Feeds

Privacy chief says biometric concessions not good enough

'Kids and the elderly should be exempted'

5 things you didn’t know about cloud backup

Proposed Europe-wide rules governing biometric passports are still unsatisfactory despite some concessions, according to the European Data Protection Supervisor (EDPS).

The European Commission has proposed a revision of EU regulations governing the issuing of passports. The new rules demand that passports contain certain security features involving biometric identifiers in the form of fingerprints.

The EDPS, Peter Hustinx, has reviewed the proposed rules and identified some welcome exemptions, principally for children and the elderly. But he said that the concessions do not go far enough to protect the rights of citizens.

"The fact that the commission took into account the need for fallback procedures, stated in previous opinions, is more than welcomed," said Hustinx. "These exemptions are, however, still unsatisfactory. They fail to address all the possible and relevant issues triggered by the inherent imperfections of biometric systems, and more specifically those related to children and elderly."

The European Council first accepted regulations on biometrics in passports in 2004 and the commission has now proposed amendments to those regulations. Those include exemptions for children under six years old from giving fingerprints, as well as those physically unable to give fingerprints. The EDPS said this was not good enough.

"The proposed six-year age limit should be considered as a provisional one, or brought in line with international practice (14 years)," said the EDPS statement. "After three years, the age limit should be reviewed and defined by an in-depth study which is to identify the accuracy of the systems obtained under real conditions."

The opinion also pointed out that the reliability and accuracy of fingerprints decreases as people get older, and that regulations should take account of this. "An age limit for the elderly, based on similar experiences already in place (79 years), should be introduced as an additional exemption."

Hustinx also recommended to the commission that it investigate the widely divergent practices of obtaining a passport in the first place in the EU member states. So-called breeder documents such as birth certificates and driving licences are used to obtain a passport.

"The passport is only one link of a security chain starting from these "breeder" documents and ending at border check points…this chain will only be as secure as its weakest link," said the EDPS, recommending that the commission harmonise the production of breeder documents.

In his opinion, Hustinx said by law he should have been consulted by the European Commission over the proposals but was not. "The EDPS regrets that the European Commission did not comply with its legal obligation to consult him and expects to be consulted in the future on all proposals falling within the scope of Article28(2)."

That Article is part of a European Regulation which says that the EDPS must be consulted in areas relating to data processing and individuals' rights and freedoms.

Copyright © 2008, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

The essential guide to IT transformation

More from The Register

next story
GCHQ protesters stick it to British spooks ... by drinking urine
Activists told NOT to snap pics of staff at the concrete doughnut
Britain's housing crisis: What are we going to do about it?
Rent control: Better than bombs at destroying housing
What do you mean, I have to POST a PHYSICAL CHEQUE to get my gun licence?
Stop bitching about firearms fees - we need computerisation
Top beak: UK privacy law may be reconsidered because of social media
Rise of Twitter etc creates 'enormous challenges'
Redmond resists order to hand over overseas email
Court wanted peek as related to US investigation
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
We need less U.S. in our WWW – Euro digital chief Steelie Neelie
EC moves to shift status quo at Internet Governance Forum
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.