Feeds

Finger, faceprints get green light for Europe's ID standard

Here's looking at you, ID

  • alert
  • submit to reddit

Security for virtualized datacentres

The European Union has taken the first step towards standardised ID with biometrics on-board, in the shape of two proposals from the Commission covering a uniform format for visas and residence permits for third country nationals. But this is only the first stage; the Commission's announcement notes that The Thessaloniki European Council earlier this year "confirmed that 'a coherent approach is needed in the EU on biometric identifiers or biometric data which would result in harmonised solutions for documents for third country nationals, EU citizens' passports and information systems (VIS and SIS II)', and invited the Commission 'to prepare the appropriate proposals, starting with the visa.'"

Given the desire for "harmonised solutions" it is perfectly reasonable to see the Commission's third country national proposals as green-lighting the use of biometrics in a future Europe-wide standard ID document. The proposals put forward facial image as a "primary biometric identifier in order to ensure interoperability", presumably with other systems which are designed with the work of the ICAO (International Civil Aviation Organisation) on biometrics in mind. Fingerprint is put forward as a secondary biometric identifier "as it provides the best solution for so-called 'background checks'."

We have no idea why, but possibly the Commission here means that fingerprints are currently a more established and proven technology than facial image. Note however that here we're talking more about a 'faceprint', than facial recognition, and that currently comparing your actual fingerprints with a centrally-held set is a lot more doable than comparing your actual face.

The Commission describes the use of biometrics as "introducing modern technologies to combat not only document fraud, but also fraudulent use by establishing a more reliable link between the holder and the visa and residence permit format." So the birth of a standard European format for biometric ID will be music to the ears of those politicians (e.g. our very own David Blunkett*) who wish to do that very thing. It is perfectly feasible, even probable that the format will domino from residence permit through passport and ID card to driving licence, "entitlement" card, becoming a universal standard even in situations where biometric ID in unnecessary or even inappropriate.

Statewatch points out that the Commission is proposing the new measures in the form of a regulation which applies across the EU, and leaves member States no discretion, as would be the case with a directive, and notes that also although the Commission says that the data held will come under the EC 1995 Directive on data protection "it also highlights the inadequacy of the data protection regime at national level across the EU." Effectively, the Commission is proposing to land Europe's data protection authorities with a whole new area to supervise, and expecting them to more or less figure it out for themselves.

Statewatch editor Tony Bunyan said the proposals "show that the EU is just as keen as the USA to introduce systems of mass surveillance which have much more to do with political and social control than fighting terrorism.

"To the proposed surveillance of all telecommunications is added the control of movement of all visitors and third country nationals, to be followed by that of EU citizens too. How long will it be before there will be a compulsory EU identity card? All the data will be held on the EU-wide Schengen Information System which can be accessed by tens of thousands of officials - how long will it be before biometrics collected for travel documents will be used for other purposes?" ®

* Who was weirdly quiet on ID cards in his conference speech yesterday. In an interview earlier in the day, however, he extolled the virtues of cards in dealing with "illegal and clandestine entry" and "fraudulent use of the health service - we cannot provide it free to the rest of the world." Exactly how an ID card system helps in cases of asylum seekers who, as he'd just been fulminating, have thrown away their documentation, he did not alas make clear.

Related links

Statewatch analysis

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.