Executive Summary:
"From the Schengen Information System to SIS II and the Visa Information System (VIS): the proposals explained"

Law enforcement databases, it is said, are the product of "original sin". "Function creep" is inevitable, regardless of any assurances given by the executive at the time. The Schengen Information System was conceived in the mid 1980s to "compensate" for the removal of internal borders between France, Germany, Holland, Luxembourg and the Netherlands. Their police, intelligence, immigration and customs services, it was agreed at the time, had to be able to "alert" each other to be people refused admission (immigration offenders or security risks), people wanted for arrest, extradition or to testify in court, fugitives, persons to be placed under surveillance and stolen objects (vehicles, works of art, identity documents etc.).

And so it was that the SIS went online in March 1995 with the five original Schengen signatory states participating. By March 2003 and now under the auspices of the EU, the SIS covered 13 of the 15 EU member states, plus Norway and Iceland, who together had created records on 877,655 people, a further 386,402 aliases, and more than 15 million objects. EU officials estimate that there are 125,000 access terminals to the SIS. Under finalised proposals, access to the SIS is to be extended to Europol, Eurojust, national prosecutors and vehicle licensing authorities.

SIS II will allow the UK and Ireland and the ten accession states to participate in the SIS and, as expected, a host of new functions are planned. These include the addition of biometric identification data (photographs and fingerprints); new categories of "terrorist suspects" and "violent troublemakers" (who are to be banned from travelling to demonstrations or foot ball matches); and the linking of individual records. A second database - the Visa Information System (VIS) - is to share a "technical platform" with SIS II and will contain the extensive personal information supplied by people from around the world in an estimated 20 million visa applications to the EU member states every year. Like SIS II, VIS will contain biometric identification data.

Two years ago the European Commission acknowledged that "some of the proposals currently under discussion would fundamentally change the functions of the SIS, "transforming it from a reporting system to a reporting and investigation system". However, there has been no consultation of the European and national parliaments on the planned new functions. Instead, the member states and officials in the Council and Commission have conspired to avoid debate altogether and agreed to create the "technical capacity" for the new functions in SIS II and then "activate" them later on (so-called "latent development"). "Possible" new functions will be agreed in May in the form of EU Council conclusions and the Commission will appoint a contractor to develop the new system in August. This will present parliaments and civil society with a fait accompli and guarantee that "function creep" is built-in to the databases.

SIS II and VIS must be seen in a wider context. Firstly, there are global plans, promoted by the US and UK in various intergovernmental fora, to introduce biometrics in all travel documents (and the databases of the issuing authorities). Second, the 'PNR' (Passenger Name Record) scheme developed by the US to allow the pre-screening of all air travellers to the US will result in practise in the creation of detailed and lasting records on all entrants (in "CAPPS II"). The EU has agreed to US demands for European airlines to provide data on EU citizens despite the absence of an adequate data protection framework in the US, but more importantly, has proposed its own PNR scheme (see below).

Taken together, SIS II, VIS and PNR will introduce the surveillance of the movements of everyone in the EU - citizens, legally resident third-country nationals, visa entrants and irregular migrants - and the storage of their personal data on an unprecedented scale. John Lettice has explained how the:

current enthusiasm for profiling, the idea being to identify possible threats from people who aren't known, and have no record, absolutely requires broad data capture, use and retention. Course we've got to compile records on people who're innocent - otherwise, how could we confirm they're innocent? And anyway, innocent people have nothing to hide. Or they soon won't have... (1)

And of course, it is the Muslims, the Arabs, migrants and refugees from the Third World who will suffer disproportionately - SIS II, VIS and PNR are designed to extend the "counter-terrorism" net. These systems will be used for speculative surveillance, general intelligence gathering and "fishing expeditions", but more importantly, individual records will increasingly result in coercive sanctions, such as the refusal to travel, the refusal of visa or asylum applications, the refusal of admission to a country at external borders, detention pending extradition, even deportation. Moreover, the massive sharing of data between the EU, US and other wealthy nations could provide for a kind of informal "mutual recognition" of these sanctions, where a (potentially arbitrary) decision taken by one country is then enforced by all the others.

In the longer term, EU-US cooperation heralds a global identification system, the global surveillance of movement and a global police information system - what place "free movement" and privacy in this scenario?

Ben Hayes, February 2004

Note 1. "Got a ticket? Get a record", by John Lettice, from The Register, 3.2.04 (link)

A. Full-text of report: "From the Schengen Information System to SIS II and the Visa Information System (VIS): the proposals explained" (pdf)
B. Full access to sources used in the report (html)

Back to Statewatch European Monitor, February 2004