Eurodac is a fingerprint database for the comparison of fingerprints of asylum seekers. It was established in 2003 in order to provide fingerprint evidence for Member States when determining the responsible Member State for examining an asylum application made in the European Union. Eurodac serves the implementation of the Dublin Regulation, while these two instruments make up what is commonly referred to as the 'Dublin system'.
In 2013 Eurodac was based on a new legal basis, Regulation (EU) No 603/2013, which enhanced the functioning of Eurodac and laid down conditions for law enforcement access to it under strict conditions for the prevention, detection and investigation of serious crimes and terrorist offences.
Architecture of Eurodac
Eurodac consists of a computerised central fingerprint database ("Central System") and a communication infrastructure between the Central System and Member States that provides an encrypted virtual network dedicated to Eurodac data ("Communication Infrastructure").
While the European Agency for the operational management of large-scale IT systems in the area of freedom, security and justice (eu-LISA) is responsible for the operational management of Eurodac and the communication infrastructure, each Member State has to ensure the security of the data before and during the transmission to the Central System.
Collection and transmission of fingerprints
Each Member State has to take the fingerprints of every applicant for international protection and third-country national or stateless person who is apprehended by the competent control authorities in connection with the irregular crossing by land, sea or air of the border of that Member State having come from a third country and who is not turned back and transmit them to the Central System.
The national supervisory authority for data protection has to monitor, in accordance with its respective national law, the lawfulness of the processing of personal data by the Member State, including their transmission to the Central System. At the same time the European Data Protection Supervisor has to ensure that all the personal data processing activities concerning Eurodac are carried out in accordance with the Eurodac Regulation and Regulation (EC) No. 45/2001.