Privacy International defends the right to privacy across the world, and fights surveillance and other intrusions into private life by governments and corporations. Read more »


Chapter: 

Subtle interventions and surveillance

While the Italians responded to the London bombings of July 2005 with mass arrests, the French Interior Minister announced plans for "an increase in funds for video surveillance, an acceleration in techniques for gathering telephone material and data storage and a reinforcement of early monitoring of radical elements."1

French officials spoke at length about 'intelligence-led' approaches to combating domestic terrorism. Countries across have Europe worked together to increase their powers of surveillance.

'Intelligence-led profiling' is often presented as an alternative to a discriminatory-profiling, a 'softer-touch' form of profiling. Through the accumulation and sharing of vast amounts of information, Governments can analyse this information to identify specific profiles of interest, amongst a myriad of other uses.

One strategy pursued by the European Union has been to develop computer-assisted profiling. Its purpose "is to facilitate targeted searches for would-be terrorists (...). It is closely connected to the German initiative on computer-aided preventive searches carried out by individual Member States on the basis of coordinated offender profiles (Europe-wide electronic profile searches). Such searches are essential to the success of security service operations. (...)

"On the basis of this profile each Member State searches the relevant national data bases (e.g. registers of residents, registers of foreigners, universities etc.) subject to the provisions of national law, for persons who need to be vetted more closely by the security authorities. The more detailed the offender profile, the smaller the group of persons covered by the search."2

The policy calls for increased data-sharing between EU member states and with the European Police Office, Europol. In cooperation with Europol, they would identify specific areas where the development of targeted terrorist profiles may assist the identification of terrorists.

"Developing terrorist profiles means putting together a set of physical, psychological or behavioural variables, which have been identified, as typical of persons involved in terrorist activities and which may have some predictive value in that respect. It may therefore be necessary to develop the profiles in such a way that individual profiles cover a well-defined and specialised category of persons who fulfil a particular function within a closely defined area of terrorism. It will also be necessary to update the profiles as often as necessary so that they always give a correct picture of the particular characteristics of the category of persons in question."3

The EU identifies a number of 'elements' for these terrorist profiles, including nationality, travel document, method and means of travel, age, sex, physical distinguishing features (e.g. battle scars), education, choice of cover identity, use of techniques to prevent discovery or counter questioning, places of stay, methods of communication, place of birth psycho-sociological features, family situation, expertise in advanced technologies, skills at using non-conventional weapons (CBRN), attendance at training courses in paramilitary, flying and other specialist techniques.4 They would then search through national databases hoping to identify equivalent elements in order to then presumably pinpoint terrorists.

This policy generated concern from the EU Network of Independent Experts in Fundamental Rights (CFR-CDF). In its first report from May 2003, the network argued:

The development of terrorist profiles on basis the characteristics such as nationality, age education, birthplace, psycho-sociological characteristics, or family situation - all these elements appear in the recommendation on developing terrorist profiles - in order to identify terrorists before the execution of terrorist acts and cooperation with the immigration services and the police to prevent or reveal the presence of terrorists on the territory of Member States, presents a major risk of discrimination. The development of these profiles for operational purposes can only be accepted in the presence of a fair, statistically significant demonstration of the relations between these characteristics and the risk of terrorism, a demonstration that has not been made at this time."5

In July 2003, the UK Government announced its participation in a pilot group comprising experts from a number of EU Member States to get this project off the ground.6

This is by no means the only approach to data-sharing and analysis. Another European policy initiative involves the accumulation of 'passenger name records' from carriers. This policy originally started with a request from the United States to gain access to the reservation systems of EU carriers in order to get personal information of travellers to the U.S. This information was going to be used by the Americans for automated profiling and pre-screening. Hearing of the American idea, EU clamoured to adopt its own policy to ensure access to this same information. Some of the information on these reservations systems is classified as 'sensitive' by EU privacy law, particularly as these records may reveal the passenger's racial or ethnic origin, political opinion, religion, health status or sexual preference.7 The EU ensured that the U.S. would delete this information once received, but has not yet made a similar promise on the use of this information by European Union member states.

This travel information can also be used for immigration and border management purposes. After the London attacks of July 2005, the UK Government sought access to flight records from the period before the bombings to analyse for anyone who may fit the profile of an organiser of the attacks fleeing the country.8 Access to this information was proposed to Parliament in May 2005, for use in combating terrorism but also in immigration administration. According to the government,

“[D]uring the investigation following a terrorist incident the ability to historically track the movements of the suspected perpetrators or indeed attempt to identify them by reference to their travel is a vital investigative tool. As the terrorists may have entered the country a considerable time before the incident the retention of the data for a reasonable time is therefore necessary. In addition, for immigration control purposes the ability to refer to an audit trail of movements is key to risk assessing passengers. An audit trail of movements which illustrates a passenger's compliance will weigh in that passenger's favour while evidence of non-compliance will clearly attract closer examination by an immigration officer. We see these as fundamental building blocks for enhancing border security.”9

The UK government promises that it will ignore racial and religious information. Rather this information will be used to compare the names of travellers against lists and databases of suspects. This profiling is also for long-term analysis, however. According to the government:

"Through a combination of operational experience, specific intelligence and historical analysis, the Police build up pictures of suspect passengers or patterns of travel behaviour. These pictures and patterns typically share common indicators which are developed into profiles. Access to comprehensive passenger, crew and freight data in advance of a vessel’s arrival or departure in the United Kingdom will allow officers to assess the risk presented by the people or goods carried and to mount a proportionate response. Where this involves stopping or monitoring a person or goods through the port the use of advance traveller or freight data combined with existing intelligence systems will allow a targeted intervention, with an improved likelihood of a positive outcome."10

The use of this information for border management purposes has previously raised concerns, particularly when the U.S. moved to establish its own system of passenger and immigrant profiling.

As the EU moves towards harmonising border management practices through its Visa Information System and the Schengen Information System, European privacy authorities have warned that additional data collection and profiling "may actually give rise to unlawful discrimination between applicants".11 Data collection will be expanded under the proposed 'Schengen III' treaty, where it is proposed that countries start sharing fingerprints and DNA profiles on a regular basis, as well as provide equivalent access to other databases and registers.12

The collection and sharing of DNA is part of a larger scheme to increase the collection of 'biometrics' of individuals. These are part of renewed national identity schemes to ensure national databases of relatively unique personal characteristics. Some biometrics can be sifted for racial characteristics. According to European privacy officials, DNA is particularly worrisome, because:

"while genetic information is unique and distinguishes an individual from other individuals, it may also at the same time reveal information about and have implications for that individual's blood relatives (biological family) including those in succeeding and preceding generations, Furthermore, genetic data can characterise a group of persons (e.g. ethnic communities). (...) Considering the extremely singular characteristics of genetic data and their link to information that may reveal the health condition or the ethnic origin, they should be treated as particularly sensitive data."13

Others have argued that facial recognition can also identify the ethnicity of individuals photos held in databases.

There are also adverse reactions to the technologies of biometrics. A study from the United Kingdom found that many feel criminalised by the taking of fingerprints, and some believe it is an overly intrusive process. Before interfacing with the technology, trial subgroups of '18-34yr olds', 'Black and Minority Ethnic', 'Other Religion' already showed great concern compared with the average scores. Though the level of concern later fell as they became more familiar with the technologies, it was still elevated. When later asked whether biometrics are an infringement of civil liberties, 55% within the ‘Black and Minority Ethnic’ subgroup tended to agree or agreed strongly, as did 53% of those designated as 'other religion', and 42% within the 18-34 subgroup.

The collection and sharing of all these types of information has raised significant concerns of discriminatory profiling. When the UK Government proposed to create a national identity registry, containing information on all residents including iris scans, face scans, and fingerprints, and to issue an identity card at the same time, faith and minority groups were particularly concerned. The Faith Community Consultation (FCC) consortium, which comprises representatives from the country's Christian, Muslim, Sikh, Jewish, Hindu, Zoroastrian and Bahai religions were particularly concerned of the use of cards for ethnic profiling. According to one report, the FCC stated:

"The reality is that the laws which empower intrusion into private life are being used disproportionately against members of the Muslim community... We believe that conferring additional powers on the state over citizens would compound the sense and reality of discrimination in the current climate."14

The UK Government has long-argued that residents and citizens will not be asked for ethnic and religious information. Regardless it is felt that a national registry of names, addresses, ages, and nationalities will be sufficient to enable discrimination.

Profiling is not limited to direct collection of information on one's faith. For instance until 2000, Greece included religion on their national ID card, but has since abandoned that strategy; though it is not likely that immediately relationships amongst communities in Greece improved.

One expert on the issue, Arun Kundnani of the Institute of Race Relations expressed concern that an identity scheme could lead to "disproportionate suspicion falling on Black and Minority Ethnic communities, who would be more likely to be asked to prove their eligibility." Kundnani argued that the mere creation of data stores will likely lead to abuse of data along discriminatory lines.

"The British security services will have access to this database and, as a result, will have the opportunity to use it as the basis for new kinds of 'profiling' of suspected terrorists. In Germany, a law was introduced after September 11 which placed a duty on public and private institutions to hand over to police authorities computer data on individuals whose personal profile corresponded to specific criteria that the police believed to be associated with terrorists. For example, if you were a Muslim studying engineering and the police decided that this meant you fitted the profile of a terrorist, then the university would be forced to hand over all its data about you."15

Through the subtler powers of surveillance, the ability to discriminate and profile is enhanced whether it is on the face of the policy or not.

Footnotes

  • 1. "Italy and France boost security", Reuters, July 22, 2005.
  • 2. Council of the EUropean Union, Memo from German Delegation to the Article 36 Committee, Subject: Note on computer-aided preventive searches carried out by individual Member States on the basis of coordinated offender profiles (Europe-wide electronic profile searches), Brussels, October 31, 2002, 13626/02, LIMITE ENFOPOL 130.
  • 3. Council of the European Union, Draft Council Recommendation on the development of terrorist profiles, Brussels, 14 October 2002 11858/1/02, REV 1 LIMITE ENFOPOL 117
  • 4. Council of the European Union, Draft Council Recommendation on the development of terrorist profiles, Brussels, 14 October 2002 11858/1/02, REV 1 LIMITE ENFOPOL 117.
  • 5. "EU network of independent experts in fundamental rights" (CFR-CDF), First Report, May 2003.
  • 6. WRITTEN QUESTION P-3694/03 by Sarah LUDFORD (ELDR) to the Council, Subject: Terrorist profiling.
  • 7. Frequently Asked Questions Regarding Customs and Border Protection Receipt of Passenger Name Records Related to Flights between the European Union and the United States, Information Notices adopted by The Article 29 Working Party, 11733/04/EN WP 97, Opinion 8/2004 on the information for passengers concerning the transfer of PNR data on flights between the European Union and the United States of America, Adopted on 30th September 2004.
  • 8. "Rucksack gang filmed at King's Cross 'looked like the infantry going to war'", John Steele, Daily Telegraph, July 13, 2005.
  • 9. The UK Home Office, Partial Regulatory Impact Assessment Data Capture And Sharing Powers For The Border Agencies, May 2005.
  • 10. The UK Home Office, Partial Regulatory Impact Assessment Data Capture And Sharing Powers For The Border Agencies, May 2005.
  • 11. Article 29 Working Party, 1022/05/EN, WP 110, Opinion on the Proposal for a Regulation of the European Parliament and of the Council concerning the Visa Information System (VIS) and the exchange of data between Member States on short stay-visas (COM (2004) 835 final), Adopted on 23 June 2005.
  • 12. "Some remarks on Schengen III", July 2005, available at http://www.statewatch.org/news/2005/jul/17schengen-III.htm.
  • 13. ARTICLE 29 Data Protection Working Party, 12178/03/EN WP 91, Working Document on Genetic Data, Adopted on 17 March 2004.
  • 14. “Faith groups' fears add to ID card trouble”, Jamie Doward, The Observer, August 7, 2005.
  • 15. ID cards: implications for Black, Minority Ethnic, migrant and refugee communities, By Arun Kundnani. 26 May 2005, Institute of Race Relations, available at http://www.irr.org.uk/2005/may/ak000010.html.