Regulation (EU) No 1077/2011 of the European Parliament and of the Council (repealed)Show full title

CHAPTER II TASKS

Article 3Tasks relating to SIS II

In relation to SIS II, the Agency shall perform:

Article 4Tasks relating to VIS

In relation to VIS, the Agency shall perform:

Article 5Tasks relating to Eurodac

In relation to Eurodac, the Agency shall perform:

Article 6Tasks relating to the preparation, development and operational management of other large-scale IT systems

When entrusted with the preparation, development and operational management of other large-scale IT systems referred to in Article 1(3), the Agency shall perform tasks relating to training on the technical use of those systems, as appropriate.

Article 7Tasks relating to the communication infrastructure

1.The Agency shall carry out the tasks relating to the communication infrastructure conferred on the Management Authority by the legislative instruments governing the development, establishment, operation and use of large-scale IT systems referred to in Article 1(2).

2.According to the legislative instruments referred to in paragraph 1, the tasks regarding the communication infrastructure (including the operational management and security) are divided between the Agency and the Commission. In order to ensure coherence between the exercise of their respective responsibilities, operational working arrangements shall be made between the Agency and the Commission and reflected in a Memorandum of Understanding.

3.The communication infrastructure shall be adequately managed and controlled in order to protect it from threats, and to ensure its security and that of large-scale IT systems, including that of data exchanged through the communication infrastructure.

4.Appropriate measures including security plans shall be adopted, inter alia, to prevent the unauthorised reading, copying, modification or deletion of personal data during transfers of personal data or transport of data media, in particular by means of appropriate encryption techniques. No system-related operational information shall circulate in the communication infrastructure without encryption.

5.Tasks relating to the operational management of the communication infrastructure may be entrusted to external private-sector entities or bodies in accordance with Regulation (EC, Euratom) No 1605/2002. In such a case, the network provider shall be bound by the security measures referred to in paragraph 4 and shall have no access to SIS II, VIS or Eurodac operational data, or to the SIS II-related SIRENE exchange, by any means.

6.Without prejudice to the existing contracts on the network of SIS II, VIS and Eurodac, the management of the encryption keys shall remain within the competence of the Agency and shall not be outsourced to any external private-sector entity.

Article 8Monitoring of research

1.The Agency shall monitor the developments in research relevant for the operational management of SIS II, VIS, Eurodac and other large-scale IT systems.

2.The Agency shall on a regular basis keep the European Parliament, the Council, the Commission, and, where data protection issues are concerned, the European Data Protection Supervisor, informed of the developments referred to in paragraph 1.

Article 9Pilot schemes

1.Only upon the specific and precise request of the Commission, which shall have informed the European Parliament and the Council at least 3 months in advance, and after a decision by the Management Board, the Agency may, in accordance with Article 12(1)(l), carry out pilot schemes as referred to in Article 49(6)(a) of Regulation (EC, Euratom) No 1605/2002, for the development or the operational management of large-scale IT systems, in the application of Articles 67 to 89 TFEU.

The Agency shall on a regular basis keep the European Parliament, the Council and, where data protection issues are concerned, the European Data Protection Supervisor, informed of the evolution of the pilot schemes referred to in the first subparagraph.

2.Financial appropriations for pilot schemes as requested by the Commission shall be entered in the budget for no more than two successive financial years.