Exchanges of personal data have increased in the context of European and international police cooperation, especially since the 9/11 attacks and the ensuing reinforcement of internal security measures and border control.
EU Member States are now able to exchange genetic data and fingerprints of certain people (Treaty of Prüm). Furthermore, several international agreements authorise the transfer of other types of personal data in order to combat terrorism, organised crime or illegal immigration.
The European Union has set up a number of European large-scale IT systems. National Data Protection Authorities play a major role in the supervision of these systems, in particular with regard to the processing operations at national level within each Member State. This supervision is exercised jointly by the national Data Protection Authorities and the European Data Protection Supervisor, mostly within the Coordinated Supervision Committee established by the European Data Protection Board.
The CNIL thus contributes to the supervision of:
Eurodac is the European Asylum Dactyloscopy Database, a fingerprint database that assists the asylum procedure. It mainly helps to determine which Member State is competent for asylum applications by comparing fingerprint datasets. In order to ensure supervision coordination for Eurodac, representatives of the national Data Protection Authorities and the European Data Protection Supervisor meet usually twice a year.
Headquartered in The Hague, Europol is the European Union’s law enforcement agency. It assists the EU Member States in their fight against terrorism, drug trafficking and other forms of serious international crime. It manages an important data processing system. The supervision of Europol is ensured by representatives of the European Data Protection Supervisor and of the national Data Protection Authorities, through the Europol Cooperation Board.
Schengen Information System (SIS II)
The Schengen information system II (SIS II) is a large-scale information system used for security and border management in the Schengen area. Its main object is to assist Member States in preserving internal security, in the absence of internal border checks. It enables competent national authorities to enter and consult alerts relating to persons or objects. Its supervision is guaranteed by the national Data Protection Authorities and the European Data Protection Supervisor working together.
Customs Information System (CIS)
The Customs Information System (CIS) is a European database that helps preventing, investigating and prosecuting breaches of EU customs or agricultural legislation. National Data Protection Authorities and the European Data Protection Supervisor are responsible for the supervision of this system.
The European Union Agency for Criminal Justice Cooperation (Eurojust) supports and strengthens coordination and cooperation between national investigating and prosecuting authorities. It intervenes in the investigation of serious crimes affecting two or more Member States or in situations that require prosecution on common bases with relation to operations carried out or information supplied by Member State authorities and Europol. The supervision of Eurojust involves the European Data Protection Supervisor and the national Data Protection Authorities, working in coordination within the European Data Protection Board.
Visa Information System (VIS)
The Visa Information System (VIS) is a large scale IT system which contains information about visa applicants. The information is transferred by the different Member States to a central database, VIS. This system is instrumental in facilitating the exchange of information, thus contributing to a better implementation of the common visa policy. The European Data Protection Supervisor and national Data Protection Authorities jointly ensure coordination of that supervision.