Europe’s New Biometric Data Collection System: Border Security or Privacy Risk?

The European Union (EU) will begin collecting biometric data on non-EU travelers in October 2025, replacing manual passport stamping.

The Entry and Exit System (EES) is an automated information system that registers travelers and stores their data on a centralized platform. EES will collect information including names, travel documents, facial images and fingerprints.

Travelers from third-country nations (i.e., non-EU countries) will be registered at the external border for most of the EU states, otherwise known as the Schengen Borders.  When traveling within the Schengen area, or internal borders, travelers can continue to move freely without passport stamps or customs.

Therefore, the EES will only apply to those entering or leaving the external borders; this includes all EU countries (except for Cyprus and Ireland) and four non-EU countries (Norway, Iceland, Switzerland, and Liechtenstein). Very few countries in Europe are not in the EU and will not participate in the same system, like many of the Balkan countries including Bosnia and Herzegovina, they have their own security systems.

The EU says that replacing manual passport stamping with this digital biodata system will enhance border security, prevent identity fraud, and prevent people from over-staying. Travelers are only allowed to stay in the EU for 90 days during a 180 period, staying longer than that could result in fines, deportation, and entry bans. EES will automatically flag travelers who exceed the 90-day limit.

The initial delays with implementing the new system may impact travelers, particularly at busy entry points and ports where travelers would need to exit their vehicles for their biometric data to be collected.

What are the concerns?

Biometric data has been collected on a massive scale in the United States and in India, and continuing in that direction worldwide raises ethical concerns. The United States holds one of the largest databases with the biometric data of hundreds of millions of people, nearly all foreign nationals are required provide their fingerprints and photos upon entering the US—even for short holidays. In 2024, nearly 750 million travelers went to European destinations, a staggering amount of data will be amassed in the EES system.

However, the EU’s Independent Fundamental Rights Agency and other experts in privacy and human rights have warned that storing this data raises concerns about data privacy. Travelers worry that centralized data storage with sensitive data like fingerprints and photos of millions of people could be hacked, misused by law enforcement, and used for mass surveillance.

There are also concerns that the algorithms could develop biases and contribute to racial profiling and discrimination. Facial recognition technologies have been proven to work poorly on people of color.

Fingerprints are taken for travelers 12 years of age and older, but facial images will be captured for everybody—including babies.

Not only that, but there is a power imbalance between law enforcement and travelers or those seeking asylum. People may not understand that their data is collected, or why, leaving them more vulnerable.