Key Benefits:
Law on Schmeadow Information System (SIS) (SIS) [ SIS ]. |
| Date | LAW-1999-07-16-66 |
| Ministry of | The Justis and the Department of Emergency |
| Last modified | LO-2016-04-22-3 |
| Published | Avd In 1999 No. 16 |
| Istrontrecation | 01.01.2001 |
| Changing | |
| Announcement | |
| Card title | SIS-the-law-SSl. |
The purpose of this law is to regulate the treatment in Norway of information within the Schmeage Information System (SIS), herders to uphold the privacy of privacy.
SIS is an information system related to the Schengen cooperation. The system consists of a national security system in each of the states participating in the Schengen cooperation and a central system that the national systems communicate with.
The information system provides the possibility of registration of personal information and information on items within the purposes that follow by this law Section 7 to 9. The public authorities noted in Section 12 and 13, have access to registered information to protect these foretargets.
| 0 | Modified by law 27 June 2008 No. 66 (ikr. 9 apr 2013 ifg res. 5 apr 2013 # 337). |
The national unity of the fighting of organized and other serious crime (Kripos) is to bring a register that is the Norwegian part of SIS. The registry is to communicate with the central system and contain messages posted by Norwegian authorities. Cripos is the registry responsible, and shall bland.ensure that information that is admitted by Norwegian authorities in SIS is correct, updated and registered legally.
| 0 | Modified by laws 30 June 2006 # 47 (ikr. 30 June 2006 ifg res. 30 June 2006 # 746) 27 June 2008 No. 66 (ikr. 9 apr 2013 ifg res. 5 apr 2013 # 337). |
The registry administrator and data handler shall through planned and systematic measures ensure satisfactory information security with respect to confidentiality, integrity and availability by the processing of personal information in SIS.
In order to achieve satisfactory information security, the information system and security measures should be documented. Documentation shall be available for the co-workers of the registry responsible and data handler. The documentation should also be available for the Data Health and Privacy Board. The employees of the Data Authority, members of the Privacy Board or others who are carrying out the service of the regulatory authority, shall prevent unauthorized access to information about the security measures.
If the registry administrator gives others access to personal information, such as a data handler or others conducting missions in association with the information system, the registry responsible shall see that these meet the requirements in the first and other clause.
| 0 | Modified by law 14 apr 2000 # 31 (ikr. 1 jan 2001 ifg. res. 30 June 2000 # 641). |
The registry responsible shall establish and hold the ordinance planned and systematic measures necessary to meet the requirements in or in the co-hold of this Act.
The registry responsible shall document the measures. The documentation shall be made available to the collaborators with the registry responsible and dennes data handler. The documentation should also be available for the Data Health and Privacy Board.
| 0 | Modified by law 14 apr 2000 # 31 (ikr. 1 jan 2001 ifg. res. 30 June 2000 # 641). |
It can only be recorded information as mentioned in Section 6 when necessary to achieve one of the foretargets as mentioned in Section 7 to 9 and the concrete matter dictates that the information should be registered.
The registration of the information must be decided by the competent authority before the message is checked and admitted by the registry responsible.
Upon registration of message with request for arrest, jf. Section 7 # 1, it shall be verified whether the national legislature of the convention parties that the request is directed to, provides home for arrest.
Whether people can only be registered
| a) | surname and first name, name by birth and previously used name as well as optionally registered alias names |
| b) | -Honest objective physical characteristic of immutable species |
| c) | birthplace and date of birth |
| d) | gender |
| e) | photographs |
| f) | fingerprints |
| g) | citizenship |
| h) | The indication of whether the person is armed, violent or has escaped |
| in) | justification for the message |
| j) | The authority that has recorded the message |
| k) | a reference to the decision that lies due to the message |
| l) | what measures to be set in works |
| m) | links to other messages recorded in SIS in accordance with Section 9a |
| n) | type of punishing action |
It can also be recorded information about the following items :
| a) | vehicles with a cylinder volume of over 50 ccm, boats and aircraft, |
| b) | supporters with a self-emphasis on over 750 kg, trailers, industrial equipment, overseas boat engines and containers, |
| c) | firearms, |
| d) | stolen or otherwise lost blankodocuments, |
| e) | stolen or otherwise lost or invalidated issued credential documents such as passport, identity cards, driver's license, residence permits and travel documents, |
| f) | stolen or otherwise lost or invalidated registration evidence and license plates for vehicles, |
| g) | money notes (with registered number), |
| h) | stolen or otherwise lost or invalidated securities and tenders such as checks, credit cards, bonds and stocks. |
| 0 | Modified by laws 28 apr 2006 # 11 (ikr. 28 apr 2006 ifg res. 28 apr 2006 # 451), 27 June 2008 No. 66 (ikr. 9 apr 2013 ifg res. 5 apr 2013 # 337). |
It is admission to register
| 1. | information of persons as sought with regard to arrest and extradition |
| 2. | information on persons not to be granted permission for entry because it in connection with the expulsion of the foreigner Section 66 first clause letter a, b, c or e or other clause, Section 67, 68 or 126 other clause has been hit by the immigration ban, and the ordinance is still current |
| 3. | information about people who are missing or as of regard to their own safety or to prevent dangers must be brought temporarily in detention |
| 4. | information about witnesses, people who are subpoenaed for a court for their own actions in a criminal trial or about persons who will receive the punishment of punishment, to obtain knowledge of whereabouts or residence of residence or residence. |
| 0 | Modified by laws 30 June 2006 # 47 (ikr. 30 June 2006 ifg res. 30 June 2006 # 746), 19 June 2009 # 41 (ikr. 1 jan 2010 ifg. res. 30 oct 2009 # 1324), 9 May 2014 # 16 (ikr. 9 May 2014 ifg res. 9 May 2014 # 625), 20 June 2014 No. 47 (ikr. 1 July 2014 ifg res. 20 June 2014 # 792). |
It is admission to capture information about people, vehicles, boats, aircraft, and containers with envision of observation or targeted control
| 1. | to combat criminal acts and prevention threats against the public safety |
| a) | when there are concrete stops to assume that the person is planning to commit or commit a serious criminal act, or |
| b) | when it comes out from an overall assessment of the person, especially on the basis of previous conceptual penalties, then assumed that the person also in the future will commit serious criminal acts. |
| 2. | when there are concrete stops to assume that information on sanctuary, travel, destination, passengers, co-brought items or circumstances related to the refining of the person or vehicle is required to prevent a serious threat from the person's side or other serious threats to the state's internal or external security. |
| 0 | Modified by laws 28 apr 2006 # 11 (ikr. 28 apr 2006 ifg res. 28 apr 2006 # 451), 27 June 2008 No. 66 (ikr. 9 apr 2013 ifg res. 5 apr 2013 # 337). |
It is admission to record information on items that are sought for seizure or as evidence in a criminal case.
The link between messages can only be created when there is a clear operational need.
Wire messages do not affect the measures that will be met on the basis of each of the interconnected texts, or the deletion deadline for the information in the message.
A link does not extend the access rights in accordance with Section 12 or the adhall to obtain information according to Section 13.
| 0 | Added by law 27 June 2008 No. 66 (ikr. 9 apr 2013 ifg res. 5 apr 2013 # 337). |
The information recorded in SIS may not be used for purposes other than what has been set for the individual registration according to Section 7 to 9.
Without the obstacle of the first clause, one can take advantage of information for another purpose as mentioned in Section 7 to 9 when needed to prevent
| a) | an imminent danger of the public order and security, |
| b) | a serious threat to national security, or |
| c) | a serious punishing act, |
and it is obtained permission from the state that has posted the information.
Part Article SECTION 11. Exchange of information that did not be conveyed via SISThe registry responsible can exchange information that does not be conveyed via SIS (supplementary information). Such exchange can only happen to serve that purpose information has been provided for, and it is necessary to conduct the measures a message provides the basis for. The processing of supplementary information for the incidentally is regulated by the Police Registry Law and the Privacy Act, with the exception of the shonest delete rules of Section 20 seventh clause.
| 0 | Modified by laws 20 June 2003 # 45 (ikr. 1 July 2003 ifg res. 20 June 2003 # 712), 28 apr 2006 # 11 (ikr. 28 apr 2006 ifg res. 28 apr 2006 # 451), 22 apr 2016 # 3 (ikr. 22 apr 2016 ifg res. 22 apr 2016 # 407). |
The following authorities have access (right to direct search) to SIS :
| a) | police authority when it practices border control and other control |
| b) | Prosecution |
| c) | foreigner authority with liability for treatment of visa applications, treatment of permits to stay, and otherwise at enforcement of the foreigner law with respect to the details posted to the co-hold of Section 7 # 2 and Section 6 differently clause letter d and e to conduct the provisions of the People's Movement in the Convention on the Convention of the Schengen Agreement. |
| d) | Authority of responsibility for registration of motor vehicles has, to control whether motor vehicles that want to be recorded have been stolen, otherwise disappeared or are wanted as evidence in criminal charges, access to the following information : stolen or on other way lost motor vehicles with a cylinder volume of over 50 cubic centimeters, supporter and trailers with a self-emphasis on over 750 kg, and stolen or otherwise lost or invalid registration document for motor vehicles and number plates for motor vehicles. |
Access to the registry shall be given only to people who have received special authority. Users can only search for the information that is necessary to protect their tasks.
| 0 | Modified by laws 28 apr 2006 # 11 (ikr. 28 apr 2006 ifg res. 28 apr 2006 # 451), 30 June 2006 # 47 (ikr. 30 June 2006 ifg res. 30 June 2006 # 746), 27 June 2008 No. 66 (ikr. 9 apr 2013 ifg res. 5 apr 2013 # 337). Endres by law 18 June 2010 # 25 (ikr. from the time the King decides). |
The details of people and items may be after motion issued from the registry to :
| a) | police and customs authority as well as the Coast Guard when the exercising border control |
| b) | police and customs authority when it performs other control than border control, as well as the Coast Guard when it exercising tasks that otherwise be attributed to police and customs authorities |
| c) | Prosecution |
| d) | foreigner authority in cases as mentioned in Section 12 first clause letter c |
| e) | road authority in cases as mentioned in Section 12 first clause letter d |
| f) | Department of Affairs and Police Directorate in connection with the exercise of senior authority |
It can only be issued information that is necessary to address the recipient's tasks.
| 0 | Modified by laws 28 apr 2006 # 11 (ikr. 28 apr 2006 ifg res. 28 apr 2006 # 451), 30 June 2006 # 47 (ikr. 30 June 2006 ifg res. 30 June 2006 # 746). |
Any as during the exercise of service or work gain access or knowledge of information from SIS, duties to prevent unauthorized persons from any knowledge of these.
The Prevalence Act Section 13-13 d does not apply.
The registered has the right to obtain informed what information about itself has been recorded in SIS.
The registered cannot be visibility into information if it can damage the completion of the advent of the advent requested, or if the privacy of other people dictates it. Insight should always be denied in the period of time it is requested for observation.
The desire for visibility is set for the registry responsible or the authority that has decided enrollment, but is determined by the registry responsible. If the message requested visibility into, has been posted by another convention, duties the registry responsible to give this conventional occasion to comment before visibility is provided.
The registered can require fixed or incomplete information about themselves or have deleted the information booklet with judicial errors. The same applies to information it is not allowed to register.
If information is recorded as incorrect, incomplete or as it is not allowed to register, the registry responsible for the petition of the registered or of its own measures shall ensure that the information be corrected, supploes or deleted.
The registry administrator should barely make sure that the error does not get meaning for the registered, e.g. by notifying recipients of the issued information.
If recorded information mentioned in other clauses has been posted by another convention, the registry responsible without the stay will inform this convention with the request to correct, suppers, or delete the information. If the request does not come, it may registered bring the case in for the ministry as the complaint filed.
Motion for correction or deletion is set for the registry responsible or the authority that has decided enrollment, but is determined by the registry responsible.
The desire for visibility or whether correction and deletion shall be answered in writing without due stay and the latest within 30 days from the day that the inquiry came in.
If very honest conditions make it impossible to respond to the inquiry within 30 days, the review can be postponed until it is possible to provide answers. It should then be given a preliminary response with the indication of the probable time for when answers can be issued.
The registered can be placed to put forward a written and signed petition.
Part Article SECTION 18. ReplacementA person has claimed damages for damage that has been inflicted as a result of the information being registered or used in violation of the rules of treatment of information in SIS. This applies without regard to whether it has been expelled by the registry responsible or dennes data handler or of any other person who has struck the decision or posted message of registration.
The replacement shall respond to the financial losses that it registered has been inflicted on the illegal registration or use of the information. The replacement may also include damages for infringement or other damage of non-economic species (satisfaction) in the extent that this exists reasonably.
The requirement for damages is set for the registry responsible or the authority that has decided enrollment, but is processed by the registry responsible. Demand for damages must be released at the latest one year after the tax has been recognized with the registration. When requirements are placed after a person has been charged in a criminal trial, the treatment rules apply to the sentencing rules of the Criminal Law Chapter 31. The Penalty Process Act Section 444, Section 445 and Section 446 are not applicable to requirements for damages after the determination here.
The registered can impose complaint about visibility, correction, or deletion and damages to the Police Directorate.
At the clageing in cases concerning visibility, correction or deletion, the Police Directorate shall be filing the case for the Data Authority to the statement before the complaint case is decided.
The Prevalence Act chapter VI applies to the equivalent of as far as it fits.
The registrar rights in accordance with Section 21 other clauses are not affected by the provisions of this paragraph.
| 0 | Modified by laws 30 June 2006 # 47 (ikr. 30 June 2006 ifg res. 30 June 2006 # 746), 27 June 2008 No. 66 (ikr. 1 jan 2011 ifg. res. 17 des 2010 # 1611). |
Details of people or items posted by the registry responsible shall not be retained longer than what is necessary for the purpose of registration.
Information recorded in co-holder of Section 7 shall be the registry responsible no later than three years after registration take the position of whether it is necessary to retain.
Information recorded in the co-held of Section 8 shall the registry supervisor at the latest one year after registration to whether it is necessary to retain.
If the retention is extended, the corresponding deadlines are applicable as mentioned in the second and third clause of the extended registration.
Information about items recorded in the co-hold of Section 9 should not be retained longer than ten years.
Information about items recorded in co-hold of Section 8 should not be retained longer than five years.
Supplerating information mentioned in Section 11 shall not be retained longer than what is necessary for the purpose of registration. Such information shall still be deleted only one year after the message of the person or object has been deleted in SIS. The purge duties in other period do not apply if the information is provided by Norwegian authorities or in a message from foreign authorities that have triggered measures from Norwegian authorities.
The registry responsible shall establish routines in order to ensure that the need to delete information is periodically assessed. The foundation for the extension should be documented.
| 0 | Modified by laws 28 apr 2006 # 11 (ikr. 28 apr 2006 ifg res. 28 apr 2006 # 451), 27 June 2008 No. 66 (ikr. 9 apr 2013 ifg res. 5 apr 2013 # 337). |
The Data Authority shall verify that the law and regulations granted in co-compliance of the law are followed and that errors or are missing are corrected.
The data protection shall after motion from the registered verification of the information about the person in SIS is correct, whether the rules of visibility are followed, and whether the information has been recorded and used in accordance with this law. If the information has been posted by another convention, the control is to be conducted in co-counsel with this convention-saving control organ. The case management rules in Section 17 apply accordingly.
| 0 | Modified by law 27 June 2008 No. 66 (ikr. 1 jan 2011 ifg. res. 17 des 2010 # 1611). |
The Computer Safety and Privacy Board may require the information needed to conduct their tasks.
The Data Authority can as clause in its control with that the rules of the law are demanding admission to those places where the personal information is processed and where there are aids for the treatment. The vision can conduct those samples or controls as it believes are necessary and require assistance from the staff at the site of the extent that this must to be conducted samples or controls.
Right to require information or access to premises and aids in accordance with the first and other clause is not limited by the provisions of secrecy.
| 0 | Modified by law 14 apr 2000 # 31 (ikr. 1 jan 2001 ifg. res. 30 June 2000 # 641). |
The Data Authority may provide the registry responsible injunction that the treatment of information in violation of this law shall cease or quiet terms that must be met for the treatment to be in compliance with the law. The data protection can still not provide visibility into information recorded after Section 7 # 1 or Section 8 when the registry responsible declines to give visibility during reference to Section 15 other clauses.
The data regulator's decision after the first clause can be scratched to the Privacy Board.
| 0 | Modified by law 14 apr 2000 # 31 (ikr. 1 jan 2001 ifg. res. 30 June 2000 # 641). |
If the Data Reguctions Act or Act of the Police Directorate applies to a message posted by another convention, the registry responsible shall pass the decision to this Convention with the request for consummation.
The registry responsible shall consummate final decisions struck by other conventional law enforcement agencies that apply to messages posted by Norwegian authorities.
| 0 | Modified by law 30 June 2006 # 47 (ikr. 30 June 2006 ifg res. 30 June 2006 # 746). |
The king can provide regulations on :
| a) | decision complexes and case management rules, jf. SECTION 5 |
| b) | -The authority of personnel who will have access to the registry, jf. SECTION 12 |
| c) | case processing rules, jf. Section 14-20 and 24 |
| d) | information security, hernised about the organizational and technical security measures, jf. SECTION 3 |
| e) | review of internment, jf. SECTION 4. |
This law does not apply to Svalbard.
The law takes effect from the time the King decides.
| 0 | The law went on ir. 1 jan 2001 ifg. res. 21 des 2000 # 1347. |
