EU Bookmark and Share  
Massive biometric 'smart borders' database may be illegal

  • A number of MEPs think CJEU opinion on EU-Canada air passenger surveillance scheme makes biometric border control database illegal and are demanding renegotiation
  • Council Legal Service: "substantial difficulty" for air passenger surveillance schemes in EU and with Australia, Canada and USA, as well as other EU databases

Follow us: | | Tweet

Longstanding plans for an EU Entry/Exit System (EES) which would store the fingerprints, a facial image and other personal data on all travellers entering the Schengen area are running into serious problems as the implications of a recent court ruling on an EU-Canada air passenger surveillance scheme become clear.

On 29 July the Court of Justice of the EU (CJEU) said that a proposed agreement to send data on all passengers flying from the EU to Canada to the Canadian law enforcement authorities for inspection and profiling purposes had an incorrect legal basis, breached the fundamental rights to privacy, data protection, non-discrimination and was disproportionate.

One major problem lies with the proposal for Canadian authorities to retain data on all air passengers for five years after their departure from the country, which the CJEU said could only be done if "there is objective evidence from which it may be inferred that they present a risk in terms of the fight against terrorism and serious transnational crime."

This means that existing PNR agreements with Australia and the USA will have to be revised and it spells major trouble for the Entry/Exit System.

Big bother for big brother

At the end of June this year the European Parliament (EP) and the Council of the EU reached agreement "on the political issues" of the EES Regulation and it is supposed to receive final approval from the EP at the end of October, after "technical" details have been ironed out.

See: the text of the Entry/Exit System Regulation as "politically" agreed between the Council and Parliament in June 2017 (pdf) and the accompanying agreed amended version of the Schengen Borders Code (pdf)

The EES has been in the works since at least 2008 and is supposed to help ease the introduction of automated border gates, provide law enforcement and security agencies with a swathe of new information and help to identify individuals who have "overstayed" their visa.

In its current form, all travellers to the Schegen area would have their data retained in the EES for three years following their departure, with a period of five years for those who "overstayed" their visas - regardless of whether or not there is any evidence of their involvement in criminal activities.

These provisions clearly run counter to the court's requirements and sources in the EP have informed Statewatch that numerous MEPs are now demanding that the EES text be revised to take the requirements of the court into account - or simply be scrapped altogether.

Amongst them is Jan Phillip Albrecht, the Green MEP who ushered the EU's new data protection rules through the European Parliament (EP) and considers that the EES would be illegal if the Regulation is approved in its present form.

MEPs from other groups - including the Socialists & Democrats (S&D), the liberals (ALDE) and the left (GUE/NGL) appear to share Albrecht's concerns.

However, Agustín Díaz de Mera García Consuegra, the Spanish MEP from the conservative European People's Party group who was responsible for steering the EES Regulation through the parliamentary process, has said he does not see how the judgment raises any problems - despite declaring in February this year that it was a "priority" for the system to "comply strictly with EU rules on data protection."

It appears his views are representative of his political group - a spokesperson for the EPP told Statewatch by email that:

"We do not foresee a need to renegotiate the Regulation on the Entry/Exit System as a result of the CJEU assessment on the EU-Canada PNR Agreement."

The issue is due to be discussed at a meeting between Díaz and the EES "shadow rapporteurs" in the week starting 25 September, and it will also be taken up by the presidents of the EP's political groups - whom some are hoping will agree to take approval of the EES Regulation off the agenda of the parliament's plenary session at the end of October.

Council Legal Service: "substantial difficulty" lies ahead

Meanwhile, the Council has also been made aware of the problems the CJEU's opinion causes for the EU's PNR schemes and for the EES.

A note from the Council's Legal Service (CLS) sent to national officials in Brussels on 7 September outlines the court's opinion and notes that the EU's PNR agreements with Australia and the USA "contain the same or similar shortcomings" and will have to be renegotiated, as will the EU PNR Directive which mandates the surveillance and profiling of all air passengers travelling into, within or out of the Schengen area.

See the note from the Council Legal Service: Opinion 1/15 of the Court of Justice on its compatibility with the Treaties (11931/17, LIMITE, pdf)

On the topic of agreements with third countries, however, the CLS foresees some problems:

"If the third country does not accept such a renegotiation, the Union should terminate those PNR agreements… on the ground that they do not comply with Union law.

The main substantial difficulty to overcome in those renegotiations as well as in the recently adopted PNR Directive to be implemented by Member States… is the retention and use of PNR data by law enforcement authorities after the air passengers have departed from the relevant territory and therefore after all border checks (entry/exit) have been carried out… it is uncertain to what extent Canadian authorities (and the US and Australian authorities) would accept to change their domestic laws." [emphasis added]

Furthermore, the Legal Service note makes a reference to other systems - which would include the EES:

"There may also be some further horizontal consequences with respect to the application of the 'necessity test' on possible future data bases retaining data of persons who cross a Union border and may not present a risk in terms of public security… but whose data may be potentially useful in the future in relation to terrorist or other serious crimes."

End of the road?

Ska Keller, co-president of the Greens group in the Parliament, has said that that the EU's 'smart borders' plans "would create a Big Brother 2.0 at Europe's borders", while ALDE MEP Sophie in 't Veld has described smart borders and PNR schemes as representing "megalomaniac" thinking.

It is not hard to see why - as well as requiring the fingerprinting and photographing of anyone visiting the Schengen area, the French government previously (and unsuccesfully) proposed that the system be extended to all EU nationals and residents as well, a move which would introduce fingerprinting, face scans, systematic database searches and entry and exit logging for everyone in the Schengen area.

It would not be surprising to see such demands arise again in the future if the system goes ahead.

The CJEU ruling on the EU-Canada PNR scheme has set down tough new requirements for data collection programmes - but perhaps EU lawmakers will see sense and scrap the EES and PNR schemes altogether.

Support our work by making a one-off or regular donation to help us continue to monitor the state and civil liberties in Europe.
Search our database for more articles and information or subscribe to our mailing list for regular updates from Statewatch News Online.

We welcome contributions to News Online and comments on this website. E-mail us or send post to Statewatch c/o MayDay Rooms, 88 Fleet Street, London EC4Y 1DH.

Home | News Online | Journal | Observatories | Analyses | Database | SEMDOC | About Statewatch

© Statewatch ISSN 1756-851X. Personal usage as private individuals/"fair dealing" is allowed. We also welcome links to material on our site. Usage by those working for organisations is allowed only if the organisation holds an appropriate licence from the relevant reprographic rights organisation (eg: Copyright Licensing Agency in the UK) with such usage being subject to the terms and conditions of that licence and to local copyright law.