# **Modes of Bio-Bordering** The Hidden (Dis)integration of Europe

**Nina Amelung Rafaela Granja Helena Machado**

#### Modes of Bio-Bordering

"This book is an extremely innovative comparative analysis between different national approaches to bio-bordering in the EU from a sociological and criminological perspective. It provides not only very valuable insights into the history and working of biometric databases in the EU, but also into the legal, political and policing systems of four EU Member States and the United Kingdom. The book impressively highlights EU blindness to national systems but also possibilities for harmonisation by science."

> —Dr. Saskia Hufnagel, Senior Lecturer in Criminal Law, *Queen Mary University of London*

"Borders do much more than delineate states, territories and populations. By exploring the development of DNA databases in Europe, this adventurous book carefully constructs the concept of bio-bordering. This book convincingly adds a next chapter to our understanding of borders and the connections and disconnections they make between political bodies, human bodies and technologies."

> —Prof. Dr. Huub Dijstelbloem, *Department of Philosophy, University of Amsterdam*

"This book marks a significant development of a field of study that has emerged since the end of last century. Building upon prior studies of bordering and surveillance, this book marks a new milestone, providing an important new lens for understanding forensic genetics and trans-national law enforcement—which has so far remained relatively under-reported, and certainly under-theorised."

> —Dr. Carole McCartney, Professor of Law and Criminal Justice, *Northumbria University*

Nina Amelung Rafaela Granja • Helena Machado

# Modes of Bio-Bordering

The Hidden (Dis)integration of Europe

Nina Amelung Communication and Society Research Center (CECS) University of Minho Braga, Portugal

Helena Machado Communication and Society Research Center (CECS) University of Minho Braga, Portugal

Rafaela Granja Communication and Society Research Center (CECS) University of Minho Braga, Portugal

#### ISBN 978-981-15-8182-3 ISBN 978-981-15-8183-0 (eBook) https://doi.org/10.1007/978-981-15-8183-0

© The Editor(s) (if applicable) and The Author(s) 2021. This book is an open access publication.

**Open Access** This book is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence and indicate if changes were made.

The images or other third party material in this book are included in the book's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the book's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.

The use of general descriptive names, registered names, trademarks, service marks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use. The publisher, the authors and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authors or the editors give a warranty, expressed or implied, with respect to the material contained herein or for any errors or omissions that may have been made. The publisher remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Cover pattern © Melisa Hasan

This Palgrave Pivot imprint is published by the registered company Springer Nature Singapore Pte Ltd.

The registered company address is: 152 Beach Road, #21-01/04 Gateway East, Singapore 189721, Singapore

# Acknowledgement

This book has received funding from the European Research Council (ERC) under the EU's Horizon 2020 research and innovation programme (consolidation grant, agreement no. 648608) within the EXCHANGE— Forensic geneticists and the transnational exchange of DNA data in the EU: Engaging science with social control, citizenship and democracy project led by HelenaMachado and hosted by the Communication and Society Research Centre, Institute of Social Sciences of the University of Minho, Portugal. We are deeply thankful to our colleagues Sheila Khan, Filipa Queirós, Sara Matos, Marta Martins and Laura Neiva for providing important insights at different stages during the preparation of the manuscript. We also express our gratitude to Aaron Amankwaa, Kees van der Beek, Georg Biekötter, Victor Toom and Matthias Wienroth who contributed with their expertise through specific comments and their availability for fact-checking. Furthermore, we are grateful to Filipe Santos for his suggestion of applying the term of 'bioborders' to the transnational exchange of DNA data.

### Contents




#### **Glossary** 149

# List of Tables


# Introduction

**Abstract** This introductory chapter sets out the key themes and arguments of the book and provides a road map for the remaining chapters. It outlines the book's ambition to contribute to the sociological and criminological literature on technological infrastructures, borders and specific visions of Europe by portraying what we call the biobordering processes at work in the EU. Relying on what Misa and Schot, reflecting on technological infrastructures, have called the 'hidden integration' and 'hidden fragmentation' of Europe, the transnational exchange of forensic DNA data organized through the Prüm system serves as an exemplary case through which to explore the different logics of biobordering dynamics at work across the European Union. We complement an EU-level analysis with country case analysis of modes of biobordering that emphasize the legal, scientific, technical, political and ethical dimensions related to the governance and uses of biometric technologies both at a national level and in a transnational collaboration.

**Keywords** Europe • Biobordering • DNA • Hidden integration • Hidden disintegration

#### Introduction

We […] need to strengthen our defences against terrorism, build our resilience and improve further the way we work together. Central to all of this is how we share information effectively. […] existing information systems need to be fully implemented and applied. For example, Member States still need to do more to implement Prüm.

Julian King, European Commissioner for the Security Union (12 July 2016). (European Commission, 2016)

The Prüm system1 is a transnational system that links European Union (EU) Member States' national databases and works on the basis of reciprocal automated searching and comparison of DNA profile information, fingerprints and vehicle registration data. The aims of the Prüm system are directed towards stepping up cross-border cooperation, particularly in combating terrorism and cross-border crime (Council of the European Union, 2008a, 2008b). Almost a decade after the EU implemented this transnational regime of data exchange, Julian King, European Commissioner for the Security Union, was invited to the Third LIBE2 Security Dialogue hosted by the Civil Liberties, Justice and Home Affairs Committee in the European Parliament to talk about the *Implementation and State of Play of the Prüm Decisions*. As the above quotation outlines, Julian King argued in favour of the application and implementation of transnational regimes to set up and harmonize cross-border information systems based on biometrics in the name of unifying and integrating antiterrorism and crime control policies.

In this book our aim is to contribute to the sociological and criminological literature on technological infrastructures, borders and specific visions of Europe. We take the Prüm system as an exemplary case of an EU techno-political project promoting integration in the area of security policies in order to reflect on the implications for *de facto* hidden integration and disintegration processes in Europe. It is important to note that we purposefully maintain a distinction between the terms 'Europe' and 'the

<sup>1</sup> In this book we use the term 'Prüm Convention' to refer to the 2005 Convention involving seven countries, the term 'Prüm Decision' to refer to the 2008 Council Decision that established the mandatory nature of transnational data exchange for all EU Member States and the term 'Prüm system' to refer to the actual EU network.

2According to its website, the LIBE Committee 'is in charge of most of the legislation and democratic oversight for policies enabling the EU to offer its citizens an area of freedom, security and justice' (http://www.europarl.europa.eu/committees/en/libe/home.html).

EU'. As Misa and Schot write (2005, p. 2), 'For many people, Europe increasingly represents the space occupied by the EU. (…) to a significant extent, European and EU identities have merged'. We feel that, in times when nationalist rhetoric is stronger than ever and the cultural and political claims of the EU are much contested, the study of European integration processes is a pressing analytical issue. In line with that view, we argue that it is important to acknowledge the diversity of visions of Europe and to distinguish them from the views and practices of the EU as a political project materialized by supra-state institutions.

The programmatic policy agenda of integration in the EU is built into expectations of 'full' and 'more' implementation of information systems that—as we will outline in this book—are a response to diverse and less visible techno-scientific processes of (dis)integration across Member States. By looking into the Prüm regime of transnational biometric data exchange, we address the interplay between specific visions of Europe which foster the idea of Europe's technological and political integration in law enforcement through borderless data exchange and the role of selected EU Member States in implementing or resisting those visions, a process that substantially contributes to how large-scale cross-border information systems evolve and are maintained.

We are interested in the multiplicity of what Misa and Schot (2005, p. 3), reflecting on technological infrastructures, have called the 'hidden integration and hidden fragmentation of Europe'. The authors propose to study the history of European integration with a 'focus not only on integration but also on fragmentation, segregation, disintegration, conflict, and exclusion (and without) underestimating the power of nationalism and the role of nation-states' (Misa & Schot, 2005, p. 7). Hidden integration and disintegration is the result of the linking and delinking of technological infrastructures between nation-states. It also incorporates the movement of people, knowledge and artefacts across nation-states as certain ways of appropriating knowledge and artefacts in local contexts.

While Prüm evolved and became a techno-political security project carried out formally by the EU's Member States, we concur with Misa and Schot in approaching the notion of Europe and the processes of EU's integration as having been contested throughout the twentieth and early twenty-first century, and not as a grand project with a set agenda, carried out from the top down. Through this lens, we are likewise interested in the hidden integration, but also disintegration, through shared and competing visions of Europe and nationhood in Europe, made manifest through technologies. In the context of Prüm, we understand Prüm primarily as the manifestation of one specific vision of Europe as a security union enacted by the EU through the enforcement of expansive data exchange across borders.

The vision implicit in the introductory quote by Julian King, which portrays Member States as implementers of the EU security agenda, turns out to be just one of many visions. We follow the proposal of Misa and Schot in viewing selected technology developments, such as the Prüm system, as Europe-building practices. Such practices reveal how specific concepts and visions of Europe—and, we might add, of nationhood become enacted through the designs of transnational DNA database systems. But they also play out when Member States appropriate the requirements to join the transnational DNA data exchange as responses to and articulations of their own visions of Europe and nationhood. Thereby, we also follow other scholars influenced by the tradition in the history of technology that explores the 'hidden integration' deriving from an analysis of new transnational polities as outcomes of large-scale techno-political attempts at European integration (Misa & Schot, 2005; Schipper & Schot, 2011; Pelizza, 2020). Studies in this tradition have focused on 'infrastructural Europeanism', by investigating European transportation, energy, water and communication infrastructures, and studying how particular potentially conflicting—visions of Europe become enacted (Pelizza, 2020). Pelizza has explored how, throughout the emergence of the EU's migration management regimes and specific migration control technologies, including biometrics, multiple visions of 'Europe' have been enacted. While some actors and their visions are privileged, authorized and legitimized, others are marginalized or excluded.

The technological infrastructures in which we are interested are biometric database systems crossing borders for the EU and Member States' law enforcement. Our reflection will mainly focus on the Prüm system and portray and critically examine its implications for the hidden integration and disintegration of Europe. More particularly, we will use the case of transnational DNA-related data exchange within the Prüm system to illuminate our reflections about the complex, multi-layered and hidden processes of integration and disintegration and to introduce and explore forms of what we will term 'bioborders' in law enforcement.

We understand bioborders to be elements that enable, restrict or constrain the linking of national DNA databases and the circulation of biometric data across state borders. By developing the notion of bioborders, we aim to develop an analytical approach that makes explicit the somewhat invisible bordering practices among transnationally expansive biometric technologies. The concept of bioborders also helps make visible the different visions of Europe enacted by nation-state-based actor networks entangled with national DNA databases and helps capture the reverse patterns of bordering practices linked to transnational biometric data exchange regimes.

The concept of biobordering is useful in reconstructing how the territorial foundations of national state autonomy are partially reclaimed and, at the same time, partially purposefully suspended. We explore these processes through five country cases: Germany, the Netherlands, Poland, Portugal and the UK.

The country cases have been selected with the aim of presenting diverse, yet complementary, examples of the dynamics, tensions and ambivalences of biobordering processes. The German case is that of a political driving force promoting permeable bioborders, while the Netherlands represents the case of a technological front-runner enabling technically and scientifically DNA data exchange across bioborders in the Prüm system. Our cases also include countries that have used Prüm to catch up with international crime control regimes and step up to EU standards as part of a drive for national modernization (Poland), countries that participate extensively in the Prüm system while maintaining a national protectionist regime (Portugal) and countries that remain ambiguous about the project of the EU and negotiate conditional participation in the Prüm system (the UK).

Yet, we wish to make clear that the book goes beyond the arguments around hidden integration and disintegration developed within approaches towards a European History of Science and Technology (Gillingham, 2003; George & Bache, 2001). We do so by providing an in-depth understanding of the ways in which infrastructures are partially polycentrically governed across borders with regard to the concentration of authority to design, interpret and control technology.

Our study confirms the role of particular communities of practices, which have been called a European 'forensic technocracy' (Prainsack & Toom, 2010), on the one hand, and the power of nation-states' embedded agency, on the other hand. In identifying the technocratic drivers of integration in the case of the Prüm regime, Prainsack and Toom (2010) highlighted the role of forensic genetic scientists and their international organizations in standardizing forensic DNA profiling technologies across national borders. In order to further assess the role of nation-states' embedded agency, we believe that it is important to also explore how transnational technological infrastructure projects such as Prüm that provide new infrastructures for information exchange within police collaboration (re)appropriate, (re)shape and contest notions of bioborders.

The development of transnational systems for the mass exchange of biometric data at and across borders has challenged conventional notions of borders. In migration studies, there is extensive literature about how digitization and biometrics have changed the character of border controls, which are explicitly about the control of border-crossings of people (Amoore, 2006; Leese, 2016; Bigo, 2014; Tsianos & Kuster, 2016; Dijstelbloem & Broeders, 2015). Yet, there is still a substantial lack of research on how digitization and biometrics have also changed the character of borders more 'silently' and 'implicitly' by enabling and facilitating border-crossings of people while simultaneously implementing systems designed to detect the mobility of 'risky individuals', such as criminal suspects. Aiming to fill this gap, this book brings to the fore how biometric data is increasingly travelling across borders in order to limit, control and contain the mobility of selected people, namely, criminalized populations. Consequently, the technological underpinnings of transnational criminal investigation and police collaboration regimes (Bigo, 2008; Hufnagel & McCartney, 2017; Machado, Granja, & Amelung, 2020) are at the heart of this book.

Prüm as <sup>a</sup> Case Through Which to Study the Dynamics of Bioborders and Their Impacts on Hidden Integration and Disintegration in the EU

We focus on the Prüm system, which established the mandatory exchange of forensic DNA data amongst EU Member States, because it is an underexplored example that portrays diverse instances of biobordering. The book builds on extensive research carried out in a five-year project funded by the European Research Council.3

In law enforcement, different mechanisms to store and exchange biometric data continue to exist in parallel. In the context of DNA data, the Interpol DNA Gateway and Interpol DNA Database (IDD), as well as the Europol Information System (EIS), enabled DNA data exchange before

<sup>3</sup>More information available: http://exchange.ics.uminho.pt/ (ERC Grant agreement No 648608).

the Prüm DNA data exchange was established. However, the exchange of DNA data within Prüm is still an interesting case because it became the favoured option when the scope and efficiency of the previously established information systems remained limited (Luif, 2007).

We focus on DNA data exchange, rather than on the exchange of fingerprint and vehicle data, in the Prüm regime for the following reasons. First, forensic DNA data is underexplored as a biometric identifier used to track transnational mobility of criminal suspects. Although there is considerable literature on how DNA technologies have been used in several national contexts (Williams & Johnson, 2008; Hindmarsh & Prainsack, 2010; Machado & Prainsack, 2012), their transnational uses remain poorly analysed, and cross-country comparisons are almost absent. Second, investigating DNA technologies allows us to study the 'bio-value' linked to DNA in law enforcement, which has evolved with the promise of DNA technologies working as a successful 'truth machine' (Lynch, Cole, McNally, & Jordan, 2008). Thus, this study provides an opportunity to engage in an in-depth analysis of how the transnational exchange of DNA data reflects the hidden (dis)integration of Europe materialized through seemingly uncontested biometric technologies. Third, the 'bio-value' of DNA forensic tools also conveys certain notions of risky people and specific modalities associated with transnational mobility and emphasizes certain modes of regulation in law enforcement (Machado et al., 2020). Such modalities are expressed through preferences for biometric evidence and constructions of suspicion related to it. One example of this is the priority given to certain crimes in criminal investigation over others. As Lawless puts it:

The Prüm regime's emphasis on certain forms of evidence could potentially shift the focus of international policing from certain crimes onto others. The exchange of DNA, fingerprints and registration data could divert transnational police activity towards certain physical crimes to people or property but away from other recognized transnational threats such as fiscal or computer crime. (Lawless, 2016, p. 177)

By looking into the transnational exchange of DNA data, we, thus, explore the different logics of biobordering dynamics at work at the EU level by highlighting the legal, scientific, technical, political and ethical dimensions of data exchange across borders. Such biobordering dynamics enable a levelling mode of ordering aimed at diminishing technical, scientific and legal 'obstacles', and by doing so facilitate a seemingly smooth techno-political integration across the EU. We complement this EU-level-focused analysis with country case analysis that emphasizes the legal, scientific, technical, political and ethical dimensions related to the governance and uses of biometric technologies both at a national level and in transnational collaboration. We demonstrate how certain patterns coincide and others become distinct in Germany, the Netherlands, Poland, Portugal and the UK.

We provide a panorama of cross-country dynamics and of the different countries' situations by demonstrating how the particularities of national policy regulations and judicial traditions, as well as technological infrastructures and techno-political cultural repertoires, either enforce, complement or counter the biobordering dynamics of the EU. Therefore, we examine, portray and compare in detail the experiences and traditions of several countries with regard to their use of national forensic DNA databases, recent applications of forensic genetic innovations and forms of engagement with the Prüm system.

Taken together these elements reveal a multiplicity of heterogeneous dimensions constituting bioborder regimes. The portrayals of each country's position regarding DNA data exchange provide insights into how national autonomy and sovereignty is claimed, negotiated and suspended not only through legal and political bordering processes but also through scientific and technical bordering practices that correspond with technopolitical cultures and manifest specific regimes for biological data retention and exchange.

#### Book Overview

We begin, in Chap. 2, with an outline of the historical evolution of biometric databases in the EU and explore how these developments reconfigure notions of borders within the EU and at its outer edges. Our aim is to outline the EU's political and technical attempts to secure the unhindered flow of biometric data among Member States. The historical summary covers the evolution of a range of diverse biometric technologies and database systems and their use in the context of crime and migration control. This broad framework helps us to understand why the Prüm system is of relevance to the reconsideration of bioborders.

In Chap. 3, we begin by reviewing recent impulses from border studies to clarify why we are proposing to use the concept of 'biobordering'. We introduce the concept of 'biobordering' and use it to explore the modes of ordering through 'distributed agency' across actors including biometric specialists, criminal justice system personnel, data protection authorities and oversight bodies enacting and reinforcing borders through biological data in unexpected manners. We argue that the concept of biobordering is useful in trying to understand the modes of ordering entangled with largescale IT database infrastructures for the exchange of biometric data. The chapter continues by outlining the notion of biobordering and its meaning in the context of the transnational exchange of DNA data regulated by the Prüm system. Taking the nationally grown crime control regimes into account, we argue that our conceptual proposal of bioborders is useful in capturing how the territorial foundations of national state autonomy are partially reclaimed—what we will call rebordering—and, at the same time, partially purposefully suspended—what we will call debordering. The chapter portrays how political and regulatory ambitions regarding European integration have translated into practices of debordering bioborders in the EU. This provides the basis for a closer look at how different biobordering regimes have evolved among EU Member States and how their modes of ordering have responded to the EU's debordering tendencies. We close with an introduction to the case studies in the next chapters, which reveal emergent processes of de- and rebordering that are maintaining and contesting specific visions of Europe and enforcing references to state autonomy.

In Chap. 4 we portray the German case, which serves to illustrate an *expansive and diffusive mode of debordering* and provides evidence of the political blaming/shaming of Prüm non-compliers. Germany's DNA database started in 1998 and has grown into one of the biggest in the EU. Its location in Central Europe has made Germany interested in rapidly increasing its bilateral exchange relations. Led by its Minister of the Interior, Germany was among those countries that drove the creation of the Prüm Convention. The German vision of Prüm was to harmonize international police collaboration by relying on biometric data. The politically dominant narrative of the government has repeatedly used the rhetorical repertoire of blaming and shaming with regard to those Member States not yet participating properly in the Prüm system and has thus echoed the debordering claims of the EU. However, several civil societal actors within Germany, casting a critical eye over the evolution of the database, have warned of risks deriving from the Prüm regime relating to privacy, the lack of transparency and accountability, and the manipulation of the assumption of innocence. In consequence, they have called for oversight and safety mechanisms, not necessarily as national standards in the sense of rebordering, but for the whole Prüm system.

Chapter 5 presents the case of the Netherlands. The Netherlands also serves as an exemplary case of an *expansive and diffusive mode of debordering*, although with important differences to Germany. The Dutch DNA database has been operational since 1997, and the Netherlands has a track record of 'innovation' regarding the regulation and practical application of genetic technologies for forensic purposes. In 2003, the Netherlands became the first country to regulate the use of genetically determined externally visible characteristics in criminal investigations. Since then, controversial uses of DNA data, such as familial searching and DNA dragnets, have gained importance in criminal investigations in the country. Like Germany, the Netherlands was also involved from the beginning with the Prüm Convention and, since then, has been a front-runner in building and implementing the technical framework for Prüm in its most expansive form. The Netherlands is the most active country in the Prüm regime (exchanging DNA data with all operational countries), and Dutch experts have proactively trained and supported implementation in other Member States of the Prüm system and have made considerable efforts to study and monitor cross-border DNA matches between the Netherlands and other operational Member States.

Chapter 6 provides insights into the Polish situation. Poland represents a country ambitious to catch up with an *expansive mode of debordering*. Among the five cases presented in the book, Poland was the last to join the EU. However, it then developed an ambitious approach to catching up with international crime control standards. Poland established its DNA database in 2007. From the beginning, issues of standardization and the facilitation of international DNA data exchange were considered as fundamental to Poland's project to technologically modernize and integrate into the political EU. Poland joined the Prüm system in 2013 and, according to the latest data available, is one of the most proactive members, having established connections with 20 other countries. As a Member State aiming to further internationalize and modernize, police collaboration and expansion of its capacities as a security state frame the discourse about the importance of joining collective efforts to control cross-border criminality in the EU.

Chapter 7 explores the Portuguese case, which serves as an example of *latent rebordering dynamics*. Portugal established its forensic DNA databases in 2008 on the basis of one of the most restrictive regulatory frameworks in the EU with regard to the criteria for the entry and deletion of DNA profiles. In 2015, Portugal started connecting with the Prüm system's genetic data exchange. Portugal represents a situation where the requirements of the EU regulations regarding Prüm have been fully enforced while, simultaneously, access to biometric data has been severely restricted. This situation mainly derives from particularities of national policy and judicial traditions. Portugal, thereby, enacts dynamics of rebordering that maintain restrictive regimes of regulation, legislation and data protection as a consequence of its own historically and culturally shaped political and judicial environment. Portuguese bioborders are thus addressed through a continuously oscillating pendulum between debordering and rebordering dynamics.

The final country case—that of the UK—follows in Chap. 8. The UK case serves as an example of an *ambiguous mode of bordering*. The UK established its database in 1995 and is, thereby, the possessor of the world's oldest, and one of its largest, DNA databases. For several decades the UK has been dealing with substantial social and ethical implications related to the size and scope of its database. In this regard, the 'S. and Marper' case became a landmark against which to orient the possibilities and limitations of using forensic DNA. The UK withdrew from the Prüm system in December 2014. However, after running tests with other countries, it decided to rejoin the Prüm system in 2015, a decision that became operational in 2019. However, the recent Brexit scenario has politicized decision-making on bioborders and brought new challenges regarding the UK's position in the Prüm system. The UK's *ambiguous mode of bordering* is evidenced by its simultaneous rebordering, by negotiating limitations on access to its own data, and debordering, by claiming access to 'foreign' data.

The book concludes with Chap. 9, which summarizes, first, the modes of ordering at the EU level resulting in debordered bioborders, emphasizing the legal, scientific, technical and political dimensions. It does so by providing an overview that visualizes the analytical tools applied in each of the country case studies. Second, the final chapter shows how the Member States' modes of ordering—which have national technical, scientific legal, organizational and civic epistemological dimensions—have resulted in diverse forms of de- and rebordered bioborders. The chapter also discusses how the mandatory elements of the Prüm Decisions were politically enforced without taking into consideration the significant differences between EU countries. Thus, disintegration comes as a contingency regarding, for example, operational and organizational traditions, legislation, the nature of the criminal justice system and national variations around the human and economic resources to invest in forensic DNA databases, DNA profiling technologies and other kinds of police information databases.

The levelling mode of ordering at the EU level enforced a specific version of bioborders that reflects the political belief that the interoperability of DNA databases is a mere technical–scientific issue. Thus, 'European integration' is believed to be achieved by the harmonization of scientific and technical procedures between laboratories and police forces in different countries.

#### References


**Open Access** This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/ by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence and indicate if changes were made.

The images or other third party material in this chapter are included in the chapter's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.

# A Brief History of the Evolution of Biometrics and Biometric Database Systems Crossing Borders in EU Law Enforcement

**Abstract** This chapter provides an outline of the historical evolution of biometric databases in the European Union and explores how these developments reconfigure notions of borders within this region of the world. This sets the scene for understanding how the melange of biometrical technologies and digitization has reconfigured how we think about the mobility of people, how modes of surveillance relate to human rights and ethical issues, and what modes of regulation are being enforced. This brief historical summary covers the evolution of a range of diverse biometric technologies and database systems and their use in the context of migration control and law enforcement. Furthermore, the chapter contextualizes why the Prüm system, a decentralized database system designed to facilitate the mandatory exchange of forensic DNA data amongst EU Member States to control criminality and terrorism, is of relevance to the concept of bioborders.

**Keywords** EU • Biometric technologies • Decentralized and centralized databases • Prüm • Law enforcement

#### Introduction

This chapter begins with an outline of the historical evolution of biometric databases in the European Union (EU) and explores how these developments reconfigure notions of borders within this region of the world and at its outer edges. This sets the scene for understanding how the melange of biometrical technologies and digitization has reconfigured how we think about the mobility of people, how modes of surveillance relate to human rights and ethical issues, what modes of regulation are being enforced, and how notions of borders have been changed.

This brief historical summary covers the evolution of a range of diverse biometric technologies and database systems and their use in the context of migration control and law enforcement. More particularly, it reflects upon the expanding use of DNA technologies, along with other biometric technologies such as fingerprinting and facial recognition, across border control. The overview of the uses of biometric technologies in migration control and law enforcement helps to contextualize why the Prüm system, a decentralized database system designed to facilitate the mandatory exchange of forensic DNA data amongst Member States to control criminality and terrorism, is of relevance to the concept of bioborders.

#### From the 'Politics of Fear of Crime' to New Technologies in EU Law Enforcement

Increasing concerns around transnational organized crime and terrorism in the last two decades have given rise to a new type of politics: 'fear of crime' (Hope & Sparks, 2012, p. 5). This pervasive 'fear of crime' responds to the perception of omnipresent global risks of social conflict which make everyone a potential victim. Security policies, thus, respond to quests which derive from feelings of—what the sociologist Anthony Giddens describes as—'ontological insecurity' (Giddens, 1990) associated with globalization and global threats. In his words, contemporary society faces a lack of 'confidence that most human beings have in their self-identity and the constancy of the surrounding social and material environments of action' (Giddens, 1990, p. 92). Linked to ontological insecurity, crime control strategies are responding to global transformations around the fear of crime, which result in the expansion of state surveillance. In parallel, criminal justice systems are also gradually becoming more dependent on the cross-border collaboration of police and judicial actors.

Cross-border collaboration for controlling crime has long motivated the transnational exchange of information across Member States. Yet, motives for exchanging data have changed over time. Initially, expectations about the benefits of exchanging information about stolen goods or about criminals who attempted to escape prosecution by fleeing to another country guided the interest in establishing information exchange. Later, criminal activities were imagined to be more often coordinated transnationally. By then, information exchange was considered to help assemble knowledge about the identities, organization and methods of transnational criminals (Aden, 2016, p. 324). Organized cross-border crime evolved with an increase in transport infrastructures, and it transformed its character due to the fast evolution of information and communication technology (ICT). Such technology gave rise to virtual crimes and financial crimes, enabling the movement of money globally (Fiodorova, 2018). In parallel, from the 1970s, information exchange among police organizations across borders also grew due to the increasing use of ICT (Aden, 2016, p. 324).

Reflecting on recent developments shaping today's perceptions of global risks and threats to security, which have changed substantially since the 1970s (Fiodorova, 2018, p. 28), we come to new perceptions of societal vulnerabilities. While transnational or cross-border crime has long been the focus of security policies, forms of criminality have changed. The securitization of the mobility of migrants and travellers has become problematized since the increased mobility into and across the 'borderless' Schengen space was perceived as a threat. Lately, dramatic terrorist events, such as the attacks in the US on 11 September 2001, in Madrid (Spain) on 11 March 2004 and in London (UK) on 7 July 2005, have been understood as shocks by both society and security organizations and have, *de facto*, changed security policy agendas.

'Illegal migration', 'transnational organized crime' and 'terrorism' have become standard political 'categories of blame' (Aas, 2013). Such categories serve to legitimize rigorous and sometimes extreme measures to defend states and societies against their perceived enemies. More specifically, such categories of risk have contributed to the justification, implementation and normalization of complex architectures of transnational police and judicial collaboration in the EU. These architectures of transnational collaboration are anchored in sophisticated technologies that use biometric identifiers and complex apparatuses for information exchange across borders.

Louise Amoore has proposed in a joint article (Johnson et al., 2011) that two forms of bordering emerged and gained importance in the world of technical landscapes of control and surveillance after the events of 9/11. On the one hand, a form of 'bordering in society' constituted and strengthened by the social, cultural and political distinction between social groups emerged. On the other hand, new 'state practices of bordering' emerged that simultaneously reinforced state sovereignty over border control with new technologies, to be found not solely in border areas but also far beyond. Understanding how the EU's commitment to biometrics in transnational police and judicial collaboration transforms 'state practices of bordering' and is entangled with 'bordering in society' (Johnson et al., 2011) is crucial to the ambition of this book.

In recent scholarship, political geographers, international relations scholars, political scientists and sociologists have extensively contributed to the study of borders and have reassessed how notions of borders have expanded over time. Instead of focusing on the border itself, scholarly interest has targeted bordering practices or bordering processes. With the term 'bordering', scholars aim to capture analytically the continuous processes of fixating and regulating mobility as 'an ongoing strategic effort to make a difference in space among the movements of people, money or products' (van Houtum & van Naerssen, 2002, p. 126).

Since the early 1990s, scholars have tended to consider the exercise of state sovereignty at great distances from the national borders themselves as 'bordering' (Johnson et al., 2011, p. 61). This point of view has come with the argument that favours the inclusion of different sites of bordering practices beyond physical state borders. This brings into the analysis spatial sites *inside* sovereign territory and also *beyond* state boundaries at which bordering practices are carried out in the name of extending internal security, as is the case for the EU (e.g. Bigo, 2014). But it also invites us to embrace the 'banal sites' of less visible, mundane, technocratic modes of governance (Walters, 2008) or sites where technologies such as biometric identification are used to connect and structure institutionalized forms of cross-border collaboration in the name of security (Bigo, 2008; Amoore, 2006). The inclusion of different sites of bordering practices beyond the physical state has been accomplished by, for instance, studying the involvement of security professionals (Bigo, 2014) or data analysts (Amoore, 2011) in bordering processes.

The increasing permeability of the internal borders of the EU for people, money and products on the one hand and yet new forms of concentration of state power in the context of transnational cooperation on the other hand have become prioritized research topics in recent border studies scholarship around the topic of transnational cooperation. Predominantly, these intertwined phenomena have been explored in the context of Euroregions as borderlands along specific territorial borders, for example, regions with a sense of joint belonging on different sites of state borders (Johnson et al., 2011; Popescu, 2008). In this regard, in this book we aim to advance the body of literature on bordering practices and bordering sites both internal and external to state territory. We wish to do so by exploring the supranational policy developments that have paved the way for the increasing *permeability of borders for data exchange*, supranational tendencies towards harmonization yet facing occasionally resisting Member States' autonomous state power.

From early on, experts and analysts proposed policy solutions and feasible technical options to new global threats that included the expansion of surveillance and growth of information exchange. Such strategies build on 'dataveillance' (Clarke, 1988)—the processes of monitoring digital data related to the characteristics of individuals—and include the use of biometric data to identify and track those who are considered risky persons. The development and availability of biometric technologies as identification and registration technologies have shaped what have been considered feasible technical options for various security problems.

Since the 1970s, digital techniques have helped to develop automated human identification based on biometric identifiers. Today, fingerprints, facial images and DNA have become the preferred biometric identifiers taken up by the EU to be stored or exchanged across large-scale information database systems for various purposes. While DNA technologies are used for criminal identification purposes, the other biometric technologies are used for identification purposes of applicants and beneficiaries of international protection, passengers, visa applicants, missing or wanted persons, third-country nationals and migrants in an irregular situation.

Since the late 1990s, strategic documents from the European Council have demonstrated the constantly increasing relevance and reliance on the exchange of information among police organizations. In order to develop a common EU Justice and Home Affairs (JHA), the Treaty of Amsterdam (1997) introduced the Area of Freedom, Security and Justice. Since then, several other programmes—the Tampere Programme (1999), the Hague Programme (2005) and the Stockholm Programme (2010) (Aden, 2016)—have further informed the common strategy for policing and internal security and have emphasized the relevance of facilitating the transnational exchange of information. The Tampere Programme promoted the principle of 'mutual recognition', which was meant to establish trust, even in the absence of shared legal, judicial and administrative traditions in law enforcement. The Hague Programme introduced the principle of 'availability', making it mandatory that Member States make information available for other Member States. As a trust-building measure, the degree to which human rights should be protected was spelled out in the Stockholm Programme: 'The protection of the rights of suspected and accused persons in criminal proceedings is a fundamental value of the Union, which is essential in order to maintain mutual trust between the Member States and public confidence in the Union' (European Commission, 2010, p. 10).

With the introduction of the Area of Freedom, Security and Justice and the strategic programmes that followed, the common joint legal fundament was established, preparing the way for the introduction of transnational information technology database systems ready to collect, store, compare and exchange diverse kinds of data for different purposes. Border and migration control was one domain and law enforcement was the other. Despite emerging as distinct policy areas, migration and crime control have increasingly merged over time with regard to both their legal fundaments and their database infrastructures (Aas, 2011).

#### Promoting European Integration by Building Large-Scale Transnational Biometric Database Systems

Rommetveit (2016) has argued that biometric technologies and databasing are part of a transforming vision that easily lent itself to political visions of enhanced border control as a way of promoting European integration. This argument is made by referring, on the one hand, to EU policies driven towards tighter security measures to combat events such as 9/11. On the other hand, the EU's inclusion of ten new members in 2004 is identified as having caused the perceived need for further coordination and collaboration. With the integration of Central and Eastern European countries—the Czech Republic, Estonia, Hungary, Latvia, Lithuania, Poland, Slovakia, Slovenia—plus Malta and Cyprus, it became mandatory to integrate them in the cooperative police and judiciary networks to fight against criminality. The integration of the new countries was regarded with suspicion and caution regarding their values and interests by the Western European nations (Lauristin, 2007) and revealed asymmetries in East–West relations and perceptions. The aim of enhancing border control then became the establishment of biometric data exchange systems facilitating a unified biometric vision inscribed onto border control-related technologies. The unified biometric vision was instructive, for instance, in redesigning travel documents and other biometric technologies serving to verify a person's identity (see also Aas, 2011; Dijstelbloem & Broeders, 2015; Kloppenburg & van der Ploeg, 2018). Rommetveit (2016) has identified the Visa Information System (VIS), Schengen Information System II (SIS II) and EURODAC centralized database systems as the biggest and most important ones to reveal the politically set agenda behind biometric technologies aimed at political and technical integration. Complementarily, Misa and Schot (2005) have used the lens of technology to explore integration as the emergent outcome from a process of linking national technical infrastructures and establishing transnational technical infrastructures. They have also assessed the tensions that derive from linking the different visions of Europe associated with such infrastructures. We follow Misa and Schot (2005) in looking beyond the set agenda of the EU to be sensitive to the implications for *de facto* (dis)integration and focus on the specific role of biometric data and information infrastructures for political and technical (dis)integration.

The European security studies scholar Pedersen (2015) has distinguished between two modes of ordering integration through data information systems that differ regarding the role of state autonomy and state power: vertical Europeanization and horizontal Europeanization. We make use of this distinction to illustrate the implications deriving from centralized or decentralized architectures for information systems. The 'vertical Europeanization' mode of ordering integration builds on European institutions for the creation or preparation of a range of centralized European databases with different purposes. It has been much more used in migration and border control; SIS, VIS and EURODAC, as well as steps taken to enhance the interoperability of these databases, are examples of 'vertical Europeanization' at work. 'Horizontal Europeanization' is the result of Member States beginning to use each other as sources of data without going 'through' the European institutions; decentralized and networked database systems such as Prüm serve as examples of this. Law enforcement actors have for long attempted to maintain state authority and have therefore opted more often for decentralized solutions that allow, at least partially, the retention of some pillars of state autonomy.

M'charek, Schramm, and Skinner (2014) have looked into the impact of integration through biometric information infrastructures and explored the racializing effects of European regimes of border management and the related governance of populations. They demonstrated how such infrastructures—by taking the cases of SIS, Frontex, VIS, Eurodac and Prüm as examples—simultaneously constitute and discriminate against racialized groups of people in practice, even if the explicit language of race and ethnicity is largely absent from its official remit. Regarding Prüm, the authors (M'charek et al., pp. 481–482) precisely encouraged further research to look at the dynamics of convergence between countries' database developments but considering the differences between legal frameworks, systems of governance and, indeed, between policing and laboratory practice around DNA across the various national databases in Europe. Such differentiated exploration is crucial in order to understand the 'unequal consequences of surveillance through Europe's technobureaucratic systems' (M'charek et al., p. 482) (Table 2.1).

Since the introduction of the first EU-wide biometric information database system (EURODAC) in 2000, the historical evolution of diverse biometric database systems in Europe has been dedicated to the expansion of 'datafication' (Broeders & Dijstelbloem, 2016; Cukier & Mayer-Schoenberger, 2013), that is, the transformation of social action into digital quantified data, trackable and accessible for further analysis. Datafication serves as the foundation for 'dataveillance' (Clarke, 1988) as a form of surveillance that has likewise drastically enlarged in the last two decades. Since its introduction the scope of ascribed purposes of the database system and targeted persons has been substantially extended. EURODAC's purpose was to assign Member State's responsibility for individual asylum requests and to prevent so-called asylum shopping (multiple attempts to request for asylum in different Member States). It used fingerprints as a biometric identifier. Later on, EURODAC became accessible to law enforcement agencies as well. Backed by the European Councils in Laeken (2001) and Seville (2002), the next system, the common VIS, established fingerprints as a biometric identifier and targeted non-EU citizens (Liberatore, 2007).

From 1995, the SIS had already established a common database that enabled the relevant authorities in each Member State to have access to alerts on persons and property. Initially, it worked without biometric data


**Table 2.1** Centralized large-scale IT systems using biometrics (existing and planned)

Source: Authors relying on a publication of the European Union Agency for Fundamental Rights (2018, p. 23). The table shows biometric database information systems in the EU, including migration, border control and law enforcement-based systems. Biometric identifiers in italics are part of the planned transformations. With white background are the existing databases, with grey background the additional planned database systems

and was used for the purposes of border checks and other police and customs checks, such as issuing visas, residence permits and the administration of legislation on non-Schengen citizens in the context of the Schengen Convention. In April 2013, the second-generation Schengen Information System (SIS II) was launched with enhanced functionality, including the use of biometrics. In June 2018, decision-makers agreed on a new package for the Schengen Information System, the implementation of which will be completed in 2021 and which contains the collection of palm prints, fingerprints, facial images and, in limited circumstances, DNA related to missing persons (European Commission, 2020). Thereby, it has become clear how, over time, migration and border control have merged with law enforcement and stimulated the use of biometrics across purposes. The dominant policy narrative argues that this merging facilitates police cooperation on missing and unwanted persons as well as border control cooperation regarding the mobility of migrants in irregular situations (European Commission, 2020).

Proposals adopted and signed by the European Council in 2017 aimed at enhancing the management of Europe's external borders through the use of biometrics included the introduction of an Entry/Exit System (EES) which is planned to be operational in 2020 (Kloppenburg & van der Ploeg, 2018). In 2019, another centralized system, the European Criminal Records Information System for Third Country Nationals (ECRIS-TCN), received its legal foundation with the regulation EU 2019/816 of the European Parliament and of the Council. Centralized data from Member States holding conviction information on thirdcountry nationals and stateless persons supplements the European Criminal Records Information System. The latest iteration of expansion is the current 'interoperability' initiative, which is attempting to connect diverse centralized database systems and make data available for multiple purposes and to streamline systems' users for law enforcement, judicial, migration and asylum matters. The planned Common Identity Repository (CIR) belongs to the backbone of the interoperability project as it aims at centralizing biographic and biometric information of third-country nationals. CIR will store biometric data of SIS II, VIS, Eurodac, ECRIS-TCN and EES which then is available for search and comparison (see Table 2.2).

**Table 2.2** Securitization and evolution of large-scale information **systems**

#### Approaching Transnational Criminal Mobility: The Prüm System

Although practically all of the technologies and database systems mentioned above evolved over time to control mobility across borders, some of them—such as the Prüm system—were intended primarily to support transnational criminal investigations (Machado & Granja, 2018, 2019a; Machado, Granja, & Amelung, 2020; Prainsack & Toom, 2010, 2013; Toom, 2018). It is therefore important to remind ourselves of the differences of the groups targeted by migration and border control, on the one hand, and law enforcement, on the other. The major groups targeted by migration and border control database systems are third-country nationals seeking entry into the territory of Member States and EU nationals travelling across countries (Broeders & Dijstelbloem, 2016). The groups targeted by law enforcement database systems, such as Prüm, are individuals with some previous involvement with the criminal justice system. The Prüm system thereby fits what Williams and Johnson would consider as 'a type of surveillance which is essentially concerned with "management" of those already deemed criminal (…) delimiting them from the wider population and managing them through assured detection' (Williams & Johnson, 2004, p. 11).

It was in May 2005 that officials from seven countries met in the small German town of Prüm. Member States had become increasingly concerned about the transnational movement of people deemed risky and, consequently, about the growth of transnational crime. Supported by the Schengen Agreement and the Hague Programme, Belgium, Germany, the Netherlands, Spain, France, Luxembourg and Austria signed the Prüm Convention. The Convention intended to strengthen the cooperation between those seven countries through the exchange of information to combat terrorism, cross-border crime and illegal migration. Preventing and investigating cross-border crime (i.e. terrorism, human trafficking, drug smuggling and illicit arms traffic) has been, at the discursive level of policy formation, the main driving force and justification for most of the crime investigating regimes in the EU that build on biometrics (Aas, 2011). In 2008, some of the Prüm Convention provisions were subsumed into the police and judicial cooperation provisions in EU law by a Council Decision commonly referred to as the Prüm Decision (Council of the European Union 2008a, 2008b). This Decision made it mandatory for all Member States to join this pan-European data network (Toom, Granja, & Ludwig, 2019).

The latest report on the progress of the implementation of Prüm, dating from February 2020, indicates that there are 26 Member States exchanging DNA data. Greece and Italy are not operational in the Prüm system. This does not imply, however, that all countries have established the same level of connections. For instance, while the Netherlands and Austria are connected to 24 countries, the UK and Denmark are exchanging DNA data with just 7 countries (Council of the European Union, 2020).

#### Decentralized Databases

The Prüm system established transnational exchange on the basis of a decentralized database system, thereby deciding that, instead of aggregating information into one database, data should remain the property of the Member State where it was collected. As such, it challenges notions of borders in a different way to centralized database systems such as those that evolved from the JHA policies. In contrast to centralized database systems, decentralized law enforcement networks, such as Prüm, often derive from pre-existing networks of security professionals or through common professional activities among biometric experts and thus included people who knew each other previously (Aden, 2016). Prainsack and Toom (2010) have emphasized that the Prüm system derived from technocratic drivers of integration.

Efforts by forensic scientists to standardize forensic DNA profiling technologies across national borders date back to the late 1980s, when the European DNA Profiling Group (EDNAP) was established with the aim of preventing and being prepared for an 'escalation of cross-border crimes' in an increasingly integrated Europe. The European Network of Forensic Science Institutes (ENFSI) has been similarly important in the standardization of scientific procedures. Forensic scientists from such networks set up the basic conditions of possibility for the Prüm system: the so-called European Standard Set (ESS) was proposed by a group of forensic scientists of the ENFSI. The EU promoted such developments by providing funding to the ENFSI that increased collaboration 'between European laboratories, ultimately leading to the formation of a pan-European database' (Gill, Sparkes, Fereday, & Werrett, 2000, p. 1). What Prainsack and Toom have coined as 'forensic technocracy' (Prainsack & Toom, 2010, p. 1125) was what substantially enabled the political process of the Prüm implementation. Although the EU's interoperability initiative has been considered in relation to centralized database systems, Prüm—as a decentralized system—has nevertheless also been listed as a candidate for interoperability in the future (EU Commission, 2017).

Decentralized systems also play out in a specific form with the level of autonomy that each Member State has in establishing the norms and actors that will be actively involved in data exchange. Considering that each country remains in control of its database, the EU regulation of the Prüm system stipulates that, for the purposes of supplying data, each Member State shall designate a National Contact Point (NCP), and the powers of the NCPs shall be governed by the applicable national law (Decision 20008/615/JHA). Different countries have given custody of their national DNA databases to different entities, ranging from judicial authorities to police forces.

In the great majority of countries involved in the Prüm system, the Ministry of the Interior (or Ministry of Internal Affairs or Ministry of Home Affairs)—a government ministry typically responsible for policing, emergency management, national security and immigration—has custody of the national criminal DNA database. The exceptions to this scenario are Belgium, the Netherlands, Portugal and Sweden, in which the Ministry of Justice has custody over the national DNA database. The Ministry of Justice typically has specific duties associated with the organization of the justice system, and it oversees public prosecutors and maintains the legal system and public order. In this diverse context, the roles and responsibilities of Prüm NCPs may vary among countries, according to their different organizational structures and national legislation.

#### Previous Studies on Prüm

Over the last years, the Prüm system has received academic attention that can be divided into two main approaches. The first includes studies that focus on the societal, political and ethical challenges posed by the system. In this domain, scholars have been outlining the challenges deriving from the mandatory implementation and rapid expansion of the Prüm system. They have highlighted concerns over the enormous disparities in national legislation and data protection; ongoing issues of transparency, accountability and trust; and the lack of ethical oversight of the transnational flow of law enforcement information (Amankwaa, 2019; Hufnagel & McCartney, 2015; Matos, 2019; McCartney, 2014a, 2014b; McCartney, Wilson, & Williams, 2011; Prainsack & Toom, 2010, 2013; Toom et al., 2019). In this domain, a recent number of empirically grounded studies exploring what 'ethics' means to forensic practitioners actively involved in transnational DNA data exchanges under the Prüm system have also emerged (Machado & Granja, 2018). Furthermore, scholars have addressed how forensic DNA evidence is given meaning within the different ways of constructing a police epistemic culture in the context of Prüm (Machado & Granja, 2019a). Additionally, the fluid and flexible forms of constructing suspicion which take shape in transnational governance of crime through forensic DNA databases (Machado et al., 2020) and how NCPs perceive the risks and benefits of transnational exchange of forensic DNA data (Machado & Granja, 2019b) have been recently explored. The second main approach in the literature focusing on the Prüm system has assessed the geographical patterns of cross-border crimes solved by transnational exchange of DNA data (Bernasco, Lammers, & van der Beek, 2016; Taverne & Broeders, 2015, 2016). In this regard, one study, based on an analysis of the official statistical dataset of the Prüm system, suggested a territorial divide between Western and Central European countries and Eastern European countries. The research revealed a trend showing that the majority of DNA profiles they collect come from individuals originating from Eastern European countries (Santos & Machado, 2017). The implicit assumption behind this association between the populations of Eastern European countries and the suspicion of crime reveals the subjectivizing effects of surveillance processes. The transnational exchange of DNA data via the Prüm system represents a technological infrastructure that targets the movements of particular suspect communities across Europe (Machado et al., 2020). The continuous (re)creation of assertions concerning criminality and specific populations from certain East European countries is sustained by generalizations of what Didier Bigo has described as the fears of 'transnational movements of people from poor countries to richer ones' (Bigo, 2008, p. 94).

#### Horizontal European (Dis)integration: Biobordering in the Case of Prüm

The focus of this book lies in the phenomena of biometric data information crossing Member States' borders by looking at the particular case of Prüm. By approaching it as hidden (dis)integration in Europe, we study the partial suspension and partial reclaiming of nation-state-rooted power along the site of borders for biometric data exchange. More particularly, we propose to combine border studies scholarship, with its focus on transforming nation-state autonomy, and studies that have explored the processes of European (dis)integration (Misa & Schot, 2005) with a sensitivity to the role of technology.

Centralized database systems mostly used for the purpose of migration control have been widely addressed in the literature with regard to their transformative effects on understanding borders and remaking Europe via vertical Europeanization (Pedersen, 2015). However, horizontal Europeanization, traditionally more common in police collaboration and law enforcement, and its transformative effect on bioborders, remains understudied. Aiming to fill this gap, this book therefore focuses on how the Prüm system, as an example of horizontal Europeanization, reflects and shapes the implications of the hidden (dis)integration of Europe and reconfiguration of its bioborders.

In the following chapter, we begin by reviewing recent impulses from border studies more systematically to clarify why we are proposing to use the concept of 'biobordering', and we will outline biobordering's components and dynamics. Furthermore, in the chapter we will focus on the Prüm system and begin to outline how it reveals instances of debordering and rebordering that make borders more or less permeable.

#### References

Aas, K. F. (2011). 'Crimmigrant' bodies and bona fide travelers: Surveillance, citizenship and global governance. *Theoretical Criminology, 15*(3), 331–346. https://doi.org/10.1177/1362480610396643


**Open Access** This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/ by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence and indicate if changes were made.

The images or other third party material in this chapter are included in the chapter's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.

CHAPTER 3

# Biobordering as a Concept

**Abstract** This chapter introduces the concept of 'biobordering'. Taking the nationally grown crime control regimes into account, we argue that the proposed concept of bioborders is useful in capturing how the territorial foundations of national state autonomy are partially reclaimed (what we call rebordering) and at the same time partially purposefully suspended (what we call debordering). The concept of biobordering is particularly fruitful for understanding how modes of bordering entangle with largescale IT database infrastructures for the exchange of biometric data in the context of crime control. It highlights in particular the legal, scientific, technical, political and ethical dimensions of data exchange across borders across the EU. The chapter reviews recent insights from border studies and continues by outlining components and dynamics of biobordering that make bioborders more or less permeable for expansive biometric data exchange.

**Keywords** Modes of biobordering • National state autonomy • Debordering • Rebordering • EU

#### Introduction

In this chapter, we introduce the concept of 'biobordering'. Taking the nationally grown crime control regimes into account, we argue that the proposed concept of bioborders is useful in capturing how the territorial foundations of national state autonomy are partially reclaimed (what we call rebordering) and at the same time partially purposefully suspended (what we call debordering). The concept of biobordering is useful in trying to understand how modes of biobordering entangle with large-scale IT database infrastructures for the exchange of biometric data in the context of crime control. We do so, in particular, by looking into attempts to track the mobility of certain 'risky' individuals across state borders and identify people related to crimes, including victims, and missing persons.

In this book, the concept of biobordering aims to address the following research question: who or what is acting when transnational large-scale IT database infrastructures facilitate the exchange of biometric data for the purposes of crime control and tracking of mobile 'risky' people? In order to try to provide some answers, we use the concept of biobordering to understand actions and interactions that go beyond state-as-actor-centred perspectives. Therefore, we consider multiple actors and actions, including those that constitute or contest notions of the autonomy and territorial borders of nation-states. We take into account the actions and practices that confirm, but also suspend or contest, nation-states' legal and territorial borders. In summary, in this book we look in depth into the notion of *nation-state-embedded agency* in the context of the establishment and operation of such transnational infrastructures and understand such agency as activities that contribute to the performance of the actions of transnational infrastructures which remain shaped by nation-state logics.

Taking inspiration from research in technology and organizations, we mobilize the notion of 'distributed agency' (Rammert, 2008, pp. 78–83), which relates to the strong interdependence between the material and the social given the complexity and interaction between human and nonhuman elements. On the one hand, we assume that there are modes of ordering through 'distributed agency' across several human actors, including biometric specialists, criminal justice system personnel, data protection authorities and oversight bodies. On the other hand, we also take into account advanced technologies, such as biometric technologies and IT database systems, which perform action 'closely knit together' through their interrelations with human actors in a heterogeneous network of activities (Rammert, 2008, p. 82). By looking into 'distributed agency' across actors and technologies involved in the transnational infrastructures at stake, our aim is to understand how borders are enacted and reinforced through biometric technologies and biological data exchange in unexpected ways.

In this chapter, we begin by reviewing recent insights from border studies to clarify why we are proposing to use the concept of 'biobordering'. We continue by outlining biobordering's components, including debordering and rebordering dynamics, that make bioborders more or less permeable for expansive biometric data exchange. Afterwards, we explore the different logics of the debordering dynamics at work at the EU level, highlighting the legal, scientific, technical, political and ethical dimensions of data exchange across borders that are configured to achieve technological integration across Member States. In addition, we outline the notion of biobordering and its meaning in the context of the transnational exchange of DNA data regulated by the Prüm system, portraying how political and regulatory ambitions have translated into debordering practices of the EU institutions.

#### Biobordering: Who Borders What and How?

Recent insights from border studies have turned to approaches that understand borders not as given, but as continuously 'being made' and as involving 'b/ordering practices' (van Houtum, Kramsch, & Zierhofer, 2005; Kolossov & Scott, 2013). We situate our own approach in line with approaches that understand borders as emerging through socio-political as well as techno-scientific processes. Broeders and Dijstelbloem (2016) have stated that, in the context of new technologies of surveillance and the digitization of information about border policies, the nature of the border has changed radically (Broeders & Dijstelbloem, 2016). Now the border is 'everywhere' (Lyon, 2005). It has changed into a 'border security continuum' (Vaughan-Williams, 2010). Trends towards the virtualization and digitization of measures for transnational police collaboration in the context of migration and crime control have shifted formal border policy agendas and actual polities. Under the labels of 'smart borders' (Lehtonen & Aalto, 2017; Leese, 2016), 'iborders' (Pötzsch, 2015) and 'virtual borders' (Johnson et al., 2011), these trends have been addressed in policy discourse and extensively reflected in border studies (Amoore, 2006).

Louise Amoore coined the term biometric borders to describe how biometrics shape borders in society. By studying 'dataveillance' in the war on terror, Amoore (2006, p. 339) found that biometric techniques involve processes of objectivization, that is, practices that divide and break up a subject into calculable risk factors that transform the subject into an object. Such objectivization results in new technologies of surveillance identifying 'what effectively become suspect populations or "risky groups"' (Amoore, 2006, p. 339). Performing the very idea of the biometric border is then described as an exercise of biopower (Amoore, 2006, pp. 337–339), by which the bodies of migrants and travellers themselves turn into sites of multiple encoded social, legal, gendered and racialized boundaries. In a collectively published contribution, Paasi in a subsection of a joint article (Johnson et al., 2011) has argued, with reference to Amoore, that technical landscapes of control and surveillance monitored by increasingly technical devices and biometrics may also contribute to the bordering in a society. By expanding Amoore's concept of 'bordering in society', Paasi specifies how borders can also be constitutive of social, cultural and political distinctions between social groups in relation to technologies. In this sense, Paasi argues that new technologies associated with border control for the purposes of preventing terrorism or illegal immigration may indeed exist 'everywhere' (Johnson et al., 2011).

Very few studies (Tsianos & Kusters, 2016; Tazzioli, 2019) have addressed what such biometric borders mean for the people affected. An exception is Scheel's work (2013), which explores how migrants contribute to what he calls 'processes of biometric rebordering' when biometrics impact the ways in which migrants appropriate their mobility to counter biometric border regimes. Scheel emphasizes how this in return requires us to rethink moments of autonomy in migration. The studies that do address targeted populations focus on migration control, but rarely on crime control. An exception is Machado and Prainsack's (2012) study on prisoners and their perceptions of DNA technologies, which primarily focuses on situated understandings of targeted populations in Austria and Portugal rather than on the impact of borders. Biometrics for identification applied not specifically and narrowly for the purpose of migration and crime control but with an effect of constructing suspicion and partially criminalization of targeted populations are at stake in the context of India's Aadhaar programme. With the world's largest national biometric identification database which was initiated in 2009 the Government of India aimed to confront two problems. First, comprehensive biometric identification was thought as a solution to the lack of identification papers amongst the rural and urban poor and thus providing access to government welfare and benefits. Second, it was meant to identify and eliminate 'fake', 'duplicate' and 'ghost' identities to defraud the welfare system (Nair, 2018, p. 143). Nair (2018, p. 153) stated that instead of providing benefits or entitlements, Aadhaar turned out as a surveillance technology 'understood and contested through entwined ideas of identity, belonging, and criminality' and identified blurred categories and boundaries of 'what differentiates the body of the innocent from the culpable, the citizen from the illegal immigrant' in post-colonial India.

While most border studies interested in biometrics in the EU have been concerned with the role of borders in relation to people and people's bodies, we argue that the shift towards attempts to make national borders permeable for biometric data exchange deserves further attention. We call such borders 'bioborders' and assume that unpacking such bioborders will help us to understand how they shape new forms of surveillance of 'risky groups' across Europe. Bioborders emerge as a result of heterogeneous attempts to organize data border-crossings. The shift of focus towards making borders permeable for data exchange may also help make visible the multiplicity of nation-states' situations and their different approaches, from enforcement to 'laissez faire', to data bordering practices and help us understand how different nations install different modalities of border control for biometric data and have multiple and diverse social considerations about its associated ethical impacts for tracked and implicated people.

The purposeful acts of creating and configuring bioborders are also better understood by using van Houtum and van Naerssen's (2002) notion of 'b/ordering practices'. The authors highlight the close connection between the different bordering and ordering practices which simultaneously co-create normative, regulatory and organizational orders constructing differences. Modes of ordering emerge as attempts to regulate what happens on one nation's side of the border and on the other and what happens to those who cross the border. While van Houtum and van Naerssen use the concept of 'b/ordering' to highlight the impact of ordering practices on people, our approach is interested in the organizational, regulatory and normative ordering processes for data border-crossings. Van Houtum and van Naerssen also explore the practices of ordering and othering people, thus emphasizing how differences become reinforced. Complementarily, our approach analyses attempts to enable quasi-borderless data flow as an attempt to undo the legal, scientific, technical, political and ethical differences across borders.

In this book, we argue that biometric database systems constructed in the JHA area for security and surveillance purposes deserve additional attention beyond their explicit use in migration and border control. Transnational law enforcement and police cooperation building increasingly on biometric data information systems are framed in policy discourse as promoting forms of integration across EU Member States (Council of the European Union, 2003). However, different dynamics shape how multiple occurrences of the state's rooted autonomy and the integration ambitions of EU institutions meet and configure diverse bioborders for data exchange.

#### Debordering and Rebordering Dynamics

This book furthers the analysis on 'biobordering' (Amelung & Machado, 2019) to explore the establishment of transnationally applied biometric technologies. Such biometric technologies come explicitly with regulation of how data may (or may not) cross the borders of nation-states and implicitly produce a heterogeneous landscape of historically contingent and intentional reordering processes that partially overcome and partially reinforce nation-states' territorial borders through bodies, data and technology.

A particular 'biometric imaginary' (Gunnarsdóttir & Rommetveit, 2017) drives attempts to track the mobility of certain people in the context of crime control across state borders. This imaginary builds on the idea that the more data is exchanged, the more useful it is, and that the expected benefit of such technologies is to enhance the security of societies (Prainsack & Toom, 2010).

We understand the transnational biometric technology systems enacted for law enforcement to be 'attempts to expand biometric data exchange and establish "borderlessness" for data flows and to overcome the logics of nation-state boundaries' (Amelung & Machado, 2019, p. 396). The aim of such endeavours is to diminish technical, scientific, operational and legal obstacles, resulting in increasingly permeable bioborders (ibid). Yet, the nation-state's situated modes of ordering may derive from territorially driven logics in which the state's autonomy drives the creation or maintenance of its own systems for collecting, sharing and protecting biometric data. Therefore, nation-states' trajectories of biometric databasing remain contingent on their own historically and culturally shaped political–judicial paths of biometric technology and database development. Bioborders are thus understood as historically grown boundaries separating different national systems of biometric data collection. In order to allow biometric data to cross a nation-state's territorial borders, bioborders need to become reordered and constructed in a way that interconnects national infrastructures of regulatory, biometric, information technology and organizational dimensions dedicated to the retention of biometric data.

The ambition to create expansive biometric data exchange requires what we call the debordering of historically grown bioborders: bioborders must be made permeable and data made available across borders (Amelung & Machado, 2019). By 'expansive' biometric data exchange, we refer foremost to the extent of types of data made available as well as to the extent of connections built which in consequence affect the scope of exposure of data subjects to international police collaboration. At the same time, when confronted with requirements to make their data available, actor networks in the Member States respond by raising a diverse range of concerns over data protection, technical infrastructure, and the need to install appropriate safeguards and oversight to prevent malfunctions of the data exchange systems. Consequently, actor networks in Member States may create conditions that reinforce bioborders—what we call rebordering—by making them only selectively permeable and by putting data border-crossings under stricter regimes of control.

We follow Rumford's (2012) invitation to make a 'multiperspectival study of borders' by differentiating and combining perspectives of 'seeing like a state' and 'seeing like a border'. Rumford offers a couple of reflections that correspond with our approach. He proposes that state-centred views on borders should not be seen exclusively as synonymous with a predominant interest in territorial nation-state borders. Furthermore, he assumes that borders do not always work in the service of the state. Finally, he states that ineffectual borders may be in place in spite of, or even through, local or partial bordering practices.

In line with Rumford (2012), our approach favours a specific way of 'seeing like a state'. That is, we shift away from notions of the EU or the Member States as coherent, rational and intentionality-driven actors towards the distributed, yet collective, agency of a heterogeneous set of actors with multiple intentions and rationalities, potentially even conflicting ones. They may rely on different but co-existing nation-state referencing rationalities. Distributed agency then—as explained above—is attributed also to advanced technologies involved in the technoscience of biometrics and database exchange (Rammert, 2008). 'Seeing like a border' in our context provides insights into how national autonomy and sovereignty are claimed, negotiated and suspended not only through legal and political bordering processes but also through scientific and technical bordering practices that correspond with techno-political cultures and that manifest specific regimes for biological data retention and exchange. In order to specify that idea for the dynamic of debordering, we can imagine a commitment to expansive biometric data exchange as driven by policy-makers establishing the legal conditions, but at the same time it can be also driven by a forensic technocracy establishing scientific and technical conditions (Prainsack & Toom, 2010). Thereby the established technical solutions and their rationales itself may contribute to facilitate and expand the data exchange and create further affordances to maintain or advance the data exchange as might become plausible when considering recent trends towards interoperability between database systems (see Chap. 2). An important distinction with regard to debordering dynamics is related to the range of influence which we call either *circumscribed or diffusive debordering*. We may find debordering oriented towards expanding the data flows bounded to the own nation-state's bioborders. Such *circumscribed debordering* refers to the expansion of data exchange via types of data made available and/or the speed of making and the number of connections. The expansion influences the scope of one's country data exchange network and the volume and/or categories of data. In consequence, circumscribed debordering, firstly, expands the volume of data and/or the type of data subjects that are exposed to possible matching with other data from other countries' databases. Secondly, it enlarges the exposure of data subjects to wider geographical data landscapes by including the exchange with more country databases and to additional transnational law enforcement. We may find *diffusive debordering* as attempts of expanding debordering beyond one's own country, for instance, via spreading the political principles, technologies, IT infrastructures, tacit knowledge and trainings on Prüm operations in order to deborder bioborders of other nation-states.

While, as one form of biobordering practice, debordering dynamics might conceptually be more intuitive than rebordering dynamics, since debordering conforms with formal EU policy agendas and policies around integration, it is important to understand that debordering comes with a specific mode of ordering. We present the EU's political and technical attempts to secure the unhindered cross-border flow of biometric data among Member States as a levelling mode of ordering aimed at diminishing technical, scientific and legal 'obstacles'.

Our take on rebordering deserves three further clarifications so that rebordering is not confused with a simple failure of nation-state embedded sets of actors to secure more than a nominal implementation of the initial ambition of debordering dynamics. First, understanding rebordering as a distributed agency comes with the consequence that it is not necessarily a deliberately agreed-upon and intentional process designed by the whole actor network involved in biobordering dynamics aimed at restricting data exchange across bioborders. Instead, it can be an ambiguous process deriving from multiple constellations of intentions, motives and unintended, but tolerated, developments that result in the maintenance or creation of technical, scientific, operational and legal idiosyncrasies. Measured with the debordering ambition, such constellations may be understood as 'obstacles' and restrictions to 'borderless' data exchange. Consequently, the mode of ordering in rebordering dynamics might be driven by emphasizing aspects of nation-state autonomy and therefore reclaiming borders to manifest specific conditions for expansive data exchange.

Second, taking the regulatory dimension into consideration as one partial site for driving rebordering dynamics outlines how the state's monopoly on pre-establishing national law shapes specific legacies. Such legacies play out in how transnational collaboration in law enforcement has changed, but also in how legal data protection and human/civil rights regimes have evolved differently (Fiodorova, 2018). These contingencies deserve attention not only with regard to how they form judicial and legal 'obstacles' for the establishment of cross-border collaboration, including information exchange, but also for the ways in which they contribute to harmonizing regimes to protect civil and human rights that are potentially disproportionally under threat. National laws—for example, criminal law, immigration law and data protection law—'do not generally transcend national borders' (Bantekas & Nash, 2007, p. 407). Thus, national laws are contained within territorial limits rooted in state sovereignty and its implementation of judicial, administrative and coercive powers. From a legal viewpoint, it was for a long time safe to say that country borders signalled that one legal order had ended and another begun (Fiodorova, 2018, p. 7). As we have made clear, this is no longer the case: transnational criminality has challenged legal country borders.

Third, in order to understand the somewhat counter-intuitive dynamics of rebordering better, we rely on Saskia Hufnagel's comparative work on the EU and Greater China, which has explored the facilitation of crossborder flows of police information (Hufnagel, 2017). The author argues that human rights are necessitating the building of 'congestions' that stop or slow down the flow of information. She specifically explores different forms of obstacle to the 'free flow' of policing. She argues further that the free flow of policing is not in anyone's interests, since in democratic politics, the police—as an executive branch of the government—is supposed to serve and not potentially harm the people.

We build on the idea of legitimate 'obstacles' that are justified to the nation as a valid barrier and restriction to borderless data exchange and explore the justifications and legitimacy claims behind attempts to restrict free cross-border information flow. Yet, we do so in a broad sense, by not only referring to different regimes of human rights and jurisdictions but also including 'obstacles' that are considered legitimate as being in the national interest or more specifically in the interest of the national people. An important distinction to Hufnagel's conceptualization (2017) is related to the understanding of human rights within the EU. In comparing the EU as a single entity with Greater China, she is working with the assumption that the EU has a shared human rights regime. Our approach remains sensitive to the differences between EU Member States not only in human rights practices but also with regard to technical, scientific, operational and other legal practices that are linked to legitimacy claims rationalized through national collective subjectivities and democratic justifications.

#### The Establishment and Performance of Bioborders in Europe

By taking inspiration from Johnson, Williams, and Martin (2003, p. 26), we can advance towards the different material, regulatory and epistemic layers that contribute to the establishment of bioborders. Johnson et al. (2003, p. 26) proposed four constitutive components of national criminal DNA databases, which we have built on to reflect on data exchange flows across them (Amelung & Machado, 2019, p. 397):


We consider these legal and regulatory, techno-scientific biometrical, IT database and organizational components to be constitutive of border infrastructures. Agency is distributed across a heterogeneous actor network of regulators, security professionals, forensic technocratic experts and other criminal justice systems' stakeholders who are involved in national biometric data collection and retention and in operational data exchange and who jointly contribute to the constitution of bioborders (Table 3.1).

In order to portray and typify different bordering dynamics, we use the following three analytical dimensions in making cross-country comparisons of the bioborders in question:



**Table 3.1** Analytical heuristic for the study of bioborders

Source: Authors

exchange system and how these co-produce notions of the integration/disintegration of Europe

• *What data travels across borders* and, thus, who counts as a suspect, offender or differently eligible for data exchange and how expansive/restrictive is the data exchange with regard to how many categories are exchanged and with how many countries

We propose to analyse the national historical legacies that shape DNA databasing, DNA technologies and transnational DNA data exchange as acts of imagining the nationhood. We approach 'nationhood' inspired by Benedict Anderson's take on nations as 'imagined communities' (Anderson, 2006). His approach builds on an abstract sense of imagined belonging, 'because the members of even the smallest nation will never know most of their fellow-members, meet them, or even hear of them, yet in the minds of each lives the image of their communion' (Anderson, 2006, p. 6). We complement Anderson's perspective on imagined communities with the co-constitution of specific politics of belonging. As proposed by Yuval-Davis (2006), such politics separate the world population into 'us' and 'them', thereby including some people/and excluding others. By following this approach, we aim to remain sensitive to postcolonialist criticism, which considers the historical experience of colonization and dispossession and the relationship between the processes of colonization and criminalization. Such an approach refuses to take offending rates at face value and argues that the contribution of institutional practices and legal frameworks within which criminalization is embedded needs to be taken into account. That is, it argues that institutional practices contribute to reproducing marginalized peoples as criminal subgroups and therefore reconsiders the reasons for their overrepresentation in the criminal justice system (Wacquant, 1997).

#### Prüm and 'De- and Rebordering' of the Actor Network at the EU Level

After the Prüm Convention was incorporated into the EU's legal framework through the Prüm Decisions, all Member States were obligated to establish or appropriate the technical infrastructure needed for the implementation of DNA databases. They were also required to enact adequate legislation to set up the operational requirements needed to establish connections with other Member States and exchange data (Sallavaci, 2015, 2017).

The deadline for all EU countries to comply with Prüm Decisions was August 2011. However, most countries were unable to comply with the deadline for various reasons (McCartney, Wilson, & Williams, 2011; Prainsack & Toom, 2013). Some faced difficulties mobilizing political majorities to adapt national laws to Prüm provisions; some faced conflicts between stakeholders over who should take responsibility for Prüm; and others lacked human and financial resources (Prainsack & Toom, 2013; Töpfer, 2011). In addition, although the first DNA databases emerged in Europe from 1995, countries like Portugal or Poland had yet to put a database in place by 2005.

As Amelung and Machado (2019) have shown, the levelling mode of ordering, which builds on the distributed but collective agency of the heterogeneous actor network at the EU level, enforced a specific version of bioborders: the political biometric imaginary that the interoperability of DNA databases is a mere technical issue. Attempts at integration and debordering are undertaken by approaches aimed at the standardization and harmonization of scientific and technical procedures between forensic genetic laboratories based in different countries. Yet, confronted with the differences in the scientific and technical conditions among Member States, such standardization involves a continuous process of negotiation.

It is inherent in transnational attempts, such as Prüm, to control crime that they restructure the game of criminal investigation and evidence and the rules of criminal justice centred on the power of the state. Initiatives to expand and automate information exchange across borders and to build on specific forms of intelligence, such as biometrics, as constitutive components of cross-border collaboration reconfigure and try to standardize what counts as a 'crime' and a 'convicted criminal', a 'criminal suspect' and a 'victim'. These attempts of standardization are thought to be as effective as possible when as many countries as possible join the data exchange on the one hand and when data categories are aligned on the other hand.

Data categories related to the DNA analysis files being exchanged within the Prüm system cover a wide range, including convicted persons, suspects, crime stains, victims, unidentified persons, unidentified human remains, missing persons, relatives of missing persons and others.

According to the information provided by the Council of the EU in February 2020, Portugal and Greece allow the other Member States the least access to their data in terms of different data categories (Council of the European Union, 2020). They only provide access to files of two categories of data: Portugal to the categories of DNA profiles of 'convicted' persons and 'crime stains'; Greece to the categories of 'suspects' and 'crime stains'. Other operational countries share between files related to three or eight data categories. The most common categories exchanged with other countries are 'convicted' persons (shared by 25 out of 26 operational countries), 'suspects' and 'crime stains' (shared by 25 out of 26 operational countries), and 'unidentified human remains' (shared by 17 out of 26 operational countries).

As we have outlined in this chapter, at the EU level, we find a levelling mode of ordering at work that aims to diminish the technical and legal obstacles that contribute to debordering dynamics. Political and legal entities are aiming to harmonize crime control across the Member States through common scientific–technical standards applied in the exchange of DNA data and materialized in the digital infrastructure of a decentralized database system. The Prüm system at the EU level enacts a version of bioborders, increasing their permeability across states and thus fostering a hidden integration through technology.

This provides the basis for a closer look at how different biobordering regimes have evolved among Member States and how their modes of ordering have responded to the EU's debordering tendencies. In the next chapters, we present empirical cases that reveal the emergent processes of de- and rebordering that are maintaining and contesting a sense of Europe and enforcing references to state autonomy. The focus on the Prüm system enables us to portray diverse instances from Member State-embedded actor networks of biobordering and thus to provide a complex picture of the hidden (dis)integration of Europe.

The following chapters continue to explore cases from five European countries: Germany, the Netherlands, Poland, Portugal and the UK. These specific jurisdictions have been selected with the aim of presenting examples of the dynamics, tensions and ambivalences of biobordering processes. We emphasize the legal, scientific, technical, political and civic epistemological dimensions related to the governance and use of biometric technologies and demonstrate how certain patterns of biobordering become distinct, how expansive or restrictive—as debordering or rebordering—dynamics of biometric data exchange are obtained.

As Table 3.2 shows, the five country cases are different with regard to when they initiated their DNA database. While the UK, the Netherlands and Germany were among the early starters in the EU, beginning implementation at the end of the 1990s, Portugal and Poland only started their


**Table 3.2** National database characteristics

Source: Authors based on ENFSI (2017, p. 28)

DNA database a decade later. The selected countries' databases have also developed differently with regard to their size,1 partly because of when they were started, but also because of their differing inclusion and retention regimes. While Poland and Portugal have comparably small databases, Germany and the Netherlands have average databases (also in comparison with other EU Member States), and the UK has by far the largest database in the EU. The selected countries also represent a broad variety of European cases with regard to when they joined the Prüm system. The Netherlands and Germany were among the initial signatories of the Prüm Convention; Poland and Portugal were among a later generation of countries to join. The UK is the latest country to have joined the Prüm system and, given its exit from the EU, its future participation remains ambiguous.

Their involvement in the DNA data exchange differs widely. Taking a closer look again at the example of the data categories of DNA analysis files, we find a diversity among those five countries regarding their availability to exchange specific data categories.

Considering the selected countries in the focus of this book, the Netherlands covering six and Poland covering five different data categories are among those countries exchanging files of a higher number of categories (see Table 3.3). Germany and the UK tend to be more

1As the ENFSI report is to our knowledge the latest statistic which provides comparable information across countries, we refer to it to compare all country cases in this study. Data available at http://enfsi.eu/wp-content/uploads/2017/01/ENFSI-Survey-on-DNA-Databases-in-Europe-June-2016.pdf (last access on 23 June 2020). In the country case chapters, we provide additional sources for updated numbers which do not change the overall distinct characteristics.


**Table 3.3** National DNA analysis files available for exchange (selected countries)

Source: Authors based on the Council of the European Union (2020) restrictive by exchanging data files of only three different data categories. Portugal is among the countries providing the most limited access to DNA analysis files.

Finally, the criminal justice systems in Europe have been differently shaped by their respective legal systems, which shape how the custody of forensic DNA databases and the provision of forensic services are practically organized (Santos, Machado, & Silva, 2013). A substantial distinction is whether the justice system is adversarial or inquisitorial, as this can have an impact on which institution is the custodian of the DNA database. Most continental countries, including the Netherlands, Germany and Portugal, follow the inquisitorial system: the public prosecutor has the burden of proof, owns the monopoly of criminal investigation and, assisted by the police, has the power to initiate the necessary diligences (Hindmarsh & Prainsack, 2010). In adversarial systems, such as that in the UK, the judge plays an active role as 'fact finder' and is regarded as the 'experts of experts', while the disputing parties (the prosecution and the defence) present their versions of the facts and might have unequal access to resources and experts. Poland is considered to have a mixed system (Ryan, 2016).

#### References


*31*(2), 235–249. Retrieved from http://www.tandfonline.com/doi/full/1 0.1080/08865655.2016.1174606


**Open Access** This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/ by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence and indicate if changes were made.

The images or other third party material in this chapter are included in the chapter's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.

## Germany

**Abstract** Germany's DNA database was established in 1998 and grew into one of the mid-sized databases in the EU. Under the leadership of its Minister of the Interior, Germany was among the countries that drove the creation of the Prüm system and was among the first signatories of the Prüm Treaty in 2005. The 2007 German Presidency of the EU, along with the European Commission, also pushed for the integration of the Convention of Prüm into an EU legal framework. In terms of bordering practices, the German situation serves to illustrate an *expansive and diffusive mode of debordering*. This expansiveness is documented by the country's early involvement and comprehensive establishment of data exchange with most of the countries in the system; this diffusive character is illustrated by the string-pulling practices employed by Germany, and some other Member States' governments, to influence transnational police collaboration in the EU.

**Keywords** Germany • DNA database • Data exchange • Debordering • Prüm

#### Introduction

Germany's DNA database was established in 1998 and has grown into one of the mid-sized databases in Europe. According to the European Network of Forensic Science Institutes (ENFSI), as of June 2016, the German DNA database held 857,666 profiles of individuals (ENFSI, 2017).1 This amount of DNA profiles relates to 1.07 per cent of the resident population (of 80,000,000). More recent data shows that as of July 2017, there were 869,435 person profiles held in the database (Deutscher Bundestag, 2017) which does not change significantly the portion of the population because the overall population grew likewise. Among the databases of countries in Europe, the German database is an average size, comparable to that of the Netherlands (Reed & Syndercombe-Court, 2016).

Germany, under the leadership of its Minister of the Interior, was among the countries that drove the creation of the Prüm system and was among the first signatories of the Prüm Convention in 2005, which the German Parliament ratified in 2006. The 2007 German Presidency of the EU, together with the European Commission, also pushed for the integration of the Convention of Prüm into an EU legal framework (Töpfer, 2016, p. 812).

The German vision of Prüm was that it would harmonize international police collaboration through the use of biometric data. Prüm would help to interconnect different available data (Töpfer, 2016, p. 809). Germany's expansive approach is documented in its early involvement and comprehensive establishment of data exchange with most of the countries in the system. According to the latest data available, Germany is among the Member States with the most connections. It is connected and operational with 21 Member States (Council of the European Union, 2020). As we will detail later in the chapter, the German case provides evidence of the string-pulling practices employed by the governments of some Member States to influence the architecture and performance of transnational police collaboration in Europe. Germany's diffusive approach aims to enforce the implementation of Prüm elsewhere through political blaming and shaming of Prüm non-compliers and public calls for the EU to take

<sup>1</sup>As the ENFSI report is to our knowledge the latest statistic which provides comparable information across countries, we refer to it to situate Germany in comparison to the other country cases in this study. Data available at http://enfsi.eu/wp-content/uploads/2017/01/ ENFSI-Survey-on-DNA-Databases-in-Europe-June-2016.pdf (last access on 23 June 2020).

disciplinary measures against non-compliers. Therefore, the German case serves to illustrate an *expansive and diffusive mode of debordering*.

Germany's situation regarding genetics stands out because of its historical and cultural particularities. Public perceptions regarding genetics in Germany are still influenced by memories of Germany's Nazi past and of how science was used in racializing genetics and the eugenics movement (Kattmann, 2017). Germany's past has contributed to a strong sense of privacy regarding genetics and a general suspicion of state and law enforcement agencies having access to the sensitive genetic information of their citizens (Sperling, 2008). Such public scepticism was also dominant when the DNA database was established in 1998 (Lee, 2016, p. 216; BT-DRS 13/667).

There also seems to be particular racial sensitivities in Germany's criminal justice system and in wider public perceptions that can be illustrated by the 'Phantom of Heilbronn' case (Samuel & Prainsack, 2019, p. 32). In Germany's recent history, the case has demonstrated the problematic entanglement of the media, the institutional prejudice of investigators and forensic DNA-based investigation methods in the construction of highprofile crime cases (Lipphardt, 2018; Samuel & Prainsack, 2019). In the 'Phantom of Heilbronn' case, following a series of murders in Heilbronn in 2007, the DNA from the same person was linked to 40 crimes perpetrated between 1993 and 2009 in various countries: France, Germany and Austria. The DNA analysis suggested that the suspect was an East-European female, and criminal investigators took this as implicating the Sinti and Roma community (Samuel & Prainsack, 2019, p. 32). However, the presence of the DNA from the same person in dozens of crime scenes in different countries was eventually found to be the result of contamination caused by a Polish factory worker packaging cotton swabs that were then used in different forensic labs across Europe for the investigation of crime scene stains. In 2012, the Minister of the Interior for the German State of Baden-Württemberg apologized to the Sinti and Roma community for the police's bungled interpretation of DNA evidence after the Heilbronn murders (Lipphardt et al., 2016). The case revealed the 'potential for over-investment in or misunderstanding of test results in the context of existing stigmatisation of minority groups' (Skinner, 2018, p. 4).

A different aspect of discrimination of minority groups derives from the use of forensic DNA analysis in the context of migration and border control for the purpose of family reunification of immigrants (Heinemann, Helén, Lemke, Naue, & Weiss, 2015). As immigrants have no say on what happens to their DNA analysis results, their data is not required to be deleted and instead may be used for criminal prosecution purposes in case of reasonable suspicion that a criminal offence might be committed (Heinemann, Naue, & Tapaninen, 2013, p. 198). Heinemann and Lemke (2014, p. 501) assumed that data deriving from family reunification of immigrants might be stored and potentially exchanged via the Prüm regime for crime prevention purposes.

The particular notion of nationhood in Germany is entangled with cultural meanings of forensic DNA technologies that reveal historical traumas and their potential to enforce socially constructed differences between population groups. While we find overall a sense of societal ambiguity towards genetic technologies because of Germany's Nazi past, we also have exemplary cases illustrating modes of racism and discrimination towards minority groups being enacted through forensic genetic technologies.

#### National DNA Database Development

Germany's DNA database started in 1998 and grew to become a mediumsized database in comparison with the other databases in Europe (Reed & Syndercombe-Court, 2016). Forensic DNA analysis was used for the first time in a German court case a decade before the creation of the database, in 1988. In the case, the accused gave consent for their blood to be collected, but was not informed of the DNA analysis. Since the result seemed to indicate his guilt, he admitted the offence (Schultz & Wagenmann, 2017, p. 30). At that time, the use of identification by DNA profile was not regulated by law.

The *legislative framework* in Germany is characterized by a traditional civil law system built on an inquisitorial system. The main sources of law are the German constitution and codified law passed by the federal government. A first step towards the regulation of the DNA retention regime was that, in 1990, the Federal Supreme Court declared DNA profile analysis to be admissible as evidence in court, as it might help find criminals and exonerate the innocent. But the use of DNA analysis was only considered legitimate in cases of serious crimes. The first legal regulation of forensic DNA analysis followed in 1997, after the German Parliament and the courts had begun adjusting policies on the collection of DNA samples in response to peoples' fears about the dangers of genetic technology in the mid-1990s. The emerging policies regulated the limits of the use of DNA technologies (Lee, 2016, p. 216), as outlined in the reasoning for the 1997 legislation, which was first proposed in 1995:

[Legal regulations] also appear necessary because the determination of clear boundaries can counter the fears that are generally associated with genetic engineering and which are found in large parts of the population, that the use of such investigations in criminal proceedings leads to disproportionate, the essence of personality affecting interventions. (BT-DRS 13/667)

With the Criminal Investigation Amending Act DNA Analysis (Strafverfahrensänderungsgesetz DNA-Analyse), the federal government defined the conditions for the use of forensic DNA analysis.2 In 1998, the Interior Ministry installed a central DNA database at the Federal Criminal Police Office (Bundeskriminalamt or BKA) following the increasing media attention on cases of sexual abuse and murder of children. Among the cases to receive substantial media attention was that of an 11-year-old girl murdered in Strücklingen in 1996. The killer was arrested following the largest DNA dragnet operation in the world to that date, which involved collecting DNA samples from 16,400 men between the ages of 18 and 30 (Krimsky & Simoncelli, 2011, pp. 205–207). The Federal Criminal Police Office became the custodian of the DNA database. Public prosecution services can also be provided with data from the German DNA database for criminal justice purposes (Van Camp & Dierickx, 2007).

Over time, the legislation further outlined the conditions for the collection and storage of DNA profiles. The first specifications determined that DNA profiles could be created and stored for severe crimes (Schultz & Wagenmann, 2017, p. 32). A second specification followed in 1999, outlining the catalogue of crimes that count as 'severe crimes' and justify the creation of a DNA profile of convicted persons. In addition to capital crimes, the repeated commission of other criminal offenses including burglary, defamation and full intoxication can lead to the collection of DNA profiles3 (ibid.). In 2005, a third specification expanded

2The conditions were integrated into the German Code of Criminal Procedure (Strafprozessordnung or StPO) in 2005. Since then forensic DNA analysis can only be applied to a confined category of purposes, to investigate the identity of accused persons in an ongoing criminal procedure (§ 81a (3)) and to investigate paternity matters (§ 81e (1)). The analysis of a DNA profile must be ordered by a judge and the sample destroyed on completion of the criminal proceedings (§ 81f (1)).

<sup>3</sup> In German criminal law, full intoxication is a criminal offence under § 323a of the Criminal Code (StGB). The paragraph states: 'Anyone who deliberately or negligently gets intoxicated with alcoholic beverages or other intoxicating substances will be punished with the type of offences qualifying for the collection and storage of DNA profiles of suspects to include minor offences, if they are regarded as repeat acts. Another substantial change was that a judge's order was no longer absolutely necessary and people could voluntarily agree to provide DNA samples for a DNA profile analysis. This amendment resulted in a massive increase in the number of DNA profiles collected (Schultz & Wagenmann, 2017, pp. 32–33). The latest legal changes in Germany have legalized 'familial searching'—the search for relatives through near matches between DNA profiles—although it is a forensic genetic technology that has been contested for a long time due to privacy concerns (see below).

With regard to its deletion practices, Sallavaci confirms that Germany follows the ruling in *S and Marper v United Kingdom* [2008] ECHR 1581 (see Chap. 8) in relation to DNA profiles and fingerprint evidence and deletes an individual's data 'if they are found not guilty, charges are dropped or where after an arrest and investigation no further evidence is found' (Sallavaci, 2017, p. 9). According to the BKA law (§77 Abs. 1 S. 2 BKAG), the retention regime regulates that profiles of adults and of crime stains will be reviewed after ten years and profiles of minors after five years, and then either corrected or deleted.

Regulation concerning forensic DNA phenotyping (FDP) has been on the policy agenda since December 2016. In 2018 the federal government's coalition agreement and the Bavarian State Police Law had advanced with the plans of inclusion of FDP techniques. In 2018, Bavaria explicitly permitted the prediction of age, hair, eye and skin colour under the specific condition of what was called 'pre-emptive immediate threats' or 'imminent danger' (Momsen & Weichert, 2018). Momsen and Weichert (2018, p. 4) explain:

[…] the extremely vague concept of 'imminent danger' suggests that the line between averting imminent danger and prosecuting potential criminals should be blurred. The 'endangered' is not a category of applicable law. People or groups are declared potential offenders, who are sanctioned by police law in anticipation of a later punishment.

Contested by civil society groups, forensic geneticists and data protectionists, the change allows FDP to be carried out based on the police's

imprisonment of up to five years or a fine if the person commits an unlawful act in this state and cannot be punished because the intoxication was incapacitating the person [...]'. (own translation).

presumption about an existing 'imminent danger'. Momsen and Weichert (2018, p. 4) conclude that '[t]he proposals are therefore unconstitutional and contrary to European law. They do not take into account the highly personal relevance of genetic data and the associated risks of discrimination'.

After a bundle of FDP techniques were incorporated already into the first state's legal system—in a federal state system of 16 states—the national parliament passed a bill including the prediction of externally visible characteristics and age, but excluding the prediction of biogeographic ancestry by the end of 2019 (Gesetz zur Modernisierung des Strafverfahrens, 2019). The federal law does not refer to the concept of 'imminent danger' and instead regularizes FDP for the whole country.

With regard to the *technical database infrastructure*, the federal state structure of Germany affects the organization of, and access to, the database. Officials from the BKA and the state criminal police offices of Germany's 16 states have direct access to the database. The IT system the database runs on was developed in Germany and has been rebuilt several times. The database works with an Oracle system. Germany was also involved in developing the Prüm software, which was developed jointly by DNA and IT experts from the Bundeskriminalamt (BKA) and staff from the Ministry of the Interior of Austria and the Netherlands Forensic Institute in the Netherlands (Table 4.1).

Regarding the *organizational imperatives and principles*, such as reliability, transparency and public accountability, which govern the database and translate into work routines, a particularity of the German system is the parallel structures of oversight regarding data protection at the federal and state levels. There are data protection commissioners in each of the 16


**Table 4.1** Development of the German forensic DNA database

Source: Authors based on information from Deutscher Bundestag (2017) Antwort der Bundesregierung. BT-Drucksache 18/13411

states who control the creation of entries in the national DNA database and maintain the deletion periods for the data they 'own'. The data protection commissioner at the federal level, together with the internal data protection commissioner at the Bundeskriminalamt, is in charge of overseeing the few entries the Bundeskriminalamt contributes to the database, which are few in comparison with the entries made at the state level (Deutscher Bundestag, 2017).

Differently than in Portugal, the Netherlands and the UK, in Germany, information about the categories of DNA data included in the DNA database and about data exchange with other countries is only made public on request, as there are no annual reports that include such information. Requests must be made through parliament and are often initiated by opposition parties. The government then provides an official response about the situation of the database, the data development in the database, and the data exchanged transnationally. In consequence, this lack of public accountability necessitates an attentive parliament, ready to call for transparency and be a critical 'watchdog' (Deutscher Bundestag, 2017).

Alongside the data protection commissioners and parliament, other stakeholders complement the panorama of public voices accompanying (often critically) the national DNA database, DNA technology development and data exchange. Several social scientists as well as civil societal actors within Germany have cast a critical eye over the evolution of the DNA database. General criticisms of expansionary DNA profiling regimes have been voiced sporadically, for example, by the activist German 'Campaign against DNA collection frenzy' (Gen-ethisches Netzwerk e.V., 2011; Williams & Wienroth, 2014, p. 8). The presence of at least partially critical civil society actors, including independent data protection experts and legal scholars, represents the demand for further accountability regarding the DNA database.

Regarding the *development of DNA technology*, as in other countries, recent technological innovations in forensic genetics have entered Germany's regulatory context. Familial DNA database searching is one of them. It is based on near matches between a crime stain and a databased person, who could be a near relative of the true perpetrator (Maguire, McCallum, Storey, & Whitaker, 2014). Before regulations on their use existed, it became publicly known during a dragnet operation that the German police was already using familial searching strategies. In the little town of Dörpen in northern Germany, the police arrested a young man accused of rape after they analysed the DNA of his two brothers, who had participated in the dragnet. Partial matches between crime scene DNA profiles of the perpetrator and of the brothers' profiles identified the young man as the suspect (Roewer, 2013, p. 7). In 2012, the Federal Constitutional Court of Germany decided against the future use in court of evidence derived from familial searching. However, in November 2013, the German government decided to legalize familial searching if it is used as part of a DNA dragnet (Lee, 2016, p. 218). This decision was controversial after the court decision from the previous year had determined that there was no legal basis for familial searching's use in that way (Lee, 2016, p. 218). Yet, in 2017, the legislator legalized familial searching with the 'DNA-Beinahetreffer' (Voß, 2017, p. 5).

As FDP was regularized at the federal level, the regulatory process and accompanying public debate provide insights on how forensic genetic innovations have stimulated controversies recently. A range of symposiums and workshops to discuss and debate the possibility of permitting FDP already took place in 2017, including those hosted by the Ministry of Justice (March 2017) and by the University of Lübeck/Kiel at the Department of Legal Medicine (December 2017). Samuel and Prainsack (2018, p. 41) have explored the public debates and controversies accompanying the legal initiatives arguing in favour of FDP. The authors named a couple of 'key players' in the debates, such as an interdisciplinary Freiburg-based group that includes geneticists and biostatisticians, as well as the German Stain Commission, the board of the German Society for Legal Medicine, and the Working Group of Academic Forensic Geneticists. Most of the experts argue that 'this technology is a meaningful expansion of forensic methods as long as an appropriate regulatory framework protects against misuse' (Samuel & Prainsack, 2018, p. 41). In 2019, a final consultation process was conducted by the Federal Ministry of Justice and Consumer Protection and provoked supportive as well as critical invited and uninvited advisory opinions on the draft law in response. Zieger and Roewer (2019), two forensic geneticists, have argued that the intrusion into personal integrity is at stake with the regularization of FDP and that its proportionality needs to be constantly adjusted according to its actual applications in practice and the ongoing scientific development in the area of forensic genetics. Schneider, Prainsack, and Kayser (2019, p. 879) recommended to complement the regularization of FDP by measures of transparency and proportionality which counter tendencies of growing xenophobia and potential discrimination of minority populations through trainings of forensic geneticists as well as of criminal justice actors. Favouring the establishment of oversight institutions which anticipate and oversee the ambiguous aspects related to FDP, forensic geneticists such as Zieger and Roewer (2019) also proposed to install a national ethics committee for extended forensic DNA analyses which would decide its application on a case-by-case basis. Such recommendations have not been considered up to now.

#### Bordering Practices and Ordering Transnational DNA Data Exchange

The origins of the Prüm Decision go back to a German initiative that followed the G8 summit of 1996, when the interior and justice ministers of the eight most powerful industrial nations agreed to improve information exchange and establish national and international DNA databases (Töpfer, 2016). It was Germany's Interior Minister, Otto Schily, who negotiated the Prüm contract and its technical implementation with the Netherlands, Belgium and Luxembourg, Austria, France and Spain. In 2005 this group of countries signed the Prüm Convention in the German town Prüm.

In accordance with Article 51 of the Prüm Convention, Schily's successor, Wolfgang Schäuble, began to ask other countries to participate. Töpfer (2016) states that Schäuble's approach was an open affront to the EU Commission, as he mobilized seven further Member States to ratify the Convention soon after and thus bypassed the EU institutions and processes. It is said that this was done to avoid the lengthy processes of harmonizing data protection regimes (Töpfer, 2016, p. 812). Supported by interested Member States, Schäuble used the German Presidency of the Council of the EU in the first half of 2007 to secure the Europeanization of the Prüm model (Töpfer, 2016, p. 812). In 2008, the Prüm Convention was transformed into the Prüm Decision. Its development, choreographed and decided by a small group of Member States, followed the model of the Schengen agreement (which was likewise a German initiative) and shaped the particular standards of cross-border police collaboration in Europe (Töpfer, 2016, p. 813).

A particularly critical issue with regard to transnational DNA data exchange that raised criticism was the lower scientific standards applied to the storage of DNA profiles in the beginning of data exchange in Germany (Töpfer, 2010). German forensic laboratories used a lower number of markers in their analysis than other countries that joined the Prüm system early on, and this risked creating a higher number of false positive matches when exchanging data that would need to be double-checked (Santos, 2017). False positive matches match two profiles that do not derive from the same person. Scientific ambiguities and the risk of near matches, potentially leading to the incorrect identification of suspects, were therefore of great relevance in the German case. It is, thus, important to take into consideration the approaches to data security taken by other Member States with regard to the German data.

Kees van der Beek (2011, p. 10), a former custodian of the Dutch DNA database, has highlighted the lower quality of 600,000 reference DNA profiles contained in the German DNA database. The lower quality was seen in the comparably lower number of loci—the unique physical locations of a gene (or specific sequence of DNA) on a chromosome (Butler, 2009, p. 453). The DNA profiles in the German DNA database were based on a particular set of loci (the so-called old European Standard Set, which includes seven loci plus the locus SE33) to be applied in DNA testing and to produce DNA profiles. The particular circumstances of the reference DNA profiles in the German database increased the chance of near matches when comparing DNA profiles. Near matches occur when a locus does not match (completely) between two DNA profiles from the same person (ENFSI, 2017, p. 24) and require additional tests to exclude the probability that apparent matches are no matches. According to ENFSI (2017, p. 23), 'the lower the number of loci, the higher the match probability of the DNA profile and the risk of near matches'. And Taverne and Broeders (2015, p. 40) have confirmed that there was a higher probability of false positive or adventitious matches—matches to the profile of a person who is not the true donor of that profile (Butler, 2009, p. 440) in the early years of exchange in the Prüm system because of the overall larger number of matches with Germany.

Since the issue was addressed in the specialist groups of forensic geneticists European DNA Profiling Group (EDNAP) and ENFSI, Germany increased its standards in accordance with an ENFSI agreement that was formalized in 2009 by the EU Council of Interior and Justice Ministers (Töpfer, 2010, pp. 84–85; ABl. EU C 296/1 v. 5.12.2009) and that added five loci (to the existing seven) to the European Standard Set. A decision was made in favour of standardizing the number of loci across Member States participating in Prüm's transnational DNA data exchange and in favour of extending the mandatory number of loci to be analysed in a DNA profile (Gill et al., 2006). In consequence, Germany increased the number of markers—the number of genes or specific DNA sequences of known location on a chromosome—that are used as a point of reference in the mapping of other loci (Butler, 2009, p. 453). Nonetheless, civil society actors in Germany have called for radical measures, including the abolition of the Prüm system (Gen-ethisches Netzwerk e.V., 2011), warning of risks relating to privacy, a lack of transparency and accountability, and manipulation of the assumption of innocence.

Regarding the dynamics of *data border-crossings* and the provision of access to data categories, Germany allows access to data on 'convicted', 'suspects' and 'crime stains', which are the most common categories exchanged among Member States (Council of the European Union, 2020). Its geographical position in Central Europe has made Germany interested in rapidly increasing its bilateral exchange relations. There is a clear priority to exchange data with neighbouring countries along particular German border zones, and such exchange is expected to be more productive in producing hits across databases than exchanges with other countries. This priority was most obvious in the initial choices Germany made in expanding its network for data exchange. Thus, for the first connection, made between the Dutch and German databases in July 2008, 'approximately 25,000 Dutch crime scene profiles were submitted to Germany, and approximately 125,000 such profiles from Germany were sent to the Netherlands' (Prainsack & Toom, 2010, p. 1122).

Regarding the *national legacies of DNA databases and DNA technologies*, Germany not only was among the countries which influenced the content and establishment of the Prüm system but has also continued to pull strings during the implementation and expansion of the Prüm system by attempting to put pressure on Member States that have been slow in engaging with Prüm. The dominant narrative of the German government repeatedly uses the rhetorical repertoire of blaming and shaming with regard to those Member States not yet participating properly in the Prüm system; in this, it echoes the debordering claims of the EU.

In 2016, the European Commission formally communicated to Italy, Croatia, Greece and Ireland that they were not in compliance with the EU rules regarding the exchange of DNA data to combat terrorism and serious crime and that it had initiated infringement proceedings (Phelan, 2017). The European Commission gave the respective national governments a period of two months in which to implement the Prüm Decision, highlighting the fact that they were supposed to have done so in 2011. In January 2017, Joachim Herrmann, the German Minister of the Interior of the Federal State of Bavaria, publicly complained that this group of countries should receive a penalty, arguing that countries that do not comply with EU orders on matters of anti-terrorist security should leave the Schengen space; his remarks were covered in the media internationally (Bandeira, 2017).

In terms of the *motifs and notions of nationhood* mobilized in complying with the Prüm system, it becomes obvious that Prüm has been a political project for the German government. A distinct national policy agenda in the context of security and crime control was pushed forward in an attempt to prevent rigid data protection regulations (Töpfer, 2016). In this, Germany manoeuvred outside EU institutions to align a smaller number of Member States to create borderless data flows and, thus, can be considered as the political architect behind the Prüm system. Only afterwards, through the joint agenda of some of the more proactive countries in the domain of international security—including Austria and France—aimed at regularization and Europeanization, did it become mainstream to get involved in transnational information flows.

In terms of *hidden (dis)integration* in Europe, we can confirm that the German case provides a complex scenario with regard to technical and scientific matters. On the one hand, the lower standards for the number of loci in DNA profiles—in comparison to other Member States such as the Netherlands—that were employed in the German database and generated 600,000 DNA reference profiles were a techno-scientific obstacle for some other countries exchanging data with Germany (Taverne & Broeders, 2015). On the other hand, the diverse number of loci used for DNA profiles across Member States triggered some debate. In consequence, further efforts were made to harmonize the techno-scientific standards of DNA data exchange and the rules for declaring matches across profiles. These efforts required also the integration of diverse understandings of the potential risks of DNA data exchange and how to cope with them. In summary, the German situation provoked the alignment over and anticipation of the risks of adventitious matches, which can result in innocent people being implicated in a crime. And Germany increased its standards regarding the number of loci used for DNA profiles to conform with the new European Standard Set.

From the German debordering approach, we learn about the *diffusive mode of debordering* and how German political actors have attempted to disseminate the Prüm regime to other Member States through the political arena by enforcing the political commitments to the principles of Prüm. Furthermore, we learn how diffusion takes place through being considered as an example for others of an *expansive mode of debordering*.

#### References


Voß, M. (2017). Spezialreport StPO-Reform 2017. Deubner Verlag


**Open Access** This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/ by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence and indicate if changes were made.

The images or other third party material in this chapter are included in the chapter's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.

# The Netherlands

**Abstract** The Netherlands' DNA database was legally established in 1994 and became operational in 1997. It represents one of the mid-sized databases in the EU. The Netherlands has a track record of 'innovation' regarding the regulation and practical application of genetic technologies for forensic purposes. The Netherlands was involved with the Prüm regime from its beginnings in 2005. In terms of bordering practices, the country serves as an exemplary case of an *expansive and diffusive mode of debordering*. This positioning derives from the fact that the Netherlands has been a front-runner in building and implementing the technical framework for Prüm in its most expansive form; it is currently one of the most active countries in the Prüm regime. In addition, the Netherlands has also proactively trained other Member States, guiding them towards effective implementation and thus diffusing the expansive mode of debordering.

**Keywords** The Netherlands • DNA database • Data exchange • Debordering • Prüm

#### Introduction

The Netherlands' DNA database was legally established in 1994 and became operational in 1997. According to the European Network of Forensic Science Institutes (ENFSI), in June 2016, the database held 237,254 profiles from individuals, which represented 1.4 per cent of the country's population.1 In April 2020, the Dutch DNA database held 328,542 profiles from individuals,2 which represents 1.9 per cent of the country's population (of 17,134,1783).

The Netherlands has a track record of 'innovation' regarding the regulation and practical application of genetic technologies for forensic purposes. In 1994, it was the first country to introduce dedicated legislation for the use of forensic DNA to compare DNA profiles from a suspect and from a crime scene (M'charek, Toom, & Jong, 2020; Toom, 2012a). In 2003, the Netherlands was also a pioneer in regulating the use of genetically determined externally visible characteristics in criminal investigations (Hopman, 2020; Hopman & M'charek, 2020; M'charek, 2008). Since then, controversial uses of DNA data, such as forensic DNA phenotyping, familial searching and mass screenings, have gained importance in criminal investigations in the country (Jong & M'charek, 2017).

The Netherlands was also involved with the Prüm regime from its beginnings in 2005. Now, it is one of the most active countries in the Prüm regime, exchanging DNA data with most operational countries. More particularly, it is connected with all 24 Member States in the system (Council of the European Union, 2020). Dutch bioborders are addressed as an exemplary case of an *expansive and diffusive mode of debordering*. This position describes the processes by which the Netherlands has been a pioneer in building and implementing the scientific–technical framework for Prüm. In addition, the *expansive and diffusive mode of debordering* also reflects the Netherlands' role in diffusing the use of DNA data exchange

1As the ENFSI report is to our knowledge the latest statistic which provides comparable information across countries, we refer to it to situate the Netherlands in comparison to the other country cases in this study. Data available at http://enfsi.eu/wp-content/ uploads/2017/01/ENFSI-Survey-on-DNA-Databases-in-Europe-June-2016.pdf (last access on 23 June 2020).

2Data available at https://dnadatabank.forensischinstituut.nl/resultaten/aantal-profielen-dna-databank-strafzaken (last access on 18 June 2020).

3Data available at https://www.worldometers.info/world-population/netherlands-population/ (last access on 23 June 2020).

by actively assisting other Member States in setting up the techno-scientific and operational infrastructures needed to participate in forensic DNA data exchange. In this, the Netherlands also promotes and guides other countries towards the expansive mode of debordering.

The Netherlands' historical and cultural particularities make it an interesting case in terms of biobordering dynamics. The country has been active in the European unification process from the very beginning. It was one of the six countries that established the European Coal and Steel Community in 1952 and signed the Treaties of Rome in 1957, which established the European Economic Community and the European Atomic Energy Community. The Netherlands was also among the 12 Member States that signed the Treaty of Maastricht, which is considered to be the basis of the European Union (EU). Just as it was among the pioneers of EU integration, the Netherlands is also at the forefront of the techno-scientific development and operational business of forensic DNA technologies and DNA data exchange within the Prüm system.

Public and regulatory debates accompanying the development and implementation of forensic genetic technologies in the Netherlands have brought specific issues to the surface that suggest an entanglement of country-specific idiosyncrasies regarding the national cultural identity. Kešić and Duyvendak have reflected on the notion of 'nativism' in the Netherlands—'an intense opposition to an internal minority that is seen as a threat to the nation due to its "foreignness"' (Kešić & Duyvendak, 2019, p. 441)—and how it has combined with Islamophobia, racism and right-wing populism to produce an exclusionary character in recent political and public debates (Kešić & Duyvendak, 2019, p. 461). In this context, the rape and murder of Marianne Vaatstra has become a 'paradigmatic case' for understanding the materialization of race in public debates, media coverage, regulations and public understandings of forensic DNA technologies (M'charek et al., 2020, p. 2). Identifying the criminal suspect in the case led to a process in which a suspect population (asylum seekers of origin from Iraq and Afghanistan) was socially constructed on the basis of phenotypic differences but the offender was finally confirmed to be of Dutch origin (M'charek et al., 2020, p. 4). The Vaatstra case (described in more detail below) and its materialized forms of biological racism reveal an instance of cultural ideas of nationhood and belonging being translated into forensic genetic technologies.

#### National DNA Database Development

The Dutch DNA database was established under the responsibility of the Ministry of Justice and is, therefore, connected to the Office of the Public Prosecutor. The legislative framework of the Dutch DNA database is regulated by the Code of Criminal Proceedings and the Law on DNA Investigation in Criminal Proceedings (1994, 2001, 2003 and 2005) (Reed & Syndercombe-Court, 2016). The Dutch *legislative framework* is organized according to inquisitorial principles—like Germany and Portugal and to some degree Poland—by which forensic evidence is attached to a practice that puts trust in experts, legal professionals and institutes (Toom, 2010b, 2012b). According to this inquisitorial orientation, the Office of Public Prosecution leads the process of criminal investigation, makes the decision on whether to bring legal cases and suspects to court, and prosecutes. Judges actively search for truth during court proceedings and impose sanctions. In the process of drafting and passing laws for forensic DNA profiling, infringements of individual rights and more general legal principles were weighed against the gains of using forensic genetic technologies in the Dutch Parliament (Toom, 2010b, 2012b). In the late 1980s and early 1990s, DNA evidence could only be obtained with the consent of a suspect. In 1994, the Netherlands became the first country to introduce dedicated legislation for the use of forensic DNA to compare DNA profiles from a suspect and from a crime scene (M'charek et al., 2020; Toom, 2012a). The 1994 Forensic DNA Profiling Act (Staatsblad, 1993) rendered suspects of serious crimes (e.g. homicide and sex crimes) subject to mandatory body searches. The same law also set legal provisions for uploading and speculatively searching DNA profiles in a DNA database, determined the period for retention of DNA profiles, and established rules for the deletion of DNA profiles and destruction of reference samples (Koops & Schellekens, 2008; M'charek, 2008; Toom, 2010a, 2010b; M'charek, Toom, & Prainsack, 2012). Whereas the 1994 law restricted the use of DNA to capital crimes, such as rape and murder, a 2001 amendment extended the use of DNA profiling to allow individuals suspected of having committed volume crimes to be body-searched to obtain saliva for DNA profiling (M'charek, 2008). This change in the Dutch Forensic DNA legislation was the first step to moving from a restrictive stance to an expansive and extensive use of DNA databases.

The extensive mode of using forensic DNA databases and DNA analyses for the support of criminal investigation had important steps in the years that followed. Technological advancements in forensic genetics, along with high-profile criminal cases which had unprecedented media coverage and intense public attention, turned the Netherlands into a pioneer in the use of controversial technologies for supporting criminal investigation. One key example is forensic DNA phenotyping that makes it possible to infer some externally visible characteristics of an unknown individual from DNA analysis. In 2003, an amendment to the Dutch law introduced forensic DNA phenotyping. According to some commentators, this change in the Dutch Forensic DNA legislation added race to the features permitted to be determined, therefore widening the scope for forensic genetic technologies from identifying individuals to producing a population to be of interest to be targeted by criminal investigators (M'charek et al., 2020, p. 5).

Currently, the Dutch legislative framework allows DNA samples to be taken and stored in the database for the following categories: profiles of crime scene stains, profiles of suspects involved in a recordable offence4 and profiles of persons convicted of a recordable offence. Regarding crime scene stains, police officers are allowed to collect all crime scene DNA stains that possibly belong to a criminal offender. However, they are not authorized to order a DNA analysis of these DNA samples; that power belongs to the public prosecution officer or the judge-commissioner (Reed & Syndercombe-Court, 2016).

The expansive orientation of the Dutch Forensic DNA legislation is evident in several other aspects, such as the retention regime and the consent for obtaining a body DNA sample from a criminal suspect. Criminal suspects are offered (in writing) the opportunity to voluntarily provide a DNA sample. If the suspect refuses consent, a sample may be taken coercively provided there are serious indications of involvement in a recordable offence. Profiles from suspects may be entered in the database if the suspect is arrested in connection with an offence that can lead to provisional detention or if their inclusion is authorized by an investigating judge or prosecutor. Finally, if convicted individuals refuse consent, samples may also be taken coercively. In terms of retention and deletion criteria, samples from convicted offenders are retained indefinitely and samples of suspects who are acquitted must be destroyed as soon as is reasonably

<sup>4</sup>A recordable offence is an offence that in law carries a term of imprisonment.

practicable. Regarding profiles, unidentified crime scene stains are removed from the database, 10, 20 or 80 years from the date of entry. When suspects are acquitted, their DNA profiles are deleted once the public prosecution office has confirmed that the individual is no longer considered a suspect. Profiles of convicted persons are kept for 20, 30, 50 or 80 years, depending on the seriousness of the offence and the conviction (Reed & Syndercombe-Court, 2016, p. 67).

Regarding the *technical database infrastructure*, the Dutch DNA database is managed and overseen on behalf of the Minister of Justice by the Director of the Netherlands Forensic Institute (NFI).5 The database in the Netherlands uses CODIS (Combined DNA Index System), the IT system developed by the FBI (ENFSI, 2017).

In terms of *organizational imperatives and principles*, the NFI is externally audited annually for compliance with the Dutch Data Protection Law. Since 2006, the NFI has published an annual report on data relating to the number of profiles inserted in the DNA database, as well as the number of national and international matches (Netherlands Forensic Institute, 2018). These organizational imperatives reflect governance principles committed to notions of public accountability. However, according to Victor Toom (2010a), in contrast with countries like the UK, public discussions with regard to Dutch forensic DNA databasing and its practices have been largely lacking. The influence of organizations involved in policy development and governance (e.g. Dutch Data Protection Authority) is generally minor (Toom, 2012b).

In terms of the *development of DNA technology*, the Netherlands has a track record of 'innovation' regarding the regulation and practical application of genetic technologies for forensic purposes. New genetic technologies useful for criminal investigation (forensic DNA phenotyping, familial searching and mass screenings) have been authorized for use in police enquiries and have gained importance in criminal investigations in the country (Hopman, 2020; Hopman & M'charek, 2020; Jong & M'charek, 2017; M'charek, 2008; Toom, 2006, 2012a).

5The NFI conducts DNA research and manages the DNA databases of the Caribbean Netherlands (Bonaire, Sint Eustatius and Saba), Aruba, Curaçao and Sint Maarten. From 1 February 2018, it is legally permitted to compare the included single DNA profiles from the DNA databases from the Netherlands, Aruba, Curaçao, St Maarten and Bonaire, Sint Eustatius and Saba. More information available here: https://dnadatabank.forensischinstituut.nl/dna-databanken/dna-databanken-andere-koninkrijksdelen (last access 20 June 2020).

As mentioned earlier in this chapter, the Netherlands became the first country to regulate the use of genetically determined externally visible characteristics in criminal investigations (Staatsblad, 2003). At the time, such traits were sex and race. As pointed out by Victor Toom, '[t]he law was deliberately designed as "window-case legislation" to enable future physical traits to be included in the law, and to enable further genetic research for these purposes' (2012a, p. 162). In 2012 and 2017, additional traits were legalized, respectively, for eye and hair colour (Hopman, 2020). In 2012, new legislation permitted familial searching, that is, searching for relatives to whom an unknown suspect is allegedly genetically related through near matches between DNA profiles, in the national criminal DNA database (van Kooten, Kal, & Slooten, 2015). The examples of forensic DNA phenotyping and familial searching in the Dutch case illustrate the capacity of contemporary forensic genetics to render 'race' and 'family' as tools to produce leads to support criminal investigation (M'charek et al., 2020). The ethical and social implications of both forensic DNA phenotyping and familial searching are paramount (Granja & Machado, 2019; Granja, Machado, & Queirós, 2020).

One element that helps to explain, albeit partially, the innovative orientation of the trajectory of forensic genetic technologies in the Netherlands, and its connections with notions of national identity, is the criminal case of Marianne Vaatstra (briefly described above). In 1999, a girl named Marianne Vaatstra was found murdered in a rural area in the Netherlands. In the absence of a suspect, in 2000, the public prosecutor asked a Dutch forensic laboratory to infer the geographic descent of the unknown perpetrator from a DNA sample found at the crime scene. The inference of personal characteristics from DNA in the criminal justice process was unlawful in the Netherlands at that time. Based on a study of the DNA sample, the forensic laboratory suggested that the offender was most likely a man of North-Western European descent.

In 2007, Marianne's father, on the advice of an expert from a private forensic services company, pushed for familial searching. At the time, the use of this forensic genetic technique was not legally allowed in the Netherlands. However, familial searching technology was considered to be particularly suitable in the Vaatstra case. In 2012 a familial searching in the national DNA database commenced. When this did not provide any leads, a mass screening, in which 8080 men were asked to participate, was announced. During this mass screening, which took place in 2012, a full match was discovered (Jong & M'charek, 2017).

The case of the murder of Marianne Vaatstra was a milestone in the regulation of forensic DNA in the Netherlands. Not only did it play a crucial role in the development and implementation of forensic DNA phenotyping, familial searching and mass screenings but it also had an impact on public discourse and political debates about forensic genetic technologies (Jong & M'charek, 2017; M'charek et al., 2020). The Vaatstra murder became a high-profile case that spoke to national concerns, namely, societal concerns, about the vulnerability of citizens to senseless violence and a lack of safety at night. But the case also became linked to debates on national asylum policy because Marianne was murdered near a centre for asylum seekers. Due to the fact that asylum seekers were initially targeted as probable suspects by part of the local village population, the Vaatstra murder fuelled criticism of xenophobia and racism (Jong & M'charek, 2017).

#### Bordering Practices and Transnational DNA Data Exchange

The Netherlands was one of the countries, with Belgium, Germany, Spain, France, Luxembourg and Austria, which signed the Prüm Convention on 27 May 2005 agreeing to commence the exchange of data relating to DNA, fingerprints and vehicle registration plates. According to Victor Toom (2018, p. 15), in January 2007, England and the Netherlands began a pilot project outside the Prüm Convention to try to compare the DNA data held on their national databases. The authorities of the Netherlands posted a disk containing 2159 DNA profiles of unsolved crimes to the UK Crown Prosecution Service. These profiles were compared with the almost 4 million DNA profiles held in the national database in the UK and led to 45 potential matches. These matches underwent further testing, and consequently only five were considered to be a real match; the remaining matches were identified as false positive matches. After this initial test, the Netherlands started operating the Prüm system from its inception in 2008. Before the Dutch government ratified the Prüm Convention, it was discussed in both chambers of the Dutch Parliament in 2006 and 2007 (Toom, 2018).

In terms of *data border-crossings*, the Netherlands exchanges data pertaining to commonly exchanged categories, such as 'convicted individuals', 'suspects' and 'crime stains'. In addition, the Netherlands exchanges data on 'unidentified persons', 'unidentified human remains' and 'missing persons', which are among the less common categories to be identified (Council of the European Union, 2020).

In addition to being among the countries that exchange the most data categories, the Netherlands is also one of the most active countries in the Prüm system: it exchanges DNA data with most operational countries (the only exception is Ireland) (Council of the European Union, 2020). The transnational exchange of DNA data within Prüm had, on 1 March 2018, led to 12,323 matches between the Dutch database and the 23 other databases (Toom, 2018). The 2017 annual report on the Dutch DNA database reported that a total number of 12,040 international matches had been made between 2008 and 31 December 2017 (Netherlands Forensic Institute, 2018). Furthermore, the Netherlands has offered the most support to Member States within Prüm, providing practical guidance including evaluation visits to Member States just beginning to exchange DNA data transnationally; the Netherlands has supported six other Member States in this way, while Germany has supported four (Council of the European Union, 2020, pp. 15–19). Dutch experts were part of the supporting teams in Belgium, Denmark, Estonia, Greece, Sweden and UK (Council of the European Union, 2020). Thereby, expert and tacit knowledge about DNA databasing as well as operating transnational DNA data exchange spreads and shapes norms and practices of doing data exchange. The Netherlands—together with Germany—also took the lead in developing the technical framework of the Prüm system: Prüm's software was developed jointly by DNA and IT experts from the Bundeskriminalamt (BKA) in Germany, the Ministry of the Interior of Austria, and the Netherlands Forensic Institute.

The number of categories the Netherlands exchanges and the number of connections its database has with other countries' databases show how the country has been at the forefront of building and implementing the technical framework for Prüm in its most expansive form. Thus, in terms of *national legacies of DNA databases and DNA technologies*, the Netherlands—due to its extensive experience of DNA databasing and technologies—has performed a dominant and diffusive role in Prüm. Through the technical help it has actively given to other Member States implementing Prüm, it has also guided them towards the expansive mode of debordering.

Dutch forensic experts who have been actively involved in the Prüm system have also made considerable efforts to study and monitor cross-border DNA matches between the Netherlands and other operational Member States. The former Dutch custodian of the national DNA database, Kees van der Beek, was the leading DNA scientist and coordinator of the EU Working Party on Information Exchange and Data Protection (DAPIX), which handles work relating to the implementation of legislation and policies on the information exchange and protection of personal data in the field of law enforcement. DAPIX also cooperates closely with Europol, especially regarding the Information Management Strategy (IMS) on streamlining cross-border information exchange.

The dominance of the Netherlands in the Prüm system has also been strengthened by the involvement of Dutch forensic practitioners in certain empirical studies of the implementation, evaluation and strengthening of the structures for the exchange of DNA data in Prüm. One particular relevant example is the PIES (the Prüm Implementation, Evaluation and Strengthening of Forensic DNA Data Exchange) research project, which focused on the cases of Belgium, France, the Netherlands and the UK. The PIES project resulted in particularly relevant studies of cross-border matches between the Netherlands and other Prüm countries (Taverne & Broeders, 2015) and between the Netherlands and Belgium (Taverne & Broeders, 2016). One of these studies analysed data provided by the Dutch DNA database custodian for the year 2010 to record the drop-out of cross-border DNA matches. For the year 2010, a total of 2020 matches were found in Prüm Step 1 (the automated exchange of DNA profiles) for the Dutch database (Taverne & Broeders, 2015). Only 138 (6.8 per cent) of the matches resulted in a request for mutual legal assistance (Prüm Step 2), and those hits led to 37 (1.8 per cent) matches being used in a prosecution (see also Toom, 2018).

Among the *motifs and notions of nationhood* mobilized in complying with the Prüm system is the Netherlands' performance of the leading role in encouraging other countries to join the Prüm system and take advantage of the benefits of using the DNA profiles stored in the Dutch DNA database. The Netherlands' role in the development and diffusion of the Prüm system is fuelled by the impact of many success stories from the Prüm regime (Prainsack & Toom, 2010). One example of the Netherlands as the 'triumphant hero' in the transnational exchange of DNA data is the following story of a criminal case solved by the Prüm system, which is very popular among forensic practitioners who support its expansion:

On 21 May 2015, an elderly couple of 75 and 74 years were found at their home in Vienna. The Austrian police found the DNA of the alleged killer, but no matches in the national DNA database. However, under the Prüm system, a match was found in the Dutch DNA database with a 29-year-old man from Poland. Having the name of the person—Dariusz Pawel Kotwica—the Austrian authorities could start looking for him. The suspect was arrested on June 8 at the railway station of Düsseldorf, in Germany. After his extradition to Austria, Kotwica also confessed to a murder in Sweden, committed a few weeks earlier, and attempted murder in Salzburg. Under Prüm, several other EU countries started running the Polish forensic DNA database to see if it matched samples found at the scenes of unsolved crimes. The media reported that there was a strong suspicion that Kotwica had also committed serious crimes in the United Kingdom, Czech Republic, and the Netherlands. The media renamed the case as the 'Euro-ripper' case, and hurled headlines like 'Europe's first cross-continental serial killer'. (Machado & Granja, 2018)

Toom and colleagues have reported another case that put the Dutch forensic DNA database and its role in the Prüm system at the forefront (Toom, Granja, & Ludwig, 2019, p. 50):

On 22 March 2016, a bomb was detonated at Maalbeek station in Brussels, killing twenty people. In connection with the criminal investigation, automatic rifles were found in a house near Paris two days later. After reexamining the rifles in early 2018, biological traces were collected and DNA profiles were obtained. The profiles were uploaded to the French national DNA database and, on account of the Prüm Decisions, compared with DNA profiles held on national DNA databases connected to the Prüm system. The cross-border comparison led to matches with three individuals whose DNA profiles were held on the Dutch DNA database. The suspects were arrested in the Netherlands on 18 June 2018.

The tacit claim of these two criminal cases is that the removal of obstacles to the circulation of DNA data between countries created extraordinary opportunities for solving serious murders that might otherwise have remained unsolved. In this context, the matches found in the Dutch DNA database are presented as 'heroic' in the public sphere and among the inner circles of policy-makers and promoters of the Prüm system.

The Netherlands' mode of biobordering therefore sheds light into the *diffusive mode of debordering* as it reflects the Netherlands' role in assisting other Member States to set up the technologies and IT infrastructures needed to participate in forensic DNA data exchange. The Netherlands' diffusive mode of debordering is also expressed in the commitment to study and monitor cross-border DNA matches between the Netherlands and other operational Member States within Prüm. Furthermore, as one of the more active countries in the transnational exchange of DNA data, considering the speed of developing connections, number of connections established with other countries and number and type of data categories exchanged, the Netherlands is also considered as an example of an *expansive mode of debordering*. Diffusive debordering here, therefore, refers to the spread of expert and tacit knowledge about operating data exchange, spreading technology standards, monitoring practices as a form of control mechanism and leading by example.

#### References


body parts. *Genomics, Society and Policy, 2*(3), 64–74. https://doi. org/10.1186/1746-5354-2-3-64


**Open Access** This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/ by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence and indicate if changes were made.

The images or other third party material in this chapter are included in the chapter's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.

# Poland

**Abstract** Poland established its DNA database in 2007 and joined the Prüm system in 2013. In comparison to the other countries in the European Union, the Polish DNA database is small. The facilitation of international DNA data exchange was considered as fundamental to Poland's project to technologically modernize, integrate into Europe and incorporate international crime control standards. Furthermore, the country has demonstrated openness to those new and emergent forensic DNA technologies that have been critically assessed and strictly regulated in other countries. Poland is among Prüm's most proactive members and is a country ambitious to *catch up with a circumscribed expansive mode of debordering*. This proactivity is manifested in the range of bilateral data exchange connections Poland has made with other Member States and in the data categories it makes available. Poland's commitment to expansive debordering dynamics goes hand in hand with the EU's agenda of integrating security policies.

**Keywords** Poland • DNA database • Data exchange • Debordering • Prüm

#### Introduction

Poland established its DNA database in 2007. According to the European Network of Forensic Science Institutes (ENFSI), in June 2016, the Polish database had 45,679 profiles of individuals in its DNA database. This accounts for 0.12 per cent of the resident population of 38,200,000. In comparison to the other countries in the European Union, the Polish DNA database is small, although it is comparable to Portugal's, which holds profiles of 0.09 per cent of the resident population (Reed & Syndercombe-Court, 2016).

From the beginning, forensic DNA data exchange was considered as fundamental to Poland's project to technologically modernize, integrate into Europe and catch up with international crime control standards. The prominence of migration flows from Poland (and some other East European countries) to other European countries and assumptions about the role of Polish criminal networks have shaped the imaginations of security professionals engaged in EU transnational police and judiciary cooperation. These views about Polish criminals have also influenced EU Member States' interest in connecting with Poland within the Prüm system to control cross-border criminality in the EU (Machado, Granja, & Amelung, 2020).

Among the five national cases presented in this book, Poland is the last to have joined the EU. While the others joined between 1958 and 1986, Poland joined in 2004. Poland's trajectory thus poses a particularly interesting scenario with which to understand modes of (dis)integration in Europe through the study of bioborders. Poland joined the Prüm system in 2013. According to the latest DAPIX report, Poland exchanges DNA data with 22 countries and is, therefore, one of Prüm's most proactive members (Council of the European Union, 2020). Beyond that, Poland exchanges a broad range of DNA data categories, including data related to 'unidentified persons', 'unidentified human remains' and 'missing persons', which are among the less common categories identified (Council of the European Union, 2020). In this context, Poland represents a country ambitious to *catch up with an expansive mode of debordering*.

As Ryan (2016, p. 308) has emphasized, Poland has a 'chequered history' that has influenced its legal and criminal justice cultures. From 1795 to 1918, its history was characterized predominantly by occupation and control by foreign powers, as it was divided between the Russian, Prussian and Austrian Empires. Independence followed in 1918. However, after the Second World War and up to the fall of the communist regime in 1989, Poland was again under the control of Soviet Russia. The primacy of politics over law in the Stalinist period affected Poland's public life as part of its 'Sovietization'. The criminal justice system was instrumentalized to ensure conformity with the norms and rules of the Communist Party, and this had effects that have lasted until today (Ryan, 2016, p. 310).

Poland's transition towards being a democratic, capitalist society, and the absence of many welfare guarantees, such as for housing or work, which had been ensured by the communist regime, had an impact on rates of criminality in the country. In particular, petty crime increased after the fall of communism (Ryan, 2016, p. 311). After analysing data on criminal cases presented by the Ministry of Justice, Bulenda, Gruszczynska, Kremplewski and Sobota (2006) record that, between 1993 and 2002, the number of cases filed annually with the public prosecution service increased by 64 per cent (from 1,033,893 to 1,644,763). However, after a peak in the early 2000s, the crime rate decreased again to the end of the first decade of the new millennium. Harsher crime policies were the government's response to the crime statistics and to the growing public fear of crime at that time. These developments coincided with the harmonization of law to prepare and comply with the requirements for entry into the EU (Buczkowski, 2016).

A particularity of the Polish context is a project of nationhood linked to the humanitarian use of DNA technologies in the investigation of missing person cases as a way to heal and overcome the collective traumas of the past (Granja & Machado, 2019). DNA technologies are, on the one hand, applied to overcome painful and traumatizing periods in Polish history and to give visibility, dignity and respect to victims of oppression and their relatives. On the other hand, it is used, with great media visibility, to identify missing persons in the present, as Poland has an additional DNA database dedicated to civil identification purposes.

#### National DNA Database Development

In 2007, the Polish DNA database was created as a direct consequence of the Council of Europe's Rec(92)1 of 10 February 1992 on the use of DNA analysis within the framework of the criminal justice system and the European Union Resolution of 9 June 1997 (97/C193/02) 56 (Sándor, Sliwka, & Bárd, 2009, p. 20), which asked Member States to consider the possibility of creating national genetic databanks. It took a decade to set up the legal conditions and get the first national DNA database started as a technical infrastructure.1

The *legislative framework* of the forensic DNA database needs to be understood in the context of Poland's legal system. Since 1989, the criminal procedure system in post-communist Poland has been described by commentators as a mixed system that combines elements of inquisitorial practices shaped by its socialist past and adversarial practices deriving from recent reforms of the Code of Criminal Procedure (Ryan, 2016, pp. 308–311). Wilson (2016, p. 321) has concluded that 'these changes culminated in July 2015 with a switch to a more adversarial approach that appears to have created significant challenges for prosecutors, the police and the forensic science community'. However, in parallel, Ryan (2016, p. 322) concludes that although the forces of the EU Area of Freedom, Security and Justice, on the one hand, and the European Court of Human Rights, on the other hand, bring Europe's criminal procedural traditions (including Poland's) closer together, 'the criminal procedure appears to depend very much on which political party holds the political power', and recent politics are taken as a signal of a return to socialism in Poland.

Poland's forensic DNA database is regulated by the Police Act, the Code of Penal Proceedings and the Data Protection Act.2 The Police Act was amended several times as it established the legal framework to regulate the conditions for the DNA database over time. In 2001, a substantial amendment provided the initial legal basis for the establishment of a DNA database. In 2004, another modification clarified that it was one of the police's main tasks to run a database that includes DNA-related information. Yet, the Polish Ombudsman, an oversight body that ensures that legislation conforms with the constitution and, in particular, with human rights, had various concerns regarding some of the amendments at that time. In consequence, they were subject to Constitutional Tribunal scrutiny. The main concerns were related to the seemingly insufficient clarification of conditions for gathering DNA data and the absence of regulations for data removals in cases where suspects were acquitted or proceedings terminated. In 2005, the Constitutional Tribunal confirmed that the retention criteria were insufficiently clear. However, regarding the

<sup>1</sup> http://clkp.policja.pl/cfl/cflp/history/90497,History-of-CFLP.html

<sup>2</sup> http://clkp.policja.pl/cfl/cflp/structure/biology-department/90076,DNA-Database-Unit.html

data removal criteria after acquittal, the Tribunal approved the existing legislation and did not note any infringement. It argued that 'under certain circumstances gathering data on acquitted persons might be appropriate given that such data is not of a sensitive nature' (Sándor et al., 2009, p. 20). In the following amendment to the Police Act, in 2006, it was settled in Article 20 Section (2a) that, while carrying out their statutory duties, the police could gather, process and use DNA data (including personal data) without the individual's knowledge or consent if they were 'suspected of committing a crime that is prosecuted upon public accusation, a minor who committed unlawful acts prosecuted upon public accusation, of unidentified personality or tries to disguise his or her personality, [or] fugitive' (Sándor et al., 2009, p. 21). Yet, data cannot be obtained if there is no detection, evidence or identification purpose to an investigation procedure. In addition, the Code of Penal Proceedings defines that the national DNA database stores and processes DNA profiles for the following criteria:

of individuals as laid out in Articles 74 and 192a of the code of penal proceeding, i.e. accused, charged, suspects and other persons, in relation to whom there were no premises for removal from case files and destruction of evidential material collected from these persons; of unknown individuals or persons trying to conceal their identity; of unknown dead corpses; of unknown stains collected at crime scenes, whose origin cannot be attributed to a particular person.3

If a suspect individual does not give consent for a DNA sample to be taken, an order for compulsory collection can be issued by a court (Reed & Syndercombe-Court, 2016, p. 70).

Poland's data protection regime is defined by the Act on the Protection of Personal Data of 1997 (Dz. U. 1997 Nr 133 poz. 883 with later amendments), which is applicable to forensic databases and the collection of genetic information in Poland for investigative purposes. Personal data can only be collected and stored if it is exclusively of non-coding regions of the DNA (Sándor et al., 2009, p. 21). Every ten years, police bodies are required to verify all collected and stored information and remove obsolete data. Personal data that discloses 'the race or ethnicity, political views, religious or philosophical attitudes, religion, party or trade union

<sup>3</sup> http://clkp.policja.pl/cfl/cflp/history/90497,History-of-CFLP.html

membership, data about health, addictions or sexual relations of persons suspected of a crime prosecuted by a public prosecutor that have not been convicted for those crimes, shall be destroyed promptly after a relevant ruling takes effect' (Sándor et al., 2009, p. 24). The removal of data must be witnessed by a committee, and a report must evidence the process. The retention periods for DNA data are 20 year or 35 years for data related to suspects and those prosecuted or sentenced in connection with a crime (ibid.).

As noted above, in 2013 and 2015, major amendments to the Code of Criminal Procedure shifted the criminal justice system towards a more adversarial approach. The amendments have also had an impact on the collection and use of forensic biometric data, including its uploading to the national database. Further new legislation—the Act on Proceedings against Persons with Mental Disorders—that involves forensic biometrics and deals with unidentified bodies and persons who attempt to conceal their identity might 'also have placed extra demands on forensic database management and staff during the Prüm implementation period' (Wilson, 2016, p. 321).

The *technical database infrastructure* of the national DNA database is operated by the Biology Department of the Central Forensic Laboratory of the Police (CFLP), which is the custodian of the DNA database as well as of other biometric databases. As one of the main providers of forensic services in Poland, CFLP is responsible for casework, provision of technical and forensic resources, but it is also involved in forensic science research (Sándor et al., 2009, p. 19). CFLP participates in the development of the research methodologies, procedures and standards to be used during criminal investigation.4 Two groups are in charge of operations: one is responsible for profiling DNA from evidential material, and the other is responsible for profiling samples from persons and introducing them into the national database. Regional forensic laboratories provide information on profiles developed from crime stains that are added to the central database.

The IT system used in Poland is CODIS (Combined DNA Index System).5 The support provided by the FBI for CODIS, which includes the provision of a helpdesk, is among the reasons why 22 Member States

<sup>4</sup> http://clkp.policja.pl/cfl/cflp/history/90497,History-of-CFLP.html

<sup>5</sup> http://clkp.policja.pl/cfl/cflp/structure/biology-department/90076,DNA-Database-Unit.html

have chosen to use the system for the collection and search of DNA profiles. Thus, the software has led to some standardization across national systems (Council of the European Union, 2020).

Regarding the *organizational imperatives and principles* that shape how the national DNA database is managed, Poland's trajectory has been shaped by its history. Since the fall of the communist regime in 1989, exchanging knowledge with foreign law enforcement agencies has become one of the mechanisms contributing to police training directed towards modernization. Part of this process has been a drive for the internationalization of policies, including international collaboration with Interpol and Europol and involvement in other external programmes (e.g. EULEX, Leonardo da Vinci and NEXUS) (Karolewski & Benedikter, 2017). It is also worth mentioning that, in 2008, the Polish police received access to Interpol's DNA database through the International DNA Gateway portal (Sándor et al., 2009). Karolewski and Benedikter (2017) understand these endeavours as giving Polish officers the opportunity to participate in various undertakings that have allowed them to compare, contrast and exchange experiences. In the context of forensic genetics at the European level, the Central Forensic Laboratory of the Police (CFLP) has been a member of ENFSI since 1995.

The *Implementation of Prüm Decisions. Preparations of the joint police operations in Estonia, Latvia, Lithuania and Poland* project is a further example of Poland's proactive approach to training police officers. It was led by the Lithuanian Police, funded by the EU, Estonia, Latvia, Lithuania and Poland, began in 2011 and ran until 2013.6 According to Karolewski and Benedikter (2017), police training in Poland provides a mechanism for the professionalization of the police that responds to international risks and follows worldwide training standards. The regional collaboration, including the collaboration with Nordic and other East European countries, is not only of interest for its part in police training, it was also of use in intensifying the flow of police information where the flow of risky people is suspected to be of higher volume.

The *development of DNA technology* in Poland has been influenced by an experimental and wide use of DNA technology in the criminal justice system. Its development is oriented towards highlighting the country's openness to innovation and its modernity. This openness extends even to

<sup>6</sup>Further information about the project can be found in the project description: https:// www.statewatch.org/news/2013/oct/ee-lv-lt-pl-prum-jpos.pdf

those new and emergent technologies that have been critically assessed and strictly regulated in other countries.

Among those critically assessed technologies are familial searching and forensic DNA phenotyping. Familial searching allows for the analysis of kinship relations based on an individual DNA profile. Poland was one of the earliest countries in Europe to use Y-STR profiles, which can be analysed in order to assess the familial connections of male profiles. The technology was used as early as 2000, when it was used in the elimination process of a mass screening in the case of a serial rapist and murderer known as the 'Vampire from Ś winoujście' in Northern Poland (Dettlaff-Kakol & Pawlowski, 2002). The case received special media attention because about 11,000 men were screened. One of them showed an identical profile in all Y-STR loci, e.g. a short tandem repeat (STR) on the Y-chromosome, with the DNA profile of the unknown suspect drawn from crime scene samples; this suggested that the rapist and the typed volunteer were closely related males. The volunteer's brother turned out to be the person with an identical profile of the person which had been found at the crime scene and was convicted.

Forensic DNA phenotyping (FDP) is a set of techniques that aims to use biological material to infer the externally visible characteristics—such as eye, hair and skin colour—and continent-based biogeographical ancestry, that is, what larger genetic population(s) they belong to, of an unknown person. Outside Poland, the ethical and social implications of FDP are regarded ambiguously (Wienroth, 2018a, 2018b). Inside Poland, however, ambiguous legal regulation of FDP means that its techniques have been put into practice (Samuel & Prainsack, 2018, p. 44).

As mentioned, according to legal rules in Poland, only data concerning the non-coding part of the DNA can be gathered and processed. Data regarding the coding part of DNA cannot be gathered or processed by the police. A recent regulation (No. 26 from the Commander in Chief of the Police, dated 10 July 2017 and published in the Official Journal of the Main Police Headquarters, item 48 (Appendix A.3.2)) defined the process for managing the DNA database and information about the results of DNA analysis. Interpreting the document, Samuel and Prainsack (2018, p. 45) suggest that the findings of forensic DNA analyses that derive from the context of storing short tandem repeat (STR)7 profiles in the national DNA database are regulated, but not what types of DNA analyses may be

<sup>7</sup> STR analysis is a common method of molecular biology to compare DNA from two or more samples.

performed. Their interpretation continues by assuming that non-coding regions of DNA may be analysed and stored as forensic DNA profiles, while coding region can be at least analysed but not stored (Samuel & Prainsack, 2018, pp. 41–45). Consequently, FDP is used in Poland for determining potential biogeographical ancestry, age and appearance (Samuel & Prainsack, 2018).

Advocating the normalization of analysis of the coding area and the establishment of new forensic genetic technologies, leading Polish forensic geneticists have argued in favour of expert training:

It also seems that the potential of the national DNA database in Poland has not been fully developed, and it is necessary to implement an appropriate information policy in order to improve it. Novel methods that can be applied at the level of investigation include analysis of biogeographic ancestry, prediction of visible traits, and estimation of human chronological age. Moreover, next-generation sequencing has a potential to entirely replace capillary electrophoresis in forensic genetics. Further works are necessary to ensure a proper implementation of uniform standards of data interpretation and evaluation of DNA evidence in forensic genetics. In order to maintain proper standards of forensic DNA assessment, continuous training of DNA experts and appropriate information policy for recipients of DNA assessments are required. (Branicki, Pośpiech, Kupiec, & Styrna, 2014)

The argument for further training and broader knowledge production accords with a tendency towards further professionalization that can be observed in the general organizational imperatives and principles of the criminal justice system since the fall of the communist regime in Poland in 1989.

The Polish case is marked by its iconic use of forensic genetic technologies to identify missing persons, particularly victims of the totalitarian occupations Poland has experienced (Ossowski et al., 2016a, 2016b, 2017). DNA technologies have been also used increasingly by forensic geneticists to provide evidence about mass graves from the Second World War and Nazi occupation of Poland, when almost 3 million people were killed; from the Soviet occupation, when 570,000 people died; and from the communist terror of 1944–1956, when more than 50,000 people died. Thus, in Poland, DNA technology has become closely connected with historical reprocessing and overcoming historical trauma (Granja & Machado, 2019). In 2012 forensic scientists from the Pomeranian Medical University in Szczecin, in cooperation with historians from the Institute of National Remembrance (Commission for the Prosecution of Crimes against the Polish Nation), created the Polish Genetic Database of Victims of Totalitarianism with the aim of identifying all those who went missing or were killed between 1939 and 1956. The forensic genetic technique used to identify the victims is a variation of familial searching. Together with other technologies and strategies—such as dental records, x-rays and photographic comparisons—the procedures use DNA to match unidentified bodies and/or persons with individuals thought to be their biological relatives.

Poland is also concerned with identifying human remains and finding missing persons from the present (Granja & Machado, 2019). To this end, a dedicated DNA database of missing persons and their families has been established by the Centre for the Search of Missing Persons, which evolved from a collaboration between the police and a civil society foundation and has received relatively high media attention (TVP, 2015). Identifying familial relationships with the help of DNA technology has been key to its efforts.

#### Bordering Practices and Ordering Transnational DNA Data Exchange

Poland prepared the path for DNA data exchange and conformity with the Prüm Decisions from 2005. Its readiness for DNA data exchange was assessed in October 2012, and, shortly after, in January 2013, Poland began to exchange data on a routine basis. The country is among the most proactive Member States and has established connections with 22 other countries (Council of the European Union, 2020, p. 21). Poland represents a country ambitious to catch up with an expansive mode of debordering.

Poland exchanges a higher number of *data categories* than many other Member States, but does not only allow access to data on 'suspects' and 'crime stains', which are the most common categories exchanged. It does, however, exchange data on 'unidentified persons', 'unidentified human remains' and 'missing persons', which are among the less common categories to be identified (Council of the European Union, 2020, p. 22). According to the ENFSI, Poland is among the EU Member States that include data on missing persons in their criminal databases (ENFSI, 2017, p. 59). In Portugal, there is one forensic DNA database. It serves both criminal investigation and civil identification purposes. However, there are separate files for criminal investigation purposes and for missing persons (see Chap. 7). The other countries in our study—Germany, the Netherlands and the UK—store data on missing persons in databases separate from their criminal DNA databases.

The specific *national legacies of DNA databases and DNA technologies* in Poland rely, in particular, on the securitization of the nation-state through internationalization. As Baylis and Matczak (2019) suggest, the Polish police continues to be the subject of transformation. They argue that the transformation of Poland's police organizations consists of many layers that aim to shift them from the repressive orientations shaped before 1989 to orientations that are sensitive to human rights through internationalization and Westernization.

Baylis and Matczak (2019) argue that, while structural changes in the police are easy to achieve, changes in values and attitudes are more difficult to achieve but have been targeted by training in Poland. Thus, it can be assumed that the international police collaboration strengthened through the Prüm Decisions should be understood through the rationale of internationalization and professionalization. Thus, the Prüm system per se is seen to come with the promise of support for more effective crime control through internationalized and professionalized police collaboration, which in turn is used to increase acceptance of the mechanisms of Prüm in times of transnationally organized crime and the criminalization of migration.

Regarding the *motifs of Member States complying with* the Prüm regime, it should by now be obvious that Poland fully supported the implementation of Prüm and was ambitious and quick in realizing its integration into the system in order to catch up with Central European and Nordic EU Member States. Yet, another motif that marked its swift integration into Prüm was that Polish offenders are considered to be overrepresented in comparison with other nationalities of foreign criminals in several EU Member States (Ludwig & Johnson, 2016). Assumptions about the role of Polish criminal networks frame the discourse of professionals operating the Prüm system about the importance of joining collective efforts to control cross-border criminality in the EU (Machado et al., 2020) and help explain the interest of other Member States in data exchange with Poland. At the same time, however, Polish agents also reproduce the idea that Poland 'exports' criminals.

In terms of *hidden (dis)integration*, it could be argued that technically, scientifically and in terms of organizational matters, Poland's debordering approach has led to some integration and harmonization, thus contributing to the more hidden techno-scientific forms of integration. From the start of the DNA database, issues of standardization and the facilitation of international DNA data exchange were considered as fundamental to Poland's project to catch up with international crime control standards.

Poland has passed a couple of laws reforming its judicial and criminal justice system, including its police law of 2016, which have been investigated by the EU to assess whether they conform with EU democratic standards regarding the rule of law and human rights (European Commission, 2016). What seems to have created tension is Poland's current tendency towards securitization and surveillance beyond that sanctioned by EU standards. The reform of the police law in 2016 expanded the Polish police's powers by allowing law enforcement agencies much broader surveillance measures over the population (Karolewski & Benedikter, 2017). Some civil society stakeholders in Poland are also questioning the free border-crossing and debordering dynamics of the country (Limone, 2017). In this context, it is important to acknowledge the tensions between the EU and Poland regarding the latter's status as a democratic and constitutional state on the one hand. On the other hand, however, Poland's commitment to expansive debordering dynamics, enabling free data flow within the EU, conforms with the EU's agenda of integrating security policies.

#### References


ents. *Archiwum Medycyny Sa*̧*dowej i Kryminologii, 64*(3), 175–194. Retrieved from http://www.ncbi.nlm.nih.gov/pubmed/25693175


**Open Access** This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/ by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence and indicate if changes were made.

The images or other third party material in this chapter are included in the chapter's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.

# Portugal

**Abstract** The Portuguese DNA database was established in 2008 and is one of the smallest DNA databases in the EU. Portugal has one of the most restrictive regulatory frameworks in the EU in relation to the criteria for the entry and deletion of DNA profiles. The country started connecting with the Prüm system's genetic data exchange in 2015. In terms of bordering practices, Portugal serves as an example of *latent rebordering dynamics*. This is because the requirements of the EU regulations regarding Prüm have been fully implemented in Portugal in terms of technoscientific and operational infrastructures, yet Portugal simultaneously severely restricts access to biometric data. This situation derives from particularities of Portugal's national policy regulations on data protection and its judicial traditions as well as regulations on ethical oversight.

**Keywords** Portugal • DNA database • Data exchange • Rebordering • Prüm

#### Introduction

Portugal established its forensic DNA database in 2008 by Law 5/2008 of 12 February. The Portuguese database has one of the most restrictive regulatory frameworks in Europe with regard to the criteria for the entry and deletion of DNA profiles (Santos, Machado, & Silva, 2013). According to the European Network of Forensic Science Institutes (ENFSI), in June

© The Author(s) 2021 105 N. Amelung et al., *Modes of Bio-Bordering*, https://doi.org/10.1007/978-981-15-8183-0\_7

2016, the database had 5339 profiles from individuals, which represented just 0.05 per cent of the resident population in Portugal.1 More recent data shows that, on 31 December 2019, the database contained 10,270 profiles from individuals convicted of a crime, which represents 0.1 per cent of the population (of 10,257,9342).3 This situates Portugal as one of the European countries with the smallest DNA databases and comparable to Poland.

In 2015, Portugal started connecting with the Prüm system's DNA data exchange. Portugal's integration into Prüm was characterized by the full enforcement of the requirements of the European Union (EU) regulations and speedy implementation. One indicator for integration is that, since 2015, Portugal has established connections with 19 countries (Council of the European Union, 2020). However, Portugal has severely restricted the number of data categories available for exchange: it only exchanges data pertaining to convicted individuals and crime scene samples (Brito et al., 2019; Council of the European Union, 2020), making it one of the countries that exchange the least data categories among all operational countries, together with Greece (Council of the European Union, 2020). The Portuguese bioborders regime is thus addressed as an example of *latent rebordering dynamics*.

Portugal's historical and cultural specificities also make the country a particularly interesting case through which to address the dynamics of bioborders. Portuguese history is heavily marked by a long period of political dictatorship in the twentieth century (1926–1974), characterized by political and police repression and censorship (Durão, 2008; Pimentel, 2007; Ribeiro, 1995), which left an indelible mark on society and particularly on Portugal's legal and criminal justice culture. For example, the police forces were perceived in the collective imagination as strongly linked to the authoritarianism of the dictatorship period (Durão, 2008). According to Machado and Prainsack (2012), this cultural mark of dictatorship and lack of trust in Portugal's police forces had a profound impact on the development of the national DNA database in Portugal: for

1As the ENFSI report is to our knowledge the latest statistic which provides comparable information across countries, we refer to it to situate Portugal in comparison to the other country cases in this study. Data available at http://enfsi.eu/wp-content/uploads/2017/01/ ENFSI-Survey-on-DNA-Databases-in-Europe-June-2016.pdf (last access on 23 June 2020).

2Data available here: https://www.pordata.pt/Portugal (last access on 23 June 2020).

3Data available here: https://www.cfbdadosadn.pt/pt/bdpadn/sobreabd/Paginas/ ConteudoFicheiros.aspx (last access on 23 June 2020).

example, it explains why the custody of the DNA database is in the hands of the National Institute of Legal Medicine and Forensic Sciences and not in the hands of the police (see also Frois & Machado, 2016; Machado & Frois, 2014).

After the democratic revolution of 1974, the Portuguese state began to focus on investing on modernization and progress. According to Frois and Machado, '[i]n Portugal, the ideal of modernity and the fight against backwardness is so deeply rooted that it has been assimilated into a kind of official rhetoric, to the point where we could almost say it has become a national trait, readily identified by the Portuguese as a defining feature of the national character' (Frois & Machado, 2016, p. 396). Within this trajectory, forensic DNA technology has emerged as a symbol of the modernization and progress that has increasingly become introduced in most areas of state activity, including criminal investigation, as a way to emulate the models of other European countries (Machado & Frois, 2014).

The political project of modernization of criminal investigation through technology—including by establishing a national DNA database (Machado & Silva, 2010)—is nevertheless influenced by Portugal's cultural particularities, which are marked by scarce economic resources, low criminality rates and low levels of public confidence in the state, the police and the criminal justice system (Transparency International, 2019). We, therefore, consider Portugal's development of its DNA database and involvement in transnational DNA data exchange to be embedded in a particular project of nationhood that is linked to the aspiration to modernize through technology. This project is, nevertheless, challenged by cultural ambiguities: on one side, the judiciary powers want to 'modernize' the criminal justice system by resorting to forensic DNA technologies; on the other, judges and public prosecutors are orientated to implementing a highly protective regime that aims to safeguard the rights of citizens from potential abuses by the police forces (Amelung & Machado, 2019; Machado & Silva, 2010).

#### National DNA Database Development

Portugal established its national forensic DNA database in 2008 with the aim of assisting both civil identification and criminal investigation. The initial proposal put forward by the Portuguese government included the establishment of a universal database of Portugal's entire population (Machado & Silva, 2010, p. 218). However, several factors led to the abandonment of this initiative. According to the study conducted by Helena Machado and Susana Silva, three main factors conditioned the creation of a universal DNA database in Portugal: (i) the practice was not in line with the decisions and practices of most European countries, which restrict national DNA databases to populations with some type of involvement with the criminal justice system; (ii) the incidence of serious crime in Portugal is relatively low when compared to other countries; (iii) in a country with limited economic resources, the establishment of a national DNA database would require a massive economic investment (Machado & Silva, 2010, p. 218). Moreover, despite the initial desire to establish an expansive DNA database, the *legislative framework* of the Portuguese forensic DNA database turned out to be one of the most restrictive in Europe in terms of data inclusion and information preservation (Machado & Silva, 2010; Santos et al., 2013). The regulations and legislative frameworks determining the collection, use and retention of particular DNA data in Portugal can be understood as derived from a particularly protective regime in terms of personal data and genetic privacy (Amelung & Machado, 2019; Machado & Silva, 2010).

The legislative framework in Portugal is also characterized by its inquisitorial orientation, in which judges play a prominent and active role in the examination process and the imposing of rules of evidence and court procedures. This orientation is reflected in the Portuguese DNA database: the inclusion of profiles in the DNA database requires a judge's order. Several criminal justice stakeholders see this dependence on judges as an obstacle to criminal investigation and the expansion and enhanced efficacy of the DNA database (Machado, 2016): first, because some judges do not order the insertion of profiles into the database (Frois & Machado, 2016) and, second, because the legislation has established circumscribed criteria concerning the paths of communication between the entity that manages the database—National Institute of Legal Medicine and Forensic Sciences (*Instituto Nacional de Medicina Legal e Ciências Forenses* [INMLCF]) the judges and the police forces. More particularly, judges have the power to decide if and how information should be transmitted to the police. According to the police, this has created several challenges in criminal investigation and compromises the efficacy of the DNA database (Costa, 2014; Machado & Costa, 2013; Santos, Costa, & Machado, 2012).

In 2013 and 2017, the law was altered in an attempt to overcome the challenges posed by the 2008 legislation on the Portuguese forensic DNA database and with the aim of expanding database usage and size (Laws 40/2013 and 90/2017). There were three significant changes. First, changes to the law introduced the possibility of creating samples from official suspects (*arguidos*4) and inserting them into the national DNA database files. Second, amendments also allowed the Laboratory of Judiciary Police to insert profiles obtained from samples collected from crime scenes; previously, only the INMLCF could insert such samples. Third, the 2017 law also simplified the procedure for inserting profiles into the database. Previously, two judgements were required from a judge: the first to request sample collection for DNA profiling and the second to request insertion into the database. Nowadays, the judge's requests for sample collection and insertion of DNA profiles are made simultaneously. This easing of the inclusion criteria might, at least partially, explain why the Portuguese DNA database, one of the smallest in the EU, has grown disproportionally quickly over the last few years: between 2010 and 2016, 8139 profiles had been inserted into the database; between 2017 and 2018, the number grew to 11,774 profiles.

Currently, the Portuguese DNA database includes eight types of files (Brito et al., 2019): (i) profiles obtained from samples for civil identification purposes; (ii) reference profiles for missing people and (iii) their relatives; (iv) profiles obtained from samples collected from crime scenes; (v) profiles from professionals who collect and analyse samples for elimination purposes; (vi) profiles from offenders convicted to a prison sentence of three years or more for committing an intentional crime; (vii) samples of official suspects (*arguidos*) in criminal proceedings for intentional crimes carrying a prison penalty of three years or more; (viii) and profiles from volunteers (see Machado & Silva, 2009, 2016). In the context of the Portuguese legislation, a volunteer is a citizen who agrees to have his/her DNA profile included in the national database on their own initiative that is, without being approached by an agent of the justice system—and on the basis of free and informed consent. According to Machado and Silva:

A request by a volunteer for their DNA profile to be included in the database may symbolically signify maximization of choice and a sense of

4According to Article 57 of the Código de Processo Penal (Code of Criminal Procedure 2007), *arguido* is the status of an individual who is under criminal investigation or who has been formally accused. Article 58 states that a person may be made an *arguido* based on a justifiable suspicion of a crime. *Arguido* status is designed to provide individuals with certain rights, such as knowing the details of charges, together with obligations that may range from a simple statement of identity and residence to detention on remand (Machado & Prainsack, 2012, p. 39).

individual responsibility toward maintaining social order. In addition, the genetic profile of the volunteer is received by the state as a voluntary gift and as the citizen's contribution toward expanding a database designed to fight crime and ensure public peace and security. (Machado & Silva, 2016, p. 329)

The number of volunteers in the national DNA database remains significantly low: by 31 December 2019, there were solely six profiles of volunteers in the database.5

With regard to the deletion of information, the legislative framework of the Portuguese forensic DNA database does not allow the indefinite retention of DNA profiles and personal information in the database. All data, including both the DNA sample and the DNA profile, has deadlines by which it must be eliminated and/or destroyed (Wallace, Jackson, Gruber, & Thibedeau, 2014). More particularly, non-identified profiles must be deleted 20 years after they were inserted (N.° 2, Article 26, Law 90/2017). The data of convicted individuals is removed from the database five, seven or ten years after they have served their sentence, according to whether its duration was less than five years, between five and eight years or more than eight years, respectively (N.° 3, Article 26, Law 90/2017).

Regarding the *technical database infrastructure*, the National Institute of Legal Medicine and Forensic Sciences (INMLCF) is responsible for the database and operations that apply to it. The INMLCF is a public institution under the supervision of the Ministry of Justice. It is responsible for cooperating with the courts, the public prosecution service and the police forces, along with other services and entities that intervene in the administration of the justice system. The INMLCF performs forensic examinations and provides specialized technical and laboratory support.

The competent entities for the analysis of biological samples in order to obtain DNA profiles are the Forensic Genetic Laboratories of the INMLCF and the Scientific Police Laboratory of the Judicial Police. These analyses can only be carried out by other laboratories if they are authorized to do so by the Ministry of Justice and the ministry supervising them (Brito et al., 2019). The Portuguese DNA database uses CODIS (Combined DNA Index System), an IT system developed by the FBI.

The scientific standards adopted in the Portuguese forensic DNA database are meant to be solely restricted to the coding region of the DNA and

<sup>5</sup>Data available here: https://www.cfbdadosadn.pt/pt/bdpadn/sobreabd/Paginas/ ConteudoFicheiros.aspx (last access on 23 June 2020).

to be in line with international standards, which include the ISO 17025 laboratory standards and the scientific standards of European forensic genetics (the selection of genetic markers conforms with the European Standard Set). Regarding the procedural process of defining DNA markers, the law governing the Portuguese DNA database defines that DNA markers must be defined in accordance with international standards and scientific knowledge, but also in consultation with the National Commission of Data Protection, thereby giving precedence to respect for and protection of genetic privacy. The National Commission of Data Protection is an independent administrative entity that works with the Portuguese Assembly of the Republic. Its general purpose is to control and supervise the processing of personal data in strict accordance with the human rights and guarantees prescribed in the constitution and the law. The DNA markers to be incorporated into the file of DNA profiles are fixed after consultation with the National Commission of Data Protection by joint order of the members of the government responsible for the areas of justice and health and in accordance with international standards and scientific knowledge on the matter.

In terms of *organizational imperatives and principles*, the 2008 law also defined that the INMLCF, responsible for the activities carried out within the framework of database management and maintenance, must be overseen by an independent entity created for that purpose: the Supervisory Board for the DNA Database (*Conselho de Fiscalização da Base de Dados de Perfis de ADN*). The Board is responsible for providing information in the form of publicly available annual reports and statistics about the DNA database; it also provides reports to the Portuguese Parliament. The Board for the Portuguese forensic DNA database must also consult the National Data Protection Commission for any clarifications regarding the processing of personal data and must comply with its decisions.

Supervisory boards do not commonly accompany DNA database systems among the European Member States. ENFSI recommends that the Member States should set up an infrastructure that addresses the role of DNA databases in society: 'Because DNA databases have a very important yet very delicate role in society, the custodian of a DNA database should develop tools to make objective information about the DNA database available to politicians, the public and the media' (ENFSI, 2017, p. 49). However, it remains the responsibility of each state to translate responsible governance principles into operational routines. The organizational imperatives of the forensic DNA database in Portugal thereby reflect how governance principles, such as commitments to high levels of data protection and public accountability, are translated into the operational and organizational infrastructures of the database.

The most recent report from the Supervisory Board for the DNA Database states that, as of 31 December 2019, the Portuguese forensic DNA database contained 12,980 DNA profiles. The distribution is as follows: 6 profiles from volunteers; 31 profiles obtained from samples for civil identification purposes; 18 reference profiles of missing people and their relatives; 2508 profiles obtained from samples collected from crime scenes; 10,270 profiles from offenders convicted to a sentence of three years or more; and 146 samples of professionals.6 The Portuguese DNA database is thus small in comparison to those of other European countries (Reed & Syndercombe-Court, 2016; Santos et al., 2013).

In terms of public understandings of DNA databases in Portugal, there exists a broad acceptance of such technology as a tool for criminal investigation. Based on an online survey of 628 individuals in Portugal, Helena Machado and Susana Silva outline that more than three quarters of the respondents believed that the Portuguese forensic DNA database could help fight crime more efficiently and provide swifter and more accurate justice. However, only approximately half of the surveyed sample considered that DNA databases could deter and prevent crime. In terms of risks, respondents outlined the lack of security and control over access to data and the possibility of unforeseen misuses of genetic information in the future as concerns (Machado & Silva, 2015). The general acceptance of DNA databases should, however, be framed within a wider context, in which Portuguese citizens have, for long, demonstrated apparently passive compliance with the state's collection of diverse types of personal identification data, including fingerprints, for civil identification purposes (Machado & Prainsack, 2012, p. 42)

Finally, in terms of the *development of DNA technology* and other uses of DNA technologies, up to the date of writing, there has not been a detailed debate and/or deliberation about the use of technologies such as familial searching and forensic DNA phenotyping in Portugal. Contributing to the lack of debate might be the fact that, given that the scientific standards adopted in the Portuguese forensic DNA database are meant to be solely restricted to the coding region of the DNA, the use of the potentially

<sup>6</sup>Data available here: https://www.cfbdadosadn.pt/pt/bdpadn/sobreabd/Paginas/ ConteudoFicheiros.aspx (last access on 23 June 2020).

controversial technologies of familial searching and forensic DNA phenotyping is, in legal terms, not allowed.

#### Bordering Practices and Ordering Transnational DNA Data Exchange

Portugal's aim to 'keep up' with more experienced countries in terms of criminal investigation and transnational cooperation has been emphasized since the creation of the Portuguese DNA database in 2008 (Machado & Silva, 2010, p. 219). In terms of *the motifs and notions of nationhood mobilized to comply with the Prüm system*, Portugal joined other countries in technologically modernizing, integrating into Europe, and catching up with international crime control standards. In this, Portugal's trajectory is similar to Poland's (see Chap. 6).

On 23 June 2006, Portugal requested access to the Prüm Convention. The countries that had signed the Convention—Belgium, Germany, the Netherlands, Spain, France, Luxembourg and Austria—welcomed the Portuguese request. This allowed Portugal to start participating in the working groups preparing the implementation and full operation of the measures contained in the Prüm Convention (Ministério da Administração Interna, 2006, p. 78). In 2011, following an evaluation visit carried out by experts from Germany and a successful pilot run, Portugal was authorized by the EU Council to exchange data (Council of the European Union, 2011). However, the country only began to connect with the Prüm system's genetic data exchange in 2015 (Council of the European Union, 2015).

As mentioned above, Portugal's integration into Prüm was characterized by the full enforcement of the requirements of the EU regulations and by swift implementation. One indicator of that is that Portugal has established connections with 19 countries since 2015 (Council of the European Union, 2020). According to the annual report of the Supervisory Board for the DNA Database, among all countries with which Portugal is exchanging data, there have been more hits (valid matches) with Spain, France, Germany and, to a lesser extent, also Austria and the Netherlands.

As previously discussed, the *national legacies of DNA databases and DNA technologies* in Portugal are derived from the strength of the judicial regime, which works through formal and bureaucratic procedures, in contrast with the more informal and pragmatic orientation of the police forces (Machado & Granja, 2019). The regulatory regime prevailing in Portugal allocates significant power to judges, who play a prominent and active role in assessing evidence and processing court procedures. In this sense, Portugal's approach to bioborders is influenced by its inquisitorial system, as well as by its restrictive database legislation. The legislation and regulation in Portugal have created a tendency to oppose the EU imperative to expand transnational DNA data exchange. This is the case because the transnational exchange of genetic data requires the authorization of a judge (Article °21 of Law 90/2017) and because Portugal has severely restricted access to border-crossings of specific data categories. That is, despite the different types of genetic profiles held in the national database, Portugal only exchanges data pertaining to convicted individuals and crime scene samples (Brito et al., 2019; Council of the European Union, 2020). In fact, Portugal and Greece exchange the least number of data categories among all operational Member States (Council of the European Union, 2020). Brito and colleagues (Brito et al., 2019)—members of the National Institute of Legal Medicine and Forensic Sciences, which deals with the daily management of Portugal's DNA database and acts as the first step of the Prüm system—have conducted a study on the impact of the Prüm system on the Portuguese forensic DNA database. According to their analysis of the number of hits obtained with other countries specified by sample type, there has been a decrease in the number of forensic unknown genetic profiles exchanged with other countries through the Prüm system. According to the authors, this reflects the reduced number of profiles for this category in the national database (Brito et al., 2019). Finally, through the reporting activities of the Supervisory Board for the DNA Database, Portugal enforces organizational imperatives of transparency that run counter the opacity of the Prüm system as a whole (Toom, Granja, & Ludwig, 2019). The Portuguese mode of biobordering, therefore, results in *latent rebordering dynamics*. It is, however, important to note that such rebordering dynamics are more a consequence of the particularities of the Portuguese historical–political regime than of intentional opposition to the EU's vision of borderless data circulation.

The particularity of the historical and political context of Portugal is even more prominent when we consider Portuguese *circumscribed debordering efforts*, which co-exist with the country's latent rebordering dynamics. Such *circumscribed debordering efforts* are expressed, firstly, in the decision to use CODIS, the *de facto* standard software used by most of the Member States to facilitate data exchange. Secondly, *circumscribed*  *debordering efforts* are also expressed through the relatively quick progress made in connecting with the Member States: as mentioned, Portugal has established connections with 19 Member States in a relatively short period of time (Council of the European Union, 2020).

In terms of hidden (dis)integration, it can be argued that Portugal has followed a debordering approach in terms of techno-scientific and operational infrastructures. Simultaneously, the Portuguese case is also an illustrative example of how the particularities of judicial and legal traditions, as well as regulations foreseeing ethical oversight of DNA data exchange, partially counter and balance the debordering dynamics of the EU level (Amelung & Machado, 2019).

From the Portuguese biobordering approach, we therefore learn about *latent rebordering dynamics*. Portugal has enforced restrictive modes of biobordering by, for example, severely restricting the type of data exchanged and by enforcing control principles of oversight and transparency deriving from judicial and legal cultures. However, as such dynamics co-exist with *circumscribed debordering efforts* expressed by the speed of developing connections and the number of connections established with other countries, we refer to *latent rebordering*.

#### References


**Open Access** This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/ by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence and indicate if changes were made.

The images or other third party material in this chapter are included in the chapter's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.

CHAPTER 8

# The United Kingdom (UK)

**Abstract** The UK is the possessor of the world's oldest and largest DNA database by proportion of population: the National Criminal Intelligence DNA Database, established in 1995. As a nation-state that holds one of the world's largest DNA databases, the UK has been dealing systematically with the societal effects triggered by various ethical controversies. In terms of bordering practices, the UK serves as an example of an *ambivalent mode of re- and debordering*. This ambivalence derives from the UK's changing position regarding the Prüm system. In 2014, the UK government, driven by the parliament, decided to opt out of the Prüm Decisions. In 2015, after a Prüm-style pilot project run with other EU Member States, the UK decided to opt in. This decision, nonetheless, included the imposition of limits on other EU countries' access to the UK's data. Consequently, the UK's debordering practices co-exist with rebordering attempts aimed at restricting access to their own data.

**Keywords** UK • DNA database • Data exchange • Re- and debordering • Prüm

#### Introduction

Established in 1995, the UK's National Criminal Intelligence DNA Database (NDNAD) is believed to be the oldest national forensic DNA database (Downey, Stephens, & Flaherty, 2012; Johnson & Williams, 2007).1 According to the European Network of Forensic Science Institutes (ENFSI), in June 2016, the NDNAD contained 4,733,755 profiles of individuals in the DNA database.2 This represented 8.8 per cent of the resident population. More recent data shows that, on 31 March 2020, the number of subject profiles held had increased to more than 6 million3 and that the database held more than 600,000 crime scene profiles.4 Holding the equivalent of about 10 per cent of the UK's resident population5 (of 67,879,4886), the NDNAD is the world's largest database by proportion of population (Amankwaa, 2018).

The UK's assimilation into the Prüm system for the transnational exchange of DNA data for police and judicial cooperation in the European Union (EU) has not been straightforward. In December 2014, the UK decided to withdraw from the Prüm system. However, after running tests with the Netherlands, Spain, France and Germany, it decided to rejoin Prüm in 2015. However, there were successive delays, in which the uncertainties emerging around Brexit played a role, and the UK only became

<sup>1</sup> In the UK, the National Criminal Intelligence DNA Database (NDNAD) is used solely for criminal investigation purposes. Other forensic purposes, such as the identification of missing persons and unidentified body investigations, are managed by the UK Missing Persons Bureau, which has operated and maintained a Missing Persons DNA Database since May 2010 (Granja & Machado, 2019).

2As the ENFSI report is to our knowledge the latest statistic which provides comparable information across countries, we refer to it to situate the UK in comparison to the other country cases in this study. Data available at http://enfsi.eu/wp-content/uploads/2017/01/ ENFSI-Survey-on-DNA-Databases-in-Europe-June-2016.pdf (last access on 23 June 2020).

<sup>3</sup> It is currently estimated that 14.1 per cent of the subject profiles held on the entire NDNAD are duplicates. Duplicate profiles arise when samples are taken from the same individual on more than one occasion. This may happen as a result of a person giving different names, or different versions of their name, during separate arrests. There may also be situations where a police force chooses to resample an individual (Home Office, 2019).

4National DNA Database statistics, Q4 2019 to 2020. Available at https://www.gov.uk/ government/statistics/national-dna-database-statistics (last access on 23 June 2020).

5We use the term 'the equivalent' because the NDNAD holds a significant number of duplicates (see footnote 3).

6Data available at https://www.worldometers.info/world-population/uk-population/ (last access on 23 June 2020).

operational in 2019 (Council of the European Union, 2019). According to the latest DAPIX data, the UK is operational with seven countries (Council of the European Union, 2020). Developments on the path to Brexit made the UK's integration into the Prüm system additionally complex as the country current participation in the Prüm system ends on 31 December 2020. The UK is currently involved in the negotiation of an agreement that would allow the continuity of law enforcement and judicial cooperation in criminal matters. The UK is, therefore, addressed as an *ambiguous mode of debordering*.

The UK's cultural and political specificities also make the country's biobordering dynamics particularly interesting. The UK joined the European Community in 1973. During the negotiations for the Maastricht Treaty of 1992, the UK secured an opt-out from adopting the Euro as its official currency. In addition, in 1999, the UK also decided not to join the Schengen system. This special status was secured by a legally binding protocol, negotiated as part of the Treaty of Amsterdam. Scepticism towards EU policies has, therefore, long been a central part of the UK's relations with the EU. This scepticism was made even more evident in the context of the Brexit referendum, in which a small majority voted to leave the EU. Historically, the UK–EU relationship has been particularly ambiguous, and this plays out in the UK's bioborders regime. Enhancing the UK's ability to identify foreign criminals, while still enforcing limitations to data exchange aimed at protecting the UK's citizens, emerges as one of the major motifs and notions of nationhood mobilized in the compliance with the Prüm system.

#### National DNA Database Development

DNA fingerprinting was discovered in the UK in 1985 by Professor Sir Alec Jeffreys at the University of Leicester, and the UK was the first country to create a national forensic DNA database (in 1995)—the NDNAD. This database contains DNA data from all the police forces in England and Wales, as well as data from the Northern Ireland DNA Database (NIDNAD) and the Scottish DNA Database (SDNAD), and DNA profiles from the Crown Dependencies7 (Amankwaa & McCartney, 2018; Skinner & Wienroth, 2019). Regarding its *legislative framework*, the UK operates an adversarial legal system—which makes it different

<sup>7</sup>Namely, Isle of Man, the Bailiwick of Jersey and the Bailiwick of Guernsey.

from the continental cases considered in this book, which have in common to different degrees an inquisitorial tradition. In the UK's system, the court acts as a referee between the prosecution and the defence. In the UK, the first statute governing the NDNAD was the Criminal Justice and Public Order Act 1994, which enabled the databasing of DNA profiles. The Act permitted DNA records of all individuals convicted of a recordable offence to be retained indefinitely. Although samples from suspects were collected, the Act required that those who had never been convicted of a criminal offence should be considered 'innocent' and thus that their DNA records should be deleted after the conclusion of an investigation or any proceedings (Amankwaa & McCartney, 2018).

However, subsequent legislation supported the expansion of the NDNAD: the Criminal Justice and Police Act of 2001 allowed all samples collected to be retained indefinitely, irrespective of whether the person had been acquitted. This further expanded the collection of DNA samples and profiles by including in the database one-time suspects who may never have been charged with a recordable offence (Williams & Johnson, 2008). Another amendment also allowed samples from volunteers taking part in mass screenings to be retained indefinitely. The Criminal Justice Act of 2003 further extended police powers by allowing DNA samples to be taken without consent from anyone arrested on suspicion of a recordable offence and to be kept indefinitely (Amelung & Machado, 2019).

Despite these moves towards expansion, there was scant public debate on how the NDNAD posed challenges to the protection of human rights (Downey et al., 2012). The NDNAD only began to be perceived and discussed by mass media and politicians as a potential danger to the civil liberties of British citizens in the aftermath of the 'S. and Marper' case. 'S.'8 was 12 years old when he was arrested for attempted robbery in January 2001 and was cleared 5 months later. Michael Marper was arrested in March 2001 and charged with harassing his partner; the case was discontinued. Both S. and Marper's DNA were taken and added to the NDNAD; after their release, they applied for the removal of their profiles. Their applications were rejected by the British Appeal Courts on the grounds that the inclusion and removal criteria of the NDNAD at the time allowed the profiles of persons who had been arrested but not convicted of a crime to be retained. S. and Marper then resorted to the European Court of Human Rights, which held that retaining the DNA samples of

<sup>8</sup>Due to privacy protection issues, he was named in court only as S.

individuals who were arrested but later acquitted or who had the charges against them dropped was a violation of the right to privacy under the European Convention on Human Rights. Consequently, the European Court forced the NDNAD to destroy the samples of non-convicted people (Amankwaa & McCartney, 2018; Amelung & Machado, 2019). The S. and Marper case, thereby, provided a landmark that oriented the possibilities and limitations of using forensic DNA.

The repercussions of the European Court's decision led to the amendment of the laws governing the collection, use and retention of forensic DNA in the UK through the Protection of Freedoms Act 2012 (PoFA), implemented in October 2013. In summary, the PoFA defined that DNA samples must be destroyed after profiling or within six months of their collection; DNA profiles of convicted individuals could be held indefinitely; and profiles from innocent individuals must be deleted after the conclusion of an investigation or any proceedings. Exceptions to these rules included temporal profile retention periods for some first-time convicted minors, those charged or arrested for a qualifying (serious) offence, those issued with a penalty notice for disorder or on national security grounds (Amankwaa & McCartney, 2018, p. 119). Since the implementation of the PoFA, over 1.7 million forensic DNA profiles from innocent individuals have been deleted, and over 7.7 million DNA samples have been destroyed (Amankwaa & McCartney, 2018, p. 119). Such deletion has, however, received relatively little public attention (Skinner & Wienroth, 2019). As noted by David Skinner and Matthias Wienroth:

The story of the NDNAD is intriguing in part because of what it reveals about the difficulties of enacting the results of legal, political and ethical deliberations about the scope and format of this type of collection, but also how such deliberative infrastructures and discourses can emerge in order to prevent, ameliorate or reframe processes of ending [of genetic collections]. (Skinner & Wienroth, 2019, p. 101)

Since October 2012, the Home Office has been in charge of the management of the *technical database infrastructure* of the NDNAD, which means that it is under police custody. In terms of software, the NDNAD uses a self-developed programme (ENFSI, 2017). According to the NDNAD Strategy Board's annual report, 36 vetted Home Office staff have access to it (Home Office, 2019). Police forces own the profile records in the database and receive notification of any matches, but they do not have access to it (Home Office, 2019).

A particularity of the UK case that had a direct impact on the technical database infrastructure was the closure in 2012 of the Forensic Science Service (FSS), the public provider of scientific support to police investigations in the UK. The main reason for the Service's closure was linked to its considerable financial losses (Lawless, 2011). The closure meant that DNA profiling services were transferred to private providers, although some forensic scientific work remains the preserve of the police forces themselves, through in-house facilities (Lawless, 2011).

In terms of *organizational imperatives and principles*, as a nation-state that holds one of the world's largest DNA databases, the UK has been dealing systematically with the societal effects triggered by various ethical controversies. Those issues relate to the size of the database, in terms of its proportion of the entire population (Amankwaa, 2018), as well as its scope. As previously explained, until the S. and Marper case, the NDNAD included profiles of individuals who had been acquitted of a crime. The expansion of the number of profiles and the subsequent decisions about the database engendered significant public debate (Skinner & Wienroth, 2019). Other controversies that have been heavily discussed within the framework of the NDNAD relate to the racialization of the database, for instance, to the overrepresentation of black people in the database population and to the classification of DNA profiles according to 'ethnic appearance' (Human Genetics Commission, 2009; Nuffield Council on Bioethics, 2007; Skinner, 2013, 2018). Civil society organizations, such as GeneWatch, Liberty and Black Mental Health, have also articulated concerns about an overemphasis on genetic explanations that relate to criminality, the retention of children's DNA and the overrepresentation of specific minorities (Amelung & Machado, 2019; Skinner, 2012).

Such ethical controversies, coupled with public protests and criticism, have stimulated the development of stricter regulation, designed to protect citizens' rights; by extension, they have also motivated particular governance forms aimed at responding to certain needs for stronger public accountability and transparency (Amelung & Machado, 2019; Granja & Machado, 2019). Nowadays, the use of forensic DNA technologies is overseen by a partnership of boards and appointed experts.

The NDNAD Strategy Board9 provides governance and oversight over the retention and destruction of DNA profiles and rules for the database; it also produces reports and statistics concerning the operation of the NDNAD.

The UK NDNAD Ethics Group was created in 2007 and operated as a non-statutory body, providing independent advice on ethical issues around the operation of the database to Home Office ministers and the NDNAD Strategy Board. The NDNAD Ethics Group's role changed in 2016 with the introduction of the new National Forensic Science Strategy, which defined a wider role for the Group as part of the enhanced governance structure for the forensics system (Amelung & Machado, 2019). The Ethics Group was replaced by the Biometrics and Forensics Ethics Group in 2017. The goal of the group includes consideration of the ethical impact on society, groups and individuals of the collection, retention and use of human samples and biometric identifiers for purposes that fall within the purview of the Home Office. More particularly, the Biometrics and Forensics Ethics Group considers the application, operation, research and services related to technologies that produce biometric and forensic data and identifiers.

The Forensic Science Regulator, a role created in 2008, ensures that the provision of forensic science services across the criminal justice system is subject to appropriate scientific quality standards. The Biometrics Commissioner's role is to keep under review the retention and use by the police of DNA samples, DNA profiles and fingerprints. Although this role was mentioned in the Protection of Freedoms Act (2012), it was formally established only in 2013. As 'independent' expert authorities, the Forensic Science Regulator and the Biometrics Commissioner contribute to advising the Home Office.

In terms of public understandings of DNA databases and forensic genetics in the UK, there is a substantial body of literature, especially when compared with other countries under study. Williams and Johnson (2004) distinguish between three types of representations of DNA detected across the UK's societal stakeholders' views: (i) 'genetic

9The Strategy Board comprises representatives of the National Police Chiefs' Council, the Home Office, the DNA Ethics Group, the Association of Police and Crime Commissioners, the Forensic Science Regulator (or her representative), the Information Commissioner's Office, the Biometrics Commissioner (or his representative), representatives from the police and devolved administrations of Scotland and Northern Ireland and such other members as may be invited (Granja & Machado, 2019).

exceptionalism', stressing the unique character of genetic material; (ii) 'genomic minimalism' emphasizing the mundane character of non-coding sequences of DNA; (iii) 'biometric pragmatism' that distinguishes between the legitimate and illegitimate sources and uses of DNA for forensic purposes. Other scholars have focused on the perspectives of lay citizens (Anderson, Stackhouse, Shaw, & Iredale, 2011; Stackhouse, Anderson, Shaw, & Iredale, 2010; Wilson-Kovacs, Wyatt, & Hauskeller, 2012). In a review of studies on public perceptions of forensic DNA retention in the UK and around the world, Amankwaa (2018) shows that there is considerable public support for the retention of DNA for criminal investigation purposes since the public believe that DNA databases have strong crimesolving abilities. Reported concerns are mainly related to the potential misuse of DNA and the retention of DNA from innocent individuals (Amankwaa, 2018).

The UK has been a pioneer in the *development of DNA technology*. For example, in 2002, the UK was the first country to implement familial searching for criminal investigation purposes using the NDNAD (Haimes, 2006; Prainsack, 2010). The particular circumstances in which familial searches are performed are described as 'operationally sensitive' and are, therefore, not available publicly (Nuffield Council on Bioethics, 2007, p. 78). Based on interviews conducted with key stakeholders in the UK, Rafaela Granja and Helena Machado argue that the use of familial searching is regulated through exceptionality. This entails giving consideration to the seriousness of a criminal case, other avenues of investigation and what is contemplated as ethically acceptable (Granja & Machado, 2019).

The now-closed UK's Forensic Science Service was also pioneering in the area of forensic DNA phenotyping (FDP), as it developed the first FDP test, for detecting red hair. Similarly to other countries, the UK does not have explicit legislation governing FDP; instead, the use of FDP is overseen on a case-by-case basis by various regulatory oversight bodies (Samuel & Prainsack, 2018).

#### Bordering Practices and Ordering Transnational DNA Data Exchange

The UK's ambiguous bordering practices concerning crime control can be traced back to the decision on the Treaty of Lisbon. When the Treaty of Lisbon—which aimed to provide a stronger basis for the development of a criminal justice area while stipulating new powers for the European Parliament10—was being negotiated, the UK mobilized Article 10 of Protocol 36. This allowed the UK five years in which to decide whether or not it would continue to be bound by the police and criminal justice cooperation prescribed within the Treaty. This implied that the UK had until May 2014 to decide whether to exercise its 'opt-out' option in matters concerning justice and home affairs (McCartney, 2013, p. 546). In July 2013, the government decided to opt out of police and criminal justice measures, which included the Prüm Decisions; its decision took effect on 1 December 2014. The UK government, however, displayed an ambiguous position towards bordering practices: that same day it also decided to rejoin 35 measures considered to be in the nation's interests (Home Office, 2015).

The decision to remain out of Prüm was formally justified by the government's belief that the implementation of Prüm's technical requirements would be a lengthy and expensive process. The time it would take to establish Prüm raised concerns over the possibility that the EU Commission would initiate infringement proceedings, which involved substantial fines against Member States that did not implement measures or did so incorrectly. Also, the government estimated that it would cost £31 million to establish the Prüm system in the UK (McCartney, 2013). As stated by the Home Secretary in Parliament on 10 July 2014:

One measure that we have successfully resisted joining is Prüm (…). I have been clear in the House previously that *we have neither the time nor the money* to implement Prüm by 1 December. I have said that it will be senseless for us to rejoin it now and risk being infracted. (Home Office, 2015) [italics added]

The government also argued that Prüm's 'technical requirements' were out of date (HM Government, 2014) and that the size of the UK database—as one of the largest DNA databases in the EU—might lead to a disproportionate number of requests from other EU states (HM Government, 2014). It is, nevertheless, clear that the decision to opt out reflects a broader framework of scepticism towards the EU and intentional rebordering attempts aimed at countering the EU's doctrine of borderless

<sup>10</sup> See http://www.europarl.europa.eu/factsheets/en/sheet/155/judicial-cooperationin-criminal-matters (last visited 8 November 2019).

data flow. As stated by Carole McCartney, 'The decision to use the optout has been cast as "taking back" powers from the EU. Areas such as the criminal law, policing and sentencing are seen as "last bastions of national state power"' (McCartney, 2013, p. 549).

Despite the government's initial decision, the UK's ambiguous bordering practices have evolved in different phases aimed at finding a balance between the narratives of the benefits of data exchange for national security and the need to maintain control of costs and ownership of data. Following the advice from law enforcement agencies that Prüm would offer the UK significant potential benefits for the investigation and prevention of crime, the government agreed to conduct a small Prüm-style pilot test on the exchange of DNA profiles, after which the parliament would make a final decision on whether or not to rejoin the Prüm system.

The Prüm-style pilot project began on 30 September 2015 and aimed to explore how the exchange of the UK's genetic data across borders could be effected, what the technical challenges of implementation would be and what safeguards should be in place. The Netherlands, Spain, France and Germany participated in the UK's pilot test. Close to 2500 DNA profiles from forces across the UK were sent, and there were a total of 118 hits (Home Office, 2015). A report entitled *Prüm Business and Implementation Case* (Home Office, 2015) was drafted afterwards to analyse in depth the three options open to the UK: to maintain the *status quo* and remain out of Prüm, to rejoin the Prüm Decisions, or to develop an alternative mechanism for police cooperation and data exchange. The report was then debated in the House of Commons and in the House of Lords in December 2015. The debates were heavily influenced by the recent terrorist attacks in Paris (November 2015) and, consequently, by the perceived need to step up transnational police cooperation for identifying and convicting foreign criminals.

The *Prüm Business and Implementation Case* (Home Office, 2015) stated that the benefits of the UK fully implementing the Prüm Decisions would be (i) simplified processes for requesting information and/or data; (ii) efficiency gains in international searches; (iii) an increase in resolution of unsolved crimes; (iv) an improved response rate to requests for information associated with crime and terrorism; (v) ability to exploit the UK's investment in other data systems; (vi) improved detection of volume crimes and serious crimes; (vii) an enhanced crime and terrorism intelligence picture; (vii) access to EURODAC for criminal investigation searches (EURODAC is inaccessible unless Prüm searches have already taken place). Theresa May, then Secretary of State for the Home Office, also outlined the benefits brought by the UK's inclusion in Prüm when she kicked off the debate in the House of Commons on 8 December 2015:

I beg to move, that this House, wishing to see serious crimes solved, to counter terrorism and to see foreign criminals prosecuted and deported, supports opting in to the Prüm Decisions; notes the views of senior law enforcement officers that the Prüm Decisions are an important aid to tackling crime; notes the success of a pilot that demonstrated that the Prüm Decisions mechanism is both swift and effective.11

The risks and associated recommendations for integration with Prüm were also outlined. The protection of the civil liberties of UK citizens, doubts about other countries' practices in processing DNA data and concerns about the extension of the jurisdiction of the Court of Justice of the European Union (CJEU) took front stage both in the report and the debates in the Houses of Commons and Lords. As stated by Sir William Cash, Chair of the European Scrutiny Committee, House of Commons, during the debate:

The Government say that they will apply higher technical standards than required by Prüm (…) for the UK's DNA and fingerprint databases, but *we should recall that DNA profiles and fingerprints of British citizens may be held on foreign databases, which may be subject to less rigorous standards than those proposed by the Government*. All in all, this is not a motion that should be passed, for the reasons that I have given: it interferes with parliamentary sovereignty, it extends the range of the European Court (…) For many of us, this is a step too far.12 [Italics added]

It is important to note that scepticism and doubts about other countries' practices and standards in processing DNA data are not unique to the UK. Machado and Granja, analysing the views of Prüm National Contact Points working in Prüm Step 1, outlined that forensic practitioners remain doubtful that ethically sound science is conducted in other

<sup>11</sup>House of Commons Hansard Debates for 8 December 2015. Available at https://publications.parliament.uk/pa/cm201516/cmhansrd/cm151208/debtext/151208-0003. htm (last visited 6 December 2019).

<sup>12</sup>House of Commons Hansard Debates for 8 December 2015. Available at https://publications.parliament.uk/pa/cm201516/cmhansrd/cm151208/debtext/151208-0003. htm (last visited 6 December 2019).

countries (Machado & Granja, 2018). In order to diminish the risk of innocent UK citizens being targeted, the *Prüm Business and Implementation Case* suggested that, if the UK's parliament were to opt in to Prüm, only the DNA data and fingerprints of convicted individuals should be made available for transnational exchange. This caveat reiterated a strong notion of protection of the UK's nationhood and citizens:

For example, the Government would legislate to ensure that other Member States could only search against UK held DNA profiles and fingerprints of those actually convicted of a crime. This would help to avoid innocent British citizens becoming caught up in overseas investigations. (Home Office, 2015)

Other risks mentioned both in the report and during the parliamentary debates related to the possibility of DNA adventitious matches. Given that DNA profile matches of six and seven loci have a high probability of being false positives, the report stated that only crime scene profiles with more than eight loci should be shared with the other Member States on the UK Prüm exchange. In addition, it also suggested that the UK should exchange DNA profiles with the other Member States, but that demographic data should only be exchanged following a match of ten or more loci.

Forensic practitioners working within Prüm operational countries also view the occurrence of a large number of false positives in transnational data exchange as ethically problematic (Machado & Granja, 2018). Thus, despite being framed by high levels of scepticism towards EU policies, the UK's assessment of the risks involved in transnational DNA data exchange within Prüm accords with what practitioners already working with Prüm also perceive as risks (Machado & Granja, 2019).

Finally, the report mentioned two further risks regarding (i) the volume of work brought by Prüm, especially taking into account that the UK has one of the largest forensic DNA databases, and (ii) the cost of implementation, which the report revised down to £13.5 million from the previously indicated £31 million (Home Office, 2015).

Following the publication of the *Prüm Business and Implementation Case* (Home Office, 2015), in December 2015, the UK decided to opt back in to the Prüm system. However, it did so on condition that the *dynamics of data border-crossings* would be restricted to 'only a subset of the relevant national DNA and fingerprint databases, containing data relating to individuals convicted of recordable offences, will be made available for searching by other participating States, and that the higher UK scientific standards will be applied to matches in the UK'.13 Enhancing the UK's ability to identify foreign criminals while still enforcing limitations to data exchange aimed at protecting UK citizens thus emerges as one of the major *motifs and notions of nationhood mobilized in complying with the Prüm system*.

The UK adopted a protectionist view of data ownership by reducing the type of data made available for transnational DNA exchange. However, this position, although more clearly evidenced in the UK case, is not limited to the UK case. In Portugal—and most likely in other countries—a protectionist view of data ownership resulted from the country's own restricted legislative framework (see Chap. 7). Protectionist views of data ownership are also evidenced by the variable number of data categories made available by each Prüm operational country (see Chap. 3).

On 6 June 2019, the EU Justice and Home Affairs Council adopted a Council Implementing Decision officially launching the automated exchange of DNA profiles between other Prüm participants and the UK. Since the NDNAD uses self-developed software (ENFSI, 2017), in order to make transnational exchange viable, CODIS had to be installed (Council of the European Union, 2018). As well as authorizing DNA exchanges to commence from 14 June 2019, the Decision also stated the Council's request that the UK review its policy of excluding suspects' profiles from automated DNA data exchange within 12 months. Furthermore, it outlined that 'if the operational experience acquired with Prüm DNA data exchange within the first 12 months has not led the UK to notify the Council that it has reviewed its policy, the Council should re-evaluate the situation with a view to the continuation or termination of DNA Prüm automated exchange with the UK' (Council of the European Union, 2019).

Responding to the imposed deadline to review the policy of limiting data exchange via Prüm to profiles from convicted offenders, crime stains and unidentified human remains, on 15 June 2020, James Brokenshire, the Minister of State for Security, announced that it is the government's intention to begin exchanging suspects' data via Prüm.14 Such decision has

<sup>13</sup> https://publications.parliament.uk/pa/cm201719/cmselect/cmeuleg/301 lxx/30106.htm (last visited 8 November 2019).

<sup>14</sup>Prüm—Data Sharing Update: Written statement—HCWS290 https://www.parliament.uk/business/publications/written-questions-answers-statements/written-statement/ Commons/2020-06-15/HCWS290/ (last visited on 19 June 2020).

been, according to the UK governmental view expressed in the written public statement, based upon a balance between benefits and risks associated with exchanging suspects' data, maintaining a concrete focus on the protection of UK citizens:

In considering whether to include suspects' data, the Government has carefully balanced the potential public protection benefits against *concerns that a UK citizen could be caught up inappropriately in criminal investigations in EU Member States* and has considered the effectiveness of the safeguards put in place to prevent such instances occurring. In light of the benefits reaped from exchanging DNA since July 2019 and the way in which the safeguards have been applied, the Government has concluded that the important public safety benefits in exchanging suspects' data outweigh the risks associating with sharing it. [Italics added]15

Such decision to exchange suspects' data within Prüm may be interpreted as a concession to the EU requirement to adopt logics of reciprocal data exchange. As EU officials have previously reported a perceived 'lack of reciprocity' in how the UK cooperated within Prüm (Brunsden & Peel, 2020), the decision to review the policy of limiting data exchange via Prüm seems to be a strategic move to keep doors open for post-Brexit participation in Prüm-like agreements, as the UK's current participation in the Prüm system ends on 31 December 2020, when the Brexit transition period expires. The UK has already stated interest in ensuring the continuity of law enforcement and judicial cooperation in criminal matters. In particular, the report entitled 'The Future Relationship with the EU: The UK's Approach to Negotiations' (HM Government, 2020) states that the UK is interested in discussing an agreement. In terms of the exchange of DNA, fingerprints and vehicle registration data, the report states that

The agreement should provide similar capabilities to those currently delivered through the Prüm system, drawing on the precedent for such cooperation between the EU, Norway and Iceland as well as between the EU and Switzerland and Liechtenstein. These precedents include a political dispute

15Prüm—Data Sharing Update: Written statement—HCWS290 https://www.parliament.uk/business/publications/written-questions-answers-statements/written-statement/ Commons/2020-06-15/HCWS290/ (last visited on 19 June 2020).

resolution mechanism with no jurisdiction in those third countries for the CJEU. (HM Government, 2020, p. 26)

The UK case thereby serves as an example to learn about *an ambiguous mode of debordering*. Its ambiguous nature is the result of the government's changing position regarding the maintenance or suspension of borders for data crossing. In 2014, there was a decision to opt out of the Prüm Decisions. In 2015, after a Prüm-style pilot project run with other EU Member States, the UK decided to opt in. The UK therefore enacted *circumscribed debordering* practices by agreeing to participate in data exchange across the EU and thereby expanding the data flows bounded to the own nation-state's bioborders. However, the decision to deborder was made on the condition that limits be imposed on other EU countries' access to the UK's data, therefore reflecting rebordering attempts anchored upon restrictive bioborders. However, in light of the negotiating scenario caused by Brexit, limits to data exchange have been recently reduced. The UK's debordering practices—fuelled by claims to access 'foreign' data thereby co-exist with rebordering attempts aimed at ensuring adequate protection of 'own' data and national citizens. Additionally, the UK case reveals the politics of (non)belonging entangled with biobordering dynamics. It does so in the sense of negotiating who is exposed and who needs to be protected from exposure to international police collaboration.

#### References


*Public Understanding of Science, 20*(2), 146–162. https://doi. org/10.1177/0963662510375793


**Open Access** This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/ by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence and indicate if changes were made.

The images or other third party material in this chapter are included in the chapter's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.

# Conclusion

**Abstract** The concluding chapter reviews and compares the modes of biobordering at the EU level and in Germany, the Netherlands, Poland, Portugal and the UK with a particular focus on the transnational exchange of DNA data within the Prüm system. This analysis reveals the multiplicity of heterogeneous biobordering regimes that enact different visions of Europe and nationhood and that have implications for de facto hidden integration and disintegration processes in the EU. 'European integration' is believed to be achievable by the harmonization of scientific and technical procedures in different countries. However, the mandatory elements of the Prüm Decisions were politically enforced without taking into consideration the significant differences between EU countries. Thus, hidden disintegration comes as a contingency regarding operational and organizational traditions, legislation, the nature of the criminal justice system, and national variations around the human and economic resources to invest in forensic DNA databases and DNA profiling technologies. The conclusion ends with a proposal of a typology systematizing biobordering dynamics derived from the empirical case studies.

**Keywords** Biobordering regimes • EU • Prüm • Hidden integration • Hidden disintegration

#### Introduction

Over time, there has been an increasing expansion, in reach and scope, of biometric technologies and database systems used in the context of crime and migration control. Our brief summary of this range of biometric technologies and systems (in Chap. 2) showed how the melange of biometrics, datafication and technologies has reconfigured how we think about the mobility of people, surveillance, human rights and ethics. Furthermore, we demonstrated what modes of regulation are being enforced by that process and how notions of bioborders are being reconfigured.

We delved deep into the concept of biobordering (Chap. 3) in order to capture reverse patterns of bordering and ordering practices linked to transnational biometric data exchange regimes. The concept is useful in reconstructing how the territorial foundations of national state autonomy are partially reclaimed and, at the same time, partially purposefully suspended. In this sense, we mobilized the concept of biobordering to foster an understanding of the dynamics and impacts of the large-scale database infrastructures that archive and exchange biometric data across national borders.

Based on this framework, we provided a sustained analysis of the heterogeneous processes involved in ordering transnational biometric data exchange and the control of criminalized populations across EU Member States' borders, with a particular focus on the transnational exchange of DNA data within the Prüm system. We did so by, on the one hand, portraying the modes of biobordering at the EU level (Chap. 3) and, on the other, describing, analysing and comparing in detail the experiences and traditions of five EU countries that are part of the Prüm system: Germany, the Netherlands, Poland, Portugal and the UK (Chaps. 4, 5, 6, 7 and 8). More particularly, we explored how each country approaches the use of forensic DNA databases, the exchange of DNA data regulated under the Prüm system and recent applications of forensic genetic innovations. We have argued that, taken together, these co-dependent components reveal the multiplicity of heterogeneous biobordering regimes and enact different implicit visions of Europe and nationhood, with implications for *de facto* hidden integration and disintegration processes in the EU.

#### Comparative Insights

At a time when the European Union as a political institution as well as ideas of Europe are being challenged, the theme of simultaneous hidden disintegration and integration configured by technological projects is particularly relevant. Considering in particular the pressing contemporary challenges in the area of transnational crime control, the modes of biobordering that come along with hidden integration and disintegration found throughout our cases demonstrate a complex picture. In the following, we will summarize our major findings about the cases of Germany, the Netherlands, Poland, Portugal and the UK.

As a starting point, we assessed the specific situations of the countries by looking at the constitutive components of bioborders: (i) national DNA database regulations, legislative frameworks and governance principles in terms of norms sanctioning the collection, use and retention of DNA data, including data protection regimes; (ii) DNA technology development, including the scientific knowledge that DNA technologies build on; (iii) the technical database infrastructures necessary to digitally store and compare data and the definition and management of which data categories are and are not made accessible for data exchange; (iv) organizational imperatives and principles, such as reliability, transparency and public accountability.

Based on these country-specific insights, we then mobilized the three following dimensions to understand and compare the modes of biobordering at stake: (i) what data travels across borders, and data of what types of crimes and what types of criminals are potentially detected by Prüm and, thus, who counts as a suspect, offender or differently eligible for data exchange; (ii) the national legacies of DNA databases and DNA technologies and how they produce particular notions of nationhood and are linked to nation-state-bound legitimacy claims; (iii) the promises/expectations/ concerns of Member States in deciding whether to commit, or not, to joining the transnational DNA data exchange system and how these coproduce notions of the integration/disintegration of Europe.

In terms of the first dimension—what data travels across borders and data of what types of crimes and what types of criminals are detected by Prüm—our analysis shows that multiple modes of biobordering occur and result in the creation of classifications of what counts as eligible categories for exchange via the Prüm system. Although data categories are technically standardized, the national DNA databases have very different compositions—some are expansive and some more restrictive—and incorporated very differently affected social groups. While the UK holds about 10 per cent of its resident population in its database, Poland and Portugal hold about 1 per cent. In addition, when comparing across countries which data crosses borders, it becomes obvious that not only does the number of data categories made available vary (ranging from convicted offenders to suspects to missing persons) but does what is referred to by each category. While Germany stores and exchanges DNA data on offenders convicted for crimes such as full intoxication, defamation or burglary, Portugal exchanges data of offenders convicted to an effective prison sentence of three or more years for committing an intentional crime, which corresponds to crimes such as homicide and robbery with violence. Retention schemes are also very different across countries. While the UK allows for indefinite retention of convicted offenders, Portugal, the Netherlands, and Poland have clearly defined retention periods (Reed & Syndercombe-Court, 2016). Germany has defined periods for reviewing DNA profiles in order to either correct or delete them. Thus, categories that are technically standardized for data exchange assemble very different sets of data in the national DNA databases. Different types of crimes, variable timeframes and categories of involvement with the criminal justice system are thus integrated in the Prüm system, and the categories of data create ambiguity about what counts as 'suspect' or 'criminal', with consequences for affected person groups across Member States.

In addition, the dynamics of expanding data crossings across borders are also motivated by different rationales driven by each country's strategic ambitions in international police collaboration. For example, Poland has quickly mobilized its resources and made data available as this made sense in the context of its own regulatory efforts of modernization and internationalization of police collaboration. The UK represents a very different situation: although it demonstrates interest in accessing data from other Member States, the UK has also engaged in regulating data crossings with attempts to limit exchange of its own data.

Regarding the second dimension, our analysis shows that the national legacies of DNA databases and DNA technologies produce particular notions of nationhood in relation to debordering and rebordering dynamics. Germany, the Netherlands and Poland can be classified as having implemented forms of debordering bioborders that facilitate cross-border DNA data exchange. Yet, the three of them have played different roles in diffusing this approach. Germany, in particular, performed the role of the political architect of the initial Prüm plan and attempted to expand it beyond the starting group of Member States. In the aftermath of the Prüm Decisions, Germany continued to claim political and moral authority over other Member States in calling for proof of their commitment to debordering. The Netherlands has led the techno-scientific process of supporting the forensic technocracy across Member States through its contribution to the establishment of the technological scientific infrastructure for data exchange, as well as its support for training, pilot tests and evaluation visits for other Member States. However, the Netherlands has also had strong support from Germany and Austria in carrying out these tasks. The Netherlands has also engaged in explicit debordering dynamics by having Dutch forensic experts sharing expert and tacit knowledge on operating DNA data exchange and expending considerable effort in studying and monitoring cross-border DNA matches between the Netherlands and other operational Member States which also serves as an implicit control mechanism (see, e.g. Taverne & Broeders, 2015, 2016). Poland has, in a relatively short period of time, established a substantial number of connections with other Member States. In addition, Poland has caught up with the front-runners among the Member States, and it took the Prüm process as a stimulus for the establishment, implementation and expansion of its own DNA database. Portugal and Poland have in common that the national techno-scientific developments and advancements regarding their own DNA databases were motivated and stimulated by the establishment of the Prüm system. In both countries, joining the transnational exchange of DNA data and engaging with debordering dynamics represent another step in their quest for modernization, achieved through compliance with the international and EU standards of crime control and forensic genetics. Yet, Portugal remains a complex case because of its latent mode of rebordering (Amelung & Machado, 2019a).

Focusing on the latent modes of rebordering (in the case of Portugal) and ambiguous modes of rebordering (in the case of the UK), we come back to the legitimate rationales for hindering data exchange proposed by Hufnagel (2017) (referred to in Chap. 3). According to Hufnagel, specific arrangements—such as treaties or agreements with specific conditions attached to them—can stop data flows for specific purposes. We have seen that Portugal, due to its legal and judicial traditions, has maintained a regime of restrictive data inclusion criteria in its national DNA database and has defined very selective data categories for data exchange. More specifically, Portugal only exchanges data pertaining to convicted individuals and crime scene samples. In this sense, although Portugal has also fully enforced the requirements of the EU regulations and established, in a relatively short period, connections with a considerable number of operational Member States, it still engages with rebordering dynamics by severely restricting the data categories available within Prüm. In the case of the UK, specific arrangements were installed as conditions for its participation in Prüm. Among them was the condition that it would only exchange categories of profiles from convicted offenders, crime stains and unidentified human remains and would not provide access to DNA profiles of suspects—one of the other very usual categories exchanged across Member States (Council of the European Union, 2019). This decision was modified in 2020, as the UK government announced its intention to begin exchanging suspects' data via Prüm. Such a decision that may be interpreted as a concession to the EU requirement to adopt logics of reciprocal data exchange in light of post-Brexit negotiations. The UK's restrictive arrangements came with the justification of Britain being responsible for its 'data subjects' in the database and for preventing their exposure to other foreign criminal justice systems. The UK, thereby, established a restrictive regime for exchanging the data stored in its rather expansive database, but the country's ambiguous approach originated in its generally sceptical attitude towards the other EU Member States (McCartney, 2013).

With regard to notions of nationhood, we have explored the cultural meanings of forensic DNA technologies in different countries, which are often embedded in a particular sociohistorical context. They are often interpreted as reconfirming politics of (non)belonging. This can play out, on the one hand, in the countries' internal relationships of belongings by affirming differences between typified suspect populations and typified non-suspect populations. This position has been explored through cases exploring modes of racism and discrimination towards minority groups in the Dutch and German context. On the other hand, the politics of (non) belonging can also play out in the complex relationships between a country and the EU by emphasizing non-belonging to (particular visions of) Europe. This was explored through the case of the UK's ambiguous mode of rebordering.

In terms of the third dimension broadening our understanding of modes of biobordering—that relating to the promises/expectations/concerns of Member States deciding to commit to joining the Prüm system and how these co-produce notions of the hidden integration/disintegration of Europe—the country cases presented examples of the dynamics, tensions and ambivalences of biobordering processes. The modes of biobordering at the EU level result in debordered bioborders, and such modes emphasize in particular their legal, scientific, technical and political components. The levelling mode of ordering of the actor network at the EU level enforces a particular version of bioborders that reflects the political belief that the interoperability of DNA databases is a mere technical– scientific issue.

'European integration' is believed to be achievable by the harmonization of scientific and technical procedures between laboratories and police forces in different countries. However, as we have discussed, the mandatory elements of the Prüm Decisions were politically enforced without taking into consideration the significant differences between EU countries. Thus, hidden disintegration comes as a contingency regarding, for example, operational and organizational traditions, legislation, the nature of the criminal justice system, and national variations around the human and economic resources to invest in forensic DNA databases, DNA profiling technologies and other kinds of police information databases. Member States' modes of biobordering vary with regard to how national autonomy and sovereignty are claimed, negotiated and/or suspended not only through legal and political bordering processes but also through scientific and technical bordering practices that correspond with techno-political cultures and manifest specific regimes for biological data retention and exchange.

Finally, differences exist with regard to the democratic processes involved in establishing the Member States' modes of ordering with respect to transnational DNA data exchange. While Portugal, the UK, the Netherlands and Germany all provide some form of official public data about the DNA data stored in their databases, as well as about its exchange, Poland apparently has no official statistics in place. Portugal provides official data in the form of annual reports from its oversight body. Similarly, the Dutch custodian of the DNA database provides public data in its annual reports. Germany requires that requests for statistics on the DNA database be made through parliament (such requests are often initiated by opposition parties); the government then gives an official response about the data. In the UK, official statistics on the NDNAD are published several times a year, and there is an annual report covering several aspects of the NDNAD. Regarding Prüm, at the date of writing, DNA data exchange has been operational for less than a year. So far, the information provided on the number of hits within Prüm was provided in the written statement announcing the UK's decision to exchange suspect data.1 Nevertheless, given the UK's particular forms of governance, which respond to a commitment to public accountability and transparency (Amelung & Machado, 2019b; Granja & Machado, 2019), and the information made available in the 'Prüm Business and Implementation Case' (Home Office, 2015), it is highly probable that more data will be made available in the near future. Thus, we can distinguish between countries that proactively provide public data (the Netherlands, Portugal and the UK), countries that only provide data on demand (Germany) and countries that do not provide public data (Poland) on data exchange activities to a better understanding of the complex, multi-layered and hidden processes of integration and disintegration configured through the establishment of transnational technical infrastructures relying on forensic biological data, especially DNA data.

By reviewing our country case studies, we derived at a typology of biobordering dynamics which we summarize in order to provide a resource which may inspire future research (Table 9.1).

We distinguished debordering versus rebordering dynamics in order to explore expansive versus restrictive modes of biometric data exchange applied by countries, thereby making nation-state borders for biometric data flows more or less permeable. Furthermore, from the study of our country cases, we found different modes of debordering dynamics. Therefore, we specified that expansive biometric data exchange was either approached in a circumscribed or diffusive manner, for example, either focused on expanding nation-states' own biometric data exchange or focused additionally on expanding and disseminating debordering dynamics beyond own biometric data exchange. All country case studies,


**Table 9.1** Typology of biobordering dynamics

Source: Authors

1Prüm—Data Sharing Update: Written statement—HCWS290 https://www.parliament. uk/business/publications/written-questions-answers-statements/written-statement/ Commons/2020-06-15/HCWS290/ (last visited on 19 June 2020).

Germany, the Netherlands, Poland, Portugal and the UK, we explored reveal that, by being operative in the Prüm system, they have incorporated as minimum conditions circumscribed debordering dynamics. Additionally, Germany and the Netherlands can be classified as cases of diffusive debordering dynamics.

Regarding rebordering dynamics, we learnt from our country cases that rebordering dynamics co-exist with debordering dynamics, however, in different ways. The two cases we studied differed regarding their forms or co-existence of re- and debordering. Portugal was classified as an example of latent rebordering and the UK as an example of ambiguous rebordering. For that reason we have specified a distinction of latent rebordering and ambiguous rebordering. While latent rebordering refers to some forms of restrictions to expansive biometric data exchange, we consider that description as suitable to cover permanent and stabilized latent forms of restrictions. Ambiguous rebordering instead emphasizes the uncertain and indistinct approach to establish or maintain reservations and exceptions from expansive biometric data exchange. Although motifs for rebordering in those two cases are diverse, different notions of protection of data subjects are behind these dynamics. Thereby, rebordering can be also interpreted as contesting visions of Europe which assume the unlimited and unproblematic exposure of data subjects across European countries' databases.

We hope that our typology may help future research to describe other countries' situations in comparison to the findings of this study. Future research may also explore if the conceptual proposals offered in this study may inspire other transnational regimes of biometrics and databasing in law enforcement.

Future research challenges are the ongoing developments regarding the empirical phenomenon of transnational biometric database systems such as Prüm in the context of law enforcement. This refers to the interoperability initiative and the attempts of centralizing databases further and thereby overcoming rebordering 'obstacles' on the one hand. But it also refers to attempts to increase logics of Prüm beyond Europe on the other hand. This includes ambitions to make data accessible beyond European countries dedicated formally to inclusive and open democracies, applying legal principles of proportionality and safeguarding human rights. In that context, re- and debordering might need to be reassessed, and rebordering once more might be even more important to maintain democratic and civil rights principles to protect data subjects.

#### References


**Open Access** This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/ by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence and indicate if changes were made.

The images or other third party material in this chapter are included in the chapter's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.

### Glossary


**Match** See 'hit'.


Decision' refers to the Council Decision that established the mandatory nature of transnational data exchange for all EU Member States. 'Prüm system' refers to the actual network of European Union countries exchanging DNA data.

**Prüm Step 1 and Step 2** There are two different steps in the Prüm system. Step 1 refers to the moment when a search is made in a national database for a DNA profile retrieved from a crime scene and no match is found; the Prüm Decisions then permit the DNA profile reference to be transmitted and searched in other Member States' national databases. A notification is then sent to the original Member State informing it of a match or no match. If a match is identified, Step 2 occurs and further requests for information are processed through the existing police and/or judicial channels.