Biometrics: The final identity? – Some political considerations.

Phoenix Society Churchill College, Cambridge, England 10th November, 2005.





I should like to begin by thanking the Phoenix Society for the invitation to be here and have the opportunity to discuss the important subject of biometrics with you.  This is something that concerns us all, since the trend is that in more and more areas of life, it is becoming necessary to find ways of ensuring that people cannot conceal or falsify their identity.


It is clear that the use of biometrics generates a debate on fundamental issues related to the human right to privacy. In my remarks I should like to touch briefly on three topics: the use of biometrics in law enforcement, the use of biometrics to control illegal immigration and the use of biometrics for ordinary civic purposes.


First, in the field of law enforcement, the need to identify people, or verify their identity, has been understood within the Criminal Justice System for many years. The recording and scrutiny of physical characteristics in support of law enforcement is nothing new: for a long time, the police have  made use of photographs (or ‘mug-shots’), and fingerprints as aids in the prevention and detection of crime. Indeed, it can be argued that the whole science of ‘biometrics’ has been used within the Criminal Justice System for over a hundred years. Now technology is rapidly refining and extending the scope of biometrics, and with the use of automation, new possibilities and challenges are opening up which may dramatically increase the effectiveness of the law-enforcement community. The change from manual to automated processing of data has called for new attention to be given to the application of data protection principles.


In order to fight organized crime or to stop terrorist groups, the police need a clear picture of who the criminals are, what they are doing, where they are and how they communicate with each other. This fight has created what is called intelligence-led policing, which can only be effective with cooperation between states in order to combat, for example, activities such as drug dealing and trafficking in human beings.


Intelligence-led policing is successful when the information gathered can be used as the basis for risk analysis and profiling. Achievements in these areas, both risk analysis and profiling, at Keflavík International Airport in Iceland, were especially praised in a recent Schengen Evaluation on Air Borders. To this end, all available and legally-permitted sources are used by well-trained staff. These sources include the Schengen Information System, national databases, facial recognation systems and advanced technology for detecting falsified documents.


The political debate amongst the Schengen States is now focused on the basic question of whether the Schengen Information System should only be a control system or whether it should be used more effectively as a tool for law-enforcement investigators. Law-enforcement agencies argue that it would be an enormous advantage if the border-protection systems were connected to the law-enforcement systems. The Schengen States are now in posession of such a system.  It is being argued that by placing too narrow restrictions on law-enforcement agencies regarding the use of data, including data collected at the borders, the utility value of the system for combatting serious crime and terrorism is undermined. The obvious political task is to strike a balance between the effects on civil liberty and the advantages in terms of increased security.


The second topic I want to mention is border control.  In this, there are two main applications for biometrics: to identify criminals and to control immigration.


In the fight against illegal immigration, biometric identifiers certainly present a number of advantages. One of the methods proposed is to collect biometrics from everybody applying for a visa to enter the Schengen Area and put the information into the new Visa Information System. This would facilitate return procedures in the case of unsuccessful asylum seekers by identifying their true country of origin, as well as preventing multiple asylum claims and what is called "visa shopping" (that is, making simultaneous visa applications), by maintaining a centralized, easily accessible database.


The collecting of biometrics to prevent overstay has already proved to be effective in the UK. From the time of the first pilot project, which focussed on nationals from Sri Lanka, up to the most recent procedures, regarding Chinese citizens, the number of overstays by those who have been fingerprinted has gone down dramatically. The aim of using biometrics in the Schengen Visa Information System is to prevent illegal immigration, preferably by deterrence.


For several years now, the use of the EURODAC database, in which fingerprints have been gathered from asylum seekers in Europe, has drastically reduced duplication of the work in the Member States on processing asylum applications. This has meant that asylum seekers have not had to wait so long for answers to their applications.


My third topic is the use of biometrics for civic purposes.


Faced with rising numbers of falsified documents detected at our borders, demonstrating identity theft from our citizens, the Schengen States decided to take advantage of biometric technology in order make it easier for immigration officers to verify the identity of our own citizens. The aim is to include a chip containing biometric data, fingerprints and facial images, in passports, to be compared with the faces and fingertips of the passport holder at borders.


This was decided one year ago by the European Council and is applicable to all citizens in the Schengen Area. The decision is being disputed by some on the grounds that the EU is embarking on a policy that will make our most personal information the currency of travel, while creating one of the world´s largest surveillence infrastructures at the expense of democratic values, civil rights and liberties. The criticism has been voiced that there are important human rights implications inherent in the collection and use of biometric data. In responses the British Home Secretary,Charles Clarke, raised the question in a speech to the European Parliament, whether theHuman Rights Convention might be outdated, as regards the way jurisprudence is interpreting the text of the Convention.  He pointed out that in developing these human rights it was really necessary to balance very important individual rights against the collective right to security from those who seek to attack us through terrorist violence.


As I said at the beginning electronic biometrics is of such importance in law enforcement that all efforts need to be made now to put in place the fundamentals of efficient, accurate and cost-effective solutions. However, biometrics can not be regarded as an isolated one-stop technology.


Adopting the basic technology, and ensuring that its full benefits are available and that it is used in compatible ways all over the world – all this is a complex task.  There are also risks involved, and measures must also be taken to prevent abuse.   The European Commission has for instance been developing the Extended Access Control to avoid abuse.  This involves electronic certification of passport readers, to prevent unauthorised access to fingerprints in passports.  Without in any way underestimating the need for security measures, I feel that there could be a danger that the technical specifications, that are called for will prove to be over-ambitious and excessively complicated. 


Over-complex technology could easily work against the goal of efficiency and even against the whole concept of introducing electronic biometrics. Biometrics in passports that are not read would be useless biometrics.  Now that the specifications are almost ready, the implications in terms of cost and practical operation must be weighed carefully against the likely benefits.  It may be relevant to ask: Are we really getting added value, or are we risking failure to enhance authentication by using fingerprints in passports? And also: Are we driven by those providing and selling the technology rather than those who are going to use it or be identified by it?



While there seems in general to be more consensus on the need for biometrics in policing and controlling illegal immigration than on collecting biometrics from our own citizens, the debate shows that in all sectors there is a need to strike the right balance between the utility value of biometrics and the potential threat to privacy rights.


I fully realise that individual attitudes on this point will depend partly on the traditions and culture of each nation, and of course personal circumstances are involved as well.  I cannot answer for other nations, but I should like to end by examining the situation from the point of view of a citizen of one of the Nordic countries, and specifically an Icelander.



In Iceland and the other Nordic countries there is a long-standing tradition of keeping records of people and events. The Icelandic Sagas, written some 800 years ago, are a clear proof of this. This tradition is still strong in our own days: though people are in general well aware of their rights to privacy and other civil liberties, the keeping of records on personal identities is not only accepted, but encouraged.


I can mention one example. In Iceland a web-based database has been created that enables every Icelander to find out in a matter of seconds the entire line of his ancestors, back to the settlement of Iceland in the year 874. The database also enables people to find out whether, and how, they are related to every other Icelander, dead or alive. This database is highly appreciated by the public and is very popular.


There is also a general consensus on the need for the authorities to keep records on all persons in the country in the National Register. Everybody has an ID-number and the register records details of current residence, status regarding marriage and cohabitation, children, etc.


My Ministry is now preparing the issuing of Icelandic passports with biometric data.  All the steps taken regarding the new passports have been regularly shared with the public through the media. The only protests so far have come from professional photographers who are not happy at the fact that, for security reasons and in order to give better public service, the plan is to have passport photos taken by officials in the district commissioners’ offices around the country.


In the other Nordic countries, which also have a high level of data protection,  biometric passports have been introduced smoothly. Norway recently started producing passports with biometrics and Sweden has also introduced new ID-cards with biometrics.


To reconcile the public to this new technology, it is necessary to debate the pros and cons openly, as we are doing at this meeting, and I should like to end my remarks by thanking the organisers for their initiative in holding it.