14 Colum. J. Eur. L. 649 (2008)
Vasiliki E. Christou. Special Scientist, Athens Law Faculty, Greece. Ph.D. (Heidelberg), LL.M., LL.B. (Athens).
The Schengen Information System, otherwise known as SIS, is a large-scale database system created by the Schengen Convention as a compensatory measure following the abolition of controls at internal borders within the Schengen area which includes the majority of European states. The Schengen Convention entered into force in 1985, as an intergovernmental agreement among the States of the Benelux Economic Union, Germany and France. The resulting Schengen acquis was later, on June 1990, integrated into the European Union through the adoption of a Convention implementing the Schengen Convention of 1985. The SIS allows competent authorities in Member States to search for, obtain and exchange information on persons and objects at the external borders or within the territory of the EU and to issue alerts for identification purposes. Recently, the addition of new Member States to the EU and resulting territorial enlargement necessitated the shift to a second generation System, since SIS I could only serve a maximum of 18 States. Council Decision 2007/533/JHA of 12 June 2007 (“the Decision”) along with Regulation (EC) No. 1987/2006 of the European Parliament and the Council of 20 December 2006 established this second generation Schengen Information System known as SIS 11. SIS II introduced new functionalities in the system following the latest developments in information technology, most predominantly the use of biometric data such as photographs and fingerprints, the interlinking of alerts, and a technical platform to share information with the Visa Information System. Given these new functionalities, it has been suggested by the European Data Protection Supervisor (EDPS) that the establishment of SIS II creates the risk of changing the Schengen database from a mere control tool to a police investigative tool. For example, the EDPS pointed out that even though the interlinking of alerts can certainly be useful to the registration of alleged gangs or networks, it can have a major impact on the rights of the individual person, since the person is no longer accessed on the basis of data relating only to himself or herself, but on the basis of his or her possible association with other persons.