1.4.Standards
The fundamental standards that underpin the cooperation via SIRENE shall be as follows:
1.4.1.Availability
A national SIRENE Bureau shall be fully operational 24 hours a day, seven days a week. Provision of technical analysis, support and solutions shall also be available 24 hours a day, seven days a week.
1.4.2.Continuity
Each SIRENE Bureau shall build an internal structure which guarantees the continuity of management, staff and technical infrastructure.
The heads of SIRENE Bureaux shall meet at least twice a year to assess the quality of the cooperation between their services, to discuss necessary technical or organisational measures in the event of any difficulties and to clarify procedures where required.
1.4.3.Security
According to Article 10(2) of the SIS II legal instruments, with respect to the exchange of supplementary information, Member States are obliged to take security measures equivalent to those to be taken in relation to their N.SIS II as provided for in Article 10(1).
Recommendations and best practices laid down in Volume 2 of the ‘EU Schengen Catalogue: Schengen Information System, SIRENE’ should be as far as possible reflected in practice.
The SIRENE Bureau system should have a back-up computer and database system at a secondary site in case of a serious emergency at the SIRENE Bureau.
Physical and organisational security features are necessary to protect the SIRENE Bureau premises. In order to meet the security requirements, as provided for in the SIS II legal instruments, appropriate requirements regarding security on the premises shall apply. The specific features of these requirements may differ as they will have to adapt against threats in the immediate surroundings and according to the exact location of the SIRENE Bureau. They may therefore include the following; however, this list is not exhaustive:
external windows fitted with security glass,
secured and closed doors,
brick/concrete walls enclosing the SIRENE Bureau,
intrusion alarms, including logging of entries, exits and any unusual event,
security guards on site or rapidly available,
fire extinction system and/or direct link to fire brigade,
dedicated premises to avoid persons who are not involved in international police cooperation measures, or who do not have requisite access from having to enter or to pass through the SIRENE Bureau offices,
sufficient back-up power supply.
The specific measures to be adopted in the application of article 10(2) of the SIS II legal instruments shall be determined by each Member State. Member States shall monitor the effectiveness of these security measures and take the necessary organisational measures related to internal monitoring, to ensure compliance with the SIS II legal instruments.
1.4.4.Confidentiality
Pursuant to Article 11 of the SIS II legal instruments, relevant national rules of professional secrecy or other equivalent obligations of confidentiality shall apply to all SIRENE personnel. This obligation shall also apply after those people leave office or employment.
1.4.5.Accessibility
In order to fulfil the requirement to provide supplementary information, the SIRENE staff shall have direct or indirect access to all relevant national information and expert advice.
1.4.6.Communications
Pursuant to Article 4(1)(c) of the SIS II legal instruments SIRENE Bureaux shall use an encrypted virtual network dedicated to SIS II data and the exchange of data between SIRENE Bureaux for their communication. Only if this channel is not available, another adequately secured, and given the circumstances, the most appropriate means of communication may be used. The ability to choose the channel means that it shall be determined on a case by case basis, according to technical possibilities and the security and quality requirements that the communications have to meet.
Written messages shall be divided into two categories: free text and standard forms. The latter shall be set out as in Annex 3.
In order to achieve the utmost efficiency in bilateral communication between SIRENE staff, a language familiar to both parties shall be used.
The SIRENE Bureau shall answer all requests for information made by the other Member States via their SIRENE Bureaux as soon as possible. In any event a response shall be given within 12 hours.
Priorities in daily work shall be based on the category of alert and the importance of the case.
In addition, the SIRENE Bureau shall use a dedicated and secure e-mail for the exchange of all information not exchanged via forms.
1.4.7.Transliteration rules
The transliteration rules set out in Annex 1 shall be respected.
1.4.8.Data quality
Pursuant to Article 7(2) of the SIS II legal instruments, SIRENE Bureaux shall coordinate the verification of the quality of the information entered in the SIS II. SIRENE Bureaux shall have the necessary national competence to perform this role. Therefore, an adequate form of national data quality audit shall be provided for, including a review of the rate of alerts/hits and of data content.
In order to allow each SIRENE Bureau to perform its role of data quality verification co-ordinator, the necessary IT support and appropriate rights within the systems should be available.
1.4.9.Structures
All national authorities, including SIRENE Bureaux, responsible for international police cooperation should be organised in a structured way so as to prevent conflicts of powers with other national bodies carrying out similar functions and to prevent the duplication of work.
1.4.10.Archiving
Each Member State shall establish conditions for storing information;
the SIRENE Bureau of the Member State issuing the alert shall keep all of the information on its own alerts available to the other Member States, including a reference to the decision giving rise to the alert;
the archives of each SIRENE Bureau shall allow swift access to the relevant information to meet the very short deadlines for transmitting information;
personal data, held in files by the SIRENE Bureau as a result of exchanging information, shall be kept only for such time as may be required to achieve the purposes for which they were supplied. As a rule, this information shall be deleted immediately after the related alert has been deleted from the SIS II, and in any event at the latest one year thereafter. However, data relating to a particular alert which a Member State has issued or to an alert in connection with which action has been taken on its territory may be stored for longer in accordance with national law.
Supplementary information sent by other Member States shall be stored according to national data protection legislation in the recipient Member State. The relevant provisions of the SIS II legal instruments, the Directive 95/46/EC of the European Parliament and of the Council(2) and the Convention 108 of the Council of Europe(3) shall also apply.
Access to archives shall be controlled and restricted to designated staff.
This text is identical to the text in the Annex to Commission Decision 2008/334/JHA (see page 41 of this Official Journal).
Council of Europe Convention of 28 January 1981 for the protection of individuals with regard to automatic processing of personal data and subsequent amendments thereto.