1. What is the ETIAS?
What is the European Travel Information and Authorisation System (ETIAS)?
In November 2016, the Commission proposed to establish a European Travel Information and Authorisation System (ETIAS) to strengthen security checks on those persons who travel visa-free to the EU, currently nationals from over 60 countries (full list here).
The ETIAS will be an automated IT system created to identify any security or irregular migratory risks posed by visa-exempt visitors travelling to the Schengen area, whilst at the same time facilitate crossing borders for the vast majority of travellers who do not pose such risks. All non-EU nationals who do not need a visa to travel to the Schengen area will have to apply for a travel authorisation through the ETIAS system prior to their trip. The information gathered via the ETIAS will allow, in full respect of fundamental rights and data protection principles, for advance verification of potential security or irregular migration risks.
After filling in an online application form, the system will conduct checks against EU information systems for borders and security and, in the vast majority of cases, issue a travel authorisation within minutes. The ETIAS travel authorisation will be a mandatory pre-condition for entry to the Schengen area. It will be checked together with the travel documents by the border guards when crossing the EU border. This prior verification of visa exempt non-EU citizens will facilitate border checks; avoid bureaucracy and delays for travellers when presenting themselves at the borders; ensure a coordinated and harmonised risk assessment of third-country nationals; and substantially reduce the number of refusals of entry at border crossing points.
What is the difference between a Schengen visa and an ETIAS travel authorisation?
The ETIAS authorisation is not a visa. Nationals of visa liberalisation countries will continue to travel the EU without a visa but will simply be required to obtain a travel authorisation via ETIAS prior to their travel. ETIAS will be a simple, fast and visitor-friendly system, which will, in more than 95% of cases, result in a positive answer within a few minutes.
An ETIAS travel authorisation does not reintroduce visa-like obligations. There is no need to go to a consulate to make an application, no biometric data is collected and significantly less information is gathered than during a visa application procedure. Whereas, as a general rule, a Schengen visa procedure can take up to 15 days, and can in some cases be extended up to 30 or 60 days, the online ETIAS application only takes a few minutes to fill in. The validity will be for a period of three years, significantly longer than the validity of a Schengen visa. An ETIAS authorisation will be valid for an unlimited number of entries.
The ETIAS travel authorisation will be a necessary and small procedural step for all visa-exempt travellers which will allow them to avoid bureaucracy and delays when presenting themselves at the borders. ETIAS will fully respect this visa-free status; facilitate the crossing of the Schengen external border; and allow visa free visitors to fully enjoy their status.
What is the impact of ETIAS on the common visa policy?
Visa liberalisation is an important tool in building partnerships with third countries and in increasing the attractiveness of the EU for business and tourism. Mandatory advance verification and assessments of potential security or irregular migration risks related to visa-exempt travellers through the ETIAS, while fully respecting their visa-free status, will help to safeguard and complement the success of the EU’s visa liberalisation policy. Adding this layer of information and risk assessment will allow visitors to fully enjoy their visa-free status, and at the same time enhance the security and safety within the Schengen area. Travellers will also have an early indication of their possible entry into the Schengen area, allowing them to better plan their visit.
As visa liberalisation dialogues with third countries continue to progress, the ETIAS will strengthen the EU’s capacity to assess and manage the potential migration and security risks whilst at the same time facilitate the crossing of the Schengen external borders.
2. How will ETIAS work in practice?
What will visa-exempt travellers have to do before their travel?
Travellers will have to complete an online application via a dedicated website or an application for mobile devices. Filling in the application should not take more than 10 minutes and should not require any documentation beyond a travel document (a passport or other equivalent document). In case of an inability to apply (due to age, literacy level, access to and competence on information technology etc.) applications may be submitted by a third person.
An electronic payment of a €7 fee for each application will be required for all applicants between the ages of 18 and 70. The electronic payment methods will take into account technological advancements in the visa-free countries in order to avoid hindering visa-free third country nationals who may not have access to certain payment means.
The automated assessment process will start after the fee collection is confirmed. The vast majority of applicants (expected to be more than 95% of all cases) will be given automated approval which will be communicated to them within minutes of payment. If there is a hit against any of the searched databases or an undecided outcome of the automated process, manual handling of the application will take place by a Central Unit in the European Border and Coast Guard Agency or by a Member State team. This can prolong the response time to the visa-exempt third country national by up to 96 hours. In very exceptional circumstances further information may be asked of applicants and further procedural steps may be necessary, but in all cases a final decision shall be taken within four weeks of their application.
Of the roughly 5% of applications which produce a hit, it is expected that 3-4% will receive a positive decision after ETIAS Central Unit verifies the data, with the remaining 1-2% being transferred to ETIAS National Units for manual processing. After the decision applicants will be given a response by email with a valid travel authorisation, or a justification for the refusal.
What happens if a person has been refused travel authorisation from ETIAS?
If the travel authorisation is refused, the applicant retains the right to appeal. Appeals can be launched in the Member State that has taken the decision on the application and in accordance with the national law of that Member State. The applicant will be informed which national authority is responsible for the processing and decision on his or her travel authorisation, as well as information regarding the procedure to be followed in the event of an appeal. If the traveller considers their treatment to have been unfair, he/she is also given the right to seek redress or request access to the information through the national authority.
What is the validity of an ETIAS travel authorisation?
The validity of the travel authorisation will be three years (or until the expiry date of the travel document).
What are the obligations for the carriers?
Prior to boarding, air and sea carriers, as well as carriers transporting groups overland by coach will have to verify the status of the travel document required for entering the Schengen Area, including the requirement to hold a valid ETIAS travel authorisation. A transitional period is foreseen for carriers transporting groups overland by coach during which it will not be obligatory for them to check the presence of a valid travel authorisation.
What will happen at the border crossing point?
Upon arrival at a Schengen area border crossing point, the border guard will electronically read the travel document data, thereby triggering a query to different databases, including a query to ETIAS in the case of visa-exempt travellers. If there is no valid ETIAS travel authorisation, the border guards will refuse entry and record the traveller and the refusal of entry in the Entry Exit System.
If there is a valid travel authorisation, the border control process will be conducted and the traveller may be authorised to enter the Schengen area if all entry conditions are fulfilled or refused access as provided by the Schengen Border Code.
Can a travel authorisation be revoked?
Although the travel authorisation is valid for 3 years, it may be revoked or annulled should the conditions for issuing the travel authorisation no longer apply.
3. Closing information gaps and enhancing security
How will ETIAS address existing information gaps?
Currently, border and law enforcement authorities have little information on travellers who are crossing the EU borders visa-free. This is not the case for people travelling with a Schengen visa, whose information can be cross-checked by the border guards in the Visa Information System (VIS). By ensuring that all visitors are checked prior to their arrival, theETIAS will close an important information gap. It will help identify potential security or irregular migration risks before visa-free travellers arrive at the EU border and better monitor who is crossing the EU borders.
How does ETIAS complement existing information systems for borders and security?
In line with the interoperability strategy proposed in the Communication on Stronger and Smarter Information Systems for Borders and Security of 6 April 2016, ETIAS is designed to be interoperable with existing systems, and systems currently being developed, such as the Entry Exit System (EES).
To the maximum extent possible and when technically feasible, the ETIAS will reuse the hardware and software components of the EES and its communication infrastructure. Interoperability will also be established with the other information systems to be consulted by ETIAS such as the Visa Information System (VIS), Europol data, the Schengen Information System (SIS), Eurodac and the European Criminal Records Information System (ECRIS).
What databases will be checked by ETIAS?
When verifying and assessing the information submitted by visa-exempt travellers, the system will automatically cross-check each application against:
– the existing EU information systems:
o the Schengen Information System (SIS),
o the Visa Information System (VIS),
o Europol data,
o the Eurodac database,
– proposed future EU information systems:
o the Entry/Exit System (EES),
– Interpol databases:
o the Interpol Stolen and Lost Travel Document database (SLTD),
o the Interpol Travel Documents Associated with Notices database (TDAWN),
– a dedicated ETIAS watch list and specific risk indicators.
Pending the approval of the Commission’s proposal to exchange information regarding criminal records in the EU to third-country nationals (ECRIS-TCNs), ETIAS should in the future also be able to query ECRIS-TCNs.
How will ETIAS improve the security of EU citizens?
By providing vital information on security, irregular migration and public health, ETIAS will significantly contribute to closing existing security information gaps. It will help Member States’ authorities to spot individuals that may pose risks and take action before they reach Schengen’s external borders.
More specifically, the system will improve the detection of human trafficking (particularly in the case of minors), help tackle cross border criminality, and more generally will facilitate the identification of persons whose presence in the Schengen area could pose an internal security threat. The data stored in ETIAS, in respect of fundamental rights and data protection, may also be made available to national law enforcement authorities and Europol if necessary for the prevention, detection or investigation of a terrorist offence, or other serious criminal offences.
How will ETIAS ensure and guarantee the respect for fundamental rights and data protection?
The Commission’s proposal fully complies with the Charter of Fundamental Rights and contains all appropriate safeguards, ensuring that ETIAS is developed in line with the highest standards of data protection, in particular regarding data access, which is strictly limited. The proposal foresees individuals’ right of redress, particularly as regards the right to a judicial remedy and the supervision of processing operations by public independent authorities.
Personal data recorded in the ETIAS will not be kept for longer than is necessary for its purpose. Data shall be stored for:
– the period of validity of the travel authorisation or,
– five years from the last decision to refuse, revoke or annul the travel authorisation.
The data could be stored for an additional period of no more than three years after the end of the period of validity of the travel authorisation if the applicant freely and explicitly consents to keep his or her data longer. After the expiry of the data retention period, the application file and personal data will be automatically deleted from the ETIAS Central System.
Member States’ law enforcement authorities and Europol will have access to ETIAS, under strictly-defined conditions, for the prevention, detection or investigation of terrorist offences or other serious criminal offences. The designated authorities and Europol should only request access to ETIAS when they have reasonable grounds to believe that such access will substantially help them in carrying out their duties.
4. ETIAS structure and development
How will ETIAS be structured?
The ETIAS will be composed of the ETIAS Information System, the ETIAS Central Unit and the ETIAS National Units.
The ETIAS Information System will comprise of:
- a Central System to process the applications;
- a National Uniform Interface in each Member State connecting the Central System and the national infrastructures;
- a secure Communication Infrastructure between the Central System and the National Uniform Interfaces;
- a public website and a mobile app for mobile devices;
- an email service as well as a number of tools for applicants, such as an account service, a verification tool and a tool to provide or withdraw the consent for data retention beyond the general period.
The ETIAS Central Unit will be established within and managed by the European Border and Coast Guard Agency, and will be part of its legal and policy framework. Operating on a 24/7 basis, the ETIAS Central Unit will have four central tasks:
- ensuring that the data stored in the application files and the data recorded are correct and up to date;
- where necessary, verifying the travel authorisation applications with regards to a traveller’s identity in cases of a hit obtained during the automated process;
- defining, testing, implementing, evaluating and revising specific risk indicators of the ETIAS screening rules;
- carrying out regular audits on the management of applications and on the implementation of the ETIAS screening rules, particularly as regards their impact on fundamental rights, privacy rules and data protection.
ETIAS National Units will be established in each Member State, and will have the primary responsibility of conducting the risk assessment and deciding on travel authorisation for applications rejected by the automated application process. National Units will also provide applicants with information regarding the procedure to be followed in the event of an appeal.
An ETIAS Screening Board, established within the European Border and Coast Guard Agency, will have an advisory function and will be consulted on the definition, evaluation and revision of the risk indicators as well as for the implementation of the ETIAS watchlist. The Board will be composed of a representative of each ETIAS National Unit, Europol and the European Border and Coast Guard Agency.
A Fundamental Rights Guidance Board will bean independent advisory body composed of representatives from the European Border and Coast Guard Agency, the European Data Protection Supervisor, the European Data Protection Board and the Fundamental Rights Agency. It will assess the impact of processing of applications and the screening rules on fundamental rights, and provide guidance to the ETIAS Screening Board.
What is the ETIAS watchlist?
Information provided by applicants for an ETIAS authorisation will be cross-checked against different EU databases including the ETIAS watchlist.
The watchlist will consist of data related to persons who are suspected of having committed or taken part in a serious criminal offence or persons regarding whom there are factual indications or reasonable grounds to believe that they will commit terrorist or other serious criminal offences. The watchlist will be established on the basis of information provided by Member States and Europol.
What will the role of Europol be?
Europol, as an EU security information hub, is in a unique position to combine information that is not available to individual Member States or in other EU databases. It will, together with the Member States, enter data into the ETIAS watchlist and be responsible for keeping the entered data updated.
ETIAS National Units will consult Europol in the follow up to a hit that occurred during the ETIAS automated processing with data held by Europol. The Agency will also be involved in the definition of ETIAS screening rules.
What will the role of eu-LISA be?
Eu-LISA, the Agency for the operational management of large-scale information systems in the area of freedom, security and justice, will develop the ETIAS Information System and ensure its technical management. Among others, the Agency will be responsible for the creation of a public website and a mobile app for ETIAS applications, where applicants will be able for instance to check the status of their application.
How much will it cost to develop ETIAS?
To be as efficient as possible, ETIAS will build on the basis of the existing information systems and in sync with those that are still to be developed i.e. Entry / Exit System (EES). The development and implementation of EES and ETIAS should be carried out together and in parallel, which will ensure significant savings on set up and operational costs.
The cost for developing ETIAS is estimated at €212.1 million and the average annual operations cost at €85 million. ETIAS will be financially self-sustaining, as the annual operations costs will be covered by the fee revenue.
What is the territorial scope of ETIAS?
The ETIAS legislation will apply to Member States that are part of the Schengen area, including those which do not yet fully apply the Schengen acquis, i.e. Croatia, Cyprus, Bulgaria and Romania.
When will ETIAS be ready?
ETIAS is expected to be operational after three years of development, i.e. in early 2021.