Select Committee on European Union Minutes of Evidence


Examination of Witnesses (Questions 220-239)

Mr Philip Geering, Ms Carmen Dowd, Superintendent Mike Flynn and Mr Rob Wainwright

1 NOVEMBER 2006

  Q220  Lord Corbett of Castle Vale: Can you say whether there is any statistical data available on the use of SIS and SIRENE by other Member States? Is there any information available on the number of complaints made about inaccurate data and other exercise of data protection rights in other Member States? What is the experience so far on the ground?

  Superintendent Flynn: First of all, regarding the use of the system I have brought along the statistics for the amount of alerts on the existing system as of midnight on 17 October. I can provide these to you because it covers all the alerts and all the Member States. I have also brought along the latest set of statistics regarding the number of hits as reported by the various SIRENE bureaux around Europe, and, again, that breaks it down by country, by year and by Article. So we can actually illustrate the amount of use and the amount of success that they get from the system.

  Q221  Chairman: If you are prepared to leave that with us afterwards it would be very helpful; or send it to us.

  Superintendent Flynn: I think I am entitled to, yes. Then regarding complaints, there is not any standard reporting of complaints regarding data protection inquiries because each Member State deals with them in their own way and it could well be that a complainant or an inquirer will get in touch with the data owner in the actual country, so they could be getting in touch either with a SIRENE bureau or they could be getting in touch with a police force or a Customs agency without any reference to their Information Commissioner, and so there is no central reporting. I got in touch with the member of the Council in Brussels who liaises with the Joint Supervisory Authority, which is the co-ordinated data protection mechanism. He said that there were no central statistics available, but anecdotally he said that the bulk of the small number of complaints that there are are really queries regarding Article 96, and this is where people have tried to get a visa to enter the Schengen area, have found that they are on the system and wish to query why they are on the system. So that is the extent of the reporting so far.

  Q222  Lord Corbett of Castle Vale: In September the Commission adopted a new version of the SIRENE manual which governs the exchange of supplementary information between Member States. Do you know why this text has not been made public and are you aware of any significant changes having been made to the previous version? Do you anticipate whether further changes will have to be made in the light of SIS II?

  Mr Wainwright: Yes, I think you are referring to the updated SIRENE manual for SIS I Plus, I think it is, which was adopted, as you say, earlier in the year. As we are not members of SIS currently of course we were not party to the drafting of that manual and did not receive an official copy, nor should we have, although we have now of course been given a copy, if you like, as an information addressee. I understand that it has not been made public because the Annex to the document is classified the equivalent of UK restricted, and that is because it has the contact details of SIRENE bureaux and their officers and that is classified in the way I have described. A draft of the SIS II manual is currently underway and is expected to be issued by January next year—so quite soon now—and is likely to be adopted in April or May of next year. We are involved in that drafting committee work and in fact we do anticipate in that case that that particular manual will be made publicly available.

  Q223  Lord Corbett of Castle Vale: Are you aware of any changes between the two? Are there major changes or is it tidying up?

  Mr Wainwright: I think it is mainly tidying up; there are no significant changes.

  Chairman: Baroness Henig.

  Baroness Henig: I think you have covered what I was going to ask in Mr Geering's opening statement. I do not know if you want more detail?

  Chairman: No, thank you. Lord Avebury.

  Q224  Lord Avebury: Could we turn to the question of biometric information and what is currently taken from persons in the UK for criminal justice and law enforcement purposes, and could you say what the process will be for transmitting this information to SIS II? Will the UK procedures for taking biometric information be amended in the light of the planned application of SIS II?

  Superintendent Flynn: My Lord Chairman, essentially fingerprints and photographs are taken either by consent during investigation or from suspects when they are detained at a police station in consequence of being arrested for a recordable offence or when another legal requirement exists for them to be provided. It is envisaged at this stage that biometric information—we talk about fingerprints in the first instance—would be posted centrally on to the SIS and linked to an alert, and really in this case we are largely looking at extradition alerts. We would do that from the National Automated Fingerprint Identification System that exists in the UK. It is possible that we could provide fingerprints for specific vulnerable missing person cases as well and possibly photographs. There is no intention of routinely circulating on the SIS any other biometric records; we have to keep a strict separation between the national system and the Schengen Information System. So ideally we would be looking at a situation in the first instance where somebody is arrested, they give their details to a police officer in whichever country they happen to be; there is then the opportunity of being able to download from a central system the link to fingerprints to confirm the identity. So that is how it is envisaged in the first instance. What they are then considering is whether we will be able to use them for identification purposes, which we consider to be particularly valuable because we know that criminals tend to lie about their identity and therefore it would be much more useful to be able to check their fingerprints. We do use the National Automated Fingerprint Identification System; the intention is that when either somebody is arrested or when there is an incoming European Arrest Warrant, there will be the opportunity to check whether we already know this person, whether we know them by that identity, and sometimes it might even be, where they are. For example, they could already be in custody and it would be useful to be able to flag that up. At this time, if you are talking about photographs, although there is a project underway, and that is the Facial Image National Database, that is only building the database at this time so we have no method at this time of linking that to the SIS. Prior to the identification side going live, that is where we have somebody in custody and we would look to identify them primarily from their fingerprints, there would be European Parliamentary scrutiny of this and the Commission will actually put forward a report regarding the availability of technology and the reliability of the technology to allow us to make that important step, and we do view that as a very important step. Regarding how it actually works, in the UK we use a technology called "Livescan", which in many ways looks like a sophisticated photocopier. It is much more reliable than the old ink fingerprints and essentially takes a scan of the fingerprints to a much higher quality than we were able to do before. That then gives you an initial feedback as to whether you have a match and a high, medium and low success rating. If the person protests that it is not them, even though we have a match on the system, there is a further stage where we actually go to a fingerprint expert and the fingerprint expert carries out a check on the prints as well. That is most important, to get the identity right, not to inconvenience people, and we can actually turn those around typically in about an hour and 20 minutes, which, again, is much faster than we were able to do with ink fingerprints. Is there anything else you would like to know about the system?

  Q225  Lord Avebury: I would like to ask you in particular about the use of DNA profiles. We have the largest DNA database in the world, I understand. Is there any suggestion that that can be used in SIS II?

  Superintendent Flynn: At this time it is not actually within the design; they are looking at fingerprints and photographs. Although I think looking to the future it would be extremely sensible to look at the availability of DNA profiling to be able to exchange between Member States, but initially we are looking at fingerprints and photographs.

  Q226  Lord Avebury: Could you then say how the UK procedure for taking biometric information compares with the procedure in other Member States and whether there will be standard rules on the enrolment of biometric data, so as to make it comparable between Member States, and will that require any changes in UK practice?

  Superintendent Flynn: On that one, the UK is actually something of a leader in biometric information, but there are discussions between the Member States regarding standards, and I know that my colleagues in SOCA work with Interpol on establishing standards for photographs, fingerprints, and, again, we will be looking at international standards on DNA. So on that one, there are working groups where we agree the standards. As far as we are concerned we are already well in advance of these and therefore we collaborate with our other Member States to ensure that we are working to the same standard, but they are usually the internationally agreed standards that we all work to.

  Mr Wainwright: Although I have to say that practices are rather different so in some Member States biometric data is taken for administrative purposes to support a national ID card system, for example, whereas, as Superintendent Flynn has said already this morning, in the UK we only take it by judicial authority. So there is an important difference. But the application of those standards in SIS will not require any changes to the UK system.

  Q227  Lord Avebury: I am conscious of the fact that some of the questions we are asking you ought to be dealt with on the SIRENE website, which I had a look at, and there is a Frequently Asked Questions page there, but there are not any links from the Frequently Asked Questions page to the answers. Are you planning to expand the SIRENE website so that that will be remedied?

  Superintendent Flynn: Thank you for that feedback; we will make sure that is changed! Yes, we will update it. We do not want to necessarily get expectations up as we are going through a relatively long project, but the communications and marketing strategy, at that time will be put in place to make sure that people are aware of this new initiative. Then when we do get questions coming into the website, if we get them often enough we can extend the Frequently Asked Questions page.

  Q228  Chairman: Can I just go back to fingerprints for a moment? How often is there a false match in fingerprint identification? Give me a rough idea, both from our practice and, indeed, if you know it, from SIS's practice?

  Superintendent Flynn: Thank you, my Lord Chairman. On that one I discussed this issue with the director in the police IT organisation, and what you can do on a fingerprint system is you can change the algorithms regarding the sensitivity, so that in fact you would get no false hits but actually you would miss something where the computer was 99.9 per cent certain that it was that person. So there was a balance to be struck; that is why you get the high, medium, low response, and if there is any further doubt you go to the verified ID stage, where you go to a fingerprint expert. So to actually talk about percentages can be quite difficult and misleading because you can actually vary the accuracy of the sensors.

  Q229  Lord Marlesford: Following up on that, if I may, for example when one comes into the US now one has one's fingerprints taken immediately. They presumably have those on some sort of database.

  Mr Wainwright: Yes.

  Q230  Lord Marlesford: Is that database available to SIS or to us?

  Mr Wainwright: It is not available to SIS because of course the United States is outside the European Union, but it is available to UK law enforcement through other cooperation channels that my organisation operate.

  Q231  Chairman: Can we turn to flagging alerts, and you may have to explain to me what I mean! In what circumstances will the UK authorities be flagging alerts so as to prevent action taking place on the basis of the alerts? How does this compare with the practice of our fellow Member States and will their practices be likely to change with the application of SIS II, in particular in those Member States where the European Arrest Warrant is currently inapplicable. Do you understand that question and can you give me an answer to it?

  Superintendent Flynn: We will try! First of all, I will deal with flags. On the system there are flags which are essentially markers for each Member State and when an alert arrives in that Member State and they validate it, it might be that for certain reasons they cannot action that alert. They would then get in touch with the UK SIRENE bureau or whichever SIRENE bureau had launched the alert and ask for their flag to be set against it, and it just means that they will not be seeking to take the action that we have requested.

  Mr Wainwright: Indeed, most grounds for flagging in the system to date have been around what is Article 95 alerts, which have since of course been replaced by the European Arrest Warrants, so most of the flags we used in the past around extradition requests, the European Arrest Warrant provisions now supersede that and so the grounds for the majority in the past have now been taken away. It is still possible, of course, to flag in other areas, particularly around missing persons and also the Article that deals with the need for discreet checks, for example, discreet surveillance of a subject, so it is still possible to do that, but the amount of flagging that is now done in the system is considerably lower.

  Q232  Chairman: Can you give me an example of flagging? Would it be your concern that action might in fact ruin a surveillance operation?

  Mr Wainwright: Quite, that is a very good example and there might be others that Mike can provide.

  Superintendent Flynn: A lot of this is still under discussion for SIS II as they decide whether there will be automatic changes of action requested or flags put on the system, but, say, for example, we launched an alert for a vulnerable missing person, they were found in another Member State and within their national law they had to make an assessment as to whether this person was suffering from a psychiatric condition that rendered them vulnerable. Their specialists disagree with our view, therefore they cannot, under their national law, do what we ask; they would then get in touch with us because they would not want the person to walk out, be stopped by the next police officer and the same action commenced again. So they would ask that a flag be set on that so that they did not do it. Similarly, there are some countries where, if you ask for a specific check as opposed to a discreet check, they would say that actually under their law they are not empowered to do that and therefore they would automatically want to turn all the requests for specific checks into discreet checks.

  Q233  Baroness Henig: I think I understand, so the flag is issued when the UK issues an alert, and then it is flagged if the other country cannot take action. But is that time-limited? Maybe they could take action next year, or how long does the flag stay on? Is that it, is that forever?

  Superintendent Flynn: If they cannot take the action or, for example, we had sent an extradition request and it was missing a key piece of detail, they might ask for that piece of detail but in the interim they would flag the alert pending us sending the information through, so that they could then ask for their flag to be removed.

  Q234  Baroness Henig: So there are different categories of flags?

  Superintendent Flynn: Again, much of this is under discussion as to how it will work in SIS II and whether we will have flags or automatic changes.

  Q235  Lord Corbett of Castle Vale: You want to talk to the Royal Navy!

  Superintendent Flynn: But on this one the general theme is that if temporarily or permanently they cannot do something that we ask there is some way of marking the record so that law enforcement officers do not take the action that we have requested.

  Baroness Henig: I am thinking that it might be useful to differentiate between the temporary and the "that is it" one.

  Q236  Earl of Caithness: I want to ask about the working operation for the law enforcement officer? At the moment there is a difference between the wording in the framework directive and in SIS II about information that is taken for national use and information that is spread between Member States. How is the law enforcement officer actually going to operate this in practice when he is taking data on a national basis under one criteria, only to find that in due course that information is then sent abroad to the SIS II system and is hawked around the other Member States?

  Superintendent Flynn: Are we talking about the creation of an alert, or the response to an alert?

  Q237  Earl of Caithness: Tell me the answer to both of those.

  Superintendent Flynn: What we have done essentially between ACPO and ACPO(S), SOCA and the Crown Prosecution Service, we have worked out end-to-end business processes and rules regarding the creation of alerts. Some alerts we would describe as optional: that is, not every wanted person on the Police National Computer goes to the Schengen Information System; it is only those where we have been through the business rules and we have agreed that there will be an European Arrest Warrant, there is CPS approval, there is SIRENE bureau validation and off it goes. So from that it is a strict business process. There are others, such as stolen motor vehicles, where any reported stolen motor vehicle in the UK that is placed on the Police National Computer will go to the Schengen Information System because we could not put in place any justifiable business rules saying that we will only put valuable cars on the system, because we found from talking to our partners in the other Member States that quite often it will be low value cars that were stolen and were exported en masse perhaps across Europe towards the Balkans where there was a ready market for them. So in these areas, where we simply could not justify it to ourselves or the public, putting some kind of barring, what we are saying is that every stolen motor vehicle, firearm, trailer that meets the rules that goes on to the Police National Computer will automatically go to the SIS, and if it is found it will be automatically cancelled. Again, we have put in some very strict weeding rules to ensure that we do not leave data lying around.

  Q238  Earl of Caithness: Does this pose any operational difficulties for the policemen?

  Superintendent Flynn: No, because national law applies. In this one national law applies and if they come across, for example, a stolen German motor vehicle then essentially the system will give them some information, tell them what to do and tell them where to get some more information and that is via the SIRENE bureau. And then as soon as you are into the international liaison and cooperation we rely on the work of the SIRENE bureau to ensure that the officer operates within national law and that any international liaison goes to the SIRENE bureau.

  Mr Wainwright: If I may add, I think this is about levels of confidence that police officers have between themselves, not just within the UK but around the European Union, of course, and I think, depending on the sensitivity of the case, one would expect a British police officer to have every confidence in their European colleague in terms of handling his or her case, and indeed we would expect significant benefits to be derived from that, and most police officers would want to know, of course, if a German or a Spanish colleague has stopped a stolen vehicle as part of his or her case. Where the case becomes more sensitive then there are other channels for our cooperating with our European colleagues, particularly with Europol, for example, where we can exercise much more control over the extent to which information is shared with colleagues. But we do work on the fundamental principle that there is a level of confidence naturally within the European Union, within which we can each benefit of course.

  Superintendent Flynn: One of the huge advantages we have is the decision made within SOCA to ensure that from the law enforcement point of view we have a one-stop shop, and that is, if there is an angle that requires Interpol or Europol or the use of the Schengen Information System, you are actually dealing with the same place all the time and the staff within the SIRENE bureau are actually able to work out which route this inquiry should take. And within the business rules—say, for example, on a sensitive issue, we are asking for a discreet check to be made on a serious criminal—then in-house we ensure that all those alerts will go through a force intelligence bureau where the sensitivity can be gauged before we go forward and liaise with the SIRENE bureau.

  Q239  Lord Dubs: It is not a question of which you have had notice, so bear with me. As a Committee, we looked some time ago in a previous study at Europol and Interpol. Is it clear what the links are between SIS and Europol and are there any difficulties as regards a possible overlap with Interpol?

  Mr Wainwright: With Europol, we do support the position which most Member States favour, that Europol should have access to the SIS II database—that is not yet the case—exactly for the reason that you alluded to, which is so that we can manage the potential for any cross-overs of information between cases that Europol are working on and those SIS II have. In the majority of cases, however, the two are dealing with a different level of sensitivity, a different type of casework. Europol is much less about volume casework, of the type SIS is, and much more about quality casework around serious crime, including counter-terrorist cases. Interpol however does deal more in volume casework so there is a potential for there being a duplication there. Of course, Interpol operates worldwide and SIS is just a European capability. The management of the data between Interpol and SIS is a bit more complex because of the particular framework within which SIS is managed, which is distinctly European Union; whereas Interpol of course operate on an entirely different basis. There are however parts to the Interpol programme—for example, on DNA that you mentioned earlier and on stolen passports—that do have a natural connection with SIS II and, in that case, I think it has to be worked on a national level rather than through the central European framework of SIS II.


 
previous page contents next page

House of Lords home page Parliament home page House of Commons home page search page enquiries index

© Parliamentary copyright 2007