The US is planning to give up its citizens’ most precious data in exchange for the biometric data harvested by its “partner” governments in Europe and beyond.
The Biden Adminstration is currently making an offer to dozens of governments in Europe and beyond that they probably will not be able to refuse. On offer is access to vast reams of sensitive data on US citizens held by the Department of Homeland Security. It includes the IDENT/HART database, which the British civil rights organization Statewatch describes as “the largest U.S. Government biometric database and the second largest biometric database in the world, containing over 270 million identities from over 40 U.S. agencies.”
Biometric identifiers include fingerprints, facial features and other physiological characteristics that can be used for automated identification. In some cases, these identifiers have been harvested by the US government without the consent of the citizens in question (more on that later). It is now offering to share that data without their consent.
The data-sharing arrangement is being offered to all 40 countries selected for the US government’s Visa Waiver Program (VWP). That means their citizens can travel to the U.S. for up to 90 days without a visa. They include most of the EU’s 27 Member States, three of the US’ four fellow members of the Five Eye Alliance (United Kingdom, New Zealand and Australia), Japan and South Korea.
A Kafkaesque Nightmare
Of course, the US government is not offering to share the biometric data of 270 million of its citizens out of pure selfless altruism. It wants something in return — namely the biometric data of the citizens of its partner states:
“In turn, DHS may submit biometrics to IBIS partner countries to search against their biometric identity management systems in order for partner countries to provide DHS with sharable biographic, derogatory, and encounter information when a U.S. search matches their biometric records. This high-volume matching and data exchange is accomplished within minutes and is fully automated; match confirmation and supporting data is exchanged with no officer intervention.”
The emphasis in the last sentence was added by Statewatch, for good reason. In the fully digitised world that is fast taking shape around us, many of the decisions or actions taken by local, regional or national authorities that affect us will be fully automated; no human intervention will be needed. That means that trying to get those decisions or actions reversed or overturned is likely to be a Kafkaesque nightmare.
Statewatch has obtained an internal US government document titled “DHS International Biometric Information Sharing (IBIS) Program” and with the sub-heading “Enhanced Biometric Security Partnership (EBSP),” which, as Statewatch notes, is essentially a sales pitch to potential “foreign partners”:
The IBIS Program, it states, provides “a scalable, reliable, and rapid bilateral biometric and biographic information sharing capability to support border security and immigration vetting,” which:
“…creates value for the United States and its partners by detecting fraud, identifying transnational criminals, sex offenders who have been removed from the United States, smugglers of humans and narcotics, gang members, terrorists and terrorist-related information, and the travel patterns of criminals.”
The US government will also gain access to the biometric data of untold millions of law-abiding civilians of VWP countries who, like untold millions of law-abiding citizens in the US, have been caught up in their respective government’s biometric data dragnet. At least 600 law-enforcement agencies in the U.S., including ICE, have used the services of US company Clearview, which sells facial recognition tools to governments and companies after scraping the photos of hundreds of millions of people from social media platforms without their consent.
Clearview has already faced fines and bans in Britain, Canada, France, Australia and Italy, and the company faces multiple law suits in the US. Yet if the IBIS Program goes ahead, the governments of those countries will be given access to huge troves of biometric data of US citizens that US government agencies acquired from that company.
A Privacy Nightmare
Privacy campaigners on both sides of the Atlantic are rightly concerned about the potential implications of the IBIS Program, especially given the US’ much laxer approach to data protection. After a meeting of European Parliament civil liberties committee members with the DHS, Pirate Party MEP Patrick Breyer described the new U.S. policy as “blackmail” and urged the European Commission to reject the demand:
“Millions of innocent Europeans are listed in police databases and could be exposed to completely disproportionate reactions in the USA. The US lacks adequate data and fundamental rights protection. Providing personal data to the US exposes our citizens, i.e. to the risk of arbitrary detention and false suspicion, with possible dire consequences, in the course of the US “war on terror”. We must protect our citizens from these practices.”
As I noted in my April article, “Biometric Surveillance Systems Are Being Hastily Rolled Out Across the West, With Next to No Public Debate,” the problem is not just about privacy; it is about the inherent flaws within biometric systems, including facial recognition:
The systems are notoriously inaccurate on women and those with darker skin, and may also be inaccurate on children whose facial features change rapidly.
There are also concerns about who the data will end up being shared with or managed by and just how safe it will be in their hands. In December 2021, the civil liberties group Statewatch reported that the Council of the EU, where the senior ministers of the 27 Member States sit, not only intends to extend the purposes for which biometric systems can be used under the EU’s proposed Artificial Intelligence Act but is also seeking to allow private actors to operate mass biometric surveillance systems on behalf of police forces.
In February Statewatch published another report titled “Building the Biometric State: Police Powers and Discrimination.” In it the group warned that the EU’s rapid expansion of biometric profiling at borders and identity checks within the 27-member bloc risk is likely to lead to increased racial profiling of ethnic minority citizens and non-citizens.
UK and Israel Already on Board
News about the Enhanced Border Security Partnership (EBSP) surfaced last month after it was revealed that the DHS was approaching EU member state governments directly, effectively cutting out the European Commission. Like so many of these kinds of schemes, participation is initially on a voluntary basis, but from 2027 it will become mandatory under the U.S. Visa Waiver Program (VWP). In other words, if countries want their citizens to continue enjoying visa-free travel to the US, they will have to provide US authorities with access to their citizens’ biometric data.
Unsurprisingly, the UK is already participating in the new program, although no officials in the UK or the US have disclosed what kind of information is being shared. So too is Israel. In early July, The Register reported that the UK, along with three other unnamed countries, has signed up to the EBSP, which prompted the following statement from the UK Home Office:
“The UK has a long-standing and close partnership with the USA which includes sharing data for specific purposes. We are in regular discussion with them on new proposals or initiatives to improve public safety and enable legitimate travel.”
The news comes after the UK’s currently rudderless government introduced a new bill to the UK parliament that proposes significant changes to data protection, law enforcement, biometrics, digital identity and identity verification, and even modifications to the civil registry for births and deaths.
EU on a Similar Path
As I reported in April, the EU is also on the verge of building one of the largest facial recognition systems on planet Earth, ostensibly as part of wider plans to “modernize” policing across the 27-member bloc. The EU is also seeking to merge biometric data from different databases into a “Common Identity Repository,” which will be used by security forces to compare fingerprints and facial images at EU borders.
If the European Entry/Exit System (EES) goes into operation as planned in two months’ time, all travellers arriving to the EU, including those subject to a visa requirement as well as those exempted from it and admitted for a short stay of up to 90 days in a 180-day period, will have to provide fingerprints and facial images on crossing an EU external border. All Schengen states must procure the necessary technology, including fingerprint readers, face scanners and the necessary server infrastructure, to connect to the EES by September. However, some reports suggest that the ongoing supply chain crisis, in particular the acute shortage of semiconductors, is complicating matters.
This is all happening despite opposition from the EU’s own data watchdogs. Wojtek Wiewiorowski, who leads the EU’s in-house data protection agency, EPDS, which is supposed to ensure the EU is complying with its own strict privacy rules, told Politico in November that European society is not ready for facial recognition technology: the use of the technology, he said, would “turn society, turn our citizens, turn the places we live, into places where we are permanently recognizable … I’m not sure if we are really as a society ready for that.”
Flags raised by data protection officials at the EU’s European Border and Coast Guard Agency, also known as Frontex, are also being systematically ignored. Evidence gathered by the Balkan Investigative Reporting Network suggests that Frontex’s senior leadership, backed by the European Commission, is sidelining EU data protection watchdogs in order to push through the Commission’s plan to vastly expand “intrusive” data collection from migrants and refugees, regardless of warnings of institutional overreach, threats to privacy and the criminalisation of migrants:
Nayra Perez, Frontex’s own Data Protection Officer, DPO, warned repeatedly that the PeDRA expansion “cannot be achieved by breaching compliance with EU legislation” and that the programme posed “a serious risk of function creep in relation to the Agency’s mandate.” But her input was largely ignored, documents reveal.
The DPO warned of the possibility of Frontex data being transmitted in bulk, “carte blanche”, to Europol, a body which this year was ordered to delete much of a vast store of personal data that it was found to have amassed unlawfully by the EU’s top data protection watchdog, the European Data Protection Supervisor, EDPS.
Backed by the Commission, Frontex ignored a DPO recommendation that it consult the EDPS, currently led by Polish Wojciech Wiewiórowski, over the new PeDRA rules. In a response for this story, the EDPS warned of the possibility of “unlawful” processing of data by Frontex.
Enabling Digital Identity
This is all happening at the same time that the European Commission is using aid money to push countries in its outer orbit that provide large flows of migrants into the EU, mainly in Africa, to set up “large-scale, high-risk” biometric databases to manage migration flows to the EU and facilitate deportation, as Privacy International reported in 2020. They include countries with egregious human rights records.
In 2014, the governments of France, Norway, the UK and Australia, together with the Bill and Melinda Gates Foundation and the Omidyar Network, provided the seed funding for the World Bank’s Identification for Development (ID4D) program whose goal is to help countries in Africa, Asia and Latin America “realize the transformational potential of digital identification systems. The program’s implications for human rights has drawn attention from many quarters, including the NYU School of Law, which recently warned that it risks setting countries down a “digital road to hell.”
Much the same is happening in the so-called “liberal” democracies of the West. After the “success” of its vaccine passport program, the EU has already launched a pilot for a digital identity wallet. Secured by biometric identifiers, it will allow EU citizens to verify their ID, access public and private services across the bloc, and store digital documents. As I’ve noted in previous articles, a mandatory digital identity is a necessary precondition for the launch of central bank digital currencies (CBDCs), which more than 100 central banks are in the process of developing.
The official launch of the EU’s digital ID wallet is scheduled to take place as early as September 2022. To begin with, it will be offered on a voluntary basis but we all know how the so-called “Green Pass” turned out. The UK, Australia and Canada are also developing similar digital identity programs, while in the US a new digital identity bill is steadily making its way through Congress, unbeknown to most of its citizens. The complete lack of public debate or consultation is a feature, not a bug, of the digital surveillance and control systems rapidly being constructed around us.
18 comments
Comments are closed.
I am guessing it’s worse than that although I obviously have no proof. People entering the US on a visa (work, holiday, etc) will need to provide biometrics like fingerprints. They too will be part of the shared dataset whether they want to or not.
Anyone who goes through immigration in the US already gets scanned at either a kiosk. You have to opt-out and ask a Customs & Border Control Officer to not be scanned, which likely puts you on a list.
Palantir already got access to UK health data before UK gov pretended to backpedal. So US gov has all that already.
Holy [family blog].
The empire is coming home. Biometric data was being collected in Iraq and presumably Afghanistan if that’s any consolation. The American state failed hard on easymode and their future efforts will be met with the same level of success in any disastrous scenario.
I think that the sharing of any national database containing domestic biometric data with a foreign government would be suspicious from a counter-intelligence viewpoint, but not with American intelligence on the job.
Do we go with Tolkein or Herbert here? Is the one ring computer programming? Which programs are the rings of Elves? Dwarves? Humans? Looks like Covid with the test pilot rollout of vaccine passports is so much more than a simple corona virus.
One ring to rule them all,
one ring to find them,
One ring to bring them all
and in the darkness bind them.
or
“We must negate the machines-that-think. Humans must set their own guidelines. This is not something machines can do. Reasoning depends upon programming, not on hardware, and we are the ultimate program! Our Jihad is a “dump program.” We dump the things which destroy us as humans!”
Speaking of the machines … recently saw a news report that a chess playing computer (with or without artificial intelligence) broke one or more finger bones of his human competitor.
Yes, it was an AI and broke one finger of a ten year old
Russians joke that it was good news because it shows they have young men interested in chess and robotics.
The one ring is ambition. It’s always about the machines, for some reason, never about the authority structures and value systems which are so defective that machines of domination have any value in the first place.
Recalling from memory – the USA Visa form, both the green one and the electronic one, had a question, “Have you ever been convicted for a crime of moral turpitude?”
Moral turpitude? What the H is moral turpitude? I always answered NO but very nervous going through Immigration.
Knowingly lying on the Visa application could also result in a prison sentence of five to ten years, IIRC.
I have a vague memory from a tenure-track academic position I had decades ago of a document that mentioned “moral turpitude.” Acts thereof were one of the things a tenured person could be fired for. The director of our department, my boss’s boss, couldn’t even really say what it meant!
As someone else said recently, we are past the barn door being open. The barn has burnt to the ground and the fire department went home.
I can just imagine the fun a hacker might have playing with this data. And considering the current efficacy of government, I think I might watch “Brazil” again to see what happens if a bug might affect the machinery of bureaucracy. Consider how a new Dick Nixon or J. Edgar Hoover type in government might use or manipulate this biometric machinery of bureaucracy to harass those who find themselves on some “enemies list” — regrettable errors do happen.
The new system will have to revamp civil law and get sufficient civil rights procedures nullified in order to use biometric data in a trial. It sounds like lots of it is raw data, backed by nothing. So it’s not evidence quality. All that biodata needs to be processed in multiple ways and all of those pieces of information will have to be verified with hard evidence. If any of this biodata brings an indictment all of it will have to be reviewed and verified. So that’s clearly a big mess to deal with. Making me wonder how this biodata can be used against individuals in some other way. Like cold calls and other anonymous torture. What actually are the benign reasons for keeping all this biodata? They started keeping vital records in Europe in the various parishes in the 1500s. So now 600 years later we want to keep massive amounts of information that will create a digital clusterfuck, not to mention a legal one. Or a lack of semiconductors. Hard to see where the advantage lies until you get to the fine print informing us that in order to do CB digital banking it will be necessary to have a biometric wallet. This is being designed to track money. Until the electricity goes out. Really sounds like overkill.
Yep, overkill.
They are needing to project who will fall out of the workforce/military, and why? The dual-use products they’ve realized are dangerous, and the products to counter them likewise? TPTB will keep their own stats, somewhat along the lines of those unacceptablejessica tries to relate to us?
The new MIC is in Silicon Valley. Unfortunately it doesn’t make anything much less tanks and artillery. So it will focus on this sort of things and drones. The old MIC of empire was not dystopian enough for our current needs. This one is much better suited.
And, as current events are showing, their products are completely useless in “real” wars….