Legislative Observatory
European Parliament
Please fill in this field to find a procedure

Customs cooperation: use of information technology for customs purposes. Initiative France

2009/0803(CNS)

The European Parliament adopted by 480 votes to 136, with 33 abstentions, a legislative resolution amending, under the consultation procedure, the initiative of the French Republic with a view to adopting a Council decision on the use of information technology for customs purposes.

The main amendments were as follows:

- MEPs consider it necessary to amend the definition of the term ‘personal data’ in accordance with Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data and Council Framework Decision 2008/977/JHA on the protection of personal data processed in the framework of police and judicial cooperation in criminal matters. This term shall mean “any information relating to an identified or identifiable natural person (data subject), an identifiable natural person being one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his or her physical, physiological, mental, economic, cultural or social identity”;

- the resolution states that an operational analysis of the activities of certain persons or businesses that do not comply with national laws and of the resources which they use, or have used, to commit, in a short space of time, infringements as defined in this Decision, or which have enabled such infringements to be committed, should help the customs authorities to take the appropriate measures in specific cases to achieve the objectives laid down as regards the fight against fraud;

- the data in the categories set out in the proposed decision may include only such personal information as is necessary and individual privacy may not be infringed thereby. Information about the personality and personal history of individuals may not be included. Any item of information about an individual that is included must relate solely to the facts of an established breach of the law, but such information may not include the fact of a person being in the same vehicle as another person accused of breaking the law;

- Parliament stipulates that ‘intentions’ do not provide sufficient grounds for the entry of personal data in the system, notwithstanding the proposal's restriction of such an option to certain cases. It is essential that the information gathered should indicate that an infringement of the law is either about to be committed or has been committed. The amended text stipulates that personal data may be entered in the Customs Information System only if, especially on the basis of prior illegal activities, there are factual indications or reasonable grounds to suggest that the person concerned has committed, is in the act of committing, or will commit serious contraventions of national laws;

- the rights of persons with regard to personal data in the Customs Information System, in particular their right of access, rectification, erasure or blocking shall be exercised in accordance with the laws, regulations and procedures of the Member State implementing Framework Decision 2008/977/JHA in which such rights are invoked. Access shall be refused to the extent that such refusal is necessary and proportionate in order to avoid jeopardising any ongoing national investigations, or during a period of discreet surveillance or sighting and reporting. When the applicability of an exemption is assessed, the legitimate interests of the person concerned shall be taken into account;

- the resolution underlines that the publication of the list of its competent authorities which have been designated to have direct access to the Customs Information System would help to achieve better transparency and create a practical tool for an effective supervision;

- MEPs consider that data obtained from the Customs Information System should not be transferred under any circumstances for use by the national authorities of third countries. The safeguards envisaged in this provision are far from sufficient from the perspective of the protection of personal data. The amended text also states regional and international organisations shall not be authorised general access to the information system;

- according to the Parliament, Europol and Eurojust may not have direct access to the data in the Customs Information System. These offices may only ask for data to be communicated to them. This request must be justified;

- the initiative provides that for the purposes of the customs files identification database, each Member State shall send the other Member States a list of serious contraventions of its national laws. MEPs consider that this list shall comprise only contraventions that are punishable by a fine of at least EUR 25 000 (EUR 15 000 in the initiative);

- data relating to investigation files which have established that an infringement has taken place but which have not yet led to a conviction or to imposition of a fine shall not be retained beyond a period of three years (as opposed to the 6 years proposed in the initiative);

- each Member State shall designate a national supervisory authority or national supervisory authorities responsible for personal data protection to carry out independent supervision of such data entered in the Customs Information System in accordance with Framework Decision 2008/977/JHA;

- the draft provides that the Committee should report annually to the Council, in accordance with Title VI of the Treaty on European Union, regarding the efficiency and effectiveness of the Customs Information System, making recommendations as necessary. That report shall be sent to the European Parliament for information;

- the European Data Protection Supervisor shall supervise the activities of the Commission in relation to the Customs Information System. The national supervisory authorities and the European Data Protection Supervisor, each acting within the scope of their respective competences, shall cooperate actively within the framework of their responsibilities and shall ensure coordinated supervision of the Customs Information System;

- it is necessary to ensure that persons authorised to access the Customs Information System have access only to the data covered by their access authorisation and only by means of individual and unique user identities and confidential access modes (data access control). It is also necessary to ensure that all authorities with a right of access to the Customs Information System create profiles describing the functions and responsibilities of persons who are authorised to access, enter, rectify, erase and search the data and make those profiles available to the national supervisory authorities without delay at their request (personnel profiles);

- each Member State shall ensure that the data which it has entered in the Customs Information System in accordance with Framework Decision 2008/977/JHA are accurate, up-to-date, complete and reliable and that they are entered lawfully;

- lastly, the Member States shall ensure that their national law conforms to this Decision by 1 July 2011.