Feeds

Privacy chief says biometric concessions not good enough

'Kids and the elderly should be exempted'

Build a business case: developing custom apps

Proposed Europe-wide rules governing biometric passports are still unsatisfactory despite some concessions, according to the European Data Protection Supervisor (EDPS).

The European Commission has proposed a revision of EU regulations governing the issuing of passports. The new rules demand that passports contain certain security features involving biometric identifiers in the form of fingerprints.

The EDPS, Peter Hustinx, has reviewed the proposed rules and identified some welcome exemptions, principally for children and the elderly. But he said that the concessions do not go far enough to protect the rights of citizens.

"The fact that the commission took into account the need for fallback procedures, stated in previous opinions, is more than welcomed," said Hustinx. "These exemptions are, however, still unsatisfactory. They fail to address all the possible and relevant issues triggered by the inherent imperfections of biometric systems, and more specifically those related to children and elderly."

The European Council first accepted regulations on biometrics in passports in 2004 and the commission has now proposed amendments to those regulations. Those include exemptions for children under six years old from giving fingerprints, as well as those physically unable to give fingerprints. The EDPS said this was not good enough.

"The proposed six-year age limit should be considered as a provisional one, or brought in line with international practice (14 years)," said the EDPS statement. "After three years, the age limit should be reviewed and defined by an in-depth study which is to identify the accuracy of the systems obtained under real conditions."

The opinion also pointed out that the reliability and accuracy of fingerprints decreases as people get older, and that regulations should take account of this. "An age limit for the elderly, based on similar experiences already in place (79 years), should be introduced as an additional exemption."

Hustinx also recommended to the commission that it investigate the widely divergent practices of obtaining a passport in the first place in the EU member states. So-called breeder documents such as birth certificates and driving licences are used to obtain a passport.

"The passport is only one link of a security chain starting from these "breeder" documents and ending at border check points…this chain will only be as secure as its weakest link," said the EDPS, recommending that the commission harmonise the production of breeder documents.

In his opinion, Hustinx said by law he should have been consulted by the European Commission over the proposals but was not. "The EDPS regrets that the European Commission did not comply with its legal obligation to consult him and expects to be consulted in the future on all proposals falling within the scope of Article28(2)."

That Article is part of a European Regulation which says that the EDPS must be consulted in areas relating to data processing and individuals' rights and freedoms.

Copyright © 2008, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

The smart choice: opportunity from uncertainty

More from The Register

next story
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
UK Parliament rubber-stamps EMERGENCY data grab 'n' keep bill
Just 49 MPs oppose Drip's rushed timetable
MPs wave through Blighty's 'EMERGENCY' surveillance laws
Only 49 politcos voted against DRIP bill
EU's top data cops to meet Google, Microsoft et al over 'right to be forgotten'
Plan to hammer out 'coherent' guidelines. Good luck chaps!
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
Delaware pair nabbed for getting saucy atop Mexican eatery
Burrito meets soft taco in alleged rooftop romp outrage
LightSquared backer sues FCC over spectrum shindy
Why, we might as well have been buying AIR
'Two-speed internet' storm turns FCC.gov into zero-speed website
Deadline for comments on net neutrality shake-up extended to Friday
prev story

Whitepapers

Reducing security risks from open source software
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.