The Schengen Information System
The Schengen Area
The Schengen Area, which Iceland has been a part of since 2001, is an area without inner borders. It consists of 26 European countries, i.e. Austria, Belgium, the Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Italy, Latvia, Liechtenstein, Lithuania, Luxemburg, Malta, the Netherlands, Norway, Poland, Portugal, Slovakia, Slovenia, Spain, Sweden and Switzerland.
These countries have common external borders. As Schengen Member States, they carry out border control for those entering from outside of the Schengen Area. However, such control is usually not applicable to these entering one of those countries from another Schengen Member State. Within this framework, common rules exist for border controls, as well as visa procedures and cooperation between authorities of the Member States.
The Schengen Information System
In order to enhance control of the common external borders, as well as law enforcement cooperation between the Member States, a common information system has been operated since 1995, i.e. the Schengen Information System (SIS). In 2022, the system will be renewed, allowing for enhanced functionalities and data processing.
The purpose of SIS is to ensure a high level of security within the Schengen Area in absence of internal border checks, by allowing competent authorities of Member States to enter and consult information, so-called alerts, on persons and objects. For this end, information on wanted and missing persons, persons under police surveillance, and persons who are banned from entry into the Schengen Area, are entered into SIS. The same accounts for information on stolen or missing vehicles and objects such as identity papers, vehicle registration certificates, and vehicle number plates. In order to identify individual persons, photographs and fingerprints are stored. It is also specified which action is to be taken.
Designated authorities in the field of law enforcement, e.g. police and customs, are given access to SIS, including for issuing alerts. However, other administrative authorities can also have access as deemed necessary. A limited access is given to Europol and Eurojust as well.
Your rights as a data subject
As an individual, whose data are processed in SIS, you have the following rights:
- a) Right to information
- b) Right to rectification and erasure
- c) Right to file a complaint to a data protection authority (DPA) or initiate court proceedings
a) Your right to access
You have the right to be informed about the processing of your personal data in SIS unless certain exceptions apply, notably on the grounds of national security, defence, public security and the prevention, investigation, detection and prosecution of criminal offences.
The National Commissioner of the Icelandic Police (NCIP) is responsible for the processing of personal data in the Icelandic national part of SIS. Below are the contact details for sending an access request to NCIP:
Ríkislögreglustjóri/National Commissioner of the Icelandic Police
Skúlagata 21
105 Reykjavík
Iceland
Att. SIRENE office
Email: rls[at]rls.is
b) Your right to rectification and erasure
Beside the right of access, you have the right to rectification if the information stored in SIS is incorrect or incomplete. If the information is unlawfully stored, you have a right to deletion. Please take into account that only the authority that entered the alert into SIS can delete or rectify it.
c) Your right to file a complaint to a data protection authority (DPA) or initiate court proceedings
You have the right to bring an action before the courts or to file a complaint to a DPA under the law of any Member State.
Thus, you can file a complaint to the Icelandic DPA if a request on access, rectification and deletion is denied or not answered. A complaint can be sent to the following e-mail address: postur[at]personuvernd.is
In addition, legal proceedings can be filed at the competent Icelandic court against decisions of a competent authority that rejected a request and against decisions of the DPA.
Further information on SIS