This is the list of frequently asked questions for TRESSPASS. Most answers contain references to other sources, including TRESSPASS deliverables. The answers to this set of frequently asked questions are unclassified. Some of those referenced deliverables may be classified. We strive for useful and correct answers to these questions. If you spot an error or have an additional question, please contact us through the options available here.
TRESSPASS is a European research project in the H2020 framework. TRESSPASS is about risk-based border control. That means: stringent border checks where needed, relaxed checks where possible.
The increased flow of travelers at European border crossing points, and dynamic global developments have led to a need from border guards and border crossing point operators for more flexibility, while keeping the EU as safe and secure as before, or more so. Fixed border checks do not allow for that flexibility. Modern technology applied within a risk based border control doctrine may facilitate more flexible border checks. But it is not sure how, and if, that can be done in a way that fits within EU ethical, legal and societal values. Specifically, relaxing border checks is currently not allowed, as it is not clear how the EU can be kept as safe and secure as with the current, rule-based, approach. This situation has motivated the EC to publish a call for research with a topic called “risk-based border control”. [H2020 BES-15]
TRESSPASS is about border control at border crossing points, within the context of the four tiers of [EU’s Integrated Border Management]. TRESSPASS is about all hazards and all modes of transport. However, in the pilots we have made a specific selection in those. TRESSPASS is not about travel security, such as aviation security. It is also not about the security of critical infrastructures, such as the security of an airport. It is not about border surveillance such as is done between border crossing points in the open country, in woods, along rivers or on sea. TRESSPASS is not about scenario’s where mala fide travelers attempt to overwhelm the capacity of a border crossing point. The scope is described in more detail in TRESSPASS deliverable D1.2, soon to be publicly released.
The TRESSPASS results can be used to inform EU citizens about the trustworthiness of risk-based border control. How effective are they in relation to traditional rule based border control? With a risk-based border control, travelers will experience a more proportional border check. For bona fide travelers, which are estimated to be the large majority, the expectation is that the flow and accosting will improve substantially.
Current EU law allows for situational more stringent checks. But relaxing border checks for travelers is currently not allowed, because there is no trust that this can be done in a way that keeps the EU as safe and secure as with the current rule based checks. TRESSPASS is the only project that takes risk-based border control for travelers as its focus. Other projects may use the same or similar types of technologies as this project, but only in this project, these technologies are applied to attempt to generate trust in risk-based border checks. In order to do so, we attempt to learn and benefit as much from other projects as possible, as they can do from TRESSPASS.
Please consult the websites of the respective project for more, and more definitive information. We believe this is the relation between a selection of relevant projects and TRESSPASS:
- METICOS aims to create an up-to-date acceptance classification scheme as well as a societal and ethical impact dashboard of border control technologies, to empower three major sub-divisions of the wider border control sector: travelers, border control authorities and service providers.
- PERSONA is about the privacy, ethical, regulatory and social acceptance of no-gate crossing-point solutions. Risk-based border crossing point concepts can be subjected to the assessment methods of PERSONA.
- iBorderCtrl aims to enable faster and thorough border control for third country nationals crossing the land borders of EU Member States (MS). Especially the land border pilot in Poland can benefit from the experience of iBorderCTRL, and vice versa.
- D4FLY focuses on enhancing the quality and efficiency of identity verification at border crossings in all modalities: land, air and sea by providing faster and more secure border control solutions. Risk-based border control requires a robust identity infrastructure in order to make sure that information gathered from travelers in screenings and checks in different travel phases are attributed to the correct traveler.
- XP-DITE developed, and demonstrated a comprehensive, passenger-centred, outcome-focused, system-level approach to the design and evaluation of airport security checkpoints. This allowed for the development of risk-based aviation security checkpoints. Aviation security checks and border control checks can often be found in close proximity. In such cases, can a level of integration between the two lead to even more proportional checks?
- PROFILE leverages modern data analytics and new data sources for effective customs risk management. TRESSPASS focusses on the traveler and his luggage, which is also relevant for customs.
- FLYSEC is a research and innovation project that aims to develop and demonstrate an innovative, integrated, end-to-end airport security process for passengers, airports and airlines. It is mostly relevant for the air pilot and for the maritime pilot.
- SMILE proposes a novel concept of mobility that addresses the challenges at the European land borders, by designing, implementing, and evaluating in a relevant environment (TRL6) a prototype management architecture for accurate verification, automated control, monitoring and optimisation of people flows. SMILE focusses on land border crossing points. Especially the land border pilot in Poland can benefit from the experience of SMILE, and vice versa.
- ABC4U and FASTPASS are projects that aim to make border control more flexible by enhancing the workflow and harmonizing the functionalities of Automated Border Control (ABC) gates. They have established and demonstrated a harmonised, modular approach for Automated Border Control (ABC) gates. These projects do not contain a risk-based element yet, and are examples of the kind of border infrastructure that can be used to build a risk-based concept upon.
TRESSPASS has several distinct types of deliverables. These TRESSPASS results will be offered to EU member states, the European Commission, to the scientific community and to the general public. Some results can be confidential for security reasons or for reasons of intellectual property.
- The pilots showcase how and validate if certain aspects of TRESSPASS work. They will be invitation only in order to protect their scientific integrity and to protect classified information.
- The reports describe what we have done, and how this relates to the overall project goals.
- The software tools execute the TRESSPASS concept in the pilots, and is also available after TRESSPASS to allow for further development.
- Simulation software simulates risk-based border crossing points. This is essential in order to assess efficacy in relation to rare, dangerous scenario’s, or in relation to hypothetical border crossing point designs. This software will become available at a later moment.
- Dissemination events and material help make stakeholders aware of TRESSPASS in general and of the accomplishments, and help to direct focus on specific topics. Accessibility varies between open to the public (such as the website) to closed meetings about sensitive topics.
- Scientific publications describe the scientific results.
These results are used by a wide collection of stakeholders. Anyone can use these results to inform themselves form an opinion about risk-based border control. Special interest groups can use them to articulate how it affects their special interest. Policy makers can use them to improve border control policies. Border guards can use them to decide upon a move to risk-based border control. Industry and research & development organisations can use them to create products or services that suits the needs of such border guards and border control operators. In order to prevent mala fide actors to use these results, sensitive materials are classified.
- This website contains the most comprehensive overview of all public information. We encourage you to browse it. This includes the public deliverables.
- We have a Twitter account and a LinkedIn account, which will be used to inform the general audience about news related to TRESSPASS.
- There are some media that have published about TRESSPASS. The reliability of such sources may vary.
- We have a spokesperson.
TRESSPASS has a spokesperson. That is our coordinator (deputy) Dimitris Kyriazanos (email). For questions related to specific partners, pilots, technologies or other detailed questions, he will use the appropriate consortium members to provide the most accurate answer. In order to receive the most accurate and complete answers, it is best to provide written questions and allow us some time to provide an answer.
Why are there inconsistencies between TRESSPASS deliverables, or between TRESSPASS deliverables and important other sources?
There can be several factors that cause this. As with any research project, there is supposed to be progressive insight. And risks or opportunities can manifest along the way that we have to act on, such as the COVID-19 pandemic. Sometimes such inconsistencies are intentional. In those cases we will attempt to proactively identify the difference and provide clarity about the motivation. And of course we can also make mistakes. We strive for high quality, consistent and relevant deliverables. We have a quality process and quality manager that helps us accomplish this, and the deliverables are reviewed by external parties. If you have found an inconsistency, please make us aware of this, so we can provide clarity, and where needed correct it.
The shared opinion of the members of the TRESSPASS consortium is that it is worthwhile to explore risk-based border control points for an all-hazard approach across all sorts of travel modalities. The TRESSPASS website and official Twitter account reflects that opinion. Individual consortium members and trusted stakeholders can use the TRESSPASS communication platforms (blogs on the website, individual Twitter accounts, events) to articulate and broadcast their own opinions, which may not reflect the opinion of all consortium members.
The TRESSPASS consortium is aware that border control relates to ethical, legal and societal topics such as migration, social injustice, radicalization, technophilia / technophobia and inclusion / exclusion. Therefore, TRESSPASS researches such ethical, legal and societal aspects, and cooperates with other research projects specifically also on these matters. TRESSPASS research is fully compliant with EU regulations and respective national law of the partners. The TRESSPASS consortium is aware that such topics can be polarizing and can, are and will be politicized, but it does itself not have a political position. We believe this is a strength, as it makes the project results acceptable for a wide range of stakeholders. It is also a weakness, because we can and will not respond to political arguments related to risk-based border control. The only role of the TRESSPASS consortium in such a scenario is to provide reliable and neutral information.
Risk-based border control
Risk-based border control is about border control that is flexible, such that screenings and checks on travelers are made from a risk perspective. This is opposed to checking all travelers in the same manner. This allows for screenings and checks that are more proportional to the perceived risk posed by individual travelers and traveler groups. Risk-based border control relies on the reliability and timely availability of the outcome of the screening, which we believe completely relies on having high quality information available before the traveler approaches the border crossing point.
A risk based approach takes optimum advantage of available information, and helps identify missing pieces of information. But it does not require complete information in order to function. Borders, including current rule-based borders, are an important risk measure against a wide range of external and internal threats. But, just like any other risk measure, they do not provide 100% stopping power (or prevention) against unauthorized travelers. We believe 100% stopping power can only be achieved with closed borders. The key questions are: how reliable must a border crossing point be in order to provide a desired level of stopping power? And on the level of individual travelers, how accurate must the information be in order to make a sensible decision regarding his or her checks? And, how do make sure that the border crossing point is not subject to smart adversaries that somehow outsmart the border guards? These are in fact some of the main research questions for TRESSPASS. There are some ways to approach this. For example, if there is not sufficient information available in a timely manner, then the current, default rule based checks can still be applied. Or more stringent ones if required. Another approach is that signals that indicate mala fide travelers must always overrule signals that indicate bona fide travelers.
Yes. Customs, aviation security, object security, the detection of money laundering and the inspection of our food chain are typically done by taking a risk-based perspective. Every situation where there is a collection of similar cases, and where relevant details can alter the risk posed by the specific case, is suitable for a risk-based approach.
The simple answer is no: it is also about applying more stringent checks where needed, which is already allowed. The more complete answer is that it depends on what the policy makers, EC and member states decide about how to use it – and for which purpose. Risk-based border control is about making screenings and checks more proportional to the risk posed by the individual traveler. If there is information that the traveler may pose a high threat, then risk-based border control dictates that he must be checked more thoroughly. If there is no information, or no information about a threat, then the traveler can receive a default check – equivalent to a rule based check. If there is information that the traveler is bona fide then the border guard may decide to apply a more relaxed check. Again, this all depend on decisions outside of the TRESSPASS project by the EC it’s members states and their border guards.
Does risk-based border control require use of specific types of personal data and/or use of specific invasive technologies?
This is one of the research questions that we will attempt to give more clarity about. In risk-based border control, information is processed in order to assess a risk before the traveller arrives at the actual border. This does not mean that this information has to involve personal data. On the other hand, certain types of risk can perhaps only, or perhaps much better be assessed by taking personal data into account. The next question is, based on existing and new regulations, EU border guards already have to process certain types of personal data. Is that data also useful for a risk-based approach? And finally, we have identified upcoming new technologies such as profiling, social media analysis and behaviour analysis that might give significant benefits when applied in a risk-based border setting. Our goal is to organize pilots and simulations that will help provide clarity about these questions.
Yes, we believe that the knowledge created in TRESSPASS is precisely meant for such dynamic scenario’s. In fact some of these scenario’s guide our pilots. TRESSPASS deliverable D1.2 contains several fictional examples which are inspired by these real world crises and incidents. In addition, anyone can apply the project results available to them, also in such scenario’s. However, as a consortium and as a project, we have little flexibility to adapt ourselves to such often fast-changing scenario’s. For example, there is currently no consortium member with sufficient knowledge of pandemics to be able to switch within this consortium to a COVID-19-scenario. Consortium members are free to start other projects targeted to such scenario’s or others.
Research during TRESSPASS, including the pilots
TRESSPASS aims to have three pilots. One in The Netherlands, for the travel modality “air”, at Schiphol airport. One in Poland, for the travel modality “land”, at the border with Belarus. And one in Greece, for the travel modality “maritime”, at the port of Piraeus. Each pilot will also focus on a specific type of threat. TRESSPASS deliverable D1.3 contains an early description of potential scenario’s. These scenario’s will be further developed within the pilots.
The pilots serve to validate the efficacy, the practicability, the feasibility and the impact on human values, both in vivo and in vitro. This is done by performing in vivo experiments at the three pilot locations, and by running in vitro large scale simulations. The pilots do not validate the effectiveness in real operational border crossing points. That is beyond the ambition of TRESSPASS.
What is the relevance of the experiments and of the simulations for TRESSPASS? Can either be skipped?
The simulations are essential for the pilots in order to simulate operational points that may be very rare, or dangerous in real life, or that may be very costly to organize. From the experiments we expect to learn about all the practical real world aspects of risk-based border control. Both are essential, and especially their combination in one project, and in each pilot, will provide unique opportunities to learn about risk-based border control. The simulations also provide training material for border guards so they can adequately operate the TRESSPASS technologies in the experiments.
- The consortium members are subject to EU law, and have a good track record. The pilots are led by the respective border guards and executed in close cooperation with the respective border crossing point operators. They have a lot of experience with protecting personal data.
- TRESSPASS has an external ethical advisory board.
- We publish public results on our website. We publish in scientific forums with peer review and with ethical guidelines.
- TRESSPASS is subject to periodical reviews by the EC. TRESSPASS is also subject to a specific ethical review, which we passed.
The pilots use consent, specifically opt-in as legal basis for the processing of personal data of research participants. This means that they voluntarily choose to be subjected to the pilot. Participating in a TRESSPASS experiment does not have any consequence to a research participant, other than the time he invests. There are no consequences to any actual border crossing of a person before or after his participation to a pilot.
There is no relation between the data processed for the pilot, and the data processed for any actual border crossings. A more complete description is given in TRESSPASS deliverables. The data is processed in accordance with the GDPR and H2020 ethics requirements.
TRESSPASS requires a wide perspective on privacy. We believe that the definition (“conceptualization”) of privacy that is used in TRESSPASS is sufficiently wide. It includes among others the consequences of processing of personal data of travelers, the protection of the right to be left alone, and it also takes the societal consequences into account of citizens that themselves do not travel. This is described in more detail in TRESSPASS deliverable D9.6 and operationalized in deliverable D9.7
We are living in the fourth industrial revolution as we move from the era of information and communication technologies, with the help of platform-technologies, big data technologies and artificial intelligence to cyber-physical systems. Challenges we face today can both be caused by, and overcome with the help of technology. Technology can be used for good and for bad. Within TRESSPASS we focus on the benefits of certain technologies, while keeping track of the risks. This is done by always putting the human central in our work. This includes the person that is not traveling himself but wants to feel protected by borders, it includes the traveler that also wants to be left alone during his travel, and it includes the border guard that needs to work in a safe environment with adequate tools. A key strategy to avoid risks is to design those tools in a form that stimulates proper use (including the refrain of use), and prevents illegitimate or unethical use. This is a very broad and active field of research, which goes much broader than just TRESSPASS. We believe that TRESSPASS can create a safe environment within which it is possible to experiment with these technologies.
Yes. Profiling is potentially a powerful tool to separate travelers into different categories, but it has several (privacy) risks, some of which are inherent to profiling. These include among others aggregation of data, distortion, discrimination and decisional interference. We are aware of those risks, and in this context we have compiled and submitted relevant Ethics, Data and Security Impact Assessment reports under independent Ethics Audit of the EC. The purpose is to benefit from traveller differentiation while respecting fundamental rights, avoiding discrimination and keeping any relevant risks to an acceptable minimum. We cannot share the specific indicators or their weight for security reasons. We can refer or mention some examples which we believe are already in the public domain. Relevant documents will be published on our website following the conclusion of relevant reporting period review (expected by March 2021).
No. For the specific purposes of the TRESSPASS project it is not necessary to develop or test face recognition, but we do perform research on the detection of methods to spoof face recognition. Automated face recognition is part of the EU identity infrastructure. EU identity documents contain biometric facial templates. TRESSPASS relies on accurate information per traveler, collected before he arrives near the border crossing point. It is essential that the collected information is attributed to the correct traveler during all travel phases. In addition, some of the consortium members of TRESSPASS are also part of the D4FLY project, which focusses on preventing identity fraud at borders. See “related projects page”
Yes. Such sources are personal, and can be unreliable and extremely unstructured. However, they can contain information that is very relevant for border control. That can include information regarding general trends about for example migration patterns, and also information specific for individual travelers. The specific use that TRESSPASS has for this technology carries with it among others the privacy threat of intrusion, i.e. the risk that travelers feel that border guards have intruded on their personal (online) domain. We think we are aware of those risks, and that we can find ways to benefit from this technology while keeping the risks to an acceptable minimum.
Yes. Both with camera’s and with tracking systems. Several types of behaviour have been identified which may be indicative of either mala fide or of bona fide travelers. We cannot share the specific indicators or their weight for security reasons. We can refer or mention some examples which we believe are already in the public domain. The use of intelligent camera’s and tracking systems for this purpose is novel, and carries specific privacy risks. For example the risk of secondary use, where this kind of information is also used for purposes for which it was not collected for. We think we are aware of those risks, and that we can find ways to benefit from these technologies while keeping the risks to an acceptable minimum.
Yes. When the screening of a traveller generates a hit on a mala fide profile, then the traveller is directed to the same interview that currently also occurs in a rule based setting. Depending on the configuration of the particular border crossing point, this can be either a first line interview at the front of a queue, or a second line interview in a separate room. For that interview, border guards and LEA-operators currently use interviewing techniques to reliably determine information that is relevant for determining whether a traveller is authorized to cross the border. For this purpose, they typically look at the contents of a statement in relation to other information (e.g. travel origins and route and possessions), and also in relation to the way information is conveyed in the interview. This includes signs of potentially relevant mental processes such as emotions and cognitive load. Signs of these mental processes can be found in the contents of a statement, and also in the body language of a person. While it is indisputed that mental processes can lead to observable physical and physiological behaviour, it is much more difficult to explain specific behaviour with (assumptions of) underlying mental processes. For certain mental processes – such as emotions – this relationship is somewhat better understood than for others. TRESSPASS explored the feasibility and operational usefulness of technology that facilitates the border guard in a second line interview-setting in observing and registering the behavior of travelers while they are being interviewed – and in providing suggestions of possible explanations in a small selection of relevant mental processes – including emotions. TRESSPASS builds on pre-existing research on this domain, such as has been conducted by our consortium members prior to TRESSPASS, and by external sources (e.g. The Deception Research Society). This kind of technology potentially improves e.g. traceability and correctness ofthe outcomes of such interviews. And it is a way to operationalise the idea of “more stringent checks” for travellers that generate hits on mala fide profiles, beyond just increasing the duration of such interviews . The use of such technology for this purpose is novel, and carries specific privacy risks. For example the risk of exposure, i.e. the risk that intimate personal information is revealed to a border guard. Another risk is that of several types of bias, where the design of the system, or the way it is used, introduces systematic errors. We think we are aware of those risks, and that we can look for privacy-preserving variants of this technology that keeps such risks to a minimum. In TRESSPASS this kind of technology is not foreseen to be used in combination with automated decision making (so no automatic lie detection), nor is any other technology of TRESSPASS.(Note: this question and answer has been altered due to signals in and outside of the project that this question and answer could be improved)
Does TRESSPASS research involve the sharing of data between EU member states, or with non-EU-member states?
Yes. There are several types of information sharing that can be useful for risk-based border control. This includes information describing modus operandi and general travel patterns. It can also include specific indicators for specific travelers, which can only be observed at the border crossing point of departure, but which also be relevant for the border crossing point of arrival, or even for a later travel leg. The use of such technology for this purpose is novel, and carries specific privacy risks. For example the risk of disclosure, i.e. the risk that information is shared with a party that does not actually need the information itself, such as in this example, the border guard of the border crossing point of departure. We think we are aware of those risks, and that we can find ways to benefit from face recognition while keeping the risks to an acceptable minimum.
What happens if TRESSPASS does not find ways to benefit from these technologies while keeping the risks to an acceptable minimum
In any case, we will describe our findings. We will also describe the consequences of those findings for risk-based border control. Where appropriate, we will recommend to not use the respective technologies, or under specific conditions, such as under export control.
We believe that we have mentioned all relevant technologies in the questions in this FAQ. We follow the public and political debate in the EU and in our member states, which may cause us to provide more clarity regarding these sensitive topics.
Yes. The TRESSPASS partners operate conform to EU legislation. That means they adhere also to the export control regulation.
Research applications after TRESSPASS
It is the authority of the EC and the member states to decide how EU border work and what they use. Some of the results fall under a type of intellectual property. The TRESSPASS consortium has a consortium agreement that describes those aspects.
The answer to this question depends on the assumption that the TRESSPASS project is successful in the sense that it generates sufficient trust in risk-based border crossing points. During the final parts of the TRESSPASS project, we will provide a roadmap to answer this question. This is deliverable D10.6. Until then: some results can be applied directly. For others, some steps are needed. For the relaxation of border checks for trusted bona fide travelers, a change in EU law may be needed. In order to develop actual risk-based border crossing points, the TRESSPASS simulation tools can be used to assess early designs in-vitro. Certain specific technologies may need more development and testing in practice. Some results may never be used if it turns out that they are not useful, or if the side effects cannot be mitigated sufficiently. TRESSPASS delivers results on Technology Readiness Level 7, this means that the results clearly go beyond a demo in a research environment, but they are not expected to be applicable without further development.
Some TRESSPASS results are indeed intended to be used in direct contact with travelers in a future border crossing point. Other are intended to be used in the back-end of a border crossing point, or only during the design phase. Yet other results are less tangible, and serve only to provide trust in the concept of risk-based border control. In any case, you will probably not recognize them by the name TRESSPASS as that name merely covers the current consortium and project, but rather by the involvement of TRESSPASS consortium partners.
Yes, this is conceivable, but will not happen during the TRESSPASS project. A pandemic is a very dynamic threat to the public health with obvious border-related aspects, and the threat can be linked to travelers. This makes it in principle a good candidate for risk-based border control. A risk-based pandemic checkpoint could have screenings based on health- and conformity related indicators, and on the possession of a health certificate or health related passport. A check, which would check the actual infection of a person and which would typically take more time, would then only be applied based on the outcome of this screening. TRESSPASS deliverable D1.2 contains a fictional example of a risk-based concept specifically for the threat of an infectious disease. However, the TRESSPASS project and consortium was not built for such a use case. For example, we do not have partners with the right type of expertise about virology.
Yes. Just like the current rule-based border control does. The hope is that risk-based border control will provide more proportional screenings and checks for an equivalent contribution to risk mitigation. This will certainly mean a different invasion of privacy for all travelers. And it probably means more invasion of privacy for travelers that apparently pose a threat. And hopefully also overall less invasion of privacy for apparent bona fide travelers. This is described in more detail in TRESSPASS deliverable D9.6 and operationalized in deliverable D9.7.
This is done under responsibility of the data controllers. In one single travel, multiple data controllers can be involved, including the member state that is responsible for the border crossing point, the respective border crossing point operator (such as an airport or a port authority), transport operator (such as an airliner, ferry or cruise operator) or a booking agent. For some TRESSPASS technologies, the respective required personal data can be protected in the same manner as is currently done. For others, this is less clear at the moment. TRESSPASS will attempt to identify the situations where it is less clear, and provide suggestions for how this can be done.
This depends on how the EC and member states choose to use the TRESSPASS results. One way to use them, is to relate risk-based border control to registered traveler programs. Such programs typically work on the basis of opt-in. This means that you do not participate, unless you specifically choose to do so. However, this would create a tradeoff between privacy and travel flow, which may not be fair. And obviously, it does not make sense to request consent from mala fide travelers: they cannot be expected to opt-in. For such scenario’s, current EU law may already provide sufficient legal basis for more stringent screenings and checks. This kind of questions also guides the research done by TRESSPASS.
First, the TRESSPASS consortium relies on the democratic checks and balances of the EU and it’s member states to make sure that misuse is prevented and mitigated. Second, security-sensitive information in TRESSPASS is classified, conform to EC requirements. This prevents dissemination to people other than those with adequate security clearance and a need to know. Third, the TRESSPASS deliverables describing sensitive technologies, also include information and (references to) training material for end users, which includes information to help avoid misuse. In addition, the TRESSPASS consortium has identified types of technologies that the EC may want to consider for inclusion on the export control lists. This includes technologies for the observation and registration of interviews, technologies for the analysis of social media and open sources, and technologies for the detection of behaviour using camera’s.