DOCSLIB.ORG

On Austrian Epassport Security

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Die approbierte Originalversion dieser Diplom-/ Masterarbeit ist in der Hauptbibliothek der Tech- nischen Universität Wien aufgestellt und zugänglich. http://www.ub.tuwien.ac.at The approved original version of this diploma or master thesis is available at the main library of the Vienna University of Technology. http://www.ub.tuwien.ac.at/eng On Austrian ePassport Security DIPLOMARBEIT zur Erlangung des akademischen Grades Diplom-Ingenieur im Rahmen des Studiums Software Engineering & Internet Computing eingereicht von Stefan Vogl, BSc Matrikelnummer 0926857 an der Fakultät für Informatik der Technischen Universität Wien Betreuung: Ao. Univ. Prof. Dr. Wolfgang Kastner Mitwirkung: Dr. Christian Platzer Wien, 07.08.2014 (Unterschrift Verfasser) (Unterschrift Betreuung) Technische Universität Wien A-1040 Wien Karlsplatz 13 Tel. +43-1-58801-0 www.tuwien.ac.at On Austrian ePassport Security MASTER’S THESIS submitted in partial fulfillment of the requirements for the degree of Diplom-Ingenieur in Software Engineering & Internet Computing by Stefan Vogl, BSc Registration Number 0926857 to the Faculty of Informatics at the Vienna University of Technology Advisor: Ao. Univ. Prof. Dr. Wolfgang Kastner Assistance: Dr. Christian Platzer Vienna, 07.08.2014 (Signature of Author) (Signature of Advisor) Technische Universität Wien A-1040 Wien Karlsplatz 13 Tel. +43-1-58801-0 www.tuwien.ac.at Erklärung zur Verfassung der Arbeit Stefan Vogl, BSc Inzersdorfer Straße 80/1/13, 1100 Wien Hiermit erkläre ich, dass ich diese Arbeit selbständig verfasst habe, dass ich die verwende- ten Quellen und Hilfsmittel vollständig angegeben habe und dass ich die Stellen der Arbeit - einschließlich Tabellen, Karten und Abbildungen -, die anderen Werken oder dem Internet im Wortlaut oder dem Sinn nach entnommen sind, auf jeden Fall unter Angabe der Quelle als Ent- lehnung kenntlich gemacht habe. (Ort, Datum) (Unterschrift Verfasser) i Abstract In 2006, the first passports with an embedded RFID (Radio Frequency Identification) chip were released in Austria. Since then, all data printed on the passport, except the holder’s size and signature, are additionally stored on this chip. This includes the name, date of birth and the picture printed on the data page. Since 2009, two fingerprints are stored on the chip as well. Due to the fact that the mentioned data are very sensitive, it should be well protected. In a worst- case scenario, an attacker would use his NFC-enabled (Near Field Communication) smartphone to read, replay or modify these data for malicious purpose. Currently, various mechanisms are implemented to secure this information. These mechanisms try to prevent attacks against RFID systems like skimming, cloning and data modification. This thesis provides an in-depth analysis of the security measurements implemented in the Austrian ePassport. After this analysis, a feasibility study is done on the found weaknesses. This study shows, which of the weaknesses can be practically exploited and what threats can arise of this exploitation. For practically exploitable weaknesses, a proof of concept is devel- oped, whereas their emphasis lies on the availability of the hardware to show that no specialized equipment is necessary to attack ePassports. The results of this thesis show, that attacks are possible with consumer grade hardware, espe- cially if taking into account special circumstances in the Austrian implementation of the ePass- port. Some attacks can even be implemented on an NFC-enabled off-the-shelf smartphone. iii Kurzfassung In Österreich wurden 2006 die ersten Reisepässe, ausgestattet mit einem RFID (Radio Frequen- cy Identification) Chip, eingeführt. Seitdem sind die Daten, wie zum Beispiel Name, Geburts- datum und das auf dem Reisepass aufgedruckte Foto zusätzlich auf dem Chip abgelegt. Seit 2009 werden außerdem noch zwei Fingerabdrücke auf dem Chip gespeichert. Da es sich hierbei um äußerst sensible Daten handelt, müssen diese besonders geschützt werden. Im schlimms- ten Fall könnte ein Angreifer mit einem NFC-fähigen (Near Field Communication) Smartphone diese sensiblen Daten unbefugt auslesen, kopieren oder verändern. Um dies zu verhindern, wur- den Sicherheitsprotokolle entwickelt und implementiert, die den Reisepass-Chip vor Angriffen, wie Skimming (unbefugtes Auslesen), Klonen und vor dem Verändern der gespeicherten Daten, schützen sollen. Diese Arbeit bietet eine detaillierte Analyse der im österreichischen Reisepass implemen- tierten Sicherheitsmaßnahmen. Auf Basis dieser Analyse und der gefundenen Schwachstellen wird eine Machbarkeitsstudie durchgeführt, die aufzeigt, welche dieser Schwachstellen in der Praxis ausgenutzt werden können und welche Gefahren daraus entstehen. Die Praktikabilität dieser Angriffe wird durch die Entwicklung eines Proof of Concepts gezeigt. Besonderes Au- genmerk bei dieser Entwicklung liegt auf der verwendeten Hardware, um zu zeigen, dass keine speziellen Ressourcen benötigt werden, um den elektronischen Reisepass anzugreifen. Das Ergebnis dieser Arbeit zeigt, dass Angriffe auf den Reisepass bereits mit handelsübli- cher Hardware möglich sind. Größeren Erfolg haben diese, wenn besondere Eigenschaften des österreichischen Reisepasses in Betracht gezogen werden. Einige dieser Angriffe können sogar mit gängigen NFC-fähigen Smartphones durchgeführt werden. v Contents 1 Introduction 1 1.1 Related Work . 2 1.2 Motivation . 3 1.3 Methodology and Outline . 5 2 Background 7 2.1 RFID Principles . 7 2.2 Operating Frequencies . 8 2.3 History of RFID . 9 2.4 Proximity Card Standards . 10 2.5 Application Data Units (APDU) . 12 2.6 Logical Data Structure (LDS) . 14 2.7 Chip Specifications and Performance . 16 3 Security Features 19 3.1 Basic Access Control (BAC) and Secure Messaging (SM) . 19 3.2 Passive Authentication (PA) . 23 3.3 Active Authentication (AA) . 25 3.4 Extended Access Control (EAC) . 27 3.5 Password Authentication Connection Establishment (PACE) . 29 3.6 ICAO Public Key Infrastructure . 30 3.7 Implementation of Security Features in Austrian ePassports . 33 3.8 Comparison to other countries . 37 4 Attack Vectors 39 4.1 Eavesdropping and Skimming . 39 4.2 Cloning . 41 4.3 Forgery . 42 4.4 Tracking . 42 5 Attacks 45 5.1 Bruteforce Attack on the BAC . 45 5.2 Online Bruteforce Attack . 46 vii 5.3 Offline Bruteforce Attack . 48 5.4 Relay Attack . 55 5.5 Index Manipulation Attack . 57 5.6 Attack by Once Valid Readers . 58 5.7 Insecure Inspection Systems . 58 5.8 Android Implementation . 59 6 Future Work and Conclusion 67 6.1 Future Work and Future Developments . 67 6.2 Conclusion . 68 A Detailed Error Codes 71 B Analysed Passports 73 Bibliography 75 viii CHAPTER 1 Introduction The International Civil Aviation Organization (ICAO), as the aviation agency of the United Na- tions (UN), has a long history of specifying international travel documents. In the early 1980s, they published the first edition of the ICAO 9303 document specifying ‘A Passport with Machine Readable Capabilities‘. These first machine readable passports were equipped with a Machine Readable Zone (MRZ). In this zone on the data page of the passport the most important data of the passport like the name or the date of birth are printed in an OCR-B font. In 1995, the ICAO recognized the growing importance of biometrics to link the passport tighter to its owner. To store biometric features in a machine readable way on the passport, different storage technolo- gies were examined. In the end, a contactless integrated circuit was chosen for data storage. In the following years, the first specifications for electronic passports were published by the ICAO [1]. After the 9/11 terrorist attacks on the World Trade Center, multiple countries started to im- plement electronic passports [2]. Austria started to deploy the first generation of electronic passports on June 16, 2006. This first generation included the document holder’s photo as a bio- metric feature. In 2009, the second generation, which also included an electronic representation of two of the holder’s fingerprints, was deployed. To ensure the confidentiality, integrity and authenticity of the data stored on the chip the ICAO specifies a set of security mechanisms. Some of these mechanisms are mandatory and some of them are optional. To ensure the security of the additional biometrics like fingerprints, the German Bundesamt für Sicherheit in der Informationstechnik (BSI) proposed some extended security features, which were later adopted by the ICAO. In 2004 the European Council passed the Council Regulation No 2252/2004 [3], which made the storage of two fingerprints on the passport chip and the extended security features mandatory. 1 1.1 Related Work In the last decade, not only passports have been equipped with chips, to hold the personal data, also printed on the document, but also other high security documents are being equipped with electronic storage. The European Council Directive 2006/126/EC [3] introduced the possibility to integrate a microchip into a European driving license in 2006 and in 2012, Commission Reg- ulation No 383/2012 [4] laid down the technical requirements for an electronic driving license. The microchip should include, besides the data printed on the document, at least the license holder’s face image and signature. Two fingerprints and biometric data regarding iris can be stored optionally. It is also allowed, that member states store additional country specific data on the chip. The security features to protect the sensitive data on the chip are identical to the ones used in electronic passports. Basic Access Control (see Section 3.1) is used to protect the general access to the data on the chip, whereas Passive Authentication (see Section 3.2) is used to protect the integrity of the stored data. If more sensitive data is stored on the chip, it has to be protected by Extended Access Control (see Section 3.4). The technical details for electronic driving licenses are defined in ISO 18013. Electronic driving licenses are used for example in Australia and in Mexico. Besides driving licenses, other high security documents, like residents permits and vehicle registration cards are equipped with microchips for electronic storage and protection of the data and the documents.
Recommended publications
  • Small Island

    Small Island

    We're a Small Island: The Greening of Intolerance by Sarah Sexton, Nicholas Hildyard and Larry Lohmann, The Corner House, UK presentation at Friends of the Earth (England and Wales), 7th April 2005 Introduction (by Sarah Sexton) For those of you who remember your school days, or if you have 16-year-olds among your family and friends, you'll know that April/May is nearly GCSE exam time, 1 a time of revision, panic and ... set books. One on this year's syllabus is A Tale of Two Cities . (If you were expecting me to say Bill Bryson's Notes From A Small Island , or even better, Andrea Levy's Small Island , they're for next year. 2) Charles Dickens's story about London and Paris is set at the time of the French Revolution, 1789 onwards, a time when the English hero—I won't tell you what happens at the end just in case you haven't seen the film—didn't need an official British passport to travel to another country, although British sovereigns had long issued documents requesting "safe passage or pass" to anyone in Britain who wanted to travel abroad. It was in 1858, some 70 years later, that the UK passport became available only to United Kingdom nationals, and thus in effect became a national identity document as well as an aid to travel. 3 A Tale of Two Cities was published one year later in 1859. These days, students are encouraged to do more field work than when I was at school.
  • Governance and Authentication: Ambiguous Bits and Federated Identity May 2003

    Governance and Authentication: Ambiguous Bits and Federated Identity May 2003

    Center for Strategic and International Studies Governance and Authentication: Ambiguous Bits and Federated Identity May 2003 How does a machine know you are who you say you are and what you are allowed to do? A car ‘knows’ you are authorized to drive it when you insert a metal key. An automatic teller knows who you are and how much is in your account when you insert a magnetic card and enter a Personal Identification Number. The machine isn’t actually confirming your identity; it is accepting a token issued to you by someone else, who may have taken steps to confirm at the time of issuance that you are who you say you are. Identity management and authentication are growing in importance as Internet and wireless applications and services become further integrated into business and consumer activities. Progress in resolving issues related to identity and authentication is essential to reach the full economic potential of the Internet and for its expanded use in providing new services. Identity and authentication also have deep implications for commerce, public safety, civil liberties, and privacy. Identity is a central problem for cyberspace. Digital technologies have introduced new ambiguities into the process of identification by removing an assertion of identity from any context in which we could judge its validity. There are no external clues and no opportunity for the subconscious process of judgment that often accompanies the acceptance of physical credentials. Ambiguous identities are a major source of uncertainty and risk in the digital networks that span the globe. Reducing this uncertainty and risk has been a goal for governments and companies since the public Internet1 began its dramatic expansion.
  • Mimicking News How the Credibility of an Established Tabloid Is Used When Disseminating Racism

    Mimicking News How the Credibility of an Established Tabloid Is Used When Disseminating Racism

    NORDICOM REVIEW Mimicking News How the credibility of an established tabloid is used when disseminating racism Johan FarkasI & Christina NeumayerII I School of Arts and Communication, Malmö University, Sweden II Digital Design Department, IT University of Copenhagen, Denmark Abstract This article explores the mimicking of tabloid news as a form of covert racism, relying on the credibility of an established tabloid newspaper. The qualitative case study focuses on a digital platform for letters to the editor, operated without editorial curation pre-publication from 2010 to 2018 by one of Denmark’s largest newspapers, Ekstra Bladet. A discourse analysis of the 50 most shared letters to the editor on Facebook shows that nativist, far- right actors used the platform to disseminate fear-mongering discourses and xenophobic conspiracy theories, disguised as professional news and referred to as articles. These pro- cesses took place at the borderline of true and false as well as racist and civil discourse. At this borderline, a lack of supervision and moderation coupled with the openness and visual design of the platform facilitated new forms of covert racism between journalism and user-generated content. Keywords: racism, letters to the editor, borderline discourse, digital journalism, fake news Introduction Publish your own text on the biggest news website. The People’s Voice is for people who are passionate about a cause – and want to say their piece. (Ekstra Bladet, 2016)1 This quote was placed on the front page of The People’s Voice [Folkets Røst], an online platform operated by the Danish tabloid newspaper Ekstra Bladet from 2010 to 2018.
  • MAHMOUD KESHAVARZ DESIGN-POLITICS an Inquiry Into Passports, Camps and Borders

    MAHMOUD KESHAVARZ DESIGN-POLITICS an Inquiry Into Passports, Camps and Borders

    DISSERTATION: NEW MEDIA,DISSERTATION: SPHERES,PUBLIC AND FORMS EXPRESSION OF MAHMOUD KESHAVARZ DESIGN-POLITICS An Inquiry into Passports, Camps and Borders DESIGN-POLITICS Doctoral Dissertation in Interaction Design Dissertation Series: New Media, Public Spheres and Forms of Expression Faculty: Culture and Society Department: School of Arts and Communication, K3 Malmö University Information about time and place of public defence, and electronic version of dissertation: http://hdl.handle.net/2043/20605 © Copyright Mahmoud Keshavarz, 2016 Designed by Maryam Fanni Copy editors: Edanur Yazici and James McIntyre Printed by Service Point Holmbergs, Malmö 2016 Supported by grants from The National Dissertation Council and The Doctoral Foundation. ISBN 978-91-7104-682-6 (print) ISSN 978-91-7104-683-3 (pdf) MAHMOUD KESHAVARZ DESIGN-POLITICS An Inquiry into Passports, Camps and Borders Malmö University 2016 The tradition of the oppressed teaches us that the ‘state of emergency’ in which we live is not the exception but the rule. We must attain to a conception of history that is in keeping with this insight. Then we shall clearly realize that it is our task to bring about a real state of emergency, and this will improve our position in the struggle against Fascism. Walter Benjamin, Theses on the Philosophy of History, 1969 [1940] CONTENTS ACKNOWLEDGEMENTS ................................................. 9 PREFACE ..................................................................... 13 PART I 1. INTRODUCTION: SETTING THE CONTEXT ...................
  • Homeland Calling: Political Mobilization of the Albanian

    Homeland Calling: Political Mobilization of the Albanian

    Homeland Calling: Political Mobilization of the Albanian-Macedonian Diaspora for the 2013 Local Elections in Macedonia By Erlin Agich Submitted to Central European University Nationalism Studies Program In partial fulfillment of the requirements for the degree of Masters of Art Supervisor: Professor Michael Laurence Miller CEU eTD Collection Budapest, Hungary 2013 Abstract This thesis examines the mobilization of the members of a diaspora for the purpose of engaging them in the homeland’s (local) political processes. Specifically, this thesis studies the campaign of the Democratic Union for Integration (DUI) aimed at mobilizing voters from the Albanian-Macedonian diaspora for the local elections in Kichevo, Macedonia. Based on Eva Østergaard-Nielsen’s methodological framework of analyzing transnational political processes, this thesis aims to answer three sets of questions: ‘why’ did the political leaders of DUI mobilize voters from the Albanian-Macedonian diaspora?; ‘how’ did they mobilize these voters?; and ‘then what’, that is, the implications of the mobilization. This thesis argues that a carefully crafted campaign can mobilize a large number of voters among the diaspora; whereas this mobilization can significantly impact the outcome of the political process in question. CEU eTD Collection i Acknowledgments I want to express my gratitude to the Central European University’s Nationalism Studies Department for giving me the opportunity to enroll in this Program, and to study from world renowned professors, among a very challenging group of students. I want to thank my Supervisor and Professor Michael L. Miller for his patience and interest in my thesis. His soft-spoken manner of communication motivated me to look optimistically even when I was struggling with my thesis.
  • VAULT #24 Border Control Along International Standards

    VAULT #24 Border Control Along International Standards

    NEWS AND INSIGHTS FROM THE WORLD OF ID SECURITY JUNE 2019 | #24 FEATURED ARTICLE BORDER CONTROL ALONG INTERNATIONAL STANDARDS Status, Trends and Outlook ALSO IN THIS ISSUE Infineon Technologies The case for the eData page cryptovision Why eID cards and Digital Signatures need each other Mühlbauer Providing the citizens of El Salvador with eID cards Melzer Maschinenbau When innovation meets return on investment for Identity Solution Manufacturing PAV Card A family firm supplying worldwide solutions for Govt. ID, health & finance Wibu-Systems Three decades ahead of the curve We make chips intelligent Contents Meet us at Riviera Three decades ahead of the curve 4 J045 Wibu-Systems The case for the eDatapage 8 Philip Seebauer, Infineon Technologies Border control security along international standards: status, trends and outlook 10 Detlef Houdeau, Infineon Technologies Enrollment, Personalization and Delivery of National ID Cards for El Salvador 20 Mühlbauer ID Services PAV Card – A family firm supplying worldwide solutions for Govt. ID, Health and Finance 23 PAV Card ® 2.5 on IFX, NXP, ST Why eID cards and Digital Signatures need each other 26 By Markus Hoffmeister & Klaus Schmeh, cryptovision GmbH Where innovation meets return on investment for identity solution manufacturing 31 An interview with Dirk Melzer, Melzer Maschinenbau EAL5+ certifi ed MTCOS Introducing The Silicon Trust 33 MTCOS® - ID CHIP SOLUTIONS FOR eGOVERNMENT APPLICATIONS • High Security Operating System (MTCOS®), e.g. ePassports, eIDs, eHealth cards • Independent worldwide supplier • More than 65 eID-document references • Up to EAL5+ Common Criteria certifi ed on a unique variety of chip platforms Imprint THE VAULT Published bi-annually by Krowne Communications GmbH, Berlin.
  • Fastpass Newsletter #7

    Fastpass Newsletter #7

    FastPass needs you! Do you travel by air? You can help us with our research by filling out this survey ! FastPass takes into consideration all kind of passengers. Few e-gates are currently accessible to people with disabilities or reduced mobility. If you belong to this category of users and if your are willing to share your opinion on this, please fill out this questionnaire . Spoofing prevention techniques in ABC Gates by Dieter Klawunder, CEO of MODI (Modular Digitis GmbH, Germany), member of the FastPass Consorium . The majority of passports in Europe store the biometrical face image of the passport owner on a chip. In an ABC Gate this image has to be compared with the live face image of the traveler when they are crossing the Gate or standing in front of a special ID station or kiosk. The face image is captured by a camera and matched by biometric software. For the camera itself it makes no difference whether it captures a snapshot of a live face image or a picture on a piece of paper. That makes it very easy to spoof the biometrical face recognition in ABC Gates. Such spoofing can be achieved by the presentation of a printed face on paper, a tee shirt, or by presenting a face image or video from an iPad, iPhone, tablet PC, notebook or by use of a face mask. One objective of FastPass was and is a solution for spoofing prevention which is: -Safe against false acceptance -Robust against false rejection -Fast MODI has developed an anti-spoofing solution which is based on different measurements in addition to the live face capturing.

  • Arming Big Brother the EU's Security Research Programme

    Arming Big Brother The EU's Security Research Programme Ben Hayes TRANSNATIONAL INSTITUTE Statewatch monitoring the state and civil liberties in the TNI BRIEFING SERIES European Union No 2006/1 Arming Big Brother Author: 1. Introduction: Ben Hayes beware the security-industrial complex Additional research: 2. Background: EU military and security policy 4 Max Rowlands Editor: Wilbert van der Zeijden 3. The EU Security Research Programme: a lobbyist s dream 13 Design: Zlatan Peric 4. Coming soon: from the battlefield to the border 27 Contact: Transnational Institute De Wittenstraat 25 5. Criticisms and concerns 37 PO Box 14656 1001 LD Amsterdam The Netherlands 6. Conclusions and recommendations 40 Tel: +31-20-6626608 Fax: +31-20-6757176 [email protected] www.tni.org ABOUT THE AUTHOR ISSN 1871-3408 Ben Hayes has been a researcher with the civil liberties group Statewatch since 1996, specialising in the develop- ment and implementation of EU Justice and Home Affairs policy. He is widely published on civil liberties issues in Europe and has written about policing, surveillance, crim- inal law, immigration controls, asylum policy, human rights, privacy and data protection, freedom of informa- tion and democratic standards. He works with of range of NGOs and community groups including the American Civil Liberties Union, the International Campaign Against Mass Surveillance, the Campaign Against Criminalising Contents of this booklet may Communities (UK) and the Global Freedom of Informa- be quoted or reproduced, provided that the source of tion Advocates Network. He is joint co-ordinator of the informations is acknowledged. European Civil Liberties Network, launched in October TNI would like to receive a 2005, see http://www.ecln.org/ copy of the document in which this booklet is used or I am grateful to Max Rowlands of Statewatch for addition- quoted.
  • Neoconopticon - the EU Security-Industrial Complex

    Neoconopticon - the EU Security-Industrial Complex

    Copyright and publication details © Statewatch ISSN 1756-851X. Personal usage as private individuals/”fair dealing” is allowed. Usage by those work- ing for organisations is allowed only if the organisation holds an appropriate licence from the relevant reprographic rights organisation (eg: Copyright Licensing Agency in the UK) with such usage being subject to the terms and conditions of that licence and to local copyright law. Acknowledgments Th is report was produced by Ben Hayes for Statewatch and the Transnational Institute. Additional research was con- ducted by Max Rowlands and Fiona O’Malley of Statewatch, while Tony Bunyan and Trevor Hemmings (also Statewatch) provided a constant stream of invaluable comments, infor- mation and guidance (several sections also draw heavily on Tony Bunyan’s columns for the Guardian newspaper’s ‘Liber- ty Central’ website). Th e information and analysis provided by Frank Slijper (Dutch Campaign Against the Arms Trade and TNI), Matthias (from Gipfelsoli), and Kamil Majchrzak (ECCHR) was also invaluable, as was Th omas Mathiesen’s advice in respect to the variations on the ‘Panopticon’ dis- cussed in this report. Th e report was edited by Nick Buxton and Fiona Dove of the Transnational Institute (TNI) and benefi ted from help- ful comments and suggestions from Wilbert van der Zeijden and David Sogge at TNI and Eric Toepfer of CILIP, Ger- many. Th e author also gained much insight from discussions at a number of conferences and seminars. In particular, the International Workshop on Surveillance and Democracy organised by Minas Samatas at the University of Crete in June 2008, and the seminars on the EU organised at the ‘Militarism: Political Economy, Security, Th eory’ conference at the University of Sussex, organised by Iraklis Oikonomou and Anna Stavrianakis in May 2009.
  • 27Th August 2020), Fribourg (28Th August 2020), Valais (31St August 2020)

    27Th August 2020), Fribourg (28Th August 2020), Valais (31St August 2020)

    AUGUST 27th 2020 HR WORLD TODAY FLSA, salary history reforms, 1-9 compliance It hardly seems possible to imagine it now, and the latest multimillion dollar class action. but for 30 years before World War I passports in Europe were not required. It One thing that is common to all countries was fine just to jump onto a train in Madrid around the World is the ineptitude of and travel to Moscow without any significant governments concerning legal deadlines - as formalities, or form of identification. This in Poland, and the appointment of changed during the war, but it still took unqualified government Ministers making another 66 years for standardised passports decisions on doubtful advice, as in the UK. to be introduced. Since then, and especially Courts too are continuing to issue bad or since 9/11 and COVID-19, international confusing decisions - whether it be over the travel has transformed into a nightmare of Holiday Act in New Zealand, emergency passport checks, visas, virus test certificates, leave in Italy or the ECJ's insistence that a authorization to travel certificates,face mask TUPE transfer which splits a business in two checks, social distancing rules, means an employee must also transfer to Schengen/non Schengen queues, and separate part-time jobs. security checks repeated at every international change of a plane. A subject that we could always fill the newswire with is workplace malfeasance. Such concerns have also been compounded Whether it be by errant employers, as in for employers by the spectre of immigration North Macedonia, or perfidious trade union requirements, and regulations relating to leaders - as in the latest US teamsters case.
  • Neoconopticon - the EU Security-Industrial Complex

    Neoconopticon - the EU Security-Industrial Complex

    Copyright and publication details © Statewatch ISBN 978-1-874481-34-8. Personal usage as private individuals/”fair dealing” is allowed. Usage by those work-ing for organisations is allowed only if the organisation holds an appropriate licence from the relevant reprographic rights organisation (eg: Copyright Licensing Agency in the UK) with such usage being subject to the terms and conditions of that licence and to local copyright law. Acknowledgments Th is report was produced by Ben Hayes for Statewatch and the Transnational Institute. Additional research was con- ducted by Max Rowlands and Fiona O’Malley of Statewatch, while Tony Bunyan and Trevor Hemmings (also Statewatch) provided a constant stream of invaluable comments, infor- mation and guidance (several sections also draw heavily on Tony Bunyan’s columns for the Guardian newspaper’s ‘Liber- ty Central’ website). Th e information and analysis provided by Frank Slijper (Dutch Campaign Against the Arms Trade and TNI), Matthias (from Gipfelsoli), and Kamil Majchrzak (ECCHR) was also invaluable, as was Th omas Mathiesen’s advice in respect to the variations on the ‘Panopticon’ dis- cussed in this report. Th e report was edited by Nick Buxton and Fiona Dove of the Transnational Institute (TNI) and benefi ted from help- ful comments and suggestions from Wilbert van der Zeijden and David Sogge at TNI and Eric Toepfer of CILIP, Ger- many. Th e author also gained much insight from discussions at a number of conferences and seminars. In particular, the International Workshop on Surveillance and Democracy organised by Minas Samatas at the University of Crete in June 2008, and the seminars on the EU organised at the ‘Militarism: Political Economy, Security, Th eory’ conference at the University of Sussex, organised by Iraklis Oikonomou and Anna Stavrianakis in May 2009.
  • Opening Remarks Mr

    Opening Remarks Mr

    ICAO NINTH SYMPOSIUM AND EXHIBITION ON MRTDs, BIOMETRICS AND BORDER SECURITY (Montreal, 22 to 24 October 2013) Opening Remarks Mr. Ilkka Laitinen, Executive Director, European Agency for the Management of Operational Cooperation at the External Borders of the Member States of the European Union (Frontex) Introduction Ladies and Gentlemen, Dear colleagues, I would like to start by thanking ICAO for inviting me to open this Symposium in representation of Frontex, the European Union Agency responsible for coordinating the management of the EU external borders. One of Frontex’ key tasks is to follow, and also to contribute, to research and developments relevant to border security. It is within this context that for a number of years Frontex has been cooperating with ICAO under the scope of the ICAO-led Machine Readable Travel Documents Programme, a cooperation which we value very highly. Frontex has also been particularly active in promoting greater hamonisation and interoperability in the field of Automated Border Control. Our Best Practice Guidelines on ABC have become a “soft standard” in this area and are widely used by national authorities in the EU Member States and beyond, as well by industry, standardisation bodies and other stakeholders. It is thus truly a pleasure for me to open this event that will explore the latest developments concerning these important areas of border management: identification management, travel document security and ABC systems. Let’s have a look first to the security of travel documents. This is undoubtedly one of the cornerstones of effective border management, irrespective of whether border checks are carried out manually or by automated means.