EU moots 'deep background' checks for racist-free border controls

The biometric meritocracy

Europe plans to avoid the routine discrimination against foreigners at border controls by using deep background checks of individual people to manage immigration.

The EU hopes the plans will appease US doubts about the visa waivers it doles out almost indiscriminately to citizens of allied countries. The US approach, as demonstrated by the controversial PNR (passenger name records) stitch-up, demonstrates a desire to discriminate good immigrants from bad immigrants more effectively using detailed intelligence reports.

The EU solution to this problem was presented to delegates of the Biometrics 2006 conference last week and bears some relation to border controls systems already implemented in the United Arab Emirates, Israel and along the Chinese border with Hong Kong, which gained its supposed predilection for biometric identification when it had identity cards foisted on its people by the colonial British administration in the 1940s.

The Europeans are aware of the negative connotations, which is why their solution to the problem, the Trusted Traveller Programme, was recently renamed the Registered Traveller Programme. The implication of the old name was that European border controls intend to become more suspicious of people who are not fully paid up members of the omniscient state, which it does.

It is, however, being presented as a means of avoiding discrimination against people coming in and out of Europe merely on the basis of their country of origin or the colour of their skin.

Why tag nationality?

A convincing argument along these lines was presented by Dr Frank Paul, head of large-scale computer systems at the European Commission's directorate of Justice, Freedom and Security, and the man responsible for implementing the biometric immigration systems across the continent.

Europeans cannot say that all people from these countries are security risks, said Paul. Not only is this bigoted, but clearly impractical for airport security.

"Why tag nationality," said Paul, "It's an abstract identity [that] has no relation to personal risk. So we'll have to do specific background checks on individuals."

The Commission is conducting a feasibility study for this "person-centric approach" to immigration, which it will report next June.

It is presenting this as a way of "facilitating" the travel of those people the state can trust without any shadow of a doubt. This will mean a two-speed Europe for all those people coming in and out of the continent's ports of entry - those people who have immaculate personal histories, sparkling curriculum vitae, will breeze through immigration via fast-track, biometric immigration gates.

The background checks would be even more detailed than those provided to US officials in the US-VISIT biometric immigration programme. Though the details of how these checks will be assembled has not been decided, the approach being developed in Europe, as elsewhere, is one of data shared between immigration, police, intelligence and civil databases.

European law doesn't allow this sort of routine data-sharing to happen right now, but the various biometric systems being built in Brussels are being designed with a common database. These systems will be designed so they are virtually separate - with Chinese walls, if you like. Should the legislation change, it would be easy for the databases to be merged to create a broader profile of people on the system.

The basis of this is the Biometric Management System, the contract for which is being awarded any day now. This is where the fingerprints belonging to the subjects of the European civil and immigration intelligence system will be stored.

Hanging off this will be the systems underpinning a variety of projects under differing stages of technological and legislative development, but which are typically begun before they are approved in the European Parliament and Council: the Visa Information System (VIS), the Eurodac database of asylum seekers, the Shengen Information System II for intra-European travel and a system that is as yet just an idea, the European criminal fingerprint database.

These plans might bring Europe into closer alignment with US ideas of intelligence gathering and lay the foundation for the global immigration database that is already being discussed by the US and its allies. But its inception will be interesting politically, as was demonstrated by the trouble over PNR.

Who blows up the planes?

PNR, Paul told conference delegates, demonstrated the different approaches the EU and US take to privacy.

"The trust issue is a US issue because there are members of congress who say, 'who were the people trying to blow up the planes in the UK? Were they third country nationals? No, they were UK citizens, so under the visa waiver programme they could have gone to the US," he said.

The Commission's idea of person-centric border controls would appease the US, but might not please data protection authorities, which have been dismayed by PNR and other US activities concerning European citizens' personal data.

On the European side, the trust issue is that the US have, by EU standards, inadequate legislation to protect citizens from abuse of data held on them by the state. But the EU's data protection authorities have a tentative hold over the matter anyway - because as a security issue it is not an EU legal competence.

And the future role that data protection authorities will play in this issue is uncertain. Troy Potter of the US Department of Homeland Security has set out to encourage the US' allies to agree legislation to enable their planned global immigration database, and told The Register last week that the US was prepared to do bilateral deals if the EU couldn't get its act together to share its immigration data.

There is also a British example being used to promote this idea amongst the faithful in Brussels. The idea is what some people call "positive discrimination" in immigration: taking people who do not suffer discrimination and making their lives even easier at immigration. It's what John Reid, the British Home Secretary, is calling "a revolution in border control", necessary to discriminate between those people likely to commit another 7/7 terrorist attack and those likely to do lots of shopping in Harrods. ®

Other stories you might like

  • Chip shortage forces temporary Raspberry Pi 4 price rise for the first time

    Ten-buck increase for 2GB model 'not here to stay' says Upton

    The price of a 2GB Raspberry Pi 4 single-board computer is going up $10, and its supply is expected to be capped at seven million devices this year due to the ongoing global chip shortage.

    Demand for components is outstripping manufacturing capacity at the moment; pre-pandemic, assembly lines were being red-lined as cloud giants and others snapped up parts fresh out of the fabs, and the COVID-19 coronavirus outbreak really threw a spanner in the works, so to speak, exacerbating the situation.

    Everything from cars to smartphones have felt the effects of supply constraints, and Raspberry Pis, too, it appears. Stock is especially tight for the Raspberry Pi Zero and the 2GB Raspberry Pi 4 models, we're told. As the semiconductor crunch shows no signs of letting up, the Raspberry Pi project is going to bump up the price for one particular model.

    Continue reading
  • Uncle Sam to clip wings of Pegasus-like spyware – sorry, 'intrusion software' – with proposed export controls

    Surveillance tech faces trade limits as America syncs policy with treaty obligations

    More than six years after proposing export restrictions on "intrusion software," the US Commerce Department's Bureau of Industry and Security (BIS) has formulated a rule that it believes balances the latitude required to investigate cyber threats with the need to limit dangerous code.

    The BIS on Wednesday announced an interim final rule that defines when an export license will be required to distribute what is basically commercial spyware, in order to align US policy with the 1996 Wassenaar Arrangement, an international arms control regime.

    The rule [PDF] – which spans 65 pages – aims to prevent the distribution of surveillance tools, like NSO Group's Pegasus, to countries subject to arms controls, like China and Russia, while allowing legitimate security research and transactions to continue. Made available for public comment over the next 45 days, the rule is scheduled to be finalized in 90 days.

    Continue reading
  • Global IT spending to hit $4.5 trillion in 2022, says Gartner

    The future's bright, and expensive

    Corporate technology soothsayer Gartner is forecasting worldwide IT spending will hit $4.5tr in 2022, up 5.5 per cent from 2021.

    The strongest growth is set to come from enterprise software, which the analyst firm expects to increase by 11.5 per cent in 2022 to reach a global spending level of £670bn. Growth has fallen slightly, though. In 2021 it was 13.6 per cent for this market segment. The increase was driven by infrastructure software spending, which outpaced application software spending.

    The largest chunk of IT spending is set to remain communication services, which will reach £1.48tr next year, after modest growth of 2.1 per cent. The next largest category is IT services, which is set to grow by 8.9 per cent to reach $1.29tr over the next year, according to the analysts.

    Continue reading

Biting the hand that feeds IT © 1998–2021