Apparently ignoring the EU’s Data Protection Supervisor, the EU’s Civil Liberties Committee (I’m not entirely sure what this is) has approved the setting up of a database to exchange information between Member States on non-EU citizens entering the Schengen area. More than a hundred countries’ citizens are required to have a visa issued by a Member State to enter the Schengen area. The new Visa Information System (VIS) should prevent an applicant who is refused a visa by one Schengen country applying to others (“visa shopping”); to facilitate the fight against fraud and checks at external borders; to assist in the identification of those not meeting the conditions for entry, stay or residence in Schengen Member States; to ease the application of Dublin II regulation on asylum; and to help prevent threats to the internal security of Member States. The regulation says that biometrics will used under controlled circumstances, with the emphasis on first using the visa sticker number for verification, in conjunction with fingerprints, and with fallback procedures being put in place. It also says that “photographs will not be used for identification purposes as the technology is not yet ready”.
This phrase “controlled circumstances” reminded me of another recent visas story, this time concerning a Foreign Office data breach covering India, Russia and Nigeria. In the case of India, up to 50,000 Indian travellers could have been exposed to having personal details stolen because addresses, dates of birth and passport numbers accessible for more than a year. The Information Commissioner has sternly demanded a “full explanation” from the Foreign Office. Clearly, as data security professionals know, circumstances can be somewhat difficult to control.
I don’t have a visa for the U.K., of course, so I have no experience of using such systems, but as mentioned before I have been experiencing Britain’s biometric border control by using IRIS. Now, some people are very happy with this system:
I came back into the UK last week, and getting through passport control couldn’t have been easier. I walked into the IRIS eye scanning booth, where there was no line, and less than a minute later, I was done. In contrast, the corresponding US service called Clear is a joke.
On the other hand, I’ve been really annoyed by it never working. Although, to be fair, it has worked 50% of the time in the last two weeks (it didn’t work coming into terminal 4 from the U.S. but it did work coming into terminal 4 from Amsterdam). As it happens, I was at a seminar recently where Stephen Harrison, the Director of Policy at the U.K.’s Identity and Passport services gave the current (mid-2007) figures on IRIS. He said that there are 32 million visitors to the U.K. every year and 68 million trips abroad by people in the U.K. IRIS has 100,000 people registered on the system and the gates have been used 500,000 times.
These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]