I527-290 ESRIF Final Report (WEB).indd - European Commission
I527-290 ESRIF Final Report (WEB).indd - European Commission
I527-290 ESRIF Final Report (WEB).indd - European Commission
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
The Electronic System for Travel Authorization (ESTA) is another means by which we could increase the proactiveness of border<br />
control. It can be seen as a lightweight visa for travellers entering a country with a visa waiver status. The idea of the system<br />
is that airline passengers register with the destination government in advance of their travel. Once screened, passengers are<br />
subject to reduced screening as their records will be kept on fi le for few years. This solution reinforces the level of security for<br />
third country nationals and also facilitates the control of most travel as details can be checked in advance. The EU is planning<br />
to possibly introduce such a system. The US has introduced their ESTA system in January 2009.<br />
8.3.2.4 Diff erentiate various types of traveller at the points of controls<br />
Travellers will be able to cross the border more effi ciently if they are in possession of highly trusted and secure documents and/<br />
or if they complied with pre-registration schemes (like ESTA).<br />
Whenever possible when a passenger arrives at border control carrying the proof of identity the controls should be faster. This<br />
has the advantage of motivating people to comply with all possible security requirements and as a result help the authorities<br />
to focus on the people who represent the highest threats.<br />
8.3.2.5 Coordination required for eff ective implementation of EAC<br />
While there has been some focus on national certifi cation systems, a lot of work still remains on international aspects of<br />
creation, distribution, exchange, update, and revocation of EAC certifi cates.<br />
There is a risk that without any coordination at the <strong>European</strong> level, the system will not get a chance to develop itself, and real<br />
interoperability shall remain a chimera for a long time. If this happens, fl aws in systems addressing the fi ght against terrorism and<br />
illegal immigration, which should be always based on the MRZ reading and on the single Basic Access Control (BAC), will remain.<br />
Furthermore, industrial partners who have invested for years signifi cant technological and fi nancial eff orts to provide real interoperability<br />
between the Member States in the EAC protocol would not understand if their eff orts were not supported by strong political will.<br />
8.3.3 Importance of uniform legislation<br />
8.3.3.1 Legal discrepancies create weakness points<br />
Legislation in the physical world<br />
Some identity documents are less secure than others. Without very strong cooperation and harmonisation among the<br />
Member States, low security identity documents could be used in some countries when they are refused in others. Such legal<br />
discrepancies could facilitate terrorism activities. No matter how strict the laws are in a given country, if a single Member State<br />
is more permissive then it is the entire security of the Union that is weakened.<br />
Legislation on the Internet<br />
The Internet is growing inexorably all over the world in all directions and in all areas: messaging, e-commerce, electronic data,<br />
fi les, photos and videos, newspapers and forums. To oversee the billions of electronic communications of all kinds, States have<br />
undertaken a legal revolution by signing a large number of international conventions on copyright, trade and the electronic<br />
signature, cybercrime, data protection, patents, etc. However, the Internet continues to remain outside the legal, judicial and<br />
criminal sovereignty of the states.<br />
As stated in a report on data breaches12 , the cyber criminal operates with several distinct advantages:<br />
Higher yield—vulnerable systems hold information on tens of thousands of victims.<br />
Less target resistance—when breached, systems tend not to fi ght back and many do not keep a record of what happened.<br />
Low target sensitivity—it often takes system owners weeks or even months to discover a breach. This allows the criminal to<br />
harvest information over a longer period of time.<br />
Easier escape—when they are detected, it is signifi cantly easier for the cyber criminal to run and disappear.<br />
12 “2008 DATA BREACH INVESTIGATIONS REPORT” – Verizon, 2008<br />
187