Biometric ID Cards are Stupid
Background
The Canadian government is currently considering [1] implementing a national identity card containing biometric information [2] . Such cards are already in use in some places in the US as are vieo systems which perform facial recognition upon passers-by at airports (etcetera).
[2] -- Note that we already have a national identity card: passports. The embedded digital biometric data is the only proposed difference.
Biometric identification equipment used for identifying people in a situation like an airport or border is unusable [3] ; there would be far too many false-positives.
[3] -- Article by Bruce Schneier <www.extremetech.com>
Approximately the only thing biometrics are any good for are authentication (i.e. something like a PIN), and even then the error-rate will tend to make users hostile (e.g. what if your computer decided to randomly reject your password every hunderedth or so attempt, even when it's correct?)
Nation Identity Cards
We already have them: passports.
Current Canadian ministers are proposing an addition to these: some type of biometric information. This could be any or all of facial data, fingerprint data, hand-prints, iris scans or retina scans.
Minister Conderre suggests that "terrorism" is the reasoning behind putting biometric identifiers into cards. His speech, however, seems to make it clear that the real reason is because the "international community" (the US) is insisting, ``Within a few years, or maybe much sooner, the ability of Canadian citizens and permanent residents to cross international borders will depend increasingly on the integrity of their travel documents. [..] International standards are developing rapidly for travel documents. Closer to home, the United States is reviewing their requirements for travelers into their country.''
``Reviewing'' is just a lie: the US is requiring -- under the "Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism" Act (or USA PATRIOT Act) -- outlines this as a requirement. (``1008. Feasibility study on use of biometric identifier scanning system with access to the fbi integrated automated fingerprint identification system at overseas consular posts and points of entry to the United States.'') Along with section 417 which reqires all countries whose citizens don't need visas to have machine-readable passports by next year [CriminalJustice.org], who says, ``The development of the system will focus on the use of biometric technology and tamper resistant documents. The system must also interface with law enforcement databases to identify and detain individuals who pose a threat to the national security of the United States.''
While adding biometric information to identity cards might make them somewhat harder to copy, there are other means of preventing unauthorized duplication of identity information -- methods which don't involve the (presumably [4] ) creation of a centralised database of biometric data. This data will be used for surveillance. Perhaps not at first, of course, but intelligence departments (both national in international) will simply be unable to resist the urge to use this vast repository for tracking of citizens' activities.
[4] -- it would be feasible to implement biometric identifiers in such a way that there's no central database. I predict this will not be proposed.
For example, it might seem perfectly innocent give folks at the library or bookstore identity information (in fact, you're required to at libraries). The FBI is now getting easier and easier [USAToday, VillageVoice, Infoshop Blog, PoliTech] access to the reading patters of library patrons (with extensive gag orders so it's not exactly clear how much this has already been utilised). The Total Information Awareness office has a budget (and DARPA oversight) to produce data-mining software to troll through such data: this will mean false-positives; it will mean abuse for political means (in fact, "don't fly" lists may already be under such abuse [Salon]); it will mean the arrest and harassment of innocent people.
All this might sound alarmist, of course, but once one recognises that changes take place gradually and not all at once, it's easy to view this change (a centralised repository of extensive biometric information on all citizens) as a step to a more-surveilled society.
I don't want more surveillance; I want less. Therefore I oppose any attempt to record biometrics non-voluntarily and/or in a personally-identifiable manner [5] .
[5] -- Think that sounds contradictory? It's not; you could (for example) have a system which included one-way hashed versions of biometrics and didn't record those biometrics centrally in any way, this making it possible to at once verify that the holder or a particular token also owned the right biometrics while also making it impossible to actually look at those biometrics or know to whom they belong.