COMMISSION IMPLEMENTING DECISION (EU) 2022/2413
of 5 December 2022
on the mechanism and the procedures for carrying out quality checks and appropriate requirements for data quality compliance, and the specification of quality standards pursuant to Regulation (EC) No 767/2008 of the European Parliament and of the Council
THE EUROPEAN COMMISSION,
Having regard to the Treaty on the Functioning of the European Union,
Having regard to Regulation (EC) No 767/2008 of the European Parliament and of the Council of 9 July 2008 concerning the Visa Information System (VIS) and the exchange of information between Member States on short-stay visas, long-stay visas and residence permits (VIS Regulation) (1), and in particular Article 29(2a), second subparagraph, and Article 29a(3), second subparagraph thereof,
Whereas:
(1) Regulation (EC) No 767/2008 established the Visa Information System (VIS) for the exchange of data between Member States on applications for short-stay visas, long-stay visas and residence permits, and on the decision taken to annul, revoke or extend the short-stay visas, long-stay visas and residence permits.
(2) The European Union Agency for the Operational Management of Large-Scale IT systems in the Area of Freedom, Security and Justice (‘eu-LISA’) should develop and maintain an automated mechanism and procedures for ensuring the quality of data stored in the VIS. The solution implemented by eu-LISA should contain rules preventing the users of the system from entering low quality data. The users of the system should further be assisted by guidance within the system to further increasing the quality of data entered into VIS.
(3) eu-LISA should regularly monitor the compliance with data quality rules set out in this Decision and take appropriate remedial measures where required. In particular, eu-LISA should verify if each data is complete, accurate, consistent, unique and conforms to data quality rules.
(4) Given that Regulation (EU) 2021/1134 of the European Parliament and of the Council (2) builds upon the Schengen
acquis
, in accordance with Article 4 of Protocol No 22 on the Position of Denmark, annexed to the Treaty on European Union and to the Treaty on the Functioning of the European Union, Denmark notified the implementation of Regulation (EU) 2021/1134 in its national law. Denmark is therefore, bound by this Decision.
(5) This Decision constitutes a development of the provisions of the Schengen
acquis
in which Ireland does not take part (3). Ireland is therefore not taking part in the adoption of this Decision and is not bound by it or subject to its application.
(6) As regards Iceland and Norway, this Decision constitutes a development of the provisions of the Schengen
acquis
within the meaning of the Agreement concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the association of those two States with the implementation, application and development of the Schengen
acquis
(4) which fall within the area referred to in Article 1, point B of Council Decision 1999/437/EC (5).
(7) As regards Switzerland, this Decision constitutes a development of the provisions of the Schengen
acquis
within the meaning of the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen
acquis
(6) which fall within the area referred to in Article 1, point B, of Decision 1999/437/EC read in conjunction with Article 3 of Council Decision 2008/146/EC (7).
(8) As regards Liechtenstein, this Decision constitutes a development of the provisions of the Schengen
acquis
within the meaning of the Protocol between the European Union, the European Community, the Swiss Confederation and the Principality of Liechtenstein on the accession of the Principality of Liechtenstein to the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen
acquis
(8) which fall within the area referred to in Article 1, point B, of Decision 1999/437/EC read in conjunction with Article 3 of Council Decision 2011/350/EU (9).
(9) This Decision constitutes an act building upon, or otherwise relating to, the Schengen
acquis
, within, respectively, the meaning of Article 3(2) of the 2003 Act of Accession, Article 4(2) of the 2005 Act of Accession and Article 4(2) of the 2011 Act of Accession.
(10) The European Data Protection Supervisor was consulted in accordance with Article 42(1) of Regulation (EU) 2018/1725 of the European Parliament and of the Council (10) and delivered an opinion on 13 July 2022.
(11) The measures provided for in this Decision are in accordance with the opinion of the Smart Borders Committee,
HAS ADOPTED THIS DECISION:
Article 1
Scope
1. This Decision lays down the detailed rules on the automated mechanism and procedures for carrying out quality checks and data quality compliance pursuant to Article 29(2a) of Regulation (EC) No 767/2008.
2. This Decision also lays down the detailed rules concerning the specifications of the data quality standards for entering data when creating or updating application files in the Visa Information System (VIS) pursuant to Article 29a of Regulation (EC) No 767/2008.
3. This Decision shall not apply to the following:
(a) the data contained in the read-only database referred to in Article 45c(6) of Regulation (EC) No 767/2008;
(b) data fields marked for deletion.
Article 2
Definitions
For the purposes of this Decision, the following definitions apply:
(1) ‘user’ means duly authorised staff of the visa authorities and the authorities competent to collect or decide on an application for a long-stay visa or residence permit;
(2) ‘input data’ means data, subject to data quality checks for the purpose of being stored in the VIS Central System;
(3) ‘blocking rules’ means rules or a set of rules that measure the degree to which input data is compliant with defined data requirements on their storage or use or both, including data quality rules that must be complied with before data can be entered in the VIS Central System.
(4) ‘soft rules’ means rules or a set of rules that measure the degree to which the input data is compliant with the defined data requirements conditioning its relevance or optimal use or both, including data quality rules applicable before data can be entered in the VIS Central System.
Article 3
Data-quality compliance mechanism and procedures
1. The automated mechanism established for ensuring data quality compliance shall apply to the entry or amendment of data when creating or updating application files in VIS by the competent authorities pursuant to Article 6(1) of Regulation (EC) No 767/2008.
2. For enhanced data quality compliance, eu-LISA shall set up a mechanism to avoid:
(a) syntax errors by allowing only correctly formatted data fields to be entered, or stored;
(b) semantic errors by, where possible, limiting the use of free text fields.
3. The data-quality compliance mechanism shall allow the application of blocking rules. When blocking rules do not apply, soft rules shall be applied to data entered or amended by the competent authorities pursuant to Article 6(1) of Regulation (EC) No 767/2008, in accordance with Articles 6, 8, 9, 9c, 9d, 9e, 9g, 10, 12, 13, 14, 22a, 22c, 22d, 22e, 22f, 24, 25 of that Regulation.
4. In order to determine data quality compliance with the blocking or soft rules, the data quality compliance mechanism referred to in paragraph 3 of this Article shall comply with points 1 and 2 of the Annex.
5. The data-quality compliance mechanism shall assess the extent to which the data complies with each data quality indicator by applying the data quality standard of each indicator. As a result of that assessment, the data-quality compliance mechanism shall assign to the input data a data quality classification pursuant to the process laid down in point 3 of the Annex.
6. eu-LISA shall implement the data quality standards for each indicator in accordance with the Annex.
Article 4
Special provisions for blocking rules and for soft rules
1. Input data not complying with a blocking rule shall be rejected from being entered and stored in the VIS Central System. Where the input data does not comply with a blocking rule, the data-quality compliance mechanism shall return an error message and provide guidance to the user on the correct way to make the input data comply with the blocking rule.
2. Input data not complying with a soft rule shall be entered into the VIS Central System with a data quality issue flag, notification or warning message. Where the input data does not comply with a soft rule, the data-quality compliance mechanism shall allow the entry of the data, return a warning message and provide guidance to the user on the correct way to make the input data comply with the soft rule.
3. Data fields which are essential for the functioning of the VIS shall have a blocking rule. The data fields to which a blocking or a soft rule shall apply are defined in the technical specifications. The technical specifications shall be developed by eu-LISA.
Article 5
General requirements for ensuring data quality compliance
The competent authorities pursuant to Article 6(1) of the Regulation (EC) No 767/2008 shall ensure the accuracy, completeness, consistency, timeliness and uniqueness of the data processed in the VIS Central System.
Article 6
Reports on data quality compliance
The information for the purpose of providing the different reports pursuant to Article 29(2a) of Regulation (EC) No 767/2008 shall be automatically generated from the central repository for reporting and statistics referred to in Article 39 of Regulation (EU) 2019/817 and shall include:
(a) for alphanumeric and biometric data assessed against blocking rules and soft rules, compliance with data quality indicators:
(1) completeness (%);
(2) accuracy (%);
(3) uniqueness (%);
(4) timeliness (%);
(5) consistency (%);
(b) completeness of application files (%);
(c) compliance of data with the ‘good quality’ classification (%);
(d) compliance of data with the ‘low quality’ classification (%);
(e) data fields that cause frequent quality issues.
The different reports pursuant to Article 29(2a) of Regulation (EC) No 767/2008 shall be produced on a monthly basis.
Article 7
Maintenance of data quality mechanism and procedures
Based on the reports referred to in Article 6 and in cooperation with Member States, when appropriate, eu-LISA may address any data quality issues and where necessary, adjust the compliance mechanism and procedures, as appropriate.
Article 8
Entry into force and applicability
This Decision shall enter into force on the day following that of its publication in the
Official Journal of the European Union
. The provisions in this Decision shall apply from the date of the start of operations of the VIS pursuant to Article 11 of Regulation (EU) 2021/1134.
Done at Brussels, 5 December 2022.
For the Commission
The President
Ursula VON DER LEYEN
(1)
OJ L 218, 13.8.2008, p. 60
.
(2) Regulation (EU) 2021/1134 of the European Parliament and of the Council of 7 July 2021 amending Regulations (EC) No 767/2008, (EC) No 810/2009, (EU) 2016/399, (EU) 2017/2226, (EU) 2018/1240, (EU) 2018/1860, (EU) 2018/1861, (EU) 2019/817 and (EU) 2019/1896 of the European Parliament and of the Council and repealing Council Decisions 2004/512/EC and 2008/633/JHA, for the purpose of reforming the Visa Information System (
OJ L 248, 13.7.2021, p. 11
).
(3) This Decision falls outside the scope of the measures provided for in Council Decision 2002/192/EC of 28 February 2002 concerning Ireland’s request to take part in some of the provisions of the Schengen
acquis
(
OJ L 64, 7.3.2002, p. 20
).
(4)
OJ L 176, 10.7.1999, p. 36
.
(5) Council Decision 1999/437/EC of 17 May 1999 on certain arrangements for the application of the Agreement concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the association of those two States with the implementation, application and development of the Schengen acquis (
OJ L 176, 10.7.1999, p. 31
).
(6)
OJ L 53, 27.2.2008, p. 52
.
(7) Council Decision 2008/146/EC of 28 January 2008 on the conclusion, on behalf of the European Community, of the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen
acquis
(
OJ L 53, 27.2.2008, p. 1
).
(8)
OJ L 160, 18.6.2011, p. 21
.
(9) Council Decision 2011/350/EU of 7 March 2011 on the conclusion, on behalf of the European Union, of the Protocol between the European Union, the European Community, the Swiss Confederation and the Principality of Liechtenstein on the accession of the Principality of Liechtenstein to the Agreement between the European Union, the European Community and the Swiss Confederation on the Swiss Confederation’s association with the implementation, application and development of the Schengen
acquis
, relating to the abolition of checks at internal borders and movement of persons (
OJ L 160, 18.6.2011, p. 19
).
(10) Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC (
OJ L 295, 21.11.2018, p. 39
).
ANNEX
1.
Data-quality compliance mechanism for data to be entered
Data entered in the Visa Information System will be subject to data quality compliance mechanism based on blocking and soft rules defined in Articles 2 and 4. These rules determine whether the entry of the data will be allowed or rejected. The blocking and soft rules are established based on the following parameters: syntax, semantics, conformity to quality standards, length, format, type and repetition.
2.
Data-quality indicators for data to be entered
The data-quality compliance mechanism will measure the quality of the data according to each relevant indicator. The data-quality compliance mechanism will take into account a weighing coefficient to calculate the relative weight of each indicator on the overall quality of the input data. The weighing coefficient will be further defined in the technical specifications.
After applying the weighing coefficient to the input data, the data-quality compliance mechanism will produce an input data profile containing the results of the application of the indicator standards, for example, numerical values evaluating the quality of the input data under each indicator.
Table 1 lists the set of data quality indicators that will always apply to data. Such indicators are: completeness, accuracy, consistency, timeliness and uniqueness.
Table 1
List of data quality indicators
|
Indicators |
Description |
Main scope of applicability |
Unit of measurement |
|
Completeness |
Means the degree to which the input data has values for all the expected attributes and related requirements in a specific context of use. Measures whether all the mandatory data are provided. |
Mandatory data fields (alphanumeric and biometric) |
Data completeness rate: ratio of the number of data cells provided to the number of data cells required |
|
Accuracy |
Means the degree to which the input data represents closeness of estimates to the unknown true values. |
Alphanumeric and biometric data |
Sampling error rates, unit non-response rate, item non-response rate, data capture error rates, etc. |
|
Consistency |
Means the degree to which the input data has attributes that are free from contradiction and are coherent with other data in a specific context of use. Measures the degree to which a set of data satisfies defined business rules applying to those data across them, means the absence of a conflict of data content. |
Alphanumeric data |
Percentage |
|
Timeliness |
Means the degree to which the input data is provided within a predefined date or time that condition the validity of the data or its context of use. Measures how up-to-date the data is, and whether the data required can be provided by the required time. |
Alphanumeric and biometric data |
Time lag -final: number of days from the last day of the reference to the day the input data is provided |
|
Uniqueness |
Means the degree to which two separate records will not be identical based on all fields. |
Alphanumeric and biometric data |
Percentage of data units which are not identical |
The accuracy indicator for biometric data also includes resolution. Resolution measures the degree to which the input data contains the required amount of points or pixels by unit of length. Unit to display on screen pixel:
pi unit
for printing;
dot pi
for output systems. Pixel one or several bits (range of colours ex: 16 colours 4b, 256 8b, 16b 65k, 24b 16.5mio).
3.
Data Quality Classification
After the development of the input data profile referred to in point 2, the input data will be assigned with a data quality classification. The following data quality classification will apply:
(a) ‘good quality’ means the data demonstrates the required compliance with the applicable data quality indicator;
(b) ‘low quality’ means the data does not demonstrate the required compliance with the applicable data quality indicator, in the case of a soft rule;
(c) ‘rejected’ means the data profile does not demonstrate the required compliance with the applicable data quality indicator, in case of a blocking rule.
Where the data is assigned with a ‘good quality’ classification, the data will be stored into the VIS Central System without any data quality alert.
Where the data is assigned with a ‘low quality’ classification, an alert will indicate that the data will be rectified and the reason why the data does not demonstrate the required compliance with the data quality indicator. Where possible, the alert will identify the data field(s) or the data content(s) or both affected by data quality issues and suggest the changes necessary for the input data to meet the ‘good quality’ classification.
Feedback