(immigration and asylum law and policy in europe 15) evelien brouwer-digital borders and real...
DESCRIPTION
Immigration and Asylum LawTRANSCRIPT
Digital Borders and Real Rights
Brouwer-FM.indd i 4/15/2008 6:36:52 PM
Immigration and Asylum Law and Policy in Europe
VOLUME 15
Editors
Elspeth GuildKingsley Napley Solicitors, London,
Centre for Migration Law, Radboud University Nijmegen
Jan NiessenMigration Policy Group, Brussels
Th e series is a venue for books on European immigration and asylum law and policies where academics, policy makers, law practitioners and others look to fi nd detailed analysis of this dynamic fi eld. Works in the series will start from a European perspective. Th e increased co-operation within the European Union and the Council of Europe on matters related to immigration and asylum requires the publication of theoretical and empirical research. Th e series will contribute to well-informed policy debates by analysing and interpreting the evolving European legislation and its eff ects on national law and policies. Th e series brings together the various stakeholders in these policy debates: the legal profession, researchers, employers, trade unions, human rights and other civil society organisations.
Brouwer-FM.indd ii 4/15/2008 6:36:52 PM
Digital Borders and Real Rights
Eff ective Remedies for Th ird-Country Nationals in the Schengen Information System
By
Evelien Brouwer
LEIDEN • BOSTON2008
Brouwer-FM.indd iii 4/15/2008 6:36:52 PM
Th is book is printed on acid-free paper.
Library of Congress Cataloging-in-Publication Data
Brouwer, Evelien Renate, 1966-Digital borders and real rights : eff ective remedies for third-country
nationals in the Schengen Information System / by Evelien Brouwer.p. cm. -- (Immigration and asylum law and policy in Europe, ISSN 1568-2749; 15)
Includes bibliographical references and index.ISBN 978-90-04-16503-8 (hardback : alk. paper) 1. Emigration and immigration
law--European Union countries--Databases. 2. Emigration and immigration law--European Union countries--Computer network resources. 3. Aliens--Civil rights--European Union countries. 4. Privacy, Right of--European Union countries. 5. Asylum, Right of--European Union countries. 6. Data protection--Law and legislation--European Union countries. 7. Freedom of movement--European Union countries. I. Title.
KJE6050.B76 2008342.2408’2--dc22
2008011946
Th is book was edited by Hannie van de Put, Centre for Migration Law, Radboud University Nijmegen.Th e English text has been revised by Claire Singleton, translator, Los Alamos, United States.
ISSN 15682749ISBN 978 90 04 16503 8
Copyright 2008 by Koninklijke Brill NV, Leiden, Th e Netherlands.All rights reserved. No part of this publication may be reproduced, translated, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without prior written permission from the publisher.
Authorization to photocopy items for internal or personal use is granted by Brill Provided that the appropriate fees are paid directly to Th e Copyright Clearance Center, 222 Rosewood Drive, Suite 910, Danvers, MA 01923, USA.Fees are subject to change.
printed in the netherlands
Brouwer-FM.indd iv 4/15/2008 6:36:52 PM
ContentsAcknowledgments ........................................................................................xxiiiAbbreviations ................................................................................................ xxv
Chapter1 Introduction............................................................................. 1
1. Th e Schengen Information System and Other EU Databases: Tools for Border and Immigration Control ................................................. 1
2. Problem ...................................................................................................... 23. A Right to Eff ective Remedies? .................................................................... 4
3.1. Questions ............................................................................................ 43.2. Criteria to Assess Availability of Eff ective Remedies ............................. 5
4. Outline ....................................................................................................... 75. Defi nitions and Explanation of Used Terms ................................................ 76. Sources and Interviewees ............................................................................. 8
Part I Border Control and Data Surveillance in the EU
Chapter 2 Towards Schengen: Th e Abolition of Internal Border Controls in Europe .......................................................... 13
1. Introduction: Abolition of Internal Border Controls ................................. 132. Th e Internal Market and the Free Movement of Persons:
Setting Goals ............................................................................................. 152.1. Between 1957 and 1985: From the Treaty of Rome to the
Commission’s White Paper ................................................................ 152.2. Th e Commission’s White Paper on the Completion of the
Internal Market ................................................................................. 173. From 1985 to the Completion of the
Single Market: Defi ning Powers ................................................................ 184. Intergovernmental Negotiations on the Abolition of
Internal Border Controls ........................................................................... 204.1. Other Examples: Th e Benelux, the Nordic Union, Ireland
and the United Kingdom .................................................................. 204.2. Between 1985 and 1989: Th e Schengen Negotiations ....................... 214.3. Th e Immigration Ad Hoc Group, Trevi, and
the Group of Co-ordinators .............................................................. 23
Brouwer-FM.indd v 4/15/2008 6:36:52 PM
vi Contents
5. Abolition of Border Controls and Compensatory Measures ....................... 255.1. Th e Function of Borders: Emphasis on Internal Security and
Immigration Control ........................................................................ 255.2. Pre-Border Selection: Visa Policy ....................................................... 275.3. Draft of an External Frontiers Convention ........................................ 285.4. An Area of Freedom, Security, and Justice ......................................... 295.5. Common Mechanisms for External Border Controls ......................... 31
6. Th e Convention Implementing the Schengen Agreement .......................... 336.1. Negotiations ...................................................................................... 336.2. Content of the CISA ......................................................................... 34
6.2.1. Title II: Abolition of Checks at Internal Borders and Movement of Persons ............................................................. 35
6.2.2. Visa Rules .............................................................................. 366.2.3. Free Circulation ..................................................................... 376.2.4. Priority of the Community Rules ........................................... 37
6.3. Entry into Force and Players ............................................................. 386.3.1. Entry into Force of the CISA ................................................. 386.3.2. Position of the Nordic Countries ........................................... 386.3.3. Position of UK and Ireland .................................................... 396.3.4. New EU Member States ......................................................... 40
7. Treaty of Amsterdam: Th e Incorporation of the Schengen Acquis in EU Law ...................................................................... 417.1. Title IV TEC: Communitisation of Asylum
and Immigration Law ........................................................................ 417.2. Incorporation of Schengen into EU Law: Marriage of
Convenience or Repairing the Democratic Defi cit? ........................... 428. Schengen: Successful Laboratory for the EU? ............................................ 44
Chapter 3 Th e Schengen Information System ........................................ 47
1. Th e Establishment of the SIS .................................................................... 471.1. Setting an Example: Th e Benelux Lists .............................................. 471.2. Discussing the Purpose and Functioning of the SIS ........................... 491.3. Structure ........................................................................................... 521.4. Final Purpose and Categories of Entries ............................................ 531.5. Problems During the Construction Phase ......................................... 55
2. Legal Basis ................................................................................................. 573. Participants ............................................................................................... 57
3.1. Nordic Countries .............................................................................. 573.2. Th e UK and Ireland .......................................................................... 583.3. Switzerland ........................................................................................ 593.4. Accession of New EU Member States ................................................ 59
Brouwer-FM.indd vi 4/15/2008 6:36:52 PM
4. SIS and Th ird-Country Nationals: Exclusion of ‘inadmissible aliens’ ................................................................................... 594.1. Draft Texts ........................................................................................ 594.2. Article 96 CISA ................................................................................. 604.3. Defi nition of ‘inadmissible’: Discretionary Power of
National Governments ...................................................................... 624.4. EU Citizens and Benefi ciaries of EC Law .......................................... 63
5. Practical Implementation of SIS: Statistical Data on the Number of Records and SIS-Based Hits .................................................... 655.1. Numbers of Persons Entered in SIS ................................................... 665.2. Numbers of Hits Based on Searches Performed of the SIS ................. 68
Chapter 4 New Functionalities for SIS and the Development of SIS II ........................................................................ 71
1. Th e Road to the Second Generation SIS or SIS II ..................................... 712. Early Proposals to Extend the Use of SIS ................................................... 73
2.1. Access to Europol and Eurojust ......................................................... 732.2. Eff ective Protection against Illegal Immigration ................................ 742.3. New Categories of Persons ................................................................ 75
3. SIS I and the Fight Against Terrorism ....................................................... 763.1. Extending the Functions of the SIS I ................................................. 763.2. Access for Internal Security and Intelligence Services......................... 783.3. Inclusion of Persons Listed on the UN Terrorist Lists ........................ 79
4. Adopted Decisions Extending the Use of SIS I .......................................... 804.1. Regulation 871/2004 and Decision 2005/211 on
New Functionalities .......................................................................... 804.1.1. Europol and Eurojust ............................................................. 814.1.2. Public prosecutors .................................................................. 824.1.3. Authorities Responsible for Issuing or Examining
Visa Applications or for Issuing Residence Permits................. 824.1.4. Duty to Report all Transmission of Data and a
Legal Basis for SIRENE ......................................................... 834.2. Framework Decision 2002/584 on the
European Arrest Warrant ................................................................... 834.3. Common Position 2005/69 on Exchange of SIS Data Between
Member States and Interpol .............................................................. 844.4. Regulation 1160/2005 on Access to the SIS by
Vehicle Registration Authorities ........................................................ 855. SIS II ........................................................................................................ 85
5.1. Legal Basis for SIS II ......................................................................... 855.2. Developing SIS II as a ‘fl exible tool’ .................................................. 87
Contents vii
Brouwer-FM.indd vii 4/15/2008 6:36:52 PM
viii Contents
5.3. Th e Position of the UK and Ireland with Regard to Access to SIS II ................................................................. 88
5.4. Involvement of the European Parliament........................................... 906. Final Texts of the Regulation and Decision on SIS II ................................. 93
6.1. Purpose ............................................................................................. 936.2. Criteria for Th ird-Country Nationals to be Stored in SIS II .............. 94
6.2.1. Commission Proposal – Trying to Harmonise National Criteria .................................................................... 94
6.2.2. Final Criteria: Th e Individual Assessment and Proportionality Clause ........................................................... 94
6.2.3. SIS II and Terrorist Lists ........................................................ 966.3. EU Citizens and Privileged Th ird-Country Nationals ........................ 976.4. Inclusion of Biometrics in SIS II as an Identifi cation Tool ................. 986.5. Authorities Allowed Access to SIS II .................................................. 996.6. Interlinking of Alerts ....................................................................... 1016.7. Change of Architecture ................................................................... 1026.8. Establishment of the Management Authority .................................. 1036.9. Evaluation and Publication of Statistics on SIS II ............................ 103
7. Comparing SIS I and SIS II .................................................................... 1047.1. Changing the Purpose of SIS ........................................................... 1047.2. Changes with Regard to the Storage and Use of Data on
Th ird-Country Nationals ................................................................ 106
Chapter 5 Other EU Databases Used in the Field of Immigration Control: Eurodac and VIS .................................................. 117
1. Introduction ............................................................................................ 1172. Eurodac ................................................................................................... 118
2.1. Development and Central Purpose of Eurodac ................................ 1182.2. Collection, Transmission and Comparison of Fingerprints .............. 1212.3. Extension to Illegal Immigrants ....................................................... 1232.4. Functioning of Eurodac: Annual Reports of the Commission.......... 125
3. Visa Information System or VIS .............................................................. 1273.1. Negotiations Towards a European Visa Information System ............ 1273.2. Th e VIS Regulation: Purpose and Content of VIS .......................... 130
4. Interoperability of SIS II, Eurodac and VIS ............................................. 1325. Use of Biometric Data ............................................................................. 135
5.1. Controlling the Body: Use of Biometrics at the EU Level ................ 1355.2. Diff erent Options with Regard to the Use of Biometric Data .......... 1375.3. Biometrics and the Rights of Individuals ......................................... 1385.4. Reliability of Biometrics .................................................................. 1395.5. Index on Criminal Records of Th ird-Country Nationals ................. 140
Brouwer-FM.indd viii 4/15/2008 6:36:52 PM
Contents ix
6. Comparing SIS II, Eurodac and VIS ....................................................... 1416.1. Central Databases, Immigrants and Biometrics ............................... 1416.2. Diff erences Between SIS, Eurodac, and VIS .................................... 1426.3. Intelligence Tool or Administrative File? .......................................... 143
Part II Eff ective Remedies under European Law
Chapter 6 Data Processing and the Right to Privacy: Th e Importance of Article 8 ECHR......................................................... 147
1. Introduction ............................................................................................ 1472. Taking Article 8 ECHR into Account in EU Policy ................................. 148
2.1. SIS and SIS II ................................................................................. 1482.2. Eurodac ........................................................................................... 1492.3. VIS ................................................................................................. 150
3. Article 8 ECHR and Data Processing: When is there an Interference with the Right to Private Life? ............................................. 1523.1. Secret Police and Security Files: Leander and
Segerstedt-Wiberg ............................................................................. 1533.2. Child care Records, Health and Gender Information:
Gaskin, Z and Goodwin ......................................................................1553.3. Systematic Collection and Storage of Personal
Information by Public Authorities: Amann and Rotaru .................... 1573.4. Recording of Voices and Video Images Collected
in the Public Domain: P.G. and J.H. v. UK...................................... 1593.5. Administrative Data: Malone ........................................................... 1603.6. Use of Information Beyond What is Normally Foreseeable:
Perry, Peck and Lupker ..................................................................... 1603.7. Passports and Identifi cation Measures: Smirnova and İletmiş ............ 161
4. Is the Interference in Accordance with the Law? Quality of Law .............. 1635. Necessary in a Democratic Society: Proportionality and
Procedural Guarantees ............................................................................. 1656. Article 8 ECHR and the Need for Eff ective Remedies ............................. 167
6.1. Independent Control Mechanism: Judicial or Non-Judicial Remedies .................................................................... 167
6.2. Accessibility ..................................................................................... 1686.3. Scope of the Remedies ..................................................................... 1696.4. Competences ................................................................................... 169
6.4.1. Article 8 and Article 13 ECHR ............................................ 1696.4.2. Article 8 ECHR and the Right to Financial
Compensation under Article 6 ECHR ................................. 1716.5. Non-discrimination ......................................................................... 172
Brouwer-FM.indd ix 4/15/2008 6:36:52 PM
x Contents
7. Conclusions: EU Databases, Article 8 ECHR and Eff ective Remedies .................................................................................. 1727.1. Data Processing and the Right to Private Life .................................. 1727.2. Procedural Guarantees and Eff ective Remedies ................................ 174
Chapter 7 Eff ective Remedies under Data Protection Law ................... 177
1. Introduction ............................................................................................ 1772. Development of National Data Protection Law:
Diff erent Phases of Law-Making ............................................................. 1783. Development of European Data Protection Law ..................................... 181
3.1. 1981: Data Protection Convention of the Council of Europe ........................................................................... 181
3.2. 1990: Inclusion of Data Protection Provisions in the CISA ..................................................................................... 183
3.3. 1995: Directive 95/46 on the Protection of Personal Data .................................................................................. 1863.3.1. Protecting Individuals and Free Movement of Data ............. 1863.3.2. Scope and Applicability of Directive 95/46 .......................... 188
3.4. Regulation 45/2001/EC: Data Protection Applicable to Community Institutions and Bodies ............................................... 190
3.5. Data Protection in the Th ird Pillar: A New Instrument ................... 1913.6. Article 8 of the EU Charter: Data Protection
as a Human Right ........................................................................... 1934. Unveiling Reasons for Data Protection .................................................... 194
4.1. Protecting the Individual: Th e Right to Privacy ............................... 1964.1.1. From the Right to be Let Alone to the Right of
Personal Liberty ................................................................... 1964.1.2. Informational Self-determination ......................................... 198
4.2. Protecting the Rule of Law .............................................................. 2004.2.1. Balance of Powers ................................................................ 2004.2.2. Informational Division of Powers ......................................... 201
4.3. Data Protection as an Obligation for ‘good administration’ ............. 2025. Data Protection Principles ....................................................................... 204
5.1. Th e Principle of Purpose Limitation ................................................ 2055.1.1. Ban on “aimless data collection” ........................................... 2065.1.2. Legitimacy of Purpose .......................................................... 2075.1.3. Use or Disclosure Limitation ............................................... 2085.1.4. Time Limit on Storage of Data ............................................ 209
5.2. Transparency – Purpose Specifi cation .............................................. 2115.3. Special Categories of Data: Extra Safeguards ................................... 212
Brouwer-FM.indd x 4/15/2008 6:36:52 PM
Contents xi
5.4. Quality of Data ............................................................................... 2135.5. Individual Participation: Rights of the Data Subject ........................ 215
5.5.1. Right to be Informed – Right of Access to Personal Data ....................................................................... 215
5.5.2. Right to Request Correction, Deletion or Blocking of Further Processing ............................................ 217
5.6. Ban on Automated Decision-making .............................................. 2185.7. Security ........................................................................................... 2195.8. Accountability ................................................................................. 2205.9. Non-discriminatory Application of Data Protection Rules .............. 221
6. Limitations of Data Protection Rights: General Interest and National Security .................................................................................... 222
7. Eff ective Remedies: Independent Data Protection Authorities ................. 2237.1. National Data Protection Authorities .............................................. 223
7.1.1. Data Protection Convention ................................................ 2237.1.2. EC Directive 95/46 .............................................................. 2247.1.3. SIS I and SIS II: CISA and Regulation 1987/2006 .............. 2257.1.4. Eurodac and VIS .................................................................. 226
7.2. Data Protection Authorities at the EU Level ................................... 2267.2.1. Th e European Data Protection Supervisor ............................ 2267.2.2. Working Party on the Protection of Individuals
with regard to the Processing of Data ................................... 2287.3. Schengen Joint Supervisory Authority ............................................. 229
7.3.1. Tasks and Powers ................................................................. 2297.3.2. Activities of the JSA ............................................................. 230
8. Eff ective Remedies: A Right to Judicial Remedies? .................................. 2318.1. Data Protection Convention ........................................................... 2318.2. EC Directive 95/46 ......................................................................... 2328.3. Regulation 45/2001: EDPS ............................................................. 2338.4. SIS I: Article 111 CISA ................................................................... 2338.5. SIS II Regulation 1987/2006 .......................................................... 2358.6. Eurodac ........................................................................................... 2378.7. VIS Proposal ................................................................................... 2378.8. Th ird Pillar Instruments .................................................................. 238
9. Conclusions ............................................................................................ 2399.1. Th e Value of Data Protection .......................................................... 2399.2. Eff ective Remedies .......................................................................... 241
9.2.1. Access to Data Protection Authorities and Courts? .............. 2419.2.2. Accessibility ......................................................................... 2419.2.3. Scope ................................................................................... 2429.2.4. Competences ....................................................................... 242
Brouwer-FM.indd xi 4/15/2008 6:36:52 PM
xii Contents
Chapter 8 Eff ective Remedies in Immigration Procedures: ECHR ............................................................. 245
1. Introduction ............................................................................................ 2452. Article 6 (1) ECHR: Th e Right to a Fair Trial .......................................... 246
2.1. Maaouia: (Non-)Applicability of Article 6 in Immigration Law Procedures? ......................................................... 246
2.2. Immigration Law Decisions and the Right to Financial Compensation .................................................................. 248
2.3. (Non-)Registration and the Right to Financial Compensation .................................................................. 249
3. Article 5 (1) (f ) ECHR: Right to Liberty and Security ............................ 2514. Protocol No. 7 to the ECHR: Procedural Safeguards
Relating to Expulsion of Aliens ............................................................... 2525. Article 13 ECHR: Th e Right to Eff ective Remedies in
Immigration Law Procedures ................................................................... 2535.1. When Does Article 13 Apply? ......................................................... 2535.2. Admission of Th ird-Country Nationals ........................................... 2545.3. Expulsion and Expulsion Orders ..................................................... 256
6. Criteria for Eff ective Remedies ................................................................ 2586.1. Judicial or Non-judicial Remedies ................................................... 2586.2. Accessibility of Eff ective Remedies .................................................. 2596.3. Scope of Review .............................................................................. 2626.4. Competences ................................................................................... 266
7. Th e Principle of Non-discrimination: Article 14 ECHR .......................... 2678. Summary: Criteria for Eff ective Remedies ............................................... 269
8.1. Non-judicial or Judicial Remedy ..................................................... 2698.2. Accessibility ..................................................................................... 2708.3. Scope .............................................................................................. 2708.4. Competences ................................................................................... 2718.5. Non-application of Article 6 (1) ECHR to Immigration Law
Procedures: Failure or No Loss? ....................................................... 272
Chapter 9 Eff ective Remedies under EC Immigration Law .................. 275
1. Introduction ............................................................................................ 2752. Directive 2004/38/EC on the Right of Citizens and
their Family Members to Move and Reside Freely within the EU ............ 2762.1. Protecting the Free Movement of EU Citizens and
their Family Members ..................................................................... 2762.2. Extending the Scope of Protection: Cetinkaya and
Dörr-Ünal ....................................................................................... 278
Brouwer-FM.indd xii 4/15/2008 6:36:52 PM
Contents xiii
2.3. Th e Relationship between the VIS and SIS and the Freedom of Movement of EU Citizens and Family Members .......... 2792.3.1. Commission v. Austria ........................................................... 2792.3.2. Commission v. Spain ............................................................. 280
3. Legal Remedies in Immigration and Asylum Law Based on Title IV TEC........................................................................................... 2813.1. Directive 2001/40/EC on Mutual Recognition of
Expulsion Decisions ........................................................................ 2823.2. Directive 2001/55/EC on Minimum Standards for
Temporary Protection ..................................................................... 2833.3. Directive 2003/9/EC on Minimum Standards for the
Reception of Asylum Seekers ........................................................... 2843.4. Directive 2003/109/EC on Long-Term Resident
Th ird-Country Nationals ................................................................ 2853.5. Directive 2003/86/EC on the Right to Family Reunifi cation .......... 2863.6. Regulation 343/2003/EC (Dublin II) ............................................. 2873.7. Directive 2005/85/EC on Minimum Standards for
Asylum Procedures .......................................................................... 2883.8. Refusals at the Border ...................................................................... 289
3.8.1. Regulation 562/2006/EC on the Rules Governing the Movement of Persons at Borders (Schengen Borders Code) ......................................................... 289
3.8.2. Th e Inclusion of a Standard Refusal Form ............................ 2903.9. Proposal for a Directive on Returning Illegal Staying
Th ird-Country Nationals ................................................................ 2913.10. Visas ................................................................................................ 292
3.10.1. Schengen Common Consular Instructions ........................... 2923.10.2. Draft Community Code on Visas ........................................ 292
4. Criteria for Eff ective Remedies in EC Immigration Law ......................... 2934.1. Judicial or Non-Judicial Court? ....................................................... 293
4.1.1. Directive 2004/38 ................................................................ 2934.1.2. EC Asylum and Immigration Law ....................................... 294
4.2. Accessibility ..................................................................................... 2944.2.1. Directive 2004/38/EC ......................................................... 2944.2.2. EC Asylum and Immigration Law ....................................... 295
4.3. Scope of Review .............................................................................. 2964.3.1. Directive 2004/38/EC ......................................................... 2964.3.2. EC Asylum and Immigration Law ....................................... 298
4.4. Competence of Court or Authority ................................................. 2994.4.1. Directive 2004/38/EC ......................................................... 2994.4.2. EC Asylum and Immigration Law ....................................... 299
5. Summary: Diff erent Laws, Diff erent Regimes? ........................................ 300
Brouwer-FM.indd xiii 4/15/2008 6:36:52 PM
xiv Contents
Chapter 10 Eff ective Remedies in the EU: A Matter of Basic Principles ....................................................................................... 303
1. Introduction ............................................................................................ 3032. Th e First Principle: Incorporation of Human Rights in EU Law ............. 3033. Th e Second Principle: Eff ective Remedies to Secure Rights
Conferred by EU Law ............................................................................. 3063.1. Th e Johnston Principle ..................................................................... 3063.2. Applying the Johnston Principle to EC Immigration Law:
Th e Panayotova Case ....................................................................... 3073.3. Article 47 of the EU Charter ........................................................... 3083.4. Relationship Between the General Principle and
Secondary EC Legislation ............................................................... 3104. Th e Th ird Principle: Eff ective Judicial Remedies to Ensure a
Uniform and Clear Interpretation of EC Law ......................................... 3114.1. Preliminary Proceedings: Th e Responsibility of
National Judges and Legislators ....................................................... 3114.2. Criteria of National Courts Which Fall within the
Meaning of Article 234 TEC ........................................................... 3135. Towards Minimum Standards for Eff ective Remedies .............................. 314
5.1. Eff ective Remedies, Databases and Th ird-Country Nationals .......... 3145.2. Criteria for Eff ective Remedies ........................................................ 315
5.2.1. Judicial or Non-Judicial Authority? ...................................... 3155.2.2. Accessibility ......................................................................... 3165.2.3. Scope of Review ................................................................... 3175.2.4. Competences ....................................................................... 317
Part III Implementation at the National Level
Chapter 11 France................................................................................ 329
1. Introduction ............................................................................................ 3292. Parliamentary Involvement with CISA .................................................... 330
2.1. Schengen in General ....................................................................... 3302.2. Th e NSIS ........................................................................................ 3332.3. SIS I: Comments NGOs, Lawyers and Organisations ..................... 3342.4. SIS II .............................................................................................. 335
3. Implementation of Article 96 CISA ........................................................ 3363.1. Applicable Law ................................................................................ 3363.2. National Criteria for Entering Th ird-Country Nationals
into the NSIS .................................................................................. 337
Brouwer-FM.indd xiv 4/15/2008 6:36:52 PM
Contents xv
3.3. Authorities with Access to NSIS Data ............................................. 3403.4. Operation of SIRENE ..................................................................... 3403.5. Article 96 Hits: Duties and Responsibilities of
French Authorities ........................................................................... 3413.5.1. Refusal of Entry or Residence Based on
Article 96 CISA ................................................................... 3413.5.2. Expulsion of Th ird-Country Nationals on the
Basis of Article 96 CISA ....................................................... 3423.5.3. Article 96 Hits and Visa Applications ................................... 343
3.6. Th e Practical Use of the NSIS in France .......................................... 3434. Intermezzo: French Policy Governing
Th ird-Country Nationals ........................................................................ 3444.1. Police File on Searched Persons ....................................................... 3444.2. General Database on Foreigners: AGDREF ..................................... 3444.3. Database with Regard to the Issuing of Visas ................................... 3454.4. Fingerprinting Th ird-Country Nationals ......................................... 3464.5. ‘ELOI’: File on Expelled Persons ..................................................... 348
5. Rights and Legal Remedies in Data Protection Law ................................. 3495.1. Background to French Data Protection Law .................................... 3495.2. Th ird-Country Nationals and the
Right of Data Protection ................................................................. 3515.3. NSIS and Applicable Rules .............................................................. 3525.4. Duty to Inform the Data Subject .................................................... 3525.5. Right to Access, Correct or Delete Data .......................................... 352
5.5.1. Direct and Indirect Access .................................................... 3525.5.2. Application for a Right to Access and Time Limits ............... 354
5.6. Composition, Tasks and Powers of the French Data Protection Authority (CNIL) .......................................................... 355
5.7. Practical Information on the Right to (Indirect) Access to NSIS Information ........................................................................... 357
5.8 Right to Legal Remedies .................................................................. 3586. Rights and Remedies in Immigration Law ............................................... 359
6.1. General Background to Immigration Law ....................................... 3596.2. Amendments to French Immigration Law and the NSIS ................. 3606.3. Duty to Motivate Decisions ............................................................ 3616.4. Legal Remedies ............................................................................... 362
6.4.1. Th e Position of the Administrative Court in Immigration Law ................................................................. 362
6.4.2. Legal Remedies Against a Refusal of Entry ........................... 3646.4.3. Legal Remedies Against the Refusal of a Visa ....................... 3656.4.4. Legal Remedies Against Expulsion ....................................... 366
Brouwer-FM.indd xv 4/15/2008 6:36:52 PM
xvi Contents
7. Case Law ................................................................................................. 3677.1. Introduction .................................................................................... 3677.2. Duty to Inform the Data Subject .................................................... 3687.3. Assessing the Validity of Foreign SIS Reports .................................. 3707.4. Duty of Authorities to Balance Interests .......................................... 3737.5. Powers of the Court ........................................................................ 3757.6. Assessing the Role of the CNIL ....................................................... 376
7.6.1. Right of Indirect or Direct Access: Divisibility of the Data Files................................................. 376
7.6.2. Duty to Play an Active Role when Assessing the Validity of a Foreign Alert ............................... 376
7.6.3. Power of Foreign Data Protection Authorities ...................... 3778. Conclusions ............................................................................................ 378
8.1. Implementation of Article 96 CISA ................................................ 3788.2. Data Protection and the NSIS ......................................................... 3798.3. NSIS and the Right to Eff ective Remedies ...................................... 379
8.3.1. Judicial and Non-Judicial Remedies ..................................... 3798.3.2. Accessibility ......................................................................... 3808.3.3. Scope of Review ................................................................... 3808.3.4. Competences ....................................................................... 381
Chapter 12 Germany ........................................................................... 383
1. Introduction ............................................................................................ 3832. Parliamentary Involvement with CISA .................................................... 384
2.1. Schengen in General ....................................................................... 3842.2. Th e NSIS and Data Protection ........................................................ 3862.3. SIS II .............................................................................................. 389
3. Implementation of Article 96 CISA ........................................................ 3903.1. Applicable Law ................................................................................ 3903.2. National Criteria for Entering Th ird-Country
Nationals in NSIS ........................................................................... 3913.2.1. General Rules....................................................................... 3913.2.2. Persons to be Expelled, Removed or Deported ..................... 3913.2.3. Unlawful Data Storage Regarding Rejected
Asylum Seekers .................................................................... 3933.2.4. Registration Based on Public Order and
Security Grounds ................................................................. 3943.3. In the Beginning: Storing Old Data in the NSIS ............................. 3953.4. Authorities with Access to NSIS Data ............................................. 3963.5. Functioning of SIRENE .................................................................. 397
Brouwer-FM.indd xvi 4/15/2008 6:36:53 PM
Contents xvii
3.6. Article 96 Hits: Duties and Responsibilities of German Authorities ........................................................................ 3973.6.1. Refusal of Entry ................................................................... 3973.6.2. Expulsion of Aliens on the Basis of an
Article 96 CISA Hit ............................................................. 3983.6.3. Article 96 Hits and Visa Applications .................................. 398
4. Intermezzo: German Policy Governing Th ird-Country Nationals ............ 3994.1. Th e Central Aliens Administration or the AZR ............................... 399
4.1.1. Th e Need for a Legal Basis ................................................... 3994.1.2. Content of the AZR ............................................................. 3994.1.3. Amendments on the Basis of the
Prevention of Terrorism Act ................................................. 4014.2. Visa Information System ................................................................. 4034.3. Computer Profi ling or Dragnet Searching (Rasterfahndung) ............ 403
4.3.1. Before 11 September 2001: Tracking RAF Terrorists ...................................................................... 403
4.3.2. After 11 September 2001: Tracking ‘Islamic Terrorists’ ......... 4044.3.3. Assessment of Data Profi ling by
Lower German Courts ......................................................... 4064.3.4. Th e Constitutional Court and
Data Profi ling – Rasterfahndungsurteil .................................. 4084.4. Biometrics and Border Control ....................................................... 409
5. Rights and Legal Remedies: Generally Applicable Rules .......................... 4105.1. Article 19 (4) Constitution .............................................................. 4105.2. Th e Klass Case Before the German Constitutional Court ................ 4125.3. Rule of Law: Th e Principle of Proportionality ................................. 4135.4. Applicability of Administrative Procedural Law ............................... 414
5.4.1. Diff erence in Remedies ........................................................ 4145.4.2. Suspensive Eff ect of Legal Remedies .................................... 4155.4.3. Temporary Injunction .......................................................... 415
5.5. Applicability of 6 ECHR ................................................................. 4166. Legal Remedies and Data Protection Law ............................................... 416
6.1. Background and General Principles of German Data Protection Law ....................................................................... 416
6.2. Constitutional Right to Informational Self-determination .............. 4176.2.1. Th e Mikrozensus Urteil ......................................................... 4176.2.2. Th e Volkszählungsurteil ......................................................... 4176.2.3. Th e Duty of Immigration Offi ces to
Keep Complete Files ............................................................ 4196.2.4. A Constitutional Dilemma: Amtshilfe versus
Informationelle Gewaltenteilung ............................................ 420
Brouwer-FM.indd xvii 4/15/2008 6:36:53 PM
xviii Contents
6.3. Th e Applicability of Data Protection Principles and the Right to Informational Self-determination in Immigration Law ........................................................................ 422
6.4. Principles of Data Protection and the NSIS ..................................... 4226.4.1. Time Limits ......................................................................... 4226.4.2. Duty to Inform the Data Subject ......................................... 4236.4.3. Right of Access, Correction and Deletion ............................ 424
6.5. Supervision by Data Protection Authorities ..................................... 4256.5.1. Introduction ........................................................................ 4256.5.2. Th e Federal Commissioner for Data Protection and
Freedom of Information ....................................................... 4256.5.3. Data Protection Authorities of the Länder ............................ 4266.5.4. Inquiry of the Data Protection Commissioners on
Article 96 CISA ................................................................... 4276.6. Legal Remedies ............................................................................... 428
6.6.1. Competence of the Administrative Court ............................ 4286.6.2. Right to Financial Compensation ........................................ 429
7. Legal Remedies and Immigration Law .................................................... 4297.1. General Background to German Immigration Law ......................... 4297.2. Duty to Motivate Decisions ............................................................ 4307.3. Legal Remedies ............................................................................... 431
7.3.1. Legal Remedies Against Refusal of Entry ............................. 4317.3.2. Legal Remedies Against a Visa Refusal ................................. 4317.3.3. Legal Remedies Against Expulsion ....................................... 431
8. Case Law ................................................................................................. 4328.1. Record in the NSIS in Conformity with Criteria of
Article 96 CISA? ............................................................................. 4328.2. Direct Legal Eff ects of a SIS Alert ................................................... 4348.3. Duty to Balance Interests ................................................................ 4358.4. Competence of National Courts to Assess Validity of
Foreign SIS Report .......................................................................... 4368.5. Access to Remedies After Expulsion? ............................................... 4368.6. Article 96 CISA and Freedom of Religion: Th e Moon Case ............. 437
9. Conclusions ............................................................................................ 4409.1. Implementation of Article 96 CISA ................................................ 4409.2. Germany: Strong Tradition of Collecting and
Protecting Data ............................................................................... 4409.3. NSIS and the Right to Eff ective Remedies ...................................... 441
9.3.1. Accessibility ......................................................................... 4429.3.2. Scope of Review ................................................................... 4429.3.3. Competences ....................................................................... 443
Brouwer-FM.indd xviii 4/15/2008 6:36:53 PM
Contents xix
Chapter 13 Th e Netherlands ................................................................ 445
1. Introduction ............................................................................................ 4452. Parliamentary Involvement with CISA .................................................... 446
2.1. ‘Schengen’ in General ...................................................................... 4462.2. Parliamentary Discussions on SIS .................................................... 4482.3. Parliamentary Discussions on the SIS and the
Availability of Legal Remedies ......................................................... 4492.4. Parliamentary Debate on SIS II ....................................................... 451
3. Implementation of the SIS and Registration of Th ird-Country Nationals ........................................................................ 4533.1. Sources of Immigration Law ........................................................... 4533.2. Criteria for Registration in the NSIS ............................................... 455
3.2.1. Formal Residence Ban .......................................................... 4553.2.2. Th ird-Country Nationals Reported as Unwanted ................. 457
3.3. Practical Implementation and Use of the NSIS ............................... 4603.3.1. NSIS: Responsibility and Coordination ............................... 4603.3.2. Procedure for Registration in the NSIS ................................ 4603.3.3. Article 96 Hits and Internal and Border Controls ................ 4623.3.4. Article 96 Hits and Visa Applications .................................. 464
3.4. NSIS and Article 96: Facts and Figures ........................................... 4643.5. Audit Report By the Court of Auditors ........................................... 4653.6. Audit Report of the Dutch Data Protection Authority .................... 467
4. Intermezzo: Dutch Policy with Regard to the Administration of Data on Th ird-Country Nationals ........................................................... 4684.1. General Administration of Immigrants ............................................ 4684.2. Th e Use of Biometric Data .............................................................. 470
4.2.1. Th ird-Country Nationals and their Biometrics ..................... 4704.2.2. Shared Use of Data on Criminals and Asylum Seekers ......... 4714.2.3. Storing Biometric Data for Expulsion Purposes ................... 4734.2.4. Biometrics and Passports and Identity Cards ........................ 473
4.3. Immigration Files, Border Control and the Fight against Terrorism .................................................................... 474
5. Rights and Legal Remedies for Individuals under Data Protection Law ............................................................................... 4755.1. Background to Dutch Data Protection Law .................................... 4755.2. NSIS and the Applicable Rules on Data Protection ......................... 4785.3. Duty to Inform the Data Subject .................................................... 4795.4. Right to Access, Correction or Deletion of the NSIS Data .............. 4815.5. Role of the Data Protection Authority ............................................. 4825.6. Right to Legal Remedies.................................................................. 483
Brouwer-FM.indd xix 4/15/2008 6:36:53 PM
xx Contents
6. Rights of Th ird-Country Nationals under Immigration Law ................... 4846.1. Application of Principles of Administrative Law .............................. 4846.2. Informed Decision-making at the Borders ....................................... 4856.3. Information on the Formal Residence Ban ...................................... 4866.4. Time Limits for Decisions in the Field of
Immigration Law ............................................................................ 4866.5. Legal Remedies ............................................................................... 487
6.5.1. Right to Review ................................................................... 4876.5.2. Right to Appeal .................................................................... 4886.5.3. Right to Higher Appeal ........................................................ 488
7. Case Law ................................................................................................. 4897.1. Introduction: Extent and Importance of Dutch Case Law ............... 4897.2. Legal Status of Article 96 Reports: Possibility of
Legal Redress ................................................................................... 4907.3. Conformity with Article 96 CISA ................................................... 493
7.3.1. National Administrative Decisions ....................................... 4937.3.2. Foreign Administrative Decisions ......................................... 4937.3.3. A Foreign Alert: Th e Moon Case .......................................... 496
7.4. Balance of Interests – Proportionality of a SIS Report ..................... 4997.5. Right to Financial Compensation .................................................... 5017.6. Preliminary Request to the ECJ ....................................................... 5027.7. Decisions of the National Ombudsman .......................................... 504
7.7.1. Duty of Informed Decision-making ..................................... 5047.7.2. Duty to Make Decisions in Good Time ............................... 5057.7.3. Duty of Proportional Decision-making ................................ 505
8. Conclusions ............................................................................................ 5068.1. Implementation of Article 96 CISA ................................................ 5068.2. Data Protection and Data Control .................................................. 5078.3. NSIS and the Right to Eff ective Remedies ...................................... 508
8.3.1. Judicial and Non-judicial Remedies ..................................... 5088.3.2. Transparency – Accessibility of Remedies ............................. 5088.3.3. Scope of Review ................................................................... 5098.3.4. Competences ....................................................................... 510
Chapter 14 Conclusions ...................................................................... 511
1. Th ird-Country Nationals: Th eir Data and Th eir Rights ........................... 5112. Th ird-Country Nationals: Th eir Data ...................................................... 512
2.1. Questioning the Effi ciency and Quality of the Information Network ...................................................................... 513
2.2. Identifying, Tracking or Stigmatising Immigrants? .......................... 514
Brouwer-FM.indd xx 4/15/2008 6:36:53 PM
Contents xxi
3. Th ird-Country Nationals and Th eir Rights .............................................. 5153.1. Recovering the Right to Privacy ...................................................... 5153.2. Immigration Law and the Protection of Human Rights ................... 5163.3. Rights and Freedoms Guaranteed by EU Law ................................. 5163.4. Data Protection Rights .................................................................... 517
4. Th e Right to Eff ective Remedies .............................................................. 5205. Comparing the Law and Practice in France, Germany and
the Netherlands ....................................................................................... 5225.1. National Criteria for Storing Th ird-Country
Nationals in SIS I ............................................................................ 5225.2. SIS and Data Protection Rights of Individuals ................................. 5235.3. Eff ective Remedies .......................................................................... 525
5.3.1. Case Law ............................................................................. 5255.3.2. Accessibility ......................................................................... 5255.3.3. Scope ................................................................................... 5265.3.4. Competences ....................................................................... 526
6. Th e New SIS II Regulation 1987/2006: Learning from the Past? ............. 5276.1. Criteria for Reporting Th ird-Country Nationals in SIS II ............... 527
6.1.1. Lack of Harmonisation ........................................................ 5276.1.2. Protecting EU Citizens and Benefi ciaries of EC Law ............ 529
6.2. Data Protection Rights .................................................................... 5306.2.1. Right of Information ........................................................... 5306.2.2. Cooperation Between Data Protection Authorities ............... 531
6.3. Right to Remedies ........................................................................... 5326.4. Mutual Enforcement of National Decisions .................................... 533
7. Final Remarks ......................................................................................... 534
Bibliography ........................................................................................... 537
Jurisprudence .......................................................................................... 553
Index ....................................................................................................... 563
Brouwer-FM.indd xxi 4/15/2008 6:36:53 PM
Brouwer-FM.indd xxii 4/15/2008 6:36:53 PM
AcknowledgmentsI defended this study as my Ph.D, thesis on 1 October 2007 at the Radboud University of Nijmegen. Th e research for this study was conducted at the Centre for Migration Law under supervision of Prof. Mr. C.A. Groenendijk and Prof. Dr. E. Guild. My research was partly funded by CHALLENGE - Th e Changing Landscape of European Liberty and Security-: a very inspiring research project of the 6th Framework Programme of the European Commission’s Directorate-General for Research.
Th e history of this book goes back almost as far as its subject: the Schengen Information System, or SIS. In 1990, fi ve years before the SIS became opera-tional, together with a group of students from the University of Tübingen, I vis-ited Ruth Leuze, the fi rst Data Protection Commissioner of Baden-Württemberg. She not only made us aware of the growing importance of data protection but also triggered my curiosity and concerns with regard to the development of the SIS and its consequences for individuals. While Ruth Leuze was perhaps my fi rst guide to data protection law, Hanneke Steenbergen was certainly my fi rst and most important guide to immigration law. Her involved way of teaching and her criti-cal views inspired me to look further into the less privileged position of migrants in the Netherlands and Europe. I miss her wise and warm words, especially now. My fi rst opportunity to develop “academic skills” and to study the relation between the rule of law and data protection principles was presented at the University of Amsterdam, thanks to Egbert Dommering and Jan Kabel. Although I regret that I was not ready at that time for a fi nal “take-off ”, I always remember the friendly and talented environment of the Institute for Information Law.
I owe the greatest thanks to Elspeth Guild and Kees Groenendijk. Th eir enthu-siasm, knowledge and support are the most important building blocks of this book. I am grateful that they off ered me the chance to conduct research at the Radboud University of Nijmegen: fi rstly, with regard to the development of immigration law in the EU since 11 September 2001 and, secondly, since 2002, to write this thesis on the legal position of third-country nationals reported in the SIS. I admire the energy with which they make academic knowledge useful for society and the legislative process and persuade others to do likewise. I will miss our informal and cheerful trialogues and never forget the chances and lessons they gave me. Apart from my formal “promoters”, I am grateful to Pieter Boeles for his inspiration and many ideas concerning Schengen and the SIS.
Brouwer-FM.indd xxiii 4/15/2008 6:36:53 PM
Many people provided me with information during my research: I thank Caroline Intrand, Florence Fourets, Sylvia Preuss-Laussinotte and Didier Bigo and his team for their information about France. I am particularly grateful to Roger Errera for his valuable information and for taking the time to read my French Chapter. For providing me with information on Germany, I thank Volker Westphal, Wolfgang von Pommer Esche, Angelika Schriever-Steinberg, Th ilo Weichert and Martin Tuff ner. I also thank Holger Hoff man for reading my German Chapter and for his useful comments. Eppo Mol, Stefan Röst, Niels Groenhart and many others helped me with information about the Dutch imple-mentation of the Schengen rules. Special thanks goes to Michiel Tjebbes, who can be considered the most experienced lawyer in the Netherlands (and probably in the EU) when dealing with Article 96 reports in the SIS. Just before comple-tion of this thesis, he again illustrated the importance of well-trained and informed lawyers for third-country nationals reported in the SIS. Hannie van de Put: thank you for all your practical and especially calm support! And all my (former) colleagues from the Centre for Migration Law and the Department of Sociology of Law: thank you for making me feel at home, despite the fact that I was only there once a week.
In the more personal sphere of my life, I thank my parents for their never- ending support and especially their patience while waiting for this moment to arrive. I am also grateful to our friends in Amersfoort, the “school-gate mums and dads”: not only because of their support in taking care of the boys, but especially for the happy and distracting moments we spent together. For the same reason and in remembrance of Kees, I thank Ans, my cheerful mother-in-law. I dedicate this book to Willem, Tim, Jelle and Lucas: they are the central and most valuable heart of my private life.
xxiv Acknowledgments
Brouwer-FM.indd xxiv 4/15/2008 6:36:53 PM
AbbreviationsAAH-SDÜ Allgemeine Anwendungshinweise zum Schengener
DurchführungsübereinkommenAB Administratiefrechtelijke BeslissingenAGDREF Application de gestion des dossiers des ressortissants étrangers
en FranceAIVD Algemene Inlichtingen- en VeiligheidsdienstAWB Algemene Wet BestuursrechtAz. AktenzeichenAZR AusländerzentralregisterAZRG AusländerzentralregistergesetzBenelux Belgium, Netherlands, LuxembourgBDSG BundesdatenschutzgesetzBf V Bundesamt für VerfassungsschutzBGBl BundesgesetzblattBKA BundeskriminalamtBVerfG BundeverfassungsgerichtBVerwG BundesverwaltungsgerichtBVV Basis Voorziening VreemdelingenketenCCTV Closed Circuit TelevisionCDU Christlich Demokratische UnionCE Conseil d’ÉtatCIS Customs Information SystemCISA Convention Implementing the Schengen AgreementCNIL Commission Nationale Informatique et LibertésCSDA Commission de sauvegarde du droit d’asileCSIS Central Schengen Information SystemCSU Christlich Soziale UnionDDR Deutsche Demokratische RepublikDNA Deoxyribo Nucleic AcidDPA Data Protection AuthorityEAW European Arrest WarrantEC European CommunitiesECJ European Court of JusticeECHR European Convention on Human RightsEcofi n Economic and Financial Aff airs (EU Council)
Brouwer-FM.indd xxv 4/15/2008 6:36:53 PM
ECR European Court ReportsECtHR European Court of Human RightsEDPS European Data Protection SupervisorEEA European Economic AreaEJML European Journal of Migration and LawELOI Fichier de faciliter l’éloignement des étrangers se maintenant
sans droit sur le territoireEP European ParliamentFAED Fichier automatisé des empreintes digitalesFDP Freien Demokratischen ParteiFPR Fichier des Personnes RecherchéesGBA Gemeentelijke Basis AdministratieGISTI Groupe d’information et de soutien des immigrésHAVANK Het Automatische VingerAfdrukkensysteem Nederlandse
KollektieID Identifi cationIND Immigratie- en NaturalisatiedienstInfAuslR Informationsbrief AusländerrechtINPOL Polizeiliches InformationssystemIT Information TechnologyJHA Justice and Home Aff airs (EU Council)JO Journal Offi ciel (France)JORF Journal Offi ciel de la République FrançaiseJSA Joint Supervisory Authority (Schengen)JV Jurisprudentie VreemdelingenrechtKLPD Korps Landelijke PolitiedienstenLIFL Loi relatif à l’informatique, aux fi chiers et aux libertésLJN Landelijk Jurisprudentie NummerMEP Member of the European ParliamentMR MigrantenrechtMRAP Mouvement contre le Racisme et pour l’Amitié entre les PeuplesMvv Machtiging tot voorlopig verblijfNAV Nieuwsbrief Asiel en VluchtelingenrechtNGO Non Governmental OrganisationNSIS National Schengen Information SystemNStZ Neue Zeitschrift für StrafrechtOECD Organisation Economic Cooperation and DevelopmentOFPRA Offi ce français de protection des réfugiés et apatridesOJ Offi cial Journal (EC)OPS nationaal opsporingsregisterOVG Oberverwaltungsgericht
xxvi Abbreviations
Brouwer-FM.indd xxvi 4/15/2008 6:36:53 PM
PWP SIS Permanent Working Party SISQMV Qualitative Majority VotingRAF Rote Armee FraktionReports Reports of Judgments and Decisions (ECHR)RMV Réseau Mondial VisaRV Rechtspraak VreemdelingenrechtSEA Single European MarketSIRENE Supplementary Information Request at the National EntrySIS Schengen Information SystemSPD Sozialdemokratische Partei DeutschlandsTBG TerrorismusbekämpfungsgesetzTBV Tussentijds Bericht Vreemdelingenrechtt.c.n. third-country nationalsTEC Treaty of the European CommunitiesTEU Treaty of the European UnionUK United KingdomUN United NationsUNESCO United Nations Educational, Scientifi c and
Cultural OrganisationUS United StatesVGH VerwaltungsgerichtshofVIS Visa Information SystemVwGO VerwaltungsgerichtsordnungVwVfG VerwaltungsverfahrengesetzWBP Wet Bescherming PersoonsgegevensWBV Wijzigingsbesluit Vreemdelingenrecht
Abbreviations xxvii
Brouwer-FM.indd xxvii 4/15/2008 6:36:53 PM
Brouwer-FM.indd xxviii 4/15/2008 6:36:53 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 1–10.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Chapter 1
Introduction1. Th e Schengen Information System and Other EU Databases: Tools for Border and Immigration Control
Th is study concerns the right to eff ective remedies by third-country nationals reported in the Schengen Information System, or SIS. Th e SIS fi nds its roots in the Convention on the Implementation of the Schengen Agreement of 1990 (hereafter the CISA). It is one of the most important databases used for immigra-tion and border control in the EU and it has always been presented as a ‘compen-satory tool’ for the abolition of internal border controls between the Schengen states. When the SIS became operational in 1995, it was used by seven states: the Benelux countries, France, Germany, Portugal and Spain. In 2006, the SIS was in use by the 15 “old” EU Member States, except the United Kingdom and Ireland and Norway and Iceland as non-EU Member States. By 2002, the SIS included approximately 15 million reports on diff erent categories of persons and objects. Th ese categories include stolen vehicles and lost or stolen identity papers, as well as persons wanted for arrest for extradition purposes or for the purpose of discreet surveillance, witnesses or other persons summoned to appear before the judicial authorities. With regard to the purpose of border checks of persons, the SIS facilitates what has been adequately described as, “keeping the unwanted out – for example, undesirable aliens – and preventing the wanted from leaving, chiefl y those suspected of criminal off ences”.1
Since its launch in 1995, the majority of personal data held in the SIS concerns third-country nationals to be refused entry on the basis of Article 96 CISA.2 Th e decision to report a third-country national in the SIS is based primarily on a national decision that this person is considered a threat to public order, public
1 House of Lords European Union Committee, 9th Report of session 2006–07, Schengen Information System II. Report with Evidence, HL Paper 49, London: Th e Stationery Offi ce Limited, published 2 March 2007.
2 On 1 January 2006, from the 882.627 records on persons held in the SIS, 751.954 (85 %) were third-country nationals reported for the purpose of refusal of entrance. SIS Database Statistics, 5239/06, 12 January 2006.
Brouwer ch-01.indd 1 3/13/2008 2:55:07 PM
2 Chapter 1
security or national security . Secondly, the decision can be based on immigration law decisions regarding the deportation, refusal of entry or removal of this person. Th e consequence of this decision to report an individual in the SIS is that the per-son will, in principle, be refused entry to every other Schengen State. On the basis of a SIS alert, a third-country national also can be denied a visa or a residence per-mit, or even expelled or detained. Th e practical implementation of Article 96 is based on a system of mutual recognition of national decisions to refuse entry to a third-country national, rather than on the harmonisation of refusal grounds.
In order to transform the SIS into a system that was technically feasible for a larger group of user states, including the new EU Member States, the EU legislator prepared the so-called second-generation SIS, or SIS II. Th is development of the SIS II has been used to discuss and introduce new functions of the SIS. In December 2006, the EU Council adopted Regulation 1987/2006 on the establishment of SIS II.3 SIS II is planned to be operational in 2008 and is to be used by no less than 30 States.
Aside from SIS or SIS II, other large EU databases have been developed or are being developed for the purposes of immigration and border control. In 2003, the EU Member States established Eurodac for the implementation of the so-called Dublin Convention (now Regulation). With the aim of facilitating the identifi cation of the Member State responsible for the examination of an asylum request, the fi ngerprints of asylum seekers and persons found illegally crossing the external borders are stored in Eurodac. Another large-scale database of third-country nationals will be the Visa Information System. Th is database is to include data on every visa application by persons seeking entry to one of the EU Member States, including the national decisions with regard to these applications.
Th e SIS II, Eurodac , and VIS databases each have their own functions and should therefore be examined on their own merits. Nevertheless, these measures are also closely linked to one other. In 2004, the European Council invited the Commission to prepare proposals for enhanced interoperability between SIS II, VIS, and Eurodac and the use of these databases in the fi ght against and preven-tion of terrorism. Furthermore, not only Eurodac, but also SIS II and the VIS will include biometric data. Th is will make accessibility and the networking of these databases much easier.
2. Problem
When an authority fi nds that a person is reported in one of these databases, this may have immediate consequences for the legal position of third-country nation-als. Th e VIS will be used primarily for repressive purposes rather than to improve
3 OJ L381/4, 28.12.2006.
Brouwer ch-01.indd 2 3/13/2008 2:55:07 PM
Introduction 3
or accelerate visa procedures in favour of the visa applicants. According to the pro-posal by the European Commission in 2004, the central aim of the VIS will be, “to prevent threats to internal security and ‘visa shopping’, to facilitate the fi ght against fraud” and “to assist in the identifi cation and return of illegal immigrants”.4 A hit based on data stored in Eurodac may result in the deportation or “transfer” of an asylum seeker to another Member State. A person reported in SIS I or SIS II may not only be refused entry or a visa, but he or she may also be detained or even expelled.5 Where the use of these databases is focussed on controlling the move-ment of persons, it is questionable whether the EU Member States pay the same attention to protecting the basic rights of these persons. What seems to be lacking is the simultaneous development of a right to eff ective remedies for those individ-uals who are “directly aff ected in their liberty to move, their personal freedom or their privacy by decisions in matters of immigration and border control”.6
Considering the use of databases such as SIS I, the rights of individuals are, generally, covered by two fi elds of law: data protection law and immigration law. On the one hand, a person facing a SIS alert may use his or her data protection rights of access, correction or deletion of this information. National and supra-national data protection authorities are empowered to supervise the protection of these rights and the lawfulness of data processing in general. On the other hand, a person who is refused entry or whose application for a visa or residence permit has been rejected on the basis of a SIS alert will seek to use the available immigration law procedures.
Th is study is based on the premise that both the data protection and the immi-gration law procedures have their own weaknesses aff ecting the legal protection of the person involved. Firstly, it is questionable whether data protection law off ers individuals practical and eff ective legal protection or whether this only concerns ‘soft law’ or with other words rules which are non-binding. Access to judicial courts is not always self-evident and can be made dependent on the requirement that individuals should address data protection authorities fi rst.7 Furthermore, the decisions of these organisations often have no binding eff ect. More importantly, however, a person generally will not be aware that he or she is registered in the SIS I. Th is person will often fi nd out about the SIS alert when it is too late, i.e. when he or she is denied entry at the external borders of the EU or refused a visa in his country of origin. Th e procedure of trying to obtain access to
4 COM (2004) 835, 28 December 2004.5 Hereafter I will refer to “SIS I” when meaning the fi rst generation SIS operational since 1995
and use “SIS II” for the future second-generation SIS.6 P. Boeles a.o., Border control and movement of persons. Towards eff ective legal remedies for individuals
in Europe, Utrecht: Forum, 2004, p. 13.7 Th is possibility is explicitly provided in the EC Directive 95/46 on data protection, Article 22.
Brouwer ch-01.indd 3 3/13/2008 2:55:07 PM
4 Chapter 1
the data or to apply for correction or deletion under data protection law may then take too long, considering the reason for which this person wishes to visit one of the EU Member States.
Secondly, in the fi eld of immigration law decisions, tension traditionally exists between the rights of the individual and the principle of state sovereignty. Based on their sovereignty, national governments claim to have a wide margin of appre-ciation in deciding who may enter the national territory and who may not. Additionally, the right to legal remedies in immigration law procedures is not a matter of course. Especially in visa procedures, national laws do not always pro-vide for legal remedies. Finally, based on the principle of sovereignty, it has been argued that national courts are not competent to decide on the lawfulness of decisions made by foreign authorities, including the decisions to report third-country nationals in the SIS.
3. A Right to Eff ective Remedies?
3.1. Questions
Th e central question of my research is whether third-country nationals reported in the SIS have access to eff ective remedies with regard to the storage and use of this information. For this purpose, I will fi rst try to establish which rights of third-country nationals are at stake when dealing with the use of the SIS I. Secondly, I will investigate which ‘right to eff ective remedies’ can be derived from European (immigration and data protection) law, in order to protect these rights. Th e practical meaning of the right to eff ective remedies is dependent of the implementation at the national level. Th erefore, I will examine the use of the SIS I and the implementation of CISA and relevant rules at the national level. Dealing with the law of respectively France, Germany, and the Netherlands, I will try to answer the following sub-questions: What are the consequences of the use of SIS I for the legal position of third-country nationals? What are the criteria for which they can be reported in this database? What are their rights under national law?
Based on my fi ndings with regard to the right to eff ective remedies in European law and its implementation in national law, I will seek to answer two additional questions. Firstly, what is the added value of data protection law? Does this provide extra legal protection for the persons involved or does it only include ‘soft rules’? Secondly, which lessons can be learned from more than ten years using the SIS I with regard to the development and use of SIS II and other EU databases? What recommendations can be made to guarantee the rights and legal protection of per-sons reported as ‘inadmissible aliens’ in the EU?
Brouwer ch-01.indd 4 3/13/2008 2:55:07 PM
Introduction 5
3.2. Criteria to Assess Availability of Eff ective Remedies
As a tool to describe the availability of ‘the right to eff ective remedies’ in the fi eld of immigration and data protection law, I consider it useful to apply a set of ‘minimum requirements or criteria’. In an earlier study, Fair Immigration Proceedings in Europe, Boeles defi ned “eff ective legal remedies” as a procedure which is designed so “that the maximum chance exists for review of the action or failure to act of a government on the basis of a legal rules whose aim is (inter alia) to protect individuals”.8 In his study, Boeles used six criteria which in his view would maximise the chance of eff ective legal remedies:
1) proceedings must exist and be accessible by the individual;2) proceedings must have the character of judicial proceedings;3) legal and linguistic assistance to parties must be guaranteed;4) individuals must be able to overcome fait accompli (proceedings have suspensive
eff ect or court is competent to take interim measures);5) the court must be able to take account of all essential aspects;6) appeal at higher level must be available.
For each of these criteria, Boeles made an analysis of the international standards which are to be considered binding within the legal framework of the EU, referred to by Boeles as the ‘Regional Acquis’ of the European Union. From his study, one can learn that international law in 1997 did not require the fulfi lment of each of these criteria and that, with regard to the availability of eff ective remedies, one single answer is not easy to give, because of the wide range of situations and decisions at stake.9
Th e present study will not repeat the Boeles exercise, describing the current state of law on eff ective remedies in immigration law. Th e emphasis of this study lies on the relationship between the use of EU databases and the rights of third-country nationals. Th erefore, the sources I use are not limited to the applicable standards of immigration law, but also include Article 8 ECHR on the right to private life and the European law on data protection. On the other hand, I will only consider European standards, not other international norms. Th is is partly for practical reasons, in order to limit the scope of my research, but also because European law seems to play a more central role with regard to my topic. By ‘European law’, I am referring to the immigration law and data protection prin-ciples adopted or incorporated within the legal framework of the EU, including
8 P. Boeles, Fair Immigration Proceedings in Europe, Th e Hague: Martinus Nijhoff Publishers, 1997.
9 Th is included the UN Declaration on Human Rights, the ECHR, the Convention on the Status of Refugees and the Convention on the Status of Stateless Persons, the Convention on the Rights of the Child, the ILO Convention on Migrant Workers, the European Social Charter, etc.
Brouwer ch-01.indd 5 3/13/2008 2:55:07 PM
6 Chapter 1
the Treaty of the European Communities (TEC), the Treaty of the European Union (TEU) and the relevant instruments of the Council of the Europe, including the European Convention on Human Rights (ECHR).
Inspired by the criteria developed in Boeles’ research, I will use the following questions to assess the applicable laws.
a) Is there a right to appeal to an impartial and independent authority?b) Are the legal remedies accessible?c) What is the scope of the review?d) What are the competences of the (judicial or non-judicial) authority?
Th e fi rst criterion refers to the question whether the applicable law requires access to judicial or non-judicial remedies. If the law only provides for access to non-judicial authorities, for example data protection authorities, are these authorities to be regarded as impartial and independent authorities?
Th e second criterion refers to the accessibility of the legal remedies in ques-tion. Does a person know that he or she may appeal against a negative decision, or a ban on entry? What procedural guarantees should be in place to ensure that a third-country national can use his right to legal remedies? Boeles’ third crite-rion, the right to legal and linguistic assistance, will not be dealt with separately, but is considered as part of the “accessibility of remedies”.
With regard to the criterion of “scope of review”, I refer to what exactly can be reviewed by the judicial or non-judicial authority. Can a court or authority review every aspect of a national administrative decision, or are there certain limitations based on the sovereignty of the administration involved? Does the court or authority have the power to assess foreign decisions, including foreign decisions to report a third-country national in the SIS?
Finally, I will question the competences of the court or authorities. Th is includes the power to restore the rights of the applicants, as well as to issue fi nes to the administration.
With the sole purpose of limiting the scope of this research, I chose not to deal separately with the right to higher appeal. It is nonetheless beyond doubt that the right to have one’s case reviewed at a higher level is important for several rea-sons. On the one hand, the review of the judgment of a lower court by a higher court could provide for more uniformity in law. On the other hand, for the individual it includes a second chance of review which, under certain circum-stances, might be crucial for the protection of his or her rights. In his study in 1997, Boeles concluded that the law of his ‘Regional Acquis’ generally does not require the possibility of appeal to a higher instance. One could however con-clude with Boeles that on the basis of the principle of non-discrimination, if national law off ers a remedy to a higher court to its own citizens, under EU law the legislator should provide equal protection to non-citizens.
Brouwer ch-01.indd 6 3/13/2008 2:55:07 PM
Introduction 7
4. Outline
Part I of my study describes the impact of the SIS I on the legal position of third-country nationals in the EU. I will fi rst give an historical overview of the abolition of internal border controls and the freedom of movement of persons in the EU. We will see how SIS I has been established as a compensatory tool for this aboli-tion of internal border controls. Th erefore, in Chapter 4, I will describe the devel-opment of the SIS II and the fi nal adoption of the SIS II Regulation 1987/2006 in December 2006. In Chapter 5, I will compare the functioning of the SIS to other EU databases such as Eurodac , and the proposed VIS. For what purposes are these databases established, how are they used and what is their mutual relationship?
Part II of my study presents the institutional framework of my study: the protec-tion of individual rights stemming from general principles of European law. Chapters 6 to 9 describe the sources of European law relevant to my subject: the right to eff ec-tive remedies for third-country nationals reported in SIS I and other EU databases. Th ese sources include the ECHR and EU law, dealing with data protection law decisions and immigration law decisions. In Chapter 10, I will consider whether a right to eff ective remedies can be derived from the general principles of EU law.
Part III deals with the implementation of Article 96 CISA and the right to legal remedies for third-country nationals reported in the SIS at national level. To describe the implementation of the CISA and the rules on the SIS I, I have chosen France, Germany and the Netherlands. Aside from practical reasons, this choice is based on the fact that these countries have been involved in the development of the Schengen cooperation and SIS I right from the start. Th e three countries provided a signifi cant proportion of the Article 96 alerts in the SIS. In addition, these coun-tries have a long history of developing data protection law and a developed system of judicial remedies in immigration law. In the national Part, I will describe the national criteria for reporting third-country nationals in the SIS I on the basis of Article 96 CISA, and the provisions in national law with regard to the rights of the persons concerned. Finally, an analysis will be made of the available case law to see how the national courts and data protection authorities have dealt with individual complaints with regard to the SIS.
5. Defi nitions and Explanation of Used Terms
National and EU policy-makers tend to use diff erent defi nitions to describe indi-viduals who are non-citizens of their countries or the EU. Th ese defi nitions include, for example, “foreigners”, “aliens” and “immigrants”. In this study, when referring to a non-EU citizen, I generally prefer to use the term “third-country nationals”. Only when these terms are explicitly used in national legislation, I will
Brouwer ch-01.indd 7 3/13/2008 2:55:07 PM
8 Chapter 1
refer to “aliens” or “foreigners”. As we will see in Chapter 4, the SIS II Regulation 1987/2006 gives a narrower defi nition of “third-country national”, in that it excludes both EU citizens and nationals of third countries who enjoy the rights of free movement under the agreements between the EC and these third countries.
Regarding “Schengen”, authors generally refer to the “Schengen Convention” or the “Schengen Implementing Agreement”. However, I prefer to use the same reference used by the EC Court of Justice in its jurisprudence: the “Convention Implementing the Schengen Agreement” or “CISA”.10
I will use the terms “European Communities” and “EC Member States” when dealing with developments before the Treaty of Maastricht entered into force in 1993, establishing the European Union. As of that date, I prefer to use “European Union” and “EU Member States”. Only when describing legal instruments explicitly based on the Treaty of the European Communities (TEC), I will refer to “EC law” or “EC instruments”.
Commentators on data protection law generally make an explicit diff erence between the words “data” and “information”. Where “data” is used to describe the input of words, signs or bits and bytes which have no independent meaning, “information” describes the meaning or knowledge which can be assigned to those data. Starting with the presumption that any data gathered or stored con-cerning an individual can result in real information on this person, I will use the two words indiscriminately.
Finally, “data subject” is used to describe the person who is the subject of the data processing or, in other words, about whom the information is collected, stored or processed. Whereas “data holder”, “data owner” and “data controller” are generally used to describe the organisation or authority responsible for the data processing, “data user” refers to the person or organisation using the information.
6. Sources and Interviewees
For this study, I used mainly information from publicly available sources including national and EU legislation, jurisprudence and legal and non-legal publications. Only with regard to my description of the history of the ‘Schengen negotiations and decision making’, I used personal archives of Kees Groenendijk and myself. In order to collect additional information on the legislation and practical measures in France, Germany and the Netherlands, I conducted interviews with a number of persons in these three countries. Th ese persons were working as professionals in this area, as lawyers, judges, government offi cials, in NGOs, as members of national
10 See for example ECJ, C-150/05 Van Straaten v. the Netherlands and Italy.
Brouwer ch-01.indd 8 3/13/2008 2:55:07 PM
Introduction 9
data protection authorities and, fi nally, as academics. I completed my research in December 2006. Exceptionally, I incorporated important developments between December 2006 and June 2007.
Persons interviewed in France (spring 2005):
– Caroline Intrand, legal offi cer of the NGO Cimade, Paris;– Florence Fourets, head of the unit Direction de l’expertise informatique et des
contrôles of the French Data Protection Authority (Commission National d’Informations et des Libertés, or CNIL ), Paris;
– Sylvia Preuss-Laussinotte, professor of public law, University de Paris-X, Nanterre, Paris
Further information was provided in writing by:
– Lt-Col Jean-François Impini (Centre de Prospective, Gendarmerie Nationale);– Didier Bigo (Maître de conférences des universités à Sciences-Po, Paris, CERI); and– Roger Errera (former judge of the Conseil d’État ).
Persons interviewed in Germany (spring 2005):
– Volker Westphal, Federal Police (Bundespolizei), Lübeck;– Wolfgang von Pommer Esche, head of the unit Police Intelligence Service,
Federal Data Protection Commissioner (Bundesbeauftragter Datenschutz), Bonn;– Th ilo Weichert, Schleswig Holstein Data Protection Commissioner
(Landesbeauftragter Datenschutz Schleswig Holstein), Kiel;– Angelika Schriever-Steinberg, head of the unit C2, Hesse Data Protection
Commissioner, (Landesdatenschutzbeauftragte Hessen), Wiesbaden;– Martin Tuff ner and Manuela Brenner, head respectively offi cer of the SIRENE
Unit, Federal Criminal Police Offi ce (Bundeskriminalamt or BKA ), Wiesbaden
Persons interviewed in the Netherlands (summer 2004):
– Michiel Tjebbes, lawyer at Everaert Advocaten Immigration Lawyers, Amsterdam;
– Eppo Mol, privacy offi cer of the Dutch National Police (Koninklijke Landelijke Politiediensten, or KLPD ) Zoetermeer;
– Stefan Röst and Janneke Bol, legal offi cers of the Immigration and Naturalisation Offi ce (Immigratie- en Naturalisatiedienst, or IND ) Rijswijk;
– Niels Groenhart, legal offi cer of the Data Protection Authority (College Bescherming persoonsgegevens, or CBP) Th e Hague.
A general call for immigration lawyers was published in the Dutch journal Migrantenrecht, summer 2004 issue, to forward information or case law on SIS and Article 96 CISA. Th is did not yield any response. Further (statistical) information
Brouwer ch-01.indd 9 3/13/2008 2:55:07 PM
10 Chapter 1
was kindly submitted by Gerrit Huybrechts of the Directorate-General for Justice and Home Aff airs, Council Secretariat, Brussels. Peter Michael of the Joint Supervisory Authority (JSA) , Brussels, also provided information by telephone.
In order to keep abreast of the most recent decision-making on SIS II, Eurodac , VIS or biometrics, the author gratefully used the website of Statewatch: http:// www.statewatch.org.
Brouwer ch-01.indd 10 3/13/2008 2:55:07 PM
Part IBorder Control and Data Surveillance in the EU
Brouwer ch-02.indd 11 4/4/2008 5:35:47 PM
Brouwer ch-02.indd 12 4/4/2008 5:35:47 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 13–46.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Chapter 2
Towards Schengen: Th e Abolition of Internal Border Controls in Europe
“In order to eff ectively implement visa policy and the jointly defi ned controls along our external borders , we feel it is essential that we should begin to exchange infor-mation about persons who must be refused access to the territories of one of our Member States on the grounds that their presence there could threaten security or public order in one of our states and we have decided to look into the best ways of doing this, with special reference to computerisation.”1
1. Introduction: Abolition of Internal Border Controls
Th e development of EU databases is closely related to the emergence of ‘a Europe without internal frontiers’. With European integration, which was given a formal boost with the signing of the Single European Act in 1986, the borders of the Member States of the European Communities (EC) became an issue of shared responsibility. Th e abolition of internal border controls was accompanied by dif-ferent, so-called compensatory measures. To justify these measures, national gov-ernments relied heavily upon the symbolic function of borders or frontiers.2 Since borders have diff erent functions, the compensatory measures to be developed diff ered accordingly. For example, the idea that the abolition of internal border controls would give criminal organisations the opportunity to move wherever they please and that this would increase ‘cross-border criminality’ was used to justify the development of Europol and Eurojust and the introduction of the
1 Declaration of the EC Ministers dealing with immigration matters, 15 December 1989, Press 90/02/02.
2 See, for the evolution and the meaning of the concept of frontiers: D. Bigo & E. Guild (eds.) Controlling Frontiers. Free movement into and within Europe, Aldershot: Ashgate 2005, and M. Anderson, D. Bigo, What are EU frontiers for and what do they mean?, in: K. Groenendijk, E. Guild & P. Minderhoud, In Search of Europe’s Borders, Th e Hague/London/New York: Kluwer Law International 2003, p. 7–25.
Brouwer ch-02.indd 13 4/4/2008 5:35:47 PM
14 Chapter 2
European Arrest Warrant .3 Th e traditional use of borders as a source of income by raising taxes on the import of goods was compensated by mutual cooperation between the customs authorities of the EU Member States and the completion of the Customs Union.4
Regarding the function of borders for immigration policy, the EC Member States sought to compensate for their internal border controls by moving their powers to external borders and even to the countries of origin of immigrants. Th is includes the establishment of a more stringent and uniform visa regime, but also the introduction of pre-boarding checks and the posting of liaison offi cers in the countries of origin.5 More recently, the EU Member States are preparing to deploy maritime police teams in extraterritorial waters to prevent the arrival of immigrants by boat.6
With regard to the use and sharing of information, the EU governments ena-bled their national authorities to exchange their information mutually in the fi eld of criminal law and customs policy through the use of Europol , Eurojust and the Customs Information System. Between 1995 and 2006, by far the larg-est database used in the EU is the Schengen Information System or SIS I.7 In 2006, this database included information on 15 million objects and individu-als. Planned as an intergovernmental ‘experiment’ by the Benelux countries, France and Germany, the SIS I is used by 15 states including thirteen EU Member States and the non-EU Member States Iceland and Norway. As we will see below, in 2008, the new version of SIS, or SIS II, is planned to be used by at least 31 European States including the 27 EU Member States and four non-EU Member States (Iceland, Norway, Liechtenstein and Switzerland.
3 See respectively the Europol Convention based on Article K.3 of the Treaty on European Union, OJ C 316, 27.11.1995, the Council Decision 2002/187/JHA of 28 February 2002 setting up Eurojust with a view to reinforcing the fi ght against serious crime OJ L 63/1, 6.3.2002 and the Framework Decision on the Arrest Warrant of 13 June 2002, L190/1, 18.07.2002.
4 See the Naples Convention on mutual cooperation between customs authorities signed by six EC Member States in 1967, which was repealed by the so-called Naples II Convention of 18 December 1997, OJ C 24, 23.01.1998. See also Council Regulation 2913/92 of 12 October 1992 establishing the Community Customs Code, OJ L 302, 19.10.1992.
5 See Regulation 539/2001 determining the countries whose nationals must have visas to cross external borders of the Member States, OJ L 81, 21.3.2001, the Schengen Common Consular Instructions , OJ L 176, 10.7.1999 and the Council Regulation 377/2004 of 19 February 2004 on the creation of an immigration liaison offi cers network, OJ L 64, 2.3.2004.
6 Communication from the Commission to the Council, Reinforcing the management of the European Union’s Southern Maritime Borders, COM(2006) 733 fi nal, 30 November 2006.
7 To distinguish the original SIS from the second generation SIS or SIS II, to be discussed in Chapter 4, I will refer further to SIS I.
Brouwer ch-02.indd 14 4/4/2008 5:35:47 PM
Towards Schengen: Th e Abolition of Internal Border Controls in Europe 15
To understand the relatively successful integration of the intergovernmental ‘Schengen’ cooperation into EU law and the expanding role of the SIS I, it is necessary to describe the European history of immigration law and border poli-cies. In this Chapter, I try to reveal how a small group of EC Member States were able to reach agreement within the intergovernmental Schengen framework, while at the same time governments were trying hard to maintain their national sovereignty and the European Commission was attempting to lift this decision-making to the community level. In Chapter 3, I will describe the development and use of the SIS I itself.
2. Th e Internal Market and the Free Movement of Persons: Setting Goals
2.1. Between 1957 and 1985: From the Treaty of Rome to the Commission’s White Paper
When the European Economic Community was established by the Treaty of Rome on 25 March 1957, the abolition of internal border controls was not one of its pri-mary goals.8 Th e Treaty of Rome formulated the freedom of movement for goods, services, capital and persons, but freedom of movement for persons only applied to nationals of the Member States conducting any kind of economic activity, such as workers, the self-employed and those providing services. Th ose privileged persons could enter and leave the territory of Member States by showing their passport or identity card.9 Th e application of these rules was gradually widened by the case-law of the Court of Justice (ECJ).10 However, since the EU governments were reluctant to change the impact of border controls on persons, the Council persisted in closely linking the freedom of movement of persons to the economic activities of EC nationals. Likewise, the Treaty did not include a substantive legal basis for immigration and asylum policy with regard to third-country nationals.
Th e abolition of internal border controls did not reach the EC agenda until 1972, with the so-called Tindemans report.11 Th is report refl ected on the need to
8 Treaty establishing the European Economic Community entered into force on 1 January 1958 and was signed in 1957 by the Benelux countries, France, Germany and Italy.
9 Directives 68/360 of 15.10.1968, OJ 168 L 257/13, 73/148 21.05.1973, OJ 1973, L 172/14. 10 See, for example, the judgment of 27 April 1987, case C-321/87, Commission v. Belgium, ECR
[1989] 997, in which the Court accepted the Belgian practice of frontier spot checks on non-Belgian Community nationals to determine whether they were carrying their residence permits was not contrary to the Community rules, as long these checks were not being carried out in a “systematic, arbitrary or unnecessarily constricting way”.
11 J.P.H. Donner, Abolition of Border Controls, in: H.G. Schermers et al. (eds.), Free movement of persons in Europe: legal problems and experiences, Dordrecht: Nijhoff 1993, p. 5.
Brouwer ch-02.indd 15 4/4/2008 5:35:47 PM
16 Chapter 2
lift border controls as a measure to make the Community ‘more real’ to its citizens. Although the Tindemans report did not receive warm support from the diff erent Member States, it formed the basis for the further development of concepts such as the ‘Passport Union ’ and a ‘Europe of the citizen’. In the same year the Tindemans report was published, the EC was enlarged to nine countries.12 One could say that this enlargement on the one hand strengthened the motivation of Member States to establish an area in which the four freedoms of movement was applied, while at the same time this hampered the achievement of political agreement on the necessary measures.
Th e foundations of the notion of lifting internal border controls were laid at the European Conference of the Heads of State at their meeting of 9–10 December 1974.13 At this meeting in Paris, the Council created a Working Group to investigate the possibilities for establishing a Passport Union . Th is Passport Union had to include a uniform passport for EC citizens. In the longer term, this would lead to the harmonisation of immigration law and the abolition of passport control at the internal borders . A year after this European Conference, in July 1975, the European Commission published two reports. In the fi rst report on the Passport Union, the Commission proposed not only the introduction of a uniform passport and the lifting of passport controls at internal borders, but also common control measures at external borders . Th e second report concerned the granting of privileged rights to EC nationals, including political rights and the right to gain access to public functions.14 A Commission proposal for a directive on a uniform model for a passport was only accepted in the form of a resolution by the Council of Ministers on 23 June 1981.15
Despite the continuing discussion on this subject, between 1974 and 1985 no serious legislation on the abolition of internal border control was adopted within the EC framework. In June 1984, the Council and the representatives of the Governments only adopted a resolution on the simplifi cation of border-crossing formalities for EC nationals at internal frontiers.16 In Fontainebleau, at its meeting of 25–26 June 1984, the European Council adopted a declaration on the concept of ‘a citizen’s Europe’. At the same time, the Council instructed the so-called
12 In 1973, the EC was joined by the Denmark, Ireland, and United Kingdom, OJ L 73, 27.3.1972. Greece became an EC Member State in 1981 (OJ L 291, 19.11.1979) and Portugal and Spain in 1986 (OJ L 302, 15.11.1985). Austria, Finland, and Sweden joined the EC in 1995 (OJ C 241, 29.8.1994) 1.
13 See H. Verschueren, Vrij verkeer van personen in Schengen-Verdragen, in: C. Fijnaut, J. Stuyck, P. Wytinck, Schengen: Proeftuin voor de Europese Gemeenschap?, Antwerp: Gouda Quint 1992, p. 13–54.
14 EC Bull. Suppl. 7/75. 15 See OJ 1981, C 241 and OJ 1982, C 179. 16 OJ C 159, 19.6.1984.
Brouwer ch-02.indd 16 4/4/2008 5:35:47 PM
Towards Schengen: Th e Abolition of Internal Border Controls in Europe 17
Adonnino Committee to examine measures regarding the abolition of police and customs formalities with regard to the movement of persons and goods across internal borders .17 Responding to a request made by the European Parliament, the European Commission published a proposal for a Directive on the reduction of controls and formalities applicable to nationals of the Member States when crossing intra-Community borders.18 Th is draft Directive of 23 January 1985 included a proposal for a system of spot checks at all the internal frontiers in the EC, regardless of the means of transport used. After the debate in the European Parliament, the Commission proposed an amendment which also included the abolition of controls upon departure.19 However, the proposal was never adopted and was later withdrawn by the Commission.
2.2. Th e Commission’s White Paper on the Completion of the Internal Market
On 14 June 1985, the European Commission presented a White Paper on the completion of the internal market with a list of measures which were considered necessary in order to achieve an internal market without internal border con-trols.20 With this paper, the Commission tried to fi nd support for the idea that the abolition of internal border controls was something to be dealt with within the EC framework. Th e Commission announced that by 1988 a proposal was to be made for the complete elimination of checks when leaving one Member State and entering another. With regard to third-country nationals, the Commission recognised that the free movement of persons and the abolition of border control would apply to all persons, regardless of their nationality. Th erefore, the abolition of checks at internal borders would also make it much easier for non-Community citizens to move from one Member State to another. For this reason, the Commission announced that it would propose by 1988 at the latest the coordi-nation of rules on residence, entry and access to employment with regard to non- EC citizens. In addition, the Commission called for a Community policy on visas. Th e adoption of these measures in the fi eld of immigration policy by the Council and the enhanced cooperation between police and other relevant agencies within the Member States would, according to the Commission, enable the elimination of police checks at internal frontiers by 1992.
17 Ad hoc Committee set up for examining the creation of a people’s Europe, report published in Bulletin of the European Communities, suppl. 7/85, 1985.
18 OJ 1985, C 47/5, 19.2.1985.Th is proposal was also a reaction to the Franco-German Agreement of Saarbrücken of July 1984 (see below).
19 COM (85) 224 OJ C 131, 30.05.1985. 20 COM (85) 310, Brussels, 14 June 1985. On the same date, fi ve Member States signed the
Schengen Agreement which formed the cornerstone for further intergovernmental cooperation in the same area, see further below.
Brouwer ch-02.indd 17 4/4/2008 5:35:47 PM
18 Chapter 2
3. From 1985 to the Completion of the Single Market : Defi ning Powers
Although the European Council supported the initiative of the European Commission with regard to the abolition of internal border controls, the govern-ments were reluctant to transfer all their powers to the Commission.21 In 1985, fi ve Member States (Germany, France, the Netherlands, Denmark and the UK) even challenged the Commission before the ECJ, claiming that EC law did not empower the Commission to adopt a Decision which requested the states among others to notify the Commission of proposals for amendments to their immigration laws.22
Th e consensus between the EC governments about the need to lift internal bor-der controls was formalised with the signing of the Single European Act (SEA) in February 1986.23 Article 8A (later Article 14) of the new EC Treaty (hereafter: TEC) defi ned the concept of the single market as ‘an area without internal frontiers in which the free movement of goods, persons, services and capital is ensured within the provisions of this Treaty’ and the deadline for establishing the internal market was set at 31 December 1992.24 However, it was still hard to reach political agree-ment on eff ective measures on internal and external border control controls within the EC framework. Qualifi ed Majority Voting (QMV) was introduced for the deci-sion-making on key aspects of the single market programme, but this did not cover the free movement of persons based on the new Article 100A inserted in the TEC by the Single Act. In a declaration to the SEA, the Council confi rmed that Member States would cooperate in the fi eld of entry, movement and residence of third-country nationals.25 At the same time, in the declaration on Article 8A, the governments made it clear they did not wish to abandon their legislative powers all at once:
21 See Törsten Stein, in his statement for the British House of Lords: “Th e decision to completely abolish all border controls thus appears to be a political decision which one may welcome or not, but not a decision which is dictated by Community law as it stands”; House of Lords Select Committee on the European Communities, 22nd Report 1992: Border Control of People, 7 November 1989, p. 7.
22 Germany and others v. Commission, 9 July 1987, ECR 3203. In its judgment, the Court denied the absolute sovereignty of Member States on immigration policy. Th e Court did not accept the French position that policy on foreign nationals involved questions of public security, for which Member States were solely responsible. See for a more detailed analysis: E. Guild, European Community Law from a Migrant’s Perspective, Th e Hague/London/Boston: Kluwer Law International 2000, p. 210.
23 OJ L 169, 29.06.1987, p. 1. 24 In fact, Member States disagreed on the direct eff ect of this ‘deadline’, whether all internal bor-
der controls would have to be lifted by this date and on the interpretation of Article 8A. As we will see below, this date became a crucial deadline for the development of Schengen as well.
25 “In order to promote the free movement of persons, the Member States shall cooperate, without prejudice to the powers of the Community, in particular as regards the entry, movement and residence of nationals of third countries”, OJ L 169, 29.06.1987, p. 26.
Brouwer ch-02.indd 18 4/4/2008 5:35:47 PM
Towards Schengen: Th e Abolition of Internal Border Controls in Europe 19
“Th e Conference wishes by means of the provisions in Article 8A to express its fi rm political will to take before 1 January 1993 the decisions necessary to complete the internal market defi ned in those provisions, and more particularly the decisions necessary to implement the Commission’s programme described in the White Paper on the internal market. Setting the date of 31 December 1992 does not create an automatic legal eff ect.”26
Th e Member States strongly disagreed with the Commission on the competence of the Commission in the fi eld of immigration law. Illustrative of this ongoing dispute is the general declaration which was added to the SEA with regard to the right of the Commission to submit proposals on the basis of Article 8A and 100A TEC:
“Nothing in these provisions shall aff ect the right of Member States to take such measures as they consider necessary for the purpose of controlling immigration from third countries and to combat terrorism, crime, traffi c in drugs and illicit trad-ing in works of art and antiques”.27
Th e governments held the view that the creation of the internal market would be dependent on measures to be taken by the Council of Ministers.28 Another stum-bling block for further negotiations within the EC framework was the disagree-ment between the Member States about the scope of the defi nition of ‘internal market’ and ‘free movement of workers’. In particular the UK, initially supported by Greece and Denmark, believed that this free movement and the subsequent abolition of internal border control only applied to EC workers. As a result, these countries claimed, controls at the internal borders would have to remain, to check whether someone is an EC national or a third-country national.
In 1988, the Commission published a Communication on the abolition of con-trols of persons at intra-Community borders.29 In this paper, the Commission called for acceleration and a new political impetus with regard to decision-making in this area. Th e Council should play a stronger role by co-ordinating negotiations which, at that time, took place in various groups. According to the Commission, this work needed to be speeded up in order to respect the 1992 timetable. Th e Commission considered itself competent to come forward with proposals for legislation if the intergovernmental framework failed to develop the necessary instruments. Despite this statement, the Commission made no real progress in law making. As the 1993 deadline approached, no real proposals in this fi eld
26 OJ L 169, 29.06.1987, p. 24. 27 See, for more detail on the meaning of Article 8 and the additional declarations, E. Guild
(2000), p. 199. 28 See the Dutch government in its report on Border Control of 1 July 1987 to the Dutch
Parliament, 1986–1987, 20031, 1–2, p. 29. 29 COM (88) 640 fi nal, 7 December 1988.
Brouwer ch-02.indd 19 4/4/2008 5:35:48 PM
20 Chapter 2
were published. Th is lack of initiative motivated the European Parliament, on 18 November 1993, to launch proceedings before the Court of Justice. Th e European Parliament claimed that, contrary to the provisions (in particular Articles 14 and 211) of the EC Treaty, the Commission failed to submit proposals which are necessary for the achievement of the free movement of persons.30 In the summer of 1995, the Commission published three draft directives: on the abolition of internal border controls on persons, on the right of third-country nationals to travel in the Community, and on the abolition of restrictions on the movement of EU workers and their families.31 As a result of these legislative proposals, the European Parliament withdrew its action before the Court.
4. Intergovernmental Negotiations on the Abolition of Internal Border Controls
4.1. Other Examples: Th e Benelux, the Nordic Union, Ireland and the United Kingdom
Th e awareness of the economic advantages of abolishing or reducing internal border controls resulted in closer cooperation between smaller groups of European countries.32 Aside from the Schengen negotiations which will be dis-cussed below, this also occurred within the framework of the Benelux Economic Union, the Nordic Union, and between the Republic of Ireland and the United Kingdom. Th e Benelux Treaty provided free movement to the nationals of the three Benelux countries and equal treatment with regard to residence and settle-ment.33 Th e Treaty was followed by the Agreement on the transfer of border con-trols of persons to the external frontiers of the Benelux area.34 Article 2 of this Benelux Agreement states: “From such time as this Agreement enters into force each of the High Contracting Parties shall cease to exercise controls on persons along their common borders, and shall exercise controls at their external borders which shall apply to the Benelux area”. Th is implied that the checks at the
30 C-445/93, European Parliament v. Commission, OJ 1994 C 13/1. See E. Guild, (2000), pp. 203–205.
31 OJ 1995, C 139, OJ 1995, C 305 and OJ 1995, C 307 respectively. See E. Guild (2000), p. 204. 32 See also J. Niessen, Th e Heyday of Intergovernmentalism (1985–1993), in: E. Guild &
J. Niessen, Th e Developing Immigration and Asylum policies of the European Union, Th e Hague/London/Boston: Kluwer Law International 1996, p. 26.
33 Th e Benelux Treaty of 3 February 1958, Tractatenblad (Dutch Series of Treaties) 1958, 18, entered into force on 1 November 1960.
34 Th e Benelux External Borders Agreement was signed on 11 April 1960, Tractatenblad 1960, 40, and came into eff ect on 1 July 1960, before the Benelux Treaty.
Brouwer ch-02.indd 20 4/4/2008 5:35:48 PM
Towards Schengen: Th e Abolition of Internal Border Controls in Europe 21
internal borders ceased to exist as well for third-country nationals.35 Th e Benelux Agreement was later used as a model for the Schengen treaties. Th e Nordic Passport Union was established on 12 July 1957 between Denmark, Norway, Sweden and Finland.36 Iceland acceded on 24 September 1965. Th e Nordic Union included the abolition of passport control at the common internal bor-ders. Between Ireland and the United Kingdom, limited border controls apply to their mutual citizens and to third-country nationals.37 Furthermore, diff erent European countries have established bilateral agreements on the reduction of controls at their mutual borders.38
4.2. Between 1985 and 1989: Th e Schengen Negotiations
‘Schengen’ is without doubt the most important example of intergovernmental decision-making within the fi eld of police cooperation and border and immigration policy. Th e Schengen cooperation has its roots in the Saarbrücken Agreement of 13 July 1984 between France and Germany. With this treaty, signed by the Federal Chancellor of Germany, Helmut Kohl, and the President of France, François Mitterrand, the two countries agreed to gradually abandon controls at their mutual borders. Th is cooperation would provide the basis for the further establishment of a Single Market between the European countries. One of the more practical rather than ideological motives of this agreement was the need for the French government to seek a solution to the ongoing strikes by French truck drivers and customs offi cials, protesting against the long queues at internal bor-ders . Concerns for the economic consequences and the pressure from its interna-tional transport organisations also encouraged the Dutch government to start negotiations with the German government in March 1984. At their meetings in the autumn of 1984, the governments of the Benelux countries agreed to hold
35 See further, on the free movement of persons and Benelux, J.J.A.M. Van Winckel, Het person-enverkeer in de Benelux, SEW 7/8, 1982, p. 552–562.
36 Th e exemption from passport control for travel between the Nordic Countries included third-country nationals travelling directly from one Nordic state to another, see K. U. Kjaer, How Many Borders in the EU?, in: Groenendijk, Guild & Minderhoud (2003), p. 177. See also J. Vedsted-Hansen, Abolition of Border Controls within the Nordic Region and Security of Residence in Denmark, in: E. Guild & P. Minderhoud, Security of Residence and Expulsion : protection of aliens in Europe, Leiden/Boston: Martinus Nijhoff Publishers 2001, p. 91–102.
37 “Because of the common travel area there are no immigration controls and crossing by vehicle with simple visual check is normal.” Select Committee on the European Communities, 1992: Border Control of People, House of Lords, Session 1988–89, 22nd Report, p. 25.
38 See for example the Agreements between the Netherlands and Germany: with regard to the joining of border controls and the establishment of mutual railway stations (Trb. 1958, 81); on the regulation of border-related problems (Trb. 1960, 67, 68 and 69) and on small-vehicle border traffi c (Trb. 1960, 162).
Brouwer ch-02.indd 21 4/4/2008 5:35:48 PM
22 Chapter 2
further negotiations with France and Germany on the reduction of internal border controls. Th is agreement was consolidated in the Memorandum of the Benelux countries, adopted by the Committee of Benelux Ministers on 12 December 1984.39 Th is text was based on the Saarbrücken Agreement, but also included a reference to the free movement of goods as a second goal. On the basis of this Memorandum, further negotiations took place between France, Germany and the Benelux countries. Th e Benelux acquis, including the Agreement on the lifting of internal border control, and the decisions by the Benelux Committee of Ministers on the basis of this Agreement, was used as a model for the Schengen cooperation.40
On 14 June 1985, the Schengen Agreement on the Gradual Abolition of Checks at their Common Borders was signed by Germany, France and the Benelux states.41 Th is Agreement included short-term and long-term measures considered necessary for the abolition of controls at the internal common borders of the signatory parties. Th e central aim of the Schengen Agreement was not only to simplify the circulation of goods and persons by providing harmonised rules on tax and customs, but also to establish the basis for further cooperation in the fi eld of the protection of public order and security, measures against the illegal traffi c in drugs, criminality and illegal immigration. In Article 17 of this Agreement, the signatory states made it clear that internal border controls should be transferred to the external borders . At the initia-tive of the German Ministry of the Interior, a text was included in the Agreement referring to the need to elaborate ‘compensatory measures’ for the safeguarding of internal security .42 To that end, the participating states would have to harmonise laws in advance and “take complementary measures to safeguard security and com-bat illegal immigration by nationals who are not members of the European Communities.” Th e Agreement described the diff erent fi elds in which harmonisa-tion of the law would be necessary: police cooperation, judicial assistance and extra-dition, the law on drugs, arms and explosives, visa policy and entry conditions.
Five years later, the Heads of State of France, Germany and the Benelux coun-tries signed the Convention Implementing the Schengen Agreement of 14 June 1985 on the gradual abolition of checks at their common borders (hereafter referred to as CISA) on 19 June 1990. Th is Convention, to be discussed further in section 6 of this Chapter, was the result of long negotiations in working groups composed of senior offi cials and national experts in several fi elds. In view of the diffi culties with
39 See the preamble to the Schengen Agreement of 1985 and the Dutch parliamentary notes: Handelingen Tweede Kamer (Procedures of Lower House) 1984–1985, 18 941, no. 1.
40 C.D. de Jong, Cooperation in the fi eld of Aliens Law, in: Schermers (1993), p. 192. 41 Dutch Treaty Series 1985, no. 102. 42 See, for instance, S. Lavenex, Th e Europeanisation of Refugee policies. Between human rights and
internal security , Aldershot: Ashgate 2002, p. 87 ff .
Brouwer ch-02.indd 22 4/4/2008 5:35:48 PM
Towards Schengen: Th e Abolition of Internal Border Controls in Europe 23
fi nding national support for Community legislation, the European Commission seemed to accept and even to support the intergovernmental cooperation in this fi eld as long as this provided concrete results.43 In the Communication of 1988 on the abolition of controls for persons, the Commission clarifi es this position with regard to the Schengen developments:
“In a separate but parallel and very relevant exercise the fi ve Member States who signed the Schengen Agreement (France, Germany and the Benelux countries) have committed themselves to a process with the aim of abolishing identity controls of individuals at their common land borders. Th e Commission participates in the work of the Schengen Group which it fi nds invaluable in formulating its ideas in the wider Community context”.44
In the Annex to this report, the Commission stated that: “Th e Schengen initia-tive may help to speed up the removal of controls throughout the community”. In the eyes of the Commission, the ‘pilot function’ of the Schengen cooperation was very important even if, in the end, measures would have to be taken within the Community framework. Or, in the words of Commissioner Bangemann: “Th e success of the Schengen Project will demonstrate the feasibility of the goal of the European Single Market , and the technical possibilities to solve all the complementary problems”.45
4.3. Th e Immigration Ad Hoc Group, Trevi, and the Group of Co-ordinators
Within the larger framework, even EC Member States fi rmly rejecting the idea of a Europe without (internal) frontiers, felt the desirability for co-ordination and cooperation in certain areas. Th is desire was not only a reaction to the proc-ess which had been initiated by the Schengen States, but also a response to cur-rent developments such as confronting terrorism in Europe and the growing number of asylum seekers in the 1980s. Key actors in these intergovernmental negotiations were three groups: the Trevi Working Group, the Ad Hoc Group on Immigration and the Group of Co-ordinators.
Th e Trevi Working Group has been established back in 1975 following a meeting of the European Council in Rome.46 Th e Group was composed of the EC
43 J. de Zwaan, Institutional Problems and Free Movement of Persons, in: Schermers (1993), p. 336.
44 COM (88) 640 fi nal, see paragraph 12. 45 Response by European Commissioner Bangemann to the written question of E. Glinne, MEP,
No 431/89, OJ 1990, C 90/11. 46 According to the Dutch government (letter to Parliament, 1986–1987, 20031, 1–2, p. 31), this
group was named Trevi because its fi rst meeting was in Rome and the Dutch Director-General of the Police and one of the main initiators was called Fonteijn. Only later the name was explained as an abbreviation of ‘Terrorisme, Radicalisme Et Violence Internationale’.
Brouwer ch-02.indd 23 4/4/2008 5:35:48 PM
24 Chapter 2
Ministers of the Interior and met twice a year. It was supported by national offi cers negotiating in special working groups. Th e Trevi Working Group was set up in order to respond to the terrorist attacks occurring in the seventies. With regard to these events, the politicians felt that the existing framework of the interna-tional police organisation, Interpol , did not operate correctly.47 Originally, the Trevi Working Group concentrated only on the fi ght against terrorism. But soon, the group was dealing with other topics as well, including public order, police training and the fi ght against drugs and serious crime. In 1980, its domain was extended to the policy on ‘illegal immigration and asylum fl ows’. In 1988, ‘Trevi 1992’ was created to study the consequences of the abolition of internal border controls in the EC. ‘Trevi 1992’ was also responsible for co-ordinating the nego-tiations on Europol .48 During the meetings of the Trevi Working Group, which were held behind closed doors, important preparatory work was done for subse-quent European decision-making in the fi eld of police cooperation and the fi ght against organised crime.
During the second half of 1986, at the initiative of the British Presidency, the Council of Ministers set up the Ad Hoc Group of Immigration .49 Th is Ad Hoc Group, which met every six months, consisted of high-level immigration policy offi cials from the Member States. Th e Group was divided into six sub-groups dealing with asylum , external frontiers, forged papers, admissions, deportations and information exchange. Th e Commission was invited to take part in these meetings of the Ad Hoc Group and the secretariat was provided by the Council secretariat. After 1989, asylum and external frontiers became key issues for the Immigration Ad Hoc Group. One of the achievements of the Ad Hoc Group was the drafting of the Dublin Convention on the responsibility of a member state for the examination of an application for asylum which is submitted in one of the EC Member States. Th e text of this Convention was based on earlier drafts on this subject for the CISA.50 An important diff erence between the two regulations was the fact that the CISA was founded on the premise of the abolition of internal border controls, while under the Dublin Convention internal border controls were to be maintained. In a decision by the Schengen Executive Committee of 26 April 1994 (known as the Bonn Protocol) it was agreed that the asylum provisions
47 C.J.C.F. Fijnaut, Police cooperation in Western Europe, in: Schermers (1993), p. 75–92, see p. 79.
48 M. den Boer, Justice and Home Aff airs: Cooperation without integration, in: H. Wallace & W. Wallace, Policy-Making in the European Union, Oxford: Oxford University Press 1996, p. 394, Trevi was dismantled in 1992.
49 See de Zwaan (1993), p. 339–340. 50 Convention of 15 June 1990, OJ C 254, 1997.
Brouwer ch-02.indd 24 4/4/2008 5:35:48 PM
Towards Schengen: Th e Abolition of Internal Border Controls in Europe 25
of the CISA (Articles 28–38) were to be replaced by the provisions of the Dublin Convention, once this Convention had entered into force.51
In December 1988, the Rhodes European Council called for an intensifi cation of the eff orts of the EC governments to proceed in the area of the free movement of persons. To this end, the Council established a Group of Co-ordinators to co-ordinate activities with regard to the achievement of the free movement of persons within and outside the framework of the EC Treaty. Th is included the work of the Trevi Working Group and the Immigration Ad hoc Group. Th e Group of Co-ordinators drafted the so-called Palma document, subtitled Free Movement of Persons.52 Th is document, adopted by the European Council of Madrid in June 1989, included a fi rst detailed agenda and timetable for European policy, to be discussed below.
5. Abolition of Border Controls and Compensatory Measures
5.1. Th e Function of Borders: Emphasis on Internal Security and Immigration Control
During the negotiations on the free movement of persons, the participating states and institutions were focussed from the outset on measures which could com-pensate for the loss of internal border controls. Th e freedom of movement of persons or the abolition of internal border controls was used as a motive to adopt other instruments to control individuals entering a given state. Th e European Commission underlined in its White Paper of 1985 that the elimination of internal border control should be complemented by administrative cooperation between the police authorities and by networks for the transmission of information to enable the police in the country of entry to carry out checks on behalf of the police in the country of departure. A system of this kind would provide continuing protection in the fi ght against terrorism. According to the Commission, such a system would not preclude security checks (as opposed to identity checks) being carried out at airports. Th e need for compensatory measures was also emphasised in the preamble to the Maastricht Treaty of 1992, in which the EC governments reaffi rmed “their objective to facilitate the free movement of persons, while ensuring the safety and security of their people, by including provisions on Justice and Home Aff airs in this Treaty”. Based on the third pillar of the Maastricht Treaty,
51 SCH/Com-ex (94) 3. Th is Protocol is published in Tractatenblad (Dutch Treaty Series) 1994, no. 185; see also the Decision of the Schengen Executive Committee of 22 December 1994, OJ L 239/130, 22.9.2000.
52 Th e full text of the Palma Document is published in Guild & Niessen (1996), p. 443.
Brouwer ch-02.indd 25 4/4/2008 5:35:48 PM
26 Chapter 2
many instruments in the fi eld of police cooperation and criminal law were pro-posed and adopted.53
In practice, the decision-making with regard to these compensatory measures remained outside the Community framework. Measures in the fi eld of immigration and asylum law were placed alongside intergovernmental cooperation on inter-national fraud, terrorism and drug traffi cking. Important factors for achieving consensus were the negotiations in the Trevi Working Group and those between the Schengen states.54 Th e fi rst consolidated document on compensatory measures was the aforementioned Palma Document. Th e Palma Document diff erentiated between “ad intra” and “ad extra” measures. Where the fi rst category included cooperation in the fi eld of combating terrorism, drug traffi cking and judicial cooperation, the latter involved the (tightening of ) controls at external frontiers. According to the Palma Document, these measures implied legal, administrative and technical instruments and the harmonisation of criteria for the treatment of non-Community citizens. Aside from a common list of countries whose citizens are subject to a visa requirement and the harmonisation of criteria for granting visas and a European visa, it was also considered necessary to establish a common list of persons to be refused admission. According to this Palma Document, the establishment of a system for the exchange of information about persons who are either wanted or inadmissible would be an “essential” measure, to be achieved by the end of 1990. Th e computerisation of the exchange of information needed for visa processing was considered “desirable” and to be achieved by the end of 1991. Th e program in the Palma Document to some extent copied the measures included in the Schengen Agreement.55
In a declaration of 15 December 1989, the twelve Ministers responsible for immigration policy confi rmed their shared commitment to implement the Single European Act and to create a space with no internal frontiers by the end of 1992.56 Among the measures necessary to achieve this goal, this declaration referred to the harmonisation of visa practices and rules on the responsibility of Member States for asylum applications. Th e Ministers also referred to the need to share information: “In order to eff ectively implement visa policy and the jointly defi ned controls along our external borders , we feel it is essential that we should begin to exchange information about persons who must be refused access to the territories of one of our Member States on the grounds that their presence there could threaten security or public order in one of our states and we have
53 See A.H. Klip, Uniestrafrecht is op hol geslagen, NJB 11 April 1997, vol. 15, p. 663–671. 54 Den Boer (1996), p. 390. 55 J.J.E. Schutte, Strafrecht in Europees verband, Justitiële verkenningen, 1990, no. 9, p. 10. 56 Declaration by the ministers concerned with immigration, 15 December 1989, Press,
90/02/02.
Brouwer ch-02.indd 26 4/4/2008 5:35:48 PM
Towards Schengen: Th e Abolition of Internal Border Controls in Europe 27
decided to look into the best ways of doing this, with special reference to compu-terisation.” According to this declaration, the exchange of information could only be envisaged if the protection of individual liberties and privacy could be guaranteed in advance.
In July 1998, the Austrian Council Presidency presented a confi dential Strategy paper on immigration and asylum policy to the K4 Committee.57 In this so-called ‘non-paper’, the Austrian government proposed adopting a fi rm approach towards asylum seekers and immigrants transiting or attempting to transit through European territory. Th e paper focussed, among other things, on meas-ures enabling the detection and removal of unwanted immigrants by controlling “every step taken by a third-country national from the time he begins his journey to the time he reaches his destination” (point 85).
5.2. Pre-Border Selection: Visa Policy
Th e power to decide which foreign nationals may enter a country and which nationals may not, has always been among the competences of national states, inherent to their national sovereignty. Regional agreements between European states on the withdrawal of internal border control included cooperation in the visa policy. However, this cooperation did not result immediately in common visa lists. For example, Article 4 of the Benelux Agreement institutes a common visa policy which led to agreements with third countries and (secret) ministerial visa instruc-tions, but not to a common list. Th e preamble clause of the Nordic Passport Control Agreement of 1957 included the governments’ intention to apply identi-cal visa requirements and to aim for harmonised practices regarding the issue of visas. Article 4 of the Nordic Agreement only prescribed consultation between the Nordic states in the event of a change in visa requirements.
Within the Schengen framework, the participating states established a common visa list for the fi rst time. Th is list included the third countries for which nationals should obtain a visa before being allowed entry into the Schengen territory. With regard to the general visa policy, Article 20 of the Schengen Agreement of 1985 provided that the Schengen states would seek the harmonisation of their visa policies as one of the measures to be taken in the longer term. Th e Convention on the Implementation of the Schengen Agreement of 1990 (or CISA, see fur-ther below) only provided for the harmonisation of the short-stay visa policy. Th is resulted in the Common Visa Instruction, adopted in a decision of the Executive Committee on 14 December 1993, with a (confi dential) annex con-taining a joint list of states whose citizens are required to hold a visa by all
57 1.7.98, 9809/98 CK4 27, ASIM 170, Limite; Second draft, 29 September, 9809/1/98, Rev. 1 Limite, CK4 27, ASIM 170.
Brouwer ch-02.indd 27 4/4/2008 5:35:48 PM
28 Chapter 2
Schengen states (the so-called ‘black list’) and a list of countries whose nationals did not require a visa (‘white list’).58
Th e European Ministers responsible for immigration had been trying since 1987 to draw up a common list of countries whose nationals would require a visa before entering a Member State. On 1 January 1988, the Trevi Group decided to intro-duce a visa obligation for the nationals of fi fty countries. Th e Ministers agreed that harmonisation of the entry document should be based on solidarity, regardless of whether a Member State was having a problem with a particular country or not.59 In deciding whether to place third countries on the black list, the Member States used the following criteria: those countries which produced large numbers of asylum seekers and illegal immigrants and those which posed a security problem. It was also agreed that a list would be established of countries whose nationals did not require a visa to enter one of the EU countries (the ‘white list’).
In 1993, on the basis of Article 100C TEC, the Commission submitted a pro-posal for a Regulation determining the third countries whose nationals must be in possession of a visa when crossing external borders .60 Regulation 2317/95 was adopted in September 1995.61 Whereas the draft proposal of the Commission included 129 countries whose nationals must have a visa in order to enter a member state, the list annexed to the fi nal Regulation ‘reduced’ the number to 101 countries. In this Regulation ‘visa’ is defi ned as: “An authorisation given or a decision taken by a Schengen state which is required for entry into its territory with a view to an intended stay in that Schengen state of no more than three months in all; or transit through that territory of that Schengen state or several Schengen states except for transit through international zones of airports and transfers between airports in a Schengen state”.62 In 1995 a new Regulation 574/1999 on visa lists was adopted.63 Th is Regulation of 1999 was replaced in 2001 by Regulation 539/2001.64
5.3. Draft of an External Frontiers Convention
In June 1991, the Immigration Ad Hoc Group presented a draft for the External Frontiers Convention. Th e central aim of this convention was to regulate joint measures for external border control, a common visa policy and common rules on access to the territories of the participating states. Th is draft Convention provided,
58 SCH/II-Visa (93) 11, 6th rev., corr. 4. Th ese lists have been amended several times. 59 See Niessen (1996), p. 17 and 35. 60 OJ C 11/6, 15.01.1994. 61 Regulation 2317/95 of 25 September 1995, entering into force on 3 April 1996, OJ L 234. 62 See Article 5 repeated in the new Visa Regulation 2317/95, OJ L 234/1, 3.10.1995. 63 OJ 1999 L 72/2. 64 OJ L 81/1, 21.03.2001.
Brouwer ch-02.indd 28 4/4/2008 5:35:48 PM
Towards Schengen: Th e Abolition of Internal Border Controls in Europe 29
among other things, for the establishment of a European Information System. Th is system would, along the lines of its model, the Schengen Information System (see below), include information on persons to be refused entry. Neither the External Frontiers Convention nor the EIS became operational, partly due to the ongoing dispute between the UK and Spain on the sovereignty of Gibraltar.65 Th e fact that the use of SIS I was extended to other EC Member States as well made it less important to develop a separate European system. Like the Dublin Convention , the draft External Frontiers Convention did not include rules on the abolition of internal border controls. Th is illustrates that the compensatory meas-ures had become an important, self-contained purpose of the EC Member States and were independently handled.66 Th is policy was confi rmed by the Commission in a response in 1993 to a written question by the European Parliament members Verhagen and Janssen van Raay: “although the draft Convention is an essential measure for the abolition of internal frontier checks, it is not a condition for the realisation of this aim as clearly formulated in Article 8a of the EEC Treaty”.67
5.4. An Area of Freedom, Security, and Justice
Th e Amsterdam Treaty codifi ed the concept of an area of freedom, security and justice.68 Th e preamble to the Amsterdam Treaty reads: “Resolved to facilitate the free movement while ensuring the safety and security of their peoples, by estab-lishing an area of freedom, security and justice in accordance with the provisions of this Treaty.” Article 2 (4) of the EU Treaty speaks of “an area of freedom, secu-rity and justice in which the free movement of persons is assured in conjunction with appropriate measures with respect to external border controls, immigration, asylum and the prevention and combating of crime.” As we have seen above, the reasons for the compensatory measures with regard to the abolition of internal border controls were based on both economic and psychological grounds.69 Now, with the Amsterdam Treaty, the compensatory measures became a goal of EU cooperation in themselves.70 Th e Vienna Action Plan 1998, adopted by the Justice and Home Aff airs (JHA) Council on 3 December 1998, developed the
65 B. Melis, Negotiating Europe’s Immigration Frontiers, Deventer: Kluwer Law International 2001, p. 139.
66 J.D.M. Steenbergen, De grenzen van Schengen, in: P.R. Giuseppin & W.A.M Jansen, Het Akkoord van Schengen en vreemdelingen. Een ongecontroleerde grens tussen recht en beleid? Verslag studiedag OSR 31 October 1996, Utrecht: NCB 1997, p. 19.
67 Answer of the Commission to written question no. 1137/92, published in Migration News Sheet, March 1993, no. 120/93, p. 1.
68 OJ C 340, 10/11/1997. Th e Amsterdam Treaty will be dealt with further below. 69 House of Lords report on Border Control of People, November 1989. 70 See also section 7 below.
Brouwer ch-02.indd 29 4/4/2008 5:35:48 PM
30 Chapter 2
further measures to be taken in order to establish the area of freedom, security and justice71 Th is Action Plan was especially focussed on the security issue. As Swart points out, even the notions of ‘freedom’ and ‘justice’ in this Action Plan could be interpreted as aspects of security.72
Th e realisation of “an area of freedom, security and justice” was also the cen-tral theme of the special meeting of the European Council of 15–16 October 1999 in Tampere (Finland).73 In its conclusions, the Council announced the development of a more transparent decision-making process by making full use of the powers of Amsterdam Treaty . In the fi eld of border control and illegal immigration, the European Council underlined the need for a more effi cient management of migration fl ows “at all their stages” (point 22). In the fi rst place, this included setting up information campaigns in close cooperation with coun-tries of origin and transit concerning the possibilities for legal immigration and for the prevention of all forms of traffi cking in human beings. Th e European Council also underlined the need for the development of a common active policy on visas and false documents and for closer cooperation between EU consulates in third countries. Where necessary, the Member States should establish com-mon EU visa issuing offi ces. Th e European Council asked the Schengen states to cooperate with each other but also with Europol in the fi ght against criminal networks facilitating illegal immigration. In the Tampere Conclusions , the Council emphasised the need to prevent illegal immigration and for closer co-operation and mutual technical assistance between the Member States’ border control services. However, data processing and the establishment of databases was not a separate issue.
Th e Tampere Conclusions explicitly dealt with the status of legally resident third-country nationals in the EU. In their conclusions, the European leaders recognised for the fi rst time that freedom of movement should not be the exclu-sive preserve of EU citizens. “It would be in contradiction with Europe’s tradi-tions to deny such freedom to those whose circumstances lead them justifi ably to seek access to our territory.” In point 18 of the Tampere conclusions, the EU leaders stated that the European Union must ensure “fair treatment of third-country nationals who reside legally on the territory of its Member States.” Based on a more vigorous integration policy, legally resident third-country nationals should be granted rights and obligations comparable to those of EU citizens.
71 OJ 1999, C 19/1. 72 A.H.J. Swart, Een ware Europese rechtsruimte, Deventer: Gouda Quint 2001, p. 7. 73 Conclusions 16 October 1999, Press: no. 200/1/99. Th e conclusions can be found on the web
site of the Council: http://www.consilium.europa.eu.
Brouwer ch-02.indd 30 4/4/2008 5:35:48 PM
Towards Schengen: Th e Abolition of Internal Border Controls in Europe 31
Th e European Council concluded that the legal status of third-country nationals should be approximated to that of Member States’ nationals.74
Since 2000, the Commission has submitted so-called ‘scoreboards’, setting timetables and giving details on the progress made in the legislative process. On 4 November 2004, the European Council adopted Th e Hague programme, setting out the objectives to be implemented in the area of freedom, security and justice during the period 2005–2010.75 In this Th e Hague programme, under the headings “Management of migration fl ows” and “Strengthening Security”, the use of databases, biometrics and the exchange of information was given a central role in forthcoming policies.76 Th is new emphasis on ‘information policies’ will be discussed further in Chapter 5.
5.5. Common Mechanisms for External Border Controls
Th e emphasis on border controls as a security mechanism has been reinforced since the events of 11 September 2001 in the United States, as well as following the terrorist attacks in Spain in 2004 and in the UK in 2005. In meetings after 11 September 2001, the European governments repeatedly expressed their will to combat terrorism eff ectively. To this end, the EU Council adopted various decisions, including measures in the fi eld of immigration and asylum .77 Th e European Council underlined the importance of effi cient external border con-trols in its meeting of December 2001, stating that:
“Better management of the Union’s external border controls will help in the fi ght against terrorism, illegal immigration networks and the traffi c in human beings. Th e European Council asks the Council and the Commission to work out arrange-ments for cooperation between services responsible for external border control and
74 Th is approximation is further elaborated in point 21: “A person, who has resided legally in a Member State for a period of time to be determined and who holds a long-term residence per-mit, should be granted in that Member State a set of uniform rights which are as near as possible to those enjoyed by EU citizens; e.g. the right to reside, receive education, and work as an employee or self-employed person, as well as the principle of non-discrimination vis-à-vis the citizens of the state of residence.”
75 Th e Hague Programme : Strengthening freedom, security, and justice in the European Union. 16054/04, 13.12.2004.
76 Section 1.7 and 2 respectively. See, for a more detailed analysis of Th e Hague Programme : T. Balzacq & S. Carrera, Security versus Freedom? A Challenge for Europe’s Future, Aldershot: Ashgate 2006.
77 An overview of the adopted and proposed measures in the fi rst six months after 11.09.2001 is given in: E. Brouwer, P. Catz & E. Guild Immigration, Asylum and Terrorism. A Changing Dynamic in European Law, Nijmegen: Recht & Samenleving, no. 19 2003. See also A. Baldaccini & E. Guild Terrorism and the Foreigner – A Decade of Tension around the Rule of Law in Europe, Leiden: Martinus Nijhoff Publishers 2006.
Brouwer ch-02.indd 31 4/4/2008 5:35:48 PM
32 Chapter 2
to examine the conditions in which a mechanism or common services to control external borders could be created (…).”78
Since the terrorist events, policymakers increasingly relied on border controls as a panacea, on the one hand to protect internal security , including protection from military or terrorist threats, and on the other hand, to protect against illegal immigration, the ‘mass infl ux of migrants’, or human traffi cking.79 To substanti-ate this protection, the EU governments developed diff erent mechanisms: priva-tisation and ‘ex-territorialisation’ of border controls to countries of origin and strengthening the role of embassies and travel agencies.
In February 2002, the Council published the Comprehensive Plan to combat illegal immigration and traffi cking of human beings in the European Union which further emphasised the need for external border controls.80 Th is Plan contained proposals such as the development of a European Visa Information System, the setting up of joint border management teams, the establishment of common standards with regard to return policy and a role for Europol with regard to the fi ght against illegal traffi cking. In its Communication on the ‘Integrated Management of the External Borders’, the Commission proposed the installation of a European Corps of Border Guards.81 According to consideration 51, the powers of the staff of the European Corps of Border Guards could be confi ned territorially to the strict needs of the surveillance and checks provided for by Article 62 TEC, without prejudice to police cooperation eff orts under agree-ments based on Articles 7 and 47 of the CISA. “One might envisage confi ning them, for surveillance purposes, to a strip a few hundred metres wide at external land borders and to a portion of the territorial waters. Some land, maritime and air-crossing points could be included for the purposes of checks. Th ese portions of territory, enjoying special status, should be listed exhaustively and be delim-ited precisely by maps and plans, which could be annexed to the Common Manual for External Borders.” At the European Conference in Seville, June 2002, the European Council also focussed on the preservation of internal security and the prevention of crimes and terrorism. Among other things, the Council called for common measures on controlling the EU’s external borders .82
On 11 November 2003, the Commission adopted a proposal for a Regulation establishing a European Agency for the Management of Operational Co- operation
78 Conclusion no. 42 of the Laeken European Council of 14 and 15 December 2001. 79 See D. Bigo & E. Guild (eds), Controlling Frontiers. Free movement into and within Europe,
Aldershot: Ashgate 2005. 80 OJ 2002, C 142. 81 Brussels, 7.5.2002, COM(2002) 233 fi nal. 82 See S. Peers, EU immigration and asylum law after Seville, Tolley’s Immigration, Asylum and
Nationality Law, London: Tolley’s, vol. 16, no. 3, 2002.
Brouwer ch-02.indd 32 4/4/2008 5:35:48 PM
Towards Schengen: Th e Abolition of Internal Border Controls in Europe 33
at the External Borders.83 Th is resulted in the establishment of the so-called Frontex agency with the adoption of Regulation 2007/2004 of 26 October 2004.84 Th is European Agency for the Management of Operational Cooperation at the External Borders of the Member States of the European Union is situated in Warsaw (Poland) and started its operations in 2005. Furthermore, on 15 March 2006, the Regulation on the Community Code governing the movement of persons at the bor-ders replaced the Schengen Common Manual on Border Control.85 Th is Regulation, which will be dealt with further in Chapter 9, includes rules on the measures and powers of authorities controlling the movement of persons at the external borders of the EU.
6. Th e Convention Implementing the Schengen Agreement
6.1. Negotiations
Th e fi nal text of the CISA, signed on 19 June 1990, was the result of a long period of negotiations between senior offi cials and national experts of the con-tracting parties. Th e states signing the Schengen Agreement made it very clear from the beginning that from a police standpoint the planned abolition of bor-der controls could only be tolerated if the expected defi cits were more or less compensated.86 In 1988 the European Commission was invited to join the Schengen negotiations with observer status. Th e fi nal decisions on the measures to implement the Schengen Agreement were taken by the responsible Ministers and Secretaries of the participating states. Th eir decisions were prepared by senior offi cials from each state who gathered in the so-called Central Group of Negotiators (later ‘Central Group’). From September 1987 onwards, the negoti-ations preparing the fi nal decision-making took place in diff erent working groups. Working group I dealt with police and security matters, working group II was concerned with free movement, working group III dealt with transport, and group IV with customs and circulation. Each Working Group created its own sub groups and ad hoc groups for the specifi c problems to be solved. Many of these groups would continue their work after the signature of the Convention Implementing the Schengen Agreement or CISA.
Initially, each working group drafted its own proposals for the regulations it considered necessary for the implementation of the Schengen Agreement.
83 COM (2003) 687. 84 OJ L 349, 25.11.2004, p. 1–11. 85 Regulation 562/2006 of 15 March 2006, OJ L 105/1, 13.4.2006. Entered into force on 13
October 2006. Hungary voted against and Slovenia abstained. 86 B. Schattenberg, SIS: Privacy and Legal Protection, in: Schermers (1993), p. 45.
Brouwer ch-02.indd 33 4/4/2008 5:35:48 PM
34 Chapter 2
On 14 June 1988, in Luxembourg, the participating Ministers and Secretaries of State discussed a fi rst draft proposal for the complementary convention with regard to the free movement of persons, border control, visa, right of residence and asylum . On 19 June 1988, the Central Group of Negotiators decided to draft one treaty regulating all the diff erent subjects as a whole. Th e themes of the four working groups would remain the basis for the subsequent structure of the CISA. In subsequent discussions, the Central Group used a draft document which was submitted by the Dutch delegation.87 At the end of 1988, the drafts of the major-ity of the Convention were fi nalised. Th e remaining problems were to be solved during 1989. On 13 November 1989, the Ministers and Secretaries of State adopted the fi nal decisions necessary to agree on the fi nal text of the Convention. Th is agreement was to make it possible for the participating states to sign the Convention in December 1989, which would make the lifting of internal border controls with eff ect from 1 January 1990 still a realistic option. However, the fall of the Iron Curtain in Berlin on 9 November 1989 and the subsequent reunifi ca-tion of West and East Germany forced the negotiators to change their plans. Th e draft Convention which was approved by the Schengen Ministers on the 13 November 1989 did not take into account the new situation in Germany. Negotiations started again in March 1990, during which the German government proposed certain amendments to the Convention. Th ese amendments included the visa policy towards Eastern European countries. Under the presidency of the Dutch government, the CISA was fi nally signed on 19 June 1990.
6.2. Content of the CISA
Although these subjects were the original incentives for the initial Schengen cooperation, the measures regarding transport and the movement of goods repre-sented only a small part of the fi nal text of CISA (Title V). Provisions concerning these subjects had been replaced by EC secondary law before the CISA became operational. Th e largest part of the CISA concerns provisions regarding border control and border surveillance, including provisions concerning visa require-ments, regulation of the responsibility for asylum applications, provisions con-cerning police and security, including police cooperation, the rules for hot pursuit, extradition, and the ne bis in idem principle. Furthermore, as will be dis-cussed later, the CISA contains a separate section on the Schengen Information System (Title IV CISA) and on the protection of personal data (Title VI).
Chapter 7 of Title II of the CISA includes rules on the responsibility for processing applications for asylum . Th is part of the CISA was replaced in 1997 by the Dublin Convention . Title III of CISA deals with Police and security,
87 Police and Security, 27.10.88, SCH/1 (88) 7 rev.
Brouwer ch-02.indd 34 4/4/2008 5:35:48 PM
Towards Schengen: Th e Abolition of Internal Border Controls in Europe 35
including rules for cooperation between police authorities. Th is cooperation includes assistance for the prevention and detection of criminal off ences and sur-veillance of suspected persons at the request of another Schengen state. Under certain circumstances, the CISA also provides for the possibility for national police authorities to continue the pursuit of an individual on the territory of another Schengen state without the latter’s prior authorisation (‘hot pursuit’). Title III of the CISA regulates mutual assistance in criminal matters, the applica-tion of the ne bis in idem principle and extradition, and cooperation in the pre-vention and punishment of illegal traffi cking in drugs, fi rearms and munitions.
6.2.1. Title II: Abolition of Checks at Internal Borders and Movement of PersonsTitle II CISA includes the rules for crossing external borders , the issue of visas and the conditions governing the movement of third-country nationals.88 Although the CISA of 1990 is based on the principle of the abolition of border controls, there is a clear diff erence between this Treaty and its predecessor: the Schengen Agreement of 1985. As pointed out by Lavenex, where the latter Agreement “focuses on borders from the point of view of their abolition, Schengen II can be read as ‘a re-confi rmation of the function of borders for state sovereignty and security’ ”.89 Article 5 CISA contains the general conditions which must be fulfi lled before a third-country national may be granted entry to the Schengen territory. Th ese conditions are:
– the person must be in the possession of a valid document, authorising him or her to cross the borders;
– the person must have the required visa;– he or she must be able to produce, if necessary, documents justifying the pur-
pose and conditions of the intended stay; and he or she must have suffi cient means for the stay and for returning to the country of origin;
– the person may not have been reported in the SIS for the purpose of refusing entry; and
– the person is not to be considered a threat to public policy, national security or the international relations of any of the contracting parties.
In principle, the Schengen states are obliged to refuse a person entry to the Schengen territory if this person does not fulfi l all these conditions. Th ere is only
88 See, for the eff ects of the CISA on the free movement of persons: J.D.M. Steenbergen, Schengen and the movement of persons, and T. Hoogenboom, Free movement of non-EC nationals, Schengen and beyond, both published in H. Meijers et al., Schengen Internationalisation of cen-tral chapters of the law on aliens, refugees, privacy, security and the police, Leiden: Stichting NJCM-Boekerij 1992, pp. 57 and 74.
89 Lavenex (2002), p. 94.
Brouwer ch-02.indd 35 4/4/2008 5:35:49 PM
36 Chapter 2
one exception to this obligation. According to Article 5 (2), a country may grant a person entry to the territory of that particular country if this is considered nec-essary on humanitarian grounds, on grounds of national interest, or because of international obligations.
6.2.2. Visa RulesIn 1993, on the basis of Article 132 CISA, the Schengen Executive Committee adopted Common Consular Instructions regarding visas for the diplomatic and consular posts of the Contracting Parties.90 Part V of these Instructions includes basic criteria to be used by diplomatic missions or consular posts when examining visa applications. Th ese instructions make it clear that the main issues to be taken into account by the national authorities when examining visa applications are the security of the Schengen States and the fi ght against illegal immigration. As far as security is concerned, national authorities are advised to check that the necessary controls have been performed. Th ese checks include searching the fi les containing alerts (alerts for the purposes of refusing entry) in the Schengen Information System and consultation with the central authorities of the coun-tries subject to this procedure.
According to the instructions, the diplomatic missions and consular posts carry full responsibility for assessing whether an immigration risk exists. Th ese instructions make it clear that visa policy is about making a distinction between bona fi de persons and those posing a security or immigration risk. Th is can be illustrated by comparing the reasons given by the Commission for the exclusion and inclusion of certain countries on the visa lists in the explanatory memorandum to EC Visa Regulation 539/2001.91 Th ese criteria are grouped under three main headings: illegal immigration, public policy and international relations. Th e assessment of the applicability of these criteria by the staff members of consulates or embassies should, on the one hand, be made on the basis of their own experience in ‘profi ling’ and by recognising the diff erent categories of persons, using the visa lists, including the risk countries. Th is profi ling, as pointed out by Guild, is thus not based on individual characteristics, but on the nationality of the person con-cerned.92 On the other hand, this assessment should be made on the basis of the exchange of information between consular posts and on the basis of information
90 Decision of 14 December 1993. Th e Common Consular Instructions were incorporated in the Schengen acquis , listed in Annex A to Council Decision 1999/435/EC, OJ L 176, 10.7.1999. See for amended version OJ C 313, 16.12.2002. Th e full text of the Instructions is published in OJ C 326, 22.11.2005.
91 OJ 2001 L 81, 21.03.2001. 92 E. Guild, Moving the Borders of Europe, Inaugural lecture, Nijmegen: University of Nijmegen
2001.
Brouwer ch-02.indd 36 4/4/2008 5:35:49 PM
Towards Schengen: Th e Abolition of Internal Border Controls in Europe 37
systems such as the SIS I. In Chapter 5, we will see how the Visa Information System has been developed for precisely this aim.
In 2006, Annex 12 of the Common Consular Instructions was amended by a Council Decision increasing the amount fees to be charged “corresponding to the administrative costs of processing visa applications”.93
6.2.3. Free CirculationOne of the important positive eff ects of the CISA for legally resident third-coun-try nationals is of course their freedom of circulation94 and the abolition of visa requirements for third-country nationals who travel from one Schengen country to another.95 Th is free circulation is based on Article 19 of the Convention and applies to third-country nationals who hold a uniform visa and who legally entered the territory of one of the contracting parties. Th e right to free circula-tion applies only during the period of validity of their visas and does not apply to persons whose visa is territorially limited to one country. Article 20 CISA regu-lates the free circulation of third-country nationals who are not subject to a visa requirement: this right applies for a period no longer than three months. For both categories, the requirements of Article 5 (a), (c), (d) and (e) must be ful-fi lled. Th is means that in accordance with Article 5 (d) offi cials shall check whether the person is enlisted in the SIS I for the purpose of refusing entry. According to Article 21, third-country nationals with a valid residence permit for one of the Schengen countries may travel freely within the Schengen territory for up to three months. Here too, the conditions of Article 5 (a), (c), (d) and (e) apply. Th is means that the right to free movement does not apply to third-coun-try nationals who are registered in the SIS or a national list of alerts. An impor-tant restriction on this right of free circulation includes the obligation in Article 22, which states that the third-country national should report to the appropriate authorities within three days of arrival.
6.2.4. Priority of the Community RulesArticle 134 CISA confi rms the priority of the Community rules: “Th e provisions of this convention shall apply only insofar they are compatible with Community law”. Finally, Article 142 states that the contracting parties shall agree on the conditions
93 OJ L 175/77, 29.06.2006. 94 Note the diff erence in terms between ‘free movement of persons’, which applies only to EC
nationals and includes the right to reside, and ‘freedom of circulation’, which limits the right to be admitted into one or more countries for a visit of no more than three months.
95 Th is was already included in Article 8 of the Benelux Treaty on the Transfer of Border Controls to the External Borders of the Benelux Area.
Brouwer ch-02.indd 37 4/4/2008 5:35:49 PM
38 Chapter 2
under which the provisions of this Convention are to be replaced or amended, whenever conventions are reached between the Member States of the European Communities with a view to the completion of an area without internal frontiers.
6.3. Entry into Force and Players
6.3.1. Entry into Force of the CISATh e CISA entered into force on 1 September 1993. France was the fi rst state to ratify the CISA, on 30 July 1991. Germany ratifi ed the Convention on 15 July 1993, after having amended the German Constitution by weakening the original constitutional right concerning asylum . Th e Netherlands ratifi ed the CISA on 30 July 1993. However, the treaty did not become eff ective until 26 March 1995. Th is late application of the CISA was due to the fact that the Schengen Information System did not become operational until this time. As we will see in the following sections, the operational launch of the SIS I had to be postponed several times. With eff ect from 26 March 1995, the CISA was applicable to the three Benelux countries, France, Germany, Portugal and Spain. In the two latter countries the CISA had entered into force on 1 March 1994. On 26 October 1997, the CISA became applicable in Italy, on 1 December 1997 in Austria, and on 8 December 1997 (partially) in Greece. In Greece, the full abolition of internal border controls took place in 2000.96 Th e delay between the date of signature and the date of entry into force of the CISA in these latter countries was a consequence of the fact that these countries fi rst had to adopt their data protection law.
6.3.2. Position of the Nordic CountriesTh e fi ve Nordic countries acquired observer status in the Schengen negotiations after 1 May 1996.97 Denmark, Sweden and Finland signed an agreement on acces-sion to the CISA on 19 December 1996. Although Iceland and Norway, as non-EU members, could not be formally admitted to the Schengen Group, they signed an Association Agreement, affi liating themselves with the Schengen cooperation. Th e EU Council which, after the incorporation of the Schengen acquis into EU law on 1 May 1999, had taken over the role of the Schengen Executive Committee, affi rmed in a decision of 1 December 2000 that the fi ve Nordic countries fulfi lled the necessary requirements for Schengen membership. Th erefore, with eff ect from
96 Italy signed on 27 November 1990, Spain and Portugal on 25 June 1991, Greece on 6 November 1992 and Austria on 28 April 1995.
97 See, for more details on the relationship between the Nordic countries and Schengen: Kim U. Kjaer (2003), p. 169–190.
Brouwer ch-02.indd 38 4/4/2008 5:35:49 PM
Towards Schengen: Th e Abolition of Internal Border Controls in Europe 39
25 March 2001, the Schengen acquis also became applicable in Denmark, Sweden, Norway, Iceland and Finland.98
Denmark acquired a special position with regard to Title IV TEC, with the signature of the Amsterdam Treaty . On the basis of a Protocol annexed to the Amsterdam Treaty regarding the position of Denmark, Denmark participates fully in the legislation based on Title VI TEU, but not in that of Title IV TEC. Based on Article 5 of this Protocol, Denmark may decide whether the latter measures will be transposed into its national laws within six months of its adop-tion by the Council. Th ese measures included the instruments implementing or amending the Schengen acquis which is incorporated into Title IV TEC. On 18 September 2000, the fi ve Nordic countries signed the ‘Supplementary Agreement’ to the Nordic Passport Control Agreement, which implemented both the Schengen Protocol and the Association Agreement. Th is Supplementary Agreement entered into force on 22 April 2001.
6.3.3. Position of UK and IrelandTh e United Kingdom and Ireland originally took no part in the Schengen coopera-tion due to their strict interpretation of the defi nition of ‘the internal market’.99 Th e UK government refused to agree to measures for the abolition of ‘internal border controls’ between the UK’s borders and those of the European continent, claiming that those borders remained their external borders . However, attracted by the benefi ts of the ‘compensatory measures’ taken within the framework of Schengen, the gen-eral reservation of the UK was gradually replaced by an opt in/opt out system. Ireland and the UK have the possibility, subject to the provisions of Articles 4 and 5 of the Protocol integrating the Schengen acquis into the framework of the European Union (hereinafter referred to as ‘the Schengen Protocol’), to participate in some or all of the provisions of the Schengen acquis and in proposals and initiatives concern-ing areas of cooperation which build upon the Schengen acquis. In a decision of 29 May 2000, the EU Council not only granted the UK and Ireland an opt-in posi-tion with regard to the measures based on Title IV TEC, but also agreed to the par-tial participation of the UK and Northern Ireland in some of the provisions of the Schengen acquis.100 Th is included, among other things, the provisions of the CISA
98 Council Decision of 1 December 2000 on the application of the Schengen acquis in Denmark, Finland and Sweden, and in Iceland and Norway, OJ 2000, L 309/24.
99 See also L. Pallett, Th e UK position. Implementing the Schengen Protocol, in: L. Marinho, Asylum, Immigration and Schengen Post Amsterdam, Maastricht: EIPA 2001, p. 91–95.
100 Council Decision 2000/365/EC of 29 May 2000 concerning the request of the United Kingdom of Great Britain and Northern Ireland to take part in some of the provisions of the Schengen acquis OJ L 131, 01.06.2000 pp. 43 – 47.
Brouwer ch-02.indd 39 4/4/2008 5:35:49 PM
40 Chapter 2
and the decisions of the Schengen Executive Committee on carrier sanctions (Article 26), on police cooperation (Articles 39 and 40, and Articles 42 and 43 to the extent that they relate to Article 40), mutual assistance in criminal matters (48), extradition and measures to combat drug traffi c. Th e JHA Council further agreed, at the request of Ireland, to participate in some of the provisions of the Schengen acquis by its decision of 28 February 2002.101
Furthermore, a separate agreement was concluded between the EU and Iceland and Norway on the establishment of rights and obligations between Ireland and the United Kingdom on the one hand, and Iceland and Norway on the other hand in areas of the Schengen acquis which apply to these states.102
6.3.4. New EU Member StatesBetween 1987 and 1996 thirteen countries submitted applications to join the EU: Bulgaria, Cyprus, the Czech Republic, Estonia, Hungary, Latvia, Lithuania, Malta, Poland, Romania, Slovakia, Slovenia and Turkey. Th e enlargement proc-ess started with the Luxembourg European Council of 12 and 13 December 1997. Based on the so-called Copenhagen criteria , the candidate states had to ful-fi l the economic and political conditions which included: a stable democracy with respect for human rights and the rule of law and the protection of minori-ties, a working market economy and the adoption of the common rules, standards and policies of EU law.
Th e European Council of December 2002 found that, with the exception of Bulgaria, Romania and Turkey, all the candidate countries fulfi lled the conditions necessary for joining the EU.103 On the 1 May 2004, after completing the ratifi ca-tion procedures for their accession treaties, these ten new countries formally became Member States of the EU. With regard to the application of the Schengen acquis for the new Member States, Article 8 of the Schengen Protocol mentioned above states that: “For the purposes of the negotiations for the admission of new Member States into the European Union, the Schengen acquis and further measures taken by the institutions within its scope shall be regarded as an acquis which must be accepted in full by all states candidates for admission”. Th is means that, as from 1 May 2004 the Schengen acquis applies to those countries. As we will see below, the operation of SIS I in those countries has been postponed.
Th e Accession Treaty with Romania and Bulgaria was signed on 25 April 2005. In October 2006, the EU Council (General Aff airs) decided that Romania and
101 OJ L 64, 07.03.2002, Council Decision 2002/192/EC of 28 February 2002, concerning Ireland’s request to take part in some provisions of the Schengen acquis .
102 OJ L 015/2 20.01.2000. 103 Presidency Conclusions, 12 and 13 December 2002, 15917/02.
Brouwer ch-02.indd 40 4/4/2008 5:35:49 PM
Towards Schengen: Th e Abolition of Internal Border Controls in Europe 41
Bulgaria also fulfi lled the necessary conditions and were able to become EU Member States as from 1 January 2007.104
7. Treaty of Amsterdam : Th e Incorporation of the Schengen Acquis in EU Law
7.1. Title IV TEC: Communitisation of Asylum and Immigration Law
Th e Amsterdam Treaty entered into force on 1 May 1999.105 For the European developments on immigration and asylum law, the Amsterdam Treaty has been important for at least two reasons. In the fi rst place, it transferred the whole area of the policy with regard to the free movement of persons from the intergovern-mental level (the ‘third pillar’) to the community decision-making level (the ‘fi rst pillar’). A second important achievement was the incorporation of the Schengen acquis into the law of the EU treaties, to be dealt with in the next section.
Th e new EC competence on immigration and asylum law is provided in Title IV TEC. Article 61 (a) TEC provides that in order to establish “progressively an area of freedom, security and justice”, the Council would have to adopt measures aiming to ensure the free movement of persons in accordance with Article 14 TEC (concerning the internal market) within fi ve years from the entry into force of the Treaty of Amsterdam . Th ese measures would include “fl anking measures with respect to external border controls, asylum and immigration”, to be adopted in accordance with the provisions of Article 62 (2) and (3) and Article 63 (1) (a) and (2) (a) TEC. Th e measures to prevent and combat crime would have to be taken in accordance with the rules of the third pillar (Article 31 (e) TEU).
Th e measures referred to in Articles 62 and 63 TEC include provisions for cross-ing the external borders of the Member States, such as standards and procedures to be followed by Member States in carrying out checks on persons at such borders and the rules on visas for an intended stay of no more than three months. Furthermore, they include measures setting out the conditions under which nationals of third countries shall have the freedom to travel within the territory of the Member States for a period of no more than three months. Article 63 TEC also provides the basis for legislation in the fi eld of asylum policy and regarding refugees and displaced persons, for the conditions of entry and residence and for standards concerning procedures for the issue of long-term visas and residence permits, including family reunifi cation . It is also the basis for rules with regard to illegal immigration and the repatriation of illegal residents and, fi nally, for measures
104 Conclusions EU Council, 17 October 2006, 13339/06 (Presse 264). 105 OJ C 340, 10/11/1997.
Brouwer ch-02.indd 41 4/4/2008 5:35:49 PM
42 Chapter 2
defi ning the rights and conditions under which third-country nationals legally residing in one Member State may reside in other Member States as well.
Th e rules based on Title IV TEC were to be adopted in accordance with the procedure in Article 67 TEC. Th is meant that, for a period of fi ve years, the deci-sion would be taken unanimously by the Council with only a consultative role for the European Parliament. After fi ve years, the Council would take a new decision regarding whether and to which fi eld the co-decision procedure of Article 251 would be applied. During the negotiations leading to the Treaty of Nice of 2000, the Member States were unable to reach an agreement on the applicable procedures (QMV or decision by unanimity) for all matters in the fi eld of immigration and asylum law.106 However, the end of the transitional period did immediately result in the exclusive right of the Commission to make proposals and for QMV and co-decision for the EP with regard to most of the visa rules.107 Since 1999, diff erent instruments in the fi eld of immigration and asylum law have been proposed and adopted on the basis of Title IV TEC.108
To summarise, even if the Amsterdam Treaty did not provide for the immediate or full application of the community decision-making process, nor for the full power of the European Court of Justice, the Treaty represented an important step in the further democratisation and transparency of EU immigration and asylum law.
7.2. Incorporation of Schengen into EU Law: Marriage of Convenience or Repairing the Democratic Defi cit?
Th e entry into force of the Amsterdam Treaty included the incorporation of the so-called ‘Schengen acquis ’ on the basis of the Schengen Protocol which was attached to the Amsterdam Treaty.109 Th is Schengen acquis includes not only the Schengen Agreement of 1985 and the CISA, but also the accession protocols and agreements and the decisions and declarations which were adopted by the Schengen Executive Committee for the implementation of the CISA. Depending on whether these instruments dealt with ‘fi rst pillar’ or ‘third pillar’ subjects, they were brought within the scope of Community law (TEC) or the law of the European Union (TEU). Th e Schengen Executive Committee was replaced by
106 See, in more detail, S. Peers, From Black Market to Constitution: Th e Development of the Institutional Framework for EC Immigration and Asylum Law, in S. Peers & N. Rogers (eds.), EU Immigration and Asylum Law: Text and Commentary, Leiden/Boston: Martinus Nijhoff Publishers 2006, p. 19 ff .
107 Except for the measures on the visa lists (Regulation 2001/539) and the visa format, for which the consultation procedure still applies.
108 Th ese instruments will be discussed in Chapter 9. 109 Protocol integrating the Schengen acquis into the framework of the European Union. OJ
C 340/96. 10.11.1997.
Brouwer ch-02.indd 42 4/4/2008 5:35:49 PM
Towards Schengen: Th e Abolition of Internal Border Controls in Europe 43
the EU Council and the decisions amending or implementing the Schengen acquis are now taken by Ministers of Justice and Home Aff airs. One of the conse-quences of this shift in ‘government’ from the Executive Committee to the JHA Council was that an important source of information about Schengen disap-peared. Whereas the former Schengen Executive Committee used to present an annual report on the implementation of the Schengen acquis, this reporting was not replaced by a comparable publication by the JHA Council. As for the position of Norway and Iceland as non-EU Member States, a solution had to be found for further decision-making based on the Schengen acquis. Since June 1999, when-ever decisions are made on the basis of the Schengen acquis, the Ministers of Justice and Home Aff airs will have a meeting in the so-called ‘Mixed Committee’ which includes the responsible Ministers of Iceland and Norway.110 Th ese meet-ings are held immediately after the regular meetings of the JHA Council.
Th e incorporation of the Schengen acquis into the EU framework has been described as a “marriage of convenience from which both partners benefi ted”.111 In the fi eld of justice and home aff airs, the EU cooperation profi ted from the large, operational set of instruments which had been realised by ‘Schengen’. Th e fact that Schengen meanwhile was being applied by almost all the EU Member States made its integration in the larger EU framework inevitable.112 With their incorporation into the EU law, the results achieved during the Schengen negotiations gained legiti-macy. By incorporating the Schengen acquis into EU law, acceptance of these meas-ures could be used as an accession condition for the new EU Member States. Th ese latter States were obliged, based on Article 8 of the Schengen Protocol, to accept the Schengen acquis even if these countries did not participate at all in the drafting of those rules. Of course, this defi ciency applies to the whole of the EU acquis. Nevertheless, there is a disparity between, on the one hand, the obligation upon new EU Member States to accept the whole of the Schengen acquis and, on the other hand, the fl exible approach which has been chosen with regard to the ‘old’ EU Member States: the UK, Ireland and Denmark. Th is latter ‘Europe à la carte’ as pro-vided in the protocols attached to the Amsterdam Treaty met with criticism, not
110 Decision no. 1/1999 of the EU/Iceland and Norway Mixed Committee established by agree-ment concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the latters’ association in the implementation, application and development of the Schengen acquis of 29 June 1999 adopting its Rules of Procedure, OJ 1999 C 211/9, 23.07.1999.
111 M. den Boer & L. Corrado, For the Record or Off the Record: Comments About the Incorporation of Schengen into the EU, in: European Journal of Migration and Law, 1:397–418 1999.
112 G. de Kerchove, Un espace de liberté, de sécurité et de justice, in: M. den Boer, A. Guggenbühl, S. Vanhoonacker, Coping with Flexibility and Legitimacy after Amsterdam, Maastricht: EIPA 1998, p. 197–204.
Brouwer ch-02.indd 43 4/4/2008 5:35:49 PM
44 Chapter 2
only because it would aff ect the readability of the EU Treaties, but also because it would hinder the uniform and equal application of EU law.
However, in general, ‘Schengen’ gained transparency with its incorporation into EC and EU law. One of the major objections against the Schengen coopera-tion was its secrecy of decision-making, the lack of democratic accountability and the absence of any judicial control.113 Th e Schengen Agreement was not submit-ted to parliamentary control which allowed for signature without reservation con-cerning its ratifi cation or approval.114 Th e negotiations in the working group and sub-committees on the draft texts for the CISA remained secret and the decisions which were taken by the Executive Committee on the application of the CISA lacked any parliamentary scrutiny. Th e national parliaments (with a few excep-tions) and the European Parliament were not involved or properly informed about this decision-making. For example, the common visa instruction of 14 December 1993 including the list of countries for whose nationals a visa was required for the Schengen territory remained secret until the Dutch Parliament explicitly requested the publication of these lists. Th e publication of the whole Schengen acquis in 2000 was an important achievement for the transparency of the applicable rules, despite the fact that some documents remained confi dential.115 Also, the Court of Justice acquired competence to judge the implementation and application of Schengen law. Depending on whether the law or decisions were incorporated into Title IV TEC or Title VI TEU, the competence of the ECJ with regard to the Schengen acquis is found in Article 68 TEC or Article 35 TEU respectively.116
8. Schengen: Successful Laboratory for the EU?
Schengen is often labelled an experimental garden or laboratory for the work in the community framework.117 Whether this experiment has proven successful depends on the perspective of the parties involved and on which goals were meant
113 Dealt with in Meijers (1992), as well as by D. O’Keeff e, European Immigration Law and Policy, in: A. Pauly (ed.), Les accords du Schengen: Abolition des frontières intérieures ou menace pour les libertés publiques?, Maastricht: EIPA 1993, p. 174.
114 Only in the Netherlands, the convention was subjected to parliamentary approval before it entered into force, Tractatenblad (Dutch Treaty Series) 1986, No. 34. C. Elsen, Les structures administratives de Schengen, in: Pauly (1993), p. 19.
115 Th e Schengen acquis is published in OJ L 239, 22.09.2000. 116 Th e fi rst judgment on a preliminary question concerning the national implementation of CISA
was given by the European Court of Justice on 11 February 2003 in the joint cases C-187/01(Gözütok) and C-385/01 (Brügge).
117 For example V. Hreblay, Les Accords de Schengen. Origine, Fonctionnement, Avenir, Brussels: Bruylant 1998, p. 17: ‘L’espace Schengen est considéré comme le laboratoire de la libre circula-tion’. See also Steenbergen (1997), p. 18–25; H. Verschueren, ‘Vrij verkeer van personen in
Brouwer ch-02.indd 44 4/4/2008 5:35:49 PM
Towards Schengen: Th e Abolition of Internal Border Controls in Europe 45
to be achieved. With regard to the goal of abolishing internal border controls, one might wonder whether this has actually been achieved. For example, in the early years, the abolition of internal border control between Schengen states did not occur automatically: in France, border controls were maintained after terrorist attacks in Paris, invoking Article 2 (2) of the CISA, allowing temporary security controls.118 Later, at the Schengen Executive Meeting of April 1996, the French government announced the reintroduction of internal border controls between France and Belgium and Luxembourg because those countries were regarded as transit countries for drugs leaving the Netherlands. Security checks, proposed fi rstly as anti-terrorism measures and later because of the problems with the Dutch soft policy on drugs, were temporarily maintained by the French government.119 In the Netherlands, special police units were established to check persons imme-diately inside internal borders in order to prevent illegal immigration. In practice, internal border controls were simply replaced in this country by mobile police units used to check immigrants within close proximity to internal borders.120 Th e (re-)introduction of the national obligation to carry an identity card was another measure to move border controls to the national territory.
From the perspective of third-country nationals, a positive achievement of the Schengen cooperation has of course been the right of free circulation for third-country nationals with a valid visa or residence permit within the Schengen terri-tory, even if this only granted the right to a maximum stay for a period of three months during the six months following the date of fi rst entry into the Schengen area.121 On the other hand, ‘Schengen’ did not include any provision to strengthen further the legal position of admitted migrants or migrants seeking entry on lawful grounds. On the contrary, with its focus on compensatory measures, including the emphasis on public order and security as grounds for refusing entry to migrants, the incorporation of ‘Schengen’ into EU law also meant the incorporation of these restrictive measures.
Schengen Verdragen’, in: Fijnaut, Stuyck & Wijtinck (1992), p. 13–54, and H.U. Jessurun d’Oliveira, Schengen uitgerangeerd?, NJB, no. 4, 1990, p. 129–131.
118 See, on the application of Article 2.2 CISA in practice, K. Groenendijk, Re-instatement of controls at the internal borders of Europe: why and against whom?, European Law Journal 2, 2004, p. 150–170.
119 A. Geddes, Immigration and European integration, Towards fortress Europe?, Manchester/ New York: Manchester University Press 2000, p. 83.
120 See K. Groenendijk, New Borders Behind Old Ones: Post-Schengen Controls Behind Internal Borders and Inside the Netherlands and Germany in: Groenendijk, Guild & Minderhoud (2003), p. 131–146.
121 In the judgment of 3 October 2006, C-241/05 (Bot), the ECJ gave a more liberal interpreta-tion of this freedom of circulation by refusing to narrow the defi nition of ‘fi rst entry’.
Brouwer ch-02.indd 45 4/4/2008 5:35:49 PM
46 Chapter 2
Speaking in terms of success, it is clear that the Schengen arrangements were attractive to EU and even some non-EU Member States wishing to participate in its operational aspect and in the more ambitious targets, without ‘the constraints’ of the judicial or democratic mechanisms of the community framework.122 Examples of Schengen law which were later used as models for regulations in the larger European framework include the Council Decision on principles for the conclusion of readmission agreements123, the Commission proposal for uniform visa lists based on negative lists set by Schengen countries124, the uniform visa format, and the Dublin Convention (later Regulation) which copied the CISA criteria for the responsibility for an asylum application.125
Concluding, I refer to a more recent similar development with the so-called Prüm Treaty , which Treaty also has been referred to as ‘Schengen III’.126 Like ‘Schengen I’ (the Schengen Agreement) and ‘Schengen II’ (the CISA), the Prüm Treaty was pre-pared within the intergovernmental framework. Th e Treaty was signed on 27 May 2005 by seven Member States (Austria, Belgium, France, Germany, Luxembourg, the Netherlands and Spain) and entered into force on 23 November 2006 between Austria, Germany and Spain. It provides for the facilitation of police cooperation including the mutual exchange of DNA profi les, fi ngerprints and vehicle registra-tion data.127 Th is Treaty is open to accession by other Member States and in 2006 the governments of Finland, Hungary, Italy, Portugal and Slovenia expressed their interest in joining the Prüm Treaty. Th e similarity between the role of Schengen Agreement and the Prüm Treaty for EU developments is clearly illustrated in a speech given in November 2006 by the Dutch Minister of Justice, describing the Prüm Treaty as follows: “Th e Prüm Convention is viewed by the Member States now participating as a pilot for cooperation, particularly in relation to the exchange of information, in preparation for European Union legislation in this area.”128 In 2006, the German government, presiding over the EU in 2007, already proposed integrating this Prüm Treaty within the legal framework of the EU.
122 A. Geddes (2000), p. 84. 123 OJ C 274, 19.9.1996. 124 COM (93) 684. 125 J. Monar, Th e Impact of Schengen on Justice and Home Aff airs, in: M. den Boer (ed.), Schengen
Still Going Strong. Evaluation and Update, Maastricht: EIPA 2000, p. 20. 126 Council doc. 10900/2005, 7 July 2005. See, for formal publication, the Dutch Tractatenblad
2005, 197. 127 Th . Balzacq, D. Bigo, S. Carrera & E. Guild, Security and the Two-Level Game: Th e Treaty of
Prüm, the EU and the Management of Th reats, CEPS Working Document no. 234, January 2006. See also E. Guild & F. Geyer, Getting local: Schengen, Prüm and the dancing procession of Echternach. Th ree paces forward and two back for EU police and judicial cooperation in criminal matters. December 2006. Both commentaries are available at: www.ceps.be.
128 Speech given by Mr. Hirsch Ballin in Vienna at a Prüm seminar, 16 November 2006, published at: http://www.justitie.nl/actueel/toespraken/archief2006/Prum-seminar.aspx.
Brouwer ch-02.indd 46 4/4/2008 5:35:49 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 47–70.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Chapter 3
Th e Schengen Information System“Th e purpose of the Schengen Information System shall be in accordance with this convention to maintain public policy and public security, including national secu-rity , in the territories of the contracting parties and to apply the provisions of this convention relating to the movement of persons in those territories, using informa-tion communicated via this system.”1
1. Th e Establishment of the SIS 2
1.1. Setting an Example: Th e Benelux Lists
During the development of the Schengen agreement and the CISA, the negotiat-ing states were inspired by the cooperation mechanisms already in operation between a smaller group of neighbouring countries: Belgium, the Netherlands and Luxembourg, or the Benelux countries. Th e basis for the abolition of inter-nal border controls between the Benelux countries was laid down in the Benelux Agreement on the shift of border controls on persons to the external borders , dated 11 April 1960. Th is agreement was followed by several treaties regulating cooperation in the fi eld of criminal law, including the Benelux Treaty on extradi-tion (1962), the Treaty on the execution of judicial decisions in criminal pro-ceedings (1968), the Agreement on administrative and criminal law cooperation (1969) and the Treaty on criminal law enforcement (1974).3
On the basis of Article 10 of the Benelux Agreement of 1960, third-country nationals regarded as unwanted aliens in one of the Benelux countries could be considered unwanted by the other two countries as well.4 However, this was not
1 Article 93 CISA.2 In this Chapter, I refer to “SIS” meaning SIS I; when I am dealing specifi cally with “SIS II”, I will
use “SIS II”.3 Th e (French and Dutch) texts of the diff erent Benelux treaties can be found at: http://www
.benelux.be/fr/dos/dos_intro.asp or http://www.benelux.be/nl/dos/dos_intro.asp.4 See, on the Benelux Agreement , A.H.J. Swart, De toelating en uitzetting van vreemdelingen,
Deventer: Kluwer 1978, p. 49 ff .
Brouwer ch-03.indd 47 3/13/2008 2:43:49 PM
48 Chapter 3
an obligation. Th e Ministerial Working Group of the Benelux countries, respon-sible for the implementation of the Benelux Convention, adopted a decision defi ning the situations in which a third-country national had to be considered unwanted by all three countries. Th is included persons convicted of a crime for which extradition would be possible and persons who, by their presence in the Benelux area, would pose a danger to the public order or national security . Based on this decision, a Minister of Justice in one of the Benelux countries, declaring a person to be ‘inadmissible’, could request the Minister of Justice in another Benelux country to declare this person ‘inadmissible’ as well in the latter state. Such a request could only be refused on special grounds, for example if the third-country national was lawfully resident in one of the countries to which the request was directed.
Th e diplomatic and consular posts of the Benelux countries used the common Benelux lists of persons not to be granted a visa without prior authorisation from the national authorities of the other Benelux partner declaring this person inadmis-sible or unwanted. Th ese lists were considered necessary because, in many third countries, the Benelux embassies and consulates of one state were empowered to issue a visa for the other two Benelux states as well. Th e Benelux list of ‘inadmissi-ble persons’ for one of the Benelux countries was incorporated into the national investigation records. Th e Benelux list was only used for visa applications. At a later stage, the list was transferred to a microfi che fi le. Th is fi le was administered by the Belgian government.5 For third-country nationals without a visa obligation, the Benelux countries agreed upon the desirability of a comparable list as mentioned above, but refrained from unilateral introduction, awaiting developments in the Schengen framework.6
According to the Dutch government in a memorandum to its parliament in 1987, the ultimate goal of the Benelux Convention of 11 April 1960 was not reached completely, mostly because of discrepancies in the application by the national authorities of the applicable rules. Th ese concerned the rules on the issue of a Benelux visa, the decision to grant access to the Benelux territory, the decision to remove a person from the Benelux territory and the declaration of a person as unwanted and the decision to record a person as unwanted or inadmissible.7 Other failures in the eyes of the Dutch government were the fact that the Benelux countries did not harmonise national law in all the relevant fi elds and their failure to amend the Convention in response to relevant social or international developments.
5 See the evidence of Professor Schermers before the Select Committee on the European Communities, House of Lords, 1992: Border Control of People (1989), p. 58.
6 Answers of the Dutch government to the parliament, 1987–1988, 20031, no. 4, p. 6 under point 43.
7 Handelingen Tweede Kamer 1986–1987, 20031, nos. 1–2, pp. 14–15.
Brouwer ch-03.indd 48 3/13/2008 2:43:49 PM
Th e Schengen Information System 49
1.2. Discussing the Purpose and Functioning of the SIS
As mentioned above, the Schengen cooperation focussed mainly on the need for compensatory measures for the abolition of internal border control. Th e Schengen Information System has been called the ‘heart’ of these compensatory measures, designed to play a key role in minimising the defi cits of the abolition of internal border controls.8 However, at the time of signature of the Schengen Agreement in 1985, the participating states did not yet envisage the establishment of an automated system for the exchange of data. Article 9 of the Schengen Agreement only instructed the contracting parties to improve, in accordance with their national laws, the exchange of information and to enforce the exchange of data where this could be useful for the fi ght against crime in the other Member States. Th e primary goal of this sharing of information would be the fi ght against crime. Nevertheless, as long ago as November 1985, the German delegation launched the idea of a computerised system, enabling the easy and quick exchange of data on persons, vehicles and objects.9
At the Ministerial conference of 14–15 September 1987, the Schengen govern-ments agreed on the creation of a computerised information system.10 According to the responsible Ministers and Secretaries of State, the eff ective functioning of the SIS would be a prerequisite for the abolition of border controls. In one of the earliest negotiation documents, the purpose of the SIS was defi ned as: “to main-tain public order and safety and to fi ght criminality”.11 Persons to be entered into the SIS would have to be: ‘persona non grata’ and persons whose place of resi-dence was unknown. According to this same paper, registration in the SIS would have to be based on national immigration law or on grounds of national security or public order. It was proposed that the legitimacy of these records be checked every fi ve years.
Th e negotiations on the development of a shared information system took place within the ‘fi rst pillar’ of the Schengen cooperation: the Working Group I on Police and Security (subgroup 4 on Data Exchange). On 17 December 1987, the Ministers installed a ‘Permanent Working Party SIS’, tasked with presenting, within eight months, a feasibility study for a system of automated information exchange. Th is Working Party, hereafter referred to as the PWP, started its work on 17 February 1988. Th e Group was composed of (permanent) delegations of national experts of both the police organisation and information technology
8 B. Schattenberg, SIS: Privacy and Legal Protection, in Schermers (1993), p. 45. 9 Hreblay (1998), p. 95. 10 Meetings of December 1987 (Berlin) and June 1988 (Remich). Report of the Central Group of
Negotiators on the activities of WG I over the second half of 1988, Brussels, 14 November 1988 SCH/I (88) 10.
11 Doc. SCH/I (88)7.
Brouwer ch-03.indd 49 3/13/2008 2:43:49 PM
50 Chapter 3
from each Schengen state.12 In September 1990, also at the request of the PWP, a Steering Group for the SIS was given the mandate to deal with legal, administrative, fi nancial and organisational matters which were not dealt by the PWP.13
When the negotiations on the establishment of a shared information system commenced, in early 1988, four of the fi ve Schengen states were already intro-ducing information technology for the collection and exchange of data in the police sector.14 Th ese national experiences were important for the negotiations on the technical and functional possibilities of a shared system. Th e feasibility study by the PWP was presented by the Schengen Ministers and Secretaries of State during the meeting of 12 December 1988. Th is study did not provide solu-tions which were immediately applicable. It only underlined the technical possi-bility of creating a shared information system. Furthermore, this study defi ned the principles which were considered necessary for the establishment of such a system. According to one of these principles, the only information that could be recorded and exchanged was that which could lead to action by police authorities or offi cials responsible for border control.15 Th is remained one of the central principles on which SIS I was based.
Th e feasibility study diff erentiated between two categories of data: objects and persons.
With regard to alerts concerning persons, the negotiators defi ned fi ve diff erent actions:
1. investigation for arrest for the purpose of extradition;2. refusal of entry or removal from the Schengen territory;3. investigation for detention for the purpose of preventing dangers;4. observation or surveillance; and5. retrieval of a person’s address.
In the feasibility study, diff erent possible technical solutions were presented. Th ese included the establishment of one central system, forwarding all essential data to the data systems of the participating states. Furthermore, the study considered the need to transmit complementary information, not through the shared information
12 See J.W. Hoeksma, H.L. Rensen, SIS moet voldoende bieden, niet meer en niet minder, Algemeen Politieblad, no. 8, 14 April 1990, p. 179–183.
13 SCH/C.OR. SIS (90) 2. See L.M.N. Kroon, European information systems: beyond borders? Barriers within the development process of the Schengen Information System and the Social Security Network, Delft: Eburon 1997, p. 120.
14 J. Dumortier Het Schengen Informatie Systeem en de bescherming van persoonsgegevens in: C. Fijnaut, J. Stuyck, P. Wytinck, Schengen: Proeftuin voor de Europese Gemeenschap?, Antwerp: Gouda Quint 1992, p. 140–141.
15 Hreblay (1998), p. 99–100.
Brouwer ch-03.indd 50 3/13/2008 2:43:49 PM
Th e Schengen Information System 51
system, but through the diff erent police organisations. Th e problems to be solved were: choosing the location of the central system, legal questions such as the system of data protection, and the arrangements which would be necessary for dividing the fi nancial costs for the information system.
In 1989, in Bonn, the Ministers of the participating states decided to locate the headquarters of the C-SIS in Strasbourg. Furthermore, the Ministers decided dur-ing this meeting that the ratifi cation of the Council of Europe Convention on Data Protection of 1981 would be a requirement for the participating states before exchange of personal data could take place. Additionally, with regard to data pro-tection, it was decided that national laws were to apply and national procedures on complaints had to be envisaged.16 In October 1991, the PWP issued an open tender for the development of the SIS computer technology. Initially, the choice fell to the consortium between the US company Arthur Andersen and the French computer group Bull. Politically, however, the governments opposed the idea of placing the order for such a large IT project, which was also a symbol of European cooperation, to a non-European company. Pressed by the German government, the former Prime Minister of France, Edith Cresson, demanded that Bull with-draw from the consortium with Andersen, forcing the latter to renounce its bid. Instead, the contract was give to a new consortium composed of the Anglo-French fi rm SEMA, the Bull group, and Siemens-Nixdorf in Germany.17
One may wonder why there was a need for a Schengen Information System with regard to police cooperation and the exchange of police information, when the European States had already been cooperating since 1923 through Interpol , the International Criminal Police Organisation.18 One of the reasons could be that Interpol was not based on an international treaty, such as the Schengen coopera-tion. Th erefore, implementation of the Interpol statute diff ered in the diff erent countries and the organisation was more of an assembly of national police offi cers, rather than a system which was organised and led by the national governments. Also, the goals of Interpol were more limited than the cooperation envisaged by the European governments. Even though its primary goals are comparable to those of Schengen, such as the prevention and repression of criminal crimes, Interpol does not concern itself with the implementation of the free movement of persons.
16 Th e national data protection regulations and the regulation in the CISA on data protection will be dealt with in the next chapter.
17 European squabbling round after ‘Schengen’ fl op, Fortress Europe? – Circular letter (FECL), March 1994. http://www.fecl.org/circular/2301.htm.
18 See E. Schlanitz, L’échange international d’informations de police dans le cadre des systèmes d’information d’Interpol et de Schengen, in: A. Pauly (ed.), Accords du Schengen: abolition des frontières intérieures ou menace pour les libertés publiques?, Maastricht: EIPA, 1993, p. 39–52.
Brouwer ch-03.indd 51 3/13/2008 2:43:49 PM
52 Chapter 3
Secondly, Interpol explicitly excludes cooperation in the fi eld of crimes of a politi-cal, racial, militant or religious character. Th is statutory limitation in the opera-tional fi eld of Interpol has also been one of the reasons why, in the 1970s and 1980s, the European ministers used the intergovernmental framework of Trevi and not Interpol in their fi ght against terrorism.19 Th e CISA does not exclude political facts as one of the goals of data exchange or police cooperation. On the contrary, the desire to identify and exclude “those known as security risks” can be regarded as one of the main incentives for the establishment of the SIS.20 As we will see below, this goal of the SIS, the upholding of public policy and public security, including national security , is explicitly defi ned in Article 93 of the CISA.
1.3. Structure
During the negotiations, the PWP seriously considered four options for data exchange between Schengen states.21 In the fi rst place, the negotiators considered the establishment of a direct connection between national databases in the Schengen states. Objections raised to this option were that Luxembourg did not then have a computerised database and the concern about diff erences between the content, the language, the concepts and the computer programs of the national systems. Secondly, it was proposed that a ‘Schengen Computer’ be established in each of the Schengen states, which could be linked to all the others through a net-work. Th e main objections to this option were the high costs of this structure and the necessity to maintaining many data connections. Th e third option was the construction of one central database. Th is would however require the author-ities in Schengen countries other than the country in which the database was located to make an international connection for each individual check. Th is would involve high costs and the need to establish an international administra-tion to supervise such a central database. Th e PWP therefore chose a fourth option: a system involving fi ve identical databases to be supplied with informa-tion through one central database. Th is included one central information system (CSIS ) connected to the national information systems (NSIS ) in each of the Schengen states. As long as the purpose of issuing these data and the content of the data were in accordance with the criteria of the CISA, the national authori-ties had to submit their data to the CSIS. Th e data are forwarded by the CSIS to each NSIS system in the diff erent Schengen states.
19 C. Fijnaut, Th e Internationalization of Criminal Investigation in Western Europe, in: C. Fijnaut & R. Hermans (eds.), Police Co-operation in Europe, Lochem: J.B. van den Brink, 1987, p. 32–56.
20 Guild (2001), p. 22. 21 Dumortier (1992), p. 142.
Brouwer ch-03.indd 52 3/13/2008 2:43:49 PM
Th e Schengen Information System 53
Using this system, which has fi nally been adopted in the CISA, the contents of each system, CSIS and NSIS, are exactly the same. Th e task of controlling whether the data submitted to the CSIS by the national authorities comply with the principles and criteria of the CISA has been assigned to a central offi ce at national level: SIRENE . Th is organisation plays an intermediary role between the NSIS and the CSIS.22
During the negotiations, the participating offi cials made it clear that the SIS should make it possible to identify persons or goods searched by the national authorities of one of the Schengen states on an easy and fast manner, without excessively hampering the circulation of travellers crossing external borders . Th erefore, the SIS would have to contain only the necessary information for the requested action and the SIS terminals would have to be easy accessible, compara-ble to the national police systems already used in the diff erent Schengen countries. An offi cer checking the system should also be clearly informed about the actions to be taken. Th e problem of language and the use of diff erent concepts was solved by the introduction of a structure of limited categories of data to be stored in the system, clearly describing clearly the actions to be taken each time a check on the SIS resulted in a ‘hit’. One of the major advantages of this system would be that it resolved the normal problems of translation, since each recipient could deduce all the relevant information from the location of the data in the system.23
Th e Schengen Information System was further to be based on the so-called ‘ownership’ principle, according to which only the state storing the data in the SIS would be responsible for the accuracy of these data and only this state could change or delete these data in the SIS. Accordingly, changes to the SIS data could only be forwarded to the central system by the state who ‘owned’ the data. As one of the consequences, it was decided that the issuing state is ultimately lia-ble for any sums paid as compensation for an injury to a person, caused by the use of the SIS (Article 116 CISA).
1.4. Final Purpose and Categories of Entries
At the beginning of the negotiations on the SIS, the participating states mainly focussed on the use of such a system for security and police purposes. In a draft text of 1988, the purpose of the information system was still described as to “guarantee public order and security and fi ght criminality on the territories of the Contracting Parties, with the help of the information received by this system”.24
22 Th is name is derived from the English description: Supplementary Information Request at the National Entry.
23 Donner (1993), p. 14. 24 88 (SCH/1 (88) 7) 27.10.1988, para. 2.2.
Brouwer ch-03.indd 53 3/13/2008 2:43:50 PM
54 Chapter 3
Later, at the initiative of the Dutch government, this was extended to the applica-tion of immigration law, including the fi rst visa issue procedure and later with regard to the provisions on the movement of persons.25 Th e fi nal defi nition of the purpose of the SIS, described in Article 93 CISA, includes a more general aim of regulating the movement of persons in the Schengen area. Article 93 reads:
“Th e purpose of the Schengen Information System shall be in accordance with this convention to maintain public policy and public security, including national security , in the territories of the contracting parties and to apply the provisions of this con-vention relating to the movement of persons in those territories, using information communicated via this system.”
According to Article 94 of the CISA, the SIS may only contain data as required for one of the purposes mentioned in Articles 95–100 of the CISA. Th e decision regarding whether a certain case is important enough to warrant entering the alert into the SIS is to be taken by the national authorities. We will see later that the procedure of national decisions on entering data into the SIS is organised in diff erent ways in each of the contracting parties.
Th e Articles 95 to 100 provide for the following categories of persons to be entered into the SIS:
1. Persons wanted for arrest for extradition purposes (Article 95);2. Th ird-country nationals to be refused entry (Article 96);3. Persons who have disappeared who need to be placed in a secure location to
protect their safety (Article 97);4. Persons (such as a witness or a person being prosecuted) whose whereabouts
are sought by the judicial authorities during the course of a prosecution (Article 98);
5. Persons (or objects) for the purpose of discreet surveillance or specifi c checks, following indications that a person “intends to commit, or is committing numerous and extremely serious off ences” or “where an overall evaluation of the person”, particularly his or her prior off ences, “gives reasons to suppose” that he or she “will also commit extremely serious off ences in future” (Article 99).
Article 100 CISA concerns objects for the purposes of seizure or for evidence in criminal proceedings. Whether a national authority has access to the SIS depends on the grounds on which a person or object was entered into SIS. Th e appointment of national authorities having access to the SIS is in principle a decision for the national state. According to Article 101 (4), the contracting parties must however send a list of the appointed authorities to the Executive Committee each year and, since 1999, to the JHA Council.26 Also, Article 101 provides that only the
25 Dumortier (1992), p. 142. 26 See, for example, 6265/1/03 and 16023/04 of 10 December 2004.
Brouwer ch-03.indd 54 3/13/2008 2:43:50 PM
Th e Schengen Information System 55
authorities responsible for border checks and other police and customs checks carried out within the country may have access to the data entered into the SIS. With regard to the data entered on the basis of Article 96 this is extended to author-ities responsible for issuing visas, central authorities responsible for examining visa applications and the authorities responsible for issuing residence permits and for “the administration of legislation in the context of the application of the provisions of this convention relating to the movement of persons”.
During the negotiations on the CISA, the French government insisted on the inclusion of the possibility of a prior check regarding whether a request for a per-son’s arrest was in compliance with French law.27 Based on this request, Article 94 (4) stipulates that it is possible to add a ‘fl ag’ to an alert in the national section of the SIS.28 Th is is a note, prohibiting the national authorities from arresting the person on its territory. Th e fl ag subsequently allows the requested state 24 hours to conduct the legal examination.
1.5. Problems During the Construction Phase
Th e date on which the SIS should have become operational was postponed sev-eral times. It should be noted that these deadlines were always set by the meet-ings of the Schengen Executive Committee and the Central Group and not by the negotiating groups of national experts. For example, the fi rst deadline, to have the SIS operational on the same date as the creation of the internal market, 1 January 1993, was based much more on the political will of the Schengen Ministers than on the expertise of its offi cials that such a date would be techni-cally feasible. Only when it became clear that the deadline of 1 February 1994 could not be met either, by which time the Schengen governments were develop-ing a ‘phobia about mentioning dates’, it was decided that no new deadline would be set.29 Th eir negotiators in the PWP and Steering Group were given the freedom to take those measures considered necessary for the functioning of the SIS and to solve the remaining problems.
Th ere were several reasons for postponing the start of the SIS, including legal, technical, practical and political problems. One legal problem was for example the national ratifi cation procedures which were necessary for the implementation of CISA. In some countries, the integration of CISA and the SIS required amend-ments to national law, such as in France and Germany. Technical problems dur-ing the construction phase were for example the delays in the delivery of products by the consortium which was given the task of building the SIS. A practical
27 See, for the reasons for this request, my Chapter on France. 28 French constitutional law did not allow national authorities to comply with international arrest
requests without prior examination by the French courts. 29 Migration News Sheet, April 1994, no. 133/94, p. 1.
Brouwer ch-03.indd 55 3/13/2008 2:43:50 PM
56 Chapter 3
problem causing delay was the fact that some countries did not come forward with their lists of authorised end users of the SIS on the basis of Article 101 CISA. Finally, at the political level, there was the temporary reluctance of the French government to proceed further with the SIS. To solve the various prob-lems, the Central Group formulated seven conditions for the entry into force of the CISA in its Madrid meeting of 30 June 1993. Th ese included:
– the implementation of external border control and the use of a common handbook;
– the regulation of common visa issue and common instructions for consular and diplomatic posts;
– a common treatment of asylum seekers;– the implementation of the CISA provisions on drugs policy; and– the regulation of freedom of movement of persons in airports.
In 1993, the process of negotiations on the SIS reached its lowest point, which resulted in the establishment of a Crisis Team (‘cellule de crise’) in November 1993.30 Th e German government threatened to walk out of the Schengen Group if more demands were made to compensate for the removal of internal borders . Furthermore, it stated that it would concentrate its eff orts at the level of the 12 EU States. Th en, in the Spring of 1994, the French government – which did not want to be seen as being responsible for a possible failure of the Schengen initiative – assured its partners of its commitment to work towards the abolition of internal borders within the Schengen framework. Th at this commitment was not without limitations can be illustrated by the fact that, in November 1994, the same government stated before the French Parliament that it was out of the question that France would suppress checks at French borders if a certain number of obstacles were not removed, including the Dutch position on the control of drugs traffi cking.31
Th e loading of data into the SIS started on 22 December 1994. On that same date, at its meeting in Bonn, the Executive Committee of Schengen decided that the “irreversible implementation” of the Convention would take place on 26 March 1995. Th is date was chosen to facilitate the technical separation of travellers for the Schengen airports since, on 26 March, continental Europe would switch over to summer time, which included the airlines’ changeover to their summer timetables. Since the SIS became fi nally accessible for its end users on 26 March 1995, this date is also regarded as the date of the entry into force of the CISA. As we will see in Chapter 5, a comparable situation arose with regard
30 MNS, February 1994, no. 131/94, p. 2. 31 MNS, December 1994, no. 141/94, p. 2.
Brouwer ch-03.indd 56 3/13/2008 2:43:50 PM
Th e Schengen Information System 57
to the development of the SIS II. Similarly, based on technical problems and delays with regard the measures to be taken in the diff erent Member States, the Commission announced in 2006 that the date for the operation of SIS II would be postponed until the end of 2008.
2. Legal Basis
With the entry into force of the Amsterdam Treaty , the Schengen acquis was incorporated into the EU framework. Th is incorporation included the need to decide upon the precise legal basis of every legal instrument from the Schengen acquis. Th is determination of the legal basis, whether in the EC or EU Treaty, was unproblematic for most provisions and decisions.32 For diff erent reasons, the EU Schengen states were not able to reach agreement on the legal basis of the Schengen Information System. As a result of this failure to reach a decision, for the time being the SIS is considered as having its legal basis in the third pillar or Title VI of the EU Treaty. Article 5 (2) of the Schengen Protocol implies that whenever legal parts of the Schengen acquis are amended, the exact legal basis, EC or EU, needs to be addressed.33 Th is means that whenever decisions on the use or functioning of the SIS are to be made, the legal basis of the SIS has to be determined.
3. Participants
3.1. Nordic Countries
Article 6 of the Nordic Passport Control Agreement of 1957 includes a regula-tion on a “joint negative list” of third-country nationals who are to be refused entry at the common Nordic external borders . Th is list was not computerised until 1991, due to the fact that when the Nordic Passport Control Agreement came to existence, information technology was still in its infancy.34
In 2000, the Nordic countries adopted a supplementary agreement to the Nordic Passport Control Agreement to deal with the participation of the Nordic
32 Council Decision 1999/435 of 20 May 1999 concerning the defi nition of the Schengen acquis and 1999/436 of 20 May 1999, determining the legal basis for each of the provisions or deci-sions which constitute the Schengen acquis, OJ 1999 L 176/1; see, for the publication of the whole Schengen acquis, with exception of confi dential sections, OJ 2000 L 239/1, 22.09.2000.
33 N. Bracke, Flexibility, Justice Cooperation and the Treaty of Amsterdam , in Marinho (2001), p. 59.
34 H. Fode, Nordic Experience on Criminal Law, in: Schermers (1993), p. 61–69.
Brouwer ch-03.indd 57 3/13/2008 2:43:50 PM
58 Chapter 3
countries in the Schengen acquis .35 Based on this supplementary agreement, the common Nordic register of entry prohibitions has been replaced by the SIS. Article 2 of the supplementary agreement states that a contracting state can only refuse a person entry, if the person in question is registered in the SIS. Th is Article supplements the provision concerning the rejection of third-country nationals appearing on one of the Nordic countries’ lists of expelled persons. Council Decision 2000/777 of 1 December 2000 on the full application of the Schengen acquis in Denmark, Finland, Sweden, Iceland and Norway took eff ect on 25 March 2001.36 Between 1 December 2000 and 25 March 2001, the Nordic countries were already loading data into the SIS, except for the data on persons to be refused entry.
3.2. Th e UK and Ireland
Th e UK and Ireland did not participate in the use of SIS I. As we have seen in the previous Chapter, on the basis of the Protocol to the Treaty of Amsterdam , Ireland and the UK can take part in all or some of the provisions of the Schengen acquis . In March 1999, the UK asked to take part in some fi elds of Schengen policy, including police and judicial cooperation in criminal matters, the fi ght against drugs and the Schengen Information System (SIS). In a Decision of 29 May 2000, the Council approved the request from the UK, including its participation in the establishment and operation of SIS, except for the provisions of Article 96 CISA concerning the data on third-country nationals to be refused entry.37
In June 2000, Ireland asked to take part in some aspects of Schengen, which more or less matched to the content of the request from the UK. In 2002, with the decision on the partial participation of Ireland in the Schengen acquis , the Council agreed upon the future use of the SIS except with regard to data on third-country nationals based on Article 96 CISA.38
Although the UK and Ireland did not have access to SIS I, offi cials from these countries did join the decision-making on other provisions concerning the Schengen Information System. Th ese decisions included the apportion-ment of the costs of the SIS (Article 119 CISA), the decisions of the Schengen Executive Committee on the future of the SIS, including the awarding of the tender for the SIS II preliminary study, and on the SIRENE Manual.39 Th e UK government strongly advocated the possibility for UK and Irish offi cials to
35 Source: K. U. Kjaer (2003), p. 84. 36 OJ 2000, L 309/24; see declaration in OJ 2000, L 309/28. 37 OJ L 131, 1.6.2000. 38 Council Decision 2002/192/EC of 28 February 2002 concerning Ireland’s request to take part
in some of the provisions of the Schengen acquis , OJ L 64, 7.03.2002. 39 SCH/Com-ex (97) 24, SCH/Com-ex (97) 2 rev. 2, and (SCH/Com-ex (99) 5, respectively.
Brouwer ch-03.indd 58 3/13/2008 2:43:50 PM
Th e Schengen Information System 59
have access to the data on third-country nationals to be entered into the SIS by other countries. Th is would allow national authorities to compare national alerts on third-country nationals with alerts in other countries. A Working Group proposed a technical solution, according to which Article 96 data would be fi ltered out, so that they would not be accessible to authorities of the UK or Ireland, but this proposal was not further developed.40 During the meeting of the JHA Council in June 2002, the EU Member States agreed on the principle that the UK and Ireland could participate in the development of SIS II.41
3.3. Switzerland
In October 2004, an Agreement was signed between the European Union, the European Community and the Swiss Confederation on the association of the Swiss Confederation with the implementation, application and development of the Schengen acquis .42
In the Swiss referendum of 5 June 2005, the population of Switzerland agreed to sign the CISA. Th e accession of Switzerland to the CISA is envisaged in 2008. Th is will also grant access by the Swiss authorities to the SIS II.
3.4. Accession of New EU Member States
In 2004, the EU was enlarged by ten new Member States. In 2007, the EU was joined by Bulgaria and Romania. As we saw in Chapter 2, Article 8 of the Schengen Protocol stipulates that new EU Member States should accept in full the Schengen acquis , including the measures adopted on the basis of the CISA. Th is means that the new EU members must participate in the use of the SIS as well. Depending on whether these countries provide for suffi cient technical and legal guarantees, the new EU Member States are scheduled to gain access in 2008 to the second generation SIS.
4. SIS and Th ird-Country Nationals: Exclusion of ‘inadmissible aliens’
4.1. Draft Texts
Th e idea of exchanging information on ‘inadmissible aliens’, using the Schengen Information System, was based on the existing cooperation between the Benelux
40 9273/02 SIS 34 COMIX 359. 41 Conclusions of the JHA Council, 9620/02 (Press 175), p. 17. 42 OJ L 370 of 17.12.2004.
Brouwer ch-03.indd 59 3/13/2008 2:43:50 PM
60 Chapter 3
countries to share information on persons who would have to be refused entry at their external borders . In one of the earliest notes dealing with the criteria for third-country nationals to be listed in the SIS, of 25 April 1988, the Dutch dele-gation issued a proposal for categories of persons to be entered into the SIS for the purpose of refusal entry at external borders.43 Th is proposal included, fi rstly, the two categories currently reported by the Dutch authorities to NSIS, includ-ing persons against whom a formal residence ban has been issued and persons who are reported as inadmissible. Secondly, the Dutch delegation proposed entering persons in the SIS to whom no visa should be issued without the prior approval of the national visa agency and, thirdly, persons whose asylum applica-tions had been rejected. Th is latter category would allow border offi cials to assess whether an asylum applicant had already applied for asylum in another Schengen State. Th e Dutch authorities had already processed the fi rst three categories of data within the framework of the Benelux cooperation.44 Finally, as we will see below, those refused asylum were not entered into the SIS, but this proposal was later implemented separately through the establishment of Eurodac . Th e proposal to enter persons into the SIS for the visa application procedure as well was restated during the negotiations in 1989.45
Later drafts on the defi nition of ‘inadmissible aliens’ to be registered in the SIS were very short and in practice gave the participating states complete discretion-ary power. For example, according to a draft dated November 1988, the SIS would contain data on “persons, who are by one of the contracting parties declared as an inadmissible alien, with the aim to be refused entry to, or to be expelled from the territory of the contracting parties”.46
4.2. Article 96 CISA
Article 96 CISA reads:
1. Data on aliens for whom an alert has been issued for the purposes of refusing entry shall be entered on the basis of national alert resulting from decisions
43 Note by the Dutch Delegation to Working Groups I and II, Brussels, 25 April 1988, SCH/I+II-imm+c.fr (88) 5.
44 Th e Dutch note even included the estimated numbers of persons to be entered into the NSIS according to these criteria, including 2,000 persons with a formal residence ban, 2,000 reported inadmissible persons, 6,015 visa applicants for whom prior approval would be necessary, and 10,675 rejected asylum seekers.
45 Working Group I, 7 August 1989, SCH/I (88) 7, 12th revision. 46 Article 2.5, Working Group I ‘Police and Security’, 16 November 1988, SCH/I (88) 7, second
revision.
Brouwer ch-03.indd 60 3/13/2008 2:43:50 PM
Th e Schengen Information System 61
taken by the competent administrative authorities or courts in accordance with the rules of procedure laid down by law.
2. Decisions may be based on a threat to public policy or public security or to national security which the presence of an alien in national territory may pose.
Th is situation may arise in particular in the case of:a. an alien who has been convicted of an off ence carrying a penalty involv-
ing deprivation of liberty at least one year;b. an alien in respect of whom there are serious grounds for believing that he
has committed serious criminal off ences, including those referred to in Article 71, or in respect of whom there is clear evidence of an intention to commit such off ences in the territory of a contracting party.
3. Decisions may also be based on the fact that the alien has been subject to measures involving deportation, refusal of entry or removal which have not been rescinded or suspended, including or accompanied by a prohibition on entry or, where applicable, a prohibition on residence, based on a failure to comply with national regulations on the entry or residence of aliens.
Article 96 provides three categories of grounds for entering a third-country national into the SIS: fi rstly, it allows for the reporting of third-country nationals who are convicted of an off ence which carries a penalty involving deprivation of liberty of at least one year. Secondly, it refers to third-country nationals who are suspected of either having committed serious criminal off ences or of planning to commit those off ences on the territory of one of the Schengen states, Th irdly, persons who have not complied with national immigration law and therefore have been subjected to deportation measures, refusal of entry or removal may also be entered in the SIS. Th e fi rst two reasons for reporting a person in the SIS are based on the assumption that the presence of this individual on one of the Schengen countries’ territories poses a threat to public policy, public security or national security . Th e goal of the third criterion is to be found in the implemen-tation of national immigration law.
According to Article 5 (1) CISA, including rules on the conditions of entry, the fact of being registered in the SIS precludes this person from being allowed entry to one of the territories of the Schengen states. Th e same applies to the issue of a visa: according to Article 15 CISA, Schengen states may only issue a short-stay visa (stays not exceeding a period of three months) to persons who ful-fi l the conditions mentioned in Article 5 (1) CISA. Th is implies that, before issu-ing a visa, the national authorities should check the NSIS. With regard to a long-stay visa, Article 18 provides that these visas be issued according to national law. In practice, this also means that national offi cers will check the SIS before issuing a long-term residence visa to a third-country national.
Brouwer ch-03.indd 61 3/13/2008 2:43:50 PM
62 Chapter 3
When a contracting party considers granting a residence permit to a third-country national who is entered in the SIS for the purposes of refusing entry, according to Article 25 (1) CISA it should fi rst consult the contracting party issuing this alert. Only for substantive reasons, based on humanitarian grounds or for reasons involving international commitments, the fi rst state may issue a residence permit to the person concerned. If a residence permit is issued, Article 25 (2) states that the state issuing the alert should withdraw this alert from the SIS. Th is state may put the third-country national on its national list.
As we will see in Chapter 4 on the development of SIS II, the text of Article 96 CISA is almost literally copied into the new text of the SIS II Regulation. In 2006, the conditions of entry in Article 5 CISA have been replaced by the almost identical provision of Article 5 in the Schengen Borders Code .47
4.3. Defi nition of ‘inadmissible’: Discretionary Power of National Governments
Th e defi nition of “third-country nationals for the purpose of refusal of entry” in Article 96 CISA seems to be based on two concurring thoughts. On the one hand, the criteria as stated in Article 96 (2) and (3) should prevent arbitrary implementation with regard to the reporting of ‘inadmissible aliens’. On the other hand, this provision should leave enough discretionary power to the national authorities. An important incentive for a shared information system would have been the acknowledgement that notions of ‘public safety and security’ could not be harmonised.48 Th is lack of harmonisation had to be resolved by establishing a common list of inadmissible persons. However, the assumption that the criteria on public safety and security could not be harmonised better describes the politi-cal rather than the legal reality. As we will see below, with regard to the protection of the free movement of EU citizens and privileged non EU citizens, the ECJ provided a defi nition of ‘public order and security’ which could have been used for a larger group of non-EU citizens.49 Th e participating states clearly preferred an accumulation of their national public order criteria, rather than developing harmonised, common criteria for the application of the SIS.
Articles 96 (2) and (3) are based on the general principle that whenever third-country nationals meet the criteria listed in these provisions, this is suffi cient for these persons to be regarded as a threat to public order and security, or as a risk to illegal immigration. In other words, if the authorities decide to enter an individ-ual into the SIS, they do not have to indicate the specifi c risk this person entails
47 Regulation 562/2006, OJ L 105, 14.04.2006 to be dealt with further in Chapter 9. 48 Donner (1993), p. 12. 49 For example, in Bouchereau, 27 October 1977, C-30/77 and Adoui and Cornuaille, 18 May
1982, C-115/81 and C-116/81.
Brouwer ch-03.indd 62 3/13/2008 2:43:50 PM
Th e Schengen Information System 63
with regard to ‘national security ’ or ‘illegal immigration’. Th e decision to enter a third-country national into the SIS is however limited by the general requirement implied in Article 94 CISA. Th is provision states that national authorities issuing an alert should “determine whether the case is important enough to warrant entry of the alert in the Schengen Information System”. In practice, as we will see in the Chapters on the national implementation of Article 96, this provision does not seem to have played a large role.
A comparable mechanism for excluding inadmissible migrants which is incor-porated into the Schengen acquis are the visa lists. As defi ned by Swart, the func-tion of a visa is “to subject a third-country national to an examination of whether the stay this person is seeking is permissible and desirable”.50 Where the visa itself is the instrument used to control immigration, visa lists are in fact no more than the agreement between groups of countries to apply the visa requirement for the same group of third countries. However, the result of being a national of one of those latter third countries is that this person will be aff ected by the consequences of profi ling, regardless of her or his individual behaviour or purpose of the visit. Th erefore, in the decision-making process with regard to visa applications, gov-ernments are making use of profi ling on two levels. In the fi rst place, every national of a state which is labelled by the EU countries as generating a risk of ‘illegal immigration’, ‘crime’, or ‘to international relations’, must obtain a visa before entering those European countries. In the second place, a person will be subjected to profi ling with regard to his or her visa application itself. Th e offi cial at a national embassy or immigration offi ce will assess the legitimacy of the appli-cant’s reasons for visiting Europe by calculating the risk of this person of over-staying his or her visa, applying for asylum , or the individual risk to security. Th e criteria used for assessing these risks, are (apart from nationality) the age, gender, income and family situation of the applicant.51
4.4. EU Citizens and Benefi ciaries of EC Law
Th e powers of Member States to restrict the rights of entry and residence of EU citizens based on reasons of public policy, public security or public health are limited by the adoption of Directive 64/221 on the coordination of special meas-ures concerning the movement and residence of foreign nationals.52 Th e circum-stances in which the freedom of movement of EU citizens can be limited have
50 A.H.J. Swart, De toelating en uitzetting van vreemdelingen, Deventer: Kluwer 1978, p. 67. 51 See also B. Puntervold Bø, Th e Use of Visa Requirements as a Regulatory Instrument for the
Restriction of Migration, in: A. Böcker et al., Regulation of Migration. International Experiences. Amsterdam: Het Spinhuis Publishers 1998, p. 191–202.
52 OJ 56, 4.4.1964. Th is Directive has been replaced by Directive 2004/38, see also Chapter 9.
Brouwer ch-03.indd 63 3/13/2008 2:43:50 PM
64 Chapter 3
been further narrowed in the jurisprudence of the ECJ. In the Bouchereau case, the ECJ formulated the well-known criteria that there must be a genuine and suffi ciently serious threat to the requirements of public policy aff ecting one of the fundamental interests of society.53 For a long time, these ECJ criteria did not seem to play an important role with regard to the national practice of reporting third-country nationals into the NSIS. Th e European Commission however repeatedly urged the Schengen partners to apply the criteria of Directive 64/221 to third-country nationals who are family members of EU citizens as well, in order to guarantee to the latter the right to freedom of movement under the EC Treaty. Responding to this pressure from the Commission, in 1996 the Schengen Executive Committee adopted a declaration defi ning ‘aliens’ as referred to in Articles 1 and 96 of the CISA.54 According to this declaration, the general rule should be that individuals, including third-country nationals, who are benefi ci-aries of Community law are not to be reported into the SIS. Family members of EU citizens who are third-country nationals and who have the right on the basis of EC law to enter and to reside in a Member State, as well as nationals of Iceland, Liechtenstein and Norway, and later Switzerland, may be entered into the SIS if “this entry would be compatible” with Community law. If a benefi ciary of EC law is entered into the SIS and this is not in accordance with Community law, he or she should be deleted from the list.
As pointed out by Eicke, the declaration of 1996 does not comply fully with the Court’s criteria. Th e decision to exclude or expel a person from a national ter-ritory is only allowed based on the actual threat this person represents to this terri-tory. In other words, being a threat to one Member State does not justify excluding that individual from all other states.55 Th e ECJ made this clear in its fi rst judg-ment with regard to the SIS and the registration based on Article 96 CISA. In this judgment, Commission v. Spain, of 2006, the ECJ ruled that registration in the SIS of two non-EU citizens who were married to EU nationals could not auto-matically result in the decision of the Spanish authorities to refuse them a visa or admission to Spanish territory.56 Th e judgment of the ECJ, and the point made by Eicke, is very important considering the legitimacy of the principle on which the functioning of the SIS is based. Th ere is a clear tension between the principle of the mutual recognition of national immigration decisions relating to public order or security grounds on the one hand and, on the other hand, the protection of the
53 Bouchereau, C-30/77, 27 October 1977, ECR [1977], p. 1999, para. 30. 54 Declaration of 18 April 1996, SCH/Com-ex, (96) decl. 5. 55 T. Eicke, Paradise Lost? Exclusion and Expulsion from the EU, in Groenendijk, Guild &
Minderhoud (2003), p. 163. 56 Commission v. Spain, 31 January 2006, C-503/03. Th is judgment will be discussed further in
Chapter 9.
Brouwer ch-03.indd 64 3/13/2008 2:43:50 PM
Th e Schengen Information System 65
rights of third-country nationals benefi ting from EC law. Th e application of Article 96 in conjunction with Article 5 CISA is in sharp contrast with the criteria established by the Court of Justice regarding EU citizens and third-country nationals who are benefi ciaries of EU law. Whereas, for these latter groups, public order restrictions may exclusively be based on the personal conduct of the person concerned, the criteria of Article 96 are vague and leave the applying states a wide margin for interpretation.57 Meanwhile, the group of ‘benefi ciaries of EC law’ has been extended and includes third-country nationals deriving rights from the EC Directive 2003/86 (third-country nationals seeking family reunifi cation ) and 2003/109 (long-term resident third-country nationals). Also, for these groups of third-country nationals, the respective Directives require stricter rules as to the interpretation of public order and national security grounds.
Another problem with regard to the implementation of the CISA rules to the NSIS is that this requires a standard check of the NSIS when controlling third-country nationals, regardless of whether these controls take place at the borders, within the national territory, or for visa applications at consulates or embassies abroad. Th is systematic checking of persons may result in a practice which is con-trary to the principles of free movement as protected by EC law. As underlined by the ECJ in the judgment Commission v. Belgium, identity checks on EU nationals at the internal borders of the single market need to be sporadic, not “systematic, arbitrary or unnecessarily restrictive” and only identity controls are allowed.58 Th is also means that EU citizens cannot be required to answer questions on the pur-pose and the duration of their stay or the fi nancial means at their disposal before they are permitted to enter the territory of another Member State.59
5. Practical Implementation of SIS: Statistical Data on the Number of Records and SIS-Based Hits
Due to the lack of centralised, regularly updated information, it is diffi cult to assess the added value and practical usefulness of SIS. Th e last annual report on the imple-mentation of the Schengen Convention of the Schengen Executive Committee was published in 1999. Th is report contained data on the use of the SIS in 1998. After this report, information on the number of records in SIS in 2000 and 2001 were only published occasionally and by diff erent organisations. For example, the
57 E. Guild, Security of Residence and Expulsion of foreigners: European Community Law in Guild & Minderhoud (2001), p. 59–80.
58 C-321/87 [1989] ECR 997. 59 See the case, Commission v. the Netherlands, C-68/89 [1991] ECR I-2637.
Brouwer ch-03.indd 65 3/13/2008 2:43:50 PM
66 Chapter 3
Schengen Joint Supervisory Authority or JSA (see below, Chapter 7) published data in its fourth and fi fth annual reports on the content of the SIS. However, no such information was included in the sixth report of the JSA on 2002–2003. Th ere are some statistical data included in the ‘Report of the ad hoc group for the study of 3rd pillar information systems’ to the Council in 2003.60 In this report, the ad hoc group compared the existing EU databases, including the SIS, Eurodac , the Customs Information System (CIS), the Anti-Fraud Information System (AFIS), and the databases of Europol . An important conclusion by this ad hoc group is that, at the stage in its research, insuffi cient information was available on the content and the current usage of the systems. Only since 2005 has the Council Secretariat published annual database statistics on the number of records registered into the SIS. Th ese publications can be retrieved from the public register of the Council.61
According to the report of the ad hoc group for the study of 3rd pillar infor-mation systems in 2003, the NSIS data could be consulted by approximately 125,000 terminals in the Schengen States. By 2005, the SIS included more than 15 million records on objects and persons.62 Approximately 6% of these records concerned persons who were registered in the SIS for more than one purpose. As we saw in section 1.4, the categories on persons include persons wanted for arrest or extradition (Article 95 CISA); third-country nationals (non-EU and non-EEA citizens) to be refused entry (Article 96 CISA); missing persons or those to be placed under temporary police protection (Article 97 CISA); wit-nesses or other persons summoned to appear in court (Article 98 CISA); and persons wanted for ‘discreet surveillance’ or specifi c checks (Article 99 CISA).
5.1. Numbers of Persons Entered in SIS
With regard to the total number of records on persons in the SIS between 1999 and 2005, the following information can be derived from the above reports.63
Data for 1999 64
Total persons entered into SIS: 855,887Article 95: 10,419 Article 96: 764,851 (89%)Article 97: 27,436 Article 98: 35,806 Article 99: 17,365
60 Doc. 8857/03, 6 May 2003. 61 http://register.consilium.europa.eu. 62 See the fi gures in the tables included in the next section. 63 Th e author did not fi nd any information on 2002. 64 31.12.1999, source: Justice report, Th e Schengen Information System. A human rights audit,
London 2000.
Brouwer ch-03.indd 66 3/13/2008 2:43:50 PM
Th e Schengen Information System 67
Data for 2000 65
Total persons entered into SIS: 842,255Article 95: 10,914 Article 96: 750,347 (89%)Article 97: 28,362 Article 98: 35,297 Article 99: 17,335
Data for 2001 66
Total persons entered into SIS: 803,160Article 95: 11,628 Article 96: 709,763 (88%)Article 97: 29,132 Article 98: 30,763 Article 99: 21,874
Data for 2003 67
Total persons entered into SIS: 877,655Article 95: 14,023 Article 96: 780,992 (89%)Article 97: 32,211 Article 98: 34,413 Article 99: 16,016
Data for 2004 68
Total persons entered into SIS: 883,511Article 95: 14,902 Article 96: 785,631 (89%)Article 97: 34,400 Article 98: 32,696 Article 99: 15,882
Data for 2005 69
Total persons entered into SIS: 818,673Article 95: 15,012 Article 96: 714,078 (87%)
65 23.05.2000, source: report C.SIS Exploitation team, 4th annual report Schengen Joint Supervisory Authority.
66 28.02.2001, source: 5th annual report Schengen Joint Supervisory Authority. 67 Data on 5.03.05, described in doc. 8857/03. See also the Statewatch/Ben Hayes report 2004. 68 Report from the C.SIS Exploitation team, 01/01/2004 at 00.00 (unpublished). 69 Data from the C.SIS at 010/1/2005 at 00.00. SIS Database Statistics from the Presidency to the
SIS-TECH Working group, 8621/05, 2 June 2005.
Brouwer ch-03.indd 67 3/13/2008 2:43:50 PM
68 Chapter 3
Article 97: 36,235 Article 98: 35,317 Article 99: 18,031
Data for 2006 70
Total persons entered into SIS: 882,627Article 95: 15,460 Article 96: 751,954 (85%)Article 97: 39,011 Article 98: 45,189 Article 99: 31,013
Th e statistics above show that, since 2005, the percentage of records on third- country nationals to be refused entry decreased, while the amount of data for the other categories has increased. In particular, the number of Article 98 alerts (wit-nesses) and Article 99 alerts (discreet surveillance) increased over the past two years. Th is seems to be an indication that Member States are starting to use the SIS increasingly for criminal law proceedings, instead of immigration law pur-poses. Th e increase in Article 95 reports can be explained by the implementation of Council Framework Decision 2002/584 on the European Arrest Warrant and the surrender procedures between Member States.71 On the basis of this Framework Decision, Member States can enter an alert on a requested person into the SIS on the basis of Article 95 CISA.
5.2. Numbers of Hits Based on Searches Performed of the SIS
Data regarding hits are reported annually by the national SIRENE bureaux to the General Secretariat of the Council.72 With regard to the numbers of ‘hits’ based on the SIS, in other words the number of times authorities fi nd a record in the SIS on individuals checked by these authorities, Article 96 hits produces the largest number. Between 1997 and 2004, hits on third-country nationals based on Article 96 CISA constituted about 60–70% of the total number of hits on persons.73 In 2004, the percentage of hits on third-country nationals dropped to 57% of the
70 SIS Database Statistics dated 01/01/2006, 5239/06, 12 January 2006. 71 Framework Decision of 13 June 2002, OJ L 190, 18.7.2002. 72 See, for the table of hits for the period 1 January to 31 December 2004, 6335/05, 23 February
2005, and for the table of hits for the period 1 January 2005 to 31 December 2005, 5913/06, 14 February 2006.
73 In 1997, third-country nationals to be refused entry represented 66% of the total number of hits (14,806 of a total 22,475). In 2003 this was 71.5% (26,363 of a total of 36,876), compared to the hits based on Article 95: 7.7%; Article 97: 4.8%; Article 98: 10%; and Article 99: 6%).
Brouwer ch-03.indd 68 3/13/2008 2:43:51 PM
Th e Schengen Information System 69
total. Th is in the fi rst place is due to the enlargement of the European Union, following which the ‘old’ Member States had to take the names of the nationals of the ‘new’ EU Member States off the SIS. Secondly, this drop could be explained by the increasing percentage of hits based on the other categories of data stored in the SIS. Relatively speaking, when comparing the numbers of hits with the numbers of entries for each category, reports on third-country nationals to be refused entry seem to be the least successful. Th is is illustrated by comparing the fi gures for 2001, 2004 and 2006.74
Based on the above reports, in 2001 the following hits were recorded by the SIRENE bureaux:
– Article 95: 2,841 hits (24% of the total number of records on Article 95);– Article 96: 26,363 hits (3.7% of the total number of records on Article 96);– Article 97: 3,661 hits (6% of the total number of records on Article 97);– Article 98: 1,779 hits (12% of the total number of records on Article 98);– Article 99 (persons): 2,232 hits (10.2% of the total number of records on
Article 99).
Th e fi gures for 2004 show an even smaller percentage of hits on third-country nationals, compared to the number of records based on Article 96 CISA in the SIS:
– Article 95: 3,813 (25.6%)– Article 96: 21,957 (2.8%)– Article 97: 1,984 (5.8%)– Article 98: 4,945 (15.2%)– Article 99 (persons): 2,989 (18.8%).
Th e following numbers of hits were reported in 2005:
– Article 95: 3,887 (25.1%)– Article 96: 21,090 (2.8%)– Article 97: 2,289 (5.9%)– Article 98: 6,612 (14.6%)– Article 99 (persons): 4,152 (13.4%).
74 Note that I compare the data on the number of records held in the SIS on the precise date of 1/1/2001, 1/1/2004 or 1/1/2006 with the total number of hits which were found the year after that date. As the number of alerts change every day, this percentage only gives an estimate of the exact percentage.
Brouwer ch-03.indd 69 3/13/2008 2:43:51 PM
70 Chapter 3
Based on these statistical data, one could conclude that the registration of third-country nationals in the SIS is in practice less eff ective, compared to the records on persons stored in the SIS for other purposes. Even if information stored in the SIS concerns predominantly third-country nationals to be refused entry, the number of hits and, therefore, the actual eff ects of this storage are relatively small compared to the number of hits for other categories of persons stored in the SIS. On the other hand, the annual number of 21,000 to 25,000 hits on third- country nationals is considerably high particularly when we consider that, based on these hits, these persons have been stopped at the borders, refused a visa or even expelled to a third country.
With regard to the development of the second-generation SIS, one would expect the Commission or Council to have evaluated the use and effi ciency of SIS I. To my knowledge, no such evaluation has taken place. Only the Schengen Joint Supervisory Authority initiated a coordinated evaluation of the national implementation of the Article 96 criteria in 2003, to be carried out by the national data protection authorities. Based on this report and the available national reports, it can be concluded that the Schengen authorities applied the Article 96 criteria very diff erently and the data stored in the SIS often did not meet the criteria of Article 96.75 Furthermore, the national data protection authorities discovered that the time limits for the storage of these data were fre-quently exceeded.76 Th e fi ndings of the JSA have been published in a report dated 20 June 2005. Th is report has not been offi cially published but is only available on request via the joint data protection secretariat of the Council.77
In the next Chapter, I will describe the development of the second-generation SIS or SIS II, including the technical and functional amendments which were proposed and adopted with regard to the SIS. Chapter 5 will examine other EU databases which are directly or indirectly used for controlling immigrants within or seeking admission to EU territory.
75 Th ese reports are dealt with in Part III of this study. 76 See the critical report of the Danish Data Protection Authority of 10 June 2005, published at
http://www.statewatch.org. See also B. Hayes, SIS II: fait accompli?, Statewatch analysis, May 2005.
77 Th e JSA report on this evaluation appeared in the summer of 2005 on the web site of the Danish Data Protection Authority (http://www.datatilsynet.dk/) and on the web site of the human rights organisation, Statewatch, but not on the technically outdated website of the JSA itself (http://www.schengen-jsa.dataprotection.org/).
Brouwer ch-03.indd 70 3/13/2008 2:43:51 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 71–116.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Chapter 4
New Functionalities for SIS and the Development of SIS II
“Th e Schengen Information System ended up by being the victim of its own success, and it became imperative to increase its capacity and to introduce new possibilities while taking advantage of the latest development of information technology.”1
1. Th e Road to the Second Generation SIS or SIS II
When the SIS became operational on 26 March 1995, the system was used by seven States: Belgium, the Netherlands, Luxembourg, France, Spain, Portugal and Germany. At the end of 1997 those countries were joined by three other countries: Italy, Austria and Greece. As far back as 1996, the governments par-ticipating in Schengen started discussions on technical as well as functional improvements to SIS I. Th e practical reason for changing the architecture of SIS was based on the forthcoming integration into the SIS of the Nordic countries (Denmark, Sweden, Finland, Norway and Iceland). On 19 December 1996, the Schengen States signed the agreements with Denmark, Sweden and Finland on their accession to the Convention on the Implementation of the Schengen Agreement (CISA).2 During the same meeting, the Schengen States decided to develop a “second-generation SIS” or SIS II. Th is SIS II would not only permit the integration of new Schengen States, but also include new functions.3
When it became clear that SIS II would not be realised before 2000, the Schengen Executive Committee decided, at its meeting of 7 October 1997, to combine the extension to the Nordic countries with the necessary technical
1 Carlos Coelho, Rapporteur for the LIBE Committee, Working Document on the Decision and the Regulation on SIS II, 20.10.2005.
2 OJ L 239, 22.9.2000. See also section 3.1 in Chapter 3.3 Th is decision on the development of SIS II has not been published, but is referred to in the deci-
sion of the Schengen Executive Committee of 25 April 1997 in which Portugal was given the mandate to start a preliminary study for SIS II. SCH/Com-ex (97) 2 rev. 2, published in OJ L 239, 22.9.2000.
Brouwer ch-04.indd 71 4/4/2008 5:39:58 PM
72 Chapter 4
measures to make the SIS ready for the new millennium. Th e same decision emphasised that the parallel development of a renewed SIS, or SIS I, would not aff ect the development of SIS II.4 Th e new extended SIS I (under the heading SIS I+) should be accessible to 18 countries (15 operational States, the United Kingdom and Ireland, plus one in reserve) while, in the longer term, the strate-gic objective of SIS II would remain unchanged.5 After the integration of the Nordic countries into the SIS and the successful completion of the SIS I+ project in 2001, the governments continued their negotiations on SIS II.6 Th e Council of Justice and Home Aff airs or JHA Council (having replaced the Schengen Executive Committee in 1999 on the basis of the Amsterdam Treaty ) confi rmed, at its meeting of 28–29 May 2001, that in view of the enlargement of the EU, the development of SIS II by 2006 would be a priority.7 In December 2002, the JHA Council decided upon the implementation of the Schengen acquis in the new Member States. Th e application of the full Schengen acquis would make it necessary for those Member States to fulfi l “all legal, organisa-tional and technical pre-conditions (…), especially the requirements linked to the access to the Schengen Information System and the effi cient controls at external borders ”.8
Before discussing the developments of SIS II, the fi rst sections will describe the decisions adopted to amend the use of SIS I. As we will see, many of these earlier decisions infl uenced the fi nal scope and use of SIS II.9 In section 6, I will focus in particular on the (draft) Regulation on SIS II with regard to alerts on third-country nationals to be refused entry or residence. I will not go into details of the Decision on SIS II which applies to the use of SIS II within the third pillar framework.
4 SCH/Com-ex (97) 24, OJ L 239, 22.9.2000.5 Decision of 21 April 1998. See, for an overview of these developments in decision-making, the
note from the German delegation to the Council Working Party on the Schengen Information System, SIS II overall plan: Problems to be addressed, 20 August 1999, 10629/99.
6 SIS I became fully operational in the Nordic countries in March 2001. See Council Decision 2000/777 of 1 December 2000 on the application of the Schengen acquis in the Nordic countries, OJ L 309/24 9.12.2000.
7 Press release, 9118/01 (Presse 203).8 See point 7 of the Roadmap adopted at the meeting of the JHA Council of 19–29 December 2002.9 See also Hayes, “SIS II: fait accompli?”, Statewatch analysis, May 2005, www.statewatch.org.
An overview of the proposals and the fi nal decision-making with regard to SIS I and SIS II is given in the annex to this chapter.
Brouwer ch-04.indd 72 4/4/2008 5:39:58 PM
New Functionalities for SIS and the Development of SIS II 73
2. Early Proposals to Extend the Use of SIS
2.1. Access to Europol and Eurojust
In the Vienna Action Plan on an Area of Freedom, Security and Justice of December 1998, the JHA Ministers agreed in conclusion 43(c) to examine the possibility of granting Europol access to the SIS.10 Th is possibility for both Europol and Eurojust to gain access to SIS information was strongly advocated by the German government. In a note from the German delegation to the SIS Working Party, it was proposed that Europol be authorised to consult the right of access to SIS and, in the longer term, to make Europol responsible for the implementation of the C.SIS tasks.11 In September 2000, Germany presented a discussion paper on the future use of SIS.12 Th e German government proposed optimising the use of the SIS and extending access to the SIS to other authorities and institutions, including Europol and central credit protection agencies. Th ese organisations should have access to the data on stolen or missing documents. Th is would pre-vent persons using stolen identity documents with the goal of establishing diff er-ent bank accounts in the EU Member States. Th ese amendments would serve “the interests of protecting the public from crime, prosecuting crime effi ciently and providing eff ective protection against illegal immigration.”
In the aftermath of the terrorist attacks in the United States (see below), the discussion about granting access to Europol and Eurojust received a new impulse. It took more than a year before the EU Ministers could reach political agreement on access by Europol and Eurojust to the SIS. During the Meeting of the JHA Council of 19 December 2002, the Mixed Committee agreed on the principle that Europol and national members of Eurojust should have effi cient and work-able access to the SIS. Th e decision on how this access would be implemented was to be taken at a later stage, based on a report to be forwarded by experts.13 As we will see in section 4.1 below, the legal basis for SIS access by Europol and Eurojust was provided in Decision 2005/211 of 25 February 2005.14
During the Council discussions, the option of granting access to Article 96 data on inadmissible third-country nationals was considered both with regard to
10 Text adopted by the JHA Council of 3 December 1998, OJ C 19/1, 23.1.1999. 11 10629/99, 20 August 1999. 12 20 September 2000, 11538/00. See also the German note of 8 December 2000, 14470/00. 13 5691/02 (Presse 404). 14 OJ L 68, 15.3.2005. See for the Decision 2002/187 on the establishment of Eurojust , OJ L
63, 6.3.2002.
Brouwer ch-04.indd 73 4/4/2008 5:39:58 PM
74 Chapter 4
Europol and with regard to Eurojust . In 2002, France, Luxembourg, Sweden and Spain supported access to Article 96 data for Europol and Eurojust.15 According to the Note of the College of Eurojust of 30 July 2002, access to Article 96 data on non-admission would also be useful to Eurojust. However, this ‘utility’ was only justifi ed by stating that “the combination of judicial orders with non admission orders is delicate”.16 By the end of 2006, there was still no agreement or legal basis for access to SIS data on third-country nationals by Europol and Eurojust.
Th e ‘Hague Program on an Area of justice, freedom and security’ of 2004, launched the ‘principle of availability’ as a common standard for information sharing and exchange between the national law enforcement authorities. Th is principle, which is to be further developed, seems to be used as a motive to link diff erent EU databases and to give the authorities wide access to these databases as well.17 In 2005, the Commission announced that it was to study the “development of links between the SIS II and the Europol information system” before 2007.18
2.2. Eff ective Protection against Illegal Immigration
In the same note in which the German delegation supported Europol access to the SIS I, it proposed to grant authorities issuing residence permits to third-country nationals appropriate access to ‘SIS documents/investigations’.19 Th is would include access to information on stolen, misappropriated or lost documents. Providing immigration authorities access to this information would enable them to tackle illegal residence in the Schengen area at an early stage, by preventing persons from ‘obtaining residence’ or ‘legalising illegal residence’ by submitting stolen or misap-propriated documents. It was also proposed that asylum authorities be granted access to the data on third-country nationals stored to the SIS for Article 96 pur-poses, in order to facilitate the appointment of the Member State responsible for an asylum claim according to the Dublin II Regulation.20 Th e proposal was based on the assumption that the state entering the data on the basis of Article 96
15 9408/4/02, 26 November 2002. 16 11653/02, p. 3. 17 For example in the discussion paper on the “future progress concerning the principle of availa-
bility” of the Friends of the Presidency, 25 January 2006, 5595/06 (document only partially accessible to the public).
18 COM (2005) 184, Communication on Th e Hague Programme : Ten priorities for the next fi ve years, 10.5.2005, p. 20. See also my article Data surveillance and border control in the EU: Balancing effi ciency and legal protection of third-country nationals in: T. Balzacq & S. Carrera, Security versus Freedom? A Challenge for Europe’s Future, Aldershot: Ashgate 2006, p. 137–154.
19 11538/00. 20 6164/5/01 REV 5, p. 29.
Brouwer ch-04.indd 74 4/4/2008 5:39:58 PM
New Functionalities for SIS and the Development of SIS II 75
would also be the state whose territory the person in question entered for the fi rst time. However, when Eurodac (see Chapter 5) became operational, this proposal disappeared from the agenda.
2.3. New Categories of Persons
During the discussions in the EU Council, Belgium, Spain and Portugal supported registration in the SIS of two new categories of persons: “persons pro-hibited to leave the Schengen area” and “potentially dangerous persons to be banned from participating in certain events.” With regard to the former category, this was proposed in February 2001, by the Portuguese delegation.21 Th is cate-gory of persons would include a divergent group of persons, for example, children who are at risk of being kidnapped by one of their parents when there is a dispute over custody of the child. But it could also include detainees who are condition-ally released. In June 2003, the JHA Council agreed to study the possibilities of this new alert although, to my knowledge, no measure has been taken with regard to this proposal.
Th e proposal to enter data into the SIS I on “potentially dangerous persons to be banned from participating in certain events” was supported by the Spanish and Belgian governments. In reaction to the events surrounding the EU summit of Gothenburg, Sweden, the JHA Council of 13 July 2001 agreed on the need for a structured exchange of data on violent troublemakers within the context of meetings of the European Council and other, similar meetings.22 Based on these conclusions, the Spanish government, during its Presidency in February 2002, proposed studying the possibility of including data on “violent troublemakers [with respect to] in view of mass events” to the SIS I.23 In the Spanish note, it was recognised that such alerts could aff ect freedom of movement as protected by EC Directive 64/221 (now Directive 2004/38) as well as other civil liberties and data protection of the persons concerned. It was therefore suggested, since these data would only be necessary for limited periods related to certain events, that those data “would not be made permanently visible or included in the SIS”. Meanwhile, the possibility for the police authorities to exchange information on this category of persons was provided for in diff erent bilateral agreements on police cooperation between EU Member States.24 Th is meant that it was no
21 6577/01, 24 February 2001, see also the Swedish Presidency note on Requirements for SIS II, 6164/1/01 REV 1.
22 10608/01 (Presse 281). 23 Presidential note to the Working Party on SIS, 5968/02, 5 February 2002. 24 For example, the Treaty between Germany and the Netherlands of 2 March 2005, Tractatenblad
(Dutch Offi cial Publications) 2005, no. 86 and the Benelux Treaty on border crossing police cooperation (grensoverschrijdend politie-optreden) 8 June 2006, Tractatenblad 2005, no. 35.
Brouwer ch-04.indd 75 4/4/2008 5:39:58 PM
76 Chapter 4
longer necessary to provide for this exchange of information through the SIS II. Furthermore, the Treaty of Prüm, adopted in 2005, provides for the exchange of information during major events with cross-border dimensions, in particular sport events, “if any fi nal convictions or other circumstances give reason to believe that the data subjects will commit criminal off ences at the event or pose a threat to public order and security, in so far as the supply of such data is permitted under the supplying Contracting Party’s national law” (Article 14).25 Th ese “data subjects” include both EU and non-EU citizens.
With regard to other categories of data, the JHA Council agreed in June 2003 to study “the feasibility, usefulness and practical implementation” of entering them into the SIS I.26 Th ose categories included:
1. minors precluded from leaving the Schengen area;2. violent troublemakers;3. other vehicles;4. works of art;5. animals;6. luxury items; and7. easily identifi able objects.
At this same meeting of June 2003, the Council asked for a study of the inclusion of SIRENE forms into the SIS and of which biometric data other than photographs and fi ngerprints can be stored in the SIS I.
3. SIS I and the Fight Against Terrorism
3.1. Extending the Functions of the SIS I
Immediately after the terrorist attacks in the United States of America of 11 September 2001, the EU institutions and national governments came for-ward with diff erent legislative proposals and measures aimed at intensifying the fi ght against terrorism.27 Th e failure of the administrations to identify those responsible, who turned out to have stayed legally or on an expired visa in both the United States and Germany, resulted in new emphasis on controlling third-country nationals entering or residing in the EU. At its special meeting of 20 September 2001, which immediately followed the terrorist events, the Justice
25 10900/05, 7 July 2005, published at www.libertsecurity.org. See for the Dutch version Tractatenblad 2005, 197.
26 Meeting of 5–6 June 2003 of the JHA Ministers. Press release 9845/03 (Presse 150). 27 See, for early EU decision-making in response to 9/11: Brouwer, Catz & Guild (2003), p. 96 ff .
Brouwer ch-04.indd 76 4/4/2008 5:39:58 PM
New Functionalities for SIS and the Development of SIS II 77
and Home Aff airs Council urged the Member States to take certain measures involving the use of the SIS I. Among other things, the JHA Council announced that it would examine the possibility of granting other public services access to the SIS, with regard to the cooperation between police and intelligence services. Th e participating States were also invited to provide more systematic input into the SIS of alerts under Articles 95, 96 and 99 of the CISA.28
Th e German government, in particular, proposed far-reaching measures with regard to the use of personal information in the fi ght against terrorism. In a paper dated 27 September 2001, Germany proposed enabling the interconnection of data by allowing Europol , national Public Prosecutor’s Offi ces and immigration and asylum authorities on-line access to the SIS.29 Th e German delegation also called for enabling Europe-wide computerised profi le searches, the establishment of a common visa database and of a European central register of third-country nationals present on EU territory. Furthermore, in this same note, Germany advocated the use of Eurodac information for police purposes.
In October 2001, the Belgian Presidency of the EU issued a proposal to extend Article 96 CISA to make it possible to check whether third-country nationals to whom a visa is issued and whose visa has expired have actually left the Schengen territory.30 Under this proposal, an alert would have to be automatically reported into the SIS when a person does not leave the Schengen area within the period stated in his or her visa. It was noted that when the proposal was to be incorpo-rated into the SIS II, the fi nancial eff ects would be minor. As we will see in Chapter 5, the idea of an entry-exit system was transferred to the proposal for a separate Visa Information System.
In November 2001, the Belgian government forwarded another proposal to record alerts more systematically in the SIS I.31 According to this note, data should be recorded automatically in all cases once this entry into the SIS would be allowed by national legislation. Th e entry of alerts could be improved by issuing common recommendations or even setting common binding rules for the entry of alerts. With regard to alerts on persons to be refused entry, the authorities responsible for public security could be made (more) aware of the possibility of entering alerts under Article 96 (2) (b) (i.e. “aliens in respect of whom there are serious grounds for believing that he has committed serious criminal off ences (…) or in respect of whom there is clear evidence of an intention to commit such off ences in the [Schengen] territory”).
28 SN 3926/6/01 REV 6, 20.09.2001, Conclusions 13 and 27. 29 SN 4038/01, meeting document of 27 September 2001. 30 12813/01, 15.10.2001. 31 14193/01.
Brouwer ch-04.indd 77 4/4/2008 5:39:59 PM
78 Chapter 4
Th e report of the EU Presidency to the Security Council Commission of December 2001 summarised the view of the Member States at that time on using the SIS in the fi ght against terrorism.32 According to this report, the SIS would off er several opportunities for preventing terrorists using the territories of the EU Member States for purposes relating to acts of terrorism. Th e report referred again to the importance of recording data in the SIS more systematically. Eff orts would be made to improve the use of the SIS, for example by “introducing warn-ings by default” and “national warnings fulfi lling the criteria for introduction into the SIS will be introduced as automatically as possible and should not require any additional operation from the initiating authority”.
3.2. Access for Internal Security and Intelligence Services
During the EU negotiations on the fi ght against terrorism, the possibility of granting national internal security and intelligences services access to the SIS was a recurrent issue. Th is was proposed explicitly for the fi rst time in October 2001 by the UK delegation within the SIS Working Party.33 Referring to the aforemen-tioned Council Conclusions of 20 September 2001, the Belgian Presidency described the UK proposal as “logical”.34 However, at the same time, the Belgian government stated that if the Council reached an agreement in principle on this point, it would still have to be decided whether this access would include civil or military services, which categories of information would be involved, for what purposes these services could use the data, and which data protection provisions would have to be adopted.35 To my knowledge, a formal decision has not been taken on access by internal security and intelligence services. It has been sug-gested that, based on an informal decision at working party level, this SIS access by security and intelligence services has been implemented at national level with-out a formal legal basis.36 During the negotiations on the Decision on the use of the SIS II, the German government tried to include a provision granting internal security agencies access to the SIS. Th is proposal was successfully opposed by the European Parliament, however later replaced by a provision granting “designated authorities” access to SIS II (see section 6.5 below).
32 Letter of 27 December 2001 to the Security Council Committee established pursuant to resolution 1373/2001, S 2001/1297. http://ec.europa.eu/comm/external_relations/un/docs/eu1373.pdf.
33 13530/01, 29 October 2001. In this same note, the UK delegation also proposed the creation of a “restricted access terrorist database”. See also 6164/5/1, 6 November 2001.
34 13269/01, 31 October 2001. 35 10127/02, 21 June 2002. 36 B. Hayes, Statewatch analysis, From the Schengen Information System to SIS II and the Visa
Information System (VIS): the proposals explained, February 2004, p. 9, www.statewatch.org.
Brouwer ch-04.indd 78 4/4/2008 5:39:59 PM
New Functionalities for SIS and the Development of SIS II 79
3.3. Inclusion of Persons Listed on the UN Terrorist List s
Directly related to the fi ght against terrorism was the Italian proposal to enter persons included on the UN list established by the Sanctions Committee on Afghanistan on the basis of UN Security Council Resolution 1390/2002 (SCR Resolution). Th is proposal was supported and elaborated in a note of 28 May 2002 from the Spanish Presidency to the SIS Working Group.37 Th e Spanish Presidency asked the national delegations to check what national measures had been taken to comply with the SCR Resolution. It was stated that, if all Member States lacked the legal basis to enter these individuals into the SIS, governments could consider whether legislative changes at national or European level would be appropriate to ensure that, in future, such persons were entered into the SIS. Th e proposal to report persons on the UN terrorist list s in the SIS was not offi -cially adopted. On the basis of an informal agreement between the Schengen States, the German authorities entered the listed persons into the SIS on behalf of the other States.38 Input regarding these persons is managed by the German Ministry of the Interior, “as long these persons could be adequately identifi ed”.39 In 2006, in a note on Article 96 alerts based on the UN lists, the EU Presidency dealt with diff erent options for entering and maintaining information based in the UN or EU lists on terrorists for the forthcoming Regulation on SIS II.40 In this note, it was confi rmed that “for the time being”, the German authorities have volunteered to enter these persons into the SIS on behalf of the Member States. As we will see below, a new provision is included in the SIS II Regulation, according to which a third-county national listed on a UN terrorist list may be registered in the SIS II for the purpose of refusal of entry or residence.
At this point, it should be stressed that the instrument of terrorist lists already existed before 11 September 2001. In the EU, several terrorist lists were and still are used simultaneously, including a list of persons affi liated with the Al Qaeda network. After 11 September 2001, a new list was compiled by the UN Sanctions Committee and attached to the UN Security Council Resolutions.
Th e Member States decided unanimously in the EU Council of 27 December 2001 on the Decision establishing the list provided for in Article 2 (3) of Council Regulation 2580/2001 on specifi c restrictive measures directed against certain persons and entities with a view to combating terrorism41 and the (much longer) list in the
37 9358/02, 28 May 2002. 38 See the Outcome of Proceedings of the meeting of the Article 36 Committee, 9182/03,
12 May 2003. 39 Internal note from the German Federal Data Protection Authority to the Schengen Joint
Supervisory Authority, 25 January 2005. 40 7783/06, 7 April 2006. 41 OJ L 344, 28.12.2001.
Brouwer ch-04.indd 79 4/4/2008 5:39:59 PM
80 Chapter 4
Annex of the Common Position 2001/931 on the application of specifi c measures to combat terrorism and Council Decision 2001/ 927.42 Th e EU lists are reviewed every 6 months.43 Based on Council Regulation 2580/2001, Member States are required to freeze the fi nancial assets of the listed persons and organisations con-sidered to be involved in terrorism. Th e Regulation applies within the territory of the Community, including its airspace, on board any aircraft or any vessel under the jurisdiction of a Member State, to any person elsewhere who is a national of a Member State, to any legal person, group or entity incorporated or instituted under the law of a Member State or doing business within the Community (Article 10). Th e EU list which is attached to the Common Position 2001/931 contains the same names, but also includes EU citizens. It provides the names of individuals and organisations who are believed to be connected with terrorism, some of those (in the fi rst version around 30) are characterised as ‘endogenous’ (primarily active within the EU), while others (around 10) are characterised as ‘exogenous’ (mainly active outside the EU). Th e provisions for mutual support in criminal proceedings target the fi rst group, while the measures for freezing assets are aimed at the latter.
Criteria for listing people can be found in the Common Position 2001/931 and in the Regulation 2001/927. Th ese criteria include whether a criminal pros-ecution, investigation or sentence has been carried out as a result of terrorist acts. In addition, people who are linked by the UN Security Council to terrorism and against whom sanctions have been imposed can be added to the list. Member States are entitled to make their own proposals on the removal of persons and organisations from the lists, as well as on the entry of new persons and entities.
4. Adopted Decisions Extending the Use of SIS I
4.1. Regulation 871/2004 and Decision 2005/211 on New Functionalities
On 29 April 2004 and 24 February 2005 respectively, the EU Council adopted Regulation 871/2004 and Decision 2005/211 on new functionalities for the SIS.44 Th ese instruments, based on Spanish proposals from 2002, include diff er-ent measures extending the use and utilities of the current SIS.45 Th e most important changes are:
42 OJ L 139/4 and L 139/9, 29.05.2002. 43 See, for updates: 2 May 2002, OJ L 116, 3.05.2002; 17 June 2002, OJ L 160/26, 18.06.2002;
28 October 2002, OJ L 295/12, 30.10.2002; 12 December, OJ L 337/85, 13.12.2002. 44 OJ L 162/29, 30.04.2004 and OJ L 68/44, 25.03.2005 respectively. 45 Spanish initiative for a Regulation on new functions of SIS, OJ C 160, 4.7.2002.
Brouwer ch-04.indd 80 4/4/2008 5:39:59 PM
New Functionalities for SIS and the Development of SIS II 81
1. access by Europol and Eurojust to the SIS;2. access by national judicial authorities, including public prosecutors, to the
SIS, including Article 96 alerts, with regard to checks within the country;3. access to information held in the SIS on stolen, misappropriated or lost
identity documents by authorities responsible for issuing or examining visa applications or for issuing residence permits.
Finally, the Regulation extends the duty to make records of the transmission of data and, for the fi rst time, includes a legal basis for the SIRENE bureaux.
Th e Regulation was purposely adopted on 29 April 2004 which is before the adoption of its third pillar counterpart, the Council Decision of 25 February 2005.46 Th e reason for this swift adoption of the Regulation was Article 67 of the EC Treaty. On the basis of this provision, after 1 May 2004, the Council could no longer adopt legal acts within the scope of Article 66 TEC insofar they are based on the initiative of one or more Member States. Th e application of the provisions of the Regulation and the Decision were set for diff erent dates.47
4.1.1. Europol and Eurojust Th e most important amendments with regard to the use of the SIS are the provi-sions in the Decision on access to Europol and Eurojust and, in the Regulation, on access by visa and immigration authorities to information on stolen docu-ments. Decision 2005/211 provides for access by Europol and Eurojust to SIS data stored on the basis of Articles 95, 99 and 100 CISA, or Articles 95 and 98. Th is access is limited to the police and judicial tasks of these organisations and does not include data under Article 96 or 97. Th e Decision explicitly forbids Europol to link parts of the SIS to which it has access to any computer system operated by or at Europol. In addition, with regard to Europol, it is explicitly stated that Europol may not transfer the SIS data to any third State or third party without the express prior authorisation of the Member State which entered this data into the system. Th e Decision also changes the procedure to be followed by national authorities in the event of an alert on the basis of Article 99 (discreet sur-veillance). Based on the former provision in the CISA, offi cials planning to issue such an alert had to consult the other contracting parties beforehand.
46 See the note from the Irish presidency to the Article 36 Committee, 6874/04, 27 February 2004. 47 Article 2 of the Regulation and the Decision allows the Council to set diff erent dates of applica-
tion. See Decision 2005/451 of 13 June 2005, OJ L 158, 21.6.2005, Decision 2005/728 and Decision 2005/727 of 12 October 2005, OJ L 273, 19.10.2005 respectively. On 24 July 2006, the JHA Council adopted two decisions setting two further dates of application (1 October and 1 November 2006) for Article 1(4) and Article 1(5) of the Regulation, 11556/06 (Presse 216).
Brouwer ch-04.indd 81 4/4/2008 5:39:59 PM
82 Chapter 4
With the new Article 99 (4), the national authorities issuing an alert will only have to inform other parties.48
4.1.2. Public prosecutorsRegulation 872/2004 includes an amendment to Article 101 (1) (b) CISA, based on which the authorities “responsible for police and customs checks carried out within the country and the coordination of such checks” have direct access to the SIS, including alerts on third-country nationals to be refused entry. Based on the amendment, direct access is made possible for “national judicial authorities, including those responsible for initiating public prosecutions in criminal pro-ceedings and judicial inquiries prior to indictment, in the performance of their tasks as set out in national legislations”. Th e original text of the Spanish proposal only envisaged adding to the provision of 101(1) (b), which reads as follows: “and the judicial supervision thereof”.49 Th is proposed amendment was justifi ed by the fact that some Member States already granted access to the SIS to their public prosecutors based on the words “and the coordination of such checks” in Article 101 (1) (b).50 In October 2002, the French delegation proposed giving national judicial authorities direct access to all SIS data, whereas the German delegation proposed, “for the initiation of public prosecutions in criminal proceedings”, giving national authorities only direct access to Articles 95, 98 and 100 data (persons wanted for arrest for extradition, witnesses, and objects for the purposes of seizure or use as evidence for criminal proceedings respectively).51 In the fi nal decision on the proposed Regulation and Decision, the Council chose a combination of both texts.
4.1.3. Authorities Responsible for Issuing or Examining Visa Applications or for Issuing Residence PermitsA new Article 101 (2) has been inserted in the CISA, giving the authorities respon-sible for issuing visas or examining visa applications and the authorities issuing residence permits and “for the administration of legislation on aliens” access to the data on stolen, misappropriated or lost identity documents which are held in the SIS on the basis of Article 100 (3) (d) and (e) CISA. Regulation 871/2004 further allows national authorities to add information to the alerts stored in the SIS, for example on whether a person has previously escaped from detention.
48 In its resolution of 17 December 2002, the EP advised maintaining the obligation of informing the other parties beforehand, A5-0436/2002.
49 OJ C 160, 4.7.2002. 50 5968/1/02, 19 March 2002, see also the Report of Carlos Coelho of the LIBE Committee,
A5-0436/2002, 4 December 2002, explanatory statement, p. 22. 51 9407/2/02, 17 October 2002.
Brouwer ch-04.indd 82 4/4/2008 5:39:59 PM
New Functionalities for SIS and the Development of SIS II 83
4.1.4. Duty to Report all Transmission of Data and a Legal Basis for SIRENE Although the Spanish proposal focussed on extending the use of the SIS for the fi ght against terrorism, the opportunity to change current provisions regarding the SIS has also been used to improve some data protection provisions. Both in the Regulation and in the Decision, a duty has been added for national authori-ties to make a record of every case of the transmission of personal data, instead of every tenth transmission (as provided for in the original text of the CISA). Th is provides an extra safeguard with regard to the lawful use of SIS information.
Finally, the Regulation and the Decision provide for an explicit legal basis in the CISA for the functioning of SIRENE . Article 92 paragraph 4 provides that Member States will, in accordance with their national legislation, exchange through SIRENE “all supplementary information necessary in connection with the entry of alerts and for allowing the appropriate action to be taken in cases where data concerning persons and objects have been reported in the Schengen Information System and these are then found as a result of searches made within the System”. Th e information exchanged through SIRENE may only be used for the purpose for which it is transmitted. Th is latter restriction of the further use of SIRENE data had been advocated by the EP in its resolution of 17 December 2002.52
4.2. Framework Decision 2002/584 on the European Arrest Warrant
Article 9 (2) of the Framework Decision 2002/584 on the European Arrest Warrant provides that judicial authorities may issue an alert in the SIS on requested persons for the purpose of a surrender procedure.53 As defi ned in the Framework Decision, a European Arrest Warrant (EAW) is a judicial decision issued by a Member State with a view to the arrest or surrender by another Member State of a requested person. Th is request for arrest or surrender is possi-ble for the purposes of conducting a criminal prosecution, executing a custodial sentence or executing a detention order. In general, based on the double crimi-nality rule, a Member State may subject the request from another Member State to surrender a person to the condition that the act for which surrender is requested should also constitute an off ence under the law of the executing Member State. However, with regard to 32 off ences listed in the Framework Decision, this double criminality rule does not apply. If punishable in the issuing Member State by imprisonment of at least three years, the requested State must surrender the person without verifying the double criminality of the off ence at stake. Th e off ences listed in the Framework Decision include, among others,
52 A5-0436/2002. 53 Th e Framework Decision was adopted on 13 June 2002, OJ L 190, 18.7.2002.
Brouwer ch-04.indd 83 4/4/2008 5:39:59 PM
84 Chapter 4
membership of a criminal organisation, terrorism, human traffi cking, corruption, fraud (including fraud aff ecting the fi nancial interests of the Communities), counter-feiting currency, murder, racism and xenophobia, organised or armed robbery, computer-related crime, traffi cking in stolen vehicles and rape.54 Th e EAW must contain information that includes the identity of the person concerned, the issuing judicial authority, the fi nal judgment, the nature of the off ence and the penalty. Th e arrest warrant, registered in the SIS in accordance with Article 95 CISA, is considered equivalent to an EAW. When the location of the requested person is known, the issuing judicial authority may also transmit the EAW directly to the executing judicial authority.
Th e Framework Decision entered into force on 1 January 2004. Some Member States, including United Kingdom, France, Belgium, Portugal, Luxembourg, Germany and Spain agreed to apply the Framework Decision as of the fi rst quarter of 2003.55 In diff erent EU Member States, the lawfulness of the Framework Decision has been disputed before national (constitutional) courts.56
4.3. Common Position 2005/69 on Exchange of SIS Data Between Member States and Interpol
On 24 January 2005, the Council adopted a common position on the exchange of information on stolen and lost passports between the ‘SIS countries’ and Interpol .57 Article 3.3 of this Common Position requires Member States, whenever they enter data on stolen passports into their national databases or into the SIS, to exchange these data immediately with Interpol as well. Th e purpose of this measure is, according to Article 1, to prevent and combat serious and organised crime, includ-ing terrorism. Th e Common Position is considered a fi rst response to the call of the European Council of 24 March 2004, in its Declaration on combating terror-ism, to create an integrated system for the exchange of stolen and lost passports between the SIS and the Interpol database. According to preamble (5), the current measure should be followed up by setting up a technical functionality in the SIS to achieve that aim. Th e Common Position took eff ect on the date of its adoption (Article 5). In practice, the implementation of this Common Position means that information reported to the SIS and then automatically submitted to Interpol,
54 Th is (partial) abolition of the double criminality rule and the abolition of the prohibition on surrendering one’s own nationals have been criticised. See: http://www.eurowarrant.net.
55 Th is was agreed upon during the informal meeting of the JHA Council in February 2002, see doc. 5065/03, 20 January 2003.
56 See, for analysis of some of these judgments: E. Guild (ed.), Constitutional challenges to the European Arrest Warrant . A challenge for European Law: the merging of international and external security. Nijmegen: Wolf Legal Publishers 2006.
57 Common Position 2005/69 on exchanging certain data with Interpol , OJ L 27/62, 29.1.2005.
Brouwer ch-04.indd 84 4/4/2008 5:39:59 PM
New Functionalities for SIS and the Development of SIS II 85
so that the information at stake is no longer available for EU Member States only, but also for the police organisations of non-EU States participating in Interpol.
4.4. Regulation 1160/2005 on Access to the SIS by Vehicle Registration Authorities
In June 2005, the Council adopted Regulation 1160/2005 on the basis of which the vehicle registration authorities gained access to data reported in the SIS on stolen cars.58 Th is measure, provided in the new Article 102A CISA, should pre-vent vehicles reported by one Member State from being licensed in another Member State. It should also increase the possibility of fi nding stolen vehicles.59 Th e Regulation applies with eff ect from 11 January 2006. According to Article 102A (4), the Council must submit a report to the EP on the implementation of this provision, each year, after seeking the opinion of the Schengen Joint Supervisory Authority. Th is report shall include information and statistics relat-ing to the use and results of the implementation of this Article and shall state how the data protection rules were applied.
Th e sections above, describing the amendments with regard to SIS I, make it clear that the Member States were already extending the scope and use of this data-base. Th e multiple use of the SIS was invoked by giving new authorities, includ-ing Europol , Interpol , national vehicle registration authorities, national judicial authorities and Eurojust access to the information held in the SIS I. During the discussions on these amendments of the CISA provisions, the negotiators paved the way for a new, enlarged concept for the second generation SIS, or SIS II.
5. SIS II
5.1. Legal Basis for SIS II
Regulation 2001/2424 and Decision 2001/886 on the development of the second generation Schengen Information System (SIS II), adopted on 6 December 2001, provided the legal basis for the further development of the SIS II.60 On the basis of these instruments, the Commission was empowered to take the necessary implementing measures, in accordance with the Council Decision on the proce-dures for the exercise of implementing powers conferred on the Commission.61
58 OJ L 191/18, 22.07.2005. Council minutes of 2–3 June 2005, doc. 8849/05. Th is decision of the Council is based on a proposal by the European Commission, COM (2003) 510 and takes into account three amendments by the European Parliament. See doc. 8524/05.
59 Based on a Belgian proposal, 8835/99 and 12793/01. 60 Regulation 2001/2424 and Decision 2001/886 published in OJ L 328, 13.12.2001. 61 Decision 1999/468/EC of 28 June 1999, OJ L184, 17.7.1999.
Brouwer ch-04.indd 85 4/4/2008 5:39:59 PM
86 Chapter 4
Th e Decision provides for a comitology procedure, in which both the Commission as the Council are involved.
Th e question of the appropriate legal basis and the fi nancing of SIS II was controversial because of the legal basis of the current SIS. As we have seen in Chapter 3, at the time of the integration of the Schengen acquis into the EU Treaties, the Member States were unable to agree on the appropriate legal basis for the SIS, recognising that some parts of the SIS fell within the scope of Title IV TEC, while other parts were covered by Title VI TEU. To solve this problem, the Council appointed Title VI as the legal basis for the whole SIS. With regard to the legal basis of SIS II and the proposals which were necessary for the development of SIS II, it was recognised that SIS II should be regarded as having a dual legal basis. In its Communication on the Development of SIS II of 18 December 2001, the Commission had already underlined the dual function of the SIS. With regard to Article 96 CISA, the Commission held that this would have to be based on Articles 62, 63, and 66 of the EC Treaty. According to the Commission, although an alert referred to in Article 96 may contribute towards preserving public order, it sometimes entails action that does not amount to a form of police cooperation within the meaning of Title VI of the EU Treaty (or Title III “Police and security” of the CISA). Th erefore, “an alert for purposes of refusing entry entails measures that fall under the heading of entry and resi-dence of foreigners, whether they involve refusing a person a visa, removing them to an external frontier or deporting them”. Th e Regulation on the development of the SIS II was based on Article 66 TEC and the Decision on Articles 30 (1) a and b and 31 a, 34 (2) c TEU.62 With regard to the fi nancing of SIS II, the JHA Council could not reach unanimity on the decision to fi nance SIS II through intergovernmental funding. Th e Ministers agreed in their meeting of 29 May 2001 that the expenditure should be charged to the EC budget as from 2002.63
On 31 May 2005, the European Commission published three legislative pro-posals on the second generation SIS.64 Th e proposal for the Regulation on SIS II was explicitly based on Article 62 (2) (a) TEC (external border controls) and Article 66 TEC (administrative cooperation).65 By using Article 62 (2) (a) as legal
62 Both the Decision and the Regulation expired on 31 December 2006. 63 Report of the meeting, 9118/01 (Presse 203). 64 COM (2005) 236, 230 and 237, 31 May 2005, including a draft Regulation and Decision on
the establishment, operation and use of second-generation SIS (SIS II) and a Regulation regard-ing access to SIS II by national services responsible for issuing vehicle registration certifi cates. See further below.
65 For more details on the applicable procedures with regard to Title IV instruments: S. Peers, From Black Market to Constitution: Th e Development of the Institutional Framework for EC Immigration and Asylum Law, in Peers & Rogers (2006), p. 52 and 65–66.
Brouwer ch-04.indd 86 4/4/2008 5:39:59 PM
New Functionalities for SIS and the Development of SIS II 87
basis for this Regulation, the Commission paved the way for qualifi ed majority voting and a co-decisive right for the European Parliament.
5.2. Developing SIS II as a ‘fl exible tool’
Although the formal reason for SIS II was the technical need to make the SIS applicable to a larger group of states, from an early stage the development of SIS II has been used in political discussions on the proposals for new functions of the SIS.66 Even in July 2000, the French Presidency submitted a detailed overview, on the basis of “preparatory work carried out over several years by the SIRENE Working Party”, of the diff erent proposals to extend the use of SIS II.67 Th is list of proposals would be regularly updated in subsequent years.68 During the dis-cussions on the anti-terrorism policy following 11 September 2001, Member States forwarded diff erent proposals on extending the use of the SIS. Whereas, several of these proposals were implemented with regard to the current SIS (for example, access by Europol and Eurojust ), others were gradually ‘incorpo-rated’ in the draft texts on SIS II. Although the Regulation and Decision on the development of SIS II did not directly refer to possible extended functions, preamble 7 explicitly states that these instruments are without prejudice to the adoption of future legislation on the use and operation of SIS II. Th e purpose of allowing for a multipurpose tool was more explicitly referred to in the earlier drafts of these instruments, forwarded by the Swedish and Belgian governments.69 In Article 1 of the proposed Regulation, the future goal of SIS II was described as the need for Member States to have in place “a joint information system enabling the authorities designated by them to have access, by means of an automated search procedure, to alerts on third-country nationals for the purpose of checks to be carried out at external borders and elsewhere in their territory, and for the purpose of examining visa applications and applications for residence”. Article 1 of the proposed Decision referred to “the goal of maintaining public policy and security and enabling designated authorities to have access to alerts on persons and objects for the purposes of police and customs checks at the borders and elsewhere within their territory”. According to Article 2 of both proposals, SIS II would have to allow for “certain new functions to be carried out taking into account new IT developments”. Since these functional changes would require amendments to the CISA which were not feasible in the short term, these broad
66 See also Statewatch, Schengen Information System: SIS II: technical innovation pretext for more data and control, Statewatch bulletin, January–February 2001 (Vol. 11, no. 1), p. 24–25.
67 “Requirements for SIS II”, 10353/00. 13 July 2000. 68 See, for example 6164/5/01, 6 November 2001 and 5968/02, 5 February 2002. 69 OJ C 183/12, 29.6.2001.
Brouwer ch-04.indd 87 4/4/2008 5:39:59 PM
88 Chapter 4
descriptions of the new functions of the SIS were deleted in the fi nal texts, adopted on 6 December 2001.70 Despite these legal obstacles, at this meeting of 6 December 2001, the Council agreed to study diff erent options to expand the use of SIS II. In June 2002, the Ecofi n Council reached formal agreement on new functions for SIS II with a view “to ensuring greater eff ectiveness in com-bating terrorism”.71 Th ese functions included, among others: the inclusion of biometric data, the addition of new categories of data, the possibility of inter-linking diff erent alerts and the possibility of running searches on the basis of incomplete data. As we will see below, except for the function of searching the SIS II on the basis of incomplete data, these functions are included in the current texts of the Regulation and Decision on SIS II.
In 2003, it was decided to instruct IT companies developing SIS II to design SIS II so as to allow for new requirements whenever these become necessary.72 Th is would make it possible to develop SIS II as a “fl exible tool that will be able to adapt to changed circumstances and fulfi l, within reasonable time and with-out major additional costs and eff orts, user requests made during its lifecycle”. Based on this decision, SIS II was technically developed to allow for various new functions, even if at political level the decisions on the fi nal functions of SIS II were yet to be taken.
At its meeting of June 2003, the JHA Council concluded that the new SIS II should remain “a hit/no hit system allowing for information exchange with a view to policing the free movement of persons as well to maintaining public security, and in particular assisting national authorities in the fi ght against trans-national crime, in the context of the EU objective to maintain and develop the Union as an area of freedom, security and justice”. Considering the current deci-sions taken with regard to SIS II, (see below) we may wonder whether the description of “hit/no hit system” still applies.
5.3. Th e Position of the UK and Ireland with Regard to Access to SIS II
Parallel to the discussions on the new functions of the SIS, negotiations took place on possible access by the UK and Ireland to the SIS. Based on Council Decisions 2000/365/EC and Council Decision 2002/192/EC respectively, both
70 Press release 14581/01 (Presse 444). See also the Note “Requirements for SIS” from the Belgian Presidency, 13269/01 SIS 95 COMIX 693 and updated in 14790/01 SIS 107 COMIX 767, which was used as a basis for the discussions in the Council.
71 Council Conclusions 10089/02 (Presse 181) based on the Presidential note to the Council, 9773/02, of 7 June 2002.
72 Meeting of 5–6 June 2003 of the JHA Council. Press release 9845/03 (Presse 150). Th ese con-clusions were based on the Commission Staff working paper on the development of the second Generation Schengen Information System (SIS II) of 19 February 2003, SEC(2003)206.
Brouwer ch-04.indd 88 4/4/2008 5:39:59 PM
New Functionalities for SIS and the Development of SIS II 89
countries only take part in the provisions of the Schengen acquis on police and judicial cooperation.73 Despite this ‘outsider status’, the UK was actively involved in the discussion on the new functionalities of SIS II, including the use of data on third-country nationals to be refused entry. In diff erent notes to the SIS/Sirene Working Group, the UK presented its opinion regarding the proposed list of functions for SIS II.74 In a note of 2003, the UK government justifi ed the extended use of the SIS by referring to the Tampere Conclusions of 1999 (con-clusion no. 43) according to which: “Maximum benefi t should be derived from cooperation between Member States’ authorities when investigating cross-border crime in any Member States”.75 Aiming for a “more fl exible use of the data that will be held on SIS II”, the UK referred to the two categories of Article 96 data: data concerning people who have been refused entry to the Schengen area because they constitute threats to public order, national security and safety and data con-cerning people refused for immigration or visa off ences. According to the UK proposal, the fi rst category of data should be accessible by law enforcement and immigration offi cers, since their registration would not only be used for refusing entry, but also for law enforcement purposes such as preventing and detecting crime. Th e second category should only be accessible by immigration offi cers for the purposes of refusing entry. From this proposal, as well as from other proposals forwarded by the UK delegation, it is clear that the UK envisaged altering the functioning of the SIS signifi cantly. From a merely administrative system, used to prevent a defi ned group of third-country nationals from entering the Schengen territory, the SIS had to change into an intelligence system, using which the same group of persons could be traced for prosecution and law enforcement purposes. In February 2003, the UK government proposed amending the defi ni-tion of the purpose of the SIS as described in Article 92 CISA to allow for SIS II “to be shaped into a robust system that, fi rstly, assists national authorities in the fi ght against transnational organised crime, secondly, facilitates effi cient border controls and, thirdly, provides a technologically advanced tool for the investigation and rapid identifi cation of suspect persons”.76
Illustrative of the UK’s view with regard to the utility of the SIS is also the consideration of the UK delegation in a note of 2002 to the Schengen Acquis Working Group in which it advocated access by UK immigration and visa authorities to data in the SIS on stolen or lost passports.77 According to this note, the priority for the UK would be “to ensure that suspected criminals and terrorists
73 OJ L 131, 1.6.2000 and OJ L 64, 7.3.2002. 74 See Note of 29 October 2001, 13530/01 and Note of 6 February 2003, 6113/04. 75 Note on the development of SIS II, 7786/03 of 25 March 2003, p. 2. 76 6113/03, 6 February 2003. 77 13482/02, 24 October 2002.
Brouwer ch-04.indd 89 4/4/2008 5:39:59 PM
90 Chapter 4
are identifi ed and arrested before they have the opportunity to commit further crimes in the EU. Our immigration service has extended experience, considerable technical skill and state of the art forgery detection equipment which ensures a high success rate in identifying forged passports and other travel documents. It would therefore be a benefi t of all Schengen Members if UK immigration and visa authorities as well as the police could access this data directly”.
In 2005, the Legal Service of the Council submitted its advice to the Council with regard to the request from the UK and Ireland to grant their asylum author-ities access to SIS II data on third-country nationals to be refused entry.78 Th e UK and Ireland justifi ed this request with their participation in the Dublin II Regulation. Based on the fact that these countries do not take part in the Schengen acquis with regard to immigration and border control, the Legal Service however concluded that their authorities could not have access to Article 96 data or, with regard to SIS II, Article 15 data.79 Th e reason I refer to this advice is the additional consideration of the Legal Service, according to which the provisions of the Dublin II Regulation did not prevent the UK and Ireland from requesting information and personal data from the other Member States on asylum seekers, “including the information and personal data those states acquired through their right to access to the SIS II alerts on the refusal of entry”. Th is explicit recom-mendation of the Legal Service to the authorities of UK and Ireland makes it clear that, in practice, on a bilateral or cross-organisational basis offi cials are able to obtain all the information they are seeking, whether this is provided for in the applicable rules or not.
5.4. Involvement of the European Parliament
Th e EP has been involved in the development of the SIS and SIS II at diff erent times. Between 2001 and 2006, Carlos Coelho, Member of the European Parliament (MEP) was, with few exceptions, the regular rapporteur with regard to issues of the SIS and SIS II.
In principle, the EP had only a co-decisive role in the Regulation on SIS II and, with regard to the SIS II Decision and other third pillar measures changing the use and architecture of SIS II, it should merely have been consulted. In practice, however, based on an agreement with the Council and the Commission, the EP was allowed to consider the SIS II Regulation and Decision as a ‘package deal’.
78 15058/05, 12 December 2005. Th is advice is only partially accessible via http://register.consilium.europa.eu (in fact, the whole content of the legal advice has been deleted). Th e author has a Dutch version.
79 Decisions 2000/365 and 2002/192.
Brouwer ch-04.indd 90 4/4/2008 5:39:59 PM
New Functionalities for SIS and the Development of SIS II 91
In the report of 2001 on crossing external borders and the development of Schengen cooperation, rapporteur Carlos Coelho dealt for the fi rst time with the SIS, its defi ciencies and the need to improve the applicable rules on data protec-tion and transparency.80 In this report, Coelho criticised the lack of uniform criteria for entering data on third-country nationals, arguing that this lack of clear criteria, in particular in relation to ‘unwanted aliens’ would give the Member States too much freedom of interpretation. Furthermore, the MEP noted that “decisions on the entry of data into the system can be taken at a relatively low level”. Given the many shortcomings in relation to the protection of data and the inadequate remedies available to persons whose data is in the SIS, according to the MEP the current situation would fail to meet the level of pro-tection required by the Charter of Fundamental Rights with potentially serious consequences for citizens.
Based on the co-decision and consultation procedures respectively, the EP adopted a legislative resolution on the Belgian-Spanish proposal for the Decision and Regulation for the development of the SIS II as referred in section 5.2 above. In this report, adopted during its plenary session of 23 October 2001, the EP demanded an extended role for the Joint Supervisory Authority during further negotiations on SIS II.81
Consulted by the Council according to the procedure given in Article 39 (1) TEU, the EP adopted a legislative resolution on the Spanish proposals for the Regulation and Decision on new functionalities of SIS on 17 December 2002.82 Th is resolution, which was adopted by a majority of 377 votes to 89, included amendments for a higher data protection level. In a new recital (3a), the EP added the general condition that the “introduction of certain new functions into the current version of the SIS shall not reduce the safeguards on accuracy, the use or the level of protection on personal data.” Further, the resolution included addi-tional conditions with regard to access by Europol and Eurojust to the SIS and with regard to the further use of the SIS data by those institutions. In its legislative resolution, the EP also held that extended access to stolen ID documents would risk increasing the existing problems of citizens whose identity and documents are being misused. It is worth noting the minority opinion of two MEPs, Maurizio Turco and Marco Cappato, attached to the EP resolution on SIS II. Although they found the amendments of the EP resolution an improvement over the current text, they nevertheless proposed to reject the Spanish proposal as a whole.
80 Report of 21 June 2001, A5-0233/2001 adopted on 20 September 2001,OJ C77 28.3.02. 81 Here, the rapporteur was Christian von Boetticher, A5 -0333/2001, 11 October 2001. OJ C 11
2E/32, 9.5.2002. 82 Report by Carlos Coehlo, A5-0436/2002, 4 December 2002.
Brouwer ch-04.indd 91 4/4/2008 5:39:59 PM
92 Chapter 4
According to them, the defi nitions of “new functions for the Schengen Information System” and “fi ght against terrorism” were used as pretext both for extending access to the SIS (and its successor SIS II) by Europol, Eurojust and the authori-ties dealing with residence permits, and for eroding citizens guarantees regarding the processing of their personal data and the exchange of such data with third countries. Th e Council should be called upon to make the SIS more reliable by harmonising and improving the quality of the data reported at national level by the SIRENE offi ces. According to this minority report, data currently reported by SIRENE are often incorrect or inaccurate and reported on the basis of diff erent national legal systems, a practice which jeopardised the rights of both European and third-country citizens. Furthermore, the two MEPs underlined in their minority report the need to provide binding guarantees regarding the processing of personal data under the third pillar.
On 20 November 2003, the EP adopted a recommendation on SIS II.83 In general, the (plenary) EP agreed upon the need to extend the use of SIS II and even its inter-operability with other databases such as VIS and Eurodac , and the inclusion of biometric data (see Chapter 5). However, it did criticise the so-called salami tactic or piecemeal approach of the Council with regard to current decision-making on the SIS, since this would hamper a general understanding of the real implications of the decisions taken. Rapporteur Coelho referred to the diff erent ideas pursued in diff erent forums and with a diff erent legal status. He empha-sised the need to distinguish the technical development of SIS II as such, the Spanish initiatives concerning the introduction of some new functions for the SIS (including those in the fi ght against terrorism), the occasional legislative proposal emerging from the political discussions and closely-related questions such as the procedure to amend the SIRENE manual or the practical implemen-tation of the European Arrest Warrant through the SIS.84 Coelho described this approach as “very opaque, diffi cult to follow even by experts and completely incomprehensible for normal people.” Th e rapporteur further held that it is “not very democratic since formal legislative proposals only see the light of the day after years of discussion in various Council working groups and only when a consensus among Member States is reached.” Furthermore, his recommendation also supported the proposal, as mentioned above, to adopt binding rules on data processing under the third pillar. In an eff ort to involve a wider audience in the development and decision-making regarding SIS II, the LIBE Committee of the EP organised a meeting on SIS II on 6 October 2003.
83 A5-0398/2003, 7.11.2003, OJ 87, 7.4.2004. 84 In its report on the second-generation SIS, A5-0398/2003, 7 November 2003, p. 12.
Brouwer ch-04.indd 92 4/4/2008 5:39:59 PM
New Functionalities for SIS and the Development of SIS II 93
Th e negotiations on the fi nal outcome of the decision establishing the Regulation and Decision on SIS II was taken at the so-called tripartite meetings between the Council, the Commission and the EP.85 At these meetings, which take place behind closed doors, the representatives of the three institutions try to reach a compromise which will be acceptable to all parties involved. As this is generally drafted with great diffi culty, the compromise text will not easily be rejected when it reaches the plenary session of the EP. In general, this legislation process cannot be considered very transparent. On the other hand, these “informal trialogues” with the Commission and Council, enable the rapporteur of the European Parliament to negotiate and to reach agreement on some amendments improving, for example, the data protection rights of the data subjects.86
6. Final Texts of the Regulation and Decision on SIS II
6.1. Purpose
In December 2006, the Council adopted the fi nal text of Regulation (EC) 1987/ 2006 on the establishment, operation and use of the second generation Schengen Information System (SIS II).87 According to Article 1 (2) of the Regulation, the purpose of SIS II is “to ensure a high level of security within the area of freedom, security and justice of the European Union, including the maintenance of public security and public policy and the safeguarding of security in the territories of the Member States” and to apply the provisions of Title IV of the EC Treaty relating to the movement of persons in their territories, using information communicated via this system. Th e new defi nition of the purposes of SIS II is almost the same as the defi nition used in Article 93 CISA for SIS I, except that the new Regulation refers explicitly to the goal of “ensuring a high level of security”. Th e addition of this latter goal illustrates the new emphasis on security in EU policy with regard to the use of databases such as SIS II. Compared to the former rule in Article 93 on the use of SIS I, the new provision is also not very precise. Th e defi nition of the purpose of SIS II leaves the Member States a wide margin for interpretation.
85 European Parliament legislative resolution on the proposal for a Council decision and Regulation on the establishment, operation and use of the second generation Schengen information system (SIS II), adopted on 25 October 2006. Based on the reports of EP rapporteur Coelho, A6-0353/2006 and A6-0355 of 13 October 2006.
86 For example, with regard to the limitation of the conservation periods of alerts in the SIS, the lifting of the territorial limitation in the right to legal remedies, and the refusal to allow internal security agencies access to SIS II, see further below.
87 OJ L 381/4, 28.12.2006.
Brouwer ch-04.indd 93 4/4/2008 5:40:00 PM
94 Chapter 4
6.2. Criteria for Th ird-Country Nationals to be Stored in SIS II
6.2.1. Commission Proposal – Trying to Harmonise National CriteriaTh e adoption of the Regulation on SIS II would have been a good opportunity to provide for harmonised criteria for the registration of third-country nationals to be refused entry. Th e need to provide for more standardised criteria has been advocated both by the European Commission and by the Joint Supervisory Authority of SIS, the data protection authority responsible for controlling CSIS; see further Chapter 8.88 Th e draft Regulation of the European Commission of May 2005 (see the texts at the end of this chapter), provided for a further har-monisation of the grounds for issuing alerts to third-country nationals to be refused entry. For example, with regard to the penalties for which a person was sentenced and for which he or she could be recorded in the SIS, the Commission proposal referred to the off ences listed in the Council Framework Decision 2002/584 on the European Arrest Warrant . With regard to third-country nationals subjected to a re-entry ban, the Commission proposal referred to the (proposed) Directive on return. Th e EU Member States were unable (or unwilling) to reach agreement on the proposal from the Commission and, in a text for-warded by the Austrian Presidency in January 2006, Article 15 was more or less redrafted in the same wording as Article 96 CISA.89 In addition, other provi-sions of the Commission proposals were also changed in accordance with the original CISA rules. According to the Austrian Presidency, the opposition to the Commission’s approach for more harmonisation was based on the concern of the ‘various’ governments that the drastic departure from the provisions of the existing Schengen Acquis “might needlessly jeopardise the smooth transition from the fi rst generation SIS to the second generation and would also mean a degradation of the eff ectiveness of the system compared to the existing SIS”.90 It is however also reasonable to believe that Member States were reluctant to amend their national rules with regard to the criteria on listing third-country nationals as inadmissible persons.
6.2.2. Final Criteria: Th e Individual Assessment and Proportionality ClauseArticle 24 of the Regulation on SIS II includes the criteria on the “conditions for issuing alerts on refusal of entry or stay” Th is provision includes in general the same categories as provided for in Article 96 CISA. Like the latter provision, Article 24 (1) stipulates that data on third-country nationals shall be reported
88 Recital 10 of the draft Regulation, COM (2005) 236, 31 May 2005 and the Opinion of the JSA on the proposed legal basis for SIS II, 27 September 2005, p. 22.
89 See the Discussion note 8537/06, 20 April 2006, p. 5 and the Austrian proposal 5709/06, 27 January 2006.
90 Note of the Austrian Presidency, 5596/06 27 January 2006.
Brouwer ch-04.indd 94 4/4/2008 5:40:00 PM
New Functionalities for SIS and the Development of SIS II 95
into SIS II on the basis of a national alert resulting from a decision taken by the competent administrative authorities or courts in accordance with the rules of procedures laid down by national law.
What is new compared to Article 96 CISA is the provision in Article 24 (1), according to which a national decision to issue an alert should be taken “on the basis of an individual assessment”.91 In a draft of the Regulation regarding SIS II of June 2006, this new condition was provided in a separate sentence: “Th e deci-sion may only be taken on the basis of an individual assessment”. Th e fi nal text of Article 24 states that a SIS II alert shall be based “on a national alert resulting from a decision taken by the competent administrative authorities or courts in accordance with the rules of procedure laid down by national law taken on the basis of an individual assessment”. Even if the formulation of the fi nal text of Article 24 is less clear, this does not mean that the new requirement of an indi-vidual assessment for each national decision on which an alert can be issued is any less imperative. Th is new provision makes it clear that national authorities can-not report third-country nationals “automatically” on the basis of another decision which is taken with regard to this person , for example an expulsion decision. For each individual case, the national authorities will have to consider whether the national criteria and the criteria of the Regulation are met and whether the reasons at stake merit registration in SIS II.
Th is individual assessment requirement should be read together with the so-called proportionality clause in Article 21 of the SIS II Regulation (and SIS II Decision). Th is provision goes further than the clause which was included in Article 94 (1) CISA. As we have seen above, according to this latter provision Member States issuing an alert should determine in advance whether the case is “important enough to warrant the entry of the alert in the SIS”. Th e new Article 21 provides: “Before issuing an alert, Member States shall determine whether the case is adequate, relevant and important enough to warrant entry of the alert in SIS II”. With the addition of the criteria of ‘adequacy’ and ‘relevance’, the new provision makes it clear that the importance of the case or matter for which a person is to be reported is not enough. Th ere should be a direct relationship between the reason for which a person is to be reported in SIS II and the added value or eff ect the registration will have for the reporting national authorities. Both rules – the individual assessment requirement and the proportionality clause – are important limitations on the power of national administrations to enter information on third-country nationals (or other persons, when dealing with the Decision on SIS II) into SIS II.
As in Article 96 CISA, Article 24 (2) of the Regulation includes two main categories of reasons for which an alert as understood in this provision can be
91 5709/6/06, June 2006.
Brouwer ch-04.indd 95 4/4/2008 5:40:00 PM
96 Chapter 4
registered in SIS II. Firstly, alerts may be reported in SIS II when the decision is based on a threat to public policy or public security or to national security , which the third-county national on national territory may pose. Th is situation shall arise in particular (italics mine) in cases of:
a. a third-country national who has been convicted of an off ence by a Member State, carrying a penalty involving imprisonment of at least one year;
b. a third-country national in respect of whom there are serious grounds for believing that he has committed a serious criminal off ence or in respect of whom there are clear indications of an intention to commit such off ences on the territory of a contracting party.
Where Article 96 (2) (b) requires that a decision to report a person in the SIS should be based on “a clear evidence”, Article 24 (2) (b) of the SIS II Regulation only refers to “clear indications of an intention to commit such off ences”. Th is means that under the new provision, the clear indication of such intention is considered suffi cient for registration in SIS II. What exactly will fall under “clear indications” is not further specifi ed. As in the former Article 96 CISA, the criteria as mentioned above are not limitative. Th erefore, third-country nationals may also be registered in SIS II for other reasons based on public order or security grounds.
Secondly, an alert can be registered in SIS II when the decision referred to in the fi rst paragraph of Article 24 was based on the fact that the third-country national was subject to measures involving expulsion, refusal of entry or removal which have not been rescinded or suspended, including or accompanied by a ban on entry or, where applicable, a ban on residence based on a failure to comply with national regulations concerning the entry or residence of third-country nationals. Th ese criteria are the same as provided for in Article 96 (3) CISA except that, with regard to this category as well, the new criterion mentioned above applies, stating that national decisions to issue an alert may only be taken on the basis of an individual assessment.
To compensate for the lack of harmonised criteria in the current provision of Article 24 of the SIS II Regulation, the Commission and the EP insisted upon the inclusion of a sunset clause in Article 24 (5). Th is requires the Commission to evaluate the application of this provision, three years after the date of its application. On the basis of that review, the Commission shall, using its right of initiative under the EC Treaty, “make the necessary proposals to modify the pro-visions of this Article to achieve a greater level of harmonisation of the criteria for entering alerts”.
6.2.3. SIS II and Terrorist Lists Th e Regulation on SIS II provides for a new category of third-country nationals to be refused entry or stay. Article 26 provides that a third-country national may
Brouwer ch-04.indd 96 4/4/2008 5:40:00 PM
New Functionalities for SIS and the Development of SIS II 97
be registered in SIS II if he or she is the object of a restrictive measure intended to prevent entry into or transit through the territory of Member States, including those implementing a travel ban issued by the Security Council of the United Nations. Th is new category, which was also included in the Commission pro-posal, refers to persons listed on the EU terrorist lists based on decisions by the Sanctions Committee of the Security Council of the United Nations. Importantly, Article 26 includes an exception to the general rule of Article 23, that an alert cannot be reported without the information on the name and sex of the person, a reference to the decision giving rise to the alert and the action to be taken. It is unclear how persons listed on the EU or UN terrorist list can be registered in SIS II without their names or reference to the action to be taken, unless it is the intention of Member States to enter these persons in SIS II solely on the basis of the use of their biometric data, such as fi ngerprints.
6.3. EU Citizens and Privileged Th ird-Country Nationals
Unlike the CISA provisions, the new Regulation provides for explicit rules with regard to the registration of third-country nationals who are benefi ciaries of EU law or who have obtained EU citizenship .
In the fi rst place, Article 3 (d) of the SIS II Regulation provides a narrow defi -nition of “third-country nationals”. According to this defi nition a third-country national is an individual who is neither “a citizen of the European Union within the meaning of Article 17(1) of the Treaty, nor a national of a third country who, under agreements between the Community and its Member States on the one hand, and these countries, on the other, enjoys rights of free movement equivalent to those of citizens of the European Union”.
Furthermore, according to the new Article 25, an alert concerning a third-country national who is a benefi ciary of the Community right of free movement within the meaning of Directive 2004/38 shall be grounded “in conformity with rules adopted in implementing the Directive”.92 A new paragraph 2 has been added to Article 25 providing that, in cases of a hit or alert concerning a benefi ci-ary of freedom of movement , the Member State concerned will immediately consult the issuing Member State. Th is consultation is to take place by means of its national SIRENE offi ce, in accordance with the provisions of the SIRENE Manual in order to decide without delay on the action to be taken.
Th e fi nal text of the Regulation further includes the obligation for Member States to erase alerts on persons as soon as the Member State issuing the alert becomes aware that the person has acquired EU citizenship (Article 30). However,
92 Directive 2004/38 provides rules on the freedom of movement of EU citizens and their family members (dealt with in Chapter 9).
Brouwer ch-04.indd 97 4/4/2008 5:40:00 PM
98 Chapter 4
the fi nal text no longer includes the obligation, as proposed by the Commission, also to erase the data on third-country nationals who become family members of EU citizens. Th e registration of this category of persons may lead to situations which are in breach with the Directive 2004/38. Th is has been clarifi ed by the ECJ in 2006 in the case Commission v. Spain.93 In this judgment, the ECJ ruled that the refusal of entry or a visa to a third-country national who is a family member of an EU citizen infringes upon the rights of these persons under EC law when this measure is solely based on the listing in the SIS.
6.4. Inclusion of Biometrics in SIS II as an Identifi cation Tool
As far back as October 2000, the SIS Working Group discussed the possibility of adding DNA profi les and/or fi ngerprints to the reports held in SIS II.94 During the Ecofi n Council of 20 June 2002, it was agreed that identifi cation material, notably photographs and fi ngerprints, could in principle be incorporated into alerts on persons, but that a technical feasibility study would be awaited.95 Whether on the basis of the outcome of this (unpublished) study or not, the JHA Council fi nally decided at its meeting of 5–6 June 2003 that SIS II should allow for the storage, transfer and possible querying of biometric data, especially photographs and fi ngerprints.96
Initially, in a note of July 2004, the Dutch Presidency confi rmed that biometric identifi ers would only be used for verifi cation purposes.97 Th is note dealt specifi -cally with the question of whether the SIS II would become a tool for investigative purposes, acknowledging that, so far, this subject (the purposes of SIS) had only been dealt with using a piecemeal approach. Th e European Data Protection Supervisor and the Article 29 Working Party, an independent EU advisory body on data protection and privacy, criticised the use of biometric identifi ers because technological reliability would not allow for secure and reliable identifi cation.98 Despite these critical observations by both data protection authorities and IT
93 31 January 2006, C-503/03. See, further on this judgment, Chapter 9, section 2.3.2. 94 12400/00. 95 9773/02, see p. 4, the conclusions of which were adopted by the Ecofi n Council, 10089/02
(Presse 181). 96 9845/03 (Presse 150). 97 11055/04. 98 Opinion of the European Data Protection Supervisor on VIS, Brussels, 23 March 2005 (also
referred to in Chapter 7) and Opinion 6/2005 on the Regulation and Decision on SIS II of the Article 29 Data Protection Working Party Data, 25 November 2005. See also the earlier opin-ions of this Working Party with regard to the use and storage of biometric data available at: http://ec.europa.eu/justice_home/fsj/privacy/workinggroup/index_en.htm.
Brouwer ch-04.indd 98 4/4/2008 5:40:00 PM
New Functionalities for SIS and the Development of SIS II 99
experts, it became clear during the negotiations that the majority of Member States favoured the use of biometrics as a primary search tool.99
Initially, Article 22 (b) of the SIS II Regulation only allows for the use of photo-graphs and fi ngerprints to confi rm the identity of a third-country national “who has been located” as a result of an alphanumeric search of SIS II. Article 22 (c) of the Regulation does however include the option that, in future, “as soon as this becomes technically possible” fi ngerprints may be used as sole identifi er.100 SIS II will then be searchable solely on the basis of fi ngerprints without the need for further information, such as fi rst name or surname. Apparently, under pressure from the EP, the fi nal text includes the condition that before this option is implemented, the Commission has to report to the Council and the EP on the availability and readiness of the required technology.
During the negotiations on the development of SIS II, some Member States decided to start exchanging fi ngerprints and photographs, as supplementary information to the SIS information. For the exchange of these photographs and fi ngerprints, the law enforcement authorities in the SIRENE offi ces use the so-called ‘SIRPIT ’ method (SIRene PIcture Transfer). Participation in the project is voluntary and in 2006 it was only used by a limited group of Member States. In June 2006, the Council for Justice and Home Aff airs agreed upon a recom-mendation to extend the use of this method to other Member States as well.101
6.5. Authorities Allowed Access to SIS II
According to the original proposal by the Commission of May 2005, informa-tion on third-country nationals stored in the SIS would only be accessible to the authorities responsible for border controls and to authorities issuing visas. Th e fi nal text of the Regulation on SIS II more or less follows the former provision included in Article 101 CISA.
Article 27 (1) of the SIS II Regulation states that access to data entered in SIS II and the right to search such data directly or in a copy of SIS II data:
“shall be reserved exclusively (italics mine) for the authorities responsible for the identifi cation of third-country nationals for the purposes of:
99 8537/06, 20 April 2006. 100 Article 22 (c) reads, “as soon as this becomes technically possible, fi ngerprints may also be used
to identify a third-country national on the basis of his biometric identifi er. Before this func-tionality is implemented in SIS II, the Commission shall present a report on the availability and readiness of the required technology, on which the European Parliament shall be consulted.”
101 Based on an Italian proposal of 28 March 2006, the Council agreed on this point at its meeting of 10 June 2006, 9696/1/06.
Brouwer ch-04.indd 99 4/4/2008 5:40:00 PM
100 Chapter 4
a. border control in accordance with the Schengen Borders Code 102 and:
b. other police and customs checks carried out within the Member State concerned, and the coordination of such checks by designated authorities.”103
In addition, Article 27 (2) provides for access to SIS II by “national judicial authorities, including those responsible for the initiation of public prosecutions in criminal proceedings and judicial inquiries prior to charge, in the performance of their tasks, as provided for in national legislation, and by their coordinating authorities.” As we have seen above, access by the judicial authorities was already made possible by virtue of Article 101 (1) CISA as amended by the Regulation 871/2004. Th e reference in Article 27 (2) to “coordinating authorities” is however new and was added shortly before fi nal adoption of the text. It is a vague concept and leaves unclear which authorities exactly will fall within this description.
Finally, Article 27 (3) provides that authorities issuing visas and central author-ities examining visa applications shall have access to the data entered in SIS II as well as the right to search these data directly. Th e same provision includes the right to access and to direct search by “authorities responsible for issuing resi-dence permits and for the administration of legislation relating to third-country nationals in the context of the application of the Community acquis relating to the movement of persons”. Th is provision was already included in Article 101 (2) CISA. Furthermore, Article 28 of the SIS II Regulation repeats the general prin-ciple of Article 101 (3) CISA and states that “users may only access data which they require for the performance of their tasks”.
As mentioned above, the German government proposed amending Article 37 of the SIS II Decision, in order to give national intelligence services access to alerts held in the SIS II, including data on third-country nationals based on Article 24 of the Regulation.104 Th is proposal was rejected by the European Parliament. Th e fi nal text of the SIS II Decision does not allow intelligence serv-ices to have access to SIS II. However, as we have seen above, Article 27 (1) (b) of the SIS II Regulation, even if the texts is not clear, implies access to “designated authorities” for the purpose of coordination of police and customs checks. We will see in Chapter 5 that in 2005 the Council agreed that internal security agencies would be allowed access to the Visa Information System or VIS.105 In June 2007,
102 Community Code on the rules governing the movement of persons across borders, OJ L 105, 13.4.2006.
103 5709/6/06. See also the draft of the Austrian Presidency of January 2006 which, for the fi rst time, included this extended use of data on third-country nationals, 5709/06, 27 January 2006.
104 12260/06, 21 August 2006. 105 Conclusions of the Council, 6811/05. See below, Chapter 5, section 3.2.
Brouwer ch-04.indd 100 4/4/2008 5:40:00 PM
New Functionalities for SIS and the Development of SIS II 101
the Council formally adopted the decision granting “designated authorities of the Member States” access to VIS. “Internal security agencies’ was now replaced by this more vague ‘designated authorities’. In the light of these developments, and the proposed interoperability between SIS and VIS, it seems unlikely that the information held in SIS II will remain inaccessible to national security and intelligence agencies.106
Article 39 of the SIS II Regulation explicitly prohibits the transfer of data processed in SIS II, according to this Regulation, to third parties or to interna-tional organisations. Th is provision was included following the proposal by the European Parliament.
Finally, In Article 18 (2) of its proposal, the Commission proposed granting asylum authorities access to the data on third-country nationals in SIS II for the implementation of the Dublin II Regulation. Th is option was deleted from the later proposals. Th is decision could be based on the fact that the Regulation on the EU Visa Information System (VIS), see Chapter 7, already provides for access by asylum authorities and thus off ers those authorities information on which Member State issued a visa to the person concerned, in order to enable them to establish which state is responsible for the asylum application.
6.6. Interlinking of Alerts
As we have seen above, the possibility of interlinking diff erent alerts within SIS II has long been on the agenda. In practice, this new option included in the SIS II Regulation and Decision will signifi cantly amend the original function and purpose of SIS. Th is includes the possibility for the authorities, when report-ing a person in SIS II on the basis of the defi ned categories of reasons, to enter an additional link to data on other persons as well. Interesting examples of such cases in which information in the SIS II may be linked to information on other persons or even objects were described in a note from the Dutch Presidency dated 30 November 2004.107 Th is note listed which alerts (including registrations on persons wanted for secret surveillance, missing children or stolen identity documents) can be linked to other categories of data. With regard to the registra-tions based on Article 96 CISA, the note gave the following examples (between brackets are the former provisions of CISA):
1. EU national off ender + convicted companion to be refused entry (95–96);2. family members (96–96);3. parent to be refused entry + a missing child (96–97);
106 Press release JHA Council, 12–13 June 2007, 10267/07 (Presse 125), p. 15. 107 12573/2/04, 12 November 2004.
Brouwer ch-04.indd 101 4/4/2008 5:40:00 PM
102 Chapter 4
4. persons to be refused entry + a witness in an illegal immigration case (96–98);5. husband is convicted criminal to be refused entry + wife is suspected terrorist
(96–99);6. person to be refused entry + suspects in illegal immigration case (96–99);7. person to be refused entry using own car/boat/aircraft (96–99);8. person to be refused entry using stolen identity document (96–100).
Th e text as fi nally included in Article 37 of the SIS II Regulation includes a general power for a Member State to “create a link between alerts it enters in SIS II”. Th is provision does not require national authorities to forward any reason why they create an alert between two or more alerts but, according to Article 37 (4), the link may only be created “when there is a clear operational need”. Furthermore, according to Article 37 (3), authorities with no right to access to certain catego-ries of alert shall not be able to see the link to an alert to which they do not have access. Th is means that national authorities having access to SIS II will only gain access to the linked data if they are authorised to have access to the categories of data involved.
If another Member State considers that the creation of a link between alerts is incompatible with its national law or international obligations, Article 37 (6) stipulates that it may take the necessary measures to ensure that there can be no access to the link from its national territory or by the authorities located outside its territory. It is unclear how this provision should be implemented in practice.
6.7. Change of Architecture
Th e structure of the current SIS includes a network between the central SIS (C-SIS) in Strasbourg and the national SIS (N-SIS) in each Schengen State (Article 4 (1) of the SIS II Regulation). In this structure, the C-SIS contains exactly the same data as every national SIS database. Based on the SIS II Regulation and Decision, SIS II will maintain more or less this same structure. It will include a central system (the Central SIS II), consisting of a technical sup-port system (referred to as CS-SIS) and uniform national interfaces (NI-SIS) on the one hand, and national sections (N.SIS II) on the other hand.108 Th e diff er-ence compared to the current SIS will be that the SIS alerts forwarded by the Member States are inserted in the CS-SIS via the national interfaces. Th ese national interfaces will not hold the SIS data, but Member States may choose to maintain, as part of the N.SIS II, a “national copy” of the SIS database “for their own account and at their own risk”. Th ese national copies include a complete or
108 See also the Commission Staff Working Paper of February 2003, COM SEC (2003) 206 attached to 6615/03, 28.2.2002.
Brouwer ch-04.indd 102 4/4/2008 5:40:00 PM
New Functionalities for SIS and the Development of SIS II 103
partial copy of the data held in the reference database of CS-SIS. A communica-tion infrastructure exists between CS-SIS and NI-SIS which allows, among other things, for information exchange between the national SIRENE offi ces.
Th e new structure means that the original choice of a central SIS with exact copies at national level has been abandoned. However, as previously mentioned, Member States may choose to maintain national copies of SIS for their own account. Th e information stored in SIS II will be searchable either through the “uniform national interfaces” in each Member State, or using the so-called national copies. Whether this change will improve accessibility and the exchange of information through SIS II in practice is unclear.
Th e location of the Central SIS II remains in Strasbourg, France. For security reasons, a back-up CS-SIS is provided in Sankt Johann im Pongau, Austria (Article 4 (3) of the SIS II Regulation).
6.8. Establishment of the Management Authority
In the original proposal by the Commission (COM (2005) 236) it was envisaged that the Commission itself would be responsible for the operational management of the SIS II. Since the negotiating Member States feared that this would give the Commission too much power to control the management of SIS II, the Council proposed the establishment of a so-called Management Authority. Th e proposal to establish this Management Authority was fi rst mentioned in May 2006 in the Austrian Presidency note on the issue of the long-term management of SIS II.109
Article 15 of the SIS II Regulation provides for the creation of this Management Authority. Th is Authority also will have responsibility for the EU data systems VIS and Eurodac (see Chapter 5). Th is Management Authority will be responsi-ble for the operational management of the Central SIS II, for the supervision, security and the coordination of relations between Member States and the provider. Th e Commission remains responsible for “all other tasks relating to the Communication Infrastructure” including the implementation of budgetary and contractual matters. Th e SIS II Regulation does not include further rules on the composition of the Management Authority or how it will be appointed. In a joint declaration annexed to the Regulation, the EP, the Council and the Commission agreed upon the swift adoption of the legislation necessary for the establishment of this Authority.
6.9. Evaluation and Publication of Statistics on SIS II
According to Article 50 (3) of the Regulation on SIS II, the Management Authority is to publish statistics each year showing the number of records per
109 9169/06, 15 May 2006.
Brouwer ch-04.indd 103 4/4/2008 5:40:00 PM
104 Chapter 4
category of alert, the number of hits per category of alert and how many times SIS II was accessed. Two years after the start of SIS II, the Management Authority will have to submit a report on the technical functioning of the Central SIS II and on the bilateral and multilateral exchange of supplementary information between the Member States (Article 50 (4)). Th ree years after SIS II becomes operational and every four years thereafter, the Management Authority is to pro-duce an overall evaluation of Central SIS II and the bilateral and multilateral exchange of information between Member States.
Th e duty to provide statistics on the use of SIS II is an important tool in assessing the added value of SIS II. However, according to the current text, nei-ther the statistics from the Management Authority nor the evaluation by the Commission will include information on the authorities which gained access to SIS II, the nationalities of the persons stored in SIS II or the decisions or measures based on which a national alert was registered in SIS II.
I will describe the provisions concerning the rights of third-country nationals and the legal remedies in Chapter 7, section 8.4 and 8.5. For now, it is relevant to note that according to Article 43 (3) of the Regulation on SIS II, it is stipu-lated that the Commission must evaluate the rules on remedies as provided in this Article by 17 January 2009.
7. Comparing SIS I and SIS II
7.1. Changing the Purpose of SIS
Initially, the European Commission displayed some caution with regard to changing the original structure and purpose of SIS. In the Communication on the Development of SIS II of December 2001, the Commission emphasised that the current SIS (SIS I) is a reporting system, referring to the fact that SIS provides only clearly defi ned and relatively simple information on a hit/no hit basis.110 In the view of the Commission, the proposals then under discussion would alter the purpose of SIS, transforming it from a reporting system to a reporting and investigating system. Th e Commission warned against the duplication of other information systems in the European context, whether existing or planned systems. Dealing with the appropriate legal basis for SIS, the Commission stressed that SIS is not an end in itself, but is meant to support the implementation of the measures and forms of cooperation referred to in the CISA. Just two years later, in 2003, the Commission presented a much broader view of SIS in its Staff
110 COM (2001) 720, 18.12.2001.
Brouwer ch-04.indd 104 4/4/2008 5:40:00 PM
New Functionalities for SIS and the Development of SIS II 105
Working Paper on SIS II.111 According to this paper, the SIS should be developed into an information system which would have to be “a new, fl exible system based on new technology”, which would not only enable the further integration of new users and functions but also, “in the light of events such as those of 11 September, would not require too long implementation time frames in the future”.
During the discussions on new functionalities for SIS, the Member States seemed less concerned with the benefi ts of a restricted function of the SIS and proposed not only new categories of data to be registered but also new users. Th ese proposals were often initiated on the basis of current developments or demands from national authorities. Initially, Member States were slow to reach agreement on these proposals because this would require time-consuming amendments to the CISA. After 11 September 2001, the decision-making proc-ess was speeded up because the new proposals on extending the use of the SIS were deemed necessary to combat terrorism and to detect possible terrorists at an early stage. Th e changed attitude of the Member States towards the new func-tions of the SIS and SIS II were of course also infl uenced by the progress which had been made in the use of technology, allowing for the storage of increasingly detailed information. Th e multiple use of SIS is especially invoked by increasing the range of authorities with the right to access SIS information, including Europol , Interpol , national vehicle registration authorities and Eurojust . Despite the numerous proposals which have been made by national delegations, com-pared to the current SIS, the categories of data to be registered in SIS II remained almost unchanged. Th e most important changes in this regard are the addition of information on the person or object registered in SIS II, including information on other alerts in SIS II and, with regard to persons in SIS II, the inclusion of photographs and fi ngerprints.
In Chapter 3 we saw that the general goal of the current SIS, described in Article 93, is to maintain public order and safety, including State security, and to implement the provisions of this Convention concerning the movement of per-sons in the territory of the Member States concerned by means of information transmitted via this system. During the discussions on the new functionalities of the SIS, Member States referred to this broad purpose to justify the extension of the use and storage of information in the SIS. However, this defi nition of the purpose of SIS I must be read in combination with the purposes for which each category of objects or persons are registered in the SIS, as described in Articles 95–100 CISA. Th is structure of SIS I provides for restricted categories of
111 See the Commission Staff Working Paper on the development of the second generation Schengen Information System, 2002 Progress Report, 18.2.2003, SEC (2003) 206, which is attached to the Council document 6615/03, 28 February 2003.
Brouwer ch-04.indd 105 4/4/2008 5:40:00 PM
106 Chapter 4
persons and objects stored in SIS; this information is, in principle, only accessi-ble to limited categories of users. Th is explicit restriction of the scope of SIS I was based, among other things, on the need to keep the information system accurate and workable.
With regard to SIS II, the close relationship between the general purpose of SIS II and the purposes as defi ned for each category of alerts, seems to have been abandoned. Th e rules on the diff erent categories of data as provided for in the Regulation and the Decision on SIS II do not explicitly require the registra-tion of these data to be for the sole use or purpose as defi ned in that provision. Th is broadening of the future use of data recorded in SIS II is also implied by the possibility of linking diff erent categories of SIS II alerts. As we have seen above, this allows national authorities to check whether an alert on a person or object registered in SIS II is somehow related to another person or object in SIS II, registered for another purpose. Th is power to create links between diff erent categories of data held in SIS II will undoubtedly increase the investigative use of the SIS.112
Th e combination of the possibility of creating links, the (future) use of bio-metric data as sole identifi er and the access granted to other authorities such as Europol , as well as national law enforcement authorities, has actually changed the original function of SIS. From a hit/no hit database, SIS II has been transformed into a general search or intelligence tool.
7.2. Changes with Regard to the Storage and Use of Data on Th ird-Country Nationals
Aside from the general changes to the functioning of SIS II, an important change with regard to SIS II alerts on third-country nationals is the increase in the range of authorities with access to these data. Article 96 alerts in SIS I were only accessible to national authorities responsible for border, immigration or visa control. Compared to the extended discussions which took place regarding the decision to grant access to Europol , Eurojust and other authorities to SIS in general, the amendments with regard to the alerts on third-country nationals received little attention. Article 27 of the Regulation 1987/2006 allows police and customs authorities ànd national judicial authorities to have access to data on third-country nationals in SIS II. Th e access for judicial authorities was already provided for in Regulation 871/2004 extending the use of SIS I. Th e information stored in the SIS II may be used for checks within the country and, for judicial authorities, during their research for the initiation of public prosecutions in criminal proceedings.
112 See also Hayes (2005).
Brouwer ch-04.indd 106 4/4/2008 5:40:00 PM
New Functionalities for SIS and the Development of SIS II 107
Th e text of the SIS II Regulation also seems to imply access for national security agencies. Article 27 (1) (b) grants access to authorities responsible for the identifi cation of third-country nationals for the purpose of police and customs checks, and “the coordination of such checks by designated authorities”. As mentioned above, during the negotiations on VIS and its use by internal secu-rity agencies, in the fi nal decision the defi nition “internal security agencies” has been replaced by “designated authorities”. Although this text of Article 27 has been approved by the European Parliament, this extension of the use of data on third-country nationals would run counter to the explicit refusal of the European Parliament to grant national intelligence services access to SIS II.
What is also new is the provision in the SIS II Regulation according to which a third-county national listed on a UN terrorist list based on Member States notifi cations may be registered in SIS II for the purpose of refusal of entry or residence. Although, as we saw in Chapter 3, this already had been achieved in practice with regard to SIS I on the basis of an informal agreement, the new explicit provision may give rise to a more extended application of this option.
Considering the legal protection of third-country nationals, an important improvement is the new requirement for national authorities to make an individ-ual assessment before reporting a third-country national in SIS II. Together with the proportionality clause in Article 21, these provisions, if applied correctly, must be interpreted as an important limitation of the power of national author-ities to list third-country nationals in SIS II for refusal of entry or residence. Th ere remains however a striking contradiction between the requirement of individual assessment and the proportionality clause, on the one hand, and an agreement by the Member States reached during the discussions on SIS II and the fi ght against terrorism on the other hand. Based on this latter agreement, national authorities were invited to enter data into SIS II systematically or, in other words, to enter data “as automatically as possible”, requiring no additional operation by the national authority concerned (see section 3.1. above). In Part III we will see that this “systematic” approach with regard to the use of the SIS and SIS II is also advocated by governments at the national level.
Brouwer ch-04.indd 107 4/4/2008 5:40:00 PM
108 Chapter 4
Annex I to Chapter 4
Commission Proposal for a Regulation on SIS II, COM (2005) 236Proposed Article 15 on the conditions for issuing alerts on refusal of entry or stay of the:
1. Member States shall issue alerts in respect of third-country nationals for the purpose of refusing entry into the territory of the member states on the basis of a decision defi ning the period of refusal of entry taken by the competent administrative or judicial authorities, in the following cases;
a. If the presence of the third-country national in the territory of a Member state represents a serious threat to public policy or public security of any Member state based on an individual assessment, in particular if;i. Th e third-country national has been sentenced to a penalty involving depri-
vation of at least one year following a conviction of off ence referred to in Article 2 (2) of Council Framework decision 2002/584/JHA on the European arrest warrant and the surrender procedures between member states;
ii. Th e third-country national is the object of a restrictive measure intended to prevent entry into or transit through the territory of member states, taken in accordance with Article 15 of the EU Treaty.
b. If the third-country national is the subject of a re-entry ban in application of a return decision or removal order taken in accordance with Directive 2005/XX/EC [on Return].
Regulation 1987/2006 on the Establishment, Operation and Use of SIS II:
Article 21 Proportionality
Before issuing an alert, Member States shall determine whether the case is adequate, relevant and important enough to warrant entry of the alert in SIS II.
Article 24 Conditions for issuing alerts on refusal of entry or stay
1. Data on third-country nationals in respect of whom an alert has been issued for the purposes of refusing entry or stay shall be entered on the basis of a national alert resulting from a decision taken by the competent administrative authorities or courts in accordance with the rules of procedure laid down by national law taken on the basis of an individual assessment. Appeals against these decisions shall lie in accordance with national legislation.
2. An alert shall be entered where the decision referred to in paragraph 1 is based on a threat to public policy or public security or to national security which the pres-ence of the third-country national in question in the territory of a Member State may pose. Th is situation shall arise in particular in the case of:
Brouwer ch-04.indd 108 4/4/2008 5:40:01 PM
New Functionalities for SIS and the Development of SIS II 109
a. a third-country national who has been convicted in a Member State of an off ence carrying a penalty involving deprivation of liberty of at least one year;
b. a third-country national in respect of whom there are serious grounds for believ-ing that he has committed a serious criminal off ence or in respect of whom there are clear indications of an intention to commit such an off ence in the territory of a Member State.
3. An alert may also be entered when the decision referred to in paragraph 1 is based on the fact that the third-country national has been subject to a measure involving expulsion, refusal of entry or removal which has not been rescinded or suspended, that includes or is accompanied by a prohibition on entry or, where applicable, a prohibition on residence, based on a failure to comply with national regulations on the entry or residence of third-country nationals.
4. Th is Article shall not apply in respect of the persons referred to in Article 26.5. Th e Commission shall review the application of this Article three years after the
date referred to in Article 55(2). On the basis of that review, the Commission shall, using its right of initiative in accordance with the Treaty, make the necessary proposals to modify the provisions of this Article to achieve a greater level of harmonisation of the criteria for entering alerts.
Article 25 Conditions for entering alerts on third-country nationals who are benefi ciaries of the right of free movement within the Community
1. An alert concerning a third-country national who is a benefi ciary of the right of free movement within the Community, within the meaning of Directive 2004/38/EC of the European Parliament and of the Council of 29 April 2004 on the right of citizens of the Union and their family members to move and reside freely within the territory of the Member States [18] shall be in conformity with the rules adopted in implementation of that Directive.
2. Where there is a hit on an alert pursuant to Article 24 concerning a third-country national who is a benefi ciary of the right of free movement within the Community, the Member State executing the alert shall consult immediately the issuing Member State, through its SIRENE Bureau and in accordance with the provisions of the SIRENE Manual, in order to decide without delay on the action to be taken.
Article 26 Conditions for issuing alerts on third-country nationals subject to a restric-tive measure taken in accordance with Article 15 of the Treaty on European Union
1. Without prejudice to Article 25, alerts relating to third-country nationals who are the subject of a restrictive measure intended to prevent entry into or transit through the territory of Member States, taken in accordance with Article 15 of the Treaty on European Union, including measures implementing a travel ban issued by the Security Council of the United Nations, shall, insofar as data-quality require-ments are satisfi ed, be entered in SIS II for the purpose of refusing entry or stay.
Brouwer ch-04.indd 109 4/4/2008 5:40:01 PM
110 Chapter 4
2. Article 23 shall not apply in respect of alerts entered on the basis of paragraph 1 of this Article.
3. Th e Member State responsible for entering, updating and deleting these alerts on behalf of all Member States shall be designated at the moment of the adoption of the relevant measure taken in accordance with Article 15 of the Treaty on European Union.
Brouwer ch-04.indd 110 4/4/2008 5:40:01 PM
New Functionalities for SIS and the Development of SIS II 111
Annex II to Chapter 4
A. Adopted Law with regard to SIS I and SIS II
SIS II19 December 1996 Schengen unpublished Decision to develop SIS II. Executive Committee29 May 2000 Council Decision 2000/365 Decision concerning the OJ L 131 1.6.2000 request of the UK to take part in some of the provisions of the Schengen aqcuis.28–29 May 2001 JHA Council 9118/01 Priority to develop (Presse 203) SIS II in 2006.
SIS I13 June 2002 Council OJ L190/1, Framework decision 18.07.2002 on the European Arrest Warrant: authorising judicial authorities to issue alerts on persons in SIS for the purpose of surrender procedures.29 April 2004 JHA Council OJ L 162. Regulation 871/2004 30.04.2004 and Decision concerning the introduction of some new functions for the Schengen Information System, including in the fi ght against terrorism.25 February 2005 JHA Council OJ L 68/44, Council Decision 25.03.2005 2005/211 concerning the introduction of some new functions for the Schengen Information System, including in the fi ght against terrorism.
Brouwer ch-04.indd 111 4/4/2008 5:40:01 PM
112 Chapter 4
6 December 2001 JHA Council OJ L 328, Regulation 2424/2001and 13.12.2001 Decision 2001/886 on the development of the second generation SIS (SIS II).20 June 2002 Ecofi n Council 10089/02 Agreement on (Presse 181) principle of entering “identifi cation material, notably photographs and fi ngerprints” into SIS. Agreement on principle of allowing access to data in SIS on the basis of incomplete data.5–6 June 2003 JHA Council 9845/03 Final decision on SIS II (Presse 150) allowing for storage, transfer and possible querying of biometric data, especially photographs and fi ngerprints.5–6 October 2006 JHA Council 13086/06 Adoption of revised (Presse 258) implementation schedule for SIS II, deciding that SIS II should be operational by June 2008.20 December 2006 Council OJ L 381/4 Adoption of Regulation 28.12.2006 1987/2006 on the establishment, operation and use of SIS II.20 December 2006 Council OJ L 381/1 Adoption of Regulation 28.12.2006 1986/2006 regarding access to SIS II by the services responsible for issuing vehicle registration certifi cates.
Annex II. (cont.)
A. Adopted Law with Regard to SIS I and SIS II
Brouwer ch-04.indd 112 4/4/2008 5:40:01 PM
New Functionalities for SIS and the Development of SIS II 113
3 December 1998 European Vienna Action Examine Europol access Council Plan Conclusion to SIS investigation data. 43 (c) 31 May 1999 SIS Working 8835/99 Access to SIS by vehicle Party registration authorities.20 August 1999 German 10629/99 Authorise Europol to delegation consult SIS and, in the longer term, make Europol responsible for performance of CSIS tasks.13 July 2000 French 10353/00 Note Interlinking of data, Presidency on new extension of time limits functionalities on storage of data, SIS II inclusion of fi ngerprints and photographs.20 September 2000 German 11538/00 Access by Europol and delegation credit protection agencies. Replace maximum time limits for storage of data in checking deadlines. Give authorities issuing residence permits to 3rd- country nationals access to stolen/lost documents. Full recording of all SIS searches to improve control of unauthorised access.27 October 2000 SIS Working 12400/00 Adding DNA profi les and/ Party or fi ngerprints to SIS.24 February 2001 Portugal 6577/01 Inclusion of new category of persons: those prohibited from leaving the Schengen area.19 June 2001 Sweden/ OJ C 183/12 Proposal for Regulation Belgium 29.6.2001 and Decision on the development of SIS II.
Annex II. (cont.)
B. Proposals on New Functionalities for SIS and SIS II
Brouwer ch-04.indd 113 4/4/2008 5:40:01 PM
114 Chapter 4
14 September 2001 German 11895/01 Grant asylum authorities delegation access to Article 96 data, to assess which country is responsible for asylum claim (only for transitional period until Eurodac becomes operational).2001 Spain and Italy 6164/5/01 Possibility of carrying out searches on the basis of incomplete data.15 October 2001 Belgian 12813/01 Adding information on Presidency issued visas to Article 96 data to make it possible to check whether a 3rd- country national whose visa has expired has left EU territory. Amending Article 99, enabling the storage of information on “potentially dangerous persons” to be banned from certain events, including sports, cultural, political or social events.29 October 2001 UK 13530/01 Link SIS II to national facial/iris recognition systems, AFIS and Automated Number Plate Recognition Systems. Establishment of restricted-access database of terrorists. Granting security and intelligence agencies access to Article 95, 96 (2), 98, 99 and 100 data in SIS.
Annex II. (cont.)
B. Proposals on New Functionalities for SIS and SIS II
Brouwer ch-04.indd 114 4/4/2008 5:40:01 PM
New Functionalities for SIS and the Development of SIS II 115
5 February 2002 Spanish 5968/02 Proposal to study including Presidency data in SIS “on violent troublemakers in view of mass events.”28 May 2002 Italy 9358/02 Registration in SIS of persons included on UN terrorist lists .25 March 2003 UK 7786/03 Split Article 96 data into two categories: grant law enforcement authorities access to data on 3rd- country nationals registered on public order & security grounds, and immigration offi cers access to data-based immigration or visa law off ences.5–6 June 2003 JHA Council 9845/03 Launch feasibility study (Presse 150) on entering new categories of data (minors precluded from leaving Schengen area, violent troublemakers, other vehicles, works of art, animals, luxury items and easily identifi able objects) and study which biometrics other than fi ngerprints and photographs could be stored in SIS.11 December 2003 Commission COM (2003) 771 Communication on the second generation of SIS and synergies between SIS II and VIS.
Annex II. (cont.)
B. Proposals on New Functionalities for SIS and SIS II
Brouwer ch-04.indd 115 4/4/2008 5:40:01 PM
116 Chapter 4
31 May 2005 Commission COM (2005) Proposals for draft 236, 230, Regulation and Decision and 237 on the establishment, operation and use of second-generation SIS (SIS II) and a Regulation regarding the access to SIS II of national services responsible for issuing vehicle registration certifi cates.28 March 2006 Italy 7867/1/06, Recommendation on the 9696/06 use of SIRPIT. 15 May 2006 Presidency 9169/06 Note on issue of long-term management of SIS II, Proposal on Management Authority for SIS II.
Annex II. (cont.)
B. Proposals on New Functionalities for SIS and SIS II
Brouwer ch-04.indd 116 4/4/2008 5:40:01 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 117–144.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Chapter 5
Other EU Databases Used in the Field of Immigration Control: Eurodac and VIS
“As regards the better identifi cation of wanted persons whilst the storage of personal data in criminal databases is justifi ed due to past and real or suspected behaviour of the individual (which must be substantiated), this is not the case for EURODAC or VIS. Neither the claiming of asylum nor a visa application indicates in any way that a hitherto innocent individual will commit a criminal or terrorist act.”1
1. Introduction
Th e focus of this study lies on SIS, SIS II and the registration of inadmissible third-country nationals. Aside from SIS II, two other large-scale information systems provide for the exchange of information on third-country nationals: Eurodac and VIS. For several reasons, I consider it important to describe these databases which have been established within the framework of the EU law. Firstly, both VIS and Eurodac are used for immigration control and only include data on third-country nationals. Th erefore, the same problems which arise for persons reported in SIS or SIS II, may also arise in relation to Eurodac and VIS. Secondly, the use of VIS and Eurodac is closely related to the use of SIS II. Based on the so-called principle of interoperability , the EU policy-makers envisage interlinking these databases with SIS II. Th e interoperability of the diff erent EU databases is facilitated by the inclusion of biometric data not only in the data systems, but also in the EU passport and other travel documents. Th e development of Eurodac and VIS and the use of biometrics will be covered in the following sections. Finally, I will highlight the most important diff erences and similarities between VIS and Eurodac, on the one hand, and SIS II on the other.
1 Communication of the European Commission on improved eff ectiveness, enhanced interopera-bility and synergies among European databases in the area of Justice and Home Aff airs, COM (2005) 597, 24.11.2005.
Brouwer ch-05.indd 117 4/4/2008 5:38:19 PM
118 Chapter 5
2. Eurodac
2.1. Development and Central Purpose of Eurodac
Eurodac is the fi rst EU ‘Automated Fingerprint Identifi cation System’. It includes the fi ngerprints of asylum seekers and immigrants crossing the external borders of that Member State irregularly. Eurodac, which became operational on 15 January 2003, is based on Regulation (EC) No. 2725/2000 concerning the establishment of ‘Eurodac’ for the comparison of fi ngerprints for the eff ective application of the Dublin Convention of 11 December 2000.2 Th e purpose of Eurodac is to facilitate the application of the Dublin Convention of 1990 to establish which state is respon-sible for an asylum application.3 Meanwhile, the Dublin Convention has been replaced by Council Regulation 343/2003 (Dublin II) of 18 February 2003.4 Th e Dublin Regulation includes a list of criteria to establish which Member State is responsible for the examination of an asylum application submitted in one of the Member States.5 Among other things, the Dublin Regulation stipulates that the Member State where the asylum seeker fi rst entered the EU or the Member State issuing a visa or residence permit to the asylum seeker is responsible for the application. Th e Dublin Regulation is based on the so-called ‘single appli-cation’ principle. Th e application of this Regulation should prevent a person from applying for asylum in more than one country (known as ‘asylum-shopping’). It also seeks to ensure that asylum applications submitted by diff erent members of one family are examined whenever possible by the same Member State. Finally, the implementation of the so-called Dublin criteria should guarantee that at least one Member State deals with the application of an asylum seeker, in order to prevent the problem of ‘refugees in orbit’.
One of the practical reasons submitted by national governments for the need to establish a central registration system for fi ngerprints was the fact that asylum seekers would often destroy all their documents, such as identifi cation cards and
2 OJ L 316, 15/12/2000. See, for the decision on the operability of Eurodac : OJ C 5/2, 10.1.2003.
3 Convention of 15 June 1990, OJ C 254, 1997, entered into force on 1 September 1997.4 OJ L 50/1, 25.2.2003, based on a proposal of the Commission COM (2001) 447, 26 July 2001,
OJ C 304, 30.10.2001.5 See, for a critical assessment of the principle of the Dublin II Regulation: H. Battjes, A Balance
between Fairness and Effi ciency? Th e Directive on International Protection and the Dublin Regulation , EJML, 4: 2002, p. 159–192; U. Brandl, Distribution of Asylum Seekers in Europe?: Dublin II Regulation Determining the Responsibility for Examining an Asylum Application, in: C. Dias Urbano De Sousa & Philippe De Bruycker (eds.), Th e emergence of a European asylum policy/L’émergence d’une politique européenne d’asile, Brussels: Bruylant 2004, p. 33–69; A. Hurwitz, Th e 1990 Dublin Convention : A Comprehensive Assessment, International Journal of Refugee Law 1999 11 (4), p. 646–677.
Brouwer ch-05.indd 118 4/4/2008 5:38:19 PM
Other EU Databases Used in the Field of Immigration Control 119
travel documents, upon arrival in one of the Member States. Th is would make it diffi cult for the authorities not only to identify the person, but also to establish the route travelled and to fi nd out if the person had already applied for asylum in the same or another state. Th is problem was only partly solved by the existing obligation that travel agencies and carrier organisations keep or copy the identity papers or travel documents of passengers on certain fl ights. Back in 1991, when the Immigration Ministers met on 2 December, it was agreed that a feasibility study would be launched regarding a European system to compare dactyloscopic data of asylum seekers. Th is feasibility study was presented to the Ministers dur-ing their meetings of 30 November and 1 December 1992, on the basis of which they decided to investigate the needs and requirements of Eurodac .6 In February 1993, the Legal Service of the Council was asked to give advice on the question of whether Article 15 of the Dublin Convention could be used as the legal basis for the creation of Eurodac.7 Th is provision envisaged the exchange, upon request, of individual data necessary for the examination of an application for asylum, for the establishment of the Member State which is responsible for such an application and for other obligations resulting from the Convention.8 Th e Legal Service confi rmed in its advice of 18 March 1993 that Article 15 provided an adequate legal basis for the establishment of Eurodac.9 However, the Legal Service explicitly stated that Eurodac should not be used for other purposes, such as “the functioning of other international instruments” or “starting criminal investigations against asylum seekers”.
Concluding that the exchange of asylum seekers’ fi ngerprints through Eurodac was technically and legally feasible, the Council of Justice and Home Aff airs (JHA) decided on 23 November 1995 to start the legislative work.10 In a discus-sion paper from 1995, the Council confi rmed that the recording of fi ngerprints in a database, to be called Eurodac, should prevent asylum seekers from applying in more than one state by changing their names or by throwing away their travel and identity papers.11 At the time of the negotiations on Eurodac, ten of the 15 EU Member States were already fi ngerprinting asylum seekers and storing these fi ngerprints in national registers.12 For several reasons, it took another fi ve years
6 WGI 1284 REV 2. 7 SN 1419/93 WGI 1365. 8 Compare with Article 22 of the draft regulation of the Commission (COM (2001) 447). 9 5546/93, JUR 25. 10 11476/95 ASIM 308. 11 4464/1/95 cited in C. Schmid, Eurodac Verordnung. Europäisches System zur Identifi zierung
von Fingerabdrücken, NWV Verlag: Wien 2003, p. 18. 12 Statewatch, Vol. 6, no. 4, July-August 1996, Eurodac : European Union to hold asylum seekers’
fi ngerprints on central computer – draft Convention proposals, p. 2.
Brouwer ch-05.indd 119 4/4/2008 5:38:19 PM
120 Chapter 5
before the Eurodac Regulation was fi nally adopted. One of these reasons was that the organisation of Eurodac was not strongly supported by all Member States. Only a few Member States, such as Germany, the Netherlands and Austria, were especially interested in the distribution mechanism of the Dublin Convention . Southern Member States, such as Italy and Greece, which were often the fi rst country of arrival for asylum seekers, were less interested in the functioning of Eurodac to support this mechanism.13
At the initiative of the Luxembourg Presidency, a draft Eurodac Convention was forwarded to the European Parliament in 1997. Th is meant that, in anticipa-tion of the entry into force of the Amsterdam Treaty , the EP was for the fi rst time given the opportunity by the Council to advise on asylum and migration matters. Th e EP adopted a resolution on the draft Convention in January 1998.14 In this resolution, the EP especially emphasised the necessity of the limited use of Eurodac, the inclusion in the Convention of a reference to the ECHR and the Geneva Convention on the protection of refugees; these proposals were followed by the Council. Th e advice of the EP to include an explicit obligation to delete the data of asylum seekers who obtain refugee status within one month was, however, ignored. Th e JHA Council agreed on the text of the Eurodac Convention at its meeting of 3–4 December 1998. In March 1999, the Council agreed upon a protocol to the Eurodac Convention on the inclusion of the fi ngerprints of illegal immigrants (see below). In the light of the forthcoming entry into force of the Amsterdam Treaty, according to a plan by the Austrian government, it was decided to ‘freeze’ these texts in anticipation of a new EC instrument to be presented by the Commission.
On 26 May 1999, shortly after the entry into force of the Amsterdam Treaty , the European Commission forwarded a proposal for a Eurodac Regulation.15 Th is proposal, including a protocol on illegal immigrants, was based on the ‘frozen’ texts of the Council. Unlike the Council texts, the Commission proposal referred to the direct applicability of EC Directive 95/46 on data protection. Furthermore, the Commission proposal, in a departure from the Council text, conferred certain powers to adopt the implementing rules upon the Commission itself. Th is proposal to limit the implementing powers of the Council met with strong opposition from the Member States and in 2000 the Commission was forced to forward a new proposal, involving a weaker position for the
13 See, on the political debate on Eurodac , Jonathan P. Aus, Eurodac: A Solution Looking for a Problem?, Working Paper no. 9, Centre for European Studies, University of Oslo, May 2006, available at: http://www.arena.uio.no/publications/.
14 A4-0402/97 15.1.1998. 15 COM (1999) 260 fi n., OJ 2000 C 337.
Brouwer ch-05.indd 120 4/4/2008 5:38:19 PM
Other EU Databases Used in the Field of Immigration Control 121
Commission.16 Th e European Parliament was consulted again and again, but now on the basis of Article 63 (1) TEC.17
Th e Eurodac Regulation was the fi rst instrument adopted on the basis of Title IV of the EC Treaty. Th e Regulation applies to all EU Member States, including United Kingdom and Ireland; these countries, in accordance with Article 3 of the Protocol on the position of the United Kingdom and Ireland annexed to the EU Treaties, have given notice of their wish to take part in the adoption and application of this Regulation. On the basis of the Council Decision concerning the signing of the Agreement between the EC, Norway and Iceland regarding the responsibility for asylum applicants, Norway and Iceland are required to apply the Eurodac Regulation.18 Denmark automatically opted out in accordance with Articles 1 and 2 of the Protocol on the position of Denmark annexed to the EU Treaties but, based on an agreement signed between the EU and Denmark on 10 March 2005, now also takes part in the Eurodac Regulation.19 Th e Eurodac Regulation immediately applied to the ten new EU Member States which joined the EU in 2004. One month after their accession, the number of transactions to Eurodac and hits based on this system increased signifi cantly.20 Finally, based on an agreement between the European Communities and Switzerland of 26 October 2004, and a Protocol to this agreement between these latter parties and Liechtenstein, Eurodac will be used by Switzerland and Liechtenstein, depending on a positive evaluation of the application of the Schengen acquis by those states.21 In 2006, Eurodac was used by 27 European states, including the 25 EU Member States, Norway and Iceland.
2.2. Collection, Transmission and Comparison of Fingerprints
Th e Eurodac Regulation is based on the premise that, in principle, each Member State has to take the fi ngerprints “promptly” from every applicant for asylum aged at least 14 years old and transmit these data “promptly” to the Central Unit
16 COM (2000) 100, 15 March 2000. See further, on this competency dispute between the Commission and the Council: S. Peers, Key Legislative Developments on Migration in the European Union, EJML 3/2 (2001), p. 235; E. Brouwer, Eurodac : Its Limitations and Temptations, EJML 4 2002, p. 234, and J.P. Aus (2006), p. 23–24.
17 Th e EP adopted two resolutions, A5- 0059/19990, 18 November 1999, and A5-0219/2000, 21 September 2000.
18 15 March 2001, OJ 93/38, 3/4/2001. 19 See the Council Decision of 21 February 2006 on the conclusion of this Agreement between
Denmark and the European Community, OJ L 66/38, 8.3.2006. 20 Second annual report on Eurodac , Commission Staff Working Paper SEC (2005) 839, 20.06.2005. 21 See for the Protocol between EC, Switzerland, and Liechtenstein, COM (2006) 753. I did not
fi nd any offi cial publication of the Dublin/Eurodac agreement between Switzerland and the EC of 26 October 2004.
Brouwer ch-05.indd 121 4/4/2008 5:38:19 PM
122 Chapter 5
(Article 4 (1) of the Regulation). Th e Central Unit, based in Luxembourg, is established under the responsibility of the European Commission and controls the central database of fi ngerprints in accordance with Article 3 of the Eurodac Regulation. Th e procedure for taking fi ngerprints takes place in accordance with the national practice of the Member State concerned.
Th e minimum age of the persons from whom fi ngerprints can be taken was one of the main discussion points in the negotiations. Whereas most countries wanted to raise this minimum age, the Netherlands proposed lowering this mini-mum age to 12, in accordance with its own national law.22 Th e European Parliament strongly opposed the minimum age of 14, arguing that this would be contrary to existing international instruments protecting the rights of children. Th e proposed amendment by the European Parliament to raise the minimum age to 18 was however ignored by the Council.
It is important to underline that, unlike SIS and VIS, Eurodac contains no name or address of persons. Based on Article 5(1), points (a) to (f ) of the Eurodac Regulation, the following information is recorded in Eurodac:
– the Member State of origin;– the place and date of the application for asylum ;– fi ngerprint data;– sex;– the reference number used by the Member State of origin;– the date on which the fi ngerprints were taken; and– the date on which the data were transmitted to the Central Unit.
National authorities should forward to the Eurodac Central Unit the fi ngerprints of all individuals aged 14 and over who apply for asylum or who were appre-hended while illegally crossing borders. Th e Central Unit will check whether the fi ngerprints forwarded by the national authority are already stored in the system. If so, the national state will be informed of this ‘match’ and of the Member State which previously forwarded the fi ngerprints. States may also forward fi ngerprints of persons found illegally present within their country. Based on a request from a Member State, the Central Unit can compare the fi ngerprints with data previ-ously transmitted by the same Member State. Th is means that Eurodac can also be used by a Member State to check whether a person has previously applied for asylum on its own territory.
Only the Member State of origin can have access to the data which it trans-mitted to Eurodac and only this Member State can have these data corrected (Article 15 (1) and (3) of the Eurodac Regulation). If the Member State of origin
22 Council doc. 10191/3/97, 27.11.1997 and 11868/1/98, 5.11.1998 (author’s archive).
Brouwer ch-05.indd 122 4/4/2008 5:38:19 PM
Other EU Databases Used in the Field of Immigration Control 123
recorded the data directly in the central database, it may also amend or erase the data directly. Otherwise, the data are amended or erased by the Central Unit (Article 15 (6) Eurodac Regulation).
According to Article 6 of the Regulation, data on asylum seekers are to be stored for 10 years from the date on which the fi ngerprints were taken. Only if the person concerned has acquired the citizenship of one of the Member States before this time limit expires, the data are to be deleted “as soon as the Member State of origin becomes aware that the person has acquired such citizenship” (Article 7).
2.3. Extension to Illegal Immigrants
Not until a later stage in the Eurodac negotiations was it agreed to extend the Eurodac Regulation to fi ngerprinting illegal immigrants.23 In response to the arrival of a large number of (Kurdish) immigrants from Northern Iraq in Europe in 1997, the Northern European countries in particular pressed for this exten-sion. In December 1997, the Schengen Executive Committee concluded that it could be necessary to take the fi ngerprints of every illegal immigrant whose iden-tity could not be established without doubt and to store this information for exchange with other Member States.24 In point 46 of the Action Plan of the EU Council of 26 January 1998 (Infl ux of migrants from Iraq and the neighbouring region) the taking of fi ngerprints from illegal immigrants was deemed necessary, “to curb the entry into the EU of illegal refugees”. Point 17 urged the Member States to examine without delay whether Eurodac should be extended to illegal immigrants. On 21 April 1998, under strong pressure from the German delega-tion, the Schengen Executive Committee adopted a formal decision with regard to the “fi ngerprinting of every foreign national entering the Schengen area ille-gally whose identity cannot be established with certainty on the basis of valid documents”.25
Th e extension to illegal immigrants was to be based on Article 15 (1), Article 10 (1c) and (1e) of the Dublin Convention . As we have seen above, Article 15 of this Convention prescribed the exchange of individual information in application of the Dublin Convention. Article 10 (1c) and (1e) of the Convention referred to the obli-gation of a Member State to readmit an asylum seeker who has formerly applied for asylum on its territory and whose application is either being processed or has been rejected and who is later found illegally on the territory of another Member State. Whether these provisions included an accurate basis for the fi ngerprinting of persons
23 See, for backgrounds, Statewatch Bulletin, January-February 1998, Vol. 8, no. 1. 24 15-12-1997, SCH/Com-Ex/97/44 rev. 2. 25 SCH/Com-Ex/98/1 rev. 2, OJ 22 September 2000, cited in Jonathan P. Aus (2006), ibid., p. 18.
Brouwer ch-05.indd 123 4/4/2008 5:38:20 PM
124 Chapter 5
who do not apply for asylum has been called into question.26 In a report to the Council in 1998, the Legal Service of the Council concluded that “the inclusion in Eurodac of data relating to persons who legitimately crossed the external frontiers of a Member State, but had later been found residing unlawfully in a Member State cannot be justifi ed”.27
Th e current text of the Eurodac Regulation distinguishes two categories of illegal immigrant: fi rstly, third-country nationals who are apprehended by the competent control authorities in connection with irregular crossing by land, sea or air of the border of that Member State, having come from a third country and who are not turned back (Article 8) and, secondly, third-country nationals found illegally present on the territory of a Member State (Article 11).28
Data on persons who cross an external border irregularly are recorded for the sole purpose of comparison with data on applicants for asylum subsequently transmitted to the Central Unit.29 Th e Central Unit may not compare this data with any data previously recorded in the central database, nor with data sub- sequently transmitted to the Central Unit pursuant to Article 8. According to Article 10, fi ngerprints of third-country nationals apprehended in connection with the illegal crossing of external borders shall be stored in the central database for only two years from the date on which the fi ngerprints of the alien were taken. Upon expiry of this period, the Central Unit shall automatically erase the data from the central database. Article 10 (2) of the Eurodac Regulation further provides that this data has to be deleted immediately if the Member State of origin becomes aware that the person concerned has left the territory of the Member States, has been issued with a residence permit, or has acquired the citizenship of any Member State. Th is is thus a more stringent provision with regard to the deletion of data, compared to the rule which applies to the storage of fi ngerprints of asylum seekers; see above.
Th e fi ngerprint data on persons found illegally present within the territory of a Member State (the second category) are only to be transmitted to the Central
26 See also B. Schröder, Das Fingerabdruckvergleichssystem EURODAC, ZAR 2/2001, p. 71–76. 27 8441/98, 18 May 1998, cited in the letter of Justice to the Select Committee on the European
Communities, 19 March 1999. 28 Th e Regulation uses the word “aliens”. Neither the Council nor the Commission followed the
advice of the European Parliament to use “third-country nationals” instead of “aliens”; see both Pirker Reports, A5-0059/1999 and A5-0219/2000.
29 Th e use of the defi nitions “illegal irregular border crossing” and “illegal presence” also raised doubts on whether this would not result in diff erent interpretations by the Member States. See the European Communities Committee, House of Lords, Tenth Report on Fingerprinting illegal immigrants: extending the Eurodac Convention, 8 June 1999 and the Memorandum of the Immigration Law Practitioners’ Association to the Select Committee of 3 March 1999 and the aforementioned letter of Justice, 19 March 1999.
Brouwer ch-05.indd 124 4/4/2008 5:38:20 PM
Other EU Databases Used in the Field of Immigration Control 125
Unit for the purpose of comparison with the fi ngerprint data of applicants for asylum transmitted by other Member States and recorded in the central data-base. Th ese fi ngerprints shall not be recorded in the central database at all, nor shall they be compared with the data transmitted to the Central Unit pursuant to Article 8 (fi rst category).
2.4. Functioning of Eurodac : Annual Reports of the Commission
A fi rst annual report on Eurodac was published by the Commission on 5 May 2004.30 According to this report, in the period from 15 January 2003 to 15 January 2004, 271,572 fi ngerprints were successfully transmitted to the central authority. Of a total of 246,902 asylum applications recorded by Eurodac, 17,287 concerned persons who had previously made an asylum application in another contracting state or in the same state. In other words, 7% of the cases recorded in Eurodac would include multiple asylum applications. According to the second annual report on Eurodac, published on 20 June 2005, of the total of 232,205 asylum applications recorded by Eurodac in 2004, 31,307 cases show that the same person had already made at least one previous asylum application in the same or another Member State.31 Th is means that the percentage of multiple asylum applications detected by Eurodac increased from 7% in 2003 to 13.5% in 2004. In September 2006, the European Commission published its third Annual Report on Eurodac.32 According to this report, of a total of 187,223 asylum applications recorded by Eurodac in 2005, 31,636 cases show that the same person made at least one previous asylum application, thus 16% of the asylum applications were repeat (second or subsequent) asylum applications.33
Th e Eurodac annual reports do not provide information on whether these ‘hits’ lead to the transfer of persons to the Member State which is responsible for asylum application and thus whether, using Eurodac, the goals of this system are actually achieved. Whereas the fi rst report did not include any information on this question, the Commission concluded in the second report that Eurodac has demonstrated its effi ciency and quality “in terms of speed, output, security and cost-eff ectiveness”.34 Th e Eurodac system would be “functioning well” in terms of the number of requests to take back or to take charge of an asylum seeker submitted by one Member State to another. Th e second report did not include
30 SEC (2004) 557, 5 May 2004. 31 SEC (2005) 839, 20 June 2005. 32 SEC (2006) 1170, 15 September 2006. 33 According to this third report, in four cases a person would have applied for asylum 11 times
since Eurodac became operational, see p. 6. 34 See p. 14 of the second annual report.
Brouwer ch-05.indd 125 4/4/2008 5:38:20 PM
126 Chapter 5
explicit fi gures to support this conclusion but, according to the Commission, information on the current application of the Dublin Regulation would be based on a pilot project managed by the Commission services. According to this (unpublished) information, 67% of the total requests to take back or to take charge of an asylum seeker in the period July–December 2004 were based on Eurodac hits. Still, even considering this percentage of 67% of Dublin claims based on Eurodac, the effi ciency of Eurodac is questionable. Th e fi gures in the annexes attached to the annual reports show that if Member States would apply the ‘Dublin mechanism’ on the basis of the Eurodac hits, some Member States would generally receive approximately the same number of asylum seekers from other Member States as the number of asylum seekers it could ‘send’ to another Member State.35 Th erefore, in practice, it is questionable whether the application of Eurodac together with the Dublin criteria does aff ect the net number of asylum seekers in each Member State or the EU. Th e eff ect of Eurodac is merely on the distribution of asylum seekers. It could be argued that Eurodac has a deterrent eff ect, in the sense that asylum seekers knowing that their fi ngerprints will be stored will be less inclined to lodge multiple asylum applications or even apply for asylum at all. As ‘side-eff ects’, the use of the Eurodac-Dublin rules certainly leads to longer asylum procedures and provides Member States with new grounds for refusing an asylum application.
Th e Eurodac annual reports also do not include information on how many times data on asylum seekers, or third-country nationals recorded on the basis of Article 8 of the Regulation, have been deleted before expiry of the regular time limits of 10 or 2 years respectively. As we have seen above, based on the Eurodac Regulation, the fi ngerprints have to be deleted if a person acquires the citizen-ship of a Members State as well as, in the case of an “irregular immigrant crossing the external borders ” if this person has left the EU territory or obtained a resi-dence permit. Th e reports also fail to give the total numbers of registrations held in Eurodac. However, considering that the fi ngerprints of asylum applicants will be stored for ten years in Eurodac and data on illegal border crossings for two years, it could be estimated that, after fi ve years of operation, more than one million fi ngerprints will be stored in this system.
It is worth noting that the three annual reports all refer to the problem of “special searches” performed by national authorities. Th is special search function provided for in Article 18 (2) of the Eurodac Regulation is only meant for data protection purposes and limited to the requests for access to personal data made by individuals. In the fi rst annual report, the Commission noted that this possi-bility has been used frequently by some Member States and, apparently, for other
35 See also E. Guild, Unreadable Papers? Th e EU’s fi rst experiences with biometrics: Examining Eurodac and the EU Borders, in: Lodge (2007).
Brouwer ch-05.indd 126 4/4/2008 5:38:20 PM
Other EU Databases Used in the Field of Immigration Control 127
purposes as well. In the second annual report, the Commission reports that the number of “special searches” in Eurodac increased signifi cantly, “mainly due to two Member States while a few other Member States continued to apply this provision frequently”. According to the third annual report, the Commission services would have alerted the European Data Protection Supervisor to further clarify this use of “special searches” by some Member States.36
In 2006, the European Data Protection Supervisor (EDPS) published a press release about its fi rst inspection report on the security of the Eurodac central unit.37 Th e EDPS expressed its general satisfaction with the level of security and stated that it had issued certain recommendations. As a result of “the sensitivity of some of the information” in the report, the inspection report by the EDPS has not been made publicly available.38
3. Visa Information System or VIS
3.1. Negotiations Towards a European Visa Information System
Even in the 1990s, before the CISA was implemented and internal border controls were lifted under its Convention, France stated as a prerequisite that it should be informed in advance by the other Schengen States of each visa issued to nationals of certain countries.39 Although the other countries supported prior consultation in certain cases, they initially objected to the proposal to create a system which would be used to communicate this information as a prerequisite for the implementation of CISA, since this would take much more time.40 For certain categories of visa application only, a computerised consultation net-work (VISION) was created on the basis of Article 17 (2) CISA, through which visa authorities can consult the central visa authorities of other countries before issuing a visa to the person concerned.41
36 SEC (2006) 1170, p. 10. 37 Th e European Data Protection Supervisor was set up to control the processing of personal data
by the Community institutions, see also Chapter 7. 38 Press release, 9 March 2006, http://www.edps.eu.int. 39 Migration News Sheet, July 1993, No. 124/93, p. 1. 40 Migration News Sheet estimated that if, for example, France wanted to be informed of all visa appli-
cations by Russians at the German and other consulates, a total of 2.5 million visa applications from 1993 would have to be submitted for prior approval.
41 Article 17 (2) CISA provides for prior consultation by embassies or consulates to which an application for a visa is made, with their own central authorities as well as with the central authorities of other participating states. According to Article 17 (2), the cases in which these consultations should take place are to be defi ned by the Schengen Executive Committee, now the Council.
Brouwer ch-05.indd 127 4/4/2008 5:38:20 PM
128 Chapter 5
After the events of 11 September 2001, the proposal for a visa information system was again placed on the EU agenda. In the Conclusions of the JHA Council of 20 September 2001, the Council requested the European Commission to come forward with proposals for the establishment of a network for informa-tion exchange concerning visas issued by Member States.42 In a paper to the EU Visa Working Party of 26 November 2001, the Italian delegation emphasised that the events of 11 September demonstrated that visas are not just about control-ling immigration but are above all an issue involving EU Member States’ internal security .43 According to this paper, the most immediate objective should be to set up a genuine European database for collecting the names both of individuals issued with a visa and of those denied a visa “and perhaps other relevant informa-tion”. Th e second objective should be to set up “fully-fl edged” (sic) common visa offi ces, in order to increase the overall capacity of the Member States and the European Union regarding the fi ght against terrorism.
A policy questionnaire on the needs for a future database for visas, set up by the Spanish delegation in December 2001, included the following list of possible objectives:44
– contribute to improving local consular cooperation;– distinguish better between the identity of the holder and the carrier of the
visa at external border checkpoints or at immigration or police checkpoints;– facilitate the application of the Dublin Convention regarding asylum ;– by archiving the visa fi le, assist (directly/indirectly) in the identifi cation and
documentation of illegal immigrants and therefore the readmission of illegal immigrants;
– contribute to combating terrorism and organised crime;– respond to the nature of the visa, which is described as an “instrument of
prevention and channelling of legal movements of persons”.
Th e paper proposed that the following data be included in the visa database: visa issued; visas formally refused; visa requested; visa annulled, revoked or extended; and visa stickers misappropriated or lost. Th e Spanish note dealt further with questions such as which authorities should obtain access to the database, the period for which the data should be retained before being archived and which other databases should be directly accessible to the consular posts. Finally, the note raised the question of whether the database should be incorporated into SIS and, if so, which role would be given to SIRENE .
42 SN 3926/6/01 REV 6, 20.09.2001, see conclusion 26. 43 14523/01. 44 Note to the Visa Working Party, 15577/01, 21 December 2001.
Brouwer ch-05.indd 128 4/4/2008 5:38:20 PM
Other EU Databases Used in the Field of Immigration Control 129
In the Laeken Conclusions of December 2001, the European Council asked the JHA Council and the Member States to take steps to set up a common visa identifi cation system and to examine the possibility of setting up common consular offi ces.45 In the Comprehensive Plan to combat illegal immigration and traffi cking of human beings in the European Union of February 2002, the Council again referred to the utility of a European VIS, but this time in the context of the EU return policy.46 According to consideration (73) of this Plan, a European Visa Identifi cation system would signifi cantly facilitate the process of “identifying illegal residents and the issue of travel documents for return purposes.”
In the ‘roadmap’ on the measures and initiatives to be implemented according to the Action Plan to combat terrorism of October 2001, the Commission was scheduled to present a proposal before March 2002.47 Th is deadline was moved several times in later versions of this roadmap.48 However, before making concrete proposals, the Commission raised the issue of the need for a visa information system in several documents. For example, the creation of a visa information sys-tem was mentioned in the proposal updating the Regulation on a standard format for visas,49 in the Communication on illegal immigration of 15 November 200150 and in the Green Paper on Return Policy of 10 April 2002.51 In the Communication on illegal immigration, the Commission proposed including the personal information of visa applicants in the information system, as well as electronic photographs and scanned photographs of travel documents. According to the Commission, such a system should enable Member States to allow short-term admission on justifi able grounds and to ensure the return of those persons after the expiry of the visa. In the Green Paper on return policy, the Commission also mentioned this possibility of using the “European Visa Identifi cation System” for return purposes. Th ese return-related problems could be resolved, according to the Commission, by carrying out suitable identifi cation measures during administrative procedures “when the person concerned has an interest in providing correct data”. Th e Commission referred again to the usefulness of a Visa Identifi cation System for identifi cation purposes, leaving open for discussion the question of which elements should be included in the Visa Identifi cation System to ensure the identifi cation of undocumented illegal residents.
45 Th e European Council of 14 and 15 December 2001, Laeken, see Conclusion 42, SN 300/1/01 REV 1, p. 12.
46 OJ 2002, C 142. 47 See the roadmap of 16 October 2001, 12800/01. 48 See, for example, the roadmap of 09/04/02, 7686/02. 49 COM (2001) 577, 9.10.2001. 50 COM (2001) 672, 15.11.2001. 51 COM (2002) 175, 10.4.2002.
Brouwer ch-05.indd 129 4/4/2008 5:38:20 PM
130 Chapter 5
During the informal JHA meeting of 14–15 February 2002, further discussions took place on whether a European visa database should contain not only informa-tion on issued visas, but also on visas applications and on visa denials.52 A majority of the Member States seemed to favour such an extension, though it was noted that it was unclear how much information should be included–only substantial grounds for rejection or rejections based on the inadmissibility of the application as well.
Th e guidelines for the establishment of the “Visa Information System” as approved during the meeting of 13 June 2002 of the JHA Council, describe the following goals of VIS:
– to improve the functioning of the common policy in the fi eld of visa;– internal security and the fi ght against terrorism;– to fi ght against fraud;– to prevent visa shopping;– to improve the possibilities for returning illegal immigrants and, fi nally;– to improve the application of the Dublin Convention .53
Th ese goals are comparable to the list in the Spanish note of 2001 mentioned above, but also include internal security and the fi ght against fraud. At this meet-ing of June 2002, it was further decided that the European Visa Information System should have a similar structure as was chosen for SIS, including a Central Visa Information System (CS-VIS) and a National Visa Information System (NI-VIS) in each Member State. Furthermore, the Council invited the European Commission to prepare a feasibility study on the setting up of such a database.
In June 2004, the Council adopted the decision on the establishment of the Visa Information System.54 Th is Decision enabled the Commission, even though the political decision-making on the use and the content of VIS was still ongoing, to start the technical preparations for the establishment of VIS.
3.2. Th e VIS Regulation: Purpose and Content of VIS
In December 2004, the Commission presented a proposal for a Regulation con-cerning the Visa Information System (VIS).55 Th e adoption of the VIS Regulation was foreseen for mid-2006 and VIS was planned to be operational in 2007.
52 See the letter from the Dutch Minister of Justice to the parliament, Handelingen Tweede Kamer 2001–2002, 23 490, no. 226.
53 See the Press release of the JHA Council, 9620/02 (Presse 175). See, for the draft guidelines, 7309/02, 4 April 2002 and 9615/02, 5 June 2002.
54 Council Decision 2004/512, 8 June 2004, OJ L 213, 15.6.2004. 55 COM (2004) 835.
Brouwer ch-05.indd 130 4/4/2008 5:38:20 PM
Other EU Databases Used in the Field of Immigration Control 131
Th e Regulation has to be adopted by qualifi ed majority vote and through co-decision with the European Parliament.56 In June 2007, the Council and the European Parliament agreed on a fi nal text of the VIS Regulation.57
VIS is to contain information on every visa issued, on every decision to examine an application for a visa, every visa which is refused, annulled, or revoked and on each extension of a visa. Th e persons concerned are third-country nationals from the countries whose nationals require a visa, according to the EU visa lists. In 2006, nationals from 134 states around the world required a visa to enter the EU.58 Every national from these states who applies for a visa is to be recorded into the VIS central database. Th e annual number of visa applications for 2007 is estimated at 20 million per year.59 Th is implies the storage of information on millions of third-country nationals, each record to be stored for fi ve years.60 One of the data to be stored as visa applicants is the nationality of birth. VIS will also include information on EU and non-EU nationals inviting third-country nationals. VIS is to link at least 27 Member States and should be accessible to 12,000 users and 3,500 consular posts worldwide.
Based on Articles 18 to 22 of the draft Regulation (June 2007), the following authorities will be granted access to VIS:
– competent visa authorities for the purposes of examining applications, of consulting and requesting documents and of reporting and statistics;
– competent authorities carrying out checks on visas at external borders and within the territory of the Member State for the sole purpose of verifying the identity of the person and/or the authenticity of the visa;
56 See, for a consolidated version of the VIS, draft Regulation 11632/06, 13 July 2006. Th is includes a three-column table showing the Commission proposal, the Presidency compromise and the amendments as proposed by the European Parliament.
57 JHA Council, Press release 12–13 June 2007, 10267/07 (Presse 125), p. 15, see for the latest version of the Draft Regulation, 9753/07, 19 June 2007.
58 Not including the Palestinian Authority and Taiwan, whose nationals need a visa as well. Council Regulation 539/2001 of 15 March 2001, listing the third countries whose nationals must be in possession of visas when crossing the external borders and those whose nationals are exempt from that requirement, OJ L 81 of 21 March 2001 (modifi ed by Regulation 2414/ 2001, OJ L 327, 12.12.2001, Regulation 453/2003, OJ L 69, 13.3.2003 and Regulation 851/ 2005, OJ L 141, 4.6.2005). See also the information in OJ C 311, 19.12.2006.
59 Commission Staff Working Document on VIS including an Extended Impact Assessment, SEC (2004) 1628, 28 December 2004, pp. 20 and 25. See also the Study for the Extended Impact Assessment of the Visa Information System. Final Report, December 2004, Brussels: European Policy Evaluation Consortium (EPEC), December 2004, p. 4.
60 Estimated data stored in VIS cover 20 million visa applications on an annual basis, which would result in 70 million records to be stored into the system for the fi ve-year term.
Brouwer ch-05.indd 131 4/4/2008 5:38:20 PM
132 Chapter 5
– competent immigration authorities for the sole purpose of identifying and returning illegal immigrants; and
– competent asylum authorities for the sole purpose of determining the Member State responsible for examining an asylum application and for the purpose of examining an application for asylum.
Th e functions and authorities obtaining access to the proposed VIS have gradually been extended as a result of other instruments adopted by the EU Council. During its meeting of 7 March 2005, the Council adopted the decision that “in order to achieve fully the aim of improving internal security and the fi ght against terrorism”, Member State authorities responsible for internal security and law enforcement authorities should be guaranteed access to VIS, “in the course of their duties in relation to the prevention, detection and investigation of criminal off ences, including terrorist acts and threats”.61
A proposal for a decision providing national security agencies and Europol access to VIS was published by the Commission in November 2005.62 In February 2007, a new proposal of the draft VIS Decision was published changing the explicit reference to internal security agencies in the title and text into “designated authorities of the Member States”.63 Th is more euphemistic defi nition is still referring to internal security agencies, but implies the risk that national govern-ments “designate” every agency or authority they like, to obtain access to the VIS. Th e JHA Council reached agreement on this Decision in their meeting of 12–13 June 2007.64
4. Interoperability of SIS II, Eurodac and VIS
Th e possibility of interconnecting diff erent databases is an important and recur-rent issue in the development of SIS II and VIS. Th e European Commission announced in its Communication on SIS II of 18 December 2001, that the estab-lishment of a network for exchanging information on issued visas should be studied in connection with the development of SIS II.65 Th e question of whether a visa information system should be established separately or as a database incor-porated into SIS was further raised in a discussion paper on a new visa database of December 2001.66 In addition, during the negotiations on the fi ght against
61 Conclusions meeting Council Competitiveness 7 March 2005, doc. 6811/05. 62 See the proposal for a Council Decision concerning access for consultation of the Visa
Information System (VIS) by these authorities, COM (2005) 600 fi nal, 24 November 2005. 63 Council doc. 5456/1/07, 20 February 2007. 64 Press release JHA Council, 12–13 June 2007, 10267/07 (Presse 125), p. 15. 65 COM (2001) 720, p. 8. 66 15577/01, 21 December 2001.
Brouwer ch-05.indd 132 4/4/2008 5:38:20 PM
Other EU Databases Used in the Field of Immigration Control 133
terrorism, the interconnection of diff erent databases was advocated by diff erent Member States.67 Th e European Council, in its Declaration on combating terrorism of 25 March 2004, invited the Commission to submit proposals for enhanced interoperability between SIS II, VIS, Eurodac and the use of this information in fi ghting and preventing terrorism.
In 2005, the Commission published the Communication on improved eff ective-ness, enhanced interoperability , and synergies among EU databases of 2005.68 Th e content of the recommendations in this Communication refl ects the ambiguous position of the Commission. On the one hand, the Commission sought to improve the effi ciency of the databases and its possible use for realising the Community principle of freedom of movement . On the other hand, the Commission tried to respond to the general wish of the Council and its individual Member States to allow the use of immigration and asylum information for anti-terrorism and security policy. Th e purpose of this Communication would be “to highlight how, beyond their present purposes, these systems can more eff ectively support the policies linked to the free movement of persons and serve the objec-tive of combating terrorism and serious crime”. “Interoperability” is defi ned by the Commission as the “ability of IT systems and of the business processes they support to exchange data and to enable the sharing of information and knowl-edge”. In the Communication on interoperability, the Commission stressed that the existing databases have so far not been fully exploited.69 Some of the short-comings of these databases mentioned by the Commission are that the identifi -cation of illegal immigrants is still diffi cult, that there is no possibility for internal security agencies to use “asylum, immigration, and visa data”, and that there is incomplete monitoring of the entry and exit of third-country nationals. With regard to Eurodac , the Commission concluded that this database has been under-exploited because the quantity of data to be transmitted to Eurodac is a “surpris-ingly low fraction of the total migratory fl ow”.70 It is noted that the lack of access by internal security authorities to Eurodac is “considered by the law enforcement community to be a serious gap in the identifi cation of suspected perpetrators of a serious crime”.71
67 See, for example, the German government during a meeting of 27 September 2001, 13176/01, 24.10.2001.
68 COM (2005) 597, 24 November 2005. 69 COM (2005) 597, para. 4. 70 Ibid., para. 4.1. 71 Th e Commission envisages the following possibility for access to Eurodac : “Authorities respon-
sible for internal security could thus have access to EURODAC in well-defi ned cases, when there is a substantiated suspicion that the perpetrator of a serious crime has applied for asylum . Th is access should not be direct but through the authorities responsible for EURODAC.” Para. 5.2.3 of the Communication on interoperability COM (2005) 597.
Brouwer ch-05.indd 133 4/4/2008 5:38:20 PM
134 Chapter 5
Th e Commission summarised the following developments and plans with regard to the existing data systems:
1. possibility of biometric searches in SIS II;2. more comprehensive access to VIS and SIS II by asylum and immigration
authorities;3. access by authorities responsible for internal security.
In the long term, the Commission described the following scenarios:
1. the creation of a European criminal Automated Fingerprints Identifi cation System (AFIS);
2. the creation of an entry/exit system and the introduction of a border-crossing facilitation scheme for frequent border crossers; and
3. the creation of European register(s) for travel documents and identity cards.
In the Communication on interoperability , the Commission did not go into details with regard to the legal aspects of the interoperability of databases and its consequences for individuals and their (human) rights. On the contrary, in the introduction to the Communication, the Commission made clear that “ interoperability” is used as a technical rather than a legal or political concept and is separate from the question of whether the data exchange is legally or politically possible or required. Th is policy of considering the ‘technical’ issue of interopera-bility separately from the legal issue is not without problems.72 For example, in the Communication on the second generation of SIS and synergies of SIS II with VIS of 11 December 2003, the Commission recommended the technical integration of SIS II and VIS in its central part, since this option would generate important budgetary savings.73 In the Decision 2004/512 on the establishment of VIS of 8 June 2004, the Commission was instructed to “take into account the option of a common technical platform with the second generation SIS (SIS II)”.74 In 2003, the Commission still emphasised that this synergy was only to be created at the central level and it would be necessary to keep the two systems and data separate. Now we see that the decisions on the technical and budgetary issues provided the basis for the more political and legal decisions with regard to the shared use and interoperability of the systems.
72 See also P. de Hert & S. Gutwirth, Interoperability of Police Databases within the EU: An Accountable Political Choice?, International Review of Law Computers & Technology, Vol. 20, Nos. 1 & 2, p. 21–35, March-July 2006.
73 COM (2003) 771. 74 Council Decision 2004/512, 8 June 2004, OJ L 213, 15.6.2004.
Brouwer ch-05.indd 134 4/4/2008 5:38:20 PM
Other EU Databases Used in the Field of Immigration Control 135
5. Use of Biometric Data
5.1. Controlling the Body: Use of Biometrics at the EU Level
At both national and European levels, governments are developing mechanisms for checking individuals using biometric data. Biometrics can be described as “automated methods of recognising a person based on a physiological or behav-ioural characteristic including fi ngerprinting, retinal and iris scanning, hand and fi nger geometry, voice patterns, facial recognition, and other techniques”.75 Comparison of the unique biometric features of a person with the personal data which has been previously stored in a database or ID card allows for the identifi ca-tion of this specifi c person. During the inquiry for this study, Eurodac was the largest database to contain biometric data, namely fi ngerprints. In future, biometric data will be stored and used on a much larger scale. As we have seen, the proposals on both SIS II and VIS provide for the inclusion of biometrics ( fi ngerprints) in these databases. Furthermore, diff erent decisions have been taken with regard to the inclusion of biometrics into EU passports, travel documents and visas. Th e inclusion of biometric data in databases and in travel documents is presented as a new measure for diff erent purposes, including the prevention of illegal immigration or visa shopping, to combat terrorism, to prevent fraud and to facilitate the return of rejected asylum seekers.76
During their meeting in Th essaloniki on 19 and 20 June 2003, the European Council agreed upon the necessity of a “coherent EU approach on biometric identifi ers for documents for third-country nationals, European Union citizens’ passports and information systems (VIS and SIS II)”. Th e need for this EU policy was in fi rst initialised by new US anti-terrorism legislation which required citizens of countries falling under the US Visa Waiver Program to hold machine-readable passports in order to visit the US. Having postponed this deadline many times, the US government requires EU travellers to the US who do not hold this machine-readable passport to apply for a visa with eff ect from 26 October 2006. In December 2004, the EU Council adopted Regulation 2252/2004 for security features and biometrics in passports and travel documents issued by Member States.77
75 Defi nition used on http://www.eubiometricsforum.com/. 76 See, for an overview of the EU policy on biometrics: J. Lodge, eJustice, Security and Biometrics :
the EU’s Proximity Paradox, European Journal of Crime, Criminal Law and Criminal Justice, Vol. 13/4, 2005, p. 533–564, and P. de Hert, W. Schreurs & E. Brouwer, Machine-Readable Identity Documents with Biometric Data in the EU, Keesing Journal of Documents and Identity 2006, Issue no. 21, p. 3 ff .
77 OJ L 385, 29.12.2004.
Brouwer ch-05.indd 135 4/4/2008 5:38:20 PM
136 Chapter 5
Th is Regulation does not apply to national identity cards or to temporary pass-ports. According to Article 1 of this Regulation, Member States must include in their passports and travel documents a storage medium containing a facial image in accordance with the security standards set out in the Annex of this Regulation. Furthermore, Member States must include fi ngerprints in “interoperable formats”. Th e data are to be secured and the storage medium should have suffi cient capacity and capability to guarantee the integrity, authenticity and confi dentiality of the data. According to Article 6 of the Regulation, the digitised facial image has to be implemented into the passports before 28 August 2006 and the fi ngerprints before 28 February 2008. Th e scope of harmonisation is limited to the security features containing biometric identifi ers: the designation of the authorities and bodies that will be allowed access to the data in the storage medium of the issued document remains a matter of national legislation.
Despite the negative advice on this matter from the European Parliament, Regulation 2252/2004 allows for the central storage of biometric data. Th e tech-nical requirements for the machine-readable passport and the storage medium for the biometric data (so-called ‘contactless chip’) are provided in a Decision of the European Commission dated February 2005.78
Th e EU Member States reached political agreement on the draft Regulation amending the uniform visa and residence permits to include biometric data.79 Furthermore, in 2006, the Commission forwarded a proposal for a Regulation providing rules for consulates and embassies with regard to the use of biometrics during reception and processing of visa applications.80 In its Communication on Th e Hague Program on the implementation of the principles of Freedom, Security and Justice, the Commission stated that biometrics allows the storage and exchange of information on the entry and exit of third-country nationals into and out of the Schengen territory. Th e Commission acknowledged that these systems would have considerable impacts in technical, fi nancial and data protection terms.81
78 Commission Decision C (2005) 409 of 28 February 2005, available at: http://ec.europa.eu/ justice_home/doc_centre/freetravel/documents/doc/c_2005_409_fr.pdf. Th ere is no offi cial English translation of this decision since the United Kingdom and Ireland did not take part in the adoption of this measure.
79 Draft Regulation amending the uniform visa and residence permits to include biometric data, COM (2003) 558.
80 Proposal for a Regulation of the European Parliament and of the Council amending the Common Consular Instructions on visas for diplomatic missions and consular posts in relation to the introduction of biometrics, including provisions on the organisation of the reception and processing of visa applications, COM (2006) 269, 31.5.2006.
81 COM (2006) 331, 28.6.2006. See also the Communication on the priorities in the fi ght against illegal immigration, COM (2006) 402, 19.7.2006 in which the Commission announced to publish a feasibility study for such an entry/exit system in 2007.
Brouwer ch-05.indd 136 4/4/2008 5:38:20 PM
Other EU Databases Used in the Field of Immigration Control 137
5.2. Diff erent Options with Regard to the Use of Biometric Data
In order to understand the relevancy of biometrics for EU policy, it is important to diff erentiate the following purposes for which identifi cation based on biometrics can be used: verifi cation, authorisation and as a search tool.82
In the fi rst place, the storage of biometric data may be used for verifi cation purposes. A good example of this use is the aforementioned EC Regulation 2252/2004 on biometric passports and the proposal for including biometrics in visa and residence permits. Th e storage of biometric data in a passport or visa enables national authorities to verify whether a person holding this document at cross-border or internal checks is the legal owner by comparing his or her biometric features with the biometric data recorded in the document. Since the 1990s, the technology of biometrics has been in use in the United States and Canada for identifi cation purposes in administrative applications (identifi cation checks for driving licence applications) and applications for social welfare assistance. Although the use of Eurodac is to be distinguished from verifi cation in the strict sense, in fact the fi ngerprints stored in this system are used for ‘veri-fying’ whether this person has travelled or applied for asylum in another Member State. Unlike other verifi cation procedures, identifi cation through Eurodac is anonymous since it only provides information about the geographic ‘movements’ of the holder of the fi ngerprints.
Th e second option – biometric identifi cation used for authorisation procedures – is used, for example, by companies to control access by clients or employees to their premises or to certain services. For example, at Schiphol airport in the Netherlands, a so-called Privium chip card has been introduced to enable regular travellers to cross the border swiftly using iris scanning.83 Starting experimentally in October 2001, the use of this card was permanently authorised by the Dutch Ministry of Justice in October 2002. Another example is the registration of per-sonal information (including biometrics) in VIS in combination with the storage of these data in an electronic visa. Th is use, which should prove that the person holding the visa is the same as the person recorded in VIS, in fact authorises this person to travel into and within an EU Member State.
82 Articles 2 (10) and 2 (11) of the VIS Proposal defi ne the meaning of verifi cation and identifi ca-tion: Verifi cation is “the process of comparison of sets of data to establish the validity of a claimed identity (one-to-one check)”. Identifi cation is defi ned as “the process of determining a person’s iden-tity through a database search against multiple sets of data (one-to-many check)”.
83 Only nationals of EEA countries + Switzerland can apply for an iris scan chip card. According to information issued by the Privium company, third-country nationals holding a permanent resi-dence permit of one of those countries are “for the time being, unfortunately” excluded from this service, in accordance with the restrictions imposed by national law. Annual costs are € 99 to € 119. See http://www.schiphol.nl, visited in September 2006.
Brouwer ch-05.indd 137 4/4/2008 5:38:21 PM
138 Chapter 5
Th irdly, identifi cation through biometrics can be used as a search tool. Dactylographic research has been an important tool for the police and crime investigation authorities for more than a hundred years. Th e success rate of foren-sic research based on biometric data (fi ngerprints, DNA) depends on the amount of data with which the item found/fi ngerprint can be compared. Th erefore, law enforcement authorities and internal security and intelligence services advocate the maximum storage of biometric data. Th is lobbying for the wide and large-scale registration of biometric data also takes place the EU level. SIS II, Eurodac and VIS will allow law enforcement authorities and intelligence agencies to search through the available information, using biometrics as primary search key.
5.3. Biometrics and the Rights of Individuals
Depending on the option used, the person concerned will not always be aware of the moment when his or her personal data is retrieved and which databases are searched. Using ‘contactless technology’, national authorities can carry out checks on persons without their knowledge. Th e practical scope of such searches depends on whether the biometric data are only contained on an individual card, or whether the information is also stored in a central database. In the former case, the authorities will only ‘read’ the information included on the card; in the latter case, the authorities may compare the information on the card with information held in the database and even receive additional information through this data-base on the person concerned. Other important options to be considered when dealing with the EU measures described above are whether the information is accessible to many or only to a limited category of authorities. Is the information stored on the card accessible to the individual concerned, in other words does the person have any means of ‘controlling’ this information? Is it possible to read the information stored in passports, visa or residence permits without the knowl-edge of the card holder? Th e introduction of RFID or ‘contactless machine- readable microchips’ as provided for in EU passports and possibly, in future, in EU visas, seems to make this possible. It will be easier to read the information on a document from a distance, with facial recognition used as biometric identifi er, instead of fi ngerprints or iris recognition.
Th e advantages of ‘contactless chip technology’ for migration control were discussed during the discussions of the Council in June 2003.84 Th e use of this technology would allow fast border controls and would make it possible to record every border-crossing movement and the integration of this technology with VIS
84 Note from the Italian Presidency to the Visa Working Party of the Council describes in detail the possibilities for using VIS, biometrics and contactless microchip technology. 10857/03, 24 June 2003.
Brouwer ch-05.indd 138 4/4/2008 5:38:21 PM
Other EU Databases Used in the Field of Immigration Control 139
would allow ‘the control of every alien’. Th e extra costs of the introduction of these technologies for the Member States could be ‘passed on to the visa appli-cants’.85 As we now know, this is what actually happened on the basis of the Council Decision 2006/440 of June 2006, following which the fee for visa appli-cations was raised from € 35 to € 60.86 According to recital (4) of this Decision, the amount of € 35 would no longer cover current visa application processing costs, particularly because “the consequences of the introduction of the European Visa Information System (VIS) and the biometrics required to introduce VIS in the visa application examining process should be taken into account”.
Choices with regard to the introduction of biometrics as described above are important, not only for the rights of the individual concerned (which will be discussed in Part II), but also for the social acceptance of the use of biometrics. For example, when a person knows that his data are only held on a personal secure ID card and not in a central register, he may more easily accept the use of this kind of control mechanism.87
5.4. Reliability of Biometrics
Technical specialists and (national and EU) Data Protection Authorities have repeatedly expressed their concerns about the reliability of systems using biometric data. Th e EDPS emphasised the technical imperfection of biometrics in its opinion on the proposal for VIS, opposing the use of biometrics as a primary search key.88 An important question for validating the choice of this technology in EU measures is whether there is an acceptable balance between the so-called false acceptance rate (FAR) and false rejection rate (FRR). According to the EDPS, it is estimated that 5% of individuals are unable to enrol because they have no readable fi ngerprints or no fi ngerprints at all. Th is would mean, with regard to the use of VIS, which is expected to include data on 20 million applicants by 2007, that 1 million persons cannot be checked using the normal
85 10857/03 Add 1, 18 September 2003. Other countries, including Finland, expressed their doubts on the cost-eff ectiveness of the use of this technology. See Council doc. 12171/03, 8 September 2003.
86 Decision 2006/440/EC of 1 June 2006 amending Annex 12 to the Common Consular Instructions and Annex 14a to the Common Manual on the fees to be charged corresponding to the administrative costs of processing visa applications OJ L 175, 29.6.2006.
87 See also the report by J. Ashbourne, Societal Implications of the Wide Scale Introduction of Biometrics and Identity Management, Background paper for the Euroscience Open Forum ESOF 2006 in Munich, July 2006, downloadable from http://www.statewatch.org/news/2006/jul/ biometrics-and-identity-management.pdf.
88 Opinion of the European Data Protection Supervisor on VIS, Brussels, 23 March 2005, see: http://www.edps.europa.eu/12_en_opinions.htm.
Brouwer ch-05.indd 139 4/4/2008 5:38:21 PM
140 Chapter 5
procedure. Secondly, with regard to biometrics, an error rate of 0.5 to 1% is considered normal, which would mean a False Rejection Rate of 0.5 to 1% with regard to measures and checks based on VIS. If only one percent of a targeted group of 100,000 people per day suff ers from a false negative, this would cause 1000 people to be ‘automatically’ (but wrongfully) stopped every day. Th e risk of false recognition can be caused by the fact that biometric data such as fi ngerprints may change over time.89
Furthermore, commentators stressed that the use of biometrics will not rule out identity theft or forgery. Although biometrics prevent so-called ‘identity sub-stitution’ to a certain degree, the fraudulent issue of a genuine passport cannot be prevented.90 Th is lack of security of new e-passports, to be introduced in a number of EU Member States, was illustrated by a German computer security expert in August 2006. During a conference in Las Vegas, this expert demon-strated how personal information stored in the documents could be copied and transferred to another device, including fake passports.91
It seems that EU Member States deliberately did not assess the overall eff ects of the diff erent proposals providing for the use of biometrics. Th is can be concluded from a Presidency note on the assessment of the state of the SIS II project, accord-ing to which the Member States want to have “a transparent discussion on the handling of biometric data in the framework of SIS II, but without broadening it to a general discussion on the subject.”92
5.5. Index on Criminal Records of Th ird-Country Nationals
Without going into detail on this more recent development, it is relevant to note that in July 2006 the Commission adopted a proposal to improve the exchange of information on criminal records within the European Union.93 Th e reason for this index of third-country nationals would be the fact that the current exchange of information on criminal convictions based on the 1959 Convention on Mutual Assistance in Criminal Matters (Council of Europe) would not cover nationals of countries which are not party to this Convention. Th e proposed index would allow Member States to receive immediate confi rmation of which other Member State holds information about a third-country national. On the basis of a person’s identifi er, a national criminal record system can consult the index and fi nd out whether the third-country national has a criminal record.
89 J. Wayman, Linking Persons to Documents with Biometrics . Biometric systems from the 1970s to date, Keesing Journal of Documents & Identity, Issue 16, 2006, p. 14.
90 See further De Hert, Schreurs & Brouwer (2006). 91 L. Kirk, E-passports waste of money, says security expert, 7 August 2006, http://euobserver. com/. 92 9672/05, 2 June 2005. 93 COM (2006) 359, 4.7.2006.
Brouwer ch-05.indd 140 4/4/2008 5:38:21 PM
Other EU Databases Used in the Field of Immigration Control 141
One of the options to be dealt with in the forthcoming preparatory work is the possibility of adding a ‘biometric search engine’ to allow for general searches on biometrics.
6. Comparing SIS II, Eurodac and VIS
6.1. Central Databases, Immigrants and Biometrics
SIS II, Eurodac and VIS have the common feature of being centralised large-scale databases, focussed on the registration of third-country nationals and that they include biometric data. Th e set-up of these centralised databases is closely related to the aim of the EU governments to acquire an additional tool or mech-anism for controlling the entrance and movement of migrants. Th ese migrants include persons staying irregularly in their territory, asylum seekers and migrants declared inadmissible by national authorities. SIS II, VIS and Eurodac will not only be accessible at the external borders of Member States, but also within the national territory and at the embassies and consulates of third countries. Th is means that border control is performed at diff erent levels: within the country, at the internal94 and external borders, and at the consular post abroad.
Th e use of these EU databases implies a presumption concerning the legal or virtual status of an individual. A third-country national reported in SIS II on the basis of Article 24 of the Regulation is presumed “inadmissible” based on public order or security grounds, or because he or she may have infringed national immigration law. A hit based on Eurodac implies that the person concerned is presumed to have arrived through the territory of another Member State and thus may be sent back to this country. Finally, a person whose visa has expired, according to the information stored in VIS, may be immediately expelled when his or her VIS record is checked by a national authority.
A third common feature of SIS II, Eurodac , and VIS is that in the decision-making, the decisions on the technical feasibility of these systems preceded the political decisions on the desirability or even necessity of these systems.95 Th e decisions to develop Eurodac, VIS and SIS II were taken without a funda-mental discussion of the expected effi ciency of these systems, the consequences for individual rights, or the balance between these interests. Th e legal and practical implementations of large-scale EU-wide databases, including the use of biometrics, were only dealt with as a matter of secondary concern or as a limiting condition.96
94 Based on the application of Article 2.2 CISA, see Chapter 2. 95 See, on the decision-making regarding Eurodac : Aus (2006), p. 15. 96 Th is will be discussed further in Part II.
Brouwer ch-05.indd 141 4/4/2008 5:38:21 PM
142 Chapter 5
6.2. Diff erences Between SIS, Eurodac , and VIS
Despite these common features, there are also diff erences between the systems. In the fi rst place, there is an important diff erence with regard to the criteria based on which an individual can be recorded. Th e inclusion of persons in SIS or SIS II is based on the individual behaviour of a person, taking into account who is likely to be a risk from the viewpoint of illegal immigration, security or criminal off ences.97 Since the Schengen rules do not give harmonised rules on the criteria for having a third-country national reported in SIS, situations in which a person can fi nd himself reported in SIS are to a certain extent arbitrary. Although indi-vidual behaviour is the basis for being registered in SIS II, the question of which types of behaviour exactly produce this eff ect is still not transparent.98 Th is is par-ticularly true when the person is reported by a Schengen State on the basis of national provisions and that person is not informed of the data or the reasons for this report. Furthermore, it is possible for SIS or SIS II to include ‘soft’ data on third-country nationals, in other words information of which the accu-racy or correctness is not guaranteed. Th is is the case when data on third-country nationals are recorded in SIS II on the basis of the criterion that there is a “clear indication” that he or she intends to commit a serious criminal off ence.99
In principle, registration in Eurodac includes every asylum seeker applying for asylum in one of the Member States or every person entering the territory ille-gally. However, on the basis of the annual fi gures from Eurodac, one can see that practical implementation is diff erent for each EU Member State. Th e question of when and which third-country nationals are fi ngerprinted for storage in Eurodac is dependent on national policies and the practice of the national offi cials in question. Furthermore, unlike SIS II or VIS, Eurodac does not include personal data: no name, address or date of birth: only the fi ngerprints of the person con-cerned and the place and date of arrival. Using the reference number in Eurodac, the fi ngerprint data may however be ‘connected’ to the personal information for that person.
VIS will include data on each individual applying for a visa for one of the EU countries and data on the EU or non-EU citizens inviting (or sponsoring) the visa applicant. Since EU visa policy is based on the so-called ‘visa lists’, including the third countries whose nationals are obliged to obtain a visa before entering European territory, registration in VIS will only aff ect the nationals of those states.
97 Guild (2001), p. 35. 98 As we have seen in Chapter 4, the Regulation on SIS II stipulates that, before entering an alert
into SIS II on a third-country national, the authorities should perform an individual assessment and proportionality test.
99 According to Article 96 CISA this was “clear evidence”.
Brouwer ch-05.indd 142 4/4/2008 5:38:21 PM
Other EU Databases Used in the Field of Immigration Control 143
In practice, the majority of persons inviting the visa applicants will hold the nationality of a third-country state or will originate from a third-country.
Th e selection of states to be placed on the visa lists can be compared with the national decision to enter a record of a person as “inadmissible” into SIS. Whereas the reporting of individuals in SIS is based on a profi le of individual behaviour, the EU visa list is based on a profi le of countries. Is the country in question to be considered a ‘risk country’ with regard to illegal immigration or with regard to the internal security of the Member States?100 In practice, the majority of the individuals recorded in VIS will not imply any “security risk” at all.
6.3. Intelligence Tool or Administrative File?
SIS I was not set up for intelligence purposes unlike, for example, the Europol databases. Th e SIS includes limited categories of personal data and, depending on the aim for which the data are stored, these categories are only accessible to the administrations which were authorised to use these data for their public tasks. Secondly, the current SIS operates on a ‘hit/no hit’ basis. Th is means that when governmental administrations check whether a person has been reported to SIS, they will in the fi rst place only obtain information on whether this is the case or not. If the person is in SIS, the authorities can directly view, depending on the reporting category, which action is to be taken. Although the EU Ministers confi rmed in June 2003 that this ‘hit/no hit’ basis would be maintained for SIS, we saw in Chapter 4 that the decisions adopted since then show that SIS II has developed into a database for general intelligence purposes.
Th e primary function of Eurodac is purely administrative; it monitors only when and in which country an asylum seeker has entered or applied for asylum. Its purpose is to establish which country is responsible for the examination of the application of an asylum seeker. Nevertheless, in combination with the other European databases, Eurodac and the use of the fi ngerprints stored therein can be easily used for other purposes as well.101
According to the plans for the European Visa Information System (VIS), this will be a multifunctional system. Th e Commission and the Member States
100 R. Cholewinski, Th e EU Acquis on Irregular Migration: Reinforcing Security at the Expense of Rights, EJML 2, 2000, p. 361–405. See further on the EU visa policy and the criteria used for placing third country on the ‘black list’ or not: E. Guild, Th e Borders Abroad – Visas and Border Controls, in Groenendijk, Guild & Minderhoud (2003), pp. 87 –104.
101 In June 2007, the JHA Council invited the European Commission to present “as soon as possible” a proposal to amend the Eurodac Regulation, granting police and law enforcement authorities and Europol access to Eurodac. 10002/07, 25 May 2007. See also JHA Conclusions, 12–13 June 2007, 10267/07 (Presse 125).
Brouwer ch-05.indd 143 4/4/2008 5:38:21 PM
144 Chapter 5
described the multiple goals of this system: misuse of identity; prevention of illegal immigration and visa shopping; implementation of Dublin II and the fi ght against terrorism. Whereas the SIS is used to restrict the entry of unwanted aliens into the Schengen territory, the purpose of VIS will be primarily to pro-vide offi cials and governments with knowledge of every person who is seeking access to one of the EU countries, the persons inviting these third-country nationals and persons crossing EU borders who do not leave before expiry of their visas. An important incentive for governments to develop this latter system was its use for safeguarding internal security . Th is goal has been facilitated by the inclusion of biometrics, as well as by the registration of personal information on every visa applicant in VIS. Th is means that VIS, although apparently set up as an administrative fi le, will in practice function as an intelligence tool.
Th e reason I have focussed on these diff erences in the central purpose and features of SIS II, Eurodac and VIS is because this may become a crucial factor when assessing the lawfulness or proportionality of the further use of these data systems. Th is will be further elaborated in Part II of this study, dealing with the legal rights of individuals.
Brouwer ch-05.indd 144 4/4/2008 5:38:21 PM
Part IIEff ective Remedies under European Law
Brouwer ch-06.indd 145 3/13/2008 3:14:00 PM
Brouwer ch-06.indd 146 3/13/2008 3:14:00 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 147–176.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Chapter 6
Data Processing and the Right to Privacy: Th e Importance of Article 8 ECHR
“Th e right to privacy is a widely recognized opacity tool to prohibit certain uses of power. It may not be the strongest human right enlisted in the ECHR and it may also well be that the ‘reign’ of privacy in discourse is over, but nevertheless the right is there and has its proper place: prohibiting the uses of powers in spheres intimately linked with the development of the individual and especially when these powers make use of new technology.”1
1. Introduction
When considering the storage and use of personal information, the rights of individuals are generally defi ned in terms of data protection and privacy. Although these rights are closely related, I prefer to describe the right to privacy or private life separately from the right to data protection. Th e following sections examine the jurisprudence of the European Court of Human Rights (ECtHR) on Article 8 of the European Convention on Human Rights (ECHR), dealing with the claim that data processing measures or the use of databases may interfere with the right to privacy.
In this Chapter, I will not try give a detailed analysis of the content of the “right to privacy”.2 Th e purpose of the following sections is merely to describe the general criteria resulting from the jurisprudence of the ECtHR on Article 8
1 P. de Hert & S. Guthwirth, Making sense of privacy and data protection: a prospective overview in the light of the future identity, location-based services and virtual residence, Annex 1 to the report Security and Privacy for the Citizen in the Post-September 11 Digital Age: A Prospective Overview, Technical Report Series, Institute for Prospective Technological studies, EUR 20823 EN, July 2003, p. 144.
2 For this purpose, I refer to general literature: P.H. Blok, Het recht op privacy. Onderzoek naar de betekenis van het begrip ‘privacy’ in het Nederlandse en Amerikaanse recht, Th e Hague: Boom Juridische Uitgevers 2002; E. Barendt (ed.), Privacy, Aldershot: Ashgate 2001; F. Rigaux, La protection de la vie privée et des autres biens de la personnalité, Brussels: Émile Bruylant 1990; P. Kayser, La protection de la vie privée, Marseille: Presse universitaires d’Aix-Marseille 1990.
Brouwer ch-06.indd 147 3/13/2008 3:14:00 PM
148 Chapter 6
ECHR in the fi eld of governmental measures on the use of personal information. When does Article 8 ECHR apply and what are the criteria as formulated by the ECtHR with regard to the availability of eff ective remedies in order to protect the right to privacy? Th e aim of this Chapter is to discover when Article 8 ECHR becomes relevant for the actual theme of this research: the use of SIS and other EU databases used for immigration and border control.
Before going into the jurisprudence of the Strasbourg Court, I will briefl y summarise which role the right to privacy or private life has been given in the decision making process on EU data bases and data processing.
2. Taking Article 8 ECHR into Account in EU Policy
2.1. SIS and SIS II
In the discussions on the establishment of SIS I, the right to private life as pro-tected in Article 8 ECHR did not play an explicit role. When considering the protection of the rights of individuals, even if this was often referred to as “privacy rights”, both negotiators and commentators focussed on the necessary safeguards as provided for in data protection law.3 As we will see in the next chapter, thanks to active lobbying by data protection authorities, the fi nal text of CISA included explicit provisions on data protection to safeguard the rights of data subjects and referred to the Council of Europe Data Protection Convention of 1981 and the Recommendation on Police Files as basic principles to be imple-mented by the Schengen States. Even if these instruments of the Council of Europe are based on the right to private life as protected in Article 8 ECHR, the real consequences of the development of the use of a large database for the indi-vidual’s right to private life were not further explored by the Schengen states. During the debate on the approval act of the CISA, members of the Dutch par-liament questioned the Minister of Justice on whether the criteria for reporting persons in the NSIS were in accordance with the right to privacy as protected in Article 8 ECHR.4 More specifi cally, they asked whether the reasons for registra-tion complied with the criterion of “necessary in a democratic society of Article 8 (see below)”. Th e Minister of Justice answered initially that this was a “relevant question” for the interpretation of Article 96 CISA but at that moment he was not able to answer this question. Pressed by the members of parliament for a fur-ther response, the Minister later stated that, when drafting the provisions of
3 L.F.M Verhey, Privacy aspecten van de uitvoeringsovereenkomst van het akkoord van Schengen, NJB 31 January 1991, no. 5, p. 217.
4 Handelingen Tweede Kamer (Dutch Lower House of Parliament), 1991–1992, 22 140, no. 11, p. 35.
Brouwer ch-06.indd 148 3/13/2008 3:14:00 PM
Data Processing and the Right to Privacy 149
CISA, the Schengen States would have checked each alert to see whether the criteria were in conformity with the principle of necessity.5
During the development of the second generation SIS, the right to privacy was only marginally discussed and mostly the rights of individuals were consid-ered in terms of ‘data protection’. Not until 2004, in a discussion paper concern-ing the opinion of the Joint Supervisory Authority on the development of SIS II, did the Dutch government, as EU Council president, propose facilitating a debate on the future purpose of the SIS. In this paper, the Dutch Presidency explicitly referred to issues of transparency and privacy and questioned whether the other Member States considered it necessary to incorporate a privacy assess-ment into the development of SIS II.6 To my knowledge, this inquiry has never been followed up and, at least in the accessible documents, the issue of privacy has never been dealt with further. With regard to the use of biometrics in SIS II, we have seen above that the negotiating partners even explicitly refused to have a general discussion on the impact of the use of biometric data.7
2.2. Eurodac
Comparable with the development of SIS I and SIS II, the discussions on the necessity for individual protection at international level concerning Eurodac were limited to data protection issues. However, at the national level, more attention has been paid to the relationship between Eurodac and the right to privacy.8 NGOs in particular raised concerns both over the fact that Eurodac implied the fi ngerprinting of a large and specifi c group of people and that the persons to be registered were entirely innocent and not suspected of any crime. In the United Kingdom, the application of Article 8 ECHR was raised by the organisation Justice in its comments to the protocol extending the use of Eurodac to illegal immigrants.9 In the report on Eurodac of 1999, the Select Committee of the House of Lords made it clear that there was “little doubt about that compulsory fi ngerprinting interferes with the right to respect for private life in Article 8 (1) of the European Convention on Human Rights”.10 Th e Select Committee especially
5 Cited in the comments of the NGO, the Dutch Commission of Lawyers for Human Rights (Nederlands Juristen Comité voor de Mensenrechten, NJCM), Spring 1992 (author’s archive).
6 11055/04, 5 July 2004. 7 9672/05, 2 June 2005, referred to in Chapter 5. 8 In literature, the application of Article 8 ECHR has been raised in: Birgit Schröder, Das Finger-
abdruckvergleichssystem Eurodac , ZAR 2/2001, p. 71–76. See also my article, Eurodac: Its Limitations and Temptations, EJML 4, 2002, p. 231–247.
9 JUSTICE, Letter of 3 March 1999. 10 House of Lords, Select Committee on European Communities (Sub-Committee E), Tenth
Report, Fingerprinting Illegal Immigrants: Extending the Eurodac Convention. 8 June 1999, p. 21.
Brouwer ch-06.indd 149 3/13/2008 3:14:00 PM
150 Chapter 6
questioned the justifi cation for the fi ngerprinting and whether the governments had suffi ciently established the need and proportionality of this fi ngerprinting (including the fi ngerprinting of illegal immigrants). In this report, the Select Committee emphasised the Europe-wide impact of Eurodac, partly because of the fact that fi ngerprinting is compulsory for the persons concerned.
During the parliamentary discussions in the Netherlands on Eurodac , the ques-tion of whether there was a breach of Article 8 ECHR was dealt with on the basis of comments by the Dutch NGO, the Meijers Committee.11 According to this NGO, there were no legitimate grounds for the general fi ngerprinting of every asy-lum seeker and illegal immigrant as provided in the Eurodac Convention. During the parliamentary questions, the Minister of Justice argued that since fi ngerprinting was “desirable” for the purposes of the Dublin Convention (see above), this measure would be in accordance with the grounds for limitations in Article 8 (2) ECHR.12 It should be noted here that it is doubtful whether the criterion “desirable” meets the criterion of “necessary for a democratic society”.
2.3. VIS
During the development of the Visa Information System (VIS) an assessment of “the impact on privacy and human rights” was included in the Extended Impact Assessment published in 2004, together with the proposal for a VIS Regulation.13 To compare the costs of the alternative policy options with regard to the establish-ment of VIS, this report described the “impact on privacy and human rights” alongside “fi nancial costs”, “opportunity costs”, “retaliation costs” and “reductions in business travel and tourism”. Both with regard to the option of an entry/exit system based on VIS (checking persons whenever they enter or leave the territory) and the establishment of VIS including biometrics, the Impact Assessment study emphasised their extensive impact on the protection of the right to privacy: “Impact on privacy and human rights would be extensive, and there would be a substantial need to meet personal data requirements. Th e collection, storage and use of highly personalised and sensitive data , such as biometrics of all travellers applying for a visa to enter the territory of the Schengen states, would raise con-cerns over the proper use and protection of personal data of travellers on such a massive scale.”14 According to the Extended Impact Assessment on VIS, “Th e principles of proportionate and fair use of personal data and high security in the
11 Letters to the Dutch Parliament and the Minister of Justice on the Eurodac Convention, CM98-026, 24 February 1998 and CM98-094, 18 June 1998.
12 Handelingen Tweede Kamer, 1997–1998, 23 490, nos. 92 and 97. 13 SEC (2004) 1628, 28 December 2004, EPEC Final report, December 2004. 14 See p. 37 and 45.
Brouwer ch-06.indd 150 3/13/2008 3:14:00 PM
Data Processing and the Right to Privacy 151
system would have to be considered carefully”. In particular, the principles of pro-portionality and the necessity for storage and processing would have to be imple-mented in full.15 Furthermore, according to this report, the impact on privacy will depend on what biometrics are taken, for how long they are stored and which authorities will have access to the data. Th e drafters of the Impact Assessment Report did not refer to Article 8 ECHR.
Th e Commission, when publishing the proposal on the VIS Regulation, seemed not to take into account the concerns on the possible impact of VIS, including biometrics, for the right to privacy as mentioned in the Extended Impact Assessment Study. In the proposed preamble (20) to the proposal for the VIS Regulation, it was only stressed that the Regulation respects the fundamen-tal rights and observes the principles recognised in particular by the Charter of Fundamental Rights of the European Union.16 In the explanatory memorandum, the Commission did not mention the right to privacy, but only considered that “in view of the related sensitive issues for the protection of personal data, inter alia the consultation of the Article 29 Working Party is required”. With this con-clusion, the Commission disregarded the fact that the specifi c concerns men-tioned in the impact assessment were already based on an earlier and critical opinion expressed by the Working Party on the use of biometrics.17
In their opinions on the development of VIS and related issues, the EDPS and the Article 29 Working Party explicitly considered the impact of these develop-ments on the right to privacy. Th e EDPS referred to Article 8 ECHR when con-sidering the purpose and proportionality of the VIS. According to the EDPS, in the light of Article 8 ECHR and the general data protection framework, the pur-pose of VIS would be of crucial importance and “all the elements of the VIS must be necessary and proportional instruments to reach this policy goal in the interest of the common visa policy.” Although the EDPS defi ned safeguards regarding the use of VIS and especially the incorporation of biometrics, it did not give any detailed analysis on the criteria derived from Article 8 ECHR.
Th e Article 29 Data Protection Working Party considered more elaborately the scope and applicability of Article 8 ECHR with regard to the establishment of VIS.18 Th is Data Protection Working Party was especially concerned about the far-reaching consequences of the large-scale collection and processing of personal
15 Study for the Extended Impact Assessment of VIS, SEC (2004) 1628, 28 December 2004, EPEC Final report, December 2004. p. 45.
16 COM (2004) 0287, 28.12.2004. 17 Th e Article 29 Working Party is an independent European advisory body on data protection.
See the Working Document on biometrics, WP 80, 1 August 2003. http://europa.eu.int/ comm/justice_home/fsj/privacy/workinggroup.
18 Opinion 1022/05/EN, WP 110, 23 June 2005.
Brouwer ch-06.indd 151 3/13/2008 3:14:00 PM
152 Chapter 6
data on individual human rights, in particular the right to privacy. Th e Working Party criticised the multipurpose structure of VIS, including the use of biomet-rics, and questioned whether this would meet the criteria of proportionality and necessity on the protection of the right to privacy as developed by the European Courts, in this case both the ECtHR and the European Court of Justice (ECJ).
In their opinions, both the EDPS and the Working Party referred to the judg-ment of the ECJ in the case of Österreichischer Rundfunk and others.19 In this judgment, the ECJ explicitly applied Article 8 ECHR in application of EC Directive 95/46 on the protection of personal data. Th e ECJ confi rmed that the processing of personal data may constitute an interference with the right to pri-vate life as protected by Article 8 of the ECHR; this interference must be in accordance with the law and necessary in a democratic society for a legitimate aim. According to the ECJ, where the provisions of the EC Directive allow for a limitation of the rights of the data subjects, the criteria of Article 8 ECHR (and their interpretation by the ECtHR) should be applied to assess fi rstly whether the applicable legislation interferes with the right to private life and, if so, whether that interference is justifi ed from the point of view of Article 8 ECHR.
3. Article 8 ECHR and Data Processing: When is there an Interference with the Right to Private Life?
Article 8 ECHR reads:
1. Everyone has the right to respect for his private and family life , his home and his correspondence.
2. Th ere shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democraticsoci-ety in the interests of national security , public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others.
It is not easy to make a comprehensive analysis of the jurisprudence of the ECtHR on Article 8 ECHR. Since every case in which the Strasbourg Court has dealt with this human right has its own specifi c features, it is not always possible to reach general conclusions.20 In its judgments, the ECtHR repeatedly stressed that
19 Rechnungshof v. Österreichischer Rundfunk and Others (also referred to as Rechnungshof case), Joint Aff airs C-465/00, C-138/01 and C-139/01, ECR I-4989 §§ 71–83. See further Chapter 7.
20 See also L.A. Bygrave, Data Protection pursuant to the Right to Privacy in Human Rights Treaties, International Journal of Law and Information Technology, 1998, vol. 6, p. 247–284.
Brouwer ch-06.indd 152 3/13/2008 3:14:00 PM
Data Processing and the Right to Privacy 153
a clear-cut defi nition of the right to private life is impossible: “private life should be considered as a broad term which is not susceptible to an exhaustive defi ni-tion”.21 In general, the ECtHR made it clear that one of the purposes of the right to private life is to protect the right to identity and personal development. Th is protection should not be limited to the private sphere or the home of the individ-ual since, in the words of the ECtHR, Article 8 ECHR also protects “the right to establish and develop relationships with other human beings and the outside world and it may include activities of a professional or business nature”.22
In diff erent judgments, the ECtHR concluded that the right to private life was infringed by the collection, registration or use of personal information. With regard to public registrations, the ECtHR considered elements such as gender identifi cation, name, sexual orientation and sexual life as important elements of the personal sphere protected by Article 8. However, it is clear that this is not meant to be a limitative list.23 In the following sections, I will apply the scheme which is generally used by the ECtHR to establish whether, when dealing with data processing, there is a breach of Article 8 ECHR: is there an interference with the right to private life; is the interference in accordance with the law, and is this interference necessary in a democratic society? Only when it is established that Article 8 ECHR applies and there is an infringement of someone’s right to private life, can we consider which legal remedies should be provided for by the national legislator.
3.1. Secret Police and Security Files: Leander and Segerstedt-Wiberg
Th e fi rst case in which the ECtHR was asked to rule on the relationship between the recording of personal data by the government and the right to private life is the Leander v. Sweden judgment of 26 March 1987.24 Th is case dealt with infor-mation stored in secret police fi les, which was used by the applicant’s employer, the board of the Naval Museum, where he was temporarily hired as a museum technician. Based on this information, Mr. Leander was told to leave his work before the expiry of his contract. Leander, who had previously been a member of the Swedish Communist Party and of a soldiers’ union, was not informed of the reasons for this decision. Th e ECtHR found it uncontested that the secret police fi le contained information relating to the applicant’s private life. Both the storage and release of data concerning his private life in a secret police fi le and communi-cation of these data to employers, coupled with the refusal to allow the applicant
21 In P.G. and J.H. v. the United Kingdom, 25 September 2001 no. 44787/98, § 56, Reports 2001-IX and also Peck v. UK, 28 January 2003, appl. no. 44647/98, Reports 2003-I. § 57.
22 Niemietz v. Germany, 16 December 1992, appl. no. 13710/88, Series A, no. 251-B, § 29. 23 P.G. and J.H. v. the United Kingdom, § 56 and Peck v. United Kingdom, § 57. 24 Leander v. Sweden, 26 March 1987, appl. no. 9248/81, Series A, no.116.
Brouwer ch-06.indd 153 3/13/2008 3:14:01 PM
154 Chapter 6
the opportunity to refute them, amounted to an interference with his right to privacy as guaranteed in Article 8.25
Almost twenty years later, after publication of the Leander judgment, the ECtHR ruled in a comparable case which also dealt with secret police fi les in Sweden (Segerstedt-Wiberg and others v. Sweden).26 Th is judgment concerned fi ve Swedish nationals who complained about the storage of their information in fi les belonging to the national security agencies. Th e ECtHR concluded, with regard to four applicants that the continued storage of the information (in one case up to 30 years), constituted a violation of Article 8 ECHR and Article 10 ECHR regarding the freedom of information. With regard to the fi rst applicant, the ECtHR found that there was no violation of Article 8 since the data was held for the safety of the applicant herself, a former member of the Swedish Parliament who had been the subject of a bomb threat. Th e ECtHR found that, for the other applicants, there had been a disproportionate breach of their right to pri-vate life, not only because of the long period during which the data had been kept on fi le, but also because of the absence of a current, relevant threat to national security. Th e infringement of the right of freedom of information was based on the fact that the data collection, in particular, concerned the political opinions and activities of the applicants. As we will see below, the ECtHR also considered the (lack of ) eff ectiveness of the applicable remedies and the (lack of ) powers of the national data protection authority.
In Rotaru v. Romania (see also below), the ECtHR assessed the lawfulness of fi les held by the Romanian Intelligence Service.27 Th is case concerned the claim from a Romanian lawyer who had started proceedings against the Romanian Intelligence Service with regard to fi les including information on his alleged membership of a legionnaire movement and on the publication of two anti- government pamphlets. From these fi les, the applicant claimed, the Intelligence Service had provided information to the Romanian Minister of the Interior. In its judgment, the Strasbourg Court made it very clear that Mr. Rotaru’s right to private life had been infringed even though, as set forth by the Romanian gov-ernment, the information concerned his “public life”. According to the govern-ment, the applicant had waived his right to “anonymity” by engaging in political activities and publishing pamphlets. Th is argument was rejected by the ECtHR. Referring to its earlier judgment in the Leander case, the ECtHR emphasised that the storage of information about an individual’s private life in a secret regis-ter and the release of such information fall within the scope of Article 8. Repeating
25 Leander v. Sweden, § 48. As we see below, the ECtHR did not fi nd any breach of Article 8 ECHR. 26 Segerstedt-Wiberg and others v. Sweden, 6 June 2006, appl. no. 62332/00. Published in EHRC
2006, 89 with annotation of Jan Peter Loof. 27 Rotaru v. Romania, 4 May 2000, appl. no. 28341/95, Reports 2000-V.
Brouwer ch-06.indd 154 3/13/2008 3:14:01 PM
Data Processing and the Right to Privacy 155
its earlier conclusions in Niemietz v. Germany, the ECtHR made it clear that respect for private life must also comprise, to a certain degree, the right to estab-lish and develop relationships with other persons.
3.2. Child care Records, Health and Gender Information: Gaskin, Z and Goodwin
In 1989, the ECtHR applied Article 8 ECHR for the second time directly to personal data fi les in the public sector in the case Gaskin v. the United Kingdom.28 Th is case concerned the question of whether the right to private life as protected in Article 8 ECtHR included the right to have access to his or her personal infor-mation. In his youth, Mr. Gaskin was in the care of the Liverpool City Council. During his procedure before the national authorities and, fi nally, before the ECtHR he complained about the refusal by the local authorities to give him access to information concerning his youth. Th e municipal child care organisa-tion which held this information made access to this fi le dependent on the authorisation of the applicant’s mother. Th e government justifi ed the refusal to give Gaskin access to his information by stating that these fi les also contained information on other persons whose privacy had to be protected. In its judg-ment, the ECtHR referred to the earlier conclusion of the Commission that the fi les at stake unquestionably contained information concerning “highly personal aspects of the applicant’s childhood, development and history and thus could constitute his principal source of information about his past and formative years”. Th e ECtHR confi rmed the importance for the applicant to have access to the fi les concerning his youth (§ 37). Th e ECtHR made it clear that this conclusion applied only with regard to this specifi c case and the ECtHR did not intend to formulate a more general principle. Despite this restriction, the judgment has been considered an important development in the recognition of the right to access as one of the positive duties of governments with regard to the application of Article 8 ECHR to public fi les.
In Z v. Finland (1997), the ECtHR dealt with the appeal of Z. against the dis-closure of his health records, including information on his HIV infection.29 Th is information was revealed during court proceedings without the applicant’s con-sent. In this judgment, the ECtHR referred for the fi rst time explicitly to the obligations of the Data Protection Convention of 1981. Th e ECtHR concluded there was a breach of 8 ECHR, especially based on the fact that this case con-cerned the disclosure of medical fi les, including the information on the appli-cant’s HIV infection. According to the ECtHR, “the protection of personal data, not least medical data, is of fundamental importance to a person’s enjoyment of
28 Gaskin v. the United Kingdom, 7 July 1989, appl. no. 10454/83 Series A, 160. 29 Z v. Finland, 25 February 1997, appl. no. 22009/93, Reports 1997-I, §§ 95–100.
Brouwer ch-06.indd 155 3/13/2008 3:14:01 PM
156 Chapter 6
his or her right to respect for private life and family life as protected in Article 8 of the Convention”. In this conclusion, the ECtHR referred to the more general function of confi dentiality in the health sector, by stating that the reason for this protection and the respect for confi dentiality is not only to protect the privacy of the person concerned, but also “his or her confi dence in the medical profession and in the health services in general.”
Finally, at this point, one could refer to the jurisprudence of the ECtHR with regard to claims from transsexuals to have the information concerning their sex changed in public fi les, as well as birth certifi cates, identity cards or driving licences. Initially, the national authorities were given a wide margin of apprecia-tion because of the lack of general consent in the European States with regard to the acceptance of transsexuality.30 Since 1986, the ECtHR, having regard to sci-entifi c and societal developments, emphasised the need to keep appropriate legal measures under review.31 In 2002, in Goodwin v. UK, the ECtHR considered that, on the basis of more current developments, the duties of a national state to recognise and legalise a change of sex in governmental fi les on transsexuals could be more strictly defi ned.32
Although the type of information dealt with in the case law described above does not directly relate to the subject of my research, these judgments illustrate the close relationship between the storage or disclosure of personal information and the individual right to respect for private life. In these judgments, the ECtHR emphasised the special responsibility of public authorities with regard to the stor-age and processing of sensitive information such as medical data or gender infor-mation. As we will see in Chapter 7, section 5.3, data protection law includes extra safeguards with regard to the processing of sensitive data or “special catego-ries of data”, such as data on ethnicity, gender, sexual life, political opinions or the religion of the person. Th e special responsibility of the data processor towards sen-sitive data can be explained fi rstly by the fact that the information at stake, for example medical data, as well as information about a person’s youth, as in the Gaskin case, belongs to the core of a person’s private life. It is exactly this kind of information that individuals generally do not wish to disclose to others. Th e other
30 Rees v. the United Kingdom, 17 October 1986, appl. no. 8532/81, Series A, 106; Cossey v. the United Kingdom, 27 September 1990, appl. no. 10843/84, Series A, 184 (the latter judgment contained a very strong dissenting opinion by Judge Martens).
31 Sheffi eld and Horsham v. the United Kingdom, 30 July 1998, appl. no. 22985/93; 23990/94, Reports 1998-V, § 60.
32 Christine Goodwin v. the United Kingdom, 11 July 2002, appl. no. 28957/95 (unreported), see § 93: “Since there are no signifi cant factors of public interest to weigh against the interest of this individual applicant in obtaining legal recognition of her gender re-assignment, it reaches the conclusion that the fair balance that is inherent in the Convention now tilts decisively in favour of the applicant”.
Brouwer ch-06.indd 156 3/13/2008 3:14:01 PM
Data Processing and the Right to Privacy 157
reason why sensitive information needs extra protection is that the use of this information more easily results in discrimination against the person concerned. It is no coincidence that the principle of non-discrimination in Article 14 ECHR or Article 13 of the EC Treaty includes more or less the same grounds as a basis for prohibiting discrimination. In my view, it is clear that this special responsibility of national authorities for certain categories of data also concerns the use of biomet-rics and data on the nationality and the ethnic origin for the purposes of identity controls or visa applications.
3.3. Systematic Collection and Storage of Personal Information by Public Authorities: Amann and Rotaru
In several judgments, the ECtHR applied Article 8 ECHR on the basis of the cri-terion that there is systematic collection and storage of data. One very important decision is the judgment of 16 February 2000 in Amann v. Switzerland, since this gives a broad interpretation of Article 8 with regard to fi les held by the govern-ment.33 In this interpretation, Article 8 applies to the storage of information relating to an individual’s private life by a public authority, regardless of the sensi-tivity of the data and regardless of the use that is eff ectively being made by third parties.34 In this case, the ECtHR again referred to the Data Protection Convention . Th e applicant in this case was a Swiss salesman of “depilatory appli-ances”, which he advertised in magazines. In 1981, a woman telephoned from the Soviet embassy in Bern to order one of his items: the ‘Perma Tweez’ appli-ance. Th is telephone call was intercepted by the Federal Public Prosecutor’s Offi ce (Bundesanwaltschaft) in Switzerland. Later, the Public Prosecutor’s Offi ce drew up a card on the applicant for its national security card index on the basis of the par-ticulars provided by the police of the Canton of Zürich. When, in 1990, the pub-lic was informed of the existence of the card index held by the Public Prosecutor’s Offi ce, many people, including the applicant, asked to see their cards. On 9 March 1992, the applicant fi led an administrative law procedure with the Federal Court, claiming compensation from the Confederation of 5,000 Swiss francs for the unlawful registration of his particulars in the card index held by the Public Prosecutor’s Offi ce. He also requested that his fi le and card be sent immediately to the Federal Archives with a ban on making any copies and that the authorities be ordered to store the information under lock and key and not to disclose any of it without his agreement. His application was rejected by the Federal Court but, in 1996, the applicant’s card was removed from the card index and transferred to the Federal Archives, where it cannot be consulted for fi fty years.
33 Amann v. Switzerland of 16 February 2000, appl. no. 27798/95, Reports 2000-II. 34 Ibid., §§ 68–70.
Brouwer ch-06.indd 157 3/13/2008 3:14:01 PM
158 Chapter 6
In this judgment, the ECtHR gave a broad interpretation of the right to pri-vate life, by explicitly rejecting the reasons given by the Swiss government for limiting the scope of Article 8 ECHR. In the fi rst place, the ECtHR emphasised, by referring to its earlier conclusions in the Niemietz case, that there is no reason in principle to justify excluding activities of a professional or business nature from the notion of “private life”. Since the right to respect for private life com-prises the right to establish and develop relationships with other human beings, this right should inherently be extended to the public sphere. Th e ECtHR explic-itly concludes that such a broad interpretation corresponds to that of the Council of Europe’s Data Protection Convention of 28 January 1981. Secondly, the ECtHR rejected the submission of the Swiss government that the fi le in question did not contain sensitive data . In fact, the card only included the information that the applicant had “contact with the Russian embassy” and was doing “business of various kinds with the [A.] company”. However, other (censored) information which was held on the card was not disclosed to the applicant. Furthermore, the applicant’s lawyers submitted that the codes used on the card (1153: 0) (614) referred to the meaning “communist country” (1), “Soviet Union” (153), “espionage established” (0) and “various contacts with the Eastern bloc” (614) (see §§ 22 of the judgment). Th irdly, the Swiss government con-tended that the applicant’s private life would not in any way have been inconven-ienced as a result of the creation and storage of his card, which “in all probability [has] never been consulted by a third party”. Th e ECtHR countered this argument, noting “that it is not for the ECtHR to speculate as to whether the information gathered on the applicant was sensitive or not or as to whether the applicant had been inconvenienced in any way”. Th e Strasbourg Court found it suffi cient to fi nd that data relating to the private life of an individual were stored by a public authority in order to conclude that the creation and storage of the impugned card amounted to an interference within the meaning of Article 8, irrespective of whether this information was subsequently used.35
Th e refuted practices of the Swiss authorities in the Amann case can be com-pared with the practice of data profi ling or the collection of data on a group of persons based on certain common criteria rather than based on their individual behaviour. In the case of Amann, the extra surveillance measures by the Swiss authorities and the creation of a card were only based on two “suspicious facts”. Firstly, the Swiss authorities were monitoring all phone lines from the (former) Soviet embassy. Secondly, the Swiss authorities suspected the content of the phone call, unfamiliar as they were with the ‘Perma Tweez appliance’ in which the applicant was trading. Th e ECtHR made it clear that the creation of the card
35 Ibid., §§ 69–70.
Brouwer ch-06.indd 158 3/13/2008 3:14:01 PM
Data Processing and the Right to Privacy 159
fi le, regardless of whether or not the information was subsequently used, must be considered a breach of Article 8 ECHR.
In its judgment Rotaru v. Romania, the ECtHR referred more explicitly to the criterion of systematic collection and storage.36 According to the ECtHR, even public information may fall within the scope of private life when it is “systemati-cally collected and stored in fi les held by the authorities”. Th is would be all the more true when such information concerns a person’s distant past. With regard to this particular case, the ECtHR noted that the refuted letter from the Romanian Security Agency contained various pieces of information about the applicant’s life, in particular his studies, his political activities and his criminal record, some of which had been gathered more than fi fty years earlier. In the ECtHR’s opinion, such information, when systematically collected and stored in a fi le held by agents of the State, falls within the scope of “private life” for the purposes of Article 8 (1) ECHR. According to the ECtHR, this was all the more true since the information at stake had been declared false and was likely to damage the applicant’s reputation.
Th e criterion that even information belonging in the public domain may fall within the protection of a person’s private life, once systematically stored, was also used in the judgment in P.G. and J.H. v. UK (see below) and in Segerstedt-Wiberg v. Sweden.37
3.4. Recording of Voices and Video Images Collected in the Public Domain: P.G. and J.H. v. UK
In the case of P.G. and J.H. v. UK, a conversation between the two applicants had been recorded secretly while they were being charged at a police station and after they had refused to provide voice samples voluntarily. In this case, the UK gov-ernment submitted that the subject of these recorded conversations did not con-tain any private or substantive information and, therefore, the recording did not include any infringement of the right to private life. Th is argument was rejected by the ECtHR, considering that there is a zone of interaction between a person and others, even in a public context, which may fall within the scope of private life. Even if the applicants only answered formal questions in a place where police offi cers were listening to them, the recording and analysis of their voices on this occasion was, according to the ECtHR, still to be regarded as the processing of
36 Rotaru v. Romania, 4 May 2000, appl. no. 28341/95, Reports 2000-V, §§ 43–44. See further section 6.4.2 below.
37 P.G. and J.H. v. the United Kingdom, 25 September 2001, appl. no. 44787/98, Reports 2001-IX, § 11. See also Perry v. the United Kingdom, 17 July 2003, appl. no. 63737/00, Reports 2003-IX, § 38 and Segerstedt-Wiberg, § 72.
Brouwer ch-06.indd 159 3/13/2008 3:14:01 PM
160 Chapter 6
personal data about the applicants.38 Referring to its earlier judgments (including the Rotaru and the Amann cases), the ECtHR held that “private life considera-tions may arise” “once any systematic or permanent recording comes into exist-ence of such material of the public domain”. Furthermore, the ECtHR held that even if information has not been gathered by any intrusive or covert method, Article 8 ECHR would still apply.
Both in the Perry v. UK and Peck v. UK judgments, the ECtHR dealt with the recording and storage of video images by the police and the question of whether these practices constituted an infringement of an individual’s right to private life. Th e Perry v. the United Kingdom judgment concerned a claim by a person who had been arrested and charged with robbery.39 During his interrogation at the police station, the police authorities had fi lmed him secretly after he had refused to participate in an identifi cation parade. Th is fi lming using ‘custody suite camera’ was then shown to the witnesses at the identifi cation parade. Th e perma-nent recording of the footage and its inclusion in a montage for further use was regarded as the processing or collecting of personal data about the applicant. As we will see below, its subsequent unforeseen use was considered in breach of Article 8 ECHR. In Peck v. United Kingdom (see below), the ECtHR concluded that the further use of video surveillance by the police also violated the right to private life of the applicant.40
3.5. Administrative Data: Malone
In Klass v. Germany, the ECtHR ruled that telephone calls fall within the mean-ing of private life and correspondence of Article 8 ECHR.41 In the Malone case, the ECtHR went further by fi nding that not only the content of telephone calls, but also the administrative data concerning telephone calls (number dialled, duration and costs of call) form an integral part of the protected telephone com-munication.42 Th erefore, according to the ECtHR, communication of these data without the prior consent of the person concerned also caused a breach of the right protected in Article 8 ECHR.
3.6. Use of Information Beyond What is Normally Foreseeable: Perry, Peck and Lupker
In cases where the data had not been obtained voluntarily or in circumstances where it could reasonably be anticipated that it would be recorded and used for
38 P.G. and J.H. v. the United Kingdom, §§ 54–56. 39 Perry v. the United Kingdom, §§ 33–36. 40 Peck v. UK, 28 January 2003, appl. no. 44647/98, Reports 2003-I. 41 Klass v. Germany, 6 September 1978, appl. no. 5029/71, Series A, 28. 42 Malone v. UK, 2 August 1984, appl. no. 8691/79, Series A, 82, § 84.
Brouwer ch-06.indd 160 3/13/2008 3:14:01 PM
Data Processing and the Right to Privacy 161
identifi cation purposes, the ECtHR concluded there was interference with the applicant’s right to respect for private life.43 Th e ECtHR referred in this judg-ment to decisions of the Commission in Lupker v. the Netherlands and Friedl v. Austria, dealing with the unforeseen use by the authorities of photographs which had previously been voluntarily submitted by the applicants.44 According to the Commission in the Lupker case, the question of whether photographs were legally used by the police in identifi cation albums depended on whether they were obtained voluntarily or under circumstances were it could reasonably be anticipated that they would be recorded and used for identifi cation purposes.
In the case of Perry v. the UK, neither the applicant nor his solicitor was informed of the making of this video, nor of the fact that this video was shown to witnesses during an identifi cation parade. According to the ECtHR, the ‘ploy’ adopted by the police went beyond the normal or expected use of this type of camera (security cameras). In the judgment Peck v. United Kingdom of 28 January 2003, the applicant complained about the publication in the media of police video images, which were recorded by “CCTV cameras” on the street.45 Th is video surveillance had actually saved the life of the applicant, since it resulted in the involvement of the police which prevented him committing sui-cide. Th e ECtHR decided that the disclosure of these records to the media was beyond what was normally foreseeable and therefore interfered with his right to private life.
3.7. Passports and Identifi cation Measures: Smirnova and İletmiş
Finally, I refer to two judgments in which the ECtHR dealt with the withdrawal of passports. Although the considerations of the Strasbourg Court on the conse-quences of the withdrawal of identifi cation papers on the individual right to pri-vate life are not directly related to the issue of data processing, they become relevant when the use of large EU databases is closely, not to say inextricably, linked to identifi cation measures.
Th e fi rst judgment, Smirnova v. Russia, concerned the case of Russian twin sis-ters who were prosecuted and charged with fraud by the Moscow authorities. After being discharged, they complained about the violation of their rights under both Article 5 and Article 6 (1) ECHR with regard to the way they were treated
43 Perry v. United Kingdom, §§ 41–43. 44 Lupker and others v. the Netherlands, Commission decision of 7 December 1992, appl. no.
18395/91, unreported, and Friedl v. Austria, 31 January 1995 (decision of the Court to strike the case from the list, amicable settlement), appl. no. 15225/89, Series A, 305B. See the Commission report of 19 May 1994, §§ 49–52.
45 Peck v. UK, 28 January 2003, appl. no. 44647/98, Reports 2003-I.
Brouwer ch-06.indd 161 3/13/2008 3:14:01 PM
162 Chapter 6
during the criminal proceedings.46 One of the sisters also lodged an appeal on the basis of Article 8 ECHR, for the fact that during the proceedings between 1995 and 1999, her passport was withheld by the Russian authorities. Th e authorities justifi ed withholding the passport by the fact that the twins had used their simi-lar appearance several times to confuse the investigating authorities. After recall-ing that private life is a broad term not susceptible to exhaustive defi nition, the ECtHR concluded in this judgment that the confi scation of the passport consti-tuted continuing interference with the applicant’s private life (§ 97). Th e ECtHR underlined the direct relationship between the obligation upon citizens to iden-tify themselves at various moments and locations with the right to private life. Even if the applicant could not substantiate one specifi c event which would have constituted disrespect for her private life, the ECtHR considered that it was established that the applicant’s private life was infringed by a “number of every-day inconveniences taken in their entirety” which lasted between 1995 and 1999 (§ 96). Th e ECtHR considered explicitly that “in their every day life, Russian citizens have to prove their identity unusually often, even when performing such mundane tasks as exchanging currency or buying train tickets”, but also that a national passport was required for more crucial needs such as fi nding employ-ment or receiving medical care. Taking these facts together, the ECtHR con-cluded that confi scation of her passport included continued interference with the applicant’s private life.
Th e withdrawal of a passport was also dealt with in İletmiş v. Turkey, concern-ing a Turkish national who had lived in Germany since 1975.47 In 1984, the Turkish government launched an investigation into the applicant, accusing him of “separatist activities”. Th ese procedures were based on the applicant’s affi lia-tions to Kurdish organisations. During his visit to Turkey in 1992, the applicant was arrested and detained and the Turkish authorities confi scated his passport. After six days he was released but his passport was not given back to him. For seven years İletmiş was not permitted to leave Turkey. His family (spouse and two children) therefore chose to join him and to live in Turkey. Not until 1999 was the applicant fi nally acquitted of the charge of separatist activities and, after his passport was returned to him, the applicant and his family were able to return to Germany. Aside from the conclusion that his right to a fair trial under Article 6 (1) ECHR had been violated by the Turkish authorities, the ECtHR also held unanimously that the confi scation of his passport represented a breach of his right to private life. For this conclusion, the ECtHR reasoned that “in an age when the freedom of movement , especially across borders, was considered
46 Smirnova v. Russia, 24 July 2003, appl. no. 46133/99 and 48183/99, Reports 2003-IX. 47 İletmiş v. Turkey, 6 December 2005, appl. no. 29871/96 (unreported).
Brouwer ch-06.indd 162 3/13/2008 3:14:01 PM
Data Processing and the Right to Privacy 163
essential for the full development of private life, especially for people like the applicant, having family, occupational and economic ties in more than one country, denial of that freedom by the State without any good reason consti-tuted a serious failure on its part to discharge its obligations to those under its jurisdiction” (§ 50). According to the ECtHR, “the continued application of the prohibition on leaving Turkish territory no longer corresponded to a ‘press-ing social need’ and was therefore disproportionate to the aims permitted by Article 8.” In this judgment, the ECtHR explicitly connected the freedom of movement with the right to private life in Article 8 ECHR. According to the ECtHR, even though Article 2 of the fourth Protocol to the Convention (signed but not ratifi ed by Turkey) also protects the freedom of movement, this would not mean, as suggested by the Turkish government, that one and the same fact “may fall foul of more than one provision of the Convention and Protocols”.48
Th e Smirnova v. Russia and İletmiş v. Turkey judgments are important for our subject because they highlight the relationship between, on the one hand (repeated) identity controls and the right to private life and, on the other hand, freedom of movement and the right to private life. Th e former relationship is at stake when a person or a specifi c group of persons is repeatedly confronted with identity checks based on the use of data systems or data profi ling . Th e Smirnova judgment illustrates, in my view, that the right to private life is at stake when a person is repeatedly stopped at borders because he or she is listed in one of the EU databases, or because he or she belongs to a group of persons which is under extra surveillance by the government on the basis of data profi ling. Th e consider-ations of the ECtHR in the İletmiş judgment, in my view, apply to a person who is listed in SIS or SIS II, when the fact of this registration in practice results in a restriction of his freedom of movement and therefore also his right to private life as protected in Article 8 ECHR.
4. Is the Interference in Accordance with the Law? Quality of Law
Having concluded that Article 8 (1) ECHR applies, we must then assess whether a measure or action by a government interfering with the right to private life, is “in accordance with the law”. In the Leander case, on the practice of secret police fi les, the ECtHR found that it is not suffi cient for the interference to have some basis in domestic law: the law in question must be accessible to the individual concerned and its consequences must be predictable. Th e ECtHR acknowledged that the requirement of predictability in the special context of secret controls of
48 § 50. See, also Airey v. Ireland, 9 October 1979, appl. no. 6289/73, Series A, 32, p. 17, §§ 31–33.
Brouwer ch-06.indd 163 3/13/2008 3:14:01 PM
164 Chapter 6
staff in sectors aff ecting national security cannot be the same as in many other fi elds. “Th us, it cannot mean that an individual should be enabled to foresee pre-cisely what checks will be made in his regard by the Swedish special police service in its eff orts to protect national security.” Nevertheless, the ECtHR added that in a system applicable to citizens generally, as under the Personnel Control Ordinance, “the law has to be suffi ciently clear in its terms to give them an ade-quate indication as to the circumstances in which and the conditions on which the public authorities are empowered to resort to this kind of secret and poten-tially dangerous interference with private life”.49
In Malone v. UK, dealing with secret telephone tapping, the ECtHR stated that “in accordance with the law” refers not only to the availability of domestic law, but also to the “quality of the law”, requiring it to be compatible with the rule of law .50 Th e requirement of quality of law is further specifi ed in Huvig and Kruslin v. France.51 Th ese cases concerned the claims based on Article 8 ECHR of Mr. and Mrs. Huvig and Mr. Kruslin, whose phones were tapped during crimi-nal proceedings by the French authorities. Th e question in these cases was not so much whether this telephone tapping constituted an interference with the appli-cant’s right to private life, but whether the applicable French law was clear and foreseeable. Th e ECtHR held that, where tapping and other forms of telephone conversation represent a serious interference with private life and correspondence, this must be based accordingly on a law that is particularly precise. According to the ECtHR, clear, detailed rules on the subject are essential, especially since the technology available for use is continually becoming more sophisticated, as in the case in question. Since French law, written and unwritten, did not indicate with reasonable clarity the scope and manner of exercise of the relevant discre-tion conferred on the public authorities, the ECtHR found a breach of Article 8 of the Convention.52
In the Huvig and Kruslin judgments, the ECtHR further defi ned a set of cri-teria for lawful telephone tapping which should have been provided for in French law. Th ese criteria included the categories of persons liable to have their telephones tapped by judicial order and the nature of the off ences which may give rise to such an order; the lack of an obligation to set a limit on the duration of telephone tapping; the circumstances under which recordings may or must be erased or the tapes destroyed, in particular when an accused party has been
49 Leander case, 26 March 1987, §§ 50–51. 50 Malone case, 2 August 1984, appl. no. 8691/79, Series A, 82. 51 Both cases of 24 April 1990, appl. no. 11801/95, Series A, 176A (Kruslin), and appl. no.
11105/84, Series A, 176B (Huvig). 52 See Kruslin, § 36, and Huvig, § 35.
Brouwer ch-06.indd 164 3/13/2008 3:14:01 PM
Data Processing and the Right to Privacy 165
discharged by an investigating judge or acquitted by a court.53 Interestingly, a comparable list of criteria is given in Rotaru v. Romania with regard to the law regulating the collection, recording and the archiving of information in secret fi les. Assessing the “quality” of the Romanian law involved, the ECtHR con-cluded that this law did not include any limits on the exercise of the powers on the storage and use of the information by the Romanian Intelligence Services. Furthermore, Romanian law did not specify which information could be col-lected or stored and against which categories of people or under which circum-stances these surveillance measures were allowed. Also, there were no limits on the length of time for which the information could be stored.54 In the view of the ECtHR, the criteria of “in accordance with the law” and “quality of law” require supervision procedures and adequate and eff ective safeguards against abuse of the rule of law .55 Since the Romanian system did not provide such safeguards or a supervisory mechanism, the ECtHR ruled that the refuted storage and use of information by the intelligence service was not “in accordance with the law”.
In the case of Segerstedt-Wiberg v. Sweden, the ECtHR also used the criterion of whether the powers of the Swedish Security Service to store information in Secret Police registers for “special reasons”, as provided under the Swedish Police Data Act, included unfettered powers for these authorities. In this case, the ECtHR concluded that the scope of discretion conferred upon the competent authorities and the manner of its exercise were indicated with “suffi cient clarity, having regard to the legitimate aim of the measure in question, to give the individual adequate protection against arbitrary interference”.56
5. Necessary in a Democratic Society: Proportionality and Procedural Guarantees
In the case of Z v. Finland, which, as we saw above, concerned the disclosure of data about the applicant’s health during court proceedings, the ECtHR explicitly underlined the duty of the government to provide, in national law “appropriate safeguards” to prevent any such disclosure inconsistent with the guarantees in Article 8 of the Data Protection Convention .57 For this purpose, the ECtHR referred to the safeguards in Article 3 (2)(c) and Articles 5, 6 and 9 of the Data
53 Kruslin, § 35, Huvig, § 34. 54 Rotaru v. Romania, § 41. 55 Rotaru v. Romania, § 43. 56 Segerstedt-Wiberg, § 79. 57 As we can see in Chapter 7, this provision includes the rights of data subjects to access, correct
and delete personal data and the right to remedies if these rights are not respected.
Brouwer ch-06.indd 165 3/13/2008 3:14:01 PM
166 Chapter 6
Protection Convention. Th ese provisions deal with the quality of data, the protection of sensitive data and the legitimate exceptions to these safeguards.58
When it comes to national security or the prevention of disorder or crime, the ECtHR normally leaves a wider margin of appreciation to the national authori-ties to assess the necessity of the interference with the right to private life for the pursued goals, than it would in regular cases. Th is is especially underlined in Klass v. Germany and Leander v. Sweden.59 In the Leander judgment, the Strasbourg Court recognised “that the national authorities enjoy a margin of appreciation, the scope of which will depend not only on the nature of the legiti-mate aim pursued but also on the particular nature of the interference involved”. According to the ECtHR, the interest of the respondent State in protecting its national security must be balanced against the seriousness of the interference with the applicant’s right to respect for his private life. For this purpose of pro-tecting national security, the ECtHR accepted the need for Contracting States to have laws empowering national authorities, “fi rstly, to collect and store in regis-ters not accessible to the public information on persons and, secondly, to use this information when assessing the suitability of candidates for employment in posts of importance for national security.” However, in both the Klass and Leander judgments, the ECtHR made it clear that the power of the national police authorities to collect and store personal information should be counterbalanced by procedural guarantees. Th e considerations of the ECtHR in the Klass judg-ment (and repeated in Leander v. Sweden) that Contracting States do not enjoy unlimited discretion to subject persons within their jurisdiction to secret surveil-lance have been much quoted. “Th e Court, being aware of the danger such a law poses of undermining or even destroying democracy on the ground of defending it, affi rms that the Contracting States may not, in the name of the struggle against espionage and terrorism, adopt whatever measures they deem appropriate”.60
Whatever system of surveillance is adopted, the ECtHR ruled that adequate and eff ective guarantees against abuse must be in place. At the same time, in these judgments, the ECtHR referred to the relative meaning of the assessment of the safeguards at stake. Th is would depend on all the circumstances of the case, such as the nature, scope and duration of the possible measures, the grounds required for ordering such measures, the authorities competent to permit, carry out and supervise such measures, and the kind of remedy provided by national law. In the Leander case, the ECtHR was satisfi ed with the diff erent safeguards which were provided under Swedish law and the supervision eff ected by the
58 Z v. Finland, 25 February 1997, appl. no. 22009/93, Reports 1997-I, §§ 95–100. 59 See Klass and others v. Germany, judgment of 6 September 1978, Series A 28, §§ 46–49 and
Leander v. Sweden, § 59. 60 Klass and others v. Germany, §§ 49–50 and Leander v. Sweden, § 60.
Brouwer ch-06.indd 166 3/13/2008 3:14:02 PM
Data Processing and the Right to Privacy 167
Chancellor of Justice and the Parliamentary Ombudsman, as well as the Parliamentary Committee on Justice.
6. Article 8 ECHR and the Need for Eff ective Remedies
6.1. Independent Control Mechanism: Judicial or Non-Judicial Remedies
As we have seen above, in some judgments the ECtHR dealt with the question of whether suffi cient safeguards and supervisory mechanisms are in place, when assessing whether the interference was “necessary for a democratic ‘society” (Klass, Leander) or “in accordance with the law” (Rotaru). Also in the Gaskin v. UK judgment, the requirement of an independent controlling authority was dealt with under the question of whether the interference with the applicant’s right to private life was proportionate.61 In this judgment, the ECtHR explicitly stressed the importance of an independent controlling mechanism to balance the con-fl icting interests at stake. In the view of the ECtHR, a system on the confi denti-ality of public records is only in accordance with the principle of proportionality “if it provides that an independent authority fi nally decides whether access has to be granted in cases where a contributor fails to answer or withholds consent”. Th e “absence of any procedure to balance the applicant’s interest in access to the fi le against the claim to confi dentiality by certain contributors, and the conse-quential automatic preference given to the contributors’ interests over those of the applicant”, was considered disproportionate to the aim pursued and could not be said to be necessary in a democratic society.
In general, the ECtHR will consider the availability of legal remedies on the basis of claims that the applicant’s right to eff ective remedies under Article 13 ECHR in combination with the alleged violation of Article 8 has been breached. Even if the ECtHR, in some judgments, explicitly favoured the availability of judicial remedies, the ECtHR seems more concerned with the practical function-ing and the competences of the supervisory authorities. In the following sections, I only describe the criteria of Article 13 ECHR as formulated by the ECtHR in judgments dealing with the right to private life. In Chapter 9, the right to eff ective remedies will be further explored in relation to immigration law decisions.
In Klass v. Germany, the ECtHR considered that with regard to surveillance measures in the fi eld of national security “where abuse is potentially so easy in individual cases and could have such harmful consequences for democratic society as a whole”, it is in principle desirable to entrust supervisory control to a judge. According to the ECtHR, “the rule of law implies, inter alia, that interference by
61 Gaskin v. UK, § 49.
Brouwer ch-06.indd 167 3/13/2008 3:14:02 PM
168 Chapter 6
the executive authorities with an individual’s right should be subject to eff ective supervision, which should be normally carried out by the judiciary, at least in last resort, since judicial control aff ords the best guarantees of independence, imparti-ality and a proper procedure”.62 However, the ECtHR also concluded that given the available supervisory and other safeguards in the applicable German rules, the exclusion of judicial control does not exceed the limits of what may be necessary in a democratic society. Aspects which played a role in this decision were the guar-antees as provided under German law to reduce the eff ect of surveillance measures to an unavoidable minimum and a previous decision by the German Constitutional Court that persons should be informed of the termination of surveillance meas-ures as soon as notifi cation could be made without jeopardising the purpose of this restriction. In the Leander case, the ECtHR explicitly held that the authority referred to in Article 13 need not necessarily be a judicial authority in the strictest sense, but that the powers and procedural guarantees an authority possesses are relevant in determining whether the remedy is eff ective (§§ 82–83).
6.2. Accessibility
In the judgments discussed, the ECtHR did not explicitly defi ne any criteria regarding the accessibility of legal remedies. However, this principle is inherently linked to the emphasis of the ECtHR on the availability of eff ective remedies. For example, in the Klass v. Germany case, accepting the use of secret surveillance measures under certain circumstances, the ECtHR made it clear that once those measures are suspended, the national authorities should notify the person con-cerned so as to enable him to seek eff ective remedies before the courts.63 Th e ECtHR only accepted postponing informing the person concerned, “as long as this is necessary in order not to jeopardise the performance of the police task, even if the surveillance has ceased”.64
Th e requirement of accessible remedies can also be derived from the require-ments as defi ned by the ECtHR in the Huvig and Kruslin judgments on the quality of law. As we have seen above, these requirements include clarity and pre-dictability with regard to the scope and manner of exercise of the competences and the powers of the authorities involved.65 In the words of the ECtHR: “the law must indicate the scope of any such discretion conferred on the competent authorities and the manner of its exercise with suffi cient clarity, having regard to the legitimate aim of the measure in question, to give the individual adequate
62 Klass, § 56. Th is consideration is repeated in Rotaru v. Romania, § 43. 63 Klass, § 55. 64 Klass, § 58. 65 See Kruslin, §§ 30–36.
Brouwer ch-06.indd 168 3/13/2008 3:14:02 PM
Data Processing and the Right to Privacy 169
protection against arbitrary interference.”66 Comparable criteria were used in Rotaru v. Romania (see above), where the ECtHR assessed the quality of Romanian law on the storage of data. Here, the Strasbourg Court found that this law did not include any limits on the exercise of the powers regarding the storage and use of the information by the Romanian Intelligence Services. Also, the law at stake did not specify which information could be collected or stored and against which categories of people or under which circumstances these surveillance measures were allowed.
6.3. Scope of the Remedies
Based on the ECtHR’s decisions and the system of human rights as protected by the ECHR, one can deduce that national courts should be able not only to con-trol the legitimacy of the measures concerned, but also to assess the necessity and proportionality of these measures. Th is includes not only the balancing of indi-vidual rights against “a pressing social need”, but also, as is illustrated in the Gaskin judgment, to balance the competing individual rights. In this latter judg-ment, on the refusal to grant Gaskin access to his personal information, the ECtHR explicitly emphasised the importance of an independent authority which could weigh the diff erent interests at stake. In the fi eld of internal security meas-ures, the ECtHR accepted a more limited scope of review by national courts. In these cases, a system which envisaged controlling the surveillance measures afterwards has been considered a suffi cient safeguard.
6.4. Competences
6.4.1. Article 8 and Article 13 ECHRIn Klass v. Germany, the ECtHR acknowledged that the powers and procedural guarantees of the controlling authority are relevant in determining whether the remedy off ered is eff ective for the individual.67 As mentioned above, an important role of these authorities, according to the ECtHR, is to aff ord protection against abuse but also to repair or undo wrongful measures or decisions. In Rotaru v. Romania, the applicant claimed damages for the non-pecuniary damage he had suff ered and also applied for the amendment or destruction of the fi les in ques-tion. Referring to its general jurisprudence on Article 13 ECHR (see further Chapter 8), the ECtHR observed in this judgment that domestic remedies should allow the “competent national authority” both to deal with the substance of the
66 See also Malone v. the United Kingdom, judgment of 2 August 1984, Series A 82, p. 32–33, §§ 67–68, reiterated in Amann, cited above, § 56, and in Rotaru, cited above, § 55.
67 Klass, § 67.
Brouwer ch-06.indd 169 3/13/2008 3:14:02 PM
170 Chapter 6
relevant Convention complaint and to grant “appropriate relief”.68 In this case, the ECtHR found that there was no evidence that Romanian law provided for an eff ective remedy with regard to the holding of information on the applicant’s pri-vate life by intelligence services or for refuting the truth of such information. Th erefore, the ECtHR found there was a violation of Article 13.
In Leander v. Sweden, the ECtHR considered the powers of the Swedish Parliamentary Ombudsman, tasked with the supervision of secret police fi les. Th is supervision included the power to decide whether the information in these fi les was to be released to requesting authorities. In the view of the ECtHR, this direct and regular control over the most important aspect of the register – the release of information – provided a major safeguard against abuse.69 Also in the Leander judgment, the ECtHR referred to the power of the Swedish Parliamentary Ombudsman to lodge criminal proceedings or disciplinary measures against an offi cial who has committed an off ence by departing from the obligations inher-ent in his offi cial duties as an adequate safeguard. With regard to the eff ectiveness of the power of the Ombudsman to give non-binding advice, the Strasbourg Court gave a rather vague criterion: whether the advice of this institution would have any practical eff ect would depend on “his ability to convince the decision-maker or authority in question”. Although the ECtHR explicitly recognised the weaknesses in the control aff orded by the Parliamentary Ombudsman and the Chancellor of Justice, since neither authority could render a legally binding deci-sion, this “necessarily limited eff ectiveness” was inherent to “any remedy available to the individual concerned in a system of secret security checks”.
Interestingly in the Segerstedt-Wiberg judgment of 2006 which, as we saw above, involved a comparable case, the Strasbourg Court was more critical of the compe-tence of the Swedish Parliamentary Ombudsman. As we have seen, the ECtHR found a breach of Article 8 ECHR only with regard to four of the fi ve applicants. However, with regard to all the applicants, the ECtHR held that there was a breach of their right to eff ective remedies under Article 13 ECHR.70 Th e very fact that the Parliamentary Ombudsman lacked the power to render a legally binding decision was one of the grounds on which the ECtHR concluded that the appli-cants had no eff ective remedies. Furthermore, the ECtHR observed that the Records Board, a body specifi cally empowered to monitor data processing by the Secret Police on a daily basis, had no power to order the destruction, deletion or rectifi cation of the information kept in the fi les. Equally important are the consid-erations of the ECtHR in the Segerstedt-Wiberg v. Sweden judgment on the powers
68 Rotaru v. Romania, § 51. 69 Leander v. Sweden, § 65. 70 Segerstedt-Wiberg v. Sweden, §§ 118–122.
Brouwer ch-06.indd 170 3/13/2008 3:14:02 PM
Data Processing and the Right to Privacy 171
of the Swedish Data Protection Authority (Data Inspection Board), with which individuals could lodge a complaint. Th e ECtHR concluded that it had not been shown that the available procedure carried out by the Data Inspection Board off ered an eff ective remedy in practice with regard to an application for deletion of the data (§ 120). While it found the processing unlawful, the Data Inspection Board could order the processor to stop further data processing (“blocking of data”) upon penalty of a fi ne. But it was not empowered to order the deletion of unlawfully stored information. It could only make an application for such a meas-ure to the County Administrative Court. According to the ECtHR, no informa-tion had been furnished “to shed light on the eff ectiveness of the Data Inspection Board in practice”. On the contrary, during this procedure, the applicants alleged that during its 30-year existence, the Data Inspection Board had never performed a substantial review of the fi les held by the Security Police.
From the Segerstedt-Wiberg judgment, it is clear that in the light of Article 13 ECHR, national remedies should be eff ective not only on paper but also in prac-tice. Th is principle also follows on from judgments in which the ECtHR dealt with the requirement that individuals should exhaust the available national rem-edies on the basis of Article 26 ECHR before addressing the case to the Commission. In Akdivar v. Turkey, the ECtHR made it clear that this require-ment (exhaustion of national remedies) does not imply that individuals are obliged to have recourse to remedies which are inadequate or ineff ective.71 According to the ECtHR, if a government claims that national remedies have not been exhausted, it is the duty of the government to satisfy the ECtHR that the remedy was eff ective and available in theory and in practice at the relevant time. Th e remedy should be “capable of providing redress in respect of the appli-cant’s complaints” and off er “reasonable prospects of success”.
6.4.2. Article 8 ECHR and the Right to Financial Compensation under Article 6 ECHRAn important issue with regard to the future use of EU databases is the possibil-ity of lodging a claim based on Article 6 ECHR for damages which are caused by the use of information or data processing by governmental organisations in breach of Article 8 ECHR. Th is applicability of Article 6 ECHR with regard to damage caused by government information fi les is recognised by the ECtHR in the judgment in Rotaru v. Romania.72 As we have seen above, this case concerned the complaint by Mr. Rotaru with regard to the information stored about him
71 Akdivar v. Turkey, 16 September 1996, no. 21893/93, Reports 1996-VI, §§ 67–68, see also Salah Sheekh v. the Netherlands, 11 January 2007, no 1948/04, referred to in Chapters 8 and 13.
72 Rotaru v. Romania, §§ 74–79.
Brouwer ch-06.indd 171 3/13/2008 3:14:02 PM
172 Chapter 6
since 1948 by the Romanian Intelligence Services. After fi nding that there had been a violation of his right to private life, as laid down in Article 8, the ECtHR dealt with the Mr. Rotaru’s claim on the basis of Article 6 ECHR. Rotaru held that the refusal of the Romanian courts to consider his applications for costs and damages was in breach of his right to a fair trial . While the Commission decided to consider the complaint only under the more general obligation of Article 13 ECHR, the ECtHR observed that that there was no remedy for the applicant involving making an application for amendment or destruction of the fi le con-taining information about him (§ 61). According to the ECtHR, there was no doubt that the applicant’s claim for compensation for non-pecuniary damage and costs was a civil claim within the meaning of Article 6 (1) ECHR and that the Bucharest Court of Appeal would have had jurisdiction to deal with it. Th e Court of Appeal’s failure to consider the claim in this case therefore violated the applicant’s right to a fair hearing within the meaning of Article 6 (1).73
6.5. Non-discrimination
On the basis of Article 14 ECHR, the right to privacy should apply indiscrimi-nately to everyone, without distinguishing on grounds such as nationality, race, language, religion, etc… As we have seen above, in the fi eld of the protection of internal security , the ECtHR acknowledged the necessity of secret surveillance and thus privacy-infringing measures. One could argue that in these fi elds, limi-tations on the right to private life aff ect some groups of persons more than others. With regard to those persons who are specifi cally aff ected by surveillance meas-ures by national authorities, one cannot say that the right to privacy applies to them indiscriminately.
7. Conclusions: EU Databases, Article 8 ECHR and Eff ective Remedies
7.1. Data Processing and the Right to Private Life
In its jurisprudence on Article 8 ECHR with regard to the use of personal infor-mation by governments, the Strasbourg Court established that, in line with its general policy, Article 8 ECHR should be interpreted in an open-minded manner, with an eye for the actual circumstances and requirements of the society. Th e ECtHR developed useful criteria for the necessary balance of powers between the data-collecting authorities on the one hand and the protection of the interests and rights of the individual concerned on the other hand. In fact, in formulating these
73 Th e Court refers to the judgment in Ruiz Torija v. Spain, 9 December 1994, Series A, 303A, § 30.
Brouwer ch-06.indd 172 3/13/2008 3:14:02 PM
Data Processing and the Right to Privacy 173
criteria, the ECtHR seemed to recognise the broader function of the right to pri-vacy in the relationship between citizens and the government. According to the jurisprudence of the ECtHR, Article 8 ECHR is at stake when it concerns the collection, storage, or use of personal information in the following situations:
– secret police or secret service fi les (Leander, Segerstedt-Wiberg, Rotaru);– public fi les irrespective of the nature or the sensitivity of the information
stored in them (Amann);– health records (Z v. Finland);– child care records (Gaskin);– public fi les (Goodwin);– records of voices (Peck), photographs (Commission: Lupker and Friedl ), and
video surveillance images (Perry);– administrative data on telephone calls (Malone);– birth certifi cates, identity cards or driving licences (Goodwin); and– passports (Smirnova and I letmiş).
In order to establish whether an interference with the right to private life has occurred, the ECtHR based its conclusions on the following circumstances and methods of data processing:
– the ‘public circumstances’ in which the information was collected (Perry, P.G. and J.H.);
– whether it concerns the systematic collection and storage of personal infor-mation (Rotaru, Amann, Segerstedt-Wiberg, and P.G. and J.H.);
– whether the information concerns the person’s past (Rotaru);– whether the information was provided voluntarily or not (Lupker, cited in
Perry);– whether the person has given his or her prior consent to the further commu-
nication of personal data (Malone);– whether the further use of the information stored goes beyond the normally
foreseeable use (Peck, P.G. and J.H., Perry);– the consequences (of deprivation of passport) on everyday life (Smirnova);– whether there is a limitation on the freedom of movement (by confi scation of
passport) (Iletmiş); and fi nally,– whether the information is subsequently used in practice is not relevant
(Amann).
Considering our subject, the registration of third-country nationals in the EU databases, it can be concluded that the criteria formulated by the ECtHR are applicable on several grounds. In the fi rst place, the ECtHR emphasised that the systematic collection and storage of personal information by governments falls within the scope of protection under Article 8 ECHR. Secondly, it is clear that
Brouwer ch-06.indd 173 3/13/2008 3:14:02 PM
174 Chapter 6
the right to privacy is at stake if “sensitive” information such as biometric data is to be registered in SIS II and VIS. Th irdly, the frequent controls to be performed on the basis of this registration may cause disproportionate interference with the traveller’s right to privacy, including his freedom of movement . Th is is especially the case when these controls are combined with practices which may often be embarrassing for travellers, such as taking the person aside, questioning the per-son, collecting biometric data and carrying out body searches. Fourthly, based on plans for the interoperability of EU databases described above and the proposals for access to these systems by internal security agencies, it is clear that SIS II is becoming a tool for surveillance measures. Th is might lead to the semi- permanent control of the movements of the persons registered into SIS II, VIS or Eurodac , which is facilitated by the use of biometric data and the inclusion of these data in passports and visas. In various judgments, the ECtHR made an explicit link between surveillance measures used by government authorities and the right to privacy (Perry, Peck, Rotaru, Klass).
7.2. Procedural Guarantees and Eff ective Remedies
Th e ECtHR developed several criteria on the basis of the general criterion of Article 8 (2) ECHR, regarding the question of whether the interference is in accordance with the law. Th ese criteria on the predictability and accessibility of the law as well as on the necessary procedural safeguards are of more general importance when assessing data processing by government authorities. With regard to diff erent measures for data collection or data surveillance, the ECtHR defi ned the following requirements which should be envisaged in national laws:
– limits on the exercise of powers to store and use the information by the authorities (Leander, Rotaru);
– the duty to inform the person concerned in advance with regard to the stor-age of his or her information (Perry);
– defi nition of the kind of information that may be recorded (Leander, Rotaru);– defi nition of the categories of people against whom surveillance measures
such as gathering and maintaining information may be taken; and (Huvig-Kruslin, Rotaru);
– defi nition of the circumstances under which such measures may be taken or the procedure to be followed (Leander, Rotaru);
– defi nition of the situations in which information may be disclosed (Peck);– limits on the age of the information held or the length of time for which it
may be kept (Rotaru, Segerstedt-Wiberg);– appropriate safeguards to prevent disclosure which may be inconsistent with
the guarantees under Article 8 of the Data Protection Convention (Z );– safeguards to protect the quality of data and the protection of sensitive data (Z ).
Brouwer ch-06.indd 174 3/13/2008 3:14:02 PM
Data Processing and the Right to Privacy 175
Concluding, the jurisprudence of the Strasbourg Court makes clear that, if the impact of the use and storage of personal information by public authorities on the private life of individuals is overlooked, we will lose an important mecha-nism for controlling governmental powers. In its case law on Article 8 ECHR and the use of personal information by public authorities, the ECtHR did not doubt the importance of an independent supervisory mechanism. Th e ECtHR consistently stressed the need for an independent control mechanism when it comes to the infringement of an individual’s right to private life caused by the use of personal information by public authorities. Th e ECtHR gave diff erent grounds for motivating this need for the right to an independent supervisory mechanism. In the fi rst place, the ECtHR emphasised the need for an inde-pendent supervisory authority as a mechanism for the protection of the rule of law and to prevent the abuse of power, especially in the case of secret surveil-lance systems (for example in the Klass, Leander and Rotaru judgments). In other cases, the ECtHR demanded the availability of an independent mechanism, where specifi c sensitive data were at stake or where the case concerned a claim to access to such data (for example medical data or data about the applicant’s youth, in Z v. Finland and Gaskin v. the United Kingdom respectively). In these cases, access to an independent control mechanism was not only considered important because it clearly dealt with an infringement of someone’s right to respect for his private life, but also because of the need to balance the diff erent interests at stake.
In its judgments, the ECtHR established a preference for access by judicial authorities because it gave the “best guarantees of independence, impartiality and a proper procedure”.74 However, in diff erent judgments (for example, Gaskin, Leander) it was explicitly stated that a non-judicial supervisory mecha-nism could be appropriate. Th e general conclusion that legal remedies should in the fi rst place be practical and eff ective, has been affi rmed in Segerstedt-Wiberg v. Sweden. In this judgment, the ECtHR explicitly questioned the practical mean-ing of the (non-judicial) authorities with which individuals could lodge a com-plaint. In particular, the consideration of the ECtHR in this judgment, in which it required proof of evidence regarding the eff ectiveness of the Swedish Data Protection Authority in practice, is meaningful when assessing the meaning of data protection law. As mentioned above, the general criteria concerning the competence or powers of independent authorities as developed by the ECtHR in its jurisprudence on Article 6 and 13 ECHR will be dealt with further in Chapter 8.
74 Klass, § 56.
Brouwer ch-06.indd 175 3/13/2008 3:14:02 PM
176 Chapter 6
Finally, I have pointed out the importance of Article 6 ECHR with regard to the right to compensation. In Rotaru v. Romania, the ECtHR acknowledged the right of individuals to fi nancial redress for damages based on a breach of Article 8 ECHR caused by the data processing activities of public authorities. Th is means that Article 6 ECHR may be invoked by an individual when his or her civil liberties or rights are infringed by an administrative decision based on data processing activities.
Brouwer ch-06.indd 176 3/13/2008 3:14:02 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 177–244.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Chapter 7
Eff ective Remedies under Data Protection LawArticle 1 of the Council of Europe’s Data Protection Convention of 1981 :
“Th e purpose of this convention is to secure in the territory of each Party for every individual, whatever his nationality or residence, respect for his rights and funda-mental freedoms, and in particular his right to privacy, with regard to automatic processing of personal data relating to him (“data protection”).”
1. Introduction
Data protection law regulates the various stages involved in the processing of data (or information) on individual, physical persons (and sometimes groups and organisations of such persons).1 Th ese stages include the collection, registration, storage, use and dissemination of data. In Europe, the most important instru-ments concerning data protection law are the Data Protection Convention of 1981 of the Council of Europe and the EC Directive 95/46 on the protection of personal data. Whereas the EC Directive only applies to data processing within the scope of community law, the rules of the Data Protection Convention also apply to certain so-called ‘third pillar’ measures within the EU, dealing with data processing in the fi eld of police or justice, for example the Europol Convention. Accordingly, the use of VIS and Eurodac is covered by the rules of Directive 95/46 whereas, as we will see below, the CISA refers with regard to the use of SIS I to the applicability of the Data Protection Convention. With regard to the use of the second generation SIS, or SIS II, both instruments will apply. Regulation 1987/2006 on the use of SIS II for the registration of third-country nationals refers to Directive 95/46.2 Th e Decision on the use of SIS II for political and
1 L.A. Bygrave & J.P. Berg, Refl ections on the rationale for data protection laws in: J. Bing, O. Torvund (eds.), 25 Years Anniversary Anthology, Tano: Norwegian Research Center For Computers and Law 1995, p. 3 ff . See also L.A. Bygrave, Data Protection Law: approaching its rationale, logic and limits, Th e Hague: Kluwer Law International 2003.
2 Regulation 1987/2006, OJ L381/4, 28 December 2006.
Brouwer ch-07.indd 177 3/20/2008 8:32:53 PM
178 Chapter 7
judicial purposes refers to the Data Protection Convention. Furthermore, the EC legislator is preparing the adoption of a Framework Decision for data protection in the third pillar.
To assess the practical meaning of data protection with regard to the use of information systems such as SIS or SIS II , it is useful to understand the basic rights and principles which are at stake. Th e following sections will go into the development of national and international data protection law, trying to analyse the main functions of data protection. I focus on what can be considered as the central principles of the applicable international standards, in particular the aforementioned Data Protection Convention and the rules developed under EC and EU law. In this Chapter, I will also describe the development and content of the relevant data protection provisions in the CISA.
In the fi nal conclusions, in Chapter 14, the basic data protection principles will be applied to the current EU policy on the use of personal information and information technology. In the conclusions to this Chapter, I will address one of the central questions of this research: does data protection law provide for legal remedies for individuals?
2. Development of National Data Protection Law: Diff erent Phases of Law-Making
Th e introduction and use of information technology in the second half of the 20th century brought major changes in the administration of personal data. Information technology allowed for the collection of an increasing amount of data. It facili-tated the centralisation and accessibility of the information stored and increased our ability to integrate diff erent databases.3 Th ese new challenges for managing the information stock of organisations in the public and private sectors resulted in changes to public programmes and policies. For example, the ability to store more (and more detailed) information on citizens allowed the legislator to adopt, in the fi eld of social security or welfare, more specifi c rules, taking into account the spe-cifi c circumstances of the person concerned. Th e use of personal identifi cation numbers and the connection of diff erent information systems made it possible for information given to one authority to be used more easily and swiftly by other public departments or organisations as well.
3 J.B. Rule, Private Lives and Public Surveillance, 1974, p. 270 ff . and 308; A.F. Westin, Privacy and Freedom (1967), p. 158 ff .; Bygrave and Berg (1995), p. 7 ff .
Brouwer ch-07.indd 178 3/20/2008 8:32:54 PM
Eff ective Remedies under Data Protection Law 179
A relatively short time passed between the introduction of information tech-nology and the development of data protection rules.4 Th e Council of Europe played a major role in this development by establishing, at a very early stage, the fi rst framework for legal instruments. At the national level, for example, in the German federal state of Hessen, in Sweden and in the Netherlands, we see that during large automation projects the legislators were urged to adopt or at least to think about the adoption of data protection laws.5 Th ese projects included the establishment of a central population register and the electronic implementation of the census. In several countries, the governments installed special committees to investigate the need for new regulations. Th e fi rst data protection law in Europe, the Datenschutzgesetz in Hessen, was adopted in 1970 together with the introduction of the Hessian central population register. Th is law only applied to data processing in the public sector and provided for the establishment of an ‘ombudsman-like’ independent data protection authority. Th e data protection authority was responsible for ensuring the security of state fi les and for advising on the impact of new data processing techniques. Th e Hessian data protection law played an important exemplary role for the development of other national laws. In 1973 the ‘Data Act’ was adopted in Sweden, in 1974 the ‘Privacy Act’ in the United States and, in 1977, the Federal Data Protection Law in Germany. In 1978 the fi rst French ‘Law on data processing, fi les and individual liberties’ followed and, in Norway, the ‘Personal Data Registers Act’.
In describing the history of data protection law in Europe, one may distinguish diff erent phases of law-making.6 Generally, the basic principles of data protection were formulated in the period between 1970 and 1981. During this period, the ‘pioneers’ of data protection were based on a mechanism of prior control of data-bases, including prior registration or a licensing system. Th e second period, between 1981 and 1988, marked the end of an isolated national legislation proc-ess. Concerns about data protection on the one hand and the free fl ow of informa-tion on the other hand resulted in the adoption of the OECD Guidelines in 1980 and of the Data Protection Convention of the Council of Europe in 1981. Th e general principles of these international instruments were taken as an example in countries which still had to adopt their fi rst data protection laws. Th e legislator in
4 See, for a general history of data protection law: D.H. Flaherty, Protecting Privacy in Surveillance Societies. Th e Federal Republic of Germany, Sweden, France, Canada and the United States, Chapel Hill and London: University of North Carolina Press 1989, and F.W. Hondius, Emerging Data Protection in Europe, Amsterdam-Oxford: North-Holland Pub. Company 1975.
5 Staatscommissie bescherming persoonlijke levenssfeer in verband met persoonsregistraties KB [Royal Decree] 21 February 1972, no. 70, Stcrt. 1972, no. 43.
6 See S. Simitis (ed.) Bundesdatenschutzgesetz, sixth edition, Baden-Baden: Nomos 2006.
Brouwer ch-07.indd 179 3/20/2008 8:32:54 PM
180 Chapter 7
the UK passed its fi rst data protection law in 1984 and, in Ireland and the Netherlands, the fi rst laws were adopted in 1988. An important goal of the so-called ‘second generation’ law was to reduce the administrative obligations for data holders. In the third period, between 1988 and 1995, a fi rst revision of the diff er-ent national laws took place. Th ese amendments emphasised self-regulation and the withdrawal of bureaucratic rules. Th e fourth period, between 1995 and 2000, was marked by the implementation of EC Directive 95/46 on data protection. Th e implementation of the new rules in the Directive resulted, in the so-called ‘fi rst generation countries’ (France and Germany), in the second revision of their data protection laws. Th e requirement that this Directive be implemented before October 1998 forced some countries, for example Greece and Italy, to adopt their fi rst data protection laws. In these latter countries, the establishment of the SIS was another important incentive for the fi nal adoption of data protection law. As we will see below, before being allowed to use this system, the Schengen States were obliged to adopt national data protection provisions in accordance with the rules of the Data Protection Convention of 1981 (Article 117 CISA). Finally, the period since 2000 could be described as a new phase in data protection history. On the one hand we see the introduction of new information technologies including the use of biometrics, large-scale databases, ‘machine-readable docu-ments’ and the eff orts of national legislators to respond to these developments. On the other hand, as we will see in section 3.6, this period has been marked by the recognition of data protection as an independent human right in the Charter on the Fundamental Rights of the EU.
During these periods of development of data protection laws, diff erent models of regulation have been applied by national legislators. In a publication from 1992, Bennett distinguished between the voluntary control model, the subject control model, the licensing/registration model and, fi nally, the data commissioner model.7 Th e fi rst voluntary control model, chosen in particular in the United States and generally in the Netherlands, emphasised self-regulation and self- surveillance, including the appointment of data protection offi cials within the private organi-sation. Th e second subject control model focused on the rights of the data subject with regard to his or her data. Initially, the German data protection law especially emphasised the rights of data subjects but data subjects’ rights, including the right to have access to information, have now been inserted into every national law. Th irdly, the licensing and/or registration model included the involvement of a separate institution for the authorisation of new databases in either the public or
7 See, on the divergences and convergences of data protection policy: C.J. Bennett, Regulating Privacy. Data Protection and Public Policy in Europe and the United States, Ithaca and London: Cornell University Press 1992, p. 116 ff .
Brouwer ch-07.indd 180 3/20/2008 8:32:54 PM
Eff ective Remedies under Data Protection Law 181
the private domain. In the UK, authorities or organisations were obliged to regis-ter their new databases with the national data protection authority. Sweden and Norway operated a licensing system which meant that the database would have to be authorised by the data protection authority. In France and the Netherlands, both the licensing and the registration models applied, depending on the nature of data processing. Fourthly, one could distinguish the data commissioner model in which the controlling authority plays a central role with regard to the protec-tion of secure and lawful data processing (Germany). Furthermore, a distinction is made between countries with generally applicable laws (Germany, Austria) and countries with a sectoral approach (for example the US and, to a certain extent the Netherlands).
Gradually, however, the states adopted laws with a mixture of the above elements. Th is ‘mixture’ includes administrative rules (licensing system, adminis-trative fi ne), a civil law approach including contractual agreements and informed consent, and criminal law measures such as the ban on holding a personal fi le or sanctioning the infringement of data protection rules. One important develop-ment in data protection law is the fact that the bureaucratic requirement of prior registration and authorisation of personal fi les has been more or less abandoned. Th e new laws contained more powers of self-regulation for the data processing authorities and also provided for more detailed rules for the diff erent sectors. Th is development is to a large extent the result of a long period of trans-border exchanges of experiences. Since the 1970s, there has been regular cross-border exchange of ideas and solutions between national data protection experts. However, the development of international standards and the obligation to adapt national legislation to those standards also had a harmonising eff ect on national laws. In particular, the implementation of EC Directive 95/46 reduced the divergence between European countries.
3. Development of European Data Protection Law
3.1. 1981: Data Protection Convention of the Council of Europe
In 1968, the Parliamentary Assembly of the Council of Europe invited the Committee of Ministers to examine whether the European Human Rights Convention and the domestic laws of the Member States off ered adequate protection of the right to personal privacy vis-à-vis modern science and technology.8
8 Recommendation 509.
Brouwer ch-07.indd 181 3/20/2008 8:32:54 PM
182 Chapter 7
In response to that recommendation, a study was carried out at the instruction of the Committee of Ministers. Th is study showed that the present national legisla-tions provided insuffi cient protection of individual privacy and other rights and interests of individuals with regard to automated databanks. On the basis of these fi ndings, the Committee of Ministers adopted (in 1973 and 1974) two resolutions on data protection. Th e fi rst, Resolution (73) 22, established the principles of data protection for the private sector and the second, Resolution (74) 29, did the same for the public sector.9 Th e aim of these recommendations was to bring unity to the diff erent national regulations. According to the explanatory memorandum to the recommendation for the public sector, this instrument should contribute to the “public understanding and confi dence with regard to new administrative techniques which public authorities in the member states are using in order to ensure the optimal performance of the tasks entrusted to them”.
In 1976, the Committee of Ministers instructed the Committee of Experts on Data Processing, under the aegis of the European Committee for Legal Co-operation (CDCJ) “…to prepare a convention for the protection of privacy in relation to data processing abroad and transfrontier data process-ing”. Th e committee was instructed to do so in close collaboration with the Organisation for Economic Co-operation and Development (OECD ) and the non-European member countries of that organisation. Th is organisation also dealt with the development of international standards in the fi eld of informa-tion, computers and communications policy. Th e motivation of the OECD for this activity was in the fi rst place economic. At the end of 1970, mutual mistrust reigned between the United States and the European governments about the (protectionist) motives behind the data protection level of national laws in Europe and the low standard of privacy protection in the United States.10 In the framework of the OECD, governments reached agreement on the Guidelines governing the protection of privacy and transborder fl ows of personal data on 23 September 1980. Th ese guidelines, albeit not binding, still represent an international, not purely European, consensus on the core princi-ples of data protection. Between the two organisations, the OECD and the Council of Europe, a close liaison has been maintained at secretariat level and at the level of the Council of Europe’s committee of experts and the corresponding OECD committee, the Data Bank Panel.11
9 Resolution (73) 22 on the protection of the privacy of individuals vis-à-vis electronic databanks in the private sector and Resolution (74) 29 on the protection of the privacy of individuals vis-à-vis electronic databanks in the public sector.
10 Bennett (1992), p. 137. 11 See the explanatory report to the Convention.
Brouwer ch-07.indd 182 3/20/2008 8:32:54 PM
Eff ective Remedies under Data Protection Law 183
Four months after the adoption of the OECD Guidelines, the Convention for the protection of individuals with regard to the automatic processing of personal data was signed by the Committee of Ministers of the Council of Europe on 28 January 1981.12 Th e Convention entered into force on 1 October 1985. Although the Convention in principle applies only to the automatic processing of personal information, according to Article 3 States may, at the time of signature or later, give notice by declaration that the Convention will also apply to non-automated data processing. According to Article 1, the purpose of this Convention is to secure, on the territory of each Party the rights and fundamental freedoms of every individual and especially the right to privacy. Another important goal of the Convention, only mentioned in the preamble, is the aim of safeguarding the free fl ow of information. To reach this goal the Convention aimed to provide harmonised rules to prevent national data protection laws from causing limita-tions on the free fl ow of information. Article 12 of the Convention explicitly for-bids the State Parties from limiting trans-border data fl ow solely on the basis of data protection principles.
In the framework of the Council of Europe, several recommendations were adopted for more specifi c fi elds, for example the Recommendation regarding the police sector of 1987 and Recommendation on the use of personal fi les in the public sector of 1991.13 In 2001, the Committee of Ministers of the Council of Europe adopted an additional protocol to the Data Protection Convention regarding the role and powers of supervisory authorities and trans-border data fl ows.14 With regard to the use of SIS, Article 117 CISA refers explicitly to the applicability of the Data Protection Convention of the Council of Europe and to the Recommendation of the Council of Europe on the use of personal data in the police sector. Th is provision obliges the Schengen States to adopt the neces-sary national provisions in order to achieve a level of data protection law at least as equal to the principles included in these instruments.
3.2. 1990: Inclusion of Data Protection Provisions in the CISA
Th e drafting of the CISA took place between 1987 and 1990. At that time Germany, Luxembourg and France were the only Schengen countries which both
12 European Treaty Series (ETS), no. 108, Strasbourg 1982. Ratifi ed by France, Germany and the Netherlands on 24 March 1983, 19 June 1985 and 24 August 1993 respectively. Entered into force for Germany and France on 1 October 1985, for the Netherlands on 1 December 1993.
13 Recommendation on the use of personal data in the police sector, No. R (87) 15 and Recommendation on the communication of personal data held by public bodies, No. R (91) 10.
14 ETS no. 181, 8 November 2001, eff ective 1 July 2004.
Brouwer ch-07.indd 183 3/20/2008 8:32:54 PM
184 Chapter 7
ratifi ed the Data Protection Convention of 1981 and adopted national data pro-tection laws. In the Netherlands, a general data protection law was adopted in December 1988, but there was still no law on police fi les. Th e Dutch govern-ment only ratifi ed the Data Protection Convention in 1993. Belgium and Italy had no legislation, nor had they ratifi ed the Convention. Finally, Spain ratifi ed the Convention in 1984 but has not yet adopted a data protection law. Politicians in France and Germany in particular regarded this lack of data protection law in some of the Schengen states as a problem for the establishment of SIS and the exchange of police information as envisaged in the draft CISA. In May 1988, the Central Group decided that it was necessary for the Permanent Working Group on SIS to have contact with experts on data protection, in order to take into account the legal conditions on SIS. Th is resulted in the establishment of the Privacy Ad Hoc Group.15
Th e work of this Privacy Ad Hoc Group made the European data protection authorities aware of the development of SIS. Since then, these authorities expressed on several occasions their concerns about the lack and, later, incom-pleteness of data protection rules in the draft CISA.16 Initiated by the Luxembourg data protection authority, the existing Schengen data protection authorities met in 1988 and 1989 to discuss SIS and its consequences for data protection. At their second meeting of 17 March 1989, the French, Luxembourg and German data protection authorities adopted a declaration on the minimum standards which should be fulfi lled before SIS could become operational.17 In this declaration, the data protection authorities stated fi rst of all that the pro-visions regarding SIS should contain a clear, restrictive and defi nitive defi nition of the content of the database, its purpose and use. Furthermore, they required that each individual should have access to his or her data in every contracting state and the right to correct wrong or delete inaccurate data. Th e processing and use of the SIS data in each national state should be supervised by an independent authority. A common data protection authority, composed of representatives of the national data protection authorities of each Schengen state, would have to supervise the general functioning of SIS and fi nd harmonised solutions to
15 J. Dumortier, Het Schengen Informatie Systeem en de bescherming van persoonsgegevens, in: C. Fijnaut, J. Stuyck, P. Wytinck, Schengen: Proeftuin voor de Europese Gemeenschap? Arnhem: Gouda Quint 1992, p. 122.
16 See P. Billaud, La protection des données informatiques dans le cadre de l’Accord de Schengen, in: A. Pauly, Les Accords de Schengen: Abolition des frontières intérieures ou menace pour les libertés publiques?, Maastricht: EIPA 1993, p. 30.
17 D. Korff , Th e Schengen Information System: also a question of data protection, in: G.P.M.F. Mols (ed.), Dissonanten bij het Schengen Akkoord, Deventer: Kluwer 1990, p. 67 ff .
Brouwer ch-07.indd 184 3/20/2008 8:32:54 PM
Eff ective Remedies under Data Protection Law 185
common problems. Finally, according to this declaration, the provisions of the Data Protection Convention of 1981 would have to apply as minimum rules for the functioning of SIS. Th e joint declaration was sent to each government partic-ipating in the Schengen negotiations. In June 1989, before the intergovernmen-tal meeting which was planned for the approval of SIS, the French data protection authority, the CNIL , made an intervention on the minimum data protection standards for SIS. In this statement, the CNIL advocated the application of the Data Protection Convention and the Recommendation R (87) of the Council of Europe with regard to data protection in the police sector. Th e CNIL also empha-sised the necessity of a joint supervisory authority.
Th e involvement of national data protection authorities certainly infl uenced the fi nal outcome with regard to the provisions on data protection in the CISA. A draft of 27 October 1988 included provisions on data protection which more or less corresponded with the fi nal provisions of the CISA. Th is draft also included a Dutch proposal for a general reference to the Data Protection Convention , stating that “the section on SIS would also serve the protection of per-sonal data in conformity with the basic principles of the European Convention for the protection of individuals with regard to the automatic processing of personal data”.18 Th is latter draft text of the CISA provided for a purpose limitation principle with regard to both the storage and use of personal information similar to the current provisions of the CISA (Articles 94 and 102). Furthermore, this draft provided for the obligation to record or ‘log’ every fi ftieth transmission from SIS which, in the fi nal text of the CISA, was changed to the duty to log every tenth transmis-sion; see Article 103 CISA. Th e draft of November 1988 also included time limits of fi ve years for the storage of personal information in SIS. In the fi nal text of the CISA, this was changed in three years. Other rules in the draft concerned the liability of the issuing state for the accuracy of the SIS data, the individual’s right to access to his or her information and the right to recourse before a national court or another authority. Based on a proposal by the national data protection authorities, the negotiators inserted into the draft text of 7 August 1989 provi-sions regarding the role of national data protection authorities and the establish-ment of a Joint Supervisory Authority (hereafter JSA ).19 Th e Luxembourg government proposed, in an alternative text of 7 August 1989, granting the JSA extended powers and including in the fi nal text a provision on the basis of which
18 SCH/I (88) 7th rev. (Dutch version). See also the draft of 16 November 1988, SCH/I (88) 7, 2nd revision (Dutch version).
19 SCH/I (88) 7, 12th revision (Dutch version).
Brouwer ch-07.indd 185 3/20/2008 8:32:54 PM
186 Chapter 7
the use of data for purposes other than those provided by law would constitute a criminal act. Th ese proposals were not included in the fi nal text.
With regard to the exchange of personal information outside the scope of SIS, as provided for in Title VI, the CISA includes its own set of rules on data protec-tion.20 Th ese provisions deal with the exchange of information for policy and security purposes.
3.3. 1995: Directive 95/46 on the Protection of Personal Data
3.3.1. Protecting Individuals and Free Movement of DataInitially, the incentive for the European Commission to develop data protection law was related more to the concerns about the development of a European data processing industry able to compete with the US industry, than to the protection of individual rights.21 For example, in the communication on Community Policy on Data Processing: Development of EC data processing industry of 1973, the Commission stated that the development of this new industry in the EC could be impeded by national solutions with regard to the protection of individuals.22 Before 1989, the Commission did not forward any proposal in this fi eld but merely awaited the developments on the Data Protection Convention of the Council of Europe. Th e European Parliament, expressing its concerns about the rights of individuals, repeatedly urged the European Commission to come forward with a legislative proposal.23 Th e need for communitarian rules was emphasised by MEP Lord Mansfi eld in a speech given in 1974 stating that “data processing would not stop at the borders”.24 In 1976, the European Parliament adopted a resolution demand-ing the development of community law to protect individual rights from techno-logical developments. According to the European Parliament, a directive would be absolutely necessary to guarantee maximum privacy protection and to prevent the
20 See, for a general analysis of these rules: J. Dumortier, Protection of Personal Data in the CISA, International Review of Law, Computers & Technology 11 (1997) 93; L.F.M. Verhey, Privacy aspects of the Convention, in H. Meijers et al., Schengen. Internationalisation of central chapters of the law on aliens, refugees, privacy, security and the police, Leiden: NJCM 1992.
21 See S. Simitis, Datenschutz und Europäischen Gemeinschaft, RDV 1990, No. 1, p. 3–23, and R. Ellger, Datenschutz und Europäischen Binnenmarkt (part I), RDV 1991, No. 2, p. 57–65.
22 SEC (73) 4300. 23 See A.C.M. Nugter, Transborder Flow of Personal Data within the EC. A comparative analysis of
the privacy statutes of the Federal Republic of Germany, France, the United Kingdom and the Netherlands and their impact on the private sector. Deventer: Kluwer Law and Taxation Publishers 1990, p. 30 ff .
24 OJ 1974, parliamentary sessions, no. 179, p. 60, cited in R. Ellger (1991), p. 59.
Brouwer ch-07.indd 186 3/20/2008 8:32:54 PM
Eff ective Remedies under Data Protection Law 187
development of divergent national laws.25 In a resolution adopted in May 1979, the European Parliament submitted its own proposal for a Directive on the protec-tion of individual rights.26 In this proposal, the European Parliament defi ned basic principles which can be viewed as progressive and innovative for that time. For instance, the proposal included the liability of the data controller for damage caused by the misuse of personal data, whether or not this involved negligence on his part. Furthermore, it was proposed that the data controller should be obliged to inform the person concerned when data were stored for the fi rst time. Th e European Parliament also proposed that the matching or combining by any means of two separate databases should require the prior consent of an independent data protection body.
In a Recommendation of 1981, the Commission advised the EC countries to sign the Data Protection Convention of the Council of Europe.27 According to the same Recommendation, the Commission would only consider proposing a separate instrument based on the EC Treaty if not all Member States had signed and ratifi ed this Convention within a reasonable time. In a resolution adopted in 1982, the European Parliament urged the Member States to ratify the Data Protection Convention.28 Finally, in 1990, the lack of data protection laws in many EC Member States encouraged the European Commission to publish a legislative proposal on data protection.29 Th e timing of this proposal was trig-gered by the so-called FIAT case.30 Th e judgment illustrated the problem of diverging data protection laws in the Member States regarding the free move-ment of information. In this case, the French national supervisory authority (CNIL ) had refused to register the automated processing of data on employees, although prior registration was a requirement in the French data protection act for lawful data processing. Th e reason for this refusal was the intended transfer of these data by FIAT to Italy. Italy at that time had no data protection legislation nor had Italy signed the Data Protection Convention. Th erefore, CNIL insisted on a prior, contractual agreement between the French and Italian FIAT factories, which would have to confi rm the application of both the Data Protection
25 OJ C 100/27, 3.5.1976 26 OJ C 140/34, 5.6.1979. 27 Recommendation of 29 July 1981. OJ L 246/31, 29.8.1981. 28 OJ C 87/39, 5.4.1982. 29 Proposal of 27 July 1990, COM (90) 314 – SYN 287. OJ C 277, 5.11.1990. 30 See, on the role of this case for the development of EC law, B.J. Boswinkel, De privacyrichtlijn
begrensd, SEW Sociaal Economisch Weekblad 7/8 (1993), p. 551 and S. Simitis, Datenschutz und Europäische Gemeinschaft, RDV (Recht der DatenVerarbeitung) 1990, No. 1, p. 11.
Brouwer ch-07.indd 187 3/20/2008 8:32:54 PM
188 Chapter 7
Convention and French law.31 Th e fact that a national data protection authority forced companies to reach a contractual agreement before trans-border data fl ows could be allowed received much attention. Th e case was used to demonstrate the consequences of having divergent levels of data protection in EC countries and the need for more harmonised rules.
Th e fi rst draft of the EC Directive on data protection was criticised by a power-ful lobby of private organisations and companies. Th ese organisations considered the Directive too restrictive and too impractical for implementation. An amended proposal was submitted in 1992, taking into account the amend-ments of the European Parliament. Th e fi nal Directive was adopted by the Council on 24 October 1995.32 Th is Directive 95/46 was to be implemented by the Member States before 1 October 1998. Th is deadline for implementation was exceeded by several countries and the European Commission started proceedings on the basis of Article 226 EC Treaty against Germany, France, Ireland, Luxembourg and the Netherlands.33 In other countries, such as Italy (1996) and Greece (1997), the obligation to implement the EC Directive coupled with their desire to accede to the Convention Implementing the Schengen Agreement forced the legislators to proceed with the adoption of their fi rst national data protection laws. With regard to the enlargement of the EU by Central and Eastern European states, it was agreed in the so-called Copenhagen criteria of 1993 that these candidate states were committed to having Directive 95/46 transposed into their national laws by the time of their accession. In the fi rst evaluation report on the Directive of 2003, the European Commission concluded that all candidate member states, except Turkey, had passed legislation in the fi eld of data protection.34
3.3.2. Scope and Applicability of Directive 95/46In the 2003 evaluation report on the implementation of Directive 95/46, the Commission recognised that some provisions of the EC Directive were not clear
31 No. 89-79, 11 July 1989. 32 OJ L 281, 23.11.1995. 33 In 2001, Germany and the Netherlands announced their legislation and the Commission closed
their cases. Th e case against France was dropped as well after France announced its (amended) 1978 Data Protection Act. Th e case against Luxembourg resulted in condemnation by the Court of Justice. As result, Luxembourg implemented the Directive by a law which entered into force in 2002. Ireland announced a partial implementation in 2001 and adopted a bill in 2003 which implemented the Directive completely, source: COM (2003) 265, 15.5.2003, p. 3. See further, on the implementation of the EC Directive in the Member States: http://www.europa.eu.int/comm/justice_home/fsj/privacy/law/implementation_en.htm.
34 15 May 2003, COM (2003) 265, p. 13.
Brouwer ch-07.indd 188 3/20/2008 8:32:54 PM
Eff ective Remedies under Data Protection Law 189
and could be interpreted diff erently.35 Despite these diff erences in implementation and despite the new technologies which demanded other, more adapted, legal solutions, the Commission concluded there was no need to amend or modify the 1995 Directive.36 In the same report, the Commission referred to the importance and the wider impact of the EC Directive. According to the Commission, even though the Directive was based on Article 100A TEC (now Article 95), its appli-cability should be interpreted widely. Th is would mean that the EC rules should be regarded as applicable with regard to data processing outside the scope of EC law. In its judgment regarding Rechnungshof v. Österreichischer Rundfunk, the ECJ confi rmed the need to interpret the provisions of Directive 95/46 broadly.37
According to Article 3, the Directive does not apply to “the processing of per-sonal data in the course of an activity which falls outside the scope of Community law, such as provided for by Titles V and VI of the EU Treaty and in any case to processing operations concerning public security, defence, State security (includ-ing the economic well-being of the State when the processing operations relates to security matters) and the activities of the State in areas of criminal law”. Th e Data Protection Convention of the Council of Europe has wider application and covers data processing in the fi eld of police and judicial cooperation. With the integra-tion of the Schengen acquis into the EU Treaty, the laws on SIS were brought under Title VI of the EU Treaty. As a consequence, data stored in SIS in applica-tion of Article 96 CISA with regard to third-country nationals to be refused entry, do not fall within the ambit of EC Directive 95/46, even though the scope of its application, including border control and visa applications, has become subject to community law. Th is does not mean that the implementation of the SIS falls completely outside the scope of Community law. As we will see in Chapter 9, the ECJ ruled in the Commission v. Spain that a decision based on SIS, denying the right of entry or a visa to third-country nationals who are family members of an EU citizen, may infringe their rights under Community law. Th e new Regulation 1987/2006 on SIS II explicitly refers to the applicability of Directive 95/46.
Compared to the Data Protection Convention of 1981, the Directive 95/46 contains more detailed provisions, for example with regard to the rights of indi-viduals, lawful data processing, the competence and powers of national data pro-tection authorities, and the rules on the liability of the data owner. Th e Data Protection Convention sets out minimum standards for data processing, which implies that the signing States may off er more protection, but not less protection.
35 15 May 2003, COM (2003) 265, see p. 7–8. 36 Th is conclusion was repeated in the follow up of the Commission of the Work Programme for a
better implementation of the Data Protection Directive, COM (2007) 87, 7.3.2007. 37 See, on this judgment, sections 4.1.1 and 8.2 below.
Brouwer ch-07.indd 189 3/20/2008 8:32:54 PM
190 Chapter 7
Directive 95/46 includes a harmonised set of rules ensuring a high standard of protection for personal data throughout the EU. Th e Directive off ers a minimum level of data protection to be implemented into national law by the EU Member States. With regard to the fl ee fl ow of information the Directive includes however a maximum level of protection. Article 1 (2) of the Directive provides that Member States may neither restrict nor prohibit the free fl ow of personal data between Member States for reasons connected with the protection aff orded in this Directive. Furthermore, to meet the concerns of the diff erent organisations involved, the authors of the Directive provided for numerous exceptions to the general principles. Some provisions are defi ned so broadly that data holders and users are left with a large margin of appreciation.
In June 1999, the Data Protection Convention was amended, permitting the European Communities and non-Member States of the Council of Europe to become a party to the Convention.38 In 2006, only one state which is not a Member of the Council of Europe ratifi ed the Data Protection Convention: Montenegro. Of the Member States of the Council of Europe, the following states have not ratifi ed this Convention: Andorra, Armenia, Azerbaijan, Moldova, Monaco, Russia, San Marino, Turkey and Ukraine.39
3.4. Regulation 45/2001/EC: Data Protection Applicable to Community Institutions and Bodies
On 18 December 2000, the Council adopted Regulation 45/2001/EC on the protection of individuals with regard to the processing of personal data by Community institutions and bodies and on the free movement of such data.40 Th is Regulation is based on Article 286 TEC, according to which Community acts involving data protection would have to apply to the institutions and bodies created by, or on the basis of, this Treaty. Th is provision was included in the Amsterdam Treaty of 1999 in order to take away the inconsistent situation where Member States and organisations in those Member States were bound by the EC Directive 95/46, while Community institutions and bodies were not. As we will see below, on the basis of Regulation 45/2001, a European Data Protection Supervisor (EDPS) has been established to control data processing by Community institutions and bodies. Th is new body began its operations in 2005 and has published numerous opinions on the current developments with regard to SIS II, VIS and the use of biometrics.
38 Amendments will only enter into force after acceptance by all Parties to the Convention. See: http://www.coe.int/T/E/Legal_aff airs/Legal_co-operation/Data_protection/Documents/.
39 Source: Treaty Offi ce Council of Europe: http://conventions.coe.int (consulted in June 2007). 40 OJ L 008, 12.01.2001.
Brouwer ch-07.indd 190 3/20/2008 8:32:54 PM
Eff ective Remedies under Data Protection Law 191
3.5. Data Protection in the Th ird Pillar: A New Instrument
Since the adoption of Directive 95/46, the EU legislator has adopted new meas-ures on data processing and international cooperation on the basis of Title VI of the EU Treaty. Important examples are the Convention on the establishment of the European Police Offi ce or Europol , in 1995, and the Decision on the organisation for judicial cooperation or Eurojust , in 2002.41 Th e Member States also adopted sev-eral decisions providing for the transmission of personal data by the EU organi-sations or EU Member States to third parties or third countries.42 Th ese so-called third pillar measures fall outside the scope of Directive 95/46. Th e CISA, as well as the Europol Convention, and the Council Decision establishing Eurojust refer to the applicability of the Data Protection Convention and, with regard to SIS and Europol, to the Recommendation of 1987 on police fi les of the Council of Europe. Despite these rules, it was felt that data processing in the third pillar of the EU required specifi c data protection rules.
In 1998, the issue of the harmonisation of data protection in the third pillar was explicitly raised for the fi rst time in a discussion paper by the Italian Presidency.43 Th is paper referred to the fragmentation of data protection provisions for Europol , SIS and CIS, as well as to the increasingly intense cooperation in the third pillar. It called for uniform standards which would have to be developed and could then be incorporated into new systems. Th is call for harmonisation was supported by the national data protection authorities of the EU Member States.44 Under the German Presidency (fi rst half of 1999), this initiative was further elaborated by the Horizontal Working Party on Data Protection. Th is Working Party focussed on two issues: the harmonisation of data protection provisions in the third pillar instruments and the need to create a single supervisory body. Th is latter proposal resulted in 2000 in both the establishment of a joint secretariat for Europol, SIS and CIS, and in the installation of the European Data Protection Supervisor.45
41 Convention on the establishment of Europol , OJ C 316, 27.11.1995, and Council Decision 2002/187/JHA on the creation of Eurojust of 28 February 2002, OJ L 63/1, 6.3.2002.
42 For example, the Council Act on the transmission of personal data by Europol to third States and third bodies of 12 March 1999, OJ C 088, 30.03.1999.
43 JAI 15 8321/98, cited in a note by the Finnish Presidency, 5643/99, 4 February 1999. 44 Resolution JAI 16 8563/98, cited in the same note by the Finnish Presidency, 1999. 45 Council Decision of 17 October 2000 establishing a secretariat for the joint supervisory data
protection bodies set up by the Convention on the Establishment of a European Police Offi ce (Europol Convention), the Convention on the Use of Information Technology for Customs Purposes and the Convention implementing the Schengen Agreement on the gradual abolition of checks at common borders, OJ L 271/1, 24.10.2000.
Brouwer ch-07.indd 191 3/20/2008 8:32:54 PM
192 Chapter 7
Th e establishment of harmonised standards for the third pillar proved to be a diffi cult task. In 2000, the French Presidency of the EU Council prepared a draft Resolution on data protection rules under the third pillar of the EU.46 Th is draft was discussed within the Article 36 Committee and Working Party on Information Systems and Data Protection.47 Th e draft was an item for discussion on the agenda of the meeting of May 2001 of the Council of Justice and Home Aff airs (JHA), but the item was dropped and the subject seemed to disappear from the agenda. In June 2003, the Greek government, then holding the EU Presidency, submitted a new proposal for data protection in the third pillar.48 Th is proposal for Common rules for the protection of personal data within the frame-work of the third pillar contained thirteen general rules of data protection. Th ese rules would be the basis for a “common network of rules or a point of reference” with regard to both the national legislation of Member States and the actions taken by the EU in the fi eld of security and justice. At its meeting, the JHA Council took note of the Greek proposal, but again neither the content nor the need for common rules for the third pillar was discussed further.
In April 2005, the need for a harmonised approach and for a new instrument for data protection for the third pillar was affi rmed by the national data protection authorities of the EU Member States at their annual meeting in Krakow.49 According to this declaration, this new instrument should not only respect EC Directive 95/46 to guarantee the consistency of data protection within the European Union, but also provide for “a detailed set of rules taking into account the specifi c nature of law enforcement”. In October 2005, the European Commission presented a proposal for a Framework Decision on the protection of personal data in the framework of police and judicial co-operation in criminal matters.50 Th is proposal not only includes data protection rules; perhaps more importantly, it also provides the basis for the further exchange of information between national authorities of the EU and between the EU and third countries. Th is new emphasis on data sharing in the (draft) Framework Decision is also refl ected by the fact that between 2005 and 2006 the fi nal text had been prepared by the Multidisciplinary Group on Organised
46 10968/00, 30 August 2000, see for the statement of reasons: 10968/00 ADD 1 of 31 August 2000.
47 See 6316/01, 16 February 2001 and 6316/2/01, 12 April 2001. 48 Working document, no document number, see Conclusions Meeting JHA Council, 5–6 June
2003, 9845/03 (Presse 150), p. 32. 49 Spring Conference of European Data Protection Authorities, Krakow, 25–26 April 2005. 50 COM (2005) 475 fi n. See also, on this proposal, the Working Document of the rapporteur
Martine Roure of the LIBE Committee of the European Parliament, 7.2.2006.
Brouwer ch-07.indd 192 3/20/2008 8:32:54 PM
Eff ective Remedies under Data Protection Law 193
Crime of the EU Council.51 In December 2006 the JHA Council discussed a new text proposal by the Finnish Presidency.52 In conclusion, one could say that the original proposal of 1998 to provide for a data protection tool for the third pillar resulted in a new instrument which extended the powers of national authorities to exchange personal information.
3.6. Article 8 of the EU Charter: Data Protection as a Human Right
An important milestone in the development of data protection law has been the inclusion of data protection as a fundamental right in Article 8 of the EU Charter of Fundamental Rights of the European Union of 2000.
Article 8 EU Charter reads:
1. Everyone has the right to the protection of personal data concerning him or her.
2. Such data must be processed fairly for specifi ed purposes and on the basis of the consent of the person concerned or some other legitimate basis laid down by law. Everyone has the right of access to data which has been collected con-cerning him or her, and the right to have it rectifi ed.
3. Compliance with these rules shall be subject to control by an independent authority.
Before 2000, few attempts were made to insert data protection as a new funda-mental right into the ECHR. In 1979, the International Union of Lawyers adopted a resolution which proposed adding a regulation on the exercise of Article 8 ECHR in the fi eld of automated data processing.53 In February 1980, the Parliamentary Assembly of the Council of Europe recommended that the Committee of Ministers study the option of including a provision in the Human Rights Convention on the protection of personal data, either by amending Article 8 or Article 10 or by including a new Article.54 Th is initiative was supported by the European Parliament.55
51 Th is was also stressed by Lord Avebury, speaking at the Joint Parliamentary Meeting on EU developments in the area of freedom, security and justice at the European Parliament, 3 October 2006, published at: http://www.statewatch.org.
52 13246/4/06. See also the version of 24 April 2007, 7315/1/07, referred to below, in section 8.8. 53 Hondius (1975), p. 179. 54 Recommendation 890 (1980), 31st Session Document 4472, Document 4484. 55 Sieglerschmidt report of 8 March 1982, 1981–1982, Document 1–548/81.
Brouwer ch-07.indd 193 3/20/2008 8:32:54 PM
194 Chapter 7
At a national level, the right to data protection was only directly or indirectly protected by the constitution in a few countries. Th e Portuguese Constitution of 1976 provided for a right of knowledge regarding the automated processing of personal data and a ban on the use of personal ID numbers. In other countries, the right to data protection remained closely linked to the constitutional right to privacy. As we will see in Chapter 12, in Germany, the ‘informational self deter-mination right’ acquired constitutional protection with the Census judgment of 1983. Furthermore, the so-called Verfassungsbestimmung in the Austrian Data Protection Law of 1978 referred to the right of everyone to the confi dentiality of his or her personal data, especially concerning his or her private or family life . Both the Spanish Constitution of 1978 and the Dutch Constitution, since its revision in 1983, attributed the constitutional task to the legislator of regulating the use of information technology and the protection of private life.56
Th e inclusion of the right to data protection as a fundamental right in the EU Charter of 2000 confi rms that data protection is not merely a code of conduct, but an individual right to be considered independently of the right to private life laid down in Article 7 of the EU Charter. According to the Commission, the incorporation of the right to data protection in the EU Charter also gives added emphasis to the fundamental rights dimension of EC Directive 95/46 on data protection.57 In June 2006, in the judgment on the Family Reunifi cation Directive 2003/86, the ECJ emphasised that Member States themselves declared that they are bound to observe the principles as recognised in the EU Charter, including the right to private life protected in Article 7.58 Th e ECJ referred to the second recital of the preamble to the Family Reunifi cation Directive in which the EC legislator stated that the principles of the Charter should be observed. Secondly, the ECJ pointed to the fact that the Charter is a reaffi rmation of the constitutional traditions and international obligations common to the Member States.
4. Unveiling Reasons for Data Protection
Th e debate on the need for data protection has for a long time been closely linked to the need to protect the individual right to privacy. However, the notion of ‘privacy’, when used to explain the main goals of data protection, does not
56 Hondius (1975), p. 176–177. 57 European Commission, fi rst report on the implementation of the Data Protection Directive of
15 May 2003. 58 Case C-540/03, European Parliament v. the Council (not yet reported but see information in OJ
C 190/1, 12.08.2006), para. 38.
Brouwer ch-07.indd 194 3/20/2008 8:32:54 PM
Eff ective Remedies under Data Protection Law 195
provide a clear-cut defi nition of the rights and interests of the individual con-cerned. In 1992, Bennett described privacy as “a notoriously vague, ambiguous, and controversial term that embraces a confusing knot of problems, tensions, rights and duties”.59 According to Bennett, in both English-speaking and other countries, the word ‘privacy’ (or ‘informational privacy’) has long been used to add “popular appeal to statutes that essentially perform the same functions as European data protection laws”. Laws regulating the processing and use of personal information were therefore generally presented as ‘privacy laws’. On the other hand, the word ‘data protection’ has been criticised as well for being too technical and esoteric, a word which would mean little to the average citizen.60 For example, ‘data protection’ would not explain that the goal of this law is to protect persons instead of data.61 To distance themselves from the conceptual problems of both ‘privacy’ and ‘data protection’, commentators advocated the use of ‘fair data processing principles’, ‘fair use of personal information’ or ‘IT princi-ples of fair administration’ as more adequate defi nitions. As long ago as 1972, the Younger Committee in its report on Privacy in Great Britain recommended the adoption of “fair information principles”.62 In 1973, the American Committee on Automated Personal Data Systems, in its report Records, Computers and Rights of Citizens confi rmed the necessity for “fundamental principles of fair information practice”.63
A brief analysis of the main goals of data protection can be useful in explain-ing the central principles of data protection implemented in national and European data protection law. Th ese principles will then be elaborated in section 5. Although I realise that other goals could be defi ned as well, in my view data protection law in general serves three goals. Th e fi rst goal is the protection of the individual and, more specifi cally, the protection of his or her right to pri-vacy. Th is right includes the right to be left alone, the right to liberty and the right to informational self-determination. Th e second goal of data protection has a much broader scope and includes the protection of the rule of law . For this purpose, the concept of the ‘rule of law’ should be interpreted widely, similar to the German and Dutch concepts of Rechtsstaat. In this meaning, the ‘rule of law’ refers to a legal order in which the powers of the state (and possibly of civil
59 See Bennett (1992), p. 12–13. 60 Bennett (1992), p. 13. 61 Bull (1985), p. 3. 62 Report of the Committee on Privacy (the Younger Committee), Home Offi ce, London: HMSO
1973. 63 US Department of Health, Education and Welfare, Report of the Secretary’s Advisory
Committee on Automated Personal Data Systems, Washington D.C: HEW, 1973.
Brouwer ch-07.indd 195 3/20/2008 8:32:54 PM
196 Chapter 7
actors) are constrained for the protection of rights and liberties and the equality and legal security of individuals.64 Th is concept of the rule of law includes the principle of division or balancing of powers, the protection of human rights and a democratic legal order. By emphasising this goal separately, it becomes clear that data protection law not only protects the individual, but also the commu-nity of individuals as a whole. Th e third goal of data protection law is, in my view, the safeguarding of the principles of ‘good governance’ or ‘good adminis-tration’. Th is goal protects the interests of both the data subject and the data controller.
4.1. Protecting the Individual: Th e Right to Privacy
4.1.1. From the Right to be Let Alone to the Right of Personal LibertyIn the early discussions, in the 1970s and 1980s, dialogue on the issue of data protection often began with a reference to an article by Samuel Warren and Louis Brandeis in the Harvard Law Review in 1890.65 Th is essay, in which the two American judges commented on the intrusive practices of newspaper reporters, provided a fi rst doctrinal elaboration of the defence of privacy and “portraiture” with regard to slander and intrusive press publications. Th eir considerations on the right to privacy or “the right to be let alone” and their proposals for individ-ual redress for invasions of this right formed a basis for the development of a legal right of individuals for the protection of their personal information.
As we have seen in Chapter 6, the ECtHR applied the right to private life as protected in Article 8 ECHR to assess the lawfulness and proportionality of data processing and for protecting the individual against unlawful intrusion by governmental authorities. With regard to the relationship between citizens and government, it is clear that this right not only entails protection of the secrecy of private life, but also the liberty of one’s private life.66 In the Klass case of 1978, concerning secret surveillance measures by the German government, the ECtHR explicitly referred to the relationship between Article 8 ECHR and the freedom
64 Ph. Kunig, Das Rechtsstaatsprinzip: Überlegungen zu seiner Bedeutung für das Verfassungsrecht der Bundesrepublik Deutschland, Tübingen: Mohr (Siebeck) 1989; M. Burkens (et al.), Beginselen van de democratische rechtsstaat, Alphen aan den Rijn: Kluwer 2006, and D.J. Elzinga, De democra-tische rechtsstaat als ontwikkelingsperspectief. Over machtsregulering als ontwikkelingslijn, in: J.W.M. Engels, E.M. Middel (eds), De rechtsstaat herdacht, Zwolle: W.E.J. Tjeenk Willink 1989.
65 S.D. Warren and L.D. Brandeis, Th e Right to Privacy, Harvard Law Review, Vol. IV, 15 December 1890, no. 5. Downloadable from http://www.lawrence.edu/fast/boardmaw/Privacy_brand_warr2.html.
66 See also P. Kayser, La protection de la vie privée, Marseille: Economica Presses Universitaires d’Aix-Marseille 1990, p. 17 ff .
Brouwer ch-07.indd 196 3/20/2008 8:32:54 PM
Eff ective Remedies under Data Protection Law 197
of communication.67 In both the Niemietz and the Rotaru cases, the Court emphasised that the right to private life must also to a certain extent include the right to establish and develop relationships with other human beings.68
In the judgment Rechnungshof v. Österreichischer Rundfunk and Others (see fur-ther below), the ECJ explicitly stated that EC Directive 95/46 must be inter-preted in accordance with the right to private life as protected in Article 8 ECHR.69 According to the ECJ, if national courts were to conclude that the national legislation with regard to the processing of personal data is incompatible with Article 8 of the Convention, that legislation would also be “incapable of sat-isfying the requirement of proportionality in Articles 6(1)(c) and 7(c) or (e) of Directive 95/46”.70 In the same paragraph, the ECJ ruled that each of the excep-tions included in Article 13 of that Directive must comply with the requirement of proportionality with respect to the public interest objective being pursued. In the words of the ECJ: “that provision cannot be interpreted as conferring legiti-macy on an interference with the right to respect for private life contrary to Article 8 of the Convention.”
In the famous population Census decision or Volkszählungsurteil of 1983, the German Constitutional Court also emphasised this more ‘external’ aspect of private life.71 In this judgment, which has been extremely important for the discussions at international level and in other countries, the German Court emphasised the need for data protection to protect individual liberty. Th e Constitutional Court made it clear that even a person’s awareness that his or her movements are being ‘watched’ could aff ect his or her freedom to move or act. In the words of the Constitutional Court: “Anyone who is uncertain whether his or her deviating behaviour will always be noted and recorded, used or transmitted in the longer term, will try to not attract attention by such behaviour. Anyone who is concerned, for example, that his participation in a gathering or civil action
67 Judgment of 6 September 1978, appl. no. 5029/7. Compare the Pfeifer vs. Austria case concern-ing the right of correspondence of detained persons, 25 February 1992, Series A, no. 227, in which the Court confi rmed the link between privacy and the individual’s liberty, stating that the protection of secrecy of communication in Article 8 ECHR protects not only the content of this correspondence, but also the freedom to correspond.
68 Niemietz v. Germany, judgment of 16 December 1992, Series A, 251B, Rotaru v. Romania, 4 May 2000, appl. no. 28341/95, Reports 2000-V. See also Chapter 6.
69 Rechnungshof v. Österreichischer Rundfunk and Others, Joint Aff airs C-465/00, C-138/01 and C-139/01.
70 C-465/00, para. 91. 71 Judgment of 15 December 1983, 1 BvR 209/83, BVerfGE 65. To be discussed further in
Chapter 12 on Germany.
Brouwer ch-07.indd 197 3/20/2008 8:32:55 PM
198 Chapter 7
could be recorded by the government and that this will involve risks for him, may refrain from exercising his constitutional rights. (…) Th is would not only be detrimental to the possibilities for individual self-development, but also to the public interest [common well-being], because individual self-determination is a basic condition for the functioning of a democratic society, based on the freedoms of citizens to act and to cooperate.”72
Individual liberty, as one of the rights to be protected by data protection law, is also incorporated into the French data protection act, to be described in Chapter 11. According to Article 1 of this French law, information technology should not infringe upon human rights, including the right to privacy and individual or public liberties.
Looking at the principles of data protection law described in section 5, the right to privacy is refl ected, for instance, in the principle of purpose limitation which protects an individual from unauthorised access to his or her data. Furthermore, it is protected by the special safeguards with regard to ‘sensitive’ data and by individual participation rights.
4.1.2. Informational Self-determinationSince the 1960s, new theories have emerged on the relationship between an indi-vidual and his or her personal information, which go beyond the protection of secrecy and liberty of one’s private life. In his Privacy and Freedom, published in 1967, the American author Westin gave a new defi nition of ‘privacy’ which implied the right of an individual to control the further dissemination of his or her personal information. Westin described privacy as “the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about themselves is communicated to others.” Westin’s publi-cation was infl uential in the discussions on data protection law, not least because it described general developments in (American) society posing a risk to personal privacy. Th ese developments included new practices of eavesdropping, the exper-iments at that time with ‘polygraphs’ or lie detectors, the new use (including by private corporations) of personal testing for employment purposes and the expanding practice of large-scale data collection, facilitated by the automation of data processing. In the European discussion, Westin’s publication was especially important because of his more active approach of the individual and his rights to deal with the new problems caused by automated data processing.
In its jurisprudence, the ECtHR recognised the right of individuals to control to a certain extent the use and registration of their personal information.
72 BVerfGE 65, para. 42, cited in Bull (1985), p. 12 (own translation).
Brouwer ch-07.indd 198 3/20/2008 8:32:55 PM
Eff ective Remedies under Data Protection Law 199
Th ese conclusions dealt not only with claims for the deletion of personal data from public fi les (for example, Leander or Segerstedt-Wiberg), but also with the right to have access to personal fi les (Gaskin). Th e Court also recognised the right of persons to have their personal data in public fi les changed in accordance with their feelings or wishes.73 In Germany and, to some extent, in other coun-tries too, the right to “informational self-determination” became embedded in the aforementioned Volkszählungsurteil of the Constitutional Court. Th e Court described the so-called “informationeller Selbstbestimmungsrecht” as “the power of individuals to decide in principle about the providing and use of his or her personal data”.
At national level, governments adopt an ambivalent attitude towards this con-cept of informational self-determination. In the Netherlands, for example, the government explicitly rejected the recognition of a constitutional right to infor-mational self-determination, fearing that such a right would tilt the balance between the individual and the state too far in favour of the data subject.74 On the other hand, the concept of autonomy and the right of individuals to control their own data was later used in order to justify governmental plans for multi-functional ID cards. Th ese cards, to be used in health care, were linked to several proposals from the right for individuals to control the use of their personal infor-mation.75 In 2001, a ‘digital locker’ was even proposed, enabling each citizen to decide which information could be forwarded to which authority.76
Th e right to informational self-determination should be distinguished from the so-called ‘ownership principle’, giving individuals an unlimited and absolute right regarding their data.77 Such a right, similar to a right of copyright or property, has been advocated especially in the fi eld of private relations, for example with regard
73 For example, in Goodwin v. UK (dealt with in Chapter 6, section 3.2) with regard to the registration of a transsexual who wanted to have the information about his sex changed in the governmental fi les.
74 Handelingen Tweede Kamer (proceedings of Dutch lower house), 1997–1998, 25 892, no. 3, p. 9, cited in P. Blok, De splitsing van privacy. Advies over het grondrecht op privacy in het digi-tale tijdperk, Ars Aequi 50 (2001) 6, p. 438.
75 Commissie ICT en Overheid (Commissie Docters van Leeuwen), Burger en overheid in de infor-matiesamenleving: de noodzaak van institutionele innovatie, Th e Hague: 2001.
76 Adviescommissie Modernisering GBA (Commissie Snellen), GBA in de toekomst: Gemeentelijke basisadministratie als spil voor toekomstige identiteitsinfrastructuur, Th e Hague: 2001.
77 Th e ownership theory is formulated by the French author P. Catala in: Ebauche d’une théorie juridique de l’information, Revue de droit prospectif, 1983, no. 1. An analysis of the discussions on this ownership principle is given in: K. Benyekhlef, La protection de la vie privée dans les échanges internationaux d’informations, Montréal: Ed. Th émis 1993, p. 38 ff .
Brouwer ch-07.indd 199 3/20/2008 8:32:55 PM
200 Chapter 7
to the commercial use of personal information or the right to publicity in the fi eld of media law.78 However, in general, an unlimited interpretation of the ownership principle has not been considered realistic.79 It would for example not be feasible for a data user to be obliged to seek approval from the data subject for every use of his or her data, since this would ignore the fact that such relations are not (always) free interaction or communication.80
Th e data protection provisions on the right of access, correction and deletion of personal data, to be discussed below, can be considered an example of the implementation of the right of an individual to control one’s data or the right to informational self-determination. Th is right is also refl ected in the principle of the prohibition of automated decision-making.
4.2. Protecting the Rule of Law
4.2.1. Balance of PowersAccording to the preamble to the Data Protection Convention , the rule of law is one of the goals of data protection law. Th e explanatory memorandum to this Convention explicitly refers to “the necessity of data protection as a tool of balanc-ing powers”. As far back as 1967, in his Privacy and Freedom, Westin pointed out the consequences of the new developments on the automation of databases for the balance of powers between citizen and government.81 According to Westin, “the increased collection and processing of information for diverse public and private purposes, if not carefully controlled, could lead to a sweeping power of surveil-lance by government over individual lives and organisational activity”. His view that data protection is a necessary instrument to ensure the balance of powers or equality of arms (Waff engleichheit) is still or perhaps even more true for the use of information technology in the 21st century. Th e importance of protecting the individual against any misuse of powers by the government was emphasised by
78 J.C.S. Pinckaers, From privacy toward a new intellectual property right in persona: the right of pub-licity (United States) and portrait law (Netherlands) balanced with freedom of speech and free trade principles, Th e Hague: Kluwer Law International 1996.
79 See also L.A. Bygrave, Privacy Protection in a Global Context - A Comparative Overview, Scandinavian Studies in Law, 2004, vol. 47, p. 324.
80 Y. Poullet, Data Protection between Property and Liberties. A Civil Law Approach, in: H.W.K Kaspersen and A. Oskamp (eds.), Amongst Friends in Computers and Law. A Collection of Essays in Remembrance of Guy Vandenberghe, Deventer/Boston: Kluwer Computer/Law Series 1990, p. 161 ff .
81 Westin (1967), p. 158.
Brouwer ch-07.indd 200 3/20/2008 8:32:55 PM
Eff ective Remedies under Data Protection Law 201
the ECtHR in its jurisprudence on Article 8 ECHR. As we have seen in Chapter 6, in the Klass and Leander judgments, the ECtHR focussed especially on the importance of procedural guarantees to counterbalance the powers of the national police authorities to collect and store personal information. Th e French Data Protection Law, the purpose of “balancing powers” is refl ected by the principle that information technology should serve the interests of citizens (l’informatique doit être au service de chaque citoyen).
Th e goal of data protection should therefore be to strengthen the position and rights of data subjects with regard to the processing and use of his or her personal information. By regulating the relationship between the public authorities and data subjects, data protection rules should protect the citizen from arbitrary and unfair measures based on data processing.82 Examples of these “counterbalancing” provisions of data protection are the rules safeguarding the transparency of data processing. Furthermore, the right to apply for access, correction or deletion of his data strengthens the position of the data subject.
4.2.2. Informational Division of PowersClosely related to the idea of the rule of law and the balance of powers is the (originally German) concept of informational division of powers or “Informationelle Gewaltenteilung”.83 Th is principle protects citizens against a concentration of power by the government, by preventing one authority having access to informa-tion from other authorities, regardless of organisational boundaries or the pur-poses for which the information was gathered. Originally, the concept of the informational division of powers was founded in the concerns of administrative organisations about the consequences of information technology for their mutual relations. In 1967, Westin already predicted that the new information technolo-gies would cause changes to the governmental organisation: “All the government agencies concerned with a problem, such as health, employment, education, etc. whatever their level of government, will be part of an integrated information system and will coordinate their information to make decisions”.84
In the fi rst national data protection law in Hessen, the concept of informa-tional division of powers was initially developed to protect the autonomy of lower governments, such as the German Länder or municipalities, from the powers of the central government. Th e Hessian data protection law even provided for a role for the data protection commissioner to check whether automation leads to any
82 Bygrave & Berg (1995), p. 8. 83 See among others H.P. Bull, Datenschutz oder die Angst vor dem Computer, München-Zürich:
Piper 1984, p. 113, and A. Roßnagel, Datenschutz und Datensicherheit (DuD), 10/95, p. 584. 84 Westin (1967), p. 325.
Brouwer ch-07.indd 201 3/20/2008 8:32:55 PM
202 Chapter 7
change in the distribution of powers among governmental bodies. Later, the prin-ciple of informational division of powers became more important for protecting the rights of individuals, rather than those of the lower governments. On a politi-cal level, the choice in favour of decentralised public administrations was espe-cially meant to alleviate citizens’ fears of central databases. German scholars advocated a more general theory of prohibition to exercise control through the use of information beyond organisational borders.85 Such an informational divi-sion of powers was however contrary to the constitutional principle of Amtshilfe obliging public authorities to cooperate and exchange information, under certain circumstances, with other governmental authorities (Art. 35 GG).86 In the Census case or Volkszählungsurteil of 1983, the German Constitutional Court however acknowledged the importance of an informational division of powers.87 Th e Court held in this judgment that the public administration does not constitute “one informational unit” (Informationseinheit) in which personal data can be freely exchanged. According to the Court, it is the task of the legislator to provide guarantees against “alienation of purpose” or Zweckentfremdung.88
Th e informational division of powers is mainly refl ected in the data protection principle of purpose limitation . Th is, as we will see below, obliges authorities to defi ne the purpose of their data processing. In principle, the use or disclosure of information for anything other than the original purpose is limited.
4.3. Data Protection as an Obligation for ‘good administration’
Th e principle of ‘good administration or governance’ refers to the duty of adminis-trative authorities to take measures aimed at protecting data fi les from unauthorised access, or security measures which should prevent the loss or destruction of stored information. Generally, of course, this principle applies to the relationship between enterprises and their clients or employees as well but, for our purposes, I focus on the relationship between the government and its citizens. Th e goal of ‘good admin-istration’ is related to the abovementioned concepts of “fair information principles” or “fair use of personal information”.
‘Good administration’ serves in the fi rst place the interests and rights of indi-viduals or the data subjects. Th e right to good administration is included as
85 A. Podlech, Gesellschaftspolitischen Grundlagen des Datenschutzes (1976), cited in Bull (1985) p. 13.
86 B. Schlink, Die Amtshilfe . Ein Beitrag zu einer Lehre von der Gewaltenteilung in der Verwaltung. Berlin: Duncker & Humblot 1982.
87 BVerfgE 65, 1, para. 46 and 69. 88 S. Simitis (ed.) Bundesdatenschutzgesetz, Baden-Baden: Nomos 2006, p. 75.
Brouwer ch-07.indd 202 3/20/2008 8:32:55 PM
Eff ective Remedies under Data Protection Law 203
a human right in Article 41 of the Charter on Fundamental Rights of the EU. Th is right clearly illustrates the new emphasis on good governance and the close relationship between good governance and the use of personal information, including the proper use of personal information and fair decision making on the basis of that information.
Article 41 of the EU Charter reads:
1. Every person has the right to have his or her aff airs handled impartially, fairly and within a reasonable time by the institutions, bodies, offi ces and agencies of the Union.
2. Th is right includes: a. the right of every person to be heard, before any individual measure which
would aff ect him or her adversely is taken; b. the right of every person to have access to his or her fi le, while respecting
the legitimate interests of confi dentiality and of professional and business secrecy;
c. the obligation of the administration to give reasons for its decisions3. Every person has the right to have the Union make good any damage caused
by its institutions or by its servants in the performance of their duties, in accordance with the general principles common to the laws of the Member States.
4. Every person may write to the institutions of the Union in one of the languages of the Constitution and must have an answer in the same language.
Th e principle of ‘good administration’ not only protects citizens. It also serves the interest of the organisation holding data fi les. In the fi rst place, organisations depend on the reliability of personal fi les. If the information held is outdated, incorrect or incomplete, this will hamper the functioning and administration of the data holder. Data holders, whether private or public, are conscious of the importance of fair information practices for maintaining the confi dence of their clients or citizens. A person who has no confi dence in how the organisation is processing his or her information will be reluctant to provide further informa-tion to this organisation. We have seen above another motive for ‘good adminis-tration’: the implementation of the data protection law as included in the Data Protection Convention of 1981 and EC Directive 95/46. By ensuring the same level of data protection in their countries, governments have tried to ensure that there are no impediments to trans-border data processing or the ‘free fl ow of information’. A high level of data protection ensures the reliability and accuracy of personal data and thus the mutual trust and exchange of information between authorities. In its comment on the draft Framework Decision on Data Protection in the third pillar, the EDPS confi rmed this by stating: “An eff ective protection of data protection is not only important for the data subjects but also contributes
Brouwer ch-07.indd 203 3/20/2008 8:32:55 PM
204 Chapter 7
to the success of the police and judicial cooperation itself. In many aspects, both public interests go hand in hand”.89
Th e goal of good administration is ensured fi rstly by the data protection prin-ciples of security and accountability. However, the accuracy and reliability of data processing is also served by the rights of individuals to apply for access, correction or deletion of their personal data.
5. Data Protection Principles
Th ere is no absolute or defi nitive set of principles. In the literature and in the various instruments at stake, varying lists have been defi ned of what should be considered basic data protection rules.90 Th e eight principles described in the OECD Guidelines of 1979 are often used as a starting point for describing the main rules of data protection law. Th ese include the principles of collection limi-tation, purpose specifi cation, data quality, use limitation, security safeguards, openness, individual participation and accountability. Th e data protection prin-ciples as described in the following sections are based on the Data Protection Convention and EC Directive 95/46. Th ey include:
1. purpose limitation , including: a. ban on “aimless data collection”; b. legitimacy of purpose; c. use – disclosure limitation; and d. time limit on storage of data;2. transparency or purpose specifi cation;3. extra safeguards for special categories of data;4. quality of data;5. individual participation or rights of the data subject, including: a. the right to be informed; b. the right of access to information; c. the right to request correction, deletion or blocking of further processing;6. ban on automated decision-making;
89 In its opinion of 19 December 2005 on the draft Framework Decision for Data Protection in the third pillar, OJ C 47/27, 25.2.2006, consideration 5.
90 See, for example the six “core fair information principles” of Bennett: principles of openness, individual access and correction, collection limitation, use limitation, disclosure limitation and security, Bennett (1992), p. 101 ff .
Brouwer ch-07.indd 204 3/20/2008 8:32:55 PM
Eff ective Remedies under Data Protection Law 205
7. security;8. accountability;9. non-discrimination.
Considering recent proposals or comments on data protection, one will see that the principles developed more than twenty-fi ve years ago are still the guiding standards. For example, the explanatory memorandum to the proposal for a Framework Decision on data protection in the third pillar refers to “the general rules on the lawfulness of processing of personal data”, including not only the principles mentioned above, but also emphasising the liability of data controllers and the possibility of imposing sanctions by supervisory authorities.91 Furthermore, the European Data Protection Supervisor repeatedly refers to the general data protection principles.92 In the following sections, I will consider whether these principles have been incorporated into the CISA. Th e right of access to legal remedies under data protection law is discussed separately in section 7 of this Chapter.
5.1. Th e Principle of Purpose Limitation
Purpose limitation is one of the central principles of data protection. According to Article 6.1 (b) of EC Directive 95/46, personal data must be collected for specifi ed, explicit and legitimate purposes and must not be further processed in a way incompatible with those purposes. As we will see below, this principle includes diff erent layers of protection. Firstly, it prohibits the collection of per-sonal data for unknown or unspecifi ed purposes. Secondly, it prohibits the use or disclosure of personal information for purposes other than the specifi c purpose for which the data have been collected. Th irdly, the principle of purpose limita-tion provides that data should not be retained any longer than is necessary for the specifi ed purpose. Purpose limitation is closely linked to the principle of purpose specifi cation (see section 5.2) which implies that data holders should specify and make transparent the purposes of the relevant data processing. Both the purpose limitation and the purpose specifi cation principle refl ect the idea that data processing should be foreseeable for the data subject and should not go beyond the reasonable expectations of the person concerned.93 As we have seen above, in
91 COM (2005) 475, 4.10.2005. 92 See, for example, Opinion of 28 February 2006, Brussels: http://www.edps.europa.eu. 93 See D. Elgesem, Th e structure of rights in Directive 95/46 on the protection of individuals with
regard to the processing of personal data and the free movement of such data, Ethics and Information Technology 1, 1999, p. 283–293.
Brouwer ch-07.indd 205 3/20/2008 8:32:55 PM
206 Chapter 7
its jurisprudence on the protection of the right to private life, the ECtHR explic-itly emphasised the importance of “foreseeability” with regard to the processing of personal data by governmental authorities.94
5.1.1. Ban on “aimless data collection”Th e “ban on aimless data collection” or “Verbot pragmatikloser Datensammlung” as defi ned by Podlech, refers to the principle that personal data should not be col-lected or stored without the prior specifi cation of the goal of this data processing.95 According to this principle, the gathering of information just to keep these data ‘in stock’ for future unspecifi ed purposes is prohibited. Th e ban on aimless data collection is closely linked to the principle of purpose specifi cation, described below. In the Council of Europe Recommendation R (87) on police fi les, this principle is explicitly included with regard to data processing for criminal investi-gation procedures. According to principle 2.1 of the Recommendation on police fi les, the collection of personal data for police purposes should be limited to such as is necessary “for the prevention of a real danger or the suppression of a specifi c criminal off ence”. Th e Recommendation therefore prohibits the general collection of data, unrelated to any specifi c criminal investigation. Th e importance of the principle of “if there is no crime, there is no investigation”, was confi rmed in the second evaluation of the Recommendation R (87) in 1998.96 Th is evaluation describes the matching of police data gathered in the course of criminal investiga-tions based on vast numbers of persons, completely unrelated to any crime. According to the conclusions of this evaluation, these general data surveillance checks should be limited to specifi c cases described in national criminal law and be granted on the basis of a specifi c mandate from the judiciary.
Th e purpose of the SIS is described in Article 93 CISA, in conjunction Articles 95 to 99.97 Where Article 93 includes the general goal of SIS, Articles 95 to 99 give – for each category of data to be stored in SIS – the purpose for which these data are to be used. According to Article 93, the purpose of the Schengen Information System is “to maintain public policy and public security, including
94 Judgment Peck v. United Kingdom, 28 January 2003, Appl. no. 44647/98. 95 A. Podlech, Gesellschaftspolitische Grundlagen des Datenschutzes in: Dierstein/Fiedler/ Schulz
(eds.), Datenschutz und Datensicherung, Köln 1976, p. 311. Cited by H.P. Bull (1985), p. 13. 96 Report by A. Patijn, CJ-PD expert from the Netherlands. Data protection and the police.
Evaluation of Recommendation R (87)15, 1998, available at: http://www.coe.int/t/e/legal_ affairs/legal_cooperation/data_protection/documents/reports_and_studies_of_data_protection_committees/.
97 Since Article 100 CISA includes data on objects, this provision will not be dealt with in this context.
Brouwer ch-07.indd 206 3/20/2008 8:32:55 PM
Eff ective Remedies under Data Protection Law 207
national security , in the territories of the contracting parties and to apply the provisions of this convention relating to the movement of persons in those terri-tories, using information communicated via this system”. Th is purpose, which is very broadly defi ned, makes it clear that SIS was intended fi rstly as “tool for the police for maintaining the public order and security” and, secondly, as a tool to control the movement of persons across borders. What is important is the gen-eral principle of Article 94 CISA, which states that SIS should only include such data as are necessary for the purposes of Articles 95 to 100. Th is explicit require-ment is important because it forces the contracting parties, forwarding data, to investigate whether the interest of the case justifi es registration in the SIS.
5.1.2. Legitimacy of PurposeTh e principle of purpose limitation not only requires the availability of a specifi c goal for data processing, but also implies the legitimacy of this goal. Th is princi-ple of a legitimate purpose is included in Article 5 of the Data Protection Convention . EC Directive 95/46 goes further, with the inclusion of a limitative enumeration of purposes for which personal data may be processed. According to Article 7 of the EC Directive, data processing is legitimate if:
– the data subject has given his consent;– the data processing is necessary for a contract to which the data subject is a
party;– the processing is necessary for compliance with a legal obligation to which
the controller is subject;– it is necessary in order to protect the vital interests of the data subject; or– for the performance of a task in the public interest or in the exercise of an
offi cial authority vested in the controller or in a third party to which the data are disclosed and, fi nally;
– when processing is necessary for the legitimate interests of the controller or the third party to whom the data are disclosed, except where such interests are overridden by the fundamental rights and interests of the data subject.
According to these criteria, it is not always necessary for data processing by public authorities to be explicitly provided for by law. For example, a legal basis is not required if data processing is necessary to protect the vital interests of the data subject or if this is necessary in the public interest or in the exercise of an offi cial authority vested in the controller or in a third party to whom the data are disclosed. Th e general provision in Article 6 (1) (a) of the EC Directive only requires that data must be processed fairly and lawfully. Th is does not mean that data processing always must have a legal basis, but only that it should not be fair and not in breach of the applicable law. However, as we have seen in Chapter 6, in its jurisprudence on Article 8 ECHR, the ECtHR defi ned more
Brouwer ch-07.indd 207 3/20/2008 8:32:55 PM
208 Chapter 7
stringent criteria with regard to the legal basis of data processing, for the purpose of transparency and to ensure the accessibility of legal remedies.98
With regard to the legitimacy of the purpose of SIS, Article 93 CISA provides that the use of SIS should be in accordance with the provisions of the CISA. With regard to the more specifi c criteria, as provided in Articles 95 to 99, these provisions only include the criterion that the decision to report somebody in SIS should be in accordance with the national laws.
Article 94 CISA further includes the rule that if a contracting party considers an alert entered in SIS based on Article 95, 97 or 99 in breach of its national law, inter-national obligations or other prevailing national interests, this country may mark this alert to prevent action on the basis of this alert occurring on its own territory.
5.1.3. Use or Disclosure LimitationTh e principle of use or disclosure limitation implies that personal data should not be used or transmitted for purposes other than the initial purpose defi ned at the time of data collection or storage. In general, this purpose limitation princi-ple is not very strictly defi ned. For example, Article 6 (1) (b) EC Directive 95/46, allows for the use or disclosure of information for purposes “which are not incompatible” with the initial purposes. Of course, this criterion can be applied in various ways. It allows data holders to defi ne very broadly the purposes of their databases or the authorities or users who have access to them. In practice, it will often be diffi cult for individuals and data protection authorities to enforce or control this principle. For example, it is not always easy to establish which use of the information at stake is “incompatible” with the original purposes.
Considering the general goals of data protection, including the protection of the rule of law and preventing the concentration of power, the principle of use or dis-closure limitation is closely linked to the prohibition of détournement de pouvoir in administrative law. In their relations with governments, in particular, persons should have a guarantee that information given to one authority is not automati-cally available to other authorities as well. In other words, this principle should to a certain extent safeguard the informational division of powers , as described above.
Articles 101 and 102 CISA are the central provisions regulating the authori-ties’ potential access to the data in SIS. Article 101 provides that access to the data entered in SIS and the right to search data directly shall be reserved exclusively for the authorities responsible for either border checks or other police and cus-toms checks carried out within the country and the coordination of such checks.
98 See sections 6.2 and 7.2 of Chapter 6.
Brouwer ch-07.indd 208 3/20/2008 8:32:55 PM
Eff ective Remedies under Data Protection Law 209
In addition, the authorities responsible for issuing visas or central authorities responsible for examining visa applications or for issuing residence permits and “for the administration of legislation on aliens” may have access to the data entered pursuant to Article 96 (Article 101 (2)). Th e contracting parties are obliged to send to the Secretariat General of the Council (formerly the Executive Committee) a list of competent authorities which are authorised to search the SIS data (Article 101 (4) ). Th ese lists should specify, for each category of data included in SIS, which authority may search for which data.99
5.1.4. Time Limit on Storage of DataTh e principle of purpose limitation also requires that personal data be retained no longer than necessary for the purpose for which the data are stored or proc-essed. Th is principle is laid down in the diff erent European instruments of data protection, although these instruments do not include explicit time limits. For example, according to Article 5e of the Data Protection Convention , personal data undergoing automatic processing may not be stored in a form which per-mits identifi cation of the data subjects for longer than is required for the purpose for which those data are stored. Th e contents of this wording is similar to the (much shorter) wording of Article 6.1 (e) of the EC Directive: “no longer than is necessary for the purposes for which the data were collected or for which they are further processed.”
More specifi c criteria are included in Principle 7 of the Recommendation No. R (87) 15 on police fi les. According to this provision, the states should ensure that personal data kept for police purposes are deleted if they are no longer nec-essary for the purposes for which they were stored. Regarding the decision on whether longer storage is necessary, the following criteria should be taken into account: the need to retain data in the light of the conclusion of an inquiry into a particular case; a fi nal judicial decision, in particular an acquittal; rehabilita-tion; spent convictions; amnesties; the age of the data subject; and particular categories of data. Furthermore, the Recommendation explicitly requires the adoption of rules aimed at fi xing storage periods for the diff erent categories of personal data and that regular checks on their quality should be established in agreement with the supervisory authority or in accordance with domestic law.
99 See the lists of competent authorities which are authorised to search the data contained in the Schengen Information System directly, pursuant to Article 101(4) of the CISA, at the public register of the Council: http://register.consilium.eu.int/utfregister/frames/introfsEN.htm, July 2003, 5002/00; 11788/01; 6265/03.
Brouwer ch-07.indd 209 3/20/2008 8:32:55 PM
210 Chapter 7
Th e CISA provides for diff erent time limits for the storage of data in SIS, depending on which category of data this concerns. According to Article 112 CISA, personal data “for the purpose of tracing persons” may only be kept for the time “required to meet the purposes for which they were supplied”. For this cate-gory of data, the authority which issued the alert is obliged to review the necessity of further storage no later than three years after they were reported to SIS.100 If the issuing state does not explicitly state that further storage is necessary, the data will automatically be deleted after this period of three years. For persons whose data are stored for the purposes of Article 99 (discreet surveillance or prosecuting criminal off ences, prevention of threat to public order) this review period is fi xed at one year. Th e time limit for the storage of data on objects is 10 years (Article 113). Th e provisions in CISA do not restrict the number of times the storage of data in SIS may be extended. In practice, this allows the participating states to keep data on individuals in SIS on a permanent basis. Another loophole with regard to the time limits applicable to SIS is caused by the practices of national SIRENE offi ces. As described above, the functioning of SIS is comple-mented by SIRENE bureaux, which hold additional information fi les alongside the SIS alerts. According to the SIRENE manual, if a SIS alert is deleted from SIS, the corresponding dossier with SIRENE should be destroyed as well, at least “as far as possible”. Th is latter exception has been used by Schengen states to keep SIS information in their local intelligence fi les, even after its removal from SIS. Article 102 (2) CISA precludes alerts issued by one state from being copied from the NSIS to the national fi les of another state. However, issuing states can, even when data are removed from SIS, preserve those data in their national fi les.
With regard to SIS II, the German government proposed in 2000 replacing the maximum time limits for the storage of data by time limits for reviewing the need of further storage.101 In a meeting of 20 June 2002, the Ecofi n Council concluded that there should be no extension of the duration of alerts and no replacement of the maximum deadlines by review deadlines.102 Th e Council recommended however that where national law allows such extension of time limits, this should be done via national technical procedures. One year later, the JHA Council, in their meeting of 5–6 June 2003, decided that the applicable time limits had to be
100 According to Article 113, for data other than referred to in Article 112, data may kept for a maximum of ten years, with the exception of identity papers and suspect banknotes, which may be kept for fi ve years, and data on motor vehicles, trailers and caravans, to which a time limit of three years is applicable.
101 11538/00, 20 September 2000. 102 10089/02 (Press 181).
Brouwer ch-07.indd 210 3/20/2008 8:32:55 PM
Eff ective Remedies under Data Protection Law 211
modifi ed without specifying how.103 Th e original proposal of the Commission for the SIS II Regulation provided for automatic erasure after fi ve years. Th is has been changed in the fi nal text of the Regulation 1987/2006. According to Article 29 (2), Member States issuing an alert must review the need to keep it within three years of its entry in SIS II. Furthermore, Article 29 (3) provides that “where appropriate” Member States must set shorter review periods. Important is the new provision in Article 29 (4) stating that a decision to keep an alert longer in SIS II must be based on a “comprehensive individual assessment”. Th is assessment must be recorded.
Th e principle of time limits must be distinguished from rules stating that per-sonal data have to be deleted from certain fi les after the change of status of the per-son concerned. For example, Article 7 and 10 of the Eurodac Regulation 2725/2000 provides that, when an asylum seeker acquires citizenship of any of the Member States or has been issued a residence permit, his or her data have to be deleted from Eurodac as soon as the Member State of origin becomes aware that this person acquired such citizenship or residence permit. As we have seen above, a similar rule has been included in Article 30 of the Regulation 1987/2006 on SIS II.104
5.2. Transparency – Purpose Specifi cation
One of the most important clues for legal protection for individuals is knowing which authority or organisation is collecting and using their personal information. Th is transparency is secured, fi rstly, by the obligation upon data owners to ‘publish’ the fact of data processing by any means: legal basis, registration with the data protection authority, or submitting written information to the data subject. Th is principle is laid down in Article 5b Data Protection Convention which states that personal data undergoing automatic processing shall be stored for specifi ed purposes. Th is is further explained in consideration no. 42 of the explanatory report to the Convention, which states that the reference to “purposes” in Article 5 indicates that data should not be stored for undefi ned purposes; however, the way in which the legitimate purpose is specifi ed may vary in accordance with national legislation.
Th e principle of purpose specifi cation is also included in Article 6 (1) (b) of EC Directive 95/46, stating that personal data must be collected for specifi ed, explicit and legitimate purposes. Purpose specifi cation is also secured by the right of data subjects to be informed before, during or after the collection of personal information of the purpose for which the data are stored and of the recipients of this information (see section 5.5).
103 JHA Council, 5–6 June 2003, 9845/03 (Presse 150). 104 See Chapter 4, section 6.3.
Brouwer ch-07.indd 211 3/20/2008 8:32:55 PM
212 Chapter 7
As we have seen, Article 93, in conjunction with Articles 95 to 99 CISA, defi ne the purposes for which persons may be entered in the SIS. In particular, the crite-ria of Article 96 are broad and leave a wide margin of interpretation to the national authorities. Only with regard to the defi nition of the data which may be stored in SIS, Article 94 CISA includes more specifi c criteria. Th e limitative list of data on persons to be stored into the SIS includes, among other things, the name, date and place of birth of the person, sex, nationality, the reason for the alert and the action to be taken, any specifi c objective physical characteristics not subject to any change and whether the person concerned is armed or violent.
5.3. Special Categories of Data: Extra Safeguards
One of the earliest concerns during the discussions on the development of data protection legislation has been the storage or use of so-called “sensitive or special categories of data”. Recognising the “sensitivity” of certain categories of data, such as concerning racial or ethnic origin, health or sexual behaviour, extra safeguards have been developed with regard to the use and storage of this information. In Chapter 6, section 3.2, I have dealt with the protection of “sensitive data ” in the light of Article 8 ECHR, arguing that the requirement of extra safeguards with regard to these data is closely related to the right of non- discrimination. Article 6 of the Data Protection Convention defi nes the following special categories: data revealing racial origin, political opinions or religious or other beliefs, as well as data concerning health or sexual life and data relating to criminal convictions. Th e list of special categories of data in Article 8 of the Directive 95/46 is almost the same as provided for in the Data Protection Convention, but also includes data on ethnic origin and data on trade union membership. Furthermore, Article 8 (5) of the Directive states, with regard to data relating to off ences or criminal convictions, that these data may be processed only under the control of a offi cial authority or if suitable specifi c safeguards are provided under national law.
EC Directive 95/46 and the Data Protection Convention do not include an absolute ban on the processing of these special categories of data. According to Article 6 Data Protection Convention, these data may not be processed automat-ically unless domestic law provides appropriate safeguards. Article 8 of the EC Directive is based on the principle that Member States should prohibit the processing of special categories of data. However, Article 8.2 provides for a large number of exceptions to this general prohibition. For example, the prohibition does not apply when the data subject has given his explicit consent or in specifi c situations where the processing of these data falls under the general task of cer-tain organisations such as trade unions or non-governmental organisations. Furthermore, Article 8.4 allows Member States to defi ne additional exemptions
Brouwer ch-07.indd 212 3/20/2008 8:32:55 PM
Eff ective Remedies under Data Protection Law 213
such as those included in Article 8 “for reasons of substantial public interest, either by national law or by decision of the supervisory authority”.
In practice, national regulations on sensitive data often provide for a ‘hybrid approach’: the listing of special categories of data in national laws, of recording or use is limited, combined with a sectoral approach, in which the use of per-sonal data in certain sectors is regulated by special laws. For example, in the Netherlands, specifi c laws have been adopted for the use of police fi les and on the use of personal data in health care. In 1999, the former Hessen Data Protection Commissioner Simitis referred to two paradoxes in the contemporary regulation of the processing of sensitive data.105 In the fi rst place, the persistent claim that sensitive data can and must be defi ned in an exhaustive manner would confl ict with constant attempts either to bypass or revise the apparently defi ni-tive list. Secondly, according to Simitis, the intention of States to limit radically the processing of sensitive data would be counteracted by an endless list of excep-tions which is provided for in the same laws. Th ese problems, as pointed out by Simitis, are inherent in the regulation of sensitive or specifi c categories of data. Rather than just prohibiting the processing of these categories of data, national legislators should be obliged to provide for more additional safeguards.
With regard to the storage of sensitive data in the SIS, Article 94 (1) formally prohibits the recording of sensitive data, as described in the fi rst sentence of Article 6 of the Data Protection Convention . However, CISA allows for two exceptions. In the fi rst place, the authors of CISA intentionally did not refer to the second sentence of Article 6 Data Protection Convention, regarding data relating to criminal convictions, since this would have precluded the alert, described in Articles 95 and 96, which may include information on criminal convictions. Secondly, the information on physical features as listed in Article 94 can also be considered “sensitive data”, since those data may well include information on someone’s health or racial origin.106
5.4. Quality of Data
Compliance with this principle is not only a prerequisite for the protection of individuals, but also for the adequate execution of the tasks of the data holder. Compliance with the quality of data is related to the purpose limitation principle.
105 S. Simitis, Revisiting Sensitive Data. Review of the answers to the Questionnaire of the Consultative Committee of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (ETS 108), Strasbourg, 24–26 November 1999.
106 See L.F. Verhey, Privacy aspects of the Convention in: H. Meijers (1992).
Brouwer ch-07.indd 213 3/20/2008 8:32:55 PM
214 Chapter 7
As provided for in Article 5c of the Data Protection Convention , the information stored should be adequate, relevant and not excessive in relation to its purpose. According to Article 5d, the information should be accurate and, where necessary, kept up to date. As emphasised in the explanatory memorandum to the Convention, these criteria apply to the storage and use of personal information, including gathering, storage or dissemination. Article 6 (1) (d) of EC Directive 95/46 provides that personal data must be accurate and, where necessary, kept up to date. According to this provision, data holders should take every reasonable step to ensure that data which are inaccurate or incomplete are erased or rectifi ed, taking into account the purposes for which they are collected or processed.
Th e principle of the quality of data implies the need to diff erentiate between ‘soft’ and ‘hard’ data. Although, in general, data protection law does not explic-itly refer to ‘soft’ or ‘hard’ data, the Recommendation (87) 15 on police fi les obliges the authorities to treat certain categories of data diff erently. Principle 3.2 of the Recommendation states that “as far as possible, the diff erent categories of data stored should be distinguished in accordance with their degree of accuracy or reliability and, in particular data based on facts should be distinguished from data based on opinions or personal assessments.” Th e explanatory memorandum refers to “corroborated” and “uncorroborated data”. Th e report on the third eval-uation of Recommendation (87) 15, published in 2002, describes soft data as “data that have not yet been verifi ed and whose link with the police objectives must be prepared”.107 According to the report, the use of this data, which give some unconfi rmed indications or raise suspicions about the involvement of a person in one or several criminal off ences, causes problems from a data protec-tion point of view. More specifi cally, the report points to the problem that these data are processed for diff erent purposes or for a general preventive purpose, even if the adequacy or accuracy of these data has not been established.
Article 105 CISA obliges contracting parties to ensure that data entered in SIS are accurate, up-to-date and lawful. Only the issuing states are allowed to modify, add to, correct or delete the data entered in SIS. When a non-issuing state has reason to believe the data entered in SIS are not accurate, this State must inform the issuing State. Th e latter State is then obliged to check the accuracy of the data immediately (Article 106).
107 Published at: http://www.coe.int/t/e/legal_aff airs/legal_co-operation/data_protection/. See paragraph 14.
Brouwer ch-07.indd 214 3/20/2008 8:32:55 PM
Eff ective Remedies under Data Protection Law 215
5.5. Individual Participation: Rights of the Data Subject
5.5.1. Right to be Informed – Right of Access to Personal DataAs we have seen above, one of the goals of data protection law is to protect individuals and their right to control to a certain level the use of their personal information. Although one cannot speak of an unlimited right to informational self-determination, one of the tools to control the use of personal information by third parties or governmental organisations is the right to be informed. Th is right includes both the right for the individual to apply for access to his or her data and the duty of the data controller to inform the data subject. Article 8 of the Data Protection Convention includes the right of a person to be enabled to “establish the existence of an automated personal data fi le, its main purposes, as well as the identity and habitual residence or principal place of business of the controller of the fi le”. Article 12 of the Directive 95/46 requires that the controller of the information should confi rm “without constraint at reasonable intervals and without excessive delay or expense” whether or not data relating to the data subject are being processed and to give information on the purpose of processing, categories of data concerned, recipients or categories of recipients.
Th e right to be informed is included in Articles 10 and 11 of the EC Directive 95/46. Th ese provisions oblige the data controller to inform the data subject on the use of his or her personal information, irrespective of whether the data subject applies for access to the data. Article 10 of obliges the controller to inform the data subject from whom data are collected of the identity of the controller and the purpose of the data processing for which the data are intended. In so far as this is necessary “having regard to the specifi c circumstances in which the data are col-lected to guarantee fair processing in respect of the data subject”, information must also be provided on the recipients or categories of recipients, whether the reply to the information request is compulsory, and on the consequences of failure to response the existence of the right to access and rectify data concerning the individ-ual. Th e data controller should also inform the data subject on the existence of the right to access and the right to rectify data concerning him (on the basis of Article 10 (c)). If the data have not been obtained from the data subject himself, Article 11 of the Directive obliges the data controller, at the time of recording or when disclo-sure of the data to a third party is envisaged, to inform the data subject no later than the time when the data are fi rst disclosed, conveying the information mentioned in Article 10. Article 11 (2) of the Directive includes general exceptions to the right to be informed. Th e data controller is not obliged to inform the data subject, where the data are processed “for statistical purposes or for the purposes of historical or sci-entifi c research”, or where the provision of such information “proves impossible or would involve a disproportionate eff ort” or if recording or disclosure is expressly laid down by law. In these cases Member States must provide appropriate safeguards.
Brouwer ch-07.indd 215 3/20/2008 8:32:55 PM
216 Chapter 7
According to Article 109 CISA, the right of individuals to demand access to their data is to be asserted in accordance with the national legislation of the state in which they invoke this right. When national law so provides, the right to access cannot be exercised directly, but must be asserted via the national supervisory authority. Th e right of access to SIS information as provided for in Article 109 has two restrictions. Firstly, when the state to which the application for access is made is not the issuing state, the latter state must be given the opportunity to set forth its position, before the requested state can give the individual the requested information. Th is duty to consult the issuing state may cause considerable delays in applicable procedures and extend the time the applicants has to wait before he or she is informed of the information stored in NSIS. During the negotiations on the draft CISA, the French government even advocated the need for the approval of the issuing state, but this was not accepted by the other negotiating parties.108 Th e second limitation of the right to access is contained in Article 109 (2), which states that information must be refused to the person concerned when this is “indispensable for the performance of a lawful task in connection with alert” or “for the protection of the rights and freedoms of other parties”. Th e right to access must in any event be refused during the period of validity of an alert for the purpose of discreet surveillance. In conclusion, it is fair to say that the CISA in one way confi rms the universality of the principle of the right to access; however, the way this right is to be exercised is left to national scrutiny.
Article 41 of the new Regulation 1987/2006 on SIS II includes a comparable rule as provided in the CISA. As in the Article 109 CISA, the requested state should give the issuing State the opportunity to state its position before communicating the requested data. Also, Article 41 allows national legislators to give the national data protection authorities a primary role with regard to access rights. Diff erent from the provision in the CISA, Article 41 includes a time limit of 60 days within which an individual aplying for access to his or her data should be informed. And no later than three months the individual should be informed on the “follow-up” given to the exercise of his rights of correction or deletion (see further below).
Article 42 of the Regulation on SIS II gives more specifi c rules dealing with the right of information comparable with the provision in the EC Directive 95/46. Article 42 of the SIS II Regulation provides that third-country nation-als who are the subject of an alert issued in accordance with this Regulation shall be informed in accordance with Articles 10 and 11 of Directive 95/46.
108 Draft document of 7 August 1989, SCH/I (88) 7 12th revision (Dutch version); see also Dumortier (1992), p. 160.
Brouwer ch-07.indd 216 3/20/2008 8:32:55 PM
Eff ective Remedies under Data Protection Law 217
Th is information must be provided in writing, together with a copy of or a ref-erence to the national decision giving rise to the alert in SIS II. Article 42 (2) of the SIS II Regulation allows for exceptions to this right of information, which go further than those provided in the EC Directive 95/46. Firstly, the informa-tion must not be provided where “(i) the personal data have not been obtained from the third-country national in question; and (ii) the provision of the infor-mation proves impossible or would involve a disproportionate eff ort”. Secondly, the information must not be provided where the third country national in ques-tion already has the information. Th irdly, there is no duty to inform the data subject where national law allows for the right of information to be restricted, in particular in order to safeguard national security , defence, public security and the prevention, investigation, detection and prosecution of criminal off ences.
5.5.2. Right to Request Correction, Deletion or Blocking of Further ProcessingArticle 8 of the Data Protection Convention of 1981 includes the right of a data subject to obtain the correction or erasure of personal data if the data have been processed contrary to the national law implementing the data protection princi-ples. Article 12 (b) of Directive 95/46 includes, aside from the rights of rectifi ca-tion and erasure, also the right to ask for blocking of data. Th is includes the right to demand that the data are not further processed or transmitted to other parties if the data processing does not comply with the provisions of the Directive. Article 12 (b) of the EC Directive provides that the data controller may be asked to notify third parties to whom the data are disclosed of any rectifi cation or eras-ure on behalf of the person concerned “unless this proves impossible or involves a disproportionate eff ort”.
Article 14 EC Directive further gives individuals the right to object to data processing “on compelling legitimate grounds relating to his particular situation”. According to this provision, this right applies “at least” with regard to data processing as described in Article 7 (e) and (f ) of the Directive. Th ese provisions refer, respectively, to data processing necessary for the performance of a task car-ried out in the public interest or in the exercise of offi cial authority and process-ing by the controller or third party or parties to whom the data are disclosed, for the purposes of their legitimate interest. Furthermore, Article 14 gives individuals the right to object, upon request and free of charge, to data processing for the purposes of direct marketing. Only with regard to this latter objection, the Directive requires Member States to take the necessary measures to ensure that data subjects are aware of their right of objection. In practice, it will be diffi cult for an individual to apply this right of objection with regard to data processing by public authorities. Th is requires not only that an individual be aware of this right, but also that he or she be able to put forward “compelling” grounds, based on which his or her personal data should not be processed further.
Brouwer ch-07.indd 217 3/20/2008 8:32:56 PM
218 Chapter 7
5.6. Ban on Automated Decision-making
In the fi eld of administrative law and of criminal procedural law, the ability of authorities to base their decisions and prosecutions respectively on automated data processing only, is already limited by common rules. For example, in administra-tive law, authorities are generally obliged to motivate their decisions in writing. In criminal law procedures, courts should motivate their judgments and relate the decision to the individual facts or circumstances of the case. On the other hand, automated decision-making in the fi eld of tax and social security procedures or administrative fi nes is common practice. Th is practice is justifi ed by the huge volume of cases to be dealt with by the administration, as well as the convenience of the citizens involved.
In the light of the current EU developments, where measures on immigration control tend to be based increasingly on automated data processing, the banning of “automated decision-making” becomes even more important. Based on the example of French data protection law (dealt with in section 5 of Chapter 11), this principle was included in Article 15 of EC Directive 95/46. According to this provision, every person has the right “not to be subject to a decision which produces legal eff ects concerning him or signifi cantly aff ects him or her and which is based solely on automated processing of data intended to evaluate certain personal aspects relating to him, such as his performance at work, creditworthi-ness, reliability, conduct, etc”. Th e meaning of this principle has been weakened considerably by paragraph (2) of Article 15, which allows for subjection to an automated decision when the decision in question is taken in the course of entering into or fulfi lling a contract, or when this is “authorised by a law which also lays down measures to safeguard the data subject’s legitimate interests.”
Th e CISA does not include any reference to a ban on automated decision-making. On the contrary, the implementation of the rules on the use of the SIS requires a practice which seems quite contrary to this principle. Generally, the reports in SIS forwarded by the national authorities of one State should be auto-matically implemented by the authorities of the other States. As we will see below, in the judgment of Commission v. Spain, concerning the registration in SIS of the spouses of EU citizens, the Court of Justice ruled that the Spanish authorities could not automatically refuse entry or a visa solely on the basis of these SIS alerts.109 As I will argue below, this reasoning should also apply to other third-country nationals protected by EU law or international standards of human rights.
109 C-503/03, 31 January 2006, OJ C 86, 8.4.2006. See further Chapter 9.
Brouwer ch-07.indd 218 3/20/2008 8:32:56 PM
Eff ective Remedies under Data Protection Law 219
5.7. Security
Th e duty to secure personal information against destruction, loss or unauthor-ised access is not new. Even with regard to manual fi les and archives containing personal information, it is generally accepted that the person, organisation or authority holding these fi les should take precautionary measures to protect the information. Especially in certain fi elds such as in health care or the police sector, it is considered as normal for these fi les to be kept in special safe-deposit boxes. What actually changed is that the introduction of information technology requires new technical and organisational safeguards. Article 7 of the Data Protection Convention obliges the state parties to ensure that data holders are taking the appropriate security measures to protect against accidental or unau-thorised destruction or accidental loss, as well against unauthorised access, altera-tion or dissemination. Article 17 of EC Directive 95/46 refers to the duty of “appropriate technical and organisational measures”. Th ese rules do not include details on which kind of measures should be taken. It is therefore unclear when data processors or data controllers can be held responsible or accountable (dealt with in section 5.8) for damages due to faulty or inadequate security measures.
With regard to the use of SIS, Article 118 CISA describes certain security measures which should be implemented by the contracting parties. For instance, it stipulates that the states should take “appropriate measures” to prevent access by unauthorised persons to the systems used for the SIS and to prevent unauthorised access, change, deletion or use of the data stored.
In its annual reports, the Joint Supervisory Authority (JSA) devoted much attention to the necessary safeguards to protect the security of CSIS and SIRENE offi ces. Responding to an incident in 1997, when an offi cer at the Belgian SIRENE offi ce leaked personal information to criminal organisations, the JSA decided at its meeting of 12 December 1997 to investigate the security measures taken in the diff erent countries.110 Based on the reports forwarded by the national authorities, the JSA concluded that complementary measures were still necessary. Among other things, the JSA advised the authorities to take the following measures: encryption of information which is kept on data carriers; intensifi ca-tion of the measures to guarantee that only authorised offi cials are gaining access to the information in SIS; check the reasons for SIS inquiries at regular intervals; appointment of an offi cial responsible for security, and the adoption of security measures which should be identical for each national SIRENE bureau.
110 Th ird activity report of the JSA , March 1998–March 1999, Brussels, 9 March 1999, SCH/Aut-cont (99) 8.
Brouwer ch-07.indd 219 3/20/2008 8:32:56 PM
220 Chapter 7
In 2006, the European Data Protection Supervisor (EDPS) completed its fi rst inspection report of the Central Unit of Eurodac .111 Th is inspection focused on a number of security aspects, including risks and incident management, security of communications and physical access control. According to the press release, the EDPS was generally satisfi ed with the level of security at the Central Unit. Th e inspection report itself was held confi dential.112
5.8. Accountability
Th e data owner or controller is in principle responsible for possible damage caused by illegal or inaccurate data processing. Th is principle of liability is not explicitly regulated by the Data Protection Convention of 1981 or by Recommendation R (87). Although the latter Regulation uses the defi nition of “responsible body” which refers to the controller of the fi le which has ultimate responsibility for the fi le, the only consequence it attaches to this responsibility is the duty to notify the supervisory body of the existence of a particular fi le.
Th e liability of the data owner is regulated by Article 23 of the EC Directive: this entails an obligation for Member States to specify that any person who has suff ered damage as a result of an unlawful processing operation, or any act incom-patible with the national provisions adopted in accordance with the Directive, is entitled to receive compensation from the controller for the damage suff ered.
According to Article 108 of CISA, the contracting states must appoint national authorities which are responsible for the “smooth operation” of the national section of SIS. Th is authority should take the necessary measures to ensure compliance with the provisions of CISA. Th e liability of the Schengen States for injuries caused by the use of SIS is provided for in Article 116 CISA. According to this provision, each contracting state is liable for injury caused to individuals by the use of national sections of SIS. Th is includes injury caused by an issuing state which has entered factually inaccurate data or stored data unlaw-fully in NSIS. Th is provision is important because it enables individuals to for-ward their claims to every Schengen State, irrespective of whether this is the issuing state or not. On the basis of Article 116 (2), if the state against which the action has been brought is not the issuing state, the latter should reimburse the sum paid by the former. Th is rule does not apply if the former state used the information in SIS in breach of the provisions in this convention.
111 See the Annual Report of the EDPS on 2006, p. 38, http://www.edps.europa.eu. See further below, section 7.2.1.
112 See for a critical review of this report: E. Guild, Unreadable Papers? Th e EU’s fi rst experiences with biometrics: Examining Eurodac and the EU Borders, in: J. Lodge (ed.), Are you who you say you are? Liberty and security in the EU, Nijmegen: Wolf Legal Publishers 2007.
Brouwer ch-07.indd 220 3/20/2008 8:32:56 PM
Eff ective Remedies under Data Protection Law 221
5.9. Non-discriminatory Application of Data Protection Rules
Th e right to data protection applies to every individual irrespective of his or her residence, status or nationality. Th is non-discriminatory application of data pro-tection follows explicitly from the European instruments on data protection. Article 1 of the Data Protection Convention refers to “every individual, whatever his nationality or residence”. Th e Convention includes a special regulation in Article 14, paragraph 1, ensuring that subjects residing abroad, whether in a Contracting State or in a third country, will be able to exercise their right to know and, where necessary, to rectify the information stored in a data fi le. According to the explanatory memorandum, the guarantees set out in the Convention are extended to every individual regardless of nationality or resi-dence, in accordance with the general principle of the Council of Europe and its Member States with regard to the protection of individual rights. Clauses restrict-ing data protection to a State’s own nationals or legally resident aliens not only would be incompatible with Article 1 of the Data Protection Convention, but also with the general non-discrimination principle in Article 14 ECHR together with Article 8 on the right to private life.
EC Directive 95/46 does not defi ne “data subject” but, from its provisions, referring to natural person, individuals or data subjects, it can be concluded that the Directive does not treat diff erent categories of persons in diff erent ways. We saw above that the EU legislator inserted the right to data protection as a sepa-rate human right in the EU Charter on Fundamental Rights. From the wordings chosen in Article 8 of this Charter, it follows that this right to the protection of personal data should apply indiscriminately. Article 8, refers to the right of “everyone”, where other rights in the Charter include the wordings “every citizen of the Union” and therefore have a restricted meaning.
Th e rights as provided for in the CISA also apply indiscriminately. Th e CISA explicitly gives “any person” the right to have inaccurate data or unlawful data either corrected or deleted (Article 110); the right of access to a judicial court in the territory of each Schengen State is also open to “any person” (Article 111 CISA and Article 43 of the SIS II Regulation, to be dealt with in section 8.4 below).
To my knowledge, the national laws of the EU Member States do not diff er-entiate between diff erent categories of persons, other than the Privacy Act of the United States which only applies to US citizens or “aliens lawfully admitted for permanent residence”.113
113 U.S. Privacy Act of 1974 as amended, 5 U.S.C. § 552a.
Brouwer ch-07.indd 221 3/20/2008 8:32:56 PM
222 Chapter 7
6. Limitations of Data Protection Rights: General Interest and National Security
Th e practical meaning of the rights and safeguards in the instruments described above depends on the criteria based on which these rights can be limited. Article 9 of the Data Protection Convention defi nes legitimate grounds for limiting the rights of data subjects, including deviation from the provisions of Articles 5 (on data quality), 6 (on extra safeguards for special categories of data) and 8 (right of data subject to access, correct and delete, and the right to a remedy). According to Article 9, limitation of these rights is allowed when this is provided for by national law “and constitutes a necessary measure in a demo-cratic society in the interests of 1) protecting State security, public safety, the monetary interests of the State or the suppression of criminal off ences; and 2) protecting the data subject or the rights and freedoms of others.”
Th e explanatory report to the Data Protection Convention (para. 55) explicitly refers to the principles of the ECHR and the criteria as provided for by the ECtHR in order to assess which limitations can be considered lawful: “Exceptions to the basic principles of data protection are limited to those which are necessary for the protection of fundamental values in a democratic society. Th e text of the second paragraph of this article has been modelled after that of the second paragraphs of Articles 6, 8, 10 and 11 of the ECHR. It is clear from the decisions of the Commission and the ECtHR relating to the concept of ‘necessary measures’ that the criteria for this concept cannot be laid down for all countries and all times, but should be considered in the light of the given situation in each country”. With regard to the meaning of “state security”, paragraph 56 of the explanatory report to the Data Protection Convention states that this notion should be understood in “the traditional sense of protecting national sovereignty against internal or external threats, including the protection of the international relations of the State”.
Article 13 of EC Directive 95/46 also explicitly describes the restrictions to the rights as included in the Directive. It includes a long list of legal restrictions: the safeguarding of national security , defence and public security; the prevention, investigation, detection and prosecution of criminal off ences or of breaches of ethics for regulated professions; the protection of important economic or fi nancial interest of the Member States or of the EU; and, fi nally, the protection of data subject or rights and freedoms of others. Furthermore, according to Article 13 (2) the right of access, correction and deletion, as provided for in Article 12, may be restricted by a legal measure and “when there is clearly no risk of breaching the pri-vacy of the data subject” for data which are processed solely for scientifi c purposes.
Th e ECJ made it clear in the Österreichischer Rundfunk case that any of the exceptions included in Article 13 of Directive must comply with the requirement of proportionality with respect to the public interest objective being pursued and
Brouwer ch-07.indd 222 3/20/2008 8:32:56 PM
Eff ective Remedies under Data Protection Law 223
any national provision based on the limitations must be interpreted in accord-ance with the right to private life in Article 8 of the ECHR.114
Article 52 (1) of the EU Charter includes a general limitation which also applies to Article 8 on the right to data protection. According to this provision, “any limitation on the exercise of the rights and freedoms recognised by this Charter must be provided for by law and respect the essence of those rights and freedoms. Subject to the principle of proportionality , limitations may be made only if they are necessary and genuinely meet objectives of general interest recog-nised by the Union or the need to protect the rights and freedoms of others.”
Both the defi nition of this Article 52 and the explanation to Article 9 of the Data Protection Convention referred to above make it clear that governments cannot simply invoke the legitimacy of its purposes when restricting the rights to data protection. Th ese limitations are only lawful if governments can establish that such limitations are necessary, proportional and “genuine” or that they are eff ective for the purposes to be achieved. It should be noted that according to Article 52 (3) of the EU Charter, in so far this Charter contains rights which correspond with the rights protected in the ECHR, the meaning and the scope of the rights in the Charter shall be the same as the rights of the ECHR. However, Union law may provide more extensive protection.
According to Article 102 CISA, data entered in SIS may only be used for the purposes laid down for each category of alert referred to in Articles 95–100. However, paragraph 3 of this provision allows deviation from this principle when this is justifi ed by “the need to prevent an imminent serious threat to public policy and public security, on serious grounds of national security or for the purposes of preventing a serious criminal off ence.” Although this requires prior authorisation from the state issuing the alert to be obtained for another purpose, the Convention does not provide any prior, independent, supervisory control of the necessity of this deviation from the purpose limitation principle.
7. Eff ective Remedies: Independent Data Protection Authorities
7.1. National Data Protection Authorities
7.1.1. Data Protection Convention Surprisingly, the Data Protection Convention does not include any specifi c pro-vision on the availability of independent data protection authorities. Article 10 of this Convention only requires that each Party should “undertake to establish
114 Rechnungshof v. Österreichischer Rundfunk and Others, 20 May 2003, Joint Aff airs C-465/00, C-138/01 and C-139/01 para. 91.
Brouwer ch-07.indd 223 3/20/2008 8:32:56 PM
224 Chapter 7
appropriate sanctions and remedies for violations of provisions of domestic law giving eff ect to basic principles of the Data Protection Convention”. Not until 2001 was a Protocol added to the Convention on the role and powers of supervi-sory authorities and trans-border data fl ows, according to which States should ensure the establishment of independent supervisory authorities.115 Th ese author-ities should be given, in particular, powers of investigation and intervention to ensure the compliance of national legislation implementing the principles of the Data Protection Convention and this Protocol. Th ese authorities should also be given the power to engage in legal proceedings or bring to the attention of the competent judicial authorities violations of national legislation, putting these principles of the Data Protection Convention into eff ect.
Furthermore, the Protocol provides for appeal against decisions by the supervi-sory authorities, which give rise to complaints, through the court system. With regard to trans-border data fl ows, the Protocol includes the rule that personal data may only be transferred to another country or international organisation which is not subject to the jurisdiction of a Party to the Convention, if this recipient state or organisation ensures an adequate level of data protection. Th ere are two excep-tions to this general rule: fi rstly, parties may allow the transfer of personal data if domestic law so provides because of the specifi c interests of the data subject or legitimate prevailing interests, especially important public interests. Furthermore, data transfer is allowed if safeguards “which can in particular result from contrac-tual clauses” are provided by the controller responsible for the transfer and are found adequate by the competent authorities according to domestic law.
7.1.2. EC Directive 95/46Article 28 of the EC Directive 95/46 provides for the establishment of national public authorities which are responsible for the application of data protection principles. According to Article 28, Member States should ensure the complete independence of these authorities and assign them the following tasks and pow-ers: to give advice on administrative measures or regulations relating to the protection of the individual’s rights and freedoms with regard to data processing and to have investigate powers to monitor the application of the national law implementing the EC Directive. Th e supervisory authority may further order the blocking, erasure or destruction of data and place a temporary or defi nitive ban on data processing.
115 ETS No. 181, 8 November 2001. Th is Protocol entered into force on 1 July 2004. Of the 47 Member States of the Council of Europe only 16 States (of which 13 EU Member States) ratifi ed this Protocol, including France, Germany, and the Netherlands, http://conventions.coe.int (consulted in June 2007).
Brouwer ch-07.indd 224 3/20/2008 8:32:56 PM
Eff ective Remedies under Data Protection Law 225
Th e supervisory authority may, according to Article 28 (4), hear individual claims concerning his or her data protection rights. Th e EC Directive does not provide further details on the powers and competences of the supervisory author-ities when dealing with this individual application. Article 28 (4) only states that the person concerned shall be informed of the outcome of the claim.
According to Article 28 (3) of the EC Directive, supervisory authorities have the power to start legal proceedings in cases where the national provisions which are adopted to implement the EC Directive are violated. Th e national data pro-tection authorities may also refer a matter to parliament or another political organisation. In its fi rst evaluation report on the implementation of the EC Directive, the European Commission confi rmed the importance of the inde-pendence of national data protection authorities.116 Th e Commission describes the independence in the taking of decisions as “a sine qua non for the correct functioning of the system”. In the same report, the Commission expresses its concerns that in practice this independence is threatened by the lack of resources for national supervisory authorities.
Finally, Article 28 (6) states that a supervisory authority is competent, what-ever the national law applicable to the processing in question, to exercise its powers in accordance with paragraph 3 on the territory of its own Member State. Th is seems to imply that a national data protection authority cannot exercise its competences with regard to data processing outside the scope of its own territory. However, the same provision makes it clear that each authority can be requested by an authority of another Member State to exercise these powers.
7.1.3. SIS I and SIS II: CISA and Regulation 1987/2006Th e CISA provides for the establishment of a non-judicial supervisory mecha-nism, at both national and international levels. At national level, on the basis of Article 114 CISA, supervisory bodies are responsible for carrying out independent supervision of the national SIS data fi les. Th is supervision includes checking whether the processing and use do not violate the rights of the data subject. Article 114 (2) gives any person the right to ask this supervisory authority to check the data entered in the NSIS and the use being made of these data. Th e tasks and competences of the national authorities are to be performed in accordance with national law. Th is means there is no harmonised approach at all regarding the way in which the national databases of the SIS are being supervised.
Article 44 of the SIS II Regulation deals with the supervision of NSIS II by the national data protection authority (the “National Supervisory Authority”).
116 Report of 15 May 2003, COM (2003) 265, p. 12–13.
Brouwer ch-07.indd 225 3/20/2008 8:32:56 PM
226 Chapter 7
Article 44 (1) provides that the authority or authorities designated in each Member State and endowed with the powers referred to in Article 28 of Directive 95/46, shall monitor “independently the lawfulness of the processing of SIS II personal data on their territory and its transmission from that territory, and the exchange and further processing of supplementary information”.
Furthermore, Article 44 (2) provides that the National Supervisory Authority must ensure that at least every four years an audit of the data processing opera-tions in NSIS II will be carried out. Th is audit will have to be in accordance with international auditing standards.
Finally, Article 44 (3) obliges Member States to ensure that their data protec-tion authorities have suffi cient resources to fulfi l the tasks entrusted to it under this Regulation.
7.1.4. Eurodac and VISTh e Eurodac Regulation 2725/2000 does not include very strong criteria as to the role of data protection authorities.117 Th e national supervisory authorities must according to Article 18 (10) “assist and advise” a person with regard to his or her rights on the deletion or correction of the data concerned. According to Article 18 (9) this assistance has to be performed according Article 28 (4) of the EC Directive 95/46, which only requires that the supervisory authority should hear claims of individuals with regard to the protection of their rights and freedoms and with regard to the lawfulness of data processing. Furthermore, Article 19 of the Eurodac Regulation provides that each Member State must ensure that national data protection authorities will monitor independently, in accordance with national law, the lawfulness of the processing of the personal data, including their transmission to the Central Unit. Comparable provisions have been included in Articles 32 (2) and 34 of the draft VIS Regulation.118 Importantly, Article 34 (3) of the draft VIS Regulation obliges Member States to ensure that their national data protection authorities have suffi cient resources to fulfi l their tasks.
7.2. Data Protection Authorities at the EU Level
7.2.1 Th e European Data Protection SupervisorAt European level, the protection of individuals with regard to the processing of personal data by Community institutions and bodies has been envisaged in Regulation 45/2001 of 18 December 2000.119 Th is Regulation provides for
117 OJ L 316, 15.12.2000. 118 Draft of 10 May 2007, 9423/07. 119 OJ L 008, 12.01.2001.
Brouwer ch-07.indd 226 3/20/2008 8:32:56 PM
Eff ective Remedies under Data Protection Law 227
supervision by a special supranational authority: the European Data Protection Supervisor, or EDPS .120 In 2002, the Council adopted a decision on the regula-tions and general conditions governing the performance of the European Data Protection Supervisor’s duties.121 Th e creation of the EDPS is based on Decision 1247/2002 of 1 July 2002 on the regulations and general conditions governing the performance of this organisation’s duties.122 In December 2003, Peter Hustinx, the former chairman of the Dutch Data Protection Authority, was appointed the fi rst European Data Protection Supervisor for a term of fi ve years.123 According to Article 32 of the Regulation 45/2001, any data subject who claims that his or her rights under Article 286 of the Treaty have been infringed as a result of the processing of his or her personal data by a Community institution or body may lodge a complaint with the European Data Protection Supervisor directly. Th is right is without prejudice to any judicial remedy.124
Th e powers of the EDPS are listed in Article 47 of Regulation 45/2001. Among other things, the EDPS may give advice to data subjects in the exercise of their rights, refer a case to the data controller in the event of an alleged breach of the provisions governing the processing of personal data and, where appropriate, make proposals for “remedying that breach and for improving” the protection of the data subjects. Article 47 also includes the power of the EDPS “to warn or admonish” the controller, without defi ning the content or the eff ect of these warnings. More coercive powers of the EDPS are implied in the ability to order the responsible authority to comply with requests to exercise certain rights of a data subject, to order the rectifi cation, blocking, erasure or destruction of all data when they have been processed in breach of the provisions governing the process-ing of personal data and the notifi cation of such actions to third parties to whom the data have been disclosed. Th e European Supervisor may also impose a tem-porary or defi nitive ban on processing. Th e EDPS may refer matters not only to the Community institution or body concerned and, if necessary, to the European Parliament, the Council and the Commission but also to the Court of Justice.
120 Article 286 (2) TEC, which is the legal basis for this Regulation, also provided for the establish-ment of an independent supervisory body which should be responsible for monitoring the application of data protection rules by the Community institutions and bodies.
121 Decision no. 1247/2002 of 1 July 2002, OJ L 183, 12.07.2002. 122 OJ L 183, 12.07.2002. 123 Decision of the European Parliament and of the Council of 22 December 2003 appointing the
independent supervisory body provided for in Article 286 of the EC Treaty (European Data Protection Supervisor), OJ L 12/47, 17.01.2004.
124 According to the Annual Report on 2006 (p. 30), the EDPS dealt in 2006 with 52 complaint of which only 10 were declared admissible: see http://www.edps.europa.eu.
Brouwer ch-07.indd 227 3/20/2008 8:32:56 PM
228 Chapter 7
Finally, according to Article 47 (2), the European Data Protection Supervisor shall have the power to obtain from a controller or Community institution or body access to all personal data and to all information necessary for his or her enquiries and to obtain access to any premises in which a controller or Community institution or body carries on its activities when there are reasonable grounds for presuming that an activity covered by this Regulation is being carried out there. In its fi rst year of activity, the EDPS focused on its advisory role and did not use its more coercive powers (order, warning or ban).125
Th e EDPS also has an advisory role with regard to community measures and legislation related to data protection issues. Since January 2004, the EDPS has also been tasked with the supervision of Eurodac . In an early policy paper, the EDPS made it clear that it would consider his mandate broadly and not restricted to community legislation or measures.126 And indeed, in its fi rst years of opera-tion, the EDPS published many opinions, including with regard to legislative proposals within the framework of the third pillar of the EU. For this broad interpretation of its task, the EDPS refers to Article 46 (f, ii) of Regulation 45/2001, according to which the EDPS should cooperate with supervisory data protection bodies of the third pillar to ensure “an improving consistency” of the applicable data protection rules. In my view, the role of the EDPS outside the scope of the EC Treaty could also be based on Article 47 (e) which refers to its task “to monitor relevant developments insofar they have an impact on the protection of personal data, in particular the development of information and communication technologies”.
Th e recommendations of the EDPS have no binding eff ect. According to Article 27 Regulation 45/2001, processing operations by community institutions or bodies likely to involve a risk to the rights and freedoms of individuals require prior checking by the EDPS. If the EDPS considers that the intended processing may involve a breach of any provision of the Regulation, the controller should make proposals to avoid such breach. Th e EDPS may use its coercive powers under Article 47 if the data controller does not modify the processing operation accordingly.
7.2.2. Working Party on the Protection of Individuals with regard to the Processing of DataDirective 95/46 provides, in Article 29, for a Working Party on the Protection of Individuals with regard to the Processing of Data (also referred to as the ‘Article 29 Working Party’). Th e Working Party advises on Community legislation or
125 See the Annual Reports on 2004 (p. 24) and 2006 (p. 17), http://www.edps.europa.eu. 126 Policy Paper, Th e EDPS as an advisor to the Community institutions on proposals for legislation
and related documents, Brussels, 18 March 2005, p. 5.
Brouwer ch-07.indd 228 3/20/2008 8:32:56 PM
Eff ective Remedies under Data Protection Law 229
measures which relates to the processing of personal data and the rights of indi-viduals, including possible amendments to the EC Directive. According to Article 30 of the Directive, the Working Party may make recommendations on its own initiative and forward these to the Commission. On several occasions, the Working Party has used this power and published critical reports on specifi c but also more general developments within the EU.127 Th ese recommendations are not binding. Th e Commission should inform the Working Party on the action it has taken in response to these opinions and recommendations, but it is not obliged to implement them. Th e Working Party has no competence to con-sider individual complaints.
7.3. Schengen Joint Supervisory Authority
7.3.1. Tasks and PowersTh e inclusion of a provision in the CISA on the establishment of a supranational data protection authority was strongly advocated by the national data protection authorities in existence at that time (Germany, France and Luxembourg). Th e task and powers of the Joint Supervisory Authority (JSA) are regulated in Article 115 CISA. According to this provision, the JSA performs its controlling tasks in accordance with the Data Protection Convention and Recommendation R (87) on the use of police fi les. According to Article 115 CISA, the JSA is responsible for more general tasks. Th ese include the interpretation of the CISA rules and the supervision on the operation and security of the CSIS. According to Article 115 (3), the JSA is also responsible “for studying any problems that may occur with the exercise of independent supervision by the national supervisory authori-ties of the contracting parties or in the exercise of the right to access to the system”. Th is could be interpreted to mean that the JSA also has the task of deal-ing with individual complaints with regard to national supervisory authorities, or the exercise of an individual’s right of access. However, to my knowledge, the JSA has so far not dealt with any individual complaints.
Th e JSA , which consists of two representatives from each national supervisory authority, is assigned the task of monitoring the technical support function of SIS, in other words the CSIS located in Strasbourg. Furthermore, the JSA is also
127 For example, the Working Party twice published a critical letter on the transfer of passenger data by European air line companies to the US, which had been ‘authorised’ by the European Commission, although this would be in breach of EC Directive 95/46. Furthermore, in August 2003 it published a memo on the use of biometric data.
Brouwer ch-07.indd 229 3/20/2008 8:32:56 PM
230 Chapter 7
responsible for the examination of diffi culties arising from application or inter-pretation, which may arise during the operation of SIS, or with regard to the exercise of the supervisory tasks of national authorities, or regarding the right of access to the system. According to 115 (3), the JSA should draw up “harmonised proposals for joint solutions for existing problems”.
7.3.2. Activities of the JSA In the annual reports, the JSA often referred to the weaknesses of its own position. In the fi rst place, the organisation regularly complained about the lack of fi nan-cial, human and technical resources required for the performance of its tasks. In its reports, the JSA may only submit its analysis of the problems and make its recom-mendation to the authorities concerned. Th ese recommendations are not binding, nor has the JSA any enforcement powers. Initially, the JSA itself looked for ways to strengthen its position, for example by contacting the media and publishing its annual reports. For example, by way of illustration, the JSA sought publicity for two incidents, both of which occurred in 1997. Firstly, the press was informed about the problems the JSA encountered with the French authorities during its inspection of the CSIS. Secondly, in a press release, the JSA expressed its concern about the lack of security of SIS, when printouts of certain SIS data were found at a Belgian railway station and, later, also at the house of an employee of the Belgian Ministry of Justice.128 In 1996, the JSA issued a recommendation that the number of ‘super-users’ be reduced. Th ese are users who have privileged access to CSIS and who may not only have access to the information included in SIS, but also be permitted to amend these data and to delete all traces of the activities performed. In its fi fth annual report of 1999, the JSA noted that the number of these ‘super-users’ had dropped.129 In 1997, the JSA requested the contracting parties to ensure that information leafl ets (drafted by the JSA) were distributed at external borders , more specifi cally at airports. According to the fourth annual report (March 1999 – February 2000) of the JSA, the number of requests from individuals for access to SIS information would have had increased since the dissemination of information; according to the JSA, this should be attributed to the success of the information campaign. Between 1999 and 2000, the JSA asked the Article 36 Committee (Coordinating committee of senior representatives of the governments under the TEU) whether the list of authorised users could be submitted to the JSA.
128 See Justice report (2000), p. 27 and 42. 129 See fi fth annual report JSA , March 2000–December 2001, overview of recommendations JSA
1996, (Dutch version), p. 33.
Brouwer ch-07.indd 230 3/20/2008 8:32:56 PM
Eff ective Remedies under Data Protection Law 231
Th e Article 36 Committee approved giving the JSA these lists after they were sub-mitted to the JHA Council.130
In it its most recent years of activity, the JSA has not sought much publicity or attention for its work. Th ere is a long delay in publication of its latest annual report and the information on its website is outdated. Illustrative of this lack of publicity is the fact that the 2005 report of the JSA on the national implementa-tion of Article 96 CISA was never offi cially published by the JSA. Th e report has only been accessible through the website of the Danish data protection authority and the NGO Statewatch. Th is passive attitude might be explained by the fact that the JSA was overshadowed by its communitarian counterparts, the Article 29 Working Party and the EDPS . Another reason for this lack of activity could be the fact that, with the establishment of SIS II, the functioning of the JSA would be taken over by the EDPS.
8. Eff ective Remedies: A Right to Judicial Remedies?
As a result of the importance of this subject, in the followings sections, I will also consider other instruments described above, to compare the diff erent provisions on legal remedies. Th ese other instruments include the Regulation on Eurodac , the third pillar instruments and the draft VIS Regulation.
8.1. Data Protection Convention
Th e Data Protection Convention refers to two diff erent situations in which an individual may invoke a remedy. Firstly, according to Article 8 of the Convention, an individual should have a remedy when his or her rights as protected in this pro-vision have been breached. Th e rights of Article 8 include the right to be informed about the existence of an automated data fi le and about the contents of the infor-mation stored about the data subject and the right to correct erroneous or inap-propriate information. Secondly, in accordance with Article 10, the State Parties should ensure “appropriate sanctions and remedies for violations” of provisions of national law implementing the principles of the Data Protection Convention.
Th e Convention and its explanatory memorandum do not explicitly require the availability of judicial remedies. Th e explanatory memorandum to Article 10 explicitly states that it is left to each State to determine the nature of these
130 See fourth annual report JSA , March 1999–February 2000, SCHAC 2533/1/00 REV 1 (Dutch version), p. 14.
Brouwer ch-07.indd 231 3/20/2008 8:32:56 PM
232 Chapter 7
sanctions and remedies (civil, administrative or criminal) “considering the ‘the non self-executing character of the convention’ ”.131
8.2. EC Directive 95/46
EC Directive 95/46 explicitly obliges Member States to provide for judicial rem-edies. According to Article 22, individuals should have a judicial remedy “for any breach of the rights guaranteed him by the national law applicable to the process-ing in question”. Th e fi rst sentence of Article 22, however, includes an important restriction of this right. According to this sentence, this right to judicial remedies is “without prejudice to any administrative remedy for which provision may be made, inter alia before the supervisory authority referred to in Article 28”. Th is means that national legislators may stipulate that, prior to the right to have access to courts, the individual should fi rst appeal to the supervisory data protection authorities as referred to in Article 28 of the EC Directive. Th is duty to address data protection authorities fi rst may not only lead to longer procedures, but could also imply that individuals have no timely access to eff ective remedies.
Th e importance for individuals to have access to national courts to enforce their rights under Directive 95/46 was confi rmed by the ECJ in Rechnungshof v. Österreichischer Rundfunk.132 Th is judgment was the fi rst decision of the ECJ on EC Directive 95/46. It dealt with the question of whether the rules of the Austrian Court of Auditors (Rechnungshof) based on which organisations and holdings had to disclose information about their employees and pensioners, including names, positions, salaries and their pensions, were in accordance with the provisions of the EC Directive and the Community principles on the protec-tion of privacy. In this judgment, the ECJ confi rmed that the scope of the appli-cability of this Directive has to be interpreted broadly. According to the ECJ, the scope of applicability of the Directive would not be limited to data processing directly linked to the freedoms of free movement as protected in the EC Treaty.133 Th e ECJ made it clear that every other interpretation would run the risk of mak-ing the boundaries of the Directive’s application too uncertain and too vague. Furthermore, it considered that the principles and criteria for legitimate data processing (as laid down in Articles 6 and 7 of the Directive) have a direct eff ect, in the sense that an individual may seek access to a national court to prevent the application of national rules which are contrary to these principles.134
131 Explanatory report to the Convention, see comments on Article 10. 132 Rechnungshof v. Österreichischer Rundfunk and Others, 20 May 2003, Joint Aff airs C-465/00,
C-138/01 and C-139/01. 133 Para. 39–47. 134 Para. 100.
Brouwer ch-07.indd 232 3/20/2008 8:32:56 PM
Eff ective Remedies under Data Protection Law 233
In this case, the ECJ found that the disclosure of names by the public bodies of the state implied interference with the right to private life as protected by Article 8 ECHR. Concluding that the interference at stake was in accordance with national law, the Court of Justice explicitly stated that it is “the task of national courts to ascertain whether this interference with the right of private life meets the requirements of foreseeability and whether the interference is neces-sary to protect legitimate aims”.135 With this wide interpretation, the ECJ did not follow the opinion of the Advocate General Tizzano on this case. Tizzano not only gave a narrow interpretation of “the scope of Community law”, but also held that the safeguarding of human rights would not be an independent objective of the Directive.
As we have seen above, Articles 10 and 11 of EC Directive 95/46 force the data controller to inform the data subject of the existence of the right to access and to rectify the data concerning him. Th is obligation, together with other data protec-tion provisions on informed decision-making, the right to receive information about the data processing and the rights of access, correction and deletion can be seen as important tools for safeguarding the “accessibility” of remedies. Even if the data protection law does not itself include a duty to inform the data subject of the availability of (judicial) remedies, these “information rights” are important with regard to the accessibility of remedies for the data subjects concerned.
8.3. Regulation 45/2001: EDPS
Article 32 of the Regulation contains provisions on the remedies which should be available to data subjects whose rights under Article 286 of the EC Treaty have been infringed. Th is includes the right of any person who has suff ered dam-age because of an unlawful processing operation or any action incompatible with this Regulation to have the damage made good in accordance with Article 288 of the Treaty. Furthermore, individuals may bring an action against decisions of the European Data Protection Supervisor before the Court of Justice. Th e Court of Justice also has jurisdiction to hear disputes which relate to the provisions of this Regulation, including claims for damages.
8.4. SIS I: Article 111 CISA
Pressed by the national data protection authorities during the negotiations on the draft text of the CISA (see above), the Schengen States inserted a provision in the CISA on the right of access to courts or independent authorities with regard to
135 Para. 88 and 91–94.
Brouwer ch-07.indd 233 3/20/2008 8:32:56 PM
234 Chapter 7
the alerts held in SIS. Th is provision, included in Article 111, is based on Articles 8 and 10 of the Data Protection Convention . Th is Article 111 CISA reads:
1. Any person may, in the territory of each Contracting Party, bring before the courts or the authority competent under national law an action to correct, delete or obtain information or to obtain compensation in connection with an alert involving them.
2. Th e Contracting Parties undertake mutually to enforce fi nal decisions taken by the courts or authorities referred to in paragraph 1, without prejudice to the provisions of Article 116.
Article 111 CISA provides for the right of a person, in the territory of each con-tracting party, to bring before the courts or the authority competent under national law an action to correct, delete or obtain information or to obtain compensation in connection with an alert involving him or her. Th e choice of authority that is competent to assess the individual claim and the scope of the available remedies has been left to the scrutiny of each Schengen State. Nevertheless, the explicit reference to a right to legal remedies, with the possibility of compensation, has been very important in the development of rights with regard to SIS. Th e mean-ing of this provision has been enhanced by Article 111 (2) of the CISA, according to which the fi nal decisions of national courts should be enforced by the national authorities of other contracting parties. Th is provision had to be inserted because the use of SIS is based on the principle that only the contracting state issuing the alert can modify, add to, correct or delete the data in SIS (Article 106 CISA).
Article 116 provides that each Schengen State is liable, in accordance with its national legislation, for any injury caused to a person through the use of the national data fi le of the Schengen Information System. Th is also applies to injury caused by the Contracting Party issuing the alert, where the latter entered factually inaccurate data or stored data unlawfully. Exceptionally, if the State against which an action is brought is not the State issuing the alert, Article 116 (2) provides that the latter shall be required, upon request, to reimburse the sums paid out as compensation unless the data were used by the requested State in breach of the rules of the CISA.
Article 111 CISA gives each individual the right to seek access to a competent court or authority, in every State which applies the CISA. Th us, the individual is not obliged to address the court in the country of his nationality, nor in the country where the person discovered use of his or her personal fi le from SIS. In one of the earliest drafts, such a limitation was proposed by the Dutch government, according to which the person could only submit his or her complaint about an SIS alert to the competent judge or authority of the state which entered the alert in the SIS.136
136 27 October 1988, SCH/I (88) 7 rev. (Dutch version) Article 2.15ter.
Brouwer ch-07.indd 234 3/20/2008 8:32:56 PM
Eff ective Remedies under Data Protection Law 235
Furthermore, Article 111 (2) obliges each contracting party mutually to enforce the fi nal decisions of the national courts or authorities concerning SIS. Th is implies, in my view, the power of national courts to consider the lawfulness of for-eign SIS reports. Another interpretation of this provision would render meaningless the rule inserted into Article 111 (2).137 I will come back to this point in the Chapters on France, Germany and the Netherlands, and in Chapter 14.
8.5. SIS II Regulation 1987/2006
Article 30 of the Commission proposal for a SIS II Regulation included an explicit right to judicial remedies, granting “any person in the territory of any Member State” the right to bring an action or a complaint before the courts of that Member State if refused the right of access to or rectifi cation or erasure of his data or the right to obtain information or reparation with regard to the processing of his data.138 On the one hand, the Commission proposal included an important addition to Article 111 CISA, granting a person the right to appeal against a decision of a national authority to store his information into SIS. According to Article 15 (3) of the draft Regulation, a third-country national would have the right “to a review by or an appeal to a judicial authority against a decision to issue an alert taken by an administrative authority of a Member State”. On the other hand, the Commission proposal seemed to include a terri-torial limitation by granting only those in the territory of any Member states the right to bring an action or complaint. In my view, the use of commas in Article 111 (1) of CISA makes clear that this provision does not include a territorial limitation but implies that the individual has the right to forward its action in any of the Member States.
A new proposal on SIS II was proposed by the Austrian Presidency in January 2006.139 In this new text, the explicit right to judicial remedies with regard to the decision to issue an alert in Article 15 (3) from the Commission proposal was deleted. Th e explicit duty to provide for a right to a judicial remedy if person is refused access or rectifi cation of his data, was changed into: “any person may bring before the courts or the authorities an action to correct or delete, or obtain information or to obtain compensation .…” According to this proposal, access to
137 A similar conclusion can be drawn from the judgment of the ECJ, C-150/05, Van Straaten v. the Netherlands, on the basis of which a Dutch lower court was considered competent to assess the lawfulness of an Italian alert in the SIS. Th e alert was based on Article 95 CISA. See section 7.6, Chapter 13.
138 COM (2005) 236, 31 May 2005, including a draft Regulation on the establishment, operation, and use of second generation SIS (SISII).
139 5709/06, 27 January 2006.
Brouwer ch-07.indd 235 3/20/2008 8:32:56 PM
236 Chapter 7
judicial courts would not be required, but also Member States would not be obliged to provide for legal remedies if somebody’s request for access or erasure is refused.
In the fi nal text as adopted in Regulation 1987/2006 on SIS II, the EU legisla-tor chose for almost exactly the same wordings as in Article 111 CISA, except for the addition of an evaluation clause in Article 43 (3) according to which the Commission should evaluate the rules on remedies before 17 January 2009. Furthermore, the new text in the SIS II Regulation does not include the territo-rial limitation which was implied in the Commission proposal with the phrase “in the territory of the Member State”.140 Th is means that, diff erent from the Commission proposal, access to remedies is not dependent on whether the per-son actually is within the territory one of the EU Member States. Especially where it concerns the use of SIS II for the refusal of entry or a visa, it would have been problematic if a third country national would not be able to remedy the wrongful use or registration of his or her personal information if he or she would be outside the EU territory.
Article 43 of the Regulation 1987/2006 reads:
1. Any person may bring an action before the courts or the authority competent under the law of any Member State to access, correct, delete or obtain informa-tion or to obtain compensation in connection with an alert relating to him.
2. Th e Member States undertake mutually to enforce fi nal decisions handed down by the courts or authorities referred to in paragraph 1, without prejudice to the provisions of Article 48.
3. Th e rules on remedies provided for in this Article shall be evaluated by the Commission by 17 January 2009.
Article 48 of the SIS II regulation includes a comparable provision on liability as included in Article 116 CISA. It provides that each Member State shall be liable in accordance with its national law for any damage caused to a person through the use of NSIS II. Th is shall also apply to damage caused by the Member State which issued the alert, where the latter entered factually inaccurate data or stored data unlawfully. If the Member State against which an action is brought is not the Member State issuing the alert, the latter shall be required to reimburse, on request, the sums paid out as compensation unless the use of the data by the Member State requesting reimbursement infringes this Regulation. Furthermore, Article 48 (3) provides that if any failure of a Member State to comply with its obligations under this Regulation causes damage to SIS II, that Member State can be held liable for such damage, unless and insofar as the Management
140 Th is territorial limitation was deleted in the draft of 6 June 2006, 5709/6/06.
Brouwer ch-07.indd 236 3/20/2008 8:32:56 PM
Eff ective Remedies under Data Protection Law 237
Authority or another Member State participating in SIS II “failed to take reason-able steps to prevent the damage from occurring or to minimise its impact”.
Finally, Article 49 of the SIS II Regulation provides that Member States must ensure that any misuse of data entered in SIS II “or any exchange of supplemen-tary information contrary to this Regulation” is subject to eff ective, proportionate and dissuasive penalties in accordance with national law.
8.6. Eurodac
As in CISA, the Eurodac Regulation includes a two-fold mechanism of protec-tion for individuals. On the one hand, individuals can seek protection from supervisory national authorities on the basis of Article 18 (10), as discussed above. On the other hand, Article 18 (11) and (12) of the Eurodac Regulation gives the data subject the right to bring an action or a complaint before the com-petent authorities or courts of the State if his or her right of access, correction or erasure is denied according to the laws, regulations and procedures of that State.
Finally, according to Article 68 of the EC Treaty, the Court of Justice is competent to consider prejudicial questions from (fi nal) national courts on the explanation of the Eurodac Regulation according to the procedure of Article 234 EC.
8.7. VIS Proposal
Article 33 (1) of the Commission proposal for a VIS Regulation included the right that in each Member State any person would have the right to bring an action or a complaint before the competent courts of that Member State if he is refused the right of access to or the right of correction or deletion of data relating to him.141 In the fi nal text for a VIS Regulation, based on a compromise between the European Parliament and the Council, the provision on remedies has been changed.142 In the fi rst place, as in Article 43 of the SIS II Regulation, the new provision allows Member States to provide only for the right to bring action to non-judicial author-ities. Secondly, in the new text, the right to remedies can only be invoked against the authority or court of that Member State by which his right of access, correction, or deletion has been refused. Other than Article 43 of the SIS II Regulation (and 111 CISA), the VIS Regulation does not provide that a person can invoke his right in any Member State, regardless of which Member State refused his request.
141 Original proposal by the Commission, COM (2004) 835. 142 Text of 19 June 2007, 9753/07, as agreed upon by the European Parliament, A6-0194/2007, 7
June 2007.
Brouwer ch-07.indd 237 3/20/2008 8:32:56 PM
238 Chapter 7
Th e fi nal Article 40 of the VIS Regulation on remedies reads:143
1. In each Member State any person shall have the right to bring an action or a complaint before the competent authorities or courts of that Member State which refused the right of access to or the right of correction or deletion relating to him, provided for in Article 38 (1) and (2).
2. Th e assistance of the national supervisory authorities referred to in Article 39 (2) shall subsist throughout the proceedings.
Th is VIS Regulation does not provide in a remedy against a decision which is based on VIS information, for example the refusal of a visa. However, according to Article 36 of the proposed Regulation, Member States must take the necessary measures to ensure that any misuse of data entered in the VIS is punishable by penalties, including administrative and/or criminal penalties in accordance with national law, that are “eff ective, proportionate, and dissuasive”.
8.8. Th ird Pillar Instruments
Article 38 of the Europol Convention includes a regulation on the liability of Member States with regard to damage “caused to an individual as a result of legal or factual errors in data stored or processed at Europol”. Only in the Member State where the event occurred which gave rise to the damage can the individual apply to the courts, competent under the national law of the Member State involved. Th e Convention does not refer further to a right to judicial remedies.
Recommendation (87) 15 on the use of personal data in the police sector only refers to the need for the right of appeal to an independent authority with regard to the refusal to grant access to one’s own data. According to Article 6 (6) of the Recommendation, where access to data in a police fi le is refused, the data subject should be able to appeal to a supervisory body or to another independent body which shall satisfy itself that the refusal is well-founded. Th e recommendation does not include further provisions on the powers and competences of this independent authority nor prescribe that there should be access to a judicial authority.
Th e draft Framework Decision on the protection of personal data processed in the framework of police and judicial co-operation in criminal matters also includes a right to a judicial remedy.144 According to Article 20 of the draft of 24 April 2007, “the data subject must have the opportunity of seeking judicial remedy for any breach of the rights guaranteed to him by applicable national
143 According to the text of June 2007. 144 7315/1/07, 24 April 2007.
Brouwer ch-07.indd 238 3/20/2008 8:32:57 PM
Eff ective Remedies under Data Protection Law 239
law.”145 However, as in Article 22 of the EC Directive, Article 20 of the draft Framework Decision includes the limitation that the national legislator may pro-vide for administrative remedies prior to referral to a judicial court.
According to Article 19 of the draft Framework Decision of April 2007, any person suff ering damage as a result of unlawful processing operation or of any act incompatible with the national provisions adopted pursuant this Framework Decision, is entitled to receive compensation from the competent authority “or other authority competent under national law”. Article 24 obliges Member States to adopt “suitable measures to ensure the full implementation of the provisions of this Framework Decision” and to “lay down eff ective, proportionate and dissuasive sanctions to be imposed in case of infringement of the provisions adopted pursuant to this Framework Decision.”
9. Conclusions
9.1. Th e Value of Data Protection
In this Chapter, I have tried to make it clear that data protection protects not only privacy and that data protection principles such as purpose limitation , data quality or security cannot solely be explained by the need to protect the right to privacy.146 Th e need to observe central data protection principles can only be understood by defi ning and eventually rethinking the diff erent goals of data pro-tection. By focussing on the real goals of data protection, one may prevent data protection issues from being too easily brushed aside as minor or relatively insignifi cant matters.
It could be argued that data protection law includes procedural norms, rather than substantial criteria. For example, data protection laws force the authorities responsible for data processors to report certain data fi les to the data protection authorities, to defi ne in advance the purpose for which the data is collected or used and to give individuals the opportunity to apply for the right to access, correct or delete personal information. However, as we have seen above, these procedural rules are closely tied to substantial criteria. For example, the principle
145 Compare to the text of Article 27 in the version of November 2006, which referred to: “the right of every person to a judicial remedy for any breach of the rights guaranteed to him by the applicable national law pursuant to this Framework Decision to the processing in question”. 13246/5/06, 22 November 2006.
146 See De Hert & Guthwirth (2003), p. 111 ff .
Brouwer ch-07.indd 239 3/20/2008 8:32:57 PM
240 Chapter 7
on the protection of so-called sensitive or special categories of data protects the right of non-discrimination. Th e prohibition of automated individual decisions in Article 15 of the Directive 95/46 also safeguards one of the key values of the rule of law , namely the right to transparent and informed decision-making. Further, the principle of purpose limitation in for example Article 6 of the EC Directive 95/46, obliges data processors to ‘substantiate’ the goals for which data is collected and processed. Prior to the data processing, the responsible authori-ties must defi ne the explicit purposes of this data processing. Th ese defi nitions of the purposes of data processing are to be considered as substantial limitations of the use of personal information. In principle, any use or further dissemination of information going beyond these defi ned goals should be considered as unlawful. Furthermore, the purposes should be lawful and establish that the data processing is necessary for the tasks performed by the data processor.
Although there seems to be a general understanding on the content and the importance of data protection principles, the applicable rules allow for many exceptions under various circumstances. Th is implies the risk that many provi-sions of data protection will continue to be considered ‘soft law’ instead of becom-ing ‘hard law’. Based on the text of EC Directive 95/46, national legislators may, under certain conditions, limit individual rights or data protection principles, including participation rights and the ban on processing sensitive data . Furthermore, considering current developments at the national and EU level, the importance of the purpose limitation principle seems to be increasingly neglected and its practical meaning undermined by vague provisions. If the purpose of data processing and the group of authorities having access to data are defi ned very widely, this principle will not off er any extra safeguard for the persons concerned. Th e same problem arises with regard to the principle of restricting the storage of data over time. Th e obligation to apply time limits is only eff ective as long as these time limits are based on a fair balance between the diff erent interests at stake. As we have seen, the applicable provisions on time limits in the instru-ments described above are not very rigid. In general, data processors may decide for themselves which time limit is appropriate. However, as we have seen in Chapter 6, legislators are bound by Article 8 ECHR. For this reason, it is impor-tant that the ECJ, in the Österreichischer Rundfunk judgment, emphasised that the exceptions as allowed in Article 13 of Directive 95/46 must comply with the requirement of proportionality and that this provision cannot be interpreted as “conferring legitimacy” on an interference with the right to respect for private life contrary to Article 8 ECHR.
In my fi nal conclusions, Chapter 14, I will apply the main principles of data protection law as described in this Chapter to the current EU measures or pro-posals on the use of personal information and information technology including SIS II, VIS, and Eurodac .
Brouwer ch-07.indd 240 3/20/2008 8:32:57 PM
Eff ective Remedies under Data Protection Law 241
9.2. Eff ective Remedies
9.2.1. Access to Data Protection Authorities and Courts?Regarding the availability of legal remedies, data protection law generally provides two-fold protection. Firstly, this includes rules for the creation of super-visory bodies at national and supranational levels. Th ese (non-judicial) bodies are normally endowed with certain competences and powers, such as issuing opin-ions, ordering the blocking, erasure or destruction of data, or placing a tempo-rary or defi nitive ban on data processing. Th ey often play a mediating role between the data subject and the data holder.
Secondly, many of the EU data protection instruments described above include the right of data subject to bring an action or complaint before the competent authorities or courts. Th is right does not always imply access to a judicial court and is often restricted to the data subject’s right of access, correction or deletion of his data. In the Österreichischer Rundfunk case of 2003, however, the ECJ con-fi rmed the right of an individual to seek access to a national court “to prevent the application of national rules which would be contrary to the principles as pro-tected by the EC Data Protection Directive”.147 Furthermore, as we have seen, the Court of Justice explicitly stated that it is “the task of national courts to ascertain whether this interference with the right of private life meets the requirements of foreseeability and whether the interference is necessary to protect legitimate aims.”148 Although the EC Directive 95/46 does not apply to SIS I, it does apply to data processing within the scope of Community law. Th erefore, the conclu-sions of the ECJ are important not only with regard to the use of Eurodac and the future Visa Information System, but also with regard to the registration of third-country nationals in SIS II on the basis of Regulation 1987/2006.
9.2.2. AccessibilityGenerally, the aforementioned data protection laws do not oblige data processing authorities to inform the data subject on his or her right to a judicial remedy. Articles 10 and 11 of the EC Directive 95/46 however do oblige the data controller to inform the data subject on the existence of the right to access to and to rectify the data concerning him.
Th e CISA does not include any obligation for the contracting parties to inform the data subjects on their rights. However, Article 111 CISA gives each individ-ual the right to seek access to a competent court or authority, in every State which
147 Joint cases C-138/01, C-139/01 and C-465/00. 148 Para. 88 and 91–94.
Brouwer ch-07.indd 241 3/20/2008 8:32:57 PM
242 Chapter 7
is applying the CISA. Th is improves the accessibility of legal remedies as the individual may choose in which country he or she addresses the national court or authority. Th is right to apply to the court or authority of any Member State is repeated in Article 43 of the SIS II Regulation.
9.2.3. ScopeAccording to Article 22 of the EC Directive 95/46, individuals have a judicial remedy “for any breach of the rights guaranteed him by the national law applicable to the processing in question”. Th is means that the scope of judicial review by the national courts includes every right following from this Directive as implemented in the national law. Th is goes beyond the scope of the remedies as defi ned in the Eurodac Regulation and the proposed VIS Regulation which only off er a legal remedy with regard to a refusal of the right to access, correction, or deletion of data.
As we have seen above, Article 111 CISA (and Article 43 of the SIS II Regulation) provides for a right for an action to correct, delete, or obtain infor-mation or to obtain compensation in connection with an alert involving them. Th is implies a much broader scope of remedies, including every use of the information held in the SIS or SIS II causing harm to the applicant.
9.2.4. CompetencesIn the EC Directive 95/46, the powers of national courts include the power to order fi nancial repair (Article 23 EC Directive) or to impose sanctions in case of infringement of national provisions implementing data protection law (Article 24 EC Directive).
Article 116 CISA (and Article 48 of the SIS II Regulation) provides that each Schengen State is liable in accordance with its national law for any injury caused to a person through the use of the national data fi le of the Schengen Information System. Th is also applies to injury caused by the Contracting Party issuing the alert, where the latter entered factually inaccurate data or stored data unlawfully. Only, if the State against which an action is brought is not the issuing State, the latter must, in principle, reimburse the sums paid out as compensation.
National data protection authorities mainly have an advisory function. Formally, these authorities are empowered with more coercive powers, including the power to order the blocking, erasure or destruction of data, of imposing a temporary or defi nitive ban on the data processing. However, in practice these powers seem to be rarely used. With regard to SIS II, VIS and Eurodac , the pow-ers of national data protection authorities are not very clearly defi ned and seem to be limited to “assist and advise” the person concerned in exercising his or her rights. An important provision in the draft VIS Regulation and SIS II Regulation is the obligation for Member States to ensure that their national data protection
Brouwer ch-07.indd 242 3/20/2008 8:32:57 PM
Eff ective Remedies under Data Protection Law 243
authorities have “suffi cient resources” to perform their tasks. Concerning the powers of courts, it is important to note that both the Eurodac Regulation, the SIS II Regulation, and the proposed VIS Regulation include provisions on the duty of Member States to impose penalties for misuse of data.149 Th is will give the individuals, and national courts, an important practical tool to remedy wrongful use of the information stored in these databases.
Th e role of national courts and data protection authorities with regard to the use of SIS I in France, Germany and the Netherlands in practice, will be further dealt with in Part III.
149 Article 25 Eurodac Regulation, Article 49 Regulation 1987/2006 on SIS II, and Article 36 of the proposed VIS Regulation (version of June 2007).
Brouwer ch-07.indd 243 3/20/2008 8:32:57 PM
Brouwer ch-07.indd 244 3/20/2008 8:32:57 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 245–274.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Chapter 8
Eff ective Remedies in Immigration Procedures: ECHR“Even where an allegation of a threat to national security is made, the guarantee of an eff ective remedy requires as a minimum that the competent independent appeals authority must be informed of the reasons grounding the deportation decision, even if such reasons are not publicly available. Th e authority must be competent to reject the executive’s assertion that there is a threat to national security where it fi nds it arbitrary or unreasonable.”1
1. Introduction
In the last two Chapters, I have dealt with the availability of and criteria for eff ective remedies in the fi eld of the right to privacy and data protection law. In this Chapter and Chapter 9, I focus on the right to legal remedies in immigration law procedures. It is clear that the use of SIS, as well as the use of Eurodac and VIS, involve decisions in the fi eld of immigration law. Th e information stored in these databases may lead to the refusal of admission or a visa, the detention of the immigrant, or even his or her expulsion. Considering this use of databases for bor-der and immigration control, the following sections will explore which criteria apply to the remedies in immigration law procedures. Which human rights as protected in the ECHR and the annexed protocols are relevant for the individual at stake and when does this imply a right to a fair trial or eff ective remedies?
In the following sections, I will give only a brief overview of the case law of the ECtHR with regard to the underlying subject. I will not examine substantial crite-ria which have been formulated by the ECtHR with regard to decisions on the admission, expulsion or detention of third-country nationals. For a more elaborate study of these matters, I refer to other publications.2
1 European Court of Human Rights, Al-Nashif v. Bulgaria, 20 June 2002, no. 50963/99, § 137, Jurisprudentie Vreemdelingenrecht 2002/239, annotation Elspeth Guild.
2 P. van Dijk, Protection of “Integrated” Aliens against Expulsion under the European Convention on Human Rights, and C. Harvey, Promoting Insecurity: Public Order, Expulsion and the European Convention on Human Rights, both published in: Guild & Minderhoud (2001), p. 23 ff . and p. 41 ff .; N. Blake and R. Husain, Immigration, Asylum and Human Rights, Oxford/
Brouwer ch-08.indd 245 3/13/2008 2:44:46 PM
246 Chapter 8
2. Article 6 (1) ECHR: Th e Right to a Fair Trial
2.1. Maaouia: (Non-)Applicability of Article 6 in Immigration Law Procedures?
Article 6 (1) ECHR reads:
“In the determination of his civil rights and obligations or of any criminal charge against him, everyone is entitled to a fair and public hearing within a reasonable time by an independent and impartial tribunal established by law. Judgement shall be pronounced publicly but the press and the public may be excluded from all or part of the trial in the interests of morals, public order or national security in a dem-ocratic society, where the interests of juveniles or the protection of the private life of the parties so require or to the extent strictly necessary in the opinion of the court in special circumstances where publicity would prejudice the interests of justice.”
Article 6 (1) ECHR codifi es the basic principle according to which individuals have the right of access to judicial remedies. Th e scope of this provision is limited by the words “in the determination of his civil rights or of any criminal charge against him”. Article 6 (2) and (3) include specifi c safeguards for criminal law procedures, including for example the right to be informed promptly or to have the free assistance of an interpreter. Although this was disputed until the mid 1980s, it is now clear from various judgments by the ECtHR that Article 6 (1) applies to administrative procedures when the rights of the individual under civil or criminal law are at stake.3
With regard to immigration law procedures, the ECtHR has so far been reluc-tant to apply the standards of Article 6 (1) ECHR. In the Maaouia case of 2000, by a majority of fi fteen votes to two, the ECtHR explicitly concluded that Article 6 ECHR does not apply to immigration law decisions.4 Th is case concerned the appeal of a Tunisian national in France, married to a French national, who was sentenced in 1988 to six years’ imprisonment for armed robbery and assault. After his imprisonment, the French authorities issued a deportation order against him. Th e applicant was never informed of this deportation order. He was confronted with this order for the fi rst time on 6 October 1992 when he attended the Nice Centre for Administrative Formalities in order to regularise his status. When he refused to travel to Tunisia he was prosecuted again, this time for failing to comply with a deportation order. In November 1992, he was sentenced by the Nice
New York: Oxford University Press 2003; N. Blake, Developments in the Case Law of the European Court of Human Rights in: B. Bogusz, R. Cholewinski et al. (eds.), Irregular Immigration and Human Rights: Th eoretical, European and International Perspectives, Leiden/Boston: Martinus Nijhoff Publishers 2004, p. 431 ff .
3 See Benthem v. the Netherlands, 23 October 1985, no. 8848/80, Series A, 97 and Geouff re de la Pradelle v. France, 16 December 1992, no. 12964/87, Series A, 253.
4 Maaouia v. France, 5 October 2000, no. 39652/98, ECHR 2000-X, § 40.
Brouwer ch-08.indd 246 3/13/2008 2:44:47 PM
Eff ective Remedies in Immigration Procedures: ECHR 247
Criminal Court to one year’s imprisonment. Th is judgment was accompanied by an exclusion order, excluding him from French territory for ten years. After lengthy procedures against the deportation and exclusion orders, these orders were rescinded in 1994 and 1998 respectively and in 1998 Maaouia obtained a ten-year residence permit with the right to seek employment. In his appeal before the ECtHR, Maaouia complained that the length of the procedure against the exclusion order was unreasonable and violated his rights under Article 6 (1). Th e ECtHR held that Article 6 (1) was not applicable, stating that “Decisions regarding the entry, stay and deportation of aliens do not con-cern the determination of an applicant’s civil rights or obligations or of crimi-nal charge against him, within the meaning of Article 6 § 1 of the Convention”. An important reason for this conclusion by the ECtHR was the adoption of the 7th Protocol to the ECHR by the Contracting States, which explicitly deals with the protection of aliens in expulsion cases. According to the ECtHR, the existence of this Protocol would refl ect the intention of the contracting parties with regard to the restricted scope of Article 6 (1) ECHR.
Th is decision and the association the ECtHR made between Article 6 (1) and the 7th Protocol has been criticised in the dissenting opinions of other judges in this case and by commentators. Th e main objection to this limited interpretation of Article 6 by the ECtHR raised by Blake and Husain was the failure to pro-mote the rule of law in the context of relations between a politically vulnerable class of individuals in its dealings with a powerful state.5 Th is fundamental issue has also been pointed out by one of the dissenting judges in the Maaouia case, Loucaides: “It would be absurd to accept that the judicial safeguards were intended only for certain rights, particularly those between individuals, and not for any legal rights and obligations including those vis-à-vis the administration where independent judicial control is especially required for the protection of the individuals against the powerful authorities of the State.”
Interestingly, in two decisions from 1999, one year before the Maaouia judgment was published, the ECtHR (sitting in chambers) established a more ambiguous atti-tude on the applicability of Article 6 (1) ECHR in immigration law procedures.6 Although, in both decisions, the appeals were declared inadmissible and the applicability of Article 6 ECHR was rejected, the ECtHR did not completely neglect the relevance of the criteria of this human right. In the fi rst case, S.N. v. the Netherlands, the applicant complained about the lack of appeal against a deci-sion by a regional court in his asylum procedure. He argued that this lack of
5 Nicholas Blake and Raza Husain, Immigration, Asylum and Human Rights (2003), p. 241–248.6 S.N. v. the Netherlands 4 May 1999, no. 38088/97, and J.E.D. v. the United Kingdom, 2 February
1999, no. 42225/98.
Brouwer ch-08.indd 247 3/13/2008 2:44:47 PM
248 Chapter 8
appeal would constitute discrimination against asylum seekers, contrary to the non-discrimination principle of Article 14 ECHR taken together with Article 6 ECHR. In this decision, in which the application was declared inadmissible, the ECtHR considered that “even supposing that proceedings concerning the grant of residence permits and the expulsion of aliens were to come within the ambit of Article 6, this Article did not compel the Contracting States to establish courts of appeal or of cassation”. In the second decision in J.E.D. v. the United Kingdom, the ECtHR explicitly stated that it did not consider it necessary to examine specifi -cally whether the guarantees contained in Article 6 ECHR applied to the asylum proceedings and whether the applicant was entitled under that provision to a court procedure to challenge the decision rejecting his renewed asylum request. However, in the following sentence, the ECtHR did make its own assessment of whether there had been ‘a fair trial ’. Th e ECtHR noted that the applicant was able to seek a judicial review of the Secretary of State’s decision and that the applicable High Court proceedings did not indicate any element of unfairness. Additionally, the ECtHR noted that the applicant was legally represented in those proceedings. Th ese considerations lead it to conclude that the applicant’s complaint was inadmissible, being manifestly ill-founded. Even if the ECtHR does not revise its decision in the Maaouia case with regard to the non-application of Article 6 (1), in my view these earlier decisions affi rm that the principles of Article 6 (1) ECHR do play a role in immigration law procedures.
Th ere is another reason why the criteria of Article 6 (1) ECHR become rele-vant in immigration law procedures and that reason is EU law. As we will see in Chapter 10, the right to a fair trial which is incorporated in the EU Charter on Fundamental Rights is directly inspired by Article 6 (1) ECHR. Th e EU legislator explicitly widened the protection of this right by not limiting its scope to crimi-nal or civil law procedures. Th erefore, the criteria of this human right apply in immigration law procedures based on EU law.
In the following sections, I describe – based on the jurisprudence of the ECtHR – two situations in which Article 6 (1) ECHR can be invoked directly where it concerns decisions in the fi eld of immigration law aff ecting the “civil rights” of the individual.
2.2. Immigration Law Decisions and the Right to Financial Compensation
In Chapter 6, concerning Article 8 ECHR and the right to private life, we saw that the ECtHR applied Article 6 (1) with regard to damages which were infl icted upon the applicants based on the use of their personal information. In the Rotaru judgment, the ECtHR found that the refusal of the Romanian courts to deal with the applicant’s claim for costs and damages was in breach of his right to fair proceedings protected under Article 6 (1). In this case, the applicant had lodged
Brouwer ch-08.indd 248 3/13/2008 2:44:47 PM
Eff ective Remedies in Immigration Procedures: ECHR 249
his claim at a national level for compensation of his costs and the non-pecuniary damage he suff ered based on the infringement of his right to private life.7 By recognising the claim for fi nancial compensation as a “civil right” within the meaning of Article 6 (1) ECHR, the ECtHR concluded that the applicant should have had access to a fair trial in accordance with the criteria of this human right.
Th e right to fi nancial compensation as a “civil right” within the meaning of Article 6 (1) ECHR may also arise with regard to national decisions involving immigration law. Individuals may suff er (non-pecuniary) damage caused by administrative measures or decisions, including detention or expulsion or the refusal of to grant admission, a visa or a residence permit. Th is damage may consist of physical or mental harm caused by expulsion or detention, travel costs or loss of income when, for example, the purpose of travel was employment or business-related. If the detention measures or expulsion measures are unlawful or if the refusal of a visa is in breach of the right to family life protected by Article 8 ECHR, a person should have the right to lodge a claim for fi nancial compensation. As we will see in the Chapter on the Netherlands, in some judg-ments the Dutch courts granted fi nancial redress with regard to (wrongful) decisions in the fi eld of immigration law.
Th e (indirect) application of Article 6 ECHR in immigration law procedures can be illustrated by the Coorplan-Jenni and Hascic v. Austria judgment (2006), in which the ECtHR applied Article 6 (1) with regard to the refusal of the Austrian government to issue an employment permit to a national of Bosnia-Herzegovina.8 In this judgment, the ECtHR rejected the submission of the Austrian govern-ment, according to which the decision regarding the issue of an employment per-mit to a third-country national did not concern a “civil right” within the meaning of Article 6 ECHR. For the conclusion of the ECtHR, it was relevant in this case that both the foreign employee and his employer had applied for an employment permit. Th e fact that only the refusal to issue the employment permit to the employer made it impossible for the employee to obtain this job was grounds for the ECtHR to conclude that the refuted decision by the Austrian government was decisive for the “civil” rights of both the employer and the employee.
2.3. (Non-)Registration and the Right to Financial Compensation
Th e Rotaru judgment established that the registration of personal data may cause fi nancial harm, and thus a civil right in the sense of Article 6 (1) ECHR, if the registration infringes the right to private life as protected in Article 8 ECHR. However, the (non-) registration of personal data may also result in a claim for
7 Rotaru v. Romania, no. 28341/95, 4 May 2000. See Chapter 6, section 6.4.2.8 Coorplan-Jenni and Hascic v. Austria, 27 July 2006, no. 10523/02.
Brouwer ch-08.indd 249 3/13/2008 2:44:47 PM
250 Chapter 8
a “civil” right even if the protection of Article 8 ECHR is not involved. Th is has been illustrated in two cases dealt with by the ECtHR, where the applicants com-plained about the refusal of authorities to include them on a list or in a fi le. Th e fi rst case, Chevrol v. France, concerned a French national who had qualifi ed as a doctor in Algeria and whose repeated applications to be registered as a member of the Medical Association (Ordre des médecins) were refused by the French authorities.9 Th e ECtHR considered that the procedure launched by the applicant in France was a dispute over a civil right. Th e fact that the applicant submitted reasonable grounds to show that, according to French law, she should have been aff orded the right to be registered as a member of the Ordre des médecins, was suffi cient grounds for the ECtHR to consider Article 6 (1) applicable in this case.
In the second comparable case, Buzescu v. Romania, the ECtHR dealt with the complaint of a Romanian lawyer against the annulment by the Romanian authorities of his registration at the Constanţa Bar.10 Th e authorities also refused to renew his registration at the Bucharest Bar, after he had stayed and worked for several years in the United States. In its judgment, the ECtHR found a breach of Article 6 (1) with regard to the proceedings applying to Mr. Buzescu’s claim for registration at the Bucharest Bar (§ 74). Th e ECtHR accepted that the annul-ment of the applicant’s registration at the Consţanta Bar had led to a loss of cli-entele and thus to a loss of income. Th is loss of income was recognised as an interference with his right to the peaceful enjoyment of his possessions and in breach of Article 1 of the 1st Protocol to the ECHR on the protection of prop-erty (§ 98). Applying Article 41 of the Convention, which includes the ability for the ECtHR to aff ord just satisfaction to the injured party, the ECtHR repeated its earlier conclusions that, for the acceptance of the applicant’s claim for pecuniary loss, a clear causal connection between the damage claimed by the applicant and the violation of the Convention should be established. In this case, the ECtHR found that there had been an unjustifi ed interference with the appli-cant’s possessions, owing to the disproportionate consequences of the invalidation of his status as a lawyer by the Romanian authorities (§ 106).
Th e reason I consider these latter judgments important is that they establish the link between being registered (or not) in public fi les and the possibility for individuals to exercise their rights. In these judgments, the ECtHR confi rmed the relation between a decision of the authorities to refuse a person’s registration
9 Chevrol v. France, 13 February 2003, no. 49636/99 ECHR 2003-III. Th e applicant held, among other things, that on the basis of a French Declaration on an agreement between Algeria and France, her Algerian diplomas should have been recognised in France. Th e Conseil d’État refused to judge the applicability of this regulation, relying on the declaration of the French Minister of Foreign Aff airs that it was not applicable.
10 Buzescu v. Romania, 24 May 2005, no. 61302/00 (unreported).
Brouwer ch-08.indd 250 3/13/2008 2:44:47 PM
Eff ective Remedies in Immigration Procedures: ECHR 251
and the loss of income and fi nancial damage caused by this refusal. Th e judg-ments in the cases of Chevrol and Buzescu make clear that the fact of (non-) registration may also involve a civil right, even if there is no breach of the right to private life. According to the criterion of the ECtHR, cited in the aforemen-tioned Buzescu v. Romania case, a clear causal connection must exist between the damage claimed and the violation of the individual’s right under the ECHR. As we have seen above, the registration in the SIS for the purpose of non-admission means that third-country nationals are not allowed to enter the EU territory. Th is may include persons who were previously issued a long-term residence per-mit by one of the EU Member States. Th e consequence of registration in SIS (or VIS or Eurodac ) could therefore be that the person concerned is restricted in the performance of his work, which results in the loss of income. If it can be established that the SIS alert is unlawful or inaccurate or, for example, in breach of the individual’s right of freedom of movement on the basis of the EC Treaty (see Chapter 9), this may give rise to a claim for fi nancial damage or loss of income based on the registration in the SIS, under Article 6 (1) ECHR.
3. Article 5 (1) (f ) ECHR: Right to Liberty and Security
Article 5 ECHR includes the right to liberty and security of persons. According to this right, no-one should be deprived of his or her liberty except in the situations described in Article 5 (1) and if this is in accordance with a procedure prescribed by law. One of these situations of “lawful arrest or detention of a person” is, according to Article 5 (1) (f ), “to prevent his eff ecting an unauthorised entry into the country or of a person against whom action is being taken with a view to deportation or extradition.” If Article 5 applies, Article 5 (4) obliges governments to guarantee eff ective remedies against these detention measures. According to this provision, persons who are deprived of their liberty by arrest or detention should be entitled to take measures “by which the lawfulness of his detention shall be decided speedily by a court and his release ordered if the detention is not law-ful.”11 Article 5 (4) thus off ers a separate legal basis for the right to eff ective reme-dies in the fi eld of the detention of persons for immigration law purposes: either for the prevention of unauthorised entry or with a view to a planned deportation. As we will see below, a very important judgment in which the ECtHR applied and specifi ed the criteria of Article 5 was the Čonka judgment of 2002.12 Th is case
11 See, for a more extended review of the meaning of Article 5: Boeles (1997), p. 226 ff and G. Cornelisse, Human Rights for Immigration Detainees in Strasbourg: Limited Sovereignty or a Limited Discourse? in: European Journal of Migration and Law, Vol. 6, no. 2, 2004, p. 93–110.
12 Čonka v. Belgium, 5 February 2002, no. 51564/99, ECHR 2001-I.
Brouwer ch-08.indd 251 3/13/2008 2:44:47 PM
252 Chapter 8
concerned the arrest and detention of a group (rejected) Romany asylum seekers by the Belgian authorities with the aim of expelling them.
4. Protocol No. 7 to the ECHR: Procedural Safeguards Relating to Expulsion of Aliens
Another specifi c provision on legal remedies in immigration law procedures is off ered by Article 1 (1) of Protocol no. 7 to the ECHR, according to which an alien lawfully resident on the territory of a State should not be expelled from this country except “in pursuance of a decision reached in accordance with law”.13 Article 1 describes the safeguards States should observe when expelling an individual. Th is person should be allowed, fi rstly, to submit reasons against his expulsion; secondly, to have his case reviewed and, thirdly, to be represented for these purposes before the competent authorities or a person or persons designated by that authority. Article 1 (2) of this 7th Protocol empowers governments to make an exception and to expel a person before the exercise of these three safeguards if this is necessary in the interests of public order or is based on reasons of national security .
Whether or not this Protocol provides any added protection compared to the other rights under the ECHR has been questioned for several reasons.14 In the fi rst place, Article 1 (1) of this Protocol is limited to third-country nationals with lawful residence on the territory of a State. Secondly, the text of the Protocol includes criteria which are considered as not very clear. For example, Article 1 does not provide any criterion with regard to the right of review or the “compe-tent authorities” before which the case of alien may be represented. Also, the exceptions to the rights mentioned in Article 1, which may be based on the interests of public order or on reasons of national security , run the risk of being interpreted broadly. Th irdly, and perhaps more importantly, of the EU Member States, six Member States, including Belgium, Germany, Greece, the Netherlands, Spain and the United Kingdom, have not ratifi ed this 7th Protocol.15
Nevertheless, for those countries that have ratifi ed Protocol no. 7, two judg-ments by the ECtHR, Lupsa v. Romania and Kaya v. Romania, illustrate that this Protocol gives additional protection to third-country nationals.16 Th e fi rst case Lupsa v. Romania dealt with a formal residence ban issued by the Romanian
13 Protocol no. 7 to the ECHR, 22 November 1984, ETS no. 117, eff ective 1 November 1988. 14 See Pieter Boeles, (1997), p. 286–288. 15 Th e UK also did not sign this protocol. See http://conventions.coe.int. Status as of June 2007. 16 Lupsa v. Romania, 8 June 2006, no. 10337/04, Jurisprudentie Vreemdelingenrecht 2006/311,
annotation Rick Lawson. Kaya. v. Romania, 12 October 2006, no. 33970/05 (unreported).
Brouwer ch-08.indd 252 3/13/2008 2:44:47 PM
Eff ective Remedies in Immigration Procedures: ECHR 253
authorities against a Yugoslavian national. Kaya v. Romania concerned the expul-sion of a Turkish national from Romania on the basis of a decision by the Romanian authorities to declare him inadmissible for 15 years. In this latter case, the authorities justifi ed the decision to declare the applicant inadmissible on the basis of “suffi cient and serious information that he was planning activities which would endanger the national security ”. In both cases, the ECtHR found that the expulsion constituted a breach of both Article 8 ECHR and Article 1 of the 7th Protocol. With regard to the infringement of Article 1 of the 7th Protocol, the ECtHR held that the legal basis for the expulsion did not meet the procedural guarantees under that Article 1, since the law was not suffi ciently accessible and foreseeable (see further section 6.2 below).17
But even for those countries which did not ratify this Protocol, on could argue that the rules included in Protocol no. 7 are not without relevance. Firstly, as pointed out by Lawson in his annotation to the Lupsa judgment, the EU Member States confi rmed the applicability of the principles of the ECHR in the preamble to Directive 2003/109 on the protection of long-term resident third- country nationals.18 Th is would imply the principles which are included in the annexed Protocols to the ECHR. Secondly, as we saw above, the ECtHR explicitly referred in the Maaouia judgment to the 7th Protocol to justify the non-application of Article 6 (1) ECHR. It does not make sense to restrict the application of Article 6 ECHR because the contracting parties already included necessary safeguards in the Protocol no. 7, if these latter rules are not binding for the non-ratifying States.
5. Article 13 ECHR: Th e Right to Eff ective Remedies in Immigration Law Procedures
5.1. When Does Article 13 Apply?
Article 13 ECHR provides:
“Everyone whose rights and freedoms as set forth in this Convention are violated shall have an eff ective remedy before a national authority notwithstanding that the violation has been committed by persons acting in an offi cial capacity.”
In a wide range of judgments by the ECtHR Article 13, in combination with other ECHR rights, has been applied to decisions made in national immigration law procedures. Where an individual is refused a visa, a residence permit or entry
17 Lupsa § 55, Kaya § 55. 18 Lawson (ibid.) para. 6. See also preamble (4) of the Directive 2001/40 on the mutual recognition
of expulsion decisions OJ L 149, 2.6.2001.
Brouwer ch-08.indd 253 3/13/2008 2:44:47 PM
254 Chapter 8
or when his expulsion or detention infringes one of the human rights protected in the ECHR, the limited possibilities for challenging such a refusal may violate the right to an eff ective remedy under Article 13 ECHR.19 With regard to immi-gration law decisions, Article 13 ECHR has been applied in conjunction with Article 8 ECHR with regard to refusal of admission or an expulsion order in breach of the applicant’s right to family life (Sen, Üner); with Article 3 in expul-sion cases (Al-Nashif, Čonka, Chahal ); with Article 4 of Protocol no. 4 on the prohibition of collective expulsion (Čonka), and even regarding the freedom of speech protected in Article 10 ECHR (Piermont).20 In the following sections, I will focus on the jurisprudence of the ECtHR with regard to refusal of admis-sion and with regard to expulsion or expulsion orders.
It is important that for the application of Article 13 ECHR, the ECtHR does not fi nd it necessary to establish the violation of such a right either by national courts or by the ECtHR. It is suffi cient for the applicant to have an “arguable claim” that there has been a breach of one of the right or freedoms of the Convention.21 Furthermore, the ECtHR emphasised in several judgments that the right to eff ective remedies should be interpreted in a fl exible manner and without excessive formalism.22 Th e ECtHR therefore accepted that, during the national procedures, the claimant did not refer explicitly to his or her right under the ECHR which was allegedly infringed. If the content of the claim covers this breach of human rights, this is suffi cient according to the case law of the ECtHR.
5.2. Admission of Th ird-Country Nationals
Th e ECtHR has recognised, under certain circumstances, the positive obligation of governments with regard to the admission of a person when this is considered necessary for the protection of the applicant’s family life . Th e positive duty of a government to give leave to enter to its national territory or to issue a residence permit was acknowledged for the fi rst time in Abdulaziz, Cabales and Balkandali v. the United Kingdom.23 Although, in this case, the ECtHR found no breach of
19 See also R. Cholewinski, No Right of Entry, in: Groenendijk, Guild & Minderhoud (2003), p. 108–109.
20 Piermont v. France, 27 April 1995, no. 15773-74/89, Series A, 314. Th e other judgments referred to are dealt with below.
21 Silver and others v. the United Kingdom, 25 March 1983, no. 5947/72; 6205/73; 7052/75; 7061/75; 7107/75; 7113/75; 7136/75 Series A 61.
22 Cardot v. France, 19 March 1991, no. 11069/84, Series A, 200, § 34, Castells v. Spain, 23 April 1992, no. 11798/85 Series A, 236, § 27, Geouff re de la Pradelle v. France, 16 December 1992, no. Series A, 253-B, § 26.
23 Abdulaziz, Cabales and Balkandali v. the United Kingdom, 28 May 1995, no. 9214/80; 9473/81; 9474/81 Series A 94.
Brouwer ch-08.indd 254 3/13/2008 2:44:47 PM
Eff ective Remedies in Immigration Procedures: ECHR 255
Article 8 ECHR, it confi rmed that the refusal to give spouses of legally resident third-country nationals leave to enter or to remain in the UK could aff ect the right to respect for family life under Article 8. Th e ECtHR rejected the govern-ment’s view that Article 8 ECHR would not apply at all to immigration control, by confi rming the earlier statement by the Commission that the right of a foreigner to enter or remain in a country is not guaranteed as such by the Convention, but that immigration controls had to be exercised in accordance with the Convention obligations and the exclusion of a person from a state where members of his family were living might raise an issue under Article 8 (§ 59).
In both Gül v. Switzerland and Ahmut v. the Netherlands, the ECtHR held that a refusal to permit the applicants to remain in the country did not constitute “interference” with the exercise of their right to respect for their family life .24 However, the ECtHR ruled that, based on the positive obligation of States to respect the family life of the individual “a fair balance has to be struck between the competing interests of the individual and of the community as a whole”. Recognising “a certain margin of appreciation” for the State and balancing the diff erent interests at stake, the ECtHR found no violation of Article 8 ECHR in the Gül and the Ahmut judgments.
Th e obligation of States, under certain circumstances, to admit relatives of settled immigrants to their territory based on the right to family life protected in Article 8 ECHR, was cited in Sen v. the Netherlands.25 Th is case concerned the refusal by the Dutch authorities to admit the daughter of Turkish parents who lived in the Netherlands. Th e ECtHR ruled that, based on the positive obligations of Article 8 ECHR, the Dutch administration should have granted entry to a 13-year-old daughter because of the major obstacles to her parents’ return to Turkey, their country of origin. Th is decision on the positive implications of Article 8 ECHR implies that third-country nationals applying abroad for a residence permit or a visa for another State are entitled to a remedy against the denial of this request when this denial is regarded as violating their right to family life.26 If, under certain circumstances, the duty to respect the right to family life of Article 8 ECHR obliges a State to admit a person to its territory, a refusal of admission (including refusal at the border, of a visa or a long-term residence permit) should be considered a breach
24 Gül v. Switzerland, 19 February 1996, no. 22676/93 Reports 1996-I, §§ 32–38, Ahmut v. the Netherlands, 28 November 1996, no. 21702/93 Reports 1996-V, § 63.
25 Sen v. the Netherlands, 21 December 2001, no. 31465/96, Jurisprudentie Vreemdelingenrecht 2002/30 annotation S.K. van Walsum.
26 Th e ECtHR based its decision that the most appropriate place for exercising the right to family life was in the Netherlands, in particular on the circumstances that her parents were settled in the Netherlands and had been legally resident for years, and that two younger children had been born in the Netherlands, the younger siblings attending school in the Netherlands.
Brouwer ch-08.indd 255 3/13/2008 2:44:47 PM
256 Chapter 8
of the right under Article 8 ECHR. A procedure in which the individual seeks remedy against this refusal therefore falls within the scope of Article 13 ECHR and should meet the criteria developed under this right to eff ective remedies.
5.3. Expulsion and Expulsion Orders
In several cases, the ECtHR has dealt with the applicability of Article 13 ECHR with regard to the expulsion of third-country nationals. In these judgments, Article 13 was applied in combination with either Article 8 ECHR, where the applicant claimed that the expulsion was in breach of his right to family life , or Article 3 ECHR on the right not to be subjected to torture or inhuman or degrading treatment or punishment. With regard to the right to family life, the ECtHR allows Member States a certain margin of appreciation to consider whether the expulsion infringes the rights of the third-country national in question.27 However, as we will see in the sections below, with regard to claims based on the protection of Article 3 ECHR, the ECtHR formulated more stringent criteria with regard to the availability of eff ective remedies than in its case law concerning the right to private or family life under Article 8 ECHR.
One of the earliest decisions on the expulsion of third-country nationals was the case of Moustaquim v. Belgium.28 In this case, the ECtHR dealt with the claim by a Moroccan national residing legally in Belgium that his expulsion by the Belgian authorities infringed his right to family life . Th e applicability of Article 13 ECHR was not raised during this trial, but the ECtHR found that the deportation of Moustaquim was not necessary in a democratic society and there-fore violated his right to respect for his private life under Article 8 ECHR. Th e Al-Nashif v. Bulgaria judgment concerned the detention and deportation to Syria of Mr. Al-Nashif, a stateless person of Palestinian origin, based on national secu-rity grounds.29 Aside from his complaint on the basis of Article 5 (4) ECHR with regard to his detention, Al-Nashif and his children claimed that his expulsion was in breach of his right to family life under Article 8 ECHR. In this judgment, the ECtHR found that no eff ective remedy existed against this interference with his right to family life and therefore that both Article 8 and Article 13 ECHR were breached (see further below).
27 See M. Fasti, Th e restrictive approach taken by the European Court of Human Rights: deporta-tion of long-term immigrants and right to family life (Parts 1 and 2), in: Tolley’s Immigration, Asylum and Nationality Law, Vol. 16, nos. 3 & 4, 2002.
28 Moustaquim v. Belgium, 18 February 1991, no. 12313/86, Series A, 193, § 46. See also Nasri v. France, 13 July 1995, no. 19465/92 Series A 320-B.
29 Al-Nashif v. Bulgaria, 20 June 2002, no. 50963/99, Jurisprudentie Vreemdelingenrecht 2002/239, annotation E.Guild.
Brouwer ch-08.indd 256 3/13/2008 2:44:47 PM
Eff ective Remedies in Immigration Procedures: ECHR 257
In its Vilvarajah judgment, the ECtHR applied Article 13 together with Article 3 ECHR. Th is case dealt with the expulsion of a Tamil family to India by the UK authorities.30 Th e applicants claimed that their deportation to India violated their right under Article 3 ECHR to be protected from inhuman and degrading treatment. A comparable case was dealt with in the case of Chahal v. the United Kingdom, concerning Indian asylum seekers (Sikhs) to be expelled to India on national security grounds.31 In the Chahal judgment, the applicants invoked the grounds that their lives were in danger in India and that the expulsion would be in breach of Article 3 ECHR. Also, in Jabari v. Turkey, the ECtHR applied Article 13 together with Article 3 ECHR, to assess whether the judicial review proceed-ings which would have been available to the applicant in Turkey satisfi ed the requirements of eff ective remedies.32 In this case, the applicant – whose application for asylum had been rejected – claimed that her life would be at risk if she were deported to Iran.
In several judgments, the ECtHR had to deal with an individual claim against an expulsion order, where the applicant claimed that this order would infringe his right to family life as protected in Article 8 ECHR. In the case of Boultif v. Switzerland the ECtHR defi ned relevant criteria to use in order to assess whether a residence ban or expulsion measure is “necessary in a democratic society and proportionate to the legitimate aim pursued”.33 Th ese criteria, repeated by the ECtHR in Üner v. the Netherlands,34 include:
– the nature and seriousness of the off ence committed by the applicant;– the length of the applicant’s stay in the country from which he or she is to be
expelled;– the time elapsed since the off ence was committed and the applicant’s conduct
during that period;– the nationalities of the various persons concerned;– the applicant’s family situation, such as the length of the marriage, and other
factors expressing the eff ectiveness of a couple’s family life ;– whether the spouse knew about the off ence at the time when he or she entered
into a family relationship;
30 Vilvarajah and others v. the United Kingdom, 30 October 1991, no. 13163/87, Series A, 215, §§ 117 to 127.
31 Chahal v. the United Kingdom, 15 November 1996, no. 22414/93, Reports 1996-V. 32 Jabari v. Turkey, 11 July 2000, no. 40035/98, ECHR 2000-VIII. 33 Boultif v. Switzerland, 2 August 2001, no. 54273/00, ECHR 2001-IX. Th is case concerned the
claim an Algerian national married to a Swiss national whose residence permit was not renewed after a criminal conviction.
34 Üner v. the Netherlands, 18 October 2006, no. 46410/99, § 57, Jurisprudentie Vreemdelingenrecht 2006/417, annotation P. Boeles.
Brouwer ch-08.indd 257 3/13/2008 2:44:47 PM
258 Chapter 8
– whether there are children of the marriage, and if so, their age; and– the seriousness of the diffi culties which the spouse is likely to encounter in
the country to which the applicant is to be expelled.
As a national expulsion order is one of the grounds to report a third-country national in the SIS, the criteria as defi ned by the ECtHR in Boultif and Üner are important tools to assess the legitimacy of these SIS reports as well.
6. Criteria for Eff ective Remedies
6.1. Judicial or Non-judicial Remedies
Article 6 (1) ECHRAccording to Article 6 (1) ECHR, everyone has a right to a fair and public hearing by an independent and impartial tribunal. Th e wordings chosen in Article 6 (1), for example, “judgment shall be pronounced publicly” or, with regard to the assessment of special circumstances for the limitation of this publicity, “in the opinion of the court”, make it clear that this tribunal should be a judicial court. Th is interpretation has been confi rmed by the ECtHR in its jurisprudence.35
Article 5 (4) ECHRWith regard to the protection of detained persons, Article 5 (4) explicitly requires that these persons should have access to judicial courts with regard to the review of the lawfulness of the detention. As mentioned above, Article 1 of the 7th Protocol on the expulsion of aliens is less clear and does not seem to require the availability of judicial remedies.
Article 13 ECHRAs we saw in Chapter 6, when dealing with the right to private life and the protection off ered by Article 13 ECHR in combination with Article 8 ECHR, the ECtHR explicitly accepted the availability of a non-judicial authority. Also, with regard to the protection of human rights in immigration law procedures, the CtHR found that the right to eff ective remedies under Article 13 ECHR does not necessarily imply judicial remedies.36 However, according to the ECtHR, in the absence of a judicial authority, the available remedies would have to meet certain procedural guarantees and guarantees of eff ectiveness. In general, as we will
35 Belilos v. Switzerland, 29 April 1988, no. 10328/83, Series A, 132 and Oberschlick v. Austria (I), 23 May 1991, no. 11661/85, Series A, 204.
36 See Al-Nashif §132.
Brouwer ch-08.indd 258 3/13/2008 2:44:47 PM
Eff ective Remedies in Immigration Procedures: ECHR 259
see below, in those cases the independent authority must be able to deal with the substance of the complaint and it should be able to grant the applicant “appropri-ate relief”.37 In the Chahal judgment, the ECtHR held that the question of whether the national remedy is eff ective before an authority would depend on the powers and guarantees granted to this authority.38 On the other hand, the ECtHR made it clear that if judicial remedies are available, this does not mean that these remedies should automatically be considered “eff ective”. Especially if there is a real risk of treatment in breach of Article 3 ECHR, it must be established that the independent authority or judicial court off ers suffi cient eff ective protection.39
6.2. Accessibility of Eff ective Remedies
Article 6 (1) ECHRArticle 6 (1) provides that an individual should have access to a court within a reasonable time.40 Article 6 (1) ECHR, when applied to civil law procedures, does not compel the State to provide for the assistance of a lawyer or legal aid. Only when this proves indispensable for eff ective access to court, for example in com-plex procedures, the ECtHR held that the availability of a legal representative is a necessary requirement. According to the jurisprudence of the ECtHR, national law should provide a clear and coherent system of legal protection to enable an individual to make use of his right to have an eff ective remedy before a court. Th is requirement of a “clear, practical, and eff ective opportunity to challenge an admin-istrative act” was stressed by the ECtHR in the Geouff re de la Pradelle case.41 With regard to the accessibility of the trial, Article 6 (1) may sometimes compel the State to provide for the assistance of a lawyer or legal aid when this proves indis-pensable for eff ective access to court. In the Airey judgment, the ECtHR found that this might be the case, either because legal representation is rendered compul-sory, as in the domestic law of certain Contracting States for various types of liti-gation, or by reason of the complexity of the case procedure.42 Th e availability of a legal representative is however not a prerequisite. For example, in McVicar v. the United Kingdom, the ECtHR considered that a procedure in which the applicant had represented himself had been in accordance with Article 6 (1) provided
37 See also Battjes (2006), para. 412, p. 320. 38 Chahal § 152. 39 Čonka §§ 75 ff , Vilvarajah §§ 122–126. 40 Zimmermann v. Switzerland, 13 July 1983, no. 8737/79, Series A, 66. 41 Geouff re de la Pradelle v. France, 16 December 1992 l.c. § 34. Th is case concerned the adminis-
trative appeal of the applicant against decisions by the French authorities which interfered with his right to own land.
42 Airey v. Ireland 6 February 1981, no. 6289/73 Series A, 41 §§ 26–33.
Brouwer ch-08.indd 259 3/13/2008 2:44:47 PM
260 Chapter 8
national law allowed for this self-representation and provided the applicable law was not too complex.43 It is important to note at this point that, when applying Article 6 (1) criteria to civil law procedures, the ECtHR uses less strict criteria than those defi ned for criminal law procedures. Th e aforementioned cases con-cerned civil law procedures. It seems reasonable that, when applying Article 6 (1) to administrative law procedures, the ECtHR would defi ne more stringent criteria with regard to the accessibility of procedures.
Article 5 (1) and 5 (4) ECHRArticle 5 (4) ECHR requires that national governments should provide access to courts “speedily” or within specifi c time limits. Applying the criteria of Articles 5 (1) f and 5 (4) ECHR, the ECtHR identifi ed a number of factors in the Čonka case which “undoubtedly aff ected the accessibility of the remedy which the Government claim was not exhausted”.44 One of these factors was that the infor-mation on the available remedies handed to the applicants on their arrival at the police station was printed in tiny characters. Furthermore, the text was written in a language they did not understand and only one interpreter had been available to a large number of Romany families. In its assessment of whether the deprivation of liberty was in conformity with Article 5 ECHR, the ECtHR criticised the relia-bility of the communications sent to the applicants. According to the ECtHR this information should be accurate “irrespective of whether the recipients are lawfully present in the country or not”. Based on these considerations, the ECtHR con-cluded that the applicants had not had access to eff ective remedies. In Amuur v. France, the ECtHR extended the scope of protection off ered by Article 5 ECHR to the transit zones of national airports.45 According to the conclusions of the ECtHR in this judgment, States cannot argue that asylum seekers held in a transit zone at an airport are at any time free to leave the territory and therefore not deprived of their liberty. Th e ECtHR also refused to accept the argument that the international zone where the asylum seekers were to remain could not be consid-ered the territory of the contracting state. Th e legitimate concern of States to “foil the increasingly frequent attempts to circumvent immigration restrictions” should not, according to the ECtHR, deprive asylum seekers of the protection aff orded by the ECHR. With regard to the availability of remedies against prolonging the detention, the opportunity of a speedy review should be available. Furthermore, the legal basis for the detention should be suffi ciently accessible and precise as to avoid all risk of arbitrariness. In the case at stake, the text in French law would not
43 McVicar v. the United Kingdom, 7 May 2002, no. 46311/99, ECHR 2002-III. 44 Čonka v. Belgium, 5 February 2002, no. 51564/99, ECHR 2001-I § 44. 45 Amuur v. France, 25 June 1996, no. 19776/92, Reports 1996-III, detention of asylum seekers at
Orly airport, see § 43–48.
Brouwer ch-08.indd 260 3/13/2008 2:44:47 PM
Eff ective Remedies in Immigration Procedures: ECHR 261
allow national courts to review the conditions of detention and therefore the ECtHR found a breach of Article 5 (1) ECHR.46
Article 1 (1) of Protocol No. 7, ECHRWith regard to the application of Article 1 (1) of Protocol no. 7, the ECtHR considered in Lupsa v. Romania and Kaya v. Romania (see above), that the appli-cants were not given any eff ective chance to refute the expulsion decision before a national court.47 Th e authorities failed to provide the applicants with “the slightest indication of the off ence” of which they were suspected and the public prosecutor’s offi ce did not send the order issued against the applicants until the day of the only hearing before the Court of Appeal. Furthermore, the ECtHR observed that the Court of Appeal dismissed all requests for an adjournment, thus preventing the applicant’s lawyer from studying the aforementioned order and producing evidence in support of her application for judicial review of it.
Articles 13 and 8 ECHRIn the Al-Nashif case, the decision to deport the applicant was taken without disclosing any reasons to the applicant, to his lawyer, or to any independent body competent to examine the matter. Th is, according to the ECtHR, precluded the applicant from having an eff ective opportunity to challenge the deportation or refusal-of-residence order.48 In the Al-Nashif judgment, the ECtHR also applied the criteria of Article 8 ECHR concerning whether the interference with this right was suffi ciently clear and foreseeable.49 Th is right included, according to the ECtHR, the need for safeguards to ensure that the discretion left to the authorities is in accordance with the law and without abuse. In the refuted case, under Bulgarian law, the Ministry of the Interior was competent to issue deportation orders interfering with human rights without following “any form of adversarial procedures, without giving any reasons and without any right of appeal to an independent authority”.50 Th erefore, the ECtHR concluded that there was a breach of Article 13 ECHR.
Accessibility of Right Under Article 34 ECHRArticle 34 ECHR provides individuals with the right to submit a request to the ECtHR for an interim order if, during the national procedures, his or her rights under this Convention are at risk of being violated by the refuted decision or
46 Amuur § 43 and § 50. 47 In both judgments §§ 59–60. 48 Al-Nashif, §§ 126 and 133. 49 §§ 117 ff . Compare the jurisprudence on Article 8 ECHR as described in Chapter 6. 50 Al-Nashif, § 126.
Brouwer ch-08.indd 261 3/13/2008 2:44:47 PM
262 Chapter 8
measure. In Mamatkulov and Abdurasulovic v. Turkey (I), the ECtHR considered the case of two applicants who were extradited by the Turkish authorities to Uzbekistan on the basis of an extradition warrant issued by the latter state.51 Th is extradition warrant was based on the suspicion that the applicants were involved in homicide, causing injury by exploding a bomb in the Republic of Uzbekistan, and an attempted terrorist attack on the President of Uzbekistan. Both applicants were handed over to the Uzbek authorities before being able to apply their rights under Article 34 of the ECHR, asking the Strasbourg Court for an interim relief, arguing that their extradition would be in breach of Article 3 ECHR. In this judg-ment, the ECtHR ruled that “it is implicit in the notion of the eff ective exercise of the right of individual application that for the duration of the proceedings in Strasbourg the principle of equality of arms should be observed and an applicant’s right to suffi cient time and necessary facilities in which to prepare his or her case respected”. As in the present case, the applicants’ representatives were not able to contact the applicants, despite their requests to the Turkish and Uzbek authorities for permission to do so, the applicants were considered as having been denied an opportunity “to have further inquiries made in order for evidence in support of their allegations under Article 3 of the Convention to be obtained”.
6.3. Scope of Review
Article 6 ECHRWith regard to Article 6 (1), the ECtHR concluded at an early stage that fair trial includes access to a judicial body that has full jurisdiction and the competence to determine all aspects of the matter.52 Furthermore, it has been emphasised that national courts should have full competence to re-examine the facts of the case and to remedy the shortcomings found at administrative level.53 In the Chevrol v. France case, the ECtHR dealt with the question of whether the scope of review performed by the French Conseil d’État was in accordance with Article 6 (1) when, in order to reach its decision, this court had relied on the evidence given by the Ministry of Foreign Aff airs with regard to the applicability of international law.54 On the basis of the fact that this Minister’s involvement was decisive for the out-come of the legal procedures and was not open to challenge by the applicant, the ECtHR concluded that the applicant did not have access to “a tribunal which had, or had accepted, suffi cient jurisdiction to examine all the factual and legal
51 Mamatkulov and Abdurasulovic v. Turkey (I), 6 February 2003, no. 46827/99 (unreported) § 96. 52 Albert and Le Compte I and II, 10 February 1983, no. 7299/75 and 7496/76, Series A, 58. 53 Belilos, l.c., §§ 70–72. 54 Chevrol v. France, 13 February 2003, no. 49636/99 ECHR 2003-III, §§ 82–83.
Brouwer ch-08.indd 262 3/13/2008 2:44:47 PM
Eff ective Remedies in Immigration Procedures: ECHR 263
issues relevant to the determination of the dispute”.55 A comparable issue is dealt with in the Obermeier case.56 Mr. Obermeier was an Austrian citizen who took proceedings against his dismissal as an employee by a private insurance company. In this case, the applicant submitted that he had no access to a fair trial because the Austrian labour courts dealing with his proceedings considered themselves bound by the decisions of the administrative authorities. According to the ECtHR, the conditions laid down in Article 6 (1) are met only if the decisions of the administrative authorities binding the courts were delivered in conformity with the requirements of that provision. Th e ECtHR found in this judgment that the decisions taken by the Austrian administrative authorities, declaring the dismissal of a disabled person to be socially justifi ed, in the majority of cases remained with-out any eff ective review by the courts. According to the ECtHR, in disputes con-cerning civil rights, such a limited review cannot be considered an eff ective judicial review under Article 6 (1) ECHR.
Article 5 (1) and 5 (4) ECHRAccording to Article 5(4) ECHR, a court should be able to decide on “the law-fulness” of a detention. With regard to this scope of review, the ECtHR repeat-edly pointed out that this “does not guarantee a right to judicial review of such breadth as to empower the court, on all aspects of the case including questions of pure expediency, to substitute its own discretion for that of the decision-making authority”. However, according to the ECtHR, the review should be wide enough to bear on those conditions which are essential for the “lawful” detention of a person according to Article 5 (1)”.57 Th is implies that the existence of a remedy must be “suffi ciently certain to give the individual concerned adequate protection against arbitrary deprivation of liberty”.58
Article 13 ECHRIn general, in cases not related to immigration law procedures, the ECtHR con-sidered the scope of review by national courts important in assessing whether national remedies meet the standards of eff ective remedies within the meaning of Article 13 ECHR.59
With regard to expulsion orders, in at least three judgments the ECtHR explicitly considered whether the scope of review by national courts complied
55 See also Beaumartin v. France 24 November 1994, no. 15287/89, Series A, 296B. 56 Obermeier v. Austria, 28 June 1990, no. 11761/85, Series A, 179. 57 See Chahal § 127. 58 Chahal §§ 121–122. 59 See Hatton and others v. the United Kingdom, 8 July 2003, no. 36022/97 ECHR 2003-VIII.
Brouwer ch-08.indd 263 3/13/2008 2:44:47 PM
264 Chapter 8
with the requirements of Article 13. In the Vilvarajah case, mentioned above, the applicants criticised the marginal role of the national courts in the UK.60 Th ey submitted that national courts did not ascertain whether the administration issu-ing the expulsion order (Secretary of State) was correct in assessing the risk to which the applicants would be exposed when returned back to Sri Lanka. Th e ECtHR, however, found that the national court had stressed its special responsi-bility to subject administrative decisions to the “most anxious scrutiny” in cases where an applicant’s life of liberty would be at stake. Th erefore, the ECtHR con-cluded that the powers of the national courts in this case provided an eff ective degree of control over the decisions of the administrative authorities in asylum cases and were suffi cient to satisfy the requirements of Article 13 ECHR.61
In the Al-Nashif case, the ECtHR emphasised that the right to an eff ective remedy protected under Article 13 ECHR required that an individual be able to challenge the executive’s assertion that national security is at stake.62 Th ere should be some form of adversarial proceedings, if necessary through a special represent-ative after security clearance. Th e consideration of the ECtHR in the Al-Nashif case is important, namely that governments may not, simply by invoking the goals of “national security”, ignore the essential safeguards provided in the ECHR. Even where an allegation of a threat to national security is made, the guarantee of an eff ective remedy requires as a minimum that the competent independent appeals authority be informed of the grounds for the deportation decision, even if such reasons are not publicly available. National courts should be able to assess “the credibility of the government’s assertion that the national security is at stake”. In other words, the authority must be competent to reject the executive’s assertion that there is a threat to national security, where it fi nds this arbitrary or unreasonable.
In Chapter 6, we saw that the ECtHR had held in the Leander and Klass judg-ments that, in these cases, a remedy that was “as eff ective as can be” would be suffi -cient under circumstances where national security considerations did not permit the divulging of certain sensitive information.63 In the Chahal judgment, the ECtHR ruled that this criterion of “as eff ective as can be” would not be appropriate in respect of a complaint that a person’s deportation will expose him or her to a real risk of treatment in breach of Article 3 ECHR: “In such cases, given the irreversible nature of the harm that might occur if the risk of ill-treatment materialised and the
60 Vilvarajah and others v. the United Kingdom, 30 October 1991, no. 13163/87, Series A, 215, §§ 117 to 127.
61 Vilvarajah §§ 125–126. 62 Al-Nashif § 137. 63 See the judgments in Klass and others v. Germany, 6 September 1978, no. 5029/71, Series A, 28,
§ 69 and Leander, 26 March 1987, no. 9248/81, Series A, no. 116, § 78.
Brouwer ch-08.indd 264 3/13/2008 2:44:47 PM
Eff ective Remedies in Immigration Procedures: ECHR 265
importance the ECtHR attaches to Article 3, the notion of an eff ective remedy under Article 13 requires independent scrutiny of the claim that there exist sub-stantial grounds for fearing a real risk of treatment contrary to Article 3. Th is scru-tiny must be carried out without regard to what the person may have done to warrant expulsion or to any perceived threat to the national security of the expel-ling State.”64 Th e ECtHR emphasised that there was a diff erence between this case, where it concerned the life and security of the person, and its earlier judgments where the privacy of information was at risk. Also, in the Al-Nashif case, the ECtHR explicitly made a distinction between cases of expulsion of aliens on national secu-rity grounds and cases with regard to systems of secret surveillance or secret checks, on the same grounds. Where the ECtHR acknowledged that, in the latter cases, such systems could only function if the individual remained unaware of the meas-ures aff ecting them, it considered with regard to expulsion decisions that the interests of preserving sensitive information were much more easily reconciled with the rights of the individual to an eff ective remedy.65
Th e question whether individuals have an eff ective remedy at the national level also plays a role with regard to the right to lodge an appeal before the ECtHR. In its jurisprudence, the ECtHR has held that the obligation to exhaust domestic remedies as required by Article 35 (1) ECHR, is limited to “making use of those remedies which are likely to be eff ective and available in that their existence is suffi ciently certain and they are capable of redressing directly the alleged viola-tion of the Convention”.66 Th is criterion was, for example, used in Salah Sheekh v. the Netherlands concerning the claim of an asylum seeker that his expulsion to Somalia would be in breach of Article 3 ECHR. According to the ECtHR, an applicant cannot be regarded as having failed to exhaust domestic remedies if he or she can show, by providing relevant domestic case-law or any other suitable evidence, that an available remedy which he or she has not used was bound to fail. Considering the consistent jurisprudence of the Dutch highest administra-tive court (“Administrative Jurisdiction Division”), the ECtHR found that in practice a further appeal to this court “would have had virtually no prospect of success”. Th erefore the claim of the applicant was considered admissible even if he had failed to exhaust the national remedies.
64 Chahal, §§ 150–151. 65 Al-Nashif § 137. 66 Salah Sheekh v. the Netherlands, 11 January 2007, no. 1948/04, §§ 119–127. See also Azdivar v.
Turkey, 16 September 1996, no. 21893/93, dealt with in Chapter 6, section 6.4.1.
Brouwer ch-08.indd 265 3/13/2008 2:44:48 PM
266 Chapter 8
6.4. Competences
Article 6 (1) ECHRIn Hornsby v. Greece, the ECtHR made it very clear that, in order to meet the criteria on the eff ectiveness of legal remedies, the execution of a judgment given by any court must be regarded as an integral part of the ‘trial’ for the purposes of Article 6 (1) ECHR.67 Or, in other words, if national administrations could simply ignore the deci-sions of their national courts, the available procedures cannot be said to be eff ective. Th e Hornsby case concerned a British couple applying for authorisation from the Greek authorities to start a private school (frontistirions) in Rhodes. Th is authorisation was refused on the grounds that only Greek nationals could be granted such permis-sion. According to the applicants, their right to eff ective remedies had been violated by the Greek authorities because they failed to comply with two positive (to the appli-cant’s case) judgments by the Greek Supreme Administrative Court.68 Th e ECtHR criticised the fact that the Greek authorities did not consider themselves bound by the decisions of the Supreme Administrative Court. In the words of the ECtHR, it would be “inconceivable that Article 6 (1) should describe in detail procedural guarantees aff orded to the litigants that are fair, public and expeditious, without protecting the implementation of judicial decisions”. In the view of the ECtHR, the protection of Article 6 (1) ECHR should therefore not be limited to access to a court or the con-duct of proceedings as this could lead “to situations incompatible with the principle of the rule of law ”.
Article 5 (1) and 5 (4) ECHRTh e text of Article 5 (4) is clear, stating that the court should be able to order the individual’s release if the detention is not lawful.
Article 13 ECHRIn Iatridis v. the United Kingdom, the ECtHR ruled that the availability of eff ective remedies as such is not enough.69 Using motivation comparable to the Hornsby case with regard to Article 6 (1), the ECtHR held in this case that eff ective remedies according to Article 13 ECHR can only be eff ective if the national authorities comply with the judgments reached by the courts during the procedure. In the words of
67 Hornsby v. Greece, 19 March 1997, no. 18357/91, Reports 1997-II. 68 Th e Greek authorities failed to implement the judgments of the EC Court of Justice and the
Greek Supreme Court with regard to allowing nationals of EC Member States to open schools in Greece under the same conditions as those applied to Greek nationals.
69 Iatridis v. Greece, 25 March 1999, no. 31107/96, ECHR 1999-II. See § 66. Th is case concerned the claim by Iatridis with regard to his right of ownership (Article 1 of Protocol no. 1 to the ECHR) together with his claim that his right to eff ective remedies had been breached.
Brouwer ch-08.indd 266 3/13/2008 2:44:48 PM
Eff ective Remedies in Immigration Procedures: ECHR 267
the ECtHR, “the remedy required by Article 13 must be ‘eff ective’ in practice as well as in law, in particular in the sense that its exercise must not be unjustifi ably hindered by the acts or omissions of the authorities of the respondent State.”
In the Čonka case, the ECtHR clarifi ed with regard to decisions on the expul-sion of third-country nationals that, “the notion of an eff ective remedy under Article 13 requires that the remedy may prevent the execution of measures that are contrary to the Convention and whose eff ects are potentially irreversible”.70 Consequently, it would be inconsistent with Article 13 for such measures to be executed before the national authorities have examined whether they are compati-ble with the Convention. Th e ECtHR stressed that the requirements of Article 13 should take the form of guarantees rather than a mere statement. It is important to note that the ECtHR explicitly rejected the statement by the Belgian govern-ment in which the excessive workload of the Conseil d’État was presented as an excuse for the failing system of legal remedies. It is the duty of a State to organise its judicial system such that it is able to manage the available procedures.71
Th e need for courts to have the ability to suspend measures with irreversible eff ects was also covered in Jabari v. Turkey.72 In this judgment on the decision of the Turkish authorities to expel an Iranian woman to Iran, the ECtHR ruled that the notion of an eff ective remedy under Article 13 requires independent and rig-orous scrutiny of a claim that substantial grounds exist for the fear of a real risk of treatment contrary to Article 3 ECHR. National courts should therefore have the ability to suspend the implementation of the impugned measures. In this conclusion, the ECtHR emphasised the importance of Article 3 ECHR and “the irreversible nature of the harm that might occur if the risk of torture or ill- treatment alleged materialised”. Along the same lines, as we have seen above, the ECtHR held in Mamatkulov v. Turkey that Contracting States are obliged to respect an interim measure of the ECtHR in order to “avoid irreparable harm and to abstain from any act or omission that might prejudice the integrity and eff ectiveness of the ECtHR’s fi nal judgment”.73
7. Th e Principle of Non-discrimination: Article 14 ECHR
With regard to the question of whether diff erent treatment based on nationality is in accordance with the non-discrimination principle of Article 14 ECHR, the ECtHR ruled in Moustaquim v. Belgium that there must be an objective and reasonable
70 Čonka v. Belgium, 5 February 2002, no. 51564/99, ECHR 2001-I, see § 79. 71 Čonka §§ 83–84. 72 Jabari v. Turkey, 11 July 2000, no. 40035/98, ECHR 2000-VIII, § 50. 73 Mamatkulov and Abdurasulovic v. Turkey (I), 6 February 2003, no. 46827/99.
Brouwer ch-08.indd 267 3/13/2008 2:44:48 PM
268 Chapter 8
justifi cation for giving a preferential treatment to nationals of other EC Member States.74 In this case, the ECtHR found an objective and reasonable justifi cation for the discrimination in treatment of EU nationals and third-country nationals in the fact that Belgium and the other EC Member States belonged to a special legal order. In the Gaygusuz and Poirrez judgments, the ECtHR formulated a more stringent and more specifi ed criterion.75 Th e Gaygusuz case dealt with the complaint of a Turkish national who had lived and worked in Austria for more than ten years. When he became unemployed, the Austrian authorities refused him unemployment benefi ts on the grounds that he did not have Austrian nationality. Th e Poirrez case dealt with the claim of a national of the Ivory Coast who was adopted by a French citizen. Mr. Poirrez, who had been physically disabled since the age of seven, had been refused an allowance for disabled adults on the basis of his nationality. In both cases (Gaygusuz and Poirrez), the ECtHR found that this diff erentiation based on nationality had no objective and reasonable justifi cation and therefore involved a breach of Article 14 ECHR in conjunction with Article 1 of Protocol No. 1 (on the right to property). According to the ECtHR, the national authorities would have to submit “very weighty reasons” before diff erent treatment exclusively based on the grounds of nationality could be regarded as compatible with the Convention.
Th e relevancy of the right of non-discrimination in the fi eld of border controls became clear as well in the judgment of the ECtHR in Timishev v. Russia.76 Th is case concerned the complaint of a Russian national of Chechen ethnicity, who was refused by the Russian authorities to pass administrative borders within Russia. Th e ECtHR ruled that there was a violation of Article 14 ECHR in com-bination with Article 2 of the 4th Protocol (dealing with the freedom of movement ). According to the ECtHR “no diff erence in treatment which is based exclusively or to a decisive extent on a person’s ethnic origin is capable of being objectively justifi ed in a contemporary democratic society built on the principles of pluralism and respect for diff erent cultures.” It should be emphasised that the right to liberty of movement and freedom to choose his residence within the territory of a State as protected by the 4th Protocol applies to everyone lawfully within that State. Th is includes third-country nationals.
Th e question is when national governments can submit very weighty grounds or “objective and reasonable justifi cation of the discrimination in treatment” with regard to the applicable procedural guarantees. With the rejection in the Čonka judgment of the arguments by the Belgian government that overworked national
74 Moustaquim v. Belgium, 18 February 1991, no. 12313/86, Series A, 193. 75 Gaygusuz v. Austria, 16 September 1996, no. 17371/90, Reports 1996-V, § 42, and Poirrez v.
France, 30 September 2003, no. 40892/98, ECHR 2003-X, § 46. 76 EHRM Timishev v. Russia, 13 December 2005, no. 55762/00 and 55974/00, see para. 58–59.
Brouwer ch-08.indd 268 3/13/2008 2:44:48 PM
Eff ective Remedies in Immigration Procedures: ECHR 269
courts and alleged abuse of national procedures would allow for fewer procedural guarantees, the ECtHR made it clear that these grounds are unacceptable.77 Th is is also evident from the judgment in the Amuur case, where the ECtHR refused to accept the concern of States to address “increasingly frequent attempts to circum-vent immigration restrictions” as grounds for depriving asylum seekers of the pro-tection aff orded by the ECHR. In Ludescher v. Austria, the ECtHR was not persuaded by the Government’s explanation that the delay before the Administrative Court was caused by a rise of applications between 1990 and 1995. According to the ECtHR, “it is for Contracting States to organise their legal systems in such a way that their courts can guarantee the right of everyone to obtain a fi nal decision on disputes relating to civil rights and obligations within a reasonable time”.78
8. Summary: Criteria for Eff ective Remedies
It is clear that human rights can be at stake with regard to immigration law deci-sions dealing with the (non-)admission of third-country nationals, their deten-tion or expulsion. A person claiming that his right, protected by the ECHR, is infringed should have eff ective remedies on the basis of Article 13 ECHR. Aside from Article 13, the ECHR off ers additional protection under Article 5 (4) with regard to detained immigrants and in the 7th Protocol to the ECHR with regard to the expulsion of lawfully resident third-country nationals. Th is latter Protocol only applies in those States which ratifi ed this instrument. However, one could argue that by referring to the principles and rights of the ECHR in the preambles to EC immigration law, the Member States are also bound by this Protocol.
Th e jurisprudence of the ECtHR is very casuistic. Nevertheless, in its jurispru-dence, the ECtHR defi ned some important criteria for the eff ectiveness of the available remedies in immigration law procedures. Generally, the ECtHR applies more stringent criteria with regard to claims based on Article 3 ECHR. It is also clear that the ECtHR refuses to accept grounds of “national security ” or “over-burdened immigration law procedures” as sole justifi cation for limiting the rights of individuals to legal remedies.
8.1. Non-judicial or Judicial Remedy
Both Article 6 (1) and Article 5 (4) ECHR explicitly require that persons should have access to judicial courts. With regard to the situations in which Article 13
77 Compare to the Salesi judgment, 26 February 1993 Series A 257E, in which Italy’s claim with regard to the fi nancial implications of the application of Article 6 was also rejected by the Court.
78 Ludescher v. Austria, 20 December 2001, no. 35019/97 § 23.
Brouwer ch-08.indd 269 3/13/2008 2:44:48 PM
270 Chapter 8
ECHR applies, the judicial remedies are not considered an absolute requirement. However, from the judgments at stake, one can conclude that the ECtHR applies the same or comparable criteria when considering the “eff ectiveness” of the com-petent authorities. Th e question of whether the national procedure is in accord-ance with Article 13 ECHR depends on whether the competent authority has suffi cient powers and guarantees to off er “eff ective remedies”. As we have seen, in the judgments of Chahal and Al-Nashif, the ECtHR explicitly stated that the requirement of a remedy which is “as eff ective as can be” is not appropriate in respect of a complaint that a person’s deportation will expose him or her to a real risk of treatment in breach of Article 3.
Th e case law of the ECtHR also reveals that, for the purposes of the ECHR, the diff erentiation between judicial and non-judicial remedies is not always relevant. From the above judgments, we learn that even if judicial remedies are available, the ECtHR is not automatically satisfi ed that these remedies provide “eff ective” protection for the individual. In each case, but especially if it concerns the protec-tion under Article 3 ECHR in expulsion cases, it must be established that the independent authority or judicial court off ers suffi cient eff ective protection.
8.2. Accessibility
From the jurisprudence of the ECtHR, one can deduce the following require-ments for the accessibility of remedies with regard to detention measures:
– the legal basis of detention should be suffi ciently accessible and precise (Amuur);– the detained person should have access to speedy review (Amuur);– the person should be given legible and understandable information about the
available remedies (Čonka);– the information provided should be accurate (Čonka);– the reasons for detention should be “properly communicated to the detainee”
(Čonka); and– the person should have access to an interpreter (Čonka).
With regard to deportation or expulsion, the ECtHR formulated the following criteria:
– the authorities should disclose the reasons for deportation(Al-Nashif );– the person should be given suffi cient time and the necessary facilities to prepare
his or her case (Mamatkulov).
8.3. Scope
In its jurisprudence based on both Article 13 and Article 6 (1) ECHR, the ECtHR paid much attention to the scope of review of national courts. Th e ECtHR emphasised that, in order to meet the requirements of “eff ective remedies”,
Brouwer ch-08.indd 270 3/13/2008 2:44:48 PM
Eff ective Remedies in Immigration Procedures: ECHR 271
a national court or authority assessing the lawfulness of the refuted decisions or measures should be able “to enforce the substance of Convention rights”. Based on Article 6 (1), it was concluded that national courts should be able to re- examine the facts of the case and to remedy the shortcomings observed at administrative level. With regard to the application of Article 6 (1) ECHR, the following criteria apply:
– there should be access to a judicial body;– this body should have full jurisdiction and should be able– to determine all aspects of the matter and– to re-examine all the facts of the case.
It is evident from the jurisprudence of the ECtHR regarding Article 13 ECHR that, in the procedures concerning the right to family life , the authority or court should be able to strike the correct balance between the rights of the individual and the general interest of the government. In procedures in which the government invoked national security grounds, national courts or authorities should be able:
– to assess the credibility of the government’s assertion that the national security is at stake (Al-Nashif ); and
– to strike the correct balance between the rights of the individual and the general interest of the government (Al-Nashif ).
When the applicant’s right to liberty or life is at risk, more stringent scrutiny should be exercised than for a claim concerning the right to privacy (Chahal, Al-Nashif ). As we have seen above, in Shalah Sheekh, the ECtHR repeated its earlier statement that national authorities cannot refer to the failure to exhaust national remedies with regard to the admissibility of an individual claim, if in practice the appeal to the competent court was bound to fail.
8.4. Competences
In its jurisprudence dealing with expulsion, the ECtHR ruled that national courts or authorities should be able to prevent the execution of measures causing irreparable or irreversible harm to human rights. Th is means that national legis-lators should provide for legal procedures in which the courts or authorities can order interim or suspensive measures. Th is competence of national courts or authorities should include the power:
– to issue binding decisions (Hornsby, Iatridis);– to prevent the execution of measures causing irreparable or irreversible harm
to human rights (Čonka, Jabari) and;– to order interim or suspensive measures (Čonka, Jabari).
Brouwer ch-08.indd 271 3/13/2008 2:44:48 PM
272 Chapter 8
In both Hornsby v. Greece, based on Article 6 (1), and Iatridis v. the United Kingdom (Article 13), the ECtHR found that with regard to the question of whether remedies are eff ective, it is necessary to establish that governments are obliged to comply with the decisions of independent courts or authorities. Th is requirement of binding (judicial) decisions can be considered an important crite-rion to be taken into account when assessing the eff ectiveness of remedies within the framework of the use of the SIS or other EU databases. As far as I know, the ECtHR did not deal with the need for compliance by national governments with the judicial decisions of foreign courts.
8.5. Non-application of Article 6 (1) ECHR to Immigration Law Procedures: Failure or No Loss?
It has been argued that, for the current law on eff ective remedies, the applicability of Article 6 (1) ECHR on immigration procedures would not lead to greater pro-cedural protection in immigration procedures.79 Based on Article 13 and other provisions, the ECHR off ers other mechanisms which provide for access to judi-cial courts in immigration cases. However, considering the criteria for a “fair trial ” given in Article 6 (1) and its further development by the ECtHR, Article 6 (1) sometimes includes stricter rules than Article 13 ECHR, for example with regard to the requirement of a judicial review and “speedily access to courts” of the claim in question.
Other, more urgent reasons exist to explain why it could be desirable for the ECtHR to reconsider its interpretation of Article 6 (1). For example, it is doubt-ful whether the classical arguments for the diff erentiation between civil and criminal law procedures on the one hand and immigration law procedures on the other hand still apply. As we have seen above, the ECtHR has already rejected the argument of force majeur as a reason why lesser procedural guarantees should apply to immigration law procedures. Furthermore, the claim of state sovereignty does not seem to be a strong argument to justify the non-application of Article 6 in this fi eld. Considering the legal Schengen framework and the legislative powers based on Title IV TEC (see Chapter 9), it can no longer be said that immigration policy is matter of state sovereignty only.80
Secondly, the current standards of immigration procedural law cannot be regarded as a matter of course. As we will see in Part III, the acquired procedural rights of immigrants can be withdrawn or limited whenever this is considered
79 Nicholas Blake and Raza Husain, Immigration, Asylum and Human Rights, Oxford/New York: Oxford University Press, 2003, p. 241
80 M. Kuijer, annotation to the Maaouia judgment, NJCM Bulletin 2001, no. 6, p. 762–779.
Brouwer ch-08.indd 272 3/13/2008 2:44:48 PM
Eff ective Remedies in Immigration Procedures: ECHR 273
necessary by the national governments. Th e application of Article 6 (1) ECHR on immigration procedures would provide a set of minimum standards from which governments may not deviate.
Th irdly, a broad application of Article 6 would eliminate situations in which it is unclear whether the right of an eff ective remedy applies in immigration appeals where no human rights are at issue, for example in cases involving students or businessmen. As pointed out by Van Dijk and Van Hoof: “It is submitted that the most satisfactory way to end legal uncertainty and maximize eff ective legal protection is to recognize – as an example of ‘evolutive interpretation’ – that the fi rst paragraph of Article 6 is applicable to all cases in which a determination by a public authority of the legal position of a private party is at stake, regardless of whether the rights and obligations involved are of a private character and regardless of whether the claim concerns a public law relationship”.81
A fi nal and perhaps more important reason is the development in EU law. As mentioned above, Article 6 (1) ECHR is used as a model for the right to a fair trial , as incorporated in the EU Charter on Fundamental Rights. Th e authors of this Charter explicitly confi rmed that the scope of this right goes beyond the fi eld of civil and criminal law. Aside from the incorporation of this human right in the EU Charter, we will see in the next two Chapters how the right to eff ective remedies gradually became rooted in EU law, also extending to measures in the fi eld of asylum and immigration law. It is possible that the ECtHR accepts that, within the law of the 27 EU Member States, higher standards apply with regard to the scope of Article 6 (1) ECHR than the standards which apply in the States of the Council of Europe. However, the ECtHR repeatedly confi rmed its commitment to interpreting the human rights as protected in the ECHR with “adynamic and evolutive approach” and that it attaches importance to a European or international consensus. In this light, it seems logical that the ECtHR should abandon its narrow approach with regard to Article 6 ECHR.82
81 P. van Dijk and F. van Hoof, Th eory and Practice of the European Convention on Human Rights, Antwerpen/Oxford: Intersentia 2006, p. 538.
82 Goodwin v. the United Kingdom, 11 July 2002, no. 28957/95, §§ 74 and 84–85.
Brouwer ch-08.indd 273 3/13/2008 2:44:48 PM
Brouwer ch-08.indd 274 3/13/2008 2:44:48 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 275–302.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Chapter 9
Eff ective Remedies under EC Immigration Law“Even though the constitutional traditions of all Member States and the jurisprudence of both the Strasbourg and Luxembourg courts underlines that the right to an eff ec-tive remedy for all within the jurisdiction of Member States (which includes decisions made in embassies and consulates) is an important legal and human right, it would appear that the preference is to pay lip-service to important principles and cite rele-vant human rights instruments rather than to move towards the construction of a modern legal framework guaranteeing the application of the rule of law in the enlarged EU of the 21st century.”1
1. Introduction
Th e Treaty of Maastricht of 1992 added a new objective of the Union to Article 2 of the EU Treaty (hereafter TEU): “to maintain and develop the Union as an area of freedom, security and justice, in which the free movement of persons is assured in conjunction with appropriate measures with respect to external border controls, asylum , immigration and the prevention and combating of crime”.2 One of the central goals of this Area of Freedom, Security and Justice is to safe-guard the legal protection of individuals.3 In the Tampere Conclusions of 1999, including a fi ve-year programme for the Area of Freedom, Security and Justice, the European Council stated that this freedom should not be regarded as the exclusive preserve of the Union’s own citizens. According to the heads of states, it “would be in contradiction with Europe’s traditions to deny such freedom to those whose circumstances lead them justifi ably to seek access to our territory.”4 Th e Tampere Conclusions further state that common policies on asylum and immigration “must be based on principles which are both clear to our own citizens
1 R. Cholewinski, Th e Need for Eff ective Legal Protection in Immigration Matters, EJML, 7, 2005, p. 237–262.
2 Article 2 of the TEU, OJ C 325, 24.12 2002.3 Communication of the Commission, Towards an Area of Freedom, Security and Justice, COM
(1998) 459, July 1998.4 Recital 2 of the Tampere Conclusions .
Brouwer ch-09.indd 275 3/13/2008 2:46:14 PM
276 Chapter 9
and also off er guarantees to those who seek protection in or access to the European Union.”5 With this phrase, the European Council explicitly recognised the obli-gation of the EU legislator to provide procedural guarantees not only for those residing lawfully in the EU, but also for those applying for a residence permit or visa in one of the EU Member States. What has been achieved since the Tampere Conclusions with regard to the right of judicial protection in the diff erent instru-ments adopted in the fi eld of immigration and asylum law?6 Do individuals have a right to access to courts with regard to immigration law decisions, which applies indiscriminately to third-country nationals residing in or seeking access to the EU? Or it is fair to state, in the words of Cholewinski, that compared to EU citi-zens and their family members, third-country nationals are still “subject to an underdeveloped legal regime at the EU level”?7
Th is Chapter describes to what extent the right to eff ective remedies is embedded in EC immigration law. Does this right apply indiscriminately to third-country nationals residing legally on the territory of one of the EU Member Sates or seeking access to the EU, or is there diff erentiation between diff erent categories of persons? To answer these questions, I will describe in the following sections the relevant provisions of the diff erent immigration law instru-ments adopted on the basis of Title IV TEC and compare these provisions with the rules which apply to more privileged categories of persons, including EU citi-zens and their family members and Turkish migrant workers.8
2. Directive 2004/38/EC on the Right of Citizens and their Family Members to Move and Reside Freely within the EU
2.1. Protecting the Free Movement of EU Citizens and their Family Members
One of the fundamental principles of Community law is the freedom of move-ment of EU citizens. Th is principle was laid down at an early stage in Directive 64/221/EC, including rules on the co-ordination of special measures concerning the movement and residence of foreign nationals which are justifi ed on grounds of public policy, public security or public health in the EC.9 Based on case law of
5 Recital 3. Italic is mine, EB.6 See, for an elaborate study of eff ective remedies in European immigration law in the period
before the Tampere Conclusions : P. Boeles, Fair Immigration Proceedings in Europe, Th e Hague/Boston/London: Martinus Nijhoff Publishers 1997.
7 Cholewinski (2005), p. 238.8 For a general study on the rights of third-country nationals in EU law I refer to: H. Staples Th e
legal status of third country nationals resident in the European Union, Th e Hague/London/Boston: Kluwer Law International 1999.
9 Directive of 25 February 1964, OJ 04.04.1964, pp. 850–857.
Brouwer ch-09.indd 276 3/13/2008 2:46:14 PM
Eff ective Remedies under EC Immigration Law 277
the European Court of Justice (ECJ), it has been recognised that, in order to enable EU citizens to enjoy their freedom of movement, this protection should also apply to their family members who hold a third-country nationality.10 Based on these rules and the criteria as developed by the ECJ, the power of Member States to restrict the right of free movement and residence of EU citizens and their family members is limited. One of the most important criteria as defi ned by the ECJ is that Member States may, only in exceptional situations, invoke rea-sons of security, public order or health grounds to oppose the residence of EU citizens and family members. According to established case law, their right to enter the territory of another Member State, to stay there and to move within it may only be refused when this person “represents a genuine and suffi ciently serious threat aff ecting one of the fundamental interests of society”.11 In the judg-ment MRAX v. Belgium, the ECJ ruled that a Member State may neither refuse to issue a residence permit to a third-country national married to a national of a Member State, who entered the territory of that Member State lawfully, nor issue an order expelling him from the territory, solely on the grounds that his visa expired before he applied for a residence permit.12
On 30 April 2006, Directive 64/221 was replaced by a new Directive 2004/38/EC on the rights of citizens and their family members to move and reside freely within the territory of the Member States.13 Th is Directive codifi es the principles as formulated by the ECJ on the basis of the former Directive 64/221. It also integrates the diff erent existing instruments with regard to the protection of EU citizens under community law.14 As in the former Directive 64/221, Directive 2004/38 also grants benefi cial rights to the spouse and family members of EU citizens. In the new Directive, this also includes the partner with whom the EU citizen has a “durable relationship, duly attested” (Article 3).
For our purposes, the relevant provisions of Directive 2004/38 are Articles 30 and 31. Th ese provisions describe the procedural guarantees with regard to the right to legal remedies against decisions concerning entry or the refusal to issue or renew a residence permit, or to expulsion decisions. Compared to the rules in Articles 8 and 9 of the former Directive 64/221, the new rules enhance the pro-cedural rights of EU citizens and their family members. Among other things,
10 See the judgments of the ECJ in C-60/00, Carpenter, ECR [2002] I-6279 and C-459/99, Mouvement contre le racisme, l’antisémitisme et la xénophobie ASBL (MRAX) v. Belgium, [2002] ECR I-6591.
11 C-36/75, Rutili, [1975] ECR 1219, § 28 and C-30/77, Bouchereau, [1977] ECR 1999, § 35. 12 C-459/99 § 91. 13 Adopted on 29 April 2004. OJ L 229/35, 29.06.2004. 14 See also S. Carrera, What Does Free Movement Mean in Th eory and Practice in an Enlarged EU?,
CEPS Working Document No. 208/October 2004, available at http://www.ceps.be.
Brouwer ch-09.indd 277 3/13/2008 2:46:14 PM
278 Chapter 9
Article 30 of Directive 2004/38 puts more emphasis on procedural guarantees improving the accessibility of legal remedies. According to Article 31 (1) of Directive 2004/38, the persons concerned should “have access to judicial and, where appropriate, administrative redress procedures in the host member state to appeal against or seek review of any decision taken against them on the grounds of public policy, public security or health”. I will further describe these criteria in section 4 below.
2.2. Extending the Scope of Protection: Cetinkaya and Dörr-Ünal
Based on the association agreements between the EU Member States and third countries, nationals of those third countries enjoy a privileged position with regard to the right to work, the right to social benefi ts and the right to stay within the EU territory. In the early 1960s, such an Association Agreement was concluded between the European Communities and Turkey, also in view of the future accession of Turkey to the Communities. In 1980 the Association Council, established on the basis of this Agreement, adopted Decision 1/80 on the rights of Turkish migrant workers. Th is Decision includes the general principle that Turkish migrant workers should receive, in the country where they are legally resident, the same treatment as EU workers. Based on this general principle of equal treatment, the ECJ ruled in two important judgments that individuals enjoying rights under Decision 1/80 should have the same procedural guarantees with regard to these rights as EU citizens under Directive 64/221, even if this Directive does not explicitly refer to this category of persons.
In 2004, in the Cetinkaya case, the ECJ recognised the applicability of certain procedural guarantees of Directive 64/221 with regard to procedures reviewing the legality of an expulsion order against a Turkish worker.15 In this judgment, the ECJ found that national courts should have applied the principles of Article 3 of Directive 64/221 with regard to measures based on public order and security grounds against the applicant. Th is meant, according to the ECJ, that courts should have taken into consideration circumstances which arose after the fi nal expulsion decision of the national immigration authorities in order to assess the presence of an actual threat to public order caused by the personal conduct of the applicant.
In the Dörr-Ünal judgment of 2 June 2005, the ECJ ruled on the scope of Directive 64/221 with regard to the rights of an EU national and a Turkish national.16 In this case, the Court made an explicit link between rights as protected
15 Case C-467/02, Cetinkaya, [2004] ECR I-10895. 16 Case C-136/03, Dörr-Ünal, [2005] ECR I-4759. See, for an early analysis of this judgment,
S. Peers in the ILPA European Update, June 2005, p. 7–10.
Brouwer ch-09.indd 278 3/13/2008 2:46:14 PM
Eff ective Remedies under EC Immigration Law 279
by Community law and the ability to invoke these rights before a court. Th e ECJ concluded that in order to ensure the eff ectiveness of the substantive rights as protected in Decision 1/80, it is essential to grant those workers and their family members the same procedural guarantees as those granted by Community law to nationals of Member States.17 Th is means that those workers should be granted the same guarantees laid down in Articles 8 and 9 of Directive 64/221. On the basis of the reasoning of the ECJ in these judgments, it is to be expected that the ECJ will continue the same reasoning with regard to Directive 2004/38. Th erefore, Member States will have to apply the procedural guarantees included in this Directive to Turkish migrant workers and their family members as well.18
Th e consequence of this was that the rights of workers from a country whose accession to the EU is far from being accomplished were better protected than those of nationals of other third countries, such as Bulgaria and Romania in the years before their accession to the EU. Th e EU signed association agreements with those countries as well, but in these treaties the principle of equality with EU citizens was deliberately omitted. However, as we will see in Chapter 10, this diff erential treatment became less relevant following the Panayotova judgment of 2004 of the ECJ. In this judgment, which concerned the rights of Bulgarian nationals under the Association Agreement between the EC and Bulgaria, the ECJ applied its more general approach on eff ective remedies with regard to rights as protected under Community law to the area of visa and residence rights.
2.3. Th e Relationship between the VIS and SIS and the Freedom of Movement of EU Citizens and Family Members
2.3.1. Commission v. AustriaWith regard to the availability of remedies against the refusal to issue a visa to family members of EU citizens, in 2005 the Commission brought an interesting claim against Austria before the ECJ.19 Th e Commission claimed that Austria had failed to implement the provisions of Directive 64/221, considering that Austrian law lacked certain procedural guarantees such as motivated decision-making or the right to appeal against the refusal. In the fi rst place, the Austrian government failed to inform the visa applicant of the full and detailed reasons for
17 Dörr-Ünal § 67. 18 K. Groenendijk, Citizens and Th ird-country nationals: Diff erential Treatment or Discrimination?,
in: J.Y. Carlier and E. Guild, Th e Future of Free Movement of Persons in the EU, Brussels: Bruylant 2006, p. 99. See also his annotation to the Dörr-Ünal judgment, published in JV 3 August 2005, no. 276, p. 926.
19 Action brought on 13 May 2005, C-209/05, OJ C171/10, 9.07.2005. Th e case was removed from the ECJ register on 29 June 2006.
Brouwer ch-09.indd 279 3/13/2008 2:46:15 PM
280 Chapter 9
the visa refusal. Secondly, the government did not grant the visa applicant the same legal protection against this visa refusal as aff orded to its own citizens in administrative law procedures. Th e reaction of the Commission is noteworthy, with regard to the claim by Austria that the refusal of legal remedies did not harm the interests of the applicant because “submitting a new application is a quicker means of reaching one’s goal than pursuing a legal remedy against the decision”. Th e Commission explicitly disagreed with this argument, stating that submitting a renewed application entails the risk that the objectively incorrect decision may simply be repeated. Th e Commission withdrew this claim once Austria fulfi lled its obligations under EU law. However, it would have been inter-esting to see how the ECJ would have dealt with the underlying questions. It is not clear whether the Commission was actually thinking about the future regis-tration of (positive and negative) visa decisions in the EU database, VIS. However, it is precisely this point, the risk that wrongful decisions will be simply repeated, which emphasises the importance of eff ective legal protection against decisions registered in SIS, VIS or Eurodac .
2.3.2. Commission v. SpainIn the important judgment Commission v. Spain to which I already referred in Chapters 3 and 4, the ECJ dealt explicitly with decisions based on the SIS.20 In this judgment, the ECJ declared that Spain infringed the right of free movement of family members of EU citizens by refusing to issue a visa and allow the entry of two nationals of a third country who are family members of European Union citi-zens solely on the basis of a SIS alert. Th e ECJ observed that their visa and entry had been refused solely on the grounds that they were persons for whom alerts were entered in SIS for the purposes of refusal of entry. By failing to give adequate reasons for refusing a visa or allowing entry and without fi rst verifying whether the presence of those persons constituted a genuine, present and suffi ciently serious threat aff ecting one of the fundamental interests of society, Spain did not fulfi l its obligations under Articles 1 to 3 and 6 of the Council Directive 64/221.
During this case, the Spanish government argued that there was no obligation for the Member States to consult the reporting State to check whether the entry is compatible with EC law. Th e Spanish government referred to the Declaration of 18 April 1996, in which the Contracting States accepted the principle that the names of persons covered by Community law may be entered and kept in the SIS only if that entry is compatible with Community law.21 Th erefore, according to the Spanish government, the existence of such an entry may reasonably be
20 C-503/03, Judgment of 31 January 2006, [2006] ECR I-1097. 21 Declaration of 18 April 1996, SCH/Com-ex, (96) decl. 5. Dealt with in section 4.4 of Chapter 3.
Brouwer ch-09.indd 280 3/13/2008 2:46:15 PM
Eff ective Remedies under EC Immigration Law 281
regarded as evidence of a genuine and serious threat. Th is view was not shared by the ECJ. Th e ECJ confi rmed that the inclusion of an entry in the SIS in respect of a third-country national who is the spouse of a EU national does indeed con-stitute evidence that there is a reason to justify refusing him entry into the Schengen Area. However, according to the ECJ, such evidence must be “corrob-orated by information enabling a Member State which consults the SIS to estab-lish, before refusing entry into the Schengen Area, that the presence of the person concerned in that area constitutes a genuine, present and suffi ciently serious threat aff ecting one of the fundamental interests of society”. Th e ECJ explicitly referred to Article 94 of the CISA which expressly authorises the reason for the alert to be stated.22
Even if the Schengen acquis is based on the principle of “genuine coopera-tion”, the ECJ ruled that each State consulting the SIS should give due consider-ation to the information provided by the State which issued the alert. Th is also implies that the latter should make supplementary information available to the consulting State to enable it to “gauge, in the specifi c case, the gravity of the threat that the person for whom an alert has been issued is likely to represent”. Th e ECJ pointed out that exactly for this purpose the Schengen States had estab-lished the network of national SIRENE offi ces. It is important that the ECJ explicitly refers to this existence of SIRENE offi ces and the duty of States to con-sult each other by using the SIRENE network. In the words of the ECJ: “Th e network of SIRENE Bureaux was set up specifi cally to provide information to national authorities faced with diffi culties in enforcing an alert. According to Paragraph 2.2.1 of the SIRENE Manual, the system put in place must enable requests for information made by the other contracting parties to be answered as soon as possible, and the response must be given within 12 hours.”23
3. Legal Remedies in Immigration and Asylum Law Based on Title IV TEC
Th e following sections will examine the main instruments which have been adopted in the fi eld of immigration and asylum law based on Title IV TEC. In this overview, which is given in chronological order, I will focus on the provisions for legal remedies.24
22 See § 53 of the judgment. 23 See §§ 56–58. 24 For more detailed analysis of the history and meaning of these instruments, I refer to Peers &
Rogers (2006), E. Guild, Th e Legal Elements of European identity. EU Citizenship and Migration Law, Th e Hague: Kluwer Law International 2004, and the legislative overviews of S. Peers, Key Legislative Developments on Migration in the European Union, EJML, no. 3, 2001, p. 231–255, and no. 5, 2003, p. 107–141.
Brouwer ch-09.indd 281 3/13/2008 2:46:15 PM
282 Chapter 9
3.1. Directive 2001/40/EC on Mutual Recognition of Expulsion Decisions
In Directive 2001/40/EC on mutual recognition of expulsion decisions, the imple-mentation and scope of the content of the remedies are to a large extent left to the scrutiny of the national legislator.25 Th e goal of this Directive, which was based on an initiative of the French Presidency, is to facilitate the expulsion of illegal or inadmissible immigrants present within the territory of the EU Member States. Th e practical meaning of this instrument has been criticised, especially because Member States may prefer not to use the procedures of this Directive in order to fi nd out whether another Member State issued an expulsion order against the person in question. It seems more likely that they will prefer their own national mechanisms in order to be able to expel an immigrant more swiftly.26 To meet the potential fi nancial barriers preventing the Member States using this instrument, the Council adopted Decision 2004/191, setting out the criteria and practical arrangements for the compensation of the fi nancial imbal-ances resulting from the application of Directive 2001/40.27 Th e implementation of Directive 2001/40 is closely linked to the use of the Schengen Information System, since it facilitates access to information about expulsion decisions of the other Member States.
Article 4 of Directive 2001/40 provides that, “Member States shall ensure that third-country nationals may, in accordance with national law, bring proceedings against any measure referred to in Article 1”. Th is does not necessarily imply access to a court, nor does the Directive provide for the suspensive eff ect of such procedures. Th e Directive on mutual recognition of expulsion decisions does not take into account the length of time someone has been legally resident in one of the EU Member States: expulsion can be carried out immediately. Th is could in practice lead to a situation which is in breach not only of Directive 2004/38, but also of the Family Reunifi cation Directive and the Directive on long-term residents (see below).28 Th e Directive refers in its preamble and in Article 3 (2) to the duty of Member States to respect human rights as protected in international instruments, including the ECHR and the 1951 Convention on the Status of Refugees. Despite these provisions there is a risk that the practical implementation of the Directive will lead to an infringement of these rights because Member
25 OJ L 149/34, 2.6.2001, implementation date was 2 December 2002. 26 See K. Groenendijk, Th e Directive on mutual recognition of expulsion decisions: symbolic or
unbalanced politics?, in P. De Bruycker, Th e Emergence of a European Immigration Policy, Bruylant: Brussels 2003, p. 447–463.
27 OJ L 60, 27.2.2004. 28 See T. Eicke, Paradise Lost? Exclusion and Expulsion from the EU, in Groenendijk, Guild &
Minderhoud (2003), p. 167.
Brouwer ch-09.indd 282 3/13/2008 2:46:15 PM
Eff ective Remedies under EC Immigration Law 283
States will rely on foreign expulsion decisions and their compatibility with human rights standards.29
Interestingly, the legal procedure in the expelling state will have to deal with the question of whether the criteria of Article 3 (1) apply: is the expulsion deci-sion still in force and has it not been suspended? Furthermore, the national court or authority involved will have to assess whether the national law of the issuing state has been correctly applied. Th is means that the national court or authority of the expelling state will have to rule on the legality of the decision of a court or authority of the issuing state.
3.2. Directive 2001/55/EC on Minimum Standards for Temporary Protection
Council Directive 2001/55/EC of 20 July 2001 includes minimum standards for providing temporary protection in the event of a mass infl ux of displaced persons.30 Th is Directive has its origins in the attempt by Member States to deal with humanitarian crises outside the EU and with large numbers of persons seeking asylum within the EU. By giving these persons temporary protection, Member States tried to avoid overburdened refugee determination and asylum procedures. Th e Directive seeks to harmonise the national programmes for temporary pro-tection and to create a basis for fi nancial burden-sharing between Member States with regard to the reception of these persons.31 On the basis of Article 29 of this Directive, persons who have been excluded from the benefi t of temporary pro-tection or family reunifi cation by a Member State have “the right to mount a legal challenge” in this Member State. Th e Directive does not include any further rules or procedural guarantees for such remedies.
Th e Directive on temporary protection provides that persons enjoying tempo-rary protection in a Member State must be able to apply for asylum any time in that Member State (Article 17). Th e Directive does not include rules on the asy-lum procedure, nor on the availability of legal remedies against the refusal of asylum, because the rules of the Directive on minimum standards for asylum procedures will apply (see below section 3.7). Nor does the Directive include an explicit right to legal remedies in the situation that a person is enforced to return when his or her temporary protection has been ended. Article 22 (1) only pro-vides that Member States must take the necessary measures to ensure “that the enforced return of persons whose temporary protection has ended and who are not eligible for admission is conducted with due respect for human dignity”.
29 See the legal analysis of Directive 2001/40 in Peers & Rogers (2006) p. 791. 30 OJ L 212, 7.8.2001. Implementation date for this Directive elapsed on 31 December 2002. 31 Whether this attempt has been successful is questionable: see Peers & Rogers (2006),
p. 453–485.
Brouwer ch-09.indd 283 3/13/2008 2:46:15 PM
284 Chapter 9
In the situation of enforced return, Member States must consider according to Article 22 (2) any compelling humanitarian reasons which may make return impossible or unreasonable in specifi c cases.
3.3. Directive 2003/9/EC on Minimum Standards for the Reception of Asylum Seekers
Th e Directive 2003/9/EC setting forth minimum standards for the reception of asy-lum seekers of 27 January 2003 includes some important procedural safeguards for individuals lodging an application for asylum in one of the Member States.32 Th ese safeguards especially concern the duty of Member States to inform the persons in question. Article 5 of the Directive obliges Member States to give asy-lum seekers written information on their obligations and rights. According to Article 5 (1), Member States must inform asylum seekers, “within a reasonable time not exceeding fi fteen days” after they have lodged their application for asy-lum with the competent authority, of “at least any established benefi ts and of the obligations with which they must comply relating to reception conditions”.
Th e provision in this Directive, according to which Member States must give information on the availability of legal assistance, is important for the accessibility of legal remedies. Article 5 (1) obliges Member States to ensure that applicants “are provided with information on organisations or groups of persons that provide spe-cifi c legal assistance and organisations that might be able to help or inform them concerning the available reception conditions, including health care.” Th e infor-mation mentioned in Article 5 (1) must be given in writing and, as far as possible, in a language that the applicants may reasonably be supposed to understand. Only “where appropriate”, may this information also be supplied orally. Th is latter exception runs the risk of being interpreted widely, however, as we have seen in the previous Chapter it must respect the procedural guarantees as defi ned by the ECtHR. Article 14 of the Directive also stipulates that legal advisors or counsellors to asylum seekers and representatives of the United Nations High Commissioner for Refugees or recognised non-governmental organisations shall be granted access to accommodation centres and other housing facilities in order to assist the said asylum seekers. Limits on such access may be imposed only on grounds relating to the security of the centres and facilities and of the asylum seekers.
As with the other EC instruments on immigration and asylum dealt with in this Chapter, the Directive does not include specifi c criteria with regard to the right to legal remedies. Article 21 (1) of the Directive obliges Member States to ensure “that negative decisions relating to the granting of benefi ts under this Directive or decisions taken under Article 7 (decisions with regard to their residence and
32 OJ L31, 6.2.2003. Implementation date: 6 February 2005.
Brouwer ch-09.indd 284 3/13/2008 2:46:15 PM
Eff ective Remedies under EC Immigration Law 285
freedom of movement , EB) which aff ect asylum seekers individually may be the subject of an appeal within the procedures laid down in the national law.” According to the same provision, the Member States must “at least in the last instance” grant the asylum seeker the right of appeal or review before a judicial body. Th is means that the Member States must provide for a right to apply for review or appeal in last instance, but may also provide for more levels of reme-dies. According to Article 21 (2), the national legislator must also provide for procedures for access to legal assistance.
3.4. Directive 2003/109/EC on Long-Term Resident Th ird-Country Nationals
In 2003, the Council adopted Directive 2003/109/EC concerning the status of third-country nationals who are long-term residents.33 Th is Directive diff erentiates between expulsion decisions and decisions concerning applications for long-term residence permits. Article 20 (2) of this Directive provides that, with regard to the refusal of long-term resident status, the withdrawal of a status or the refusal to renew a resi-dence permit, the person should have “the right to mount a legal challenge in the Member State concerned”. It is unclear what precisely is meant by “legal chal-lenge”. Th e Member States adopting this text apparently wanted to maintain the option of procedures other than judicial redress. Th ey rejected the earlier proposal by the Commission, which included an explicit right of access to courts.34 A later draft of the Council of 2002 referred to the right to apply “to the administrative bodies and courts of the Member States concerned”.35 Th is option was then replaced by the much vaguer defi nition of “the right mount a legal challenge”.
Only with regard to expulsion decisions, the Directive on long-term residents explicitly requires the availability of judicial remedies. According to Article 12 (4) of the Directive, Member States should ensure that, in cases where an expulsion decision has been adopted, a judicial redress procedure is available to the long-term resident in the Member State concerned. With regard to expulsion decisions, Article 12 (5) explicitly provides for a right to legal aid for long-term residents lacking adequate resources on the same terms as nationals of the Member State in which they reside. Th e importance of reinforced protection of long-term residents against expulsion is also confi rmed in recital 16 of the preamble to this Directive. Referring to the decisions of the ECtHR, this recital urges Member States to provide for “eff ective legal redress” in order to ensure this protection.
33 OJ L 16/44–53, 23.01.2004. Th is Directive was to be implemented by the Member States by 23 January 2006.
34 See Articles 11 (3) and 22 (2) of the Commission proposal COM (2001) 127, 13 March 2001. 35 Article 22 of the amended proposal of the draft Directive of 3 February 2003, Council doc.
5533/03. See also the draft of 4 June 2003, doc. 10009/03.
Brouwer ch-09.indd 285 3/13/2008 2:46:15 PM
286 Chapter 9
An important development is the inclusion of Article 10 (1) in the Directive on long-term residents, obliging national authorities to give reasons for any decision rejecting an application for a residence permit. Th e decision should be notifi ed to the third-country national, “in accordance with the notifi cation pro-cedures under the relevant national legislation”. Article 10 (1) explicitly requires that the notifi cation should specify the possible redress procedures available and the time limit for taking action.
3.5. Directive 2003/86/EC on the Right to Family Reunifi cation
Th e negotiations on the aforementioned Directive on long-term residents took place during almost the same period as the negotiations on Council Directive 2003/86/EC on the right to family reunifi cation of 22 September 2003. It may therefore be no coincidence that this latter Directive includes a similar vague provision on legal remedies. According to Article 18 of the Directive on family reunifi cation, Member States should ensure that the sponsor and/or the members of his/her family have “the right to mount a legal challenge where an application for family reunifi cation is rejected or a residence permit is either not renewed or is withdrawn or removal is ordered”.36 Earlier drafts of the Directive on family reunifi cation included an explicit right for the applicant and family members to apply to a national court against the rejection of a family reunifi cation applica-tion, a withdrawal or refusal to renew a residence permit, or a removal order.37 A second proposal by the Commission, of 2002, also provided for the right of the applicant and/or family members to have “a de facto and de jure right to apply to courts”.38 On the basis of this latter proposal, national courts would have the task not only of assessing the lawfulness of the administrative decision but also of considering the factual circumstances within which the decision was taken. According to Article 18 (2) of the Directive on family reunifi cation, the procedure and the competence according to which the right to appeal is to be exercised is to be regulated by the Member States.
In its judgment in the case European Parliament v. Council, the ECJ, referring to Article 18 of Directive 2003/86, stressed the role of national courts for the interpretation of this Directive. Th e ECJ emphasised that the implementation of
36 OJ L 251/12–18, 03.10.2003. Th e implementation deadline was 3 October 2005. Th e legality of this Directive has been challenged by the European Parliament before the ECJ. See the judg-ment of the ECJ of 27 June 2006, in the case C-540/03, European Parliament v. the Council. See further Chapter 10.
37 See Article 16 of the initial proposal by the Commission, COM (1999) 638 of 11 January 2000, OJ C 116 E/66, 26.4.2000 and Article 18 of the amended proposal COM (2002) 225, Council doc. 10857/02, 9 August 2002.
38 See former draft of 9 August 2002, 10857/02.
Brouwer ch-09.indd 286 3/13/2008 2:46:15 PM
Eff ective Remedies under EC Immigration Law 287
the Directive is subject to review by the national courts “since, as provided in Article 18 thereof, ‘the Member States shall ensure that the sponsor and/or the members of his/her family have the right to mount a legal challenge where an application for family reunifi cation is rejected or a residence permit is either not renewed or is withdrawn or removal is ordered’.” According to the ECJ, “if those courts encounter diffi culties relating to the interpretation or validity of the Directive, it is incumbent upon them to refer a question to the Court for a pre-liminary ruling in the circumstances set out in Articles 68 EC and 234 EC”.39 Th e importance of preliminary proceedings and the role of national courts will be dealt with further in Chapter 10.
As with the Directive on long-term residents, the Directive on family reunifi ca-tion obliges Member States to issue the decision in question in writing, stating that this decision must include the reasons for rejection. According to Article 5 (4) of the Directive on family reunifi cation, this information should be submitted as soon as possible but, in any event, no longer than nine months from the date the application was lodged. Under exceptional circumstances, “linked to the complexity of the examination of the application” this time limit may be extended.
3.6. Regulation 343/2003/EC (Dublin II)
Regulation 343/2003/EC of 18 February 2003 on the responsibility for the applica-tion for asylum in the EU Member States (Dublin II Regulation) provides criteria for establishing which Member State is responsible for the examination of an asylum application submitted in one of the Member States.40 Th e Dublin II Regulation is based on the so-called ‘single application’ principle, prohibiting a person from applying for asylum in more than one country. Based on these crite-ria, Member States may decide not to examine an asylum application and to refer the asylum applicant to the authorities of another Member State. According to Article 19 (1) of this Regulation, when a requested Member State accepts respon-sibility for an applicant, the Member State in which the application for asylum was lodged must notify the asylum applicant of its decision not to examine the application. It will also inform the applicant that he or she will be transferred to the responsible Member State.
Article 19 (2) of the Regulation states that the decision referred to in para-graph 1 must be motivated, setting out the grounds on which it is based. Th is decision should also contain details of the time limit for carrying out the transfer. If necessary, this decision should include information on the place and date of
39 C-540/03, § 106. 40 OJ L 50/1, 25.02.2003.
Brouwer ch-09.indd 287 3/13/2008 2:46:15 PM
288 Chapter 9
the applicant’s scheduled appearance, if he is travelling to the responsible Member State under his own steam. According to the same Article 19 (2), the decision not to examine an asylum application may be subject to an appeal or review. Th is review or appeal does not automatically suspend the refuted decision. Only if national law so provides, the competent court or bodies may decide to suspend the implementation of the transfer on a case-by-case basis.
3.7. Directive 2005/85/EC on Minimum Standards for Asylum Procedures
Directive 2005/85/EC on minimum standards on procedures in Member States for granting and withdrawing refugee status was adopted in December 2005.41 Th is Directive is limited to the procedures with regard to the granting and withdrawing of refugee status under the Geneva Convention on the status of refugees of 1951. It does not apply to other instruments adopted with regard to the protection of refugees, for example on subsidiary protection or temporary protection. It includes basic principles and standards with regard to the asylum procedures within the EU Member States.42
Article 39 (1) of this Directive explicitly stipulates that asylum applicants “have the right to an eff ective remedy before a court or tribunal”. According to Article 39 of this Directive, asylum seekers may exercise this right against decisions taken regarding their asylum applications, refusals to re-open the exam-ination or refusals to further examine their applications, or decisions on the withdrawal of the refugee status. Decisions taken on asylum applications include decisions on the inadmissibility of the application or with regard to refusals of entry at borders or in transit zones where the person applied for asylum. Article 39 (2) obliges Member States to provide time-limits in their national laws, together with “other necessary rules” for the applicant to exercise his or her right to eff ective remedies, without specifying these safeguards further. According to Article 39(4), Member States may lay down time limits for the court or tribunal examining the decision of the determining authority.
Again, the text of the provision as fi nally adopted by the Council off ers weaker protection compared to earlier proposals by the Commission. Th ese proposals included an explicit right to eff ective remedies before a court and also made it clear that this remedy should entail the possibility of an examination of both
41 Directive 2005/85/EC of 1 December 2005 OJ L 326/13, 13.12.2005, implementation date is 1 December 2007. See, for the original proposal of this Directive: COM (2000) 578, OJ C 62 E/231 and the amended proposal COM (2002) 326, OJ C 291 E/143. See, for the Council negotiations: doc. 10279/02; 10235/03; 15198/03.
42 See, for a more extensive analysis of this Directive: H. Battjes, European Asylum Law and International Law, Leiden/Boston: Nijhoff Publishers 2006, p. 289 ff ., and Peers & Rogers (2006), p. 367–452.
Brouwer ch-09.indd 288 3/13/2008 2:46:15 PM
Eff ective Remedies under EC Immigration Law 289
facts and points of law.43 Furthermore, the initial proposals included the obliga-tion to grant, under certain circumstances, suspensive eff ect to the appeal pro-ceedings.44 Th e LIBE Committee of the European Parliament proposed that legal remedies against a refusal of asylum should always have the eff ect of allowing the applicant to remain in the Member State pending its outcome.45 According to the LIBE Committee, the suspensive eff ect of asylum appeals would be a critical safeguard, since many refugees are only recognised during the appeal process and an erroneous determination in the fi rst instance would have serious consequences. Th e current text of Article 39 (2) leaves it to the discretionary power of Member States to decide whether and in which situations the asylum seeker is allowed to remain on the territory of the Member State, pending the outcome of his or her asylum procedure. Th e only condition formulated in Article 39 (2) is that these rules should be in accordance with their international obligations.
With regard to decision-making, Article 38 (2) of the Directive on asylum procedures states that the decision to withdraw refugee status should include the reasons for this refusal and information about how to challenge this decision. Th e decision and the information referred to should be given in writing.
3.8. Refusals at the Border
3.8.1. Regulation 562/2006/EC on the Rules Governing the Movement of Persons at Borders (Schengen Borders Code )Regulation 562/2006/EC on the Community Code governing the movement of per-sons at the borders (Schengen Borders Code ) replaces the Schengen Common Manual on Border Control.46 Th e Schengen Borders Code was adopted by a decision of the Council on 21 February 2006. It includes rules on the measures and powers of authorities controlling the movement of persons at the external borders of the EU. Th e adopted text is entirely based on the proposal which was agreed upon in spring 2005 by the European Parliament (EP), the Commission and the Council on the basis of the co-decision procedure of Article 251 TEC. Close coordination between the three institutions or the tripartite agreement which was reached during negotiations on the Schengen Borders Code, made it possible to adopt the Regulation during its fi rst reading in the Council.47
43 See Article 38 of proposal COM (2000) 578 and Article 38 of proposal COM (2002) 326. 44 Article 33 of proposal COM (2000) 578 and Article 39 (3) and (4) of proposal COM (2002) 326. 45 See the Report A6-0222/2005 of 29 June 2005, amendment 45. 46 Regulation 562/2006 of 15 March 2006, OJ L 105/1, 13.4.2006. Eff ective as from 13 October
2006. Hungary voted against and Slovenia abstained. 47 See, for the Commission proposal: COM (2004) 391, 26.05.2004. Th e report as adopted by
the European Parliament concerns A6-0188/2005, 13 June 2005.
Brouwer ch-09.indd 289 3/13/2008 2:46:15 PM
290 Chapter 9
During these negotiations in 2005, the rapporteur of the EP, Mr. Cashman, dropped some of his initial amendments which would have improved the legal status of persons across EU borders. On the other hand, other proposals by MEP Cashman extending the rights of individuals were accepted by the Council and the Commission.
Th e right to remedies against refusals at borders is included in Article 13 of the Regulation 562/2006. On the basis of Article 13 (2), a third-country national who is refused entry based on the criteria of this Directive may only be refused entry by a substantiated decision, stating the precise reasons for the refusal. Th is decision must be taken by an authority empowered by national law and shall take eff ect immediately. Th e decision should be given using a standard form, as set out in Annex V, Part B, to the Regulation (to be examined in the next section). Th is standard form must be handed to the third-country national concerned, who must acknowledge receipt of the decision to refuse entry by means of that form.
According to Article 13 (3) of the Regulation, persons refused entry shall have the right to appeal in accordance with national law. For this purpose, third-coun-try nationals should be given a written indication of contact points able to provide information on legal representatives competent to act on behalf of a third-country national. Considering the reluctance of Member States to place persons seeking entry at their external borders in a very strong position, this right to appeal, proposed on behalf of the EP, is a very important achievement which survived the negotiations between the three EU institutions. A proposal to include, in the Schengen Borders Code , a right to obtain fi nancial compensation has however been deleted from the fi nal text.48 Th is proposal included the right to fi nancial compensation for possible damage suff ered as a result of ill-founded refusals. Th e EP further proposed adding the ability for Member States to sus-pend the entry into force of a refusal of entry if they consider it appropriate to do so. Th is proposal was also rejected. Article 13 (3) now even states that initiating an appeal process shall not suspend the decision to refuse entry.
3.8.2. Th e Inclusion of a Standard Refusal FormBy a Council Decision of 2004, a standard refusal form was included in the former Common Manual on Border Control.49 Th is decision has been incorporated into part B of the Schengen Borders Code of 2006, mentioned above. As from 1 June 2004, border guards are obliged to issue a refusal form to third-country nationals
48 Draft report, provisional version 2004/0127 (COD), 15.3.2005. Th is included a right to fi nan-cial compensation in the case of a wrongful decision.
49 Council Decision 2004/574/EC, OJ L261/36, 6.8.2004.
Brouwer ch-09.indd 290 3/13/2008 2:46:15 PM
Eff ective Remedies under EC Immigration Law 291
refused entry at the borders. Th e decision on the standard refusal form is important for two reasons. Firstly, the text of the standard refusal form explicitly states that the third-country national “may appeal against the refusal of entry as provided for in national law” Secondly, according to the refusal form, Member States should substantiate the refusal decision and indicate references to national legislation with regard to the available remedies. Th e refusal grounds are listed in the standard refusal form from A to I. Th ese grounds include, for example, the lack of valid travel documents, visa or residence permits, the fact of carrying a false or falsifi ed visa or residence permits, public order and security grounds, as well as registration in the European database, SIS, or a national database for the purpose of refusal of entry. Th e limitative enumeration of refusal grounds makes it clear to both the border authorities and the third-country national that a refusal at the borders cannot be based on other grounds. Th is gives the person con-cerned a right to refute the reasons for refusal and subsequently to appeal against this decision.
3.9. Proposal for a Directive on Returning Illegal Staying Th ird-Country Nationals
In September 2005, the European Commission published a proposal for a Directive on returning illegally staying third-country nationals.50 Article 12 of this proposal includes “the right to an eff ective judicial remedy before a court or tri-bunal to appeal against or to seek review of a return decision and/or removal order”. According to this proposal, the remedy must either have suspensive eff ect or include the right of the third-country national to apply for the suspension of enforcement of the return decision or removal order. Furthermore, the proposal includes the right to obtain legal advice, representation and, where necessary, lin-guistic assistance. In addition, the proposed Article 12 (3) provides that legal aid shall be made available to those who lack suffi cient resources insofar as such aid is necessary to ensure eff ective access to justice.
Taking into account the experiences with regard to the adoption of the other instruments described above, the principles as included in this proposal will probably be watered down during the negotiations in the Council legislation process. Th e report on one of the fi rst discussions of the Council Working Party dealing with this proposal supports this expectation.51 According to this report, the Dutch delegation, supported by the delegations of Greece, Denmark, Italy and Poland, has expressed the view that the Commission proposal grants third-country nationals who are subject to return procedures “excessive rights and guarantees”.
50 COM (2005) 391, 1.9.2005. 51 141814/05, 19 January 2006.
Brouwer ch-09.indd 291 3/13/2008 2:46:15 PM
292 Chapter 9
3.10. Visas
3.10.1. Schengen Common Consular Instructions Th e rules to be applied by EU consulates and embassies with regard to visa applications have been laid down in the Schengen Common Consular Instructions for diplomatic missions and consular posts of 14 December 1993.52 Th ese instruc-tions, as amended by a decision of the Executive Committee on 28 April 1999, only became public when they were incorporated into the Schengen acquis . Th e Instructions include procedural provisions with regard to the refusal of a visa application at the consulates or embassies of the Schengen States. Th ese provi-sions do not oblige Member States to provide for remedies against a visa refusal, nor to motivate this decision. Exceptionally, if national law provides for the duty to motivate a visa refusal, the Instructions require that this refusal refer to the reasons for this refusal as listed in Article 15 in conjunction with 5 of the Convention Implementing the Schengen Agreement (CISA).
In 2002, the EU Presidency forwarded a questionnaire to the Member States in order to obtain information on the available visa procedures in the diff erent EU Member States, including the rules on notifi cation, the grounds for visa refusals and legal remedies.53 Th e object of this questionnaire was to establish whether there was any need for harmonisation in this fi eld. Th e answers from the Member States revealed many diff erences in the applicable rules.54 According to these answers, in some Member States a visa refusal should be in writing, in other States not and in some Member States no reason is given at all. Th e answers to the questionnaire further established that when a visa is refused on the basis of a foreign SIS report based on Article 96 CISA, most of the Member States do not inform the visa applicant as to which Member State reported this person to SIS. With regard to the available remedies against visa refusals, two Member States said they had no procedures at all for appealing against visa refusals.
3.10.2. Draft Community Code on VisasIn July 2006, the European Commission proposed a draft Regulation including a Community Code on Visas which should replace the Schengen Common Consular Instructions .55 Article 23 (3) of the draft proposal includes, for individuals whose
52 Th e Common Consular Instructions of 14 December 1993, amended and incorporated into EU law, Council Decision 1999/435/EC, OJ L 176, 10.07.1999. See, for an amended version OJ C 313, 16.12.2002 and OJ 2004 L 5/74.
53 See, for the answers, Council doc. 8929/02, VISA 69 COMIX 319 (21 May 2002). 54 R. Cholewinski (2005), p.258. 55 Draft proposal for a Regulation establishing a Community Code on Visas, COM (2006) 403,
19 July 2006.
Brouwer ch-09.indd 292 3/13/2008 2:46:15 PM
Eff ective Remedies under EC Immigration Law 293
visa has been refused, the right to appeal. Th e rules on this appeal are, however, still within the competence of the Member States. Contrary to the Schengen rules, Article 23 (2) of the proposal states that the decision of the visa refusal should state the precise reasons for the refusal, given using the standard form set forth in the Annex to the proposal. Th is form should also be used when a visa is refused at the border. Th e draft further stipulates that the applicants must receive written information about the contact points “able to provide information on representatives competent to act on behalf of the applicants in accordance with national law”. Th e draft Regulation does not oblige Member States to provide for legal remedies against a decision rejecting a request to extend a visa or a decision annulling or revoking a visa.
4. Criteria for Eff ective Remedies in EC Immigration Law
4.1. Judicial or Non-Judicial Court?
4.1.1. Directive 2004/38As we have seen above, Article 31 (1) of the new Directive 2004/38 explicitly refers to the possibility of non-judicial remedies. According to this Article, the person concerned should “have access to judicial and, where appropriate, admin-istrative redress procedures in the host member state to appeal against or seek review of any decision taken against them on the grounds of public policy, public security or health”. Th is means that it allows Member States to provide for appeal to administrative authorities as long this administrative redress procedure meets the criteria of Article 31 (2) to (4). However, recital (26) of this Directive includes a more explicit standard, stating that: “In all events, judicial redress procedures should be available to Union citizens and their family members who have been refused leave to enter or reside in another Member State.” Th e jurisprudence of the ECJ on this Directive should be awaited to clarify the relationship between this criterion in the consideration and the less stringent criteria of the text of the Directive.
Articles 8 and 9 of the former Directive 64/221 did not require that individuals who claim that their rights under this Directive have been breached to have access to a judicial court. However, this Directive had already been adopted in 1964 when administrative courts were absent in most of the Member States. Based on Article 8, Member States were obliged to provide the same legal reme-dies to persons falling within the scope of this Directive as those that are available to their own nationals in respect of administrative decisions. If these administra-tive procedures included the access to courts, individuals protected by this Directive should also have access to courts. In the absence of judicial proceedings,
Brouwer ch-09.indd 293 3/13/2008 2:46:15 PM
294 Chapter 9
we have seen above that Member States should off er the procedural guarantees of Article 9 of the Directive. Th e ECJ made it clear in its case law based on Article 9 that the available legal remedies should at least include two important safe-guards: the court or tribunal must be independent and the court or authority should have full competence.56
Th e provisions of Articles 30 and 31 of Directive 2004/38 are, unlike Directive 64/221, not explicitly based on the principle of non-discrimination compared to nationals of the host Member States concerned. However, it is doubtful whether this implies that Member States are no longer obliged to provide the same legal remedies as those available to their own nationals to those falling within the scope of this Directive. Such a limited interpretation seems contrary to the inclusion of the non-discrimination principle in preamble 20 of the Directive.
4.1.2. EC Asylum and Immigration LawIn the asylum and immigration law instruments adopted under Title IV TEC, the EC legislator explicitly granted Member States the choice of providing non-judicial remedies. For example, the Directive on long-term residents, the Directive on family reunifi cation and the Directive on temporary protection only refer to the availability of “a right to mount a legal challenge in the Member State concerned”. According to these texts, the implementation of the right to reme-dies is left to the scrutiny of the national legislator. Likewise, it is not clear whether a person should have access to a judicial court. With regard to expulsion decisions only, the Directive on long-term residents explicitly requires the person to be expelled to have the right to judicial redress against this decision. In Chapter 10, I will argue that, despite these vague norms, the national legislators are bound by other, more stringent rules.
4.2. Accessibility
4.2.1. Directive 2004/38/ECCompared with the former Directive 64/221, Article 30 of Directive 2004/38 puts more emphasis on procedural guarantees improving the accessibility to legal remedies. Article 6 of Directive 64/221 obliged Member States to inform the person concerned about the reasons of public order, security or health underly-ing the refuted decision. According to Article 7, the refusal to issue or renew a residence permit or the expulsion decision should be communicated to the person concerned. Th is information should include the time limit within which the person concerned should leave the country. In its jurisprudence, the ECJ did
56 See Boeles (1997), p. 383–384. He refers to the judgments in Adoui and Cornuaille, C-115 and 116/81 [1982] ECR 1710, and Pecastaing, C-98/79 [1980] ECR 691.
Brouwer ch-09.indd 294 3/13/2008 2:46:15 PM
Eff ective Remedies under EC Immigration Law 295
not go into specifi c requirements regarding the accessibility of legal remedies; however, the ECJ did stress the importance of accessible remedies and the duty of Member States not to hamper this accessibility by placing procedural obliga-tions upon the applicant. In the judgment in Adoui and Cornuaille, the ECJ established on the basis of Directive 64/221 that the person concerned should be informed of the grounds of public policy, public security or public health upon which the decision taken in his case is based unless this is in confl ict with the security of the state.57 According to this judgment, notifi cation of the grounds must be suffi ciently detailed and precise to enable the person to defend his inter-ests. Furthermore, the notifi cation should be made in such a way as to enable the person concerned to understand the content and eff ect of the decision. Th is requirement has been codifi ed in Article 30 Directive 2004/38.
According to Article 30 of this Directive, the persons concerned should be notifi ed in writing of any decision restricting their rights of entry or residence on public policy, public security or public order grounds. Based on Article 30 (3), this notifi cation should specify the court or administrative authority with which the person concerned may lodge an appeal and, where applicable, the time allowed for the person to leave the territory of the Member State. Apart from “duly substantiated cases of urgency”, the time allowed for leaving the territory should not be less than one month from the date of notifi cation.
Finally, it is useful to refer to the decision MRAX v. Belgium, in which the ECJ ruled that Member States should not impede access to the minimum procedural guarantees as laid down in Article 9 of former Directive 64/221, by applying formal requirements. In this case, the ECJ concluded that these procedural guar-antees would be rendered largely ineff ective if entitlement to them were excluded in the absence of an identity document or visa or where one of those documents has expired.58
4.2.2. EC Asylum and Immigration LawAccessibility to legal procedures requires that individuals be informed of their rights. With regard to the principle of informed decision-making, important developments have taken place in EC law. According to the Directive 2003/109 on long-term residents, any decision rejecting an application for a residence per-mit has to be notifi ed in writing to the third-country national. Th is decision should specify the available redress procedures and the time limit for taking action. Th e Directive 2003/86 on family reunifi cation also obliges Member States to ensure that negative decisions should be in writing and that these
57 C-115/81 and 116/81, Adoui and Cornuaille, [1982] ECR -1665, § 13. 58 C-459/99 MRAX v. Belgian State [2002] ECR I-6591.
Brouwer ch-09.indd 295 3/13/2008 2:46:15 PM
296 Chapter 9
decisions should include the reasons of rejection. As we have seen above, the instruments adopted in the fi eld of asylum law also provide for informed deci-sion-making, including the obligation to inform the person concerned of the available remedies. Based on an amendment in 2004 to the Common Manual applicable to border control, border offi cials refusing a person entry at the border are obliged to issue a standard refusal form which includes the obligation to inform the person of the available remedies. Th e Schengen Borders Code of 2006 further requires that entry shall only be refused by a substantiated decision, which should state the procedures for appeal.
4.3. Scope of Review
4.3.1. Directive 2004/38/ECArticle 31 (3) of Directive 2004/38 explicitly requires that the redress procedures shall allow for an examination of the legality of the decision, as well as of the facts and circumstances on which the proposed measure is based. Th e procedure should further ensure that the decision is not disproportionate, particularly in view of the requirements laid down in Article 28. Th is latter provision deals, as we have seen above, with the decision to expel a person. Th is means that the new Directive explicitly obliges Member States to provide for legal remedies in which courts (or competent authorities) are able to examine the substance of the case and to weigh the diff erent interests at stake. With regard to EU citizens and their family members, Article 28 (1) of the Directive obliges Member States to take into account diff erent considerations before reaching an expulsion decision. Th is means that the new Directive explicitly obliges Member States to provide for legal remedies in which courts (or competent authorities) are able to examine the substance of the case and to weigh the diff erent interests at stake with regard to decisions regarding the expulsion of EU citizens and their family members. Th ese considerations include, for instance, how long the EU citizen has resided in the other Member State, his or her age, state of health and his or her social and cultural integration. Th e practical meaning of this provision very much depends on how Member States will apply these criteria. In particular, the criterion of social and cultural integration may lead to diverging policies in the individual Member States.
As mentioned above, in its jurisprudence with regard to the Directive 64/221, the ECJ made it clear that, in order to provide an eff ective remedy, the compe-tent court or authority should be able to assess the substance of the refuted decision by the national authorities. As far back as the Santillo case of 22 May 1980, dealing with the expulsion of an EU citizen by another Member State, the ECJ held that a national court or authority should take into account the positive developments and elimination of a real threat if, between the date of the decision
Brouwer ch-09.indd 296 3/13/2008 2:46:15 PM
Eff ective Remedies under EC Immigration Law 297
to expel and the date of judicial scrutiny of that decision, a long period has elapsed.59 Th is requirement was repeated in the Orfanopoulos case of 2004 in which the ECJ emphasised the necessity for substantial scrutiny by the courts during the judicial procedure.60 In this judgment, the ECJ declared that the intervention on the part of the “competent authority” mentioned in Article 9(1) of the former Directive 64/221 must make it possible for an exhaustive examina-tion to be made of all the facts and circumstances, including the expediency of the measure in question, before the decision is defi nitively adopted. According to the ECJ, a balance should be struck between the legitimate interests of the authorities and the special legal position of the person concerned taking into account the fundamental character of the free movement of persons. Furthermore, the ECJ held that national procedures would infringe the procedural guarantees of Directive 64/221, if the courts would not consider facts which occurred after the last government decision to expel the person concerned.
In Radiom and Shingara, the ECJ dealt with decisions by the UK authorities by which two EU citizens, Radiom and Shingara, were refused entry on the basis of public order and public security grounds.61 Th e fi rst applicant held both Irish and Iranian nationalities, the second was a French national. Th e ECJ held that deci-sions prohibiting EU citizens from one Member State entering another Member State derogate from the fundamental principle of freedom of movement . Th erefore, such a decision could not be of unlimited duration. Furthermore, the ECJ confi rmed that a Community national should be entitled to apply, under Articles 8 and 9 of Directive 64/221, to have his or her situation re-examined if he consid-ers that the circumstances justifying the denial of his entry into the country no longer exist. Th e duty of national courts to assess the compatibility of national measures with EC law was reaffi rmed in the Olazabal case.62 Th is case concerned the territorial ban aff ecting a Spanish worker in France, who was suspected of hav-ing ties with the Spanish group ETA and, for this reason, convicted in Bilbao. In this judgment, the ECJ considered whether this territorial ban was in breach of EC law laying down the principle of free movement of workers. According to the Court, the measure must be appropriate to secure the achievement of the objec-tive goals which it pursues and must not go beyond what is necessary. In this case, the ECJ made clear that it is “for the national courts to determine whether the measures taken in this case do in fact relate to individual conduct which constitutes
59 C-131/79. 60 Judgment of 29 April 2004, C-482/01 and C-493/01, § 75 and § 82. See also the associated
cases 115/81 and 116/81, Adoui and Cornuaille, [1982] ECR 1665, para.15. 61 Judgment of 17 June 1997, C-65 and C-111/95, see §§ 40–44. 62 26 November 2002, C-100/01, §§ 43–44.
Brouwer ch-09.indd 297 3/13/2008 2:46:15 PM
298 Chapter 9
a genuine and suffi ciently serious threat to public order or public security, and whether they comply with the principle of proportionality ”.
In conclusion, based on the jurisprudence of the ECJ regarding Directive 64/221 and according to the new Directive 2004/38, national courts have the explicit task of assessing the lawfulness and proportionality of the measures or decisions at stake. In particular, with regard to the protection of family members of EU citizens residing in or seeking access to a EU Member State, the ECJ developed important criteria for balancing the diff erent interests at stake.
4.3.2. EC Asylum and Immigration LawTh e instruments of asylum and migration law adopted under Title IV TEC do not include an explicit obligation for national courts to assess the substance of the refuted administrative decisions or to balance the interests at stake. However, these instruments do include substantial criteria for the decision-making of national authorities with regard to the issue, renewal or withdrawal of residence permits and with regard to decisions to expel a third-country national. When a person asserts his or her right of appeal against any of the decisions referred to above, the competent court or authority should assess whether the decision is taken in accordance with the criteria of the instruments in question. Furthermore, national courts or authorities should observe the protection of human rights as protected in the ECHR, discussed in Chapter 8.
In the judgment European Parliament v. the Council, concerning Directive 2003/86 on family reunifi cation , the ECJ made it clear that Member States are bound to observe the principles as recognised in the EU Charter, including the right to family life as protected in Article 7.63 Th e ECJ referred in this judg-ment to the fact that, in the second recital of the preamble to this Directive, the EC legislator itself acknowledged the importance of the Charter. In the preambles both to the Directive on family reunifi cation and to the Directive on long-term residents, the Member States acknowledged the obligation to respect fundamental rights as protected in the ECHR and the Charter of Fundamental Rights of the EU when adopting measures on the basis of these directives.
Article 3 (2) of the Directive on mutual recognition of expulsion decisions provides for an explicit obligation to respect human rights and fundamental freedoms. National courts should therefore consider whether measures taken on the basis of these instruments interfere with the human rights of the person concerned.
63 Case C-540/03, European Parliament v. the Council (not yet reported but see information in OJ C 190/1, 12.08.2006), §§ 38 and 58.
Brouwer ch-09.indd 298 3/13/2008 2:46:15 PM
Eff ective Remedies under EC Immigration Law 299
4.4. Competence of Court or Authority
4.4.1. Directive 2004/38/ECArticle 31 of the new Directive 2004/38 contains additional procedural safeguards with regard to the right of access to judicial or administrative procedures against any decision taken against them on the grounds of public policy, public security or health. Th ese safeguards include the ability of a national court to grant an interim order to suspend enforcement of that decision. Apart from some excep-tions, the person concerned may not be removed from the national territory before the decision on the interim order has been taken.
Article 9 of Directive 64/221 provided for additional guarantees in the event that national law does not off er judicial remedies or the legal remedy lacks sus-pensive eff ect . According to Article 9 (1), the relevant decision cannot be taken before the applicant has obtained the opinion of a competent authority. In its judgment in the Dörr-Ünal case, the ECJ ruled that the procedural guarantees set forth in Articles 8 and 9 of this Directive would preclude national law under which appeals brought against a decision to expel have no automatic suspensive eff ect and where there is no competent authority to review such decisions.64 Th e ECJ made this conclusion with regard to the claim of the EU citizen in this case. However, as we have seen above, in the same judgment the ECJ emphasised that to ensure the eff ectiveness of their individual rights under the Association Agreement, it is essential that Turkish workers be granted the same procedural guarantees as those granted by Community law to EU nationals. Th is means, according to the Court, that Member States must permit those migrant workers, as well as their admitted family members to take advantage of the guarantees laid down in Articles 8 and 9 of the Directive 64/221.65
4.4.2. EC Asylum and Immigration LawTh e question of whether remedies are practically eff ective depends on the powers of the national courts to order specifi c measures or to apply sanctions. Th e EC instruments on asylum and immigration law described above do not explicitly oblige national authorities to comply with the courts’ decisions in individual cases. In general, most of the instruments discussed above do not include the ability to order the suspension of national decisions or measures. If they do, the applicable provisions are rather poorly formulated. Based on the Dublin II Regulation and the Directive 2005/85 on minimum standards on asylum, proce-dures in which the national decision is reviewed according to the text of these
64 Dörr-Ünal, §§ 48–57. 65 Dörr-Ünal, §§ 67–68.
Brouwer ch-09.indd 299 3/13/2008 2:46:16 PM
300 Chapter 9
instruments may have suspensive eff ect under certain circumstances, exclusively in the fi eld of asylum law.
Here too, despite these vague norms or the lack of suspending procedures in EC law, it follows from the case law described in Chapter 8 that, when human rights are at stake, especially the right included in Article 3 ECHR, the national procedures should provide essential safeguards for the person involved. Th is includes the ability for national courts or competent authorities to prevent the execution of measures causing irreparable or irreversible harm to human rights or, if necessary, to order interim or suspensive measures.
5. Summary: Diff erent Laws, Diff erent Regimes?
In Community law, diff erent legal regimes apply to diff erent categories of per-sons. Not only someone’s nationality, but also his or her legal status of residence determine the right to free movement, the right to work, the right to reside and the access to social welfare, health care or education.66 Considering the instru-ments described above, this diff erentiation in rights seems to be refl ected in the applicable rules on legal remedies in EC immigration law. EU citizens, privileged migrant workers and their family members gained a stronger position compared to non EU citizens. Th e question of whether and when eff ective remedies are necessary on the basis of EC law, depends on the applicable law and procedures, the claim in question and the nationality of the individual concerned. When examining the available provisions on eff ective remedies more closely, there can be no mistake that these provisions do not off er the same standards as those which apply to nationals of EU Member States, or their family members, based on Directive 2004/38. Th is diff erentiation in available remedies is visualised by the matrix attached at the end of Part II. Th e matrices show, for each instrument in question, including data protection law, which criteria regarding the right to eff ective remedies apply with regard to (1) the requirement of judicial or non-judicial remedies, (2) accessibility, (3) scope of review and (4) competence of the courts or independent authorities involved.
However, two important developments are relevant in this fi eld of improving the legal protection of third-country nationals residing within or seeking access to the EU. A fi rst positive achievement is the explicit inclusion of a right to appeal by the third-country national in the diff erent instruments on immigra-tion and asylum as adopted on the basis of Title IV TEC. Although these provisions often lack precise and detailed procedural guarantees, the insertion of
66 See E. Guild, Th e Legal Framework: Who is Entitled to Move?, in Bigo & Guild (2005).
Brouwer ch-09.indd 300 3/13/2008 2:46:16 PM
Eff ective Remedies under EC Immigration Law 301
the right to a legal remedy in these diff erent fi elds of law can no longer be overlooked by the national legislators of the EU Member States. A second achievement is the obligation of informed decision-making in the diff erent instruments discussed above. Th e Schengen Borders Code , as well as other EC instruments of asylum and immigration law stipulate that national authorities should inform the person concerned in writing, providing him or her with the reasons for the decision. Some provisions even require that this decision should inform the person of the remedies which are available and of the applicable time limits within which the appeal has to be lodged.
In conclusion, the EC instruments on immigration and asylum law do not provide explicit guarantees with regard to scope of the available remedies and the competences of the courts or independent authorities involved. Procedural and substantial guarantees for the remedies at stake seem to be left to the scrutiny of the national legislator. In the following Chapter, I will consider how the lack of specifi c safeguards in EC immigration and asylum law relates to the general principles of EU law on the right to eff ective remedies.
Brouwer ch-09.indd 301 3/13/2008 2:46:16 PM
Brouwer ch-09.indd 302 3/13/2008 2:46:16 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 303–326.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Chapter 10
Eff ective Remedies in the EU: A Matter of Basic Principles
“Individuals are […] entitled to eff ective judicial protection of the rights they derive from the Community legal order, and the right to such protection is one of the gen-eral principles of law stemming from the constitutional traditions common to the Member States. Th at right has also been enshrined in Articles 6 and 13 of the European Convention for the Protection of Human Rights and Fundamental Freedoms.”1
1. Introduction
In Chapters 6 to 9, I described the legal framework with regard to the availability of and criteria for eff ective remedies in the fi eld of data protection and immigra-tion law. In this Chapter I will argue, on the basis of three basic principles of EU law, that the national legislators are generally obliged to include in their immi-gration law procedures eff ective remedies for third-country nationals when implementing EU or EC law. I will try to convey how this obligation goes beyond the often vague and open norms included in data protection law and the instru-ments based on Title IV TEC described in Chapter 9. Finally, in section 6, I will formulate minimum criteria for eff ective remedies which, in my view, can be derived from the law described in this and the previous Chapters of Part II.
2. Th e First Principle: Incorporation of Human Rights in EU Law
Initially, cooperation within the framework of the European Community started as a purely economic matter. Th e founding treaties of this cooperation did not include references to the protection of human rights or the rule of law . However,
1 C-50/00, Unión de Pequeños Agricultores, [2002] ECR I-6677, § 39. See also P. Boeles, Fair and Eff ective Immigration Procedures in Europe?, EJML 7, 2005, p. 213–218.
Brouwer ch-10.indd 303 3/13/2008 5:25:09 PM
304 Chapter 10
based on both the jurisprudence of the ECJ and the amended texts of the EU Treaties, there can no longer be any doubt that the contemporary EU is based on the rule of law and respect for human rights, as protected in the European Convention on Human Rights (ECHR).2 Th e emphasis on human rights and the rule of law in the judgments of the ECJ is generally seen as an answer to the concerns of Member States with regard to the protection of human rights within the legal order of the Communities.3 Safeguarding human rights and the rule of law is considered a prerequisite for the legitimacy of the European Union and the loyalty of its Member States towards this legal framework.
Th e fi rst judgment in which the ECJ explicitly established that the implemen-tation of Community law should respect fundamental human rights was the Stauder v. City of Ulm case in 1969.4 In this judgment, the ECJ made its famous reference to the meaning of human rights principles for EU law: “Interpreted this way the provision at issue contains nothing capable of prejudicing the fun-damental human rights enshrined in the general principles of Community law and protected by the Court”. One year later, the ECJ repeated this general prin-ciple in the Internationale Handelsgesellschaft judgment.5 In this judgment, the ECJ explicitly referred to the constitutional traditions of the Member States as the inspiration for the protection of these rights. In the Nold II case of 1974, the ECJ went further by stating that, apart from the constitutional traditions of the Member States, international treaties for the protection of human rights should also be used as guidelines for the interpretation of Community law by the ECJ.6 With this judgment, the ECJ confi rmed the applicability of the ECHR within the legal framework of the Communities.
With the Treaty of Maastricht of 1992, the binding role of human rights as protected in the ECHR and the importance of constitutional traditions in the Member States for EU law were explicitly recognised in the EU Treaty.7 Th e new Article F (2), the current Article 6 (2), of this Treaty stated that “Th e Union shall respect fundamental rights, as guaranteed by the European Convention for the
2 T.C. Hartley, Th e foundations of European Community Law, Oxford: Oxford University Press 2003 (fi fth edition).
3 See, for a detailed analysis of the relationship between the EU and human rights: R. Lawson, Het EVRM en de Europese Gemeenschappen, Europese Monografi eën no. 61, Th e Hague: Kluwer 1999, and Ph. Alston (ed.), Th e EU and Human Rights, Oxford: Oxford University Press 1999.
4 Judgment of 12 November 1969, C-29/69, Stauder, [1969] ECR 419.5 Judgment of 17 December 1970, C-11/70, Internationale Handelsgesellschaft, [1970] ECR 1146.6 Judgment of 14 May 1974, C-4/73, Nold II, [1974] ECR 507.7 OJ C 191, 29.7.1992.
Brouwer ch-10.indd 304 3/13/2008 5:25:09 PM
Eff ective Remedies in the EU: A Matter of Basic Principles 305
Protection of Human Rights and Fundamental Freedoms signed in Rome on 4 November 1950 and as they result from the constitutional traditions common to the Member States, as general principles of Community law.” Th e inclusion of the rule of law and human rights as one of the requirements of EU membership in the so-called Copenhagen criteria confi rmed its importance as a founding principle for the legal order of the EU.8 With the Amsterdam Treaty of 1997 entering into force on 1 May 1999, a new Article 6 (1) was added to the EU Treaty which stated that, “liberty, democracy, respect for human rights and fun-damental freedoms, and the rule of law” are the founding principles for the Union and are principles which are common to the Member States.9 Finally, with the adoption of the EU Charter of Fundamental Rights in 2000, the European Council not only confi rmed the importance of the ECHR for the legal framework of the EU, but it also developed its own set of human rights.10
In its case law, the ECJ has dealt on various occasions with the human rights protected in the ECHR. For example, the right to freedom of information played a role in the judgments in Hoechst of 21 September 1989, the Grogan case of 4 October 1991 and ERT of 18 June 1991.11 As we have seen in Chapter 7, in both the Lindqvist and Österreichischer Rundfunk judgments, the ECJ emphasised the importance of protection of the fundamental right to privacy as protected in Article 8 ECHR. In these judgments, the ECJ affi rmed that this fundamental right formed the basis for data protection rules included in the EC Directive 95/46 on the protection of personal data.12 With regard to immigration law pro-cedures and the protection of freedom of movement , the ECJ applied the right to family life as an important factor in assessing the lawfulness of the refuted deci-sions. In diff erent judgments, the ECJ applied Article 8 ECHR to underline the obligation for national authorities to take into account the right to family life and to respect the principle of proportionality .13
8 European Council 21–22 June 1993, SN 180/1/93 Rev. 1, OJ C 042, 15.2.1993. 9 OJ C 340, 10.11.1997. 10 Treaty of Nice, OJ C 80, 10.3.2001. 11 Cases C-46/87 and C-227/88, Hoechst, [1989] ECR 2859, C-159/90, Grogan, [1991] ECR
I-4685 and C-260/89, ERT, [1991] ECR I-2925. 12 Cases C-101/01, Lindqvist, [2003] ECR I-12971 and C-456/00, Österreichischer Rundfunk,
[2003] ECR I-4989. 13 See, for example, Carpenter, [2002] ECR I-6279, Akrich, [2003] ECR I-9607 and Orfanopoulos,
C-482/01 and C-493/01 (joined cases) [2004] ECR I-5257. See also the judgment European Parliament v. Council, C-540/03 [2006] ECR I-5769, in which the ECJ explicitly refers to preamble 2 to this Directive.
Brouwer ch-10.indd 305 3/13/2008 5:25:09 PM
306 Chapter 10
3. Th e Second Principle: Eff ective Remedies to Secure Rights Conferred by EU Law
3.1. Th e Johnston Principle
Th e second principle refers to the general principle of EU law that, in order to safeguard the rights protected by Community law or EU law, individuals should be able to invoke these rights before national courts and authorities. Th e ECJ formulated this principle explicitly in the Johnston judgment of 1986.14 Th is case dealt with a challenge by a female police offi cer against the decision of the Northern Ireland police force not to renew her employment contract. Th is deci-sion was based on a temporary policy excluding women from certain operations requiring police offi cers to carry fi rearms. Mrs. Johnston claimed that the deci-sion violated her rights under EC Directive 76/207 regarding the equal treat-ment of men and women in employment relations. Th e preliminary question, forwarded by the national court to the ECJ, concerned the scope of the judicial remedies provided for in Article 6 of this Directive 76/207.15 According to the ECJ, this right means that Member States should take measures which are “suffi -ciently eff ective to achieve the aim of this directive and that the rights thus con-ferred may be eff ectively relied upon before the national courts by the person concerned”.16 With regard to this case, the ECJ concluded that the applicable national procedure prevented Mrs. Johnston from challenging the refuted deci-sion and therefore did not meet the criteria of Article 6 of this Directive. Of gen-eral importance is the conclusion in this judgment that, “Community law requires eff ective judicial scrutiny of the decisions of national authorities taken pursuant to the applicable provisions of Community law”. According to the ECJ, this refl ects a general principle of law underlying the constitutional traditions common to the Member States, which is also laid down in Articles 6 and 13 of the ECHR.17 It should be emphasised that, in this judgment, the ECJ refers to Articles 6 and 13 ECHR to support the general principle of providing eff ective remedies to protect Community rights. Th is is to be distinguished from the principle discussed in the previous section, which refers to the binding role of
14 C-222/84 Johnston [1986] ECR 1651, § 18. See also C-294/83, Les Verts v. European Parliament, [1986] ECR 1339, § 23.
15 Article 6 reads: “Member States shall introduce into their national legal systems such measures as are necessary to enable all persons who consider themselves wronged by failure to apply to them the principle of equal treatment within the meaning of Articles 3, 4 and 5 to pursue their claims by judicial process after possible recourse to other competent authorities.”
16 Johnston, § 17. 17 Johnston, § 18.
Brouwer ch-10.indd 306 3/13/2008 5:25:09 PM
Eff ective Remedies in the EU: A Matter of Basic Principles 307
the ECHR, including Articles 6 and 13, within the legal system of the EU and its Member States.
In its Heylens judgment, the ECJ applied the principle of eff ective remedies directly to the right to freedom of movement of workers.18 Th e Heylens case con-cerned the refusal of the French authorities to recognise the foreign diploma of a Belgian football trainer, which prevented him from working for a French football club. According to the ECJ, “the existence of a remedy of a judicial nature against any decision of a national authority refusing the benefi t of the right to free access to employment is essential in order to secure for the individual eff ective protec-tion for his right”. Recalling its earlier conclusion in the Johnston case that this requirement refl ects a general principle of Community law, the ECJ confi rmed that this would be a fundamental right which the Treaty conferred individually on each migrant worker in the Community. In the Heylens judgment, the ECJ also confi rmed the obligation for national authorities to state the reasons for national decisions aff ecting the fundamental rights of individuals conferred by the EC Treaty.19 Th is latter requirement is repeated in later judgments.20
3.2. Applying the Johnston Principle to EC Immigration Law: Th e Panayotova Case
In the Panayotova judgment of 16 November 2004, the ECJ made it clear that the general principle of eff ective remedies in relation to Community rights also applies to immigration law procedures. Th is case concerned the Dutch immigra-tion law system in which the granting of a residence permit is made dependent on a long-term visa to be obtained before the person concerned enters the Dutch territory (known as the ‘mvv-vereiste’).21 Th e question arose of whether this Dutch requirement could be invoked against the applicants, who were Bulgarian nationals, enjoying special protection under the Association Agreement between the EC and Bulgaria of 1994. Th e ECJ concluded that in principle the Association Agreements (including the Agreements with Poland and Slovakia) did not pre-clude a system of prior control on the issue of a residence permit. However, this would depend on whether “the procedural rules governing the issuing of such a temporary residence permit” would not make the exercise of the rights conferred by the Association Agreements impossible or excessively diffi cult. Referring to its
18 Judgment of 15 October 1987, C-222/86, Unectef v. Heylens, [1987] ECR 4097. 19 See §§ 14 to 17. 20 C-70/95, Sodemare, [1997] ECR I-3395, § 19. See M. Dougan, National Remedies Before the
Court of Justice. Issues of Harmonisation and Diff erentiation, Oxford and Portland, Oregon: Hart Publishing 2004, p. 11.
21 C-327/02, Panayotova.
Brouwer ch-10.indd 307 3/13/2008 5:25:10 PM
308 Chapter 10
earlier ruling in the Johnston case, the ECJ added the more general consideration that, “Community law requires eff ective judicial scrutiny of the decisions of national authorities taken pursuant to the applicable provisions of Community law”.22 In this Panayotova judgment, the ECJ further stated that the scheme applicable to such long-term visas must be based on “a procedural system which is easily accessible and capable of ensuring that the persons concerned will have their applications dealt with objectively and within reasonable time, and refusals to grant a permit must be capable of being challenged in judicial or quasi-judicial proceedings.”
It is important to stress that, in its earlier judgments in the Dörr-Ünal and Cetinkaya cases, described in Chapter 9, the ECJ derived the right to legal reme-dies from the principle of freedom of movement and the principle of equality. On the basis of these principles, Member States are obliged to grant Turkish migrant workers the same procedural guarantees as those granted to EU citizens by the former Directive 64/221. Th e importance of the Panayotova case lies in the fact that in this judgment the right to accessible and eff ective remedies is directly based on the constitutional principles of EU law, including the rights of the ECHR.23 Th e ECJ extended the scope of this general right to individuals who claim to have rights under EC law.
3.3. Article 47 of the EU Charter
In 2000, the European Council adopted the EU Charter of Fundamental Rights .24 Th is Charter provides, in Article 47, for a general right to eff ective judi-cial remedies, which incorporates the jurisprudence of the ECJ described above. Article 47 states:
1. Everyone whose rights and freedoms guaranteed by the law of the Union are violated has the right to an eff ective remedy before a tribunal in compliance with the conditions laid down in this Article.
2. Everyone is entitled to a fair and public hearing within a reasonable time by an independent and impartial tribunal previously established by law. Everyone shall have the ability of being advised, defended and represented.
3. Legal aid shall be made available to those who lack suffi cient resources insofar as such is necessary to ensure eff ective access to justice.
Article 47 is important because it combines the criteria of Article 6 and Article 13 ECHR. As we have seen in the previous Chapter, in the Maaouia judgment
22 Panayotova § 27. 23 Compare §§ 64–65 of the Dörr-Ünal judgment and § 27 of the Panayotova case. 24 OJ C 310, 16.12.2004.
Brouwer ch-10.indd 308 3/13/2008 5:25:10 PM
Eff ective Remedies in the EU: A Matter of Basic Principles 309
of 2001 the ECtHR explicitly refused to apply Article 6 ECHR to immigration law procedures. Th e explanatory memorandum to Article 47 now states that, in Community law, the right to a fair hearing is not confi ned to disputes relating to civil law rights and obligations. Th is wide interpretation is justifi ed by the conse-quence “that the Community is a community based on the rule of law as stated by the ECJ in Les Verts v. European Parliament in 1986”.25 Furthermore, the explanatory memorandum confi rms what was concluded in earlier judgments of the ECJ, namely that the implementation of the right to eff ective remedies should be in accordance with the criteria developed by the ECtHR on Article 13 ECHR.26 Article 47 thus not only broadens the scope of applicability of Article 6 ECHR within the scope of the TEC, since it is not restricted to civil and criminal law cases, but also incorporates the more explicit criteria of Article 13 ECHR.27 Th is means that the criteria developed by the Strasbourg Court on the basis of Article 13 apply equally to national procedures in which national authorities have applied or should have applied community law.
Th e inclusion of the right to eff ective remedies as a human right is important because it includes the right of possible advice, defence or representation for the person concerned. Furthermore, on the basis of Article 47 (3), legal aid should be made available to those who lack suffi cient resources, when this is necessary “to ensure eff ective access to justice”.
Th e EU Charter on Fundamental Rights was meant to achieve direct legal eff ect within the EU Member States with the entry into force of the EU Constitutional Treaty . Since the negative results of the referenda in France and the Netherlands in 2005, the future of this Constitutional Treaty has become uncertain. However, this uncertainty about the Constitutional Treaty is unlikely to aff ect the meaning of the Charter or its Article 47. In the fi rst place, it is not expected that, when redrafting the Constitutional Treaty, the EU Member States will amend the text of the Charter that had already been adopted several years before the adoption of the Constitutional Treaty. As we have seen above, the con-tent of Article 47 was based on the jurisprudence of the ECJ and can therefore already be regarded as codifi cation of existing EU law. Secondly, the EU Charter has already achieved a certain status within EU law regardless of whether or not it will be inserted in the Constitutional Treaty. Aside from the references to this Charter made in the literature and by the Advocate General in opinions before
25 C-294/83, Les Verts, [1986] ECR 1339. 26 As in the abovementioned Johnston case C-222/84, see also C-459/99, MRAX v. Belgium, [2002]
ECR I-6591 and C-50/00, Unión de Pequeños Agricultores, [2002] ECR I-6677. 27 S. Peers, Immigration, Asylum and the European Union Charter of Fundamental Rights, EJML 3,
2001, p. 141–169.
Brouwer ch-10.indd 309 3/13/2008 5:25:10 PM
310 Chapter 10
the ECJ28, the Charter is quoted in judgments of the Court of First Instance (CFI) and the ECJ.29 In the judgments of the CFI, this Court not only referred to the earlier jurisprudence of the ECJ with regard to the right to eff ective rem-edy as a general principle of Community law, but also to Article 47 of the EU Charter. In June 2005, the LIBE Committee of the European Parliament referred to Article 47 of the EU Charter to support its proposal to include the suspensive eff ect of the proceedings in the draft Directive on minimum standards in asylum procedures.30
In its judgment European Parliament v. the Council dealing with the Family Reunifi cation Directive 2003/86, the ECJ ruled that Member States are bound to observe the principles which are recognised in the EU Charter, including the right to family life of Article 7.31 Th e ECJ explicitly referred to the second recital of the preamble to the Family Reunifi cation Directive, where the EC legislator itself acknowledged the importance of the EU Charter of Fundamental Rights . In this judgment, the ECJ also emphasised that the Charter is to be regarded as the codifi cation of general principles of EU law and the constitutional traditions of the Member States.32
After lengthy debates to overcome the institutional impasse of the EU caused by the outcome of the referenda in France and the Netherlands, the EU head of states fi nally decided at their summit of June 2007 that the Constitutional Treaty would be replaced by a “Reform Treaty”.33 Th is Treaty, to be adopted at the end of 2007, will amend the current EC and EU Treaties. In its conclusions, the European Council decided that Article 1 of the EU Treaty will contain a cross reference to the Charter on Fundamental Rights giving it legal binding value and setting out the scope of its application.
3.4. Relationship Between the General Principle and Secondary EC Legislation
Th e principle that the enjoyment of Community rights requires Member States to provide for eff ective judicial scrutiny of decisions aff ecting those rights is important for the assessment of the national implementation of the EC immigration and asylum law. Th e mere availability of legal remedies will not be suffi cient to meet
28 See the opinion of AG Kokott in C-503/03, Commission v. Spain, § 42 and of AG Ruiz-Jarabo Comer, C-176/03, § 68.
29 T-177/01, Jégo-Quéré, [2002] §§ 41 and 42, ECR II-2365 and T-116/01, P&O European Ferries v. European Commission, § 209 [2003] ECR II-2957. See for references by the ECJ: C-540/03, European Parliament v. the Council, dealt with below, and C-432/05, Unibet, in § 37.
30 Amendment 45 in the Report Kreissl-Dörfl er, A6-0222/2005, 29 June 2005. As we saw in Chapter 9, this Directive 2005/85 was adopted in December 2005.
31 C-540/03, European Parliament v. the Council, §§ 38 and 58 [2006] ECR I-5769. 32 C-540/03 § 38. 33 See for the text of the Presidency conclusions of 21/22 June 2007, 11177/07, 23 June 2007.
Brouwer ch-10.indd 310 3/13/2008 5:25:10 PM
Eff ective Remedies in the EU: A Matter of Basic Principles 311
the criteria set by the ECJ and included in Article 47 of the EU draft Constitution. Th e general principle of and criteria for eff ective remedies will overrule the provisions in specifi c EC instruments if these latter instruments off er less protec-tion to the individual concerned. Th is was clarifi ed by the ECJ in the Siples judg-ment of 2001. Th is case concerned the interpretation of Article 243 of the Community Customs Code (Regulation 2913/92).34 Th is provision conferred the power to suspend implementation of contested decisions made by national cus-toms authorities exclusively upon the national customs authorities; national courts did not have the power to grant interim relief. Th e ECJ concluded that these weaker provisions in the EC Customs Code should be interpreted in accordance with the more general principle of legal protection. In its judgment, the ECJ explicitly stated that the provision in the Community Code “cannot limit the right to eff ective judicial protection”. According to the ECJ, a court asked to decide on a dispute governed by Community law must be in a position to grant interim relief in order to ensure the full eff ectiveness of the judgment to be passed on the existence of the rights claimed under Community law.
At this point it also important to refer to the judgment in the case Köbler v. Austria, in which the ECJ confi rmed that Member States are obliged “to make good damage caused to individuals by infringements of Community law for which they are responsible”.35 According to the ECJ, this principle also applies “where the alleged infringement stems from a decision of a court adjudicating at last instance where the rule of Community law infringed is intended to confer rights on indi-viduals, the breach is suffi ciently serious and there is a direct causal link between that breach and the loss or damage sustained by the injured parties”.36 In this judg-ment, the ECJ declared that it is up to the legal system of each Member State to designate the court competent to determine disputes relating to that reparation.
4. Th e Th ird Principle: Eff ective Judicial Remedies to Ensure a Uniform and Clear Interpretation of EC Law
4.1. Preliminary Proceedings: Th e Responsibility of National Judges and Legislators
On the basis of Article 234 TEC, the ECJ has jurisdiction to give a preliminary ruling on the interpretation of the Treaty and on the validity and interpretation of Community acts. National courts may ask the ECJ to give such a preliminary ruling if they consider this necessary for their own judgments. National courts
34 C-226/99, Siples Srl., [2001] ECR I-0277, see §§ 17–19. 35 C-224/01, Köbler, [2003] ECR I-10239. 36 C-224/01 § 59.
Brouwer ch-10.indd 311 3/13/2008 5:25:10 PM
312 Chapter 10
against whose decisions no judicial remedy is possible, should in this case, based on Article 234 (2), always forward a preliminary request to the ECJ if such a question is raised. Article 68 (1) TEC, which applies to the instruments adopted under Title IV TEC, provides that a court against whose decision no judicial remedy is possible is obliged to forward a preliminary question to the ECJ when it considers this necessary for the judicial sentence in the case concerned.
Th is system of preliminary references guarantees a clear and coherent interpre-tation of Community law. On the one hand, this system requires the ECJ to analyse the legal problems under Community law submitted by national courts and to provide a generally applicable interpretation. On the other hand, it places an obligation on national courts to ensure that when an issue of Community law is at stake and needs to be clarifi ed, this issue is to be forwarded to the Community Court. For national courts, this ‘principle of eff ectiveness’ means a duty to ensure full application and uniform interpretation of Community law and to eliminate the unlawful consequences of a breach of Community law either directly or by ensuring eff ective compensation for the damage resulting from it.37
Th e legal system as envisaged in Article 234 also implies the duty of Member States to establish a system of legal remedies and procedures which ensures respect for the right to eff ective judicial protection. In the judgment in Unión de Pequeños Agricultores (25 July 2002), the ECJ explicitly ruled that the communi-tarian system of judicial review, in which national courts can or should refer a preliminary question to the ECJ regarding the validity of acts of the institutions, requires Member States to provide for legal remedies and procedures.38 Referring to the provisions in Article 173 (now Article 230 TEC) and Article 184 (now Article 241 EC) on the one hand, and Article 177 (now Article 234 TEC) on the other hand, the ECJ reasoned that the Treaty has established a “complete system of legal remedies and procedures designed to ensure judicial review of the legality of acts of the institutions and has entrusted such review to the Community Courts”. Th is obligation upon both national courts and authorities to ensure that this system of legal remedies described by the ECJ works can also be based on the principle of cooperation provided for in Article 10 TEC (formerly Article 5).39 According to Article 10 TEC, Member States should take all appropriate measures to ensure fulfi lment of the obligations arising from the Treaty or resulting from action taken by the institutions of the Community and to facilitate the achievement of the Community’s tasks.
37 John Temple Lang, Th e Principle of Eff ective Protection of Community Law Rights, in: David O’Keeff e, Judicial Review in European Union Law, Th e Hague: Kluwer Law International 2000, p. 235.
38 C-50/00, Unión de Pequeños Agricultores, [2002] ECR I-6677. 39 C-213/89, Factortame and Others, [1990] ECR I-2433, §19.
Brouwer ch-10.indd 312 3/13/2008 5:25:10 PM
Eff ective Remedies in the EU: A Matter of Basic Principles 313
Th e judgment in Unión de Pequeños Agricultores has led to the proposal of a new provision in Article I-29 of the draft Constitutional Treaty on the tasks and organisation of the Court of Justice. Th is provision, if inserted in the new Reform Treaty, is important because it links the competence of national courts to forward preliminary questions to the ECJ with the obligation of Member States to provide judicial remedies. Whereas the fi rst sentence of Article I-29 (1) describes the general task of the ECJ to “ensure that in the interpretation and the application of the Constitution the law is observed”, the second sentence requires Member States to provide “rights of appeal suffi cient to ensure eff ective legal protection in the fi eld of Union law”.
Th is obligation upon Member States to provide eff ective remedies to safeguard the mechanism of preliminary references has been explicitly acknowledged in the recitals of the Directive 2005/85 on minimum standards on asylum procedures.40 Recital 27 of the Directive states: “It refl ects a basic principle of Community law that the decisions taken on an application for asylum and on the withdrawal of refugee status are subject to an eff ective remedy before a court or tribunal within the meaning of Article 234 of the Treaty. Th e eff ectiveness of the remedy, also with regard to the examination of the relevant facts, depends on the administra-tive and judicial system of each Member State as a whole.” Th e reasoning of this recital is not limited to asylum procedures. Since this principle of eff ective judicial remedies codifi es an essential element of the EU legal system confi rmed in the case law of the ECJ, it also applies to procedures concerning the rights and obligations in other instruments adopted under Title IV TEC.
4.2. Criteria of National Courts Which Fall within the Meaning of Article 234 TEC
In a series of judgments in which it had to deal with the question of the admissi-bility of a preliminary request from a national authority, the ECJ applied a number of factors in assessing whether the national authority had to be consid-ered a ‘court or tribunal’ within the meaning of Article 234 (formerly 177 TEC).41 Th ese factors provide a minimum set of criteria for what the ECJ con-siders an authority or body which is able to off er the eff ective judicial review as required in the EU legal system described above. Th ese factors include:
– the authority or body should be established by law;– the independence of the authority or body;
40 OJ L 326/13, 13.12.2005. 41 See, for example, C-195/98, Österreichischer Gewerkschaftbund, [2000] ECR I-10497, C-54/96,
Dorsch Consult, [1997] ECR I-4961, and C-407/98, Abrahamsson, [2000] ECR I-5539.
Brouwer ch-10.indd 313 3/13/2008 5:25:10 PM
314 Chapter 10
– the permanence of the authority or body;– compulsory jurisdiction;– adversarial proceedings (inter partes); and– the application of the rule of law .
Th e reference to “court or tribunal” in Article 234 TEC does not imply that only judicial courts meet the aforementioned criteria. For example, in the case of Jia v. Migrationsverket, the ECJ dealt with the preliminary request from the Swedish immigration board, referring to this authority as “referring court”.42 In his opinion to this case, Advocate General Geelhoed explicitly affi rmed the competence to refer preliminary questions from the Swedish Utlänningsnämnden on the basis of the consideration that this is an administrative body with quasi-judicial powers, hearing appeals from decisions taken by the Swedish immigra-tion board (Migrationsverket).43 On the other hand, in Commission v. Austria, where the refuted decision by the Austrian authorities was only reviewed by an independent advisory board of experts, the ECJ concluded that the criteria of Article 234 were not met because this board lacked true decision-making powers.44
In various judgments, the ECJ has held that national courts should be able to suspend the refuted national measure when the legality of this measure is chal-lenged through preliminary proceedings: “Th e coherence of the system of interim legal protection requires that national courts should also be able to order suspen-sion of enforcement of a national administrative measure based on a Community Regulation, the legality of which is contested.”45
In my view, the above criteria for “court or tribunals” within the meaning of Article 234 TEC must be applied with regard to the question of whether an individual has access to “eff ective remedies”.
5. Towards Minimum Standards for Eff ective Remedies
5.1. Eff ective Remedies, Databases and Th ird-Country Nationals
What is the practical meaning of the aforementioned principles for our subject, the Schengen Information System and other EU databases such as VIS and Eurodac ? Which principles and criteria apply with regard to the rights of third-country
42 C-1/05, 9 January 2007, § 25. Published in Jurisprudentie Vreemdelingenrecht 2007/31, annotation P. Boeles.
43 Opinion of 27 April 2006. 44 C-424/99, [2001] ECR I-9285. 45 C-143/88, Zuckerfabrik, [1991] ECR I-415. See also Dougan (2004) p. 321.
Brouwer ch-10.indd 314 3/13/2008 5:25:10 PM
Eff ective Remedies in the EU: A Matter of Basic Principles 315
nationals registered in these databases and against whom decisions or measures are taken on the basis of the stored information? To answer these questions, I recall the diff erent decisions at stake. For this purpose, I have made a distinction between so-called ‘data protection law decisions’ and ‘immigration law decisions’. Data pro-tection law decisions deal with the collection, storage and processing of data, or the refusal of the right of access, correction, or d eletion. Immigration law decisions include, on the one hand, immigration law decisions which result in reporting a third-country national in a database, for example decisions to declare a person ‘inadmissible’ or expulsion decisions. On the other hand, they include decisions based on these registrations such as the refusal of entry on the basis of a SIS alert.
As we have seen above, the applicable rules of data protection law and the EC immigration and asylum law instruments provide rather ‘open’ norms with regard to the right to legal remedies, including the right “to mount a legal chal-lenge” or “the right to bring an action before court or authority”. In this Chapter, I tried to establish that such norms should not be considered an empty box, but must be implemented in accordance with the general principles of EU law. Th e fi rst of these principles is based on the incorporation of human rights and, in particular, the ECHR within the legal framework of the EU. Th e standards developed by the ECtHR on the right to eff ective legal remedies, which have been incorporated in Article 47 of the draft Constitutional Treaty , apply to the implementation of EC immigration and asylum law whenever human rights are at stake. Secondly, we have seen that in its case law, the ECJ explicitly linked the right to judicial protection to the principle that individuals should be able to enforce their rights of Community law. To recall the conclusion of the ECJ in the Panayotova case, Member States should therefore provide for “eff ective judicial scrutiny of the decisions of national authorities taken pursuant to the applicable provisions of Community law”. Th irdly, the ECJ associated the legal system of the Community, including the system of preliminary references, with the need for eff ective judicial procedures in order to enable both national courts and the ECJ to guarantee a coherent and clear interpretation of Community law. Th e criteria developed on the basis of these general principles go much further than the rules adopted in the diff erent instruments at stake. National legislators should take these criteria into account, not the vague wordings in the Title IV instruments, when implementing EC law or adopting new measures.
5.2. Criteria for Eff ective Remedies
5.2.1. Judicial or Non-Judicial Authority?In its case law with regard to Article 8 ECHR, the right to private life, the ECtHR ruled that judicial review aff ords the best guarantees of independence, impartiality and a proper procedure. However, looking at the jurisprudence more generally, the ECtHR has held that an independent countervailing mechanism other than
Brouwer ch-10.indd 315 3/13/2008 5:25:10 PM
316 Chapter 10
a judicial court is acceptable, as long as these institutions off er eff ective and adequate remedies for the person concerned. In some cases, the ECtHR even concluded that the judicial court in question did not provide an eff ective remedy because it was not able to assess the full content of the decision or the national authorities were not obliged to await its decision before executing a deportation order. Th erefore, the distinction between judicial and non-judicial remedies does not really seem to be the issue. What matters is that both the ECtHR and the ECJ require legal remedies whose scope and eff ects are equal to the protection of judicial remedies. Aside from the criteria described in the next sections, the fol-lowing minimum standards confi rmed in the case law of the ECJ with regard to Article 234 TEC apply:
a. impartial tribunal previously established by law;b. permanent institution;c. established by law;d. independent from the national authority taking the decision or measure.
5.2.2. AccessibilityTh e jurisprudence of both the ECtHR and the ECJ is clear with regard to the criterion of the accessibility of legal remedies. If a national decision or measure interferes or is at risk of interfering with the rights protected in the ECHR or in the EU immigration and asylum law, the person concerned should be informed of his or her rights to lodge an appeal. In the fi eld of data protection law, the gen-eral standard is that the data subject should be informed of the fact and purpose of data processing and that he or she also has the right to apply for access, correc-tion or deletion of his or her data. Th ese rights, included in EC Directive 95/46, may however be limited on diff erent grounds. In addition, with regard to the protection of the right to private life, included in Article 8 ECHR, the ECtHR accepted that, under specifi c circumstances, persons must not be informed of surveillance measures. Only once the use of secret surveillance measures is sus-pended should the authorities notify the person concerned, so as to enable him to seek eff ective remedies before the courts. Considering the general principles of EU law dealt with above, one could formulate the following four criteria:
a. written and informed decision-making including information on the reasons for the decision, the authority which issued the decision and on the available remedies and the time limits to be applied;
b. legal remedies should be available within a reasonable time;c. fair and public hearing;d. ability to be advised, defended and represented, including legal aid for those
who otherwise would have no suffi cient means of fi nding access to legal remedies.
Brouwer ch-10.indd 316 3/13/2008 5:25:10 PM
Eff ective Remedies in the EU: A Matter of Basic Principles 317
Th ese criteria should be seen against the background of the important consideration of the ECJ in the Panayotova case, according to which Member States must not establish procedural thresholds impeding the accessibility of eff ective remedies.
5.2.3. Scope of ReviewNational courts or independent authorities should be able to make a substantial review of both legal and factual issues. In data protection law, this concerns the question of whether the administrative authorities acted in conformity with the following principles: the purpose limitation principle; the applicable time limits; the limitation of use and disclosure of information, etc. At fi rst sight, these prin-ciples do not seem to include substantial norms. However, they oblige the data processing authority to satisfy these norms, for example, the purpose of data processing, for how long the data will be processed and which authorities may have access to the information. Based on these rules, which are to be defi ned in advance, the national court or authority has a tool for assessing the lawfulness and proportionality of the refuted measure.
When implementing immigration law, national decisions on expulsion, deten-tion or refusal of entry should be in conformity with the obligations regarding human rights in the ECHR and the right to eff ective remedies in EU law. With regard to the scope of EC immigration law, the Title IV instruments described above include specifi c rights for third-country nationals, for example, the right to free movement in Directive 2004/38, or the Directives on long-term residents and family reunifi cation . Both EU law and the human rights protected in the ECHR give national courts substantial criteria for assessing the lawfulness of administrative decisions. In both EU law and with regard to the human rights in the ECHR, the principle of proportionality plays an important role.46 To summarise, this principle of a substantial review requires that the competent court or other national body should be able to:
a. assess the legitimacy or lawfulness of the measures concerned;b. assess the necessity and proportionality of these measures;c. balance the individual rights against a pressing social need;d. balance the competing individual rights.
5.2.4. CompetencesEff ective remedies include the power of the courts to prevent execution of measures that are contrary to the ECHR. Th erefore, national courts or tribunals should
46 Compare the proportionality test as used in the Berrehab judgment of the ECtHR, (appl. no. 10730/84) and in Commission v. Spain by the ECJ (C-503/03).
Brouwer ch-10.indd 317 3/13/2008 5:25:10 PM
318 Chapter 10
have the power to suspend expulsion decisions. As we saw in Chapter 9, many migration instruments based on Title IV TEC do not provide for the suspensive eff ect of the legal procedure. Some instruments even explicitly rule that a legal remedy does not suspend the refuted decision. Th ese rules should be read and applied in conformity with the criteria based on the general principles of EU law. Another important factor in “eff ective remedies” is that the national court or tri-bunal is capable of providing redress in respect of the applicant’s complaints. Th is includes the power of national courts to order fi nancial compensation for costs and damages. In the fi eld of data protection law, courts or authorities should have the power to order the blocking of data processing or the destruction, eras-ure, or rectifi cation of the information kept in the fi les. National courts or (data protection) authorities should also be able to order administrative authorities to grant an applicant access to his or her data. In summary, the court or authority should have at least the following powers:
a. to grant interim relief from or suspensive eff ect of a legal procedure;b. to issue binding decisions;c. to order (fi nancial) reparation of harm or damage.
Brouwer ch-10.indd 318 3/13/2008 5:25:10 PM
Eff ective Remedies in the EU: A Matter of Basic Principles 319An
nex
to P
art I
I
Cri
teri
a fo
r eff
ect
ive
rem
edie
s in
imm
igra
tion
and
dat
a pr
otec
tion
law
pro
cedu
res
Diff
eren
tiatio
n by
cate
gorie
s of p
erso
ns
So
urce
s Ju
dici
al/
Acc
essi
bilit
y of
Sc
ope
of re
view
C
ompe
tenc
es o
f
no
n ju
dici
al
rem
edie
s
cour
t or
trib
unal
rem
edie
s
EU c
itiz
ens
thir
d-co
untr
y na
tion
al fa
mily
m
embe
rs o
f EU
ci
tize
ns
thir
d-co
untr
y na
tion
al m
igra
nt
wor
kers
wit
hin
scop
e of
as
soci
atio
n ag
reem
ents
thir
d-co
untr
y na
tion
al w
ith
long
te
rm re
side
nce
Artic
le 3
0 an
d 31
D
irect
ive.
200
4/38
Juris
prud
ence
EC
J: Jo
hnsto
n, H
eylen
s, O
laza
bal,
Radi
om-
Shin
gara
Car
pent
er,
MRA
X, P
anay
otov
a,
Dör
r-Ü
nal
Artic
les 1
0, 1
2, a
nd
20 D
irect
ive
2003
/109
judi
cial
- ‘qu
asi
judi
cial
’
right
to m
ount
a
lega
l cha
lleng
e ag
ains
t dec
ision
s of
refu
sal l
ong
term
re
siden
ce st
atus
, re
new
al, o
r w
ithdr
awal
writ
ten
notifi
cat
ion
of a
ny d
ecisi
on
restr
ictin
g rig
hts o
f en
try
or re
siden
ce
duty
to co
mm
uni-
cate
reas
ons o
f de
cisio
ns
form
al re
quire
men
ts sh
ould
not
impe
de
acce
ssibi
lity
of
rem
edies
mot
ivat
ed d
ecisi
on
spec
ifyin
g po
ssib
le
redr
ess p
roce
dure
s an
d tim
e lim
it fo
r ta
king
act
ion
with
rega
rd to
ex
pulsi
on d
ecisi
ons
lega
lity
of d
ecisi
on,
fact
s and
ci
rcum
stanc
es
deci
sion
is ba
sed
prop
ortio
nalit
y an
d ne
cess
ity
of d
ecisi
on,
part
icul
arly
in
view
of e
xpul
sion
deci
sions
com
plia
nce
with
cr
iteria
Dire
ctiv
e 20
03/1
09
resp
ect f
or h
uman
rig
hts
inte
rim o
rder
to
susp
end
enfo
rcem
ent
deci
sion
susp
ensiv
e eff
ect
of
rem
edie
s aga
inst
expu
lsion
dec
ision
s
no su
spen
sive
eff e
ct a
gain
st de
cisio
n of
refu
sal,
refu
sal t
o re
new
or
with
draw
al
of re
siden
ce
perm
it
Brouwer ch-10.indd 319 3/13/2008 5:25:10 PM
320 Chapter 10
thir
d-co
untr
y na
tion
al w
ith
a ri
ght t
o fa
mily
re
unifi
cati
on
asyl
um se
eker
s
Artic
le 1
8 D
irect
ive
2003
/86
Artic
le 1
9 Re
gula
tion
343/
2003
(D
ublin
II)
Artic
le 3
9 D
irect
ive
min
imum
sta
ndar
ds o
n as
ylum
pro
cedu
re
2005
/85
judi
cial
redr
ess
proc
edur
e ag
ains
t de
cisio
ns o
f ex
pulsi
on
right
to m
ount
a
lega
l cha
lleng
e ag
ains
t rej
ectio
n of
ap
plic
atio
n fo
r fa
mily
reun
ifi ca
tion
right
of a
ppea
l or
revi
ew o
nly
if pr
ovid
ed fo
r in
natio
nal l
aw,
eff e
ctiv
e re
med
y be
fore
a c
ourt
or
trib
unal
right
to le
gal a
id
on sa
me
term
s as
nat
iona
ls of
M
embe
r sta
te in
w
hich
they
resid
e
writ
ten
deci
sion
incl
udin
g re
ason
s of
reje
ctio
n
mot
ivat
ed d
ecisi
on
info
rmed
dec
ision
, if
nece
ssar
y tr
ansla
tion,
in
form
atio
n ho
w
to c
halle
nge
deci
sion
com
plia
nce
with
cr
iteria
Dire
ctiv
e 20
03/8
6
resp
ect f
or h
uman
rig
hts
com
plia
nce
with
cr
iteria
Dire
ctiv
e 34
3/20
03
resp
ect f
or h
uman
rig
hts a
nd in
par
ti-cu
lar p
rinci
ples
re
cogn
ized
in
EU C
hart
er, n
on
refo
ulem
ent a
nd
non
disc
rimin
atio
n pr
inci
ple
susp
ensiv
e eff
ect
of
rem
edy
agai
nst
expu
lsion
ord
er
no p
rovi
sion
on
susp
ensiv
e eff
ect
revi
ew o
r app
eal w
ill
susp
end
trans
fer o
f as
ylum
seek
er o
nly
of n
atio
nal l
aw
prov
ides
so.
susp
ensiv
e eff e
ct o
f ap
peal
unde
r cer
tain
cir
cum
stanc
es
Diff
eren
tiatio
n by
cate
gorie
s of p
erso
ns (
cont
.)
So
urce
s Ju
dici
al/
Acc
essi
bilit
y of
Sc
ope
of re
view
C
ompe
tenc
es o
f
no
n ju
dici
al
rem
edie
s
cour
t or
trib
unal
rem
edie
s
Brouwer ch-10.indd 320 3/13/2008 5:25:10 PM
Eff ective Remedies in the EU: A Matter of Basic Principles 321D
iff er
entia
tion
by ca
tego
ries o
f per
sons
(co
nt.)
So
urce
s Ju
dici
al/
Acc
essi
bilit
y of
Sc
ope
of re
view
C
ompe
tenc
es o
f
no
n ju
dici
al
rem
edie
s
cour
t or
trib
unal
rem
edie
s
thir
d-co
untr
y na
tion
al a
t the
bo
rder
s
thir
d-co
untr
y na
tion
al to
be
expe
lled
base
d on
dec
isio
n of
an
othe
r EU
M
embe
r St
ate
Artic
le 1
3 Re
gula
tion
562/
2006
(S
chen
gen
Bord
ers C
ode)
Artic
le 4
Dire
ctiv
e 20
01/4
0 on
mut
ual
reco
gniti
on o
f ex
pulsi
on d
ecisi
ons
“rig
ht to
app
eal”
pers
on “m
ay b
ring
proc
eedi
ngs a
gain
st m
easu
res”
ac
cord
ing
to
natio
nal l
aw
stand
ard
refu
sal
form
incl
udin
g re
ason
s for
dec
ision
an
d av
aila
ble
rem
edie
s
no p
rovi
sion
resp
ect f
or h
uman
rig
hts a
nd in
pa
rtic
ular
thos
e of
EU
Cha
rter
(P
ream
ble
no. 2
0)
resp
ect f
or h
uman
rig
hts
legal
ity a
nd v
alid
ity
of fo
reig
n ex
pulsi
on
deci
sions
, cor
rect
ap
plic
atio
n of
the
natio
nal l
aw is
suin
g sta
te
no su
spen
sive
eff e
ct
of a
ppea
l aga
inst
refu
sal a
t the
bo
rder
no su
spen
sive
eff e
ct
Brouwer ch-10.indd 321 3/13/2008 5:25:10 PM
322 Chapter 10D
iff er
entia
tion
by ri
ghts
So
urce
s Ju
dici
al/
Acc
essi
bilit
y of
Sc
ope
of re
view
C
ompe
tenc
es o
f
no
n ju
dici
al
rem
edie
s
cour
t or
trib
unal
rem
edie
s
righ
ts a
nd
free
dom
s gu
aran
teed
by
EU la
w
Artic
le 4
7 EU
C
hart
er, A
rtic
le
234
TEC
Juris
prud
ence
EC
J: Le
s Ver
ts v.
Euro
pean
Pa
rliam
ent K
öbler
, Si
ples
Srl.
inde
pend
ent a
nd
impa
rtia
l trib
unal
, pe
rman
ent
insti
tutio
n
with
in re
ason
able
tim
e
abili
ty o
f bei
ng
advi
sed,
def
ende
d an
d re
pres
ente
d
lega
l aid
for t
hose
w
ho la
ck su
ffi ci
ent
reso
urce
s
Com
mun
ity E
U
law
righ
ts,
fund
amen
tal
hum
an ri
ghts,
le
galit
y ac
ts of
in
stitu
tions
“gra
nt in
terim
re
lief i
n or
der t
o en
sure
full
eff e
ctiv
enes
s of
judg
men
t”
orde
r gov
ernm
ents
“to
mak
e go
od
dam
age
caus
ed b
y in
fring
emen
ts of
C
omm
unity
law
fo
r whi
ch th
ey
are
resp
onsib
le”
appr
opria
te
sanc
tions
and
re
med
ies f
or
viol
atio
ns o
f do
mes
tic d
ata
prot
ectio
n la
w
Brouwer ch-10.indd 322 3/13/2008 5:25:10 PM
Eff ective Remedies in the EU: A Matter of Basic Principles 323D
iff er
entia
tion
by ri
ghts
(con
t.)
So
urce
s Ju
dici
al/
Acc
essi
bilit
y of
Sc
ope
of re
view
C
ompe
tenc
es o
f
no
n ju
dici
al
rem
edie
s
cour
t or
trib
unal
rem
edie
s
data
pro
tect
ion
righ
tsAr
ticle
8 D
ata
Prot
ectio
n C
onve
ntio
n 19
81
Artic
le 8
EU
C
hart
er o
n Fu
ndam
enta
l R
ight
s
Artic
le 2
2 EC
D
irect
ive
95/4
6
Juris
prud
ence
EC
J: Ö
sterr
eichi
scher
Ru
ndfu
nk c
ase
rem
edie
s acc
ordi
ng
to n
atio
nal l
aw,
inde
pend
ent
supe
rviso
ry
mec
hani
sm
cont
rol b
y an
in
depe
nden
t au
thor
ity
judi
cial
rem
edie
s, na
tiona
l dat
a pr
otec
tion
auth
oriti
es, a
nd
supr
anat
iona
l da
ta p
rote
ctio
n au
thor
ity (E
DPS
)
emph
asis
on
‘inde
pend
ence
’
prin
cipl
e of
tr
ansp
aren
cy a
nd
purp
ose
spec
ifi ca
tion
right
to b
e in
form
edrig
ht o
f acc
ess t
o pe
rson
al d
ata
purp
ose
spec
ifi ca
tion
data
pr
oces
sing,
righ
ts of
acc
ess t
o da
ta
duty
to in
form
dat
a su
bjec
t. rig
ht o
f ac
cess
to p
erso
nal
data
legi
timac
y of
re
gistr
atio
n pr
oced
ural
gu
aran
tees
com
plia
nce
with
ru
les o
f Art
icle
8
of th
e C
hart
er
cour
ts ha
ve to
as
cert
ain
whe
ther
in
terfe
renc
e m
eets
requ
irem
ent o
f fo
rese
eabi
lity
and
nece
ssar
y to
pro
tect
le
gitim
ate
aim
s
acco
unta
bilit
y da
ta
owne
r for
unl
awfu
l da
ta p
roce
ssin
g
ensu
re c
ompl
ianc
e w
ith ru
les o
f Ar
ticle
8 C
hart
er
data
pro
tect
ion
auth
oriti
es: o
rder
bl
ocki
ng, e
rasu
re o
r de
struc
tion
data
, te
mpo
rary
ban
Brouwer ch-10.indd 323 3/13/2008 5:25:10 PM
324 Chapter 10D
iff er
entia
tion
by ri
ghts
(con
t.)
So
urce
s Ju
dici
al/
Acc
essi
bilit
y of
Sc
ope
of re
view
C
ompe
tenc
es o
f
no
n ju
dici
al
rem
edie
s
cour
t or
trib
unal
rem
edie
s
righ
t to
priv
ate
life,
incl
udin
g pr
otec
tion
of
pers
onal
in
fom
atio
n an
d pr
otec
tion
of
fam
ily li
fe
Artic
les 8
, 13,
6
ECH
R
Juris
prud
ence
EC
tHR
: Kla
ss,
Gas
kin,
Lea
nder,
H
uvig
- Kru
slin
Abdu
lazi
z, A
hmut
, Se
n,
“jud
icia
l con
trol
aff o
rds b
est
guar
ante
es o
f in
depe
nden
ce,
impa
rtia
lity
and
a pr
oper
pro
cedu
re”
non
judi
cial
re
med
ies ac
cept
ed
if “s
uffi c
ient
safe
guar
d ag
ains
t ab
use”
or
“ind
epen
dent
co
ntro
lling
m
echa
nism
by
whi
ch co
nfl ic
ting
inte
rests
at st
ake
coul
d be
bala
nced
” in
depe
nden
t and
im
parti
al tri
buna
l (ju
dici
al co
urt)
gene
ral c
riter
ia o
f qu
ality
of l
aw:
fore
seea
bilit
y an
d cl
arity
with
rega
rd
to sc
ope
and
man
ner o
f exe
rcise
of
com
pete
nces
an
d po
wer
s of
auth
oriti
es
notifi
cat
ion
of
secr
et su
rvei
llanc
e m
easu
res o
nce t
hese
m
easu
res h
ave
been
su
spen
ded
acce
ss
with
in re
ason
able
time
acce
ss to
lega
l ai
d an
d as
sista
nce
of a
law
yer i
f in
disp
ensa
ble
for
eff e
ctiv
e ac
cess
to
cour
t
nece
ssity
and
pr
opor
tiona
lity
of
mea
sure
s at s
take
bala
nce
of d
iff er
ent
inte
rests
at s
take
appr
opria
te re
lief
adeq
uate
and
eff
ect
ive
rem
edie
s
fi nan
cial
repa
ir fo
r da
mag
es c
ause
d by
us
e of
info
rmat
ion
com
pens
atio
n of
no
n-pe
cuni
ary
dam
ages
and
cos
ts
Brouwer ch-10.indd 324 3/13/2008 5:25:10 PM
Eff ective Remedies in the EU: A Matter of Basic Principles 325D
iff er
entia
tion
by ri
ghts
(con
t.)
So
urce
s Ju
dici
al/
Acc
essi
bilit
y of
Sc
ope
of re
view
C
ompe
tenc
es o
f
no
n ju
dici
al
rem
edie
s
cour
t or
trib
unal
rem
edie
s
civi
l rig
hts
proc
edur
al r
ight
s de
tain
ees
righ
t of
prot
ecti
on
agai
nst
refo
ulem
ent
and
tort
ure
Artic
le 6
(1)
ECH
R
Juris
prud
ence
EC
tHR
: Rot
aru,
Bu
zescu
, Che
vrol
Artic
le 5
(1)
and
(4) E
CH
R
Juris
prud
ence
EC
tHR
:Č
onka
Cha
hal
Artic
les 3
, 13
ECH
R
Juris
prud
ence
EC
tHR
:C
haha
l. Al
-Nas
hif
Vilv
araj
ah
acce
ss to
cou
rts
inde
pend
ent
auth
ority
“spe
edily
acc
ess”
cl
ear w
ritte
n in
form
atio
n on
av
aila
ble
rem
edie
s in
lang
uage
un
ders
tand
able
to
app
lican
ts di
sclo
sure
of
reas
ons
“all
aspe
cts o
f the
m
atte
r” “f
actu
al
and
lega
l iss
ues
rele
vant
to th
e de
term
inat
ion
of
the
disp
ute”
law
fuln
ess o
f de
tent
ion
prot
ectio
n ag
ains
t ar
bitr
arin
ess o
f de
tent
ion
subs
tanc
e of
C
onve
ntio
n rig
hts,
asse
ssin
g ris
k at
sta
ke, c
redi
bilit
y of
gov
ernm
enta
l m
otiv
e of
nat
iona
l se
curit
y
fi nan
cial
repa
ir
pow
er to
ord
er
rele
ase
if de
tent
ion
is un
law
ful
pow
er to
pre
vent
ex
ecut
ion
of
mea
sure
s cau
sing
irrep
arab
le ha
rm
pow
ers t
o or
der
inte
rim o
rder
s or
susp
ensiv
e mea
sure
s
Brouwer ch-10.indd 325 3/13/2008 5:25:10 PM
Brouwer ch-10.indd 326 3/13/2008 5:25:11 PM
Part IIIImplementation at the National Level
Brouwer ch-11.indd 327 4/4/2008 5:39:46 PM
Brouwer ch-11.indd 328 4/4/2008 5:39:46 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 329–382.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Chapter 11
France“Il ne faut pas ignorer non plus que ce fi chage informatique de grande ampleur a aussi valeur de test à l’égard de tous – pas seulement des étrangers – car ce que l’on teste sur les plus vulnérables, on peut aussi penser à l’étendre par la suite à d’autres. N’en dou-tons pas : l’avenir d’un certain fonctionnement démocratique européen dépend des réponses que l’on apportera en terme d’exercice des droits et des recours accordés aux personnes, étrangères ou non, dans le cadre de ces grands systèmes informatiques.”1
1. Introduction
As we have seen above, the Saarbrücken Agreement of 13 July 1984 on the abolition of internal border controls between Germany and France formed the basis for the Schengen treaties of 1985 and 1990. Th is Saarbrücken Agreement was an initiative of German Chancellor Kohl and French President Mitterrand. As result, right from the start France was in the centre of the political negotia-tions leading to the Convention on the Implementation of the Schengen Agreement (CISA). Initially, French politicians and public offi cials were not really aware of the practical implications of the Schengen cooperation. It was only during the negotiations leading to the CISA that the French administration and, in particular, Minister of the Interior Pasqua, who became Minister in March 1986, expressed their reservations with regard to freedom of movement and the lifting of internal border controls. Many of these reservations concerned the consequences of ‘Schengen’ for French immigration policy. French policy-makers also criticised the potentially negative eff ects of lifting internal border controls with regard to the more liberal Dutch approach on soft drugs. Other reservations expressed by France concerned the right of hot pursuit of suspected criminals by other Schengen States on French territory, as provided for in Article 40 CISA. Th e reluctance of French politicians to begin implementation of ‘Schengen’ can also be illustrated by the fact that, although the CISA offi cially entered into force on 26 March 1995, following a French request, there was a
1 S. Preuss-Laussinotte, Les fi chiers et les étrangers au cœur des nouvelles politiques de sécurité, Paris: Librairie générale de droit et de jurisprudence, E.J.A. 2000, p. 153.
Brouwer ch-11.indd 329 4/4/2008 5:39:46 PM
330 Chapter 11
‘probationary’ period of three months. After this period, France extended this for several additional six-month periods, in order to be able to maintain internal border controls with Belgium on the basis of Article 2.2 CISA.2
French political motives also played a crucial role with regard to the development and use of the NSIS. During the negotiations, the French govern-ment questioned the public order criteria, with regard to defi nition of persons to be registered in the NSIS on public order grounds (Articles 99 and 96). Th e French government was concerned about the fact that French offi cials would be obliged to take measures against persons who, according to French criteria, were not considered a danger to national security (for example, the Palestinian leader Arafat). Th is problem was solved by the French proposal to insert the option of adding a ‘fl ag’ to SIS records. Th is fl ag would indicate to the national authorities that, during the fi rst 24 hours of storage, the SIS alert is not to be implemented on the territory of the ‘fl agging state’. Other examples of France’s strong position in the negotiations are the fi nal inclusion of data protection principles in the CISA, the choice of headquarters for CSIS (which is in Strasbourg) and the choice of the IT company that was commissioned to develop the NSIS.3
Despite France’s concerns and the inclusion of ‘French goals’ into the Schengen treaties, the CISA and the establishment of the NSIS has led to important amend-ments to French law and policy. After 1986, the French legislator had to amend its visa rules and was forced to delete some countries from the list of countries whose nationals needed a visa to enter France and, at an early stage, the French immigration rules were amended in order to implement the Schengen rules.
As we will see in the following sections, France has much jurisprudence with regard to the use of the NSIS in immigration and visa law cases. Th is jurispru-dence gives us a valuable insight into the main legal issues and practical problems with regard to the use of the NSIS in French immigration policy.
2. Parliamentary Involvement with CISA
2.1. Schengen in General
Th e French parliament (the Assemblée Nationale and the Sénat) was not informed of the negotiations on the Schengen Agreement of 1985.4 Th e lack of information
2 See, on the reintroduction of border controls after 1995: Groenendijk (2004), p. 150–170.3 As we saw in Chapter 3, the order to develop SIS was fi nally given to a consortium of the Anglo-
French SEMA group, the French fi rm Bull and the German company Siemens-Nixdorf.4 Th e text of the Schengen Agreement was published in the Journal Offi ciel (hereafter JO)
5 August 1986. French offi cial documents and jurisprudence can be obtained from http://www.legifrance.gouv.fr and http://www.ladocumentationfrancaise.fr.
Brouwer ch-11.indd 330 4/4/2008 5:39:46 PM
France 331
before this Agreement was signed seemed to be accepted by the members of the Assemblée Nationale on the basis of the reasoning that this Treaty would only aff ect ‘internal decision-making’ and not involve the adoption of formal laws.5 To the French Senate, the government justifi ed this secrecy by referring to the diplomatic character of the negotiations on the Schengen Agreement.6
However, the lack of information with regard to the negotiations on the CISA between 1985 and 1990 received critical reactions. In 1988, Julien Dray, a member of the Assemblée Nationale, questioned the government about the intergovernmental negotiations on the harmonisation of European immigration and asylum law. He focussed on which criteria would apply to establishing which country would be responsible for examining an asylum application.7 Answering his question, the government informed the French parliament that, in order to harmonise the policy on the movement of persons and to establish compensatory measures for lifting internal border controls, the Schengen governments were still discussing the measures requiring regulation in an international treaty. In 1989, members of the Assemblée Nationale complained that the government had failed to inform the parliament of the planned signature of the CISA. Th e only available information came from the press, foreign parliaments and NGOs. During the discussions, one member of the French parliament stated that, in order to be informed of the content of this second Schengen treaty, it was neces-sary to read the Dutch newspapers because the Dutch government informed its parliament on a regular basis.8 It was only after the Schengen states had signed the CISA that the Senate established, on 26 June 1991, a special ‘control com-mittee’ for examining the implementation and operation of the CISA. In its report of 11 December 1991, this committee was critical of the secrecy surrounding the Schengen negotiations.9 Th e report referred to a Dutch spokes-man according to whom the French government apparently urged the Dutch government not to disclose information to its parliament during the Schengen negotiations because this would run the risk of constituting a precedent and could be used as a basis for identical demands from the French parliament.10
5 ‘Puisque ses dispositions touchent seulement au domaine de règlement et non à celui du loi’. Report of a meeting of the Commission on Foreign Aff airs of the Assemblée Nationale, 25 May 1989, Assemblée Nationale, Bulletin des Commissions, 10, p. 863. Parliamentary documents are to fi nd at http://recherche.assemblee-nationale.fr.
6 Sénat, Bulletin des Commissions, 11 December 1989, p. 1049. 7 Question of 24 October 1988, Assemblée Nationale, 27 February 1989, no. 4406. 8 Assemblée Nationale, 29 June 1989, p. 2613. See also Assemblée Nationale, 30 June 1989 and
12 December 1989, p. 6399 and 6401. 9 Sénat, Report no. 167 of the Senate by Xavier de Villepin (rapporteur) and P. Masson (president
of the Senate), 1991–1992 (I have used the English translation which was produced by the French Senate).
10 Sénat, Report no. 167, 1991–1992, p. 8.
Brouwer ch-11.indd 331 4/4/2008 5:39:46 PM
332 Chapter 11
During the discussions on the act to approve the CISA, the French parliament was especially concerned about the transfer of sovereignty with regard to the French powers of border and immigration control. On the basis of Article 61 of the French Constitution 1958, the French parliament forwarded the ratifi cation act of the CISA to the French Constitutional Council (Conseil Constitutionnel ). Th is Council is a body which examines the compatibility of proposed laws with the French Constitution.11 In their request, the members of parliament fi rst ques-tioned whether the decision-making powers of the Schengen Executive Committee, as provided in the CISA, would not mean a transfer of sovereign powers which would interfere with the Constitution. Th e constitutional appeal also concerned the non-applicability of the CISA to the overseas territories of France (DOM-TOM countries) and the fact that this would result in diff erent treatment being given to French nationals living in France and those living in the overseas countries. In its decision of 25 July 1991, the Constitutional Council dismissed the parliamentary arguments, deciding that the content of the CISA did not entail any transfer of powers.12 In its opinion, “the crossing of internal borders without controls on persons, was not the same as the lifting or changing of borders which would legally limit the powers of a national state”. Th e Constitutional Council therefore concluded that the CISA was not in breach of the French Constitution.
Members of the French parliament further criticised the “proliferation of bureaucratic bodies” within the Schengen central negotiating group and the absence of consultation with national parliaments. Th ey also expressed their fear of an increasing number of asylum seekers coming to France, caused by the constitutional protection of the right to apply for asylum in Germany.
France was the fi rst Schengen state to ratify the CISA, on 30 July 1991.13 Th e text of this Convention was published only fi ve days before the Treaty entered into force.14 After the ratifi cation and the implementation of the CISA, the French
11 In France, the Constitutional Council can be requested by a group of interested persons, the parliament or other institutions, to give its opinion on the constitutionality of a legal proposal, if they claim that the proposed law is (partly) in breach of the constitution. Th is scrutiny takes place before the law enters into force.
12 Decision no. 91–294, JO 27 July 1991. 13 Loi 91–737, 30 July 1991, JO 1 August 1991. 14 Décret 95–304 du 21 mars 1995 portant publication de la convention d’application de l’Accord
de Schengen du 14 juin 1985 entre les gouvernements des Etats de l’Union économique Benelux, de la République fédérale d’Allemagne et de la République française relatif à la sup-pression graduelle des contrôles aux frontières communes, signée à Schengen le 19 juin 1990, JO no. 69, 22 March 1995.
Brouwer ch-11.indd 332 4/4/2008 5:39:46 PM
France 333
parliament published extensive reports in 1998 and 1999 on the implementation of Schengen and on the integration of the Schengen acquis in the EU treaties.15
2.2. Th e NSIS
During the parliamentary debate in 1989, i.e. before the signature of the CISA, members of the French parliament expressed their concerns about the provisions for data exchange and the Schengen Information System. Th eir concerns touched especially on the lack of data protection law in the other Schengen states.16 At the time of ratifi cation, French parliamentarians and the French government shared the presumption that French data protection legislation of 1978 provided the highest level of protection for individuals.17 Th is argument was also put for-ward in the constitutional appeal by the French parliament on the Schengen Ratifi cation Act.18 In the decision of 25 July 1991, mentioned above, the Constitutional Council also rejected this complaint. According to the Council, the CISA included an important set of rules for the protection of the rights of individ-uals with regard to the processing and use of personal information, including the provisions of Title VI.
In his report on the integration of the Schengen acquis in the Treaty of Amsterdam of 1998, Loncle, a member of the Assemblée Nationale, supported the French motives for maintaining the SIS under the legal framework of the third pillar.19 Much more critical was his report of 1999, in which Loncle evalu-ated the international Schengen cooperation. In the fi rst place, Loncle criticised the lack of transparency in the implementation of Schengen. He questioned the need not to disclose the specifi c motivation for the refusal of visa applications, when this refusal is based on SIS registration.20 He further supported the position held by certain French courts in their judgments with regard to the use of
15 Rapport d’information de l’Assemblée Nationale 1257, L’intégration de l’acquis Schengen, François Loncle, 10 December 1998. Rapport d’information de l’Assemblée Nationale, 1476, Sur le bilan et les perspectives des Accords de Schengen, 17 March 1999, Commission des Aff aires étrangères, François Loncle. Rapport d’information de l’Assemblée Nationale, 1690, Sur le bilan de la coopération transfontalière dans le cadre de la Convention de Schengen, 10 June 1999, Jean-Marie Bockel.
16 Assemblée Nationale, 28 June 1989, p. 2596. See also the statement by the former Minister for European Aff airs, Ms. Cresson, during the parliamentary debate, Assemblée Nationale, 12 December 1989, p. 6401.
17 Preuss-Laussinotte (2000), p. 133. 18 Decision no. 91–294, JO 27 July 1991. 19 Rapport d’information de l’Assemblée Nationale 1257, L’intégration de l’acquis Schengen,
François Loncle, 10 December 1998. 20 Rapport d’information de l’Assemblée Nationale, 1476, Sur le bilan et les perspectives des Accords
de Schengen, 17 March 1999, Commission des Aff aires étrangères, François Loncle.
Brouwer ch-11.indd 333 4/4/2008 5:39:46 PM
334 Chapter 11
the NSIS, in which they do not accept excessive sanctions on third-country nationals who, following a criminal conviction, are registered in the NSIS for refusal of entry by the French authorities. He advocated a systematic approach for the consultation and further training of national judges regarding these types of problems. Loncle was one of the few members of parliament who explicitly paid attention to the problems of individuals with regard to the implementation of their rights under the CISA. He underlined the importance of the right of access or deletion with regard to information stored in the NSIS, even if this information concerned minor off ences or events which occurred a long time ago, particularly if the information was based on manifest mistakes. He also warned against creating a false sense of security by transforming the European area of free movement into an impenetrable fortress.
In the same year, another member of the Assemblée Nationale, Bockel, gave a more positive evaluation of the Schengen cooperation. Among other things, he underlined the practical success of the NSIS: the high number of users of the sys-tem (in 1998, 15,000 terminals in France were connected to the NSIS) and the high number of persons and objects which had been detected using the NSIS (in 1998: 11,000 hits based on information forwarded by other Schengen States and 3,000 hits based on French information in the NSIS).21
After 1999, members of the French parliament dealt only incidentally with Schengen and the use of the NSIS. Questions which were raised concerned the use of the NSIS by French embassies and the further development of the NSIS and NSIS II (see below).22 In December 2004, Philippe Vuilque (Socialists) explicitly questioned the lack of a suspensive legal remedy for third-country nationals who are expelled on the basis of an Article 96 entry in the SIS.23 I will come back to this subject in sections 3.5.2 and 6.4.4.
2.3. SIS I: Comments NGOs, Lawyers and Organisations
During the period 1989–1990, just before the signature of CISA, French NGOs such as France’s Terre d’Asile, MRAP and GISTI expressed their concerns about the establishment of a ‘fortresse Europe’, the lack of democratic scrutiny and the consequences of the implementation of the CISA on the protection of asylum seekers.24 Humanitarian and charitable organisations participated in a joint
21 Rapport d’information de l’Assemblée Nationale, 1690, Sur le bilan de la coopération transfontalière dans le cadre de la Convention de Schengen, 10 June 1999, Jean-Marie Bockel.
22 Question Th ierry Mariani, question no. 30379: JO 15 December 2003, p. 9526, governmental answer: JO 10 February 2004, p. 1004.
23 Question no. 54624: JO 28 November 2004 p. 10386 and governmental answer: JO 22 February 2005, p. 1959. See further details in section 7.3.2.
24 M.L.S. de Wit, Het Akkoord van Schengen: vergelijkend onderzoek tussen Nederland en Frankrijk, Master’s thesis, University of Nijmegen 1991, p. 58 ff .
Brouwer ch-11.indd 334 4/4/2008 5:39:47 PM
France 335
Commission on the protection of the right to asylum (Commission de sauvegarde du droit d’asile, CSDA).25 In April 1989, this organisation issued a ‘Manifesto’ in which it expressed its concerns about the consequences of the Schengen treaties on the protection of refugees and the right to asylum in France.26 In 1993, sev-eral French lawyers criticised the content of the Schengen treaties in a special issue of Plein Droit, describing Schengen as the “freedom of movement under surveillance”, and Europe as an “area of soft-apartheid”.27
As we saw in Chapter 7, the French Data Protection Authority, CNIL , together with its counterparts in Germany and Luxemburg, actively lobbied for the inclu-sion of data protection provisions in the draft texts of the CISA. On 24 June 1989, the chairman of the CNIL, Jacques Fauvet published a critical letter on the development of the NSIS in the French newspaper Le Monde, entitled, “Community of databases”.28 In this article, which was written on the occasion of the publication of the CNIL annual report, Fauvet described diff erent prob-lems which would have to be encountered in the light of the diff erent levels of data protection in the Schengen countries. According to Fauvet, a further debate was necessary on the need for harmonisation of the national laws and whether this fi eld should be covered by communitarian law.
After the implementation of the CISA, the practical consequences of the use of the NSIS for third-country nationals in France were closely followed by the French organisation Cimade. Th is organisation supports and informs third-country nationals who are detained in special detention centres in France. Offi cials of this organisation often have to deal with detained immigrants to whom an expulsion order applies on the basis of a SIS record. On a regular basis, Cimade tries to attract attention for the legal position of third-country nationals who are reported in the NSIS.29
2.4. SIS II
In July 2005, Rivière Jérôme, a member of the Assemblée Nationale, asked the government to comment on the new proposals for the development of SIS II.30
25 Le Monde, 15 November 1989, p. 11. 26 Published in Lettre d’Information 74, June 1989, Spécial Europe. In this special issue, diff erent
organisations and legal experts commented on the new European developments with regard to immigrants and asylum seekers.
27 Plein Droit, 20 February 2003, Europe: un espace de “soft-apartheid”. Schengen : la circulation sous surveillance.
28 Le Monde, 24 June 1989, pp. 1–2. Before he became the chairman of CNIL , Fauvet was the general editor of Le Monde.
29 Cimade, Centres et locaux de rétention administrative, Rapport 2003, Paris: July 2004, p. 133 ff . 30 Question no. 69226, published in JO 5 July 2005, no. 6514 and answer of the government: JO
18 October 2005, no. 9699.
Brouwer ch-11.indd 335 4/4/2008 5:39:47 PM
336 Chapter 11
In reply to this question, the French Minister of European Aff airs gave a general description of the state of aff airs and the reasons for the development of SIS II.
In January 2006, the committee dealing with legal issues within French Sénat adopted a resolution on the development of SIS II.31 In this resolution, the government was asked fi rstly not to agree to the proposal of the European Commission to transfer primary responsibility for the practical operation of SIS II from the French government to the European Commission. Secondly, the committee opposed the proposed harmonisation of the criteria for recording third-country nationals in SIS II and asked its government to insist upon main-taining the current criteria. Th e parliamentary committee was also concerned about the possibility that national security agencies would no longer have access to the data about inadmissible third-country nationals in SIS II during their checks within the national territory. Furthermore, the authors of this report were concerned that the Commission proposal would aff ect the effi ciency of the use of SIS II in the fi ght against irregular immigration because 40% of identity checks involving irregular immigrants would take place within the territory of France, not at the borders.
In its report of April 2006, the Assemblée Nationale repeated most of the points expressed by the Senate.32 Stressing the general need for the development of SIS II and the extension of its functionalities, the French parliament advocated main-taining the primary responsibility of France for the operation of the central part of SIS II, not amending the criteria on inadmissible third-country nationals and ensuring access by internal security authorities to data on third-country nationals. With regard to the issue of data protection, this report by the French parliament only referred to the conclusions formulated by the Article 29 Working Party and the Joint Supervisory Authority of Schengen in their comments on the develop-ment of SIS II. Th e French government was asked to take into account these conclusions to ensure “an appropriate balance between the right to privacy and the protection of the public order”.
3. Implementation of Article 96 CISA
3.1. Applicable Law
Even before the CISA entered into force and before the SIS became operational, in 1992 the French legislator adopted a law to amend the French Immigration
31 Rapport no. 174 (2005–2006) de M. Richard Yung, for the parliamentary law committee (‘commission des lois’), 25 January 2006 http://www.senat.fr/rap/l05–174/l05–174.html.
32 Rapport d’Information, 12 April 2006, Document E 2897, 2898, 2899.
Brouwer ch-11.indd 336 4/4/2008 5:39:47 PM
France 337
Act of 1945 for the implementation of the CISA.33 Th is amendment included the penalisation of carriers transporting third-country nationals without a valid visa or residence permit and the expulsion of third-country nationals refused entry on the basis of the criteria in Article 5 of the CISA. Th is amendment also included the provision from (the former) Article 26 bis of the Immigration Act, which empowered French administrative authorities to expel third-country nationals to the borders on the basis of an Article 96 report in the NSIS (recon-duite à la frontière, this is now Article L. 523–1, see the following section). Measures for control and identifi cation are regulated by a formal law of 10 August 1993.34
Based on a governmental decision of 6 August 1993, the Minister of the Interior was authorised to start creating the national section of the Schengen Information System.35 Th e general purpose and use of the French NSIS were laid down in a ministerial decree (Ministry of the Interior) of 6 May 1995.36 A decree of 23 March 1995 provided for the legal basis for the installation of the national SIS database at the French Ministry of the Interior and for the establishment and tasks of the French SIRENE offi ce.37 Th e implementation and use of the French NSIS were further regulated in several circulars from the Minister of the Interior. Th e circulars of 17 and 23 March 1995 on the implementation of the CISA describe the situations in which the French authorities are obliged to consult the NSIS. Th ey also confi rm the direct eff ect of a SIS alert on an inadmissible alien, even if this alert has been forwarded by another Schengen State.38
3.2. National Criteria for Entering Th ird-Country Nationals into the NSIS
Th ere is no formal law or decision which describes the criteria on the basis of which French authorities may report third-country nationals in the NSIS for the purpose of refusal of entry. Only the aforementioned decree of 6 May 1995
33 Loi no. 92–190, 26 February 1992, amending the French Immigration Act or ‘Ordonnance no 45–2658, de 2 novembre 1945 relative aux conditions d’entrée et de séjour des étrangers en France’.
34 Act no. 93–992, 10 August 1993, JO 11 August 1993. 35 Arrêté du 6 août 1993, JO 19 August 1993. 36 Décret no. 95–577 du 6 mai 1995 relatif au système informatique national du système
d’information Schengen dénommé N-SIS, JO 7 May 1995, p. 7420. 37 Décret 95–315, JO 24 March 1995. See also Arrêté 31 July 2001, JO 5 August 2001. 38 Circulaire du 17 mars 1995 du ministère de l’Intérieur ayant pour objet la mise en œuvre de la
convention d’application de l’accord de Schengen, and Circulaire du 23 mars 1995 relative à la mise en œuvre de la convention d’application de l’accord de Schengen signée le 19 juin 1990 (dispositions autres que l’asile), both published in Textes de référence JORF, entered into force 8 March 1996. As I was unable to retrieve a published version of these circulars, I had to rely on the description given in: S. Preuss-Laussinotte (2000), p. 138.
Brouwer ch-11.indd 337 4/4/2008 5:39:47 PM
338 Chapter 11
defi nes the categories of data to be recorded into the NSIS and the authorities with access to the NSIS. With regard to the data to be entered into the NSIS, this decree generally follows the categories as described in Articles 95 to 99 CISA. More specifi cally, with regard to Article 96, Article 3 of this decree refers to “third-country nationals reported for the purposes of refusing entry on the basis of an administrative or judicial decision”. Aside from this circular of 6 May 1995, there is no formally published information on the criteria used for the applica-tion of Article 96 CISA. I therefore had to rely on the information which has been forwarded to me by the persons I contacted or interviewed during this research.39 In general, there are three categories of decision based on which third-country nationals are reported in the NSIS for the purpose of refusal of entry.
Firstly, a person will be registered in the NSIS on the basis of an administra-tive expulsion decision, based on a decision by the Ministry of the Interior (arrêté d’expulsion) or the local prefects (arrêté préfectoral de reconduite à la frontière, AFPR). Th ese decisions normally relate to the irregular stay of the third-country national concerned or the withdrawal of his or her residence permit. Th is cate-gory of registration thus corresponds to the criteria of Article 96 (3) CISA. Th e expulsion decision (known as E12 fi les) should be notifi ed to the person in ques-tion. It is unclear whether this notifi cation includes the information that the per-son will be automatically registered in the FPR and NSIS fi les. Informal fi gures for 2004 establish that 60% of the data in this category had been forwarded by the Ministry of the Interior and 40% by the prefectures.40
Secondly, a third-county national may be reported in the French NSIS on the basis of a decision by the Ministry of the Interior, more precisely the Direction of Public Liberties and Legal Aff airs (Direction des libertés publiques et des aff aires juridiques), establishing that the entry or residence of the person concerned in France is a danger to the public order (menace à l’ordre public). Th e specifi c motivation for such a decision regarding these fi les in the NSIS (fi le TE02 or opposition à entrée en France) is secret. Th e legal basis for this decision is included in L 213–1 of the French Immigration Act 2006.
Th irdly, a SIS registration may be based on a judicial decision implying a ban on entry (Interdiction du territoire français or ‘ITF’, or fi le IT01). A French court may issue such a formal ban on entry in conjunction with the criminal conviction of a third-country national.41 Th is formal ban decision has two eff ects: it forbids
39 Th is information was given by persons from the police, CNIL and CIMADE. 40 According to a report forwarded by CNIL in 2005 to the Schengen Joint Supervisory Authority,
in reply to a questionnaire to the Schengen Joint Supervisory Authority on the implementation of Article 96 CISA.
41 Th e amendment of the Immigration Act in 2003 (Loi Sarkozy ) was aimed at limiting the use of this ‘double punishment’ (double peine ); see further section 6.1.
Brouwer ch-11.indd 338 4/4/2008 5:39:47 PM
France 339
the alien from remaining on (or re-entering) France and, secondly, it empowers the French authorities to expel this person. Th ese two latter categories of criteria can be regarded as the implementation of Article 96 (2) CISA.
In practice, registration in the NSIS follows the prior registration of third-country nationals in the French police information system: Fichier des Personnes Recherchées (FPR , see section 4.1 below). Th e authority responsible for the infor-mation held in FPR is the central criminal documentation service (service central de documentation criminelle), which is a branch of the Ministry of the Interior. In general, for the three categories of fi les mentioned above, the data forwarded to FPR will automatically be recorded in the NSIS. If the forwarding authorities do not want to have this data stored in the NSIS, they have to declare this explic-itly to the authorities responsible for this fi le. If a fi le is deleted from FPR, the fi le will automatically be deleted from the NSIS as well. However, deletion from the NSIS does not mean that the data will automatically be deleted from FPR. Th eoretically, if a person has been expelled on the basis of an expulsion decision (reconduite à la frontière), his or her data should be deleted from the NSIS. In practice, it has been established that such data were maintained in the NSIS on the basis of the second category: the ministerial decision establishing that the person concerned is a danger to the public order.42
To summarise, the authorities competent to decide whether a person may be recorded in the NSIS for the purposes of Article 96 CISA are the French Ministry of the Interior, the heads of the French départements or the prefectures (les préfec-tures) and the courts ordering a formal ban on entry. Th e authorities authorised to forward information to the NSIS are the French national police, the French military police (la gendarmerie) and the judicial authorities. A coordinating role is assigned to the central department of border police within the French Ministry of the Interior (Direction Centrale de la Police aux Frontières or DCPAF) with regard to the decisions on inadmissibles and thus the registrations in the NSIS on the basis of Article 96 CISA. Th is department was established in 1999, replacing the former central department on immigration control and the fi ght against illegal immigration (DICCILEC).43
In his circular of 17 March 1995, the Minister of the Interior stressed the responsibility of the French authorities with regard to protecting the public order of the other Schengen partners, when implementing Article 96 CISA.44 According to the Minister in the same circular, for national authorities this registration in
42 Interview with Cimade, February 2005. 43 See Ph. Giraud, L’Expérience de la France dans la mise en oeuvre de Schengen, in:
K. Hailbronner, P. Weil (eds.), From Schengen to Amsterdam. Towards a European Immigration and Asylum Legislation, Trier: ERA Series of Publications, Vol. 29, p. 31–41.
44 Circulaire du 17 mars 1995, see Preuss-Laussinotte (2000), p. 138.
Brouwer ch-11.indd 339 4/4/2008 5:39:47 PM
340 Chapter 11
the CISA would imply ‘a predetermination mechanism’ (dispositif de prédétermi-nation) for inadmissible persons. Th is would imply that, in general, an alert in the SIS on the basis of Article 96 CISA should result in the automatic refusal of entry to the person concerned.
3.3. Authorities with Access to NSIS Data
Article 5 of the Decree of 6 May 1995 includes a limitative but long list of authorities entitled to gain access to the information held in the NSIS.45 Th is list does not clearly describe which authority has access to which information. Article 5 only requires that the authorities listed may have access to the information “within the framework of their competences”. Th e authorities concerned are: offi cials and agents of the SIRENE offi ce, the judicial authorities, offi cers of the national police and offi cials of the national military police (gendarmerie) in the exercise of their tasks as administrative police or judicial police. More specifi cally with regard to immigration tasks, the French decree includes offi cers of the local police and of the central administration with the Ministry of the Interior who are competent with regard to the policy regarding the entry, residence and expul-sion of third-country nationals and with regard to missing persons. Offi cials of the Ministry of Foreign Aff airs and consulates and the consular sections of embassies may have access to the NSIS fi les with regard to the issue of visas. Article 5 of this decree also empowers customs agents to gain access to the infor-mation concerning non-admissible third-country nationals. It also provides that customs agents will be informed of the existence of other information held in the NSIS, with the exception of the information about missing persons as intended in Article 98 CISA.
3.4. Operation of SIRENE
Th e French SIRENE offi ce is under the direct responsibility of the Ministry of the Interior, more specifi cally the central division of the judicial police (Direction Central de la Police Judiciaire ). With regard to the operation of this organisation, the Minister of the Interior is expected to cooperate with the Ministers of Defence, Foreign Aff airs, Justice and Financial Aff airs.46
Th e offi ce of SIRENE is located in Nanterre, whereas the French NSIS is held in Paris and the CSIS in Strasbourg. Th e French SIRENE offi ce holds a special
45 Décret no. 95–577 du 6 mai 1995, JO 7 May 1995, p. 7420. 46 See Article 4 of the decree no. 95–315 establishing the SIRENE offi ce, 23 March 1995, JO 24
March 1995.
Brouwer ch-11.indd 340 4/4/2008 5:39:47 PM
France 341
fi le which makes it possible to record the additional information necessary for the implementation of Articles 95 to 100 of the CISA. Th ese fi les include fi nger-prints. With regard to the surveillance of third-country nationals, the French SIRENE offi ce performs, as in other countries, an intermediary role. Th e French immigration authorities are required to consult the French SIRENE offi ce if a person who is found to be in an irregular situation in France and who is applying for a visa or a (renewal of ) a residence permit is recorded in the NSIS for the purpose of refusal of entry.47 As in the other Schengen States, the French SIRENE offi ce should be available on a 24-hour basis.
In 1999, a member of the Assemblée Nationale, Mr. Bockel, pointed out the extended tasks of the French SIRENE offi ce and proposed increasing the practical and fi nancial resources of this organisation.48
3.5. Article 96 Hits: Duties and Responsibilities of French Authorities
Th e circular of 23 March 1995 explicitly indicates that the French authorities are obliged to consult the NSIS as soon a “third-country national presents him- or herself to a public offi ce or is interviewed by the police”.49 According to this cir-cular, the situations in which the French authorities are obliged to consult the NSIS include the procedures for issuing residence permits and regarding expul-sions. Th e information held in the NSIS should also be checked every time a third-country national presents himself to the French authorities or is questioned by the police.
3.5.1. Refusal of Entry or Residence Based on Article 96 CISAAccording to the two circulars by the Minister of the Interior of 17 and 23 March 1995, residence permits should be refused if the person is recorded in the NSIS as ‘to be refused entry’, except on humanitarian grounds or in fulfi lment of inter-national obligations. According to these circulars, an example of humanitarian grounds could be the situation that, if a person suff ers from a serious illness, he or she can be allowed entry or residence, “especially if the person has strong links with France”. With regard to the international obligation, the circulars refer to the Geneva Convention and the ECHR.
47 Circular of 12 May 1995 on the consultation of SIRENE France with regard to the application of the Schengen Convention, Textes de référence JORF, entered into force on 8 March 1996.
48 Assemblée Nationale, 10 June 1999, no. 1690, p. 38. 49 Circular 23 March 1995: “C’est le cas pour la procédure de délivrance des titres de séjour et
pour l’éloignement, et donc pour la vérifi cation de la situation du SIS de tout étranger qui se présente à vos guichets, ou qui est interpellé par la police ou dont vous avez à traiter le dossier au regard du séjour ou d’un éloignement ponctuel.” Cited in Preuss-Laussinotte (2000), p. 138.
Brouwer ch-11.indd 341 4/4/2008 5:39:47 PM
342 Chapter 11
3.5.2. Expulsion of Th ird-Country Nationals on the Basis of Article 96 CISAEven in 1992, based on an amendment to the French Immigration Act, a new paragraph was added to Article 26bis on the expulsion of third-country nationals.50 On the basis of this provision, which entered into force at the same time as the CISA, the heads of police may issue an expulsion order to third-country nationals who are reported in the NSIS on the basis of Article 96.51 Th is provision applies to third-country nationals who are in an irregular situation on French territory. Th is rule is based on the presumption that the foreign decision on which the report in the NSIS is based should be a fi nal or enforceable deci-sion (décision exécutoire). It allows the local prefecture or police to order the direct expulsion of a third-country national reported for the purpose of non-admission in the NSIS.52 If this expulsion cannot be enforced immediately, the person con-cerned can be detained. In one of the fi rst judgments, published immediately after the entry into force of the CISA in 1995, the administrative tribunal of Lyons decided that, if it cannot be established by the French authorities that the foreign alert in the NSIS is based on a fi nal decision, the expulsion decision is to be annulled.53 It is however questionable whether the French authorities are actu-ally obliged, when issuing an expulsion order, to check whether the foreign Article 96 report is based on a defi nitive decision or whether they may presume the fi nality of this foreign decision. Answering the parliamentary question from Philippe Vuilque with regard to the lack of suspensive remedies, the Minister of the Interior made it clear that a foreign Article 96 report in the NSIS may be regarded as an enforceable decision taken by another Schengen partner.54 Th is question is important because, as we will see in section 6.4.4, based on this presumption of a fi nal foreign decision, the possibility of a suspensive remedy against these expulsion orders has been limited in the French Immigration Act.
In its 2003 report on the retention and expulsion of third-country nationals, the French NGO Cimade noticed an increase in the number of expulsions based on Article 96 of the CISA.55
50 Act no. 92–190 of 26 February 1992 implementing CISA. 51 “Reconduites d’offi ce à la frontière fondées sur un signalement aux fi ns de non-admission dans
le SIS”. 52 As we will see below, in section 6.4.4, based on an amendment in 2003 to the French
Immigration Act, an appeal against an expulsion order based on a foreign SIS report will have no suspensive eff ect .
53 Decision of Tribunal administratif de Lyon, 6 April 1995, no. 9501291–9501292 (Mr. & Ms. Ciuciu).
54 “… le signalement ne fait donc que rappeler l’existence d’une décision exécutoire prise par un autre membre, donc par hypothèse, notifi ée et dont les délais de recours sont expirés.” See the ministerial answer to the question by Vuilque, no. 54624, JO 28 November 2004, p. 10386 and JO 22 February 2005, p. 1959.
55 Cimade, Centres et locaux de rétention administrative, Rapport 2003, Paris: July 2004, p. 133.
Brouwer ch-11.indd 342 4/4/2008 5:39:47 PM
France 343
3.5.3. Article 96 Hits and Visa ApplicationsTh e French authorities involved in issuing visas to third-country nationals are obliged to consult the NSIS.56 In general, if a person has been reported in the NSIS for the purpose of being refused entry, this person is to be refused a visa, except on humanitarian grounds or to fulfi l international obligations.
In 1998, the so-called ‘Loi Chevènement ’ extended the duty to motivate refus-als of visas to several categories of visa refusals including decisions based on a SIS registration.57 Th is amendment to the French Immigration Act has led to a sig-nifi cant increase in procedures against visa refusals.58 Th e exchange of informa-tion between the central authorities and the consulates or embassies takes place through a secured information network: the RMV or Réseau Mondial Visa (see further section 4.3 below).
3.6. Th e Practical Use of the NSIS in France
Compared to the number of SIS reports by other Schengen States, approximately 7% of the Article 96 reports in the NSIS are submitted by the French authori-ties.59 Th is percentage has remained more or less the same over the past few years: compare to 2003: 6.7% (out of 778,886 Article 96 reports, 52,383 are registered by France) and to 2004: 6.8% (out of 785,631 Article 96 reports, 53,195 are French).60 On 1 January 2005, of the total of 714,078 fi les based on Article 96 CISA, 53,487 alerts or 7.5% were entered by the French authorities.61
Although the total number of reports in the SIS submitted by the French authorities remained high over the years, the quantity of data on third-country nationals is relatively modest. Compare the data when the SIS fi rst became operational with more recent data: in June 1995, 740,000 data items (including cars and passports) were reported by French authorities in the NSIS. 177,000 alerts concerned persons, of which 76,000 or 43% involved third-country nationals to be refused entry on the basis of Article 96.62 In 2002, the total number
56 Th e rules of the CISA with regard to visa applications were implemented in the ministerial circular of 23 March 1995 mentioned above.
57 See also C. Saas, Les refus de délivrance des visas fondés sur une inscription au Système Information Schengen, Cultures & Confl its 49–50, 2003.
58 See the parliamentary report on visa policy (“sur les moyens des services des visas”) of Yves Tavernier, member of the Assemblée Nationale, no. 1803, 8 September 1999. According to Tavernier, this increase in administrative appeals cannot be explained solely by the new obligation of informed decision-making, but also, paradoxically, because of the more liberal visa policy: in the light of this liberalisation, persons refused a visa would be more reluctant to accept this refusal.
59 Total amount of Article 96 reports in 2003 was 778,886 (source: Statewatch report April 2005). 60 Source: Statewatch website, news April 2005. 61 Source: report C SIS Exploitation team 01/01/2005. 62 Report, Assemblée Nationale, no. 2095. See Preuss-Laussinotte (2000), p. 82.
Brouwer ch-11.indd 343 4/4/2008 5:39:47 PM
344 Chapter 11
of alerts on persons and objects entered by the French authorities was one million, 147,000 of which were alerts involving individuals. In the same year, 52,398 or 35.6% of these reports involving persons concerned third-country nationals to be refused entry. In 2005, the total number of French alerts involving persons had dropped to 103,084, of which 53,487 or 51.9% concerned Article 96 alerts.
French reports on ‘inadmissibles’ travelling in other Schengen countries led to a relatively small number of ‘hits’. In 2002, only 257 hits occurred in other Schengen countries on the basis of a French Article 96 registration (0.5%). Th e French authorities recorded 3,027 hits on third-country nationals based on a foreign (mostly German) report.63
4. Intermezzo: French Policy Governing Th ird-Country Nationals
4.1. Police File on Searched Persons
As we have seen above, the storage of information in the NSIS is linked to the central police fi le on searched persons (Fichier des Personnes Recherchées or FPR ) which is held under the shared responsibility of the Ministry of Justice and the Ministry of the Interior. Th is system is held by the police and the French state police (gendarmerie) for judicial, military and administrative purposes. Since the 1970s, this fi le has been the subject of a large computerisation project. Th e FPR is divided in 20 ‘sub-fi les’, each to be used for diff erent tasks and indicating the procedure for the consulting authorities. Some of these ‘sub-fi les’ contain infor-mation on third-country nationals, including persons whose presence is consid-ered a danger for the public order, persons against whom a court has issued a formal residence ban and persons who are to be refused entry or residence on public order grounds. Consultation of the FPR is compulsory for those authori-ties dealing with third-country nationals.64 Th e SIS was partially modelled on this French system. After the implementation of the CISA, the competent authorities, such as the local prefecture, may simultaneously check (parts of ) the NSIS, FPR and the French central database on third-country nationals, as described in the next section. As we have seen above, input into the NSIS is based on the information stored in the FPR.
4.2. General Database on Foreigners: AGDREF
Another important database on foreigners is the so-called AGDREF (système informatisé de gestion des dossiers des étrangers en France) which was established in
63 Source: Bigo & Guild (2003). 64 See Preuss-Laussinotte (2000), p. 83–84.
Brouwer ch-11.indd 344 4/4/2008 5:39:47 PM
France 345
1982 by the French government for the purpose of issuing residence permits.65 Th is system was modernised in 1993, allowing for a more complete management of fi les on foreigners and, especially, for the effi cient registration of legally resident third-country nationals. AGDREF is maintained under the responsibility of the Ministry of the Interior. According to the ministerial decree of 29 March 1993, the goals of this system are:66
a. to improve procedures with regard to the legal and administrative situation of foreigners;
b. to ensure the delivery of residence permits and applications for a residence permit or renewal and administration, avoiding the risks of falsifi cation;
c. to allow verifi cation by the French authorities of the residence status of third-country nationals, and;
d. to allow the compilation of statistics for use by the Ministry of the Interior.
Th e information to be stored in AGDREF includes, among other things, the nationality, civil status, profession, identifi cation number, visa and other condi-tions of entry of the foreigner concerned. AGDREF also includes information about the residence permits issued to EU and EEA nationals, although other rules apply with regard to which categories of data are to be stored.67
As mentioned above, the French authorities competent to deal with immi-grants have simultaneous access to FPR , AGDREF and the NSIS.
4.3. Database with Regard to the Issuing of VisasFollowing the introduction of a general visa obligation in September 1986, the French government established a worldwide visa information network for use by the embassies and consular posts abroad (Réseau Mondial Visa or RMV ). Th ere is no formal legal basis for this network, only a decision (arrêté) by the Ministry of Foreign Aff airs of 20 June 1989 providing for the creation of this system.68 Th e goal of this French system is to improve visa application procedures, allowing for the exchange of information on visa applicants between the diff erent French authorities concerned. Th is visa network in fact contained diff erent fi les, includ-ing a fi le on the information as forwarded by visa applicants and the so-called
65 On the basis of a ministerial decree of 27 September 1982. 66 JO 30 March 1993. 67 See, for the categories of data to be registered on EU nationals in AGDREF :
Circular of 11 October 2004, NOR/INT/D/04/00124/C available at: http://www.interieur.gouv.fr/rubriques/b/b5_lois_decrets/recherche.
68 See further: Dictionnaire Permanent, Droit des étrangers, Fichiers informatiques, last update of 1 June 2005, p. 891.
Brouwer ch-11.indd 345 4/4/2008 5:39:47 PM
346 Chapter 11
‘fi les of opposition’ which are fi les on third-country nationals, compiled for example by the Minister of the Interior on the basis of the FPR , including the reasons for not issuing a visa, as well as a fi le compiled by the chief of the consu-lar post on ‘undesirables’. Th rough the RMV, the French authorities obtained direct access to the data stored in the NSIS on the basis of Article 96 CISA during application of a visa.
Based on a ministerial decree of August 2001, the French visa system was replaced by a more extensive and modern version, known as RMV2.69 RMV2 can be considered a predecessor to the European VIS because it establishes a cen-tralised system of visa applications. RMV2 includes diff erent databases: a fi le on visa applications, visas issued and visas refused. Moreover, RMV2 includes a fi le on the persons or organisations inviting a visa applicant and the so-called consular and central fi les of attention (fi chiers d’attention). Th ese latter fi les are comparable to the former fi les of opposition in the original RMV . Th ese fi les, held by either the Ministries of Foreign Aff airs and of the Interior or the local consular posts, include information on third-country nationals whose visa applications merit particular attention.
Direct access to the NSIS is regulated in Article 2 of the ministerial decree of 22 August 2001. Th e use of the Schengen consultation network with regard to visa applications is implemented by a French decision of 1996.70 Th e aim of this Réseau de Consultation Schengen is the mutual consultation between the Schengen partners on certain ‘sensitive’ visa applications. According to this French deci-sion, information on visa applications can be stored for two years, except refusals of visas which are to be stored for fi ve years. Th ere is a right to direct access to the data in this system, except data forwarded by other Schengen states. Th e decision of 1996 provides that this consultation network be linked to the French World Visa Network (Réseau Mondial Visa). In fact, the decision of March 1996 describes the Schengen network as a ‘prolongation’ of the French system.
4.4. Fingerprinting Th ird-Country Nationals
Th e French government promoted the use of biometrics for the implementation of border control and visa policy at an early stage. An amendment in 1997 to the French Immigration Act (Loi Debré ) provided for the possibility of collecting, processing and storing the fi ngerprints of third-country nationals in AGDREF (Article 8–3 of the former Act, replaced by L. 611–3 of the Immigration Act 2004).71
69 Ministerial decree of 22 August 2001, JO 14 September 2001. A (partial) positive recommendation on a draft text for this decree was issued by the CNIL on 15 May 2001, déliberation no. 01–019.
70 Decision (‘Arrêté’) of 8 March 1996, JO 21 March 1996. 71 Act of 24 April 1997, no. 97–396, JO 25 April 1997.
Brouwer ch-11.indd 346 4/4/2008 5:39:47 PM
France 347
Th is measure was aimed at third-country nationals applying for a long-term residence permit, who were found illegally on French territory or who were to be expelled from French territory. In practice, fi ngerprints have not been stored in AGDREF as a result of practical defi ciencies in this system. An important problem was caused by the fact that much of the data held in AGDREF is out of date. For example, as established by the French Data Protection Authority, the French author-ities would fail to delete information from this database on persons who had acquired French nationality.72 As we saw in the previous chapters, the same problem occurred with regard to Eurodac and the NSIS.
Article 8–3 (or the new L. 611–3) of the Immigration Act also allows agents empowered explicitly by the Ministry of the Interior and the state police (gendar-merie) to consult the central fi ngerprint database (Fichier automatisé des empreintes digitales or FAED ) which is used for police purposes.
In its decision of 22 April 1997 on the draft of this Loi Debré , the French Constitutional Council rejected the argument from complainants that the administrative measure of taking and recording the digital fi ngerprints of for-eigners applying for a residence permit would include an excessive breach of individual liberty as protected in the French Constitution.73 However, the pro-posed possibility in this law to give offi cials of the Ministry of the Interior and the gendarmerie access to fi les of digital fi ngerprints belonging to the French organisation for the protection of asylum seekers and stateless persons (Offi ce français de protection des réfugiés et apatrides or OFPRA ) was considered contrary to the constitutional protection of asylum seekers.
An amendment to the Immigration Act in 2003 extended the possibility of col-lecting fi ngerprints with regard to third-country nationals who have been checked when crossing external borders and who did not possess the necessary documents for legal entry.74 Th is included a new Article 8–4 (now: L. 611–6) allowing for the collection, storage and electronic processing of digital fi ngerprints and photo-graphs of visa applicants, at a consulate abroad or at the external borders of one of the Schengen States.75 Based on this provision in the Immigration Act, the Minister of Foreign Aff airs issued a decree on 25 November 2004 on the
72 In December 2005, the vice-president of CNIL referred to hundreds of thousands of French nationals who are wrongly stored in AGDREF . Oral hearing of the committee of inquiry on immigration, French Senate, Hearing 21 December 2005, http://www.senat.fr/bulletin/20051219/immigration.html#toc5.
73 Conseil Constitutionnel no. 97–389 DC, 22 April 1997, JO 25 April 1997. 74 Loi no. 2003–1119, JO 27 November 2003. 75 F. Julien-Laferrière, La loi no 2003–1119 du 26 Novembre 2003 relative à la maîtrise de
l’immigration, au séjour des étrangers en France et à la nationalité, in: J.Y. Carlier & Ph. De Bruycker, Immigration and Asylum Law of the EU: current debates, Paris: Bruylant 2005, p. 530 ff .
Brouwer ch-11.indd 347 4/4/2008 5:39:47 PM
348 Chapter 11
experimental establishment of a central database for the storage of fi ngerprints of visa applicants.76 Th e database, to be used for two years at seven consulates and some border police posts, holds information on each visa applicant, including his or her digital fi ngerprints and digital photographs. Th is experiment implies creat-ing the fi rst database in France with an integrated registration of (and access to) biometric data and other personal information. On the basis of Article 7 of the ministerial decree, the visas issued by the French authorities will contain a special electronic device, including the personal and biometric data of the visa holder. Th is device can be a contactless chip, which should be “suffi ciently secured to pro-tect the visa holder against risks of intrusion or détournement de pouvoir”. In 2006, the government extended the term of the pilot by three years, and also extended its scope of application.77
Th e French Data Protection Authority, CNIL (Commission Nationale Informatique et Libertés, see section 5 below), concluded that the establishment of a fi le with bio-metric data on an experimental basis was acceptable, provided the law strictly defi ned the conditions for management and access and that security measures were taken.78 However, the CNIL opposed the registration of biometric data of those third- country nationals whose visas had been refused, considering this neither justifi ed nor neces-sary. In its advice on this proposal, the CNIL explicitly motivated this by arguing that, for the implementation of border control, only the fact of being in possession of a visa is relevant, not whether he or she has previously applied (or not) for a visa. Th e CNIL repeated its concerns about the risk of stigmatising those persons who are refused a visa in a statement published on 21 December 2004, since these persons, being entered into this system, would be refused a renewed application for a visa.79 Th e French experiment with storing fi ngerprints of visa applicants can be seen as a pilot for the European Visa Information System or VIS. As we have seen, the VIS will contain biometric data on visa applicants whose applications are rejected.
4.5. ‘ELOI ’: File on Expelled Persons
Based on a ministerial decision (arrêté) of 30 July 2006, a new fi le has been established to facilitate the expulsion of irregular immigrants.80 In this new data-base, or ELOI , personal information will be stored for three years. Th is time limit begins after the case on the person has been closed. Th e fi le includes, among
76 Decree of 25 November 2004, no. 2004–1266, JO 26 November 2004. 77 Décret of 26 April 2006. See GISTI, Les Visas, Les Cahiers Juridiques, Paris: GISTI September
2006, p. 12. 78 Opinion no. 2004–075, 5 October 2004, JO 4.12.2004. 79 See L’expérimentation de visas biometrique: la position de CNIL , advice of 21 December 2004. 80 JO no. 190, 18 August 2006.
Brouwer ch-11.indd 348 4/4/2008 5:39:48 PM
France 349
other things, a photograph of the third-country national, the languages spoken, his or her profession, as well as information about any children, the persons with whom the third-country national was staying in France and persons who visited the third-country national during his or her detention for expulsion. French NGOs, including Cimade, GISTI and the Ligue de Droits de l’Homme lodged a request in October 2006 for annulment of this new measure before the French Conseil d’État .81 In March 2007, the Conseil d’État annulled on procedural grounds the decision of 30 July 2006.82 Th e Conseil d’État ruled that the adop-tion of the ELOI decision failed to meet the requirements of Article L. 611–3 and L. 611–5 of the French Immigration Act according to which such a decision must be taken in a procedure before the Conseil d’État and following the advice from the CNIL , the French Data Protection Authority.
5. Rights and Legal Remedies in Data Protection Law
5.1. Background to French Data Protection Law
Th e French Act on Data Processing, Data Files and Individual Liberties (Loi rela-tif à l’informatique, aux fi chiers et aux libertés, hereafter LIFL ) belongs to the so-called fi rst generation of legislation on data protection.83 Th e public debate on the so-called ‘Safari Plan’ with regard to the joint use of all electronic fi les in the public sector encouraged the legislator to publish the fi rst drafts of privacy bills.84 Th e ministerial decree of 8 November 1974 included the government’s intent to propose, within six months, measures “to guarantee that the development of information technology in the public, semi-public and private sector would be realised, respecting private life, individual liberties and public liberties.”
A Commission on Information Technology and Freedoms (Commission Informatique et Libertés) was set up to investigate the situation in France and other countries and to study the earlier work done by organisations such as the OECD , UNESCO and the Council of Europe. On 27 June 1975, this commis-sion presented the Rapport Tricot to the French President, which included a
81 http://www.gisti.org/doc/actions/2006/eloi/index.htm. 82 CE Decision of 13 March 2007, no 297888, 297896, 298085. 83 Loi no 78–17 of 6 January 1978 ‘relative à l’informatique, aux fi chiers et aux libertés’. Last
amendment by Loi no 2006–64 of 23 January 2006, JO 24 January 2006. An English version can be downloaded from http://www.cnil.fr.
84 See also A.C.M. Nugter, Transborder Flow of Personal Data within the EC. A comparative analysis of the privacy statutes of the Federal Republic of Germany, France, the United Kingdom and the Netherlands and their impact on the private sector, Deventer: Kluwer Law Taxation Publishers 1990.
Brouwer ch-11.indd 349 4/4/2008 5:39:48 PM
350 Chapter 11
draft bill.85 Th is draft included a proposal for the establishment of a national ‘Commission on Information Technology and Liberties’ (Commission Nationale Informatique et Libertés, hereafter referred to as the CNIL ) to be assigned super-visory, consultative and regulatory functions. Due to amendments required by the French Senate, this Commission was to be partly composed of members of the parliament. Th e Senate amended the original legislative proposal in order to extend the scope of applicability to non-automated fi les. Instead of Loi relatif à l’informatique et aux libertés, the French data protection law became the Loi relatif à l’informatique, aux fi chiers et aux libertés.
Article 1 LIFL includes the general principle which lies at the heart of French data protection law:
Information technology should be at the service of every citizen. Its development shall take place within the context of international co-operation. It shall not violate human identity, human rights, privacy or individual or public liberties.86
Th is principle illustrates the broader scope and goals of the French data protection law, compared to other national laws. On the one hand, it affi rms that data processing, in the fi rst place, should serve every citizen and should not be in breach of the citizen’s rights, private life or his human identity. Th is ‘positive motivation’ for data processing would explain why the explanatory memoranda to bills introducing new databases always emphasise the positive eff ects for indi-viduals as well. For example, Articles 8.3 and 8.4 of the French Immigration Act dealing with the registrations of third-country nationals start with the sentence: “To ensure a better protection of the rights of residence of third-country nationals in a regular situation”.87 On the other hand, this general principle confi rms the importance of international cooperation in this fi eld. Th e French law emphasises the liberties of citizens, whereas the German law and, later, the Dutch law, are more focussed on the protection of privacy or personality.
Since 1978, the French Data Protection Act has been amended several times, including amendments to adapt the LIFL to the current provisions and stand-ards of EC Directive 95/46 on the protection of personal data. Although the French Data Protection Act was a model for this Directive, the French legislator was obliged to rephrase ‘its national principles’ in accordance with the wordings chosen in the Directive. For example, the former Article 2 of LIFL included the
85 Rapport de la Commission Informatique et Libertés, Tome I et II, La Documentation Française, 1975.
86 “L’Informatique doit être au service de chaque citoyen. Son développement doit s’opérer dans le cadre de coopération internationale. Elle ne doit porter atteinte ni à l’identité humaine, ni aux droits de l’homme, ni à la vie privée, ni aux libertés individuelles ou publiques.”
87 “Afi n de mieux garantir le droit au séjour des personnes en situation régulière.”
Brouwer ch-11.indd 350 4/4/2008 5:39:48 PM
France 351
important principle forbidding decision-making with legal or judicial eff ects in relation to individuals, based solely on the automated data processing intended to evaluate certain aspects of the data subject’s personality. Based on this French principle, a comparable provision was provided in Article 15 of EC Directive 95/46. Th is Article 15 however added two exceptions to the general prohibition of ‘automated decision-making’: with regard to the signature or execution of a contract concerning which the individual was given the opportunity to put for-ward his or her opinion and with regard to decisions which satisfy the demands of the person concerned. Th ese more limited wordings in the EC Directive have been incorporated into the defi nition of the new Article 10 LIFL.
Also based on the EC Directive, the French legislator introduced the possibility of the appointment of data protection offi cials in business or local communities, similar to existing provisions in Germany, Sweden and the Netherlands.88 Hereafter, I refer to the French Data Protection Act of 2004 as ‘LIFL 2004’.
5.2. Th ird-Country Nationals and the Right of Data Protection
Based on the wording of Article 1 LIFL , “information technology should be at the service of every citizen”, one could doubt whether this general principle and the further rules of data protection apply indiscriminately to citizens and non-citizens. In general, French law provides for diff erentiation with regard to the protection of constitutional rights for foreigners: it is accepted that not every constitutional right applies in the same way to French citizens and foreigners. With regard to the right of privacy and data protection, their applicability to third-country nationals seems to be infl uenced on the one hand by the jurisprudence of Article 8 ECHR of the Strasbourg Court and, on the other hand, by the opinions of the Constitutional Council. Th is institution made clear in diff erent advisory opinions regarding draft laws on the registration of foreigners, that legal safeguards as pro-tected by the French data protection act also apply to third-country nationals. In its opinion of 13 August 1993, the Constitutional Council referred to the fact that the legislator explicitly extended the application of the data protection act to third-country nationals.89 With regard to the draft law regarding the storage of fi ngerprints of foreigners applying for a residence permit, the Constitutional Council stated in its decision of 22 April 1997 that it is the task of the legislator to determine the measures applying to third-country nationals, “while respecting the constitutional principles and taking into account the public interest involved”.90 In this decision, the Council stressed the link between, on the one hand, the right
88 Loi no. 2004–801, 6 August 2004, JO 7 August 2004. 89 Conseil Constitutionnel no. 93–325 DC, 13 August 1993, JO 18 August 1993. 90 Conseil Constitutionnel no. 97–389 DC, 22 April 1997, JO 25 April 1997.
Brouwer ch-11.indd 351 4/4/2008 5:39:48 PM
352 Chapter 11
to individual liberty and the guarantees as provided by the French Data Protection Act and, on the other hand, the requirement of the proportionality between the infringement of this liberty and the proposed police fi ngerprinting measures. As we saw in section 4.4, the Constitutional Council decided with regard to this pro-posal that fi ngerprinting in general was not disproportionate. However, the pro-posed access by security agents to the fi les of the French authority responsible for asylum applications (OFPRA ) was rejected, since this access would deprive asy-lum seekers and refugees of their constitutional protection to asylum which includes the confi dentiality of their data.91
5.3. NSIS and Applicable Rules
In general, the French Data Protection Act applies to the management and use of the NSIS. However, there are certain exceptions or limitations concerning the applicability of LIFL .92 For example, according to Article 7 of the decree on the NSIS of 6 May 1995, the ‘right of opposition’ or the right to demand the prohi-bition of further processing of one’s personal data does not apply to the NSIS. In the following sections, I will describe other exceptions to the rights and legal remedies of third-country nationals stored in the NSIS.
5.4. Duty to Inform the Data Subject
Article 32 ff . LIFL provides for the duty of responsible persons or authorities to inform the data subject of the purpose, consequences and destination of personal information held. Th e person should also be informed of his or her rights. Th is duty does not apply, on the basis of Article 32 V and VI, to fi les used on behalf of the State for the purpose of national security , defence and public order, or for the purpose of the enforcement of criminal convictions or security measures if this exception is necessary for the purpose pursued. Moreover, data processing for the purpose of the prevention, investigation, establishment or pursuit of criminal facts does not fall within the duty to inform the data subject. From this general rule, one could deduce that the authorities are not obliged to inform third-country nationals of their registration in the NSIS for the purpose of non-admission because these reports are generally justifi ed by the authorities as serving to maintain the public order.
5.5. Right to Access, Correct or Delete Data
5.5.1. Direct and Indirect AccessTh e French Data Protection Act distinguishes between direct and indirect access by individuals to their personal information held in data fi les. Article 39 ff .
91 See, for a more detailed analysis, Preuss-Laussinotte (2000), p. 235. 92 Décret no. 95–577.
Brouwer ch-11.indd 352 4/4/2008 5:39:48 PM
France 353
LIFL describes in general the right of access. With regard to data processing in the interests of national security , defence or public order, the individual request for access has to be addressed to the French Data Protection Authority or the CNIL (see the following section), in accordance with Article 41 LIFL. Th is Authority will then appoint one of its members to begin the necessary investiga-tion and procedures. Th e CNIL has to inform the person that a member of the CNIL has started the verifi cation procedure.
With regard to the right of access to the data held in the NSIS, Article 6 of the NSIS decree of 6 May 1995 stipulates that the right to access is to be exercised in conformity with Article 39 (now 41) of the LIFL . Th is means that the right of access has to be asserted through the CNIL .93 Based on a theory of indivisibility of data fi les, it was generally accepted that if a public fi le contains information which should be kept secret in the interests of national security , direct access to the whole fi le should be denied. Before 2002, with regard to a request for access to the NSIS, the NSIS was considered an ‘indivisible’ fi le. In the light of the partial use of the NSIS for national and public security purposes, both the gov-ernment and the CNIL considered the procedure of indirect access applicable. In a judgment of 6 November 2002, the highest French administrative court (Conseil d’État ) departed from its earlier jurisprudence on indivisibility with regard to information stored on the basis of Article 96 CISA.94 In this case, Moon, the head of a religious movement, applied for access to the information entered in the NSIS on behalf of the German authorities on the basis of Article 96 CISA. Mr. and Mrs. Moon are South Korean nationals, who are resident in the United States and leaders of the religious organisation known as the Unifi cation Church.95 Th e reason for this (extended) registration is based on German concerns that the visit by Mr. and Mrs. Moon (born in 1920 and 1942 respectively) would pose a threat to the public order. Mr. Moon and his wife started procedures in diff erent EU Member States in order to be granted access to one of those countries, despite the German alert.
In its judgment, the Conseil d’État explicitly distinguished between, on the one hand, information held in the NSIS, communication of which would aff ect the interests of national security , defence or public order and, on the other hand,
93 Décret no. 95–577. 94 CE 6 November 2002, Sun Myung X (Moon), no. 194295–219587. Most of the jurisprudence
of the Conseil d’État and other French courts can be downloaded from http:// www. legifrance.gouv.fr, or, partially, via: http://www.conseil-etat.fr/ce/home/index.shtml. Th is judgment has been commented upon by R. Errera in: Public Law, 2003, p. 187.
95 As we will see in the next chapters on Germany and the Netherlands, the Moon couple lodged judicial remedies against this SIS report in those countries as well. Only in 2007, on the basis of a decision of the German Federal Administrative Court, the German authorities withdrew the alert on Mr. Moon. Th e report on Mrs. Moon remained in the SIS on the basis of a French decision.
Brouwer ch-11.indd 353 4/4/2008 5:39:48 PM
354 Chapter 11
information which would not aff ect these interests if communicated. With regard to the second category, the highest administrative court decided that the respon-sible authorities, or the CNIL with the consent of these authorities, would have to communicate these data to the person concerned. In order to implement the consequences of this judgment, the French legislator amended Article 39 LIFL .96 Based on this amendment, information can be communicated directly by the CNIL to the person concerned, if the CNIL concludes that the communication of the personal data to the data subject does not interfere with the interests of national security, defence or public order. Th e amendment also made it possible for the regulation which is the basis for the data processing in the fi eld of secu-rity, defence or public order, to provide for the possibility of giving the person concerned direct access to his or her data, “if this does not interfere with the goals of the fi les”.
With regard to the information held in the NSIS, this means that the right to indirect access still applies. Only if this would be provided for in a special regula-tion, a right to direct access would be possible but, so far, such a regulation has not been adopted.97 In 2005, the extended power of the CNIL to communicate ‘insensitive’ information directly to the person concerned was restricted again. Based on a decree from 2005, this information may not be communicated by the CNIL if this is prohibited by the authority responsible for the data processing.98 Th is means that it is no longer the CNIL which decides whether the information can be directly communicated or not.
Notably, with regard to the establishment of the French visa information system, or RMV2 (see above), the legislator has chosen for a “mixed right to access” in Article 6 of the decree of 22 August 2001.99 With regard to the information recorded in respect of visa applications, the applicants can assert their rights to access directly with the consulate or embassy where the visa application was lodged, however, infor-mation which has been recorded in attention fi les (fi chiers d’attention) which is likely to pose a risk to state security, defence or public security, is only accessible thro ugh the right of indirect access, which is through the mediation of the CNIL .
5.5.2. Application for a Right to Access and Time LimitsTh e LIFL itself does not include a time limit within which the CNIL has to deal with the request from the data subject. More specifi c rules for the implementation
96 Loi no. 2003–239 of 18 March 2003. 97 Th e organisation Cimade, in its report on administrative retention of 2003, criticised the lack of
an individual right to direct access with regard to SIS and advocated the adoption of such a rule, p. 135.
98 Décret no 2005–1309, JO 22 October 2005. 99 Ministerial decree of 22 August 2001, JO 14 September 2001.
Brouwer ch-11.indd 354 4/4/2008 5:39:48 PM
France 355
of LIFL are laid down in the ministerial decree of 20 October 2005.100 Articles 86–87 of this decree deal with the right to access to fi les relevant to state security, defence or public security. In accordance with Article 87, the CNIL should respond within four months to an application for access (this means informing the applicant of the facts discovered by the CNIL). Within this period of four months, the national authority to which the CNIL has forwarded the individual application has a period of three months within which to respond. If the CNIL is to collect information from a data protection authority in another EU Member State or a third country, this period of four months will not commence, according to Article 87 (3), until the CNIL receives the information from these authorities. Th is means that persons applying for information about their record in the NSIS can face lengthy delays before the Data Protection Authority will respond to their application. Especially in the case of third-country nationals threatened with expulsion based on information stored in the NSIS, the road to the CNIL will often prove ineff ective.101
Th e length of the procedures of indirect access through the CNIL can be illus-trated by a case which was brought before the Conseil d’État in 2004.102 Th is case concerned an individual who applied to the CNIL for the right to indirect access to his data, held in the NSIS. He was informed by the CNIL on 28 November 1997 that a member of the CNIL had started investigations. By a decision of the administrative court in Paris of 26 May 1999, the CNIL was ordered to reply within two months. Almost four year later, during which time the CNIL did not respond, the CNIL was again ordered to reply, this time by the highest adminis-trative court, in a judgment of 12 February 2003. Finally, in an answer of 17 November 2003, nine months later, the CNIL informed the applicant about his NSIS report. In its judgment of 5 July 2004, when the case was again brought before this court, the Conseil d’État did not refer to the length of time within which this procedure took place. Th e Court only established that the CNIL did fi nally respond to the request from the applicant which would have rendered null and void the application for the annulment of the CNIL acts.103
5.6. Composition, Tasks and Powers of the French Data Protection Authority (CNIL )
Th e French Data Protection Authority (CNIL ) consists of 17 members: four Members of the French Parliament (two from the Senate and two from the
100 Décret no 2005–1309, JO 22 October 2005. 101 Th is problem was highlighted in the Cimade report on administrative detention of 2003, p. 133. 102 Conseil d’État , CE 5 July 2004, X, no. 210185. 103 In its annual reports, CNIL acknowledged the length of these procedures. See, for example, the
24th report on 2003, p. 51.
Brouwer ch-11.indd 355 4/4/2008 5:39:48 PM
356 Chapter 11
National Assembly); two members of the Economic and Social Council (Conseil économique et social ); two members or former members of the Council of State or Conseil d’État ; two members or former members of the Cour de Cassation ; and two members or former members of the French Court of Auditors (Cour des Comptes). Only fi ve persons are designated as members for the CNIL because of their knowledge of information technology or questions with regard to individ-ual liberties. Th ree of these fi ve ‘specialists’ are assigned by the government and two by the French parliament. Th e composition of the CNIL has changed over the years. An important role was fi lled by Jacques Fauvet, who was chairman of the CNIL between 1984 and 1999 and who, as we saw above, criticised the development of the SIS.
Th e CNIL has primarily advisory tasks. Article 25 LIFL describes the data fi les which require a positive opinion from the CNIL before their installation. Since the French Data Protection Act was amended in 2004, Article 26 LIFL provides for an important exception to this principle of prior authorisation by the CNIL. Files in the interests of national security , defence or public security, or fi les used for the prevention, investigation, establishment and pursuit of criminal off ences or the enforcement of criminal punishments or security measures no longer require prior approval. According to Article 26 LIFL, these measures only need a motivated and published opinion from the CNIL. Th is means that police forces can establish new fi les, even if the CNIL has given a negative opinion on the pro-posal concerned. For example, in early 2005, the legislator proposed the reinstal-lation of a database on ‘people accommodating third-country nationals’ (fi chier relative aux hébergeants). Th is fi le has a long history within the French adminis-tration and has been previously withdrawn. Th e proposal for re-installation was criticised by the CNIL. In its opinion of March 2005, the organisation criticised the extended scope of the information to be held in this fi le.104 Th e conclusions in this opinion were only partially followed by the legislator when adopting the fi nal decree on the database.105
Initially, the CNIL had only limited powers. On the basis of Article 45 ff . LIFL , the French Data Protection Authority can issue a warning against the responsible organisation or authority failing to comply with the rules of the French Data Protection Act. If this organisation or authority does not act upon this warning, the CNIL may impose a fi nancial penalty or order the blocking of the data processing. Since the amendment of LIFL in 2004, the CNIL has had the option of imposing fi nancial sanctions if the authority or organisation concerned does
104 CNIL , Délib. no. 2005–052, 30 March 2005, see Bulletin Dictionnaire Permanent Droit des Étrangers, no. 137, September 2005, p. 6818.
105 Decree no. 2005–937, 2 August 2005, JO 6 August 2005.
Brouwer ch-11.indd 356 4/4/2008 5:39:48 PM
France 357
not observe the sanctions issued by the CNIL.106 Th ese sanctions may include fi nes up to a maximum of € 150,000 for the fi rst ‘off ence’, up to a maximum of € 300,000 in case of repeated ‘off ences’ within fi ve years of the fi rst sanction by the CNIL becoming defi nitive. Th is new competence means an important extension of the powers of the CNIL.107 In June 2006, the CNIL used this new competence for the fi rst time and imposed a fi ne of € 45,000 on the French bank Crédit Lyonnais. Th e bank was fi ned following repeated complaints from customers who were wrongfully registered in central databases of this company.108
In addition to this power of the CNIL to impose sanctions, new ‘off ences’ have been added to the criminal code, punishable by fi nes of between € 100,000 and € 300,000 or even three to fi ve years of imprisonment.109 Th ese off ences include, for example, failure by the authority or person responsible for the data processing to inform the individual of the purpose and use of the fi le and of his rights. Also, if the data processor exceeds he applicable time limits for the storage of information or is keeping data for purposes other than prescribed, this person or organisation risks a fi ne or imprisonment. Th e CNIL may submit such cases to the public prosecutor if it fi nds that the rules of the French Data Protection Law have been breached.
During the period under study, the CNIL had only fi ve offi cials available for its control and investigative functions. Th is means that systems such as the NSIS, AGDREF and the visa fi les were rarely, if ever, properly checked. In a press state-ment in 2005, Alex Türk, president of the CNIL, referred to the increasing number of applications for access to police fi les which were received by the CNIL.110 According to this statement, this increase was directly related to the diff erent new measures which had recently been taken by the French government in the fi ght against terrorism. In the same statement, the president of the CNIL stressed that the organisation was no longer equipped to handle the large volume of individual requests and that, therefore, new fi nancial resources would be necessary.
5.7. Practical Information on the Right to (Indirect) Access to NSIS Information
Th e annual reports of the CNIL off er valuable statistical information on the use of the individual right of (indirect) access to data held by government
106 Loi no. 2004–801, 6 August 2004, JO 7 August 2004, p. 14063. 107 C. Pallez, L’Exercice du pouvoir de sanction est une révolution culturelle pour la CNIL , Petites
affi ches, 29.09.2004, no. 195, p. 3. 108 Communication of 4 September 2006, see http://www.cnil.fr. Th is decision was also published
in the French newspapers Le Figaro and La Tribune of 15 August 2006. 109 Based on the ministerial decree on the implementation of LIFL , Code Pénal, Articles 226–16
to 24. 110 Press statement of 20 April 2005.
Brouwer ch-11.indd 357 4/4/2008 5:39:48 PM
358 Chapter 11
organisations.111 Th is also includes data on the annual number of applications with regard to the NSIS. Between 1999 and 2003, approximately 50% of the individual demands for indirect access submitted to the CNIL concerned data held in the NSIS. For example, in 2000, 397 of the 817 applications for indirect access concerned the NSIS and in 2003, 599 of the 1,163 applications. Since 2003, this relative number of applications with regard to the NSIS dropped. Although, in 2004, there was an important increase in applications for access in general, this did not concern the NSIS alerts. Nonetheless, of the total number of 1,970 applications received by the CNIL, 548 concerned the NSIS. Th e annual report for 2005 does not refer to the general number of applications for indirect access but, in this year, 410 applications concerned SIS alerts.
Th e annual reports of the CNIL also include information on the results achieved with regard to the individual claims submitted to this organisation. According to the annual report for 2005, between 1995 and 2005 the CNIL received a total of 3,142 requests for access with regard to the NSIS. Of these 3,142 applications, 1,059 persons were actually registered in the NSIS. Th irty-seven percent of these reports were entered by the German authorities, 0.7% by the Dutch, 41% by the French and 16% by the Italian authorities. Following intervention by the CNIL, 377 of those 1,059 reports investigated by the CNIL had to be withdrawn from the NSIS. In other words, 35.6% of the fi les investi-gated proved unlawful or wrong.112 Note that in 2003 and 2004 this relative per-centage of SIS alerts to be withdrawn was higher: of the total of 747 SIS fi les investigated by 2003, 308 had to be deleted, i.e. 41%. In 2004, of the 913 fi les investigated, 337 (or 37%) of the SIS alerts had to be withdrawn113
According to the report as forwarded in reply to a questionnaire from the Schengen Joint Supervisory Authority in 2004 on the implementation of Article 96 CISA, the applicable time limits of three years had been observed by the French authorities.114
5.8 Right to Legal Remedies
Th e LIFL does not provide specifi c rules on legal remedies, nor does this law mention which rules apply when, for example, an individual request for access or correction of his or her data has been refused. It is doubtful whether this lack of an explicit reference to a judicial remedy in the French Data Protection Act is in
111 Th e reports are published at http://www.cnil.fr and http://www.lesrapports.ladocumentationfrancaise.fr.
112 26th Rapport d’Activité CNIL for 2005, published in 2006, p. 23. 113 See the 24th Report for 2003, p. 50 and the 25th Report for 2004, pp. 46–47. 114 Unpublished report of CNIL , 2004.
Brouwer ch-11.indd 358 4/4/2008 5:39:48 PM
France 359
conformity with the provision of Article 22 of EC Directive 95/46 on the protec-tion of personal data or Article 111 CISA. Article 22 requires national law to pro-vide for judicial remedies, even if administrative procedures before the national data protection authority are available. However, the general rules of administra-tive law apply to decisions by the public authorities. Th is also applies to decisions by the CNIL , which is an administrative authority. An individual may therefore lodge an administrative appeal against the decisions of the CNIL.115
6. Rights and Remedies in Immigration Law
6.1. General Background to Immigration Law
Since 1980, French immigration law has undergone successive, major amend-ments. Th is permanent modifi cation illustrates the political and sensitive charac-ter of immigration law. Th is feature is not typical of France. It occurs in other EU countries as well. By amending immigration law (and giving these amend-ments their own names), successive Ministers of the Interior often responded to current events, apparently more for political than for pragmatic reasons. For example, in response to the terrorist attacks of 1985–1986, the Loi Pasqua tight-ened up the existing rules on expulsion and promoted the instrument of visa pol-icy as a weapon against terrorism. In 1993, in order to deal with the increase in numbers of refugees coming from Eastern Europe, the same Minister presented the second Loi Pasqua, referring to a new, so-called ‘zero immigration’ policy (immigration zéro). Again, in response to terrorist bombings in Paris, the Loi Debré of 1997 tightened up the immigration rules and provided for the possibil-ity of storing fi ngerprints. A more liberal approach to immigration was included in the amendments of the Loi Chevènement of 1998. Th ese amendments were based, among other things, on the report by Patrick Weil of 31 July 1997, in which a more liberal visa policy was advocated in order to improve the ‘image’ of France abroad.116
An important and major revision project was implemented by the Loi Sarkozy of 26 November 2003 (hereafter the Immigration Act 2003).117 One of the stated aims of this law was to ensure more effi cient and fair immigration control, includ-ing the fi ght against illegal immigration and improvement of the expulsion policy.
115 See, for example, the judgment of the Conseil d’État , CE 5 July 2004, no. 210185, referred to in section 5.5.2 above.
116 See http://www.ladocumentationfrancaise.fr/rapports-publics/994001043/index.shtml. 117 Code de l’entrée et du séjour des étrangers et du droit d’asile. Loi no 2003-1119, JO 27
November 2003.
Brouwer ch-11.indd 359 4/4/2008 5:39:48 PM
360 Chapter 11
Th e Immigration Act 2003 included certain amendments to the law on residence permits, with the stated aim of improving the integration of legally resident for-eigners. For example, the Loi Sarkozy limited the possibility of the so-called ‘double punishment’ (double peine ) whereby a judge in a criminal court could order, in addition to the imprisonment of a convicted foreigner, his expulsion upon release.118 Commentators criticised this so-called lifting of the double peine, arguing that the Loi Sarkozy only modifi ed the applicable rules and in fact extended its application to new off ences.119
In 2004, French immigration law had been re-codifi ed to produce a more readable text.120 Only two years later, the second immigration law reform project of Minister Sarkozy was adopted by the French parliament. Th is Loi Sarkozy 2006 or the Law on Immigration and Integration (Loi relative à l’immigration et à l’intégration) included stricter rules for the admission of third-country nationals, including in the fi eld of family reunifi cation , and provided for less stringent rules with regard to the admission of certain categories of migrants, including labour migrants, students and researchers.121 In the following sections, I will refer to this new law as ‘Immigration Law 2006’.
6.2. Amendments to French Immigration Law and the NSIS
Some of the amendment projects described above included changes with regard to the applicable law on the use of the NSIS and the availability of legal remedies. Th e most important amendments which are relevant to the use of the NSIS, con-cern the (re-)introduction of the duty to motivate visa refusals, the establishment of a special commission responsible for re-examining visa applications after a refusal by the consul, and the various amendments withdrawing or reintroducing the suspensive eff ect of an appeal against an expulsion.
Below, I will describe the relevance of the interim procedures before the administrative court with regard to immigration law procedure, as provided in Articles L. 521-1 and 521–2 respectively of the Code de Justice Administrative. Th ese remedies include the so-called réferé-suspension and réferé-liberté. As we will
118 See D. Turpin, Les nouvelles lois sur l’immigration et l’asile dans le contexte de l’Europe et la mondialisation, Revue critique de droit international privé, 93 (2) avril-juin 2004, p. 311–393.
119 F. Julien-Laferrière, La loi no. 2003-1119 du 26 Novembre 2003 relative à la maîtrise de l’immigration, au séjour des étrangers en France et à la nationalité, in Carlier & De Bruycker (2005), p. 530–558, and C. Saas, Exceptionalism and the rule of law in the EU: Th e changes in laws on immigration and asylum in France in response to terrorist fears, paper for Elise, 2003. Published at: http://www.libertysecurity.org; also published in Baldaccini & Guild (2006), p. 233 ff .
120 Code de l’entrée et du séjour des étrangers et du droit d’asile (Loi Reseda), Ordonnance no. 2004-1248, 24 November 2004, JO 25 November 2004.
121 Loi no 2006-911 of 14 July 2006, JO 25 July 2006.
Brouwer ch-11.indd 360 4/4/2008 5:39:48 PM
France 361
see in the following sections, these remedies are especially important with regard to expulsions based on NSIS reports.122 To use this procedure, two requirements have to be fulfi lled: fi rstly, the urgency of the case must justify suspensive measures and, secondly, serious doubt must exist with regard to the lawfulness of the decision. An appeal for a suspensive measure based on L. 521-1 should be preceded by a procedure on the merits of the case.
Finally, for our subject it is important to refer to the French law on the rights of citizens in their relations with the administration.123 According to Article 4 of this law, each administrative decision should indicate the author of the decision. Also, this law states that if the administrative authorities do not reply to an indi-vidual’s application within two months, this ‘silence’ is to be considered a refusal of the application.
6.3. Duty to Motivate Decisions
Article 5 of the Immigration Act as amended in 2003 states that the access to French territory may be refused to an alien whose presence would pose a threat to the public order. Before 1986, these refusals had to be given in a written, motivated decision. Th is requirement was based on the general principle in French administrative law of 11 July 1979 that negative administrative decisions should always be motivated.124 Since 1986, with the amendment of the French Immigration Act (Loi Pasqua 1986, not to be confused with the Pasqua laws of 1993), decisions to refuse visas have been excluded from this general requirement.125
In 1997, it was ruled that the aforementioned amendment would be contrary to the obligations deriving from the French Data Protection Act with regard to visa refusals based on information recorded in the NSIS. If the authorities were not obliged to justify such decisions, data subjects would not be able to assert their rights of access to the data fi le in accordance with the LIFL . Th is argument had been forwarded by Patrick Weil in his report to the French legislator of 31 July 1997: “it is necessary to provide the motivation for visa refusals in the case of registration in the NSIS, to allow the person concerned to apply his right of
122 Th e availability and meaning of these suspensive procedures in immigration law are extensively dealt with in the report of GISTI, Utiliser le référé administrative pour la défense des étrangers, Paris, November 2005, see http://www.gisti.org.
123 Act of 12 April 2000. Loi no 2000-321 relative au droits des citoyens dans leurs relations avec les administrations. JO 13 April 2000. Entered into force on 1 November 2000.
124 Law on Administrative Justice of 11 July 1979, Code de Justice Administrative. 125 Article 16 of the Law no. 86-1 025, 9 September 1986, amending the French Act no. 79–587
of 11 July 1979 with regard to the motivation of administrative acts.
Brouwer ch-11.indd 361 4/4/2008 5:39:48 PM
362 Chapter 11
access through the CNIL .”126 Th is consideration resulted, in 1998, with the amendments of the Loi Chevènement , in the reintroduction of the duty of moti-vation with regard to certain categories of visa refusal.127 Since this amendment to Article 5 (1) of the Immigration Act in 1998, the French authorities are obliged to provide grounds for the reasons for the refusal of a visa in eight situations, except if considerations of national security would prevent this motivation. One of these situations is when the decision to refuse a visa is based on the fact that this person has been reported in the NSIS for the purpose of refusal of entry.128
During the parliamentary debate, Minister Chevènement stressed the limited scope of this duty to motivate.129 According to the Minister, this would not oblige the authorities to disclose the real motives for the registration in the NSIS since these motives could be kept confi dential. Th e only information to be communi-cated to the person concerned would be the fact he or she is registered and by which country or countries. To fi nd out the reasons for the NSIS alert, the person concerned would have to address these other countries.
According to the French Member of Parliament, Mr. Tavernier, this duty to motivate visa refusals based on a registration in the NSIS would have led to “an explosive increase” in judicial proceedings before the French Conseil d’État . Th is jurisprudence will be dealt with in section 7.
6.4. Legal Remedies
6.4.1. Th e Position of the Administrative Court in Immigration LawTo understand the role of the court in French immigration law, it is necessary to take into account several developments. Traditionally, French administrative courts have only had a marginal role with regard to the functioning of the admin-istration and the defi nition of law. Th is was a consequence of the general and, perhaps, compared to other countries, stricter view with regard to the separation of powers. It was held that the function of administrative courts was to ensure the correct application of the law and not to defi ne the law, since this latter task
126 P. Weil, Rapports au Premier ministre. Mission d’étude des législations de la nationalité et de l’immigration, Paris: La documentation Française 1997, p. 65–66: “il conviendrait de prévoir la motivation des refus de visa en raison de l’inscription au SIS, afi n que la personne concernée puisse ainsi utiliser son droit d’accès à la CNIL ”.
127 Loi no 98–349 of 11 May 1998, JO 12 May 1998, p. 7087. 128 Th e seven other situations include, among others: persons who are a family member of an EU
or EEA citizen; family members of a French national; economic migrants who are entitled to paid employment in France and students who are entitled under French law to receive higher education.
129 Sessions 27 January 1998, JO Déb. Sénat, p. 444.
Brouwer ch-11.indd 362 4/4/2008 5:39:48 PM
France 363
belonged to the sovereign power of the legislator. Th is exclusive role for the legislator particularly concerned French immigration law. Applying judicial self-restraint, administrative courts generally respected this discretionary power of the administration. Since the late 1970s, the administrative courts, led by the Conseil d’État , have started to play a more extensive role with regard to the fi eld of immigration law. Th eir scope of review extended to diff erent administrative decisions relating to third-country nationals, including regulations, ministerial circulars and individual expulsion orders. An initial reason for this extended role by the administrative courts was the case law of the Strasbourg Court with regard to the European Convention on Human Rights. On the basis of this case law, it became clear that with regard to immigration measures too, the national authorities should respect human rights as protected in the European Convention. Another important role was played by the French NGOs. Civil rights organisa-tions, such as GISTI, started a test case against the French government on behalf of immigrants with regard to important institutional questions. Th irdly, the rec-ognition of an extended role for the administrative courts was supported in dif-ferent decisions of the Constitutional Council. Th is Council, established by the French Constitution of 1958 as an advisory institution, departed in its conclu-sions from the traditional distinction between judicial and administrative courts ( juges judiciaire and juges administratives). In Article 66 of the Constitution, the juge judiciaire was opposed to the juge administrative, declared the ‘guardian of individual liberties’. In various opinions, the Constitutional Council emphasised that this constitutional protection of individual liberty applies to foreigners as well.130 Despite the wording of Article 66, the Constitutional Council seemed to favour the competence of the administrative courts with regard to the protection of the rights and liberties of foreigners. In its decision on the Act to adopt the CISA, the Constitutional Council explicitly referred to the guaranties in this Treaty with regard to the protection of the respect for personal liberty.131 Since these guarantees are to be provided by the French Data Protection Authority, which is an administrative authority, the Constitutional Council implicitly accepted the power of the administrative court in this matter.
Finally, one could refer to another important development with regard to the legal protection of individuals under administrative law, which is the introduction of the possibility of an application for interim relief before the administrative courts.132 As mentioned above, this new law provided the possibility for administrative courts
130 Conseil Constitutionnel, décision no. 97–389, 22 April 1997, JO 25 April 1997. 131 Conseil Constitutionnel, décision no 91–294, 25 July 1991, JO 27 July 1991. 132 Loi no. 2000-597 of 30 June 2000, JO 1 July 2000, entered into force on 1 January 2001.
Articles L. 521-1 and 521–2 CJA (Code de Justice Administrative).
Brouwer ch-11.indd 363 4/4/2008 5:39:49 PM
364 Chapter 11
to issue either a suspensive injunction (réferé-suspension) or an injunction of liberty (réferé-liberté). Th e former decision will, during the basic procedure, suspend the administrative decision or measure. With the latter decision, the court may order the administrative authorities to set the applicant at liberty. As we will see in the following sections, these suspensive remedies are an important tool in the fi eld of immigration law, especially for those decisions which are excluded from the general rules on suspensive remedies, as provided in the French Immigration Act.
6.4.2. Legal Remedies Against a Refusal of EntryFrench law does not provide for a special remedy against the refusal of entry. Th e general administrative procedure, mentioned above, applies to these decisions. A person refused entry will have to lodge an appeal against the notifi cation of refusal within two months. Th is appeal has no suspensive eff ect . Th e amendment to the Immigration Act by the Loi Sarkozy of 26 November 2003 included the duty for offi cials to issue a written motivated decision of refusal of entry. Th is decision may then be executed directly (Article L. 511-II (1) ). Th e person con-cerned should immediately, after having obtained this written decision, declare in a written and signed statement whether he or she intends to use the possibility of appeal against this refusal. Th ese new requirements were meant to exclude the possibility that, without the written and signed decision, the person could argue before the court that he or she has not been informed of his or her rights. However, in practice, this formal requirement to submit a written statement immediately could imply a barrier on using legal remedies for a given individual.
As a general principle, the right to appeal against a refusal of entry should not be impeded by excessively strict formal requirements. Th is was confi rmed in a judgment of 1 May 2005, where the French Cour de Cassation accepted a written text including the words, “I have a passport, I have all the documents, they are with my sister”, as a suffi ciently motivated appeal against the refusal of entry.133
In 1989, the French legislator introduced the so-called Commission for Residence Permits (Commission du séjour) which is an administrative consultative authority, advising the head of police when dealing with a request for (the renewal of ) a residence permit. Th e procedure before this Commission only applies to third-country nationals with stronger ties to France. Since the amendment to the Immigration Act of 1993 (Loi Pasqua ), the powers of this Commission have been limited. Th e heads of police or préfets are no longer bound by the decisions of this Commission.134 After this Commission had been dissolved by the Loi
133 Court Cass. 1st civ., Jabeur, 18 May 2005, no. 04-50-053. 134 J.E. Malabre, Security of residence and expulsion: protection of aliens in Europe: the French
experience, in: Guild & Minderhoud (2001), p. 129.
Brouwer ch-11.indd 364 4/4/2008 5:39:49 PM
France 365
Debré in 1997, the Loi Chevènement re-installed a new Commission, now called the Commission du titre du séjour . However, its practical meaning remains relatively weak.
6.4.3. Legal Remedies Against the Refusal of a VisaBefore 2000, third-country nationals whose visas had been rejected could lodge an appeal against this refusal with the Conseil d’État as a court of fi rst and last instance. Since 1 December 2000, visa applicants now fi rst have to address a special commission of appeal (Commission de recours contre les décisions de refus de visa ). Only when this commission sustains the administrative negative decision, the person concerned may apply to the administrative court.135 Th e establish-ment of this special commission of appeal has been justifi ed by the French legis-lator because of the enormous caseload weighing on the administrative court with regard to decisions regarding visa refusals. As mentioned in section 6.3, this increase in judicial procedures against visa refusals based on the NSIS, is said to be linked to the new requirement of motivated decision-making as provided for in the Loi Chevènement of 1998.136
Th is commission for appeals against visa decisions should be addressed within two months of the individual having been notifi ed of the refusal. Th e Commission, which falls under the organisation of the French Ministry of Foreign Aff airs, has only an advisory role. When it advises the Ministry of Foreign Aff airs to issue the visa, the Ministry is allowed to uphold its initial negative decision. After having applied to this Commission, the applicant is allowed to lodge an appeal with the administrative court. Th e applicant may appeal against the negative advice of the commission, or the renewed negative decision of the Ministry of Foreign Aff airs.
Despite the compulsory procedure before this Commission, in an urgent situation it is still possible for the applicant to lodge an appeal for a suspensive measure before an administrative court in accordance with Article 521-1 of the French Administrative Act. Although the administrative court applies strict criteria to assess the urgency of the situation, the suspension of a visa refusal has been ordered in cases where this measure seemed necessary to off er the applicant the possibility of caring for minor children, a spouse or family members in need of help.137
135 Décret no. 2000-1093, 10 November 2000, JORF. See further GISTI, Les visas en France, La réglementation, les recours, les textes, Les Cahiers Juridiques, Paris: GISTI, May 2003 and its updated version: Les Visas, Les Cahiers Juridiques, Paris: GISTI, September 2006.
136 See P. Hubert, De Schengen à Amsterdam: Questions juridiques et solutions institutionnelles, in: K. Hailbronner, P. Weil (eds), From Schengen to Amsterdam. Towards a European Immigration and Asylum Legislation, Trier ERA Series of Publications, Vol. 29, 1999, p. 65–73.
137 See, for the criteria as developed by the Conseil d’État , the report of GISTI, Utiliser le référé administrative pour la défense des étrangers, Paris, novembre 2005, p. 20–21.
Brouwer ch-11.indd 365 4/4/2008 5:39:49 PM
366 Chapter 11
Th e French law on visas is almost silent with regard to which criteria apply to visa refusals or to the issue of visas. Th erefore, traditionally, the administrative court has only a marginal role in assessing the lawfulness of decisions by the French authorities to refuse visas. Only if the court establishes that there has been a manifest error of evaluation (“erreur manifeste d’appréciation”) can the administrative decision be annulled. Th e jurisprudence on visa refusals and the NSIS, described in section 7, show that the Conseil d’État used this marginal role on a regular basis to quash refusals of visas. Generally, these annulations are based on the grounds that the third-country complied with all the general visa conditions or that the visa refusal is in breach with his right to family life .138
6.4.4. Legal Remedies Against ExpulsionFrench law distinguishes between two categories of expulsion. Th e fi rst category concerns the decision to expel foreigners who reside legally on French territory and who are ordered to leave France for reasons of public order or national security . Th is category of expulsion is regulated by Article L. 521-1 ff . of the French Immigration Act 2006. Th e second category concerns the decision of the French authorities to expel a person to the external border (reconduite à la frontière), based on the fact that this person is in France illegally. Th is expulsion decision is provided for in Articles L. 511-1 and L. 531–3 of the Immigration Act 2006.
Both decisions (expulsion and reconduite à la frontière) can be issued by the local prefects or by the Minister of the Interior. After 2001, the Minister of the Interior addressed the local prefectures on several occasions, demanding a more active expulsion policy with regard to unwanted or illegal third-country nationals. In 2005, the Minister of the Interior published a report according to which, between 2001 and 2005, the number of current expulsions increased by 68.6%.139
Procedures against expulsions in the fi rst category have no suspensive eff ect (Article L. 523-1), however these persons are to be informed and heard in advance. Only procedures against an expulsion in the second category (arrêtés reconduite à la frontière) will automatically suspend the decision for the fi rst 48 hours, unless this person is registered in the NSIS on the basis of a fi nal deci-sion (décision exécutoire) by one of the other Schengen States, or if the expulsion is based on a foreign expulsion decision.140 Th is latter exception was added by an amendment to the Loi Sarkozy of 2003 and is based on Directive 2001/40 on the mutual recognition of expulsion decisions.
Th e lack of suspensive remedies with regard to expulsion orders on the basis of a foreign SIS report has been questioned in the French Parliament. In reply to
138 See GISTI (2006), p. 25. 139 Bulletin of the Dictionnaire Permanent Droit des Étrangers, no. 139 (2005), p. 6775. 140 See Articles L.512-2 jo. 531–3 of the French Immigration Act.
Brouwer ch-11.indd 366 4/4/2008 5:39:49 PM
France 367
these questions, the Minister of the Interior made it clear that foreign decisions to register a third-country national in the NSIS are to be considered defi nitive decisions. Th e Minister added that “hypothetically” it may be presumed that this foreign decision is notifi ed to the person concerned and that the applicable time limits for appeal have expired.141 Th is presumption would, according to this Minister, justify immediate expulsion since the person concerned “would already have had the possibility to appeal against the decision which forms the basis for the SIS report.”142 Th is presumption is, however, wrong because Article 96 CISA does not include the requirement that the alert can only be based on a fi nal deci-sion by national authorities. In practice, in France, but also (as we will see in the next Chapters) in Germany and the Netherlands, third-country nationals do not always have the right to appeal against the decision which forms the basis for their registration in SIS.
As mentioned above, the persons to be expelled may invoke the suspensive remedies as based on Articles L. 521-1 and L. 521–2 of the French Administrative Act. Both the référé-suspensive and the référé-liberté could be relevant for a person to be expelled on the basis of a SIS report, if the court is convinced of the need to suspend the possible expulsion, or to order the liberation of this person if he is detained in one of the French detention centres.143
7. Case Law
7.1. Introduction
Since the NSIS became operational, French case law with regard to the use of the NSIS in immigration law has been steadily generated. Just one week after the NSIS became operational, the administrative court of Strasbourg issued the fi rst judgment on the NSIS, in which the court annulled a decision to expel a third-country national on the basis of a SIS entry.144 Th e most important judicial
141 “… le signalement ne fait donc que rappeler l’existence d’une décision exécutoire prise par un autre membre, donc par hypothèse, notifi ée et dont les délais de recours sont expirés”. See the ministerial answer to the question of Vuilque, no. 54624: JO 28 November 2004, p. 10386 and JO 22 February 2005, p. 1959.
142 “Le signalement justifi e donc une reconduite sans délai et sans recours suspensif dès lors que l’intéressé a déjà eu la faculté d’exercer un recours contre la décision exécutoire qui est à l’origine de ce signalement.”
143 See further the GISTI report of 2005, pp. 59–60. 144 TA Strasbourg, 3 April 1995, M. Igel c/Préfet de la Moselle. See, for an overview of this early juris-
prudence on NSIS, E. Aubin, Le juge administrative français face à l’application de la Convention de Schengen dans ses dispositions sur le droit d’asile. Bilan juridictionnel de l’application en France des accords de Schengen, Revue de droit Public no. 3–2000, p. 829–862.
Brouwer ch-11.indd 367 4/4/2008 5:39:49 PM
368 Chapter 11
procedures involving Article 96 CISA are the procedures against expulsion orders and the decisions based on which visa applications have been rejected. Other procedures, which resulted in a lesser volume of case law, concern the refusal of entry or a residence permit based on an Article 96 report.
Important milestones in the jurisprudence, even internationally, were the Hamssaoui and Forabosco judgments by the Conseil d’État in June 1999.145 In the fi rst judgment, which dealt with the refusal of short-stay visas, the court ruled on the duty of the French authorities to inform data subjects on the State or author-ity issuing a SIS alert. In the second judgment, the court annulled the refusal of a long-term visa, acknowledging the power of national courts to assess the legitimacy of foreign decisions to report a third-country national in the NSIS.146
7.2. Duty to Inform the Data Subject
Th e duty of the French authorities to motivate their decisions based on registra-tions in the NSIS has been a regular subject of the decisions by administrative courts in immigration law. With regard to refusals of visas, as well as with regard to expulsion decisions or refusals of entry to the territory, the courts did not accept the mere reference by French authorities to the existence of the SIS report. In 1999, in the famous Hamssaoui judgment, the Conseil d’État ruled that deci-sions refusing a visa to a person, based on the fact that this person is registered in the NSIS, should indicate the foreign state which entered the applicant in the NSIS.147 Th e Court referred in this decision directly to the statements by Minister Chevènement during the parliamentary debate on the amendments providing for this duty to motivate certain categories of visa refusals. In its judgment, the Conseil d’État uses the words “state” and “authority”. One could therefore argue that, according to this Court, the authorities have to inform the visa applicant not only of which State, but also of which specifi c authority within this State reported the person into the NSIS . However, given the fact that the Court refers to the parliamentary history of this provision (during which reference is only made to the foreign state) and the fact that the Court does not give any other explanation, it does not seem that the Court actually meant to extend the duty of information in this way. In later judgments, the Conseil d’État refers only to the State which reported the person in the NSIS (l’État auteur du signalement).148
145 CE 9 June 1999, Mme. Hamssaoui, no. 198344, 9 June 1999, and CE 9 June 1999, M. et Mme. Forabosco, no. 190384.
146 See, for an extended analysis of these and other French judgments on SIS, Elspeth Guild, Adjudicating Schengen: National judicial control in France, European Journal of Migration and Law, 2000/1, p. 419–439.
147 Decision of 9 June 1999, no. 198344. 148 CE 20 February 2002, Boucetta, no. 220420.
Brouwer ch-11.indd 368 4/4/2008 5:39:49 PM
France 369
Th e Conseil d’État established further in the Hamssaoui judgment that the duty to inform the applicant as mentioned above cannot be replaced by referring to the possibility for the applicant to apply to the French Data Protection Authority for his or her right of indirect access to the information.149 Th e same conclusion was reached by the administrative court of appeal of Paris with regard to the decision to refuse entry.150 Th is case concerned a third-country national, Minin, who had been refused access to French territory based on a registration in the NSIS. During the procedures of this case, the Minister of the Interior had argued several times that the application for entry by Minin had to be considered a request for access to his information. Th erefore, according to the Minister, the applicant had to apply to the French Data Protection Authority for his right of indirect access. Th e higher court of Paris explicitly stated that such a reference could not replace the obligation to motivate the decision to refuse entry in question.151
French jurisprudence is not clear on whether an administrative decision based on the SIS information forwarded by other Schengen states should indicate the reasons for these foreign reports. In a judgment of 20 February 2002, the Conseil d’État decided that a French decision rejecting a visa, based on a SIS report, should indicate the State forwarding this report to the NSIS, but not the reasons for this report.152 A broader interpretation of the duty of motivation was given in the aforementioned judgment in the Minin case. Here, the Paris court consid-ered that the mere reference in the decision to the fact that Minin was a danger to the public order, without mentioning any facts of circumstance, did not fulfi l the legal obligations regarding motivation (as provided in the general administra-tive law of 1979, see section 6.3). In a decision of 2004, the administrative tribu-nal of Pau held that a decision by a prefect to expel a person on the basis of a German SIS report was unlawful because the prefect failed to indicate the date on which the German authorities had forwarded this report to the NSIS.153
An interesting issue was dealt with in the judgment of the Conseil d’État in the Joorawon case of 10 January 2003.154 Th is case concerned the question of whether the sole fact of being registered in the NSIS for the purpose of refusing entry to a third-country national was suffi cient motive for the refusal of a visa, even if the provisions of the CISA did not apply to the French overseas department, whose
149 See also the judgment CE 28 July 2000, no. 205435, Faifer. 150 Cour administrative d’appel, decision of 18 January 2001, Minin, no. 99PA02845. 151 Other judgments in which lower courts held that the motivation for expulsion decisions based
on a SIS record was insuffi cient: TA Nice 16 July 2002, Barzilay, no. 023061; TA Lille 16 May 2002, Valencia, no. 021741; TA Toulouse 24 October 2000, M. c/ Préfet de la Haut Garonne, no. 003366.
152 CE 20 February 2002, Boucetta, no. 220420. 153 TA Pau, 18 November 2004, Anton, no. 0301352. 154 CE 10 January 2003, no 223395, Ali Mohamed Noorani Joorawon.
Brouwer ch-11.indd 369 4/4/2008 5:39:49 PM
370 Chapter 11
consulate (at Port Louis, Mauritius) had refused the visa application. Th e government, reasoned during this case, that even if the CISA did not apply to the consulate concerned, the entry of the person into France would be contrary to the public order of France, considering that the record in the NSIS was justi-fi ed by the grave off ences of which the applicant was accused. Th e Court rejected this separate meaning or eff ect of a SIS report. Since the consulate erroneously motivated the decision to refuse a visa, solely on the basis of the fact that the applicant was reported in the NSIS for the purpose of being refused entry, the consulate committed a legal error (une erreur de droit). Th is error could not be replaced by the argument of the Minister of Foreign Aff airs that, based on the SIS report, the entry of the person could be regarded as a danger to the public order. Even if this latter ground could have been a legally justifi ed ground for refusal of a visa application, this did not legitimise the refuted decision, which was taken solely and mistakenly on one ground. In later judgments, the French Conseil d’État did however accept this so-called ‘substitution of motivation’, in which the govern-ment replaced the initial (unlawful) motivation for a negative decision during the proceedings for a lawful motivation.155
7.3. Assessing the Validity of Foreign SIS Reports
In general, French law includes the principle that an administrative decision can be annulled by the court if this decision is based on prior, unlawful decisions. In 1994, the Conseil d’État ruled that French courts were not competent to assess the legality of foreign decisions.156 However, in its Forabosco judgment of 9 June 1999, the Conseil d’État departed from this line.157 In this decision, the Conseil d’État explicitly confi rmed the competence of the administrative courts to deal with the question on the lawfulness of a foreign report in the NSIS based on Article 96 CISA. Th e case concerned a Romanian national, Ms. Forabosco, who was married to a French national; both were resident in France. Planning to stay with her husband, she applied for a visa for a longer stay at the French consulate in Bucharest. Th is visa was refused on the basis of the German registration of Ms. Forabosco in the NSIS. In its judgment, the Court explicitly stated that, “it is the task of the administrative court, dealing with an individual appeal against an administrative decision which is based on a report for non-admission, to
155 See, for example, CE 6 February 2004, no. 240560, Hallal. 156 CE 22 July 1994, Chambre syndicale du Transport Aérien and CE 29 December 1997, Th orel,
see: Emmanuel Aubin, Le juge administratif français face à l’application de la Convention de Schengen dans ses dispositions sur le droit d’asile. Bilan juridictionnel de l’application en France des accords de Schengen, Revue du Droit Public, no. 3, 2000, p. 847.
157 CE 9 June 1999, no. 190384.
Brouwer ch-11.indd 370 4/4/2008 5:39:49 PM
France 371
consider the legitimacy of this report, even if it is made by a foreign administra-tive authority.”158 Th e Conseil d’État established that the motive of the German report was based solely on a decision which had denied Ms. Forabosco asylum in Germany. According to the Conseil d’État, this motive did not fall within the limitative grounds mentioned in the second and third paragraphs of Article 96 CISA. Th erefore, the Court considered that there were justifi ed grounds for annulling the refusal of the visa.159 Th e Conseil d’État repeated this conclusion with regard to the unlawfulness of German decisions to report rejected asylum seekers in the NSIS in later judgments.160
Another German motive for registration in the NSIS was rejected in a deci-sion by the Conseil d’État of 13 December 2002. In this case , an Algerian national, Kouchi, had obtained refugee status in Germany, but was reported by the German authorities in the NSIS because he had left Germany without informing the German authorities.161 As a result of this entry, Kouchi had been refused a short-stay visa by the French consulate in Algiers. Th e French Court ruled that these motives did not fulfi l the criteria of Article 96 CISA and annulled the refusal of the visa.
In a case where it became evident that a German decision to report a person in the NSIS was not based on a refusal to grant asylum , but on a removal decision against this person, which was neither reported nor suspended, the highest French administrative court found this motive in conformity with the criteria of Article 96 (3) CISA.162
In a judgment from 2003, the Conseil d’État explicitly dealt with the (limited) power of the French administrative courts to assess the lawfulness of foreign deci-sions based on which the foreign authorities issue a SIS alert.163 Th is case con-cerned the application by a Romanian national, Mr. Gheorghita, for a short-stay visa for France. Th is application had been rejected by the French visa authorities
158 “Mais considérant qu’il appartient au juge administratif, saisi de conclusions dirigées contre une décision administrative fondé sur le signalement d’une personne aux fi ns de non-admis-sion, de se prononcer sur la bien-fondé du moyen tiré du caractère injustifi é de ce signalement alors même qu’il a été prononcé par une autorité administrative étrangère.”
159 Th e fact that a visa had been issued to Ms. Forabosco, before this judgment, did not prevent the Court annulling the former decision by which the visa was refused.
160 CE 9 July 2001, Matumona, no. 209037; CE 11 July 2001, M. and Mme. Iqbal, no. 206644; CE 15 March 2002, Krouf, no. 221818. See also C. Saas, where she describes French jurispru-dence with regard to the German criteria on the input of rejected asylum seekers into NSIS: ‘Les refus de délivrance des visas fondés sur une inscription au Système Information Schengen’, Cultures & Confl its 49–50, 2004.
161 CE 13 December 2002, Kouchi, no. 224877. 162 CE 29 July 2002, X, no. 236190. 163 CE 23 May 2003, no. 237934, Mr. Gheorghita Catrina.
Brouwer ch-11.indd 371 4/4/2008 5:39:49 PM
372 Chapter 11
because of an Italian Article 96 alert based on a previous illegal stay by the appli-cant in Italy. Th e appeal of Mr. Gheorghita against this visa refusal was then rejected by the special commission of appeal against refusals of visas. Dealing with the appeal against the decision of this commission, the Court repeated its earlier conclusion that the French administrative courts are competent to assess the law-fulness (caractère injustifi é) of foreign reports in the NSIS. However, the Court added that these courts were not competent to assess the lawfulness (légalité) of the foreign decisions which formed the basis of the SIS reports.164 Th erefore, the Court reasoned that the applicant, who did not refute the fact that the residence ban by the Italian authorities was one of the motives as provided in Article 96, could not eff ectively establish (“ne saurait utilement se prévaloir” ) that the Italian residence ban would have been irregularly imposed or would have been dispro-portionate to the off ences committed by the applicant. Th e Court argued that even if this Commission had made a legal error by basing the conclusion that the applicant would pose a threat to the public order solely on the SIS report by Italian authorities, the instructions deriving from Articles 5 and 96 CISA, nota-bly, would have led to the same decision: that is refusal of the visa. Th e highest French administrative court seemed to refer to the impossibility for national courts to assess whether decisions by foreign authorities are taken in conformity with their foreign legislation. Th e competence for national courts is restricted to the assessment of whether a SIS alert and the motivation for this alert are in accordance with the provisions of the CISA. Th is latter assessment is much easier to make than the assessment of whether a foreign alert is in accordance with the law of a foreign State which requires knowledge of this foreign law.
Finally, in the case of Mr. Moon (see also section 5.5.1), dealing with an appli-cation for access to the NSIS data now submitted by the spouse of Mr. Moon, the Conseil d’État also seemed reluctant to assess the lawfulness of the German reasons for reporting Mr. and Mrs. Moon in the NSIS.165 In the new judgment, the Conseil d’État upheld the decision of the CNIL not to forward information on the NSIS report to Mrs. Moon. Th e Court argued that, based on the infor-mation submitted by the German government with regard to the reasons for her report in the NSIS, the French authorities were justifi ed in deciding, without making a ‘manifest error of appreciation’, that the German SIS report was not based on any legal or factual error. Th erefore, the application to annul the refusal of rectifi cation made by the CNIL was rejected.
164 “… il n’est en revanche pas compétent pour statuer sur la légalité des décisions des autorités des autres Etats parties qui fondent ce signalement.”
165 CE 2 June 2003, no. 219588, Hak Ja Han M (Mrs. Moon).
Brouwer ch-11.indd 372 4/4/2008 5:39:49 PM
France 373
7.4. Duty of Authorities to Balance Interests
In its decision of 25 November 2000, the Conseil d’État made it clear that deci-sions with regard to visa applications may cause an infringement of human rights protected in the ECHR.166 Th e case concerned a Romanian national who was married to the applicant, Mme. Cucicea-Lamblot, who held French nationality. Th e husband applied for a short-stay visa to join his spouse in France. Th is appli-cation had been rejected by the French embassy in Bucharest in August 1999. Th e Court concluded that, to understand whether the visa refusal involved a breach of the right to private and family life under Article 8 ECHR, it is neces-sary to know the reasons for the SIS record. Th e Conseil d’État therefore ordered the French Ministry of Foreign Aff airs to forward to the administrative judge within two months the relevant information with regard to the NSIS alert.167
Consideration of the right to family life also played a role with regard to a case concerning the application for a long-stay visa by an Algerian national.168 Th is applicant had been reported in the SIS by the German authorities after he was sentenced to 490 days of imprisonment for a drugs off ence. Th e applicant main-tained that the refusal of his visa involved a breach of his right to private and family life, since he was married to a French national, with whom he was not allowed to cohabit. Th e Court denied there was a breach of his right to private and family life, considering the circumstances of the case. Th ese circumstances included the recent character of the applicant’s marriage, the fact that there were no children, the assumption that the presence of the applicant on French terri-tory could cause an actual threat to the public order and, fi nally, the possibility for his spouse to join him in Algeria.
In another case, an Algerian national applied for a short-stay visa to visit his parents and family in France. Th is application was rejected on the basis of his registration in the NSIS to be refused entry. Th e Conseil d’État did not consider this refusal as a disproportionate breach of his right to private and family life , since the applicant did not submit that it was impossible for his parents and family to visit him in Algeria.169
Th e administrative courts not only regard human rights, such as the protection of family life , as a reason to annul the refuted decision based on a SIS report. Th e legal interests of the foreigner in working and staying in France have also been
166 CE 25 October 2000, Cucicea-Lamblot, no. 212315, AJDA 20 March 2001, p. 284–286, commented upon by R. Errera in Public Law, 2001, p. 425.
167 Unfortunately, I have no information on whether the requested information actually has been submitted by the government.
168 CE 10 March 2004, X, no. 252269. 169 CE 12 February 2003, X, no. 229306.
Brouwer ch-11.indd 373 4/4/2008 5:39:49 PM
374 Chapter 11
weighed by the courts when assessing a visa refusal on the basis of a SIS report. In 2003, the Conseil d’État decided on a case where the French consul in Casablanca rejected the application by a Moroccan national for a long-term visa on the basis of an Article 96 SIS report. Th e person was reported by the Italian authorities based on the person’s non-compliance (“non-respect” ) with the Italian immigration law. In its judgment, the Court annulled the decision of the Commission de recours contre les décisions de refus de visa by which the applicant’s appeal against the decision of the consul was rejected. According to the Conseil d’État, the decision of this Commission was based on a “manifest wrong appreci-ation” (“une erreur manifest d’appréciation”). Th e Conseil d’État emphasised that the applicant stayed and worked on a regular basis in France between 1993 and 2000 and that he could not be regarded as a danger to the public order solely on the basis of the fact that he acted in breach of the Italian immigration law.170
In some cases, the Conseil d’État accepted that the authorities did not make any attempt to balance interests. For example, this was the case in a judgment of 29 July 2002, dealing with a Cameroon national whose short-stay visa had been rejected, based on a German report in the NSIS for refusal of entry.171 Th e appli-cant maintained that he previously resided in Germany as the spouse of a German national but that, during this period, he had never posed a threat to the public order. Th e Conseil d’État rejected his appeal, arguing that these circumstances did not aff ect the lawfulness of the decision by the French embassy, since this decision was in conformity with the provisions of the CISA.
In another judgment of 4 November 2002, the Conseil d’État accepted a period of seven years between the date when this person was reported in the NSIS and the date when the French authorities had refused him a visa based on this report.172 Without going into the interests of the individual concerned, the Court found the visa refusal justifi ed provided the applicant did not reveal that the report had been withdrawn by the foreign states. Th is case concerned an Algerian national who had been reported by both German and Spanish authorities in the NSIS because he had failed to comply with the national regulation on the entry or residence of third-country nationals. In a comparable case brought before the Conseil d’État in 2003, the Court upheld the decision by the special Commission on visa applications in which (in 2001) an Algerian national had been refused a visa on the basis of a report entered in the NSIS by the German authorities, based on an expulsion order from 1993.173
170 CE 30 December 2003, Ramdane, no. 237808. 171 CE 29 July 2002, X, no. 229580. 172 CE 4 November 2002, X, no. 240090. 173 CE 14 November 2003, X, no. 234462.
Brouwer ch-11.indd 374 4/4/2008 5:39:49 PM
France 375
7.5. Powers of the Court
As we have seen above, an important remedy for persons facing a negative decision based on the NSIS are the suspensive procedures based on French administrative law. Th is power has been used by the administrative courts to order either the sus-pension of the refuted expulsion, or to order the release of the person detained if there are serious doubts as to the lawfulness of the underlying Article 96 report or the proportionality of the refuted decision.174
Furthermore, administrative courts can order the Minister of Foreign Aff airs to provide the court with further information on the reasons for refusing a visa to the applicant.175 In one case, the Conseil d’État considered the fact that the Minister did not provide the court with the requested information as adequate grounds for annulling the rejection of the visa application.176 Th ree years later however, in a comparable case, the Conseil d’État explicitly held that it was not competent to order the withdrawal of the SIS report.177
Generally, French administrative law includes the power of courts to condemn the State to repair damage which is caused by wrongful administrative acts.178 Th is also concerns damage which is caused by a visa refusal, such as the separa-tion of a family, costs of travelling or a lawyer, but also immaterial damage. Dealing with visa refusals, the Conseil d’État uses this power on a regular basis. For example, in 2002, the Conseil d’État condemned the French State to pay an Algerian visa applicant and his French spouse 2,000 euros, because the Court found that the refusal to issue him a visa was a disproportional infringement of their right to family life .179 In 2006, the French State was ordered to pay 1,500 euros to a Senegalese visa applicant, after the French consul in Dakar refused him a visa on the basis of an unlawful Italian SIS Article 96 alert. Th e fact that during the procedure, the applicant obtained a French visa because the Italian authorities withdrew his alert, was no reason for the Conseil d’État to reject his application for fi nancial repair based on the fi rst, unlawful, visa refusal.180
174 See, with regard to the suspension of expulsion: TA Nice, 16 July 2002, no. 023061, Barzilay; TA Lille, 16 May 2002, no. 021741, Valencia. See for the use of the référé-liberté: TA Pau, 31 May 2002, no. 02820, Mejri. Described in GISTI (2005), p. 59–60.
175 CE 6 December 2002, Sahin, no. 206277. 176 CE 6 October 1999, M. Bafandi, no. 186082. 177 CE 11 March 2002, Abdelli, nos. 222137–222258. 178 On the basis of Article L. 761-1 of the French administrative law (Code de Justice Administrative). 179 See for example CE 6 December 2002, M. et Mme. Amouche, no. 238288; CE 15 November
2006, M. A et Mme A, no. 276829; and CE 27 November 2006, M. et Mme A, no. 298660. See also GISTI (2006), p. 29.
180 CE 10 November 2006, Mbow, no. 298272.
Brouwer ch-11.indd 375 4/4/2008 5:39:49 PM
376 Chapter 11
7.6. Assessing the Role of the CNIL
7.6.1. Right of Indirect or Direct Access: Divisibility of the Data FilesIn section 5.5.1, I described the applicable rules with regard to the right to indirect and direct access by a data subject to his or her personal information held by the public authorities. Based on a decision of 6 November 2002 by the Conseil d’État in the Moon case, the former rule of the “indivisibility of data fi les” in the Data Protection Act was changed to a more liberal approach to the right to access.181 Based on this decision, the CNIL obtained the possibility of granting partial access to the requested information, even if parts of the fi les concerned matters of state security.
7.6.2. Duty to Play an Active Role when Assessing the Validity of a Foreign AlertTh e decision of the Conseil d’État is important in the Skandrani case, dealing with a French national living in France.182 Th is person had been reported by the German authorities in the NSIS on the basis of Article 96 CISA because of his past activities for a Tunisian opposition group.183 In this judgment, the Conseil d’État clarifi ed the duty of the national data protection authorities to verify the lawfulness of an alert in the NSIS and to collect information from the national data protection authorities of other Member States if necessary. Th e applicant requested both the French authorities and the French Data Protection Authority, CNIL , to have his unlawful registration in the SIS annulled. Th e applicant espe-cially complained about the procedure followed by the CNIL. At his request, the CNIL had contacted the German Data Protection Commissioner on the basis of Article 114 (2) CISA. Th is German Commissioner subsequently informed the CNIL that, according to information from one of the regional data protection authorities, there would be no objection to the NSIS alert in question “from the point of view of data protection law” (du point de vue du droit en matière de pro-tection des données). Th e CNIL was satisfi ed with this information and informed the applicant, Mr. Skandrami, accordingly. In its judgment of April 2006, the Conseil d’État disapproved of the way in which the CNIL dealt with this case and concluded that it had not fulfi lled its obligation under Article 114 (2) CISA. Th is provision requires national data protection authorities to check the data entered in the SIS and, if necessary, to contact a foreign supervisory authority if the alert was entered by a foreign state. Th e Conseil d’État found that the CNIL had not acted in conformity with the duty imposed by Article 114 (2) because
181 CE 6 November 2002, M. Moon, no. 194295. 182 From the judgment, one cannot deduce whether he already held French nationality at the time
of registration by the German authorities, or whether he became a French national later. 183 CE 7 April 2006, Skandrani, no. 275216.
Brouwer ch-11.indd 376 4/4/2008 5:39:49 PM
France 377
this requires that checking the accuracy of the SIS report should be performed “in close coordination” with the other data protection authorities. Th e French administrative court found that, where the CNIL only relied on this single answer from the German authorities and had not asked for further information to support this answer, it had failed to act in accordance with the criterion of “in close coordination”. Th erefore, the decision by the CNIL whereby the applicant was informed that his procedure had been closed, was annulled.
Notably, in this procedure, the claim against the French government was dropped because the applicant had been informed by the French Minister of the Interior, one year after the fi rst decision by the CNIL , that this alert would be ‘blocked’ (suppression) for the French part of the SIS.
7.6.3. Power of Foreign Data Protection AuthoritiesIn a decision of February 2006, the Conseil d’État dealt indirectly with the powers of national data protection authorities to order foreign authorities to delete a wrongful SIS alert. Th is case concerned the case of Mr. Cherney, an Israeli national living in Israel, reported by the French authorities in the NSIS.184 On the basis of this French alert, the applicant had been refused entry to French territory in 2000. In 2004, a visa had been refused by the Austrian authorities. Th e applicant appealed against both negative decisions. In 2001, the decision of the refusal of entry was annulled by the administrative court of Cergy-Pontoise. Th e claim by Mr. Cherney before the Conseil d’État concerned the fact that the CNIL failed to reply for more than two months to his request to have his data rectifi ed in the SIS. In its decision, the Conseil d’État considered the possibility that the applicant had been reported in the NSIS on national security grounds and that these grounds could not to be communicated to the applicant. However, the Conseil d’État concluded that, during the procedure, it had not been pro-vided with suffi cient information by the CNIL to assess the reasons for the SIS report in question, nor with the opportunity to assess the lawfulness of the refusal of the CNIL to rectify or delete the data in question. Th erefore, the CNIL was ordered to provide this information within two months.
Th e reason I mention this judgment by the Conseil d’État at this point is because it handled an earlier decision by the Austrian Data Protection Authority, declaring the French alert unlawful. In this decision, the Austrian Data Protection Authority ordered the French authorities to delete the alert concerning this person. Th is caused a small ‘diplomatic’ uproar and the French authorities refused to delete the data from the SIS. Th e Conseil d’État refers in its judgment to the decision of the Austrian Data Protection Authority only with regard to the question of whether
184 CE 27 February 2006, M.A., no. 274928.
Brouwer ch-11.indd 377 4/4/2008 5:39:49 PM
378 Chapter 11
such an earlier decision could give grounds for concluding that the French alert was unlawful. Th e Conseil d’État refers, for this question, to the rule in Article 106 CISA, according to which a national data protection authority, if it considers a SIS report by a foreign country erroneous or unlawful, may issue advice to foreign authorities. According to the Conseil d’État, this advice, dealing with a French alert, may “possibly” be grounds for these authorities to give an order to the French authorities; however, this order does not infl uence the lawfulness of the refuted decision.185 Unfortunately, the Conseil d’État does not refer to the meaning of Article 111 (2) CISA, on the basis of which Schengen States are obliged to enforce the fi nal decisions of courts or authorities dealing with individual SIS alerts (see Chapter 7, section 8.4).
8. Conclusions
8.1. Implementation of Article 96 CISA
French statutory law does not provide a detailed regulation implementing the Article 96 criteria for the registration of third-country nationals in the NSIS. In general, there are three categories of decision on the basis of which a third- country national may be reported in the NSIS for the purpose of refusal of entry. Firstly, this report may be based on a court’s decision including a formal resi-dence ban (interdiction du territoire français ). Secondly, this may be based on an expulsion decision issued by the local prefecture or the Ministry of the Interior. Th is decision is generally based on an illegal stay or the withdrawal of a residence permit from the person concerned. Th irdly, a SIS report can be based on a deci-sion to prohibit entry by the Ministry of the Interior, based on public order grounds. Th e criteria used for taking these decisions are not public and, in the latter category of decisions, even secret. Th is lack of information makes it diffi -cult to obtain a clear picture of the reasons why third-country nationals may be reported as inadmissibles by the French authorities. It is also diffi cult to fi nd out whether, with regard to the second category of decisions, the diff erent prefectures in France all apply the same criteria. From the available information, it cannot be deduced that the French administration applies a strict interpretation of the criteria as mentioned in Article 96 CISA.
Since 2001, the French government has been developing large information systems, allowing for the use of biometrics and the networking of diff erent
185 “que si l’avis de la Commission d’information et des libertés d’Autriche en date du 7 juin 2005 est éventuellement susceptible de fonder, s’agissant d’un signalement français, une saisine des autorités françaises par les autorités de ce pays, il n’a pas, par lui-même, d’incidence sur la légalité de la décision attaquée”.
Brouwer ch-11.indd 378 4/4/2008 5:39:49 PM
France 379
databases. French offi cials have simultaneous access to diff erent systems and the national visa network is linked to the Schengen consultation network. Th ese developments, combined with the evidence that basic systems, such as AGDREF , lack updated information, may cause problems with regard to relia-bility of information held in the NSIS. Th is doubt about the reliability of SIS information is supported by the information from the CNIL . Th e annual reports of the CNIL establish that, until 2005, a relatively large percentage (35% to 40%) of the data investigated by the CNIL on the basis of an individ-ual request had to be deleted. We may wonder whether this result is only the top of the iceberg of all the information on third-country nationals stored in the NSIS or, by chance, only concerns the individuals who actually made use of their right to be informed of their report in the SIS.186 Th e CNIL also estab-lished that, in 2004, the NSIS still held fi les on EU nationals stored for the purpose of non-admission, although this is unlawful.
8.2. Data Protection and the NSIS
At the time of the negotiations on the CISA, French politicians held the view that their French data protection law off ered a high level of protection to individuals. Nevertheless, looking at the current provisions applying to the NSIS, the French data protection law does not seem to place the individual in a very strong position. One of the reasons for this weak position is the applicability of the right to indirect access to SIS information. On the basis of this indirect access, the person con-cerned has to assert his or her right of access to SIS information through the inter-mediary of the CNIL , which generally causes long delays. Based on a judgment by the Conseil d’État in 2002 and an amendment to LIFL in 2003, it is possible, in a specifi c regulation, to provide for direct access to fi les, as long this information does not aff ect national security , defence or public order. Th e possibility for the CNIL to communicate the ‘non-sensitive’ parts of public fi les to the person con-cerned has also been extended. However, with regard to the NSIS, the regulation referred to above has not been adopted yet and, so far, the CNIL has not used its power to provide partial information from the NSIS. In 2005, this extended power for the CNIL was even narrowed again on the basis of a ministerial decree.
8.3. NSIS and the Right to Eff ective Remedies
8.3.1. Judicial and Non-Judicial RemediesTh e French administrative courts have assumed an important role with regard to the protection of third-country nationals reported as inadmissibles in the NSIS.
186 Th is latter assumption however seems unlikely because, as we have seen above, almost two-thirds of the applicants requesting verifi cation of their data were not registered in NSIS.
Brouwer ch-11.indd 379 4/4/2008 5:39:49 PM
380 Chapter 11
Although, in general, respecting the margin of appreciation of the immigration and consular authorities, these courts, especially the Conseil d’État , have formu-lated certain important principles with regard to measures taken or decisions made on the basis of the NSIS. During my study, I did not come across any rea-sons which may give rise to doubts with regard to the independence or impartiality of the French administrative courts. With regard to the functioning of CNIL in the fi eld of individual applications for access, correction or deletion of data, we have seen that four members of the CNIL are members of parliament and thus have a political status. Th ree of the fi ve ‘IT specialist’ members of the CNIL are appointed by the government. Th is composition does not add to the independence of this organisation.
8.3.2. AccessibilityTh e French law on administrative remedies in immigration law is quite complex and has been changed several times based on amendments to French immigra-tion law or based on decisions by the Conseil d’État . In practice, an important problem for the accessibility of remedies is that third-country nationals who, by decision of the préfecture, are expelled on the basis of a SIS report, are not informed of the reasons for this decision and do not have any possibility of refut-ing their expulsion. Th eoretically, third-country nationals may lodge an appeal against these decisions and have automatic suspension for 48 hours. Th is provi-sion does not however apply to decisions based on “fi nal decisions of other Schengen authorities” as recorded in the NSIS (see below).
In their jurisprudence with regard to the use of NSIS, the administrative courts, especially the Conseil d’État , emphasised the importance of informed decision-making. In many cases, the administrative courts annulled insuffi ciently motivated decisions based on a NSIS alert. Since 1998, the French Immigration Act has explicitly obliged French visa authorities to motivate visa refusals if these are based on information held in the NSIS. Th is duty is in line with the general principle of French data protection law, according to which the administration may not issue legally binding decisions if they are based solely on automated data fi les.
8.3.3. Scope of ReviewIn their jurisprudence, the French courts generally require balanced decision-making especially, but not exclusively, in situations where human rights are involved. However, in order to be able to make such a balanced decision, the courts in the case law described above generally require the applicants to submit information to support their claims.
Furthermore, the administrative courts affi rmed their competence to assess whether foreign SIS reports are in accordance with the criteria of Article 96 CISA. In its judgments, the Conseil d’État generally applied a strict interpretation of Article 96, second and third paragraphs. Th e Conseil d’État however ruled that
Brouwer ch-11.indd 380 4/4/2008 5:39:50 PM
France 381
it was not competent to assess whether the decision forming the basis for the foreign SIS report is in accordance with the law of the reporting state.
With regard to the scope of review of the CNIL , in 2004 its position was weakened by an amendment to the LIFL , on the basis of which the CNIL no longer has an approval role with regard to the establishment of government fi les in the interests of state security, defence and public order, or for the purposes of criminal investigation and prosecution or security.
8.3.4. CompetencesTh e recognition by the Conseil d’État of the inherent power of the national courts to demand further information from the French administration concerning the reasons for a SIS alert is important. If these authorities do not provide the court with this information or the court fi nds this information insuffi cient, this may be grounds for annulling the refuted decision.
In general, procedures against an expulsion order will suspend the refuted decision for the fi rst 48 hours. An important limitation regarding the right to legal remedies against decisions based on a foreign SIS alert is that this remedy has no automatic suspensive eff ect if this alert is based on a foreign expulsion decision. Th is is based on what I believe to be the wrongful presumption of the French government that these foreign reports are to be considered fi nal decisions and that the person concerned could have lodged an appeal in the country for-warding this report. A third-country national, threatened with expulsion on the basis of such a SIS alert, could invoke the suspensive remedies as provided under administrative law. However, French courts apply strict criteria with regard to the required urgency for the use of this procedure.
French administrative courts may condemn the State to repair damage which is caused by unlawful measures or decisions, including decisions based on SIS alerts. Th e Conseil d’État used this power on a regular basis when dealing with unlawful visa refusals.
Due to the large workload of the CNIL and the lack of suffi cient fi nancial and personal resources, it is questionable whether this organisation is able to perform its ‘supervisory’ function very actively with regard to the NSIS. An important tool used by the CNIL is the power to issue fi nes up to a maximum of € 300,000 if a data processing authority acts in breach of the rules of the French Data Protection Act. To my knowledge, this power has not yet been used with regard to SIS alerts. In general, we have seen that it is diffi cult for third-country nation-als to assert their rights to (indirect) access because of the lengthy procedures before the CNIL. Particularly in the case of third-country nationals threatened with expulsion based on information stored in the NSIS, the road to the CNIL will often prove ineff ective. Th ese persons may have been long expelled before it is established whether the NSIS data are wrong or unlawful.
Brouwer ch-11.indd 381 4/4/2008 5:39:50 PM
Brouwer ch-11.indd 382 4/4/2008 5:39:50 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 383–444.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Chapter 12
Germany“Nur durch die Löschung unzulässig gespeicherter Daten kann sicher gestellt werden, daß diese Informationen nicht in für den Betroff enen negativen Entscheidungen berücksichtigt werden. Angesichts des strengen rechtlichen Bindungen, denen die Ausländer unterworfen sind, wäre es im Interesse der Waff engleichheit unverantwortlich, die wenigen datenschutzrechtlichen Regelungen außer Acht zu lassen, welche die Ausländerverwaltung förmlich binden.”1
1. Introduction
As one of the initiators of the Schengen Agreements, Germany played an impor-tant role in the development and the architecture of ‘Schengen’, especially the Schengen Information System. During the negotiations, the German govern-ment was, on the one hand, urged by their police organisations to seek the further development of international judicial and police cooperation, including the shar-ing of information. On the other hand, German data protection authorities and specialised lawyers urged the German government to support the inclusion of data protection rules in the draft Convention Implementing the Schengen Agreement (hereafter CISA). As we have seen above, this only happened in a late stage of the negotiations.
It is not easy to describe the implementation of the CISA in Germany and, especially, the practical operation of the NSIS and the registration of third-country nationals, because of the federal structure of Germany. Th e authorities in the diff erent German states (Länder), including police forces and data protec-tion authorities, function quite autonomously. Providing a complete picture of the German implementation of Schengen law would require thorough research of data and case law in each of the German Länder. Th e following sections should not be considered such a complete overview. Th ey will give, fi rst and foremost,
1 Th . Weichert, AZRG . Kommentar zum Ausländerzentralregistergesetz, Neuwied-Kriftel: Luchterhand 1998, p. VIII.
Brouwer ch-12.indd 383 4/4/2008 5:51:23 PM
384 Chapter 12
a general description of the general rules and principles which are applicable throughout the federal state. From the laws and the case law I have found, I will try to deduce general rules on the registration and use of data concerning ‘inadmissible aliens’ in the NSIS, especially concerning their legal protection.
Despite the fact that the autonomy and multitude of the organisations involved render it more diffi cult to draw general conclusions, the federalisation of German law and administration has also its advantages for this research. As we will see in the following sections, the annual reports by the diff erent Data Protection Authorities of the German provide us with considerably more information on the practical and legal issues of the NSIS, compared to the reports of their centralised counterparts in France and the Netherlands.
2. Parliamentary Involvement with CISA
2.1. Schengen in General
Germany ratifi ed the CISA on 15 July 1993.2 As in the other Schengen coun-tries, the German government initially did not share much information on the Schengen negotiations with the German parliament.3 Members of the Federal Parliament repeatedly criticised the lack of information given by the German government with regard to the draft provisions of the CISA. Only after an extended list of questions, forwarded by the members of the Social Democratic Party (SPD), the government informed its parliament in November 1988 of the cooperation between the Schengen states on the basis of the Schengen Agreement of 1985.4 Th ese parliamentary questions focussed especially on the future of German offi cials working at the internal borders , who were at risk of losing their jobs. On 8 December 1989, one week before the planned signature by the Schengen governments, the Federal Parliament received a formal draft of the CISA. It appears, however, that informal texts of the draft treaty were already in circulation in September 1989. Th is would explain why, on 26 September 1989, the Green party (Die Grünen) was still urging the government to publish the draft texts of the CISA, while, two days later, during the parliamentary debate on
2 Law on the CISA 15 July 1993, Bundesgesetzblatt (Federal Law Gazette, hereafter BGBl.) 1993 II, p. 1010 ff . Entry into force notifi ed on 20 April 1994, BGBl. II, p. 631.
3 Th is includes the Bundestag and Bundesrat. However, when referring below to ‘Parliament’, I will generally mean the Bundestag only.
4 Parliamentary questions: Bundestag Drucksache 11/3104, 12.10.1988; answers by the federal government: Bundestag Drucksache 11/3594, 30.11.1988.
Brouwer ch-12.indd 384 4/4/2008 5:51:23 PM
Germany 385
Schengen, other members of parliament were able to quote from the draft provisions of the CISA.5
Th e debate in the Federal Parliament became more lively in 1989, after the fall of the Berlin Wall. Th is event, on 9 November 1989, was the reason for postpon-ing the signature of the CISA. Members of the German parliament pressed their government not to sign the CISA in December 1989 before the issues with regard to its application in the former DDR had been resolved. Without extending the application of the CISA to the territory of the former DDR, former DDR nation-als would still need a visa to enter the Schengen territory. Initially, the other Schengen partners did not accept the German proposal to attach a statement, implying that the former DDR would not be considered a ‘third country’ with regard to the application of the CISA by (West) Germany.6 But, in May 1990, the German government was able to inform its parliament that the other partners had agreed to lift the visa requirement for DDR citizens and to postpone the entry into force of the CISA until the date of the formal reunifi cation of Germany. When it was fi nally signed on 19 June 1990, the CISA was the fi rst international treaty which recognised the reunifi cation of the former East and West Germany.
New and more in-depth discussions with regard to the content and conse-quences of the Schengen cooperation took place during the parliamentary debate on the act to ratify the CISA on April 1992.7 An important and contro-versial issue dealt with during these debates was the proposed amendment of the right to asylum as protected in the German Constitution (Grundgesetz). Th ere was clear tension between, on the one hand, former Article 16 of the German Constitution which protected the right to asylum and the duty deriv-ing from this right to consider every asylum application and, on the other hand, the ‘one-chance only’ principle which was included in the CISA.8 A draft pro-posal to amend the German constitutional right to asylum resulted in long and tense parliamentary discussions on the values of the German asylum policy.9
5 See the request from the Greens: Bundestag Drucksache 11/5245, 26.09.2989, and the parlia-mentary debate of 18.09.1989, 11/12277.
6 Frankfurter Rundschau, 14.12.1989, Bonn will DDR bei Unterzeichnung des Schengener Abkommens mit einbeziehen. FAZ 16.12.1989, Kohl will Schengener Zusatzabkommen im Frühjahr unterzeichnen.
7 Gesetz zum Schengen Übereinkommen, Bundestag Drucksache 12/2453, Bundestag Drucksache, 12, Wahlperiode, 89 Sitzung, Bonn, 30 April 1992.
8 See, for an extended review of the consequences of this ‘Europeanisation’ on German and French asylum policies: S. Lavenex, Th e Europeanisation of Refugee Policies. Between human rights and internal security , Aldershot, Hampshire: Ashgate 2001, see p. 154 ff .
9 Draft proposal, Amendment Article 16 of the Constitution, Bundestag Drucksache 12/2112, 18 February 1992.
Brouwer ch-12.indd 385 4/4/2008 5:51:24 PM
386 Chapter 12
Th e SPD members of parliament initially insisted on prior harmonisation of EU asylum policy before any amendment of the German constitution. Finally, based on a compromise between the SPD and the Christian parties (CDU/CSU) and the liberal party (FDP), a proposal to amend the text of Article 16 of the Constitution was adopted on 26 May 1993.10 Th e new Article 16A, replac-ing the provisions of 16 (2), still included the constitutional right of politically persecuted persons to enjoy asylum. However, the German legislator added sev-eral exceptions to this right, including the incorporation of the Dublin principle (no access to the asylum procedure if another EU Member State is responsible for the asylum application), the presumption of safe countries, and the provision of accelerated asylum procedures for manifestly unfounded asylum claims.
Other important issues playing a role during the ratifi cation procedure were the democratic accountability of Schengen and the lack of competence for the Court of Justice. With regard to this latter subject, only the FDP and SPD fac-tions in the Federal Parliament (Bundestag) supported the request of the Dutch parliament to assign competence to the Court of Justice with regard to the interpretation of the CISA.
Comments by German non-profi t organisations with regard to the ratifi cation of the CISA dealt mostly with the limitation of the constitutional right to asylum . For example, in a letter of March 1992, the German section of Amnesty International expressed its concerns about the proposed refugee defi nition in Article 16 of the German Constitution and criticised the democratic defi cit during the negotiations on the CISA.11
2.2. Th e NSIS and Data Protection
Th e development of the NSIS was closely linked to the general aim of the German government to compensate for the loss of internal border controls.12 Th e German experience with regard to data exchange on searched persons and objects between the Federal Criminal Police Department (Bundeskriminalamt, hereafter BKA ) and the police forces in the Länder was an important example for the building of the NSIS. Only after the reunifi cation of the former DDR with West Germany and the extension of German’s eastern borders, politicians became more focussed on the use of the NSIS for immigration control purposes.
10 See Bundestag Drucksache 12/160. Th e draft bill was published in Bundestag Drucksache 12/4152.
11 Stellungnahme von Amnesty International zum Gesetzentwurf des Bundesregierung zu dem Schengener Übereinkommen vom 19 Juni 1990. Letter of 27.03.1992.
12 Bundestag Drucksache 12/14034, 17.6.1993.
Brouwer ch-12.indd 386 4/4/2008 5:51:24 PM
Germany 387
In the fi rst written inquiry by the German parliament, submitted to the government in 1988 on the implementation of the Schengen Agreement of 1985, only one question concerned the need to exchange police information.13 Answering this question, the federal government stated that a common informa-tion system would be necessary to prevent persons being searched by one of the Schengen States from escaping this search by crossing internal borders . According to this reply, the Schengen partners had reached agreement on the following cat-egories of data to be stored in this common system: persons and objects searched for criminal prosecution; unwanted aliens from third countries to be expelled; persons wanted for secret surveillance; persons whose place of residence was searched for criminal investigation and, fi nally, persons whose place of abode was searched (Aufenthaltsermittlung). Th e parliament was further informed that a discussion was continuing with regard to the registration of persons to be taken into custody for public order and security reasons (Gefahrenabwehr). No deci-sions were reached with regard to data protection issues. However, the German government stressed in its reply to the parliament that the current German data protection standards should be used as minimum standards in the forthcoming agreements.
Th e fi rst parliamentary discussion on the data protection implications of the Schengen cooperation took place on 28 September 1989.14 Th is debate was based on two inquiries with regard to the data protection issues: one from the Green party and one from the SPD.15 Th e Greens proposed, in a declaration of 16 September 1989, rejecting the proposal for the establishment of the NSIS because citizens would have grounds to fear that their data would be stored alongside data on criminals without their knowledge. Th e SPD did not go that far, but formulated seven minimum standards for data protection. Th ese stand-ards included, among other things, precise and binding criteria for the NSIS alerts, the right of every person to demand access to or correction and deletion of his data in every Schengen State and, fi nally, the right to legal remedies against non-compliance with the aforementioned rights. Furthermore, the SPD mem-bers required an independent control mechanism in each state and a joint data protection authority. Th e Data Protection Convention of 1981 and the Recommendations with regard to the police sector of the Council of Europe
13 Bundestag Drucksache 11/3104, 12.10.1988 and Bundestag Drucksache 11/3594, 30.11.1988. 14 Bundestag Drucksache 11/12277, 28.09.1989. 15 From the Fraktion Die Grünen: 11/5245 (Datenschutzrechtliche Probleme einer Europäischen
Fahndungsunion), from the SPD Fraktion: 11/5023 (Datenschutzrechtliche anforderungen and das Schengener Informationssystem).
Brouwer ch-12.indd 387 4/4/2008 5:51:24 PM
388 Chapter 12
should apply as minimum standards. Finally, the SPD members emphasised that there should be no exchange of information though the NSIS before these data protections standards had been implemented. Th e parliamentary members of the other parties and the representative of the Government described these proposals by the SPD as outdated. Th e proposed standards were based on the conclusions of the meeting of the data protection authorities of Germany, France, and Luxembourg in March 1989. Th erefore, the other parties argued, they had already been taken into account by the Schengen negotiators.16
Another important issue during the debate on data protection standards, as well as during the debate on the ratifi cation act of the CISA in 1993, were the concerns of the German members of parliament with regard to the level of data protection in the other Schengen states. One member referred to the fact that Belgium had no data protection law at all and Luxembourg and the Netherlands no law on police fi les.17 Th e fact that ‘Schengen’ implied that the other Schengen states were obliged to adopt data protection laws as well, was considered an important positive side-eff ect of the Schengen cooperation.18
In October 1989, during a conference of the Federal Data Protection Commissioner and the data protection authorities of the Länder, these authori-ties expressed their concerns with regard to the level of data protection in the CISA applicable to the conventional exchange of personal data, taking place outside the scope of the NSIS.19
It is interesting that, during the ratifi cation debate in 1993, a member of the liberal party, Wolfgang Lüder, expressed his concerns about the plans of the German Minister of the Interior to establish an “automated border control mechanism”.20 He quoted from the annual report of the Federal Data Protection Authority in which the Minister’s plans were cited. Th ese plans would include the inclusion of biometric data in travel documents. Lüder made it clear that central police registration at the borders, including data on the movement of travellers, would be unacceptable to the liberal party. Ten years later, politicians, including the liberals, were less reluctant towards the use of central databases and biometrics at the borders.
Th e German parliament discussed the NSIS only occasionally once it had become operational. In 1997, based on the fi rst report of the Joint Supervisory Authority,
16 Bundestag Drucksache 11/12282, 28 September 1989. 17 Bundestag Drucksache 11/12278. 18 Bundestag Drucksache 12/7279, 30.04.1992. 19 10th Annual report of the Federal Data Protection Authority, Bundestag Drucksache 11/6458,
pp. 95–96. 20 Bundestag Drucksache 12/14016, 17.6.1993.
Brouwer ch-12.indd 388 4/4/2008 5:51:24 PM
Germany 389
members of parliament questioned the functioning and especially the lack of a legal basis for the SIRENE organisation.21
2.3. SIS II
To my knowledge, before 2004, the German parliament did not make any substantial inquiry into the development of the second-generation SIS. In 1999 and 2001, the German parliament was informed of the development of SIS II in the annual reports of the Federal Data Protection Commissioner.22 However, the questions and concerns raised in these reports were not followed by parliamentary questions.
In November 2004, the German government was questioned not only about the exchange of information between internal security agencies in the EU, but also on the future development of the SIS.23 Th ese questions concerned the content of political discussions at EU level with regard to SIS II and, especially, the proposals on the interoperability and synergy between SIS II and VIS. Th e questions about SIS I and SIS II concentrated on the possibility of increasing the effi ciency of SIS II, but did not deal at all with the current defi ciencies of SIS I or the legal protection of data subjects.
In March 2006, members of the German parliament referred to the lack of any substantial debate with regard to the development of SIS II.24 Quoting from the reports of the German data protection commissioners (see below), they expressed their concerns about the current problems with regard to the reliability of the information in SIS II and the lack of data protection rules. Answering these ques-tions, the government forwarded data on the current use of SIS, including the number of reports registered by the German and other Schengen authorities in the SIS, the number of hits and the number of terminals in Germany giving the authorities access to the SIS. In these answers, the government stressed that SIS II would remain basically a search tool (Fahndungssystem) and denied that the cur-rent goal of SIS would be changed by the development of SIS II. According to the government in this same response, the right to data protection and informational self-determination (see below) would be suffi ciently guaranteed.
21 Bundestag Drucksache 13/8385, 11.08.1997. 22 17th (1997–1998) and 18th (1999–2000) annual reports of the Federal Data Protection
Commissioner, Bundestag Drucksache 15/850 and Bundestag Drucksache 14/5555 respectively. 23 Bundestag Drucksache 15/4142, 9.11.2004. Answer by the Federal government: Bundestag
Drucksache 15/368, 30.11.2004. 24 Bundestag Drucksache 16/868, 8.3.2006, Answer by the government was published in:
Bundestag Drucksache 16/1044, 24.03.2006.
Brouwer ch-12.indd 389 4/4/2008 5:51:24 PM
390 Chapter 12
3. Implementation of Article 96 CISA
3.1. Applicable Law
As in the Netherlands and in France, the criteria based on which the German authorities may report data on third-country nationals in the NSIS for the pur-pose of refusing entry are not regulated in a formal law. Th e rules included in the German immigration law are only indirectly applicable with regard to the regis-tration of third-country nationals. As we will see below, the Residence Act 2004 (Aufenthaltsgesetz ) assigns general competence to immigration authorities to store data on third-country nationals in police fi les for specifi c purposes, but does not explicitly refer to the implementation of Article 96 CISA or to the storage of information in the NSIS itself.25 Th e same is true for the Federal Police Act (Gesetz über die Bundespolizei) of 2005.26 Th is law which replaced the former Border Police Act or Bundesgrenzschutzgesetz includes rules with regard to the duty and powers of the Federal Police to store and exchange information on third-country nationals, but without direct reference to the CISA.
More specifi c rules with regard to the storage of data in the NSIS and its use are set forth in ministerial instructions of 1998: the “General instructions with regard to the implementation of the CISA” (Allgemeine Anwendunghinweise zum Schengener Durchführungsübereinkommen, hereafter referred to as AAH-SDÜ ).27 Th e AAH-SDÜ have been developed by the Federal Minister of the Interior with the aim of coordinating the application of the Schengen rules by the diff erent immigration offi ces in the Länder. Th e instructions are not binding in law. Th e AAH-SDÜ are diffi cult to read and often refer to the general laws as mentioned above. It is unclear to what extent the German immigration offi ces currently apply these instructions. Since these rules are the only available guidelines, both German data protection authorities and national courts refer to the AAH-SDÜ when dealing with questions on the interpretation of the applicable rules. Th e AAH-SDÜ are based on the former Aliens Act. At the time of completion of this study, it was unclear whether or when they will be reviewed.
25 With the Immigration Act of 30 July 2004 (Zuwanderungsgesetz ) the former Aliens Act (Ausländergesetz ) was replaced by the Residence Act (Aufenthaltsgesetz ). BGBl. 2004, Teil I, nr. 41, 5 August 2004. Th e full title of the Immigration Act 2004 is: “Act to control and restrict immigration and to regulate the residence and integration of EU citizens and foreigners.” An offi cial English translation of this law is available at http://www.bmi.bund.de.
26 Law changing the name of Bundesgrenzschutz into Bundespolizei, 21.06.2005, BGBl. 2002, I, p. 1818.
27 No offi cial publication available: published in G. Renner (introduction) Verwaltungsvorschriften zum Staatsangehörigkeits- und zum Ausländerrecht, Baden-Baden: Nomos Verlaggesellschaft 2001, p. 575 ff .
Brouwer ch-12.indd 390 4/4/2008 5:51:24 PM
Germany 391
3.2. National Criteria for Entering Th ird-Country Nationals in NSIS
3.2.1. General RulesIn practice, the input of information on third-country nationals for the purpose of refusal of entry on the basis of Article 96 CISA is performed by the German police, both the Federal Police as well as the police in the Länder. However, the decision to store information in the NSIS is taken either by the immigration offi ces in the Länder (Ausländerverwaltung), or by the Federal Police (former Bundesgrenzschutz or Border Police) and the BKA . Th e BKA cannot report third-country nationals in the NSIS itself; the Federal Police forwards the information about persons on behalf of the BKA.
Th e implementation of Article 96 in German law and practice is based on a strict diff erentiation between the two categories as described in Articles 96 (2) and 96 (3). Either persons are reported into the NSIS to be refused entry on the basis of public order and security grounds (96 (2) ) or based on a prior decision of expulsion, removal or deportation (96 (3) ). Th e majority of data in the NSIS reported by the German authorities concerns the latter category. Th ese data are mostly reported in the NSIS by German immigration offi ces (Ausländerbehörden).28 A limited interpretation of Article 96 CISA has been advocated by Westphal, an instructor at the Federal Police Academy (formerly the Border Police Academy). According to him, Article 96 would not allow the systematic storage of data on third-country nationals in the NSIS. Each report in the NSIS would have to be based on an individual decision and each decision would require the balancing of the diff erent interests at stake.29
3.2.2. Persons to be Expelled, Removed or DeportedRegistration on the basis of Article 96 (3) is based on § 11 (1) together with 50 (7) of the Residence Act 2004 (§ 8 (2) and § 42 (7) of the former Aliens Act) and sec-tion 2.2.1 of the general instructions, AAH-SDÜ . Th ese rules provide for the reg-istration of third-country nationals who are either expelled, removed or deported. Th e German Residence Act diff erentiates between the requirement to leave federal territory (Ausreisepfl icht ); expulsion (Ausweisung); removal (Zurückschiebung ), deportation (Abschiebung ) and, fi nally, the ban on entry (Einreise- und Aufenthaltsverbot).30 On the basis of § 11 (1) Residence Act, a person who is ordered to leave the country or has been expelled, deported or removed, is forbidden from re-entering Germany. Infringement of this prohibition of stay or entry is a criminal
28 Th ere are approximately 650 immigration offi ces in Germany. 29 V. Westphal & E. Stoppa, Ausländerrecht für die Polizei, 3. Aufl age, Lübeck: 2007, p. 547 ff . 30 I use the words included in the offi cial English translation.
Brouwer ch-12.indd 391 4/4/2008 5:51:24 PM
392 Chapter 12
act in accordance with § 95(2) Residence Act and is punishable by a term of imprisonment of a maximum of 3 years or a fi ne. Th is re-entry ban is the formal grounds for storing data on third-country nationals into the NSIS on the basis of Article 96 (3).
Th e criteria for expulsion decisions (and thus for registration in the NSIS on the basis of Article 96 (3) ) are provided in §§ 53–55 and 57 of the Residence Act 2004.31 Th ese rules include a distinction between three catego-ries of expulsion: criteria based on which a third-country national must be expelled (Zwingende Ausweisung), criteria based on which the authorities will usually expel a third-country national (Regelausweisung) and, thirdly, situ-ations in which the authority concerned has discretionary power (Ermessensausweisung). Th e fi rst category includes convictions for intention-ally committed off ences including custodial sentence for at least three years, but also custodial sentences for smuggling of foreigners. Th e second category includes criminal convictions and/or the reasonable belief that this person is or was a member of a terrorist organisation or supports such an organisation. Immigration authorities will have to assess the diff erent interests at stake in the third category of situations as described in § 55 Residence Act. Th is includes, among other things, decisions concerning the violation of immigra-tion law, drugs off ences, or the fact that the person or his or her family is claiming social security funds. With regard to decision-making in this latter category, immigration offi ces should take into account the length of stay in Germany of the person concerned and the consequences for the remaining family members with legal residence in Germany (§ 55 (3) ). Th e fi rst crite-rion is comparable to the ‘sliding-scale’ mechanism in the Netherlands (see Chapter 13).
German immigration offi cers are obliged to report a third-country national who falls within the scope of § 11 of the Residence Act to the NSIS without delay.32 Both the prohibition of stay or entry and the time limit of this re-entry ban should be registered in the NSIS. As we will see below, immigration offi cers often do not restrict the re-entry ban at all. A third-country national has the right to apply for a restriction of the re-entry ban in time; however, this requires an active role on the part of the third-country national involved. In practice, third-country nationals are not aware of this right because they are not informed by immigration offi cers. Additionally, they do not always have a lawyer who could inform them of their rights after their expulsion.
31 Th e rules on removal and deportation are provided in §§ 57–58. 32 §§ 2.1, 4.1.4.3 and 4.2.2 AAH-SDÜ .
Brouwer ch-12.indd 392 4/4/2008 5:51:24 PM
Germany 393
3.2.3. Unlawful Data Storage Regarding Rejected Asylum SeekersTh e practical implementation of Article 96 (3) CISA resulted in a large number of rejected asylum seekers who were, as we will see hereafter, unlawfully regis-tered in the NSIS by German immigration offi ces. Th is practice led in 1999 to the famous judgment of the highest administrative court in France, declaring this German practice unlawful.33
Th e illegal storage of data on asylum seekers has its origins in an administrative procedure which is applied in Germany to persons whose asylum application has been defi nitively rejected.34 If an asylum application has been rejected, this does not lead automatically to a prohibition of entry of this person. Th e decision is linked to a time limit within which the person must leave Germany. During this period of time, the person may lodge an appeal against this decision and the depor-tation order. Only if this appeal is rejected by the court, which means the person is no longer permitted to stay in Germany, the above time limit will apply. Th e person will receive an offi cial warning from the immigration offi ce that he is obliged to leave Germany and receives a form (Grenzübertrittbescheinigung’) which he has to hand to the border offi cials upon actually leaving Germany. Th e border offi cials are required to return the document to the immigration offi ce issuing this form. If this latter offi ce does not receive the form within the prescribed time, it will, based on the assumption that this person has not left Germany, automatically report this person to the German aliens administration (Ausländerzentralregister or AZR , see further section 4.1 below). Based on § 11 (1) of the German Residence Act, asy-lum seekers who have gone into hiding or who have left Germany independently may only be registered in the AZR or INPOL, but not in the NSIS, for the purpose of arrest or of fi nding their place of abode. However, in practice, the immigration offi ces do not diff erentiate between the AZR and the NSIS and, often, these asylum seekers are also stored in the NSIS. Th e AAH-SDÜ explicitly forbid the registration of third-country nationals in the NSIS solely for the purpose of tracing the place of abode of the person concerned.
Th is unlawful practice has been commented on in various reports and by various authors. Despite this information and the communications which have been specifi cally directed by the Ministries of the Interior to their immigration offi ces, immigration offi ces still continue this unlawful registration in the NSIS.35 In my view, this practice is caused by an unclear provision in the AAH-SDÜ .
33 Conseil d’État , Forabosco, see above, Chapter 11, section 7.3. 34 See also on this practice: C. Saas, Les refus de délivrance de visa fondés sur une inscription au
Système Information Schengen, Cultures et Confl its 2003, no. 49–50. 35 See recent annual reports by the German Data Protection Authorities of diff erent Länder,
described in section 6.5.3.
Brouwer ch-12.indd 393 4/4/2008 5:51:24 PM
394 Chapter 12
According to § 2.2.1.2 of these instructions, immigration offi ces may report third-country nationals to the NSIS on the basis of Article 96 (2) if an expulsion has been planned but not implemented because the person concerned went into hiding or left Germany independently. It seems odd that commentators never took into account the ambivalent rules included in these rules from 1998. Even if these rules are non-binding, they seem to be the only available guideline for the authorities involved.
3.2.4. Registration Based on Public Order and Security GroundsTh e second category concerns Article 96 (2) CISA and alerts on persons to be stored in the NSIS on public order or security grounds. Although they are in principle competent to do so, German immigration offi ces will rarely report third-country nationals in the NSIS on the basis of Article 96 (2). In general, this category of third-country nationals is reported by the Federal Police (formerly the Bundesgrenzschutz or Border Police) on behalf of the BKA , the Federal Agency for the protection of the Constitution (Bundesamt für Verfassungsschutz ) and the Ministry of Foreign Aff airs. Th e criteria upon which third-country nationals are to be entered in the NSIS on the basis of Article 96 (2) are described in internal, confi dential rules.36 However, it seems that the most important grounds being used for the storage of this category of third-country nationals is internal security (Gefahrenabwehr). Generally, the Federal Police will use the following criterion for this registration: the greater the current danger or risk at stake, the less concrete the suspicions against the person concerned need to be.37
In 2003, the Federal Commissioner for Data Protection (see section 6.5) inves-tigated the criteria being used for registration based on Article 96 (2).38 Th e Commissioner especially focussed on the responsibility of the Federal Police to check the legality and proportionality of these reports, before forwarding the data to the NSIS. Th e Data Protection Commissioner found that, in many cases, this check was not appropriately performed and that the Border Police did not check, using further information, whether the legality of the NSIS alerts is guaranteed.
A second problem which was raised by the Data Protection Commissioner in his report of 2003 concerned the persons reported on the basis of information from the Bundesverfassungsschutz or Bf V. According to the Data Protection Commissioner, the NSIS should only contain information on individuals on the basis of risks established by general police standards (“wenn eine Gefahrenlage nach
36 Polizei Dienst Vorschrift 384-I and II. 37 Interview with Volker Westphal, 2005. 38 20th Report (Tätigkeitsbericht) of the Federal Data Protection Commissioner, 2003–2004, para.
3.3.2.2 and para. 5.3.8.
Brouwer ch-12.indd 394 4/4/2008 5:51:24 PM
Germany 395
polizeirechtlichen Maßstäben vorliegt” ). Th erefore, only Article 99 CISA (secret surveillance) would allow registration based on national security grounds for-warded by national intelligence services. Th e Data Protection Commissioner was critical that, with the approval of the Federal Ministry of the Interior, Article 96 (2) had been used to store information on persons on the basis of information from the Bf V, “for the protection of the free democratic constitution of Germany” or for “purposes of public security”. Th is practice was confi rmed by the head of the SIRENE offi ce at the BKA during a parliamentary hearing in 2005.39 He referred to the reporting of third-country nationals, for example, suspected terrorists or members of the Taliban, in the NSIS for the purpose of refusal of entry on the sole basis of information from national security agencies, including foreign organisations. In his evidence, he (wrongly) suggested that the Federal Data Protection Commissioner would have approved this practice.
As we have seen above, based on Article 96 (2), Germany also inputs data on persons on the UN terrorist list s into the NSIS. Th ere is no offi cial decision on this matter but, in an informal agreement of the Schengen Working Party of 2004, Germany agreed to include these persons in the NSIS on behalf of the other Schengen States.40 Until 2005, this registration, managed by the Ministry of the Interior, was performed for 75 of the 500 listed persons because the others could not be properly identifi ed for the purpose of the NSIS.41
Th irdly, the Data Protection Commissioner referred to several examples in which the category of Article 96(2) was misused for storing individuals in the NSIS against whom another State has issued an extradition arrest, but whose extradition was prohibited by German law. Since these persons cannot be extra-dited because of the applicable laws in the requesting states allowing for death penalty or the use of torture, the German authorities list these persons in the NSIS, to prevent them from entering the Schengen territory.
3.3. In the Beginning: Storing Old Data in the NSIS
In the run-up to the operational start-up of the NSIS between 1994 and 26 March 1995, the BKA simply copied the existing fi les on third-country nationals from the Federal Police fi le, INPOL, into the NSIS. Th is meant that persons
39 Written evidence of the hearing of witnesses, 2. Untersuchungsausschuss, Deutscher Bundestag, 27. Sitzung, 22.06.2005, p. 60. Th ese hearings concerned the parliamentary inquiry on the fraudulent visa policy of staff members in the German embassy at Kiev.
40 Outcome of Article 36 Committee, 9182/03, 12 May 2003. Also dealt with in Chapter 4, section 3.
41 Source: interviews held in 2005 with offi cials of the BKA , the Federal Data Protection Commissioner and the data protection authority of Hesse.
Brouwer ch-12.indd 395 4/4/2008 5:51:24 PM
396 Chapter 12
were registered in the NSIS for off ences which occurred more than ten years ago and for reasons which were not envisaged in the CISA. As a result, Germany was for a long time responsible for the majority of data in the NSIS, compared to the other Schengen states. On 1 January 1997, of the 536,022 Article 96 reports in the SIS, 444,019 were submitted by German authorities.42 A large ‘clean-up operation’ was performed by BKA in 1997. Th is resulted in the deletion of 207,000 records on third-country nationals to be refused entry and, on 1 January 1998, of the 603,497 reports in the NSIS, ‘only’ 289,993 came from the German authorities.
Another, smaller ‘clean-up operation’ took place in 1998 on the basis of the three-year time limit of Article 112 CISA, which forced the German authorities to check the need for further storage. Th is and further clean-up operations after 1999 resulted in a further decrease in German reports on third-country nationals in the NSIS. On 1 January 2005, 176,392 reports on third-country nationals were reported in the NSIS by the German authorities.43
3.4. Authorities with Access to NSIS Data
According to the annual report from the SIRENE Working Party to the Council, the following German authorities are authorised to have direct access to the cate-gory of Article 96 CISA (data on third-country nationals to be refused entry):
– the police forces of the Länder ;– the Federal Criminal Police Department (BKA );– the Federal Police (former Border Guard or Bundesgrenzschutz );– the immigration offi ces of the Länder;– the Federal Offi ce for the Recognition of Foreign Refugees (Bundesamt für die
Anerkenning Ausländische Flüchtlinge, or BAMF);– the diplomatic and consular posts; and– the parliamentary committee on police and security matters.44
In 1998, the German authorities consulted the NSIS 65 million times; 52% were accounted for by the German border police.45 In 2000, 14,000 police agen-cies had access to the NSIS, performing more than 5 million checks each month.46 In 2005, according to information submitted by the government to the parliament,
42 H. Busch, Neue Wachstumringe im SIS, Bürgerrechte & Polizei/CILIP 63 (2/99), p. 80–84. 43 Th is is still almost 25% of total alerts concerning third-country nationals (714,078) in SIS.
Report by the C.SIS Exploitation team, 01/01/2005. 44 According to the report in the Council document 16023/04, 10 December 2004. 45 H. Busch (1999), p. 80–84. 46 M. Tuff ner, Das Schengener Informationssystem, Kriminalistik 1/00, p. 40.
Brouwer ch-12.indd 396 4/4/2008 5:51:24 PM
Germany 397
there were 70 million consultations.47 Th e government could give only an approximate number of the Federal authorities which had access to the NSIS in 2005 (12,000), but did not have any information on the number of terminals with access to the NSIS in the Länder.
3.5. Functioning of SIRENE
SIRENE is part of the BKA . It is located at the BKA premises in Wiesbaden. Th e function of SIRENE Germany is comparable to its counterparts in the Netherlands and France. As a result of the central position of the BKA with regard to the implementation, coordination and political negotiations regarding Schengen, SIRENE also seems to have an important role with regard to the practical implementation of the NSIS.
Th e functions of and the relationship between SIRENE and the immigration offi ces in the Länder are regulated in § 2.2.2.3 AAH-SDÜ . SIRENE is responsi-ble for checking whether the applicable time limits of the alerts in the NSIS are respected. Th e way in which this checking takes place is discussed in section 6.4.1. SIRENE does not check the lawfulness of the grounds for the national alerts. As in the other countries, SIRENE plays an intermediary role between national authorities and the authorities in other Schengen states based on the consultation procedure of Article 25 CISA. With regard to the applicable rules and practical problems, the SIRENE offi ce in Wiesbaden performs the role of a 24-hour helpdesk for the diff erent German offi ces involved in the NSIS.
3.6. Article 96 Hits: Duties and Responsibilities of German Authorities
3.6.1. Refusal of EntryAccording to § 1.5 AAH-SDÜ , German offi cials have the general duty to check the NSIS with regard to every decision based on immigration law (ausländerrechtliche Entscheidung). Th e German Residence Act diff erentiates between situations in which the border authorities are obliged to refuse a person entry and situations in which they have a margin of appreciation. On the basis of §§ 14 and 15 Residence Act, individuals should be refused entry if they are not in the possession of the required travel documents, if they do not have the required residence permit, or if a re-entry ban applies to this person on the basis of § 11 (1). Federal police offi cers at the borders may refuse somebody entry if they have a reasonable motive to believe that the person intends to stay for purposes other than those communi-cated to the German authorities or if he or she does not meet the requirements of
47 Bundestag Drucksache 16/1044, p. 6.
Brouwer ch-12.indd 397 4/4/2008 5:51:24 PM
398 Chapter 12
Article 5 of the CISA. Th is means that the refusal of entry based on an Article 96 (3) alert is only imperative if it is based on the re-entry ban of § 11 (1) of the Residence Act. Th is is also laid down in § 5.1.3.1 AAH-SDÜ.
3.6.2. Expulsion of Aliens on the Basis of an Article 96 CISA HitBased on the rather complicated regulation of §§ 5.1.3.2 and 5.1.3.3 AAH-SDÜ , a third-country national can only be directly expelled on the basis of an Article 96 (3) alert by German authorities. A person cannot be immediately expelled on the basis of 96 (3) alerts which are reported by other Schengen States, nor on the basis of Article 96 (2) alerts reported by German and foreign authorities. Th is means that, in these latter situations, a German offi cial can only remove or refuse this person entry at the borders (Zurückschiebung ) but not expel him once he is in the country. In these situations, the German offi cial will have to issue a separate administrative decision. Th e BKA has criticised this reg-ulation (which only applies in Germany), since this would mean that German offi cers – whenever they obtain a hit in the SIS on a person during a check within the German territory – cannot expel this person immediately. In the situation where persons have been reported to the NSIS by German authorities on the basis of 96 (2), they will also be stored for the purpose of arrest in INPOL. So, in this situation this problem would not arise.
3.6.3. Article 96 Hits and Visa ApplicationsBased on § 6 of the German Residence Act, a visa can only be issued if the appli-cant meets (among other things) the requirements of the CISA. Th is means, in accordance with Article 5 CISA, if the person has been recorded in the NSIS for the purpose of refusal of entry, embassies and consular posts are obliged to refuse this person a visa. Each visa application is checked against data stored in the AZR and in the NSIS on the basis of Article 96 CISA. German consulates and embassies have no on-line access to the NSIS.48 Every visa application is through a German electronic network, submitted to the Ministry of Foreign Aff airs and from this organisation to the Federal Administration (Bundesverwaltungsamt). Th is organisation, responsible for the Central Aliens Administration or the AZR (see below), will check by consulting the AZR, as well as the SIS and other data-bases such as the German police fi le INPOL, whether the person in question is reported as ‘inadmissible’. If the person is reported as such, this information will be forwarded to the consulate or embassy involved. On the basis of this information, the visa application will be automatically rejected without further inquiry.
48 Bundestag Drucksache 16/1044, p. 5.
Brouwer ch-12.indd 398 4/4/2008 5:51:24 PM
Germany 399
4. Intermezzo: German Policy Governing Th ird-Country Nationals
4.1. Th e Central Aliens Administration or the AZR
4.1.1. Th e Need for a Legal BasisSince 1953, a centralised administration of aliens living in Germany (Ausländerz-entralregister, hereafter AZR ) has been established. Th e automation of this admin-istration started in 1967. Th is central database, long the largest database on individuals in Germany, functioned for 40 years without a formal legal basis. Initially, there was only a legal reference to this registration in the Act on the Federal Administration of 28 December 1959.49 After the famous Volkszählungsurteil in 1983 (see section 6.2.2 below), both the legislator and commentators became aware that this large database on aliens required a formal legal basis.50 It would nevertheless take more than ten years before this law was adopted. Th is Act on the central aliens administration (Gesetz über das Ausländerzentralregister, hereafter AZRG ) entered into force on 1 October 1994.51
4.1.2. Content of the AZR Based on Article 4 of the Immigration Act (Zuwanderungsgesetz ) 2004, the Federal Agency for Migration and Asylum is the authority responsible for the AZR . In the AZR, information is stored on every non-German national (includ-ing EU nationals) residing (not temporarily) in Germany, or persons falling within the categories listed in § 2 (2) of the AZRG . Th is includes persons having applied for asylum or a residence permit (visa applications excluded), persons against whom an expulsion order has been issued, extradited persons, etc. Although welcoming the legal basis for the AZR, many organisations and com-mentators opposed the functioning of the AZR.52 Th e Federal Data Protection Commissioner and the data protection authorities of the Länder expressed their concerns with regard to the AZR at their meeting in 1994.53 Th eir objections
49 Gesetz über die Errichtung des Bundesverwaltungsamtes, BGBl. I, p. 829, § 6: “Th e Federal Administration Offi ce holds for the purpose of the administration the Central Administration on Aliens [AZR ] on the aliens residing in Germany”.
50 Bundestag Drucksache 10/5859, 16.07.86. 51 BGBl. I, 2265; Bundestag Drucksache 12/6938, 12/7520. Further rules are included in
Verordnung zur Durchführung des AZR-Gesetzes (AZRG-DV) vom 17. Mai 1995 (BGBl. I, p. 695) und der Verwaltungsvorschrift zum AZR-Gesetz (AZR-VV) vom 4. Juni 1996 (GMBl. 1996, p. 334).
52 A. Schriever-Steinberg, Das Ausländerzentralregistergesetz, NJW 1994, Heft 50, p. 3276 and Th . Weichert, Ausländererfassung in der Bundesrepublik. Die informationellle Sonderbehandlung von Immigrantinnen und Flüchtlingen, Bürgerrechte & Polizei-CILIP 45 (2/1993).
53 9 and 10 March 1994, http://www.lfd.m-v.de/beschlue/ent47.html.
Brouwer ch-12.indd 399 4/4/2008 5:51:24 PM
400 Chapter 12
concerned, for instance, the centralised functioning of the administration of foreigners and the large group of public authorities with on-line access to for-eigner administration. Th ey were also concerned about the fact that this database would be accessible by police and internal security organisations and that the data stored in the AZR was not directly obtained from the persons themselves. Finally, they opposed the possibility included in the AZR law of retrieving infor-mation from the database about a group of persons, using profi ling techniques, in other words using certain common criteria.
In September 1995, lawyers and members of civil rights organisations who were concerned about the individual rights of the persons registered in the AZR lodged a constitutional complaint (Verfassungsbeschwerde ) against the AZRG . Th is complaint was rejected by Federal Constitutional Court in 2001.54 Th e rejection was based on the grounds that the law included adequate possibilities for legal remedies for indi-viduals aff ected by the use of the central foreigner administration. Th e Constitutional Court, however, recognised that the German AZRG did not include a right of information for the data subject, as required by EC Directive 95/46 on the protec-tion of personal data. According to the Constitutional Court, this did not preclude applicants from using the available remedies in specialist lower courts.
In 2005, the AZR included 23.7 million data on persons, 6.7 million concerning third-country nationals residing in Germany, and was used by more than 6,000 German organisations.55 By 2004, according to offi cial statistics from the Federal Agency for Migration and Refugee Policy (BAMF), 7.3 million foreigners had apparently stayed in Germany, of whom 2.3 million were nationals of EU Member States.56 Later, the BAMF announced that these numbers were wrong. After the AZR had been reorganised in 2004, the number of foreigners in Germany reported in this central fi le dropped from 7.3 million to 6.7 million.57 Data on foreigners, including EU citizens, are to be erased from the AZR when the foreign national acquires German citizenship, fi ve years after his death or ten years after his last departure from Germany.
In 1999, the President of the European Parliament submitted a petition to the Federal Data Protection Commissioner concerning the fact that the AZR includes information on EU citizens and questioning whether this was not in breach of EC Directive 95/46.58 Th e Data Protection Commissioner concluded that the storage of data on EU citizens could be necessary. However, according to the
54 Bundesverfassungsgericht 10.10.2001 - BvR 1970/95, published in InfAuslR 2/2002, p. 91. 55 Information provided by the Bundesverwaltungsamt, http://www.bva.bund.de (Dec. 2006). 56 Th ese data are still referred to in a publication of March 2005 of the BAMF, Immigration Law
and Policy, http://www.bmi.bund.de. 57 BAMF, Migrationsbericht 2005, p. 103–105. http://www.bmi.bund.de. 58 19th Report Bundesdatenschutzbeauftragten, 2001–2002, p. 166. http://www.bfdi.bund.de.
Brouwer ch-12.indd 400 4/4/2008 5:51:25 PM
Germany 401
Data Protection Authority, the systematic storage of data on all EU citizens residing in Germany would be unlawful. On 7 July 2004, the European Commission began legal proceedings against Germany before the Court of Justice, claiming that the registration of EU nationals is in breach of the non- discrimination clause of Article 6 of the EC Treaty.59 On 28 December 2006, the Oberverwaltungsgericht of North Rhine-Westphalia lodged a preliminary request regarding the registration of EU citizens in the AZR.60 Th e German court sub-mitted the question of whether the general processing of the personal data of EU citizens in the AZR is compatible with:
a. the prohibition of discrimination on the grounds of nationality against citizens of the Union who are exercising their right to move and reside freely within the territory of the Member States (fi rst paragraph of Article 12 TEC in con-junction with Articles 17 TEC and 18(1) TEC);
b. the prohibition of restrictions on the freedom of establishment of nationals of a Member State in the territory of another Member State (fi rst paragraph of Article 43 TEC);
c. the requirement of necessity under Article 7(e) of Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
4.1.3. Amendments on the Basis of the Prevention of Terrorism ActTh e German Prevention of Terrorism Act (Terrorismusbekämpfungsgesetz, hereafter TBG) of 20 December 2001 extended the competences of German authorities in the fi eld of internal security and data control.61 Th is law provided the basis for a variety of measures facilitating the gathering of information by security agen-cies and police. Th e new competences in the fi eld of information exchange and recording were justifi ed by a spokesman for Mr. Schily, the former Minister of the Interior, with the argument that, “data protection should not result in terror-ist protection”.62 With regard to information exchange in general, the Federal Internal Security Agency (Verfassungsschutz) obtained increased powers to retrieve information from, for instance, telecommunication and postal organisations,
59 According to the Federal Data Protection Commissioner in its 20. Tätigkeitsbericht 2003–2004 para. 6.1.4. I found no further information on this procedure.
60 Case C-524/06, Heinz Huber v. Germany. 61 BGBl. 2002 I, 361. Th is law entered into force on 9 January 2002. See, for a general overview of
this legislation: E. Brouwer, Germany: Controlling Data, in: Brouwer, Catz & Guild (2003), p. 27 ff . See also: U. Davy, Immigration, Asylum, and Terrorism: How do they relate in Germany?, in: Baldaccini & Guild (2006), p. 177 ff .
62 Speech of 16.10.2001, cited in the position of the German Data Protection Association of 25.09.2001.
Brouwer ch-12.indd 401 4/4/2008 5:51:25 PM
402 Chapter 12
airlines and fi nancial organisations (Article 1 TBG, change to the Federal Protection of the Constitution Act). Article 1(6) TBG introduced the obligation for the Federal Agency for the Recognition of Foreign Refugees and the German immi-gration offi ces to forward information voluntarily to the Internal Security Agency, each time there are actual indications that this data exchange is necessary for the execution of the tasks of this latter institution. § 16 V (1) 1 of the Asylum Procedure Act allows for the fi ngerprints of asylum seekers to be compared automatically with police data.
Th e TBG included some amendments to the AZRG , allowing wider use of the data stored in the AZR . § 12 AZRG already provided for the exchange of infor-mation on groups of aliens meeting the same criteria. Th is practice of group pro-fi ling or Gruppenauskunft is allowed, fi rstly, when this is in the interests of this particular group of persons, for example if the public authorities want to send special information to this group. It is also possible to forward information on groups of aliens from the AZR to police or security offi cials, if this is necessary for national security or a criminal investigation. Th is measure involving the profi ling of aliens does not meet the same, stricter rules of profi ling as regulated in the gen-eral police laws. With the TBG, the possibility of group profi ling has been further expanded. Th e new § 12 (1) AZRG allows the collection of data on a group of persons on the basis of the more general criterion of “for the prevention of danger”, instead of the former narrower requirement of “actual present danger”.
With § 13 (7) of the TBG, a new paragraph has been inserted in the AZRG , granting organisations such as the police, the Federal Police (former Border Police) and the customs authorities easier access to this database, including on-line access. Th e information retrieved by these organisations may be recorded for 5–10 years. Finally, a new provision in AZRG (§ 3) made it possible to store information on the religion of the person concerned in the AZR if this person forwarded this information voluntarily.63
Many organisations have expressed concerns about the discriminatory and stigmatising eff ects of the provisions under the TBG, particularly the restrictive measures aimed at asylum seekers and immigrants. In November 2001, the German Data Protection Association published a position specifi cally referring to the consequences of the draft TBG for foreigners.64 In this position paper, the association criticised the extra measures taken to control third-country nationals, in the form of the registration and the exchange of information.
63 Th is new provision has been described as a “useless, even dangerous provision” by Th . Weichert, Datenschutz für Flüchtlinge nach der Anti-Terror-Gesetzgebung, Asylmagazin 4/2002, p. 4–9.
64 German Data Protection Association (Deutsche Vereinigung für Datenschutz) with relation to the provisions in the draft TBG, which especially relates to the data protection of foreigners, 15 November 2001.
Brouwer ch-12.indd 402 4/4/2008 5:51:25 PM
Germany 403
4.2. Visa Information System
Th e German visa database (Visadatei) is the second largest personal database in Germany. Although this database has been in existence since 1953 as a comple-ment to the AZR , it was only legalised with the AZRG in 1994. Th e use of and information to be stored in this database are regulated in §§ 28–33 AZRG. Th e Federal Criminal Police Offi ce, the Federal Police and the immigration offi ces of the Länder are authorised to have access to the visa database. Originally, the German visa database only included records on every visa application forwarded to one of the German embassies or consular posts. On the basis of § 29 AZRG, as amended by Article 13(9) TBG, not only visa applications, but also all decisions made with regard to this application are recorded, including the withdrawal of a visa. Moreover, the amendment provided for the recording of photographs in the visa database.
In 2005, the time limits applying to the storage of data in the visa database were extended. Before this amendment, data regarding visa applications were to be stored for two or three years. Th e three-year time limit applied to visa applica-tions by third-country nationals from certain countries and was justifi ed on the basis of internal security reasons. Th ese time limits have been changed to fi ve and 10 years respectively.65
By 2004, the German visa database held 10.8 million records on persons, including 3 million decisions with regard to visa applications and 1.7 million photographs.66 Prior to the decision-making on VIS taken at EU level, in 2000 the German government launched a pilot project – VISA 2000. Th is project includes an automated data processing network, allowing every embassy and consular post to enter their data on visa applications. Using this system, other embassies can discover whether an applicant has already applied for a visa from another German representative.67 As we have seen in Chapter 5, the EU Visa Information System is based on the same idea.
4.3. Computer Profi ling or Dragnet Searching (Rasterfahndung )
4.3.1. Before 11 September 2001: Tracking RAF TerroristsTh e practice known as computer profi ling or dragnet searching (Rasterfahndung 68) was developed by the BKA during the 1970s. Introduced by Horst Herald, the president of the BKA between 1971 and 1981, computer profi ling was developed
65 § 19 of the implementing rules to the AZRG (Verordnung zur Durchführung des Gesetzes über das Ausländerzentralregister - AZRG-DV), Act of 14.10.2005, I 2982.
66 See the 20th Report of the Federal Data Protection Commissioner, 2003–2004, para. 6.2.4. 67 19th Report 2001–2002, Federal Data Protection Commissioner, p. 41. 68 Literally, Rasterfahndung means ‘raster or grid search’. Based on the assumption that specifi c cri-
teria apply to the searched person or group of persons, information on large numbers of persons is further reduced by deleting those persons who do not meet all of these criteria.
Brouwer ch-12.indd 403 4/4/2008 5:51:25 PM
404 Chapter 12
into a specialised technique by the German police. Th is technique is used to retrieve information on suspected persons by comparing diff erent public and non-public databases using a sociological and psychological ‘profi le’ of the person tar-geted. Th e fi rst time computer profi ling was claimed to have been used was in 1979, when the German police arrested Rolf Heißler, a suspected member of the radical left-wing organisation, the RAF. Based on the assumptions that a terrorist would only rent accommodation of 1–3 rooms, would not register with the local municipality and would only pay his water and electricity bills in cash, the German police was able to trace Heißler by comparing the diff erent relevant databases.
Th is use of computer profi ling was critically received in the public arena. Th e opposition was based largely on the concerns of individual data protection and the fact that this practice lacked any legal basis. When other operations of the BKA , involving the use of computer profi ling, were brought out into the open, the Federal Minister of the Interior banned the further use of this method.69
In 1992, the German law against organised crime provided a legal basis for so-called ‘repressive’ computer profi ling, confi ned to the investigation of certain criminal acts and bound by formal requirements such as control by the judiciary and the duty to report the use of profi ling to the Federal Data Protection Commissioner. With the exceptions of Bremen, Schleswig-Holstein and Lower Saxony, the laws of the German Länder regulating the tasks and powers of the police provided for the possibility of computer profi ling for the general purpose of preventing danger (Gefahrenabwehr).70 Th ese laws included diff erent criteria on the situations in which computer profi ling is allowed. In Bremen, the use of Rasterfahndung was deleted from the Länder Police Act (Landespolizeigesetz) in August 2001, because of the persistent critical views of this practice and the apparently ‘quite’ situation which would not require such intrusive methods. On 25 October 2001, however, after the terrorist attacks in the United States, the legislator of Bremen reintroduced its legal basis for Rasterfahndung.
4.3.2. After 11 September 2001: Tracking ‘Islamic Terrorists’During a meeting of the police forces of the German Länder in October 2001, it was decided that the police forces would start computer profi ling. Th is deci-sion was taken because research by the FBI showed that one or more of the hijackers of the US airplanes, responsible for the attacks of 11 September 2001, had been living in Hamburg for years, including Mohammed Atta. On the basis of a profi le provided by the BKA , police forces started searching for possible
69 B.A. Bischof, Europäische Rasterfahndung – grenzenlose Sicherheit oder gläserne Europäer?, Kritische Justiz, Jrg. 37, Heft 4–2004, p. 362–363.
70 B.A. Bischof (2004), p. 367 ff .
Brouwer ch-12.indd 404 4/4/2008 5:51:25 PM
Germany 405
fundamentalist Muslim terrorists living inconspicuously in Germany, known as sleepers (Schläfer). Th e profi le used for this search was based on the identity of three perpetrators of the US attacks and included criteria such as: being male and Muslim without being fundamentalist in public, residing legally in Germany, having no children, being (technically) a student, speaking diff erent languages, frequently applying for a visa and obtaining or holding a fl ying qual-ifi cation. Th e information found by comparing population registers, the central aliens administration or AZR and the registers of universities/polytechnics, was forwarded by the Länder to the BKA. Th e BKA stored the information thus gathered in a specially created database on ‘sleepers’: Verbunddatei Schläfer. In Hamburg alone, according to a German newspaper, between October 2001 and January 2002, 30,000 male students were ‘checked’ and, on the basis of this ‘check’, 140 persons were directly contacted by the police.71
Although the BKA played an important role in the whole operation, the gath-ering of information using data profi ling took place under the auspices of the diff erent Länder. A special Coordination Group on International Terrorism (Koordinierungsgruppe Internationaler Terrorismus, KG IntTE) coordinated the interpretation of the information and the provision of further profi les. Answering a question from the PDS in the German Parliament on the extent and the eff ects of the measure, the Federal government announced, in February 2002, that the practice of computer profi ling was primarily the responsibility of the German Länder and that, as such, the Federal government could not give much informa-tion on the current results.72 In the light of the applicable security regulations in the diff erent Länder, the government considered the measures legal and propor-tional. On 30 March 2003, the BKA stated that the data profi ling operation had ceased, the special database on ‘sleepers’ was erased on 30 June 2003 and all the comparative data was deleted on 21 July 2003.73 In a fi nal report, the Commission on Internal Security (Kommission Staatsschutz), under the auspices of Ministry of the Interior, concluded that the goal of the dragnet search operation, to fi nd more ‘sleepers’ in Germany, had not been achieved ‘yet’. According to this unpub-lished report, the BKA encountered diff erent problems during the operation, such as a lack of coordination with the various Länder and a lack of suffi cient resources. Th is included the lack of staff to analyse the available information.
71 Der Tagesspiegel, 22.01.2002. 72 Bundestag Drucksache 14/8257, 18.02.2002. 73 M. Kant, Nothing doing? Taking stock of data trawling operations in Germany after 11
September 2001, Statewatch, May-August 2005 (Vol. 15 no. 3/4), p. 19.
Brouwer ch-12.indd 405 4/4/2008 5:51:25 PM
406 Chapter 12
NGOs, data protection authorities and politicians strongly opposed the practice of Rasterfahndung to trace Muslims living in Germany. In a press release of 24 October 2001, the German Data Protection Association advocated the termination of the computer profi ling because it constituted a violation of con-stitutional and human rights for certain groups, such as the right to privacy, free-dom of religion and the presumption of innocence.74 In its annual report for 2003–2004, the Federal Data Protection Commissioner called for an extensive debate on the usefulness and legality of this computer profi ling practice after 11 September. Th e Data Protection Commissioner considered a timely debate espe-cially necessary in view of the fact that the German government tried to extend this practice to the other EU Member States.75
4.3.3. Assessment of Data Profi ling by Lower German CourtsBetween January and November 2002, several German courts passed judgment on complaints from persons about the forwarding of their personal data to the police either by universities or population offi ces.76 Th e available German jurispru-dence with regard to this practice shows diff erences in interpretation depending on whether there is “a current actual danger to internal security ”, which, according to the applicable laws of the Länder, is a condition for lawful computer profi ling. In the majority of the judgments found, the courts accepted the prognosis of risk as presented by the local and Federal governments for the justifi cation of the use of data profi ling .
In North Rhine-Westphalia, the local population offi ce and universities provided the police with information on all males aged between 18 and 40. When a Jordanian national lodged a complaint with the competent courts, the Court of Appeal in Düsseldorf (Oberlandgericht) upheld the decisions of the lower courts. In these lat-ter judgments, the use of his personal data had been considered legal because the applicant fell within the category of “the required proximity to a dangerous situa-tion” purely because of his nationality.77 Th e Court of Appeal ruled on 8 February 2002 that, regarding a decision as to whether there is a current danger to internal security , lower standards may be applied to judge the actual risk of a potential dan-ger if the expected damage is substantial. However, dealing with the complaint from a German national, the Court of Appeal ruled on the same date that the retrieval of information was disproportionate and therefore an infringement of the
74 Stellungnahmen zum Sicherheitspaket II anlässlich der Pressekonferenz im Haus der Demokratie und Menschenrechte am 24.10.2001 in Berlin; http://www.cilip.de/terror/stellung.htm.
75 20th Report Federal Data Protection Commissioner 2003–2004, p. 55. 76 See for an overview and publication of this jurisprudence: http://www.cilip.de. 77 Decision of 8 February 2002, Az. 3 Wx 351/01. http://www.olg-duesseldorf.nrw.de.
Brouwer ch-12.indd 406 4/4/2008 5:51:25 PM
Germany 407
applicant’s right to informational self-determination (see section 6.2 below).78 According to the Düsseldorf Court of Appeal, the authorities should have assessed whether a less intrusive method could be applied. In this case, the court found that the data profi ling could have been limited to males holding the nationality of or born in one of the states listed as a ‘risk country’, or males who were Muslim.
On 22 March 2002, the Administrative Court of Appeal of Rheinland-Pfalz annulled the decision of the lower court, in which it was decided that computer profi ling was illegal and disproportionate.79 Th e Court of Appeal concluded that this measure was eff ective and proportionate. Th is reasoning was based solely on “the real chance that terrorist attacks would occur again”. In a judgment of 27 February 2002, the administrative court of Hamburg explicitly found that there was a current threat of danger during the period when the disputed computer profi ling took place, i.e. the period between 19 September and 15 October 2001.80 According to this judgment, the fact that the Federal government had announced in parliament on 12 September 2001 that there were no indications that terrorist attacks would occur in Germany did not rule out the existence of a current threat of danger.
In other judgments, the practice of computer profi ling was declared unlawful. For example, the judgments of both the Amtsgericht in Berlin and the Landgericht in Wiesbaden dealt with public and private organisations which had submitted to the police, upon request, data regarding young male Muslim students from diff erent databases.81 Th e Berlin judgment dealt with the appeal of students from Muslim countries, as well as several students from Israel and France. Th e courts ruled that the data exchange in question was unlawful because there was no cur-rent threat to internal security . With regard to this latter assessment on the current threat to Germany, both courts relied on various press statements by the Minister of the Interior. In April 2002, the higher civil court (Kammergericht) of Berlin annulled the decision of the Amtsgericht in Berlin, stipulating that the court gave a too narrow defi nition of what constituted a threat to the internal security.82 In line with the decision of the Court of Appeal of Düsseldorf, the court of Berlin ruled that when the damage to be feared is substantial, lower standards could be applied to the ‘prognosis’ of that danger.
78 Decision of 8 February 2002, Az. 3 Wx 357/01. http://www.olg-duesseldorf.nrw.de. 79 Oberlandesgericht Rheinland-Pfalz, 22.3.2002, Az. 12 B 10331/02, OVG (1 L1106/O1.MZ). 80 Verwaltungsgericht Hamburg, 27.02.02, Az. 14 VG 446/02. 81 Amtsgericht Tiergarten, 15.01.2002, Az. 84 T 8/02, LG Berlin, and Landgericht Wiesbaden,
6.02.02, Az. 4 T 707/01. 82 Kammergericht Berlin, 16.4.2002, Az. 1 W 89–98/02 (84 T 278, 288, 289, 308, 309, 348–351/01.
Brouwer ch-12.indd 407 4/4/2008 5:51:25 PM
408 Chapter 12
Finally, I refer to a judgment of November 2002, when the administrative court of Giessen dealt with a claim from a Moroccan student, objecting to the transmission of personal data by his university to the police.83 Th is court granted him a temporary injunction, ordering the cessation of further data exchange between the university and the police. Th e court found that the police order based on which the data communication took place was not preceded by the necessary balance of interests and lacked a specifi c legal basis.
4.3.4. Th e Constitutional Court and Data Profi ling – RasterfahndungsurteilFour years after the practice of data profi ling had formally ceased, the Constitutional Court published an important judgment in which it made clear that data profi ling is only justifi ed under special and specifi ed circumstances. Th is judgment, of 4 April 2006, concerned the complaint by a Moroccan stu-dent concerning whom (and 11,000 others) the police in North Rhine-Westphalia had gathered personal information using data profi ling.84 Th is refuted practice of data profi ling occurred between 2001 and 2004. According to the government, cited in this judgment, the information gathered did not lead to any suspects. Th e Constitutional Court decided that this use of data profi ling, based on an earlier transmission of 5.2 million data items within North Rhine-Westphalia, was a disproportionate breach of the applicant’s constitutional right to privacy.
In its judgment, the Constitutional Court explicitly referred to the extended scope of the collection of information by the German authorities, the use of many diff erent information systems and the higher risk for the person concerned of becoming a target of criminal investigation through this use of data profi ling . Th e consideration of the Constitutional Court is important, according to which data profi ling implies, for those whose constitutional rights are aff ected, the risk of becoming the subject of further administrative control measures. Th e Constitutional Court also referred to the possibility of stigmatising a group of persons in public life, especially when it concerns, as in the refuted practice of data profi ling, persons from specifi c countries who are also Muslim.
“For those persons whose constitutional rights it aff ects, data profi ling means a higher risk of becoming the target of further offi cial investigative measures. Th is has been demonstrated to a certain extent by the outcome of the data profi ling imple-mented since 11 September 2001. (…) Furthermore, the very fact of police data profi ling having been carried out according to certain criteria – if it becomes known – can have a stigmatising eff ect on those who meet these criteria. (…) It is relevant, with regard to the intensity of the eff ects of the data profi ling carried out since
83 Verwaltungsgericht Giessen, 8.11.2002, Az. 10 G 4510/02. 84 Decision of 4 April 2006, 1 BvR 518/02, http://www.bundesverfassungsgericht.de.
Brouwer ch-12.indd 408 4/4/2008 5:51:25 PM
Germany 409
11 September 2001, that it is targeted at foreigners of certain origins and Muslim beliefs, which always involves the risk of spreading prejudice and stigmatising these population groups in the public perception.”85
Th e Court concluded that such a measure could only be justifi ed on the basis of a specifi c threat of an attack which would cause substantial harm, where the threat is based on concrete facts. Finally, the German Constitutional Court found that the general situation of threat prevailing since the events of 11 September 2001 or the threat of terrorist attacks apparently caused by current foreign policy positions or military operations were not suffi cient reasons to justify this practice of data profi ling .
4.4. Biometrics and Border Control
Long before the discussions started at EU level, the use of biometrics for the purposes of identity and immigration control was already on the agenda of the German government. In 1993, during the discussions in the German Parliament with regard to the NSIS, a member of the Liberal Party (FDP) refers to the plans by the German Minister of the Interior to establish “partly automated border control (teilweise automatisierten Grenzkontrolle).86 Th ese plans were to include the use of biometric data (fi ngerprints and length of hand) in travel documents, to be stored in a database.87 Since that time, the use of biometrics has regularly reappeared on the German political agenda. After the terrorist attacks in the US and, later, in Madrid and London, the former Minister of the Interior, Mr. Schily, pursued a dynamic approach to the projects involving the use of biometrics for security purposes. For example, the insertion of biometric data into the residence permit was envisaged in the new Residence Act of 2004. Based on Article 78 (3) of the Residence Act, a residence permit may include: a photo, biometric
85 Para. 110–112. Translation Claire Singleton (“Die Rasterfahndung begründet für die Personen, in deren Grundrechte sie eingreift, ein erhöhtes Risiko, Ziel weiterer behördlicher Ermittlungsmaßnahmen zu werden. Dies hat etwa der Verlauf der nach dem 11. September 2001 durchgeführten Rasterfahndung gezeigt. (…) Ferner kann die Tatsache einer nach bestimmten Kriterien durchgeführten polizeilichen Rasterfahndung als solche - wenn sie bekannt wird - eine stigmatisierende Wirkung für diejenigen haben, die diese Kriterien erfüllen. (…) So fällt etwa für die Rasterfahndungen, die nach dem 11. September 2001 durchgeführt wurden, im Hinblick auf deren Eingriff sintensität ins Gewicht, dass sie sich gegen Ausländer bestimmter Herkunft und muslimischen Glaubens richten, womit stets auch das Risiko verbunden ist, Vorurteile zu reproduzieren und diese Bevölkerungsgruppen in der öff entlichen Wahrnehmung zu stigmatisieren.”)
86 Wolfgang Lüder (FDP) in Deutscher Bundestag, 12. Wahlperiode, 163. Sitzung Berlin, 17 June 1993, 14016.
87 See also 14th Report of the Federal Data Protection Commissioner.
Brouwer ch-12.indd 409 4/4/2008 5:51:25 PM
410 Chapter 12
data: fi ngerprints, hands or face and possibility of encrypted storage. Th e use of an ‘automatic reading zone’ (including data on name, date of birth, gender, nationality and residence permit) allows the German authorities to record, trans-mit and use these data from the automatic reading zone in the performance of their tasks.
On 12 February 2004, the Minister of the Interior launched a pilot project on automatic border control supported by the use of biometrics.88 Th e purpose of this project, for which 8,600 persons volunteered, was to check the reliability of iris rec-ognition for verifi cation and identifi cation purposes. With regard to the latter, the test was also intended to check whether the inclusion of biometrics in travel docu-ments could be used to search for wanted persons recorded in police fi les, such as INPOL and the NSIS. In 2005, a pilot project was launched with regard to the use of biometrics at the German embassies and consular posts abroad.
Th e German parliament (Bundestag) agreed in May 2007 with the amendment of the German passport law (Passgesetz) providing for the registration of biomet-rics into the German passports.89 During the parliamentary discussions, the government and its coalition parties justifi ed this proposal by stressing the obli-gation to implement EC law on biometric passports. Th ey did not mention that during the negotiations at the EU level, it was the German government which actively supported the use of biometrics. Because of general objections in German policy against the central storage of biometric data, the amended passport law explicitly provides that the passport data will not be stored into a central, federal database. Th e digital photographs and fi ngerprints only will be inserted into the chip included in the passport. Furthermore, the amended text provides that only in emergency cases, law enforcement authorities will have “online-access” to the passport data (Eilfall ).
5. Rights and Legal Remedies: Generally Applicable Rules
5.1. Article 19 (4) Constitution
Th e right to legal remedies for everyone whose constitutional rights are aff ected by public administration has been incorporated in Article 19 (4) of the German Constitution:
88 20th Report of the Federal Data Protection Commissioner 2003–2004, p. 62. 89 Drucksache 16/4138. Th e coalition parties CSU/CDU and SDP voted in favour, the opposition
parties against this amendment. See for the parliamentary discussions and plenary voting: Plenarprotokoll 16/100, 24 May 2007. http://dip.bundestag.de/
Brouwer ch-12.indd 410 4/4/2008 5:51:25 PM
Germany 411
“Wird jemand durch die öff entliche Gewalt in seinen Rechten verletzt, so steht ihm der Rechtsweg off en. Soweit eine andere Zuständigkeit nicht begründet ist, ist der ordentlichen Rechtsweg gegeben (…).”
Th e German Constitution diff erentiates between constitutional rights which apply universally and other rights which apply to German nationals only. Th ese latter, so-called basic or civil rights for Germans (Deutschen-Grundrechte or Bürgerrechte), include for example the right to free assembly (Article 8) and free movement within the federal territory (Article 11). As long ago as 1973, the Constitutional Court emphasised that the right to legal remedies on the basis of Article 19 (4) applies in full to individuals holding a foreign nationality, who claim that their constitutional rights are aff ected.90 Th e Constitutional Court dealt in this case with an expulsion measure against persons of Palestinian Arabic origin, which was based on a list of suspected persons compiled by the Bavarian police after the attacks by a Palestinian organisation in Munich during the Olympic Games. In this and subsequent judgments, the Constitutional Court stressed the importance of legal remedies with appropriate safeguards to guaran-tee individuals eff ective judicial protection.91 Th e guarantees as defi ned by the Constitutional Court included the possibility for the court to review the content of the administrative decision and the requirement that access to courts should not be made too diffi cult by formal requirements. Th e applicable procedures should give the claimant not only access to the courts, but also the right to be eff ectively heard.
In order to guarantee the right to eff ective judicial protection in accordance with Article 19 (4) of the Constitution, the Constitutional Court ruled, in a judgment of 27 October 1999, that the courts should have access to information which forms the basis of the refuted decision, in order to be able to assess the legality of this decision.92 Th is right includes the duty to transmit the informa-tion to the courts even if the fi les concerned are labelled as confi dential for national security reasons. Th e case concerned the claim from an employee whose labour contract with a Bavarian governmental agency was not renewed on the basis of secret information from the German intelligence service (Verfassungsschutz). Th e Bavarian government denied the individual’s right to have the secret infor-mation assessed by an independent court, partly because the decision to refuse this right would not infringe the data protection rights of the applicant.
90 BVerfG 18.7.1973, 1 BVR 23 155/73. 91 BVerfG 16.3.1999, 2 BVR 2131/95, see para. 20–21, in which the Court refers to its earlier
judgments. 92 BVerfG 27.10.1999, 1 BvR 385/90.
Brouwer ch-12.indd 411 4/4/2008 5:51:25 PM
412 Chapter 12
Th e Constitutional Court set this argument aside as irrelevant, stating explicitly that the right to off er the court the possibility of access to the information during the judicial process had nothing to do with data protection rights or the right to self-determination, but everything to do with the applicant’s right to eff ective judicial protection.
Finally, the Constitutional Court stressed, in its case law the importance of the possibility for courts to grant a temporary injunction (vorläufi gen Rechtschutz93 or zeitgerechten Rechtschutz94). According to the Court, this should as far as possible eliminate the risk of irreparable damage being caused by the immediate execution of the administrative measure.
Another important provision in the German Constitution is Article 103 (1), which states that everybody has the right to be heard before a court.95 Th is provi-sion and the general rule in Article 19 (4) are the basic principles with regard to the right to eff ective remedies and have been further developed in the juris-prudence of the Federal Administrative Court and other courts.96 Th e criteria developed on the basis of these principles are also relevant to immigration and data protection law.
5.2. Th e Klass Case Before the German Constitutional Court
As we saw in Chapter 6, in the Klass judgment of 1978 the ECtHR dealt with the relationship between the right to privacy as protected in Article 8 ECHR and the interests of the State to protect internal security . Before this case was brought before the Strasbourg Court, the German Constitutional Court was questioned in 1970 on the legitimacy of the disputed legislation on eavesdrop-ping. Th is practice was based on an amendment to the German Constitution of 1968, permitting wiretaps and other interferences with private letters and tele-phone conversations, “if necessary to combat foreign and domestic enemies”.97 Th e amendment stipulated that “recourse to the courts shall be replaced by a review of the case by bodies and auxiliary agencies to be appointed by parlia-ment”. A constitutional complaint regarding this amendment was forwarded by several German citizens, among them a senior state prosecutor, Gerhard Klass.98 Th ese applicants complained, fi rstly, about the lack of judicial review
93 BVerfG 9.06.1973, 1 BvL 14/72. 94 BVerfG 27.03.1980, 2 BvR 316/80. 95 “Vor Gericht hat jedermann Anspruch auf rechtliches Gehör.” 96 BVerwG 14.03.2002, Az. 1 C 15.01. 97 BVerfG 15.12.1970, 2 BvF 1/69. 98 D.P. Kommers, Th e Constitutional Jurisprudence of the Federal Republic of Germany, Durham and
London: Duke University Press 1997, second edition, p. 228.
Brouwer ch-12.indd 412 4/4/2008 5:51:25 PM
Germany 413
of administrative acts limiting the constitutional rights of citizens and, secondly, about the fact that the amendment would infringe the “essential content of the constitutional right”.
Th e Constitutional Court rejected this complaint using the concept of a “militant democracy” which would require interpreting the Constitution so that “enemies of the Constitution must not be allowed to endanger, impair or destroy the existence of the state while claiming the protection of rights granted by the Constitution”. According to the Constitutional Court, the substantive limits and procedural safeguards of the statute satisfi ed the constitutional principles of legal-ity and proportionality , while respecting the basic concept of human dignity. With regard to the claim of the lack of independent judicial control, the Constitutional Court considered this was not in breach of the general principle of the separation of powers. In exceptional cases, according to the Court, the separa-tion of powers would allow legal protection against acts by the executive furnished not by the courts but by independent institutions, appointed or established by parliament and operating within the framework of the executive department. According to the Court, the essential point is that the rationale for the separation of powers, namely reciprocal restriction and control of state power, is still ful-fi lled.99 Th is decision and the reference of the Court to “militant democracy” can only be understood by taking into account the violent events in Germany at that time. And even then, the Court made clear that the lack of judicial control is only acceptable in exceptional circumstances.
After this rejection of their constitutional claim, Klass and others lodged a claim before the institutions in Strasbourg, claiming that their rights under Articles 6, 8 and 13 ECHR, had been breached. As we have seen, the ECtHR rejected this claim as well, but not without formulating important guarantees to be applied with regard to the use of personal information by internal security agencies.
5.3. Rule of Law: T he Principle of Proportionality
Another principle which is important in the fi eld of immigration and data protection law is contained in Article 20 (3) of the German Constitution. Th is provision affi rms the principle of the rule of law , stating: “the legislator is bound by the constitutional order, the administration and the judiciary by the legisla-tion and by the law”. According to the Constitutional Court, this notion of the rule of law implies the duty of proportionality (Verhältnismässigkeit or Übermaßverbot ) as a standard which generally applies to every state measure.100 In the literature,
99 Paras. 27–28. 100 BVerfGE 92, 2777 ff .; BVerfG 65, 1 [44], BVerfG 23, 1333.
Brouwer ch-12.indd 413 4/4/2008 5:51:25 PM
414 Chapter 12
it is considered that the principle of proportionality also applies to measures in the fi eld of immigration law. It can be invoked by third-country nationals in Germany, whether they are residing lawfully or unlawfully.101
5.4. Applicability of Administrative Procedural Law
5.4.1. Diff erence in RemediesTh e Federal Act on the Procedures of Administrative Courts (Verwaltungsgerichts-ordnung, hereafter, the VwGO102) is applicable with regard to administrative decisions based on the German Residence Act (§§ 77 ff ). Furthermore, general administrative principles are set forth in the Administrative Act of 1976 (Verwalt-ungsverfahrengesetz, hereafter, the VwVfG).103
I will not discuss the details of the German administrative law, but only describe those rules which are also relevant to data protection and immigration law.104 In the fi rst place, German administrative law provides for the general pos-sibility of objection to the administrative authorities (Widerspruch, § 68 ff VwGO). Th is objection has to be forwarded within one month of the adminis-trative decision being notifi ed to the applicant concerned. With regard to the rights on legal remedies, the VwGO diff erentiates between fi ve types of judicial claim, depending on which specifi c action or measure is required of the administration.
Th e fi rst two claims, the Anfechtungsklage and Verpfl ichtungsklage are regulated in § 42 VwGO and include the request to order the annulment of a decision or the withdrawal (or issue) of an administrative decision respectively. Th irdly, the so-called Feststellungsklage refers to the request for a formal declaration on the (non-)existence of a legal right, or the invalidity of a decision (§ 43 VwGO). Fourthly, the Leistungsklage (see § 43) is the claim for a judicial order requiring the administration to act or to abstain from certain action. Th is appeal can be relevant in the situation where a person is seeking the prohibition of the transfer of his or her data to other authorities. A fi nal option is the use of the so-called Fortsetzungsfes-tstellungsklage: this is an appeal for confi rmation that the refusal concerned was in breach of the applicable law. Such confi rmation can give the applicant the right to ‘rehabilitation’, with a complementary right to fi nancial compensation. Furthermore, this confi rmation may prohibit the repetition of unlawful decisions.
101 K. Hailbronner in: J.A. Frowein, Torsten Stein (eds.), Die Rechtsstellung von Ausländern nach staatlichem Recht und Völkerrecht, Berlin/Heidelberg: Springer Verlag 1987, Teil 1, p. 387.
102 Act of 21 January 1960, BGBl. 1960, 17. 103 BGBl. I 1976, 1253. 104 See for a general description: H. Maurer, Allgemeines Verwaltungsrecht, München: Beck 2002.
Brouwer ch-12.indd 414 4/4/2008 5:51:25 PM
Germany 415
5.4.2. Suspensive Eff ect of Legal RemediesOn the basis of § 80 (1) VwGO, a request for objection to an administrative decision (Widerspruch) or an appeal before a national court against such a deci-sion, will have automatic suspensive eff ect (aufschiebende Wirkung) except in the situations as described in § 80 (2). Th ese exceptions include situations where pub-lic interests or the pressing needs of the authorities involved in the decision-making require the immediate execution of the measure. In those cases, these interests should be motivated in writing. Th is duty to motivate does not apply if the authorities involved have to take immediate action in response to emergency situ-ations, such as the threat of harm to life, health or property. According to Renner, commentator on German immigration law, one of these public grounds as referred to in § 80 (2) would be a registration in the NSIS.105 Th is, however, would be a far-reaching consequence. Th is would mean that if a person appeals against an expulsion decision based on the NSIS, his appeal against this decision would have no suspensive eff ect, nor would the immigration offi ces have to inform the persons why the immediate execution of the measure in question is necessary.
Complementary to this general provision of § 80 (2) VwGO, § 84 of the Residence Act describes three decisions against which an appeal for review or judicial review does not have suspensive eff ect : this includes a refusal to issue or to renew a residence permit.
5.4.3. Temporary InjunctionGerman administrative law provides the possibility for individuals to lodge a request with a national court either for the suspensive eff ect (aufschiebende Wirkung) of an administrative decision on the basis of § 80 (5) VwGO or for the issue of a temporary injunction (einstweilige Rechtsschutz) on the basis of § 123 VwGO. On the basis of this latter provision, the courts may order a temporary injunction, “if there is a risk that through changing circumstances the exercise of rights will be made impossible or will be hindered”. Both remedies may be applied within the same case.106 For example, in a case before the administrative court of Düsseldorf (see section 8.2 below), this court confi rmed that the person in ques-tion had a legal interest in having the eff ects of the withdrawal of his residence permit suspended and his data deleted from the NSIS, applying both § 80 (5) and § 123 VwGO.
If § 80 (5) does not apply because there is no administrative decision (Verwaltungsakt) yet against which an appeal can be lodged, an individual has the
105 G. Renner (introduction), Verwaltungsvorschriften zum Staatsangehörigkeits- und zum Ausländerrecht, Baden-Baden: Nomos Verlaggesellschaft 2001, p. 133.
106 Verwaltungsgericht Düsseldorf, 7 August 2002, Az. 24 L 2837/02, InfAuslR 10/2002.
Brouwer ch-12.indd 415 4/4/2008 5:51:25 PM
416 Chapter 12
right to submit a claim on the basis of § 123 VwGO. Th is has been confi rmed by the administrative court of Giessen, when granting a temporary injunction on the basis of § 123 to ban the further communication of data concerning the applicant by the university to the police.107 Since there was no (public) admin-istrative decision allowing this communication of data, the applicant had no possibility of lodging an application against an administrative act itself.
5.5. Applicability of 6 ECHR
In a decision of 2002, the Federal Administrative Court (Bundesverwaltungsgericht ) emphasised the applicability of the criteria of Article 6 (1) ECHR on eff ective remedies in procedures based on asylum and immigration law.108 Th e case con-cerned a Turkish Kurd threatened with expulsion to Turkey after his asylum request had been rejected. Th e applicant claimed that this constitutional right to be heard had been breached during the procedure before the German Court of Appeal. Th e case dealt with the question of whether the applicable German rules on accelerated procedure required the applicant to have been orally heard. Th e Federal Administrative Court referred, in its conclusion, to the explanatory memorandum of the legislator to the new amendments to this procedure. In this explanatory memorandum, it was explicitly stated that the criteria of Article 6 ECHR apply. Th e Court concluded that German administrative procedural laws had to be inter-preted in accordance with this “Article 6 ECHR orientation” by the legislator. For this interpretation, it was irrelevant whether the procedure dealt with ‘civil rights’ or not. Since the higher court in this case reached a decision without giving the applicant the opportunity to submit to oral examination, the decision was in breach of the applicable rules.
6. Legal Remedies and Data Protection Law
6.1. Background and General Principles of German Data Protection Law109
Th e German Federal Data Protection Law (Bundesdatenschutzgesetz) entered into force on 1 January 1979. Th is law set an example for data protection laws in other European countries. At the level of the Länder, the adoption of data
107 Verwaltungsgericht Giessen, 8.11.2002, Az. 10 G 4510/02. 108 BVerwG 14.3.2002, Az. 1 C 15.01. 109 A general and informative overview of the history and principles of German data protection
law is given by S. Simitis (ed.), Kommentar zum Bundesdatenschutzgesetz, Baden-Baden: Nomos Verlaggesellschaft 2003.
Brouwer ch-12.indd 416 4/4/2008 5:51:26 PM
Germany 417
protection laws took place between 1970 and 1992. As we saw in Chapter 7, the Hesse law of 1970 was actually the fi rst data protection law in Europe.
Th e Federal Data Protection Law, amended in December 1990, included a more practical application of data protection rules by reducing the administrative obligations compared to the fi rst law.110 In 2001, the Federal Data Protection Law (Bundesdatenschutzgesetz 2001, hereafter BDSG 2001) was amended again, this time as a result of the necessary implementation of the EC Directive 95/46.111
Unlike the Dutch history of data protection law, in Germany the right to privacy was never considered the starting point for this fi eld of legislation. Th e right to privacy played an important role with regard to the balancing of interests, but was not seen as an appropriate basis for a general and preventive regulation, such as data protection rules.
6.2. Constitutional Right to Informational Self-determination
6.2.1. Th e Mikrozensus UrteilIn the Mikrozensus Urteil of 1969, the Constitutional Court ruled for the fi rst time on the constitutionality of the federal law on the census population.112 In 1960, this law was amended to require additional information on vacations and recreational trips by household residents. A person, who had been fi ned 100 DM for refusing to supply his information, lodged a constitutional appeal with the Constitutional Court. He contested in his claim that this compulsory disclosure of private information, even if for statistical purposes, violated his constitutional right to human dignity under Article 1 of the German Constitution. In this judgment, the Constitutional Court gave its famous defi nitions of “inner space” or Innerbereich of the right to self-determination, not to be intruded upon by the state. Dealing with the collection of the information described above, the Court however held that this did not aff ect the “most intimate realm into which a state may not intrude”.
6.2.2. Th e Volkszählungsurteil Fourteen years later, the Constitutional Court dealt again with the German census act in its judgment of 15 December 1983, the so-called Volkszählungsurteil .113 Th e population census, as envisaged in this Act and to be held in 1981,
110 Gesetz von 20.12.1990, BGBl. I, p. 2954 ff . 111 Bundesdatenschutzgesetz 2001, BGBl. 2003, p. 66. Th is law entered into force on 23 May
2001. 112 27 BVerfGE I, 1. 113 BVerfG 15.12.1983, 1 BvR 209/83, BVerfGE 65 E 40. See, for an English summary of both
this judgment and the Mikrozensusurteil : D.P. Kommers (1997), p. 299 and 323.
Brouwer ch-12.indd 417 4/4/2008 5:51:26 PM
418 Chapter 12
caused a general protest movement. Unlike the situation at the time of the Mikrozensus Urteil, information technology had developed. As in the Netherlands ten years later, the combination of a general overall collection of personal informa-tion from the population, combined with the extensive use of computers, caused a general feeling of concern. Th e extended possibilities of the use of information technology also played an important role in the considerations of the Court. Th e case concerned the collective claim before the Constitutional Court of a group of persons, including lawyers, against the new German Act on the population census which was adopted on 25 March 1982.114 Th e claimants argued that the imple-mentation of this law would be in breach of their general right to privacy (allge-meines Persönlichkeitsrecht ) as protected under Article 2 (1) in conjunction with Article 1 (1) of the German Constitution. Th e applicants claimed, among other things, that the law did not adequately guarantee that the information collected for statistical purposes would be stored anonymously and remain so, taking into account the new possibilities of modern information technology. Th ey further argued that the provisions of this law, which included the possibility of forwarding the data collected for other purposes, was in breach of the constitutional principle of legality (verfassungsrechtliches Bestimmtheitsgebot). Th e Constitutional Court only confi rmed the latter claim, but did not consider the general aim and purposes of the Volkszählungsgesetz in breach of the Constitution. Nevertheless, these specifi c considerations in which the Court described the scope and value of the general right to privacy have been extremely important for subsequent developments with regard to the rights of data subjects.115
First of all, the Constitutional Court affi rmed in this case that data protection or the right to informational self-determination (informationelles Selbstbestim-mungsrecht) based on the general right to privacy (Persönlichkeitsrecht ) is a consti-tutional right. Th e Court derived the right of individuals “to be protected from unlimited collection, storage, use, and transmission of personal data as a condition of the development of his or her free personality under the modern conditions of data processing” directly from the rights as protected in Article 2 (1), in conjunction with Article 1 (1), of the German Constitution.
Secondly, the Court described in a clear and comprehensive way the new relationship between individuals and their government resulting from the extended powers of the latter, based on the use of information technology. Th e Court pointed out certain general problems or risks resulting from the use of information technology and the gathering of personal information. Th ese con-siderations are still valid, or even more so, with regard to current developments.
114 BGBl. I, p. 369 – VZG 1983. 115 See, on the importance of this judgment: S. Simitis (2003), p. 14 ff .
Brouwer ch-12.indd 418 4/4/2008 5:51:26 PM
Germany 419
For example, the Court emphasised that, “the use of networks, information shared by diff erent authorities, could lead to the situation that individuals have no control on the use and accuracy of their data”. Th e Court further referred to the danger of building integrated information systems using which an overall ‘personality picture’ (Persönlichkeitsbild ) could be compiled of individuals, with-out giving this individual the opportunity to check the accuracy or use of this picture. In Chapter 7, section 4.1.1, I already cited the important paragraphs in which the Constitutional Court referred to the risk of an individual who, know-ing that his participation in an assembly or civil action could be registered by the government, will refrain from exercising his constitutional rights. Th is eff ect would not only aff ect the individual’s chances of development, but also the com-mon well-being: according to the Court, self-determination is a prerequisite for a free democratic society, based on its citizens’ freedom to act and cooperate.
Th irdly, the judgment is important because, recognising that the right to informational self-determination is not unlimited, the Court defi ned specifi c guarantees which should be off ered by the legislature, including organisational and procedural measures designed to safeguard the individual from infringement of his right to personality. One of these guarantees is the prohibition, as formu-lated by the Court, on collecting personal information by anticipation or ‘stock-wise’ if these data are to be used for non-statistical purposes (Verbot der Sammlung personenbezogener Daten auf Vorrat).
Finally, by emphasising the need for procedural and organisational guarantees and for restricting the multifunctional use of information, the Court defi ned the function and importance of data protection law. Although Germany already had its Data Protection Law of 1977, the considerations of the Constitutional Court urged the legislator to look more closely at the provisions applicable to data processing in the public sector.
6.2.3. Th e Duty of Immigration Offi ces to Keep Complete FilesIn the same year as the Volkszählungsurteil , the Constitutional Court dealt with a claim with regard to fi les on aliens kept by the immigration offi ces.116 Th e case concerned the claim by a group of persons whose application for deletion and destruction of their fi les had been denied. Th ese fi les were, unlike the AZR , not computerised, but kept in paper fi les. According to the Court, the constitutional rights of aliens would not be endangered by this use of the fi les. Th e Court did not consider that retaining these fi les required a special legislative basis, since this task could be derived from the general supervisory task of the immigration
116 BVerfG, Decision of 6 June 1983, 2 BvR 244, 310/83. Published in NJW, 1983, Heft 38, p. 2135.
Brouwer ch-12.indd 419 4/4/2008 5:51:26 PM
420 Chapter 12
authorities as provided in § 20 of the (former) Aliens Act. Unlike the Volkszählungsurteil, the Court did not refer in this judgment to the consequences of the automation of fi les, nor to the relationship between the refuted manual fi les of the immigration offi ces with the AZR, which at that time was already computerised. Th e rejection of the constitutional claim in this case has been interpreted by Weichert to mean that the Constitutional Court attached less importance to the protection of the right to self-determination of non-German citizens than of German citizens.117 I doubt whether such a general conclusion could be inferred from this case. On the contrary, based on the supplementary conclusions in this judgment, one could say that the Court even stressed the additional importance of those rights for third-country nationals.
In its judgment, the Court stated that maintaining fi les and the duty to keep these fi les complete, was in the interests not only of the administration, but also of the immigrants. What is interesting is the explicit consideration the Court makes in relation to this duty of the administration to keep the fi les on immigrants com-plete, including negative or disputed facts. Such a duty would, according to the Court, not relieve the authorities of their obligation to check whether the infor-mation stored is still relevant before making a decision on the basis of this infor-mation. Th e Court explicitly stated that immigration offi ces have a duty to investigate on their own behalf the accuracy of the available information. In this conclusion, the Court referred to an earlier decision in which the Constitutional Court confi rmed the duty of immigration authorities to consider and evaluate the private interests of the person concerned when making a decision. According to the Court, such a duty would be “the cornerstone of general immigration law”.118
6.2.4. A Constitutional Dilemma: Amtshilfe Versus informationelle Gewaltenteilung Th ere seems to be a confl ict between two principles which are central to the German interpretation and understanding of the rule of law . Th is confl ict lies at the heart of the central values and problems which mark the German policy with regard to data surveillance on the one hand and data protection on the other.
Th e fi rst principle is the so-called principle of administrative cooperation or Amtshilfe .119 Th is principle refers to the constitutional duty of administrative offi cials, whenever requested, to provide reciprocal legal and professional cooper-ation. Th is duty is written into Article 35 of the German Constitution and
117 Th . Weichert (1993). 118 Th e judgment referred to is BVerfGE 49, 168 [184], NJW 1978, p. 2446. 119 E. Forsthoff , Lehrbuch der Verwaltungsrechts, 1973; B. Schlink, Die Amtshilfe . Ein Beitrag zu
einer Lehre von der Gewaltenteilung in der Verwaltung, Berlin: Duncker & Humblot 1982.
Brouwer ch-12.indd 420 4/4/2008 5:51:26 PM
Germany 421
applies to offi cials both at Federal level and at the level of the Länder. Based on this principle, offi cials can be required to provide each other with (personal) information if available. In fact, this (old) German principle of mutual aid can be compared to the ‘principle of availability’ which has recently been introduced at EU level for cooperation between criminal prosecutors. It emphasises the importance of sharing available resources within the public administration.
In contrast to Amtshilfe , we fi nd the principle of the informational division of powers or informationelle Gewaltenteilung . Th is principle is especially supported in literature dealing with the purposes of data protection law.120 In the 1980s, the German commentator Podlech supported a general ban on public authorities using information which transgressed their functional borders or powers.121 Although this “informational division of powers” has never been implemented or accepted in its strict meaning, the importance of decentralising informational powers is emphasised both in German literature and by the courts. For example, the German Constitutional Court stressed the importance of a clear and legal distinction between statistical administration and other public administrations, preventing information collected for a specifi c purpose only from being used or transferred by other authorities as well, for other purposes. Th e Court explicitly stated that if non-anonymous personal information gathered for statistical pur-poses were to be transferred for administrative purposes, this would be an unac-ceptable infringement of the individual right to informational self-determination. Th erefore, without abandoning the principle of administrative cooperation or Amtshilfe, individuals should be protected against “alienation of purpose” or Zweckentfremdung by prohibiting the transfer or the further use of data.122
Th e diffi cult relationship between the principle of Amtshilfe on the one hand and the principles deriving from data protection law on the other hand is illus-trated in the judgment of the administrative court of Giessen dealing with the practice of Rasterfahndung .123 In this judgment, the court ordered the university of Giessen to cease further transmission of the applicant’s data to the police. According to the court, also in the fi eld of Amtshilfe, the authorities concerned should strike a balance between the advantages of data profi ling and the consti-tutional right to informational self-determination and data protection of the person concerned.
120 H.P. Bull, Die Grundprobleme des Informationsrechts, Inaugural speech Universtity Tilburg, Zwolle: W.E.J. Tjeenk Willink 1985.
121 A. Podlech, Verfassungsrechtliche Probleme öff entlicher Informationssysteme, DVR 1972/ 1973, p. 149 ff .
122 “Amtshilfefester Schutz gegen Zweckentfremdung durch Weitergabe- und Verwertungsverbote”. 123 See above, section 4.3.3, Verwaltungsgericht Giessen, 8.11.2002, Az. 10 G 4510/02.
Brouwer ch-12.indd 421 4/4/2008 5:51:26 PM
422 Chapter 12
6.3. Th e Applicability of Data Protection Principles and the Right to Informational Self-determination in Immigration Law
Th e applicability of data protection principles in the fi eld of immigration law and the fact that the constitutional right to privacy is not a privilege solely for Germans has never been seriously disputed. Th is is confi rmed by the Constitutional Court, as well by the German legislator.
Firstly, as we saw in section 4.1.2, in 2001 the Constitutional Court dealt with a collective complaint against the law regarding the central aliens administration (AZRG ). In this case, the Constitutional Court ruled that the law and thus the AZR were not unconstitutional and that the questions which arose with regard to the data protection issues were questions of “ordinary law” (einfachen Rechts), which should be dealt with by the specialised courts (Fachgerichte). In this judgment, however, the Constitutional Court made some general considerations which are relevant with regard to the scope of data protection law vis-à-vis third-country nationals stored in the AZR and on the availability of legal remedies.124 Referring to the right of correction and deletion of data, as provided for in § 35 AZRG, the Court explicitly stated that if those rights were refused by the authorities, the appli-cants have the right to remedies before the administrative courts. For “eff ective pro-tection” of the individual against unlawful data processing, such a remedy should, according to the Court, include the possibility of a fast-track procedure whereby a prohibition of processing could be ordered until a fi nal court decision.
Secondly, in 1990, following an amendment to the Aliens Act (Ausländergesetz ), a legal basis was established for the exchange of data on aliens (§§ 75–80) to meet the constitutional requirement with regard to the right of informationelle Selbstbestimmung. On the basis of these new provisions, the public authorities were obliged to inform the competent immigration authorities as soon they acquired information about the illegal residence of an alien, the violation of spe-cial limitations or “other reasons for expulsion”. In 1991, after these informa-tional obligations had been criticised by administrative staff and lawyers, these legal requirements were further specifi ed.
6.4. Principles of Data Protection and the NSIS
6.4.1. Time LimitsAs we have seen above, SIRENE is responsible for controlling the time limits for the storage of data in the NSIS. For this task, SIRENE forwards automatic reports to the authorities concerned, informing them that the time limit is due to expire.
124 BVerfG, 10.10.2001, 1 BvR 1970/95 published in InfAuslR 2/2002, p. 91–95.
Brouwer ch-12.indd 422 4/4/2008 5:51:26 PM
Germany 423
In these reports, the authorities are asked whether the information should be stored for a further period. On the basis of German immigration law, certain re-entry bans for which persons can be reported in the NSIS under Article 96 (3) apply for six years. Th is is interpreted by German immigration offi cers to mean that this time limit of six years for the re-entry ban also applies to storage in the NSIS and, therefore, they are not obliged to consider whether a storage period of longer than three years is necessary. As a consequence, the fi rst automatic SIRENE report which is sent to these authorities does not have any practical eff ect. Th e immigration offi ces are merely asked to check the need for further storage. However, if they do not react to this fi rst warning, nothing happens. Only after six years, when a second report is forwarded by SIRENE and if the local authori-ties do not respond or if they do not provide any reasons why the alert should be stored for a longer period, is the alert in the NSIS automatically deleted. Th is means that, in practice, data on third-country nationals in the NSIS Germany are generally stored for six years, instead of three years.125 Th is practice is contrary to the current rules of the CISA.
6.4.2. Duty to Inform the Data SubjectFederal law and the law of the German Länder both apply with regard to the use of the NSIS. However, these laws, as far as I know, do not include any obligation to inform third-country nationals of the fact that they are reported in the NSIS. Th e AAH-SDÜ do not include such a duty and § 82 (3) Residence Act only obliges authorities to inform a third-country national of the re-entry or residence ban. Th is does not include information on the fact that this ban involves registration in the NSIS.
In general, on the basis of § 19a BDSG , a person whose data has been reported without his or her knowledge should be informed of this data processing, includ-ing the purpose of this processing and the authorities that have access to this data. In accordance with the rules of EC Directive 95/46, this duty does not apply in three situations: if the person has been informed of the data processing by other means, if such notifi cation would require unreasonable eff orts by the authorities, or if the data processing is envisaged explicitly in formal law. Irrespective of the question of whether the fi rst two exceptions would apply in this case, it is doubt-ful whether the German ratifi cation act of the CISA or the general instructions as laid down in the AAH-SDÜ fall within this defi nition of ‘law’. Th e ratifi cation
125 Th is practice has been criticised by the various data protection authorities of the Länder. See, for example, the annual report of the Berlin Authority, 2001, p. 38. http://www.datenschutz-berlin.de. See also the 34th Report of the Hessian Data Protection Authority of 31 January 2005, which describes this practice as a general problem (“typische Fallgestaltung” ), p. 51.
Brouwer ch-12.indd 423 4/4/2008 5:51:26 PM
424 Chapter 12
act does not provide detailed rules on the German criteria for reporting third-country nationals in the NSIS but only approves the establishment of the NSIS and the fact this NSIS will be used by the Schengen States. Th e latter regulation, the AAH-SDÜ, is not a formal law.
6.4.3. Right of Access, Correction and DeletionIn accordance with the provisions of Articles 109 and 110 of the CISA, individuals have the right to submit a request for access and, possibly, correction or deletion of their information stored in the NSIS. In Germany, this request can be for-warded to diff erent authorities. Firstly, the application may be addressed to the Federal or Länder authority which forwarded the data to the NSIS. Secondly, the application may be forwarded to the Federal Data Protection Commissioner or the data protection authority of the country responsible (depending on which authority forwarded the data to the NSIS). Finally, the applicant may directly address the Federal Criminal Police Department (BKA ) in Wiesbaden, which is the responsible authority for the NSIS in general.126
Generally, the right of access, correction and deletion is regulated in §§ 19 and 20 of the BDSG . Th is includes the right of the data subject to be informed of the information which is processed with regard to him or her, the purposes for which this information is being processed and the authorities that have access to this information. Individuals have a right to direct and indirect access. Th is means they may choose to forward their request of access, correction or deletion to the Federal Data Protection Commissioner or the authorities of the Länder, but may also directly address the organisation holding the data. § 19 (4) BDSG provides for three exceptions to the right of access, the wordings of which run the risk of being interpreted widely. In the fi rst place, the right of access may be denied if such notifi cation would endanger the fulfi lment of the public tasks of the author-ity involved, if the notifi cation would aff ect public order and security or would infringe the public well-being of the Federal State or the Länder, or if the infor-mation concerned has to be kept confi dential on the basis of legal or other requirements or in the interests of third parties.
By 2005, the BKA had received between 500 and 600 applications annually concerning individual requests for access, correction or deletion of their data in the SIS.127 Th e Federal Data Protection Commissioner received approximately 30 applications per month for access to data stored in the NSIS by individuals.128 If this application falls within its fi eld, the Federal Data Protection Commissioner
126 See, for more practical information: Westphal & Stoppa (2007), p. 550. 127 Source: interview with BKA , May 2005. 128 Source: interview with offi cials of the Federal Data Protection Commisioner and the Hesse
Data Protection Commissioner, May 2005.
Brouwer ch-12.indd 424 4/4/2008 5:51:26 PM
Germany 425
will himself deal with such an application and will ask the BKA for its view. If the application falls within the competence of the data protection commissioners of the Länder, the application will be forwarded to these authorities. In every case, the applicant will be informed of the results of the inquiry, either by the Federal Data Protection Commissioner or by the commissioners of the Länder.
6.5. Supervision by Data Protection Authorities
6.5.1. IntroductionCompared to their counterparts in France and the Netherlands, the data protec-tion authorities in Germany seem to play a larger role with regard to the func-tioning and use of the NSIS. Th e importance of these authorities could be explained in the fi rst place by the historical emphasis on data protection in Germany. Secondly, the data protection authorities in Germany are in a relatively favourable position, in the sense that their powers or functioning are enhanced by the shared responsibility of the Federal Data Protection Commissioner and the authorities in the states or Länder. Th e annual reports from the authorities in the Länder and from the Federal Data Protection Commissioner are a useful source of information with regard to the functioning of the NSIS, the registra-tions of third-country nationals and the general problems encountered in these fi elds. On the other hand, the controlling task of the data protection authorities seems to deal more with general issues with regard to the use of the NSIS, than with the handling of individual complaints.
In 2004, the Federal Data Protection Commissioner and the authorities of the Länder performed an investigation into the practice of the use and registration of data on third-country nationals based on Article 96. Th is review was coordinated by the German Federal Data Protection authority and formed part of the interna-tional review initiated by the Joint Supervisory Authority in 2003–2004. Th e results of these investigations were published in the annual reports of the Federal Data Protection Commissioner and the data protection authorities in the Länder.
6.5.2. Th e Federal Commissioner for Data Protection and Freedom of InformationSince 1 January 2006, based on the new Act on the Freedom of Information, the name of the Federal Data Protection Commissioner (Bundesbeauftragten für den Datenschutz) has changed to the Federal Commissioner for Data Protection and Freedom of Information (Bundesbeauftragte für den Datenschutz und die Informat-ionsfreiheit).129 Th e tasks of this authority with regard to the supervision of data
129 Informationsfreiheitsgesetz of 5 September 2005, BGBl. I S. 2722.
Brouwer ch-12.indd 425 4/4/2008 5:51:26 PM
426 Chapter 12
processing and the right to data protection have not been changed. In the following sections, I will refer to the ‘Federal Data Protection Commissioner’.
Th e Federal Data Protection Commissioner is elected by the Federal Parliament (Bundestag) following nomination by the government. In accordance with § 22 (3) BDSG 2001, the term of offi ce of the Data Protection Commissioner is fi ve years, renewable only once by another period of fi ve years.
Th e controlling powers of the Federal Data Protection Commissioner only apply to federal public agencies. His powers include questioning the responsible authorities, the right to be granted access to the premises of the federal authori-ties and the right to make proposals to improve data protection (§ 24 BDSG 2001). Every two years, the Data Protection Commissioner publishes an annual report on the basis of § 26 (1) BDSG 2001.
Any person may forward a complaint to the Federal Data Protection Commissioner, if he or she assumes that his or her rights have been aff ected by the collection, processing or use of personal data by public authorities of the fed-eral government (§ 21 BDSG 2001). Th e number of individual complaints with regard to the NSIS dealt with by the Federal Data Protection Commissioner is, however, relatively small. One hundred and fi fteen requests were dealt with by the Federal Data Protection Commissioner in 2003 with regard to records on third-country nationals in the NSIS. In 2004, the Data Protection Commissioner examined 107 requests. Th ese fi gures include requests made by foreign (mostly French) data protection authorities regarding individual alerts. Th is low number can be explained by diff erent factors. In the fi rst place, as we have seen, the task of the Federal Data Protection Commissioner only extends to federal agencies. As long as the data fall under the responsibility of an authority in one of the Länder, the data protection authorities of this specifi c state will be competent. On the other hand, as we have seen above, individuals may forward their claims immediately to the administrative authority concerned on the basis of their right to direct access.
6.5.3. Data Protection Authorities of the LänderTh e organisation of the data protection authorities of the Länder (Ländesbeauftragte für den Datenschutz) and their policy with regard to their working fi elds are diff erent in each country. Some authorities are able to rely on more staff and fi nancial resources than others. Th e appointment of the data protection author-ity and the scope of fi nancial resources of this organisation are decisions taken in the parliaments of the Länder. Th is explains why these issues are closely related to the political make-up of the parliaments. Not every data protection commis-sioner is able to give high priority to controlling the NSIS. Some data protection authorities are more closely involved with the NSIS. For example, the Hesse Data Protection Commissioner is quite active with regard to the NSIS which can
Brouwer ch-12.indd 426 4/4/2008 5:51:26 PM
Germany 427
be explained by the fact that its organisation is based in the same city as the Federal Criminal Police Department or BKA (Wiesbaden). Furthermore, during the period of this study, one of its offi cers was member of a working group of the Schengen Joint Supervisory Authority, together with the Federal Data Protection Commissioner, Peter Schaar. Although the diff erent data protection authorities of the Länder act quite autonomously, their work is coordinated in diff erent working groups attended by the specialist members of the data protection authorities. Th ere is also a special working group on third-country nationals.
As mentioned above, the annual reports of the data protection authorities include interesting information on the practical implementation and current problems of the NSIS. For example, in 2000 and 2001, the Data Protection Commissioner of North Rhine-Westphalia reported on the large number of SIS entries which were in breach of the provisions of the CISA. It considered the problem of wrongful Article 96 (3) reports on rejected asylum seekers (see section 3.2.3) and the fact that the local authorities disregarded the applicable time limits.130 Th e Data Protection Commissioner in Dresden, to whom the NSIS was a relatively new issue, expressed concern in his annual report of 1999–2001 about the fact that, in many cases, the local immigration offi ces entered rejected asylum seekers into the NSIS on the basis of Article 96 (3).131
6.5.4. Inquiry of the Data Protection Commissioners on Article 96 CISAOf particular interest are the fi ndings of the data protection authorities of the German Länder concerning the implementation of Article 96 CISA during a study in 2003–2004. As mentioned above, this inquiry was initiated by the Schengen Joint Supervisory Authority. Th e inquiry included a group of 400 records in the NSIS which were provided at random by the BKA to the Federal Data Protection Commissioner.132 Th e reports by the diff erent data protection authorities established that the data held in the NSIS by the German authorities were often not updated or correct and data were not deleted after the expiry of the time limits. 20% of the records in the NSIS concerned people of unknown residence, which is not legal grounds for the Article 96 entry. 50% of the Article 96 (3) records were associated with the unlimited re-entry ban of § 8 (2) of the former Aliens Act (§ 11 Residence Act) which was also considered illegal.
130 See the 14th and 15th Reports of the Data Protection Commissioner of North Rhine-Westphalia. 131 5th Report of the Landesbeauftragten für den Datenschutz Sachsen-Anhalt (April 1999 to March
2001), p. 10. 132 A summary of the fi ndings of this investigation can be found in the 20th report of the Federal
Data Protection Commissioner: 2003–2004, para. 3.3.2.2.
Brouwer ch-12.indd 427 4/4/2008 5:51:26 PM
428 Chapter 12
Furthermore, the data protection authorities found that, in many cases, the need for further storage had not been motivated by the responsible authorities in accordance with Article 112 CISA.
Aside from these conclusions in their reports for the JSA inquiry, the annual reports of the data protection authorities of the diff erent Länder establish compa-rable fi ndings. For example, in 2004, the data protection authority of North Rhine-Westphalia checked 80 of the Article 96 alerts held in the NSIS at random. In fi ve of these cases, the authority discovered that the report in the NSIS was only for the purpose of Aufenthaltsermittlung and was therefore unlawful.133 In many other cases (the report does not mention any numbers) the necessary time limit for the SIS registrations was not suffi ciently documented or checked. According to the annual report from the Hessian data protection authority, 10% of the registrations checked by the Hessian authorities were unlawful.134 Th is mainly concerned registrations in the SIS for more than three years, the need for which was not individually checked. In addition, the data protection commis-sioner of Baden-Württemberg, who randomly checked 49 fi les on third-country nationals in the NSIS and INPOL, found many irregularities with regard to these fi les.135 Some reports lacked a proper legal basis and, with regard to other reports, this data protection commissioner found that the time limits had been exceeded. Th e majority of third-country nationals stored in INPOL for the purpose of arrest had been reported without the necessary judicial warrant. Six of these 49 cases concerned individuals whose asylum request had been rejected. Finally, the Data Protection Commissioner of Baden-Württemberg discovered that the reports included EU citizens despite the fact that this is prohibited under EU law.
6.6. Legal Remedies
6.6.1. Competence of the Administrative CourtAs we have seen above, German administrative procedural law provides diff erent possibilities for individual appeals. In its judgment on the central aliens administra-tion, or AZR , in 2001 the Constitutional Court confi rmed the applicability of the right to administrative appeal with regard to data processing in the public sector.136 Th is right applies irrespective of the question of whether the data processing of information results in an administrative decision aff ecting the individual. In this
133 17th Report of 2003–2004, North Rhine-Westphalia. 134 33rd Report of the Hesse Data Protection Commissioner, para. 3.2. 135 25th Report 2004, p. 19 ff . 136 See the German Constitutional Court in its decision on the Central Aliens Administration,
BverG 1BvR 1970/95, 10.10.2001.
Brouwer ch-12.indd 428 4/4/2008 5:51:26 PM
Germany 429
case, the Court confi rmed that a data subject should have the right to lodge an appeal (Leistungsklage) with the administrative court, requesting a ban on further data processing or transmission of the personal information to other authorities. Th is includes the right to appeal for a temporary injunction, claiming a ban on data processing until a fi nal judgment by the court, so as to off er the individual ‘eff ective protection’ against unlawful data processing. According to the Constitutional Court, administrative courts have a duty to assess the constitutionality and legal basis of data processing.
It is also possible to lodge an administrative appeal against the decision to refuse the right to access, correction or deletion. Th e person concerned may appeal against this refusal with the administrative court which is competent in the district of the local authority refusing the individual’s claim on the basis of § 52 (5) VwGO.137
6.6.2. Right to Financial CompensationAn individual’s right to fi nancial compensation is important if he or she has suff ered damaged from wrongful or unlawful data processing. Th is is provided for in §§ 7 and 8 of the Federal Data Protection Act (BDSG ). § 8 BDSG explic-itly covers fi nancial compensation with regard to automated data processing by public authorities. According to this latter provision, the public authorities have a duty to repair the fi nancial damage, irrespective of whether they are at fault or carry any responsibility for this damage. Th is extended duty to repair fi nancial damages was introduced with the amendment of the BDSG in 1990. Th e right to fi nancial redress covers material and immaterial loss. Unlike the Dutch Data Protection Act, the German BDSG includes a maximum amount for fi nancial compensation of € 130,000.
7. Legal Remedies and Immigration Law
7.1. General Background to German Immigration Law
Th e fi rst German Aliens Act derives from 1965; a major revision of this law took place in 1990. One of the aims of this revision was to provide more detailed rules for the immigration authorities and thus reduce their wide margin of apprecia-tion. However, the Aliens Act of 1990 and the more recent Residence Act (Aufenthaltsgesetz ) of 2004 have been criticised because of their complicated and detailed regulations. Th e “casuistic supra perfection” allegedly makes the Residence
137 Westphal & Stoppa (2007), p. 552.
Brouwer ch-12.indd 429 4/4/2008 5:51:26 PM
430 Chapter 12
Act unreadable for the average reader and even fails to meet the constitutional principle of the rule of law in the sense that immigrants are unable to trace their rights and duties.138
In section 5.1 we have seen that, even in 1972, the Constitutional Court made clear that the right to legal remedies as off ered by Article 19 (4) of the Constitution applies in its entirety to non-citizens. We have also seen that the administrative procedural rules with regard to the rights of appeal and judicial review in princi-ple apply to immigration law decisions. In the following sections, we will discuss certain exceptions and limitations to these rights as provided in the Residence Act 2004.
7.2. Duty to Motivate Decisions
According to general rules of administrative law, an administrative decision may be communicated to the person concerned orally, in writing or in electronic form, or by other means. Only if the individual expresses an actual interest in being informed in writing or electronically is the administrative authority obliged to comply with this request (see § 37 (1) and (2) of the German Administrative Procedures Act, VwVfG). Based on § 39 VwVfG, an administrative decision in writing or in electronic form requires motivation of the factual and legal reasons for the decision.
In the fi eld of immigration law, on the basis of § 77 Residence Act, the written form is always required for a refusal of a residence permit, a decision to limit the right of residence in time or space and for decisions or measures of expulsion (Ausweisung and Abschiebung ). Decisions on visa applications and refusals of entry at the borders are exempt from this obligation. According to § 77 (2), a refusal or limitation of a visa does not require the written form, a motivation or a duty to inform the applicant of his or her right to appeal. In practice, only when the person concerned lodges an objection against this refusal, the second decision (Zweitbescheid ) by the administrative authority (embassy or consulate) will include a written motivation and information about legal remedies (Rechtsbehelfbelehrung). Th is does not include any right to a translation of this decision. It seems doubtful whether the lack of informed decision-making at the fi rst level is in accordance with criteria of eff ective remedies under Article 19 (4) or 20 (3) of the German Constitution or the general principles of EU law and the ECHR as described in Part II of my study.139
138 E. Benda et al. (eds.) Handbuch des Verfassungsrechts der Bundesrepublik Deutschland, Berlin-New York: Walter de Gruyter 1995, p. 410.
139 Westphal & Stoppa (2007), p. 551.
Brouwer ch-12.indd 430 4/4/2008 5:51:26 PM
Germany 431
In addition, the lack of duty to submit a translated decision seems problematic, from the viewpoint of both EU law and German constitutional principles. Th e duty of the administrative authorities to resolve language and translation prob-lems for persons not fl uent in the German language has been stressed in decisions of both the Federal Administrative Court and the Constitutional Court.140
7.3. Legal Remedies
7.3.1. Legal Remedies Against Refusal of EntryAccording to § 84 of the Residence Act 2004, an application for review of or appeal against a refusal of entry does not suspend the refuted decision. Based on § 42 VwGO, a person who has been refused entry may request the competent court to order that leave of entry be granted (Verpfl ichtungsklage auf Einreisegewährung). Such an appeal should be lodged with the court of the dis-trict in which the Federal Police has its offi ces. Th is is not always the court which is responsible for the border crossing district.
7.3.2. Legal Remedies Against a Visa RefusalOn the basis of § 83 Residence Act, refusal of a short-term visa (for tourist purposes) or the refusal to issue a visa or travel document at the borders is not open for review or judicial appeal. Th ese persons are instructed to contact the German embassies or consular posts in their country of origin.
A person whose long-term visa has been refused can either immediately lodge an appeal before the Berlin Administrative Court or ask for review by the embassy or consular post which rejected the application. If the person appeals against the negative decision, the second decision (if this confi rms the negative decision) should include notifi cation of the reasons for refusal and the available legal reme-dies. § 52, no. 2 (4) VwGO applies with regard to this procedure. Th e appeal should be lodged with the competent court of the district of the Ministry of Foreign Aff airs (Auswärtiges Amt). Th is used to be the Administrative Court (VWG) of Cologne, but is now the Court of Berlin.
7.3.3. Legal Remedies Against ExpulsionAn expulsion (or deportation) decision should include information on the available remedies and the possibility of lodging an appeal within seven days of issue of the deportation order (§ 58a (4)). As we saw in section 5.4.3, a person can either lodge an appeal for suspension on the basis of § 80 (5) VwGO against an expulsion or deportation decision, or apply for a temporary injunction based on § 123 VwGO.
140 BVerwG DVbl 1978–888, BVerfGE 40, 95 [99 ff ].
Brouwer ch-12.indd 431 4/4/2008 5:51:26 PM
432 Chapter 12
8. Case Law
8.1. Record in the NSIS in Conformity with Criteria of Article 96 CISA?
In an interim judgment of 7 August 2002, the administrative court of Düsseldorf court clearly demonstrated that the reasons forwarded by the government for the entry of a third-country national in the NSIS were in breach of the applicable rules in Article 96 CISA.141 In this case, the long-term residence permit of a Turkish employee, who had lived in Germany for more than 20 years, had been withdrawn in March 1999 by the German authorities because he had not reported within the prescribed time and his place of residence was thus considered unknown. Based on this withdrawal of his residence permit, the Turkish national had been recorded in the NSIS in April 1999 for the purpose of refusal of entry. Th is NSIS alert resulted, in the summer of 2002, in his arrest by the Dutch border police, following which he was kept in detention with the intention of sending him back to Turkey. Th e court of Düsseldorf affi rmed the applicant’s right to a temporary injunction to prevent his expulsion. Th e court ordered the German authorities to treat the applicant as if his residence permit had never been with-drawn and to delete the registration in the NSIS. In this judgment, the court made it clear that not only were there no valid grounds for the withdrawal of his residence permit, but also that such a withdrawal was, according to Article 96 CISA, not valid grounds for his record in the NSIS. Th e court did not consider whether the SIS report was in breach of the applicant’s rights under the Association Decision 1/80 between the EC and Turkey (see section 2.2 of Chapter 9).
In a decision by the administrative court of Berlin of 3 December 2004, the court explicitly considered the meaning and relationship of the various paragraphs of Article 96 CISA.142 Th e underlying case concerned a person from Bosnia-Herzegovina, who applied for asylum in Germany for the fi rst time in 1994. His application was rejected and he was ordered to leave Germany. On 24 June 2003, in order to leave Germany, he passed through the border control agency from Berlin, where he was found in possession of a fake French Schengen visa. He was prosecuted for falsifying legal documents and then, in July 2003, he was expelled from Germany. Th e public prosecutor withdrew the charge on October 2003, on the grounds that the guilt of the person concerned was limited (the person denied he knew the visa was fake) and the fact that prosecution would have limited meaning for the public interest because he had left Germany. Despite the fact that the criminal charge against him had been dropped, the Berlin border police recorded his name in the NSIS for the purpose of refusal of entry. An application
141 Verwaltungsgericht Düsseldorf, 7 August 2002, Az. 24 L 2837/02, InfAuslR 10/2002. 142 Verwaltungsgericht Berlin, 3 December 2004, Az. 1 A 151.04.
Brouwer ch-12.indd 432 4/4/2008 5:51:26 PM
Germany 433
to delete the record was refused by the German authorities on the grounds that the suspected criminal behaviour of the person concerned would imply a threat to security and public order.
Th e Berlin court was rigorous in its interpretation with regard to the legiti-macy of the reasons forwarded by the German authorities to record this person in the NSIS. Th e authorities argued that, even if there had been no conviction, the fact that the person was suspected of having committed a serious off ence (schwere Straftaten) would made the SIS record lawful on the grounds of 96 (2) (b) CISA. Th e court questioned this interpretation of “serious off ence” in Article 96. Th e court did not deny that the second criterion of Article 96 (2) applied, for which no conviction was required. However, according to the court, the interpretation of a “serious off ence” would have to be interpreted in accord-ance with the requirements of the criteria under 96 (2) (a). Since 96 (2) a required conviction of an off ence carrying a penalty involving deprivation of liberty at least one year, the second criterion under (b) could not be interpreted as allowing registration in the NSIS for (suspected) less serious off ences.
Under German law, crimes carrying a sentence of at least one year are consid-ered crimes, or Verbrechen. Th e off ences of which the person was suspected, falsifi -cation of legal documents and illegal entry into and exit from German territory, did not concern crimes, merely off ences (Vergehen). In the words of the court, it would be illogical, for the registration of a convicted person in the NSIS for refusal of entry, to require that this conviction involves a crime (Verbrechen) whereas, with regard to a registration which is based purely on suspicion, a criminal off ence which does not meet this “threshold” would be suffi cient. Th erefore, the court ruled that the registration was not in accordance with Article 96 CISA and ordered the German authorities to delete the data from the NSIS. Although the direct link which the court makes between the criteria of Article 96 (2) and (3) can be argued, the reasoning of the court makes sense.143
In my opinion, this judgment, which seems to focus on a rather technical interpretation of Article 96, is important. Although not dealing with it explicitly, the Berlin court criticised the extensive interpretation of Article 96 (2) by the German authorities. Th is interpretation is that third-country nationals may be reported in the NSIS for crimes which are punishable by a sentence of “one year and more”, rather than “at least one year or more”, latter meaning being literally the text of Article 96 (2) (a).144 It is worrying or at least odd that, until this judgment
143 During interviews, spokesmen for both the BKA and the (Former Border) Police expressed their disagreement with this judgment.
144 In German: instead of: “die mit einer Freiheitsstrafe von mindestens einem Jahr bedroht ist”, “ein Delikt dass mit eine Strafe bis zu einem Jahr oder mehr bedroht ist”. See Westphal & Stoppa (2001), p. 409.
Brouwer ch-12.indd 433 4/4/2008 5:51:27 PM
434 Chapter 12
by the Berlin court, the storage of data on third-country nationals for minor off ences seems to have been an accepted practice in Germany.
8.2. Direct Legal Eff ects of a SIS Alert
In their case law, German courts had to deal with the question whether a SIS alert has direct legal eff ect.145 Th e question at issue is whether a SIS record can be regarded as an administrative decision (Verwaltungsakt) with direct legal eff ects for the data subject and, thus, whether an individual could appeal directly against this decision. Th is question was dealt with in the judgment by the administrative court (Verwaltungsgericht) of Düsseldorf in its decision of 7 August 2002.146 Although the court considered that the registration in the NSIS was not an administrative decision (no “Verwaltungsaktqualität” ) and thus had no direct eff ect, on the basis of Article 80 (5) 3 VwGO the court found there was a sub-stantive claim by the applicant because, as we have seen above, the SIS report and its underlying decision were considered unlawful.
Unlike the Düsseldorf court, the administrative court of Berlin, in its judgment of 3 December 2004 (see the previous section), considered the question of whether a SIS record can be seen as an administrative decision with direct impli-cations for the individual, of no relevance to the assertion of this individual’s right to have data deleted from the NSIS.147 For this right, according to the court, it is only relevant whether the storage of his or her data is unlawful.
In relation to the legitimacy of SIS alerts, there is a related discussion in the German literature on whether the CISA implies that offi cials have to check whether information stored in the NSIS is in accordance with the law. Th is dis-cussion is connected to the question whether, if the underlying decision to store information into the NSIS is illegal, this automatically means that an administra-tive decision based on this information is illegal as well. Referring to a comparable issue dealt with in judgments by administrative courts, Westphal answers this question in the negative.148 Th ese cases concerned administrative orders for carri-ers to return expelled persons to their country of origin.149 In the judgment, the German courts ruled that carriers were not obliged to check whether the underly-ing expulsion was justifi ed; the courts did not even require any incidental control. Except in cases where the underlying decision was clearly (öff ensichtlich) illegal,
145 As we will see in Chapter 13, the same question arose in the Netherlands. 146 Verwaltungsgericht Düsseldorf, 7.8.2002, Az. 24 L 2837/02, InfAuslR 10/2002. Also covered
in section 8.1. 147 Verwaltungsgericht Berlin, 3.12.2004, Az. 1 A 151.04. 148 V. Westphal, InfAuslR 1999, p. 364. 149 VG Kassel 23.3.1998, Az. 12 VE 1310/95, VG Frankfurt, 7.3.1995, Az. 11E3067/94.
Brouwer ch-12.indd 434 4/4/2008 5:51:27 PM
Germany 435
this would have been diff erent. However, considering the responsibility of Member States to ensure that their acts are in conformity with EU law and international human rights standards, one could argue that this conclusion with regard to private carrier organisations cannot be applied to governmental authorities. Furthermore, as we gave seen in Chapter 9, with regard to family members of EU citizens the ECJ confi rmed in Commission v. Spain the responsibility of national authorities to check the lawfulness of SIS alerts before enforcing them.150
8.3. Duty to Balance Interests
Th e German principle of proportionality or the “Verhältnismässigkeitsprinzip” plays an important role in both data protection and immigration law. Th is princi-ple is regarded as being directly connected to the constitutional principle of the rule of law . On the one hand, it obliges administrative authorities to weigh the diff erent interests at stake whenever they take an individual decision. On the other hand, it empowers national courts to assess, in each individual case, the propor-tionality of the measures or decisions taken against an individual. Although I have not found any judgments which dealt explicitly with the principle of proportionality in relation to the use of the NSIS, the jurisprudence on related matters could indicate that national courts will also apply the proportionality test to the NSIS. Furthermore, the decision, referred to in the previous section, by the administra-tive court of Berlin, illustrates that the court did not accept a broad interpretation of Article 96 (2) as justifi cation for a SIS entry.
As we saw in section 6.2.2, the Volkszählungsurteil concerned the duty of the public authorities to balance the public interest to be served by data gathering against the individual right to privacy (Persönlichkeitsrecht ) and the right, derived from this constitutional right, to informational self-determination. Th e impor-tance of this right to informational self-determination and the duty to balance decision-making has been confi rmed in the German jurisprudence with regard to practice of Rasterfahndung after 11 September 2001. Although many courts approved the (temporary) use of this measure, the courts made it clear that the data search on foreigners and German nationals would have to meet the principle of proportionality . Dealing with the question whether the data profi ling measure was disproportionate, we have seen in section 4.3.3, that the Court of Appeal of Düsseldorf applied diff erent criteria to nationals of states listed as a “risk country” and German citizens respectively.151 Th is diff erence in appreciation could however be explained by the fact that the Court of Appeal had to assess the lawfulness of measures taken directly after the events of 11 September 2001.
150 See section 2.3.2 in Chapter 9. 151 OLG Düsseldorf, 8.3.2002, Az. 3 Wx 357/01 and 3 Wx 351/01.
Brouwer ch-12.indd 435 4/4/2008 5:51:27 PM
436 Chapter 12
8.4. Competence of National Courts to Assess Validity of Foreign SIS Report
To my knowledge, there are no judgments in which a German court explicitly dealt with the lawfulness of a foreign SIS alert. Of course, the decision of the French Conseil d’État on the unlawfulness of the German records on rejected asy-lum seekers did not pass unnoticed in Germany. Based on this judgment, this practice was scrutinised more closely by the data protection authorities. However, it has not led to any in-depth discussions on the powers of national courts to assess the legitimacy of foreign administrative decisions.
8.5. Access to Remedies After Expulsion?
One important question which has been dealt with by the German courts is whether third-country nationals, once expelled to their country of origin or to a third country, still have any legal interest in lodging an appeal for an interim measure. Although such a legal interest had been denied in the judgment of 11 December 2003 by the Court of Appeal of Kassel152, the same court, com-posed diff erently, answered this question in the affi rmative in two other judg-ments in 2003 and 2004.153 Th e administrative court of Frankfurt am Main, in its judgment of 21 July 2004, also ruled in the affi rmative on this issue.154 In both the Frankfurt judgment and judgment of the Court of Appeal of Kassel of 19 November 2003, the central question in these cases was whether, based on Article 2 of the CISA, it was justifi able to require a person crossing the German borders to ‘carry’ rather that to ‘possess’ a legal travel document or passport. Since the applicants in both cases were expelled on this ground (they were not carrying a passport), the German courts had to consider the question of whether they still had a legal interest in appealing against this expulsion. Th is was affi rmed by both courts. Th e Frankfurt court based this explicitly on the possibility for the appli-cant to obtain fi nancial reimbursement if the expulsion were to be annulled by the court. Th e Court of Appeal of Kassel also dealt with the lawfulness of the decision to report the third-country national in the NSIS on the basis of Article 96 CISA. Th is latter court confi rmed the importance of the right to appeal, not only against the expulsion decision, but also against the decision to report the person to the NSIS on the basis of Article 96 (3) CISA as a direct consequence of this expulsion.
152 VGH Kassel, 11.12.2003, Az. 9 TG 546/03. 153 VGH Kassel, 19.11.2003, Az. 12 TG 2668/03 and 12.01.2004, Az. 12 TG 3204/03. http://
www.vg-kassel.justiz.hessen.de. 154 Verwaltungsgericht Frankfurt am Main, 21.07.2004, Az. 1 E 2479/04, http://www.vg-frankfurt
.justiz.hessen.de.
Brouwer ch-12.indd 436 4/4/2008 5:51:27 PM
Germany 437
In a judgment of December 2001, the Constitutional Court confi rmed the importance of the possibility of using the right to legal remedies against expul-sions, even once the person has already been expelled and has to take legal action from abroad.155 Th e Court stressed the special interests for the applicant to initi-ate such a procedure, even after expulsion. Th is would enable him or her to forward a claim for fi nancial compensation, for example on the basis of illegal detention (breach of Article 5 ECHR).
8.6. Article 96 CISA and Freedom of Religion: Th e Moon Case
An interesting issue has been raised before the Federal Administrative Court with regard to the storage of data regarding the leader of a religious movement (the Unifi cation Church or Vereinigungskirche) in the NSIS by the German authorities. To prevent his arrival in Germany, the Border Police of Koblenz had registered Mr. Moon and his wife in the NSIS in 1995 for the purpose of refusal of entry, on the basis of Article 96 (2) CISA. Th is measure was based on the general con-cern of the German government that a stay by Mr. Moon would pose a danger to German youth and thus would cause a threat to public order and security. Th e government argued that the activities of the leaders of the Unifi cation Church would pose a threat for “the personal development of young people in Germany”. Also their public performances could lead to “violent reactions” (heftigen Reaktionen) in Germany.156 In 1998, the storage of the alert on Mr. and Mrs. Moon was extended for another 3 years. In the same year, the German church section of the Unifi cation Church, not Mr. and Mrs. Moon, lodged an appeal against the SIS alert before the administrative court. Th is organisation held that the residence ban applicable to their leader, Mr. Moon, would cause an infringement of their constitutional right of freedom of religion (Article 4 (1), (2) of the German Constitution). By making it impossible for their leader to meet members of his religious organisation, these members would be prevented from exercising their right to freedom of religion. Th eir claim, however, had been rejected in appeal and in higher appeal.157 In 2006, the Constitutional Court annulled these deci-sions and referred the case back to the Court of Appeal or Oberverwaltungsgericht of Koblenz, which declared the SIS alert unlawful.158 In this section, I will shortly summarise the main fi ndings of the courts when dealing with the Moon case.
155 BVerfG 5.12.2001, 2 BvR 527/99, see also the judgment of the administrative higher court of Kassel, VGH Kassel, 19.11.03, Az. 12 TG 2668/03.
156 Th ese reasons of the German government were cited by the Federal Administrative Court in its judgment BVerwG, 10.07.2001, Az. 1 C 35.00.
157 VG Koblenz, 9.11.1998, Az. VG 3 K 938/98.KO and OVG Koblenz, 13.09.2000, Az. OVG 11 A 10349/99.
158 BVerfG, 9.11.2006, BvR 1908/03 and OVG, 19 April 2007, Az. A 11437/06.
Brouwer ch-12.indd 437 4/4/2008 5:51:27 PM
438 Chapter 12
In July 2001, the Federal Administrative Court reached its fi rst decision in this case.159 In its judgment, the Court did not deny the existence of a right to freedom of religion of third parties with regard to the SIS alert on their leader. Th e Federal Court stressed that it was the duty of the state to take into account the interests of the religious movement concerned. According to the Court, a res-idence ban on a religious leader could be in breach of the constitutional right to freedom of religion of others, “if the visit of the leader, according to the stand-ards of current religious doctrine, would have signifi cant meaning for the com-mon exercise of this religion”. Th e question of whether these standards would give the applicants a subjective right in this case was referred back to the Koblenz Oberverwaltungsgericht.
In its judgment of June 2002, the administrative appeal court delivered a much more strict interpretation of the freedom of religion as formulated by the Federal Court in its judgment July 2001.160 Among other things, the Koblenz Court held that, according to the theology of the Unifi cation Church, the personal presence of the leader at religious meetings would not be an absolute prerequisite, referring to earlier satellite and internet meetings which were organised by this church. In September 2003 (eight years after Mr. and Mrs. Moon had been registered in the NSIS for the fi rst time) the Federal Administrative Court rejected the appeal against the judgment of the Koblenz Court. Although the Federal Administrative Court confi rmed the claim of the applicants that the court of Koblenz had made an overly strict interpretation of the “specifi c signifi cant meaning of a visit of a religious leader”, it did not examine the lawfulness of the SIS alert itself.161 Again, in this judgment, the Federal Administrative Court focussed on the freedom of religion of members of a religious movement and on the relationship of this right with the possibility or otherwise for these members to meet their religious leader. Generally, the Court recognised the relationship between a residence ban and the constitutional rights of others. However, in this case, it held that there were no suffi cient grounds to conclude that the refuted decision of the German authorities not to grant entry to Mr. and Mrs. Moon were in breach of the right of freedom of religion of its members. In its fi nal consideration, the Federal Administrative Court emphasised that this judgment did not mean that with regard to future visits to be planned by the Moon couple, the Court would rule in the same way. In this judgment, the Court did not go into the question of whether the “public order and security grounds” as forwarded by the Koblenz authorities justifi ed the Article 96 (2) record on Mr. and Mrs. Moon in the NSIS.
159 BVerwG 10.07.2001, Az. 1 C 35.00, InfAuslR 2001, p. 509. 160 OVG Koblenz 7.6.2002, Az. OVG 12 A 10349/99. 161 BVerwG 4.9.2003, Az. 1 B 288.02, InfAuslR 2004, p. 38.
Brouwer ch-12.indd 438 4/4/2008 5:51:27 PM
Germany 439
In November 2006, the Constitutional Court annulled the judgment of the Federal Administrative Court and handed the case back to the Court of Appeal of Koblenz.162 Th e Constitutional Court ruled that the constitutional right to free-dom of religion included not only the right to expression of that belief but also to enable certain practices of religion of which the content was mainly to be decided by the religious community itself. Th e Constitutional Court emphasised that the question whether a personal encounter between a religious leader and its members was of specifi c importance for this religious movement, was not a matter to be decided by the governmental institutions. Th e Constitutional Court therefore criticised the fact that the Federal Administrative Court made its own assessment of whether a meeting of the members of the Unifi cation Church and their leader was of specifi c signifi cance for their religious belief. More importantly, the Constitutional Court emphasised that the Federal Administrative Court did not assess whether the alert in the SIS was in accordance with the applicable laws. Th e Constitutional Court explicitly ruled that the SIS alert which is based on Article 96 (2) CISA, requires the availability of “substantial grounds” ( gewisse Erheblichkeit) that the presence of the third-country national poses a threat to public policy or security. For this conclusion, the Court referred to the examples listed in Article 96 (2) including the fact that the person has been convicted or that there are serious grounds to believe that he or she will commit serious crimes in future. According to the Constitutional Court, during the procedure, it was not clarifi ed why the visit of Mr. and Mrs Moon implied such risk. Furthermore, the Constitutional Court held that there were no reasons to believe that the SIS alert on Mr. and Mrs. Moon could be justifi ed, especially when taking into account the interests of the applicants (members of the Unifi cation Church).
Finally, in its judgment of 19 April 2007, the Administrative Court of Appeal ruled that the German SIS alert on Mr. and Mrs. Moon was unlawful.163 According to the Court, the German government did not produce convincing arguments to justify the refusal of entry of Mr. and Mrs. Moon. Considering the importance and special weight of the constitutional rights of the members of the Unifi cation Church, the Court of Appeal found that this right could not be lim-ited on the basis of “vague assumptions of fear” (vage geltend gemachten Befürchtungen). Th e German authorities did not lodge an appeal against this decision, and fi nally, in 2007, after twelve years of litigation, the alerts on Mr. and Mrs. Moon were deleted from the SIS.164
162 BVerfG 9.11.2006, BvR 1908/03, § 3. 163 OVG Koblenz, 19.04.2007, Az. A 11437/06. 164 However, in June 2007, Mrs. Moon was still registered by the French authorities in the SIS for
the purpose of refusal of entry.
Brouwer ch-12.indd 439 4/4/2008 5:51:27 PM
440 Chapter 12
9. Conclusions
9.1. Implementation of Article 96 CISA
Th e German rules with regard to the implementation of Article 96 CISA are not easy to decipher. Both the criteria for and the eff ects of an Article 96 report lack transparency. Th e criteria for the input of third-country nationals who are to be refused entry into the NSIS are not explicitly provided for in a formal law. Th ese criteria are, on the one hand, based on the re-entry ban of § 11 (1) of the German Residence Act, which is connected to a decision of expulsion, removal or depor-tation. On the other hand, they are based on the confi dential rules on national security and public order criteria as applied by the German police. More detailed rules for the German immigration offi ces are laid down in ministerial instruc-tions of 1998, the AAH-SDÜ. Th ese instructions are not, however, legally bind-ing and it is unclear whether and how they are applied by each individual immigration offi ce. Nevertheless, since they are the only standards applicable in this fi eld, both courts and data protection authorities seem to rely on the accuracy of the provisions in the general instructions.
Based on these instructions, one can dispute the interpretation of the Article 96 (3) criteria and the way these criteria are implemented in German law. Although the registration of rejected asylum seekers in the SIS is formally forbidden, the reports by the German Data Protection Commissioners confi rm that the immi-gration authorities in Germany are still submitting data on these grounds. Th e interpretation of Article 96 (2) by the (former Border) Police and BKA can also be disputed, with regard to the meaning of “an off ence carrying a penalty involving deprivation of liberty of at least one year”. Th is is interpreted to mean that a wide range of minor off ences would justify a ban on residence for the whole Schengen territory by storing data concerning these persons in the NSIS.
An important source of information on the implementation of Article 96 CISA is provided by the investigation performed in 2004 by the Federal Data Protection Commissioner and the data protection authorities in the Länder on behalf of the Joint Supervisory Authority. Th is investigation highlighted the fact that there are many problems with regard to the reliability of the information held in the SIS, the observance of the time limits and the criteria being used for the registration of third-country nationals. Even before 2004, however, German data protection authorities reported on the many mistakes and the illegal practices with regard to the storage of data on third-country nationals in the NSIS.
9.2. Germany: Strong Tradition of Collecting and Protecting Data
Germany has long-term experience with gathering personal information and the use of databases to maintain internal security . Important developments in this
Brouwer ch-12.indd 440 4/4/2008 5:51:27 PM
Germany 441
fi eld have been the establishment of INPOL and experimenting with the use of data profi ling or Rasterfahndung in the fi ght against the RAF in the 1970s. Since 1953, Germany has a central administration for aliens – a database which only acquired a legal basis in 1994. Based on its own experiences, the German govern-ment took a leading role with regard to the development of the NSIS and later with regard to the ‘computerisation’ of border control. Th e establishment of a cen-tral visa database and the use of biometrics for the identifi cation and verifi cation of travellers had been on the German agenda since long before the negotiations at EU level touched on these issues.
On the other hand, Germany has a strong constitutional history of data protec-tion and the protection of the right to personal life or privacy. Th e ‘Census Judgment’ or the Volkszählungsurteil by the Constitutional Court in 1983 was decisive for the future development of German law as well as being infl uential in other European countries. In this judgment, the German Court raised the right of data protection (informationelle Selbstbestimmung) to a constitutional level and defi ned important criteria for the protection of individuals. German data protection lobbyists such as Simitis and other lawyers played an important role with regard to the drafting of not only the German data protection laws, but also the data protection rules in CISA and EC Directive 95/46. Separate from the development of data protection law, but perhaps just as important in this fi eld has been the protection of the constitutional right to eff ective remedies (Article 19 (4) GG) in German jurisprudence.
Th e judgment of the German Constitutional Court on the practice known as Rasterfahndung after the events of 11 September 2001 also marked an important development in German law and policy. In this judgment of 4 April 2006, the Court ruled that the applied measures of data profi ling were in breach of the constitutional right to privacy of the persons whose information it concerned. Th e Constitutional Court explicitly emphasised the risk of stigmatisation of cer-tain groups of (foreign and Muslim) individuals residing in Germany, referring to the selected criteria on which the data profi ling was based.
9.3. NSIS and the Right to Eff ective Remedies
As we saw in section 5.1, the right to legal remedies for everyone whose constitu-tional rights are aff ected by public administration is protected in Article 19 (4) of the German Constitution. Th is right forms an important basis for the question of whether the person concerned actually has access to ‘eff ective remedies’. With the exception of short-term visa applications and ‘manifestly unfounded asylum claims’, German immigration law includes a general right to appeal. With regard to data processing, German administrative procedural law also provides diff erent possibilities for individual appeal. A person may also lodge an administrative appeal against the decision to refuse the right to access, correction or deletion of data.
Brouwer ch-12.indd 441 4/4/2008 5:51:27 PM
442 Chapter 12
During my research, I found only a surprisingly small number of cases, considering the large number of illegal or incorrect registrations in the SIS, as established by the German data protection authorities. In these few decisions, the German courts dealt with diff erent issues, including the question of whether a SIS report is a separate administrative act open to legal remedies, the impor-tance of available eff ective remedies including the possibility of a temporary injunction. In 2003, the Federal Administrative Court, and in 2006 the Constitutional Court, recognised the relation between the refusal of entry based on a SIS alert and the protection of the human rights, in this case the freedom of religion, of others.
9.3.1. AccessibilityTh e accessibility of legal remedies in Germany seems to be especially hampered by the lack of knowledge of the third-country national about his or her registra-tion in the NSIS. Th is is caused by the lack of transparent rules on the imple-mentation of Article 96 CISA and the fact that the immigration authorities will not inform the person that he or she has been reported in the NSIS. Th is practice seems to be in breach of the more general principles of German administrative law with regard to the duty of motivated decision-making.
More in general, German courts emphasised the importance of being heard in immigration- and asylum law procedures. As we have seen above, both the Federal Administrative Court and the Constitutional Court emphasised the duty of the administrative authorities to resolve language and translation problems for those persons not able to understand the German language.
9.3.2. Scope of ReviewIn the few decisions I found on the use of SIS, the German courts carefully scru-tinised the lawfulness of the registrations and considered whether the SIS report complied with the criteria of Article 96 CISA. Th e jurisprudence on the NSIS is to be read together with the jurisprudence on the German practice of data profi l-ing or Rasterfahndung since 11 September 2001. With regard to the practice of Rasterfahndung, the German courts accepted national security reasons as the jus-tifi cation for the temporary use of data profi ling. However, in these judgments, the courts also made it clear that, in their decisions on the use of these methods, governments are obliged to balance all the interests at stake and to consider the proportionality (Verhältnismässigkeit ) of the chosen method. In the Rasterfahndung judgment of 4 April 2006, the Constitutional Court made it clear that data pro-fi ling is only justifi ed under special and specifi ed circumstances. Th e principle of proportionality played an important role in the more recent case-law dealing with the registration of Mr. and Mrs. Moon in the SIS. Twelve years after the German authorities had entered their data into the SIS, the Court of Appeal of
Brouwer ch-12.indd 442 4/4/2008 5:51:27 PM
Germany 443
Koblenz fi nally ruled that the Article 96 (2) alert was disproportional and there-fore unlawful. With this conclusion, the Koblenz Court followed the earlier judgment of the Constitutional Court in this case.
Other important judgments are those of the Constitutional Court and the Federal Administrative Court with regard to the constitutional right to informa-tional self-determination and the right to eff ective judicial protection. In these judgments, the courts established clear and comprehensive criteria with regard to the principle of proportionality and the ‘eff ectiveness’ of legal remedies.
Finally, as we have seen above, in a judgment in 1999, the Constitutional Court emphasised the importance for courts of having access to information based on which the decision has been taken, in order to guarantee an eff ective remedy.165 In this judgment, the German Court made it clear that the possibility for the court to have access to the information during the judicial process had nothing to do with data protection rights or the right to informational self- determination, but everything to do with the applicant’s right to eff ective judicial protection.
9.3.3. CompetencesTh e right to appeal under immigration law includes diff erent possibilities for restoring the interests of the applicant. Th is, as has been confi rmed repeatedly by the German courts, includes the possibility of obtaining a temporary injunction or of having the eff ects of the administrative decision suspended.
In the case law described above, diff erent German courts issued a binding order to the administration involved when they found that a SIS alert did not comply with the criteria of Article 96 CISA. Th ese orders included the deletion of the SIS alert in question, the annulment of the refuted decision based on the SIS registration, or an interim order to prevent the expulsion of the person concerned.
In a judgment on the AZR (dealt with in section 6.6.1), the Constitutional Court confi rmed that a data subject should have the right to lodge an appeal with the administrative court, seeking a ban on further data processing or the trans-mission of the personal information to other authorities if this data processing is considered unlawful.
Finally, it is important that an individual has the right to fi nancial compensa-tion whenever he or she suff ers damage resulting from wrongful or unlawful data processing. Th is right to fi nancial compensation is provided for in the Federal Data Protection Act and covers material and immaterial loss.
165 BVerfG 27.10.1999, 1 BvR 385/90.
Brouwer ch-12.indd 443 4/4/2008 5:51:27 PM
Brouwer ch-12.indd 444 4/4/2008 5:51:27 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 445–510.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Chapter 13
Th e Netherlands“Easy as it is to point at the defi ciencies of the SIS, it is not easy to repair them. Seeing the sensitivity of Member States in this fi eld, there is little chance that consen-sus can be reached on clear and precise common criteria to report a person into such a computer system. A step forward would already be a limitation of the reporting grounds.”1
1. Introduction
Before the Netherlands joined France and Germany in their bilateral discussions on the abolition of internal border control, this country was already cooperating in the fi eld of visa and immigration policy with Belgium and Luxembourg. In fact, the Benelux agreement of 1960 was an important source of inspiration for the later Schengen negotiations. Th e Dutch government had diff erent reasons for believing it useful to extend this cooperation to France and Germany. Th ese reasons included the economic advantages of the abolition of internal border controls, as well as the possibility of enhancing cooperation between police forces and of harmonising asylum and immigration law. In general, the Dutch government held the view that intergovernmental cooperation in the fi eld of immigration and asylum law was to be considered a temporary measure. In time, ‘Schengen’ would have to be replaced by EU measures.
1 J.D.M. Steenbergen, All the King’s Horses … Probabilities and Possibilities for the Implementation of the New Title IV EC Treaty, European Journal of Migration and Law 1, 1999, p. 29–60.
Brouwer ch-13.indd 445 4/4/2008 5:41:54 PM
446 Chapter 13
2. Parliamentary Involvement with CISA
2.1. ‘Schengen’ in General
Th e CISA was ratifi ed by the Netherlands on 30 July 1993.2 Th e Dutch parliament approved the CISA on 23 February 1993.3 Th e implementation of the CISA in the Netherlands included amendments to the applicable law and practical measures. Th ese changes took place between the date of ratifi cation (1993) and the date the treaty became eff ectively operational in the fi rst Schengen states (26 March 1995). Even during the discussions on the approval of the Schengen Agreement of 1985, the Dutch government announced that the introduction of the general duty of individuals to carry an identity card (algemene identifi catieplicht ) would be necessary to make up for the abolition of internal border controls.4 Although, as was later admitted, this new measure would not be a formal legal result of the CISA, according to the government this would be necessary “to improve effi cient control on immigrants within the territory”.5 A legal pro-posal including the obligation of individuals to identify themselves using an identity card in certain situations was submitted to the Dutch parliament in July 1992. Despite opposition from civil society and certain political parties (includ-ing the larger Socialist Party), this law was adopted in 1993 and entered into force on 1 January 1994.6 Meanwhile, the duty of identifi cation has been extended pursuant to a new law which entered into force on 1 January 2005.7
Despite the lack of transparency and the secrecy surrounding the negotiations on the CISA, the Dutch parliament was relatively closely involved with regard to the CISA. As of 1988–1989, the legal and organisational implications of the draft CISA were scrutinised by the ‘Schengen specialists’ in the Dutch parliament.8 One year before the signature of the CISA, members of the Second Chamber submitted a long list of questions on the content and practical eff ects of the draft
2 Dutch Journal of Treaties (hereafter: Tractatenblad ) 1993, no. 115, published on 27 August 1993. (Belgium and Luxembourg ratifi ed the CISA on 31 March 1993).
3 Offi cial Journal of the Lower House of Parliament (hereafter: Handelingen Tweede Kamer) 22 142. Act of approval published in Dutch Offi cial Journal (hereafter: Staatsblad) of 24 February 1993, no. 138.
4 Memorandum of the Minister of Justice, Handelingen Tweede Kamer 1986–1987, 20 031, no. 1–2.5 Handelingen Tweede Kamer 1989–1990, 19 326, no. 11, debate of 12 June 1989.6 Staatsblad 1993, no. 660. See, for a general history of Dutch policy with regard to the legal duty
of identifi cation, A. Böcker, Identifi catieplicht: oplossing of oorzaak van problemen, Reeks Recht & Samenleving no. 17, University of Nijmegen: GNI 2002.
7 Staatsblad 2004, no. 300.8 Organisational measures which received much attention during parliamentary debates included, for
example, the fi nancial and organisational problems which occurred during the preparation of the Dutch airport Schiphol for Schengen, see Handelingen Tweede Kamer 1995–1996, 19 326, no. 113.
Brouwer ch-13.indd 446 4/4/2008 5:41:54 PM
Th e Netherlands 447
Convention.9 Th ese questions had been drafted by a Dutch NGO, the Meijers Committee. Th ey covered, for instance, the role of the European Parliament dur-ing the Schengen negotiations, the competence of the Court of Justice, future plans with regard to the harmonisation of asylum law and visa policy, the use of SIS and the availability of legal remedies (see below).
In the Dutch legislative process, before legal drafts are forwarded to parliament, the Council of State (Raad van State) has to give its prior recommendation on the proposal. In its report on the approval act of the CISA of 8 April 1991, this Council of State was critical with regard to the content of the CISA and, e xceptionally, advised the Dutch government not to submit the act of approval to parliament.10 One of the central concerns of the Council of State was the fact that the CISA provided rules on which state should be responsible for an asylum application, without harmonising the national asylum laws. Th e Council of State also questioned the provisions for the exchange of personal information, the inadequate protection of privacy and the lack of unifying supranational judicial control with regard to the implementation of CISA. Despite this negative advice, the Dutch government decided to submit the proposal to the parliament.
Th e Dutch parliament was provided with information and comments by Dutch NGOs, including the Dutch section of Amnesty International, the Dutch Centre for Immigrants, the Dutch Refugee Council and the aforementioned Meijers Committee.11 Based on a draft by this latter organisation, the Dutch parliament agreed upon an important provision to be incorporated into the ratifi cation act of the CISA.12 According to this provision, the Dutch government was obliged to publish and to submit to the Dutch parliament each draft decision by the Schengen Executive Committee with binding eff ects on the Netherlands. Th is new power for the national parliament with regard to binding decisions taken within the intergov-ernmental framework of Schengen was at that time quite unique, but later also taken up by other countries.13 A comparable provision has also been included in the approval act of the Maastricht, Amsterdam and Nice Treaties.14
9 Handelingen Tweede Kamer 1988–1989, 19 326, no. 11, 12 June 1989. 10 Handelingen Tweede Kamer 1990–1991, 22 140, B. 11 A critical analysis of the CISA was given in a special issue on Schengen of the Dutch Law
Journal by members of the Meijers Committee and other lawyers, Nederlands Juristenblad, 31 January 1991, p. 161–240.
12 Article 2 of the law of 24 February 1993, Staatsblad 1993, no. 138, based on the parliamentary resolution Van Traa-De Hoop Scheff er, Handelingen Tweede Kamer 22 140, no. 8.
13 Italy enacted a similar provision. See D. Curtin and H. Meijers, Th e Principle of Open Government in Schengen and the European Union: Democratic Retrogression?, in: H. Meijers et al., Democracy, Migrants and Police in the European Union: the 1996 IGC and beyond, Utrecht: Forum 1997, p. 25–26.
14 See, for the ratifi cation act of the Maastricht Treaty: Staatsblad 1992, no. 692, of the Treaty of Amsterdam , Staatsblad 1998, no. 737.
Brouwer ch-13.indd 447 4/4/2008 5:41:54 PM
448 Chapter 13
2.2. Parliamentary Discussions on SIS
Th e establishment of a central, computerised database to be used by police forces in diff erent countries met with strong criticism in the Dutch media and the parliament. In 1988, the Dutch government informed its parliament of the f easibility study which was undertaken with regard to the establishment of the SIS.15 Th e government described the SIS as an indispensable tool or as a ‘ conditio sine qua non’, making up for the abolition of internal border controls.16 Th e information to be stored in the SIS would be to safeguard public order and security in the Schengen territory and to fi ght criminality.17
Many of the parliamentary questions submitted during the negotiations on the CISA in June 1989 concerned the future use of the SIS.18 Th ese questions dealt with the availability of legal remedies against the reporting of personal data in the SIS and whether there would be a duty to inform a person about this registration (see below). Furthermore, the question arose of whether rejected asylum seekers would be registered in the SIS, which was denied by the Dutch government. Th e Dutch government estimated that the SIS would contain data on 800,000 persons, 50,000 of which would be forwarded by the Dutch authorities.19 Compared to the more recent data on input into SIS, this estimate was relatively close to the current numbers, except for the input by the Dutch authorities, which was overes-timated. For example, in 2005 the number of alerts on all categories of persons recorded in the SIS was 818,673, of which 17,239 alerts were submitted by the Netherlands.20
Once the SIS became operational, members of the Dutch parliament only incidentally dealt with the functioning of the SIS. Based on this report by the Schengen Joint Supervisory Authority (JSA) on the period 1995–1997, members of parliament questioned the government about the current use and organisation of the SIS. Among other things, they referred to the conclusions of the JSA that the national SIS fi les in the various Schengen states did not include the same information, that national security measures were either inaccurate or lacking and that the Schengen states did not make suffi cient use of the possibilities of encryption.21
15 Handelingen Tweede Kamer 1987–1988, 19 326, no. 7, 7 January 1988. 16 Handelingen Tweede Kamer 1987–1988, 19 326, no. 8, 30 June 1988. 17 Handelingen Tweede Kamer 1988–1989, 19 326, no. 10, 14 December 1988. 18 Handelingen Tweede Kamer 1989–1990, 19 326, no. 11, 12 June 1989. 19 Handelingen Tweede Kamer 1989–1990, 19 326, no. 11, 12 June 1989, p. 13. 20 Offi cial data of C.SIS exploitation team for 1 January 2005. 21 See the written reaction by the Secretary of State for Justice, Handelingen Tweede Kamer 19 326,
170, 17 June 1997.
Brouwer ch-13.indd 448 4/4/2008 5:41:54 PM
Th e Netherlands 449
Th e functioning of the SIS was raised again during the parliamentary debates in response to the publication of two Dutch audits which were performed on the functioning of the NSIS in 1997.22 Th ese reports concerned the audit by the Dutch Court of Auditors (Algemene Rekenkamer) and by the Dutch Data Protection Authority. Th ey will be discussed in sections 3.5 and 3.6.
Occasionally, members of the Dutch parliament submitted questions on security issues in response to incidents with the SIS and SIRENE , even if these incidents occurred abroad. For example, in 1997, a member of the Dutch Parliament raised questions on the security and the accessibility of NSIS information following an incident in Belgium. Th is concerned permanent staff members of the Belgian SIRENE offi ce who were suspected of having forwarded information to members of a criminal organisation.23 Another incident resulting in parliamentary questions was the conduct of the French authorities in impeding research by members of the Joint Supervisory Authority during their investigation of the CSIS premises in Strasbourg.24
In 2005, a member of the Dutch parliament asked how many third-country nationals were registered by the Dutch authorities in the SIS. Th e Minister of Immigration responded that, based on fi gures from 1 January 2005 from the C.SIS, the Dutch authorities forwarded 15,377 Article 96 alerts to the SIS.25 Th is answer did not result in any further questions or discussions.
2.3. Parliamentary Discussions on the SIS and the Availability of Legal Remedies
Even before the date of signature of the CISA, members of parliament questioned the legal protection of individuals registered in the SIS.26 In partic-ular, the lack of judicial control in combination with the lack of harmonised criteria for registration in the NSIS was a matter of general concern.27 In answer to these questions, the government stated that an individual could invoke his or her right to legal remedies in each country where a NSIS offi ce is located. Th e Dutch government explicitly emphasised that the diff erent countries would have to respect each judgment by the national courts, including courts of other Schengen states. Th e legal remedies open to individuals would be those as provided for in national law.
22 Handelingen Tweede Kamer 1996–1997, 19 326, 161, 17 April 1997. 23 Aanhangsel van de Handelingen, 1997–1998, 29 December 1997, p. 1085, no. 531. 24 Handelingen Tweede Kamer 1996–1997, 19 326, no. 166, 23 June 1997, p. 8. 25 Aanhangsel van de Handelingen, 1997–1998, no. 531, p. 1085. 26 Handelingen Tweede Kamer 1989–1990, 19 326, no. 26 27 Handelingen Tweede Kamer 1989–1990, 19 326, no. 11, 12 June 1989.
Brouwer ch-13.indd 449 4/4/2008 5:41:54 PM
450 Chapter 13
In the aforementioned recommendation of 8 April 1991 on the Dutch approval act for the CISA, the Council of State explicitly dealt with the meaning of Article 111 CISA with regard to the judicial remedies.28 According to the Council of State, there was no clear rule on the right to legal remedies against an alert for the purpose of refusal or expulsion. Th e advisory body questioned whether a national court could make a declaration on the legitimacy of alerts stored by another Schengen state in the SIS. Th e Council of State also regretted that the negotiating partners did not fi rst harmonise the relevant material and procedural rules.
In its response, the Dutch government disagreed with the conclusion of the Council of State that the CISA would not provide clear rules on the legal reme-dies.29 According to the government, the CISA contained ‘fully’ harmonised rules on the standards for entering data, the use of alerts and the protection of privacy. Th e national laws of the Schengen states would have to comply with these rules. As we have seen above, this information is not accurate because, for example, the criteria of Article 96 are not very precise. Th e Dutch government held that only the procedural rules of the legal remedies had not been harmonised. Th is lack of procedural rules was however resolved, according to the government, by the principle in the CISA regarding the mutual recognition of national court deci-sions. A court would assess the grounds submitted by the applicant in an indi-vidual procedure and, potentially, this court could ask the issuing state for further information. If the court decided that the alert should be deleted from the SIS, the applicant could ask the issuing state to implement the court’s decision. In addition, the government noted that if one country rejected the request and sub-sequent appeal by the applicant, nothing would prevent this individual from starting the same procedure in another Schengen country. Th e national court in the other Schengen state would then be competent to start a new independent investigation into the lawfulness of the alert.
In the same advice on the approval act of the CISA, the Council of State proposed giving the European Court of Justice (ECJ) a supervisory role with regard to the implementation of the CISA. According to the Council of State, the proper imple-mentation of ‘Schengen’ would require the harmonisation of the law and practice of the Schengen countries in certain relevant fi elds. Supervision by an international judicial authority would be necessary, or at least ‘urgently required’, to ensure this harmonisation of law. Th is concern about the lack of a supervisory judicial authority to interpret the provisions of the CISA was shared by some members of parliament.
28 Handelingen Tweede Kamer 1990–1991, 22 140, B. 29 Handelingen Tweede Kamer 1990–1991, 22 140, B, p. 43–45.
Brouwer ch-13.indd 450 4/4/2008 5:41:55 PM
Th e Netherlands 451
Initially, the government replied to parliament that there were no intentions to develop such an institution. Th e government referred to the fact the Schengen Agreements were temporary measures, prior to EC regulations. Th erefore, there would be no reason to establish separate Schengen authorities with judicial control over the implementation of Schengen law. According to the government, these cases could be submitted to current international institutions, including the ECtHR.
In 1991, the aforementioned NGO, the Meijers Committee, proposed adding a Protocol on the role of the Court of Justice to the ratifi cation of the Schengen Agreement of 1985, the CISA, and the agreement between the Schengen coun-tries and Poland of 29 March 1991.30 Based on a draft by this NGO and the ensuing discussions in the parliament, the Dutch government submitted a draft for a Protocol regulating the power of the Court of Justice to its Schengen part-ners on 11 November 1991.31 Th is protocol did not receive enough support from the other Schengen states and has therefore never been adopted. Nevertheless, in other fi elds of law as well, this proposal regarding the role of the Court of Justice remained on the political agenda of the EU Member States.32
In 2001, a member of the Dutch parliament questioned the government on the absence of any information campaign for citizens with regard to the use of SIS.33 In their answers, the Minister of Justice and the Secretary of State for Foreign Aff airs confi rmed that the information leafl ets developed by the Joint Supervisory Authority had still not been distributed in the Netherlands “due to a misunderstanding”. Th e Ministry of Foreign Aff airs would however provide general information on the content of the Schengen Agreements, including the freedom of movement and visa policy. Meanwhile, the Dutch Data Protection Authority was to take over responsibility for the distribution of information about the NSIS. However, at the time of my research (2004–2006), this organisation had not disseminated any information with regard to the NSIS.
2.4. Parliamentary Debate on SIS II
Compared to the critical attitude of the Dutch parliament with regard to the establishment of SIS I, the development of SIS II was discussed only marginally.
30 Annex to a letter from the Meijers Committee to Dutch NGOs of 17 May 1991, JR91–179. See also the contribution by H. Meijers, the initiator and former chairman of the Meijers Committee in the special issue on Schengen, Nederlands Juristenblad, 31 January 1991, p. 161–240.
31 C.A. Groenendijk, Th e Competence of the EC Court of Justice, in: H. Meijers et al., A New Immigration Law for Europe?, Utrecht: Dutch Centre for Immigrants 1993, see p. 52.
32 A. Woltjer, Schengen: Th e Way of no Return?, Maastricht Journal of European and Comparative Law 2 (1995), p. 256–278.
33 Aanhangsel van de Handelingen, 2001–2002, p. 425, no. 203.
Brouwer ch-13.indd 451 4/4/2008 5:41:55 PM
452 Chapter 13
On the few occasions when the Senate or the Second Chamber of parliament made an inquiry about SIS II, they rarely raised fundamental questions. Th e par-liament did not question which lessons could be learned from the current use of the NSIS or whether this system was eff ective with regard to its goals.
Th e most extensive inquiry into SIS II was included in a letter from the sub-committee on Justice and the Interior of the Senate of 26 November 2002.34 In this letter, the Minister of Justice was asked to provide the Senate with informa-tion on the development of SIS II in relation to the accession of new EU Member States. Other questions raised by the Senate concerned the involvement of the European Parliament in the decision-making on SIS II, whether the Dutch parlia-ment would be informed of every decision regarding SIS II and whether the pur-pose of SIS II would be changed. It was six months before these questions were answered by the Minister of Justice.35 Th e Minister informed the Senate that the European Parliament was consulted on the SIS developments and that every deci-sion (binding and non-binding) on SIS II would be submitted to the Dutch parlia-ment. According to the Minister, the inaccuracy of data held in the current SIS would be the subject of continuous concern. In this same letter, the Minister of Justice responded to parliamentary questions in reaction to an earlier publication by in the Dutch government journal, the Staatscourant.36 In this publication, the journalist Jelle van Buuren dealt with the proposals for the interoperability of dif-ferent databases, the consequences of these proposals for the privacy rights of indi-viduals and changing SIS II into an investigative tool. In his response, the Minister described this publication as a mixture of “Wahrheit und Dichtung”. Although he admitted that more organisations would gain access to SIS II, he emphasised that the responsible Council Working Group was not considering any proposal to link SIS II to other databases. According to the Minister, SIS II would remain a data-base for daily use by national offi cers on a hit/no hit basis. Th e Minister did not inform the parliament of the fact that, as we saw in Chapters 4 and 5, even before 2003 diff erent Member States had submitted extensive proposals with regard to the use of SIS II, for example, the possibility of searching SIS on the basis of incomplete data.37 Moreover, even in December 2003, the European Commission recommended the technical integration of SIS II and VIS in its Communication on the second generation SIS and synergies with SIS II and VIS.38
34 Doc. 128949.03, available on the Senate’s special Europa website: http://www.europapoort.nl. 35 Letter from the Minister of Justice of 8 July 2003. Handelingen Tweede Kamer 2002–2003, 23
490, no. 8ee. 36 Staatscourant 19 November 2002. 37 Proposal by the Italian and Spanish delegation in 2001, 6164/5/01. 38 COM (2003) 771.
Brouwer ch-13.indd 452 4/4/2008 5:41:55 PM
Th e Netherlands 453
During discussions on the forthcoming meeting of the JHA Council in June 2003, Socialist Party (PvdA) member Aleid Wolfsen questioned the proposed purpose and content of SIS II, the authorities to be granted access to it and the safeguards to be provided for the legal protection of individuals.39 In a response dated September 2003, the Minister of Justice again emphasised that the SIS II would remain a hit/no hit database, but indicated, however, that this was not a fi nal option. According to the Minister, “within its general purpose, attempts would be made to adapt SIS II to changing circumstances”.40
Invited by members of the parliament, in September 2006 the Minister of Justice gave a written response to a letter from the Meijers Committee regarding a draft text of the SIS II Regulation.41 In this letter, the Dutch NGO questioned the rules on the deletion of data on third-country national acquiring EU citizen-ship and of third-country nationals with privileged rights under EC law. Furthermore, the Meijers Committee criticised the inaccurate rules relating to legal remedies for individuals. According to the Minister, many of these critical issues in the former draft of the Regulation would have been improved by later amendments. Some of these positive amendments would even be based on the eff orts of the Dutch government during the negotiations in the Council.
3. Implementation of the SIS and Registration of Th ird-Country Nationals
3.1. Sources of Immigration Law
Th e general rules of immigration law are laid down in the Dutch Aliens Act 2000 (Vreemdelingenwet 2000 ). Th is law was adopted on 23 November 2000 and entered into force on 1 April 2001.42 Th e Aliens Act 2000 replaced the former Aliens Act 1965. Th is reform concerned, fi rstly, an amendment of Dutch asylum law. In order to shorten the available asylum procedures, the rules governing the procedures were simplifi ed and the right to administrative review was withdrawn. To prevent asylum seekers from fi ling successive procedures to achieve more secure status, the legal rights inherent in diff erent residence permits were unifi ed.
Th e Aliens Act 2000 provides rules on the diff erent categories of residence permits and documents, the asylum procedure, the legal remedies and the rules
39 Handelingen Tweede Kamer 2002–2003, 23 490, no. 282. 40 Letter from the Minister of Justice of 25 September 2003 in reply to parliamentary questions.
Handelingen Tweede Kamer 2003–2004, 23 490, no. 293. 41 Handelingen Tweede Kamer, 2005–2006, 23 490, no. 427. Th is letter from the Meijers Committee
of 13 April 2006 was written by the author and is available at http://www.commissie-meijers.nl. 42 Staatsblad 2000, no. 495 and Staatsblad 2001, no. 144.
Brouwer ch-13.indd 453 4/4/2008 5:41:55 PM
454 Chapter 13
on the expulsion and detention of third-country nationals. More specifi c and detailed rules are included in the Aliens Decree 2000 (Vreemdelingenbesluit 2000 ), the Aliens Regulation 2000 (Vreemdelingenvoorschrift 2000) and the Aliens Circular 2000 (Vreemdelingencirculaire 2000 ). Th e Aliens Circular 2000 includes instructions from the Minister of Immigration and Integration ( hereafter referred to as the Minister of Immigration) to the national immigration offi cers and to border guards.43 Th e instructions with regard to border controls as pro-vided by the Aliens Circular have been amended in accordance with the Schengen Border Code.44
Th ese circulars, which are neither adopted nor systematically approved by par-liament, include substantive criteria for policy measures. Initially, these instructions were given by the Minister or the Secretary of State for Justice. Between 22 July 2002 and February 2007, the Minister of Immigration and Integration was responsible for decisions in the fi eld of immigration and integration law.45 Th e combination of the Aliens Act 2000 with the diff erent ministerial circulars and decisions makes the applicable law opaque. In particular, the fact that these rules are often changed makes it diffi cult to assess which provisions currently apply.
Th e issue of visas is only partially dealt with in the Dutch Aliens Act. It fi nds its basis in a Decree (Souverein Besluit) of 1813.46 Th e Minister of Foreign Aff airs is empowered to issue visas in accordance with the applicable Schengen rules and the agreements between the Benelux countries. In 2002, the government announced that a new comprehensive act on Dutch visa policy was being prepared.47 However, following the recommendation of November 2005 by the Dutch Advisory Committee on Immigration Law (Adviescommissie Vreemdelingenzaken’), the government dropped this proposal in 2006. According to this recommendation, a separate visa law would not be necessary due to the existing and directly binding Schengen rules.48 Further rules on visa policy not provided for in the Schengen law would be incorporated into the general Aliens Act 2000.
Before going into the criteria based on which third-country nationals can be registered in the NSIS, it should be noted that the Dutch Aliens Act 2000 uses the
43 Since February 2007, with the installation of the new government Balkenende IV, the post of Minister of Immigration has been abolished. Since then, immigration law and policy falls under the responsibility of the Secretary of State for Justice.
44 Regulation 562/2006 . See Vreemdelingencirculaire, decision 2006/16, Staatscourant no. 60, 24.3.2006.
45 Royal Decree (Koninklijk Besluit) 22 July 2002, Staatscourant no. 140, p. 7 and Staatsblad 2002, no. 418.
46 Staatscourant 1814, no. 4. 47 Announced in a general memorandum of 18 July 2002 on the visa law (Hoofdlijnennotitie
Visumwet), Handelingen Tweede Kamer 2000–2001, 26 106, no. 4. 48 Letter from the Minister for Immigration, 20 June 2006, just060521.
Brouwer ch-13.indd 454 4/4/2008 5:41:55 PM
Th e Netherlands 455
word ‘aliens’ instead of ‘third-country nationals’. According to Article 1 of the Aliens Act 2000, ‘aliens’ includes any person not holding Dutch nationality and who, according to legal provisions, should not be treated as a Dutch national. In the fol-lowing sections, I will use the word ‘aliens’ when the provision in question also refers to EU or EEA nationals. Otherwise, I will refer to ‘third-country nationals’.
3.2. Criteria for Registration in the NSIS
With regard to the registration of unwanted persons, Dutch immigration law diff erentiates between two categories of aliens: persons to whom a formal resi-dence ban has been issued by the Minister of Immigration and Integration (onge-wenst verklaarde vreemdelingen ) and persons reported as unwanted aliens based on ministerial instructions (ongewenst gesignaleerde vreemdelingen ). Th is duality in Dutch law has a historical basis. Whereas, in 1960, based on the Benelux trea-ties, the formal residence ban had been introduced into the former Aliens Act, the administrative practice of reporting aliens on the basis of a ministerial instruc-tion was maintained. Th e parallel functioning of both categories is however con-fusing and does not seem logical.49 Although these categories are based on diff erent regulations and have diff erent legal consequences, for practical purposes their registration has the same eff ect: a ban on entry.50 Furthermore, as we will see, the criteria for both categories are sometimes very similar.
As we saw in Chapter 3, EU/EEA, and Swiss citizens cannot be registered in the NSIS for the purpose of refusal of entry. According to Dutch law, however, they can be declared inadmissible on the basis of Article 67 Aliens Act 2000 or reported as inadmissible on the basis of the provisions of the Aliens Circular. In these cases, they shall only be registered in the national investigation fi le or the Dutch police fi le, the OPS (see below). Of course, a decision to refuse entry to a EU/EEA or Swiss citizen or their family members based on such registration must comply with the stringent criteria of EC law, including Directive 2004/38 discussed in Chapter 9.51
3.2.1. Formal Residence BanUnlike the second category of ‘inadmissible aliens’ (see below), the formal residence ban (ongewenstverklaring ) has an explicit legal basis in Article 67 of the Aliens Act
49 A. Kuijer, J.D.M. Steenbergen, Nederlands Vreemdelingenrecht, Th e Hague: Boom Juridische Uitgevers 2005, 9.5, p. 558. See, for a critical comment, R. Heringa, Ongewenstverklaring en verblijfsbeëindiging. Een gemiste kans, Migrantenrecht 5/01, p. 144–150.
50 See, on the punitive nature of the Dutch residence ban, F.M.J. den Houdijker, Punitief karakter ongewenstverklaring , -signalering en rechtsbescherming, Migrantenrecht 6–7, 2006, p. 239–243.
51 See the Articles 8.5 to 8.8 of the Dutch Aliens Decree 2000.
Brouwer ch-13.indd 455 4/4/2008 5:41:55 PM
456 Chapter 13
of 2000.52 Th e formal residence ban is based on a written decision by the Dutch Minister of Justice. In general, the decision to issue a formal residence ban should be based on considerations involving the protection of public order and national security . A person to whom a formal residence ban has been issued and who is found on Dutch territory is punishable on the basis of Article 197 of the Dutch Criminal Code. Th is means he can be sentenced to imprisonment for a maximum of 6 months or to pay a pecuniary fi ne.
Article 67 (1) of the Aliens Act 2000 describes the following categories of p ersons to whom a formal residence ban can be issued:
a. a person residing without a legal basis in the Netherlands and who has committed more than one off ence which is punishable under the Aliens Act (for example if a person does not report his or her stay to the competent author-ities within the prescribed time). Th is does not require a criminal conviction;
b. a person with a residence permit who is convicted of a crime punishable by a term of imprisonment of 3 years or more;
c. a person residing without a legal basis in the Netherlands and who poses a danger to public order or national security . Th is includes diff erent categories of persons, including (multiple) convictions for a crime punishable by imprison-ment, or a report from the national or a foreign intelligence and security agency;
d. a person regarding whom another Schengen or Benelux State submitted a motivated request to the Dutch government to order a formal residence ban;
e. a person who committed a serious crime outside Dutch territory and when a formal residence ban would be in the interests of international relations.
Th e criterion under (a) is inserted on the basis of a resolution adopted by the Lower House of the Dutch Parliament in 2004. In this resolution, the Minister was asked to apply the formal residence ban more frequently with regard to ille-gal immigrants acting in breach of the Aliens Act.53 Article 67 (1) (b) concerns persons who have been convicted and whose residence permit is withdrawn for that reason. Th is decision, to withdraw the residence permit, should be taken by balancing the public interests and the individual rights of the person at stake. Since February 1990, Dutch law provides a ‘sliding scale’ mechanism for the decision to withdraw someone’s residence permit.54 In general, this mechanism stipulates that the residence permit of a person staying for a longer period in the
52 Th e implementation rules are laid down in the Aliens Decree 2000 and in the Aliens Circular 2000.
53 Amendment Aliens Circular, Decision no. 2005/29, Staatscourant 23 June 2005, no. 119. 54 Article 3.86 Aliens Decree 2000.
Brouwer ch-13.indd 456 4/4/2008 5:41:55 PM
Th e Netherlands 457
Netherlands can only be withdrawn if the prison sentence to which he or she has been sentenced is also longer. For example, the extension of a residence permit can be refused or a residence permit can be withdrawn if a person who has been in the Netherlands for at least three years but less than four years has been sentenced to more than 9 months’ imprisonment. With regard to a person who has been in the Netherlands for at least 15 years but less than 20 years, the sliding-scale mechanism states that he or she should be sentenced to a term of imprisonment of more than 96 months. Article 3.86, paragraph (c) of the Aliens Decree 2000 states that the decision on the extension or withdrawal of residence permits can also be based on foreign, fi nal convictions.
Th ere are no offi cial time limits for the duration of a formal residence ban. It can only be withdrawn by the Minister following an application from the third-country national concerned.55 Th e Dutch Aliens Act contains strict rules if a third-country national should apply for the withdrawal of his or her residence ban. Th ese rules imply that, depending on the facts forming the basis for the formal residence ban, the person must remain outside Dutch territory for one, fi ve or ten years before he or she can apply for its withdrawal.
Th e sliding scale criteria are subject to changes. Th e criteria have been t ightened for persons residing in the Netherlands for less than fi ve years and, eff ective 17 June 2002, a residence permit can be withdrawn if the person concerned has repeatedly committed minor off ences.56 In 2005 and 2006, the Minister of Immigration announced stricter rules, including amendments stating that legally resident third-country nationals could be more easily expelled after having committed a criminal off ence.57
3.2.2. Th ird-Country Nationals Reported as UnwantedTh e second category, third-country nationals reported as unwanted (ongewenst gesignaleerde vreemdelingen ) constitutes the largest number of Article 96 reports in the NSIS. Th is category has no formal legal basis, but the criteria for reporting third-country nationals as ‘unwanted’ in the national police fi les can be found in the Aliens Circular 2000 (para. A3/9.2.2). Th e decision to report somebody as ‘unwanted’ is based on an instruction from the Dutch Minister of Immigration (now: Secretary of State for Justice) to the offi cers implementing the tasks of border control and immigration law. Th is ‘informal residence ban’ is to be considered an
55 Article 68 Aliens Act 2000 and Article 6.6 of the Aliens Decree 2000. 56 Article 3.86 Aliens Decree amended by Tussentijds Bericht Vreemdelingenrecht (TBV) 2002/34
in: Staatscourant 6 August 2002, p. 7. 57 Aanhangsel Handelingen Tweede Kamer 2005–2006, no. 1983, p. 4211. See also NRC
Handelsblad 14 September 2006: Vreemdeling bij iedere straf het land uit.
Brouwer ch-13.indd 457 4/4/2008 5:41:55 PM
458 Chapter 13
administrative instruction from the Minister to the border police and the immigra-tion offi cers to refuse the person entry at the borders or to expel the person if he is found on Dutch territory. Unlike the formal residence ban, persons who are reported as unwanted are not informed in advance. And, unlike the formal resi-dence ban, a third-country national reported as unwanted is not committing a crime if he or she resides or stays within the Netherlands.
In general, the reasons for reporting a person as unwanted in the NSIS are based on danger to public security, public order or national security . In practice, this cov-ers a wide variety of reasons for which a person can be reported in the NSIS, includ-ing a conviction for a minor off ence such as shoplifting, as well as the suspicion that a person has ties with terrorist networks. According to text of the Aliens Circular of July 2006, the Dutch authorities are instructed to report a third- country national whenever the following criteria apply (the prescribed duration of the alert is given in brackets):58
a. fi rst expulsion of a non-criminal alien within a period of two years (two years);b. removal of a third-country national who has been reported (prosecuted) for
a crime related to drugs smuggling, but who has (still) not been convicted (two years);
c. removal following a prison sentence of a maximum of three months (two years);d. removal following a prison sentence from three to six months (three years);e. removal following a prison sentence of six months or more (no formal resi-
dence ban) (fi ve years);f. if the person has been refused entry or has been expelled because he or she
used fake or forged identifi cation or travel papers or deliberately produced travel or identity papers that did not belong to him (fi ve years);
g. if the person evades supervision, for example if the person does not comply with detention or supervision measures listed in Articles 4.37–4.39 and 4.42 to 4.52 of the Aliens Decree59 (three years);
h. if the Minister of Immigration fi nds there are concrete indications that the person concerned is a danger to national security (ten years).
Th ese criteria are regularly amended or updated. For example, in 2003, the Dutch Minister of Immigration announced in a memorandum on the Dutch expulsion policy with regard to rejected asylum seekers that it would be necessary to intensify
58 Aliens Circular 2000, as amended by Wijzigingsbesluit Vreemdelingenrecht (WBV) 2006/20, Staatscourant 14 July 2006, no. 135, p. 7.
59 Th e original text was: “the person does not cooperate with his identifi cation, the person hides or does not leave within a reasonable time period”.
Brouwer ch-13.indd 458 4/4/2008 5:41:55 PM
Th e Netherlands 459
the use of the SIS for tracking persons staying illegally in the Netherlands after their removal.60 Based on a parliamentary resolution adopted in 2004, the crite-rion under (a) has been amended for this purpose.61 Whereas, according to the original text, a person could only be registered for one year in the NSIS following a second removal within two years, third-country nationals can already be r egistered after their fi rst removal and for two years instead of one year.
Th e criteria listed under (b) and (h) were added in 2003 and 2004 respectively.62 Th e registration of third-country nationals suspected but not convicted of a crime related to the smuggling of drugs is used especially to facilitate the return of drugs couriers who arrive at Schiphol airport. Th e criterion mentioned under (h) concerns third-country nationals who are suspected of having connections with terrorist networks. Th e decision to report a person ‘as a suspected terrorist’ in the NSIS can be based on a report by the Dutch intelligence and security agency. However, the explanatory memorandum to this amendment clarifi es that this decision also can be based on other grounds, including the reports of foreign intelligence and security agencies.
In her explanatory memorandum, the Minister of Immigration also referred to the duties of Member States pursuant to UN Security Council Resolution 1373 . Th is Resolution requires states to enhance their border controls in the fi ght against terrorism. In general, one can question whether the reporting of ‘suspected terrorists’ in the SIS for the refusal of entry is an effi cient tool in com-bating terrorism. Th e same Resolution also calls upon states to prevent the com-mission of terrorist acts by bringing those persons to justice. It might have been more appropriate to register the persons in the NSIS on the basis of Article 95 (extradition) or 99 (secret surveillance), rather than on the basis of Article 96 CISA, but this issue has not been discussed.63
In July 2006, the highest Dutch administrative court ruled that a confi dential report by the national security and intelligence service (AIVD ) can form a suffi -cient basis for the decision to report the person in question as an ‘unwanted person’, even if the report itself was not made available to this person.64 It was, however, emphasised that the use of the confi dential report was justifi ed in this
60 Handelingen Tweede Kamer 2003–2004, 29 344, no. 1, p. 14. 61 WBV 2005/29. 62 TBV 2003/9, 17 March 2003 and the decision of the Minister of Immigration to amend the Aliens
Circular 2000, 15 September 2004, published in Staatscourant 22 September 2004, no. 182, p. 10. 63 See also my earlier comments to this amendment of the Aliens Circular 2000 in: Migrantenrecht
9/10, 2004, p. 371. 64 Afdeling Bestuursrechtspraak Raad van State, 4 July 2006, case no. 200602107/1, LJN:
AY3839.
Brouwer ch-13.indd 459 4/4/2008 5:41:55 PM
460 Chapter 13
particular case. Th e person concerned had only denied the content of the ( available) information forwarded by the AIVD and had not submitted any further information to support his view that this information was wrong.
In some of the categories mentioned above, the general limit of three years for the storage of data, as envisaged in Article 112 CISA, expires before the national time limit given in the Aliens Circular. According to the applicable rules of the CISA, in those cases, the Dutch authorities must explicitly request the C.SIS to extend the retention period.
3.3. Practical Implementation and Use of the NSIS
3.3.1. NSIS: Responsibility and CoordinationOverall responsibility for the NSIS and SIRENE is in the hands of the Dutch National Police Services (Korps Landelijke Politiediensten, hereafter the KLPD ). Th is organisation falls under the responsibility of the Minister of the Interior. Th e KLPD is responsible for the storage and use of data in the NSIS, including data for criminal investigation purposes, on missing persons, stolen goods and on third-country nationals. Th e Dutch Immigration and Naturalisation Department (Immigratie- en Naturalisatie Dienst, hereafter the IND ) is respon-sible for the registration and coordination of registrations of third-country nationals. Th e IND falls under the competence of the Minister of Immigration (since 2007, the Ministry of Justice). As we will see below, this shared responsi-bility has consequences for how applications for access to SIS information are being handled.
Th e Dutch NSIS is linked to the automated municipal population register (Gemeentelijke Basisadministratie or GBA ), regarding the registration of stolen or missing identifi cation documents. Since March 1998, a link has also been main-tained with the national Agency for Road Traffi c (Rijksdienst voor Wegverkeer – RDW) in cases concerning data on stolen or missing driving licenses.
3.3.2. Procedure for Registration in the NSISBefore the SIS became operational, third-country nationals to be refused entry or persons reported as missing were registered in the Dutch national investigation fi le (Nationaal opsporingsregister or OPS ). Anticipating the start of the SIS, on 27 July 1993 the Dutch Minister of Justice issued instructions to the national police authorities with regard to the reporting of third-country nationals in the OPS and the NSIS.65 With regard to the input of data into the NSIS, the Dutch government decided to report only those data relating to facts occurring after the date the SIS became operational, i.e. 26 March 1995. Th is measure, not to copy
65 Letter of 27 July 1993, 376416/93/DVZ, TBV 75–1.
Brouwer ch-13.indd 460 4/4/2008 5:41:55 PM
Th e Netherlands 461
the ‘old’ OPS data into the NSIS, would ensure that the SIS records were “as clean as possible”.66 Th is decision was made at a time when it had been established that the data stored in the Dutch police fi les were often inaccurate, wrong or wrongly spelled.67 Th erefore the Dutch authorities started to clean up these fi les in order not to ‘contaminate’ the new NSIS fi les with the old information from the police fi les. To prevent duplicate registration, third-country nationals registered in the NSIS are no longer recorded in the OPS.68 Th e timing of the measures to be adopted for the implementation of the CISA almost coincided with the reorgani-sation of the national police force.69 Th e police reorganisation included a decen-tralised structure with more responsibilities assigned to the regional police forces.70 Initially, based on this decentralised structure, the diff erent regions applied diff er-ent criteria for the registration of data in the NSIS. After this practice had been criticised by the Court of Auditors in 1997 (see below, section 3.5), the central government issued instructions to the regional departments with regard to the input of data into the Dutch NSIS. Th is resulted in a more uniform and structured organisation of the input of data into the NSIS.
Whenever a national immigration offi cer or a border guard considers that a person meets the criteria of the Dutch Aliens Circular 2000, the IND should always be asked to report this person in the NSIS. For this purpose, a special form is used (Model M93). Th e Dutch Aliens Circular (A3/9.6.1) provides that an offi cer using this form should forward the fi ngerprints of the third-country national and, if available, copies of the identity documents to the IND. Th e cur-rent storage of third-country nationals in the SIS is coordinated by fi ve regional coordinators of the IND. Th e IND will contact the regional coordinator, who will decide whether the alert will be submitted to the NSIS. Since 1999, a national coordinator has supervised the criteria used by the regional units to enter a person into the NSIS. When the IND approves the alert regarding a third-country national, the form is forwarded to SIRENE . Th e SIRENE offi cers formally have to check whether the entry is in conformity with the provisions of the CISA and whether the person has not already been reported by other
66 Handelingen Tweede Kamer 1995–1996, 19 326, no. 140. 67 Trouw 30 November 1993. Letter from the Minister of Justice, 5 March 1997, Handelingen
Tweede Kamer 1996–1997, 25 200, no. 3, p. 2. 68 Article A3/9.1.3 Aliens Circular 2000. 69 Police Act of 9 December 1993, Staatsblad 1993, no. 724. 70 Meanwhile, based on a legal proposal in 2004, Dutch policy-makers agreed to return to a more
centralised approach by the police, with more powers for the central government. Proposal to amend the Police Act of 1993, of 1 September 2004, Handelingen Tweede Kamer 2003–2004, 27 904, no. 1–3.
Brouwer ch-13.indd 461 4/4/2008 5:41:55 PM
462 Chapter 13
Schengen states. Th e requests from Dutch authorities for additional information on a SIS report are forwarded by the regional coordinators to SIRENE.
3.3.3. Article 96 Hits and Internal and Border ControlsTh ere are diff erent procedures to be followed by immigration or border control offi cers with regard to third-country nationals who generate a hit in the NSIS or the Dutch OPS . Th e Aliens Circular 2000 identifi es the procedure following a hit during border control, during checks for immigration controls within the national territory and during the application for a residence permit or asylum . In general, a Dutch offi cer should report every hit he or she fi nds concerning a person when consulting the NSIS to their national SIRENE offi ce.71
Th e Dutch Military Police (Koninklijke Marechaussee), under the responsibility of the Minister of Defence, is tasked with border controls, internal immigration control (mobiel vreemdelingentoezicht) and with certain tasks in the asylum pro-cedure. With regard to the two former tasks, Military Police offi cers have access to the NSIS and, if they fi nd a hit for a third-country national, they will contact the IND . Military Police offi cers will also have to contact the IND when dealing with a third-country national who meets the criteria for a NSIS alert and who should be recorded in the NSIS.
Persons encountered at border posts and registered in the SIS or the Dutch OPS for the purpose of refusal of entry should in principle be refused entry. Only if the person concerned falls within certain categories, should the border offi cer consult the IND .72 Th ese categories include, for instance, EU/EEA or Swiss nationals (this only applies to hits based on the OPS), third-country nationals who claim they have a long-term residence permit and persons whose refusal of entry would be in confl ict with serious humanitarian interests. Also, if an important Dutch interest is at stake, the IND should be consulted fi rst. If a person applies for asylum at the borders, the IND will be asked to handle the asylum application. If a person has a legal residence permit but is reported in the NSIS, the border offi cials will have to inform both the Dutch SIRENE offi ce and the IND but, in principle, will have to grant this person access to Dutch territory. Only in cases of doubt about the residence status of the third-country national, the border police are obliged to consult the responsible authority.
Persons checked while on Dutch territory during an immigration control and registered in the NSIS will be transferred to a local police station or to the Military Police, where they can be detained in order to be expelled as soon as possible from the Netherlands.
71 See A3/9.3, 9.4, and 9.5 Dutch Aliens Circular 2000 (according to the text applicable in 2006). 72 A2/5.5.1 of the Aliens Circular 2000.
Brouwer ch-13.indd 462 4/4/2008 5:41:56 PM
Th e Netherlands 463
With regard to third-country nationals applying for a residence permit, the Aliens Circular 2000 describes four situations. Firstly, if the application concerns a third-country national without a legal residence permit who is reported in the NSIS, he or she should be expelled from the Schengen territory. Th e offi cer involved should inform the IND . Secondly, if the person applies for a residence permit and is reported by the Dutch authorities, the IND should decide on the application. If the IND issues a negative decision and there are no legal reme-dies left against this decision, the person should be expelled. If the IND issues a residence permit, the SIS alert should be deleted. Th irdly, if a person applies for a residence permit, but has been reported by another Schengen State, the IND must consult the other State on the basis of Article 25 CISA, to decide whether the third-country national should be granted a residence permit. During this procedure, the person receives a special form stating that he or she has applied for a residence permit.73 If the residence permit is refused and legal remedies against this refusal are no longer available, this person must be expelled. Finally, if a third-country national has a valid (temporary) residence permit for the Netherlands but has been reported by another Schengen state, the IND will also apply the Article 25 CISA procedure. Th e authority dealing with the third-country national will have to check the lawfulness of the residence permit. If it is clear that the residence permit has been issued correctly, the third-country national will be entitled to remain in the Netherlands. If the report in the SIS concerns a third-country national who applies for asylum , Dutch border offi -cials will have to forward this application to the IND. Only in cases where the offi cials have doubts about the legal status of this person, are they obliged to contact the responsible authorities.
To summarise, a SIS report based on Article 96 CISA should only result in an automatic refusal of admission or in expulsion if this person has no valid residence permit, does not fall within the special categories described above and does not fi le an application for asylum . In the latter situations, the responsible authorities will have to contact the IND , examine the application for asylum or admission or give leave to enter Dutch territory. In 2000, the Secretary of State for Justice told the Parliament that, in each individual case, the national authorities would have to assess whether a record in the NSIS would be a suffi cient reason to refuse this person admission to the Netherlands.74 Four years later, during the parliamentary debate on terrorism and immigration policy, the Dutch Minister of Immigration submitted a more stringent interpretation of a SIS alert. According to the Minister, when it has been established, “for example on the basis of a NSIS alert to be
73 D44, TBV 1995/6. 74 Handelingen Tweede Kamer 1999–2000, 26 732, no. 12, p. 25.
Brouwer ch-13.indd 463 4/4/2008 5:41:56 PM
464 Chapter 13
refused entry” that the person concerned is a danger to public order and security, this person must and in practice shall be refused admission.75 As we will see below, the Minister of Immigration also advocated this ‘automatic eff ect’ of foreign SIS reports on third-country nationals before the Dutch court in the case of Mr. and Mrs. Moon.
3.3.4. Article 96 Hits and Visa ApplicationsTh e Dutch rules on issuing visas are regulated in the Aliens Circular 2000.76 Th e offi cials at the Dutch embassies and consulates generally submit a visa application to the Visa Agency (Visadienst) in Th e Hague. Formally, this Visa Agency acts on behalf of the Minister of Foreign Aff airs. Its offi cials and employees, however, operate within the premises and organisation of the IND , under the responsibility of the Minister of Justice (formerly Minister of Immigration). In cases of doubt, political sensitivity, or with regard to certain nationalities (for example China and Iran), applications for short-stay visas should always be submitted to the Visa Agency. In general, long-stay visas (or machtiging tot voorlopig verblijf, hereafter mvv) may only be issued if the Visa Agency has approved the application.77 Staff members of the embassies and consulates do, however, take responsibility for issu-ing visas to third-country nationals. Th erefore, it is possible that, even if the Dutch Visa Agency or immigration authority has given leave to issue a visa to a certain third-country national, the staff of the embassy may still decide to reject the visa application based on the fact that this person has been reported in the SIS.78 Th e embassies obtain monthly updated versions of the NSIS fi les on CD-ROM. Th is means that, during the period between updates of this CD-ROM, embassies will be working with outdated fi les. Th is problem could be resolved if every Dutch embassy obtained direct access to the NSIS through an international IT network.79 However, in 2006, most of the embassies and consulates were still receiving their information from the CD-ROMS.80
3.4. NSIS and Article 96: Facts and Figures
Th e Dutch government does not publish any data on the practical use of the NSIS. Th is means that there is no information on the numbers of alerts stored in
75 Handelingen Tweede Kamer 2003–2004, 27 925, no. 118, p. 9. 76 See for a general overview: A. Kuijer, J.D.M. Steenbergen (2005), p. 62 ff . 77 B1/1.1.2 Aliens Circular 2000. Only some consular posts are empowered to issue visas
autonomously. 78 As we will see in section 8.5, the responsibility of the embassies themselves has been acknowledged
by the National Ombudsman. 79 Reaction by the Minister for Immigration to the report of the Court of Auditors on the visa policy
(see below), Handelingen Tweede Kamer 2003–2004, 29 260, no. 1–2, p. 74. 80 Th is has been confi rmed by an offi cer of the IND .
Brouwer ch-13.indd 464 4/4/2008 5:41:56 PM
Th e Netherlands 465
the NSIS between 1995 and 2006, the number of hits based on those alerts or how many third-country nationals were refused entry, a visa or a residence permit on the basis of a SIS report.
From the fi gures from the CSIS Exploitation team, it appears that the number of third-country nationals reported by the Dutch authorities has increased con-siderably from 9,363 in 2003 to 15,377 in 2005.81 In 2005, of all the SIS alerts on persons issued by the Dutch authorities, 89% concerned third-country nationals to be refused entry on the basis of Article 96.
3.5. Audit Report By the Court of Auditors
In January 1997, the Dutch Court of Auditors (Algemene Rekenkamer) published a report on the practical use of the national Schengen Information System.82 Th e Court of Auditors started this audit because of “the far-reaching consequences of the use of the NSIS for the law and for individual citizens”, as well as in response to reported problems within the CSIS system in Strasbourg. Th e central questions raised during this inquiry were:83
– whether the national section of the SIS provided for the necessary technical and functional requirements to ensure an effi cient use of the NSIS;
– whether data for the NSIS were submitted correctly and completely;– whether the available data in the NSIS were used systematically; and– whether there were practical problems and, if so, how they were resolved.
Th e report by the Court of Auditors on the NSIS was important for several reasons. In the fi rst place, the organisation criticised the lack of information on the eff ects of the use of the NSIS. According to the Court of Auditors, no pro-cedures were in place to record the results of the alerts and the eff ects of the SIS for police purposes.84 Th e only information available concerned Article 96 reports. According to the IND , cited in this report, 80% of the 109 foreign hits on reports forwarded by Dutch authorities resulted in a refusal of entry or even expulsion by the authorities in other Schengen states. In 48% of the 570 hits based on foreign reports, a hit would have led to refusal of entry by the Dutch authorities. In 103 cases, the state which reported the person to the SIS was asked to withdraw this alert because the Dutch authorities wanted to give leave to enter to the person concerned. Th ese numbers concerned the period between 1995 and 1996.
81 Reports of the C.SIS Exploitation team including data as from 1 January 2003 and 1 January 2005 (unpublished).
82 Handelingen Tweede Kamer 1996–1997, 25 200, no. 1–2. 83 Audit report, p. 8. 84 Audit report, p.15.
Brouwer ch-13.indd 465 4/4/2008 5:41:56 PM
466 Chapter 13
According to the Court of Auditors, the 25 regional police forces applied diff erent criteria with regard to the entry of data into the NSIS. With regard to Article 96 entries, the Court of Auditors found that, in many regional police forces, the possibility for recording third-country nationals into the NSIS was unknown. In many cases, the Court of Auditors found that immigrants with a Dutch residence permit were reported by other Schengen States, especially Germany. Furthermore, the Court of Auditors established that more than 7,000 Dutch offi cials were authorised to retrieve information from the NSIS and more than 500 were allowed to change the data in the NSIS. In relation to these fi ndings, the Court of Auditors stressed the importance of the integrity of the users.
Th e Court of Auditors advised the government to take measures to facilitate an effi cient data policy, to coordinate the use of the NSIS and to develop national criteria for the input of the SIS data. Furthermore, it would be necessary to develop a policy for the use of the NSIS in the fi eld of border control by the Dutch police, to clean the national police fi les and to add relevant information from these fi les to the NSIS. It is important to note the conclusion of the Court of Auditors that, due to a lack of information on the current measures taken follow-ing hits, it would be diffi cult to reach general conclusions on the practical eff ects and effi ciency of the SIS. Th is lack of information on the effi ciency of use of the NSIS has been questioned as well by the Dutch parliament. Following a request from a member of parliament, the Minister of Justice promised to provide the Dutch parliament with a report every six months, containing information on the functionality and use of the NSIS.85 Earlier in the parliamentary discussions, the Minister of Justice stated that the Dutch police would submit data monthly concerning the hits and alerts in the SIS to the IND and that both organisations would discuss the meaning of this information.86 To my knowledge, between 1997 and 2006 no such reports were forwarded to the parliament.
Th e investigation by the Court of Auditors took place between 1995 and 1996, which means it covered the fi rst years of operation of the SIS. As the Court of Auditors admitted in its report, the failings found in the operation of the NSIS could be considered “childhood diseases”, normal in every new system. Th e fact that the problems in question were unveiled by the Court of Auditors at this early stage can be seen as an advantage of the practical operation of the NSIS. Th e audit prompted the authorities to coordinate the use of the NSIS and to solve these problems. In response to the parliamentary debate on this report, in March 1998 the Minister of Justice announced the measures which had been taken with regard to the entry of data into the NSIS, eff ective data policy and
85 Handelingen Tweede Kamer 1996–1997, 25 200, no. 6, p. 8. 86 Handelingen Tweede Kamer 1996–1997, 25 200, no. 4, p. 4.
Brouwer ch-13.indd 466 4/4/2008 5:41:56 PM
Th e Netherlands 467
security measures.87 Unfortunately, since 1997, there has been no such overall and complete audit of the use of the NSIS in the Netherlands.
In 2003, the Court of Auditors published an audit report on the Dutch imple-mentation of the Schengen visa policy.88 In this report, the Court of Auditors dealt briefl y with the use of the NSIS with regard to the issue of visas. Th e Court of Auditors criticised the fact that Dutch embassy offi cers did not adequately check international and national fi les with regard to visa applications, including the NSIS. Among other things, the Court of Auditors found that the national database on visa applications (see below) was not systematically used or updated by the various consular posts.89 According to this report, of the 15,000 third-country nationals who were refused entry at the borders in 2002, 1,789 persons had a valid Schengen visa. Twenty-seven persons in this latter group were reported in the SIS and, in eight cases, the visas had been issued by Dutch embassies or consulates. Commenting on these data, the Court of Auditors concluded that, in these eight cases, the Dutch authorities failed to act in accordance with the appli-cable rules with regard to the SIS. Th e Court of Auditors did not consider the possibility that there could have been other legal grounds for issuing the visas to the persons concerned.
3.6. Audit Report of the Dutch Data Protection Authority
Th e Dutch Data Protection Act (see section 5 below) provides for a national supervisory body, entrusted with supervising the NSIS. In December 1998, this Dutch Data Protection Authority (College Bescherming Persoonsgegevens, hereafter CBP) published a report on the audits of the NSIS and SIRENE during 1997 and 1998.90 Th is audit dealt in particular with security issues. Th e central aims of this audit were very general: to investigate the protection of privacy of the NSIS and SIRENE and to assess which measures and procedures are available to pro-tect integrity, exclusivity and availability.91 Th e audit did not deal with Article 96 alerts in the SIS. Th e information was gathered from visits by members of the CBP to the premises of the Dutch police and from written questions submitted to the o rganisations concerned. Th e CBP visited the KLPD , the SIRENE offi ces and one of the regional police forces. Before publishing the report, the CBP
87 Letter of 11 March 1997, Handelingen Tweede Kamer 1996–1996, 25 200, no. 4. 88 Report of 23 October 2003, Handelingen Tweede Kamer 2003–2004, 29 260, no. 1–2. Th ere
has been a second evaluation by the Court of Auditors on the implementation of its recommen-dations, November 2004.
89 Handelingen Tweede Kamer 2003–2004, 29 260, no. 1, p. 40. 90 Privacy audit NSIS, Rapport no. 97.U.189, December 1998, Th e Hague: Registratiekamer. 91 See p. 4 of the report.
Brouwer ch-13.indd 467 4/4/2008 5:41:56 PM
468 Chapter 13
allowed these organisations to respond to the conclusions and to describe what improvements could be made. Th ese responses are included in the report of December 1998.
In its fi ndings, the CBP emphasised that there were serious shortcomings in the fi eld of formalisation, implementation and the control of the procedures of data processing and management. Th e CBP also criticised security policy and –planning, the control of logical access to the systems and the administrative organisation of the use of the system and its information. According to the CBP, there were too many users with insuffi cient knowledge of the relevant privacy regulations and seven ‘super users’ (technicians who, in the exercise of their work, have access to all the SIS fi les and clearances), where three would have been enough. Th e CBP also discovered that it was possible to gain unauthorised access to the NSIS databases.
Th e Ministry of Justice and the police force involved stated in their response that measures were undertaken to repair the shortcomings described in the audit report. According to the CBP, two alerts in the SIS were deleted by the CSIS after expiry of the time limit, without prior notifi cation to the originating authorities. Th e CBP recommended that the authorities improve the manage-ment of expiring alerts. In reaction to this fi nding, the KLPD informed the CBP that a list of expiring alerts is periodically submitted by SIRENE to the regional police stations. Furthermore, the CBP noted that the SIRENE offi ce did not check the legality of requests concerning SIS information. Th e CBP advised doing this periodically. In 2000, there was limited follow-up of the 1998 audit, however, the results of this were not published. Since 2000, no other audits have been undertaken due to a lack of fi nancial and practical means.92
In 2004, the Dutch CBP submitted a report on the implementation of Article 96 CISA to the Schengen Joint Supervisory Authority.93 Th is report which, was not very detailed, will be discussed in section 5.5 below.
4. Intermezzo: Dutch Policy with Regard to the Administration of Data on Th ird-Country Nationals
4.1. General Administration of Immigrants
Since 1994, public authorities dealing with third-country nationals have been required to exchange their data with the Dutch Immigration and Naturalisation
92 According to a spokesman for the CBP. 93 Annual report of the CBP for 2004, p. 53.
Brouwer ch-13.indd 468 4/4/2008 5:41:56 PM
Th e Netherlands 469
Department, and vice versa.94 Th is mutual exchange of data on third-country nationals was facilitated by the establishment of a general database on third-country nationals (Vreemdelingen Administratie Systeem, hereafter the VAS). Th is system has been operational since the end of 1995 and was linked to the civilian population administration held by the municipal authorities (Gemeentelijke Basis Administratie or GBA ). On 15 June 2003, the VAS was incorporated into the so-called Common Immigration Network (Basis Voorziening Vreemdelingenketen, hereafter the BVV).95 Th e BVV is a system providing diff erent organisations involved in immigration policy with access to the personal and administrative data of 2.5 million third-country nationals. Th is system holds diff erent data fi les, including:
– a personal registration fi le with name, address, nationality, date and place of, etc.;– an index fi le, including references to every decision or measure which has
been taken with regard to the third-country national;– a ‘card’ system, including documents which have been issued by Dutch
authorities to the person concerned;– a ‘document’ fi le, including documents which have been issued by foreign
authorities; and– a biometric fi le, including fi ngerprints, photographs and the signature of the
person concerned.
In principle, the BVV contains information on every third-country national admitted or holding a residence permit, except short-term visitors who are admit-ted on the basis of Article 12 of the Aliens Act 2000 and who are not obliged to report to the national authorities within three days of their entry into the Netherlands. Tourists and other third-country nationals admitted for a period of up to three months and EU nationals are not registered in the BVV.96 Th e establishment of the biometric fi le within the BVV is a measure taken by the Dutch government in the light of the future implementation of VIS.97
With regard to visa applications, embassies and consular authorities report each visa issued into the Dutch visa information system (abbreviated to VIS, not to be confused with the VIS at EU level).98
94 Th is obligation was based on Article 48 of the Aliens Act 1994, this is now regulated in Article 107 of the Aliens Act 2000.
95 Staatscourant 13 June 2003, no. 111. Th e BVV is regulated in section A1/6.3 of the Aliens Circular 2000.
96 Articles 4.47 and 4.48 of the Aliens Decree 2000 and Article A3/7.6 of the Aliens Circular 2000. 97 Handelingen Tweede Kamer 2004–2005, 22 112, no. 364. 98 Handelingen Tweede Kamer 1999–2000, 26 106, no. 2, 25 October 1999.
Brouwer ch-13.indd 469 4/4/2008 5:41:56 PM
470 Chapter 13
A special measure of Dutch immigration law policy is included in the so-called Linking Act (Koppelingswet) of 1998.99 Th is law was established to prevent the use of social security, housing or fi nancing facilities, medical care and other public facilities by individuals who are residing irregularly in the Netherlands.100 If a person is not registered with the Dutch municipal police, population or immigrant fi les, this person generally should not be given access to one the facilities mentioned above. Unlike the NSIS, which is based on the principle that registration means exclusion, one could say that the Dutch Linking Act is based on the principle that registration means inclusion. Th e implementation of this law is closely related to the establishment and improvement of the computerised national fi les.101
4.2. Th e Use of Biometric Data
4.2.1. Th ird-Country Nationals and their BiometricsIn the Netherlands, fi ngerprints are taken of every third-country national applying for asylum . Th is practice was formalised by Royal Decree in 1994.102 Th e fi nger-prints of asylum seekers and third-country nationals who cannot be identifi ed are recorded in the national ‘HAVANK system’. HAVANK is linked to the BVV and, with regard to the data on asylum seekers, to Eurodac as well. Article 54 Aliens Act 2000 requires a third-county national to provide the national authorities with certain information and to cooperate with identifi cation measures. Details of this obligation have been elaborated in Article 4.45 Aliens Decree 2000. If requested, the third-country national must provide an accurate photograph and, if the immigration offi cer considers this necessary, he must cooperate in having his photograph or fi ngerprints taken. As we have seen in the previous chapters, based on forthcoming EC laws, every visa applicant planning to seek entry to the Netherlands will have his or her fi ngerprints taken and stored in the European VIS. Th e establishment of VIS was fully supported by the Dutch government, partly because of the major role this system could play in its expulsion policy since it would contain biometric data on every visa applicant.103
According to the general rule, a third-country national who is not an asylum seeker can only be asked to have his photograph or fi ngerprints taken if this is
99 Staatsblad 1998, no. 203. 100 P. Minderhoud, Th e Dutch Linking Act and the Violation of Various International Non-
Discrimination Clauses, European Journal of Migration and Law 2000, p. 185–201. 101 See also E. Brouwer, Registratie van gegevens en de Koppelingswet, Migrantenrecht 5–6, 1998,
p. 168–174. 102 Royal Decree (Koninklijk Besluit) 30 December 1993, Staatsblad 1994, no. 8. 103 Handelingen Tweede Kamer 2003–2004, 29 344, no. 1, p. 13.
Brouwer ch-13.indd 470 4/4/2008 5:41:56 PM
Th e Netherlands 471
considered necessary by the offi cer in charge. Th is rule has its origins in a decision of the Dutch Supreme Court (Hoge Raad ) of 1993.104 In this judgment, the Supreme Court dealt with a claim from a woman who held both British and Nigerian nationality and her Nigerian partner, whose fi ngerprints were taken during an identity check. Th e Supreme Court condemned the behaviour of immigration offi cers because not only had they unlawfully withdrawn the pass-ports of the applicants, they had also taken their fi ngerprints. Via Interpol , these fi ngerprints were transferred to other States. Th e Supreme Court emphasised that the taking and processing of fi ngerprints represent a breach of the right to private life as protected in Article 8 (1) ECHR. If the person in question obtains a valid passport or comparable document which proves his identity, it would only be appropriate under exceptional circumstances to take his or her fi nger-prints. Even if there are grounds for believing the passport or document to be fake or falsifi ed, the national authorities would still have a duty to consider other means of fi nding out whether the document is genuine or not, before taking fi ngerprints.
In the light of the developments since 1993, it would be interesting to fi nd out whether the Supreme Court would uphold this interpretation of Article 8 ECHR. Recent developments, at both EU and national levels, illustrate that there is a shift in thinking about the scope of the right to private life and the question of whether the taking of fi ngerprints constitutes a breach of that right. Whereas, in 1993, there was general agreement that the taking of fi ngerprints was an intrusive meas-ure, currently this measure seems to be considered an appropriate identifi cation tool for all kinds of reasons. Th is applies not only in the fi eld of criminal investigation, immigration or asylum policy, but also in the private sector and for securing passports and ID documents by every EU citizen.
4.2.2. Shared Use of Data on Criminals and Asylum SeekersTh e aforementioned HAVANK system is also used for criminal investigation purposes. Initially, the fi ngerprints of asylum seekers were automatically com-pared to the available data in HAVANK. Th is comparison was meant not only to assess whether the person had previously applied for asylum, but also to check whether the asylum applicant posed a risk to public order and security.
Before 21 October 2001, every time police offi cers or public prosecutors used HAVANK for criminal investigation purposes, the fi ngerprints of the recorded asylum seekers were automatically checked as well. As we saw in Chapter 7, Article 6 (1) b of EC Directive 95/46 on the protection of personal data prohibits
104 Hoge Raad 19 February 1993, no. 14917 in: R. Fernhout and J.D.M. Steenbergen, Rechtspraak Vreemdelingenrecht 1993, Nijmegen: Ars Aequi Libri 1994, no. 70.
Brouwer ch-13.indd 471 4/4/2008 5:41:56 PM
472 Chapter 13
information processed for one purpose from being automatically used for other, not explicitly defi ned purposes. According to this principle, personal data stored for immigration law purposes cannot be used for other purposes, such as crimi-nal investigations. Since the new Dutch Data Protection Act implementing this EC Directive entered into force on 1 September 2001, the Dutch Minister of Justice was obliged to take measures to stop this combined use of HAVANK.105 In December 2001, the Minister of Justice described the new practice to be followed with regard to the use of fi ngerprints of third-country nationals for law enforcement purposes with eff ect from 25 October 2001.106 Under the new situ-ation, law enforcement authorities are only granted access to data regarding third-country nationals if they can establish concrete reasons to believe that the suspect is a third-country national. Since 2001, this criterion has been extended twice by the Minister of Justice. In the fi rst place, according to a letter from the Minister of Justice, law enforcement authorities may check the information on third-country nationals in HAVANK during criminal investigations with regard to serious crimes aff ecting ‘the social legal order’ (maatschappelijke rechtsorde).107 In these situations, the condition that reasonable doubt must exist that the suspect is a third-country national does not apply. Examples of such crimes, mentioned by the Minister, include murder, rape or terrorist acts with potentially serious eff ects. Secondly, in his answers to parliamentary questions, the Minister of Justice clarifi ed that law enforcement authorities could also have access to data on third-country nationals if they were being sought as witnesses.108
In January 2002, some members of parliament expressed their disappointment with the fact that data on third-country nationals in HAVANK were no longer automatically accessible for both immigration law and law enforcement purposes.109 It was proposed that the Dutch Aliens Decree be amended, by adding a sentence stating that the data taken from immigrants or asylum seekers will also be used for criminal investigation purposes. Th is proposal was rejected by the Dutch Minister of Justice, since it would be contrary to international data protection principles.110
105 Handelingen Tweede Kamer 2000–2001, 19 637, no. 583. See also Petra Catz on the parliamen-tary discussion on the use of fi ngerprints, Th e Netherlands: Small steps on beaten tracks, in: Brouwer, Catz & Guild (2003), p. 65–66.
106 Handelingen Tweede Kamer 2001–2002, 19 637, no. 635, 10 December 2001. 107 Letter of the Minister of Justice, 22 January 2002. Handelingen Tweede Kamer 2001–2002, 19
637, no. 645, p. 3. 108 Handelingen Tweede Kamer 2001–2002, 19 637, no. 663, 12 April 2002, p. 3. 109 Handelingen Tweede Kamer 2001–2002, 19 637, no. 642, 18 January 2002. 110 See also Handelingen Tweede Kamer 2001–2002, 19 637, no. 645, 22 January 2002.
Brouwer ch-13.indd 472 4/4/2008 5:41:56 PM
Th e Netherlands 473
However, as we have seen in Chapter 5, at the EU level the Netherlands supported the proposal to give law enforcement agencies, respectively security agencies access to Eurodac and the VIS.
Between September 2002 and March 2004, there were 101 requests by the public prosecutor to check the HAVANK database of fi ngerprints of third-country nationals for investigation purposes: these requests would have resulted, in 49 cases, in the identifi cation of the person concerned.111
4.2.3. Storing Biometric Data for Expulsion PurposesIn 2003, the Dutch government proposed the use and scanning of biometric data from asylum seekers by airlines for the purpose of facilitating the return of rejected asylum seekers.112 Th e scanning of their fi ngerprints, in combination with the duty of air carriers to make a copy of travel documents, would make it much easier to establish the identity of these asylum seekers and the airline on which the person travelled to the Netherlands. Th e government recognised that a legal basis would be necessary for such a measure, since it would infringe the right of privacy of the individuals concerned. Referring to “the justifi ed fear of illegal immigration”, the government found such a measure necessary and proportional.
A pilot project was launched in June 2005 in Lagos, where International Liaison Offi cers take fi ngerprints from immigrants before they board an aeroplane to the Netherlands.113
4.2.4. Biometrics and Passports and Identity CardsTh e Netherlands, together with Germany, Italy and the UK, can be considered one of the forerunners with regard to the development of a passport that includes biometric data. Even in 1998, the Dutch government proposed including bio-metrics in the national passport. During discussions with the government, in June 2001 the Dutch parliament agreed with the proposal to enter biometrics into Dutch passports to fi ght identity fraud.114 A draft proposal for a new pass-port including biometric data was submitted to the Dutch Parliament in April 2002.115 However, the technical development of this passport and the ongoing discussions at international level on the choice of biometric features hampered
111 Answers by Minister of Justice to parliamentary questions, Handelingen Tweede Kamer 2003–2004, Aanhangsel, no. 1527.
112 Handelingen Tweede Kamer 2003–2004, 29 344, no. 1, p. 13. 113 Handelingen Tweede Kamer 2004–2005, 29 344, no. 43, see also Rapportage Vreemdelingenketen
mei t/m augustus 2005, 1 November 2005, Annex to Handelingen Tweede Kamer 19637, no. 986. 114 Handelingen Tweede Kamer 2000–2001, 25 764, no. 17. 115 Handelingen Tweede Kamer 2001–2002, 28 342, no. 1.
Brouwer ch-13.indd 473 4/4/2008 5:41:56 PM
474 Chapter 13
the fi nal decision-making. Implementing Regulation 2252/2004 on the EU pass-port, the Dutch government fi nally decided to introduce the electronic passport on 26 August 2006.116
4.3. Immigration Files, Border Control and the Fight against Terrorism
In response to a recommendation by the Advisory Committee of Immigration Aff airs on Immigration Policy and Anti-Terrorism Measures, the Dutch govern-ment decided to launch a feasibility study into the possibility of including a “national security test” in the regular immigration procedure. Th is would mean that, using risk profi les and matching diff erent databases, every application for admission would be checked against the risks to national security.117 One of the proposed measures was to give the Dutch Intelligence and Security Agency access to the central aliens administration, the BVV. In 2006, in a policy note on the use of border controls in the fi ght against terrorism, the government emphasised the necessity of linking dif-ferent databases and the use of biometrics.118 In this note, the government also stressed the importance of ‘screening’ visa applications using biometrics and by defi ning the nationalities and categories of person whose visa applications would have to be forwarded to the national intelligence and security agency.
In a letter dealing with the policy of tracing suspected terrorists on its territory, the Ministers of the Interior and of Justice stated that, “Th e collection, matching and analysis of information on groups of persons is the key to preventing terrorism”.119 In its response to this letter, the Dutch Data Protection Authority or CBP explicitly disagreed with this new policy. Th e CBP warned against merging the tasks of the police and the intelligence and security agencies and was especially concerned about the protection of a large group of non-suspects.
Th e new emphasis on ‘data control’ resulted in other proposals for the use of biometrics, including the use of DNA materials. In a letter of 7 June 2004, the Minister of Justice proposed the compulsory storage of biometric data from every person using a false identity. On the same occasion, the Minister supported “random public and private identity controls” in the fi ght against identity fraud.120 According to the Minister, this would mean that persons using a false identity
116 Handelingen Tweede Kamer 2005–2006, 25764, no. 30. 117 Press release, Ministry of Justice, 24 October 2003. 118 Letter from the government on the use of border controls in the fi ght against terrorism,
3 February 2006 Handelingen Tweede Kamer 2005–2006, 30 315, no. 3. 119 Letter of 10 September 2004, Handelingen Tweede Kamer 2003–2004, 29 754, no. 1. Th e letter
of the Data Protection Authority of 22 September 2004 can be downloaded from http://www.cbpweb.nl.
120 Handelingen Tweede Kamer 2003–2004, 29 200 VI, no. 166, p. 2–3.
Brouwer ch-13.indd 474 4/4/2008 5:41:56 PM
Th e Netherlands 475
“would not be able to know, where, when and how they will be caught”. Also in 2004, the Minister of Justice proposed registering the DNA of every (suspected or convicted) criminal in the Netherlands, even in relation to minor off ences.121
As in the other Member States, the urgent need for new security and anti- terrorism measures felt by Dutch politicians was in the fi rst place a reaction to the events of 11 September 2001 and, later, the events in Madrid and London. However, the new focus on internal security was certainly also triggered by the murders of the Dutch politician Pim Fortuyn on 6 May 2002 and of Th eo van Gogh on 2 November 2004. In particular, the murder of Th eo van Gogh, com-mitted by a Dutch national with a Moroccan background, seemed to have changed the political agenda. According to reports by the Dutch Intelligence and Security Agency, Th eo van Gogh’s murderer was a member of a group of young fundamentalist Muslims, preparing further attacks on Dutch soil. Th is fact resulted in new control measures being considered justifi ed, including new methods of risk profi ling, connecting immigration and criminal law data.122
5. Rights and Legal Remedies for Individuals under Data Protection Law
5.1. Background to Dutch Data Protection Law
Th e fi rst Dutch Data Protection Act (Wet Persoonsregistraties) entered into force in 1989.123 Compared to other countries, the Netherlands was certainly no pioneer in the development of data protection law. Th e political debate on the need for data protection law started in 1970–71 in response to civil protests against the proposals for a central population fi le and the use of information technology for a national census. Alarmed by these protests, in 1972 the govern-ment established a National Committee on the Protection of Privacy with regard to the Registration of Personal Data. Th is Koopmans Committee (named after its chairman) was instructed to prepare a recommendation on the need for legislation to protect privacy.124 An important reason for the establishment of this committee was to remove society’s resistance to plans for the computerisation of the
121 Draft decision on the amendment of the Regulation on the use of DNA during criminal inves-tigation, 30 June 2004, just 040640. Th is draft was only questioned by members of the Dutch Senate, Handelingen Eerste Kamer 2003–2004, 28 685, no. C, 7 July 2004.
122 In a letter of 10 November 2004 to the parliament, the Ministers of the Interior and Justice describe the measures they think are necessary, Handelingen Tweede Kamer, 29854, no. 3.
123 Act of 28 December 1988, Staatsblad no. 665, Handelingen Tweede Kamer 2004–2005, 29 854, no. 3. 124 Royal Decree (Koninklijk Besluit) 21 February 1972, no. 70, Staatscourant 1972, no. 43.
Brouwer ch-13.indd 475 4/4/2008 5:41:56 PM
476 Chapter 13
government fi les.125 It took fi ve years for the Koopmans Commission to publish its report, including a draft of a general data protection act. According to the report from 1977, the central conditions of this law were: making data process-ing transparent, protecting the position of data subjects and establishing inde-pendent supervision.126 It was not until 1981 that the government submitted a fi rst draft for a Data Protection Act to the Dutch parliament.127 Th is draft, largely based on the Koopmans draft, was strongly criticised by both parliament and civil society. Th is proposal was considered too centralist and bureaucratic, for example because it required licenses for each registration of personal data. In the private sector, this draft was also criticised because the proposed rules would excessively hinder the use of databases. Another objection was the fact that this draft lacked clear and general principles and did not take into account the new developments in information technology.
In July 1985, the Minister of Justice submitted a second draft for a general data protection act.128 At the time this draft was published, three additional incentives existed for the Dutch legislator to come forward with a proposal. Th e fi rst incentive was the incorporation of the right to privacy with regard to data processing as a basic right in the Dutch Constitution in 1983. Article 10.2 of the Dutch Constitution reads:
1. Subject to the limitations of or pursuant to the law, everyone has the right to privacy.
2. Th e law regulates the right to privacy with regard to the recording and provision of personal data.
3. Th e law regulates the right of individuals to be informed that their personal data is being recorded or used, as well as to correct these data.129
125 As formulated by Ch.J. Enschedé at that time, “without the actions against the census, there would not have been a Koopmans Committee”, in: Het interimrapport-Koopmans: een discussiebijdrage, NJB, 28 September 1974, afl . 32, p. 1030.
126 Eindrapport Staatscommissie Koopmans Privacy en Persoonsregistratie, Th e Hague: Staatsuitgeverij 1977, p. 28.
127 Handelingen Tweede Kamer 1981–1982, 17 207, no. 1–2. 128 Handelingen Tweede Kamer 1984–1985, 19 095, no. 1–3. 129 Article 10:
1. Ieder heeft, behoudens bij of krachtens de wet te stellen beperkingen, recht op eerbiediging van zijn persoonlijke levenssfeer.
2. De wet stelt regels ter bescherming van de persoonlijke levenssfeer in verband met het vastleggen en verstrekken van persoonsgegevens.
3. De wet stelt regels inzake de aanspraken van personen op kennisneming van over hen vastge-legde gegevens en van het gebruik dat daarvan wordt gemaakt, alsmede op verbetering van zodanige gegevens.
Brouwer ch-13.indd 476 4/4/2008 5:41:57 PM
Th e Netherlands 477
Secondly, the ratifi cation of the Data Protection Convention of 1981 required the adoption and implementation of national data protection law. Finally, the development of data protection law in neighbouring countries motivated the Dutch legislator not to wait any longer to adopt a national law, since the lack of a national data protection law would prevent international data exchange with those countries.130
Th e provisions of the new draft for a data protection law were less extensive and more positively received.131 Th e proposal of 1985 was formally adopted in 1989. Th is fi rst Dutch Data Protection Act (Wet Persoonsregistraties) provided for a duty to report personal data records to a central data protection authority, known as the Registration Chamber (Registratiekamer). Standard fi les, such as client or patient records, were exempt from this duty. Th e Data Protection Act diff erenti-ated between private and public fi les. Whereas this draft required self-regulation for fi les in the public sector, the private sector was encouraged to develop specifi c data protection rules. As we will see, the regulations which were drawn up for the NSIS and SIRENE fi les in 1994 were based on this obligation from the former Data Protection Act. Furthermore, the Data Protection Act of 1989 provided for legal remedies for the individual in the civil courts, irrespective whether the data fi le concerned was held by a public authority or a private organisation.
In 1995, it became clear that new legislation would be necessary, in order to implement the provisions of EC Directive 95/46 on the protection of personal data. As we have seen above, this Directive was to be implemented before 24 November 1998. Moreover, in 1995, researchers published two evaluation reports regarding the Data Protection Act of 1989.132 In these evaluations, it was established that the Data Protection Act had relatively little infl uence on the actual behaviour of data subjects and data controllers. Individuals would not be aware of their rights according to the Data Protection Act and they would lack information on the use of their data held by public and private organisations. Th e results of the two evaluations, together with the necessary modifi cations to EC Directive 95/46, formed the basis of the draft of a new legislation.
Th e new Act on the Protection of Personal Data (Wet Bescherming Persoonsgegevens, hereafter the WBP ) entered into force on 1 September 2001.133 Th is was three years
130 Th e treaty was signed by the Dutch government on 21 January 1988; however, it only entered into force for the Netherlands on 1 December 1993, after the Dutch regulation on sensitive data was also adopted, Tractatenblad 1993, no. 157.
131 See, for the parliamentary discussions, Handelingen Tweede Kamer 1984–1985, 19 095, nos. 5 and 8. 132 See J.E.J. Prins et al., In het licht van de Wet persoonsregistraties: zon, maan of ster?, Alphen aan
den Rijn/Diegem: Samsom Bedrijfsinformatie bv. 1995, and G. Overkleeft-Verburg, Wet persoonsregistraties, Norm, toepassing en evaluatie, Zwolle: W.E.J. Tjeenk Willink 1995.
133 Act of 6 July 2000, Staatsblad 2000, no. 302.
Brouwer ch-13.indd 477 4/4/2008 5:41:57 PM
478 Chapter 13
after the deadline for implementation of the EC Directive 95/46 had expired. Th e WBP removed the general diff erence between public and private fi les, except for the criteria of legal purposes for the processing of personal data and with regard to the regulation on legal remedies. Compared to the previous law, the national Data Protection Authority (with a new name: College Bescherming Persoonsgegevens, hereafter CBP) acquired additional powers, including the power to impose admin-istrative fi nes and to use coercive measures. Th e terminology used in the WBP is more in line with EC Directive 95/46. Among other things, the new WBP envis-ages a decentralised control mechanism, via the appointment of data protection offi cers within private and public organisations. Furthermore, the WBP includes a simplifi ed reporting system which only applies to computerised databases. Th e duty for data controllers in the public sector to draw up and publish specifi c regulations on the use of their data fi les has been withdrawn.
According to Article 45 WBP , a decision with regard to a request for access, correction or deletion of personal data taken by an administrative authority falls within the scope of the Dutch Administrative Act, or Algemene Wet Bestuursrecht (AWB ). Th is means that, with regard to those decisions in relation to the use of the NSIS, the general administrative rules apply (see further below).
Apart from the general rules in the WBP , sectoral laws also apply to the processing of personal data in specifi c fi elds. Since 1955, a special act has applied with regard to the use of judicial and criminal fi les.134 Th e aforementioned law regarding the civil population administration of the municipal authorities (Wet Gemeentelijke Basisadministratie) of 1995 also includes specifi c data protection standards. Th e Act on Police Files of 1990 (Wet Politieregisters) also applies to data recorded in the SIS for police and criminal investigation purposes.135
5.2. NSIS and the Applicable Rules on Data Protection
Th e WBP applies to data registered on the basis of Article 96 CISA. With the new WBP, the former duty to draw up separate rules for public fi les has been replaced by a duty to report these fi les to the Dutch Data Protection Authority.136 In accordance with Article 27 WBP, the authorities responsible for public fi les have to include information in these reports about, for instance, the authority
134 Wet op de justitiële documentatie en de verklaringen om het gedrag, Staatsblad 1955, no. 395. 135 Act of 21 June 1990, houdende regels ter bescherming van de persoonlijke levenssfeer in
verband met politieregisters, Staatsblad 1990, no. 414. Th e legislator is preparing a complete revision of this law.
136 Based on the former law of 1989, specifi c rules (reglementen) were adopted for NSIS and SIRENE with regard to the data on third-country nationals, published in: Staatscourant 90, 16 mei 1994, p. 17–18. Th ese rules no longer apply.
Brouwer ch-13.indd 478 4/4/2008 5:41:57 PM
Th e Netherlands 479
responsible for the data processing, the data which are to be recorded, the pur-pose of the data processing and the authorities or organisations which have access to the data. Th e reports can be consulted on the public website of the Data Protection Authority. It is, however, diffi cult to fi nd a report of a specifi c registra-tion without knowing the number of this report. In the report on the NSIS which was submitted to the Dutch Data Protection Authority, the KLPD and the IND both declare themselves responsible for the NSIS.137 Th is means that a data subject may contact both organisations when requesting information about being registered in the NSIS, or when applying for correction or deletion of his data. However, as we will see below, based on an informal agreement between the KLPD and the IND, every application regarding SIS alerts, including those concerning third-country nationals to be refused entry, is dealt with initially by the privacy offi cer of the KLPD.
5.3. Duty to Inform the Data Subject
Articles 33 and 34 of the Dutch WBP describe the duty of the data controller to inform the data subject with regard to the processing of his or her data. In accord-ance with the provisions of Articles 10 and 11 of EC Directive 95/46, Dutch law diff erentiates between two situations. Firstly, Article 33 WBP describes a situa-tion where the data controller collects the information from the person himself. At the time of this collection, the person is to be informed of the identity of the authority responsible for the data processing, the purpose of the data processing, as well as any further information which is necessary to guarantee the ‘proper and fair processing of the information’. Th e duty to inform does not exist if the person already has this information.
Th e second rule in Article 34 WBP concerns a situation where the information has not been obtained from the data subject personally. Th is provision will, in my view, apply mostly to Article 96 CISA reports in the NSIS. According to Article 34 WBP, the data subject has to be informed at the time the information is stored or, if the information is meant to be disclosed to third parties, at the time the data is disclosed for the fi rst time. However, three important exceptions to this principle exist. Firstly, the duty does not apply if the data subject already has this information. Secondly, the duty to inform does not apply when the provision of such information would be impossible or would require a disproportionate eff ort by the responsible authority. If this exception applies, the data controller
137 Report no. 1230270, available in the public register of reports (meldingen) on the website of the Dutch Data Protection Authority: http://www.cbpweb.nl.
Brouwer ch-13.indd 479 4/4/2008 5:41:57 PM
480 Chapter 13
has to make a record of the source of the information concerned (Article 34 (4) WBP). Th irdly, the duty to inform the person concerned does not apply if the recording or disclosure of this information is explicitly envisaged by national law. In the latter situation, the data controller has to inform the data subject at his or her request about the legal provision which is the basis for the storage or disclosure of the information about him or her (Article 35(5) WBP).
With regard to the NSIS, none of these exceptions seems to apply. Firstly, an individual reported in the NSIS for the purpose of non-admission is not informed of this registration. A person against whom a formal residence ban has been issued is informed of the formal residence ban, but not the SIS alert. Also, persons falling within the second category (‘reported as inadmissible’) are generally not informed at all. During interviews held for this research, spokesmen for both the KLPD and the IND held the view that the persons reported in the NSIS would generally be aware they had done ‘something wrong’ and, for that reason, would know about their NSIS registration. However, as we have seen above, there are many sit-uations in which a third-country national will not be aware he or she is reported in the SIS, for example when he or she is prosecuted (but not convicted) for a drugs crime or suspected of having connections with terrorist networks. But also a person leaving the Netherlands without reporting this to the local authorities can be reported in the SIS without his knowledge.
It was also assumed that it would be too diffi cult to locate and inform all persons of their registration in the NSIS. For these reasons, it was not considered necessary or feasible to inform third-country nationals personally at the time of registration. However, this argument does not apply to persons who have been issued a formal residence ban. As we will see below, this decision is to be given in person and to include information on the reasons for this decision. It does not seem a disproportionate eff ort to add to this information that he or she will also be reported in the NSIS. With regard to the second category, perhaps this argu-ment applies to persons who have already left Dutch territory and are diffi cult to trace. Even in these situations, however, it should be possible to inform the legal representative of the person concerned or to leave information at the person’s last known address.
A third reason why the aforementioned exceptions do not apply is the fact that, as we have seen above, both categories of decision lack a formal legal basis. Th e formal residence ban itself is envisaged in the Aliens Act 2000, but the fact that the person will be reported in the NSIS is not. Th e second category of reported third-country nationals is only envisaged in the Aliens Circular 2000.
To summarise, this would mean that the failure of national authorities to inform third-country nationals of the fact that they have been reported in the NSIS is in breach of the Dutch WBP as well as EC Directive 95/46.
Brouwer ch-13.indd 480 4/4/2008 5:41:57 PM
Th e Netherlands 481
5.4. Right to Access, Correction or Deletion of the NSIS Data
According to Articles 109 and 110 of the CISA, the right of an individual to request access to, correction or deletion of his or her data held in the SIS can be asserted in each Schengen country in accordance with the law of the state in which it is asserted. With regard to the Dutch NSIS, these rights are laid down in Articles 35–36 WBP . In 2005, only ten years after the SIS became operational, a new section was included in the Aliens Circular 2000, describing the procedures to be followed by the Dutch immigration and police offi cers when dealing with an individual request for deletion.138
In principle, data subjects may forward their requests for access, correction or deletion directly to the responsible authorities concerned, which means either the IND or the Department of National Investigation and Information (DNRI, formerly the CRI) of the Dutch police force, KLPD . Th e shared responsibility between the KLPD and the IND with regard to the entry of third-country nationals into the NSIS used to cause confusion for third-country nationals and their lawyers with regard to which authority was to be addressed. In order to solve this problem, both organisations reached an unpublished ‘working arrangement’ on how to handle the requests mentioned above. On the basis of this arrangement, the IND will forward all requests regarding an Article 96 alert to the privacy offi cer of the KLPD. Even if the alert has been registered in the NSIS, the KLPD will be asked to consider the application fi rst. Th is means in practice that when an applicant applies to the IND for the withdrawal of a Dutch Article 96 alert, this request is fi rst forwarded by the IND to the KLPD. When the latter organisation establishes that the person has been reported in the NSIS by the Dutch a uthorities, the request will be returned to the IND. Th e Dutch Data Protection Authority was not involved in the negotiations on this arrangement.
Th e individual applications as described above should be answered in writing within four weeks. Th e privacy offi cer of the KLPD received approximately 100 requests for information regarding NSIS alerts in 1998.139 Since 2004, the number of request has been approximately 200 per year, 80% of which concern Article 96 reports.140 Th ese numbers have not been published.
138 Wijziging Vreemdelingencirculaire, Decision no. 2005/29, Staatscourant 23 June 2005, no. 119. 139 Dutch inquiry made for the Justice report: Th e Schengen Information System. A human rights
audit SIS (2000). 140 According to the data protection offi cer of the KLPD . No offi cial data have been published.
Brouwer ch-13.indd 481 4/4/2008 5:41:57 PM
482 Chapter 13
5.5. Role of the Data Protection Authority
Th e tasks and powers of the Dutch Data Protection Authority or CBP are described in Articles 51–74 of the WBP . Since data subjects may submit their requests for access, correction or deletion directly to the data controller in q uestion (see above), the CBP only intervenes when complaints between the individual and the competent authority cannot be resolved. Th is explains why the Dutch Data Protection Authority is relatively rarely involved with regard to complaints or questions about the use of the NSIS. If an individual requests access to his or her data in the SIS in one state and the data has been forwarded to the SIS by another Schengen state, the requested state will contact this latter state if the subject can be granted access to his or her data (according to Article 109 of the CISA). In the Netherlands, the data protection offi cer of the KLPD himself will make contact with the foreign authorities in the reporting state. Only if this offi cer does not receive a (timely) response from the reporting state, the CBP will be asked to intervene. Between 1995 and 2000, the CBP received only four complaints with regard to the NSIS. In 2004, approximately ten complaints dealing with the NSIS were forwarded to the CBP.141
Th e CBP has investigative powers, either at its own initiative or when requested by an interested party.142 Th e CBP may start an audit with regard to the data processing of any organisation, in both the public and private sectors. During this audit, the members of the CBP are entitled to gain access to the premises of the data controller without his or her permission (Article 61 (2)). Th e possibility for the Dutch CBP to impose a fi nancial fi ne is limited to the situation where the responsible authority has violated the rules on reporting the data processing. Th is means that the CBP cannot impose a fi ne if the data owner violates the rules on the fair use of the personal data, the rules on data retention limits, security or accuracy. Th e CBP also has no power to impose a fi ne if a data controller does not respond within the prescribed time to a request for access to personal data.
For the JSA inquiry in 2004 regarding Article 96 entries (mentioned in section 3.6), the CBP requested the cooperation of the Dutch police organisation and the IND .143 For this inquiry, the CBP only investigated 15 or 0.1% of the 12,167 Dutch alerts on third-country nationals which were held in the NSIS in 2004. According to a staff member of the CBP, the choice for this small-scale review was related to the limited time and capacity of the CBP. Th e information submitted to the JSA with regard to the Dutch implementation of Article 96
141 According to a spokesman for the Dutch CBP. 142 Article 60 WBP . 143 I received the Dutch reports from the CBP following a formal application for access to public
documents.
Brouwer ch-13.indd 482 4/4/2008 5:41:57 PM
Th e Netherlands 483
CISA has been scarce. It did not include any details on the criteria being used for reporting third-country nationals as ‘inadmissible’. Nor did it describe any individual case studies. Generally, the CBP found, with regard to these alerts, that the data were accurate, up to date and lawfully processed. Th e CBP only found irregularities with regard to two out of 15 alerts in the NSIS, which is still more than 10%. In one case, the CBP found that the entry of a report on an irregular migrant had no legal basis. In the other case, the CBP found that the time limit for the storage of an alert had been exceeded by two months. Th e fi ndings of this inquiry have not been published and were only submitted to the responsible authorities in 2006. Unlike the annual reports of the German data protection commissioners, the annual report of the CBP does not include any details of the fi ndings.144
As in other countries, the Dutch Data Protection Authority is under-resourced to perform all its legal tasks. In 2006, the CBP publicly announced that it was forced to interrupt its work with regard to giving advice or information in more complicated matters because of a lack of suffi cient means. In the longer term, this work could be reduced by applying more stringent criteria with regard to new requests for information.145
5.6. Right to Legal Remedies
According to the former Data Protection Act of 1989, the data subject had access to the civil courts with regard to data processing in both the public and private sectors. Since this was considered more logical, the current WBP diff erentiates between the private sector and the public sector (Articles 45 and 47). Th e administrative court is now competent with regard to individual appeals against data processing within the public administration. With regard to data processing in the private sector, the individual still has to apply to a civil court. Since the WBP applies to Article 96 alerts, a third-country national has a right to appeal according to the rules of administrative law. Th e right to a legal remedy concerns the following decisions:
– the refusal to inform the data subject of whether his or her data is processed (Articles 30 (3) and 35 (1) of the WBP );
– the refusal to give the person access to his or her data (Article 35 (2));– the refusal to correct or delete the information concerned (Article 36); and– the refusal to inform the data subject of the third parties who received
information regarding the data subject and those who were informed of the fact that this data has been corrected or deleted, as requested by the data subject (Article 38(2)).
144 Annual report of the CBP for 2004, p. 53. 145 CBP, Press note of 7 August 2006, http://www.cbp.nl.
Brouwer ch-13.indd 483 4/4/2008 5:41:57 PM
484 Chapter 13
Th e decisions are regarded as decisions taken by an administrative authority under Dutch administrative law (Article 45 WBP ).
Paradoxically, unlike the WBP , the Act on Police Files of 1990 maintained the competence of the civil courts. If a person has been refused access, correction or deletion of his or her data in a police fi le, he or she may lodge an appeal to a civil court against this refusal within four weeks (Article 23 (1) and (6) of the Act on Police Files). We will see below that, when dealing with an application as referred to above, the civil court of Haarlem ordered the Spanish government to withdraw an alert concerning an extradition warrant (Article 95) from the NSIS.
6. Rights of Th ird-Country Nationals under Immigration Law146
6.1. Application of Principles of Administrative Law
Th e general administrative law incorporated into the Dutch Act on Administrative Law (Algemene Wet Bestuursrecht or AWB ) applies to the procedures for review and remedies under immigration and visa law. Decisions to refuse entry, access or a visa, as well as the failure to decide within the prescribed period, are considered an administrative decision by the responsible authorities. Th e administrative proce-dures of review and (higher) appeal apply to these decisions (or lack thereof ). Th e Aliens Act 2000, however, includes some important exceptions to these general rules of administrative law. Th ese exceptions include shorter time limits with regard to the exercise of the right to appeal and longer periods in which the authorities or the court may deal with the appeal. Furthermore, the Aliens Act 2000 provides for specifi c rules with regard to the competence of the court, the scope of review and the suspensive eff ect of a court decision.
Decisions on visa applications and applications for a temporary residence permit are explicitly considered administrative decisions (beschikking) to which the right to an administrative review and appeal applies (Article 72 of the Aliens Act 2000). Also, practical measures by the public authorities against third-country nationals are considered administrative decisions. As we will see below, in section 7.2, based on this wide interpretation of an administrative decision, the Dutch courts rejected the narrow view of the Minister of Immigration and the IND , according to which a report in the NSIS on third-country nationals is not an administrative decision or act.
As a consequence of the applicability of administrative law, the general principles of fair administration as laid down in the AWB are to be applied to immigration
146 See also H. Staples, Adjudicating the Schengen Agreements in the Netherlands, European Journal of Migration and Law 2, 2000, p. 49–83.
Brouwer ch-13.indd 484 4/4/2008 5:41:57 PM
Th e Netherlands 485
law decisions. Some of these principles can be considered important with regard to decision-making based on SIS alerts. In the fi rst place, Article 3:4 AWB obliges administrative authorities to strike a clear balance between the interests at stake before taking a decision. Furthermore, according to Article 3:45, when a nega-tive decision is made, individuals should be informed of their rights of review or appeal. Decisions taken by administrative authorities should be appropriately motivated and indicate the reasons and the legal provision on the basis of which the decision has been taken (Article 3:46 AWB). Another relevant provision in the AWB is the duty of the authorities to forward applications if they are wrong-fully addressed to the competent authority (doorzendplicht, Article 2:3 AWB). Th is means that if a person submits his or her request for access or information regarding a SIS alert to an administrative authority which is not competent to deal with this request, this authority should forward the request to the competent authorities.
6.2. Informed Decision-making at the Borders
Initially, a refusal of entry at the borders did not require a written decision, except for decisions with regard to EU and EEA citizens. However, according to Article A2/5.2.1 of the Aliens Circular 2000, border offi cials were obliged to give the third-country nationals a leafl et describing the available remedies. In 2006, the provisions of the Aliens Circular 2000 were amended in accordance with the rules of Regulation 562/2006 on the Schengen Borders Code .147 As we saw in Chapter 9, Article 13 (2) of this Regulation states that border offi cials may only refuse a person admission on the basis of a substantiated decision, stating the precise reasons for refusal. According to the new Article A2/5.5.2, a refusal of entry should be submitted in writing using a standard form which also refers to the available legal remedies. Th is is the standard form as included in Annex V to Regulation 562/2006.
Interestingly, as early as July 2006, the District Court of Haarlem annulled an oral decision by a border offi cial, in which a young Nigerian woman had been refused entry to the Netherlands.148 Th e Court referred, regarding this decision, to the new rules stating that the decision should be given in writing. Th e Court rejected the view of the Minister of Immigration that the amended rule in the Aliens Circular 2000 was non-binding and would allow exceptions under certain circumstances. According to the Court, the requirement of a written decision was such an essential safeguard for the persons concerned that the refuted decision should be annulled.
147 WBV 2006/16. 148 Judgment of 24 July 2006, LJN AY6520, http://www.rechtspraak.nl.
Brouwer ch-13.indd 485 4/4/2008 5:41:57 PM
486 Chapter 13
6.3. Information on the Formal Residence Ban
As we have seen above, there are special rules with regard to persons to whom a formal residence ban has been issued on the basis of Article 67 Aliens Act. Before the decision on the formal residence ban is taken, the person concerned should be heard in advance in conformity with the general principles of admin-istrative law (4:8 AWB ).149 Th e Minister should also submit relevant informa-tion on the reasons for this decision. A decision to impose a formal residence ban should be given personally to the person concerned or, if this is not possible, should be published in the Dutch Offi cial Journal, the Staatscourant. Th e person in question should be off ered a leafl et in multiple languages concerning the formal residence ban.150 Th is leafl et (Model M130) includes information on the reasons why this person has been declared unwanted, the consequences of his or her further stay in the Netherlands (criminal act according to 197 Criminal Law Code), the possibility of raising an objection to this decision and on his or her legal remedies. Th is leafl et does not inform the person of his or her registration in the NSIS.
6.4. Time Limits for Decisions in the Field of Immigration Law
Article 25 of the Aliens Act 2000 provides that, with regard to a request for a residence permit, the national authorities have to make a decision within six months of receipt of the application. Th is period during which a decision must be made can be extended by another six months if the Minister of Justice needs additional information from third parties or the Public Prosecutor. During the parliamentary debate on these time limits, the Green Left Party (Groen Links) opposed this exten-sion, claiming that, “developments in the electronic age should have led to shorter decision periods, rather than an extension”.151
With regard to visa applications, the time limit for decision-making is eight weeks and, with regard to a temporary residence permit or a long-stay visa, it is three months. In practice, it has been established that the IND has diffi culty meeting these time limits with regard to its decision-making.152
149 See section A5 of the Aliens Circular 2000. 150 Article 3:41 of the Dutch Administrative Law. 151 Handelingen Tweede Kamer 1999–2000, 26 732, no. 7. 152 Th is was criticised, for example, in a general report by the Court of Auditors on the function-
ing of the IND , Handelingen Tweede Kamer 2003–2004, 29 495, no. 1–2.
Brouwer ch-13.indd 486 4/4/2008 5:41:57 PM
Th e Netherlands 487
6.5. Legal Remedies
6.5.1. Right to Review153
In immigration law procedures (not including asylum applications), a third-country national should submit an application for review to the Minister of Justice within four weeks of the negative decision being issued (Article 69 of the Aliens Act 2000). In regular administrative law procedures the applicant has six weeks to apply for review (Article 6:7 AWB ). With regard to the time limit within which the administrative authority should make a decision, the same rule as provided for in general administrative law applies to immigration law procedures. According to Article 7:10 AWB, the national authority should make a decision within six weeks of receiving the request for review.
Based on Article 73 of the Aliens Act 2000, an individual request for review or appeal against the refusal of a residence permit will suspend the eff ect of the negative decision, except in the situations described in Article 73 (2). Th ese exceptions are: if the person concerned has no temporary residence permit, which is required to obtain a residence permit, if the person concerned is a danger to public order or national security or if the person is convicted by fi nal decision of the court of a crime punishable by imprisonment of three years or more.
In 2002, in the memorandum on visa policy mentioned above, the Dutch government proposed withdrawing the right to apply for an administrative review with regard to decisions on visa applications.154 Instead, the person con-cerned would be given a direct right of appeal to the court against the refusal of a visa. Th is measure would shorten the time of the visa procedure. Furthermore, the government announced that it would maintain the duty to give reasons for the refusal of visa applications, but would make the burden of proof a greater responsibility for visa applicants. Th ese proposals have not yet been adopted. It should be observed that, in its report of 23 October 2003 regarding Dutch visa policy, the Court of Auditors found diff erences between the consular posts with regard to the policy and practice of issuing visas.155 One of these diff erences con-cerned the way in which negative decisions were motivated and the possibilities for review and rights of appeal.
153 In the following sections, I will not deal with the special rules applying to asylum law proce-dures or with regard to the detention of immigrants.
154 Handelingen Tweede Kamer 2000–2001, 26 106, no. 4 and no. 6. 155 Handelingen Tweede Kamer 2003–2004, 29 260, no. 1–2, p. 22.
Brouwer ch-13.indd 487 4/4/2008 5:41:57 PM
488 Chapter 13
6.5.2. Right to AppealWithin four weeks of the refuted decision by the immigration authorities, a per-son may lodge an appeal with the court (Article 69 Aliens Act 2000). Th is time limit is shorter than the time limit which applies to regular administrative law procedures, which is six weeks. Article 71 of the Aliens Act 2000 provides for a centralised mechanism of the right to appeal to the District Court of Th e Hague. However, in order to reduce its workload, this Court has specialist aliens cham-bers or ‘seats’ in all the other District Courts in the Netherlands. According to Article 73 of the Aliens Act 2000, if a person lodges a review or an appeal against the rejection or the withdrawal of a residence permit, this decision will be sus-pended. Only if the refusal or withdrawal is based on the fact that the third-country national has no temporary residence permit or is related to reasons of public order and national security , will the remedy have no suspensive eff ect . A third-country national may also apply to the court for a temporary provision (Article 78 Aliens Act 2000). Th ese temporary provisions may include the obli-gation of the immigration authorities to grant a person access to Dutch territory or to lift a detention order.
6.5.3. Right to Higher AppealArticle 84 Aliens Act 2000 provides for the right of higher appeal to the Administrative Jurisdiction Division of the Council of State (Afdeling Bestuursrechtspraak van de Raad van State ). According to Article 69 of the Aliens Act 2000, this higher appeal has to be lodged within one week of the decision by the lower court. On the basis of Article 84 (b) Aliens Act 2000 there is no right of higher appeal with regard to refusals of visas for a stay of three months or less and with regard to decisions by border control authorities obliging third-country nationals to remain within a prescribed area. According to the government in the explanatory memorandum, a right of higher appeal in such cases would be of less or relatively little interest.156
In the Dutch literature, the position of the highest administrative court in immigration law cases has been criticised.157 Especially with regard to asylum law procedures, commentators found that the administrative court adopts an unbalanced approach, by accepting a wide margin of appreciation for the Minister of Immigration and the IND and by placing an excessive burden of proof on the third-country national. Accordingly, the rights of the applicants
156 Handelingen Tweede Kamer 1998–1999, 26 732, no. 3, p. 81. 157 See S. Essakkili, T.P. Spijkerboer, De marginale toetsing in asielzaken, NJB, Afl . 2006/33,
no. 1439, T.P. Spijkerboer and B.P. Vermeulen, Vluchtelingenrecht, Nijmegen: Ars Aequi Libri 2005, p. 288, and R.H. de Bock, De omvang van het geding, Nijmegen: Ars Aequi Libri 2004.
Brouwer ch-13.indd 488 4/4/2008 5:41:57 PM
Th e Netherlands 489
would be interpreted too narrowly. In January 2007, this criticism found support in the judgment Salah Sheekh v. the Netherlands of the ECtHR.158 Th is case dealt with the appeal of a Somali asylum seeker against the decision of the Dutch authorities to expel him to Somalia. Th e ECtHR declared the claim of the applicant admissible, even if he had failed to exhaust domestic remedies as required by Article 35 (1) of the Convention. Th e ECtHR repeated its conclu-sions of the Selmouni v. France case, that “the obligation to exhaust domestic remedies is limited to making use of those remedies which are likely to be eff ec-tive and available in that their existence is suffi ciently certain and that they are capable of redressing directly the alleged violation of the Convention”.159 According to the ECtHR, in practice further appeal with the Dutch Administrative Jurisdiction Division would have stood “virtually no prospect of success”. Th e ECtHR based this conclusion on the narrow interpretation of the Administrative Jurisdiction Division in earlier decisions with regard to the subjects of ‘internal fl ight alternative’ and the ‘singled out’ requirement. Th ese subjects were substan-tial to the claim of mr. Salah Sheekh that his expulsion would expose him to a treatment in breach of Article 3 ECHR (protection against torture or inhuman or degrading treatment or punishment).
7. Case Law
7.1. Introduction: Extent and Importance of Dutch Case Law
I found fewer than 20 judgments by Dutch courts on the application of Article 96 CISA and the SIS between the date the SIS became operation in the Netherlands (25 March 1995) and September 2006. However, since 2005, there has been an increase in case-law dealing with SIS, also with regard to Article 95 alerts (persons wanted for extradition). Th is increase could indicate that individuals and their lawyers become more aware of their rights and the available remedies. It could also mean that individuals are more often aff ected by the use of the NSIS. Despite the current low number of judgments, the available decisions, together with their annotations, give an important insight into major questions with regard to the applicable law on Article 96 entries in the Netherlands.
Another important source of (non-binding) case law on the NSIS can be found in the decisions by the Dutch National Ombudsman. Th is authority
158 Salah Sheekh v. the Netherlands, 11 January 2007, no. 1948/04, published in NJCM-Bulletin (2007), no. 2, p. 179–194, annotation A.B. Terlouw.
159 Salah Sheekh §§121–123.
Brouwer ch-13.indd 489 4/4/2008 5:41:57 PM
490 Chapter 13
investigates the behaviour of the public authorities. Th ese investigations take place either at the initiative of the Ombudsman or following an individual complaint. Th e decisions of this authority are not binding, but only include an opinion on whether the public authority concerned behaved properly (behoorlijk) or not. Th e Ombudsman receives an important number of complaints regarding visa applications at Dutch embassies abroad. Some of these cases concern the rejection of a visa application on the basis of an Article 96 entry. In its decisions, discussed in section 7.7 below, the National Ombudsman formulated important principles with regard to the obligations of administrative law and the use of the NSIS in immigration law procedures. Even if not binding, these decisions cannot be overlooked when dealing with the practice of the Dutch authorities.
7.2. Legal Status of Article 96 Reports: Possibility of Legal Redress
In several procedures in which a third-country national disputed the lawfulness of a SIS report, the Minister of Immigration held the view that the decision to report a third-country national in the NSIS is not an administrative decision. Based on this reasoning, it was held that the person in question could not appeal directly against a NSIS alert. Th is view has been rejected by lawyers and fi nally by the Dutch courts as well.160 Only in one of the fi rst decisions in 1999 in which this question was raised, did the District Court of Amsterdam accept the arguments of the Minister.161 Th e case concerned a Nigerian national who, at his request, had been informed by the IND that he was registered in the NSIS. Th erefore, he submitted a direct request to the IND to delete this information from the NSIS. Th e IND declared the request inadmissible, whereupon the applicant fi led an appeal with the Court. Th e applicant motivated his appeal by stating that the alert in the NSIS was a decision with legal implications, against which legal redress should be possible. Neither the IND nor the Court accepted this reasoning. Interestingly, during the oral submissions, an offi cer from the IND had initially confi rmed that an alert is an administrative decision. Th is statement was later withdrawn in a written memorandum. In its judgment, the Court based its conclusion that an alert is not an administrative decision on the exception grounds of Article 5(2) CISA. Th e possibility for national authorities, under certain circumstances, to grant a person leave to enter the national terri-tory was suffi cient reason for the Court to rule that the decision to issue an alert was a non-binding decision. Th is conclusion, which was not followed by other
160 See, for example Th . Holterman, Ongewenst signalering getoetst, Migrantenrecht 1994/5, p. 96 and K. Groenendijk and P. Boeles in their annotations to the judgments referred to below.
161 Decision of 24 September 1999, Jurisprudentie Vreemdelingenrecht 2000/8, annotation K. Groenendijk.
Brouwer ch-13.indd 490 4/4/2008 5:41:57 PM
Th e Netherlands 491
courts in later judgments, is open to criticism. Th e fact that, under certain cir-cumstances, national authorities are competent to depart from a SIS report for the refusal of entry does not imply that this report has no legal consequences in other situations where these exceptional circumstances do not apply.162 During this procedure, the District Court of Amsterdam also dealt with the question of whether the applicant had any interest in the withdrawal of his SIS alert. Th e Court denied such an interest, since he could have applied for a visa (or a tempo-rary residence permit, or mvv) fi rst when he was, at the time of the procedure, still in Nigeria. If this application were to be rejected, the Court held, the appli-cant could have appealed against this refusal. With this decision, the Court chose a formal and narrow interpretation of the interests and rights at stake.
In another judgment from 1999, the President of the Court of Th e Hague reached the opposite conclusion. Th e President explicitly ruled that a NSIS alert is to be considered a decision that is intended to have legal eff ects.163 Th is case concerned eight applicants of Polish nationality who had asked the IND to delete the reports concerning them in the NSIS. Th e applicants, working illegally in Dutch greenhouses, were registered by the Dutch authorities in the NSIS on the basis of the criterion as provided for in the Aliens Circular, that they had been repeatedly expelled or had evaded expulsion. Th e IND refused to delete their SIS reports. Th e Polish workers appealed against this refusal on the basis of the Dutch Aliens Act and subsequently sought a temporary provision to suspend the alert during this procedure. During the procedure, the IND stated that this appeal was inadmissible because the applicants should have used the procedure under the Dutch Data Protection Law. In his judgment, the President of the Court referred especially to the right to judicial remedies as provided for in Article 111 CISA. Rejecting the claim of inadmissibility of the IND, the President ruled that even if other legal procedures based on the Dutch Data Protection Act were avail-able, this would not stand in the way of the special procedure based on the Aliens Act. Th e President granted the temporary measure to suspend the SIS alert until four weeks after the fi nal decision, at the applicants’ request, because he found there was at least a reasonable doubt about whether the disputed SIS report was in conformity with Article 96 CISA.
Th e view of the Dutch immigration authorities that an alert in systems such as the NSIS and the OPS is not covered by the notion of an administrative decision was also rejected by the Court of Th e Hague in a decision of 8 March 2002.164
162 See Groenendijk in his annotation to this decision (ibid.) and Boeles in his annotation to the judgment of the Court of Th e Hague, 5 January 2000, Jurisprudentie Vreemdelingenrecht 2000/51.
163 Decision of 8 December 1999, Jurisprudentie Vreemdelingenrecht 2000/59. 164 Jurisprudentie Vreemdelingenrecht 2002/162.
Brouwer ch-13.indd 491 4/4/2008 5:41:58 PM
492 Chapter 13
Th is case concerned a German national who was reported by the Dutch authorities into the OPS police fi le (not NSIS) for a violation of the Dutch Opium Act. Th e German national submitted a letter to the Dutch authorities, in which he asked both whether he was reported as unwanted alien and, if so, whether this report could be withdrawn. Th e Minister of Justice did not respond to this request. Not until one year later, after repeated requests, was the applicant informed that his request had been forwarded to the special department of the Dutch police (KLPD ). Th e applicant appealed against this letter from the Minister. What is important is the explicit statement by the Court that, even if it could be argued that the decision to report a person as unwanted was not intended to have legal eff ects, it still has to be considered a “measure by an administrative authority against an alien” in accordance with Article 72 (3) of the Aliens Act 2000, provided that the rules on administrative remedies apply.
In the same judgment, the Court also rejected the formal reasoning of the Minister that the applicant should have addressed the KLPD fi rst. Th e Court explicitly diff erentiated between, on the one hand, the procedure by the appli-cant which is directed against the refusal to withdraw the SIS alert, and the procedure which is directed against the (informal) decision to report a person as an unwanted alien. According to the Court, the initial letter from the applicant should be taken as a complaint against the decision to declare him an unwanted alien. Th erefore, the Dutch authorities should have made a decision with regard to this request at once even if, in parallel to this procedure, the KLPD still had to consider the request for deletion of the alert. In its decision, the Court ordered the Dutch immigration authority to decide within six weeks on the request against the report as an unwanted alien.
In a judgment of 2005, the Court of Th e Hague again emphasised that an alert should be considered an administrative decision with legal eff ects in accord-ance with Article 72 (3) Aliens Act 2000 and therefore falls within the scope of Article 1:3 AWB .165 Th erefore, the Court concluded it was competent to deal with the case at stake.
Despite these judgments, in which the Dutch courts recognised the direct legal eff ects of a SIS alert, the IND and the former Minister of Immigration main-tained the view that a SIS report is a practical measure against which no right of appeal is possible. In June 2005, the Aliens Circular 2000 was amended, describ-ing the procedures to be followed with regard to individual remedies against alerts registered in the NSIS.166 In this text in the Aliens Circular, it was again explicitly
165 Court of Th e Hague, Aliens Chamber, Breda session, decision of 11 March 2005, no. AWB 04/24331. Th is judgment will be dealt with further in section 7.4.
166 Wijziging Vreemdelingencirculaire, Decision 2005/29, Staatscourant, 23 June 2005, no. 119. See para. A3/9.6.3.3.
Brouwer ch-13.indd 492 4/4/2008 5:41:58 PM
Th e Netherlands 493
stated that a national decision to report a SIS alert into the NSIS is not an admin-istrative decision. It does stress, however, that “procedures against a refusal to withdraw such a SIS report should be in accordance with Article 111 CISA”.
7.3. Conformity with Article 96 CISA
7.3.1. National Administrative DecisionsIn the abovementioned judgment of 8 December 1999 on the Polish applicants, the President of the Court of Th e Hague explicitly questioned whether the dis-puted alert in the NSIS was in conformity with Article 96 CISA. Th e President did not reach any substantive conclusions, but stated that it was unclear whether the Dutch implementation rules met the procedural and the material require-ments of the former Border Control Circular (now included in the Aliens Circular 2000).167 To my knowledge, the merits of this case have not been dealt with in further proceedings.
7.3.2. Foreign Administrative DecisionsInitially, the Dutch courts were hesitant to consider themselves competent to rule on the lawfulness of decisions taken by other Schengen States. An example of such a careful approach is the decision of 18 August 1999 by the President of the Haarlem Court.168 Th is case concerned the appeal of an American national whose entry to Dutch territory was refused based on a NSIS report by the German authorities pursuant to Article 96 CISA. Th e American had been refused a residence permit by the German authorities because he had no health insur-ance and because he had applied for social security assistance. In 1998, he was expelled by the German authorities to the United States. As a result of this expul-sion, he was reported by the German authorities in the SIS. Th e American national was detained by the Dutch border guards in order to await his expul-sion. He applied to the Court of Haarlem, requesting a temporary suspension of the refusal of entry, including the suspension of expulsion. In his judgment of 18 August 1999, the President of the Court explained that a person recorded in the SIS has the right to challenge the lawfulness of this SIS alert even if another state is responsible for the correctness and accuracy of these data. Referring to the spe-cial procedures of the then applicable Data Protection Act of 1989, the Court concluded that it was not competent to assess the lawfulness of the alert itself. Only if it were crystal clear (zonneklaar) that the SIS report is illegal did the Court believe it would be competent to order temporary measures. Assessing the lawfulness of the SIS alert and fi nding that the person was not reported on unlawful grounds, the Court rejected the complaint.
167 Jurisprudentie Vreemdelingenrecht 2000/59. 168 Jurisprudentie Vreemdelingenrecht 1999/269.
Brouwer ch-13.indd 493 4/4/2008 5:41:58 PM
494 Chapter 13
Th e competence of national courts to rule on the lawfulness of alerts reported by the authorities of other Schengen States was more elaborately dealt with in a decision by the Court of Th e Hague (civil chamber) of 5 January 2000.169 Th e procedure in this case is complex because the applicant applied simultaneously to both the French and Dutch authorities. Th e applicant in this case (of unknown nationality) fi rst submitted a request for withdrawal of the alert with the French authorities. Th e decision by the French Ministry of the Interior to reject this request was annulled by the French administrative court in a decision of 2 April 1999. Th e applicant’s lawyer asked the department of the KLPD dealing with the NSIS to withdraw the report. Th is request was refused. Th e Dutch Data Protection Authority was asked to negotiate and to ensure that the French alert would be deleted. Based on the information which the Dutch Data Protection Authority received from its French colleagues, the Dutch CBP found that the alert was not in breach of the CISA and rejected the request of the applicant. When he was informed by the latter institution that the French authorities had refused to delete his record, the person submitted an appeal against the French authorities and, a year later, the Dutch authorities as well before the Court of Th e Hague. Th e Court was asked to order the Dutch and French authorities to provide information on the alert, to delete the data from the SIS and to inform third parties who had access to the SIS data that the data had been deleted. Th e Court of Th e Hague held that the complaint against France was not admissible, reasoning that a Dutch court is not competent to deal with a complaint against another state. Th e Court, however, concluded that when assessing the national SIS it was competent to deal with the lawfulness of a foreign alert. Th e Court declared the application against the Dutch government admissible, even though the applicant had failed to observe the applicable time limits. Considering it necessary to have all the necessary documents, the Court, in an interim decision, asked the applicant to give consent for the Court to take note of the underlying documents of the alert the fi le, without the applicant having access himself.
Th e Dutch government successfully appealed against this decision. In a judg-ment of 16 November 2000, the Court of Appeal of Th e Hague annulled the decision by the lower court and rejected the claim of the applicant.170 Unlike the District Court, the Court of Appeal found no justifi cation for the fact the appli-cant failed to respect the prescribed time limits when lodging an appeal against the Dutch state. Th e Court of Appeal did not accept the argument made by the applicant that this fi eld of law was ‘unexploited’, which would justify the delay. According to the Court of Appeal, the applicant was duly informed by the Dutch
169 Jurisprudentie Vreemdelingenrecht 2000/51, annotation P. Boeles. 170 Administratiefrechtelijke Beslissingen 2002/10, annotation E.R. Brouwer.
Brouwer ch-13.indd 494 4/4/2008 5:41:58 PM
Th e Netherlands 495
Data Protection Authority and was even assisted by a lawyer. Unfortunately, the Court of Appeal did not deal further with the competence of national courts to assess the lawfulness of decisions by foreign authorities.
In 2005, for the fi rst time a District Court (civil chamber) ordered the authorities of another Schengen State to remove a SIS alert.171 Th is judgment is important as it could pave the way for other courts when dealing with the interpretation of Article 111 CISA. In this judgment, the Haarlem Court dealt with an Article 95 report, but the reasoning of the Court can be applied to reports on third-country nationals as well. Th e applicant was a woman (of unknown nationality) residing in the Netherlands, who had been arrested in 1993 in Spain. She was suspected of involvement with criminal drugs-related off ences. She was detained but, due to a lack of evidence against her, the prosecution was interrupted by the Spanish authorities. Nevertheless, the Spanish authorities reported her in the NSIS in 1996 for the purpose of arrest for extradition (Article 95 CISA). For several years, the woman took action unsuccessfully against the Spanish authori-ties for the withdrawal of this request for extradition. Finally, she submitted a request to the Dutch authorities responsible for the NSIS, the KLPD , to have her NSIS report deleted. She also submitted a complaint to the Dutch CBP. Whereas the latter organisation informed the applicant that the alert itself was not unlaw-ful, the KLPD repeatedly petitioned the Spanish authorities to have this report deleted. Th e Spanish authorities did not respond to any of these requests. Following the applicable procedure under the Dutch Act on Police Files, the applicant lodged an appeal against the negative decision by the Dutch Data Protection Authority before the civil chamber of the Court of Haarlem.
Th is Court, in an admirably short sentence, decided that the report in the NSIS was unlawful, assessing the facts described above and the fact that the Spanish authorities had never lodged an offi cial extradition request for this applicant.Th e Court ruled that it was clear that the Article 95 report issued by the Spanish authorities did not serve the purposes for which this report was actually intended. Th erefore, the Court ordered the Spanish government to delete this report. According to the data protection offi cer of the KLPD , it took a long time before the Spanish authorities were willing to execute this order. Th is was only done after lengthy procedures and diplomatic pressure from the Dutch authorities. Th e follow-up to this judgment showed that Article 111 CISA, obliging national authorities to enforce the national judgments mutually, met with strong resistance from the Spanish authorities.
171 Judgment of the Court of Haarlem (civil chamber) of 6 December 2005, LJN: AW2418, published at: http://www.rechtspraak.nl. See also the judgment of the Court of Alkmaar, 10 November 2005, no. 79543/HA.
Brouwer ch-13.indd 495 4/4/2008 5:41:58 PM
496 Chapter 13
7.3.3. A Foreign Alert: Th e Moon CaseAs we have seen in the chapters on Germany and France, Mr. and Mrs. Moon, leaders of the religious organisation the Unifi cation Church proceeded more then 12 years against their registration in the SIS by German authorities. In 2005, they also lodged an appeal with the Dutch courts against the decision of the IND and the Minister of Immigration refusing them entry to the Netherlands. Initially, the Dutch authorities had allowed the Moons several times temporary access to the Netherlands for short visits, despite the German alert. Th ese visits were allowed under certain conditions, among other things, promises from Mr. and Mrs. Moon not to seek public attention or contact with the press during their visit. Th ese visits occurred in 1997, 1999 and 2000. In 2005, however, the Dutch Minister of Immigration refused the applicants permission to enter Dutch territory for a short visit. Th is refusal resulted in several procedures before the Dutch courts, in which the applicants sought entry to the Netherlands. Th ese procedures dealt, among other things, with the question of why the Dutch government refused to apply the provision of Article 5 (2) CISA, which made it possible to grant a third-country national access to its territory on humanitarian grounds, despite an alert by another Schengen State. Th ese cases and, especially, the view taken by the Dutch government during the procedures, illustrate the practical scope and meaning of the principle of mutual trust inherent to the SIS. In one of the Dutch cases, the Moons invoked freedom of religion, which was allegedly breached by the refusal to grant them permission to visit the Netherlands. As we saw in section 8.6 of the previous chapter, the right to freedom of religion of the members of the Unifi cation Church was fi nally recognised by the German courts and the alert on Mr. and Mrs. Moon was declared unlawful.
Th ree judgments from 2005 and 2006 deserve attention at this point. In 2005, Mr. and Mrs. Moon began proceedings against the refusal of the Minister of Immigration to grant them access to the Netherlands. In order to make it possible to visit the Netherlands for three days in November 2005, they applied for a temporary provision to the District Court of Amsterdam. Th is temporary pro-vision was granted on the 21 October 2005.172 Th e Court ordered the Dutch authorities to treat the Moon couple as third-country nationals not to be refused entry on the basis of Article 5 CISA, for three days in the period around 3 November 2005, in connection with Article 3 of the Aliens Act 2000. In order to reach this decision, the Court fi rst rejected the formal viewpoints of the Minister. As in other procedures described above, the Minister took the view that the applicants had no right of appeal since there was no administrative decision.
172 District Court of Amsterdam, 21 October 2005, Jurisprudentie Vreemdelingenrecht 2006/69, annotation B. Olivier.
Brouwer ch-13.indd 496 4/4/2008 5:41:58 PM
Th e Netherlands 497
Among other things, the Minister argued that ‘citizens’ could not invoke the pro-vision of Article 5 (2) CISA because it was not directly applicable. Th is argument was rejected by the Amsterdam Court, referring to the meaning of Article 111 CISA. Even if the Court considered that the lawfulness of the German alert could not be discussed during this procedure, it emphasised that the German alert aff ected the applicants “within the Dutch legal framework” based on the intention of the Dutch authorities to deny the applicants the right of entrance. Th e Court ruled that the Dutch government attached legal consequences to the German alert and therefore the applicants should have the right of appeal against the decision of the Minister which made it clear they would be refused entry. Th e Court also rejected the arguments of the Minister with respect to the content. In a letter of 18 May 2005, which was cited during this procedure, the Minister of Immigration stressed the increasing importance of “respecting the SIS alerts of other Schengen partners”, especially considering the fact “that Europe was get-ting stronger”, but also because of “the changed situation with regard to security in the world”. Th e Court, however, rejected this argument as unfounded. In its conclusion, it referred to the earlier decisions of the Dutch government, granting the Moons access to the Netherlands, and to the earlier statement by the German authorities that they would not object to such a temporary admission.
Th e Minister of Immigration appealed against this temporary provision. During the same appeal procedure, the applicants asked the Court to impose a penalty of € 1 million per day in the event of non-compliance by the Dutch authorities. Both appeals were rejected by the Court on 1 November 2005.173 Interestingly, during this procedure, the Dutch government was able to forward further information on the ‘lawfulness’ of the German alert. Firstly, it was stated that, apart from Germany, the French and the Portuguese authorities had also reported the Moons as unwanted in the SIS. Secondly, it was held that, in several judgments the German courts concluded that the alert in question was lawful. Th irdly, the Minister of Immigration produced a memo dated 27 October 2005 at a meeting between the IND offi cers and a German liaison offi cer. During this meeting, the German offi cer had emphasised the German objections to a visit to the Netherlands by Mr. and Mrs. Moon. All these grounds were rejected by the Dutch Court. With regard to the alerts of the two other Schengen States, the Court found that these were not substantiated during the proceedings. With regard to the more recent decisions of the German court, the Dutch Court stressed that these judgments were applicable to the German situation and could not “have any meaning for the (Dutch) dispute at issue”. Finally, the memo of October 2005 was considered irrelevant as well, since it did not provide any
173 District Court of Amsterdam, 1 November 2005, AWB 05/48355, AWB 05/48358.
Brouwer ch-13.indd 497 4/4/2008 5:41:58 PM
498 Chapter 13
information on new facts or circumstances which should have lead to the with-drawal of the temporary provision.
Th e third judgment (in fact two judgments) was issued by the same District Court on 23 June 2006.174 Th ese judgments concerned a renewed application from Mr. and Mrs. Moon of 2 June 2006 for admission into the Netherlands, this time only for 24 hours. Th is request was declared inadmissible by the Minister of Immigration, after which the applicants again lodged an appeal for a temporary provision. In these judgments, the District Court of Amsterdam refused to consider the application for a temporary provision, but decided imme-diately on the merits of the appeal. Th is judgment, although dealing with the same issue, is important because the Court fi rmly rejected a new formal ground which was invoked by the Minister of Immigration to limit the applicants’ right of appeal. According to the Minister, the question of whether or not Mr. and Mrs. Moon should be granted access was a decision to be taken by the Dutch border police. Since the applicants had not yet travelled to the Netherlands and had not submitted their request at the border to the appointed offi cers, the Minister held that they had not been formally refused entry. Th erefore, accord-ing to the Minister, there was no decision against which they could lodge an appeal. At this point, it should be noted that the applicants are South Korean nationals who are not obliged to hold a visa in order to enter the Netherlands for a short stay. Th eir only way of knowing whether they would be admitted to Dutch territory before starting their journey was to ask for this permission in advance. Th e Court rejected the Minister’s viewpoint. Th e Court stated that it is the responsibility of the Minister of Immigration to decide whether or not to refuse entry to the Netherlands. Since the request by the applicants of 2 June 2006 was to be considered a request for an administrative decision, the Minister acted unlawfully when she rejected this request as inadmissible. Th e Court ordered the Dutch government to reach a new decision within six days of the date of publication of this judgment, so as to allow the applicants to make their travel arrangements. In this judgment, the Court did not deal with the substan-tial grounds on which the Moons were registered in the SIS.
In March 2007, the District Court of Amsterdam rejected the appeal of Mr. and Mrs. Moon against a renewed negative decision of the Minister of Immigration. In this case, the applicants referred to their rights of freedom of religion and freedom of speech as protected in Articles 9 and 10 ECHR.175 Th ey also claimed that the decision of the Minister was insuffi ciently motivated.
174 District Court of Amsterdam, 23 June 2006, AWB 06/27382, AWB, 06/27348. 175 Rechtbank Amsterdam, 23 March 2007, Jurisprudentie Vreemdelingenrecht 2007/245, annotation
E.R. Brouwer.
Brouwer ch-13.indd 498 4/4/2008 5:41:58 PM
Th e Netherlands 499
Based on rather formal grounds, the Amsterdam Court this time rejected these claims and held that the Minister rightly had put more weight on the “Schengen obligations”. According to the court, the Dutch authorities were not obliged to specify the reasons of this refusal, even if in previous years Mr. and Mrs. Moon had been granted access to the Netherlands.176
7.4. Balance of Interests – Proportionality of a SIS Report
In 2001, the President of the Court of Th e Hague ruled on the duty for national authorities to assess the proportionality of retaining an alert in the NSIS.177 Th is judgment concerned the case of a Jordanian applicant recorded in the NSIS by the Dutch authorities because of his use of a false passport. As we saw above, in section 3.2, the act of using false identity papers or travel documents is one of the criteria mentioned in the Aliens Circular for reporting third-country nation-als in the NSIS for a period of fi ve years. Based on the provisions of Article 34 of the former Data Protection Act 1989, the applicant requested the President of the civil court to order the Dutch authorities to withdraw the alert from the NSIS. Th is request was rejected by the President of the Court of Th e Hague in a judgment of 10 January 2001. Nevertheless, the President emphasised that, when dealing with the request to withdraw the SIS alert, the Dutch authorities should reconsider the circumstances of the case.
In the proceedings on the merits of this case, the Court of Th e Hague agreed with the argument of the applicant’s lawyer, that there is a duty for the authorities to assess the proportionality of retaining the SIS entry.178 Th e Court further rejected the government’s view that Article 96 CISA would leave no margin of appreciation regarding the applicant’s circumstances and the severity of the criminal acts he committed (false documents). Accordingly, the President found that there was a duty for the IND to assess the circumstances of the case before reporting this person to the NSIS. In this particular case, the interests of the state, to keep out third-country nationals who pose a threat to public order or state security, overrode the interests of the applicant. Since the use of false documents was rightly considered a serious crime, the Court found the entry in the NSIS legitimate.
Interestingly, two judgments, both from 2005, concerned the question of whether the Dutch authorities are obliged to assess the proportionality of the decision to record a person as unwanted in the NSIS, even if the potential nega-tive eff ects of this alert arise in another Schengen State. Th e fi rst judgment of the
176 Appeal against this judgment is pending. 177 Judgment of 10 January 2001, Jurisprudentie Vreemdelingenrecht 2001/52. 178 Judgment of 14 March 2001, Rechtspraak Vreemdelingenrecht 2001/52, annotation A.B. Terlouw.
Brouwer ch-13.indd 499 4/4/2008 5:41:58 PM
500 Chapter 13
District Court of Breda concerned a person (of unknown nationality) who had been reported in the NSIS for fi ve years by the Dutch authorities.179 Th is report was based on the fact that he had used fake or falsifi ed travel or identity docu-ments. He applied for a review of the decision to report him and, at the same time, deletion of the report. Both requests were rejected by the Dutch Minister of Immigration. As in the other judgments described above, this Court ruled that the person in question had a right to appeal against the refusal to withdraw the alert and declared the appeal admissible. With regard to the procedural aspects of this case, the Court found that the applicant was not to blame for the fact that he failed to respect the applicable time limits for forwarding his appeal. According to the Court, the ministerial decision rejecting his fi rst request did not include an appropriate clause on the applicable time limits. Th e Court, however, did not accept the applicant’s claim that his stay in Spain would be made impos-sible as result of the Dutch report. Th e Court found that the applicant had not forwarded any individual or specifi c grounds based on which the Dutch authori-ties should have withdrawn or limited the territorial scope of the SIS alert. Th e applicant had only argued that the Dutch authorities should have used their inherent right, based on administrative law, to withdraw the SIS limit or to limit the eff ect of this alert to Dutch territory or in time.
In the same year, the District Court of Alkmaar dealt with a comparable case. In this judgment, however, the Court considered in more detail the consequences of a Dutch alert with regard to the residence rights of a third-country national in another Schengen State.180 Th e case concerned a Colombian national against whom a formal residence ban had been issued by the Dutch authorities in 1998, based on which he was reported in the NSIS. During that time, the applicant held a valid residence permit for Spain and, for some reason, the Dutch authori-ties did not contact the Spanish authorities with regard to Article 25 (2) of the CISA. Unfortunately, in its judgment, the Court did not enquire why the Dutch authorities had not applied this consultation procedure. In 2003, the Spanish authorities refused to renew his residence permit on the basis of the Dutch alert. In 2004, the applicant applied for withdrawal of the formal residence ban. Th is request was rejected and, during the procedure before the Court, the applicant held that the Dutch decision to maintain the report in the NSIS constituted a breach of his right to family life in Spain, contrary to Article 8 ECHR. According to the applicant, the Dutch government failed to strike a ‘fair balance’ between the cir-cumstances of his family life on the one hand and Dutch interests in maintaining the formal residence ban on the other hand. In this judgment, the applicant’s
179 Decision of 11 March 2005, no. AWB 04/24331. 180 Decision of 24 August 2005, no. LJN AU3548, JV 2005/447, annotation P. Boeles.
Brouwer ch-13.indd 500 4/4/2008 5:41:58 PM
Th e Netherlands 501
claims were rejected. Th e Court denied the direct relationship between the Dutch decision to report the applicant in the SIS and the Spanish decision not to renew his residence permit. According to the Court, the Dutch formal residence ban did not in itself prevent the applicant from enjoying his family life in Spain. It would be the responsibility of the Spanish government to decide whether a resi-dence permit should be granted or not and to consider the applicant’s right to family life as protected under Article 8 ECHR. Note the Court’s comment that it presumes, on the basis of the principle of mutual trust between the states (inter-statelijk vertrouwensbeginsel ), that Spain would comply with its treaty obligations towards the applicant.
One could agree with the conclusion of the Court that the Spanish authorities are, in the fi rst place, responsible for respecting the human rights of the applicant. Th ese authorities should strike a balance between the interests at stake: the Dutch residence ban or the applicant’s right to reside in Spain and to enjoy his family life .181 However, it is arguable whether the Dutch government does not have any responsibility with regard to the rights of the person concerned. In the fi rst place – and it would be interesting to know whether a civil court would not have made a diff erent assessment – one could argue that there is a clear causal link between the Dutch alert and the Spanish decision to withdraw the applicant’s residence per-mit. Secondly, as has been pointed out by Boeles in his annotation to this judg-ment, the Dutch authorities have obligations not only based on Article 8 ECHR, but also based on the EC Directive 2003/86 on family reunifi cation and Directive 2003/109 on long-term resident third-country nationals, described in Chapter 9. Th ese Directives include the obligation for national authorities to consider the diff erent interests and rights at stake before taking a removal decision. Th erefore, it could be reasoned that the Dutch authorities should have taken into account the family life of the applicant in Spain as well.
7.5. Right to Financial Compensation
Although they are not related to the Schengen Information System, I refer briefl y to judgments in which Dutch courts ordered fi nancial compensation with regard to (wrongful) decisions in the fi eld of immigration law. Th ese judgments show that it is not inconceivable for a national court to grant an individual fi nancial compensation if it is established that this person suff ered fi nancial loss caused by a (wrongful) SIS alert. For example in one case, the District Court of Th e Hague considered the claim of an Iranian refugee that she had lost income from work and pension during the fi ve years of her asylum procedure, when she was not allowed to work.182 Th e Court found that, due to the lengthy procedure, the
181 See also Boeles in his annotation to this judgment, ibid. 182 8 December 2005, no. 03/890, published in NAV, no. 2, April 2006, p. 111.
Brouwer ch-13.indd 501 4/4/2008 5:41:58 PM
502 Chapter 13
Minister of Immigration had acted incorrectly. Th e person in question was granted € 20,815 for loss of income for the fi ve years she was unable to work.
In diff erent judgments, the Dutch authorities were ordered to grant fi nancial compensation to third-country nationals who had been unlawfully detained. In diff erent judgments, courts granted fi nancial repair to third-country nationals who had been detained with a view to their expulsion, but whose expulsion could not be enforced for diff erent reasons.183 Financial repair also has been granted to a third-country national who was detained on the basis of an unlawful decision to declare the person unwanted.184 Generally, the Dutch authorities are ordered to pay € 70 to € 95 for each day a person was unlawfully detained.185
7.6. Preliminary Request to the ECJ
In 2005, a Dutch court submitted a preliminary request for the fi rst time on the interpretation of a provision in the CISA regarding the SIS to the Court of Justice (ECJ). Th is question was raised during a civil law procedure by the Court of Den Bosch. In this case, the Court had to assess the lawfulness of an Article 95 alert by the Italian authorities for the purpose of arrest for extradition. Th e applicant had asked the Dutch police authorities (KLPD ) to have this SIS alert deleted. Th is request was rejected on the grounds that the Dutch authorities could not delete a foreign alert in the SIS. Th e person in question lodged an appeal with the Court of Den Bosch. Importantly, this Court explicitly declared itself com-petent to deal with this case on the basis of Article 111 CISA, even though the alert in question could only be deleted by the Italian authorities. Th e applicant’s lawyer held that the Italian alert was contrary to the ne bis in idem principle as laid down in Article 54 CISA, because the decision to report him in the NSIS would be based on an Italian conviction from 1999 for a crime for which his cli-ent had already been convicted in the Netherlands, in 1983. In an initial deci-sion, the Court decided that, in order to rule on the lawfulness of this SIS report, the cooperation of the Italian government was required.186 Th e Court therefore decided to invite offi cers of the Italian SIRENE offi ce to give testimony during the further course of the proceedings. In a second decision, the Court decided to submit a preliminary question on this case to the ECJ. On the basis of the infor-mation forwarded by the Italian government, the Court concluded that it was
183 See for example, judgment of the District Court Amsterdam, 2 October 2006, LJN: AY9280. 184 District Court Assen, 22 December 2006, AWB 06/58704. 185 See District Court Groningen, 1 February 2006, LJN: AV0808. 186 Judgment of 16 July 2004, LJN: AR7219.
Brouwer ch-13.indd 502 4/4/2008 5:41:58 PM
Th e Netherlands 503
unclear whether the off ences of which the applicant had been convicted in Italy for a second time had to be regarded as the same off ences of which the person had been convicted in 1983 in the Netherlands. It also submitted the question of whether a judgment in which the applicant was (partially) acquitted of the charge fell within the meaning of “fi nal disposal of a trial” as meant in Article 54 CISA.187 Th is procedure illustrates that national courts can play an active role with regard to confl icts arising in the fi eld of the application of SIS, fi rstly, by inviting foreign authorities to submit their view on the facts of the case and, secondly, by submitting preliminary requests regarding legal questions which the court considers too diffi cult to answer.
Th e ECJ ruled on this case in its judgment Van Straaten of 28 September 2006.188 Th e ECJ answered both questions from the Dutch court in the affi rma-tive and clarifi ed the narrow meaning of the “same off ences” as intended in Article 54 CISA. Th e ECJ also made it clear that the ne bis in idem principle of Article 54 applies in respect of a decision by the judicial authorities of a Contracting State whereby the accused is acquitted fi nally due to lack of evi-dence. In this judgment, the ECJ concluded that the lack of harmonisation of national criminal law, which forms the basis for a national SIS alert, might create “as many barriers to freedom of movement within the Schengen area as there are penal systems in the Contracting States” (paragraph. 47). Th erefore, the ECJ considered that the relevant criterion for the purposes of the application of Article 54 is the identity of the material acts, to be understood as the existence of “a set of off ences which are inextricably linked together, irrespective of the legal classifi cation given to them or the legal interest protected”. With this decision by the ECJ, the Dutch court was given a tool to declare the Italian alert in the SIS unlawful and to order the Italian authorities to withdraw this alert.189
Th e consideration of the ECJ on the lack of harmonised criteria and its relation to the freedom of movement is also important with regard to the SIS alerts based on immigration law. Th is judgment should be taken together with its earlier judgment in Commission v. Spain which dealt with an alert based on Article 96 CISA.190 In this judgment, the ECJ clearly established that there are important limitations with regard to the sovereignty of Member States to decide on the basis of foreign reports in the SIS.
187 See, for the fi rst judgment of the ECJ on the interpretation of Article 54 CISA: 11 February 2003, in the combined cases C-187/01(Gözütok) and C-385/01 (Brügge).
188 Case C-150/05, Van Straaten v. the Netherlands, ECR I-9327. 189 See the judgment of the District Court Den Bosch of 4 April 2007, LJN: BA2132. 190 I have dealt with this judgment before in Chapter 3, section 4.4 and Chapter 9, section 2.3.2.
Brouwer ch-13.indd 503 4/4/2008 5:41:58 PM
504 Chapter 13
7.7. Decisions of the National Ombudsman
7.7.1. Duty of Informed Decision-makingTh e National Ombudsman repeatedly emphasised the importance of informing individuals in visa application cases adequately and in a timely manner. In a report from 1999, the National Ombudsman found that the Dutch authorities neglected their active duty to inform the applicant about the fact that he was registered in the SIS.191 Th e person concerned applied to the Dutch embassy in Bucharest in 1996 for a visa for a longer stay (machtiging tot voorlopig verblijf or mvv). Th e embassy forwarded this request to the national Visa Agency (Visadienst), noting that the applicant had been recorded in the SIS as a person to be refused entry. Th e Ministry of Foreign Aff airs rejected the request for a visa. However, this rejection was not based on the SIS alert, but on the grounds that the applicant concerned did not meet all the requirements for residence with a partner. Six months later, the Dutch Visa Agency authorised the embassy to issue a visa, but the embassy still refused to do so on the basis of the SIS alert. After consultations between the Dutch authori-ties and the reporting state (Germany), the entry in the SIS was withdrawn and the applicant fi nally received his visa. Th e person lodged a complaint with the National Ombudsman, claiming that the embassy, when forwarding the request to the Dutch Ministry, failed to inform the person of the fact that he was registered in the SIS. Even if the negative decision by the Ministry of Foreign aff airs was not based on the SIS alert, the applicant argued that it was important for him to be informed of the alert, so he could have submitted a complaint earlier. In his report, the National Ombudsman emphasised this interest on the part of the applicant: “From the point of view of an active duty to inform individuals and the principles of fair administration, the Ombudsman concludes that the authorities should have informed the person of the SIS alert. Th e right to be informed also applies when alerts have been forwarded by other countries.”
Th e National Ombudsman reached a comparable conclusion in a decision dated 29 October 2003.192 In this case, the applicant had initially been informed by the Dutch Visa Agency that there was no objection to the deci-sion to issue a long-stay visa (mvv) to her husband, a Moroccan national who wanted to stay with his Dutch spouse in the Netherlands. Despite this positive advice from the Visa Agency, the embassy in Rabat informed the applicant in June 2002 that no visa was to be issued and that she had to contact the Visa Agency. On 11 September 2002, the Visa Agency informed the applicant that her husband was registered into the SIS by German authorities, “which could mean” that he would not be allowed to enter the Netherlands. Th e Ombudsman
191 Report of 8 July 1999, no. 1999/300. 192 Decision of 29 October 2003, report no. 2003/388.
Brouwer ch-13.indd 504 4/4/2008 5:41:59 PM
Th e Netherlands 505
emphasised fi rst of all that embassies have their own responsibility for issuing visas, despite prior advice from the Dutch Visa Agency. In this case, the denial of the visa was not considered unjustifi ed. However, the Ombudsman concluded that the Visa Agency had failed in its duty to inform the applicant adequately, correctly and completely. In his reply of 11 September 2002, the Visa Agency failed to inform the applicant of the precise meaning of a SIS alert and on the reasons why information about her spouse had been recorded. Moreover, the Visa Agency should have informed the applicant of how long the negotiations with the German authorities would take and when a defi nitive decision, based on the information acquired from these authorities, was to be expected concerning the visa application.
7.7.2. Duty to Make Decisions in Good TimeIn another case, the National Ombudsman was asked to consider an individual complaint about the way her husband’s visa application had been handled by the Dutch Visa Agency.193 Th e Turkish husband of the applicant was registered in the NSIS by the German authorities with regard to an attempt to trade one gram of heroin. During subsequent consultations between Dutch and German authori-ties, it was found that the German prosecutor had dropped the case. Th e appli-cant complained, among other things about the long delay (six months) between the date of the fi rst application for a long-stay visa (mvv) and the date when she was informed there was no objection to issuing the visa to her husband. Th e National Ombudsman concluded that the Dutch Visa Agency exceeded the time limits of 8 weeks, prescribed in Article 4:14 AWB , to decide on a visa applica-tion. Furthermore, while this time limit was exceeded, the Visa Agency failed in its duty to inform the applicant of the reasons for the delay. With regard to the third complaint by the applicant, regarding the way the Visa Agency had dealt with the information based on the SIS, the National Ombudsman did not fi nd the authorities had behaved improperly. Th e responsible offi cer had contacted the German authorities according to the applicable rules.
7.7.3. Duty of Proportional Decision-makingFinally, in a decision dated 1998, the National Ombudsman questioned the need for a NSIS alert based on Article 96.194 Th e applicant, an asylum seeker of Azerbaijani nationality, complained about the fact that he was recorded by the Dutch Immigration and Naturalisation Offi ce in the national investigation fi le, OPS , without justifi ed grounds. Th e person was registered in OPS in 1995
193 Decision of 28 January 2000, report no. 2000/28. 194 Decision of 14 May 1998, report no. 1998/164.
Brouwer ch-13.indd 505 4/4/2008 5:41:59 PM
506 Chapter 13
because his asylum application had been rejected and he failed to report to the responsible authorities. After having applied for asylum a second time, his asy-lum request was accepted and during this second asylum procedure he resided lawfully within the Netherlands. However, the applicant and his family had also been registered by the German authorities in the SIS, because of their withdrawal from supervision measures. As a consequence of the entry in the OPS and the German SIS alert, the asylum seeker was arrested in 1997 and detained for a cer-tain period by the police in Flevoland. Th e National Ombudsman stated in his conclusions that persons should only be recorded in the OPS for as long as strictly necessary. Since the applicant had a residence permit during his asylum procedure, the report from 1995 in the OPS should have been withdrawn. With regard to the German SIS alert, the Ombudsman concluded that the Dutch authorities had not acted appropriately either, as they did not issue a form to the applicant, which would have shown that the applicant was residing lawfully in the Netherlands during his asylum procedure.
8. Conclusions
8.1. Implementation of Article 96 CISA
Th e criteria based on which third-country nationals can be reported into the NSIS for the purpose of non-admission are defi ned by the Ministry of Immigration (since 2007: Justice) without any involvement of the national par-liament. Th is applies to both categories of person to be registered into the NSIS: the formal residence ban and third-country nationals to be reported as unwanted. Although, with regard to the second category, the Aliens Circular 2000 off ers centralised rules on the situations in which data can be stored in the NSIS, these criteria can be broadened by the responsible Minister on a fairly ad hoc basis. Th e application of these criteria leaves a considerable margin of appreciation for the national authorities involved. At an early stage of the implementation of CISA, it was established that there were diff erences in application between the national police regions. For the purpose of coordinating the application of Article 96 CISA, regional ‘SIS coordinators’ and, at central level, one national coordinator have been appointed. No updated information is available about how this coordina-tion works and on which criteria third-country nationals are currently reported into the NSIS.
Considering the consequences of being registered in the NSIS as an inadmissible person, the Dutch criteria in the Aliens Circular could be described as reasonably ‘light’. Even minor off ences or the fact of being suspected of such an off ence can lead to a SIS alert based on Article 96. Special doubts can be raised about the
Brouwer ch-13.indd 506 4/4/2008 5:41:59 PM
Th e Netherlands 507
proportionality of the criterion that if a person fails to report within the prescribed period to the immigration authorities, he or he will be reported in the NSIS for three years.
According to Article 96 (2) and 96 (3) CISA, decisions to report somebody as unwanted may only be based on two grounds. Firstly, the presence of the person must be considered a threat to public policy or security. Secondly, if a third-country national fails to comply with national regulations concerning entry and, based on this failure, has been subjected to deportation or refusal measures, including or accompanied by a ban on residing on the national terri-tory. With regard to the former criterion, the Schengen governments have a margin of appreciation to defi ne the situations in which this threat applies, but it is clear that not all the criteria as provided for in the Aliens Circular 2000 fall within the general condition of “a threat to public policy or security”. With regard to the second criterion, the Dutch provisions allow for the registration of a third-country national in the NSIS even if he or she has not been the subject of expulsion. As we have seen above, someone can even be reported in the NSIS if he or she fails to comply with national immigration rules. Th erefore, one has to conclude that the Dutch criteria are not in conformity with the criteria of Article 96 CISA.195
8.2. Data Protection and Data Control
As in Germany and France, between 2001 and 2006, there has been increasing emphasis in the Netherlands on the use of databases and the storage of personal information as the ultimate solution to diff erent problems. Diff erent measures have been proposed and adopted to extend the powers for national authorities to carry out identity checks or to control persons in the Netherlands. Compared to the strong public resistance in the 1970s to a central population registration and the census, current developments do not meet with many critical responses. Th is lack of public discussion could be explained by the fact that, in the Netherlands, the principal notions of the right to privacy or informational self-determination or even the division of powers are less dogmatically developed than, for example, in Germany. As we saw in the previous Chapter, in this country the lawfulness and proportionality of, for example, ‘data profi ling ’ and the central aliens administration received a much more critical response.
195 See also P. Boeles, who argues that some of the Dutch criteria are in breach of the general crite-ria and purpose of Article 96, in his annotation to the decision of the Court of Th e Hague of 5 January 2000 mentioned in section 7.3.2. above, Jurisprudentie Vreemdelingenrecht 2000/51. See also my conclusions in: Grensbewaking en het SIS, in: E. Brouwer, K. Groenendijk (eds.), Derdelanders in de Europese Unie, Utrecht: Forum 2001, p. 49.
Brouwer ch-13.indd 507 4/4/2008 5:41:59 PM
508 Chapter 13
8.3. NSIS and the Right to Eff ective Remedies
8.3.1. Judicial and Non-judicial RemediesFrom the law described above, it follows that a person registered in the NSIS for the refusal of entry may start various proceedings against this registration or against decisions based on the NSIS alert. Generally, the rules of administrative law will apply and the administrative court is competent to deal with both deci-sions based on the Dutch Data Protection Act and immigration law decisions. Th e Dutch Data Protection Authority or CBP has a relatively limited role with regard to individual complaints or questions on the NSIS fi les. Th is is due to the system chosen in Dutch data protection law, in which individuals can directly contact the police or immigration authorities involved. Th e CBP will only be involved as an intermediary when, for example, foreign authorities have to be consulted with regard to individual claims and this causes long delays.
Th e Data Protection Authority, the National Ombudsman and the lower Dutch courts involved with the applications of third-country nationals reported in the NSIS meet the criteria of independent authorities: they are permanent institutions, established by law and independent of the national authority issuing the refuted decision or measure. In practice, the data protection offi cer of the KLPD performs a crucial and active role with regard to individual requests deal-ing with their registration into the NSIS. Th is authority will deal in the fi rst place with individual requests for information stored within the NSIS, including when this concerns third-country nationals reported as inadmissible. Only when Dutch alerts are involved, these applications will be submitted to the Dutch immigration authorities or the IND . Th e accessibility of this authority is gener-ally known and, during the time of my research, even lawyers and NGOs in other Schengen States contacted the KLPD data protection offi cer when dealing with NSIS alerts regarding their clients. Formally, the data protection offi cer does not respond to the requests of ‘an independent authority’ which is part of the national governmental organisation which is also responsible for executing the NSIS alerts. However, in practice, this offi cer may be more eff ective than the Dutch Data Protection Authority.
8.3.2. Transparency – Accessibility of RemediesTh e application of the general principles of administrative law means that, with regard to decisions based on SIS entries, the Dutch authorities should inform this person accurately. Th is active duty to inform, concerning decisions based on the NSIS entries, has been emphasised by the National Ombudsman. However, in practice, national authorities do not comply with this obligation and third-country nationals are not informed of the decisions to report them in the NSIS. Th ere is a formal diff erence between the formal residence ban and the decision to
Brouwer ch-13.indd 508 4/4/2008 5:41:59 PM
Th e Netherlands 509
report a third-country national as inadmissible. Th e person in question is only informed of decisions into the former category and has a direct right to appeal. However, the information given to the third-country nationals does not include the information that the person is registered in NSIS and that the person will be refused entry by other Schengen states as well. Th is lack of information hinders the accessibility to legal remedies. A third-country national who has a reason to believe he or she is reported in the NSIS will fi rst have to ask for confi rmation of the report and may then lodge an appeal for the withdrawal of this report.
It is important that, in diff erent judgments, the Dutch courts found that the national authorities may not hinder the accessibility of legal remedies based on formal requirements. For this reason, Dutch District Courts rejected the repeated statement by the Dutch Minister of Immigration that the decision to report someone in the NSIS is not an administrative decision for which a direct remedy is possible. Despite these judgments, the Minister of Immigration maintained this formal interpretation in the Aliens Circular.
In the aforementioned Moon case, the District Court of Amsterdam rejected the formal reasoning of the Minister of Immigration, according to which a request to review an earlier decision refusing the Moon couple leave to enter would be inadmissible. Th e Minister maintained that there was no formal deci-sion by the border guards against which Mr. and Mrs. Moon could lodge an appeal. Th e Court made it clear, however, that the applicants cannot be asked to travel to the Dutch border fi rst in order to appeal against the decision to refuse them entry even if, based on earlier letters from this Minister, they knew their (short) stay would be refused.
As mentioned above, the data protection offi cers of the KLPD are easily acces-sible and seem to handle complaints or questions from the persons concerned regarding the NSIS adequately and in the shortest time possible. Th e problems and delays in answering those questions occur mostly when other (national or foreign) authorities have to be contacted.
8.3.3. Scope of ReviewBased on the application of the general principles of administrative law, the administrative authorities must weigh the diff erent interests at stake before reporting a person to the SIS or before making a decision or taking a measure on the basis of a SIS report. Th is duty has been acknowledged by several courts. According to these judgments, the responsible authorities should weigh the dif-ferent interests at stake not only before reporting a person in the NSIS, but also when a person is refused entry on the basis of a Dutch or foreign SIS report. Th is interpretation, if it were generally followed, means fi rstly that national authori-ties cannot report a person into the SIS ‘automatically’ once the legal criteria are met. Secondly, it means that a SIS alert should not have automatic implications.
Brouwer ch-13.indd 509 4/4/2008 5:41:59 PM
510 Chapter 13
Th e authorities involved should always assess the proportionality of the eff ects of the refusal of entry together with the circumstances and interests of the person concerned.
During the judicial procedure in the Moon case, the Minister of Immigration expressed the more formal position that the reports by other Schengen countries should in general be observed. Th is position on the ‘automatic eff ect’ of SIS alerts (interstatelijk vertrouwensbeginsel ) was also held by this Minister during parlia-mentary debates on immigration law and anti-terrorism measures. According to the Minister and the IND , there would be little scope for national considerations with regard to the admission of third-country nationals reported in the NSIS by other Schengen States. With few exceptions, Dutch courts generally have been reluctant to accept this position and required additional information from the Dutch government as to why, in this specifi c case, no exception could be made. On the other hand, the courts also required additional information from appli-cants to support their claims that a NSIS report is unlawful or disproportionate in that specifi c situation. If no such information is submitted during the procedure, this was considered suffi cient reason to reject this claim.
8.3.4. CompetencesIn immigration law procedures, Dutch courts can issue temporary provisions such as ordering the national authorities to grant a person access to Dutch territory or to lift a detention order. Until 2006, the case-law in which this competence was used with regard to the Schengen Information System is scarce. However, the decision of the Haarlem Court to order the Spanish authorities to withdraw a NSIS alert based on Article 95 CISA can be considered an important breakthrough in the way Dutch courts handle individual claims against NSIS reports. Another important example is the judgment in the Moon case of the Amsterdam Court of 21 October 2005 in which the Dutch authorities were ordered to grant the Moons temporary access to Dutch territory, despite the German alert in the SIS.196
Furthermore, even if they do not relate to NSIS alerts, the judgments described in section 7.5 illustrate that national courts have the power to impose fi nancial fi nes on national authorities in immigration law procedures in the case of unlaw-ful or untimely decisions.
Considering the powers of the Data Protection Authority, it should be seen as unfortunate that this authority only can impose a fi nancial fi ne when a data con-troller does not report a registration to the CBP. With regard to infringements of more substantial standards of data protection law, the CBP has no such power.
196 Only in 2007, as we have seen above, the Amsterdam Court took up a more formal position and refused the applicants’ request for a temporary provision granting them access for two days to the Netherlands.
Brouwer ch-13.indd 510 4/4/2008 5:41:59 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 511–536.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Chapter 14
Conclusions“… in an age when the freedom of movement , especially across borders, is consid-ered essential for the full development of private life, especially for people such as the applicant, who have family, occupational and economic ties in more than one country, denial of that freedom by the State without any good reason constitutes a serious failure on its part to discharge its obligations to those under its jurisdiction.”1
1. Th ird-Country Nationals: Th eir Data and Th eir Rights
In December 2006, the German Presidency of the EU announced that the German delegation was “preparing a proposal for a Council decision concerning access to Eurodac by Member States’ police and law enforcement authorities for the purposes of preventing, detecting or investigating criminal off ences, in particular terrorist off ences.”2 Th e Presidency Programme on Police and Judicial Co-operation of 22 December 2006 explicitly refers to the need for “Expanding the European information network” in relation to the use of SIS, VIS and Eurodac.3 In the same Programme, the proposed access to Eurodac by law enforcement authorities was justifi ed by stating that: “Frequently, asylum-seekers and foreigners who are staying in the EU unlawfully are involved in the prepara-tion of terrorist crimes, as was shown not least in the investigations of suspects in the Madrid bombings and those of terrorist organizations in Germany and other
1 İletmiş v. Turkey, 5 December 2005, appl. no. 29871/96, § 50. Th is judgment is only available in French, the quotation is from the ECtHR press release, 6.12.2005. Th e original text of § 50 reads: “A une époque où la liberté de circulation, et en particulier la circulation transfrontalière, est considérée comme essentielle pour l’épanouissement de la vie privée, surtout quand il s’agit de personnes, tel le requérant, ayant des liens familiaux, professionnels et économiques ancrés dans plusieurs pays, refuser cette liberté sans aucune motivation à une personne relevant de sa juridiction constitue, de la part d’un Etat, un manquement grave à ses obligations.”
2 16982/06, 20 December 2006.3 17102/06, 22 December 2006, p. 3.
Brouwer ch-14.indd 511 3/13/2008 3:06:19 PM
512 Chapter 14
Member States…”.4 Th is statement illustrates how, in recent policy, third- country nationals both legally and illegally resident within the EU are increasingly linked to acts of terrorism or crime.
At the time of completing this study, the future use of SIS II, VIS and Eurodac and the possible interlinking of these databases is still unclear. What is clear – and what I have tried to develop further in this study – is that governmental powers to collect, store and use personal information on third-country nationals are not unlimited. Governments have to take into account the rights of these individuals and the general principles of the rule of law . Th ese rights stem from diff erent fi elds of law: privacy law, data protection law, immigration law and EU law. In order to be able to enforce these rights, in Chapter 10 I advocated a general right to eff ective remedies for third-country nationals reported in a database, such as the SIS.
After having summarised the relevant rights, in section 4 below, I will examine the question of whether the development of the so-called “European informa-tion network” can be reconciled with the basic principles of data protection law as described in Chapter 7. In section 5, I summarise my main fi ndings with regard to the law and practice in France, Germany and the Netherlands. Finally, I will consider the new Regulation 1987/2006 regarding SIS II of December 2006 against the background of my fi ndings on “SIS I”. In an attempt to learn from the past, I will formulate some recommendations for the future.
However, before going into the legal boundaries of the so-called “European information network”, I make some general remarks with regard to the use of databases in the fi eld of border and immigration control.
2. Th ird-Country Nationals: Th eir Data
Considering the development of the aforementioned databases on third-country nationals, one could note that this development is based on two presumptions, both of which can be criticised. Firstly, the decision-making seems to lack suffi -cient information on the expected effi ciency and reliability of those systems. Secondly, the use of the EU databases is increasingly linked to the idea that immigrants must be considered potential criminals or terrorists. Based on this presumption, third-country nationals risk to be more exposed to supervision and control measures than EU citizens.
4 Ibid., p. 6.
Brouwer ch-14.indd 512 3/13/2008 3:06:19 PM
Conclusions 513
2.1. Questioning the Effi ciency and Quality of the Information Network
Th e decision-making on the technical feasibility of SIS II, Eurodac and VIS preceded the political decisions on the desirability or even necessity of these sys-tems.5 Th e decisions to develop Eurodac, VIS and SIS II were taken without a fundamental discussion of the expected effi ciency of these systems, the conse-quences for individual rights or the need to balance the interests at stake. For example, considering the relatively large number of data held on “inadmissible migrants” in SIS I, one would also expect a relatively high “success rate” for the use of this database. In other words, if national authorities consult the NSIS dur-ing external or internal border controls or police checks, it seems likely that these authorities will more often fi nd “hits” on the basis of an Article 96 alert than based on other alerts. However, we have seen that, starting in 2001, statistics on the use of SIS I establish that alerts on third-country nationals to be refused entry result in relatively a small number of hits.6 Th is seems to indicate that, although the Schengen States are reporting a large number of “inadmissibles” in the SIS, the success or effi ciency of this registration is relatively low.
Furthermore, the aforementioned measures are based on an absolute trust in the reliability and effi ciency of the information held in these systems. Th e question is whether this trust is justifi ed, considering the available information on the accu-racy and lawfulness of data held in the current SIS. Th e national evaluations of Article 96 alerts, performed in 2004 for the Joint Supervisory Authority, showed that in the three countries (France, Germany and the Netherlands), the SIS included wrongful or unlawful data on third-country nationals. In particular, the reports of the French and German data protection authorities established that, in many cases, the data were stored in SIS I for unlawful purposes, that they were not deleted within the required time limits or that they were inaccurate.
With regard to Eurodac , we have seen that the annual reports of the Commission did not include an overall cost-benefi t analysis of the use of Eurodac, including questions on whether Member States or the EU save money by being able to send asylum seekers back to other EU countries or receive asylum seekers from other countries, or whether it is effi cient to “redistribute” asylum seekers within the EU. Looking at the table of hits based on Eurodac, one could ascertain a status quo among the larger countries in terms of receiving or sending asylum applicants.
Eurodac , SIS II and VIS will all include biometric data to be used as a search tool and as a mechanism to interlink the diff erent systems. Th is use of biometrics
5 See, for the decision-making on Eurodac : Aus (2006), p. 15.6 As we have seen in Chapter 3, national authorities in the 15 states using the SIS in 2006 found
only 21,090 hits based on Article 96 alerts.
Brouwer ch-14.indd 513 3/13/2008 3:06:19 PM
514 Chapter 14
as an identifi cation tool or search key has been criticised by diff erent organisations and experts, due to its unreliability and vulnerability to fraud.
Finally, the involvement of a large group of EU and non-EU Member States may also aff ect the quality of the information. Diverging criteria on the basis of which personal data are stored by national authorities put the quality and accu-racy of these data at risk. As a result, the effi ciency of these databases for their purposes, including countering terrorism, must be questioned.
2.2. Identifying, Tracking or Stigmatising Immigrants?
SIS II, Eurodac and the VIS have the common feature that they are centralised large-scale databases focussing on the registration and the identifi cation of third-country nationals. Th e creation of these centralised databases is closely linked to the aim of the EU governments to obtain an extra tool or mechanism for controlling the entry and movement of migrants. Th is includes persons staying irregularly on their territory and migrants declared inadmissible by national authorities, as well as “regu-lar migrants” such as visa applicants and asylum seekers. SIS II, VIS and Eurodac will not only be accessible at the external borders of the Member States, but also within the national territory and at embassies and consulates in third countries.
Th e use of these European databases implies a presumption on the legal or virtual status of an individual. Th is means that the rights or legal position of a person are “constructed” on the basis of the information held on this person in these fi les. A third-country national reported in SIS II on the basis of Article 24 of Regulation 1987/2006 is presumed “inadmissible” based on public order or security grounds or because he or she would have infringed national immigration law. A hit based on Eurodac implies that the person concerned is presumed to have arrived through the territory of another Member State and thus may be sent back to this country. Finally, a person whose visa has expired according to the information stored in VIS could be expelled when his or her VIS record is checked by a national authority.
Th e fact that these databases are to be used for both immigration law and criminal law purposes implies that persons registered for immigration law pur-poses will be at greater risk of being aff ected by law enforcement measures or secret surveillance. Identity checks and the consultation of the above databases are generally based on data profi ling . Using general criteria dealing with the “risk factors” of specifi c categories of persons, authorities place these groups of persons under extra surveillance. Th is “criminalisation” of individuals especially aff ects certain groups of third–country nationals, for example, persons applying for asylum or citizens requiring a visa to come to the EU.7
7 See further section 3.4 below.
Brouwer ch-14.indd 514 3/13/2008 3:06:20 PM
Conclusions 515
3. Th ird-Country Nationals and Th eir Rights
3.1. Recovering the Right to Privacy
Th e powers of national authorities to collect, store or use personal information are limited by the right to privacy, protected by Article 8 ECHR and further developed in the case law of national courts, the ECtHR, and the ECJ. Th e collection and storage of a large amount of data, for a lengthy or even unde-fi ned period, may under certain circumstances cause a breach of the right to private life of the individuals concerned. Th ese circumstances include, for example, if the data concern the past or political life of the person in question, if the data were not provided voluntarily or if the storage of these data has con-sequences for the daily life of the persons or limit their freedom of movement . To protect the right to privacy, national legislation should provide for proce-dural safeguards as defi ned by the ECtHR. Th ese safeguards include, for exam-ple, explicit limitations on the exercise of powers to store and use personal information; the duty to inform persons in advance with regard to the storage of their information; defi nition of situations in which information may be dis-closed to others, and; safeguards protecting the quality of data and protecting sensitive data .
As established in Chapter 6, the limitations formulated by the ECtHR apply on several grounds to our subject: the registration of third-country nationals in EU databases. In the fi rst place, the ECtHR emphasised that surveillance meas-ures such as the systematic collection and storage of personal information by governments fall within the scope of protection off ered under Article 8 ECHR. Secondly, it is clear that the right to privacy is at stake if “sensitive” information such as biometric data is to be registered in SIS II and VIS. Th irdly, the frequent controls to be performed on the basis of this registration may cause dispropor-tionate interference with the traveller’s right to privacy, including his freedom of movement . Th is is especially the case when these controls are combined with practices often embarrassing for travellers, such as taking the person aside, ques-tioning the person, collecting biometric data and carrying out body searches. Fourthly, based on plans for the interoperability of EU databases described above and the proposals for access to these systems by internal security agencies, it is clear that SIS II is becoming a tool for surveillance measures. Furthermore, the Commission is preparing a proposal for an entry-exit system to control whether a third-country national is “overstaying” his or her visa or residence permit. Th ese proposals might lead to the semi-permanent control over the movement of the persons registered in SIS II, VIS or Eurodac , which is facili-tated by the use of biometric data and the inclusion of these data in passports and visas.
Brouwer ch-14.indd 515 3/13/2008 3:06:20 PM
516 Chapter 14
3.2. Immigration Law and the Protection of Human Rights
With regard to immigration law decisions based on the data held in the SIS, national authorities have to take into account the protection of human rights as protected in the ECHR and other international treaties. Th e relevant rights in the ECHR include in particular the right of protection from torture or inhuman treatment (Article 3), the right to liberty (Article 5 (4) ), the right to family life (Article 8), the prohibition of discrimination (Article 14), as well as freedom of religion (Article 9) or speech (Article 10). As we have seen in Chapter 8, a decision by which a person is refused entry, denied a visa or detained or expelled on the basis of a SIS registration can be annulled if this decision violates the human rights of the third-country national concerned. Even if the jurisprudence of the ECtHR is very casuistic, this Court defi ned some important criteria for the eff ectiveness of the available remedies in immigration law procedures. In gen-eral, the ECtHR applies more stringent criteria with regard to claims based on Article 3 ECHR. Furthermore, we have seen that the ECtHR refuses to accept grounds of “national security ” or “overburdened immigration law procedures” as sole justifi cation for limiting the rights of individuals to legal remedies.
Furthermore, the emphasis on data surveillance measures aff ecting specifi c groups of persons based on their ethnic origin or nationality is diffi cult to reconcile with the non discrimination principle in Article 14 ECHR. As we have seen in Chapter 8, the relevancy of this right in the fi eld of border controls has been emphasised by the ECtHR in Timishev v. Russia. Th e ECtHR ruled that a selective approach towards Russian nationals of Chechen ethnic-ity constituted a violation of Article 14 ECHR in combination with Article 2 of the 4th Protocol (dealing with the freedom of movement ). In its judgment, the ECtHR explicitly ruled that “no diff erence in treatment which is based exclusively or to a decisive extent on a person’s ethnic origin is capable of being objectively justifi ed in a contemporary democratic society built on the principles of pluralism and respect for diff erent cultures”. Th is conclusion should be considered as an important assignment to the EU legislator and Member States.
3.3. Rights and Freedoms Guaranteed by EU Law
In Chapter 9 we saw that diff erent instruments adopted on the basis of Title IV TEC grant rights, for example, to asylum seekers, long-term resident third- country nationals and third-country nationals who have the right to family reunifi cation . Furthermore, certain categories of “privileged” third-country nationals gained extra protection, such as the family members of EU citizens, Turkish migrant workers or persons deriving rights from special agreements between the EU and third countries.
Brouwer ch-14.indd 516 3/13/2008 3:06:20 PM
Conclusions 517
Th ere is some tension between the rights of the categories of persons men-tioned above and the possibility of these persons being reported in the SIS for the refusal of entry. In 2006, this tension became clear in the judgment of the ECJ in the case of the Commission v. Spain. Here, the ECJ left no doubt about the fact that an automatic refusal of entry or a visa to a third-country national who is married to an EU citizen, solely on the basis of a SIS alert, violates the principle of free movement which is central to the communitarian system. To take this negative decision without verifying whether the person concerned imposes a gen-uine and suffi ciently serious threat to the fundamental interest of society implied a breach of the rights as laid down in Directive 2004/38.8
3.4. Data Protection Rights
In general, data protection law provides for procedural guarantees safeguarding, among other things, the transparency of the use of personal information and data-bases. Th is transparency regarding the use of data allows the individual to be informed of the authority collecting his or her information and of the purposes of this data processing. It enables an individual to exercise the right of access, deletion and correction and obliges the authorities to take these requests seriously and to handle them within a preset or reasonable time limit. In Chapter 7, I described the central principles of data protection law and considered the added value of data protection. I have argued that the primarily procedural norms of data protection are closely tied to more substantial criteria such as the non-discrimination princi-ple , the limitation on the processing of sensitive data and the ban on automated decision-making. In the following paragraphs, I will set out why in my view cur-rent EU measures are diffi cult to reconcile with these principles. It should be noted however, that this subject requires a more in-depth analysis. Th e following para-graphs should only be considered as a fi rst exercise to describe the tension between data protection law and the current measures of “data surveillance” in the EU.
1. At EU level, the principle of purpose limitation is undermined by the inclusion of vague and open criteria in the applicable rules and the new emphasis on the interoperability of information systems and the availability of information. Furthermore, the creation of large, multipurpose databases such as VIS and SIS II is in confl ict with this principle of purpose limitation, including limits on the use and disclosure of personal information. Th e establishment of these databases also confl icts with the principle that “aimless data collection” should be banned. In their proposals for the storage of biometrics and the interopera-bility of diff erent databases, Member States are explicitly envisaging the future use of personal information, unknown at the time of its registration.
8 I will come back to this subject in section 6.1.2, dealing with the new Regulation 1987/2006.
Brouwer ch-14.indd 517 3/13/2008 3:06:20 PM
518 Chapter 14
2. Th e creation of multipurpose central databases such as the VIS and, possibly, Eurodac and SIS II, impedes the transparency of the storage and further use of personal information in these systems. Generally, persons whose data are stored by one Member State will not be aware that these data are accessible to the authorities of the other Member States, and eventually third countries, as well. With regard to the use of SIS I, we have seen that generally, in France, Germany and the Netherlands, third-country nationals are not informed at all about their registration in the SIS I.
However, the data protection principle of transparency is bolstered by the rules on informed decision-making in EC immigration and asylum law. An example is the Schengen Borders Code , obliging border offi cials to inform a person in writing of the reasons for refusing him entry. One of the valid reasons for border offi cials to refuse a person entry to their territory is an alert in the SIS. Th is means that the aforementioned obligation enables the person refused entry to fi nd out that he or she is registered in the SIS.
3. EU legislation allowing for the collection and storage of specifi ed informa-tion such as health (biometric data) and religious beliefs (especially Muslims, in measures aimed at combating terrorism) or ethnic origin (data on foreign-ers used for immigration control) erode the principle based on which extra safeguards are to be provided for sensitive or special categories of data. As men-tioned above, EU measures in the fi eld of Freedom, Security and Justice are increasingly based on the general assumption that migrants within the EU are to be treated as suspected persons or potential terrorists. Such a policy runs against the general accepted principle of non-discrimination and equal-ity, which is one of the goals of the extra protection of sensitive or special cat-egories of data. Th is policy also has a negative impact for the position of migrants and their further integration into the society of EU Member States.
4. Th e principle that data holders or processors should take measures to guaran-tee the quality of data is jeopardised by the establishment of large, multipur-pose databases. As we observed, diverging criteria based on which personal data are stored by national authorities, diverging implementation of EU stan-dards and non-compliance with time limits aff ect the quality and accuracy of the data. Th e fi ndings of the national data protection authorities with regard to Article 96 CISA, discussed in Part III, showed that the reliability of the information stored in SIS is dubious, that national authorities are using SIS for diff erent purposes and that authorities disregard the rules protecting the rights of individuals, such as time limits. Furthermore, it is questionable whether, in their fi ght against terrorism, including the retrieval of information on “potential or possible terrorists”, the national authorities are still considering the importance of treating “soft data” and “hard data” diff erently. SIS II and VIS will also include information which is based on “soft data” rather than
Brouwer ch-14.indd 518 3/13/2008 3:06:20 PM
Conclusions 519
“hard data”. For example, as we have seen with regard to SIS I, national authorities report individuals on the basis of suspicions that this person has committed a serious crime or is involved in terrorist activities. Th ere is a risk that due to the interlinking of databases such as SIS II and VIS and the access granted to internal security organisations, the distinction between reliable “hard data” and unreliable “soft data” becomes blurred. Th is makes it diffi cult not only for the person involved, but especially for the user authorities and the courts or supervisory authorities involved in assessing which information is accurate and which is not.
Th e use and storage of biometrics also may cause problems with regard to the quality of information. Diff erent specialists and data protection authori-ties, including the EDPS , explicitly have warned against the use of biometrics as a “primary key”. A “primary key” can be described as an instrument ena-bling the identifi cation of a person and, based on this identifi cation, a very rapid search through diff erent databases. Since biometrics are always based on probabilities, they will never deliver the unambiguous key that is by defi nition required for a primary key for databases. As emphasised by the EDPS, for example, such use will probably result in a breach of the principle of data quality.
5. Formally, the principle of individual participation includes the right of data subjects to be informed, their right of access to information and the right to request correction or deletion. Generally, these rights have been incorporated in the legislation dealing with EU databases described above. However, these rights are subject to limitations. Furthermore, in practice, these rights seem to be diffi cult to achieve due to a lack of knowledge about the existence of data-bases and the fact of being registered at all. Also, as we have seen with regard to the use of SIS I, it is not easy for individuals to ascertain which authority is responsible for the data processing or to fi nd information about the available rights and remedies.
6. Th e ban on automated decision-making is not an absolute right of data protec-tion. National legislation already provides for accepted limitations to this principle, for example, in tax law or in traffi c law. Th e extended use of sys-tems such as SIS, VIS and terrorist lists seems, however, to imply an addi-tional and less acceptable deterioration of this principle. Th rough these systems, Member States are prepared to rely increasingly on the national deci-sions of foreign authorities. Since these decisions are stored in shared infor-mation systems and based on the so-called principle of mutual trust, the use of these systems will lead to “automatic decisions” which are diffi cult to refute by the individual concerned.
7. Th e principle of security of information systems containing personal data gen-erally receives a lot of attention in EU policy. Diff erent proposals explicitly
Brouwer ch-14.indd 519 3/13/2008 3:06:20 PM
520 Chapter 14
refer to technological safeguards protecting data systems against loss, destruc-tion or unauthorised access. National and EU policy-makers are also investing in the so-called “Privacy Enhancing Technologies”. However, in practice, the centralised storage of data, their multipurpose use, and the increase in numbers of authorities (including those from non-EU Member States) and organisations gaining access to these systems are likely to result in a loss of security.
8. Th e principle of accountability is included in the diff erent legal instruments concerned. Th ey provide for rules on the liability of the data processor for damage suff ered by individuals caused by the use of information systems for which the data controller is responsible. Although not explicitly covered in my study, a problem of accountability may arise, considering the responsibil-ity of EU institutions or Member States for the management of the central databases of SIS II, Eurodac or VIS. Th e creation of separate, independent EU “Management Authorities” or “Agencies” must be accompanied by clear rules on accountability, liability and transparency.
9. Th e non-discriminatory application of data protection is included in EC Directive 95/46 and the Data Protection Convention . Article 8 of the EU Charter explicitly stipulates that “everyone has the right to protection of personal data concerning him or her”. As we have seen in Chapter 7, data subjects’ rights may be restricted on the basis of legal exceptions as described in Article 13 of EC Directive 95/46. Th ese exceptions include the need to safeguard national security , defence, public security or criminal investigation. On these grounds, Member States may restrict certain rights of individuals, including the right to obtain information on the data processing in question (purposes, data controller, recipients of information) and the right to access, correction or deletion of his or her information. In practice, the use of these legal limitations of certain rights could result in the discriminatory application of data protection principles. In the fi ght against terrorism, certain activities by governmental organisations are targeting foreigners or individuals with a Muslim back-ground. Th erefore, even if data protection law itself does not discriminate, its practical implementation, the way individual applications for access or information will be treated, may be diff erent for diff erent groups.
4. Th e Right to Eff ective Remedies
In my study, I have made a distinction between data protection law decisions (refusal of the right of access, correction or deletion) and immigration law decisions (report of “inadmissibility” in SIS; refusal of entry, refusal of visa application, residence permit, withdrawal of residence permit; expulsion, deten-tion). I pointed out certain weaknesses which, in my view, are inherent in the
Brouwer ch-14.indd 520 3/13/2008 3:06:20 PM
Conclusions 521
procedures in both data protection and immigration law. For example, the scope of review by data protection authorities is restricted and the independence and effi ciency is threatened by their lack of power and fi nancial resources. EC instru-ments on asylum and immigration generally refer to the right to legal remedies for third- country nationals, but the applicable rules are not very detailed with regard to the content, the scope, or the eff ects of the remedies. Procedural guar-antees are left to the scrutiny of the national legislator and access to an independ-ent court or tribunal is not always guaranteed. Although there are some positive developments with regard to the duty of informed decision-making, this duty to inform third-country nationals of their rights remains void if national laws do not provide for these rights.
In Chapter 10, I developed three principles of EU law, arguing why the right to eff ective remedies applies to both immigration law and data protection law decisions relating to the use of databases, such as the SIS. Th e fi rst of these principles is based on the incorporation of human rights and the ECHR within the legal framework of the EU. It is clear that the standards on the right to eff ective legal remedies in the ECHR, and further developed by the ECtHR, apply to the implementation of EC immigration and asylum law in cases where human rights are at stake. Secondly, I pointed out the right to judicial protection to enable individuals to enforce their rights under Community law. In the words of the ECJ in the Panayotova case, Member States must provide for “eff ective judicial scrutiny of the decisions of national authorities taken pursuant to the applicable provisions of Community law”. Th irdly, the right to eff ective remedies follows on from the legal system within the Community which includes the system of preliminary references. Here, the right to remedies is necessary in order to enable both national courts and the ECJ to guarantee a coherent and clear interpretation of Community law.
As we have seen, the criteria developed on the basis of these general principles go much further than the rules adopted in the diff erent instruments at stake. From the law described in Part II of my study, I derived the following minimum criteria: access to an impartial tribunal, which might be a judicial or a non-judicial authority provided it is a permanent institution, established by law and independ-ent of the national authority taking the decision or measure. Secondly, on the cri-terion of accessibility, we have seen that the decision-making should be in writing, indicate the reasons for the decision and include information on the authority taking the decision, the available remedies and the applicable time limits. Th e legal remedies should be available within a reasonable time and the person con-cerned should have the option to be advised, defended and represented during the procedure. To guarantee the accessibility of remedies there must be access to legal aid for those “who otherwise would have no suffi cient means of fi nding access to legal remedies”. Th e court or tribunal dealing with the individual complaint or
Brouwer ch-14.indd 521 3/13/2008 3:06:20 PM
522 Chapter 14
appeal should be able to consider all relevant aspects of the case. In other words, its “scope of review” should include the legitimacy or lawfulness of the measures concerned and the necessity and proportionality of these measures. Th is applies, in our case, to the decisions of national authorities to report individuals in the SIS, as well as to the decisions or measures which are based on those SIS reports. Furthermore, the court or tribunal should be able to balance the individual rights against a pressing social need or to balance the competing interests at stake. Finally, a court or tribunal should have suffi cient powers, in the words of Boeles, to “overcome fait accompli”. Th is means that the court or tribunal should be able to grant interim relief or suspensive eff ect to a legal procedure, to impose binding decisions or fi nes and, if necessary, to order (fi nancial) repair of damage.
5. Comparing the Law and Practice in France, Germany and the Netherlands
5.1. National Criteria for Storing Th ird-Country Nationals in SIS I
In both France and Germany, the criteria based on which third-country nationals may be reported in SIS I are not very clear. In France, there is no formal publica-tion of the criteria applied. Th e decision to report a third-country national is based on either an administrative decision (by the Minister of the Interior or the prefecture) or a judicial decision. In Germany too, there is no formal defi nition of the criteria, aside from ministerial instructions of 1998 and the criteria as included in Article 96 CISA itself. Only in the Netherlands are the criteria more transparent, since they are explicitly laid down in the Aliens Circular 2000. However, these criteria are defi ned by the government without scrutiny by the national parliament. In addition, these rules are regularly amended and further extended.
In these three countries, the registration of a third-country national as “unwanted” in SIS I can be based on his or her irregular stay or the withdrawal of his residence permit, as well as on the grounds of public order. In France, if a person is reported for the latter grounds, the exact reasons for such a residence ban remain secret.
Since the applicable criteria are not published in France or Germany, it is diffi -cult to assess whether they meet the criteria of Article 96 CISA. Th e fact that the French data protection authority, CNIL , when investigating SIS alerts following individual requests, has found that the alerts were unlawful or wrong in a large number of these cases (almost 40%) indicates that there is a real problem with regard to the lawfulness of the data stored in SIS I. In Germany, national data protection authorities (both at federal level and in the Länder) repeatedly pointed out the unlawful practice of national immigration offi ces in reporting rejected
Brouwer ch-14.indd 522 3/13/2008 3:06:20 PM
Conclusions 523
asylum seekers in the SIS. Also, in general, the annual reports by the German data protection authorities established the unlawfulness and inaccuracy of the information held on third-country nationals. Th e applicable criteria in the Netherlands must be regarded as very broad and are diffi cult to reconcile with the criteria of article 96 (2) and (3) CISA. According to the Dutch criteria, a per-son may be reported in the SIS for relatively minor off ences or even on the basis of a suspicion.
More recently, in France and the Netherlands, the responsible Ministers underlined the importance not only of a systematic input of data into the NSIS, but also of a systematic refusal of entry based on a SIS report. Based on this policy, national authorities are expected to report a person in the SIS as soon he or she meets the criteria for a SIS alert. Additionally, if the authorities fi nd a report for the purpose of refusal of entry, this person should automatically be refused entry. In the Netherlands, the latter policy has been advocated with regard to reports on the basis of public order or security grounds. Also in 2005 and 2006, the Dutch authorities referred before courts to “the changed situation with regard to security in the world” and the increasing importance of “respecting the SIS alerts of other Schengen partners”. Th ese arguments were used to justify the refusal of entry to persons on the basis of a, in this particular case, clearly disputable foreign alert. Th is negative decision was remarkably because in previous years, the same applicants had been granted access to the Netherlands in spite of the foreign alert. In France, the “presumption of inadmissibility” even has consequences for the availability of legal remedies in cases of expulsion. Th e French legislator con-siders a foreign SIS alert as a “fi nal decision” by another Schengen State, assuming that the person involved could already have lodged an appeal against this deci-sion in the issuing State. Based on this assumption of a “fi nal decision”, the right to suspensive remedies against expulsion orders on the basis of these foreign reports has been limited in the French Immigration Act.
5.2. SIS and Data Protection Rights of Individuals
In France, Germany and the Netherlands, national law provides no duty for public authorities to inform a person that he or she is reported in the SIS. Th e French Data Protection Act includes the principle of “indirect access”, meaning that a person who wants to know whether he or she is reported in the SIS and on what grounds must apply to the CNIL . Th is procedure leads to lengthy proce-dures and the rights of the applicant are dependent on an active approach by the French Data Protection Authority, CNIL. In Germany and the Netherlands, the persons may directly address the authorities concerned with an application for access, correction or deletion of their data. In the Netherlands, individuals will have to submit their request concerning data held in the SIS to the privacy offi cer
Brouwer ch-14.indd 523 3/13/2008 3:06:20 PM
524 Chapter 14
of the Dutch police force. Although this offi cer is easily accessible and well-informed, the procedure chosen for requests from third-country national seems illogical and time-consuming. A person who applies to the Immigration Offi ce with the request for information will be informed that he or she should apply fi rst to the privacy offi cer of the police force. Th is offi cer will then return this request to the immigration offi cer for processing.
Th e German and French data protection authorities seem to be more actively involved in individual applications with regard to the SIS than the Dutch Data Protection Authority, the CBP. Whereas both the French CNIL and the German Federal Data Protection Commissioner received more than 500 individual appli-cations annually for (indirect) access to the NSIS alerts (not only Article 96 alerts), the Dutch CBP only dealt with fewer than ten individual applications per year. Th is very low number of applications with regard to SIS information in the Netherlands could be explained by the active role of the privacy offi cer in the Dutch police force. Th e latter offi cer dealt with approximately 200 applications each year.
In 2004, the national data protection authorities investigated the Article 96 alerts held in the SIS I within the framework of the general inquiry by the Schengen Joint Supervisory Authority. In particular, the reports of the German data protection authorities included important conclusions with regard to the data held on third-country nationals and the fi ndings were thoroughly discussed in the various annual reports by these data protection authorities. In France and the Netherlands, the data protection authorities only performed very marginal research on the Article 96 alerts. Th e reports were not offi cially published. In the Netherlands, the Data Protection Authority only investigated 15 out of a total of 12,167 Dutch alerts on third-country nationals to be refused entry. Th is was explained by a lack of time and capacity. Generally, in all three countries the data protection authorities lack fi nancial and personal resources. However, in Germany, the parallel functioning of the Federal Data Protection Commissioners and the data protection authorities in the Länder, each with their own resources and staff , seem to result in a more active scrutiny of the functioning of the SIS. Unlike the Dutch Data Protection Authority, the French and German data pro-tection authorities have the competence to impose heavy penalties on organisations or persons who act in breach of the applicable data protection rules.
Despite these short-comings, future investigations performed by national (or European) data protection authorities should be encouraged, not least because of the potential discovery of irregularities in the SIS II or other databases. Th ese general inquiries or audits make national authorities aware of their obligations regarding the lawfulness and quality of data held in the SIS. It also emphasises the “watchdog” role of national and European data protection authorities.
Brouwer ch-14.indd 524 3/13/2008 3:06:20 PM
Conclusions 525
5.3. Eff ective Remedies
5.3.1. Case LawTh ere is a striking contrast between the high number of judgments by French courts with regard to Article 96 alerts in the SIS and the scarcity of case law in Germany and the Netherlands. Th ere seems to be no single explanation for this amount of jurisprudence in France. It may be explained by the relatively weak position of CNIL , urging individuals to seek judicial review earlier. Th e high number of French judgments with regard to visa refusals based on SIS alerts has been explained by the amendment of the French Immigration Act in 1998. On the basis of this amendment, visa refusals must be issued together with a motivated decision. When such a refusal is based on a SIS alert, the applicant will be directly informed of the fact that he or she is registered in the SIS. Furthermore, two important decisions dealing with SIS by the Conseil d’État in 1999 resulted in a more general awareness of the rights and legal remedies for third-country nation-als reported in the SIS. Th is “awareness” could explain why French lawyers became more active in launching judicial procedures when dealing with a SIS alert.
I found very few German judgments dealing with the SIS. Th is might be explained by the more active role of the data protection authorities in Germany, but also seems to be related to a lack of information by the individuals and lawyers involved. However, the very few judgments dealing with the SIS, as well as those dealing with related issues such as data profi ling , provide some important general principles on the lawfulness and proportionality of the measures involved.
In the Netherlands, the national courts initially seemed cautious when dealing with SIS alerts and were reluctant to develop any general principles with a view to the use of the SIS. Since 2005, it has been possible to observe a more active and critical approach by the Dutch courts. With few exceptions, Dutch courts increas-ingly have been emphasising the obligation of Dutch authorities to assess the pro-portionality of maintaining alerts in the SIS. With regard to an Article 95 alert in SIS I (extradition), one civil court submitted a preliminary request to the ECJ. Th is resulted in the Van Straaten judgment by the ECJ, dealing with the interpretation of the ne bis in idem principle of Article 54 CISA. Th e Dutch National Ombudsman has dealt regularly with complaints from persons with regard to their registration in the SIS. Although these decisions are non-binding, the considerations of this authority with regard to the obligation of informed, timely and proportional decision-making are important and deserve more attention in further research.
5.3.2. AccessibilityIn the three countries, the national courts underlined the importance of the accessibility of legal remedies. In France, the Conseil d’État in particular ruled on
Brouwer ch-14.indd 525 3/13/2008 3:06:20 PM
526 Chapter 14
the necessity of informed decision-making, not only in its Hamssaoui judgment of 1999, but repeatedly in other judgments as well dealing with visa refusals. In both Germany and the Netherlands, the courts clearly did not accept the f ormal grounds on which the national administration sought to restrict accessibility to legal remedies. In both countries, the national authorities contended that a third-country national cannot lodge an appeal directly against the SIS alert itself since this would have no direct legal eff ect within the meaning of administrative procedural law. Th is argument has been explicitly rejected by the Dutch courts (except for one early decision in 1999), stressing the fact that a SIS alert does result in direct legal eff ect for the person involved. Also in Germany, courts found this argument irrelevant and found themselves competent to deal with the lawfulness of the SIS alert itself or the decision on which the SIS alert was based.
5.3.3. ScopeI found only French and Dutch judgments with regard to the question of whether a national court can assess the lawfulness of a foreign alert. In both countries, the national courts explicitly found themselves competent to assess whether foreign alerts were in accordance with the criteria of Article 96 CISA. Especially in France, several courts explicitly ruled that the German practice of reporting rejected asylum seekers was unlawful.
In the case law I found, the courts in France, Germany and the Netherlands did not consider themselves competent to question whether an immigration law decision on which a foreign alert is based is taken in accordance with the national law of that foreign state. For example, this competence was explicitly denied in a judgment of 2003 by the French Conseil d’État . Th is means that national courts fi nd themselves competent to assess whether a foreign alert falls within the appli-cable criteria of Article 96 CISA (or 24 of the new Regulation on SIS II), rather than assessing the lawfulness of a foreign administrative decision.
5.3.4. CompetencesArticle 111 CISA on access to legal remedies is based on the principle of mutual recognition of courts’ decisions with regard to SIS alerts. In the very few cases I found, the decisions of a national data protection authority or a court ruling that a foreign authority should delete a SIS report met with strong resistance from the national authorities involved. For example, the French authorities refused to implement the decision in 2005 by the Austrian Data Protection Authority, which ordered the French authorities to delete an Article 96 alert from the SIS. Dealing with the same case, the French Conseil d’État seemed to deny the competence of a foreign data protection authority to order the authorities of another state to delete the information from the SIS. However, it recognised that such a decision by a foreign data protection authority could be used as grounds for the French data protection authorities to order the French authorities to delete the alert.
Brouwer ch-14.indd 526 3/13/2008 3:06:20 PM
Conclusions 527
In a judgment of 2005, a Dutch court, fi nding that an Article 95 alert (extradi-tion) did not meet the CISA criteria, ordered the Spanish authorities to withdraw this alert from the SIS. Also this decision met with strong opposition from the Spanish authorities. Only after diplomatic pressure, involving the national data pro-tection authorities and the privacy offi cer of the Dutch police force, were the Spanish authorities willing to follow the court’s decision and to delete the SIS reports.
6. Th e New SIS II Regulation 1987/2006: Learning from the Past?
6.1. Criteria for Reporting Th ird-Country Nationals in SIS II
6.1.1. Lack of HarmonisationWhich lessons have been drawn from more than ten years of using the SIS I? Considering the criteria of third-country nationals to be reported in the SIS II, the current text in the new Regulation 1987/2006 is disappointing. Article 24 of the SIS II Regulation maintained the same criteria as in Article 96 CISA. As we have seen, these criteria include two categories of decision. Firstly, third-country nationals may be reported in the SIS based on public order or security grounds. Th is includes a third-country national who has been convicted of an off ence by a Member State which is punishable by a term of imprisonment of at least one year. Th is also includes a third-country national concerning whom there are seri-ous grounds for believing that he has committed serious criminal off ences or concerning whom there are clear indications of an intention to commit such off ences on the territory of a Member State. Secondly, third-county nationals may be reported to the SIS on the basis of an immigration law decision which involves his expulsion, refusal of entry or removal.
Th ese criteria are problematic for two reasons. Firstly, with regard to the fi rst criterion, we have seen that these criteria off er a very low threshold for the regis-tration of “inadmissible third-country nationals” in the SIS. On the basis of the fi rst criterion, third-country nationals may be reported for minor off ences. Th e defi nitions of “serious criminal off ences”, “serious grounds” and “clear evidence” leave the Member States a wide margin of interpretation and allow them to extend the categories of serious off ences every time this is considered politically necessary or desirable. Based on the second criterion, third-country nationals may be expelled and subsequently registered in the SIS if they have violated a relatively unimportant rule of immigration law. For example, if a person applies too late (by even a day or a week) for the renewal of his or her residence permit, or if he does not submit complete information on time (which may be for reasons beyond his control), he or she may be registered in the SIS. Th ese reasons for reporting someone in the SIS seem disproportionate, considering that this measure results in a ban on entry to the entire EU territory for a minimum of three years.
Brouwer ch-14.indd 527 3/13/2008 3:06:20 PM
528 Chapter 14
Secondly, the fact that these decisions are based on the national discretionary power of the States causes a problem for the national courts or authorities in assessing the lawfulness of SIS reports. For example, a SIS alert based on the sus-picion of a serious criminal off ence opens the door for very wide application. Furthermore, in France, Germany and the Netherlands, third-country nationals may be declared inadmissible or “unwanted’ on the basis of confi dential reports from internal security agencies, resulting in registration in the NSIS. Th is information cannot be eff ectively scrutinised by the individual or by the courts.
Th e need for a common interpretation of the reasons for excluding an individual from the territory of the EU derives both from the principle of equal treatment and the duty of Member States to respect the rights of third-country nationals as described above (ECHR, rights of employees under third country agreements, family reunifi cation ).9 Th e harmonisation of the criteria for reporting persons in the SIS II is also necessary to provide the individual in question with eff ective remedies, in which national courts or tribunals are able to assess the criteria for SIS reporting and refusal. For these reasons, it is unfortunate that the develop-ment of SIS II was not used to provide for more harmonised criteria. As we have seen, the attempt of the European Commission to achieve this harmonised approach was not accepted by the governments of the EU Member States. Article 24 (5) Regulation regarding SIS II only states that the Commission shall review the application of this Article three years after the Regulation enters into force. Th e Commission will then, based on this review, use its right of initiative and make the necessary proposals to amend this provision, “to achieve a higher level of harmonisation of the criteria for entering the alerts”.
Despite this lack of harmonised criteria, the new SIS II Regulation includes two important limitations with regard to the criteria for reporting third-country nationals in the SIS, compared to the provision of Article 96 CISA. In the fi rst place, the SIS II Regulation explicitly includes a “proportionality clause” which goes further than the former proportionality clause of Article 94 CISA. Th is Article 21 provides that a Member State issuing an alert should not only deter-mine whether the case is “important enough”, but also whether this case is “ade-quate and relevant” to warrant an entry in the SIS II. Secondly, in addition to this proportionality clause, Article 24 of the Regulation 1987/2006 requires that every decision to issue an alert on a third-country national be taken on the basis of an individual assessment. Furthermore, Article 24 (1) explicitly provides that appeals against these decisions ‘shall lie in accordance with national legislation’.
9 See also Guild (2001), p. 28. “Th e challenge of the Schengen system is the basis on which common control of the defi nition of risk should be founded.”
Brouwer ch-14.indd 528 3/13/2008 3:06:20 PM
Conclusions 529
Th ese two limitations and the explicit reference to the possibility of appeal off er national courts and data protection authorities a tool to assess the lawfulness and proportionality of reporting third-country nationals in the SIS II.
Until a further harmonisation of criteria takes place, the lack of material crite-ria should be compensated by procedural guarantees. Th is includes the safeguard-ing of applicable time limits for the storage of data, informed decision-making, the possibility of imposing fi nes if national authorities act in breach of the appli-cable law and, last but not least, eff ective remedies for the person involved, including the right to fi nancial compensation.
6.1.2. Protecting EU Citizens and Benefi ciaries of EC LawTh e drafters of the SIS II Regulation clearly have taken into account the recent jurisprudence of the ECJ with regard to the protection of rights of EU citizens and benefi ciaries of EU law. However, the extra safeguards included in this Regulation still provide for some ‘loopholes’. Based on Article 25 (2), if a hit is found for a third-country national who is a benefi ciary of the Community right of free movement, the executing state must immediately consult the issuing Member State via the SIRENE offi ce in order to decide “without delay” on the action to be taken. Th is provision does not describe the procedure to be followed when the Member States disagree upon the action to be taken, or when one Member State does not respond “without delay” to the request from the other State.
Furthermore, Article 30 of the Regulation 1987/2006 includes the obligation for Member States to delete alerts on persons reported in SIS II on the basis of Article 24 as soon as the Member State issuing the alert is informed or becomes aware that the person has acquired the citizenship of any State whose nationals are benefi ciaries of the Community right of free movement. Th is Regulation does not oblige Member States, although this has been proposed by the Commission, to delete data on third-country nationals who become family members of EU citizens. Nor does it include such an obligation for long-term resident third-country nationals. Th is could mean that those persons are registered in the SIS II in confl ict with the criteria of the Directive on long-term resident third-country nationals or the Directive on family reunifi cation .
Even if the duty to delete an alert from the SIS II were extended to the afore-mentioned categories of third-country nationals, it is questionable whether this rule will be eff ectively implemented. Th e practice of the current use of the SIS and Eurodac has shown that unless the person concerned actively pursues the deletion of his own record, data on recognised refugees or EU citizens respec-tively are not automatically or swiftly deleted, as prescribed by European or national law. Th erefore, the duty to delete a report as soon as a Member State becomes aware that the person concerned falls within one of these categories is only eff ective if accompanied by stricter safeguards.
Brouwer ch-14.indd 529 3/13/2008 3:06:20 PM
530 Chapter 14
6.2. Data Protection Rights
6.2.1. Right of InformationOnly once individuals are informed about the registration of their data or of their legal remedies, can they seek judicial redress against this registration. In principle, according to Article 42 of the SIS II Regulation, third-country nationals who are the subject of an alert should be informed in accordance with 10 and 11 of EC Directive 95/46. Th is information must be provided in writing, together with a copy or a reference to the national decision which is the basis for the SIS II alert. However, as we have seen in Chapter 7, Article 42 (2) of the SIS II Regulation includes some important limitations to this right. Firstly, Member States are exempt from their duty to provide information where the personal data (read: the data stored into the SIS II) have not been obtained from the third-country national in question. Th is exception, which circumvents the provision in Article 11 of the EC Directive 95/46, applies in many, if not all the cases in which an alert on a third-country national to be refused entry is recorded in SIS II. Furthermore, the information must not be provided if “the provision of information proves impossible or would involve a disproportionate eff ort” or “where the third-country national already has the information”. National authorities could be tempted to invoke this exception frequently as well. As we have seen in the previous Chapter, the Dutch authorities held the view that it is not necessary to inform third-country nationals of their registration in the SIS I, because these persons would generally be aware they had done ‘something wrong’ and, for that reason, would know about their NSIS registration. Finally, according to Article 42 (2) of the SIS II Regulation, the duty to inform the third-country national does not apply where national law allows for this right to be restricted, “in particular in order to safe-guard national security , defence, public security and the prevention, investigation, detection and prosecution of criminal off ences”. Also this latter exception runs the risk of being interpreted and applied very widely.
With regard to the right to access, correction or deletion of information, it is important that Article 41 (6) of the SIS II Regulation provides that the individual “shall be informed” as soon as possible and in any event no later than 60 days from the date he or she applied for access. Th is provision, however, does not spec-ify precisely which information should be submitted to the person concerned and implies the risk that national authorities will only give the applicants short notice that his or her application for access is being processed. With regard to the follow-up given to the exercise of his rights of correction or deletion, Article 41 (7) of the Regulation 1987/2006 stipulates that the person concerned should be informed as soon as possible and in any event no later than three months from the date of application for correction or deletion. However, three months must be considered a very long waiting period, especially for a person applying for a short-term visa or trying to gain access to the territory of one of the Schengen States.
Brouwer ch-14.indd 530 3/13/2008 3:06:20 PM
Conclusions 531
As we have seen above, these information rights are bolstered by the rights included in EC immigration and asylum law. Th e Schengen Borders Code obliges authorities refusing a person entry to their territory to issue a substantiated and written decision, stating the procedures for appeal. Other instruments regarding immigration and asylum law adopted under Title IV TEC also include provisions concerning the duty of informed decision-making.
6.2.2. Cooperation Between Data Protection AuthoritiesPractice with the current SIS has shown that procedures by which an individual seeks to obtain information about the reasons for a SIS alert or to have this alert deleted from the SIS, often take a long time. Even if the national data protec-tion authorities are actively involved, their power to act is limited if a national administration fails to respond in a timely manner to the questions involved. For this reason, it is important that the new Regulation regarding SIS II pro-vides for the cooperation of the diff erent data protection authorities involved. According to Article 46 (1), national supervisory authorities and the EDPS must cooperate actively, “within the framework of their responsibilities and shall ensure coordinated supervision of SIS II”. In addition, Article 46 (f ) of Regulation 45/2001 regarding the processing of data by Community institu-tions and bodies states that the EDPS should cooperate with the national super-visory authorities to the extent necessary for the performance of their respective duties, “in particular by exchanging all useful information, requesting such authority or body to exercise its powers or responding to a request from such authority or body”.
Article 34 (3) and (4) of the Regulation 1987/2006 provides for a special pro-cedure if a Member State has evidence that information stored in SIS II is incor-rect or unlawful. Th is rule had already been included in Article 106 (2) and (3) CISA, but the new provision now includes a time limit. According to Article 34 (3), if a Member State not issuing the alert has evidence suggesting that an item of data is factually incorrect or has been unlawfully stored, it shall, by exchanging supplementary data, inform the issuing Member State at the earliest opportunity and no later than ten days after it became aware of the “said evidence”. Th e issu-ing State must then check the communication and, if necessary, correct or delete the item in question without delay. In practice, it will be diffi cult to establish exactly when a Member State has to inform an issuing State of the alleged wrong-fulness or unlawfulness of an alert. Furthermore, the fact that there is no time limit within which the issuing State should delete or correct the refuted data also makes it doubtful whether this rule will be eff ective in practice.
According to Article 34 (4), if the aforementioned Member States are unable to reach agreement within two months, the Member State not issuing the alert shall submit the case to the EDPS . Th e EDPS then has to act jointly with the national supervisory authorities as mediator.
Brouwer ch-14.indd 531 3/13/2008 3:06:20 PM
532 Chapter 14
Finally, it is a positive achievement that Article 44 (3) of the SIS II Regulation obliges Member States to ensure that their national supervisory authorities have suffi cient resources to fulfi l the tasks entrusted to them under this Regulation. At the time of this research, data protection authorities lack suffi cient resources to perform their numerous tasks effi ciently. Th e implementation of this provision therefore needs careful scrutiny by national parliaments.
6.3. Right to Remedies
Th e wording of the right to remedies in Article 43 of Regulation 1987/2006, as cited in Chapter 7, is almost the same as included in Article 111 CISA with regard to SIS I. Th e implementation of this Article 43 should be in accordance with the general principles on eff ective remedies as described in Chapter 10. Th is means that national courts (or competent authorities) should have the power to decide on the lawfulness of (national and foreign) reports or the decisions or measures based on these reports. Th is assessment includes the issue of whether the SIS II alert responds to the criteria of Article 24 of the Regulation on SIS II. Furthermore, they will have to deal with the question of whether this report infringes the rights of the person involved, including his or her human rights and the rights deriving from EU law. National courts or authorities should be able to assess the proportionality of the reasons for reporting a person in the SIS, includ-ing the requirement of “individual assessment” of Article 24 and the proportionality clause of Article 21 of the Regulation on SIS II.
In Chapters 6 and 8, I referred to the individual right to a fi nancial claim based on Article 6 (1) ECHR with regard to damage resulting from decision-making based on the use of the SIS. Article 49 of the SIS II Regulation obliges Member States to ensure that any misuse of data entered into the SIS II or any exchange of supplementary information contrary to this Regulation is subject to “eff ective, proportionate and dissuasive penalties” in accordance with national law. To ensure that the rights of individuals are respected with regard to the storage and use of data held in the SIS, this new provision should be complemented with strict rules on the liability of the data holder or data user. Th is allows national courts or data protection authorities to impose sanctions when necessary.
Article 43 (3) of the SIS II Regulation stipulates that the rules on remedies will have to be evaluated by the Commission by 17 January 2009. Th is evalua-tion should be used for strengthening the legal position of third-country nationals in the SIS II and not for weakening the rules on remedies. If this provision should be redrafted, the right of any individual to bring an action before the national court or authority in connection with an alert relating to him or her should be maintained, as well as the provision that Member States should mutually enforce the fi nal decisions of national courts or authorities (see below). Th e accessibility of remedies could be improved by an explicit provision in the SIS II Regulation
Brouwer ch-14.indd 532 3/13/2008 3:06:20 PM
Conclusions 533
obliging Member States to inform a person as soon he or she is registered in the SIS II of the alert and the available remedies.
6.4. Mutual Enforcement of National Decisions
Article 43 (2) of the new Regulation regarding SIS II includes the same principle as in Article 111 (2) CISA, obliging the Member States mutually to enforce the national judgments with regard to the SIS alerts. Where national authorities do not have any problem recognising and enforcing foreign SIS reports, they gener-ally fi nd it diffi cult to accept the binding force of decisions by foreign courts or data protection authorities. Based on the principle of sovereignty, it is held that national courts cannot assess the lawfulness of foreign administrative decisions. Th e question is whether this principle is still valid in this fi eld of law. Th e use of SIS I and SIS II, as well as Eurodac and VIS, is based on the principle that authorities should respect and enforce the alerts entered by the authorities of other Member States on the basis of the principle of “mutual trust”. In Part III, on the national implementation of “Schengen”, we have seen that in France and the Netherlands in particular, policy-makers referred to this principle of mutual trust between the Schengen States, advocating the systematic implementation of foreign reports in the SIS. It should be clear that the principle of mutual trust at the heart of the Schengen cooperation involves the mutual enforcement not only of the national decisions to report a person in the SIS, but also of the court’s decisions on the lawfulness of the SIS reports. Th e very use of a database such as SIS I or SIS II already implies a loss of sovereignty.10 Furthermore, it must be observed that the sovereignty of the national legislator is limited under EC immigration and asylum law.11
Th e principle of the mutual enforcement of national courts’ decisions as included in CISA and the new SIS II Regulation could be enforced by the estab-lishment of so-called “transnational preliminary procedures”. Th is mechanism was proposed by Gautier, discussing the competence of national courts to consider for-eign administrative decisions.12 According to Gautier, national courts must be able to submit questions to courts in other Member States on the meaning and content of their national law. In my view, the option of a “preliminary transnational ques-tion” (question préjudicielle transnationale) could be complemented by the estab-lishment of one specialised coordination point within the court system in each
10 “Having to refuse a person entry because of having to blindly follow the instruction of another state is also loss of sovereignty”, Steenbergen (1999), p. 29–60.
11 Cholewinski (2005), p. 238. 12 M. Gautier, Le dépassement du caractère national de la juridiction administrative française:
le contentieux Schengen, Droit Administratif, May 2005, pp. 7 ff .
Brouwer ch-14.indd 533 3/13/2008 3:06:20 PM
534 Chapter 14
Member State. Th ese coordination points could ensure that each request from a foreign court dealing with a SIS alert is dealt with in a timely and effi cient manner. Th is procedure could be accompanied by appropriate time limits, ensuring a swift response by the authorities involved. A comparable mechanism has been chosen for the SIRENE manual with regard to the coordinating role of national SIRENE offi ces for the administrative authorities when dealing with a SIS alert and the issue of residence permits and visas. Th ese offi ces operate 24 hours a day, seven days a week and must respond within 12 hours of submission of the request.13
7. Final Remarks
In 1985, in the White Paper on the Internal Market, the Commission under-lined the symbolic meaning of borders by stating that the formalities aff ecting individual travellers were, “a constant and concrete reminder to the ordinary citi-zen that the construction of a real European Community is far from complete”.14 Th e Commission referred to the police checks relating to the identity of persons and the safety and customs checks concerning the goods they were carrying, even though these controls were often no more than spot checks. Th ese checks would be seen as, “the outward sign of an arbitrary administrative power over individu-als and an aff ront to the principle of freedom of movement within a single Community”. Th e Commission did not foresee the development of high-tech control and surveillance measures to which individuals travelling around Europe are now exposed. Th e question arises of whether these new measures are not pre-cisely the same as those which the Commission tried to abandon in 1985. Th e establishment of the “European information network” includes the storage of data in large-scale databases, the increase in identifi cation measures and the use of biometrics. It is clear that these measures entail a risk to the protection of human rights such as the right to privacy and the right to data protection, but also the freedom of movement of persons and the principle of non-discrimination. Th ese rights and freedoms protect both non-EU citizens and EU citizens. Once the above measures are applied, it may become diffi cult to restore these rights and freedoms. Even if we are able to grant individuals eff ective remedies, it would have been better to draft these controlling measures in such a way that individuals would not need to seek legal redress.
13 OJ L 317/41, 16.11.2006, para. 1.4.5. 14 Considerations 47 and 48 of the White Paper, COM (85) 310, Brussels, 14 June 1985.
Brouwer ch-14.indd 534 3/13/2008 3:06:21 PM
Conclusions 535
To make a fi nal conclusion, I would like to stress the important role of indi-vidual practitioners, whether they work for NGOs assisting immigrants, or as a lawyer or a judge. Without their knowledge on the applicable laws and available rights and remedies, the position of third-country nationals seeking protection and access to justice will remain weak. Th ere is a special task for judges using their powers in the broadest extent, balancing the diff erent interests at stake and assessing the lawfulness of decisions involved. In a fi eld were the use of databases and the mutual recognition of national decisions become increasingly important, courts should be able to look further than their own national laws. Dealing with databases such as the Schengen Information System, they should be competent to assess the lawfulness of foreign decisions aff ecting individual’s rights. Finally, courts must be made aware of their power to submit preliminary requests to the Court of Justice. Even if, in the short term, a preliminary procedure will not restore the rights of the person concerned, in the long-term it might help to safeguard a coherent and clear interpretation of EU law.
Brouwer ch-14.indd 535 3/13/2008 3:06:21 PM
Brouwer ch-14.indd 536 3/13/2008 3:06:21 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 537–552.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Bibliography
Alston (1999)Ph. Alston (ed.), Th e EU and Human Rights, Oxford: Oxford University Press 1999.
Anderson & Bigo (2003)M. Anderson and D. Bigo, What are EU frontiers for and what do they mean? in: Groenendijk, Guild & Minderhoud (2003), p. 7–25.
Ashbourne (2006)J. Ashbourne, Societal Implications of the Wide Scale Introduction of Biometrics and Identity Management, Background paper for the Euroscience Open Forum ESOF 2006 in Munich, July 2006.
Aubert (2002)F. Aubert, L’accès aux données personnelles du système d’information Schengen, AJDA, 18 novembre 2002, p. 1208.
Aubin (2000)E. Aubin, Le juge administrative français face à l’application de la Convention de Schengen dans ses dispositions sur le droit d’asile. Bilan juridictionnel de l’application en France des accords de Schengen, Revue de droit Public, no. 3–2000, p. 829–862.
Aus (2006)J.P. Aus, Eurodac: A Solution Looking for a Problem? Working Paper no. 9, Centre for European Studies, University of Oslo, May 2006 http://www.arena.uio.no/publications/
Baldaccini & Guild (2006)A. Baldaccini and E. Guild, Terrorism and the Foreigner – A Decade of Tension around the Rule of Law in Europe, Leiden/Boston: Martinus Nijhoff Publishers 2006.
Baldaccini, Guild & Toner (2007)A. Baldaccini, E. Guild and H. Toner (eds.), Whose Freedom, Security and Justice? EU Immigration and Asylum Law and Policy Oxford: Hart Publishers, 2007.
Balzacq, Bigo, Carrera & Guild (2006)T. Balzacq, D. Bigo, S. Carrera, E. Guild, Security and the Two-Level Game: Th e Treaty of Prüm, the EU and the Management of Th reats, CEPS Working Document no. 234, January 2006.
Balzacq & Carrera (2006)T. Balzacq and S. Carrera, Security versus Freedom? A Challenge for Europe’s Future, Aldershot: Ashgate 2006.
Balzacq & Carrera (2006a)T. Balzacq and S. Carrera, Th e Hague Programme: Th e Long Road to Freedom, Security and Justice, in: Balzacq & Carrera (2006), p. 1–32.
Barendt (2001)E. Barendt (ed.), Privacy, Aldershot: Ashgate 2001.
Barnard & Scott (2002)C. Barnard & J. Scott (eds.), Th e law of the single European market: unpacking the premises, Oxford: Hart 2002.
Brouwer-Bibliography.indd 537 3/20/2008 1:42:16 PM
538 Bibliography
Battjes (2002)H. Battjes, A Balance between Fairness and Effi ciency? Th e Directive on International Protection and the Dublin Regulation, EJML, 4, 2002, p. 159–192.
Battjes (2006)H. Battjes, European Asylum Law and International Law, Leiden/Boston: Martinus Nijhoff Publishers 2006.
Baudouin, Boeles, Kuijer & Spijkerboer (2001)P.J.A.M. Baudoin, P. Boeles, A. Kuijer, T.P. Spijkerboer, Vreemdelingenwet. Gevolgen voor de rechtspraktijk, Utrecht: OSR Juridische Opleidingen 2001.
Benda (1995)E. Benda et al. (eds.), Handbuch des Verfassungsrechts der Bundesrepublik Deutschland, Berlin- New York: Walter de Gruyter 1995.
Bennett (1992)C.J. Bennett, Regulating Privacy. Data Protection and Public Policy in Europe and the United States, Ithaca and London: Cornell University Press 1992.
Benyekhlef (1993)K. Benyekhlef, La protection de la vie privée dans les échanges intenationaux d’informations, Montréal: Ed. Th émis 1993.
Bigo (2006)D. Bigo, Liberty, whose Liberty? Th e Hague Programme and the Conception of Freedom, in: Balzacq & Carrera (2006).
Bigo & Guild (2003)D. Bigo and E. Guild, La mise à l’écart des étrangers: la logique du visa Schengen, Cultures & Confl its, 2003, no. 49–50.
Bigo & Guild (2005)D. Bigo and E. Guild (eds.), Controlling Frontiers. Free movement into and within Europe, Aldershot: Ashgate 2005.
Billaud (1993)P. Billaud, La protection des données informatiques dan le cadre du Accord de Schengen, in: Pauly (1993), p. 25 ff .
Bing & Torvund (1995)J. Bing, O. Torvund (eds.), 25 Years Anniversary Anthology, Tano: Norwegian Research Center For Computer and Law 1995.
Bisschof (2004)B. A. Bisschof, Europäische Rasterfahndung – grenzelose Sicherheit oder gläserne Europäer? Kritische Justiz, Jrg. 37, Heft 4, 2004, p. 361–380.
Blake (2004)N. Blake, Developments in the Case Law of the European Court of Human Rights, in: Bogusz & Cholewinski (2004), p. 431 ff .
Blake & Husain (2003)N. Blake and R. Husain, Immigration, Asylum and Human Rights, Oxford/New York: Oxford University Press 2003.
Blok (2001)P. Blok, De splitsing van privacy. Advies over het grondrecht op privacy in het digitale tijdperk, Ars Aequi 50 (2001), p. 6.
Blok (2002)P.H. Blok, Het recht op privacy. Onderzoek naar de betekenis van het begrip ‘privacy’ in het Nederlandse en het Amerikaanse recht, Th e Hague: Boom Juridische Uitgevers 2002.
Brouwer-Bibliography.indd 538 3/20/2008 1:42:16 PM
Bibliography 539
de Bock (2004)R.H. de Bock, De omvang van het geding, Nijmegen: Ars Aequi Libri 2004.
Böcker (1998)A. Böcker (ed.), Regulation of Migration. International Experiences, Amsterdam: Het Spinhuis Publishers 1998.
Boeles (1997)P. Boeles, Fair Immigration Proceedings in Europe, Th e Hague/Boston/London: Martinus Nijhoff Publishers 1997.
Boeles et.al (2004)P. Boeles, E. Brouwer, A. Woltjer and K. Alfenaar, Border control and movement of persons. Towards eff ective legal remedies for individuals in Europe, Utrecht: Forum, 2004.
Boeles (2005)P. Boeles: Fair and Eff ective Immigration Procedures in Europe? EJML 7, 2005, p. 213–218.
den Boer (1995)M. den Boer, Moving between bogus and bona fi de: the policing of inclusion and exclusion in Europe, in: Miles & Th ränhardt (1995), p. 92 ff .
den Boer (1996)M. den Boer, Justice and Home Aff airs: Cooperation without integration, in: Wallace & Wallace (1996), p. 389–409.
den Boer et al. (1998)M. den Boer, A. Guggenbühl, S. Vanhoonacker, Coping with Flexibility and Legitimacy after Amsterdam, Maastricht: EIPA 1998.
den Boer & Corrado (1999)M. den Boer and L. Corrado (1999), For the Record or Off the Record: Comments About the Incorporation of Schengen into the EU, European Journal of Migration and Law, 1, 1999, p. 397–418.
den Boer (2000)M. den Boer (ed.), Schengen Still Going Strong. Evaluation and Update, Maastricht: EIPA 2000.
Bogusz, Cholewinski (2004)B. Bogusz, R. Cholewinski et al. (eds.), Irregular Immigration and Human Rights: Theoretical, European and International Perspectives, Leiden/Boston: Martinus Nijhoff Publishers 2004.
Bonjour (1999)F. Bonjour, Pour la défense des étrangers, Paris : GISTI Recueil de jurisprudence 1999.
Boswinkel (1993)B.J. Boswinkel, De privacyrichtlijn begrensd, SEW Sociaal Economisch Weekblad, 7/8, July/August 1993, p. 551.
Bracke (2001)N. Bracke, Flexibility, Justice Cooperation and the Treaty of Amsterdam, in: L. Marinho (2001), p. 55 ff .
Brochmann, Hammar (1999)G. Brochmann, T. Hammar, Mechanisms of Immigration Control: A Comparative Analysis of European Regulation Policies, Oxford-New York: Berg 1999.
Brouwer (1998)E. Brouwer, Registratie van gegevens en Koppelingswet, Migrantenrecht 5–6, 1998, p. 164–174.
Brouwer (2001)E. Brouwer, Grensbewaking en het SIS, in: Brouwer & Groenendijk (2001), p. 45 ff .
Brouwer-Bibliography.indd 539 3/20/2008 1:42:16 PM
540 Bibliography
Brouwer (2002)E. Brouwer, Eurodac: its Limitations and Temptations, European Journal of Migration and Law, 4, 2002, p. 231–247.
Brouwer (2003)E. Brouwer, Immigration, asylum and terrorism: A changing dynamic legal and practical devel-opments in the EU in response to the terrorist attacks of 11.09, European Journal of Migration and Law 4, 2003, p. 399–424.
Brouwer (2006)E. Brouwer, Data surveillance and border control in the EU: Balancing effi ciency and legal protection of third-country nationals, in: Balzacq & Carrera (2006), p. 137–154.
Brouwer & Groenendijk (2001)E. Brouwer and K. Groenendijk (eds), Derdelanders in de Europese Unie, Utrecht: Forum 2001.
Brouwer, Catz & Guild (2003)E. Brouwer, P. Catz and E. Guild, Immigration, Asylum and Terrorism. A Changing Dynamic in European Law, Series Recht & Samenleving no. 19, Nijmegen: University of Nijmegen 2003.
De Bruycker (2003)Ph. De Bruycker (ed.), Th e Emergence of a European Immigration Policy, Brussels: Bruylant 2003.
De Bruycker & Carlier (2005)Ph. De Bruycker and J.Y. Carlier, Immigration and Asylum Law of the EU, current debates, Brussels: Bruylant 2005.
Bull (1984)H.P. Bull, Datenschutz oder die Angst vor dem Computer, München-Zürich: Piper 1984.
Bull (1985)H.P. Bull Die Grundprobleme des Informationsrechts, Inaugural speech Universtity Tilburg, Zwolle: W.E.J. Tjeenk Willink 1985.
Burkens et al. (2006)M. Burkens et al., De beginselen van de democratische rechtsstaat, Alphen aan den Rijn: Kluwer 2006.
Busch (1999)H. Busch, Neue Wachstumringe im SIS, Bürgerrechte & Polizei/CILIP, 63(2) 1999, p. 80–84.
Bygrave (1998)L.A. Bygrave, Data Protection pursuant to the Right to Privacy in Human Rights Treaties, International Journal of Law and Information Technology, 1998, Vol. 6, p. 247–284.
Bygrave (2003)L.A. Bygrave, Data Protection Law: approaching its rationale, logic and limits, Th e Hague: Kluwer Law International 2003.
Bygrave (2004)L.A. Bygrave, Privacy Protection in a Global Context – A Comparative Overview, Scandanavian Studies in Law, 2004, vol. 47, p. 324.
Bygrave & Berg (1995)L.A. Bygrave and Jens Peter Berg, Refl ections on the rationale for data protection laws, in: Bing & Torvund (1995), p. 3 ff .
Carlier & De Bruycker (2005)J.Y. Carlier and Ph. De Bruycker, Immigration and Asylum Law of the EU: current debates, Brussels: Bruylant 2005.
Carlier & Guild (2006)J.Y. Carlier and E. Guild, Th e Future of Free Movement of Persons in the EU, Brussels: Bruylant 2006.
Brouwer-Bibliography.indd 540 3/20/2008 1:42:16 PM
Bibliography 541
Carrera (2004)S. Carrera, What Does Free Movement Mean in Th eory and Practice in an Enlarged EU? CEPS Working Document No. 208/ October 2004 available at: http://www.ceps.be
Catala (1983)P. Catala, Ebauche d’une théorie juridique de l’information, Revue de droit prospectif, 1983, no. 1
Catz (2003)P. Catz, Th e Netherlands: small steps on beaten tracks, in: Brouwer, Catz & Guild (2003), p. 57 ff .
Cholewinski (2000)R. Cholewinski, Th e EU Acquis on Irregular Migration: Reinforcing Security at the Expense of Rights, European Journal of Migration and Law 2, 2000, p. 361–405.
Cholewinski (2003)R. Cholewinski, No Right of Entry, in: Groenendijk, Guild & Minderhoud (2003), p. 105 ff .
Cholewinski (2004)R. Cholewinski Th e Need for Eff ective Remedies in Matters of Immigration and Border Control, Migrantenrecht 7, 2004, p. 259–262.
Cholewinski (2005)R. Cholewinski, Th e Need for Eff ective Individual Legal Protection in Immigration Matters, European Journal of Migration and Law, 7, 2005, p. 237–262.
Cimade (2003)Cimade, Centres et locaux de retention administrative, rapport 2003, Paris: 2003.
Cornelisse (2004)G. Cornelisse, Human Rights for Immigration Detainees in Strasbourg: Limited Sovereignty or a Limited Discourse? European Journal of Migration and Law 6, 2004, p. 93–110.
Craig & Búrca (1999)P. Craig and B. de Búrca (eds.), Th e evolution of EU law, Oxford: Oxford University Press 1999.
Curtin & Meijers (1997)D. Curtin and H. Meijers, Th e Principle of Open Government in Schengen and the European Union: Democratic Retrogression? in: Meijers (1997), p. 13 ff .
Davy (2006)U. Davy, Immigration, Asylum and Terrorism: how do they relate in Germany? in: Baldaccini & Guild (2006), p. 177 ff .
Dias Urbano De Sousa & De Bruycker (2004)C. Dias Urbano De Sousa and Ph. De Bruycker (eds.), Th e emergence of a European asylum policy/L’émergence d’une politique européenne d’asile, Brussels: Bruylant 2004.
van Dijk (2001)P. van Dijk, Protection of “Intergrated” Aliens against Expulsion under the European Convention on Human Rights, in: Guild & Minderhoud (2001), p. 23 ff .
van Dijk & van Hoof (2006)P. van Dijk and F. van Hoof, Th eory and Practice of the European Convention on Human Rights, Antwerpen/Oxford: Intersentia 2006.
Donner (1993)J.P.H. Donner, Abolition of Border Controls, in: Schermers et al. (1993), p. 5 ff .
Dougan (2004)M. Dougan, National Remedies Before the Court of Justice. Issues of Harmonisation and Diff erentiation, Oxford and Portland, Oregon: Hart Publishing 2004.
Dumortier (1992)J. Dumortier Het Schengen Informatie Systeem en de bescherming van persoonsgegevens, in: Fijnaut, Stuyck & Wytinck (1992), p. 119 ff .
Brouwer-Bibliography.indd 541 3/20/2008 1:42:16 PM
542 Bibliography
Dumortier (1997)J. Dumortier, Protection of Personal Data in the Schengen Convention, International review of law, computers and technology, p. 93–106 1997.
Eicke (2003)T. Eicke, Paradise Lost? Exclusion and Expulsion from the EU, in: Groenendijk, Guild & Minderhoud (2003), p. 147 ff .
Elgesem (1999)D. Elgesem, Th e structure of rights in Directive 95/46 on the protection of individuals with regard to the processing of personal data and the free movement of such data, Ethics and Information Technology 1, 1999, p. 283–293.
Ellger (1991)R. Ellger, Datenschutz und Europäischen Binnenmarkt (Teil I), RDV 1991/2, p. 57–65.
Elzinga (1989)D.J. Elzinga, De democratische rechtsstaat als ontwikkelingsperspectief. Over machtsregulering als ontwikkelingslijn, in: Engels & Middel (1989).
Engels & Middel (1989)J.W.M. Engels, E.M. Middel (eds.), De rechtsstaat herdacht, Zwolle: W.E.J. Tjeenk Willink 1989.
Enschedé (1974)Ch.J. Enschedé, Het interim-rapport Koopmans: een discussiebijdrage, NJB, 28 september 1974, afl . 32, p. 1030.
Essakkili & Spijkerboer (2006)S. Essakkili, T.P. Spijkerboer, De marginale toetsing in asielzaken, NJB, Afl . 2006/33, no. 1439.
Fasti (2002)M. Fasti, Th e restrictive approach taken by the European Court of Human Rights: deportation of longterm immigrants and right to family life (Part 1 and 2), Tolley’s Immigration, Asylum and Nationality Law, Vol. 16, nos 3 & 4, 2002.
Fernhout & Steenbergen (1994)R. Fernhout and J.D.M Steenbergen, Rechtspraak Vreemdelingenrecht 1993, Nijmegen: Ars Aequi Libri 1994.
Fijnaut (1993)C.J.C.F. Fijnaut, Police cooperation in Western Europe, in: Schermers et al. (1993), p. 75 ff .
Fijnaut & Hermans (1987)C. Fijnaut and R. Hermans (eds.), Police Co-operation in Europe, Lochem: J.B. van den Brink 1987.
Fijnaut, Stuyck & Wytinck (1992)C. Fijnaut, J. Stuyck, P. Wytinck, Schengen: Proeftuin voor de Europese Gemeenschap? Antwerpen: Gouda Quint 1992.
Flaherty (1989)D.H. Flaherty, Protecting Privacy in Surveillance Societies. Th e Federal Republic of Germany, Sweden, France, Canada and the United States, Chapel Hill: University of North Carolina Press 1989.
Fode (1993)H. Fode, Nordic Experience on Criminal Law, in: Schermers et al. (1993), p. 61–69.
Forsthoff (1973)E. Forsthoff , Lehrbuch des Verwaltungsrechts, München: C.H. Beck 1973.
Frowein & Stein (1987)J.A. Frowein, Torsten Stein, Die Rechsstellung von Ausländern nach staatlichem Recht un Völkerrecht, Teil 1, Berlin/ Heidelberg: Springer Verlag 1987.
Brouwer-Bibliography.indd 542 3/20/2008 1:42:16 PM
Bibliography 543
Garside (2006)A. Garside, Th e political genesis and legal impact of proposals for the SIS II: what cost for data protection and security in the EU? Sussex Migration Working Paper no. 30, March 2006, available at http://www.sussex.ac.uk
Gautier (2005)M. Gautier, La dépassement du caractère national de la juridiction administrative française: le contentieux Schengen, Droit Administratif, Mai 2005, p. 7 ff .
Geddes (2000)A. Geddes, Immigration and European Integration. Towards Fortress Europe? Manchester: Manchester University Press 2000.
Giraud (1999)Ph. Giraud, L’expérience de la France dans la mise en oeuvre de Schengen, in: Hailbronner & Weil (1999), p. 31–41.
GISTI (2003)GISTI, Contrôler, surveiller et punir, Analyse de la réforme Sarkozy sur l’entrée et le séjour des étrangers en France, Paris: GISTI April 2003.
GISTI (2003a)GISTI, Les visas en France. La réglementation, les recours les texts, Paris: GISTI May 2003.
GISTI (2005)GISTI, Utiliser le référé administrative pour la défense des étrangers, Paris: GISTI November 2005.
GISTI (2006)GISTI, Les Visas, Les Cahiers Juridiques, Paris: GISTI September 2006.
Giuseppin & Jansen (1996)P.R. Giuseppin and W.A.M Jansen, Het Akkoord van Schengen en vreemdelingen. Een ongecontro-leerde grens tussen recht en beleid? Verslag studiedag OSR 31 oktober 1996, Utrecht: NCB 1996.
Groenendijk (1993)C.A. Groenendijk, Th e competence of the EC Court of Justice, in: Meijers et al. (1993), p. 45 ff .
Groenendijk (2003)K. Groenendijk, New Borders Behind Old Ones: Post-Schengen Controls Behind Internal Borders and Inside the Netherlands and Germany, in: Groenendijk, Guild & Minderhoud (2003), p. 131 ff .
Groenendijk (2003a)K. Groenendijk, Th e Directive on mutual recognition of expulsion decisions: symbolic or unbal-anced politics? in: P. de Bruycker (2003), p. 447–463.
Groenendijk (2004)K. Groenendijk, Re-instatement of controls at the internal borders of Europe: why and against whom? European Law Journal 2, 2004, p. 150–170.
Groenendijk (2006)K. Groenendijk, Citizens and Th ird-Country Nationals: Diff erential Treatment or Discrimination? in: Carlier & Guild (2006), p. 79 ff .
Groenendijk, Guild & Minderhoud (2003)K. Groenendijk, E. Guild, and P. Minderhoud (eds.), In Search of Europe’s Borders, Th e Hague/London/New York: Kluwer Law International 2003.
Groeneweg, van den Berg, Verhey (2001)H.W. Groeneweg, I.H. van den Berg, M. Verheij, Teksten en toelichting op de Vreemdelingenwet 2000, Th e Hague: SDU Uitgevers 2001.
Brouwer-Bibliography.indd 543 3/20/2008 1:42:16 PM
544 Bibliography
Guild (2000)E. Guild, Adjudicating Schengen: National judicial control in France, European Journal of Migration and Law 1, 2000, p. 419–439.
Guild (2000a)E. Guild, European Community Law from a Migrant’s Perspective, Th e Hague/London/Boston: Kluwer Law International 2000.
Guild (2001)E. Guild, Moving the Borders of Europe, Inaugural lecture, Nijmegen: University of Nijmegen 2001.
Guild (2003)E. Guild, Th e Borders Abroad – Visas and Border Controls, in: Groenendijk, Guild & Minderhoud (2003).
Guild (2004)E. Guild, Th e Legal Elements of European identity. EU Citizenship and Migration Law, Th e Hague: Kluwer Law International 2004.
Guild (2005)E. Guild, Th e Legal Framework: Who is Entitled to Move? in: Bigo & Guild (2005), p. 14 ff .
Guild (2006)E. Guild (ed.), Constitutional challenges to the European Arrest Warrant. A challenge for European Law: the merging of international and external security. Nijmegen: Wolf Legal Publishers 2006.
Guild (2007)E. Guild, Unreadable Papers? Th e EU’s fi rst experiences with biometrics: Examining Eurodac and the EU Borders, in: J. Lodge (ed.), Are you who you say you are? Liberty and security in the EU, Nijmegen: Wolf Legal Publishers 2007, (forthcoming).
Guild & Niessen (1996)E. Guild and J. Niessen, Th e Developing Immigration and Asylum Policies of the European Union, Th e Hague/London/Boston: Kluwer Law International 1996.
Guild & Minderhoud (2001)E. Guild and P. Minderhoud, Security of Residence and Expulsion: protection of aliens in Europe, Leiden/Boston: Martinus Nijhoff Publishers 2001.
Guild & Geyer (2006)E. Guild and F. Geyer, Getting local: Schengen, Prüm and the dancing procession of Echternach Th ree paces forward and two back for EU police and judicial cooperation in criminal matters, December 2006, available at: http://www.ceps.be
Gutmann (1999)R. Gutmann, Datenschutz und europäischen Aufenthaltsrecht, ZAR 5, 1999, p. 229–231.
Hailbronner (2000)K. Hailbronner, Immigration and Asylum Law and Policy of the EU, Th e Hague: Kluwer Law International 2000.
Hailbronner & Weil (1999)K. Hailbronner and P. Weil (eds.), From Schengen to Amsterdam. Towards a European Immigration and Asylum Legislation, Trier: ERA Series of Publications, Vol. 29, 1999.
Hartley (2003)T.C. Hartley, Th e foundations of European Community Law, Oxford: Oxford University Press 2003.
Harvey (2001)C. Harvey, Promoting Insecurity: Public Order, Expulsion and the European Convention on Human Rights, in: Guild & Minderhoud (2001), p. 41 ff .
Brouwer-Bibliography.indd 544 3/20/2008 1:42:16 PM
Bibliography 545
Hayes (2004)B. Hayes From the Schengen Information System to SIS II and the Visa Information System (VIS): the proposals explained, Statewatch analysis, February 2004, http:// www.statewatch.org
Hayes (2005)B. Hayes (2005), SIS II: fait accompli? Construction of EU’s Big Brother database underway Statewatch analysis, May 2005, http://www.statewatch.org
Hemesath (1995)W. Hemesath, Das Schengener Informationssystem – SIS –, Ausschreibungskategorien und Ausschreibungsmodalitäten, Kriminalistik, 3/1995, p. 169–171.
de Hert & Guthwirth (2003)P. de Hert and S. Guthwirth, Making sense of privacy and data protection: a prospective overview in the light of the future identity, location-based services and virtual residence, Annex 1 to the report Security and Privacy for the Citizen in the Post-September 11 Digital Age: A Prospective Overview, Technical Report Series, Institute for Prospective Technological studies, Brussels, July 2003.
de Hert & Gutwirth (2006)P. de Hert and S. Gutwirth, Interoperability of Police Databases within the EU: An Accountable Political Choice? International Review of Law Computers & Technology, Vol. 20, Nos. 1 & 2, p. 21–35.
de Hert, Schreurs & Brouwer (2006)Paul de Hert, Wim Schreurs and Evelien Brouwer, Machine-Readable Identity Documents with Bio-metrical Data in the EU (Part I), Keesing Journal of Documents & Identity, Issue no. 21, 2006, p. 3 ff .
Hoeksma & Rensen (1990)J.W. Hoeksma and H.L. Rensen, SIS moet voldoende bieden, niet meer en niet minder, Algemeen Politieblad, nr. 8, 14 April 1990, p. 179–183.
Holterman (1994)Th . Holterman, Ongewenst signalering getoetst, Migrantenrecht 1994/5, p. 96.
Hondius (1975)F.W. Hondius, Emerging Data Protection in Europe, Amsterdam: North-Holland Pub. Company 1975.
Hoogenboom (1992)T. Hoogenboom, Free movement of non-EC nationals, Schengen and beyond, in: Meijers et al. (1992), p. 74 ff .
den Houdijker (2006)F.M.J. den Houdijker, Punitief karakter ongewenstverklaring, -signalering en rechtsbescherm-ing, Migrantenrecht 6–7, 2006, p. 239–243.
House of Lords (2006)House of Lords, European Union Committee, Schengen Information System II (SIS II), Report with Evidence, 9th report of session 2006–07, London: 2006.
Hreblay (1998)V. Hreblay, Les Accords de Schengen. Origine, Fonctionnement, Avenir, Bruxelles: Bruylant 1998.
Hubert (1999)P. Hubert, De Schengen à Amsterdam: Questions juridiques et solutions institutionnelles, in: Hailbronner & Weil (1999), p. 65 ff .
Hurwitz (1999)A. Hurwitz, Th e 1990 Dublin Convention: A Comprehensive Assessment, International Journal of Refugee Law 11 (4), 1999, p. 646–677.
Jessurun d’Oliveira (1990)H.U. Jessurun d’Oliveira, Schengen uitgerangeerd? NJB, 1990, nr. 4, p. 129–131.
Brouwer-Bibliography.indd 545 3/20/2008 1:42:16 PM
546 Bibliography
de Jong (1993)C.D. de Jong, Cooperation in the fi eld of Aliens Law, in: Schemers (1993), p. 183 ff .
Julien-Laferrière (2005)F. Julien-Laferrière, La loi no. 2003-1119 du 26 Novembre 2003 relative à la maîtrise de l’immigration, au séjour des étrangers en France et à la nationalité, in : Carlier & De Bruycker (2005), p. 530–558.
Justice (2000)Justice, Th e Schengen Information System. A human rights audit, London: Justice 2000.
Kant (2001)M. Kant, Nothing doing? Taking stock of data trawling operations in Germany after 11 September 2001, Statewatch, May-August 2005 Vol. 15, no. 3/4, p. 19.
Karanja (2002)S.K. Karanja, Th e Schengen Information System in Austria: An Essential Tool in Day to Day Police and Border Control Work? Th e Journal of Information, Law and Technology 2002 (1), p.
Kaspersen & Oskamp (1990)H.W.K. Kaspersen and A. Oskamp (eds.), Amongst Friends in Computers and Law. A Collection of Essays in Remembrance of Guy Vandenberghe, Deventer/Boston: Kluwer Computer/Law Series 1990.
Kayser (1990)P. Kayser, La protection de la vie privée, Marseille: Economica Presses universitaires d’Aix-Marseille 1990.
Kayser (1995)P. Kayser, La protection de la vie privée par le droit: protection du secret de la vie privée, Aix- en-Provence: Economica Presses universitaires d’Aix-Marseille 1995.
de Kerchove (1998)G. de Kerchove, Une espace de liberté, de sécurité et de justice, in: den Boer et al. (1998), p. 197–204.
Kjaer (2003)K. Kjaer, How Many Borders in the EU? in: Groenendijk, Guild & Minderhoud (2003), p. 169 ff .
Kleijne (2001)J. Kleijne, Artikelsgewijs commentaar op de Vreemdelingenwet 2000 en het Vreemdelingenbesluit 2000, Deventer: Kluwer 2001.
Klip (1997)A.H. Klip, Uniestrafrecht is op hol geslagen, NJB 11 April 1997, afl . 15, p. 663–671.
Kommers (1997)D.P. Kommers, Th e Constitutional Jurisprudence of the Federal Republic of Germany, Durham and London: Duke University Press 1997.
Korff (1990)D. Korff , Th e Schengen Information System: also a question of data protection, in: Mols (1990), p. 67 ff .
Kroon (1997)L.M.N. Kroon, European information systems: beyond borders? Barriers within the development process of the Schengen Information System and the Social Security Network, Delft: Eburon 1997.
Kuijer/Steenbergen (2005)A. Kuijer et al., Nederlands Vreemdelingenrecht, Den Haag: Boom Juridische Uitgevers 2005.
Kunig (1989)Ph. Kunig, Das Rechtsstaatsprinzip: Überlegungen zu seiner Bedeutung für das Verfassungsrecht der Bundesrepublik Deutschland, Tübingen: Mohr (Siebeck) 1989.
Brouwer-Bibliography.indd 546 3/20/2008 1:42:16 PM
Bibliography 547
Lavenex (2001)S. Lavenex, Th e Europeanisation of Refugee policies. Between human rights and internal security, Aldershot: Ashgate 2001.
Lawson (1999)R. Lawson, Het EVRM en de Europese Gemeenschappen, Europese Monografi eën no. 61, Th e Hague: Kluwer 1999.
Lecucq (2004)O. Lecucq, L’examen par le Conseil Constitutionnel de la nouvelle législation sur l’immigration, AJDA, 22 mars 2004, p. 599–606.
Leutheusser-Schnarrenberger (2004)S. Leutheusser-Schnarrenberger, Ein System gerät ausser Kontrolle: Das Schengener Informationssystem, Zeitschrift für Rechtspoltik, 14 Juni 2004, 37. Jahrgang, p. 97–101.
Lodge (2005)J. Lodge, eJustice, Security and Biometrics: the EU’s Proximity Paradox, European Journal of Crime, Criminal Law and Criminal Justice, Vol. 13/4, 2005, p. 533–564.
Magnon (2003)X. Magnon, ‘Le champ d’application territorial de l’accord de Schengen’, L’actualite juridique, Droit administratif 13, 2003, p. 683–684.
Malabre (2001)J.E. Malabre, Security of residence and expulsion: protection of aliens in Europe: the French experience, in Guild & Minderhoud (2001), p. 125–137.
Marinho (2001)L. Marinho, Asylum, Immigration and Schengen Post Amsterdam, Maastricht: EIPA 2001.
Marx (2004)R. Marx, Terrorismusvorbehalte des Zuwanderungsgesetzes, ZAR, 8/2004, p. 275–282.
Maurer (2002)H. Maurer, Allgemeines Verwaltungsrecht, München: C.H. Beck 2002.
Meijers (1992)H. Meijers et al., Schengen Internationalisation of central chapters of the law on aliens, refugees, privacy, security and the police, Leiden: Stichting NJCM-Boekerij 1992.
Meijers (1993)H. Meijers et al., A New Immigration Law for Europe? Utrecht: Centre for Immigrants 1993.
Meijers (1997)H. Meijers (ed.), Democracy, Migrants and Police in the European Union: the 1996 IGC and beyond, Forum: Utrecht 1997.
Melis (2001)B. Melis, Negotiating Europe’s Immigration Frontiers, Deventer: Kluwer Law International 2001.
Michael & Heimans (1990)P.A. Michael and D. Heimans, Privacybescherming in SIS is uitvoerig geregeld, Algemeen Politieblad, nummer 9, 28 april 1990, p. 203 ff .
Miles & Th ränhardt (1995)D. Miles, D. Th ränhardt Migration and European Integration, London: Pinter Publishers 1995.
Minderhoud (2000)P. Minderhoud, Th e Dutch Linking Act and the Violation of Various International Non-Discrimination Clauses, European Journal of Migration and Law 2000, p. 185–201.
Mols (1997)G.P.M.F. Mols (ed.): Dissonanten bij het Schengen akkoord, Deventer: Kluwer 1990.
Brouwer-Bibliography.indd 547 3/20/2008 1:42:16 PM
548 Bibliography
Monar (2000)J. Monar, Th e Impact of Schengen on Justice and Home Aff airs, in: Den Boer (2000), p. 21 ff .
Nascimbene (2001)B. Nascimbene (ed.), Expulsion and detention of aliens in the European Union countries, Milan: Giuff rè Editore 2001.
Niessen (1996)J. Niessen, Th e European Union’s Migration and Asylum Policies, in: Guild & Niessen (1996), p. 3 ff .
Noll & Vedsted-Hansen (1999)G. Noll and J. Vedsted-Hansen, Non-Communitarians: Refugee and Asylum Policies, in: Alston (1999), p. 359 ff .
Nugter (1990)A.C.M. Nugter, Transborder Flow of Personal Data within the EC. A comparative analysis of the privacy statutes of the Federal Republic of Germany, France, the United Kingdom and the Netherlands and their impact on the private sector, diss., Deventer: Kluwer Law and Taxation Publishers 1990.
O’Keeff e (1993)D. O’Keeff e, Convention on Crossing External Borders, in: Pauly (1993), p. 171 ff .
O’Keeff e (2000)D. O’Keeff e, Judicial Review in European Union Law, Th e Hague: Kluwer Law International 2000.
Overkleeft-Verburg (1995)G. Overkleef-Verburg, Wet persoonsregistraties, Norm, toepassing en evaluatie, Zwolle: W.E.J. Tjeenk Willink 1995.
Pallet (2001)L. Pallet, Th e UK position. Implementing the Schengen Protocol, in: Marinho (2001), p. 91–95.
Pallez (2004)C. Pallez, L’Exercise du pouvoir de sanction est une révolution culturelle pour la CNIL, Petites affi ches, 29.09.2004, no. 195, p. 3.
Pauly (1993)A. Pauly (ed.), Les accords du Schengen: Abolition des frontières intérieures ou menace pour les liberté publiques? Maastricht: EIPA 1993.
Pauly (1996)A. Pauly (ed.), De Schengen à Maastricht: voie royale et course d’obstacles, Maastricht: EIPA 1996.
Peers (2001)S. Peers, Key Legislative Developments on Migration in the European Union (1) European Journal of Migration Law 3, 2001, p. 231–255.
Peers (2001a)S. Peers, Immigration, Asylum and the European Union Charter of Fundamental Rights, European Journal of Migration Law 3, 2001, p. 141–169.
Peers (2002)S. Peers, EU Immigration and Asylum law after Seville, Tolley’s Immigration, Asylum and Nationality Law, vol. 16, no. 3, 2002.
Peers (2003)S. Peers, Key Legislative Developments on Migration in the European Union (2) European Journal of Migration Law 5, 2003, p. 107–141.
Peers (2006)S. Peers, From Black Market to Constitution: Th e Development of the Institutional Framework for EC Immigration and Asylum Law, in Peers & Rogers (2006), p. 19 ff .
Brouwer-Bibliography.indd 548 3/20/2008 1:42:16 PM
Bibliography 549
Peers & Rogers (2006)Steve Peers and Nicola Rogers (eds.), EU Immigration and Asylum Law: Text and Commentary, Leiden/Boston: Martinus Nijhoff Publishers 2006.
Pinckaers (1996)J.C.S. Pinckaers, From privacy towards a new intellectual property right in persona: the right of publicity (United States) and portrait law ( Netherlands) balanced with freedom of speech and free trade principles, Th e Hague: Kluwer Law International 1996.
Podlech (1973)A. Podlech, Verfassungsrechtliche Probleme Öff entlicher Informationssysteme, DVR 1972/1973, p. 149 ff .
Poullet (1990)Y. Poullet, Data Protection Between Property and Liberties. A Civil Law Approach, in: Kaspersen & Oskamp (1990), p. 161 ff .
Preuss-Laussinotte (2000)S. Preuss-Laussinotte, Les fi chiers et les étrangers au cœur des nouvelles politiques de sécurité, Paris: Librairie générale de droit et de jurisprudence, E.J.A. 2000.
Prins (1995)J.E.J. Prins et.al., In het licht van de Wet persoonsregistraties: zon, maan of ster? Alphen aan den Rijn/Diegem: Samsom Bedrijfsinformatie bv. 1995.
Prins (1998)C. Prins, Biometric Technology Law. Making our bodies identify for use: Legal implica-tions of biometric technologies, Computer Law & Security Report, Vol. 14, no. 3, 1998, p. 159–165.
Puntervold Bø (1998)B. Puntervold Bø, Th e Use of Visa Requirements as a Regulatory Instrument for the Restriction of Migration, in: Böcker (1998), p. 191–202.
Renner (2001)G. Renner, Verwaltungsvorschriften zum Staatsangehörigkeit-und zum Ausländerrecht, Baden-Baden: Nomos Verlaggeselschaft 2001.
Rigaux (1990)F. Rigaux, La protection de la vie privée et des autres biens de la personnallité, Brussels: Émile Bruylant 1990.
Rule (1974)J.B. Rule, Private Lives and Public Surveillance, London: Allen Lane 1974.
Saas (2003)C. Saas, Les refus de délivrance des visas fondés sur une inscription au Système Information Schengen, Cultures & Confl its 49–50, 2003.
Saas (2006)C. Saas, Th e changes in laws on immigration and asylum in France in response to terrorist fears, in: Baldaccini & Guild (2006), p. 233 ff .
Schattenberg (1993)B. Schattenberg, SIS : Privacy and Legal Protection, in: Schermers et al. (1993), p. 43 ff .
Schermers (1993)H.G. Schermers et al., Free Movement of Persons in Europe: Legal Problems and Experiences, Dordrecht/Boston/London: Martinus Nijhoff Publishers 1993.
Schlanitz (1993)E. Schlanitz, L’échange international d’informations de police dans le cadre des systems d’information d’Interpol et de Schengen, in: Pauly (1993), p. 39 ff .
Brouwer-Bibliography.indd 549 3/20/2008 1:42:16 PM
550 Bibliography
Schlink (1982)B. Schlink, Die Amtshilfe. Ein Beitrag zu einer Lehre von der Gewaltenteilung in der Verwaltung, Berlin: Duncker & Humblot 1982.
Schmahl (2004)S. Schmahl, Internationaler Terrorismus aus der Sicht des deutschen Ausländerrechts, ZAR 7/2004, p. 217–225.
Schmid (2003)Ch. Schmid, Eurodac Verordnung. Europäisches System zur Identifi zierung von Fingerabdrücken, Wien: NWV Verlag 2003.
Schmid-DrünerMarion Schmid-Drüner, Der Begriff der öff entlichen Sicherheit und Ordnung im Einwanderungsrecht ausgewählter EU-Mitgliedstaaten: Status quo und Reformbedarf auf europäischer Ebene, Baden-Baden: Nomos Verlag 2007.
Schriever-Steinberg (1994)A. Schriever-Steinberg, Das Ausländerzentralregistergesetz, NJW 1994, Heft 50, p. 3276–3277.
Schröder (2001)B. Schröder, Das Fingerabdruckvergleichssystem EURODAC, in ZAR 2/2001, p. 71–76.
Schutte (1990)J.J.E. Schutte, Strafrecht in Europees verband, Justitiële verkenningen, 1990.
Simitis (1990)S. Simitis, Datenschutz und Europäischen Gemeinschaft, RDV 1990, Heft 1, p. 3–23.
Simitis (1999)S. Simitis, Revisiting Sensitive Data, Review of the answers to the Questionnaire of the Consultative Committee of the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (ETS 108), Strasbourg, 24–26 November 1999.
Simitis (2006)S. Simitis (ed.), Bundesdatenschutzgesetz, Baden-Baden: Nomos 2006.
Spijkerboer & Vermeulen (2005)T.P. Spijkerboer and B.P. Vermeulen, Vluchtelingenrecht, Nijmegen: Ars Aequi Libri 2005.
Staples (1999)H. Staples, Th e legal status of third country nationals resident in the European Union, Th e Hague/London/Boston: Kluwer Law International 1999.
Staples (2000)H. Staples, Adjudicating the Schengen Agreements in the Netherlands, European Journal of Migration Law 2, 2000, p. 49–83.
Steenbergen (1992)J.D.M. Steenbergen, Schengen and the movement of persons, in: Meijers et al. (1992), p. 57 ff .
Steenbergen (1997)J.D.M. Steenbergen, De grenzen van Schengen, in: Giuseppin & Jansen (1997), p. 18–25.
Steenbergen (1999)J.D.M. Steenbergen, All the King’s Horses… Probabilities and Possibilities for the Implementation of the New Title IV EC Treaty, European Journal of Migration Law 1, 1999, p. 29–60.
Swart (1978)A.H.J. Swart, De toelating en uitzetting van vreemdelingen, Deventer: Kluwer 1978.
Swart (2001)A.H.J. Swart, Een ware Europese rechtsruimte, Deventer: Gouda Quint 2001.
Temple Lang (2000)John Temple Lang, Th e Principle of Eff ective Protection of Community Law Rights, in: O’Keeff e (2000), p. 235 ff .
Brouwer-Bibliography.indd 550 3/20/2008 1:42:16 PM
Bibliography 551
Tuff ner (2000)M. Tuff ner, Das Schengener Informationssystem (SIS), Ein Quantensprung der polizeilichen Fahndung in Europa, Kriminalistik 1/00, p. 39–43.
Turpin (2004)D. Turpin, Les nouvelles lois sur l’immigration et l’asile dans le contexte de l’Europe et la mondi-alisation, Revue critique de droit international privé, 93 (2) avril-juin 2004, p. 311–393.
Vedsted-Hansen (2001)J. Vedsted-Hansen, Abolition of Border Controls within the Nordic Region and Security of Residence in Denmark, in: Guild & Minderhoud (2001), p. 91 ff .
Verhey (1991)L.F.M. Verhey, Privacy aspecten van de uitvoeringsovereenkomst van het Akkoord van Schengen, NJB 31 januari 1991, afl . 5, p. 217 ff .
Verhey (1992)L.F.M. Verhey, Privacy aspects of the Convention, in: Meijers et.al. (1992), p. 110 ff .
Verschueren (1992)H. Verschueren, Vrij verkeer van personen in Schengen-verdragen, in: Fijnaut, Struijk & Wytinck (1992), p. 13–54.
Wallace & Wallace (1996)H. Wallace and W. Wallace, Policy-Making in the European Union, Oxford: Oxford University Press 1996.
Warren & Brandeis (1890)S.D. Warren and L.D. Brandeis, Th e Right to Privacy, Harvard Law Review, Vol. IV, 15 December, no. 5, 1890.
Wayman (2006)J. Wayman, Linking Persons to Documents with Biometrics. Biometric systems from the 1970s to date, Keesing Journal of Documents & Identity, Issue 16, 2006, p. 14.
Webber (1996)F. Webber, Crimes of Arrival: Immigrants and Asylum-seekers in the New Europe, London: Statewatch Publications 1996.
Weichert (1990)Th . Weichert, Das geplante Schengen-Informationssystem, Computerrecht 1/1990.
Weichert (1993)Th . Weichert, Ausländererfassung in der Bundesrepublik. Die informationele Sonderbehandlung von Immigrantinnen und Flüchtlingen, Bürgerrechte & Polizei/CILIP 45, 2/1993.
Weichert (1998)Th . Weichert, AZRG. Kommentar zum Ausländerzentralregistergesetz, Neuwied-Kriftel: Luchterhand 1998.
Weichert (2002)Th . Weichert, Datenschutz für Flüchtlinge nach der Anti-Terr0r-Gesetzgebung, Asylmagasin 4/2002, p. 4–9.
Weil (1997)P. Weil, Rapports au Premier Ministre. Mission d’études des législations de la nationalité et de l’immigration, Paris: La documentation française 1997.
Westphal (1999)V. Westphal, Die Ausschreibung zur Einreiseverweigerung im Schengener Informations-system – Vorraussetzungen, Wirkungen und Rechtsschutzmöglichkeiten, InfAuslR 1999, p. 361–365.
Westphal & Stoppa (2007)V. Westphal and E. Stoppa, Ausländerrecht für die Polizei, Lübeck: Westphal/ Stoppa 2007.
Brouwer-Bibliography.indd 551 3/20/2008 1:42:16 PM
552 Bibliography
Wilkesmann (1999)P. Wilkesmann, Plädoyer für das Schengener Informationssystem, NStZ 1999, Heft 2, p. 68–71.
Westin (1967)A.F.Westin, Privacy and Freedom, New York: Athenaeum 1967.
van Winckel (1982)J.J.A.M van Winckel, Het personenverkeer in de Benelux, SEW 7/8, 1982, p. 552–562.
de Wit (1991)M.L.S. de Wit, Het akkoord van Schengen: vergelijkend onderzoek tussen Nederland en Frankrijk, Mast. Th esis, University Nijmegen 1991.
Woltjer (1995)A. Woltjer, Schengen: Th e Way of No Return? Maastricht Journal of European and Comparative Law 2, 1995, p. 256–278.
de Zwaan (1993)J. de Zwaan, Institutional Problems and Free Movement of Persons, in: Schermers et al. (1993), p. 335 ff .
Brouwer-Bibliography.indd 552 3/20/2008 1:42:16 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 553–562.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Jurisprudence
European Court of Human Rights (http://www.echr.coe.int/)
Klass v. Germany, 6 September 1978, no. 5029/71, Series A 28 .................... 160, 167–169, 174, 175, 196, 201, 264, 324, 412Airey, 9 October 1979, no. 6289/73 Series A 32 ................................... 163, 259Albert and Le Compte I and II, 10 February 1983, nos. 7299/75 and 7496/76 Series A 58 ........................................................................... 262Silver and others v. United Kingdom, 25 March 1983, no. 5947/72, Series A 61 ................................................................................................ 254Zimmermann v. Switzerland, 13 July 1983, no. 8737/79, Series A 66 ............ 259Malone v. United Kingdom, 2 August 1984, no. 8691/79, Series A 82 ........................................................................ 160, 164, 169, 173Benthem v. Netherlands, 23 October 1985, no. 8848/80, Series A 97 ............. 246Rees v. United Kingdom, 17 October 1986, no. 8532/81, Series A 106 .......... 156Leander v. Sweden, 26 March 1987, no. 9248/81, Series A no. 116 ........ 153, 154, 164, 166–168, 170, 173–175, 199, 264, 324Belilos v. Switzerland, 29 April 1988, no. 10328/83, Series A 132 ......... 258, 262Gaskin v. United Kingdom, 7 July 1989, Series A no. 160 ..................... 155, 156, 167, 169, 173, 175, 199, 324Kruslin and Huvig v. France, 24 April 1990 (joined cases) nos. 11801/95 and 11105/84, Series A 176 A and B ........................ 164, 165, 168, 173, 324Obermeier v. Austria, 28 June 1990, no. 11761/85, Series A 179 ................... 263Moustaquim v. Belgium, 18 February 1991, no. 12313/86, Series A 193 ...................................................................................... 256, 268Cardot v. France, 19 March 1991, no. 11069/84, Series A 200 ...................... 254Oberschlick v. Austria (I), 23 May 1991, no. 11661/85, Series A 204 ............. 258Vilvarajah and others v. United Kingdom, 30 October 1991, no. 13163/87, Series A 215 ............................................... 257, 259, 264, 325Castells v. Spain, 23 April 1992, no. 11798/85, Series A 236 ......................... 254Geouff re de la Pradelle v. France, 16 December 1992, no. 12964/87, Series A 253 .............................................................................. 246, 254, 259Niemietz v. Germany, 16 December 1992, no. 13710/88 Series A 251B ............................................................................ 153, 155, 197
Brouwer-Jurisprudence.indd 553 4/15/2008 6:52:43 PM
554 Jurisprudence
Salesi v. Italy, 26 February 1993, Series A 257E ............................................. 269Beaumartin v. France, 24 November 1994, no. 15287/89 Series A 296B ....... 263Ruiz Torija v. Spain, 9 December 1994, Series A 303-A ................................. 172Piermont v. France, 27 April 1995, no. 15773 and 15574/89, Series A 314 .............................................................................................. 254Abdulaziz, Cabales and Balkandali v. UK, 28 May 1995, nos. 9214/80, 9473/81, 9474/81 Series A 94 .................................... 254, 324Nasri v. France, 13 July 1995, no. 19465/92 Series A 320-B .......................... 256Gül v. Switzerland, 19 February 1996, no. 22676/93, Reports 1996-I ........... 255Amuur v. France, 25 June 1996, no. 19776/92, Reports 1996-III ................................................................ 260, 261, 269, 270Akdivar v. Turkey, 16 September 1996, Reports 1996-VI ............................... 171Gaygusuz v. Austria, 16 September 1996, no. 17371/90, Reports 1996-V ......................................................................................... 268Chahal v. United Kingdom, 15 November 1996, no. 22414/93, Reports 1996-V ......................................... 257, 259, 263–265, 270, 271, 325Ahmut v. Netherlands, 28 November 1996, no. 21702/93, Reports 1996-V ................................................................................. 255, 324Z. v. Finland, 25 February 1997, no. 22009/93, Reports 1997-I .................................................................. 155, 166, 173, 175Hornsby v. Greece, 19 March 1997, no. 18357/91, Reports 1997-II ....... 266, 271Sheffi eld and Horsham v. United Kingdom, 30 July 1998, nos. 22985/93 and 23990/94 Reports 1998-V .......................................... 156S.N. v. Netherlands, 4 May 1999 (dec.) no. 38088/97 ................................... 247J.E.D. v. UK, 2 February 1999 (dec.) no. 42225/98 ..................................... 247Iatridis v. Greece, 25 March 1999, no. 31107/96, ECHR 1999-II ......... 266, 271Amann v. Switzerland 16 February 2000, no. 27798/95 ECHR 2000-II ......................................................... 157, 158, 160, 169, 173Rotaru v. Romania, 4 May 2000, no. 28341/95 ECHR 2000-V ........... 154, 157, 159, 160, 165, 167, 169, 171–176, 197, 249, 325Jabari v. Turkey, 11 July 2000, no. 40035/98, ECHR 2000-VIII ..................................................................... 257, 267, 271Maaouia v. France, 5 October 2000, no. 39652/98, ECHR 2000-X ......................................................... 246–248, 253, 272, 308P.G. and J.H. v. the United Kingdom, 25 September 2001 no. 44787/98 ECHR 2001-IX .......................................... 153, 159–160, 173Boultif v. Switzerland, 2 August 2001, no. 54273/00, ECHR 2001-IX .......... 257Ludescher v. Austria, 20 December 2001, no. 35019/97 (unreported) ........... 269Sen v. Netherlands, 21 December 2001, no. 31465/96 (unreported) ...................................................... 254, 255, 324
Brouwer-Jurisprudence.indd 554 4/15/2008 6:52:43 PM
Jurisprudence 555
Čonka v. Belgium, 5 February 2002, no. 51564/99, ECHR 2001-I ...................................251, 254, 259, 260, 267, 268, 270, 325McVicar v. United Kingdom, 7 May 2002, no. 46311/99, ECHR 2002-III ........................................................................................ 260Al-Nashif v. Bulgaria, 20 June 2002, no. 50963/99, JV 2002/239 ......... 245, 254, 256, 258, 261, 264, 265, 270, 271, 325Christine Goodwin v. United Kingdom, 11 July 2002, no. 28957/95 (unreported) ...................................................................... 156Peck v. United Kingdom, 28 January 2003, no. 44647/98, ECHR 2003-I ................................................... 153, 160, 161, 173, 174, 206Mamatkulov and Abdurasulovic v. Turkey (I), 6 February 2003, no. 46827/99 (unreported) ...................................................... 262, 267, 270Chevrol v. France, 13 February 2003, no. 49636/99 ECHR 2003-III ................................................................ 250, 251, 262, 325Hatton and others v. United Kingdom, 8 July 2003, no. 36022/97 ECHR 2003-VIII ..................................................................................... 263Perry v. United Kingdom, 17 July 2003, no. 63737/00, ECHR 2003-IX ................................................................ 160, 161, 173, 174Smirnova v. Russia, 24 July 2003, nos. 46133/99 and 48183/99, ECHR 2003-IX ........................................................................ 161, 162, 173Poirrez v. France, 30 September 2003, no. 40892/98, ECHR 2003-X ......................................................................................... 268Buzescu v. Romania, 24 May 2005, no. 61302/00 (unreported) .... 250, 251, 325Iletmiş v. Turkey, 6 December 2005, no. 29871/96 (unreported) ...................................................... 162, 173, 511Lupsa v. Romania, 8 June 2006, no. 10337/04, JV 2006/311 ............... 252, 261Segerstedt-Wiberg and others v. Sweden, 6 June 2006, no. 62332/00 ECHR 2006, 89 ................. 153, 154, 159, 165, 170, 173–175Coorplan-Jenni and Hascic v. Austria, 27 July 2006, no. 10523/02 (unreported) ...................................................................... 249Kaya v. Romania, 12 October 2006, no. 33970/05 (unreported) ...................................................... 252, 253, 261Üner v. the Netherlands, 18 October 2006, no. 46410/99, § 57, JV 2006/417 .................................................................................... 254, 257Salah Sheekh v. the Netherlands, 11 January 2007, no. 1948/04 ............ 265, 489
European Court of Justice (http://curia.europa.eu/)
C-29/69 Stauder [1969] ECR 419 ................................................................ 304C-11/70 Internationale Handelsgesellschaft [1970] ECR 1146 ....................... 304
Brouwer-Jurisprudence.indd 555 4/15/2008 6:52:43 PM
556 Jurisprudence
C-4/73 Nold II [1974] ECR 507 .................................................................. 304C-36/75 Rutili [1975] ECR 1219 ................................................................ 277C-30/77 Bouchereau [1977] ECR 1999 ............................................ 62, 64, 277C-131/79 Santillo [1980] ECR 1585 ................................................... 296, 297C-115-116/81 Adoui and Cornuaille v. Belgium (joined cases) [1982] ECR 1665 .......................................................................... 62, 294, 295, 297C-222/84 Johnston [1986] ECR 1651 .......................................... 306, 307, 319C-294/83 Les Verts [1986] ECR 1339 .......................................................... 306C-281/85 Germany, France, the Netherlands, Denmark and United Kingdom v. Commission [1987] ECR 3203 ...................................... 18C-222/86 Unectef v. Heylens [1987] ECR 4097 ............................................ 307C-46/87 and C-227/88 Hoechst [1989] ECR 2859 ...................................... 305C-321/87 Commission v. Belgium [1989] ECR 997 ........................................ 15C-143/88 Zuckerfabrik [1991] ECR I-415 ................................................... 314C-68/89 Commission v. the Netherlands [1991] ECR I-2637 ........................... 65C-213/89 Factortame and others [1990] ECR I-2433 .................................... 312C-260/89 ERT [1991] ECR-I 2925 ............................................................. 305C-159/90 Grogan [1991] ECR I-4685 ......................................................... 305C-445/93 European Parliament v. Commission, OJ 1994 C 13/1 (unpublished) .... 20C-65/95 and C-111/95 Shingara and Radiom (joined cases) [1997] ECR I-3343 ..................................................................................... 297, 319C-70/95 Sodemare [1997] ECR I-3395 ........................................................ 307C-54/96 Dorsch Consult [1997] ECR I-4961 ................................................ 313C-195/98 Österreichischer Gewerkschaftbund [2002] ECR I-10497 ............... 313C-407/98 Abrahamsson [2000] ECR I-05539 ............................................... 313C-226/99 Siples Srl. [2001] ECR I-0277 .............................................. 311, 322C-424/99 Commission v. Austria [2001] ECR I-9285 ................................... 314C-459/99 MRAX v. Belgium [2002] ECR I-6591 ................. 277, 295, 309, 319C-465/00 Österreichischer Rundfunk [2003] ECR I-4989 .................... 152, 189, 197, 223, 305, 323C-50/00 Unión de Pequeños Agricultores [2002] ECR I-6677 ........ 303, 309, 312C-60/00 Carpenter [2002] ECR I-6279........................................ 277, 305, 319C-100/01 Olazabal [2002] ECR I-10981 ..................................................... 297C-101/01 Lindqvist [2003] ECR I-12971 .................................................... 305C-109/01 Akrich [2003] ECR I-9607 .......................................................... 305C-187/01 and C-385/01 Gözütok - Brügge (joined cases) [2003] ECR I-1345 ....................................................................................... 44, 503C-224/01 Köbler [2003] ECR I-10239 ................................................. 311, 322C-482/01 and C-493/01 Orfanopoulos and Oliveri (joined cases) [2004] ECR I-5257 ............................................................................................. 297C-327/02 Panayotova [2004] ECR I-11055 ................................. 279, 307, 308, 315, 317, 319, 521
Brouwer-Jurisprudence.indd 556 4/15/2008 6:52:43 PM
Jurisprudence 557
C-467/02 Cetinkaya [2004] ECR I-10895 ................................................... 278C-136/03 Dörr and Ünal [2005] ECR I-4759 ...................... 278, 299, 308, 319C-503/03 Commission v. Spain [2006] ECR I-1097 ........................ 64, 98, 218, 280, 310, 317, 435, 503, 517C-540/03 Parliament v. Council [2006] ECR I-5769 ............................ 286, 305C-1/05 Jia v. Migrationsverket JV 2007/31 .................................................... 314C-150/05 Van Straaten [2006] ECR I-9327 ..................................... 8, 235, 503C-241/05 Bot [2006] ECR I-9627 ................................................................. 45C-432/05 Unibet (unpublished) ................................................................... 310
Pending:
C-524/06, Heinz Huber v. Germany ............................................................. 401
Court of First Instance
T-177/01 Jégo Quéré [2002] ECR II-2365 .................................................... 310T-116/01 P&O European Ferries v. European Commission [2003] ECR II-2957 ............................................................................................ 310
France
(most of the following decisions can be found at http://www.legifrance.gouv.fr)
Conseil Constitutionnel
25 July 1991, no. 91–294, JO 27 July 1991 ......................................... 332, 33313 August 1993, no. 93–325 DC JO 18 August 1993 .................................. 35122 April 1997, no. 97–389 DC, JO 25 April 1997 ....................... 347, 351, 363
Cour de Cassation
18 May 2005, Jabeur, no. 04-50-053 ........................................................... 364
Conseil d’État
CE 22 July 1994, Chambre syndicale du Transport Aérien, no. 145606 .......... 370CE 29 December 1997, Th orel, no. 140325 ................................................. 370CE 9 June 1999, Hamssaoui, no. 198344 ..................................................... 368CE 9 June 1999, M. et Mme. Forabosco, no. 190384 ............................ 368, 370CE 6 October 1999, Bafandi, no. 186082 .................................................... 375CE 28 July 2000, Faifer, no. 205435 ............................................................ 369CE 25 October 2000, Cucicea-Lamblot, no. 212315 .................................... 373CE 9 July 2001, Matumona, no. 209037 ...................................................... 371
Brouwer-Jurisprudence.indd 557 4/15/2008 6:52:44 PM
558 Jurisprudence
CE 11 July 2001, M. and Mme. Iqbal, no. 206644 ....................................... 371CE 20 February 2002, Boucetta, no. 220420 ........................................ 368, 369CE 11 March 2002, Abdelli, no. 222137–222258 ........................................ 375CE 15 March 2002, Krouf, no. 221818 ........................................................ 371CE 29 July 2002, X, no. 236190 .................................................................. 371CE 29 July 2002, X, no. 229580 .................................................................. 374CE 4 November 2002, X, no. 240090 .......................................................... 374CE 6 November 2002, Sun Myung X (Moon), no. 194295–219587 ......................................................................... 353, 376CE 6 December 2002, Sahin, no. 206277 .................................................... 375CE 6 December 2002, M. et Mme. Amouche, no. 238288 ............................ 375CE 13 December 2002, Kouchi, no. 224877 ................................................ 371CE 10 January 2003, Noorani Joorawon, no. 223395 .................................... 369CE 12 February 2003, X, no. 229306 .......................................................... 373CE 23 May 2003, Gheorghita Catrina, no. 237934 ...................................... 371CE 2 June 2003, Hak Ja Han X. (Moon), no. 219588 ................................... 372CE 14 November 2003, X, no. 234462 ........................................................ 374CE 30 December 2003, Ramdane, no. 237808 ............................................ 374CE 6 February 2004, Hallal, no. 240560 ..................................................... 370CE 10 March 2004, X, no. 252269 .............................................................. 373CE 5 July 2004, X, no. 210185 ............................................................ 355, 359CE 27 February 2006, M.A., no. 274928 ..................................................... 377CE 7 April 2006, Skandrani, no. 275216 ..................................................... 376CE 10 November 2006, Mbow, no. 298272 ................................................. 375CE 15 November 2006, M. A et Mme A, no. 276829 ................................... 375CE 27 November 2006, M. A et Mme A, no. 298660 ................................... 375
Cour administrative d’appel
Cour administrative d’appel de Paris, Minin, 18 January 2001, no. 99PA02845 ........................................................................................ 369
Tribunal administratif
Tribunal administratif Strasbourg, M. Igel c/Préfet de la Moselle, 3 April 1995 ............................................................................................. 367Tribunal administratif Lyon, M. and Mme. Ciuciu, 6 April 1995, no. 9501291–9501292 ............................................................................. 342Tribunal administratif Toulouse, M. c/ Préfet de la Haut Garonne, 24 October 2000, no. 003366 .................................................................. 369Tribunal administratif Lille, Valencia, 16 May 2002, no. 021741 ......... 369, 375Tribunal administratif Pau, Mejri, 31 May 2002, no. 02820......................... 375
Brouwer-Jurisprudence.indd 558 4/15/2008 6:52:44 PM
Jurisprudence 559
Tribunal administratif Nice, Barzilay, 16 July 2002, no. 023061 .......... 369, 375Tribunal administratif Pau, Anton, 19 November 2004, no. 0301352 .......... 369
Germany
Bundesverfassungsgericht (http://www.bundesverfassungsgericht.de)
BVerfG 15.12.1970, 2 BvF 1/69 .................................................................. 412BVerfG 09.06.1973, 1 BvL 14/72 ................................................................ 412BVerfG 18.07.1973, 1 BvR 23 155/73 ......................................................... 411BVerfG 26.09.1978, 1 BvR 525/77 NJW 1978, Heft 48, p. 2446 ................ 420BVerfG 27.03.1980, 2 BvR 316/80 .............................................................. 412BVerfG 06.06.1983, 2 BvR 244, 310/83 ...................................................... 419BVerfG 15.12.1983, 1 BvR 209/83, BVerfGE 65 E 40 ........................ 198, 417BVerfG 16.03.1999, 2 BvR 2131/95 ............................................................ 411BVerfG 27.10.1999, 1 BvR 385/90 ...................................................... 411, 443BVerfG 10.10.2001, BvR 1970/95 ............................................... 400, 422, 428BVerfG 05.12.2001, 2 BvR 527/99 .............................................................. 437BVerfG 04.04.2006, 1 BvR 518/02 .............................................................. 408BVerfG 09.11.2006, BvR 1908/03 ....................................................... 437, 439
Bundesverwaltungsgericht (http://www.bundesverwaltungsgericht.de)
BVerwG 10.07.2001, Az. 1 C 35.00 .................................................... 437, 438BVerwG 14.03.2002, Az. 1 C 15.01 .................................................... 412, 416BVerwG 04.09.2003, Az. 1 B 288.02 ........................................................... 438
Verwaltungsgerichtshof Kassel (http://www.vg-kassel.justiz.hessen.de)
19.11.2003, Az. 12 TG 2668/03 .......................................................... 436, 43711.12.2003, Az. 9 TG 546/03 ...................................................................... 43612.01.2004, Az. 12 TG 3204/03 .................................................................. 436
Oberverwaltungsgericht Düsseldorf (http://www.olg-duesseldorf.nrw.de)
8 February 2002, Az. 3 Wx 351/01 .............................................................. 4068 February 2002, Az. 3 Wx 357/01 .............................................................. 407
Oberverwaltungsgericht Koblenz (http://cms.justiz.rlp.de)
22.3.2002 Az. 12 B 10331/02 ...................................................................... 40707.06.2002, Az. 12 A 10349/99 ................................................................... 43819.04.2007, Az. A 11437/06 ........................................................................ 439
Brouwer-Jurisprudence.indd 559 4/15/2008 6:52:44 PM
560 Jurisprudence
Verwaltungsgericht
Verwaltungsgericht Frankfurt am Main, Az. 07.03.1995, Az. 11 E 3067/94 (http://www.vg-frankfurt.justiz.hessen.de) ................... 434Verwaltungsgericht Kassel, 23.03.1998, Az. 12 VE 1310/95 (http://www.vg-kassel.justiz.hessen.de) ..................................................... 434Verwaltungsgericht Koblenz, 09.11.1998, Az. VG 3 K 938/98.KO (http://cms.justiz.rlp.de) ........................................................................... 437Verwaltungsgericht Hamburg, 27.02.2002, Az. 14 VG 446/02 (http://lrha.juris.de/cgi-bin/laender_rechtsprechung/ha_frameset.py) ....... 407Verwaltungsgericht Düsseldorf, 07.08.2002, Az. 24 L 2837/02, InfAusIR 10/2002 (http://www.justiz.nrw.de) ........................... 415, 432, 434Verwaltungsgericht Giessen, 08.11.2002, Az. 10 G 4510/02 (http://www.vg-kassel.justiz.hessen.de) ..................................... 408, 416, 421Verwaltungsgericht Frankfurt am Main, 21.07.2004, Az. 1 E 2479/04 (www.vg-frankfurt.justiz.hessen.de) ............................... 436Verwaltungsgericht Berlin, 3 December 2004, Az. 1 A 151/04 ............. 432, 434
Amtsgericht
Amtsgericht Tiergarten, 15.01.2002, Az. 84 T 8/02 ..................................... 407
Landgericht
Landgericht Wiesbaden, 6.02.02, Az. 4 T 707/01 ........................................ 407
Kammergericht
Kammergerichts Berlin, 16.04.2002 zur Rasterfahndung – Az. 1 W 89–98/02 ............................................................................................ 407
Th e Netherlands
(many of the following decisions can be found at http://www.rechtspraak.nl)
Afdeling Bestuursrechtspraak Raad van State
4 July 2006, case no. 200602107/1, LJN: AY3839 ....................................... 459
Hoge Raad
19 February 1993, no. 14917, RV 1993/70 .................................................. 471
Brouwer-Jurisprudence.indd 560 4/15/2008 6:52:44 PM
Jurisprudence 561
Gerechtshof
Gerechtshof Den Haag, 16 November 2000, AB 2002/10............................ 494
Rechtbank
Rechtbank Haarlem, 18 August 1999, JV 1999/269 .................................... 493Rechtbank Amsterdam, 24 September 1999, JV 2000/8............................... 490Rechtbank Den Haag, 8 December 1999, JV 2000/59 ......................... 491, 493Rechtbank Den Haag, 5 January 2000, JV 2000/51 ..................... 491, 494, 507Rechtbank Den Haag, 10 January 2001, JV 2001/52 ................................... 499Rechtbank Den Haag, 14 March 2001, RV 2001/52 .................................... 499Rechtbank Den Haag, 8 March 2002, JV 2002/162 ..................................... 491Rechtbank Den Bosch, 16 July 2004, LJN: AR7219 .................................... 502Rechtbank Breda, 11 March 2005, AWB 04/24331 ............................. 492, 500Rechtbank Alkmaar, 24 August 2005, LJN: AU3548, JV 2005/447 ............. 500Rechtbank Amsterdam, 21 October 2005, JV 2006/69 ................................ 496Rechtbank Amsterdam, 1 November 2005, AWB 05/48355, AWB 05/48358 ........................................................................................ 497Rechtbank Alkmaar, 10 November 2005, no. 79543/HA ............................. 495Rechtbank Haarlem, 6 December 2005, LJN AW2418 ................................ 495Rechtbank Den Haag, 8 December 2005, no. 03/890 NAV no. 2, April 2006, p. 111 .................................................................................... 501Rechtbank Groningen, 1 February 2006, LJN: AV0808 ............................... 502Rechtbank Amsterdam, 23 June 2006, AWB 06/27382, AWB, 06/27348 ....................................................................................... 498Rechtbank Haarlem, 24 July 2006, LJN: AY6520 ........................................ 485Rechtbank Amsterdam, 2 October 2006, LJN: AY9280 ............................... 502Rechtbank Assen, 22 December 2006, AWB 06/58704 ................................ 502Rechtbank Amsterdam, 23 March 2007, LJN: BA3547, JV 2007/245 ......... 498Rechtbank Den Bosch of 4 April 2007, LJN: BA2132 ................................. 503
Nationale Ombudsman (http://www.nationaleombudsman.nl)
Decision of 14 May 1998, report no. 1998/164 ........................................... 505Decision of 28 January 2000, report no. 2000/28 ........................................ 505Decision of 29 October 2003, report no. 2003/388 ..................................... 504
Brouwer-Jurisprudence.indd 561 4/15/2008 6:52:44 PM
Brouwer-Jurisprudence.indd 562 4/15/2008 6:52:44 PM
Evelien Brouwer, Digital Borders and Real Rights, pp. 563–566.© 2008 Koninklijke Brill NV. Printed in the Netherlands.
Index
AAAH-SDÜ 390, 391, 392, 393, 397, 398,
423Abschiebung 391, 430Ad Hoc Group of Immigration 24Afdeling Bestuursrechtspraak van de Raad
van State 488AGDREF 344, 345, 346, 347, 357, 379AIVD 459algemene identifi catieplicht 446Amsterdam Treaty 29, 30, 39, 41, 42, 43,
57, 72, 120, 190, 305Amtshilfe 202, 420, 421Area of Freedom, Security, and Justice 29Asylum 2, 3, 15, 23, 24, 26, 27, 28, 29, 31,
32, 34, 38, 41, 42, 46, 56, 60, 63, 74, 77, 90, 101, 114, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 128, 132, 133, 134, 135, 137, 141, 142, 143, 150, 211, 247, 252, 257, 260, 264, 265, 269, 273, 275, 281, 283, 284, 287, 288, 289, 294, 295, 296, 298, 299, 300, 301, 310, 313, 315, 316, 320, 331, 332, 334, 335, 347, 352, 360, 371, 385, 386, 393, 399, 402, 416, 427, 428, 432, 436, 440, 441, 442, 445, 447, 448, 453, 458, 462, 463, 470, 471, 472, 473, 487, 488, 501, 505, 513, 514, 516, 518, 521, 523, 526, 531, 533
Aufenthaltsgesetz 390, 429Ausländergesetz 390, 422Ausreisepfl icht 391AWB 478, 484, 486, 487, 492, 497, 498,
500, 502, 505AZR 393, 398, 399, 400, 402, 403, 405,
419, 422, 428, 443AZRG 383, 399, 400, 402, 403, 422
BBDSG 417, 423, 424, 426, 429
Benelux Agreement 20, 27, 47biometrics 135, 138, 139, 140, 409, 473BKA 9, 386, 391, 394, 395, 396, 397, 398,
403, 404, 405, 424, 427, 433, 440Bundesamt für Verfassungsschutz 394Bundesgrenzschutz 390, 391, 394, 396Bundesverwaltungsgericht 416
CCNIL 9, 185, 187, 335, 338, 346, 347, 348,
349, 350, 353, 354, 355, 356, 357, 358, 359, 362, 372, 376, 377, 379, 380, 381, 522, 523, 524, 525
Commission de recours contre les décisions de refus de visa 365, 374
Commission du titre du séjour 365Common Consular Instructions 14, 36, 37,
136, 139, 292Conseil d’État 9, 250, 262, 267, 349, 353,
355, 356, 359, 362, 363, 365, 366, 368, 369, 370, 371, 372, 373, 374, 375, 376, 377, 379, 380, 381, 393, 436, 525, 526
Constitutional Treaty 309, 310, 313, 315Copenhagen criteria 40, 188, 305Cour de Cassation 356, 364
Ddata profi ling 158, 163, 405, 406, 407,
408, 409, 421, 435, 441, 442, 507, 514, 525
Data Protection Convention 148, 155, 157, 165, 174, 177, 178, 179, 181, 183, 184, 185, 186, 187, 189, 190, 191, 200, 203, 204, 207, 209, 211, 212, 213, 214, 215, 217, 219, 220, 221, 222, 223, 229, 231, 234, 323, 387, 477, 520
Direction Central de la Police Judiciaire 340
double peine 338, 360
Brouwer-Index.indd 563 3/13/2008 2:45:56 PM
564 Index
Dublin Convention 2, 24, 29, 34, 46, 118, 119, 120, 123, 128, 130, 150
Dublin Regulation 118, 126
EEDPS 127, 139, 151, 152, 203, 220, 227,
228, 231, 233, 323, 519, 531ELOI 348entry/exit system 134, 136, 150EU Charter of Fundamental Rights 193,
305, 308, 310EU citizenship 97, 453Eurodac 2, 3, 7, 10, 60, 66, 75, 77, 92, 103,
114, 117, 118, 119, 120, 121, 122, 123, 124, 125, 126, 127, 132, 133, 135, 137, 138, 141, 142, 143, 144, 149, 150, 174, 177, 178, 211, 220, 226, 228, 231, 237, 240, 241, 242, 243, 245, 251, 280, 314, 347, 470, 473, 511, 512, 513, 514, 515, 518, 520, 529, 533
Eurojust 13, 14, 73, 74, 81, 85, 87, 91, 105, 106, 191
European Arrest Warrant 14, 83, 84, 92, 94, 111
European Data Protection Supervisor (EDPS) 127, 190, 220
Europol 13, 14, 24, 30, 32, 66, 73, 74, 77, 81, 85, 87, 91, 105, 106, 113, 132, 143, 177, 191, 238
expulsion 21, 64, 65, 245, 256, 282, 342, 398
external borders 2, 3, 13, 14, 16, 20, 22, 26, 28, 32, 33, 35, 39, 41, 47, 53, 57, 60, 72, 87, 91, 118, 124, 126, 131, 141, 230, 289, 290, 347, 514
FFAED 347fair trial
right to a 162, 172, 245, 246, 248, 249, 262, 272, 273
family liferight to 152, 156, 194, 249, 254, 255,
256, 257, 271, 298, 305, 310, 324, 366, 373, 375, 500, 501, 516
family reunifi cation 41, 65, 283, 286, 287, 294, 295, 298, 317, 320, 360, 501, 516, 528, 529
fi nancial repairright to 242, 324, 325, 375, 502
FPR 338, 339, 344, 345, 346freedom of movement 7, 15, 25, 30, 56, 63,
75, 97, 133, 162, 163, 173, 174, 251, 268, 276, 279, 285, 297, 305, 307, 308, 329, 335, 451, 503, 511, 515, 516, 534
GGBA 199, 460, 469Gendarmerie 9
HHague Programme 31, 74HAVANK 470, 471, 472, 473Hoge Raad 471
IIND 9, 460, 461, 462, 463, 464, 465, 466,
479, 480, 481, 482, 484, 486, 488, 490, 491, 492, 496, 497, 499, 508, 510
informational division of powers 201, 202, 208, 421
informationelle Gewaltenteilung 420, 421informationelles Selbstbestimmungsrecht 418interdiction du territoire français 378interlinking 101, 113internal borders 16, 17, 19, 21, 35, 45, 56,
65, 332, 384, 387internal security 3, 22, 25, 32, 78, 93, 100,
107, 128, 130, 132, 133, 134, 138, 143, 144, 169, 172, 174, 336, 385, 389, 394, 400, 401, 403, 406, 407, 412, 413, 440, 475, 515, 519, 528
interoperability principle of 2, 101, 117, 133, 134, 174,
389, 452, 515, 517Interpol 24, 51, 84, 85, 105, 471
JJoint Supervisory Authority (JSA) 10, 219,
229, 448JSA 66, 70, 94, 185, 219, 229, 230, 231,
428, 448, 482
KKLPD 9, 460, 467, 468, 479, 480, 481, 482,
492, 494, 495, 502, 508, 509
Brouwer-Index.indd 564 3/13/2008 2:45:56 PM
Index 565
LLIFL 349, 350, 351, 352, 353, 354, 356,
357, 358, 361, 379, 381Loi Chevènement 343, 359,
362, 365Loi Debré 346, 347, 359, 365Loi Pasqua 359, 361, 364Loi Sarkozy 338, 359, 360, 364, 366
MMikrozensusurteil 417
Nnational security 2, 35, 47, 48, 49, 52, 54,
61, 63, 65, 89, 96, 101, 107, 108, 132, 152, 154, 157, 164, 166, 167, 207, 217, 222, 223, 245, 246, 252, 253, 256, 257, 264, 269, 271, 325, 330, 336, 352, 353, 356, 362, 366, 377, 379, 395, 402, 411, 440, 442, 448, 456, 458, 459, 474, 487, 488, 516, 520, 530
non-discrimination principle 221, 248, 267, 294, 517
Nordic Passport Union 21
OOECD 179, 182, 183, 204, 349OFPRA 347, 352ongewenst gesignaleerde vreemdelingen 455,
457ongewenst verklaarde vreemdelingen 455ongewenstverklaring 455OPS 455, 460, 462, 491, 505
PPassport Union 16Persönlichkeitsrecht 418, 435preliminary
proceedings 44, 58, 71, 287, 306, 311, 312, 313, 314, 315, 401, 502, 521, 525, 533, 535
questions 44, 58, 71, 287, 306, 311, 312, 313, 314, 315, 401, 502, 521, 525, 533, 535
request 44, 58, 71, 287, 306, 311, 312, 313, 314, 315, 401, 502, 521, 525, 533, 535
proportionalityprinciple of 94, 95, 107, 142, 144, 150,
151, 152, 165, 167, 169, 196, 197, 222, 223, 240, 298, 305, 317, 319, 324, 352, 375, 394, 413, 435, 442, 443, 499, 507, 510, 522, 525, 528, 532
Prüm Treaty 46purpose limitation 185, 198, 202, 204,
205, 207, 208, 209, 213, 223, 239, 240, 317, 517
RRasterfahndung 403, 404, 406, 409, 421,
435, 441, 442RMV 343, 345, 346rule of law 40, 164, 165, 167, 175, 195, 200,
201, 208, 240, 247, 266, 275, 303, 305, 309, 314, 360, 413, 420, 430, 435, 512
SSchengen acquis 36, 38, 39, 40, 41, 42, 43,
44, 57, 58, 59, 63, 72, 86, 89, 90, 121, 189, 281, 292, 333
Schengen Borders Code 62, 100, 289, 290, 296, 301, 321, 454, 485, 518, 531
sensitive data 150, 156, 158, 166, 174, 175, 212, 213, 240, 477, 515, 517
Single Market 18, 21, 23SIRENE 9, 53, 58, 68, 69, 76, 81, 83, 87,
92, 97, 99, 103, 109, 128, 210, 219, 337, 340, 341, 389, 395, 396, 397, 422, 449, 460, 461, 462, 467, 468, 477, 478, 502, 529, 534
SIRPIT 99, 116suspensive eff ect 5, 282, 289, 291, 299, 300,
310, 318, 319, 320, 321, 342, 360, 364, 366, 381, 415, 484, 488, 522
TTampere Conclusions 30, 89, 275, 276terrorist lists 79, 96, 97, 519Treaty of Amsterdam 41, 57, 58, 333, 447Treaty of Maastricht 8, 275, 304Treaty of Rome 15
UÜbermaßverbot 413
Brouwer-Index.indd 565 3/13/2008 2:45:56 PM
566 Index
UN Security Council Resolution 1373 459UN terrorist list 79, 97, 107, 115, 395
VVerfassungsbeschwerde 400Verhältnismässigkeit 413, 442Volkszählungsurteil 197, 199, 202, 399, 417,
419, 435, 441Vreemdelingenbesluit 2000 454
Vreemdelingencirculaire 2000 454Vreemdelingenwet 2000 453
WWBP 477, 478, 479, 480, 481, 482, 483, 484
ZZurückschiebung 391, 398Zuwanderungsgesetz 390, 399
Brouwer-Index.indd 566 3/13/2008 2:45:56 PM
Brouwer-Jurisprudence.indd 562 4/15/2008 6:52:44 PM
Brouwer-Jurisprudence.indd 562 4/15/2008 6:52:44 PM