1.THE SIRENE BUREAUX AND THE SIS II
1.1.The SIRENE Bureau
A national ‘SIRENE Bureau’ shall be set up by each of the Member States in accordance with Article 7(2) of the SIS II legal instruments. It shall serve as a single contact point for the Member States for the purpose of exchanging supplementary information. Its main tasks are(2):
to ensure the exchange of all supplementary information in accordance with the provisions of this SIRENE Manual, as provided in Article 8 of the SIS II legal instruments;
to coordinate the verification of the quality of the information entered into the SIS II.
The SIS II operates on the principle that the national systems cannot exchange computerised data directly between themselves, but instead only via the central system (CS-SIS).
However, it is necessary for the Schengen Member States to be able to exchange, either on a bilateral or multilateral basis, supplementary information required for implementing certain provisions laid down in the SIS II legal instruments in order for the SIS II to function properly.
1.2.SIRENE Manual
The SIRENE Manual is a set of instructions for the SIRENE Bureaux, which describes in detail the rules and procedures governing the bilateral or multilateral exchange of supplementary information. It constitutes an implementing measure necessary for the operational use of the SIS II as laid down in the SIS II legal instruments.
Detailed rules for the exchange of supplementary information shall be adopted in accordance with the procedure defined in Article 51(2) of SIS II Regulation and Article 67 of SIS II Decision and in the form of a manual called the ‘SIRENE Manual’.
1.3.Other implementing measures
Certain aspects of SIS II such as technical rules on entering data, including data required for entering an alert, updating, deleting and searching data, rules on compatibility and priority of alerts, the adding of flags, links between alerts and the exchange of supplementary information cannot be covered exhaustively by the SIS II Regulation and SIS II Decision, owing to their technical nature, level of detail and need for regular updating. Implementing powers in respect of those aspects should therefore be delegated to the Commission.
Since certain rules of a technical nature have a direct impact on the work of end-users in the Member States, it is appropriate to include such rules in the SIRENE Manual. Therefore Annexes 1, 2, and 4 to this Manual shall set out rules on transliteration, code tables, and other technical implementing measures for data processing, respectively.
1.4.Standards
The fundamental standards that underpin the cooperation via SIRENE shall be as follows:
1.4.1.Availability
A national SIRENE Bureau shall be fully operational 24 hours a day, seven days a week. Provision of technical analysis, support and solutions shall also be available 24 hours a day, seven days a week.
1.4.2.Continuity
Each SIRENE Bureau shall build an internal structure which guarantees the continuity of management, staff and technical infrastructure.
The heads of SIRENE Bureaux shall meet at least twice a year to assess the quality of the cooperation between their services, to discuss necessary technical or organisational measures in the event of any difficulties and to clarify procedures where required.
1.4.3.Security
According to Article 10(2) of the SIS II legal instruments, with respect to the exchange of supplementary information, Member States are obliged to take security measures equivalent to those to be taken in relation to their N.SIS II as provided for in Article 10(1).
Recommendations and best practices laid down in Volume 2 of the ‘EU Schengen Catalogue: Schengen Information System, SIRENE’ should be as far as possible reflected in practice.
The SIRENE Bureau system should have a back-up computer and database system at a secondary site in case of a serious emergency at the SIRENE Bureau.
Physical and organisational security features are necessary to protect the SIRENE Bureau premises. In order to meet the security requirements, as provided for in the SIS II legal instruments, appropriate requirements regarding security on the premises shall apply. The specific features of these requirements may differ as they will have to adapt against threats in the immediate surroundings and according to the exact location of the SIRENE Bureau. They may therefore include the following; however, this list is not exhaustive:
external windows fitted with security glass,
secured and closed doors,
brick/concrete walls enclosing the SIRENE Bureau,
intrusion alarms, including logging of entries, exits and any unusual event,
security guards on site or rapidly available,
fire extinction system and/or direct link to fire brigade,
dedicated premises to avoid persons who are not involved in international police cooperation measures, or who do not have requisite access from having to enter or to pass through the SIRENE Bureau offices,
sufficient back-up power supply.
The specific measures to be adopted in the application of article 10(2) of the SIS II legal instruments shall be determined by each Member State. Member States shall monitor the effectiveness of these security measures and take the necessary organisational measures related to internal monitoring, to ensure compliance with the SIS II legal instruments.
1.4.4.Confidentiality
Pursuant to Article 11 of the SIS II legal instruments, relevant national rules of professional secrecy or other equivalent obligations of confidentiality shall apply to all SIRENE personnel. This obligation shall also apply after those people leave office or employment.
1.4.5.Accessibility
In order to fulfil the requirement to provide supplementary information, the SIRENE staff shall have direct or indirect access to all relevant national information and expert advice.
1.4.6.Communications
Pursuant to Article 4(1)(c) of the SIS II legal instruments SIRENE Bureaux shall use an encrypted virtual network dedicated to SIS II data and the exchange of data between SIRENE Bureaux for their communication. Only if this channel is not available, another adequately secured, and given the circumstances, the most appropriate means of communication may be used. The ability to choose the channel means that it shall be determined on a case by case basis, according to technical possibilities and the security and quality requirements that the communications have to meet.
Written messages shall be divided into two categories: free text and standard forms. The latter shall be set out as in Annex 3.
In order to achieve the utmost efficiency in bilateral communication between SIRENE staff, a language familiar to both parties shall be used.
The SIRENE Bureau shall answer all requests for information made by the other Member States via their SIRENE Bureaux as soon as possible. In any event a response shall be given within 12 hours.
Priorities in daily work shall be based on the category of alert and the importance of the case.
In addition, the SIRENE Bureau shall use a dedicated and secure e-mail for the exchange of all information not exchanged via forms.
1.4.7.Transliteration rules
The transliteration rules set out in Annex 1 shall be respected.
1.4.8.Data quality
Pursuant to Article 7(2) of the SIS II legal instruments, SIRENE Bureaux shall coordinate the verification of the quality of the information entered in the SIS II. SIRENE Bureaux shall have the necessary national competence to perform this role. Therefore, an adequate form of national data quality audit shall be provided for, including a review of the rate of alerts/hits and of data content.
In order to allow each SIRENE Bureau to perform its role of data quality verification co-ordinator, the necessary IT support and appropriate rights within the systems should be available.
1.4.9.Structures
All national authorities, including SIRENE Bureaux, responsible for international police cooperation should be organised in a structured way so as to prevent conflicts of powers with other national bodies carrying out similar functions and to prevent the duplication of work.
1.4.10.Archiving
Each Member State shall establish conditions for storing information;
the SIRENE Bureau of the Member State issuing the alert shall keep all of the information on its own alerts available to the other Member States, including a reference to the decision giving rise to the alert;
the archives of each SIRENE Bureau shall allow swift access to the relevant information to meet the very short deadlines for transmitting information;
personal data, held in files by the SIRENE Bureau as a result of exchanging information, shall be kept only for such time as may be required to achieve the purposes for which they were supplied. As a rule, this information shall be deleted immediately after the related alert has been deleted from the SIS II, and in any event at the latest one year thereafter. However, data relating to a particular alert which a Member State has issued or to an alert in connection with which action has been taken on its territory may be stored for longer in accordance with national law.
Supplementary information sent by other Member States shall be stored according to national data protection legislation in the recipient Member State. The relevant provisions of the SIS II legal instruments, the Directive 95/46/EC of the European Parliament and of the Council(3) and the Convention 108 of the Council of Europe(4) shall also apply.
Access to archives shall be controlled and restricted to designated staff.
1.5.Staff
1.5.1.Knowledge
SIRENE Bureau staff shall have linguistic skills covering as wide a range of languages as possible and on-duty staff shall able to communicate with all SIRENE Bureaux.
They shall have the necessary knowledge on:
national, European and international legal aspects,
their national law enforcement authorities, and
national and European judiciary and immigration administration systems.
They need to have the authority to deal independently with any incoming case.
Operators on duty outside office hours shall have the same competence, knowledge and authority and it should be possible for them to refer to experts available on-call.
Legal expertise to cover both normal and exceptional cases should be available in the SIRENE Bureau. Depending on the case, this may be provided by any personnel with the necessary legal background or experts from judicial authorities.
1.5.2.Recruitment
The responsible national recruiting authorities have to take all the above skills and knowledge into consideration when recruiting new staff and, consequently, organise in-service training courses or sessions at both national and European level.
A high level of experienced staff leads to a workforce able to function on their own initiative and thereby able to handle cases efficiently. Therefore a low turnover of personnel is desired, which requires the unambiguous support of management to create a devolved working environment.
1.5.3.Training
National level
At the national level, sufficient training shall ensure that staff meets the required standards laid down in this Manual. Before being authorised to process data stored in the SIS II, staff shall in particular receive appropriate training about data security and data protection rules and shall be informed of any relevant criminal offences and penalties.
European level
Common training courses shall be organised at least once a year, to enhance cooperation between SIRENE Bureaux by allowing staff to meet colleagues from other SIRENE Bureaux, share information on national working methods and create a consistent and equivalent level of knowledge. It will furthermore make staff aware of the importance of their work and the need for mutual solidarity in view of the common security of Member States.
1.5.4.Exchange of staff
As far as possible, SIRENE Bureaux shall also foresee setting up staff exchanges with other SIRENE Bureaux at least once a year. These exchanges are intended to help improve staff knowledge of working methods, to show how other SIRENE Bureaux are organised and to establish personal contacts with colleagues in other Member States.
1.6.Technical infrastructure
Each SIRENE Bureau shall have a computerised management system, which allows a great deal of automation in the management of the daily workflow.
1.6.1.Data exchange between SIRENE Bureaux
The technical specifications concerning the exchange of information between SIRENE Bureaux are laid down in the ‘Data exchange between SIRENE Bureaux’(5).
1.7.Training of other services
SIRENE Bureaux should be involved in establishing national standards for the training of end-users on data quality principles and practices as well as in the training of all authorities entering alerts, stressing data quality, data protection requirements and the maximum utilisation of the SIS II.
This text is identical to the text in the Annex to Commission Decision 2008/333/EC (see page 4 of this Official Journal).
This is without prejudice to other tasks given to SIRENE Bureaux based on respective legislation in the framework of police cooperation, e.g. in the application of the Council Framework Decision 2006/960/JHA (OJ L 386, 29.12.2006, p. 89).
Council of Europe Convention of 28 January 1981 for the protection of individuals with regard to automatic processing of personal data and subsequent amendments thereto.
Doc. 16375/07.