EU to deploy controversial technologies on holidaymakers and business travellers


Press release: International travel may be on hold due to the coronavirus pandemic, but the EU is pressing ahead with long-term plans to deploy controversial, untested technologies that will cast a “veil of suspicion” over holidaymakers and other travellers visiting the Schengen area, says a new report published today by the civil liberties organisation Statewatch.

Support our work: become a Friend of Statewatch from as little as £1/€1 per month.

The report, Automated suspicion: The EU’s new travel surveillance initiatives, [1] examines how all applicants for short-stay Schengen visas and new ‘travel authorisations’ [2] will be checked against millions of files in police databases, [3] screened by automated profiling tools, and have their name checked against a new ‘pre-crime’ watchlist operated by Europol, the EU’s policing agency, as part of long-term plans to bolster EU systems for migration and security. The age for collecting biometrics will also be lowered, meaning that millions of children from the age of six upwards will be fingerprinted and photographed.

Before visitors arrive in the Schengen area, during their stay and after they leave, their data will be held in enormous centralised databases accessible by thousands of officials, and made available for a variety of uses such as identity checks and law enforcement investigations.

Travellers’ personal data will also be used as the raw material for building the profiling tools being introduced into the visa and travel authorisation systems. These will try to detect potentially ‘risky’ individuals who are unknown to the authorities through the use of “screening rules” and “risk indicators” relating to factors such as age range, nationality, country and city of residence, destination, purpose of travel and occupation. The new systems that underpin these changes are meant to be in place by the end of 2022, as part of the EU’s plans to make policing and migration databases “interoperable”. [4]

The report argues that gathering more personal data from non-EU citizens to use them as guinea pigs for untested and controversial technologies is particularly dangerous at a time when EU governments have shown themselves all too willing to subvert democratic norms and the rule of law whilst presenting foreigners as scapegoats for society’s ills.

The new systems will combine millions of datasets from a variety of different databases already known to be riddled with poor quality data, massively raising the risk of errors. There is also little guarantee that giving government officials access to more information will help improve security – it is well-established that the authorities have difficulty dealing with the data they already have.

The use of profiling tools raises particular risks, as data fed into the systems may be based on biased data, reinforcing the likelihood of further discrimination in decision-making – for example, people of a particular age and gender from a particular region may be identified as potential risks and face unwarranted questioning and searches at borders. Safeguards in the legislation agreed so far are lax, and foreign nationals may face extreme difficulties in exercising their rights to redress.

Tony Bunyan, Statewatch Director, said:

“The use of these new technologies presents serious risks for fundamental rights including the rights to privacy, data protection, liberty and security, and to a family life, amongst others.”

Chris Jones, Statewatch Project Director and the author of the report, said:

“The enthusiasm amongst EU and member state officials for using new techniques and tools on unsuspecting travellers is alarming, given that they increase the risk of discrimination, may lead to further errors in decision-making and will hand over more personal data to governments playing fast and loose with democratic standards. People should give greater thought to how their governments treat non-nationals – otherwise they too might come to be treated as suspects, rather than citizens.”


Chris Jones, +44 (0) 203 691 5227, chris [at]


[1] The report is available here:

[2] Some five billion citizens of 105 countries around the world must acquire a visa if they wish to enter the Schengen area (made up of 26 of the EU’s member states along with Iceland, Liechtenstein, Norway and Switzerland). Their data is stored in the Visa Information System (VIS). Some 1.4 billion citizens of around 60 countries do not require a visa, but will soon be required to apply for a “travel authorisation”, which will be EU’s equivalent of the USA’s ESTA, Canada’s eTA and Australia’s ETA; their data will be stored in the European Travel Information and Authorisation System. Short-stay visas and travel authorisations allow the holder to spend 90 days within any 180-day period within the Schengen area.

[3] All travellers will have their data checked against the EU’s Schengen Information System, (which at the end of 2019 held records on almost one million individuals), Europol’s databases (which at the end of 2018 held data on some 213,000 individuals), as well as national law enforcement databases and Interpol systems.

[4] Since 2016, the EU has embarked on a project known as ‘interoperability’, which involves interlinking six existing and planned large-scale databases and merging certain data taken from them in a variety of new systems. An overview of the project can be found in a previous Statewatch report, ‘Data Protection, Immigration Enforcement and Fundamental Rights: What the EU's Regulations on Interoperability Mean for People with Irregular Status’, available here:

Our work is only possible with your support.
Become a Friend of Statewatch from as little as £1/€1 per month.


Spotted an error? If you've spotted a problem with this page, just click once to let us know.

Report error