Architecture of the ETIAS

Social
Architecture of the ETIAS

Introduction

Currently scheduled to come into operation in early 2021, the new European Travel Information and Authorisation System (ETIAS) has been devised in a manner to involve EU entities involved in border or coast guard security. From acceptance or refusal of an application form through to access and assessment of data, there are six different units in the ETIAS infrastructure. These are:

  • eu-Lisa (European Union Agency for the Operational Management of Large-Scale IT Systems in the Area of Freedom, Security and Justice)
  • European Border and Coast Guard Agency (Frontex).
  • ETIAS Central Unit
  • ETIAS National Units
  • ETIAS Screening Board
  • Europol

Operation of the entire system will be entrusted to two experienced bodies with different but complementary agendas: eu-Lisa and Frontex.

eu-Lisa Technical Responsibility

Although only formed in 2011, eu-Lisa has already established itself as one of the foremost operators of large-scale information systems and databases. The agency currently manages the new Schengen Information System (SIS II), Visa Information System (VIS) and Eurodac; the fingerprint database for asylum seekers.

Every country that intends to operate ETIAS will have its own national centre for inputting and accessing data but no single state can implement comprehensive security checks. This requires a dedicated, flexible and integrated system which can be constantly updated with the latest information gleaned from European and world security databases. This is the area in which eu-Lisa has built its reputation and the agency will be tasked with building, developing and maintaining the ETIAS system to the highest standards possible.
There already exist a number of information systems across the European Union through which security, immigration and law enforcement agencies can access relevant information about visitors who may pose a security risk or be involved in criminal activity. At present, many of these systems operate independently and it will be eu-Lisa’s task to link these data banks, update them, collate the information and make the system interoperable. This interoperability between systems (now containing reliable, complete and accurate details) will be instantly available and of tremendous benefit to various European law enforcement agencies as they strive to minimise terrorist threats and curtail the spread of cross-border criminal enterprises.

Frontex Operational Control

While eu-Lisa will design and maintain the ETIAS information database, the day to day running of the system will be undertaken by the European Border and Coast Guard Agency. Also known as Frontex, this agency already assists European and Schengen member states to manage their external borders as well as helping to synchronise European border control measures.

European countries sharing an external border with non-EU states have sole responsibility over border control but recent increasing numbers of migrants, refugees and asylum seekers have put these borders under intense pressure. Frontex constantly monitors this situation and stands ready to provide assistance for these countries by:

  • Providing technical support
  • Deploying equipment such as boats, aircraft and surveillance systems
  • Supplying specially trained border staff
  • Coordinating maritime operations

Frontex possesses neither its own equipment nor border guards, and relies on the various European Union countries to supply these. The agency operates as a coordinator and Frontex deployed security and border control personnel maintain a constant presence at European external borders including those of Romania, Poland, Slovakia and Bulgaria as well as in many European international airports.

As part of its activities, Frontex already carries out extensive risk-analysis with regard to European border security. Information collected is used to build a picture of irregular migration trends and to monitor possible cross-border criminal activity and potential security risks. In existence since 2004, Frontex is experienced in the collection and assessment of pertinent data and the agency is a logical choice for running the forthcoming ETIAS programme.

ETIAS Central Unit

At the very core of the new travel information and authorisation system is the ETIAS Central Unit. It is here that all personal data collected from application forms will be entered into the system and securely stored. The purpose of the Central Unit is to ensure that all information is correct and up to date and check on any discrepancies or inaccurate data. The Central Unit is responsible for evaluating each application, reviewing any risk indicators and consulting with the ETIAS Screening Board in relation to any breaches of the screening rules as set out by the Board.

ETIAS National Units

ETIAS approval is expected to be automatically granted in the vast majority of cases but some will not succeed for varying reasons. Every country operating ETIAS will have its own National Unit where an application not automatically successful will be assessed manually and granted or refused. National Units can also be consulted about applications submitted to another country’s National Unit for clarification or investigation.

ETIAS Screening Board

Composed of representatives from Europol and each National Unit, the ETIAS Screening Board will be responsible for the drafting of a series of security questions and screening rules as well as defining and revising possible risk indicators. An ETIAS watch list of applicants who may pose a security risk is also to be drawn up and implementation of this list will also fall under the auspices of the Screening Board

Europol

Europol, the European Union Agency for Law Enforcement Cooperation, has several roles to play in the operation of ETIAS:

  • The establishment and management of the planned ETIAS watch list
  • Europol data on criminal or terrorist offences and convictions will be checked against applications
  • Consultation with the Central Unit and National Units when there is a hit on security databases
  • Assistance in defining screening rules for the ETIAS Screening Board

Streamlined Cooperation

Although there will be six distinct bodies involved in the establishment and operation of ETIAS, it is envisaged that these units will interact smoothly and effectively. Unless an application raises a flag in one of the security databases accessed it is expected that the vast majority of applications will be successful and granted automatic approval within minutes.