Προστασία Προσωπικών Δεδομένων και Δικαίωμα Ελεύθερης Κυκλοφορίας Προσώπων στον Χώρο Σένγκεν

Abstract

The signing of the Schengen Agreement was the beginning of the creation of the Area of Freedom, Security and Justice, offering its citizens free movement without internal border controls. However, this has resulted in increasing external border controls, which was mainly achieved by creating the Schengen Information System, a large-scale information system whose operation is based on the collection and storage of personal data of individuals who could threaten security in the Area. Advances in technology and the evolution of cross-border organized crime have pushed for continuous upgrades in the European Union's information systems. At the same time, the need arose to protect fundamental human rights that may have been affected by the operation of these systems, such as the right to privacy and the right to protection of personal data. This need was expressed through the adoption of specific regulations for the protection of personal data, in addition to the provisions already contained in the legal framework of the Schengen Information System. The aim of this paper is to investigate the protection of personal data in the European Area of Freedom, Security and Justice in conjunction with the operation of Information Systems and in particular, the Schengen Information System. For the treatment of the topic, the methodology of the presentation and critical analysis of the relevant institutional framework, the relevant case law of the Court of Justice of the European Union, as well as opinions and decisions of the Personal Data Protection Authority are adopted. The introduction shows the historical development and operation of the Schengen area under the Schengen agreement and its implementing Convention. At the same time, the efforts of the protection of the personal data of the citizens in this context are presented, as well as the recent General Data Protection Regulation in its basic provisions. Then, a presentation and analysis of the legal basis for the operation of the Schengen Information System and the recent second generation SIS II is attempted. The categories of data held by the system, the retention time, the access of the authorities to them and the rights of the data subject are presented in detail. The case law of the Court of Justice of the European Union provides an indicative presentation of the importance of the protection of personal data in European law and their relation to the right to privacy, while the principle of proportionality is also important for their processing. The opinion and decisions of the Personal Data Protection Authority focus on the exercise of fundamental rights of data subjects under SIS II. Finally, a comprehensive assessment of both the legal framework and the protection of personal data is attempted, risks and future prospects are identified and proposals for improvements are made in view of the introduction of a new legal framework for information systems, border management and law enforcement in the European Union. The European Union is in the process of reviewing information systems, border management and law enforcement to improve their efficiency and effectiveness. In fact, in recent years the operation of these systems has seemed to be of even greater concern, as the recent refugee crisis has reintroduced for the first time internal border controls and closed border policies within the Area of Freedom, Security and Justice, which meant the substantial abolition, for a period of time, of free movement guaranteed by the conclusion of the Schengen Agreement. So, it seems that Europe is experiencing a sense of insecurity that it is trying to cure with a stronger legal basis. At the same time, however, there is the issue of the protection of human rights and personal data that must be protected in order not to compromise on security.