Counter-Terrorism and the EU Strategy for Border Security: Framing Suspects with Biometric Documents and Databases

Counter-Terrorism and the EU Strategy for Border Security: Framing Suspects with Biometric Documents and Databases

Anneliese Baldaccini*

This article examines the way in which the EU amd its Member States have approached border security issues since the terrorist attacks in the US on 11 September 2001. A key aspect of this approach has been to tighten control of borders and the safety of documents by the use of biometric systems. The new poli- cies on border security and document security are resulting in the mass collection and storage of biomet- ric data in relation to third-country nationals seeking entry into the territory of EU Member States, and in relation to EU nationals within the context of travel and identity documents. These developments are significant as the Union is considering the potential offered by biometrics not only for the effective man- agement of borders but also for the prevention and combating of crime.

Border control; document security; biometrics; information systems; SIS; VIS; Euodac


The attacks in the US on 11 September 2001 had a profound effect on the way the EU would shape its policy in the field of migration and the free movement of people in the internal area without border control. The institutions’ immediate attention focused on the perceived weakness of the EU’s external borders and the need to guarantee the control over criminals or terrorists who might try to enter into the free border area of the European Union. External border control and internal security became two sides of the same coin.

This article examines the relation constructed at EU level between cross-border movement of people and internal security in the wake of 11 September 2001. The significance of the nexus between terrorism and immigration in the exceptional security measures enacted by the EU and its Member States, with the resultant erosion of the right to asylum, precariousness of legal residence and criminalisation of irregular stay, has been examined elsewhere.1

*) Committee Specialist, House of Lords EU Committee. The views expressed herein are personal and bind solely the author.

The analysis here will focus on a different framing of the debate, one that is structured around the concept of border security and the greater use of new policing technologies and electronic immigration databases. There is a growing mass of sensitive personal data on third-country nationals that is being collected, stored and processed for immigra- tion related purposes. These data are increasingly to be used for crime-related purposes and new measures are being put in place which will provide the law enforcement community with a powerful apparatus for surveillance and control. The implications of these developments for the freedoms we cherish in our society have yet to be considered.

Border Security

The term ‘border security’ has become a common usage in EU policy but it is an elusive concept. Talk used to be of border controls, then the terminology shifted and it is border security which EU policy makers now seek to achieve.2 This shift is indicative of a linkage between crime and migration, which predates 11 Sep- tember 2001 but which the terrorist scare after the attacks in Washington and New York has helped to forge.

The concept merges the separated yet inextricably linked policies on border control and internal security and captures vividly the emphasis on the enforce- ment aspects of the EU immigration policy. Thus, border security is viewed as essential to protect citizens and infrastructure and reduce the EU’s vulnerability to attack, which is a central objective of the EU counter-terrorism strategy.3 To improve border security, the strategy relies on the ever-greater sophistication of security technology, in particular the use of biometric features in passports, visas, residence permits and identity documents, and the development and expansion of EU-wide information systems.

Document Security

The connection between document security and terrorism is a tenuous one. The evidence so far has been that terrorists tend to cross borders legally, use their real

1) See A. Baldaccini and E. Guild (eds), Terrorism and the Foreigner. A Decade of Tension around the Rule of Law in Europe, Martinus Nijhoff Publishers, 2007.

2) For an analysis of the factors behind this shift in terminolgy, see V. Mitsilegas, ‘Border Security in the European Union: towards centralised controls and maximum surveillance’, in A. Baldaccini, E. Guild and H. Toner (eds), Whose Freedom, Security and Justice? EU Immigration and Asylum Law, Hart Publish- ing, 2007.

3) See EU Council Secretariat Factsheet, The European Union and the Fight Against Terrorism, Brussels, 9 March 2007.

identities and reside legitimately in the host country. Those who were involved in the US attacks and in the Madrid bombings had valid or expired visas or were equipped with legitimate residence permits or identification cards. The four young people who committed the suicide attacks in London were British citizens. Nevertheless, Member States see the detection of persons who attempt to enter the EU on forged documents and the prevention of the use of false identities as essential to the fight against terrorism.

The most reliable means of detecting counterfeit or forged documents and ascertaining whether the holder of a document and the person to whom the document has been issued are one and the same is in the use of biometrics. A biometric is a unique identifying physical characteristic such as facial recognition, iris pattern or fingerprints. In the aftermath of 11 September, the International Civil Aviation Organization (ICAO) adopted an international blueprint for the integration of biometric identification information into travel documents, select- ing facial recognition as the globally interoperable biometric for machine-assisted identity confirmation.4 EU initiatives to integrate biometric identifiers into visas, residence permits and passports followed suit.

In September 2003, the European Commission produced two draft Regula- tions to introduce two sets of biometric data (fingerprints and digitised photo- graphs) on visas and residence permits for third country nationals by 2005.5 Both in relation to visas and residence permits, amending Regulations had been adopted the previous year to increase security features in these documents, based on the specifications set out by the ICAO.6 However, a number of Member States wanted further biometric data to be stored and the June 2003 European Council of Thessaloniki invited the Commission to prepare proposals for a “coherent approach” in the EU on biometric identifiers to result in “harmonised solutions for documents for third country nationals, EU citizens’ passport and information systems”.7

The Commission proposals envisaged that, in addition to the inclusion of the digitised photograph and fingerprints in visas and residence permits, both bio- metric data were to be stored on a chip in the visa sticker and the sticker version

4) ICAO Document 9303. Specifications are published in three separate parts for each type of machine- readable travel document: part 1 for passports, part 2 for visas, and part 3 for official travel documents (cards).

5) COM(2003) 558 final, 24 September 2003. See also N. Coleman, ‘From Gulf War to Gulf War – Years of Security Concern in Immigration and Asylum Policies at European Level’, in Baldaccini and Guild (eds), above n. 1, pp. 72–75; S. Peers, EU Justice and Home Affairs Law, OUP, 2nd ed. 2006, pp. 232–4.

6) Council Regulation (EC) No 334/2002 of 18 February 2002 amending Regulation (EC) No. 1683/95 laying down a uniform format for visas [2002] OJ L 53/7; Council Regulation (EC) No. 1030/2002 of 13 June 2002 laying down a uniform format for residence permits for third-country nationals [2002] OJ L 157/1.

7) Presidency Conclusions, Thessaloniki European Council, 19–20 June 2003, para. 11.

of the residence permit affixed to the passport. However, it later emerged that this was technically not feasible due to interference problems between several chips in the passport and led to the proposals being withdrawn. A modified proposal in relation to biometric residence permits was tabled in 2006.8 The pursued option was that the use of stickers for residence permits would be phased out and they would only be issued in card format. With regard to visas, it was decided that no biometric chip would be inserted into them. For the time being, the biometric identifiers would only be stored in the planned Visa Information System (VIS).9 Visa holders presenting themselves at the border could have their face and fingerprints scanned and run through the VIS to verify their identity and the authenticity of their visa.10

The security features in residence permits and visas have thus been aligned with those in passports. A Regulation harmonising the security features in EU pass- ports was adopted in 2004.11 This was prompted by American demands for the inclusion of high-security features in the passports of countries subject to the American visa waiver programme (VWP).12 The Regulation requires passports to be issued with facial image chips by August 2006 and digital fingerprints to be integrated in 2008. The Community competence to adopt this Regulation has been questioned, given that the power to adopt legislation to facilitate the free movement rights of EU citizens explicitly excludes provisions on passports, along with provisions on identity cards and other documents concerning EU citizens.13 While the passport Regulation is based on the EC competence to enact measures dealing with the crossing of external borders,14 passports are also frequently used within the EU territory as proof of identity (for instance, in Member States that do not have identity cards) and the legislation would arguably have required a specific legal base in this respect too. It is interesting to note that the Treaty of Lisbon, signed on 13 December 2007, amends the EC Treaty so as to place the adoption of measures on passports, identity cards, residence permits and similar documents in the relevant Title IV Chapter on border checks.15 This seems to be an implicit recognition of the shaky legal position in the competence exercised so far.

8)  COM(2006) 110 final, 10 March 2006.

9)  Ibid., p. 3 referring to a Strategic Committee on 21–22 June 2005 in Luxembourg where this decision

was taken.

10)  See ‘Plan to put biometrics in visas and residence permits revised’, Europolitics, 15 March 2006, p. 9.

11)  Council Regulation (EC) No. 2252/2004 of 13 December 2004 on standards for security features and

biometrics in passports and travel documents issued by Member States [2004] OJ L 385/1. The UK challenged this Regulation before the Court of Justice due to the Council’s refusal to allow it to opt in. See Case C-137/05 UK v Council. The Court delivered its judgment on 18 December 2007, find- ing against the UK.

12)  Currently, all ‘old’ EU Member States, except Greece, are part of the VWP.

13)  See Article 18(3) EC Treaty. Peers, above n. 5, pp. 108–9.

14)  Article 62(2)(a) EC Treaty.

15)  Treaty of Lisbon amending the Treaty on European Union and the Treaty establishing the European

The Community has not attempted to prescribe security standards in the iden- tity documents of EU citizens where there is no fallback provision for the lack of competence. In December 2005, however, the Council adopted Conclusions on Common minimum security standards for national identity cards which encour- age Member States to require biometric identifiers as part of the cards, based on those applicable to passports.16 Some Member States already issue identity cards with biometric identifiers; others do not issue identity cards at all. In the UK the issue spurred an intense debate. As will be shown below, the development of the EU document security architecture, following the 11 September attacks, has allowed the UK government to push through a widely unpopular scheme for national identity cards.

The New Scheme for Biometric ID Cards in the UK

The UK has never had ID cards, save during the two World Wars, and the general public has strong civil liberties objections to them. With the EU mandating biometric passports for its citizens, and the US imposing a fingerprint require- ment on all visitors to the US who have not hitherto required a visa, the UK government presented the case for recording biometric information and issuing more secure identity documents as unavoidable. The arguments presented to jus- tify politically their phased introduction were based variably and with varying emphasis on the fact that they would deter international terrorism and political violence, end benefit fraud, stop illegal immigration, resolve asylum troubles and tackle illegal working in the UK.17 After a first Identity Card Bill introduced into Parliament fell at dissolution in April 2005, eventually, legislation was passed setting up the framework for the introduction of the national ID card scheme, but leaving the bulk of the detail for regulations to be issued later and the com- pulsory provisions for a future Act.18 A National Identity Register is to be created to hold all the information about those who have been issued with a biometric identity card.

The scheme will be rolled out in stages. Initially, no one will be required to register for a card unless or until they apply for, or re-apply for, a passport. This first stage will then be followed by the second, in which it will be compulsory to have a card. The government expects most people in the UK to have biometric ID cards by 2013, and it is probably at that point that the ‘move to compulsion’ would be considered.

16)  Conclusions, Justice and Home Affairs Council, 1–2 December 2005, Doc. 14390/05 (Presse 296).

17)  For the political background, see House of Commons Library Research Paper 05/43, The Identity Cards Bill, 13 June 2005.
18) Identity Cards Act 2006.

The two-stage ID card scheme, starting with a voluntary phase (with the exclu- sion of those applying for a passport), was devised to assuage the strong opposition in and outside Parliament. Critics argued that the IDs would have a negligible impact on crime and terrorism, impact disproportionately on ethnic minorities, represent a serious threat to civil liberties, be costly to implement and rely on unproven new technology. Concern about the reliability of biometrics was cor- roborated by a government study which supported the view that biometric systems were by no means foolproof and that risk of inaccuracies would be magnified in any large scale applications.19 The government is now suggesting that the technol- ogy might be tested by rolling out a scheme for biometric ID cards on foreigners.

The provisions for new compulsory biometric immigration ID cards (BIDs) are contained in the UK Borders Act published on 30 October 2007. It requires foreign (non-EEA) nationals who produce their BID to provide biometric infor- mation on demand for comparison with information provided in the document (presumably via portable fingerprint scanners). The government envisages stag- gered implementation starting with those categories of immigrants who present the greatest risk to immigration control. This is explicitly stated to be a trial of the technology in view of the implementation of the ID card scheme for British citi- zens. The government believes that the discrimination involved in requiring for- eign nationals to register compulsorily before British citizens is objectively justified and proportionate.20

Expanding the European Information Network

The EU has established several databases to support the implementation of the Community’s policies in the field of immigration, visa, asylum and the free move- ment of persons in the Schengen area. The section below will consider those which have become a focus of particular attention in the context of the EU’s border security strategy. They all have in common that they contain personal data on third-country nationals and are being developed, expanded in scope and equipped with the latest security technology with a view to their potential use in fighting crime and preventing security risks.

19) Cabinet Office, Identity fraud: a study, July 2002, p. 61.
20) For comprehensive background information and an analysis of the Bill, see House of Commons Library Research Paper 07/11, The UK Borders Bill, 31 January 2007.

Schengen Information System (SIS)

The Schengen Information System is a multinational database set up under the 1990 Schengen Convention on the abolition of internal borders.21 It began oper- ation in 1995 and holds data on people wanted for arrest or extradition, missing persons, stolen vehicles, firearms and other objects, and on third-country nationals to be refused entry into the Schengen area. The information is used for controls of persons at external borders or on national territory and for the issuing of visas and residence permits, as well as for more general purposes of assisting police and judicial cooperation.

At present, the SIS is operational for 15 States (13 Member States, Iceland and Norway). The database is in the process of being overhauled and expanded and a second generation Schengen Information System (SIS II) is to become opera- tional at the end of 2008.22 The SIS II will allow for wider use and new categories of data, and be up-to-speed with the developments in information technology.23 Expansion plans go as far back as 1997,24 prompted by the EU prospects for fur- ther enlargement, as the SIS had been set up with the capacity to service only a maximum of 18 participating States. After 11 September 2001, the function extended to provide for the fight against terrorism25 and adapted to enable the storage of biometric data (photographs and fingerprints).

The addition of biometric information to the SIS is one of the key aspects of the overhaul. SIS is currently based on alphanumeric data which allow only for two results: hit or no hit. Biometric systems, instead, are designed to search for an acceptable degree of similarity and are more effective, therefore, in linking infor- mation to persons. They will also significantly improve the possibilities for police searches. In particular, biometric data can be used both to confirm someone’s identity (one-to-one search) and to identify somebody (one-to-many search). One-to-many searches transform the nature of the SIS from a database used for control purposes to one which can be used for investigative purposes, enabling so-called ‘fishing expeditions’ in which people registered in the database will form a suspect population.26 Data protection authorities have warned that the use of biometrics as a unique means of identification can have serious consequences for those who are wrongly identified, given the tendency of authorities to overesti- mate the reliability of biometrics.27 A case cited by the European Data Protection Supervisor (EDPS) in his Opinion on SIS II is that of a lawyer from Portland (US), who was wrongly identified as a terrorist and detained because his fingerprint successfully matched one found in the Madrid bombing.

21) Articles 92–119 of the Schengen Convention. The Schengen Convention was incorporated into the EU/EC legal framework by the Treaty of Amsterdam. For the Convention and the Schengen acquis, see [2000] OJ L 239/19.

22) Precisely on 17 December 2008 according to Council Conclusions on the SIS, Doc. 10586/07, 8 June 2007, para. 13.

23) Legislation for the establishment of the SIS II comprises: Regulation (EC) No. 1987/2006 of the European Parliament and of the Council of 20 December 2006 on the establishment, operation and use of the second generation Schengen Information System (SIS II) [2006] OJ L381/4; Council Decision on the establishment, operation and use of the second generation Schengen Information System (SIS II), Doc. 14914/06 (not yet published). These two instruments replace Articles 92–119 of the Schengen Convention. In addition, the Community adopted Regulation (EC) No. 1986/2006 regarding access to the Second Generation Schengen Information System (SIS II) by the services in the Member States responsible for issuing vehicle registration certificates [2006] OJ L 381/1.

24) Decision SCH/Com-ex (97) 24 of the Executive Committee of 7 October 1997 [2000] OJ L 239/442.

25) Council Regulation (EC) No. 871/2004 of 29 April 2004 concerning the introduction of some new functions for the Schengen Information System, including in the fight against terrorism [2004] OJ L 162/29; Council Decision 2005/211/JHA of 24 February 2005 concerning the introduction of some new functions for the Schengen Information System, including in the fight against terrorism [2005] OJ L 68/44.

It was subsequently proven that the matching process was flowed.28 The European Parliament, which had co-decision power on the Regulation setting up the SIS II, also had reserva- tions on the use of SIS to identify third country nationals on the basis of their biometric information.29 The ensuing compromise was to subject the biometric search function in the SIS II to a Commission report on the availability and readiness of the relevant technology.30 The expectation, however, is that biometric searches will be enabled as soon as SIS II becomes operational.31 The haste in allowing the biometric search function is troubling in the absence of provisions on misused identity and inaccurate identification due to technological failure, let alone any provision on compensation for those who have been wrongly identified.32

While SIS is a database with both immigration and crime-related functions, the bulk of SIS exchanges on persons concern data on third-country nationals who should be denied entry. Latest statistics show that at the beginning of 2007, nearly 900,000 people were listed in the SIS, of which 750,000 were third- country nationals reported for non-admission.33 There is wide divergence in national practices to registering people in the SIS, and this is likely to remain so with SIS II, as the relevant legislation does not harmonise the substantive rules for listing persons to be denied entry, thus continuing to leave a wide degree of

26) See Statewatch Analysis, ‘SIS II: fait accompli? Construction of EU’s Big Brother database underway’, May 2005.

27) See, in this respect, the Opinion of the European Data Protection Supervisor on the draft SIS II leg- islation, [2006] OJ C 91/38. Also, House of Lords European Union Committee, 9th Report of Session 2006–07, Schengen Information System II (SIS II), HL Paper 49, 2 March 2007.

28)  EDPS Opinion, above n. 27, at p. 44.

29)  See European Parliament Report, A6-0335/2006 of 13 October 2006.

30)  Article 22(c) of the SIS II Regulation and Decision.

31)  Council Conclusions on the SIS, Doc. 10586/07, 8 June 2007, para. 15.

32)  See the contribution in this issue by Audrey Macklin on the Arar case for an account of just how damaging it can be to an individual to be wrongly identified as terrorist suspect, which no amount of compensation can ever put right.

33) See SIS Database Statistics as at 1 January 2007, Doc. 6178/07 of 13 February 2007.

discretion to Member States.34 Some Member States, notoriously Germany and Italy, interpret the criteria for listing unwanted third-country nationals rather widely, with the result that they account for the vast majority of data entered into the system. This is a matter of considerable concern as the consequences of being registered in the SIS for third-country nationals will in the future not be limited to refusal of entry into the Schengen area. Once biometric searches are enabled, those 750,000 third-country nationals (a number likely to grow considerably with the expansion of the database) will form part of a suspect population whose data will be trawled through for the purpose of police investigations.

The EU’s securitisation agenda is resulting in a shift of purpose of the SIS from a border control tool to a reporting and investigation system for general crime detection purposes: the database, originally conceived of as a compensatory mea- sure for the lifting of internal border controls, is being developed in a way that disconnects it from its original purpose of allowing the free movement of people in the Schengen area and makes it an objective in itself.35 This disconnection is best exemplified in the decision by the Council to extend, from 1 September 2007, SIS access to the new Member States which acceeded to the EU in 2004 (with the exception of Cyprus) prior to the lifting of checks at internal borders with the Member States concerned.36

Visa Information System

The decision to establish the Visa Information System (VIS) is a direct conse- quence of the terrorist attacks of 11 September. At the extraordinary Council meeting that followed the attacks, the Home Affairs and Justice Ministers decided that procedures for the issue of visas should be tightened and that the Commis- sion make proposals for the establishment of a network for information exchanges concerning visas issued by Member States.37

The VIS is to collect and store fingerprints and other biometric identifiers of all third-country nationals applying for short-term visas. The objectives of the VIS, as set out in the Council guidelines are: to combat fraud; improve consular co-operation; facilitate border and police checks; prevent ‘visa shopping’; facilitate

34) See Article 24 SIS II Regulation. The Commission will be able to make proposals to achieve greater harmonisation further to a review of the implementation of this article, three years after entry into force of the Regulation (Article 24(5)).

35) It should be noted, however, that the SIS in respect of alerts on persons and objects for discrete checks – in its current, first generation version under Article 99 of the Schengen Convention – has already a cer- tain investigative function.

36) Council Decision of 12 June 2007 on the application of the provisions of the Schengen acquis relating to the Schengen Information System in the Czech Republic, the Republic of Estonia, the Republic of Latvia, the Republic of Lithuania, the Republic of Hungary, the Republic of Malta, the Republic of Poland, the Republic of Slovenia and the Slovak Republic [2007] OJ L 179/46.

37) See extraordinary Council meeting of 20 September 2001, Doc. 12019/01 (Presse 327), para. 26. Also Peers, above n. 5, p. 165.

the application of the Dublin Regulation and the expulsion of third-country nationals; contribute towards improving the administration of the common visa policy and towards internal security and combating terrorism.38 Subsequently, the Council expressed the view that “the aim of enhancing internal security and counter-terrorism can only be fully achieved if it is ensured that the Member States’ authorities responsible for internal security have access to the VIS.”39

A Council Decision which gives the Commission the mandate to prepare the technical development of VIS through Community financing was adopted on 8 June 2004.40 In the same year, the Commission proposed implementing legisla- tion defining the functionalities of the information system, and establishing procedures and conditions for the exchange of data between Member States on short-stay visa applications.41 The data to be processed include not only alphanu- meric data and photographs but also applicants’ fingerprint data. Agreement on this Regulation was reached at the Justice and Home Affairs Council meeting of 12/13 June 2007.42

The system will be closely integrated with the revised version of the SIS. Infor- mation will be collected by Member States’ consulates and then transferred to a central database where it will be accessible by all relevant authorities. The system’s capacity will provide for the connection of at least 12,000 users in 27 Member States and at 3,500 consular posts.43 Citizens from 134 countries require visas to enter the EU.44 Hitherto it had been possible for an applicant that had been rejected by one country’s consulate to continue applying to other consulates. Once the VIS is in place this will not be possible. Information on previous appli- cations and reasons for rejection will be available through the new system. The inclusion of fingerprint data is intended to allow the exact verification of some- body’s identity.

Member States are already planning for the collection of biometric data for the VIS at consular posts, beginning with posts in North Africa and the Near East – in line with the Council’s view that regions of high risk should be prioritised.45

38) Council Conclusions on the development of the Visa Information System (VIS), Doc. 6535/04, 20 February 2004.

39) Council Conclusions on access to the visa information system (VIS) by Member States authorities responsible for internal security, adopted on 7 March 2005. Bulletin EU 3–2005, para. 1.4.9.

40)  Council Decision 2004/512/EC establishing the Visa Information System (VIS) [2004] OJ L 213/5.

41)  COM (2004) 835 final, 28 December 2004.

42)  Doc. 10267/07 (Presse 125).

43)  Communication from the Commission to the Council and the European Parliament – Development of the Schengen Information System II and possible synergies with a future Visa Information System (VIS), COM(2003) 771 final, 11 December 2003, p. 26.

44) The list of countries and territories whose nationals are (or are not) subject to a visa requirement is set out in Regulation (EC) No. 539/2001 [2001] OJ L 81/1, last amended by Regulation (EC) No. 1932/2006.

45) Council Conclusions on the consular roll out for the Visa Information System (VIS), adopted on 2 December 2005, Doc. 14390/05 (Presse 296).

The system is being developed on the assumption that 20 million visa applica- tions would be handled annually.46 While the consulates enrolment of biometrics of visa applicants is already underway, delays in the adoption of the VIS Regula- tion by the Council and the European Parliament have made it necessary to reschedule the entire project.47 The latest reports are that the VIS is due to become operational by spring 2009.48 Pending agreement on the legal framework, the Commission has, however, gone ahead with the planning adopting in comitology two Decisions related to the VIS: the first laying down the technical specifications on the standards for biometric features;49 the second establishing the site for the central VIS (Strasbourg with a back-up unit in Austria).50

In the meantime, the proposal concerning access to this database by relevant authorities for law enforcement purposes has also materialised.51 Designated authorities of Member States and Europol may access the data kept in the VIS if there are reasonable grounds to consider that consultation of VIS data in a specific case will substantially contribute to the prevention, detection or investigation of terrorist and other serious criminal offences.52 The proposal was also agreed at the June 2007 Justice and Home Affairs Council meeting.

Police access to the VIS is far from insignificant. VIS is an information system developed in view of the implementation of the European visa policy. It is not a law enforcement tool. As mentioned above, it will be able to contain the data concerning about 20 million visa applicants annually and, according to Commis- sion estimates, 70 million fingerprint data will be stored in the system in the first five years of its operation.53 Routine access to police would entail a disproportion- ate intrusion in the privacy of travellers. While under the legislation conditions of access are restricted to specific cases and subject to a case-by-case examination of the necessity of such access, there is concern that the provisions leave room to a broad interpretation which might in practice lead to police access being routinely granted. The data protection authorities advised that police access to the VIS be

46)  COM(2003) 771 final, above n. 43, p. 26.

47)  Commission Staff Working Document on the development of the Visa Information System (VIS) –

2006 Progress Report, SEC(2007) 833, 13 June 2007.

48)  ‘EU beefs up biometric controls at borders’, Europolitics, 25 June 2007, p. 6.

49)  Commission Decision 2006/648/EC [2006] OJ L 267/41.

50)  Commission Decision 2006/752/EC [ 2006] OJ L 305/13.

51)  Proposal for a Council Decision concerning access for consultation of the Visa Information System (VIS) by the authorities of Member States responsible for internal security and by Europol for the pur- poses of the prevention, detection and investigation of terrorist offences and other serious criminal offences, COM(2005) 600 final, 24 November 2005.

52) See Article 5 final draft. Terrorist offence is defined by reference to the offences in the Council Frame- work Decision 2002/475/JHA on combating terrorism ([2002] OJ L 164/3); a serious criminal offence is a form of crime referred to in Article 2 of the Europol Convention and its Annex. See Article 2 final draft.

53) COM(2005) 600 final, above n. 51, p. 4.

made subject to specific safeguards, including a comprehensive data protection regime for national use of the data.54 The proposal initially envisaged that the regime regulating police access and processing of VIS data would be the proposed Council Framework Decision on the protection of personal data processed in the framework of police and judicial co-operation in criminal matters.55 This Data Protection Framework Decision has, however, not yet been agreed.


Eurodac is an EU-wide database that stores fingerprints of asylum seekers over the age of 14 and of people apprehended in connection with an irregular crossing of an external border. The Regulation establishing Eurodac was adopted in 200056 with the aim of assisting with the allocation of responsibility in determining a claim for asylum under criteria set out in the so-called Dublin Regulation57 (pre- viously Convention).58 The system is based on the assumption that asylum seek- ers must apply for asylum in the first EU country in which they arrive and may be returned to another Member State if it can be proven that they have either passed through the border of another Member State or already lodged an applica- tion for asylum in that Member State.

Eurodac is again essentially an immigration database to support the implemen- tation of the European asylum policy. The computerised system allows for the identification of third-country nationals who may have already lodged asylum applications in the EU and whose data were already enrolled by one Member State, assigns responsibility for their claim under the Dublin criteria and prevents ‘asylum shopping’. When a Member State receives a hit reply, proving that an asylum seeker has applied for asylum before in another Member State, it will in the majority of cases request the other Member State to take back the asylum applicant.

The Central Unit of Eurodac began operating on 15 January 2003 with an empty database. At the end of 2005, the central database contained about 650,000 data sets of asylum applicants, and 40,000 data sets of persons apprehended in connection with an irregular crossing of the external border.59 A recent evaluation of the Dublin system by the Commission (which comprises both the Dublin and the Eurodac Regulation) suggests that the system is working well, although it has highlighted a problem of quality of data sent to the Eurodac Central Unit (6% rejected because of low quality), and that deletion of data when asylum seekers acquire citizenship is not done routinely.60 The evaluation does not report on false identification (false ‘hits’) during Eurodac operations to date, which would attest to the reliability of a Eurodac fingerprint match.

54)  See European Data Protection Supervisor Opinion [2006] OJ C 97/6.

55)  See below n. 80.

56)  Council Regulation (EC) No. 2725/2000 of 11 December 2000 [2000] OJ L 316/1.

57)  Council Regulation (EC) No. 343/2003 of 18 February 2003 [2003] OJ L 50/1.

58)  Signed in 1990 entered into force in 1997 [1997] OJ C 254.

59)  See staff working document accompanying the Commission’s evaluation report of the Dublin system, SEC(2007) 742 at p. 40.

This is, however, to be ques- tioned. A recent court case in the UK illustrates this well. The fingerprint match proved that the applicant was in Italy, having claimed asylum there, at a time when, on the applicant’s account, he was undertaking military service in Eritrea. The UK, after accepting responsibility for determining the asylum claim, sought to undermine the factual basis of that claim for the reason that it was inconsistent with the Eurodac fingerprint match. The Tribunal found against the government on account that it had failed to submit adequate supporting evidence to permit the judge to draw the conclusion that the result was accurate and the appellant was the same person as the person fingerprinted in Italy.61

A particular concern reiterated by the Commission in its evaluation reports is the incorrect application of the data protection rules, notably those relating to ‘special searches’ pursuant to Article 18 of the Eurodac Regulation. ‘Special searches’ are not related to the application of the Dublin Regulation but serve the purpose of allowing those persons whose personal data are recorded in the central database to check the information held on them. Since the operation of the data- base there have been more than 3,700 ‘special searches’.62 A recent inspection report of the EDPS also considered the high number of ‘special searches’ trou- bling, particularly as it did not match the number of requests for access by indi- viduals, which indeed the statistics showed to be very low.63 While finding that, with a few exceptions, ‘special searches’ have not been conducted for the reason they were intended for, i.e. the right of access of the individual, the report stops short of attributing it to deliberate abuse of the system. It recommends, however, that Member States endeavour to increase the lawful use of Article 18, particu- larly by making asylum seekers aware of their right to obtain access to the infor- mation held on them in Eurodac.

In terms of future developments of the database, the Commission reports that it “will explore, on the basis of further analysis and full impact assessment, the possibility to extend the scope of Eurodac with a view to use its data for law enforcement purposes.”64 The issue of police access to Eurodac is, however, well beyond the stage of exploration as Member States have already made up their

60) Common report on the evaluation of the Dublin system, COM(2007) 299 final and SEC(2007) 742 above.

61)  See YI (Previous claims – Fingerprint match – EURODAC) Eritrea [2007] UKAIT 00054.

62)  COM(2007) 299, above n. 60, at p. 10.

63)  EURODAC Supervision Coordination Group – Report of the first coordinated inspection, Brussels 17 July 2007.
64) COM(2007) 299, above n. 60, p. 11.

minds and plans have speedily advanced under the German Presidency.65 A Pres- idency paper discussed at the beginning of 2007 sums up the arguments for law enforcement use of Eurodac as follows:

Frequently, asylum-seekers and foreigners who are staying in the EU unlawfully are involved in the preparation of terrorist crimes, as was shown not least in the investigations of suspects in the Madrid bombings and those of terrorist organizations in Germany and other Member States (for instance, two of the five accused in German proceedings against the terrorist group “Al Tawhid”, which pre- pared attacks against Jewish institutions in Berlin and Dusseldorf, were asylum-seekers).

Access to Eurodac can help provide the police and law enforcement authorities of the Member States with new investigative leads making an essential contribution to preventing or clearing up crimes.66

At the Justice and Home Affairs Council meeting of 12/13 June 2007, Ministers asked the Commission to present “as soon as possible” an amendment to the Council Regulation (EC) No. 2725/2000 on the establishment of Eurodac to allow for police access to the database.67 The Conclusions stress that police access to Eurodac should be subject to strict compliance with the rules governing the protection of personal data. While it remains to be seen what detailed data pro- tection rights will be proposed, these would provide safeguards against inappro- priate uses of the database. There are, however, wider concerns about the discriminatory impact on asylum seekers of law enforcement uses of this database on which a debate has yet to take place. It is to be hoped that the impact assess- ment promised by the Commission will address the question of whether it is acceptable to subject anyone on the Eurodac database to a greater level of surveil- lance than others in the population, particularly as the disproportionate criminal activity which might result from this group, as against the population as a whole, will in turn foster discrimination and reinforce widespread prejudices.

Interoperability of, and Police Access to, EU Databases

The call for maximising the effectiveness of, and allowing wider access to, the EU information systems was advanced in the spur of the Madrid bombings in March 2004. The EU Declaration on Combating Terrorism adopted after the terrorist

65) A commitment to this effect had been made by the Interior Minister of the EU’s six largest Member States at their G6 meeting in Heiligendamm, Germany, on 22/23 March 2006. For a critical examination of the Conclusions of the meeting, see House of Lords European Union Committee, 40th Report of Session 2005–06, Behind Closed Doors: the meeting of the G6 Interior Ministers at Heiligendamm, HL Paper 221, 19 July 2006.

66) Common 18-months Presidency Programme on Police and Customs Co-operation, Council Doc. 5291/07 of 12 January 2007, p. 6.

67) Access to Eurodac by Member State police and law enforcement authorities – Council Conclusions. Available at:

attacks invited the Commission “to explore the creation of synergies between existing and future information systems (SIS II, VIS and EURODAC) in order to exploit their added value . . . in the prevention and fight against terrorism” and to bring forward proposals “to enable national law enforcement agencies to have access to EU systems.”68 The Hague Programme adopted in November of the same year reiterates that “better exchange of information, including by means of more extensive access to existing EU information systems, is one of the ways in which the aim of strengthening security is to be achieved.”69 Another terrorist attack, the London bombings of July 2005, gave final impetus to plans for maxi- mising the use of EU information systems. At the Extraordinary Justice and Home Affairs Council meeting convened after the bombings, the Council requested the Commission to bring forward proposals on enhanced interaction between the VIS, SIS and Eurodac and for law enforcement access to the VIS.70

The Commission put forward an assessment of the efficiency of existing Euro- pean databases and their potential future uses, as requested, in November 2005.71 The analysis of gaps and solutions is summarised in the table below.

68) Council of the European Union, Declaration on combating terrorism, Doc. 7906/04, 25 March 2004, p. 7.

69) The Hague Programme: strengthening freedom, security and justice in the European Union, 4 Novem- ber 2004 [2005] OJ C 53/1.

70) Council Declaration on the EU response to the London bombings, Doc. 11116/05 (Presse 187), 13 July 2005, p. 7.

71) Communication on improved effectiveness, enhanced interoperability and synergies among European databases in the area of justice and home affairs, COM(2005) 597 final, 24 November 2005.

In the Commission’s analysis, the case for wider access to EU databases and their interoperability rests entirely on the vested interest the police and other authori- ties responsible for internal security have in these developments. In a much quoted passage it explains thus:

In relation to the objective of combating terrorism and crime, the Council now identifies the absence of access by internal security authorities to VIS data as a shortcoming. The same could also be said for all SIS II and EURODAC data. This is now considered by the law enforcement community to be a serious gap in the identification of suspected perpetrators of a serious crime.72

Plainly, the European information network is to be expanded at the request of the police. The mantra henceforth has been that to combat terrorism and other seri- ous crimes it is inevitable that police and security authorities have access to EU information systems to the extent that their tasks require. The counter-arguments of the cost and practicality of such measures, or the extent to which they are com- patible with fundamental principles of proportionality and non-discrimination have as yet to be seriously addressed.

The Commission analysis is remarkable in one other aspect: it makes it plain that there are many other categories of persons who it would be in the interest of law enforcement and State security to subject to greater supervision and control. There are those third-country nationals who are entitled to cross borders without having to provide any biometric information because they are holders of long- term visas or residence permits. Also, there is the fact that there is no means as yet

72) Ibid., para. 4.6.

for the police to trawl through a central register of European citizens’ identity and travel documents “to query on a person who is, say, wanted for a terrorist crime”.73 As one acute commentator has put it, it would seem that “improving interoper- ability and synergies means nothing else but knitting the network of surveillance tighter and closing gaps and loopholes in the control of criminals as well as repu- table citizens.”74

In principle, it is not difficult to agree with the proposition that any increase in State surveillance and control is likely lead to an increase in the effectiveness of crime prevention and police investigations. The greater the level of control and supervision of the public, the more the police will be able to pick out somebody amongst the masses. However, it is legitimate to question whether the mass sur- veillance of a society is an acceptable method of combating crime and security risks. Also, one might wonder whether reliance on the expansion of the EU infor- mation systems to solve the security challenges facing the EU is not misplaced. Ever since the terrorist attacks of 11 September 2001, and the perceived increase in the threat posed by international terrorism, the EU Member States have made quick and significant advances in integrating and sharing immigration-related information. They have been less effective in integrating and sharing law enforce- ment information and intelligence.

In December 2005, a Commission proposal suggested that Member States should be made to exchange relevant information resulting from the activities of national security and intelligence services.75 The reason for this proposal was that, in the Commission’s view, “the continuation of the current situation [did] not fully meet the current security challenges.” The draft Council Decision would have established a mechanism for the transmission of such information, without prejudice to bilateral mechanisms between the Member States. The proposal has not made any progress in the Council and appears to have been shelved. Some Member States questioned its added value.

When it comes to police information, Member States are similarly reluctant to relinquish ownership and control. There have been calls for availability of this information76 and an attempt at better co-operation in data sharing between a

73)  Ibid., para. 4.10.

74)  P. Hobbing, ‘Analysis of Commission Communication on interoperability’, Briefing Paper for European Parliament LIBE Committee, IP/C/LIBE/FWC/2005–08, 14 February 2006.

75) Proposal for a Council Decision on the transmisison of information resulting from the activities of security and intelligence services with respect to terrorist offences, COM(2005) 695 final, 22 December 2005.

76) See Hague Programme, above n. 69, stating that with effect from 1 January 2008 the exchange of law enforcement information should be governed by the principle of availability. In October 2005, the Commission presented its proposal for a Council Framework Decision on the exchange of information under the principle of availability (COM(2005) 490 final, 12 October 2005). However, this proposal also stalled.

group of Member States in the context of the Treaty of Prüm.77 A decision has now been agreed which will integrate relevant provisions of the Prüm Treaty into the Union’s legal framework.78 Moreover, Europol, the European Police Office which collates and analyses information and intelligence, is being revamped and might in time prove a trustworthy repository of information and effective agency for intelligence-led operations.79 However, there continues to be a lack of political commitment to harmonise standards and laws, including data protection laws, which would allow for an integrated system and ensure that the information exchanged is accurate and reliable. A proposal for a Framework Decision on Data Protection (DPFD), establishing data protection rights and conditions for trans- fer and further processing of data in the framework of police and judicial coop- eration in criminal matters, was made by the Commission in October 2005,80 but the Council has so far utterly failed to find agreement on this proposal.81 The lack of such a regulatory framework at EU level is a significant drawback not only for effective cross-border police cooperation, but also for the millions of third-coun- try nationals whose data are collected and stored in non-crime related databases but which are, and are increasingly going to be, accessed and processed for crime related purposes.


One significant aspect of the EU counter-terrorism strategy is to increase border security by widening the range of information available to the police and author- ities responsible for internal security on persons who move, or seek to move, across borders. The crossing of a border is an instance where the State has a sovereign right to obtain all the information it deems necessary from people who seek to enter its territory.

77) Convention between the Kingdom of Belgium, the Federal Republic of Germany, the Kingdom of Spain, the French Republic, the Grand Duchy of Luxembourg, the Kingdom of the Netherlands and the Republic of Austria on the stepping up of cross-border cooperation, particularly in combating terrorism, cross-border crime and illegal migration. The Convention was signed by the contracting parties in Prüm (Germany) on 27 May 2005. See Council Doc. 10900/05 of 7 July 2005.

78) Draft Decision on stepping up cross-border cooperation, particularly in combating terrorism and cross-border crime, Doc. 6566/07. The draft was agreed at the Justice and Home Affairs Council on 12 June 2007. For an analysis of the decision and a critique of the incorporation process, see House of Lords European Union Committee, 18th Report of Session 2006–07, Prüm: an effective weapon against terrorism and crime? HL Paper 90, 9 May 2007.

79) Proposal for a Council Decision establishing the European Police Office (Europol), COM (2006) 817 final, 20 December 2006.

80) COM(2005) 475 final, 4 October 2005. A considerably revised and watered down text was submitted in March by the German Presidency: Doc. 7315/07 of 12 March 2007. See on this the Third Opinion of the European Data Protection Supervisor, 27 April 2007.

81) On the other hand, a coherent protection framework for all processing of personal data in the fields governed by Community law was introduced by Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data [1995] OJ L 281, 23 November 1995.

Indeed, in most instances, cross-border mobility comes at the cost of providing personal information to the authorities. Increasingly, it is fingerprints and other biometric information the authorities are after. Biometric data are now captured in visas, passports, residence permits and identity cards. Biometric data have for some years now been collected from asylum seekers. Cen- tral repositories of this information, such as the Schengen Information System, the Visa Information System and Eurodac, are to be interlinked and opened up to police searches making millions of third-country nationals, whose personal data are recorded therein, for all intends and purposes a suspect population. There is very little in terms of a safety net for foreigners to fall back on should the assumptions as to the safety of the use of their data and accuracy and efficiency of the technology turn out to be misplaced. The extent to which these measures erode the freedom in our society will be felt when entire populations of citizens and residents will be subject to the same intrusive methods of policing and control.