Biometric identifiers are measurable characteristics used to label individuals, covering a range of different physical, physiological, or behavioral elements linked to the body, from fingerprints, voice, face recognition and iris scan to DNA, earlobe, gait, vein patterns and even heart rhythm. These tools have the capacity to single out, target and track people everywhere they go, undermining several fundamental rights and basic freedoms and disproportionately affecting already discriminated groups, like unaccompanied children, women of color and all people on the move, adding an additional layer of harm.

   The collection of biometric data has been primarily reserved for criminal residents, to prevent, detect and investigate terrorist or other serious criminal offences, but now it has increasingly become central in EU borders and migration management, reflecting the idea that migration and crime are the same phenomenon.   

The collection of biometric data has been primarily reserved for criminal residents, to prevent, detect and investigate terrorist or other serious criminal offences, but now it has increasingly become central in EU borders and migration management, reflecting the idea that migration and crime are the same phenomenon.

In 2016, the EU Commission proposed to enlarge the scope of Eurodac to regain control of migration flows to the EU with “stronger and smarter borders”, mainly increasing automation at border-controls, facilitating the identification and deportation of undocumented migrants, allowing the collection of biometric data, and extending their storage period. With the 2020 New Pact on Migration and Asylum, the Commission made new proposals to amend the Eurodac Regulation, as well as the Screening Regulation and the Regulation on Asylum and Migration Management, making the collection of biometric data a mandatory step in the asylum procedures of Member States and lowering the age of migrants whose biometric data can be collected to children as young as six.

Currently, there is already an alarming surge in the use of biometric technologies all over Europe. Greece is planning a new program where the police would use hand-held devices to gather biometric information from people on a vast scale and cross-check it with police, immigration, and private sector databases, primarily for immigration purposes. In France, 73 out of 101 districts have started using a biometric system to identify migrants and determine their age, rather than the usual approach with a social worker, leading to the erroneous detention of numerous unaccompanied child migrants. Also in Spain, the government plans to invest 4.1 million euro in biometric technologies to build “smart borders” in the North African enclaves of Ceuta and Melilla.

All the wide-ranging implications that the collection, storage and use of biometric data in the area of asylum and migration pose to migrants’ fundamental rights are not fully known yet, but they include:

  • Incorrect data and discrimination. There is high trust in biometric precision but, as it relies on probability and algorithms, there is still a certain rate of false matches, inaccuracy, and biases. Two persons may have the same identity details in the IT system, such as name, date and place of birth, a person may have multiple registered identities due to data entry errors, transcription mistakes or weak civil registries in the country of origin. The accuracy of some biometric data, like fingerprints, is dependent on the age of the individual, and it is demonstrated that even the biometric resemblance between siblings or relatives has confused biometric systems. Some people may be unable to provide fingerprints due to their physical characteristics, such as injuries, disabilities, or health conditions, which are not recognized by the system. Other inaccuracies may depend on the data capture equipment itself or the environmental conditions, like the room luminosity or the sensor cleanliness. Moreover, facial recognition algorithms and biometric technologies have often shown gender and race biases, resulting to be less accurate for women and people of color than for white men. All these potential mistakes can be devastating for a person’s asylum claim, placing an additional burden to prove he/she is not who the system identifies him/her to be.
  • Racial profiling. The untargeted and mandatory processing of biometric data for international protection will have a disproportionate impact on a group already subjected to structural racism, increased surveillance, and policing. It could exacerbate the risks of racial profiling, allowing the police to increasingly target and criminalize people based on their physical appearance or perceived nationality or ethnicity, and subject them to stops, detailed searches, identity checks and investigations without any objective reason. When used by law enforcement guards on already discriminated people, the experimental use of biometric surveillance technology can perpetuate an already dangerous and racist system, expanding and exacerbating police powers and abuses.         
  • Lack of information and transparency. Biometric data at the EU’s borders are usually obtained without the person’s knowledge, consent, or free choice, as asylum seekers are often not fully informed of all aspects of the data processing and how these elements will influence their asylum claim or entry process. Normally biometric identifiers, recognized as “sensitive personal data” under the EU General Data Protection Regulation, require appropriate legal bases, additional guarantees, and impact assessments before the decision to collect and store them is taken. On the contrary, these IT systems operate outside public scrutiny, as the algorithms employed are not publicly available nor it is clear how they are reviewed, meaning that the data stored may be used for purposes which were not initially envisaged, in an experimental way.       
  • Ri-victimization. The compulsory sharing of biometric and personal data in an increasingly opaque European asylum system may lead to particular risks for rejected asylum seekers upon return or for their families in the country of origin, from retaliation measures and criminal sanctions to persecution and even death. EU law generally prohibits IT systems from sharing information with third countries revealing that a person is an applicant for international protection but such safeguards are not always and systematically followed, instead they are typically shared for return purposes or interoperability.
  • Culture of disbelief. The idea at the core of biometrics is that the individual is not trusted. The self-identified existence, the narrative own by the person, are no longer enough, without an algorithm certifying the identification of the person and compressing it into a governmental-fit representation. In case of inaccurate data, difficulties in taking fingerprints or refusal to give personal details, an asylum seeker is easily suspected of trying to avoid the Dublin procedures or of hiding criminal acts, fueling misconceptions on a link between asylum, crime and even terrorism. Within these labels, migrants registered in the IT systems face more probabilities of being subjected to criminal investigations than ordinary citizens whose personal data is not collected and stored on a systematic basis.

Despite questionable claims at the EU-level that these technologies may improve identification, public security and family reunifications, any benefits will always be vastly outweighed by these and other risks, with little to no transparency. Eventually, the privacy, equality, non-discrimination, freedom to choose residence, and liberty of movement of people on the move will be even more curtailed.

The EU Commission is aware that to take fingerprints Member States have also resorted to violence and detention, as none of the legal instruments regulating the IT systems at the EU-level explicitly prohibit the use of such coercive measures. It is even aware that people seeking international protection may resort to self-harm and to destroy their fingerprints with acid or silicone to avoid being registered in Eurodac and transferred to an EU Member State in which they don’t want to be. But instead of changing the Dublin Regulation that obstructs migrants’ own desires and free choices on who to join, what to do and where to settle, the EU is tightening the whole Dublin package with technological “smarter” walls.

The suggestion of biometric identifiers moves from the universal principle that all individuals are equal, to an unacceptable concept of rights linked to racial profiling, engraved in the body, the face, the place of birth.

The most significant effect of collecting migrants’ biometric is that irregular migration, including secondary movement to another EU Member State, is easier and faster to control and limit. The use of biometrics in border and migration management may reduce the invisibility of people migrating but only to make them more governable, to force them to return to the first country of entry, to identify unaccompanied children as adults, to detain them in case of inaccuracy or suspects, to share life-threatening data with their countries of origin. The EU Commission wants migrants to be seen, identified, and tracked, but only as deportable bodies.