Feeds

Home Office to order fingerprinting of air passengers

T5 plan back, but bigger and nastier

Providing a secure and efficient Helpdesk

Updated Fingerprinting of air passengers in the UK is back on the agenda, despite its having been derailed by the Information Commissioner earlier this year. the Home Office now plans to change aviation security rules to compel airport operators to collect fingerprints from next year onwards.

A 'count them in, count them out' system had been intended to be introduced on the opening of Heathrow Terminal 5 in May, but this was cancelled at the last minute after the Information Commissioner's Office queried the need for it, and warned that it could breach the Data Protection Act.

The British Airports Authority and the Borders & Immigration Agency (now known as the UK Borders Agency, formerly known as the Immigration & Nationality Directorate, sigh...) then argued entertainingly about which of them had wanted fingerprinting, each claiming it had been the other.

Then as now fingerprinting was intended to address the "problem" of airport lounges that mixed international and domestic passengers, the argument from the Home Office being that it would be possible for people to evade border checks by switching tickets with an accomplice. In May the Home Office claimed that it simply wanted a system that made this impossible, not necessarily one that used fingerprints, whereas now it appears to view fingerprints as the only acceptable solution.

According to the UKBA, the system will only be required at airports with mixed lounges. Later, it may also be used at some ports and the Channel Tunnel, although it's not at the moment particularly clear why. At most UK ferry ports it's certainly possible for people to exit the country without a passport check (because the holding area beyond the check isn't secure), but there's no obvious ticket switch scam that could be employed by incoming passengers, and collecting fingerprints would present major logistical difficulties.

Despite the ICO's objections to the T5 scheme in May, it has not been informed by the Home Office of plans to resume implementation or to extend it to other airports. A spokeswoman told The Register that its objections to the scheme that was planned for T5 still stand, and that it is seeking further information from the Home Office. In a statement, it said: "We have requested more information about the requirements the Agency may have for fingerprint checks on passengers where common airport departure lounges are in operation and our discussions with them are continuing. We have not received a formal response to date. Should the government issue instructions to BAA to collect fingerprint information from passengers at Terminal 5, we will examine the details very closely before deciding what action is appropriate."

In addition to being extended geographically, the fingerprinting scheme may also have been extended in scope. Newspaper reports over the weekend claimed that fingerprints collected would be checked against watchlists by UKBA and the security services, and if true, this would represent a very substantial piece of mission creep.

By design the aborted T5 fingerprint system was standalone, with no links to other databases and no retention of fingerprint records. In operation it was simply intended to collect passenger's fingerprints as they entered the departure lounge, and match them up at the gate when they boarded their flight. The fingerprint records collected, BAA said, would be destroyed at the end of each day, and would not generally be accessed by the security services.

The Home Office, in The Register's opinion, would undoubtedly like to be able to use biometrics collected at ports of entry as a dragnet for wanted terrorists and criminals, and will most certainly be doing this when UK passports include fingerprints. But doing this under the 'common lounge' pretext would certainly mean a lot more trouble with the ICO, and probably wouldn't go down well with the travelling public.

We've asked the Home Office whether or not it intends to check the fingerprints against watchlists and/or retain them, but we have yet to get a response. ®

Update A Home Office spokeswoman said that it was difficult to give a "one size fits all" answer to our queries, and that "it would always depend on the situation." We pointed out that the original scheme planned for T5 had effectively been a one size fits all, that fingerprints taken as part of it would have simply been used to control access to the lounge, would not have been checked against watchlists, and would have been destroyed at the end of every working day.

Asked if the new situation was materially different from this, she repeated that it would "depend on individual cases." She added that it would be up to the airports, not UKBA, to satisfy the concerns of the ICO. If, as appears to be the case, the Home Office is reserving the right to examine and retain fingerprints, that's a difficult one to get your head around.

Beginner's guide to SSL certificates

More from The Register

next story
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
'Cowardly, venomous trolls' threatened with TWO-YEAR sentences for menacing posts
UK government: 'Taking a stand against a baying cyber-mob'
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Arab States make play for greater government control of the internet
Nerds told to get lost in last-minute power grab bid at UN meeting
Zippy one-liners, broken promises: Doctor Who on the Orient Express
Series finally hits stride, but Clara's U-turn is baffling
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
Apple SILENCES Bose, YANKS headphones from stores
The, er, Beats go on after noise-cancelling spat
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.