Plans for biometric documents
01 August 2003
The European Commission has produced two draft Regulations (25.9.03) to introduce two sets of biometric data (fingerprints and facial image) on visas and resident permits for third country nationals by 2005 (see Statewatch vol 13 no 3/4). The biometric data and personal details on visas will be stored on national and EU-wide databases and be accessible through the Visa Information System (VIS) held on the Schengen Information System (SIS II). The proposal is silent on whether the biometrics and data on third country nationals will also be held on the SIS, though it is clear that national registers of third country nationals resident in every EU member state will be created (a long-standing demand by the German government will thus be put into practice). That this same information will also be held on the SIS is inevitable.
Another proposal for the inclusion of biometrics and personal data: "in relation to documents of EU citizens, will follow later this year"
What is particularly of concern about the two proposals is that the two groups who will be affected first are resident third country nationals who are largely migrants from the Third World and those needing visas to enter/visit. People from most Third World - 135 countries - need visas to enter, but the "white list" or countries who can enter without visas will not be affected - there are 33 countries on this list, 12 of whom are EU accession/applicant countries - the remaining 31 countries include USA, Canada, Australia, New Zealand, Japan, Israel, Switzerland, Croatia, South Korea, Singapore, Mexico and eight South American countries.
How is data protection possible when the present system cannot cope? Although the Commission says that the data held will come under the EC 1995 Directive on data protection it also highlights the inadequacy of the data protection regime at national level across the EU. These authorities are "under-resourced" as the first report on the 1995 Directive found (this first report took eight years to produce). Lack of resources "may affect independence" and there are "serious concerns" over their ability to carry out their existing roles.
To this might be added that the powers of investigation of national data protection authorities vary greatly from state to state, as does the size of their staff and budget. Most are under-resourced and few have "investigative powers" which are meaningful (ie: the power to arrive unannounced to carry out an inspection).
The EU has already undermined the principles of the 1995 Data Protection Directive in the Europol-USA agreement and the recent EU-US agreement on mutual cooperation on extradition and judicial cooperation - and looks set to follow this by conceding to US demands for access to data on airline passengers.
Commission proposal for a Regulation on biometrics documents: COM (2003) 558. See: www.statewatch.org/news/2003/sep/19eubiometric.htmupda