On May 27, 2005, France, Germany, Austria, Belgium, Spain, Luxembourg and the Netherlands signed the Prüm Treaty (named after the German town where the event took place), also known as “Schengen III”. On December 18, the European Commission published its ” Proposal for a Regulation of the European Parliament and of the Council on the automated exchange of data for police cooperation”, which aims to allow a faster and easier exchange of data between Member States, in particular through the use of retrospective facial recognition.
Adopted on June 23, 2008, with the aim of supporting cross-border police and judicial cooperation in criminal matters, the Prüm Treaty allows for the automated exchange of DNA, fingerprints and vehicle registration data. Since its adoption, it has helped to intensify the fight against crime and terrorism in the EU, but the European Commission believes that there are still gaps in the exchange of information and that improvements are possible and even necessary.
The European Council, for its part, has stressed the importance of the data exchange made possible by the Prüm Treaty and has asked the Commission to consider revisions to broaden its scope and update the necessary technical and legal requirements.
Prüm II
The proposal envisages the creation of 2 central routers: the Prüm II router and EPRIS, the European Criminal Records Index System, to which Member States will be able to connect directly rather than to each other, thus avoiding the creation of new data processes, the extension of access rights or the replacement of national databases.
This hybrid approach would ensure that law enforcement authorities have quick and controlled access to the information they need to perform their duties, in accordance with their access rights.
Prüm II envisages the automated exchange of additional categories of data, such as facial images and criminal records, which are essential, according to this proposal, to enhance the effectiveness of criminal investigations and identify criminals.
Europol will be an essential part of Prüm II: it will be possible for member states to automatically check biometric data held by the agency from third countries, and the agency will in turn be able to compare national data from member states.
Facial recognition, a criticized technique
Facial recognition systems raise questions about data protection issues and the risks of infringing on individual freedoms.
The European Parliament has adopted a resolution calling for strict rules concerning their use in law enforcement, including a ban on facial recognition technologies in public spaces. At the national level, the CNIL recently launched a public consultation on the use of smart cameras. Many NGOs are calling for governments to stop using them.
Prüm II will rely on retrospective facial recognition and not on the real-time surveillance that smart cameras allow. Police forces will have access to still images from CCTV cameras, social media, phone and mug shots. They will then be able to compare them with photos in their databases of people who have been in trouble with the law.
European Digital Rights (EDRi), an association representing 44 European organizations defending rights and freedoms in the digital environment, was invited by the European Commission to consult the changes planned by Prüm II. It then stated that it strongly opposes the extension of the Prüm framework to facial images in Member States’ criminal investigation databases and asked the EC to launch a truly democratic debate at the European level.
Ella Jakubowska, EDRi’s policy advisor, argues that identifying people after the fact is just as problematic as in real time, and states:
“When you apply facial recognition to footage or images retrospectively, the damage can sometimes be even greater, because of the ability to go back, for example, to a demonstration three years ago, or to see who I met five years ago, because I am now a political opponent. “
She adds:
“What you are creating is the most extensive biometric surveillance infrastructure I think we have ever seen in the world. “
Wojciech Wiewiorowski, the European Data Protection Supervisor of the EDPS who is tasked with ensuring the consistent application of the GDPR, has been critical of the use of facial recognition for Prüm II.
He states:
“Automated facial image search is not limited to serious crimes only, but could be carried out for the prevention, detection and investigation of any criminal offense, even minor ones. “
It calls for more guarantees for the protection of the privacy rights of individuals. The European Parliament and the European Council should take these considerations into account before legislating.
Translated from Reconnaissance faciale : focus sur la proposition Prüm II relative à l’échange automatisé de données pour la coordination policière