A space of free movement without controls on the internal borders - that was the goal of the Schengen Agreement, which has been in effect since 1995. All EU member states belong to the Schengen area with the exception of Great Britain, Ireland, Cyprus, Romania, and Bulgaria. However, Lichtenstein, Iceland, Norway and Switzerland participate.



Within the Schengen zone, citizens can move freely and do not need to check in with authorities as they cross from one country to another. In light of security concerns, the member states established a joint database to be used in manhunts. Called the Schengen Information System (SIS), it has now been reformed in an attempt to make sharing information between offices faster and easier.

A map showing member states in the Schengen area (C) DW

Cross-border data exchange



In its first generation, the database compiled information about people who were missing, wanted or under observation. When the EU was expanded in 2004, the system was correspondingly broadened to include the new member states. Since then, biometric data, fingerprints and photos are saved and matched up.



It is now possible for European customs and border officials as well as police and prosecutors to search not just for missing people or criminal offenders. They can also look for cars and weapons.



"It's important for member states to exchange data among one another more closely and join forces in fighting crime - as a counterbalance to the absence of border controls," said Markus Beyer-Pollock, spokesman for Germany's Federal Ministry of the Interior.



No uniform data protection standards



Exchanging data is nothing new. "However, with this shift to a second version of the Schengen Information System, a centralization took place in how the data is stored," said Federal Commissioner for Data Protection and Freedom of Information Peter Schaar in an interview with DW. That's why it's even more important for Europe to have uniform standards when it comes to privacy and police investigations, Schaar added.



National and European privacy authorities are intended to help determine whether the second version of SIS conforms to their countries' standards.

Peter Schaar has reservations about the lack of uniform privacy standards in the EU

"In negotiating the expansion to SIS II, Germany has, like other member states, sought to ensure that a high level of privacy protections are established in European regulations," Beyer said, who notes that the database merely holds raw data that can be used to compare people sought by the police.



But Peter Schaar counters that it is important to establish uniform standards across Europe for questions about what data can be saved, for what purposes, and who can access it. "We've observed that the commission is making strong efforts at securing additional authority to make this data available to EU institutions."



Such a concentration of power is not in accordance with data protection standards, Peter Schaar believes. His job entails working through some of the legal issues relating to SIS. He criticizes the fact that SIS, including in its second generation, is intended to be a way to search for people and things, but it could be coupled with other, brand new registries. For example, a new European registry records all travels in and out from the Schengen zone. A visa information system is in the works, and the European Commission recently granted the European police force EUROPOL access to SIS II.



"A situation is developing in which information about not just suspected criminals or criminal deeds is being collected, but simply everyday behavior," Peter Schaar said.



Seven years late, ten times as expensive



It's been a long road for the SIS II, which has been in development and programming phases since 2002. It was intended to launch in 2006. But again and again, the database has failed the necessary technical tests. The costs to date have run up to nearly 160 million euros ($208.9 million), according to the European Commission. The original cost estimate was 20 million dollars.



SIS II consists of a central server in Strassbourg (C-SIS) and a further 25 systems in each Schengen member state (N-SIS). When national police offices instigate a search for someone, data is sent from N-SIS to C-SIS, such that just minutes after the information is entered, it is available to all partners. Alarm and other notifications can be activated instantaneously at all border stations.



SIS II is the European Union's latest step to try and ensure safety within the Schengen zone.