A National ID
This article at the NY Times focuses on using biometrics to identify people traveling through Heathrow Airport.
Some folks are anxious about the misuse of this data. Some folks are concerned about the reliability of the technology. I am begining to warm up to its possibilities because I would like for it to be easier to intercept predators, and to exonerate the harmless.
I like that biometrics may allow us to bypass documents that can be lost or forged. The processing of immigrants and travelers might be fast and accurate. Eventually other classes of people could be added to the database Military, public employees, students, drivers, people who use dangerous chemicals,… I would like to not have to carry a wallet around.
Now if we can only make sure that the information were kept safe and used appropriately.
opinions powered by SendLove.to
27 Responses to “A National ID”
That, and the failure rate. Even at the much-acclaimed 99.9%, after a few million uses, you start having problems. In reality, false positives and negatives are far from unheard of. Even with multiple redundant systems you’ll still have conflicting values, et all.
From a privacy viewpoint… I’m not quite sure what someone is supposed to do with your facial structure, fingerprints, or heart rate. Of course, I rail against the second when I had to give it in for a concealed carry permit, so I guess I shouldn’t talk too much.
As to them knowing where you are… you do realize how easy it is to trace someone and their purchasing habits just through the electronic methods already in place? Some credit and debit card companies already compile data on sales and usage of their customers – it’s an important part of supply chain management. And god help you if you have a membership card. Then they have enough information to know when you next need a loaf of bread.
There’s the rub.
My family has already withdrawn most of out credit/debit use as much as possible. I really like my privacy, a lot. When I started getting spam on my email targeted towards my spending habits (and I don’t order online anymore..that’s what freaked me) I was just so disgusted.
I live out here in Oregon. Anyone familiar with the Mayfield case can tell you that the “government” can get it very wrong when they set a mind to it.
Too many people will think it’s the Mark of the Beast (666).
Ha ha ha ha! What a kidder!
Biometrics are worse than other sole methods of identification, for this reason: you can’t replace them. Once somebody steals your fingerprints or retina scan or facial scan and uses them for identity theft, what are you supposed to do? Get new fingers and a new face?
And don’t think they won’t be stolen. They already have been.
What then is the difference between having a driver’s license, Passport, Social Security# – and a standardized biometric record of our identity?
A driver’s license can be replaced.
A passport can be replaced.
A SSN can be replaced.
A biometric record can’t. It’s yours. You can’t get a new face.
That’s not to say that biometrics don’t have a place. They do. But they are not a panacea at all, especially when people talk about using them to replace other IDs entirely and “not having to carry a wallet around.” Biometrics are just as susceptible to theft as other forms of ID, and this needs to be recognized. A biometric is no more trustworthy than a driver’s license, so why would we use a biometric to replace everything else? We don’t insist that a driver’s license is all we need.
And don’t think that stealing biometric info involves cutting off somebody’s finger or something like that. Biometric info is computer data, so once you have the data you can do whatever you want with it, such as reprogramming a fingerprint terminal to transmit a random person’s fingerprint data when your fingerprint is scanned. It’s simple, it can be hard to detect, and if we believe that biometrics are completely safe and secure, it’s very dangerous.
Are you comfortable with Biometrics that are used in mutual verification with a document?
Holly
Is that like a smartass remark slandering Christians?
There’s no hard-and-fast rule for using any identification scheme (token, password, or biometric). It depends entirely on the circumstances, what you are trying to protect, how much money you are willing to spend, how much inconvenience you are willing to deal with, and so on. Plus, you have to take into account whatever policies are in place for losing the data or having it stolen.
In some very high-security/high-risk situations, like having access to nuclear weapons, requiring all three (a physical key/token, a password, and a biometric) is not out of line. However, I fear that widespread use of biometrics typical, day-to-day identification will ultimately fail once too many biometrics have been stolen and no good way has been found for dealing with it.
I don’t want to speak for the other people, but biometrics used to support a document are not much stronger than the documents themselves.
If there’s no networked and centralized hookup, faking the document makes it fairly easy to make fake biometric data. There there is, it’s a system with thousands upon thousands of access points – it’ll be a little less secure than the border with Mexico.
Most biometric data can be faked; the constant and accurate data like fingerprints by nothing more than a gummy bear and some plaster.
I agree that it’s not a particularly good solution for something this wide-scale.
Doctor Gonzo
You can alter finger prints and yes you can get a new face. Look at Elizabeth Dole’s new elastic face.
Its just another thing for people to be paranoid about.
True, you can change your face. But imagine that somebody just had their biometric information stolen, and they are told, “Okay, now you have to get plastic surgery so you look more like Liddy Dole or Michael Jackson.” Isn’t that punishing the victim?
So I am getting confused. As the world gets more complex and interconnected how does someone prove they are who they are?
Doctor Gonzo
The short answer: Yes and hell yes. OMG removable nose and all.
What about a sphincter press? I’ll wager everybody’s sphincter is different. How the heck would someone copy a sphincter?
As the world gets more complex and interconnected, it becomes harder to prove who you are, not easier. This is just a fact of life. There aren’t going to be any quick and easy solutions to this problem.
150 years ago when you were on the farm, your two neighbors were five miles from you, and you knew them by sight. This is not that world. It’s not simple.
Doc,
With your special knowledge I request that you try to give a better answer.
The British intend to gather multiple biometric data and cross reference to minimize abuse. What if there were special federal courts that did nothing but deal with identity issues? With special access to the databases to make changes and annotations. And to intervene with Credit Companies and other ownership records… What if the insurance industry established coverage for identity theft? What if we include DNA data?
Identify theft will only increase if we don’t figure out a way to get ahead of it.
I don’t have any “special knowledge”, but I find this topic interesting. There is one simple solution to these problems: make the entities that hold the data liable for its misuse, with stiff penalties. Companies (and governments, for that matter) don’t care about securing data because they aren’t liable for it if it is misused. If I, the consumer, could sue company X for $10,000 if they let my credit card data get out, then there wouldn’t be stories about how thieves stole 100,000 credit card numbers.
The same thing should apply to incorrect data too. I would pass a law that states that any company or government that collects personal data should 1) make it available to the owner (me) at any time for free, 2) provide a documented manner of allowing consumers to correct that data, and 3) be held liable if they don’t follow these rules and knowingly sell false/bad data. That would take care of the Choicepoints of the world.
Aside from that, I have no specific recommendations, since with such an economic incentive the market would quickly find good solutions. An “identity theft” court sounds like an interesting idea, though.
I’m against it. We have enough ways to identify people. I don’t like being watched as it is and thats that. Pretty soon merely being unable to ID yourself is going to be a crime.
It’s like a smart-ass remark about the people who come out of the woodwork and claim this every time a national ID is proposed.
Doc,
I was just listening to Rep Barney Frank, the incoming Financial Services Chairman say much the same thing about holding data companies more accountable for the integrity and security of their data.
I don’t think we can ever stop the gathering of information about us. A better use of our time is figuring out how to manage it.
I got a new ID card 2 weeks ago. It has something new in it. Believe it or not: a chip… due to that chip, the governmetn can see where you are at all times. Of course there are ‘strict’ rules about when the government can look at it and who can look at it, but I am extremely pissed off by it.
Michael,
How does this new ID fit in with your governments overall security strategy? How do they monitor and track the bad guys?
Holly
So it is a smartass remark attacking Christians and their belief. Are you a biggot Holly?
So since Holly is Jewish, she gets accused of biggotry. I’m a Christian, and I could have easily made the same comment that she did about the Mark of the Beast. If I had been the one to say it, would it have been “a smartass remark slandering Christians”?
If you want some serious discussions of reasons why biometric ID’s for the general population are a bad idea, try reading Schneier on Security. (I’ve got a baby that desperately needs to be tucked into a warm bed before she screams herself hoarse, so I am not able to look up any specific posts tonight. Sorry.)
There are actual limitations to the chips used in (military?) ID card applications right now. Put them in an antistatic bag, and then wrap in (thickish iron) metal foil.
Isidora
Holly made the attack. I didn’t. If you had made the attack, you would be a biggot.