Oxford Refugee Studies Centre: mapping the biometrics of movement into and around Europe
A new report maps the technologies such as biometrics in use, being developed or trialled across Europe for tackling the issue of migration in the region. The thorough examination finds unsettling details of technologies such as digital border force avatars to screen visa applicants, and language analysis to determine country of origin.
It also provides an overview of the shifting systems in place or under construction to handle – and share – the biometrics of millions of third-country visitors to the Schengen Area each year whose biographic and biometric details will be required. 27 European countries make up Schengen.
‘Automating Immigration and Asylum: The Uses of New Technologies in Migration and Asylum Governance in Europe,’ by Derya Ozkul and the Oxford Refugee Studies Centre, University of Oxford, finds that some new technologies may be beneficial to asylum seekers, but “migrants’ (asylum seekers’ and refugees’) interests and voices have generally not been included in the design, decision, and implementation stages.”
The study is released within a context of the European Union’s AI Act, still under debate, categorizing the use of AI for immigration as high risk.
Even its cover is an AI-generated image of mobility and migration by OpenAI’s DALL-E 2. Further illustrations are also generated by prompts, such as “speech recognition migrants,” giving an eerie visual presentation.
The report is the first outcome of the Algorithmic Fairness and Asylum Seekers and Refugees (AFAR) Project, from a consortium of universities funded by the Volkswagen Foundation.
Biometrics before, during and after the border
The report tackles a vast array of technologies. To name a few: immigration forecasting tools, automated processing of short- and long-term residency and citizenship applications, document verification, risk assessment and triaging for travel into Schengen, identification of irregular migrants in the UK, speech recognition in Latvia, dialect recognition to identify asylum seeker’s country of origin in Germany, speech-to-text transcriptions in Italy, mobile phone data extraction to verify identities and narratives in five countries, GPS ankle tags in the UK.
Biometrics are part of multiple use cases. The report draws together information and research on the EU’s controversial iBorderCtrl scheme that was tested from 2016 to 2019. It used biometric identification, document authentication, risk assessment and also sought to explore emotion recognition technology to attempt to detect whether travelers were lying.
Pre-travel, people would be presented with a “personalized Avatar agent” (animated border official) which would be adapted to the gender and language of the traveler. Responses would be collected by webcam and microgestures analyzed for lies. On arrival at an EU border their pre-screening images would be compared to images of them at previous border crossings and those thought to be at higher risk of lying would face more questioning.
The neural network it was based on was found to be biased. Further trials for the TRESSPASS project have built on iBorderCtrl.
Germany is the only country using software to detect language and dialect to ascertain an asylum seeker’s country or region of origin. By analyzing phonemes it can suggest roughly where an Arabic speaker is from. The approach, called the Language Biometric Assistance System, is only part of the federal authorities’ approach and it claims other countries are expressing an interest. Critics question the system’s accuracy and staff training in its use.
EU doubles, overlaps systems for traveler information collection
Upcoming interoperability of pan-European data collection systems will mean more biometrics being collected, and more ways for authorities to share them in more settings.
The report explains the three existing systems for processing the biometric data of people wishing to enter and stay in the Schengen Area:
The Schengen Information System (SIS) which uses biographic and biometric information for alerts on missing persons, third-country nationals considered a threat, EU arrest warrants.
The European dactyloscopy database (Eurodac) processes fingerprints of asylum applicants and irregular migrants who were previously found to cross to or stay in the Schengen area with no authorization in order to facilitate the Dublin process, notes the report. Since July 2015, Eurodac data can be accessed by law enforcement authorities and Europol.
Thirdly, the Visa Information System (VIS) also captures biometric information from the applications for short-term visas for Schengen. VIS data can also be consulted by law enforcement authorities and Europol.
The ways in which biometric data is collected is set to increase with the introduction of three new systems. They also expand the purposes it can be applied to. First up, the Entry/Exit System (EES) set to create a ring around Schengen countries. It will process biometric and biographic information for those entering Schengen for stays of up to 90 days, whether or not the trip requires a visa. Pilots have been completed in Spain and Bulgaria.
ETIAS, the European Travel Information Authorisation System, will process online applications for travel authorization (akin to ESTAs for the U.S.). ETIAS will create a watchlist of those suspected of committing serious crimes. Delays now put its launch towards the end of 2023.
Then the European Criminal Records Information System – Third Country Nationals (ECRIS-TCN) “will process and exchange information on previous convictions of TCNs, stateless persons or EU citizens who are nationals of a third country by criminal courts in the EU.”
Although designed to process data independently, following the ‘Migrant Crisis’ the European Commission began working on interoperability between the systems, hoped to be complete by the end of 2023.
The new ventures into interoperability pool the data in different groupings for different outcomes. The European Search Portal (ESP) will enable simultaneous searches of biographical and biometric data on multiple information systems (Central SIS, Eurodac, VIS, EES and ECRIS-TCN), as well as data stored in Europol and Interpol’s Stolen and Lost credentials.
The Biometric Matching Service (BMS) pulls from SIS, EES, VIS, Eurodac and ECRIS-TCN, but not from ETIAS which does not store biometric data.
Then the Common Identity Repository pools identity data, fingerprints, photographs to help police and officials in investigations and ID checks. It pulls from Eurodac, VIS, EES, ETIAS and ECRIS-TCN.
Interoperability may be beneficial for administrative and investigative purposes, but can cause severe problems for individuals if any mistakes are made such as their biometrics being attached to the wrong file, notes the report.
While the AI Act is pending
The EU’s AI Act is far from a done deal as it heads to trilogues (Council-Commission-Parliament meetings aimed to reach agreement) with the majority of the European Parliament not in favor of it in its current form.
As this report points out, the AI Act allows the development of polygraphs for migration control and law enforcement. Yet it categorizes the use of AI in migration settings as high-risk.
A December 2022 joint statement from 164 organizations and 30 individuals calls for the AI Act to prevent harm from AI systems used in migration and border control. It lists amendments necessary for its aims such as prohibiting emotion recognition and biometric categorization systems, remote biometric identification (RBI) at borders and detention facilities; re-categorize systems as high risk, such as biometric identification systems.