Feeds

Home Office to order fingerprinting of air passengers

T5 plan back, but bigger and nastier

Choosing a cloud hosting partner with confidence

Updated Fingerprinting of air passengers in the UK is back on the agenda, despite its having been derailed by the Information Commissioner earlier this year. the Home Office now plans to change aviation security rules to compel airport operators to collect fingerprints from next year onwards.

A 'count them in, count them out' system had been intended to be introduced on the opening of Heathrow Terminal 5 in May, but this was cancelled at the last minute after the Information Commissioner's Office queried the need for it, and warned that it could breach the Data Protection Act.

The British Airports Authority and the Borders & Immigration Agency (now known as the UK Borders Agency, formerly known as the Immigration & Nationality Directorate, sigh...) then argued entertainingly about which of them had wanted fingerprinting, each claiming it had been the other.

Then as now fingerprinting was intended to address the "problem" of airport lounges that mixed international and domestic passengers, the argument from the Home Office being that it would be possible for people to evade border checks by switching tickets with an accomplice. In May the Home Office claimed that it simply wanted a system that made this impossible, not necessarily one that used fingerprints, whereas now it appears to view fingerprints as the only acceptable solution.

According to the UKBA, the system will only be required at airports with mixed lounges. Later, it may also be used at some ports and the Channel Tunnel, although it's not at the moment particularly clear why. At most UK ferry ports it's certainly possible for people to exit the country without a passport check (because the holding area beyond the check isn't secure), but there's no obvious ticket switch scam that could be employed by incoming passengers, and collecting fingerprints would present major logistical difficulties.

Despite the ICO's objections to the T5 scheme in May, it has not been informed by the Home Office of plans to resume implementation or to extend it to other airports. A spokeswoman told The Register that its objections to the scheme that was planned for T5 still stand, and that it is seeking further information from the Home Office. In a statement, it said: "We have requested more information about the requirements the Agency may have for fingerprint checks on passengers where common airport departure lounges are in operation and our discussions with them are continuing. We have not received a formal response to date. Should the government issue instructions to BAA to collect fingerprint information from passengers at Terminal 5, we will examine the details very closely before deciding what action is appropriate."

In addition to being extended geographically, the fingerprinting scheme may also have been extended in scope. Newspaper reports over the weekend claimed that fingerprints collected would be checked against watchlists by UKBA and the security services, and if true, this would represent a very substantial piece of mission creep.

By design the aborted T5 fingerprint system was standalone, with no links to other databases and no retention of fingerprint records. In operation it was simply intended to collect passenger's fingerprints as they entered the departure lounge, and match them up at the gate when they boarded their flight. The fingerprint records collected, BAA said, would be destroyed at the end of each day, and would not generally be accessed by the security services.

The Home Office, in The Register's opinion, would undoubtedly like to be able to use biometrics collected at ports of entry as a dragnet for wanted terrorists and criminals, and will most certainly be doing this when UK passports include fingerprints. But doing this under the 'common lounge' pretext would certainly mean a lot more trouble with the ICO, and probably wouldn't go down well with the travelling public.

We've asked the Home Office whether or not it intends to check the fingerprints against watchlists and/or retain them, but we have yet to get a response. ®

Update A Home Office spokeswoman said that it was difficult to give a "one size fits all" answer to our queries, and that "it would always depend on the situation." We pointed out that the original scheme planned for T5 had effectively been a one size fits all, that fingerprints taken as part of it would have simply been used to control access to the lounge, would not have been checked against watchlists, and would have been destroyed at the end of every working day.

Asked if the new situation was materially different from this, she repeated that it would "depend on individual cases." She added that it would be up to the airports, not UKBA, to satisfy the concerns of the ICO. If, as appears to be the case, the Home Office is reserving the right to examine and retain fingerprints, that's a difficult one to get your head around.

Beginner's guide to SSL certificates

More from The Register

next story
Facebook pays INFINITELY MORE UK corp tax than in 2012
Thanks for the £3k, Zuck. Doh! you're IN CREDIT. Guess not
Google Glassholes are UNDATEABLE – HP exec
You need an emotional connection, says touchy-feely MD... We can do that
Lawyers mobilise angry mob against Apple over alleged 2011 Macbook Pro crapness
We suffered 'random bouts of graphical distortion' - fanbois
Just don't blame Bono! Apple iTunes music sales PLUMMET
Cupertino revenue hit by cheapo downloads, says report
US court SHUTS DOWN 'scammers posing as Microsoft, Facebook support staff'
Netizens allegedly duped into paying for bogus tech advice
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Verizon bankrolls tech news site, bans tech's biggest stories
No agenda here. Just don't ever mention Net neutrality or spying, ok?
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.