Abstracts of the CHALLENGE INTERNATIONAL CONFERENCE The Exchange and Storage of Data, Paris, October 10-11, 2008

Friday 10th October

Issues of Sovereignty

Didier Bigo

Sovereignty in a time of global (in)security

The increased use of exchanges of personal data in security matters, which are handled at the

european and transnational level, raises crucial questions concerning the protection of EU citizen abroad with regard their freedom to travel and their right to be assisted if they are subject to security interviews linked with watch lists, and the protection of foreigners when they want to arrive in the EU. Increasingly, practices surveillance and controls are not only located at the borders, they are extraterritorial. They use information concerning individuals coming from abroad or from a previous storage of a previous travel. But extraterritoriality and democracy are always in a difficult match. So the question of security imperatives is even more sensitive when we are speaking of extraterritorial places, i.e. located in special zones of airports or ports or international train stations located in other countries, or offshore, or delegated to private firms checking the consistency of travels documents, before the consulates examinations if the persons are submitted to visa, or/and transport companies, than when we speak of control internally. Furthermore, the number and locus of control are not anymore related only with interstate diplomacy, they are related to certain categories of populations considered as risky and which need to be submitted to additional controls and checks before they arrive. The prevention of danger (categorized as terrorism, organized crime, human trafficking or overstay of illegal migrants) is the main argument to legitimate the intensity of the collaboration between border guards, customs, police, intelligence services, and the necessity of high speed communication justifying exchanges of data at the transnational level. It supposes good interoperability between different platforms and technical systems for the exchange of data, and capacity to trace movements of people throughout their journey, while making substitutions of identity impossible (ie the will to develop more and more biometric identifiers, and to exchange them via data bases at a higher speed than the travel itself – API-PNR for example). But how much information is needed to certify authenticity at the point of arrival of someone who is already known at the point of departure? What is the level of trust between the bureaucracies in charge? Why do the governments trust less the individual itself about its own identity? Is it him they don’t trust or its government and the documents it issues? The relations between the individual on the move and the two state bureaucracies are all changing. From the point of view of the legal and judicial guarantees offered to the traveling citizen and foreigner, especially in the management of his personal data, how can he be sure of the quality of exchange between the bureaucracies concerning him? What happens to him if the state of arrival is suspicious of him and does not trust the state of origin to produce the truth? From the point of view of the different states, why do we have such a crisis of trust concerning, not only the narrative of the individual, but the documents delivered by other states? Why do we move towards the idea of forgery and false documents by the individuals themselves (networks of traffickers creating false document)? In a time of global discourses of insecurity and terror, are some states trying to expand their national interest and protection of their citizens abroad, running the risk to be detrimental to other citizens and other states, creating double standards, and trying to manage directly citizens of other states as a form of global foreigner - traveler registry? If it is the case, it seems that we are witnessing a major transformation of state sovereignty relations in the name of security. Asymetric sovereignty and domination of the most technological states are practices embedded into the discourses of global cooperation against global threats

Round table debate

The need for data exchange, the transatlantic dimension and the issue of soveriegnty

Kevin O’Connell

Abstract

The US investment in knowledge management for security purposes is allowing it to advance its frontier screening procedures in time and space.

The Department of Homeland Security is now developing its security systems by including personal privacy constraints at the design stage. This facilitates legislative oversight, the creation of robust procedures and public reassurance. However, the rights of citizens in other countries depend on the level of transparency that exists between the techniques used in the US systems and those used in their own country. Individual rights used to be a matter between citizens and their governments, but they are fast becoming a global issue.

While the will to develop innovative security systems flourishes, the benefits of such systems need to be clearly articulated and sufficient resources invested to implement them properly. In particular, new knowledge creation systems that use a different concept of normality to underpin security targeting activity will have a universal impact and care is needed to ensure that the reassurance they provide is properly founded in science.

Security information management is becoming so technical that security governance mechanisms may lose the initiative at the deployment stage. The keystone of citizens’ rights protection is that accountability for the use of power lies with the people who exercise executive decisions. New knowledge techniques are bringing more complexity to the decision-making process and it is essential that security agencies, particularly law enforcement bodies, are properly equipped with the training and skills to manage them effectively. Currently, knowledge management is undervalued in terms of status and investment.

Security policy should no longer consider rapid and voluminous transfers of data across national borders as some kind of lower order security activity that can be carried out without affecting national sovereignty. Discussions about PNR data relate to security inputs, not security outcomes. Systems must be viewed as a whole and this input focus will fail to deliver concrete outcomes and guarantees.

There is a need to coordinate responsibilities for ensuring that security systems are interoperable with international partners on an equitable basis.

George de La Loyère

Face à la menace terroriste et pour mieux contrôler les flux migratoires, les pays développés ont mis en place des systèmes sophistiqués de contrôle aux frontières. Même si ils échangent des informations entre eux, chacun de ces états veut rester maître de ses décisions souveraines. La confiance mutuelle reste assez relative.

Le principe de cette gestion repose sur la création de vastes fichiers incluant la liste des personnes considérées comme indésirables, dangereuses ou simplement potentiellement inquiétantes. Ces données sont ensuite comparées à celles des personnes désirant simplement voyager.

En Europe les fichiers « Schengen » servent à interdire l’accès de cet espace à toute personne dont le signalement a été introduit par les services de police ou de justice de l’un des Etats-membres.

De même toute personne invitée à comparaître devant un tribunal ou ayant bénéficié d’une condamnation par contumace sera également signalée à travers l’ensemble des Etats-membres sous la rubrique « personne recherchée ». Enfin, les mineurs ayant disparu peuvent aussi être signalés.

Pour rendre leur système de contrôle plus opérationnel, les Américains privilégient l’enregistrement des données des passagers désirant se rendre sur leur territoire dès le pays d’embarquement.

Ils peuvent ainsi interdire l’accès de leur territoire à des personnes jugées indésirables dès avant leur embarquement. Ils peuvent aussi sélectionner les personnes sur lesquelles ils procèderont à un contrôle approfondi.

La masse des données collectée est ainsi considérable. A quoi sert-elle ? que devient-elle ? combien de temps est-elle conservée ? Il est ainsi possible de tout connaître sur ceux qui se déplacent qu’il s’agisse d’hommes d’affaires ou de simples touristes.

Les données ainsi stockées peuvent s’avérer être erronées ou totalement dépassées. L’accès au contenu de ces fichiers est pour le moins difficile et la rectification éventuelle des données quasi impossible.

Les autorités nationales et le G-29 sont confrontés à cette double exigence de ne pas empêcher la lutte contre la criminalité sans laisser pour autant dériver le principe de la protection des données personnelles. L’encadrement de la finalité de tel traitement, le droit d’accès et de rectification et le respect des durées de conservation sont au coeur des préoccupations des autorités indépendantes en charge de la « privacy ».

Erik Josefsson

PNR and FRA – The Technical Layers of Policy Making

The PNR agreements and the PNR proposal have been discussed and shaped with an increasing understanding of the technical aspects of the global booking systems which generate, use and process the very data the whole policy debate on Personal Name Records revolve around. As knowledge has increased, conflicts between set policy goals and the technical reality have emerged, such as the conflict between legal requirements to delete personal data and restrictions at the system design level which require that data is not deleted for reasons of data base consistency. Another example is the conflict between the policy requirement to not enter data, as for example trade union membership, and the existence of unrestricted free text fields, which makes identification of trade union membership possible if such data is registered in the booking systems. The high level discussion between "pull" and "push" reflects the current technical possibility, and perhaps the practice, of foreign governmental root access to airline database partitions, versus the complex technical redesign

allowing for the access of data through lawful intermediaries.

The Swedish Parliament’s recent adoption of a law which obliges all Internet access providers to transfer a copy of all communication that passes the Swedish border to the National Defence Radio Establishment (FRA) show similarities in the increased understanding of how legal and common concepts map, or don’t map, to the technical layer of Internet functionality. A prime example is the seemingly clear cut notion of the separation of Swedish Internet traffic from foreign Internet traffic for the "raw-material" retention and analyse by FRA. This notion has been discovered to be meaningless at the policy level since an email sent from Stockholm to Malmö can be routed via France, Finland and then maybe Germany or the USA. In practise, virtually all domestic Swedish traffic passes through the Swedish border. Therefore, in the latest version of amendments to the law, the concept of "the Swedish border" has been replaced with the very broad and truly inventive concept "selection of traffic thoroughfares" ("trafikstråk"). While this concept might better describe the technical layer of the policy debate, it has yet to prove itself as a meaningful word in the legal framework regulating the activities of FRA, particularly in relation to other European member state’s citizens who might need to have access to their data in case of error and right to redress.

Saturday 11th October

Technical Collaboration and the economic competitiveness of security industries

Nikos Scandamis

Abstract

Τhe increasing provision of security services by companies of the private sector raises important issues concerning the future shape of the guarantees offered to individuals in the framework of a liberal regime. It could be argued that we are heading towards the «ultraminimal state» put forward by Nozick, a point which raises a crucial question: is the «fonction publique» in a position to effectively guarantee liberties that it traditionally has the mission to protect? In view of the increasing management of security risks by private actors, and the unavoidable competition between them, the question of the relationship between liberty and security, as a binary, in its actual application, becomes acute.

Marco Malacarne

Technical collaboration and the economic competitiveness of security industries

Although technology cannot guarantee security, there is no security without technology. With this understanding, Europe will have to join forces for a solid, competitive technological base for its security industry. It is the availability of ‘peace and security’ that will drive the economy in the perspective for human development and ecological sustainability. To fulfil Europe’ssecurity ambitions, we need a strong and efficient security industry:

An industry base that can follow the demand in the most effective, "user driven" way.

An industry base that is capable of delivering security equipment as well as services in a cost efficient and economical way.

To be efficient, this sector needs a solid technology base and a transparent market.

The development of these technologies must also be based on the shared European values of human dignity, freedom, democracy, privacy and equality. These values must be integrated not only in the way the technologies are used, but also in the development of the technologies as of the very preliminary stage, in order to allow these values to be protected in all circumstances.

The introduction of a European Security Label is presently being proposed by the ’European Security Research and Innovation Forum’(ESRIF) [1]. It should be supported by a European legal framework and would constitute a common reference point for suppliers, end users, customers and society in general. This Label should contribute to a more secure European society and economy and provide an answer to the present state of real and perceived security/insecurity in Europe and the Member States. It should also certify respect for the privacy of the citizen and compliance with underpinning legislations.

As EU becomes a global Security player, its influence will undoubtedly shape the global security agenda. The world is expecting the European way to security to be expressed, and even if it is developed in the global landscape, it should remain faithful to a European model that respects human values and cultural diversity.

Abstract

En matière de sécurité, la biométrie et plus généralement les applications de gestion d’identité citoyenne présente l’avantage de réunir une triple problématique : d’enjeux industriels, de posture politique notamment entre l’Europe et les Etats-Unis, et enfin de respect de la protection des données personnelles.

S’agissant des enjeux industriels, si l’Europe détient une position incontournable en matière de conception et de production de titres d’identité modernes avec les quatre premiers acteurs mondiaux ; la situation est plus contrastée s’agissant des systèmes et des équipements biométriques. A l’exception notable de l’européen Sagem Sécurité qui détient une place de leader mondial sur les systèmes automatiques et les terminaux d’empreintes digitales, les autres technologies biométriques majeures, à savoir la reconnaissance de l’iris et du visage, sont l’apanage de l’industrie américaine qui a commencé, avec la société L1, une phase de consolidation de nombreux acteurs du domaine. Enfin en matière d’intégration de grands systèmes de gestion d’identité, sur le plan international on retrouve en premier rang des acteurs nord américains. En Europe seul un ou deux industriels peuvent afficher des références comparables à celles de ces acteurs.

S’agissant des enjeux politiques, après 2001 les Etats-Unis ont fait passer la technologie biométrique du champ des activités de libre concurrence à celui de technologie stratégique de souveraineté. Cette technologie participe, de façon structurellement construite, plus centrée sur des solutions dédiées et projetables à l’extérieur des frontières qu’inter-opérables, à l’effort de sécurité nationale. L’Europe pour sa part, ne peut prendre acte que de sa diversité en matière d’arbitrage du concept de liberté-sécurité et d’industrie de souveraineté. C’est ainsi que l’on constate des retards ou des décalages des principaux programmes nationaux et européens. Dans le même temps les Etats-Unis entament l’investissement d’une deuxième génération technologique de programmes majeurs (US-VISIT et FBI).

Sur le plan de la protection des données personnelles, face à des Etats-Unis, peu doctrinale, le Groupe européen de l’article 29, riche d’idées et de principe en la matière s’évertue à rester dans une posture de censeur éclairé, alors que d’autres pays, comme le Canada par exemple, participe au débat et à la recherche transformant l’handicap industriel en avantage compétitif. Par contre, en matière de recherches l’Europe a ouvert plusieurs thématiques ambitieuses notamment avec le programme TURBINE (TrUsted Revocable Biometric IdeNtitiEs) de biométrie révocable.

Face à un tel constat, sous peine de devenir un acteur politique et industriel de second rang, il est temps pour l’Europe de relancer la dynamique des grands programmes, de s’impliquer davantage dans l’évaluation et la normalisation des technologies biométriques et de conduire une politique de recherche sur ces technologies et sur leur mise en oeuvre avec l’ensemble des acteurs concernés, notamment en matière de protection des données.

Thierry Leterre

Technology and the engineering of security: securing the secure

Technology plays an important role in the concept of contemporary practices and designing of security. However, for private consulting firms offering such services, technology is only one tool in an array of solutions and is integrated in what is considered as a «strategy». It cannot be dissociated from a global approach of organization, as one element of a general process, even if security is a particularly sensitive issue. Technology is therefore regarded as part of the strategy as an element that has to fit other demands which consultant firms translate into organizational demands. Such an analysis in terms of strategy allows the reduplication of technologies of security in different contexts, hence the new concept of «versatility» in the use of technology. Another issue is the risk for the technology itself. Information systems are themselves threatened by frauds or simply by business interruption. To that extent, security technologies apply to securing technologies themselves.

Round table debate

The development of biometric technology and the interoperability of data exchange system

Edgar Beugels

Abstract

As a general introduction the tasks of Frontex, in acco rd ance with its mandate, will be highlighted. It is important to understand what Frontex does, but even more importantly, what Frontex doesn’t or can not do. Bo rd er control and bo rd er surveillance pose their own ch all enges and increasingly the Member States are looking for smart solutions to face these ch all enges. The introduction of new technologies is at the core of the Integrated Bo rd er Management Strategy of the EU.

Biometrics have made their way into the bo rd er control process some time ago and are expected to further increase their role in the near future.

Harmonization and integration of bo rd er surveillance systems in use in the different Member States in o rd er to establish a common monitoring and information sharing environment is the long term goal for EUROSUR. The creation of such a common situational picture rega rd ing the external bo rd er of the EU Member States is already long ove rd ue.

Saturday 11th October

Protection of fundamental human rights and freedom at the international level

Peteris Zilgalvis

Protection of fundamental rights and freedoms at the international level, including data protection

While human rights are ’prima facie’ a taken-for-granted concept and value in Europe and other democratic countries, their violation occurs not only in totalitarian regimes but also in/by democracies indicating that they are far from uncontested and surely are not universally practiced. This is why fundamental rights figure so prominently in EU enlargement processes and external relations, and why a European Charter of Fundamental Rights was established. This is why projects like CHALLENGE and discussions as the one we are having today are so important. Definitions and concepts differ also between the EU and other States and this is a subject for continued research.

The EU is a unique actor from the legal point of view (and not only) given the supremacy of EC law and its binding nature. This makes the EU a strong supranational actor with regard to the protection of some fundamental rights that relate, for example, to antidiscrimination. However, the current status of the European Charter of Fundamental Rights makes the EU less strong that it could be –until this is solved- concerning the protection of other fundamental rights as those related to the integrity of the person. In addition, the problems regarding mutual recognition also present some challenges concerning the EU capacity as legal defender of human rights and fundamental freedoms.

The interface between Community law and the ECJ, the Strasbourg Court, and international law and Courts is a key and complex subject. The EU is a strong supporter of international human rights and humanitarian law and of judicial bodies such as the ICC. Indeed this is a component of the ’effective multilateralism’ that the EU s pursuing in its international relations. One of the areas which requires further reflection and research in such context is the one of the accountability of private security companies/actors, addressed within CHALLENGE and other projects (e.g. PRIV-WAR) and data protection in relation to the sharing of personal data and the mutual utilisation of databases across different jurisdictions.

Elspeth Guild

The state’s right to know, the individual’s right to privacy

Ascertaining the correct identity of the individual, and in particular the foreigner is increasingly accepted as a security issue. Behind this political acceptance is concern about identity fraud, the use of false documents and other means by which the individual ceases to be visible in the identity assigned to him or her to the state. The rising concern in Europe and elsewhere about document fraud is focused around the individual: are passports and identity documents sufficiently secure so that individuals cannot tamper with them or falsify them easily; are the mechanisms for confirming identity sufficiently robust that the individual cannot circumvent them and become some one else? To address these insecurities, databases containing substantial amounts of data information about individuals as an important security tool have become widely accepted in many liberal democracies (Brouwer 2008). The US Department of Homeland Security agreement with the European Union on the collection of passenger name records provides an insight into the issue of security and identity and the foreigner who is some other country’s citizen. However, the EU Member States have all joined in the creation and use of many databases containing information about individuals (Geyer 2008). The most developed databases containing information about individuals are those which relate to foreigners. Three deserve further comment, these are the Schengen Information System (I and II), the EURODAC database and the Visa Information System (not yet active).

Capturing, retaining, using, exchanging, manipulating data about individuals raises substantial concerns about the right of individuals to their identity. It is easier for states to take data about foreigners than about their own citizens. As the UK rolls out its biometric data card for foreign nationals, the government has made it clear that the amount of information captured from the individual and the use to which it can be put are far wider than those which will apply to identity cards for British citizens when that system is rolled out. Thus the question – whose citizen? and whose foreigner? becomes important. At the moment the European Commission is in the process of negotiating a data protection agreement with the USA which it hopes to sign in 2009. This diplomatic effort is related to the great resistance of the European Parliament to the Passenger Name Record (PNR) agreement with the USA which provide very little in the way of data protections for EU citizens obliged to provide their personal data to US authorities (see below). According to EUbusiness, the EU and USA have agreed twelve principles but a key obstacle remains the right of the individual to take court action if information about them is misused. Europeans do not have the same legal rights in the US as US citizens have under European data protection rules.

But the individual whose data is captured becomes vulnerable to the state’s use of that data. If the individual is signaled as a potential terrorist and that information is too casually exchanged with the authorities of other states the consequences for the individual may be catastrophic. The case of Maher Arar, a dual Canadian/Syrian national, in respect of whom the Canadian intelligence services provided less than accurate information to the FBI as a result of which Mr Arar was detained when passing through in September 2002 and sent to Syria where he was tortures for a year. Finally he was released back to Canada. In September 2008 a Canadian Commission of Inquiry found not only that he had no links with political violence but that the Canada authorities had failed to protect him as regards his data. The Canadian Government paid Mr Arar CAN$10 million in compensation. He case against the US authorities has been rejected by the US courts.

The Swedish authorities received information that two Egyptian nationals who were seeking asylum in their country were potential security risks. As a result, Mr Alzery and Mr Agiza were detained in Stockholm where they were living in December 2001 and handed over by Swedish authorities to US and Egyptian security agents on Swedish territory where, according to the UN Committee against Torture they were subjected to inhuman and degrading treatment and probably torture in Sweden before being taken on a US charter flight to Egypt where they were subject to torture.

In this presentation I will examine:

the current state of EU US exchange of data on individuals;

the principles of data protection which apply in the EU;

the EU data bases in respect of foreigners;

the problem of remedies.

Diana Alonso Blas

The European Union’s Judicial Cooperation Unit (Eurojust) is a new European Union body established in 2002 to enhance the effectiveness of the competent authorities within Member States when they are dealing with the investigation and prosecution of serious cross-border and organised crime.

Eurojust needs to receive, store and further process personal data regarding to persons subject of an investigation or prosecution as well as, in some cases, victims and witnesses to deal with the cases referred by the national authorities. In order to protect the rights of such individuals, Eurojust has put in place a very comprehensive set of rules further developing the provisions contained in the Council Decision creating Eurojust of 28 February 2002: the rules of procedure on the protection and processing of personal data at Eurojust, adopted by the College of Eurojust unanimously in October 2004 and approved by the Council in Brussels in February 2005. Eurojust has also introduced an extensive number of organisational and technical measures to guarantee that a high level of protection is offered while allowing Eurojust to work effectively. In particular, an automated case management system (CMS) has been developed which ensure automatic compliance with most of the data protection requirements imposed by its legal framework. The rights of the individuals (access, correction and deletion) are guaranteed not only by the internal procedures of Eurojust but also by the possibility for individuals to lodge an appeal with the independent Joint Supervisory Body of Eurojust, whose decisions are final and binding to the organisation.

The data protection system of Eurojust is a good example of how sectoral data protection rules, very detailed and specific as well as adapted to the needs, objectives and methods of working of the organisation provide a high level of protection to individuals.

Laurent Touvet

Abstract

Les échanges d’informations en matière de coopération policière et de renseignement ne sont pas nouveaux mais se sont intensifiés en raison des développements technologiques.

D’un point de vue juridique, l’enjeu majeur concerne les mesures de protection relatives aux échanges des données personnelles et à la conservation de ces données ; lorsque deux Etats échangent des informations relatives à une personne, l’un est détenteur de données et souhaite en faire un usage approprié, l’autre souhaite tirer une efficacité maximale des informations qui lui seront remises. Il s’agit alors de se demander quel est le cadre juridique qui régit ces échanges, comment ce cadre a été façonné et comment il peut être amélioré pour mieux protéger les données à caractère personnel lors des échanges entre Etats.

Il existe aujourd’hui une spécificité européenne qu’il est possible de qualifier d’exception européenne, dans la mesure où chaque Etat dispose d’une législation reposant sur des principes intangibles. Dans le même temps, les Etats membres au sein de l’Union européenne ont conçu un environnement juridique protecteur régissant l’usage de ces données. C’est pourquoi le modèle européen constitue aujourd’hui un système qui n’est pas la simple addition des législations nationales : il dispose au contraire d’une identité propre, avec des règles et des mécanismes originaux.

Il est évident que la menace terroriste est la plus spectaculaire et justifie des réponses opérationnelles adaptées justifiant de disposer d’informations précises sur les individus impliqués. Néanmoins il ne faut pas perdre de vue que les accords permettant l’échange de données avec les pays tiers concourent à lutter contre d’autres phénomènes criminels, comme la lutte contre la traite des êtres humains. Ainsi la question de la protection de la vie privée ne doit pas rester l’apanage d’un club restreint d’un petit nombre d’Etats démocratiques. Le droit européen et au-delà les principes qui le sous-tendent ont vocation à servir de modèle, y compris pour des Etats qui ignorent encore cette problématique.

Police and intelligence services have for long been exchanging information. Yet recent technological improvements have all the more intensified cooperation in those fields since needs have been increasing.

From a legal point of view, the main issue at stake regards the way personal data are stored and therefore how they are protected. When two States exchange a piece of information related to a person, one owns it and is responsible of it and the other wishes to make an efficient use of it. In this regard one may consider the legal framework which rules the data exchanging between national law enforcement authorities and wonder how this framework has been designed and how to improve it as far as data protection in the process of exchanging is concerned.

There is today an actual European specific framework to which we can refer to as a European exception inasmuch as regulations based on intangible principles and values are implemented in each national State. Meanwhile EU member States have been creating a protecting legal environment in order to clarify the usage of the data. The latter is the reason why the European model is not only the simple coalition of national regulations but instead it is built as a real system. The European model is provided with its own identity composed of original rules and mechanisms.

The terrorist threat obviously happens to be the most impressive issue and justifies proportionate operational solutions. Nevertheless one should keep in mind that the agreements allowing the exchange of data with non EU member States participate in the combat against other criminal activities such as the trafficking in human beings. As a result the data protection issue should not be reserved for a few democratic States. European law and its principles and values are bound to be used as a model for other countries including those who have so far been ignoring the issue of data protection.

Round Table Debate

Fundamental Human Rights and the Protection of Freedom at the International Level

Mathijs Le Rutte

Abstract

The need to protect individual and personal data pertaining to refugees has two distinct elements. Primarily, as all persons on whom data is collected, refugees’ right to privacy needs to be respected. This will often be a challenge as refugees have left their familiar surroundings and their lack of knowledge on rights and procedures tends to hamper access to justice on an equal level as nationals. Secondly, the breakdown of the relationship between citizen and State, as demonstrated by the refugee’s fear of persecution, activates the need for international protection. One of the fundamental protections that refugees require is that information about them, including their mere whereabouts, does not fall in the hand of the persecutory State.

States’ growing concern about national security -and in particular subsequent efforts to combat international terrorism- have caused unprecedented controls on travel and movement of people. Measures that have been introduced focus for instance on the verification of a person’s identity, the sharing among States of information on people traveling, or requests for access to databases containing information on visa requests or asylum requests. The requirements that these processes impose on people often go far beyond the level that can be reasonably expected of refugees, considering the often precarious conditions under which they flee. There are serious concerns that these restrictive measures undermine the fundamental right to seek and enjoy asylum, and even jeopardize the principle of non-refoulement.

Equally worrying is the trend of criminalization of asylum. Especially in the European context, there are a number of information systems in the area of asylum, migration and law enforcement. Proposals for their inter-operability and the sharing of data among Member States, or even with third States, seriously undermines data protection principles, among which the principle of purpose-specificity. While there may well be criminal elements seeking to abuse the asylum system, a conclusion that asylum-seekers are per definition suspicious is not only grossly flawed, but also unlawful.

Beyond Europe, similar developments undermine refugee protection. The arbitrary use of information processed through Interpol can allow States to issue arrest warrants or commit other acts of a persecutory nature, or can ultimately lead to return to the country where persecution is feared. In addition, there is increased pressure for the use of biometric technology to compensate for a perceived lack of accuracy in determining a person’s identity by conventional means. If not adequately regulated and properly justified this can pose a serious threat to a refugee’s rights to privacy.

For UNHCR, compliance with data protection principles has an internal and an external dimension. Adherence to the GA Resolution on computerized personal data files provides a framework both for internal protection of refugee data and for the sharing with third parties. The external level is much more challenging where UNHCR should live up to the task of advocating that systems and procedures born out of security concerns do not undermine the fundamentals of refugee protection.