The SIS II Supervision Coordination Group (SIS II SCG) enables data protection authorities responsible for monitoring SIS to work together (in accordance with Article 46 of Regulation SIS II EC 1987/2006 of 20 December 2006 and Article 62 of Decision SIS II 2007/533/JHA of 12 June 2007). The SIS II SCG replaced the Schengen Joint Supervisory Authority (JSA) after SIS II's entry into force on 9 April 2013.
The SIS (Schengen Information System) II SCG is made up of a representative of every Member State's data protection authority and the European Data Protection Supervisor (EDPS). The SCG SIS II administrative services are provided by the EDPS (European Data Protection Supervisor). Luxembourg is represented by the CNPD.
Tasks and duties
The SIS II SCG is responsible for monitoring activities and joint inspections, for verifying compliance with the data protection provisions of the Regulation SIS II and the Decision SIS II, for drawing up recommendations for Member States and the central unit.
During its regular meetings, participants share experiences, discuss common problems relating to the use of SIS II, and look for solutions. Representatives of the European Commission services and the European Union IT agency (eu-Lisa) also take part in these meetings.
What is the second generation Schengen Information System (SIS II)?
The SIS II is a large-scale IT system, set up to ensure a high level of security within the area of freedom, security and justice of the European Union, including the maintenance of public security and public policy and the safeguarding of security in the territories of the Member States, in the absence of internal border checks.
SIS II centralises two broad categories of information. The first category is alerts relating to persons, who are either wanted for arrest, missing, sought to assist with a judicial procedure, for discreet or specific checks, or third country nationals subject to refusal of entry or stay in the Schengen area. The second category is alerts relating to objects, such as vehicles, travel documents, credit cards, for seizure or use as evidence in criminal proceedings, or for discreet or specific checks.
When the alert concerns a person, the information must always include the name, surname and any aliases, the sex, a reference to the decision giving rise to the alert and the action to be taken. If available, the alert may also contain information such as any specific, objective, physical characteristics not subject to change; the place and date of birth; photographs; fingerprints; nationality(ies); whether the person concerned is armed, violent or has escaped; reason for the alert; the authority issuing the alert; links to other alerts issued in SIS II in accordance with Article 37 of SIS II Regulation or Article 52 of SIS II Decision.
Since 2018, the legal framework of SIS has evolved with the adoption of three European regulations namely Regulation EU 2018/1860, Regulation EU 2018/1861 and Regulation EU 2018/1862. These regulations entered into force on 28 December 2019 and will be fully operational from December 2021.
Rights recognized to individuals whose data is processed in the SIS II
Persons whose personal data are collected, held or otherwise processed in SIS II are entitled to rights of access, correction of inaccurate data and deletion of unlawfully stored data.
In the Grand Duchy of Luxembourg, each data subject may exercise the above rights directly with the data controller, the Grand Ducal Police. The CNPD invites data subjects to consult the dedicated section on SIS II on the website of the Grand Ducal Police, which includes all pertinent information.