EU’s tech sovereignty plan may include an independent biometric evaluation platform

The EU should establish its own biometric evaluation and testing platform to support European authorities, regulations, and businesses, and to promote the bloc’s technological sovereignty. These are the conclusions of a new policy brief issued by the EU Innovation Hub for Internal Security, coordinated by eu-LISA in cooperation with the European Commission, Europol and Frontex.

The EU currently lacks an independent capability for testing biometric technologies comparable to the U.S. National Institute of Standards and Technology (NIST), the paper says.

The primacy of NIST evaluations puts the bloc at a significant disadvantage, as it has less influence in international standardisation bodies. In the long term, the overreliance on biometric evaluations carried out by U.S. organizations could undermine the competitive position of the EU’s industry.

“Without a strong and clear plan for the independent evaluation of biometric technology at EU level, Europe risks being a rule-taker rather than a rule-maker in biometrics, both technically and politically,” the document notes.

The policy paper comes amid increasing geopolitical strain between the EU and the U.S. over technology. Last year, EU Technology Commissioner Henna Virkkunen pledged to strengthen the sovereignty of EU digital commons and the continent’s tech sector.

Other risks mentioned in the research include a lack of trusted, comparable benchmarks and fragmented evaluation across different EU states.

The continent is currently strengthening and deploying several large-scale biometric systems for border control, including the Entry-Exit System (EES). The lack of a unified evaluation system could lead to slower and riskier deployment of biometric recognition technologies.

Relying on independent organizations outside of the EU also does not address the EU’s specific needs, especially when it comes to alignment with the EU AI Act and data protection regulations.

“The core argument of this Policy Brief is that the development of an independent evaluation capability for biometric recognition systems will not only help to ensure compliance with applicable EU law but will also reinforce the EU’s technological sovereignty,” says the paper.

The first step to a solution is to establish a common biometric data repository, followed by a centralised biometric evaluation and testing platform. The repository datasets should reflect the demographics and use cases relevant for EU authorities and be compliant with the data protection rules.

The policy paper only recommends replacing evaluations that aim to measure a biometric system’s accuracy, error rates and biases. This does not include third-party certifications and conformity assessments, which demonstrate compliance with certain regulations or standards.

The EU Innovation Hub for Internal Security also provides a list of current European organizations involved in biometric evaluation, including the Biometrics Evaluation Centre (BEZ) in Germany, the French National Institute for Research in Digital Science and Technology (Inria) and EU-funded projects such as Biometrics Evaluation and Testing (BEAT).

The organization is hosted by Europol and brings together representatives from different European agencies and innovation labs. Aside from biometrics, it also publishes on encryption, AI, open-source solutions, blockchain, and other technologies.

Article Topics

biometric testing  |  biometrics  |  EU  |  eu-LISA  |  Europe  |  regulation  |  research and development  |  tech sovereignty