Should I be afraid of biometric IDs?
A few thoughts about that:
- Biometric data is easy to access and should not be used as a password, only as additional authentication.
- As Freedom explained quite well your government already tracks you.
- Biometric data like fingerprints are mostly not stored as raw images but in form of hashes. An algorithm extracts certain characteristics. You cannot restore your fingerprint from this data. Still, it might be possible to trick some authentications with this data.
- Biometric data could be misused. DNA markers could contain information about medical issues or ancestry. Currently forensic teams are trying to reconstruct how a person looks from their DNA.
- Data that is not needed should not be stored. Especially not centralized.
I am against this because: Freedom before Fear.
Update because of comments
With "Freedom before Fear" I tried to translate the German "Freiheit statt Angst" slogan. We tend to give up freedom because we fear terrorism and crime. The Freedom is in this case the control over your private data. Data you can not change. Data that defines who you are. This data might stop someone from copy a passport or it might not. In anyway it does not stop terrorism but it does create the risk that the data is miss used.
A database of DNA where you could look up all foreigners. What could a dictator do with this? A database that tells an insurance that you could get a sickness. Who knows what will be possible with this data in the future?
If you create such a database there is always a chance it will be used for evil. How and in what way is impossible to tell but it would not be good for you.
Based on the linked article, the biometrics to be used in this proposal are similar to what was used in the recent past on Georgia (US) drivers' licenses: a photo and fingerprint data. So this move would not be entirely without precedent.
The linked article is a little short on details, so it is hard to assess what the risks to the individual might be without researching the exact provisions of the proposed law. But certain hypothetical scenarios seems relevant:
- The law could require or allow government escrow of biometric data (photo and fingerprints)
- The law could require human-readable representations of biometric data to be printed on the ID itself (photo and fingerprint image)
- The law could require machine-readable representations of biometric data to be printed on the ID itself in one or more forms:
- Optically readable (i.e. a bar code or CQ code)
- Radio or magnetic echo, requiring only close proximity (i.e. RFID)
- As an embedded data storage device with a physical interface
Government escrow of biometric data carries obvious privacy and security concern for the individual:
- Possession of the data itself is an inherent violation of individual privacy and dignity, unless participation is free and voluntary on the individual's part. In today's culture, this point is often overlooked or trivialized, but I argue that it really is "just plain creepy" for government to collect highly personal data on the individual, and it's OK to feel that way.
- The declared and intended uses of the data must be considered. Usually, these are reasonable enough, and even beneficial to the individual (such as fraud prevention).
- The undeclared but possible uses of the data must be considered:
- Sharing or sale of data collected through mandate to foreign or for-profit entities
- Correlation of collected data with information harvested from publicly available sources (street cameras, private companies collecting the same data, etc)
- Unlawful disclosure of bulk biometric data to criminal syndicates by corrupt employees
However, as a practical matter, it must be asked whether the government likely already possesses your photo and fingerprint data, and if they do, what restrictions on its use are in place today; and how those compare with what is being proposed.
The technical features of the proposed passport, combined with the types of information included on it, greatly affect the degree of risk to the individual.
- RFID readability of personal data would be highly dangerous. Even a passport kept safely inside a purse or briefcase could be read by someone nearby with the right equipment, or by a stationary waypoint. Washington State (US) claims that their enhanced driver's license only allows a successful attacker to obtain an opaque ID number. But that ID number is still unique to the individual, and even if retrieving details like name and home address directly is difficult, it could still be possible to correlate the ID number itself to other non-government sources, or track appearances and behaviors of that ID number. (Essentially, Washington State's driver's license has all the same privacy issues as cookies on the web, except you can't clear it with developer tools. In an admission of how bad their scheme is, they offer "protective sleeves" for them.)
- Optical bar codes or CQ codes, or magnetic stripes, have all the same issues as RFID except that they require being able to see or touch your device. At least you can keep the device from being read without your knowledge, as long as you have it on your person and hidden from sight.
Next to consider is, what can "bad guys" do with your biometric information once they have it? And can they get the same information without getting it from your passport or from the government? These answers will depend greatly on the societal effects of introducing this mandatory system, and are hard to predict.
A very strong argument against mandatory biometric identification in general, that applies directly to this proposal, is that in order to be useful, biometrics must be immutable; but that is exactly what makes them risky for the individual. If someone guesses or obtains my password to a website, I can hopefully (if the site design is good) change it. But I can't change my fingerprint or my likeness or my retina or iris. If someone manages to obtain and use that, it's forever compromised.
Finally, and importantly, does the use of this biometric system provide an incentive for "bad guys" to kidnap you or amputate parts of your body? People I know who prefer not to think about security issues frequently laugh at me when I ask this. But it is a serious question, because I would much rather somebody steal my wallet than my index finger in order to get to my bank account. But in the case of a photo and fingerprint being used for a passport, it is not clear whether this applies.
Should you be afraid? I don't know enough to answer directly about what other uses of fingerprints specifically are common in Israel today, or what kind of culture of information-sharing exists or could spring up in order to exploit such a thing. Frankly, I can think of much worse plans.
The government already has your photos, your fingerprints, your birth certificate, it knows where you live and what you have by taxes and the bills or otherwise you wouldn't officially exist. They can track you in public places using facial recognition with cameras, snoop in your internet traffic, listen to your calls, read your SMS... after all that do you really think they need biometric IDs and passports to track you any further?
Walking the streets with an biometric ID on your jeans won't make you anymore traceable than your phone with GPS. On the other hand, it can make faking an ID and passport much more difficult (nothing is impossible with money and determination) and this would only be bad to spies, terrorists and etc trying to travel with an fake passport and ID and things like that, nothing that a normal citizen would need to worry. But I know... I don't like it either but we must be realistic.
I would worry much more about Microsoft trying to get everyone's biometrics data with Windows 10, than the government, since a private company not famous by its security is far more disturbing (the same for other companies too).
Although if many companies sites, etc start changing the usual passwords to biometrics, then it's a problem since the government will be able to log in easily into anything. So maybe it's better to stick to the old fashioned passwords.