Commission presents an overview of EU information sharing systems and sets core principles for their use and evaluation

The communication clarifies the main purposes of these instruments, their structure, the types of personal data they cover, the list of authorities that have access to such data and the provisions governing data protection and retention.

Cecilia Malmström, EU Commissioner for Home Affairs stated: "Citizens should have the right to know what personal data are kept and exchanged about them. One of my first actions as Commissioner for Home Affairs was, therefore, to order this overview, as called for by the European Parliament. I am happy to be able to present the overview today, together with a series of core principles for how our policy should develop in this area. This will help us keep the bigger picture in mind as we come to review the existing tools and adapt to change over time."

Information management is at the heart of the functioning of the Schengen area and the internal market. Appropriate instruments are needed to allow a common visa and asylum policy to develop, and to prevent terrorist attacks and other forms of serious crime.

A number of measures have already been taken at EU level and others are currently under implementation or consideration for regulating the collection, storage or cross-border exchange of personal information.

The Commission presents today – for the first time – a clear, comprehensive and transparent summary of these instruments, setting out at the same time the core principles that should underpin the evaluation of information management instruments in the area of freedom, security and justice. These same principles will guide the possible future development of instruments for data collection, storage or exchange.

The principles cover issues such as fundamental rights, proportionality and accurate risk management as well as clear allocation of responsibilities, cost effectiveness and reviewing clauses. Safeguarding people's fundamental rights as enshrined in the EU Charter of Fundamental Rights, particularly their right to privacy and personal data protection, will be a primary concern for the Commission when developing new proposals that involve processing of personal data. In all future policy proposals, the Commission will assess the initiative’s expected impact on individuals’ rights and analyse whether it is necessary and proportionate. Compliance with the rules on personal data protection will in all cases be subject to control by an independent authority at national or EU level.

The Commission will evaluate each instrument covered in today's communication, in accordance with the reporting obligations laid down in each instrument. This should provide a reliable picture of how individual instruments fit into the broader landscape of internal security and migration management. Future proposals will include, where appropriate, an annual reporting obligation, periodic and ad hoc reviews, as well as a sunset clause. Existing instruments will be maintained only if they continue to serve the legitimate purpose for which they were designed.