Biometrics — A civil liberties and privacy perspective

  • Published on

  • View

  • Download

Embed Size (px)


<ul><li><p>Report highlights </p><p>branch or the home by customers. 4.) Access to these online services from public places, e.g. kiosks. 5.) General access at point-of-sale. </p><p>What seems clear is that the criteria (for biometric verification) set by the banks now looks to be attainable.Technologies such as finger recog- nition are now looking to be affordable and a major financial institu- tion is trialing Iris checking in an A.T.M. environment. Experiences with Dynamic Signature Verification (DSV) suggest that this is a poor biometric to use in the open public environment of point-of-sale. Signature is just simply too variable in this stressful environment. </p><p>Will Commercial Applications for Biometric-based Solutions Really Take Off in 1998? Stephen Thomas. There is no doubt that biometrics are currently receiving a lot of atten- tion within the press, suggesting that an explosion in biometrics usage is imminent. However, there are still a number of issues that need resolving before this explosion takes place. In particular manufacturers must pay much more attention to the customers' needs. </p><p>The biometric industry is certainly getting its fair share of mainstream press coverage, ranging from headlines in UK nationals last December for IriScan being tested on an NCR Automated Teller Machine by Nationwide Building Society, to in-depth articles about Software and Systems International trialing their facial recognition system by the Metropolitan Police in the City of London. </p><p>You would expect from this initial enthusiasm that biometric sales would be growing, almost exponentially, year on year. In truth, the reality is completely different. There are some 50 companies through- out the world claiming to manufacture biometric products. There are some biometric systems out there in the marketplace that work well. But there is a far higher number that do not work to the end customers satisfaction or expectations. </p><p>Most potential customers know very little how biometric systems work and why should they? If a particular problem can be solved using an appropriate biometric then all they need to know is that the problem is solved. Customers do not care if the solution is complex or simple, providing there is a solution within budget. How a biometric device interfaces with other systems, what the application software is like are secondary considerations, because they expect it to simply be plugged in and work. The Association for Biometrics (Aft3), is a non-profit making, European-based organization which aims to promote the awareness and development ofbiometric and related technologies. One of its primary goals is to understand potential end user requirements and make sure that if a biometric solution is identified, it is considered to be the best option for that customer. </p><p>Biometric companies always quote FAILs and FRR.s in their market- ing literature, but at the moment there is no agreed standard for meas- uring these. Several companies quote unrealistic FAILs and FILILs of 0.0%, and when asked how they can quote such figures some have replied that the system has never failed yet. This is nonsense. </p><p>Some vendors hand build units initially, and sell them for several thousand dollars, but have no manufacturing capability. Place an order and it could be several months before product is delivered. </p><p>To summarize, the biometric industry to date has largely ignored the requirements of the end user, the customer. And because of this very reason, the customer has chosen to ignore biometrics.Therefore, i fbio- metric vendors wish to succeed in the marketplace, perhaps they should listen to what the customer wants and start delivering. Then, the bio- metric industry will be taken more seriously and 1998 could be the year the business takes off. </p><p>Biometrics -A Civil Liberties and Privacy Perspective, Simon Davies. Business and government leaders seem to agree that the efficient running of the Information Superhighway will require accurate iden- tification of humans. Indeed, the evolution of information technology for decades has sought to develop perfect identity of human subjects. The architects of modern information systems believe that with perfect identity lies the hope of perfect efficiency. Conversely, privacy advo- cates argue that perfect identity is the single most important condition for the establishment of a controlled society. And such a condition is anathema to civil rights.This short article explores the civil liberty and privacy issues that arise in the context of biometric-hased identifica- tion. </p><p>Numbering systems have also traditionally filled a role of identification and classification, but many current number systems are inadequate. The Government of Sweden, which instituted the first national number 50 years ago, is now claiming that the system facilitates fraud. Limitations are now being set on the uses of the number. </p><p>There is a possibility of statelessness arising where the system requires an increasing level of compliance which some people simply cannot or will not accept, and thus end up being denied a range of services. </p><p>Although biometry is increasingly seen as a solution to fraud and inef- ficiency, not everyone is happy about the technology. With this tech- nology, the government can compile a dossier on a person that tracks his every purchase and movement. That sort of thing is possible now, but it is too labour-intensive and expensive. </p><p>Sadly, the experience internationally is that attempts to resolve ineffi- ciencies in the health, police or Social Security sectors often results in unforeseen problems and costs.There is no evidence that placing bio- metrics at the centre of administrative reform stands any better chance of Success. </p><p>The vulnerabilities of a computerized biometric system at a human and organizational level are very similar to the vulnerabilities of any inte- grated information system. </p><p>A biometric print may be considered in the public domain, or it may find its way into general use by way of implied consent of the individ- ual. In this way, people may find that they are required to provide a bio- metric print in many unforseen or unintended future circumstances. </p><p>The Social Security number in the US and the Tax File Number, the Dutch SOFI number and the Austrian Social Security number have been extended progressively to include such facets as unemployment benefits, pensioner benefits, housing entitlement, bank account verifi- cation, and Higher education. There is a very real possibility that anything as widespread as a general purpose biometric system could mutate. </p><p>Biometrics and Turing's Legacy, Peter Hawkes. </p><p>I have been told on good authority that, during the time Turing mainly worked on the breaking of the German codes at Bletchley Park in 1943, he became fascinated by the need for an automatic machine to identify people over the telephone by their voiceprints.This is what we would now call speaker identification or voice biometrics. He began building a signal processing apparatus for speech spectrum analysis.The electronic component technology of the time was based on thermion- ic valves and other bulky components operating at high voltages. </p><p>From 1945-1947 Turing helped set up the computer science teams at the National Physical Laboratory, Teddington. Led by Donald Davies FRS and others they undertook many computing projects over the next decades. One of the best known was the development of Data Packet Switching. This is one of the enabling technologies for the Internet.Another part of Donald's team led by John Parks worked with me 1977-1978 on theVerisign automatic signature verification project. </p><p>32 </p></li></ul>