The Data Protection Supervisor noted that the Commission had not consulted him or the national data protection authorities when drafting its three Communications. The three Communications included the introduction of an electronic entry/exit recording system in the Schengen zone, an Electronic System for Travel Authorisation (ESTA), a European Border Surveillance System (EUROSUR). 

On biometrics in particular
The entry-exit system as well as the ESTA proposal relies heavily on the use of biometric elements. Hustinx acknowledged that "Biometrics has some considerable advantages: data universality, distinctiveness, permanence, usability, etc. However, revocation of biometric data is almost impossible". He argued that this could result in significant problems for an individual linked with a stolen ID.

In addition, the Data Protection Supervisor noted that in cases where individuals had unreadable finger prints, for example, the Commission"s proposals would render "a considerable number of persons unable to enrol properly, with obvious consequences for the visa application and at the border checking".

Hustinx suggested that some form of "fall back procedures" should be included in the Commission"s package of proposals.

Overall criticism
Among his criticisms, Hustinx suggested that the proposals put the "cart before the horses" by proposing means to eliminate the phenomenon of "over stay" before the Member States had agreed a common definition of what overstay and exemptions to it are.

Referring to the Schengen Information System II (SIS II), the Visa Information System (VIS), review of Eurodac Regulation, and Passenger Name Records (PNR), Hustinx noted his concern "that far reaching proposals implying surveillance of the movements of individuals follow each other at an amazing pace. ... The sheer number of these proposals and the seemingly piecemeal way in which they are put forward make it extremely difficult for the stakeholders (European and national Parliaments, data protection authorities including EDPS, civil society) to have a full overview." He challenged the Commission to produce a "master plan for all these initiatives, giving a clear sense of direction".

Hustinx also criticized the justifications for the new proposals and noted that "heavy infringements on the privacy of individuals should be based on solid grounds demonstrating their need and with justification as to how extensive they should be. Whether the assertions made in the Communication would pass the test is doubtful".