The European Parliament has approved plans to boost physical security by implementing a mass identity database, although privacy concerns persist.
The Common Identity Repository (CIR) will centralize the personal information of nearly all non-EU citizens in the EU’s visa-free Schengen region. The latter covers the vast majority of the EU except for Ireland and the UK, as well as Bulgaria, Croatia, Cyprus, and Romania.
The data — which will include fingerprints, names, addresses, photos and other info — will be consolidated from five separate systems, including databases of asylum seekers, short-stay visa applicants, and those with previous criminal convictions in the EU.
The idea is that it will enhance security in the region by minimizing information gaps and silos, helping law enforcers track terrorists and serious criminals who may otherwise be able to slip across borders undetected. Data on an estimated 300 million non-EU and some EU citizens will be stored in the CIR, according to reports.
“Global law enforcement agencies and border control personnel have been sharing information about people for decades, if not centuries,” argued John Gunn, CMO at OneSpan.
“CIR is a very positive move that will simply make the methods more timely, efficient, and effective resulting in speedier cross-border travels with less hassle and in greater safety for all as those with evil intent are more easily identified and stopped.”
However, other have voiced concerns that there are not enough safeguards to protect individual freedoms, and that the database could be a major target for hackers. EU privacy advisory body the Article 29 Working Party (WP29) explained these at length in a document last year.
“Regarding the Common Identity Repository (CIR), the WP29 is of the view that the cross-matching of various sources for identification and consolidating them in a new common database for the purpose of overall identification poses an additional interference with the rights to privacy and data protection,” it said.
“The WP29 is not convinced of the necessity and proportionality to establish such a mixed-purpose identification database including biometric data. Whether identity fraud is in practice such an essential threat to the internal security of the Union as to justify the central registering of biometric identifiers of all bona fide [third country nationals] TCN travellers, migrants and asylum seekers is not yet sufficiently established in terms of proportionality and therefore remain an issue of major concern.”