Friday, April 29, 2011

People are sick of passwords

It's becoming obvious that users interacting with more and more networked systems and services are being crushed under the burden passwords impose if they are to be used effectively to maximize security.

Pass On Passwords (Harvard Crimson)
Think for a moment about your bank account password. There's a good chance it's a string of letters and numbers you know by heart, could type in your sleep, and have been using for years. You probably use it for at least one other website, too—a security study last year found that 73 percent of people use their bank password elsewhere.

Template only biometric applications are far superior to passwords and they sidestep the concerns raised about biometrics in this article. Middleware providers like SecurLinx can ensure against ID management risks even in the event that the templates are stolen, even if the customer doesn't even know they have been stolen.

Biometrics work.
Passwords are lame.

I believe we are nearing a tipping point where ordinary individuals begin more vocally to demand biometric ID management solutions. The status quo doesn't work and we're not going to be taking a time machine back to the single-password bliss of 1995.

Hotel security: biometric identification coming

There are lots of good ROI opportunities for hotels that embrace biometric identity management technology.

The most significant installation that comes to mind is fingerprint room access. I don't have the numbers but the card key system has to be pretty expensive to maintain and it's not particularly secure.

The card key process is so error prone that reception staff rarely ask me any clarifying questions or require me to present an ID before they reissue a card key allowing access to my room.

Reception-less check-in for affinity programs might also be another high value application.

Vanguard (Nigeria)
The Nigerian Tourism Development Corporation (NTDC) has said that biometric system of identification in hotels will go a long way in stemming the increasing rate of criminal activities in the industry.

Wednesday, April 27, 2011

'Identity Ecosystem' Initiative

A small investor perspective on the companies in the identity management sphere that have expressed support for the initiative...

The Obama Administration on April 15th launched an initiative to create an ‘Identity Ecosystem’ (SeekingAlpha.com)
The vision is to create an ecosystem whereby individuals, businesses, and other organizations enjoy greater trust and security as they conduct sensitive transaction online. The ecosystem would enable consumers who want to participate to obtain a single ‘trusted credential’ from a public agency or private secure ID provider that can then be used to obtain access and conduct transactions with online businesses without having to give confidential personal information to each business as is the case right now.

90% of organizations have problems with password resets

In a revealing survey of IT managers...
5% claim that it placed a huge drain on resources (Net-Security.org)
65% said that, if reliably deployed, biometrics or voice print technology would probably or definitely play an increasing role in IT security.
More survey results at the link.

There is a lot of scope for positive ROI in applying biometrics to logical access control.

Tuesday, April 26, 2011

Part IV: A Framework for the Consideration of Privacy Issues

Introduction
Part I: The Right to Privacy
Part II: The Nature of Consent
Part III: Transparency

Part IV: A Framework for the Consideration of Privacy Issues
As discussed in section one, the right to privacy is an individual right to decide for oneself what information to share. Moreover, the exercise of other fundamental rights requires the individual to sacrifice privacy in the service of what they determine to be a higher value. Anyone who cares to disagree will inadvertently prove this assertion because one cannot maintain absolute privacy while expressing ones thoughts and beliefs. They would have to sacrifice some measure of their privacy in order to exercise their freedom of expression to communicate their disagreement.

Privacy, therefore, is akin to currency. It’s fine for a person to trade it for things they consider to be of higher value. It’s wrong to steal it. Some transactions, in retrospect, are seen to have been a good deal; some may seem less so. One person may be quite willing to engage in transactions that are beyond the comprehension of another person. Consent matters and consent reaches its most fulsome expression when the terms of the exchange are transparent.

Having established a conception of the Right to Privacy, the Nature of Consent, and Transparency, we are in a position to lay out a framework for public debate on privacy issues and, later, the scope for the role of self-appointed third parties in that debate.

All transactions bearing upon an individual’s privacy can be described in terms of the transparency of the exchange and the level of individual consent to the exchange.

(click image to enlarge)

Transparency
-Opaque. The individual has absolutely no knowledge about how the relevant privacy information may be used or by whom it may be used.
-Vague. The information may be used in ways that the person who shares the information would not reasonably suspect.
-Customary. The information may be shared in ways that the person would reasonably suspect.
-Transparent. The terms and conditions stating the exact circumstances under which the information may be shared are published and acknowledged to be understood by both parties.

Consent
-Mandated. An individual has no legal right to withhold information they might wish to keep private. Refusal to cooperate may entail incarceration or fines.
-Contingent. In order to engage in a certain relationship or arrangement or partake of a privilege an individual is required to share information they might otherwise prefer to keep to themselves.
-De facto. Through convention or common acceptance -- so widely understood as not to require explicit codification. Common sense.
-Explicit. Formally accepted -- signified by positive acts such as gestures, speech, oaths, affirmations or contracts.

Although, there is room for disagreement as to the exact character of each individual privacy transaction (which of the chart's boxes it fits into), they can all be placed somewhere on the chart above.

Hopefully, the above framework can start to break Privacy into more manageable pieces in furtherance of enhanced understanding of this issue that is so important to us all.

Next:
Part V: Filling in the framework; Absolute advocacy dos and don'ts
Part VI: Filling in the framework, subjectivity and interpretation

Monday, April 25, 2011

New Aussie gambling system memo leaked

So, what was the point again? (News.com.au)
The Gillard Government is moving to introduce the system of mandatory pre-commitment in clubs and pubs next year as part of its deal with Independent Tasmanian MP Andrew Wilkie to retain his support to remain in government.
Oh, that's right; I remember now.

Earlier posts on the subject:
Australian gaming industry may be catching on
Biometrics shut out of Australian problem gambler program
Most Unfair biometrics article in a long time
More on Australian Politics and Gambling

Alabama joins Secure Communities

Thirteen Alabama counties will begin participating in the Secure Communities system Tuesday (AL.com)
Alabama is the last state in the South to begin using a federal program for locating and possibly deporting illegal immigrants with criminal records.
Jefferson, the most populous county in Alabama, is not included.

In the map below, the participating counties are gray. The red lines show the approximate positions of Alabama's interstate highways.


Thursday, April 21, 2011

A fingertip solution?

Much of today's news seems to be coming from the UK.
Here's an article that applied biometric fingerprint technology to the challenges faced by those in positions of responsibility for the elderly.

Fingerprint recording technology has the potential to make life easier for elderly and vulnerable people (PublicService.co.uk)
Fingerprint biometric systems can help to support the safety and security of many people, ranging from the elderly and infirm to someone with an armful of shopping. For the elderly and vulnerable, it can help by allowing them to signal that they are up, are active during the day and have gone to bed safely. The technology is available to accurately scan and record fingerprints with reader technology that is robust and reliable. The other attraction is its simplicity in use, just requiring the reader to place the finger on a pad to take a positive scan. The pad won't be lost like a key or swipe card.

Electronic scanning of fingers or eyes is a simple registration technique for schools

But new laws could make it complicated (TES.co.uk)
Supporters of biometrics insist that concerns over privacy and data security are misplaced. Once a fingertip image has been taken electronically, it is then converted into a meaningless series of letters and numbers and the original image deleted. And while fingerprinting may have criminal associations, there is now a move towards face-recognition systems, which are unthreatening and user-friendly.

“We don’t ask parents’ permission, because all that’s required is a simple photograph,” says Kelli Foster, head of sixth-form at Sir Christopher Hatton School in Northamptonshire, where face-recognition technology allows sixth-formers to clock in and out. “But if the law changes, I’m sure our students will persuade their parents to sign up because they like the system. They won’t want to lose it.”
THE PROPOSED CHANGES

- Schools will not be allowed to process biometric information without written parental consent unless a student is aged 18 or over.

- Consent will be required from “each parent of the child”.

- The child’s consent will still be required.

- Alternative systems must be put in place so that, if permission is refused, children are not disadvantaged.
These technologies are being adopted because they are cheap, convenient and consumers and stakeholders are demanding them.

Most all biometric implementations in schools already have opt-out provisions. It is interesting to note that the proposed changes require an opt-in system which will impose additional costs on schools and parents and erode the return on investment (ROI) the technology provides to schools.

Wednesday, April 20, 2011

India UID: New Ways of doing business

by Nandan Nilekani (via MENAFN.com)
Another major purpose behind the UID is to address the problem of mobility in the country. With urbanization, the rate of migration too is on a high in India. And it is further expected to take a leap. By having the aadhar number, these migrants, be it the rural or urban migrants, will have a portable identity.

Nilekani further emphasized that UID will make public spending more transparent , equitable and effective . By making no duplication or diversion possible, the UID project will aim at ensuring public service delivery more convenient. "The whole concept is based on the inclusion point of view and not exclusion.
The world's poor deserve a legitimate individual identity. Biometrics can help.

Biometric Authentication the Key to Keeping Businesses and Users Happy

Biometric authentication is more convenient (ITPro.co.uk)
Biometrics aren’t just useful for protecting confidential data. Construction firm Killby & Gayford is using custom fingerprint readers (built for personnel management software supplier Simeio by Psion) that also record a signature. That means the firm can accurately log hours worked by sub-contractors on building sites and automatically generate invoices, as well as proving that workers have read the safety rules for each site and simplify checking the roll call if there’s an emergency. Using the information to generate accurate invoices has avoided concerns about spying on staff by showing the system is useful to everyone. But, equally, productivity has improved too.
A good survey of biometric modalities and applications.

Tuesday, April 19, 2011

Villages leapfrog the grid with biometrics and mobile money

In low-tech villages, biometrics and mobile money can level market spikes and allow a way for people to bypass the grid (Christian Science Monitor)
Widespread fingerprinting is controversial in Western nations, but in countries where births aren't recorded, people lack official identification, and many can't even sign their names, fingerprints might be a person's best shot at securing a bank account.
ID management is about people. Biometrics can help the worlds poor more fully participate in the markets that have lifted billions worldwide out of poverty.

Part III: Transparency

Introduction
Part I: The Right to Privacy
Part II: The Nature of Consent

Part III: Transparency
Transparency is a lot more straightforward than the right to privacy and the nature of consent. Transparency means, honest, up front and without deceit, free from sins of commission and sins of omission, making sure both sides understand the agreement rather than one side profiting from the counterparty’s difference in or lack of understanding.

Agreements lacking these qualities are murky and imprecise – opaque.

Since one must set aside some measure of privacy in order to exercise other rights (speech, contract, association), the terms under which privacy is set aside tends to be important to the individuals making the calculation. In the overwhelming majority of circumstances, people prefer to be dealt with in a transparent and straightforward way. When they are not, they will consider their privacy rights to have been violated.

Next:
Part IV: A Framework for the Discussion of Privacy Issues

Part V: Filling in the framework; Absolute advocacy dos and don'ts
Part VI: Filling in the framework, subjectivity and interpretation

Monday, April 18, 2011

Four Factor Authentication

The fourth factor is location (SCMagazineUK.com)
This is one of those articles that is a grab-bag of interesting identity management stuff.

If the fourth factor is location, we're obviously talking logical access control since with physical access control, location isn't in doubt.

For physical access control, a fourth factor might be time, i.e. your credentials only open the door at certain times of the day.

But time can also be a part of the 4th factor in logical verification if, for instance, your bank wanted to know about it if you use your bank card in the Enid, Oklahoma Wal-Mart fifteen minutes before "you" use the same card in St. Petersburg, Russia. Since you cant get from Enid to St. Petersburg in 15 minutes, there's a chance something is amiss.

As they say, read the whole thing.

See also: Biometrics in Emergencies which also touches upon the time factor in physical access control systems.

California "Do Not Track" Bill Introduced

Interest in Do Not Track legislation increased after the Federal Trade Commission issued a report in December backing the concept (mondaq.com)
The regulations issued by the Attorney General would require "covered entities" to disclose to consumers in an "easily accessible" manner information on their collection, storage, use and disclosure practices, including to whom the information is disclosed. S.B. 761 also allows, but does not require, the Attorney General to issue regulations requiring covered entities to provide consumers with access to their data and privacy policies, in a format that is "clear and easy to understand."

I think we'll be seeing more of this type of thing for several reasons: there are companies out there who sell information about individuals; the individuals don't know about it; the information is often inaccurate; negative consequences fall upon everyone but the seller of the information.

See also: Errors plague the database state

Friday, April 15, 2011

UK Headteachers condemn new biometrics legislation

Heads’ anger at ‘backward step’ on fingerprints (Liverpool Daily Post)
The Association of School and College Leaders (ASCL) warned the move will cost the education system between £20m and £45m a year.

It is thought that around 30% of secondary schools use finger or face recognition for a number of reasons, such as allowing pupils to check out library books, pay for lunch in the school canteen or access certain school buildings.

Evidence suggests that in these schools that have so-called biometric systems, 99.8% of parents have no objection to it, the ASCL said.
Fingerprint systems that store only an algorithm-generated template rather than an image of a fingerprint pose little-or-no threat to a person's biometric privacy.

On the positive side: for the student, fingerprint biometrics offer increased privacy* and safety**; the school achieves higher data integrity and increased operational efficiency. These benefits are not simply confined to the schools themselves. All taxpayers have a stake in the efficient use of educational resources.

If schools are unable to keep data secure, biometric template information is the last thing that should concern parents or civil liberties campaigners.

Schools also keep academic records, behavioral records, medical records & counseling notes which are much more sensitive than a string of binary gibberish that cannot be used to learn anything about a student.

*Privacy: If everyone uses a finger to buy lunch, no one knows who receives need-based subsidized or free lunches.
**Safety: No lunch money, no bullying to steal lunch money.

Thursday, April 14, 2011

Lockheed Martin Named Biometrics "Company of the Year" By Frost & Sullivan

Award Recognizes Leadership in Biometrics Innovation, Customer Value (WebWire press release)
Lockheed Martin has been named the North American Biometrics Operations and Integrations “Company of the Year” by Frost & Sullivan, recognizing the Corporation’s success in delivering innovative biometrics solutions that offer high levels of customer value.

South Africa: Smart ID card revived

The smart ID card project will be rolled out in the 2012/13 financial year (ITWeb.co.za)
“The full spectrum of identity management goes beyond mere issuance of secure documents; it encompasses the safe maintenance and archiving of biometric and demographic records of citizens and persons who have been permitted to reside in SA,” said Dlamini-Zuma.

Blowback: Kerry-McCain US privacy Bill of Rights

A couple of sources are all over the Kerry-McCain bill released yesterday.

Privacy 'bill of rights' exempts government agencies
(cnet.com - Declan McCullagh)
"What's a Bill of Rights if it doesn't provide rights against the government?" asks Jim Harper, director of information policy studies at the free-market Cato Institute.

Privacy bill of rights excludes big government (Examiner.com - Dan Nowacinski)
Kerry and McCain are saying, "Do as I say, not as I do.'" If they want to lead on the privacy issue, they'll lead by getting the federal government's house in order.

ICE Secure Communities adds counties in MD, MI & SC

Maryland (Press Release via Yahoo)
On Tuesday, U.S. Immigration and Customs Enforcement (ICE) began using the Secure Communities program in Alleghany, Garrett and Washington counties to help federal immigration officials identify criminal aliens in state prisons and local jails by running their fingerprints against federal immigration databases when they are booked into the system.

Michigan (Press Release via Yahoo)
U.S. Immigration and Customs Enforcement (ICE) began using the Secure Communities program in seven Michigan counties including Allegan, Barry, Calhoun, Jackson, Kalamazoo, Muskegon and Ottawa...

South Carolina (The Times and Democrat)
U.S. Immigration and Customs Enforcement has started using the Secure Communities program in Orangeburg and other counties to help identify criminal aliens in local jails by running their fingerprints against federal immigration databases.

The Maryland counties added are of local interest to us here in West Virginia. All three counties border West Virginia. Garrett county lies about 25 miles east of Morgantown.

India Census and UID Update - Population 1.2 Billion

India has just finished counting its population which is now more than 1.2 billion (ABC - Radio Australia)
It puts India on course to surpass China as the world's most populous nation sometime after 2030. But it doesn't stop there. After this massive logistical exercise, the country over the next few months will count the number of people in each layer of its caste hierarchy for the first time in 80 years.
Much more at the link.
Biometric identity management systems are a means to an end. The article provides insights into India's hopes for the UID Priject.

Wednesday, April 13, 2011

Update: 300% ROI in first year on biometric time-and-attendance system

The Video at the link (M2SYS blog) documents a great discussion between John Trader of M2SYS and Sharon Fradella of the Cal Poly Pomona Foundation.

The short conversation hits all the high notes: modality, user acceptability, and ROI.

"The employees and managers like it because it's fast, easy, and especially, accurate."

Based upon her experience with biometric time-and-attendance, Ms. Fradella expects Cal Poly Pomona to increase its adoption of biometric ID management technologies.

Earlier post on the topic here.

Brazil and Biometric Elections

Urna eletrônica biométrica: avanço no sistema eleitoral (Fórum Biometria)
Essa tecnologia foi utilizada, inicialmente, nas eleições de 2008, em alguns municípios (Colorado do Oeste,RO, Fátima do Sul,MS e São João Batista,SC). Nas eleições gerais de 2010, no entanto, já alcançou um total de 60 cidades de 23 estados. O Tribunal Superior Eleitoral, dando prosseguimento a esse trabalho de recadastramento, espera, para as eleições de 2012, ter habilitado 10 milhões de eleitores para votar utilizando essa nova tecnologia e, para 2018, a conclusão de implementação do sistema no país.
The use of biometric voter verification in Brazil's national voter system began in 2008 and is scheduled to be cover all voters in 2018.

Voting is compulsory in Brazil.

Biometrics in Emergencies

Mattski at the Putting your finger on biometrics blog brings up an important point about the potential of biometric identity management systems to assist in emergencies.
One can imagine that fingerprint biometrics will have helped some organisations, businesses, schools and hospitals to locate where people were when the huge earthquake and tsunami waves stuck.

Apart from natural disasters impacting huge territories, they are also very likely to help in accidents or attacks.

As a rule, the more dangerous a given workplace, the more rigorous are the identification and access control protocols. Power plants and military bases spring immediately to mind.

One protocol developed to assist responders in the event of an emergency has staff leave their ID badges at pre-determined locations upon their departure from the site. If followed, this procedure is a good tool for deducing how many people are missing and who they are. After all, no one is going to require that people use the access control procedures developed for normal operations while fleeing a burning building.

But having better information on the last known position of the missing not only makes their recovery more likely, it makes first responders safer by allowing them to do their job more efficiently.

Admittedly, you don't need biometrics to do this (prox cards can work, too), but you do need rigorous access control, intelligent systems that can prepare the relevant information in near real time, and established emergency protocols that make the information actionable.

Part II: The Nature of Consent

Introduction
Part I: The Right to Privacy

Part II: The Nature of Consent
Consent comes in two main varieties: agreement between/among people; and consent of the People. The former describes voluntary associations and ad hoc arrangements made by individuals or private groups; the latter describes the social contract whereby governments obtain their legitimacy. Individual Consent deals with the individual’s right to form relationships, share information, etc. with other entities as mutually agreed. The Consent of the Governed deals with the collective right of the People to form a system of government and the type of behavior a government may compel of individuals under its jurisdiction.

Both types of consent have dramatic implications for the right to privacy and its free exercise.

Individual Consent
Individual consent fits broadly within the contours of contracts and cultural mores.

Contracts
The contractual form of individual consent relies upon the right of legal entities – adults, corporations, businesses, associations, etc. – to interact with each other, or to refrain from interacting with each other in pursuit of their legal individual aims.

When two private legal entities agree to interact with each other, they are said to consent. Contracts are used where an overt positive act is required in order to communicate consent. Acts such as buying something, getting married, hiring someone, incorporation of a business, forming a club, etc. are contractual.

All contracts impose constraints upon both consenting parties. The breach of these contracts is governed by laws.

Cultural mores
In the absence of an explicit written or oral contract or other sign of consent, cultural mores come to the fore. These customs deal in no small degree with a society’s notions of privacy and usually presume minimal consent. These cultural understandings can be seen as mini-agreements between-and-among individuals sharing a public space.

For individuals, exiting the privacy of one’s home and entering the public signifies an individual’s consent, to do certain things (cover your mouth when you cough, be polite) and to refrain from doing certain things (don’t stare at people, don’t point at people and laugh, etc.).

These cultural agreements also impose multilateral constraints upon the consenting parties. The breach of these agreements is most often governed by giving the supposed offender a nasty look. If nasty looks aren’t doing the trick, someone is sure to suggest a law.

For other legal entities such as corporations, clubs and associations, simple existence places them in the public. They are also obligated to do and refrain from doing certain things. Often the obligations they take on are spelled out in a charter or a mission statement, and an organization that fails to live up to its stated and socially imposed standards loses good will.

Consent of the Governed
Consent of the Governed is the other type of consent. I don’t want to wade too deeply into political theory, but for the sake of this discussion let’s assume that it is possible for the People collectively to consent to things, and that the formation of a democratic government means that they do, in fact, consent to be governed. Arguing in favor of these assumptions, democracies have the additional feature of ratifying that supposed consent periodically through voting processes. Laws come out the other end. But it’s important to distinguish the laws that regulate relations between equal members of society (i.e. contract law) from laws that define the much less equal relationship between individuals and the government.

Consent of the Governed bears significantly upon privacy, because governments require citizens to share information with the government or to make information public that they might otherwise choose to keep to themselves.

The abridgment of the right to privacy in the Individual Consent case is ad hoc, fully within the scope of a unique individual’s assessment of their individual aims and within the individual’s power to regulate within the scope of contract law (or nasty looks). But the sacrifices to privacy the People make under the Consent of the Governed case do not fall on some generic entity called the People, redounding to the People’s supposed benefit, they fall upon individuals to the supposed benefit of the People. The People don’t fill in the census, file their income taxes and become licensed to do things; individuals do.

Government also brings a coercive power to the calculation that is absent in the Individual Consent case. Though they both have a direct bearing on an individual’s right to privacy, the nature of consent in the individual case and the Consent of the Governed case is qualitatively different.

Part III: Transparency

Part IV: A Framework for the Discussion of Privacy Issues
Part V: Filling in the framework; Absolute advocacy dos and don'ts
Part VI: Filling in the framework, subjectivity and interpretation

Tuesday, April 12, 2011

Time-and-Attendance, ROI & People

The Human Side of Time and Attendance (Insperity Blog)
However, like any business, the technology helps organize workflow within a process to gain accuracy and efficiency that can result in various levels of hard and soft dollar bottom line savings.

Yet, it still takes the right people, with the right skill sets and the right aptitude to understand and be successful using such tools of the trade to really achieve the desired results.
It's about people and ROI. Increasingly, the tech. is the easy part.

Brazilian police to use Face-Rec eye glasses at World Cup

Brazilian police will use futuristic 'Robocop-style' glasses fitted with facial recognition equipment to identify and root out troublemakers at the 2014 World Cup (Telegraph.co.uk)
Major Leandro Pavani Agostini, of Sao Paulo's Military Police, said: "It's something discreet because you do not question the person or ask for documents. The computer does it.
I'd like to know more about this proposed deployment.

UPDATE: Twitter bot Bixby Snyder: I'd buy that for a dollar!
I should have thought of that!

UPDATE II: Since this has gotten so much attention, I think it's appropriate to add a little to this post.

The effective use of facial recognition technology in a surveillance environment requires significantly more training, environmental control (or compensation for environmental factors), and user judgment than other biometric modalities that depend on voluntarily user interaction.

2014 is still a long way away, but I suspect what is being discussed is a re-run of the "Snooper Bowl" experiment featuring our very own FaceTrac in 2001.

If the "Robocops" involved act as anything more than discreet mobile tripods, I'll be surprised.

Friday, April 8, 2011

New York State: Medicaid anti fraud bill would issue biometric ID cards

We spill a lot of pixels here highlighting the use of biometrics to combat fraud in the developing world. Here's an example from New York.

Palm identification would use cards in effort to cut $5 billion in illegal costs (Albany Times Union)
Palm-scanning devices and identification cards could become part of a doctor's appointment under proposed legislation that aims to crack down on Medicaid fraud.

The bill, introduced Wednesday by Assemblywoman Naomi Rivera, D-Bronx, and Sen. Michael Ranzenhofer, R-Amherst, would dish out Medicard cards equipped with biometric technology.

The bill's sponsors say the initial $20 million investment is a fraction of the estimated $5 billion in Medicaid fraud that occurs annually in the state. Medicaid is a medical care program for low-income residents.
People's willingness to support social programs is dependent on their being seen to address social problems rather than seen as enriching criminals.

$5 billion in fraud is a shocking figure.

Biologists create barcode scanner for zebras

Free Open-source Zebra Biometrics (Wired.co.uk)
When researchers want to identify an animal, they need to take a photo of it, then select a similarly-sized rectangle on its body and the system will then analyse its constituent black-and-white pixels to assess which animal on the system it most closely resembles.
For obvious reasons, zebras are a great place to start to apply biometric techniques to wildlife. They come with their own bar codes. They live in well-lit, flat, uncluttered terrain. And there are lots of them.

A real promise of such systems, though, is their applicability to species and conditions that are considerably more challenging.

Debating biometrics [Part I: The Right to Privacy]

Introduction
Part I: The Right to Privacy

Privacy (function: noun)
: freedom from unauthorized intrusion : state of being let alone and able to keep certain esp. personal matters to oneself
privacy. Dictionary.com. Merriam-Webster's Dictionary of Law. Merriam-Webster, Inc. http://dictionary.reference.com/browse/privacy (accessed: April 08, 2011)

The right to Privacy, is an individual right. One cannot argue for individual rights in absolute terms; one can only argue for an individual’s possession and free exercise of the right.

As far as privacy is concerned, it’s the ability to keep certain matters to oneself that counts. The right (ability) to keep certain matters to oneself assumes that the individual also retains the ability to share personal matters with others of their choosing. As such, it is up to the individual to determine what personal information is most appropriately kept to themselves.

Privacy is not unique in this manner. All rights come with the freedom to use them as the individual sees fit. If a right is guaranteed, possessed and freely exercised by the individual, not using the right in any obvious way is wholly consistent with possessing the right. Freedom of speech does not require one to say everything one thinks; Freedom of Religion does not require one to be religious. In a diverse society, one good test for whether an individual right is actually being enjoyed is if it is being expressed in a wide variety of ways by different individuals.

So, in individual cases, the expression of a right can, and often does appear as the total lack of expressing the right. This is what makes rights of an entirely different political character than duties.

Part II: The Nature of Consent
Part III: Transparency

Part IV: A Framework for the Discussion of Privacy Issues

Part V: Filling in the framework; Absolute advocacy dos and don'ts
Part VI: Filling in the framework, subjectivity and interpretation

Thursday, April 7, 2011

Debating biometrics [Introduction]

I read with interest and optimism the guest post written by NO2ID's James Baker for the M2SYS blog last week: Interest because the people at M2SYS seem to share our belief that biometric identity management techniques have been a force for good in the world far more than they have led to ill; Optimism because I hope there is a common intellectual and philosophical space that technology providers and those who worry about biometrics can inhabit.

Over the course of a series of posts we will be examining the appropriate role of privacy campaigners in the adoption of biometric identity management technologies.

Part I: The Right to Privacy
Part II: The Nature of Consent
Part III: Transparency
Part IV: A Framework for the Discussion of Privacy Issues

Part V: Filling in the framework; Absolute advocacy dos and don'ts
Part VI: Filling in the framework, subjectivity and interpretation

Wednesday, April 6, 2011

Tenafly New Jersey Little League requires Fingerprinting Of All Volunteers

A New Jersey Little League is taking safety up a notch (CBS, New York - via Drudge)
Tenafly Little League president John Preolo said the league had to require fingerprinting this year because of a much-needed grant.

“To get the grant there is certain criteria that had to be met. One of them is the fingerprinting process. If the town didn’t agree to get coaches and volunteers fingerprinted, I don’t think we would have gotten the money,” Preolo said.

Prompted by Carl Findlay's comments in the article, I searched "David Hartshorn". What I found is heartbreaking:

Queens, NY Little League coach accused of molestation; Cops look for more victims (ABC, New York)

Queens and Tenafly are 22 miles apart.

Tuesday, April 5, 2011

Biometrics aid in fight against corruption in Indian farmer support program

Opposition slams government over corruption (The Times of India)
The minister said the government had extended the storage agency system till October-end. He said the state government had approached the Centre for funds to extend biometric card system for PDS beneficiaries all over the state after it was found successful in Rayagada district.
Citizens are more willing to support social welfare programs when they are confident that they are not vehicles for graft. Biometrics can help assure that scarce resources reach their intended recipients.

Monday, April 4, 2011

The Five Country Conference biometric programme

NZ tightens border security (AustralianNetworks.com)
The agreement is part of a Five Country Conference biometric programme between New Zealand, Canada, the United States, Australia and the United Kingdom..
It used to be the Four Country Conference. New Zealand makes five.

More here. (TVNZ.co.nz)

What's your number?

Jamaica to get national identification system (Jamaica Gleaner)
It is believed that the benefits of the NIDS will be significant for Jamaica, both in the public and private sectors, including registration of births and deaths, criminal records, traffic ticketing, tax compliance, records management, road and drivers licensing, among other things.
The article doesn't specify the biometric modality (modalities) to be included, but it does mention tha biometrics will be used.

Friday, April 1, 2011

FBI develops rapid DNA at a distance identification technology

Brave New system could reduce DNA matching time to ten minutes (Manchester Guardian)
The old DNA identification system took up to six weeks to analyze a DNA sample for criminal cases and that sample had to be taken, preserved and processed under laboratory conditions. Now the subject's entire genome can be sequenced in under 5 minutes without any physical sample at all, says Rehfeldt. "Our goal for felony case DNA searches is now 10 minutes, and in misdemeanor cases, it's 15 minutes," says Rehfeldt.
A record of all the genetic base pairs and detailed personal information about individuals analyzed by the new system will be maintained in the FBI's Clarksburg, WV facility.
Asked if anyone at the FBI had expressed any reservations regarding the implementation of such a system on privacy or constitutional grounds, Rehfeldt responded via the Twitter messaging service "w00t! All your genome are belong to us!"