Examination of Witnesses (Questions 420-439)|
28 NOVEMBER 2006
Q420 Baroness Bonham-Carter of Yarnbury:
Can I put something to Dr Paul. One of the things when I listen
to this is, and this is a very basic question, are you concerned
about the co-ordination across all these different IT systems,
all these different countries? Picking up on what Lord Teverson
was saying, if you have got this cloned SIS-plus, or whatever
it is called, coming into the middle of your plans, and it sounds
to me like throwing off what you have been concentrating on, is
there a real concern that this co-ordination of systems will be
Dr Paul: Generally speaking, as regards the
future management of the system, and that includes the co-ordination,
the Commission adopted at the end of 2005, December 2005, a communication
on possible synergies when managing large-scale European databases,
including the SIS II, the VIS and EURODAC and any other systems
that might emerge in our area. This clearly outlined a number
of options and issues which are up for discussion with Member
States now as to how to achieve a maximum of synergy and simply
very efficient management of those systems to avoid those co-ordination
issues that you have mentioned. Unfortunately, up to now the subsequent
presidencies have not really taken up the issues that were pointed
out in this Communication. We hope that this is going to happen
very soon now because we have to move forward with this issue.
As regards your question relating to the SIS one4all, this project
will be managed by the Portuguese administration if it is adopted,
of course, and the technical management will continue to happen
at the C.SIS in Strasbourg which means the French administration
mandated by the Member States. Legally speaking and, indeed, operationally
speaking the Commission would not be involved in this SIS one4all
project. Of course, speaking overall, especially at national level,
the co-ordination will become more difficult and there will be
an issue of resources to do the two things in parallel.
Q421 Lord Avebury: Coming back to the
question that I was down to ask initially, can I ask about the
power to adopt implementing rules. Will they already have been
settled prior to the appointment of the agency or will the agency
that manages SIS II have the right and the power to adopt its
own implementing rules? Secondly, could you tell us what mechanisms
will be adopted to ensure the future accountability of whatever
agency is appointed to run SIS II?
Mr Faull: That is a very important question
and it is one which arises frequently when agencies are created.
Agencies cannot be given rule making or law making powers. The
legislature remains responsible for that or, under delegated authority,
the Commission and various comitology procedures, as you know,
have been created to regulate all of that. What we cannot do is
cede any discretionary policy-making power, let alone legislative
authority, to an agency. All that said, and that is the legal
position which should not surprise anybody, for an agency to operate
particularly in a complex area like this it needs some margin
for the taking of decisions to deal with issues that arise. The
legislation creating it, therefore, has to be designed carefully
so that all foreseeable eventualities are dealt with in some way
and rules are laid down very clearly while allowing the agency
to grow and deal with such issues as it can when they arise. We
will go again into all of this in the impact assessment. It is
indeed one of the issues relevant to the question whether an agency
is the right solution. Can you craft an agency which can do this
job properly? Frankly, I do not know the answer to that today.
The whole process of impact assessment and then deliberation will
help us answer it. I hope it is possible because I think these
are important options which should not be discarded and I hope
they are still in the race towards the end, but we will have to
see. It is difficult but ways can be found to create a clear enough
legislative framework so that the rules are made by the people
with the authority to make them and with the democratic legitimacy
required to make them, and the agency is given enough space in
which to do its work on a day-to-day basis. It is not easy to
do, it is a problem which all countries face as well as the Union
as a whole, but we have all found ways to deal with the issue
in the past. Frank, do you want to add anything to that?
Dr Paul: Not necessarily, although if you will
allow me I would like to come back to the question that was put
earlier by Lord Teverson. I understood your question as meaning
why has there not been enough strategic forward planning when
developing the SIS II, is that correct?
Q422 Lord Teverson: That is very concisely
Dr Paul: I think it is important to recall,
and I was there at the time, that this was an historic development
moving from the intergovernmental management to Community management.
Indeed, the problem was that as early as 1996-97 it was seen that
the current system would have some technical limitations, at least
then it had technical limitations, which would not enable it to
be enlarged to more than 18 Member States. It was already clear
then that the European Union would be enlarged by more Member
States. There was a very, very long and intensive discussion among
Member States that lasted about five years on how to solve this
issue. At the time Member States were very reluctant to entrust
that enlargement to one single Member State, namely France, because
it was already clear that eventually the system would move into
the Community framework. It took Member States a long, long time
to discuss this and at the end of the day it became clear that
there was no other solution than to simply entrust the Commission
with doing it because nobody could get agreement on who would
do it. Therefore, we only got the mandate to develop the SIS II
at the end of 2001. From then on we have moved as fast as we could
possibly move. If you take a look at the history of large-scale
IT systems, you might want to look at your own National Health
System IT system, for example, these are complex systems.
Q423 Chairman: We might indeed!
Dr Paul: These are complex systems that take
many years to develop. As large-scale IT systems go we have always
worked to a very challenging timeframe.
Q424 Chairman: I should just say on a
personal level I have an unhappy history of a relationship with
IT systems, but we will not go into that.
Mr Faull: I do not think I fully answered the
question about the role of the European Parliament and the accountability
of an agency, again an issue which frequently arises in the whole
area. We have comitology, we should have "agency-ology"
as well, I think! The impact assessment will go into that. The
role of the Parliament is important in all of the options we will
consider and the Parliament would remind us of that if we were
ever tempted to forget it, which we will not be. The role of the
Council and Parliament in establishing the agency, in choosing
its members, its chair and in supervising it, will be extremely
important issues. Some of you will be familiar with the process
we are agonisingly going through to set up a Fundamental Rights
Agency at the moment and those issues are, once again, at the
heart of one of the major debates about precisely how this agency
should be created, to whom it should report, who is responsible
for choosing its members and so on. These are very important questions.
Q425 Baroness Bonham-Carter of Yarnbury:
Another accountability question. The Commission has the possibility,
as I understand it, to delegate its management of SIS II to Member
States for a transitional period. Is this likely to happen? If
so, how will the financial and legal accountability of those Member
States be ensured, including as regards data protection?
Mr Faull: Yes, indeed it is a very real possibility
and the legislation makes that clear. The Commission would retain
overall responsibility and would have to enforce strict compliance
and control mechanisms under our financial regulation. We would
have to set out in agreement between the Commission and the national
bodies concerned all of the complex set of arrangements on legal,
financial issues plus on accountability and transparency issues.
We would certainly place them very high on our agenda and would
want to be sure that the delegation of certain tasks to national
bodies in that way would not undermine the roles of the Court
of Justice, the Court of Auditors and the European Data Protection
Supervisor, to name but a few. This would be a matter of negotiation
and agreement between the Commission and the national authorities,
and I can assure you that uppermost in our minds would be the
issue of proper supervision and accountability.
Q426 Baroness Bonham-Carter of Yarnbury:
Is this process a result of pressure from Member States? What
is behind it?
Mr Faull: Well, no doubt some Member States
think this is a good idea but we ourselves see merit in it as
well. We have to use the experience that some of our national
authorities have built up and where it makes sense for some sort
of joint venture of this sort between the Community level and
the national level to be set up, why not?
Q427 Earl of Caithness: Does the Commission
believe that there are any circumstances in which the UK should
have access to alerts concerning non-admission of third country
nationals, for example access for asylum purposes, or access only
to alerts concerning persons subjected to an alert because of
criminal convictions or alleged criminal activities? If so, how
should that access be regulated?
Mr Faull: As the United Kingdom does not participate
in policy areas linked to alerts for the purpose of refusing entry
it is not as a general rule to have access to those data. In my
written evidence on the question of access for asylum authorities,
I said that an ad hoc solution allowing indirect access for UK
authorities could be examined once the legal instruments, including
provision on access rights, have been adopted. There has been
some preliminary discussion among the Member States with the Commission
on this issue. The principles of proportionality and reciprocity
would be at the heart of any such examination.
Q428 Earl of Caithness: Would it not
be a good thing for Europe if the UK did have access to some of
the information in exactly the same way as it would be good for
the Schengen countries to have access to some of the UK information?
Surely if we are paying our full share, why are we not given access?
Mr Faull: We believe that there are indeed good
arguments for believing there is mutual benefit among the Schengen
members on the one hand, and on the other the United Kingdom and
Ireland, in sharing some information. We believe it would be of
greater benefit to Europe if the Schengen area extended to the
whole of the European Union but we understand at the moment that
is not on the agenda. This is not simply a case of the United
Kingdom seeking to have its cake and eat it, and I do not think
the other Member States see it in that simplistic light either.
The United Kingdom and Ireland have contributions to make to the
overall security of the European Union and the others, I believe,
through the Schengen Information System have contributions to
make to the security of the United Kingdom and Ireland. Ways have
been found in the past pragmatically to square these circles.
As I said in my written evidence, by making the proper distinction
between the uses to which information is put ad hoc solutions
can be found.
Q429 Lord Dubs: Can I ask a supplementary.
I think that is very encouraging because we accept that not being
in the club means we are not entitled to the benefits of the club,
but I think this is rather different, this is a matter of dealing
with possibly the link between criminal behaviour and movement
across frontiers. Therefore, I would have thought that the Schengen
countries have as much to benefit from as the UK if what you suggest
were to happen. How likely is it to happen?
Mr Faull: That is hard to predict and I do not
really want to speculate. What I can say is that I think there
is a perception in many quarters of the sort that you have described
and there is mutual benefit. The United Kingdom, not being part
of the Schengen, area should not have information relating to
entry for the sole purpose of regulating entry because the United
Kingdom has other arrangements in place regarding entry to its
territory, but the wider security implications of some of this
information need to be taken into account. I cannot tell you how
this will come out but based on the past record I think there
is some evidence that there is understanding of that position
in London and also in continental capitals as well.
Chairman: That is very helpful. I think
I can confidently say that the implications of the partial opt-in
or partial opt-out, depending on whether the glass is half full
or half empty, for both the United Kingdom and Schengen countries
will be an important part of our report and your explanation has
been extremely helpful for us.
Q430 Lord Dubs: What is the timetable
for, and likely content of, further SIS II proposals concerning
the harmonisation of alerts for non-admission of third country
nationals, the rules on "flagging" certain criminal
law and policing alerts, and the rules on remedies in the context
of data protection? I know it is a mouthful.
Mr Faull: I understand. We have to make an assessment
within three years of what is called the go-live decision which
is essentially when the SIS II system is plugged in and the existing
Schengen countries can plug into it and the new Member States
can be integrated into it. Within three years of go-livemy
colleagues should correct me if I get this wrong, it is technicalwe
have to assess the impact of the new legal rules and evaluate
the urgency with which a review should be carried out and the
scale of the review to be carried out in order to see whether
a further higher level of harmonisation is necessary and appropriate.
We will do that exercise within three years of go-live.
Q431 Baroness Henig: In the light of
the judgment in Commission v Spain, is the Commission
still monitoring the use of Schengen data by all Member States
to ensure that no Member States breach EC free movement law or
immigration or asylum law when they act upon an alert? Is the
Commission also monitoring the issuing of alerts by Member States?
Mr Faull: First of all, if there are complaints
about failure to comply with Directive 2004/38 we of course take
them very seriously. If there are complaints about refusal of
entry or refusal of visas because of issues arising under that
Directive we look at them very carefully as well and use both
our informal powers of persuasion and formal powers to bring infringement
proceedings against Member States where necessary. We also have
an alternative dispute resolution mechanism known as SOLVIT, which
is run by our Internal Market Directorate-General but we are associated
with it for areas under our responsibility. It seeks to resolve
very quickly problems in individual cases by asking the national
authorities to move quickly. Overall that is a very satisfactory
system and is often used as a preliminary phase before the lodging
of a formal complaint which then triggers more formal proceedings.
Q432 Earl of Listowel: Director-General,
in relation to SIS is any information available on the number
of complaints made about inaccurate data and other exercises of
data protection rights?
Mr Faull: We do not have those data. The Joint
Supervisory Authority, or perhaps the national data protection
authorities, would have them. From what we know it appears that
the number of complaints is very small in comparison with the
number of alerts stored in the SIS, but we do not have a figure.
Is that right?
Dr Paul: No, we do not.
Q433 Lord Teverson: The Treaty of Prüm,
which is again a group of Member States moving off in their own
way, and we understand the German Presidency would like to see
a movement towards that becoming part of the wider Community Acquis,
what implications would that have for SIS II? Indeed, is the Commission
in favour of this happening?
Mr Faull: Yes, we are. We believe that the general
Community interest would be well served by bringing the Prüm
system into the Community's institutional framework and, therefore,
we support the intentions of the German Presidency and will work
with them to that end. We think that the Treaty of Prüm does
not conflict with the scope and objectives of SIS II. In fact,
it is consistent with them regarding the implementation of the
principle of availability which was laid down in The Hague programme
by the European Council. We have asked the incoming German Presidency
to make sure that discussions on bringing Prüm into the Community
fold are accompanied by discussions on implementation of the principle
of availability. We note that the data protection system of the
Treaty of Prüm is tailored specifically, of course not surprisingly,
for that Treaty and we have no objections to the way in which
that was done.
Q434 Lord Teverson: Could I just interrupt
you. Excuse me again for my lack of knowledge, but could you explain
the principle of availability to me.
Mr Faull: The principle of availability at the
most general level says that information held by or for a law
enforcement authority in a Member State should be made available
to the law enforcement authorities of other Member States on the
same conditions as those which would apply to making the information
available to the law enforcement authority of the first Member
State. That is terribly long-winded but you understand what I
mean, It is national treatment. It is so general that everybody
agrees to it. It is difficult to work out in practice although
we are beginning to do that. It has a number of fairly wide-ranging
implications, including that information which looks national
or even local may be potentially of interest to law enforcement
authorities in other Member States. We believe that is the case
and that has a number of consequences for the way in which that
information is dealt with. That brings me to data protection.
One of the problems we have, and Prüm deals with it within
its circumscribed scope, is the Union needs a data protection
system for the third pillar as long as it remains in place, and
the Council is busy working on a proposal for the establishment
of a data protection framework decision, which is what Directives
called the third pillar to simplify, and we hope very much that
the German Presidency will carry that forward and, indeed, secure
its adoption by the end of its term in office next year.
Q435 Chairman: I think it is not irrelevant
to this discussion to draw your attention to a report which this
Committee produced on the Heiligendamm meeting, that is to say
addressing both the accessibility and transparency of decisions
taken by a limited number of Member States and the extent to which
that applies to the whole European Union. I have just been prompted
to ask you a supplementary question on that issue. As a general
matter, does the Commission think that a number of Member States
agreeing on their own legislation and then exporting it to the
rest of the EU is a good way of legislating? If that is not a
question expecting the answer "yes" or "no",
I do not know what is.
Mr Faull: Can I give a more long-winded answer?
Q436 Chairman: Would you.
Mr Faull: First of all, let me say that we read
with great interest your report on Heiligendamm and it was much
cited and commented on and I think was a great credit to your
Q437 Chairman: Thank you.
Mr Faull: The best way to legislate in the European
Union is for the Commission to make a proposal, the Council and
the Parliament to co-legislate and the Court of Justice to adjudicate.
That is the good old Community method and we believe that it has
served us all well in many areas and has proved robust enough
to work in this area as well in perhaps surprisingly successful
circumstances. The Data Retention Directive, which the British
Presidency did so much to adopt, is a very fine example. We know
that there are other ways in which the Union moves forward and
one way we have to accept is for groups of Member States to establish
an idea which hardens into rules of some sort and which eventually
come home into the Community fold. There is nothing necessarily
automatic and determinist about that but that is what happened
with Schengen, which is why we are here today. Schengen was the
dream of Luxembourg and its neighbours to start with and that
is why it bears the name of this now very famous village at the
borders of Luxembourg, France and Germany.
Q438 Chairman: Where I have quite frequently
Mr Faull: Have you? The local wine is very good.
Now it is probably the most famous place in Europe. It is spoken
of around the world in the same breath as London, Paris, Caithness,
Richmond and various other places.
Q439 Chairman: Nothing to do with my
Mr Faull: It is an example. It is an example
that predated the Europe of 27. There is a certain tendency to
say that with 27 Member States you are bound to have groups of
Member States coming together because of their geographical locations
or because of their perception of their size or whatever to do
things together. I do not think there is anything inevitable about
it. I think the Europe of 27 can be made to work and it does work
most of the time, but I also know that long before we were 27
we had cases in which smaller groups of Member States did something
which appeared to them to be in their local interest to start
with and then others saw would have benefits for everybody else
and they all saw together that the best way to run things in the
European Union was to use the institutions which have been created
for that purpose.