Feeds

Home Office to order fingerprinting of air passengers

T5 plan back, but bigger and nastier

The smart choice: opportunity from uncertainty

Updated Fingerprinting of air passengers in the UK is back on the agenda, despite its having been derailed by the Information Commissioner earlier this year. the Home Office now plans to change aviation security rules to compel airport operators to collect fingerprints from next year onwards.

A 'count them in, count them out' system had been intended to be introduced on the opening of Heathrow Terminal 5 in May, but this was cancelled at the last minute after the Information Commissioner's Office queried the need for it, and warned that it could breach the Data Protection Act.

The British Airports Authority and the Borders & Immigration Agency (now known as the UK Borders Agency, formerly known as the Immigration & Nationality Directorate, sigh...) then argued entertainingly about which of them had wanted fingerprinting, each claiming it had been the other.

Then as now fingerprinting was intended to address the "problem" of airport lounges that mixed international and domestic passengers, the argument from the Home Office being that it would be possible for people to evade border checks by switching tickets with an accomplice. In May the Home Office claimed that it simply wanted a system that made this impossible, not necessarily one that used fingerprints, whereas now it appears to view fingerprints as the only acceptable solution.

According to the UKBA, the system will only be required at airports with mixed lounges. Later, it may also be used at some ports and the Channel Tunnel, although it's not at the moment particularly clear why. At most UK ferry ports it's certainly possible for people to exit the country without a passport check (because the holding area beyond the check isn't secure), but there's no obvious ticket switch scam that could be employed by incoming passengers, and collecting fingerprints would present major logistical difficulties.

Despite the ICO's objections to the T5 scheme in May, it has not been informed by the Home Office of plans to resume implementation or to extend it to other airports. A spokeswoman told The Register that its objections to the scheme that was planned for T5 still stand, and that it is seeking further information from the Home Office. In a statement, it said: "We have requested more information about the requirements the Agency may have for fingerprint checks on passengers where common airport departure lounges are in operation and our discussions with them are continuing. We have not received a formal response to date. Should the government issue instructions to BAA to collect fingerprint information from passengers at Terminal 5, we will examine the details very closely before deciding what action is appropriate."

In addition to being extended geographically, the fingerprinting scheme may also have been extended in scope. Newspaper reports over the weekend claimed that fingerprints collected would be checked against watchlists by UKBA and the security services, and if true, this would represent a very substantial piece of mission creep.

By design the aborted T5 fingerprint system was standalone, with no links to other databases and no retention of fingerprint records. In operation it was simply intended to collect passenger's fingerprints as they entered the departure lounge, and match them up at the gate when they boarded their flight. The fingerprint records collected, BAA said, would be destroyed at the end of each day, and would not generally be accessed by the security services.

The Home Office, in The Register's opinion, would undoubtedly like to be able to use biometrics collected at ports of entry as a dragnet for wanted terrorists and criminals, and will most certainly be doing this when UK passports include fingerprints. But doing this under the 'common lounge' pretext would certainly mean a lot more trouble with the ICO, and probably wouldn't go down well with the travelling public.

We've asked the Home Office whether or not it intends to check the fingerprints against watchlists and/or retain them, but we have yet to get a response. ®

Update A Home Office spokeswoman said that it was difficult to give a "one size fits all" answer to our queries, and that "it would always depend on the situation." We pointed out that the original scheme planned for T5 had effectively been a one size fits all, that fingerprints taken as part of it would have simply been used to control access to the lounge, would not have been checked against watchlists, and would have been destroyed at the end of every working day.

Asked if the new situation was materially different from this, she repeated that it would "depend on individual cases." She added that it would be up to the airports, not UKBA, to satisfy the concerns of the ICO. If, as appears to be the case, the Home Office is reserving the right to examine and retain fingerprints, that's a difficult one to get your head around.

Designing a Defense for Mobile Applications

More from The Register

next story
ONE EMAIL costs mining company $300 MEEELION
Environmental activist walks free after hoax sent share price over a cliff
HP, Microsoft prove it again: Big Business doesn't create jobs
SMEs get lip service - what they need is dinner at the Club
Arrr: Freetard-bothering Digital Economy Act tied up, thrown in the hold
Ministry of Fun confirms: Yes, we're busy doing nothing
Help yourself to anyone's photos FOR FREE, suggests UK.gov
Copyright law reforms will keep m'learned friends busy
Apple smacked with privacy sueball over Location Services
Class action launched on behalf of 100 million iPhone owners
US judge: YES, cops or feds so can slurp an ENTIRE Gmail account
Crooks don't have folders labelled 'drug records', opines NY beak
UK government officially adopts Open Document Format
Microsoft insurgency fails, earns snarky remark from UK digital services head
You! Pirate! Stop pirating, or we shall admonish you politely. Repeatedly, if necessary
And we shall go about telling people you smell. No, not really
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.