The United States is conditioning continued participation in the Visa Waiver Program on new requirements: participating countries must grant US authorities automated access to national police databases, including biometric data. This unprecedented demand would affect not only travelers but potentially all individuals recorded in these systems. The European Commission is negotiating a framework agreement, amid concerns over data protection and precedent.
Background on the Visa Waiver Program and New Conditions
Since 1982, the US Visa Waiver Program (VWP) allows citizens of 42 countries—including 32 EU states like Austria—to enter the US visa-free for up to 90 days. Since 2022, participants must qualify for an Enhanced Border Security Partnership (EBSP) with the US Department of Homeland Security (DHS), meeting requirements on counterterrorism and immigration control.
Now, visa-free entry is tied to granting direct, automated access to police and biometric databases. Refusal risks exclusion from the program. Data protection expert Matthias Monroy notes that this would impact not just travelers but anyone processed by US border and police authorities, particularly ICE, which has massively expanded biometric surveillance under recent administrations.
EU Response and Negotiation Mandate
In late 2025, EU member states mandated the Commission to negotiate a union-wide framework agreement. It aims to cover exchanges on travelers linked to VWP countries, applicants for residence or protection, and individuals encountered by DHS in border/immigration matters.
The mandate specifies that the common visa policy falls under EU competence, allowing member states bilateral agreements only under defined conditions. The goal: ensure reciprocity in information exchange to enhance EU border security.
Criticism and Risks
The US demands are seen as unprecedented—even within the EU, no direct access to another member’s national police databases exists; only queries followed by manual transmission. A similar agreement with Bahrain (2025) serves as a template.
Critics highlight compatibility issues with EU data protection law. European Data Protection Supervisor Wojciech Wiewiórowski calls it a major precedent as the first large-scale EU personal data exchange (including biometrics) with a third country for border/immigration control. He urges strict limits, proportionality, and exclusion of EU-wide IT systems (e.g., migration/asylum databases).
Context and Deadlines
Countries have until December 31, 2025, to decide; thereafter, DHS will audit compliance. The debate touches sovereignty, privacy, and transatlantic ties amid geopolitical tensions.
Source: Article „USA fordern im Rahmen von Visa-Programm direkten Zugriff auf europäische Polizeidaten“ by Harald Loch, published January 5, 2026, on derstandard.at. Additional references from EU Council documents and EDSB statement (December 2025).
