Automated Biometric Identification System database ABIS

ABIS contains facial and fingerprint images and palm prints which were transferred to ABIS from the following databases:

• National Fingerprint Database
• Identity Documents Database
• Database of Aliens Staying or Having Stayed in Estonia Illegally
• National Database of Prohibitions on Entry
• Database for Registering Short-term Employment of Aliens in Estonia
• National Register of Granting International Protection
• Register of Residence and Work Permits
• Visa Register
• Database of Persons Who Have Acquired or Lost Estonian Citizenship, or to Whom Estonian Citizenship Has Been Restored
• Database of Professional Acts of Consular Officers and Database of Diplomatic Passports

In ABIS, people’s data are even better protected than before, as biometric data are stored separately from names and personal identity codes.

No, the term ‘facial image’ is not new in Estonian law. It was defined in 2006 and it was established already back then that the image of an iris is not a facial image. The Estonian state does not currently have the possibility of capturing irises and it has not been created with the creation of ABIS.

The technology for capturing and comparing facial images is entirely different from the technology for identifying people on the basis of their irises. The latter is not used in Estonia and ABIS does not contain iris data. ABIS only contains facial and fingerprint images and palm prints.

Biometric data are delicate personal data, which is why to be able to capture and compare any additional data a public discussion would first have to be initiated in society and Estonian law changed. Law amendments must be approved by ministries as well as the Data Protection Inspectorate.

No, DNA data are engaged in offence proceedings and for exclusion purposes from police officers and the employees of the Estonian Forensic Science Institute. Exclusion is required, for instance, so as to promptly exclude bomb disposal experts who have worked on a bomb scene from amongst the suspects by comparing fingerprints.

DNA data are stored in the DNA Register of the Estonian Forensic Science Institute and are not stored in ABIS.

No, in order to ensure better protection of personal data, biometric data is not stored in ABIS together with biographic data, i.e. names, identity codes, citizenship, etc.

Biographic data are still stored in the current databases – such as the Identity Documents Database and the Visa Register. All data are stored separately and a person’s data set can only be assembled when a civil servant has access to both databases. This reduces potential data security risks, as it is impossible to obtain entire data sets in the case of an incident.

For instance, similarly to the recent leak of photos of personal identification documents from the Information System Authority, a leak from ABIS would also only let perpetrators obtain photos or fingerprints and it would be impossible to link these to a person’s name or identity code.

No, a person cannot request the erasure of his or her data from ABIS.

For instance, the Identity Documents Act stipulates that when a person submits a document application, he or she attaches his or her photo to it and his or her fingerprints are taken, which allow his or her unmistakable identification. The person applying for a document must therefore give his or her biometric data and allow the processing and storage of such data for producing and using the document. This is why people cannot request the erasure of their data from ABIS. However, you can always check who has accessed, used or erased your data and for what purpose by contacting the owner of the database, i.e. the Police and Border Guard Board.

Storage terms have been established by the legislator and they differ depending on the type of proceedings, as data need to be stored for the use of different purposes. Access to data is level-based. After a certain period of time has passed, data are transferred to the archive of the database, access to which is more restricted. For instance, biometric data gathered in visa proceedings are archived five years, biometric data gathered in citizenship proceedings 20 years and biometric data gathered in offence proceedings 40 years after entry into the database. Different terms have also been established for the storage of data in the archive section, for example, biometric data gathered in visa proceedings are stored in the archive section for 75 years, biometric data collected in criminal proceedings for 35 years, after which the data are deleted, and biometric data collected in citizenship proceedings are permanently stored in the archive section.

The terms have been established for the purpose of ensuring security and public order. It is important to ensure objectively certain identification and verification of identity, in order to uncover potential identity fraud in state proceedings. It is important to store the data in ABIS for a long time, as ABIS allows making enquiries for the verification of identity and identification of persons in nationally vital services, such as electronic identification of persons, digital signing, and payment services.

The data in ABIS are also relied upon by other state institutions and databases (e.g. the Population Register), notaries and other representatives of free professions and the representatives of the private sector (e.g. banks). Personal identification data need to be used throughout a person’s life cycle and in certain cases also after the person’s death, e.g. in matters related to descendance and citizenship. Data concerning obtaining Estonian citizenship and status determination are data of national archival value.

Yes, private sector institutions where personal identification is very important gain access to the data in ABIS via other databases interfaced to ABIS in order to check that the person wishing to use their services is who he or she claims to be. In other words, private sector institutions can only make one-on-one enquiries and only via another database interfaced to ABIS.

For instance, subsection 5 of § 31 of the Money Laundering and Terrorist Financing Prevention Act stipulates that credit and financing institutions have the right to use personal identification data entered in the Identity Documents Database for identifying an e-resident and verifying data. Banks can thus use the data exchange platform X-Road to make an enquiry to the Identity Documents Database which in turn requests the biometric data from ABIS and forwards the information to the bank. Banks already receive biometric data from the Identity Documents Database and the introduction of ABIS has not changed anything for them.

Data are issued from national databases to competent authorities of foreign countries only on the basis of law, international agreements or other international legal acts binding for Estonia.

Since 2008, for instance, fingerprint data enquiries can be made in the European Union in the fight against terrorism, cross-border crime and illegal migration on the basis of the treaty on stepping up cross-border cooperation, or the Prüm Convention.

No, the applicable law does not allow the use of public cameras for comparing people’s biometric data automatically to ABIS data in real time. That would be a very intensive infringement of fundamental rights and would require a clear authorisation.

Pursuant to § 34 of the Law Enforcement Act, the police or, in the cases established by law, another law enforcement agency may use monitoring equipment for monitoring in a public place for ascertaining or countering a threat or for eliminating a disturbance. A person may only be identified with his or her knowledge.

The identification of persons with public cameras is therefore not allowed.
 

No, only the civil servants of pre-defined institutions have access to ABIS. Their roles, rights and obligations are clearly defined in legal acts. Data cannot be processed without authorisation – it is prohibited and punishable.

Access to ABIS does not mean that civil servants have access to all the data. Every civil servant who is tasked with conducting proceedings can process biometric data only via the database to which he or she has access. No one can presume that they can escape punishment for unauthorised processing.

Yes, the Police and Border Guard Board has the right to check who has accessed data and made entries and when. The use of the data in ABIS can be monitored and checked in the case of every civil servant with access rights.

All the personal data processing procedures are logged in ABIS. The log shows the gathering, altering, reading, disclosing, transmitting, linking and erasing of data. The log must make it possible to determine who and why and when data has been processed and the log is encrypted in order to ensure the reliability of the log data. The log data are stored for ten years from an enquiry or entry having been made. This is necessary in order to comply with internal control measures in performing supervision over the database.

Upon receiving an access request, the Police and Border Guard Board assesses whether the person requesting access has the legal basis and the competence needed for access to ABIS data.

The users of ABIS data have to ensure with internal control measures that the data are processed lawfully. The duty of the internal control function of the Police and Border Guard Board is to analyse data processing logs in order to check the data enquiries of the Police and Border Guard Board and other institutions. For this purpose, requirements for the security and storage of data processing logs have been established in legal acts.

Technical monitoring solutions are used for detecting possible security incidents and anomalies, or data processing that differs from the usual. Monetary sanctions for violations are established for private sector institutions in contracts. In the event of a material violation by a civil servant, control or disciplinary proceedings are initiated in order to determine the circumstances.

No, the police is obligated to ascertain before commencing a procedure or proceeding that the procedure or proceeding is conducted with regard to the right person. Without ascertaining the identity of the person, the police may infringe upon the rights of the person by performing erroneous procedures or wrong data processing. Ascertaining the identity of persons is therefore mandatory in procedural procedures and no consent is required for it.

Depending on the proceedings, the relevant administrative act will not be issued in the case of refusal, e.g. a visa or travel document cannot be issued, or the proceedings will be conducted with coercion by, for instance, detaining the person for 48 hours for identifying him or her (law enforcement proceedings).

The mechanisms for acting in a critical situation are established by a three-level baseline security system class.

In the case of a possible security incident, ABIS will be switched to back-up servers that ensure the functioning of a nationally important database and exclude any data losses.