Are you sure?

EU competition office criticizes governments for hasty use of biometric data

European governments risk violating the protection of their citizen's personal data by acting hastily in approving the use of fingerprints and iris scans in passports, the European Union's data competition office warned Wednesday.

The 27-member EU was „rushing in a new era” of using biometric identifiers for security checks while standards for data protection were still not clear, the EU's independent data protection supervisor Peter Hustinx told reporters. Warning against cross-linking national biometric databases, Hustinx said that the EU not only needed standardized procedures for collecting biometric data, but also common rules and safeguards for the use of the sensitive information. „(National) authorities have to be cautious, they still have to be careful,” Hustinx said.

Under new EU rules introduced earlier this year, the bloc's citizens are required to have their fingerprints included on newly- issued passports by 2009. National governments also have to store the image of the face on newly-issued passports. This will fulfil US requirements for EU nationals to have travel documents with biometric identifiers. Hustinx also slammed EU plans to let Europe's police forces share information on suspected criminals, saying that recent amendments to the proposal weakened the level of data protection for the public. The planned network of national crime records would give all member states access to DNA and fingerprint data, as well as vehicle registries.

Austria, Belgium, France, Germany, Luxembourg, Spain and the Netherlands already adopted the rules in 2005. Germany and Austria started to share their national criminal registers since December 2006. In all, 15 EU member states have agreed to join the system. Hustinx said that extending the data-sharing plan to all EU countries, which have different levels of data protection, would curb legal protection for citizens and could lead to endless litigation. „(EU) member states now disagree on what data protection is,” Hustix said, adding: „First of all, we need common standards.” He also said that security measures aimed at preventing terrorism were often stepped up at the expense of privacy. „We should not think that we will have more security if we have less privacy. We need both.” Hustinx also said that data protection should be seen as a backup of other fundamental rights. „It is not only privacy, it is also about also ensuring free speech, he said, adding: „If we are not careful with the data we collect, we see discrimination in society, we see separation.”

Hustinx, who monitors the processing of personal data by EU institutions, has the power to take cases of privacy infringements to the EU Court of Justice, the bloc's top legal body. As the data protection supervisor, he acts independently of EU institutions and gives governments and EU bodies advice on security standards. (