Feeds

Fingerprints to become compulsory for all EU passports

Now two biometrics, and counting...

  • alert
  • submit to reddit

Security for virtualized datacentres

EU interior ministers are today likely to sign off regulations making fingerprinting a second compulsory biometric for passports. The latest proposed draft regulation will effectively overturn a decision made earlier this year to make only facial image compulsory, and fingerprint optional, and comes in the face of opposition from Sweden Finland, Estonia and Latvia, "could not accept this re-opening of discussions on the second biometric identifier to become mandatory."

The UK has the ability to opt out, but has apparently been supporting a German proposal for a third, "optional" identifier - iris scan. The EU proposal, which can be read at Statewatch, here, ostensibly addresses compliance with ICAO and US requirements for biometric passports and the security of the passport itself. For example, Article 4 (3) specifies that the biometric features shall only be used for verifying "the authenticity of the document" and "the identity of the holder by means of directly available comparable features when the passport or other travel documents are required to be produced by law."

These two basic of objectives of guarding against forgery or tampering, and linking the passport to the individual carrying it can be achieved simply by matching the document up against the individual's biometrics locally. And in fact this is currently the scenario where the preferred international standard of a facial image stands most chance of being reasonably effective, because you're doing a one-to-one rather than a one-to-many check. It is however intended that personal and biometric data will be held both on national databases and on a European Register of issued passports, to be used on the Schengen Information System and to be accessible by law enforcement agencies.

This central database has drawn strong objections on data protection grounds, with the Article 29 working party raising a fundamental objection to its establishment, and stressing that "the sole purpose of the draft Regulation should be verification of the identity of the holder of the travel document which ought to be dealt with by storing biometric data in the travel document itself."

Objections to the legality of the biometric move itself have been raised by the UK Parliament's European Scrutiny Committee, and these objections even seem to be supported by Home Office minister Caroline Flint in correspondence to the Committee. Flint however overcomes her misgivings sufficiently to conclude that the move is in fact legal, while the Committee said it retained "strong doubts."

The addition of fingerprints to the passport's mandatory biometrics is meanwhile helpful from the UK Home Office's point of view, because although the draft regulation is specified as not applying to ID cards, the Home Office views its own plans for an ID system and passports as to all intents and purposes the same thing, with new passports being used initially to build critical mass for the ID system. So it would be helpful if it 'had' to take fingerprints for passports, just as it was helpful that 'having' to (as David Blunkett told us) introduce biometric passports meant that we might as well introduce an ID system, as most of the costs would be incurred in the passport upgrade anyway.

Statewatch editor Tony Bunyan notes that the latest moves mean that 450 million EU citizens will need to attend processing centres to have facial scans and be fingerprinted, and that the intrusion into personal privacy is "compounded by the failure to limit access to the data held and its further use for purposes other than checking on a persons' identity." Statewatch's report and full analysis can be found here. ®

Related stories

Home Office seeks spin doctor to sell cuddly ID card brand
UK ID cards to be issued with first biometric passports
Biometric gear to be deployed in hospitals and GPs' surgeries
UK gov pilots passenger tracking in fight against terror
Tag, track, watch, analyse - UK goes mad on crime and terror IT
Everything you never wanted to know about the UK ID card

Business security measures using SSL

More from The Register

next story
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
OECD lashes out at tax avoiding globocorps' location-flipping antics
You hear that, Amazon, Google, Microsoft et al?
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.