Airports
and land border crossings around the world are quietly deploying AI systems
that scan faces, analyse gait patterns, assess behavioural indicators, and
cross-reference biometric data against international watchlists, all in the
seconds it takes a traveller to approach a border officer. The transformation
of border control through artificial intelligence is accelerating rapidly,
with profound consequences for privacy, civil liberties, and the treatment of
migrants and asylum seekers who have little power to resist its
application.
The drivers are familiar: governments seeking to process growing
volumes of legitimate travel more efficiently while identifying security
threats, irregular migrants, and fraudulent documentation. AI promises to do
both simultaneously, offering faster throughput for low-risk travellers and
more rigorous scrutiny for those triggering risk signals. Whether it delivers
on either promise reliably is a more complicated question, and the
communities bearing the costs of the technology’s failures are rarely those
benefiting from its efficiencies.
Biometric Surveillance at Scale
The most widespread AI border technology is automated biometric
matching. Over 70 countries now use AI-assisted facial recognition at
airports, according to data compiled by the International Air Transport
Association. The United States has deployed facial recognition at most major
airports through the Department of Homeland Security’s Biometric Entry-Exit
program. The EU’s Entry/Exit System, which became operational in phases from
2024, captures fingerprints, facial images, and biographical data from all
non-EU visitors at external borders.
These systems vary significantly in accuracy, and accuracy gaps
follow predictable demographic lines. Academic research and government audits
have consistently found higher false match and false rejection rates for people
with darker skin tones, older faces, and non-binary gender expressions. At a
border, a false positive, a misidentification linking an innocent person to a
watchlist entry, can mean detention, missed flights, or referral for enhanced
screening based on algorithmically generated suspicion. The administrative
burden of correcting these errors falls entirely on the person wrongly
flagged.
Several European national data protection authorities have raised
concerns about the compatibility of AI border surveillance systems with GDPR
requirements, particularly around the proportionality of mass biometric data
collection and the adequacy of safeguards for special category data. The
European Data Protection
Board has issued guidance on biometric processing at borders that
member states are implementing with varying degrees of
rigour.
Behavioural Detection and Prediction Systems
Beyond biometrics, some border agencies have deployed AI systems
designed to detect deception or irregular intent through behavioural
analysis. The EU’s iBorderCtrl project, which trialled an AI-powered lie
detection system at land borders, was suspended following concerns about its
scientific validity and discriminatory potential. The system was designed to
analyse facial microexpressions and other behavioural indicators to assess
whether travellers were being truthful, an application that experts in
deception detection consider to be far beyond the current scientific evidence
base.
Similar concerns apply to risk scoring systems that assign
numerical threat levels to travellers based on algorithmic analysis of travel
history, booking patterns, and other data signals. When these systems
function as black boxes, producing risk scores without explanation, they
create accountability gaps that are difficult to challenge through existing
legal mechanisms. The combination of algorithmic opacity and border
enforcement power is a particularly problematic one from a civil liberties
perspective.
Impact on Asylum Seekers and Vulnerable Populations
The populations most affected by AI border systems are frequently
those with the least access to legal recourse. Asylum seekers fleeing
persecution, stateless persons without recognised documentation, and
undocumented migrants are subject to AI-assisted processing in conditions of
significant vulnerability. The application of algorithmic risk assessment to
people exercising a recognised right to claim asylum raises specific concerns
under international refugee law that border agencies have been slow to
address.
UNHCR
has published guidance on the use of AI in refugee and migration contexts
that emphasises the need for human oversight of all consequential decisions,
the right to challenge algorithmic determinations, and special protections
for children and other vulnerable groups. The gap between UNHCR guidance and
the operational practices of member states deploying AI border systems is
substantial and largely unmonitored. For related analysis on AI surveillance
and privacy, see our coverage of AI
in tracking and monitoring networks and AI-generated
political manipulation.
What This Means for You
The accountability deficit in AI border systems is compounded by
the lack of independent audit. Most national border AI systems are developed
and operated under contracts that include confidentiality provisions
preventing external researchers or civil society organisations from assessing
their accuracy or fairness. The result is that the performance claims made by
governments and vendors cannot be independently verified, and the communities
bearing the highest risk from system errors, those misidentified as threats,
have the least access to information about the systems affecting them. The
United Nations Special Rapporteur on the Right to Privacy has called for
mandatory independent auditing of AI systems used in border control and
immigration enforcement, a recommendation that has been acknowledged but not
implemented by the states operating the most extensive AI border
systems.
If you travel internationally, your biometric data is almost
certainly being processed by AI systems at border crossings, whether or not
you are aware of it. In most jurisdictions, your ability to opt out of
biometric processing is limited, and for non-citizens it may not exist at
all. Understanding what data is being collected, how long it is retained, and
which agencies have access to it is your right under most national privacy
frameworks, but exercising that right requires knowing where to look and
being willing to navigate bureaucratic processes designed more to discourage
enquiry than to facilitate it by AI systems at border crossings, whether or
not you are aware of it. In most jurisdictions, your ability to opt out of
biometric processing is limited, and for non-citizens it may not exist at
all. The governance frameworks governing AI at borders lag significantly
behind deployment. The EU AI Act classifies remote biometric identification
as high-risk and imposes transparency and accuracy requirements, but
implementation is phased and enforcement mechanisms are still being developed.
The data retention practices of AI border systems raise additional
concerns beyond the accuracy issues. Biometric data collected at borders is
typically stored for extended periods, in some cases indefinitely, and shared
across law enforcement and intelligence agencies under bilateral and
multilateral agreements that operate with limited transparency. The
aggregation of travel data, biometric data, and risk scores creates detailed
profiles of individuals’ movements and associations that go substantially
beyond what is needed for border security purposes. The potential for this
data infrastructure to be used for purposes other than those for which it was
collected, including political surveillance, is a concern that civil
liberties organisations including Amnesty International and Human Rights
Watch have raised consistently in their assessments of smart border
deployments.
The case for stronger, more consistent international standards for
AI border technology, grounded in human rights law and subject to independent
audit, is compelling and largely unaddressed by current international
governance frameworks. The speed at which border AI systems are being
deployed significantly exceeds the speed at which international human rights
and data protection frameworks are being updated to govern them, creating a
period of regulatory gap that is being filled by the interests of technology
vendors and security agencies rather than by the rights of the people these
systems affect.
About the Author
Stuart Kerr is a technology correspondent at LiveAIWire, covering
artificial intelligence, digital innovation, and the social impact of
emerging technologies. Follow LiveAIWire for daily analysis at liveaiwire.com.