With just four days until enforcement begins, the Department of Homeland Security is reminding travelers that, effective December 26, 2025, U.S. Customs and Border Protection will expand biometric data collection to include facial photographs, fingerprints and, in limited circumstances, DNA swabs from all non-U.S. citizens at every air, land and sea port of entry. Children and seniors—previously exempt—will now be scanned, closing the last major age loophole in the biometric-exit program.
The rule, published in the Federal Register in October, allows CBP to store biometric data for up to 75 years and to share it with federal, state and foreign partners for law-enforcement purposes. Although U.S. citizens may still opt out, they should expect longer manual processing if they do so. Canadian “snowbirds” already report extra scrutiny, including a US$30 fee if their winter stays exceed 29 days, signalling tighter cross-border enforcement.
Amid these evolving requirements, VisaHQ’s compliance team can help travelers understand what biometric data will be collected and whether any exemptions or waivers apply. The firm’s online platform—see https://www.visahq.com/united-states/—offers up-to-date entry guidance, appointment scheduling and real-time status alerts, allowing corporate mobility teams to keep assignees informed and avoid surprises at the border.
![Countdown to December 26: U.S. to require facial scans—and even DNA—from all foreign travelers]()
Industry groups are divided. The U.S. Travel Association welcomes the promise of shorter queues once the system scales, but privacy advocates warn about data breaches and mission creep. Airlines and airports, many of which have installed biometric e-gates over the past two years, say they are operationally ready, but advise travelers to remove hats and glasses to speed capture.
Global-mobility teams should prepare impacted assignees—especially frequent commuters under NAFTA successor USMCA—to budget additional time during the first weeks of rollout. Clients with privacy-sensitive executives may request opt-out procedures; these require manual verification and can add 15-20 minutes per checkpoint.
Longer-term, the rule sets the stage for digital exits: CBP has indicated that, by 2027, travelers will be able to confirm departure via a geolocated selfie taken outside the United States, closing a longstanding data gap on overstays. Companies should update travel-risk assessments and privacy disclosures accordingly.
The rule, published in the Federal Register in October, allows CBP to store biometric data for up to 75 years and to share it with federal, state and foreign partners for law-enforcement purposes. Although U.S. citizens may still opt out, they should expect longer manual processing if they do so. Canadian “snowbirds” already report extra scrutiny, including a US$30 fee if their winter stays exceed 29 days, signalling tighter cross-border enforcement.
Amid these evolving requirements, VisaHQ’s compliance team can help travelers understand what biometric data will be collected and whether any exemptions or waivers apply. The firm’s online platform—see https://www.visahq.com/united-states/—offers up-to-date entry guidance, appointment scheduling and real-time status alerts, allowing corporate mobility teams to keep assignees informed and avoid surprises at the border.
Industry groups are divided. The U.S. Travel Association welcomes the promise of shorter queues once the system scales, but privacy advocates warn about data breaches and mission creep. Airlines and airports, many of which have installed biometric e-gates over the past two years, say they are operationally ready, but advise travelers to remove hats and glasses to speed capture.
Global-mobility teams should prepare impacted assignees—especially frequent commuters under NAFTA successor USMCA—to budget additional time during the first weeks of rollout. Clients with privacy-sensitive executives may request opt-out procedures; these require manual verification and can add 15-20 minutes per checkpoint.
Longer-term, the rule sets the stage for digital exits: CBP has indicated that, by 2027, travelers will be able to confirm departure via a geolocated selfie taken outside the United States, closing a longstanding data gap on overstays. Companies should update travel-risk assessments and privacy disclosures accordingly.
