Legislative Observatory
European Parliament
Please fill in this field to find a procedure

Customs cooperation: use of information technology for customs purposes. Initiative France

2009/0803(CNS)

OPINION OF THE EUROPEAN DATA PROTECTION SUPERVISOR on the Initiative of the French Republic for a Council Decision on the use of information technology for customs purposes.

The EDPS states that he was neither asked for advice on this initiative by the Member State which put it forward, nor by the Council. However, the EDPS was requested by the European Parliament's Committee on Civil Liberties, Justice and Home Affairs to comment on the French Initiative, in accordance with Article 41 of Regulation (EC) No 45/2001, in the context of the European Parliament's opinion on the Initiative. Where, in similar cases, the EDPS issued an opinion on own initiative, the present opinion must also be seen as a reaction to this request of the European Parliament.

The proposal aims inter alia at:

·         reinforcing cooperation between customs authorities, by laying down procedures under which customs authorities may act jointly and exchange personal and other data concerned with illicit trafficking activities, using new technology for the management and transmission of such information. These processing operations are subject to the provisions of the Council of Europe  Convention 108, the Framework Decision 2008/977/JHA and the principles contained in Recommendation R (87) 15 of the Council of Ministers of the Council of Europe of 17 September 1987, regulating the use of personal data in the police sector,

·         enhancing complementarities with actions in the context of cooperation with Europol and Eurojust, by granting those bodies access to the Customs Information System.

The EDPS notes that the proposal involves various aspects relating to fundamental rights, in particular the protection of personal data as well as the right to information and other data subject's rights.

After some general remarks, this opinion is to address mainly the following issues relevant from the point of view of the protection of personal data: (i) data protection safeguards in the system; (ii) customs files identification database; (iii) access of Eurojust and Europol to the system (proportionality and necessity of access to be given to these bodies); (iv) the supervision model for the CIS as a whole; (v) the list of authorities with access to the CIS.

In conclusion, the EDPS supports the proposal for a Council Decision. He stresses that due to the ongoing legislative work in the Council, his comments are not based on the final text of the proposal. He regrets the lack of explanatory documents which could provide for some necessary clarification and information on the objectives and specificity of some of the provisions of the Proposal.

The EDPS sees the need for more explanation on the justification of the initiative itself as well as on some specific articles and mechanisms therein. He regrets the absence of an Impact Assessment or an explanatory memorandum accompanying the initiative. This is a necessary element enhancing the transparency and more in general the quality of the legislative process.

The EDPS calls for the following:

  • more attention to be devoted in the proposal to the need for specific data protection safeguards. He sees a number of issues where the practical implementation of data protection safeguards should be ensured better, in particular as to the application of the purpose limitation with regard to the use of data entered in the CIS. The EDPS considers this as an essential prerequisite for the improvement of the functioning of the Customs Information System;
  • a coordinated model of supervision to be inserted in the proposal. It should be noted that the EDPS has currently supervisory tasks over the First Pillar part of the system. He underlines that for the sake of coherence and consistency the best approach is to apply the coordinated supervision model also to the Third Pillar part of the system. This model would also ensure, where necessary and adequate, consistency with other legal instruments governing the establishment and/or use of other large-scale IT systems;
  • more explanation on the necessity and proportionality of giving access to Eurojust and Europol. He stresses the lack of explanatory information on this issue in the proposal;
  • reinforcing the provision of Article 8(4) of the Proposal regarding the transfer of data to non-Member States or international organisations. This includes the need to ensure a uniform system of adequacy assessment;
  • lastly, insertion of a provision on the publication of the list of the authorities having access to the CIS, in order to increase transparency and facilitate the supervision of the system.