The European Parliament adopted the resolution drafted by Carlos COELHO (EPP-ED, PT) and stressed that the introduction and processing of biometric data for identity documents needs to have particularly consistent and serious safeguards, especially regarding the way they are collected and used.
The main amendments were as follows:
- rigorous security standards equivalent to those laid down for national identity cards should be applied to the residence permit;
- the biometric features in the uniform residence permit should be used only for verifying the authenticity of the document and the identity of the holder by means of directly available comparable features when the residence permit is required to be produced by law;
- there should be a list of common obligations or requirements relating to the specificity of images, a common methodology and best practices for their implementation, and fallback procedures for persons who do not have readable fingerprints or who might be wrongly identified. There should also be appropriate procedures and specific rules for the protection of children whose biometric features are collected, especially where their fingerprints are taken;
- each Member State shall send to the Commission a list of competent authorities which are authorised to access the data on biometric features contained in the residence permits in accordance with this Regulation and any changes thereto. That list shall specify, for each authority, which data it may search and for what purposes. The Commission shall ensure the annual publication of the list in the Official Journal of the European Union and keep an updated list of competent authorities on its website;
- the following phrase was deleted: “Member States may include in the residence permit an additional contact chip as set out in Part 16 of the annex to this Regulation for e-services such as e-government and e-business.”;
- the uniform format for residence permits shall include a storage medium containing the facial image and two fingerprint images of the holder;
- the storage medium will be used only by the authorities in the Member States, as listed, which have competence to read and store the biometric data.;
- the biometric data recorded on the storage medium may not be modified or erased by any authority. Where such a need arises, a new residence permit shall be issued;
- decisions having substantial data protection implications, such as decisions on entering and accessing data, on the quality of data, on the technical compliance of storage media and on security measures for the protection of the biometric features must be made by way of regulation with the full involvement of the European Parliament. The European Data Protection Supervisor will have an advisory role in all cases having data protection implications;
- Member States shall regularly forward to the Commission evaluations of the application of the Regulation based on commonly agreed standards, in particular as regards the rules limiting the purposes for which data may be used and the bodies which may have access to the data. They shall also communicate to the Commission all problems encountered in applying this Regulation and shall exchange best practices with the Commission and among themselves.