SpringerLink
Log in

Automating Freedom, Security and Justice: Interoperability of AFSJ Databases as a Move Towards the Indiscriminate Mass Surveillance of Third-Country Nationals

  • Chapter
  • First Online:
Automating Crime Prevention, Surveillance, and Military Operations

Abstract

Following a terrorist attack in Paris and the peak of the migrant crisis in Europe, in December 2015 the European Council highlighted the urgent need to enhance information sharing between actors in the area of freedom, security and justice. In the subsequent years the EU introduced a number of legislative proposals with the aim of ensuring more efficient border and migration management and enhancing the internal security of the Union. In addition to the existing information systems in the area of freedom, security and justice, it established two additional databases (the Entry/Exit System and the European Travel Information and Authorisation System) and is planning to make them fully interoperable in the near future. Even more disturbingly, as a measure in the fight against terrorism and organised crime, the EU has gradually allowed law enforcement authorities to access information systems originally created for border control purposes and to use the data contained therein to prevent, detect and investigate crimes. Although numerous NGOs and even some EU institutions, including the European Data Protection Supervisor (EDPS) and the EU Agency for Fundamental Rights, have expressed grave concerns as regards the human rights implications of the measures taken by the EU, the Commission insists on protecting EU citizens at the expense of the rights of third-country nationals. This chapter is aimed at exploring whether the EU’s data gathering practices are following the path taken by the USA in the fight against terrorism following the 9/11 attacks by conducting mass surveillance of foreign nationals, which is incompatible with its own data protection framework.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free ship** worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    See, e.g. the speech given by the President of the USA, Barack Obama, on 17.1.2014, available at: https://www.youtube.com/watch?v=p4MKm2uFqVQ (Accessed 30.1.2020); remarks by Gen. Keith Alexander, the Director of the NSA and Commander of the US Cyber Command, at the Aspen Security Forum on 18.7.2013, available at: https://www.nsa.gov/news-features/speeches-testimonies/Article/1619508/transcript-of-remarks-by-gen-keith-alexander-commander-us-cyber-command-uscyber/ Accessed 30.1.2020).

  2. 2.

    The European Agenda on Security is inconsistent when addressing the topic of AFSJ databases—it does not explicitly refer to the need for the creation of any additional information systems; however, it does mention the revised proposal of the Smart Borders Package to be introduced in 2016, a part of which is also the establishment of the Entry/Exit System. With this information in mind, the transformation towards “effective and genuine Security Union” becomes even more obvious.

  3. 3.

    The proposals of the German Minister of Internal Affairs to the Council of the European Union following the 9/11 terrorist attacks suggested the use of Eurodac for law enforcement purposes, the establishment of a central register of TCNs present in the territory of the EU and the “interconnection of data by making on-line access authorisation to the databases of the SIS available to Europol, national public prosecutor’s offices, immigration and asylum authorities” (13176/01, 2001).

  4. 4.

    The Communication defines interoperability as the “ability of IT systems and of the business processes they support to exchange data and to enable the sharing of information and knowledge. Interoperability is a technical rather than a legal or political concept. This is disconnected from the question of whether the data exchange is legally or politically possible or required” (COM/2005/0597 final, 2005).

  5. 5.

    In order to implement the main highlights of the European Agenda on Security, the following Action Plans were adopted: (1) the EU Action Plan against illicit trafficking in and use of firearms and explosives was adopted in December 2015; (2) the Action Plan for strengthening the fight against terrorist financing was adopted in February 2016; and finally, (3) the Communication on Stronger and Smarter Information Systems for Borders and Security was adopted in April 2016.

  6. 6.

    Similarly, a European Agenda on Migration, which was adopted the same year as the European Agenda on Security, completely ignores the interoperability measures and instead concentrates on the Smart Borders Package as the key facilitator of more efficient border management and the fight against illegal migration (COM(2015) 240 final, 2015b).

  7. 7.

    Commission Decision of 17 June 2016, Article 3.

  8. 8.

    This is particularly obvious in the Impact Assessment accompanying the interoperability proposals, which only briefly touches upon the question of potential human rights infringements, which are dealt with on one page altogether. Although the potential non-compliance with the data protection regime is more thoroughly assessed by looking at the necessity and proportionality of the proposed measures, the question remains what the value of the analysis is if the problem and pursued objective are not clearly defined, which is the main shortcoming of the Commission’s Impact Assessment (Eisele, 2020).

  9. 9.

    The analysis does not seek to be exhaustive, but rather presents a general overview with the aim of understanding the role of information systems as future parts of interoperability.

  10. 10.

    For a detailed analysis of the changes introduced by the second-generation Schengen Information System, see Brouwer, E. (2008). Digital Borders and Real Rights: Effective Remedies for Third-Country Nationals in the Schengen Information System. Leiden, Boston: Martinus Nijhof Publishers, 71–107; Boehm, F. (2012). Information Sharing and Data Protection in the Area of Freedom, Security and Justice: Towards Harmonised Data Protection Principles for Information Exchange at EU-level. Heidelberg, Dordrecht, London, New York: Springer, 261–280.

  11. 11.

    Regulation 2018/1861, Article 1; Regulation 2018/1862, Article 1.

  12. 12.

    Currently, 30 countries use the SIS II: 25 EU Member States, 3 of which are not a part of the Schengen area but nevertheless (partially) use the SIS (Bulgaria, Romania and Croatia) and 4 Schengen associated countries (Switzerland, Norway, Liechtenstein and Iceland) and the UK. The operation of the SIS II by the UK after it left the EU is yet to be determined.

  13. 13.

    The SIS II contains various categories of alerts relating to persons, e.g. missing persons, persons wanted for arrest, persons being sought to assist in a criminal procedure (witnesses or victims) and persons that are not entitled to enter or stay in the Schengen area.

  14. 14.

    For a thorough analysis of the VIS, see: Peers, S. (2009). Legislative Update: EC Immigration and Asylum Law, 2008: Visa Information System. European Journal of Migration and Law, 11(1) 69–94; Boehm, F. (2012). Information Sharing and Data Protection in the Area of Freedom, Security and Justice: Towards Harmonised Data Protection Principles for Information Exchange at EU-level. Heidelberg, Dordrecht, London, New York: Springer, 280292; Heyes, B. (2004). Statewatch analysis From the Schengen Information System to SIS II and the Visa Information (VIS): the proposals explained. Statewatch Report. Available at: https://www.sosf.ch/cms/upload/pdf/sis2.pdf (Accessed 2.5.2020).

  15. 15.

    The VIS contains two categories of personal data on EU citizens (name and surname), which are only added to the database in the event an EU citizen issues an invitation and/or is liable to pay a visa applicant’s subsistence costs during his or her stay (VIS Regulation, Article 9(4)(f)).

  16. 16.

    VIS Regulation, Article 2(g).

  17. 17.

    In fact, the whole process of establishing a common visa policy on the EU level was significantly affected by the terrorist activity at the beginning of the new millennium, which decisively tied together previously separated policy fields of migration and internal security. See, for example, Council Document 14523/01 (26.1.2002), which states: “(t)he events of 11 September 2001 … radically altered the situation, showing that visas are not just about controlling immigration but are above all an issue of EU member states’ internal security”.

  18. 18.

    For a critical appraisal of Eurodac, see: Brouwer, E. (2002). Eurodac: Its Limitations and Temptations. European Journal of Migration and Law, 4(2) 231–247; Aus, J. P. (2006). Eurodac: A Solution Looking for a Problem?. European Integration Online Papers, 10(6) 1–26; Vavoula N. (2015). The Recast Eurodac Regulation: Are Asylum Seekers Treated as Suspected Criminals? in: Bauloz C., Ineli-Ciger M., Singer S., Stoyanova V. (eds.). Seeking Asylum in the European Union. Selected Protection Issues Raised by the Second Phase of the Common European Asylum System. Brill Nijhoff.

  19. 19.

    Eurodac Regulation, Articles 5–7.

  20. 20.

    Eurodac Regulation, Article 11.

  21. 21.

    For an overview of the human rights implications of ETIAS, see: Alegre, S., Jeandesboz, J., Vavoula, N. (2017). European Travel Information and Authorisation System (ETIAS): Border management, fundamental rights and data protection. Study for the LIBE Committee.

  22. 22.

    Retention periods are stipulated in Article 54 of the ETIAS Regulation.

  23. 23.

    EES is part of the “Smart Borders Package”. See, for example: Napieralski, A. (2019). Collecting Data at EU Smart Borders: Data Protection Challenges of the New Entry/Exit System. juridikum 2019(2), 199–209; Dimitrova, D. (2016). The ‘Smartification’ of EU Borders: When ‘Smart’ Technology Does Not Come with ‘Smart’ Safeguards. CiTiP Working Paper 28/2016; Wojnowska-Radzińska, J. (2020). Regulation (EU) 2017/2226 of the European Parliament and of the Council of 30 November 2017 establishing an Entry/Exit System (EES) versus data protection—Is it done in the right way?. Review of European and Comparative Law, 37(2), 121–138.

  24. 24.

    EES Regulation, Article 6(1).

  25. 25.

    EES Regulation, Articles 14–20.

  26. 26.

    Ibid., Chapter 4.

  27. 27.

    ECRIS-TCN Regulation, Article 7.

  28. 28.

    Ibid., Articles 14–16.

  29. 29.

    Regulation (EU) 2018/1860; Regulation (EU) 2018/1861, Regulation (EU) 2018/1862.

  30. 30.

    Proposal for a Regulation of the European Parliament and of the Council establishing the conditions for accessing the other EU information systems and amending Regulation (EU) 2018/1862 and Regulation (EU) yyyy/xxx [ECRIS-TCN], 7. 1. 2019, COM(2019) 3 final; Proposal for a Regulation of the European Parliament and of the Council establishing the conditions for accessing other EU information systems for ETIAS purposes and amending Regulation (EU) 2018/1240, Regulation (EC) No 767/2008, Regulation (EU) 2017/2226 and Regulation (EU) 2018/1861, 7.1.2019, COM(2019) 4 final.

  31. 31.

    The limits to searching biometric data with the BMS are introduced in Article 14 of both interoperability Regulations: “Queries with biometric data shall take place in accordance with the purposes provided for in this Regulation and in Regulations (EC) No 767/2008, (EU) 2017/2226, (EU) 2018/1860, (EU) 2018/1861, (EU) 2018/1862 and (EU) 2019/816”.

  32. 32.

    The architecture of the SIS II is too complex to allow merging with other information systems and will therefore not be included in the CIR.

  33. 33.

    The Interoperability Impact Assessment estimates that by 2021 the data of roughly 218 million TCNs will be collected by at least one of the AFSJ information systems, with the largest portion (200 million) contained in the EES (SWD(2017) 473 final, 2017).

  34. 34.

    For more about the privacy implications of generalised, pre-emptive surveillance, see: Mitsilegas V. (2015) The Transformation of Privacy in an Era of Pre-emptive Surveillance. Tilburg Law Review, 20(1) 35–57; Mitsilegas V. (2014) The Value of Privacy in an Era of Security: Embedding Constitutional Limits on Preemptive Surveillance. International Political Sociology, 8(1) 104–108.

  35. 35.

    Data Retention Directive, Article 1.

  36. 36.

    PNR Directive, Article 1.

  37. 37.

    Agreement between the United States of America and the European Union on the use and transfer of passenger name records to the United States Department of Homeland Security, OJ L 215, 11.8.2012, p. 5–14.

  38. 38.

    Agreement between the European Union and Australia on the processing and transfer of Passenger Name Record (PNR) data by air carriers to the Australian Customs and Border Protection Service, OJ L 186, 14.7.2012, p. 4–16.

  39. 39.

    Article 52(3) of the Charter: “In so far as this Charter contains rights which correspond to rights guaranteed by the Convention for the Protection of Human Rights and Fundamental Freedoms, the meaning and scope of those rights shall be the same as those laid down by the said Convention. This provision shall not prevent Union law providing more extensive protection”.

  40. 40.

    See similarly Article 8(2) of ECHR: “There shall be no interference by a public authority with the exercise of this right except such as is in accordance with the law and is necessary in a democratic society in the interests of national security, public safety or the economic well-being of the country, for the prevention of disorder or crime, for the protection of health or morals, or for the protection of the rights and freedoms of others”.

  41. 41.

    “In this connection, it must be pointed out that any measure based on the premise that one or more of the characteristics set out in Article 2(e) of the envisaged agreement may be relevant, in itself or in themselves and regardless of the individual conduct of the traveller concerned, having regard to the purpose for which PNR data is to be processed, namely combating terrorism and serious transnational crime, would infringe the rights guaranteed in Articles 7 and 8 of the Charter, read in conjunction with Article 21 thereof” (Opinion 1/15, 2017a).

  42. 42.

    “Those data, taken as a whole, may allow very precise conclusions to be drawn concerning the private lives of the persons whose data has been retained, such as the habits of everyday life, permanent or temporary places of residence, daily or other movements, the activities carried out, the social relationships of those persons and the social environments frequented by them” (Digital Rights Ireland, 2014).

  43. 43.

    VIS Regulation, Article 9(4).

  44. 44.

    ETIAS Regulation, Article 17(2).

  45. 45.

    VIS Regulation, Article 9(4).

  46. 46.

    With regard to fingerprints in S. and Marper v. UK, the ECtHR noted that they “objectively contain unique information about the individual concerned, allowing his or her identification with precision in a wide range of circumstances”.

  47. 47.

    See, for example: Proposal for a Regulation of the European Parliament and of the Council establishing the conditions for accessing the other EU information systems and amending Regulation (EU) 2018/1862 and Regulation (EU) yyyy/xxx [ECRIS-TCN], 7 January 2019, COM(2019) 3 final; Proposal for a Regulation of the European Parliament and of the Council establishing the conditions for accessing other EU information systems for ETIAS purposes and amending Regulation (EU) 2018/1240, Regulation (EC) No 767/2008, Regulation (EU) 2017/2226 and Regulation (EU) 2018/1861, 7 January 2019, COM(2019) 4 final.

  48. 48.

    General Data Protection Directive (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, OJ L 119, 4.5.2016, p. 1–88), Police Directive (Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA, OJ L 119, 4.5.2016, p. 89–131; Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by Union institutions, bodies, offices, and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC, OJ L 295, 21.11.2018, p. 39–98, and Europol Regulation (Regulation (EU) 2016/794 of the European Parliament and of the Council of 11 May 2016 on the European Union Agency for Law Enforcement Cooperation (Europol) and replacing and repealing Council Decisions 2009/371/JHA, 2009/934/JHA, 2009/935/JHA, 2009/936/JHA, and 2009/968/JHA, OJ L 135, 24.5.2016, p. 53–114.

  49. 49.

    The general purpose of the SIS is “to ensure a high level of security within the area of freedom, security and justice of the Union”, as provided in Article 1 of Regulation (EU) 2018/1861 and Regulation (EU) 2018/1862.

  50. 50.

    Paragraph 2 of Article 2 of the Interoperability Regulations stipulates the following objectives: (a) to improve the effectiveness and efficiency of border checks at external borders; (b) to contribute to the prevention and combating of illegal immigration; (c) to contribute to a high level of security within the area of freedom, security and justice of the Union, including the maintenance of public security and public policy and safeguarding security in the territories of the Member States; (d) to improve the implementation of the common visa policy; (e) to assist in the examination of applications for international protection; (f) to contribute to the prevention, detection and investigation of terrorist offences and of other serious criminal offences; (g) to facilitate the identification of unknown persons who are unable to identify themselves or unidentified human remains in the case of a natural disaster, accident or terrorist attack.

  51. 51.

    Interoperability Regulations, Articles 8, 12, 17 and 25.

  52. 52.

    For an overview of law enforcement access to AFSJ databases, see: Vavoula, N. (2020). Consultation of Immigration Databases for Law Enforcement Purposes: A Necessary and Proportionate Interference with Privacy and Data Protection Rights?. Available at: https://www.academia.edu/41195137/_Consultation_of_Immigration_Databases_for_Law_Enforcement_Purposes_A_Necessary_and_Proportionate_Interference_with_Privacy_and_Data_Protection_Rights (Accessed: 2.5.2020).

  53. 53.

    Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, OJ L 281, 23 November 1995, p. 31–50.

References

  • Aden, H. (2020). Interoperability between EU policing and migration databases: Risks for privacy. European Public Law, 26(1), 93–108.

    Google Scholar 

  • Alegre, S., Jeandesboz, J., & Vavoula, N. (2017). European travel information and authorisation system (ETIAS): Border management. Fundamental Rights and Data Protection. Study for the LIBE Committee.

    Google Scholar 

  • Article 29 Data Protection Working Party. (2012). Opinion 3/2012 on developments in biometric technologies.

    Google Scholar 

  • Aus, J. P. (2006). Eurodac: A solution looking for a problem? European Integration Online Papers, 10(6), 1–26. http://eiop.or.at/eiop/pdf/2006-006.pdf

    Google Scholar 

  • Baldaccini, A. (2008). Counter-terrorism and the EU strategy for border security framing suspects with biometric documents and databases. European Journal of Migration and Law, 10(1), 31–49. https://doi.org/10.1163/138836407X261308

    Article  Google Scholar 

  • Blasi Casagran, C. (2017). Global data protection in the field of law enforcement: An EU perspective. Routledge.

    Google Scholar 

  • Boehm, F. (2012). Information sharing and data protection in the area of freedom, security and justice: Towards harmonised data protection principles for information exchange at EU-level. Springer.

    Book  Google Scholar 

  • Broeders, D., & Hampshire, J. (2013). Dreaming of seamless borders: ICTs and the pre-emptive governance of mobility in Europe. Journal of Ethnic and Migration Studies, 39(8), 1201–1218. https://doi.org/10.1080/1369183X.2013.787512

    Article  Google Scholar 

  • Brouwer, E. (2002). Eurodac: Its limitations and temptations. European Journal of Migration and Law, 4(2), 231–247.

    Google Scholar 

  • Brouwer, E. (2008). Digital Borders and real rights: Effective remedies for third-country nationals in the Schengen information system. Martinus Nijhoff.

    Book  Google Scholar 

  • Brouwer, E. (2011). Legal boundaries and the use of migration technology. In H. Dijstelbloem & A. Meijer (Eds.), Migration and the new technological borders of Europe. Migrations, minorities and citizenship. Palgrave Macmillan.

    Google Scholar 

  • Brouwer, E. (2020). Large-scale databases and interoperability in migration and border policies: The non-discriminatory approach of data protection. European Public Law, 26(1), 71–92.

    Google Scholar 

  • Charter of Fundamental Rights of the European Union. (2012, October 26). OJ C 326 (pp. 391–407).

    Google Scholar 

  • CJEU. (2008, September 3). Joined Cases C-402/05 P and C-415/05 P. Yassin Abdullah Kadi and Al Barakaat International Foundation v. Council of the European Union and Commission of the European Communities, Judgment of the Court (Grand Chamber).

    Google Scholar 

  • CJEU. (2014, April 8). Joined Cases C-293/12 and C-594/12. Digital Rights Ireland, Digital Rights Ireland Ltd v. Minister for Communications, Marine and Natural Resources and Others and Kärntner Landesregierung and Others, Judgment of the Court (Grand Chamber).

    Google Scholar 

  • CJEU. (2016, December 21). Joined Cases C-203/15 and C-698/15. Tele2 Sverige AB v. Post- och telestyrelsen and Secretary of State for the Home Department v. Tom Watson and Others, Judgment of the Court (Grand Chamber).

    Google Scholar 

  • CJEU. (2017a, July 26). Opinion 1/15 of the Court (Grand Chamber).

    Google Scholar 

  • CJEU. (2017b, July 18). Case 275/06, Productores de Música de España (Promusicae) v. Telefónica de España SAU, Opinion of Advocate General Kokott.

    Google Scholar 

  • Commission of the European Communities. (2005, November 24). Communication from the Commission to the Council and the European Parliament on Improved Effectiveness. Enhanced Interoperability and Synergies among European Databases in the Area of Justice and Home Affairs. COM(2005) 597 final.

    Google Scholar 

  • Commission of the European Communities. (2008, February 13). Communication from the Commission to the European Parliament. The Council, the European Economic and Social Committee and the Committee of the Regions. Preparing the Next Steps in Border Management in the European Union. COM(2008) 69 final.

    Google Scholar 

  • Council and Commission Action Plan. (2005, August 12). Council and Commission Action Plan Implementing the Hague Programme on Strengthening Freedom, Security and Justice in the European Union. In OJ C 198 (pp. 1–22).

    Google Scholar 

  • Council of the European Union. (2001, October 24). Additional Measures to Combat Terrorism—Proposals by the German Delegation. 13176/01.

    Google Scholar 

  • Council of the European Union. (2015a, September 25). Document no. 12272/15, Brussels.

    Google Scholar 

  • Council of the European Union. (2015b, November 17). Document no. 13193/15, Brussels.

    Google Scholar 

  • Council of the European Union. (2016, June 6). Roadmap to enhance information exchange and information management including interoperability solutions in the justice and home affairs area. Brussels. 9368/1/16.

    Google Scholar 

  • Council of the European Union. (2019, February 26). Document no. 6600/19, Brussels.

    Google Scholar 

  • De Hert, P., & Gutwirth, S. (2006). Interoperability of police databases within the EU: An accountable political choice? International Review of Law, Computers & Technology, 20(1–2), 21–35. https://doi.org/10.2139/ssrn.971855

    Article  Google Scholar 

  • Dimitrova, D. (2016). The ‘smartification’ of EU Borders: When ‘smart’ technology does not come with ‘smart’ safeguards. In CiTiP Working Paper 28/2016.

    Google Scholar 

  • Directive (EU). (2016, May 4). 2016/681 of the European Parliament and of the Council of 27 April 2016 on the use of passenger name record (PNR) data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime. In OJ L 119 (pp. 132–149).

    Google Scholar 

  • Directive 2006/24/EC. (2006, April 13). Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the retention of data generated or processed in connection with the provision of publicly available electronic communications services or of public communications networks and amending Directive 2002/58/EC. In OJ L 105 (pp. 54–63).

    Google Scholar 

  • Directive 95/46/EC. (1995, November 23). Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. In OJ L 281 (pp. 31–50).

    Google Scholar 

  • ECHR. (1983, March 25). Silver and others v. UK, App No 6205/73.

    Google Scholar 

  • ECHR. (1987, March 26). Leander v. Sweden, App No 9248/81.

    Google Scholar 

  • ECHR. (1998, March 25). Kopp v. Switzerland, App No 10842/84.

    Google Scholar 

  • ECHR. (2000a, February, 16). Amann v. Switzerland, App No 27798/95.

    Google Scholar 

  • ECHR. (2000b, May 4). Rotaru v. Romania, App No 28341/95.

    Google Scholar 

  • ECHR. (2006, June 29). Weber and Saravia v. Germany, App No 54934/00.

    Google Scholar 

  • ECHR. (2008a, July 1). Liberty and Others v. the United Kingdom, App No 58243/00.

    Google Scholar 

  • ECHR. (2008b, December 4). S. and Marper v. UK, App No 30562/04, App No 30566/04.

    Google Scholar 

  • ECHR. (2013, April 18). M. K. v. France, App No 19522/09.

    Google Scholar 

  • Eisele, K. (2020). Interoperability between EU Information Systems through the Lens of Impact Assessment—What does the Evidence Say? Blog Forum Interoperable Information Systems in the EU Area of Freedom, Security and Justice. http://www.migrationpolicycentre.eu/interoperability-eu-information-systems/

  • Eldridge, T. R., Ginsburg, S., Hempel, W. T. II, Kephart, J. L., & Moore, K. (2004). 9/11 and terrorist travel. Staff report of the National Commission on terrorist attacks upon the United States. https://govinfo.library.unt.edu/911/staff_statements/911_TerrTrav_Monograph.pdf

  • eu-LISA. (2019, February). SIS II - 2018 Statistics. https://www.eulisa.europa.eu/Publications/Reports/SIS%202018%20statistics.pdf

  • European Commission. (2015a, April 28). Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions. The European Agenda on Security. COM(2015) 185 final.

    Google Scholar 

  • European Commission. (2015b, May 13). Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions. A European Agenda on Migration. COM(2015) 240 final.

    Google Scholar 

  • European Commission. (2016a, July 15). Commission Decision of 17 June 2016 setting up the high-level expert group on information systems and interoperability. In OJ C 257 (pp. 3–6).

    Google Scholar 

  • European Commission. (2016b, April 6). Communication from the Commission to the European Parliament and the Council. Stronger and Smarter Information Systems for Borders and Security. COM(2016) 205 final.

    Google Scholar 

  • European Commission. (2016c, November 16). Proposal for a Regulation of the European Parliament and of the Council establishing a European Travel Information and Authorisation System (ETIAS) and amending Regulations (EU) No 515/2014, (EU) 2016/399, (EU) 2016/794 and (EU) 2016/1624. COM(2016) 731 final.

    Google Scholar 

  • European Commission. (2017a, December 12). Proposal for a Regulation of the European Parliament and of the Council on establishing a framework for interoperability between EU information systems (police and judicial cooperation, asylum and migration). COM(2017) 794 final.

    Google Scholar 

  • European Commission. (2017b, December 12). Proposal for a Regulation of the European Parliament and of the Council on establishing a framework for interoperability between EU information systems (borders and visa) and amending Council Decision 2004/512/EC. Regulation (EC) No 767/2008, Council Decision 2008/633/JHA, Regulation (EU) 2016/399 and Regulation (EU) 2017/2226. COM(2017) 793 final.

    Google Scholar 

  • European Commission. (2020). Knowledge for policy. EURODAC. https://ec.europa.eu/knowledge4policy/dataset/ds00008_en

  • European Council. (2015, December 18). Conclusions of the European Council Meeting. EUCO 28/15.

    Google Scholar 

  • European Data Protection Supervisor. (2017, November 11). Reflection paper on the interoperability of information systems in the area of freedom, security and justice.

    Google Scholar 

  • European Data Protection Supervisor. (2018, April 16). Opinion 4/2018 on the Proposals for two Regulations Establishing a Framework for Interoperability between EU Large-Scale Information Systems.

    Google Scholar 

  • European Parliament. (2014, March 12). European Parliament Resolution of 12 March 2014 on the US NSA Surveillance Programme. Surveillance Bodies in Various Member States and Their Impact on EU Citizens’ Fundamental Rights and on Transatlantic Cooperation in Justice and Home Affairs. (2013/2188(INI)).

    Google Scholar 

  • European Union Agency for Fundamental Rights. (2018, April 1). Interoperability and fundamental rights implications. FRA Opinion 1/2018.

    Google Scholar 

  • Galli, F. (2019). Interoperable law enforcement. Cooperation challenges in the EU area of freedom, security and justice. In Robert Schuman Centre for Advanced Studies Research Paper no. RSCAS 2019/15.

    Google Scholar 

  • Gellman, B. & Poitras, L. (2013). U.S., British intelligence mining data from nine U.S. internet companies in broad secret program. The Washington Post. https://www.washingtonpost.com/investigations/us-intelligence-mining-data-from-nine-us-internet-companies-in-broad-secret-program/2013/06/06/3a0c0da8-cebf-11e2-8845-d970ccb04497_story.html

  • Geyer, F., Carrera, S. & Guild, E. (2008). The Commission’s New Border Package Does it take us one step closer to a ‘cyber-fortress Europe’? CEPS Policy Brief. https://www.ceps.eu/ceps-publications/the-commissions-new-border-package-does-it-take-us-one-step-closer-to-a-cyber-fortress-europe/

  • Greenwald, G. & MacAskill, E. (2013). NSA prism program taps into user data of Apple, Google and others. The Guardian. https://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data

  • Hanke, P., & Vitello, D. (2019). High tech migration control in the EU and beyond: The legal challenges of “enhanced interoperability”. In E. Carpanelli & N. Lazzerini (Eds.), Use and misuse of new technologies. Springer.

    Google Scholar 

  • Heyes, B. (2004). Statewatch analysis. From the Schengen information system to SIS II and the visa information (VIS): The proposals explained. Statewatch report. https://www.sosf.ch/cms/upload/pdf/sis2.pdf

  • High-Level Expert Group on Information Systems and Interoperability. (2017, May). Final Report.

    Google Scholar 

  • Mitsilegas, V. (2014). The value of privacy in an era of security: Embedding constitutional limits on preemptive surveillance. International Political Sociology, 8(1), 104–108. https://doi.org/10.1111/ips.12043

    Article  Google Scholar 

  • Mitsilegas, V. (2015). The transformation of privacy in an era of pre-emptive surveillance. Tilburg Law Review, 20(1), 35–57. https://doi.org/10.1163/22112596-02001006

    Article  Google Scholar 

  • Napieralski, A. (2019). Collecting data at EU smart Borders: Data protection challenges of the new entry/exit system. Juridikum, 2019(2), 199–209. https://doi.org/10.33196/juridikum201902019901

    Article  Google Scholar 

  • Peers, S. (2009). Legislative update: EC immigration and asylum law, 2008: Visa information system. European Journal of Migration and Law, 11(1), 69–94. https://doi.org/10.1163/157181609X410593

    Article  Google Scholar 

  • Proposal for a Regulation of the European Parliament and of the Council amending Regulation (EC) No 767/2008, Regulation (EC) No 810/2009, Regulation (EU) 2017/2226, Regulation (EU) 2016/399, Regulation XX/2018 [Interoperability Regulation], and Decision 2004/512/EC and repealing Council Decision 2008/633/JHA. 2018. COM(2018) 302 final.

    Google Scholar 

  • Quintel, T. (2018). Connecting personal data of third country nationals: Interoperability of EU databases in the light of the CJEU’s case law on data retention. University of Luxembourg law Working Paper no. 002-2018.

    Google Scholar 

  • Regulation (EC). (2008, August 13). Regulation (EU) No 767/2008 of the European Parliament and of the Council of 9 July 2008 concerning the Visa Information System (VIS) and the exchange of data between Member States on short-stay visas (VIS Regulation). In OJ L 218 (pp. 60–81).

    Google Scholar 

  • Regulation (EC). (2013a, June 29). Regulation (EU) No 603/2013 of the European Parliament and of the Council of 26 June 2013 on the establishment of ‘Eurodac’ for the comparison of fingerprints for the effective application of Regulation (EU) No 604/2013 establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person and on requests for the comparison with Eurodac data by Member States’ law enforcement authorities and Europol for law enforcement purposes, and amending Regulation (EU) No 1077/2011 establishing a European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice. In OJ L 180 (pp. 1–30).

    Google Scholar 

  • Regulation (EC). (2013b, June 29). Regulation (EU) No 604/2013 of the European Parliament and of the Council of 26 June 2013 establishing the criteria and mechanisms for determining the Member State responsible for examining an application for international protection lodged in one of the Member States by a third-country national or a stateless person. In OJ L 180 (pp. 31–59).

    Google Scholar 

  • Regulation (EC). (2017, December 9). Regulation (EU) 2017/2226 of the European Parliament and of the Council of 30 November 2017 establishing an Entry/Exit System (EES) to register entry and exit data and refusal of entry data of third-country nationals crossing the external borders of the Member States and determining the conditions for access to the EES for law enforcement purposes, and amending the Convention implementing the Schengen Agreement and Regulations (EC) No 767/2008 and (EU) No 1077/2011. In OJ L 327 (pp. 20–82).

    Google Scholar 

  • Regulation (EC). (2018a, September 19). Regulation (EU) 2018/1240 of the European Parliament and of the Council of 12 September 2018 establishing a European Travel Information and Authorisation System (ETIAS) and amending Regulations (EU) No 1077/2011, (EU) No 515/2014, (EU) 2016/399, (EU) 2016/1624 and (EU) 2017/2226. In OJ L 236 (pp. 1–71).

    Google Scholar 

  • Regulation (EC). (2018b, December 7). Regulation (EU) 2018/1860 of the European Parliament and of the Council of 28 November 2018 on the use of the Schengen Information System for the return of illegally staying third-country nationals. In OJ L 312 (pp. 1–13).

    Google Scholar 

  • Regulation (EC). (2018c, December 7). Regulation (EU) 2018/1861 of the European Parliament and of the Council of 28 November 2018 on the establishment, operation and use of the Schengen Information System (SIS) in the field of border checks, and amending the Convention implementing the Schengen Agreement, and amending and repealing Regulation (EC) No 1987/2006. In OJ L 312 (pp. 14–55).

    Google Scholar 

  • Regulation (EC). (2018d, December 7). Regulation (EU) 2018/1862 of the European Parliament and of the Council of 28 November 2018 on the establishment, operation and use of the Schengen Information System (SIS) in the field of police cooperation and judicial cooperation in criminal matters, amending and repealing Council Decision 2007/533/JHA, and repealing Regulation (EC) No 1986/2006 of the European Parliament and of the Council and Commission Decision 2010/261/EU. In OJ L 312 (pp. 56–106).

    Google Scholar 

  • Regulation (EC). (2019a, May 22). Regulation (EU) 2019/816 of the European Parliament and of the Council of 17 April 2019 establishing a centralised system for the identification of Member States holding conviction information on third-country nationals and stateless persons (ECRIS-TCN) to supplement the European Criminal Records Information System and amending Regulation (EU) 2018/1726. In OJ L 135 (pp. 1–26).

    Google Scholar 

  • Regulation (EC). (2019b, May 22). Regulation (EU) 2019/817 of the European Parliament and of the Council of 20 May 2019 on establishing a framework for interoperability between EU information systems in the field of borders and visa and amending Regulations (EC) No 767/2008, (EU) 2016/399, (EU) 2017/2226, (EU) 2018/1240, (EU) 2018/1726 and (EU) 2018/1861 of the European Parliament and of the Council and Council Decisions 2004/512/EC and 2008/633/JHA. In OJ L 135 (pp. 27–84).

    Google Scholar 

  • Regulation (EC). (2019c, May 22). Regulation (EU) 2019/818 of the European Parliament and of the Council of 20 May 2019 on establishing a framework for interoperability between EU information systems in the field of police and judicial cooperation, asylum and migration and amending Regulations (EU) 2018/1726, (EU) 2018/1862 and (EU) 2019/816. In OJ L 135 (pp. 85–135).

    Google Scholar 

  • Remarks by GEN Keith Alexander, the Director of the NSA and Commander of the US Cyber Command at the Aspen Security Forum on 18 July 2013. https://www.nsa.gov/news-features/speeches-testimonies/Article/1619508/transcript-of-remarks-by-gen-keith-alexander-commander-us-cyber-command-uscyber/

  • Salbu, S. (2002). The European Union data privacy directive and international relations. Vanderbilt Journal Transnational Law, 35(2).

    Google Scholar 

  • Speech Given by the President of the United States, Barack Obama on 17.1.2014. https://www.youtube.com/watch?v=p4MKm2uFqVQ

  • Sulić Kenk, V., Križaj, J., Štruc, V., & Dobrišek, S. (2013). Smart surveillance technologies in border control. European Journal of Law and Technology, 4(2).

    Google Scholar 

  • The Hague Programme. (2005, March 3). Strengthening Freedom, Security and Justice in the European Union. In OJ C 53 (pp. 1–14).

    Google Scholar 

  • Trochu, S., & Touret, O. (2013). Managing the border, smartly. In EISIC ‘13: Proceedings of the 2013 European intelligence and security informatics conference (pp. 281–284). https://doi.org/10.1109/EISIC.2013.72

    Chapter  Google Scholar 

  • United Nations General Assembly. (2013). Resolution Adopted by the General Assembly on 18 December 2013, The Right to Privacy in the Digital Age. A/RES/68/167.

    Google Scholar 

  • Vavoula, N. (2015). The recast Eurodac regulation: Are asylum seekers treated as suspected criminals? In C. Bauloz, M. Ineli-Ciger, S. Singer, & V. Stoyanova (Eds.), Seeking asylum in the European Union. Selected protection issues raised by the second phase of the Common European Asylum System. Brill Nijhoff.

    Google Scholar 

  • Vavoula, N. (2019, Forthcoming). The ‘puzzle’ of EU large-scale information Systems for Third-Country Nationals: Surveillance of movement and its challenges for privacy and personal data protection. European Law Review.

    Google Scholar 

  • Vavoula, N. (2020). Consultation of immigration databases for law enforcement purposes: A necessary and proportionate interference with privacy and data protection rights?. https://www.academia.edu/41195137/_Consultation_of_Immigration_Databases_for_Law_Enforcement_Purposes_A_Necessary_and_Proportionate_Interference_with_Privacy_and_Data_Protection_Rights

  • Wojnowska-Radzińska, J. (2020). Regulation (EU) 2017/2226 of the European Parliament and of the Council of 30 November 2017 establishing an Entry/Exit System (EES) versus data protection—Is it done in the right way? Review of European and Comparative Law, 37(2), 121–138. https://doi.org/10.31743/recl.4829

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Criminology at the Faculty of Law, Ljubljana, Slovenia

    Pika Šarf

Authors
  1. Pika Šarf
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Pika Šarf .

Editor information

Editors and Affiliations

  1. Institute of Criminology at the Faculty of Law Ljubljana, Ljubljana, Slovenia

    Aleš Završnik

  2. Institute of Criminology at the Faculty of Law Ljubljana, Ljubljana, Slovenia

    Vasja Badalič

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Šarf, P. (2021). Automating Freedom, Security and Justice: Interoperability of AFSJ Databases as a Move Towards the Indiscriminate Mass Surveillance of Third-Country Nationals. In: Završnik, A., Badalič, V. (eds) Automating Crime Prevention, Surveillance, and Military Operations. Springer, Cham. https://doi.org/10.1007/978-3-030-73276-9_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-73276-9_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-73275-2

  • Online ISBN: 978-3-030-73276-9

  • eBook Packages: Law and CriminologyLaw and Criminology (R0)

Publish with us

Policies and ethics

Search

Navigation