Police Commissioners and District Commissioners offices around Iceland). Approx. 5-10 users will have access solely for article 96 purposes (Directorate of Immigration - VISION office). ÍSIS User access is password protected. Passwords will need to be changed regularly and there are rules for the length and construction of passwords. ÍSIS (national Application) After successful login the following appears on the screen: 1. Name of the user 2. Information about last login date and time 3. Information about password expiration date and time.

A security handbook has been established for all computer systems at IRO and follows the standard BS 7799.

From the same terminal it is possible to access the SIS and Internet simultaneously. However, the Icelandic authorities are aware of the implications of such a situation and that security measures must therefore be taken. Notwithstanding such compensatory measures, the survey group still finds this a security risk and would recommend a 24h monitoring of the communication infrastructure by competent technical staff and/or the appropriate equipment.

6134/01 NP/ml 7 DG H EN

2.3 Installation

2.3.1 N.SIS a) The Icelandic N.SIS integrated towards C.SIS has several components:

 A communication system, the actual N.SIS that is identical to the Austrian solution. This system was implemented by IBM Denmark. It is implemented on two IBM RISC/6000 machines running the communication stack (including the X.400 UA and MTA) and a data base system holding the reference N.SIS database for storing the broadcasts from the C.SIS. This system is connected via the X.25 modem to the C.SIS.

 For the access of the end users there is an additional system, named ÍSIS. ÍSIS consists of two SUN E450 machines in a cluster configuration. The identical technical copy of the SIS database is kept on an Oracle Parallel Server on these SUN machines. The query system is based on the standard product IBM WebSphere Application Server. It follows the IBM Application Framework for e- business (Web standards and Java technology). b) The installed software of the N.SIS is at the same maintenance level as in Austria:

. Operating System: IBM AIX Version 4.3.3 . X.400 MTA: ATOS MXMS 88 . X.400 UA: Common Schengen portable UA . RDBS : IBM Universal Database Version 5.3 . Control Software: N.SIS Application “CHARON” c) The N.SIS configuration is set up with one operational and one combined backup/test machine (“COLD standby”).

Each of the machine racks houses an IBM SSA disk array containing the N.SIS database. The disk array in the operational machine is the active image of the database while the one in the backup/test machine is the mirror to recover a hardware failure of a disk. The SSA disk arrays are configured in RAID1 mode. d) To ensure a save separation between the operational and test environment, the following measures have been taken:

The hardware architecture of the SSA in combination with the disk controllers in the RISC machine guarantees that only the operational machine has access to it. It is therefore technically not possible to access the disk array from the test system. In case of a failure of the operational machine, the test system has to be stopped and an image of the production system has to be started. This image is stored on internal disks of the computer and cannot be accessed while the test system is running. The hardware boot sequence of AIX ensures this.

The activation procedure for the backup system, the “TAKE OVER” procedure, is easily executable by an operator and enables Icelandic authorities to have close to 100% up time of the N.SIS.

6134/01 NP/ml 8 DG H EN

The N.SIS exchanges update requests and SIS broadcasts with the ÍSIS via a queuing system. The queuing system, a standard product of IBM, MQ-Series, is responsible to for ensuring that none of the messages get lost on the way between the N.SIS and the Schengen applications.

C.SIS

Leased Analogue Analogue

Leasedline line line (backup) (test)

Modem Modem (prod) (test) NoCop Obligation Protocol (delivered by Crypto Analyser NoCop)

Config. X.25 Switch m

Operators Terminals IBM (NT Workstations) Deliverable ASCII ASCII (delivered by IBM N.SIS 1 N.SIS 2 Terminal Terminal during roll out)

Network National applications NoCop Obligation (delivered by Ethernet network NoCop) Operators environment

e) The Í.SIS is implemented as application based, using the IBM WebSphere application server.

Security features regarding use of Java applets: Jar-files (Java TM Archive (JAR) file format are signed with a verified certificate bought from the company Thawte. The certificate from Thawte is in the form of two files, a private key and a public key Secure Socket Layer (SSL) implementation: is planned to be used with a certificate from a verified provider to ensure that users are connecting to the certified server (Thawte or VeriSign). Encryption is a part of SSL.

It is run on the Icelandic Police WAN (closed network), but the users use HTTPS (Secure Socket Layer) protocol and standard browsers (like MS Internet Explorer and Netscape) on their computers, so no special set up of clients countrywide is needed (in worst case maybe a minor configuration of the browsers that the users should be able to do with a help-desk assistance).

At regular intervals, a database comparison between the N.SIS and the technical copy will be done.

2.3.2 National applications

Data that has to be sent to the SIS come solely from the ÍSIS application. According to the Icelandic authorities, the current national system is not appropriate for using in conjunction with the SIS because it cannot be further extended. Therefore it was decided to implement the SIS system without any integration to the national system. All queries and all data input to the SIS is carried out by means of the ÍSIS. Over the next two to three years a project to update and renew the national system will be undertaken, as a result of which integration of the SIS will be possible.

6134/01 NP/ml 9 DG H EN

2.4. User Interface

The user interface is based on a JAVA client that is downloaded from the HTTP Server to the workstation. Therefore no special adaptations are necessary on the workstations. The user inputs query information into this client, which is then sent using HTTPS (software encrypted) to the application server (IBM Web Sphere Application Server) which queries the technical copy of the database (Oracle). The results are then promptly returned to the client application.

The client offers a functionality for inserting all alerts and is only available to the employees of the SIRENE office. All SIS data has to go to the SIRENE bureau where the data is entered in the system. Several views (queries) on the SIS data are possible. There exists a combined query (Person Query), which will become the most commonly used query for the police forces. It combines the categories Wanted Person and ID documents. At the moment it does not cover the Blank Documents category: this will be added as soon as possible.

The user interface is quite intuitive. However the result table is so full of information that it is somewhat difficult to access the retrieved information. Person-related remarks are not shown in this result table. By double-clicking, the detailed information of the SIS record will be displayed on a separate panel. The user interface does not show the national version of the "action to be taken" field from the reference table. The end users always have to consult the SIS information handbook to interpret the hit. However, the telephone number of the SIRENE office is always displayed. It is understood that an adaptation to the client software will be made, which will show the readable version in a "help" file.

Errors observed in the User Interface:

. A hit on an alias record does not show all related information, such as the main record and the other associated aliases. . Currently, the additional information of the SIS record, such as SchengenID, Person- related remarks, Identification criteria, etc. are only available to more privileged users. It is understood that in the finalisation phase the security model had to be changed leading to the current situation. It is estimated that this problem will be resolved at the beginning of February 2001. . Queries on special national characters can only be carried out by entering the Schengen Transliteration rules. The functionality, which should allow the use of the special characters on the keyboard, does not seem to be working.

Mobile terminals with GSM connection are available. Because of the slow functioning of this equipment, other solutions for mobile connections to the SIS are being studied.

6134/01 NP/ml 10 DG H EN

2.5. Decentralised periphery

Police For the police, there are in total about 250 terminals with consultation clients for the ISIS application (SIS consultation). Approx. 25 terminals of those also serve as border control terminals at airports and in harbours.

Border control authorities For the border control authorities approximately 25 terminals are set up at Keflavik International Airport. For other airports and harbours 10 terminals are for the exclusive use for ISIS (SIS) consultation (5 of these are mobile computers). The Coast guard will need to contact the SIRENE bureau to search the SIS.

Aliens and asylum authorities For the authorities responsible for aliens and asylum, 5 terminals have been set up at the national VISION Bureau for consultation of ISIS (SIS) and for use of the national VISION application.

Visa authorities For the purpose of issuing visa, Iceland is represented by Danish embassies and the Vision system will be used to undertake the necessary consultation.

6134/01 NP/ml 11 DG H EN

2.6. Training

N.SIS and ÍSIS system administration Currently 5 persons have received training in using the N.SIS, of whom 3 have administrator skills and two have operator knowledge. Training of two more operators is planned, thus making a total of 4 with operator knowledge.

System management/operators training 1. Participation in Test preparation seminar in November 1999 (3 persons) 2. N.SIS operation/system management seminar at IBM DK in Copenhagen in May 2000 (2 persons) 3. Training through participation in tests with C.SIS (3-4 persons) 4. Training through tests of national application (3 persons) 5. Information session in Strasbourg, November 2000, Mainly addressing Operator Manual and SP-II HD Incident Control Procedure (3 persons) 6. N.SIS “hands-on” training Vienna, 3rd week of January 2001 (3 persons) 7. Different general System management and Network management seminars have been attended or are planned to be attended

The Icelandic Police College has been responsible for training the end-users. The training has consisted of the following parts: - level 1: a 6-hours introduction on Schengen for about 800 officers of all branches, including customs and coast guards covering the following subjects: the Schengen Convention, the operation of the SIRENE bureau, the operation of the immigration service and the responsibilities of the police at Keflavik airport. This course was given in IPC and by video conference to 15 locations; - level 2a: a 5-days course for 140 police and customs officers mainly from Keflavik airport but also from other police districts on passports and other documents, legislation and human rights. Tests were taken on the content of the course and on related reading material - level 2b: from January to March 2001, each district to be visited by instructors to explain the procedures (including the follow-up of hits) and distribute documentation - level 3: special training for the SIRENE staff in IPC on data protection laws and extradition matters

The basic police training has been adapted so that in future it will include training on Schengen matters. The Coast guards will be trained by 15 March on the introduction of the border manual, Schengen procedures and will receive an introduction on passports. Passport training is carried out in co-operation with the United States of America.

The Icelandic Government webpage contains background material on Schengen, the ISIS contains a helpdesk system and the officers can access the necessary manuals on the police Intranet. Paper copies of Schengen and SIS documentation were also distributed.

6134/01 NP/ml 12 DG H EN

3. VISIT TO THE ICELANDIC SIRENE

3.1. Organisation and structure

The International Section where the SIRENE Bureau is situated is part of Division I headed by the Deputy National Commissioner. This division is also responsible for all central international co- operation, including the Nordic Co-operation, Baltcom, Interpol and in future, it is intended, also .

The National Commissioner of Police (NCP), is directly responsible for the SIRENE bureau. He delegates the responsibility for day-to-day management to the Police Superintendent in the International Section. He is assisted in his supervision of the SIRENE bureau by a team of Chief Inspectors each responsible for the different aspects of the workload.

The SIRENE Bureau has 11 employees, some of whom are police officers and others civilians. 9 of them (5 police officers and 4 civilians) have been recruited within the last year. Both the police officers and the civilian staff carry out identical tasks but alerts can only be forwarded by a police officer. All SIRENE staff speak English, some staff members also speak French, Spanish, German, Danish or Italian.

Apart from the Deputy Commissioner, there are 5 lawyers working at NCP, available for assisting the SIRENE staff. None of the SIRENE staff members is a lawyer.

During office hours, one officer is responsible for all incoming messages. He forwards the files to the case officers. The Head of SIRENE supervises the work to ensure an efficient workflow. From 16:00-22:00, only two members of staff are present.

The intention is to keep the work on SIRENE matters completely separate from the work for other organisations. The only exception is the monitoring of incoming messages from 22:00 hours to 08:00 hours and on weekends. The employees of the International Section cover night shifts on rotation basis, with one officer being present at the office from 22:00-08:00. The officers on night shift monitor all incoming messages and call upon a case officer they can not handle the matter themselves.

There is no question that Schengen matters have absolute priority over all other messages. It is clear that the Icelandic authorities understand that SIS alerts take precedence over Interpol alerts. In this respect no special agreement with the judicial authorities is needed.

The N.SIS is still operated by IRO staff 24h/24 but once the SIRENE staff will have been trained, they will also monitor the N.SIS. To that end an operator terminal for N.SIS has been installed at the SIRENE bureau to be operated during SIRENE night shifts with a “back-shift” support of a fully capable technician. In critical situations, or where a technical difficulty arises which the SIRENE staff cannot handle, a technical “back-shift” person will be alerted.

6134/01 NP/ml 13 DG H EN

3.2 Security and data protection at the SIRENE bureau

The SIRENE bureau is located at Skulagata 21, REYKJAVIK within the premises of the National Commissioner of Police. This is a new building and the SIRENE bureau is situated on the 3rd floor.

Access to NCP premises and to different areas within the building is secured by a special access card system and security codes. Access to the SIRENE bureau is also secured by access card and codes but is limited to the staff of the bureau and their supervisors. The access system can be audited. Video surveillance is also available in the building and is monitored from the SIRENE front desk. In case of intrusion or major incident, the SIRENE staff have an emergency radio link with the Reykjavik police.

Access of others is registered and is subject to permission from SIRENE staff. Visitors must be escorted at all times.

The SIRENE computer systems are installed in a separate secure computer room. A commission is currently evaluating what (additional) security measures are necessary to protect the premises and in particular the computer room from unauthorised access and fire. The back-up SIRENE computer system is located at the N.SIS premises and can be used as a test system.

The files room of the SIRENE bureau are kept in a special fire-proof room located on the second floor of the building. The back-up tapes are stored in this room in a fire-proof safe, but a copy of this back-up is also kept in a safe at the N.SIS premises and vice versa.

Access to the archive room is limited to a few members of staff and is secured with a key. The Icelandic SIRENE system has been developed with the aim of storing all forms and files electronically. For this reason paper files will be the exception. Deletion of the paper files will take place as soon as possible after the deletion in the SIS. This will be supervised by the Data Protection Agency. Files on Icelandic alerts will be kept in the national registers in accordance with national regulations.

All police officers and civil staff employed at the SIRENE bureau, as well as other users, are bound by an oath of secrecy not to disclose any information they obtain from police files to other parties.

6134/01 NP/ml 14 DG H EN

3.3 Installation

The SIRENE support system is based on Microsoft WINDOWS/NT platform. It uses the following components:

Component Product Database Microsoft SQL Server X.400 Communication Microsoft Exchange Server (X.400 connector) Workflow Development based on Microsoft Outlook as Client and front-end for the end users and extended by the usage of Visual Basic Scripts and DLLs to handle the SIRENE forms.

The data needed for filling in the SIRENE forms are taken directly from the ÍSIS.

6134/01 NP/ml 15 DG H EN

3.4 Recruiting and Training of SIRENE-officers

Apart from the training for the end users (cf. chapter 2.6) 3 members of staff attended the course in Madrid and 3 others attended the common course for Nordic operators in Oslo. Two others participated in a one-week operator training course in Vienna. Members of staff have also participated in national courses organised by the Norwegian SIRENE bureau.

Furthermore, police members of staff have had the opportunity to make visits to the SIRENE bureaux of France, Germany, Austria, Belgium and the Netherlands.

The civilian staff, recruited since 1 January 2001, have not participated in the above-mentioned training sessions but their training is planned.

6134/01 NP/ml 16 DG H EN

3.5 Tasks of the SIRENE bureau

The SIRENE bureau will be the only authority to enter Icelandic alerts in the SIS.

Apart from the tasks allocated to the SIRENE bureau by the SIRENE manual, the Icelandic SIRENE bureau will be the designated authority for police co-operation, as detailed in articles 39 to 46 of the Schengen Convention.

In addition, on-duty staff within the SIRENE bureau will, during the periods that the N.SIS control room is unmanned, remotely monitor the functioning of the N.SIS. Training will be held to ensure that a basic knowledge of the system is held by the appropriate officers and relevant procedures are put in place to ensure that appropriate technical support is available as required.

The SIRENE bureau will also manually check the passenger lists of all ships arriving in Iceland from third countries and will inform the local police district of any hits so that the necessary action can be taken.

6134/01 NP/ml 17 DG H EN

3.6 Workflow and responsibilities for entry and deletion of records

All alerts, including alerts pursuant to article 96, will be introduced by the SIRENE bureau and will thus be checked before introduction.

Iceland does not request a flag for alerts on citizens from other Nordic countries. All requests for arrest and extradition are handled by the Ministry of Justice on a case-by-case basis.

On 1 January 2001, approximately 11,000 alerts pursuant to article 95 existed in the SIS. So far, around 3,000 of the relating SIRENE files have been examined.

6134/01 NP/ml 18 DG H EN

3.7 Statistics on alerts and hits

On 31 January 2001, Iceland had 5 alerts in the SIS (4 alerts pursuant to article 95 and one alias). On 9 February 2001, the Icelandic authorities confirmed that they have one person to enter into the SIS pursuant to article 96. Future alerts will be created as and when necessary. About 100 blank passports, stolen 7 years ago in Paris, will be introduced pursuant to article 100. These are all the historical data that Iceland will introduce in the SIS.

On 31 January 2001, the SIRENE bureau had made 392 SIS queries, the Border Control at Keflavik airport 368 and the police 654.

So far, no hits have been recorded by the Icelandic authorities.

6134/01 NP/ml 19 DG H EN

4. VISITS TO THE END-USERS OF THE SIS

4.1. Visit to Keflavik airport

On Wednesday 31 January 2001 the survey group visited the police authorities at Keflavik airport who are responsible for border control and general policing and security at the complex.

Following a short presentation by the on the structure of the police and customs services at the airport and their responsibilities, members of the survey group visited the passport control area.

The current control area is equipped with SIS terminals and they were found to be working well with good response times. Because the SIS had been connected only a few days earlier, staff did not yet seem entirely confident in their use of the SIS. Response times were very good. The importance of Keflavik airport as main SIS checking point for Iceland (more than 98% of all international passengers arrive through the airport) requires staff to be well trained and used to the system.

The survey group had the opportunity to visit the new terminal, where all control booths for incoming and outgoing traffic (14 and 8) would be equipped with SIS terminals by 25 March 2001. A second-line control room is also planned.

6134/01 NP/ml 20 DG H EN

4.2 Visit to Reykjavik police

In the morning of 29 January 2001, the Vice Commissioner of the Reykjavik Police, Mr. Einarsson, gave a presentation on the organisation, structure and responsibilities of the Reykjavik police.

On the afternoon of 29 January 2001 the members of the survey group visited the General Division of the Reykjavik Police. While the members of staff demonstrated their knowledge and use of the ISIS functions, it was learned that this function had only been available for a few days. The query function worked well with a good response time. It was noted that when a hit was achieved the “action to be taken” field referred the enquirer to a set of tables contained in the Iceland SIS manual. To follow up a hit satisfactorily the enquiry officer has to have access to both the SIS and the user manual. Such documentation was readily available to the users. The phone number of the SIRENE bureau did, however, appear on the screen when a query had a positive result.

Discussion with the developers confirmed that an actual "action to be taken" view in the reply to the query was being introduced as a priority and that this facility would be available to end users before the end of February 2001.

Following this visit the members of the survey group visited the Police Communications Centre. This was a well equipped modern communication centre. ISIS was available to the staff but it was learned that it had only been connected earlier on the day of the visit.

6134/01 NP/ml 21 DG H EN

4.3. Visit to Akureyri police district

On 30 January 2001, members of the survey group visited Akureyri Police District. Following a presentation by the Police Commissioner, Mr. Arnvidarson on the structure and responsibilities of his Police District, members of the survey group toured the police station and met staff members. Searches on the SIS at the airport and harbour will be done via a mobile terminal or by telephone. This is possible in view of the very low number of extra-Schengen passengers arriving in Akureyri.

During this period the survey group concentrated on the practical use of the SIS. All staff have access to the SIS as a matter of routine. The SIS was available and searchable. It was learned that the police station had been connected to the SIS only 10 days earlier. Staff on duty had a good knowledge of the system and were able to conduct searches. The procedure for following up hits was well understood. Schengen documentation, including the transliteration rules, was available to the staff.

It was explained that network difficulties that had been and were still being experienced should be resolved with the planned migration to a new network connection on 11 February 2001.

On 12 February 2001 a trainer from the Icelandic Police College will visit Akureyri by which time much of the local staff training will have been completed.

6134/01 NP/ml 22 DG H EN

4.4 Visit to Kopavogur police office

Following the visit to Keflavik airport, the survey group visited Kopavogur police office. This visit was unannounced and was facilitated by the Icelandic authorities at short notice.

Kopavogur police station has been recently connected to the new frame relay network and members of the survey group were interested in seeing how this would affect the performance of the system when completely installed in the whole country (planned for the end of February 2001).

The operator on duty appeared confident and competent in his use of the SIS. The system performed well with a very good response time. The Icelandic authorities explained that this was the standard they were working towards introducing to all police stations in Iceland. The Icelandic Schengen manual was available to the staff.

6134/01 NP/ml 23 DG H EN

5. REMARKS AND CONCLUSIONS

Taking into account the small number of Icelandic data to be entered into the SIS, it is clear that the Icelandic authorities have made enormous investments to introduce the SIS in their country.

The survey group is pleased that the Icelandic authorities are upgrading the network to improve the stability and response time of the overall system. In order to achieve the maximum potential of SIS, the group encourages the Icelandic authorities to adapt their national registers, as already foreseen for 2002-2003, so that a dual query of national systems and the SIS is available as soon as possible.

The survey group recommends that the Icelandic authorities monitor the network and their security measures closely to prevent unauthorised access through the Internet.

Although staff seemed to have received the appropriate training, the short period of using the SIS did not allow easy usage of it. The user-friendly application will probably allow a normal and intensive use of the SIS to evolve quickly.

It appeared that the authorities did not consider that there should have been full use of the SIS from 1 January 2001 but only at the lifting of the controls at the borders. Technical improvements were still being made and appropriate training will be necessary to inform the users of the enhanced functionalities.

The transliteration rules are not yet implemented so that even the Icelandic characters must be manually transliterated when querying the SIS, as explained in chapter 2.4. The survey group strongly recommends that the transliteration rules be automated on the ISIS application.

It was noted that the operational, back-up and test systems are located in the same computer room so that in case of major incident the three systems would be out of order, leaving the N-SIS without any fall-back solution. Therefore the survey group recommends to study and implement a safer solution such as having at least the back-up and test systems in a separate computer room, if not at a separate site.

The Icelandic authorities have extensively reported on the actions taken following the visit of the survey group: - the necessary hardware and software for enhancing the police network security will be installed by the end of February 2001; - a network/Internet security audit will be performed between 27 February and 2 March 2001; - the installation of the new frame relay network is taking place in police stations outside the capital area and all sites will be connected before the end of February 2001; - several measures have been taken to improve the performance of the application and before the end of February 2001 the performance of the database will be improved as well; - furthermore, detailed plans have been set up to correct known errors and implement new features in the ÍSIS application; the most urgent changes will be carried out on 9 February 2001, the last on 9 March 2001; - new surveillance cameras for the IRO premises are scheduled to be installed by 16 March 2001; - new "in house" rules have been set at IRO to mandatorily close the curtains of the operator room at all times to prevent that operator terminals are exposed to unauthorised persons in buildings across the street.

6134/01 NP/ml 24 DG H EN

Throughout the visit, it appeared that the SIS is mainly considered as a tool to be used for border controls and police checks made on foreigners and/or foreign card. Therefore, the survey group is of the opinion that this issue should be addressed in future training courses and could be solved by promoting a combined query of the national and SIS databases.

------

6134/01 NP/ml 25 DG H EN