USA border plan requires “continuous and systematic” transfers of biometric data
Last year, it was revealed that the USA planned to launch Enhanced Border Security Partnerships (EBSPs) with other states around the world, seemingly targeting the EU, UK and Israel first. These would involve “continuous and systematic” transfers of biometric data to the USA for the purposes of immigration and asylum vetting, says a recent Council of the EU document obtained by Statewatch.
Transatlantic biometric web
The EBSP would require direct connections between the biometric databases of participating states and the USA’s IDENT/HART system, “the largest U.S. Government biometric database and the second largest biometric database in the world, containing over 270 million identities from over 40 U.S. agencies,” according to a Department of Homeland Security (DHS) document published by Statewatch last year.
Participating states would be able to submit biometric data for checks against the IDENT/HART system, and the USA would be allowed to do the same against those states’ biometric systems: “high-volume matching and data exchange is accomplished within minutes and is fully automated,” says the DHS document.
There have been a number of developments since the USA first started approaching EU states last year, according to a new document circulated by the Swedish Presidency within the Council of the EU earlier this month.
Legal competence
Questions were previously raised about whether an EBSP would be an EU rather than a member state competence, as it relates, in part, to visa policy – participation in the EBSP would be mandatory for member states to benefit from the USA’s Visa Waiver Policy.
The document notes that “the Commission has recently opted for a pragmatic approach, that is to disassociate information exchange from issues linked to visa policy,” and the Commission and the USA set up a “dedicated Working Group” in September last year to discuss the EBSP requirements.
The Commission has subsequently informed member states that they can negotiate an EBSP bilaterally with the USA as long as those discussions cover “information exchange only, and not the EU’s common policy on visa.”
At the same time, the document notes that “the Commission is not preparing a Commission proposal for a Council Decision authorising the opening of negotiations for an agreement on EBSP between the EU and the US.”
However, the document also states that: “Considering the continuous and systematic transfers envisaged by the US, these should be based on an international agreement or administrative arrangement ensuring sufficient data protection safeguards.”
Data-sharing for “proof of concept”
The Commission “is working on a Proof of Concept that would assess the added value of this sharing of information.”
Statewatch previously reported that at a meeting of EU and USA senior justice and home affairs officials in March, there was discussion of “the intention to have a first set of data transferred” as part of the “proof of concept.”
How any data – in particular biometric data, which “merit higher protection” than other types of personal data – might be shared in the absence of any kind of decision, agreement or arrangement is unclear.
The Presidency document states that following the last meeting of the Council’s working party on information exchange and internal security (IXIM), “delegations are generally happy with the extent of EU coordination so far.”
However, questions are raised regarding what that coordination should like in in the future, as “the US have started approaching Member States with a view to discussing arrangements to implement the EBSP through existing agreements on Preventing and Combating Serious Crime [PCSC].”
PCSC agreements are already a requirement for states participating in the US Visa Waiver Program. They: “…permit the United States and its partner countries to cooperatively exchange biometric and biographic data in the course of preventing and combating serious crimes and terrorist activities.”
The EBSP agreements would extend the scale and scope of the existing PCSC agreements.
Next steps
The Presidency proposes “regular debriefings in IXIM or JHA Counsellors meetings” by the European Commission, on the work of the “technical Working Group, and on the progress of the Proof of Concept”.
Furthermore, the Presidency suggests coordination with regard to member states’ bilateral negotiations with the USA: “…exchanges of views between delegations in IXIM or JHA Counsellors meetings to support each other in negotiations with the US, which could include sharing information and draft texts, templates and agreements provided to Member States by the US (and vice-versa), as well as discussing possible lines to take with involvement of Coreper where needed.”
Whether member states have agreed with these plans yet or not is unknown – but none of the options involve any meaningful transparency or democratic debate about a plan that foresees opening up the vast biometric databanks maintained by the EU and its member states to the USA.
“The EU’s own top court has ruled on multiple occasions that the USA does not offer adequate privacy protections for non-citizens, yet the Commission and the member states are planning to open up their biometric databases to the Department of Homeland Security and, by extension, who knows how many other US agencies? The fact that discussions on the plan are taking place in secret makes it all the more galling, albeit entirely unsurprising.”
This article was first publishe here by Statewatch.
Contribution by: EDRi member, Statewatch