Re: insidious biometrics, identity crises

[Robin Berjon <robin.berjon@xxxxxxxxx>]

Jo Walsh wrote:
> this stuff is sneaking up on us, and i'm reluctant to wait until it
> becomes a social-technological crisis before preparing counterarguments.
> as one of those "like-minded people who were positively encouraged to
> reply" to the government's 'consultation' process by stand.org.uk[0], the
> underlying theme here is pretty clear: universal ID cards, encoding
> biometric data, introduced under the rational pretense of 'immigration
> control', with the backend databases shared between those countries and
> companies that can afford access.
>
> there are reams of good technical reasons - identity, security, single
> point of failure, obsolescence, etc - why this shouldn't be implemented
> - let alone social / ideological reasons. it would be good to have a
> cogent list of 'bullet points' to offer. as an individual, i can write
> to my MP or to the broadsheets registering dissent, distaste - but
> this kind of counterargument will sound a lot better, read a lot
> better in the letters page of the grauniad and the times, coming from 
> a pre-existing, disinterested group of technical professionals, 
> such as, london.pm

As a Frog, I probably have a slightly different take on this. We've had 
compulsory ID cards forever (well, for much longer than my lifetime) and are 
accustomed to them. Somewhere between 93-95, a thumbprint was added to them. 
That's biometrics, but well, pretty shallow as biometrics go.

So I'm no opposed in se to the existence of such cards, but having done a (tiny 
little) homework on what's happening around this in the UK, I understand your 
concerns.

Given the political weight there seems to be behind that, the appearance of 
universal ID cards in the UK may be inevitable. I think that what a group like 
london.pm can say is "we understand it may happen anyway, but we see solid 
issues with this, that, and that". Making it sound constructive and helpful will 
imho be ten times more efficient than a frontal just-say-no attack filled to the 
brim with fear-mongering, irrespective of whether or not the refusal and the 
fear are well-motivated.

You mention sharing between countries (this in fact is already the case for much 
of the criminal data), but more worryingly companies. Is there a UK equivalent 
to the French CNIL[0]? It's a state agency, but only very rarely has it shown 
any complacency with violations to its rules, whether or not the state was 
involved. Those are the sort of people that should be gotten into the picture. 
If there is no equivalent, asking that something of the sort be created, with a 
clear charter on the protection of indiidual rights and with full power to 
investigate and counter government proposals going against it, would not only be 
a good idea but would come accross as a positive proposal.

I know this would only address the UK, but it can only be done one country at a 
time. And practices done in one country often influence what is done in others.

I'd certainly support action in this area, and would be happy to help review 
drafts, etc. of a letter or such things.


[0]http://www.cnil.fr/uk/index.htm

--
Robin Berjon <robin.berjon@xxxxxxxxx>
Research Engineer, Expway        http://expway.fr/
7FC0 6F5F D864 EFB8 08CE  8E74 58E6 D5DB 4889 2488