EU data protection chief criticises fingerprint plan
27.03.08 @ 17:13
BRUSSELS - EU plans on regulating the issuing of passports and creating a centralised fingerprints database do not sufficiently protect the rights of citizens, the head of the bloc's privacy watchdog has said.
The European Commission proposals launched in October last year set out minimum standards for security features and biometrics, such as fingerprints, in passports and travel documents.
It also suggested the creation of a centralised database for storing citizens' fingerprints, in addition to including them in passports.
In an opinion on the matter issued on Wednesday (26 March), Peter Hustinx, head of the European Data Protection Supervisor (EDPS), notes that some concessions granted by the commission so far are "still unsatisfactory."
"They fail to address all the possible and relevant issues triggered by the inherent imperfections of biometric systems, and more specifically those related to children and the elderly," according to Mr Hustinx.
For instance, the commission proposal to exempt only those children who are less than six years old from giving fingerprints should be considered as provisional, or "brought in line with international practice (14 years)," according to the EDPS chief.
The age limit for the elderly – 79 years – is also not considered satisfactory, backed by the argument that the older people get the less reliable and accurate their fingerprints are.
A commission spokesperson said on Thursday (27 March) that the "quite substantial study" sent by Mr Hustinx needed first to be analysed.
But he addressed the concerns about the creation of a centralised fingerprint database.
Creating fingerprints databases "poses data protection challenges, nobody will deny this," he said.
"However, precisely because we are aware of these challenges, we will do everything that is needed to already address those challenges in the architecture of the EU database which will contain the fingerprints (…) and ensure that we are taking duly into consideration all legitimate data protection concerns," the spokesman added.
Mr Hustinx also pointed out that practices for obtaining a passport in the 27 member states still vary largely and called on the commission to examine this.
He also expressed regret that the Brussels executive "did not comply with its legal obligation" and consult him on its proposal.