29.12.2004   

EN

Official Journal of the European Union

L 385/1


COUNCIL REGULATION (EC) No 2252/2004

of 13 December 2004

on standards for security features and biometrics in passports and travel documents issued by Member States

THE COUNCIL OF THE EUROPEAN UNION,

Having regard to the Treaty establishing the European Community, and in particular Article 62(2)(a) thereof,

Having regard to the proposal from the Commission (1),

Having regard to the opinion of the European Parliament (2),

Whereas:

(1)

The European Council of Thessaloniki, on 19 and 20 June 2003, confirmed that a coherent approach is needed in the European Union on biometric identifiers or biometric data for documents for third country nationals, European Union citizens’ passports and information systems (VIS and SIS II).

(2)

Minimum security standards for passports were introduced by a Resolution of the representatives of the Governments of the Member States, meeting within the Council, on 17 October 2000 (3). It is now appropriate to upgrade this Resolution by a Community measure in order to achieve enhanced harmonised security standards for passports and travel documents to protect against falsification. At the same time biometric identifiers should be integrated in the passport or travel document in order to establish a reliable link between the genuine holder and the document.

(3)

The harmonisation of security features and the integration of biometric identifiers is an important step towards the use of new elements in the perspective of future developments at European level, which render the travel document more secure and establish a more reliable link between the holder and the passport and the travel document as an important contribution to ensuring that it is protected against fraudulent use. The specifications of the International Civil Aviation Organisation (ICAO), and in particular those set out in Document 9303 on machine readable travel documents, should be taken into account.

(4)

This Regulation is limited to the harmonisation of the security features including biometric identifiers for the passports and travel documents of the Member States. The designation of the authorities and bodies authorised to have access to the data contained in the storage medium of documents is a matter of national legislation, subject to any relevant provisions of Community law, European Union law or international agreements.

(5)

This Regulation should lay down only such specifications that are not secret. These specifications need to be supplemented by specifications which may remain secret in order to prevent the risk of counterfeiting and falsifications. Such additional technical specifications should be adopted in accordance with Council Decision 1999/468/EC of 28 June 1999 laying down the procedures for the exercise of implementing powers conferred on the Commission (4).

(6)

The Commission should be assisted by the Committee established by Article 6 of Council Regulation (EC) No 1683/95 of 29 May 1995 laying down a uniform format for visas (5).

(7)

In order to ensure that the information referred to is not made available to more persons than necessary, it is also essential that each Member State should designate not more than one body having responsibility for producing passports and travel documents, with Member States remaining free to change the body, if need be. For security reasons, each Member State should communicate the name of the competent body to the Commission and the other Member States.

(8)

With regard to the personal data to be processed in the context of passports and travel documents, Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (6) applies. It should be ensured that no further information shall be stored in the passport unless provided for in this Regulation, its annex or unless it is mentioned in the relevant travel document.

(9)

In accordance with the principle of proportionality, it is necessary and appropriate for the achievement of the basic objective of introducing common security standards and interoperable biometric identifiers to lay down rules for all Member States giving effect to the Convention implementing the Schengen Agreement of 14 June 1985 (7). This Regulation does not go beyond what is necessary in order to achieve the objectives pursued, in accordance with the third paragraph of Article 5 of the Treaty.

(10)

In accordance with Articles 1 and 2 of the Protocol on the position of Denmark annexed to the Treaty on European Union and to the Treaty establishing the European Community, Denmark is not taking part in the adoption of this Regulation and is not bound by it or subject to its application. Given that this Regulation builds upon the Schengen acquis under the provisions of Title IV of Part Three of the Treaty establishing the European Community, Denmark will, in accordance with Article 5 of the said Protocol, decide within a period of six months after the Council has adopted this Regulation whether it will implement it in its national law.

(11)

This Regulation constitutes a development of provisions of the Schengen acquis in which the United Kingdom does not take part, in accordance with Council Decision 2000/365/EC of 29 May 2000 concerning the request of the United Kingdom of Great Britain and Northern Ireland to take part in some of the provisions of the Schengen acquis (8). The United Kingdom is therefore not taking part in its adoption and is not bound by it or subject to its application.

(12)

This Regulation constitutes a development of provisions of the Schengen acquis in which Ireland does not take part, in accordance with Council Decision 2002/192/EC of 28 February 2002 concerning Ireland’s request to take part in some of the provisions of the Schengen acquis (9). Ireland is therefore not taking part in its adoption and is not bound by it or subject to its application.

(13)

As regards Iceland and Norway, this Regulation constitutes a development of provisions of the Schengen acquis within the meaning of the Agreement concluded by the Council of the European Union and the Republic of Iceland and the Kingdom of Norway concerning the association of those two States with the implementation, application and development of the Schengen acquis (10) which fall within the area referred to in Article 1(B) of Council Decision 1999/437/EC of 17 May 1999 on certain arrangements for the application of that Agreement (11).

(14)

As regards Switzerland, this Regulation constitutes a development of the provisions of the Schengen acquis within the meaning of the Agreement signed between the European Union, the European Community and the Swiss Confederation concerning the association of the Swiss Confederation with the implementation, application and development of the Schengen acquis (12), which fall in the area referred to in Article 1(B) of Decision 1999/437/EC read in conjunction with Article 4(1) of the Council Decisions of 25 October 2004 on the signing on behalf of the European Union, and on the signing on behalf of the European Community, and on the provisional application of certain provisions of that Agreement (13),

HAS ADOPTED THIS REGULATION:

Article 1

1.   Passports and travel documents issued by Member States shall comply with the minimum security standards set out in the Annex.

2.   Passports and travel documents shall include a storage medium which shall contain a facial image. Member States shall also include fingerprints in interoperable formats. The data shall be secured and the storage medium shall have sufficient capacity and capability to guarantee the integrity, the authenticity and the confidentiality of the data.

3.   This Regulation applies to passports and travel documents issued by Member States. It does not apply to identity cards issued by Member States to their nationals or to temporary passports and travel documents having a validity of 12 months or less.

Article 2

Additional technical specifications for passports and travel documents relating to the following shall be established in accordance with the procedure referred to in Article 5(2):

(a)

additional security features and requirements including enhanced anti-forgery, counterfeiting and falsification standards;

(b)

technical specifications for the storage medium of the biometric features and their security, including prevention of unauthorised access;

(c)

requirements for quality and common standards for the facial image and the fingerprints.

Article 3

1.   In accordance with the procedure referred to in Article 5(2) it may be decided that the specifications referred to in Article 2 shall be secret and not be published. In that case, they shall be made available only to the bodies designated by the Member States as responsible for printing and to persons duly authorised by a Member State or the Commission.

2.   Each Member State shall designate one body having responsibility for printing passports and travel documents. It shall communicate the name of that body to the Commission and the other Member States. The same body may be designated by two or more Member States. Each Member State shall be entitled to change its designated body. It shall inform the Commission and the other Member States accordingly.

Article 4

1.   Without prejudice to data protection rules, persons to whom a passport or travel document is issued shall have the right to verify the personal data contained in the passport or travel document and, where appropriate, to ask for rectification or erasure.

2.   No information in machine-readable form shall be included in a passport or travel document unless provided for in this Regulation, or its Annex, or unless it is mentioned in the passport or travel document by the issuing Member State in accordance with its national legislation.

3.   For the purpose of this Regulation, the biometric features in passports and travel documents shall only be used for verifying:

(a)

the authenticity of the document;

(b)

the identity of the holder by means of directly available comparable features when the passport or other travel documents are required to be produced by law.

Article 5

1.   The Commission shall be assisted by the Committee set up by Article 6(2) of Regulation (EC) No 1683/95.

2.   Where reference is made to this paragraph, Articles 5 and 7 of Decision 1999/468/EC shall apply.

The period laid down in Article 5(6) of Decision 1999/468/EC shall be set at two months.

3.   The Committee shall adopt its rules of procedure.

Article 6

This Regulation shall enter into force on the 20th day following that of its publication in the Official Journal of the European Union.

Member States shall apply this Regulation:

(a)

as regards the facial image: at the latest 18 months

(b)

as regards fingerprints: at the latest 36 months

following the adoption of the measures referred to in Article 2. However, the validity of passports and travel documents already issued shall not be affected.

This Regulation shall be binding in its entirety and directly applicable in the Member States in accordance with the Treaty establishing the European Community.

Done at Brussels, 13 December 2004.

For the Council

The President

B. R. BOT


(1)   OJ C 98, 23.4.2004, p. 39.

(2)  Opinion of 2.12.2004 (not yet published in the Official Journal).

(3)   OJ C 310, 28.10.2000, p. 1.

(4)   OJ L 184, 17.7.1999, p. 23.

(5)   OJ L 164, 14.7.1995, p. 1. Regulation as last amended by the 2003 Act of Accession.

(6)   OJ L 281, 23.11.1995, p. 31. Directive as amended by Regulation (EC) No 1882/2003 (OJ L 284, 31.10.2003, p. 1).

(7)   OJ L 239, 22.9.2000, p. 19. Convention at last amended by Regulation (EC) No 871/2004 (OJ L 162, 30.4.2004, p. 29).

(8)   OJ L 131, 1.6.2000, p. 43.

(9)   OJ L 64, 7.3.2002, p. 20.

(10)   OJ L 176, 10.7.1999, p. 36.

(11)   OJ L 176, 10.7.1999, p. 31.

(12)  Council document 13054/04 accessible on: http://register.consilium.eu.int

(13)  Council document 13464/04 and 13466/04 accessible on: http://register.consilium.eu.int


ANNEX

MINIMUM SECURITY STANDARDS OF PASSPORTS AND TRAVEL DOCUMENTS ISSUED BY THE MEMBER STATES

Introduction

This Annex lays down the minimum level of security that the Member States’ passports and travel documents are required to provide. The provisions in this Annex are concerned primarily with the biographical data page. The generic security features also apply to the other parts of passports and travel documents.

The biographical data page may consist of various basic materials. This Annex specifies the minimum level of security for the specific material that is used.

1.   Material

The paper used for those sections of the passport or travel document giving personal particulars or other data shall meet the following minimum requirements:

no optical brighteners,

duotone watermarks,

security reagents to guard against attempts at tampering by chemical erasure,

coloured fibres (partly visible and partly fluorescent under UV light, or invisible and fluorescent in at least two colours),

UV-fluorescent planchettes are recommended (mandatory for stickers),

the use of security thread is recommended.

If the biographical data page is in sticker form, the watermark in the paper used for that page may be dispensed with. The watermark may also be dispensed with in the paper used for the inside of the passport or travel document covers. Security reagents are required on the inside covers only if data are entered there.

Stitching thread should be protected against substitution.

If a card for inserting personal data in the passport or travel document is made entirely of a synthetic substrate, it is not usually possible to incorporate the authentication marks used in passport or travel document paper. In the case of stickers and cards, the lack of marks in the materials shall be compensated for by measures in respect of security printing, use of an anti copying device, or an issuing technique according to sections 3, 4 and 5 over and above the following minimum standards.

2.   Biographical data page

The passport or travel document shall contain a machine-readable biographical data page, which shall comply with Part 1 (machine-readable passports) of ICAO Document 9303 and the way they are issued shall comply with the specifications for machine-readable passports set out therein.

The portrait of the holder shall also appear on this page and shall not be affixed but integrated into the material of the biographical data page by the issuing techniques referred to in Section 5.

The biographical data shall be entered on the page following the title page in the passport or travel document. In any event, an inside cover page must no longer be used for biographical data.

The layout of the biographical data page shall be such that it is distinguishable from the other pages.

3.   Printing techniques

The following printing techniques shall be used:

A.

Background printing:

two-tone guilloches or equivalent structures,

rainbow colouring, where possible fluorescent,

UV-fluorescent overprinting,

effective anti-counterfeiting and anti-falsification motifs (especially on the biographical data page) with optional use of microprinting,

reagent inks must be used on paper passport or travel document pages and stickers,

if the paper of the passport or travel document is well protected against attempts at tampering, the use of reagent inks is optional.

B.

Form printing

With integrated microprinting (unless already included in background printing).

C.

Numbering

On all pages inside the passport or travel document a unique document number should be printed (where possible with a special style of figures or typeface and in UV-fluorescent ink), or perforated or, in passport cards, a unique document number should be integrated using the same technique as for the biographical data. It is recommended that in passport cards the unique document number is visible on both sides of the card. If a sticker is used for biographical data the unique document number should be printed using fluorescent ink, and a special style of figures or typeface is obligatory.

If stickers or non-laminated paper inside pages are used for biographical data, intaglio printing with latent image effect, microtext and ink with optically variable properties and a DOVID (diffractive optically variable image device) shall also be employed. Additional optically variable security devices shall also be used on passport cards made entirely of a synthetic substrate, at least through the use of a DOVID or equivalent measures.

4.   Protection against copying

An optically variable (OVD) or equivalent device, which provides for the same level of identification and security as currently used in the uniform format for visas, shall be used on the biographical data page and shall take the form of diffractive structures which vary when viewed from different angles (DOVID) incorporated into the hot-sealed or an equivalent laminate (as thin as possible) or applied as an OVD overlay, or, on stickers or a non-laminated paper inside page, as metallised or partially de-metallised OVD (with intaglio overprinting) or equivalent devices.

The OVD devices should be integrated into the document as an element of a layered structure, effectively protecting against forgery and falsification. In documents made of paper, they should be integrated over as wide a surface as possible as an element of the hot-sealed or an equivalent laminate (as thin as possible) or applied as a security overlay, as described in section 5. In documents made of a synthetic substrate, they should be integrated in the card layer over as wide a surface as possible.

If a synthetic card is personalised by laser engraving, and an optically variable laser written device is incorporated therein, the diffractive OVD shall be applied at least in the form of a positioned metallised or transparent DOVID, to achieve enhanced protection against reproduction.

If a biographical data page is made of a synthetic substrate with paper core, the diffractive OVD shall be applied at least in the form of a positioned metallised or transparent DOVID, to achieve enhanced protection against reproduction.

5.   Issuing technique

To ensure that passport or travel document data are properly secured against attempts at counterfeiting and falsification, biographical data including the holder’s portrait, the holder's signature and main issue data shall be integrated into the basic material of the document. Conventional methods of attaching the photograph shall no longer be used.

The following issuing techniques may be used:

laser printing,

thermotransfer,

ink-jet printing,

photographic,

laser-engraving that effectively penetrates into the card layers bearing the security characteristics.

To ensure that biographical and issue data are adequately protected against attempts at tampering, hot-seal or equivalent lamination (as thin as possible) with an anti-copying device is compulsory where laser printing, thermo-transfer or photographic techniques are used.

Travel documents shall be issued in machine-readable form. The layout of the biographical data page shall follow the specifications given in part 1 of ICAO Document 9303, and the issuing procedures shall meet the specifications it sets for machine-readable documents.