Convention on the use of information technology for customs purposes (CIS)
The purpose of this act is to assist in preventing, investigating and prosecuting serious breaches of national laws by increasing, through the rapid dissemination of information, the effectiveness of cooperation and control procedures of the customs administrations of the Member States.
Council Act 95/C316/02 of 26 July 1995 drawing up the Convention on the use of information technology for customs purposes.
The Member State's customs authorities will set up and maintain a joint automated information system for customs purposes, hereinafter referred to as the "Customs Information System" (CIS).
The Customs Information System will consist of a central database facility accessible via terminals in each Member State. It will contain only the data, including personal data, necessary to achieve its aim, in the following categories:
- means of transport;
- fraud trends;
- availability of expertise.
The Member States will determine the items to be included in the Customs Information System relating to each of the three last categories to the extent that this is necessary to achieve the aim of the system. No items of personal data will be included in the last two categories.
Personal data will be confined to:
- name, maiden name, forenames and alias;
- date and place of birth;
- any particular objective and permanent physical characteristics;
- reason for inclusion of data;
- suggested action;
- warning code indicating any history of being armed, violent or escaping.
Under no circumstances may personal data listed in Article 6, first sentence, of the Council of Europe Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data signed at Strasbourg on 28 January 1981 (the Strasbourg Convention) be included.
Direct access to data included in the Customs Information System is reserved exclusively for the national authorities designated by each Member State. These national authorities will be customs administrations, but may also include other authorities competent under the laws, regulations and procedures of the Member State in question to act in order to achieve the aim of the Convention.
Member States may only use data from the Customs Information System to achieve the Convention's aim; however, they may use it for administrative or other purposes with the prior authorisation of and subject to any conditions imposed by the Member State which entered it in the system. Such use must be in accordance with the laws, regulations and procedures of the Member State which seeks to use it and must take into account Principle 5.5 of Recommendation R (87) 15 of the Committee of Ministers of the Council of Europe dated 17 September 1987.
Inclusion of data in the Customs Information System will be governed by the laws, regulations and procedures of the supplying Member State except where the Convention lays down more stringent provisions.
Each Member State will designate a competent customs administration to have national responsibility for the Customs Information System.
That administration will be responsible for the correct operation of the System within the Member State and will take the measures necessary to ensure compliance with the provisions of the Convention.
Only the supplying Member State will have the right to amend, supplement, correct or delete data which it has included in the Customs Information System.
Data entered in the Customs Information System will be kept only for the time necessary to achieve the purpose for which it was entered. The need for its retention will be reviewed at least once a year by the supplying Member State.
Each Member State intending to receive personal data from the Customs Information System or include it in the system must adopt national legislation sufficient to achieve a level of protection of personal data at least equivalent to that resulting from the principles of the 1981 Strasbourg Convention by the time the CIS Convention enters into force.
The rights of persons with regard to personal data in the Customs Information System, in particular their right of access, will be exercised in accordance with the laws, regulations and procedures of the Member States in which such rights are invoked.
A committee consisting of representatives from the Member State's customs administrations will be set up. It will adopt its rules of procedure unanimously.
Each Member State will designate a national supervisory authority or authorities responsible for personal data protection to carry out independent supervision of such data entered in the Customs Information System.
A Joint Supervisory Authority will be set up. It will comprise two representatives from each Member State drawn from the respective independent national supervisory authority or authorities.
All administrative measures necessary to maintain security will be taken either by the Member States' authorities or by the committee referred to in point 12, respectively for the terminals installed in the Member States and for the Customs Information System and the terminals located on the same premises as the System.
Each Member State will be responsible for the accuracy, currency and lawfulness of data it has entered in the Customs Information System. It will also be responsible for complying with Article 5 of the 1981 Strasbourg Convention.
The CIS convention will be adopted by Member States in accordance with their respective constitutional requirements.
Member States will notify the Secretary-General of the Council of the European Union (EU) of the completion of their constitutional requirements for adopting the Convention.
The Secretary-General of the Council of the EU will act as depository for the convention.
|Act||Entry into force||Deadline for transposition in the Member States||Official Journal|
|Council Act, 95/C 316/02||After ratification||-||OJ C 316 of 27.11.1995|