Stop Right There! EU Must Consider Proposed Border System Effect on Fundamental Rights: Privacy Supervisor


EDPS

A proposed European Union border security system must undergo an official assessment of its impact on fundamental privacy rights, the top adviser to the European Commission, the EU’s executive arm, advised.

The European Travel Information and Authorisation System (ETIAS) would require visa-exempt visitors traveling through the Schengen Area to be subject to a risk assessment for security, migration and public health risks. The Schengen Area includes most EU countries and Iceland, Norway, Switzerland and Liechtenstein that got rid of passport and any other border controls at their common borders.

The idea behind the Schengen Area was to allow the free passage of individuals in Europe. The ETIAS legislation was proposed is a response to the influx of migrants and refugees into the EU in recent years as well as concerns about terrorism. When the European Commission adopts a legislative proposal related to the processing of personal data, it is required to consult with the European Data Protection Supervisor (EDPS).

EDPS Giovanni Buttarelli noted that the EU Charter of Fundamental Rights includes data privacy and applies to any individual, even non-EU citizens, whose personal data is processed by a data controller in the EU. Because the ETIAS would collect data that “will be used to grant or deny individuals access to the EU, based on the migration, security or health risks they may pose, it is vital that the law clearly defines what these risks are and that reliable methods are used to determine in which cases they exist,” Buttarelli said.

A privacy impact assessment focused on the need for ETIAS and whether its scope is proportional to that need is “a fundamental prerequisite” to moving forward on the legislation, the EDPS said. 

To keep up with the constantly evolving world of privacy and security sign up for the Bloomberg BNA Privacy and Security Update.

By George R. Lynch