The European Parliament is reported to have approved the introduction of a new system which will collect biometric information about all non-EU visitors to the EU.
Under the EU’s newly approved entry/exit system (EES), which is also part of ‘Smart Borders’ package, anyone travelling to an EU country from a non-EU country (e.g. post-Brexit UK), will need to provide some biometric information.
Whilst the term ‘biometric’ implies some kind of intrusion or sampling, what it will actually mean is the need to have a digital photo taken and a fingerprint scan, and for these ‘biometrics’ to be stored in a central database, along with travel documents and information about place of entry, exit and entry refusal.
The stated aims for the introduction of the new system are to reduce irregular migration of over-stayers, to fight organised crime and terrorism, and to speed up border checks by replacing the manual stamping of passports.
The new system will apply to every third-country national, even visa-exempt travellers travelling to and from the EU Schengen area. The Schengen area consists of most EU States, except for Bulgaria, Croatia, Cyprus, Ireland, Romania and the United Kingdom (Bulgaria and Romania are in the process of joining).
The information collected by the EU with its new entry / exit system will be stored on the central EES database for least three years, or five years for over-stayers.
Those who can access the information in the EU’s database will include border, visa and national enforcement authorities, and Europol. It has been reported that the information stored on the EES database can be consulted to prevent, detect or investigate terrorist offences, or other serious criminal offences.
The information will not be accessible to national asylum authorities.
Biometrics being used as an immigration control is not new. The UK government, for example, already operates its own biometric residence permit (BRP) system whereby those planning to stay longer than 6 months, or apply to settle in the UK need a biometric permit. This permit includes details such as name, date and place of birth, a scan of the applicant's fingerprints and a digital photo of the applicant’s face (this is the biometric information), immigration status and conditions, and information about access public funds (benefits and health services).
What Does This Mean For Your Business?
Since the UK is still in the EU, business travellers to the EU will not be subject to the new system just yet, but post-Brexit this will have to change. This could initially mean that UK travellers to the EU are subject to longer delays and greater scrutiny on entry / exit. There are also extra privacy / security concerns for UK citizens based around where (and how securely) very personal data is being stored, who has access to it, and worries about the results of hacking of the data e.g. we assumed that NHS systems and credit systems were safe until they were both subject to malware and hacking.
Some UK citizens may also be concerned about the apparent increasing need for states to gather information about citizens and their activities / movements e.g. this news border rule, US border checks that can require checks of social media, and the UK’s own storing of the browsing history of its citizens under the ‘Snooper’s Charter’.
The assumption is that, at some point, all information about one person collected in several locations could be pulled together, stored and cross-referenced in a way that feels too intrusive, and too much like ‘big brother’. For some, the argument that ‘if you have done nothing wrong, you’ve nothing to fear’ is sufficient, but others object to this being used as an excuse for states to gradually erode rights to privacy.