The Inquirer reports US is not pressuring UK for biometric data British folks, who’ve been listening to Blair and Blunkett defend the ID card proposal for months on the basis that the ICAO and the US will require us to have biometrics in our passports anyway, so the costs of the ID card itself are smaller than we think, will be intrigued to hear that this is not true. Moss* said categorically that the US is not pressuring the UK to include biometrics beyond the ICAO-mandated digital photograph. The fingerprints and iris scans are all Blair’s and Blunkett’s. The basis of everything is still the face. The other bit of good news in all this is that if you dislike the chips the passport remains a valid travel document even if you cook it dead. * Frank Moss, deputy assistant secretary for passport services at the US State Department, their […]

What US requirements?

The Guardian reportsTwo national newspapers paid to receive confidential information from the police national computer which makes it sound like the newspapers are what we should be worrying about, rather than the security of our data. But if newspapers are getting secret police material, who else is? Riel Karmy-Jones, prosecuting, told Blackfriars crown court in central London that Mr Whittamore [an investigator] had received the information “through a chain” made up of the three other defendants: the private investigator John Boyall, 52; Alan King, a 59-year-old retired police officer; and Paul Marshall, 39, a former civilian communications officer who was based at Tooting police station in London. There’ll be much more information on everyone of the NIR than on current police computers. And many more people would have access.

Police data sold to newspapers

Possibly the most alarming thing about this story Ricin case sparks asylum concerns may be the reasoning in the Home Office reaction… [The murderer,] Bourgass said he had destroyed his documents before entering the UK and claimed asylum in January 2000 using the name Nadir Habra. Nevertheless, Home Secretary Charles Clarke denied the case was an embarrassment for the government. “We have to work even harder to contest the terrorist threat,” he said. “I think things like identity cards, stronger borders to deal with migration issues, the kinds of anti-terrorism legislation that we passed in the last Parliament are all necessary.” How does this follow?

Home Office logic in action

CNA, the Taiwanese official newsagency reports New ID card launch preparations to be based on fingerprint requirement A confusing story. They’ve had ID cards for years, but, are painfully moving in the opposite direction from the British government, […] the Excutive Yuan passed a revised draft bill to remove the fingerprint requirement from the existing household registration law. […] It has been learned that if the bill is not approved, the Interior Ministry will have to purchase around 900 fingerprint scanners at a total cost of NT$500 million (US$15.87 million). Noting that ID cards should be renewed every 10 years according to the existing regulations, [Interior Minister] Su said that the launch of a new version of the national ID card has been delayed for 19 years because of the controversy over the fingerprints issue. For much of that period the country was a military dictatorship over a Confucian society […]

Taiwan vacillates…

Australian privacy campaigners attack another naive government scheme, the New South Wales Photo Card Bill 2004, as reported by ZDnet Australia ZDnet Australia “The Commonwealth Government has recognised the risks of centralising vast amounts of personal data — it means only one database to hack into, or one clerk at the RTA to bribe,” said [Anna] Johnston [of the Australian Privacy Foundation].

NSW ID card a ‘gift to terrorists’

In an admirably terse piece ID card Bill gets the axe it gets straight to the facts and avoids printing the spin: The controversial Bill to introduce the cards — which critics said would cost at least £10billion — was lost because of lack of parliamentary time.

The SUN says…

The vast resources of the US Department of Homeland Security are now focused on its own biometric ID card scheme, Government Computer News reports. Careful reading reveals they are proceeding cautiously compared with our own dear Home Office. 1. Only 200,000 or so pre-screened volunteers (whose backgrounds have already been checked for other purposes) will be involved. 2. The “biometric” is the same as for the US-VISIT scheme, a digital scan of two index-finger-prints. (OK-ish for verification; not much good for identification. Ministers who don’t know the difference see here.) 3. No externally obvious milestone dates for the programme have been announced, so the DHS won’t be embarrassed however long it takes, and has no temptation to misrepresent its results to suit its targets.

US starting small

BBC News reports Malaysia car thieves steal finger The attackers forced Mr Kumaran to put his finger on the security panel to start the vehicle, bundled him into the back seat and drove off. But having stripped the car, the thieves became frustrated when they wanted to restart it. They found they again could not bypass the immobiliser, which needs the owner’s fingerprint to disarm it. … Biometrics are good for security? Depends on your concept of security. Fuller acount in the Straits Times Thanks to Ross Anderson for spotting this.

Not necessarily safer

The Washington Post carries a piece by the Republican Senator for Tennessee, Lamarr Alexander: Much as I Hate It, We Need a National ID with the interesting perspective of a conservative who is made deeply uneasy by the idea but cannot find arguments to oppose the spurious cases for “security” and “convenience”. I have fought government ID cards as long and as hard as anyone. In 1983, when I was governor of Tennessee, our legislature voted to put photographs on driver’s licenses. Merchants and policemen wanted a state ID card to discourage check fraud and teenage drinking. I vetoed this photo driver’s license bill twice because I believed driver’s licenses should be about driving and that state ID cards infringed on civil liberties. That same year, on a visit to the White House, when a guard asked for my photo ID, I said, “We don’t have them in Tennessee. I […]

A reluctant proponent

The BBC has a disturbing story showing the constntly shifting boundaries of the database state. A senior Department of Health civil servant said people would not be able to decide what details are stored. Critics say this goes against earlier government assurances that patients would be able to veto the information. The DoH said people can still discuss with their doctor what details are recorded and control who can access them – except in an emergency. Of course, if NHS treatment is to made to depend on ID checks, as the Government has promised, such records will also be linked to the National Identity Register. Who will decide what is an emergency? How will privacy be secured with, say, half a million health workers potentially having access? The database won’t be privileged against RIP Act powers. Even if it were, nominally, wouldn’t the NIR audit trail give clues about the […]

Privacy fears over NHS database

With touching faith in the magic of technology Asahi Shimbun online reports, Fingerprints provide passport out of long queues It’s claimed that pasports with fingerprints encoded onto a chip will allow processing to be speeded-up by abolishing personal checks and replacing them with wholly electronic gates that compare prints with a passport swiped by the traveller. “While it is designed to ease airport congestion, officials are also looking at it with an eye to heightening security.” Those with experience of swipe-systems and security may wish to comment on how likely it is to achieve either aim. Those armed only with skepticism will note from a closer reading of the article that the Japanese Justice Ministry proposes this system only for travellers leaving Japan.

The end of passport queues?

The Daily Telegraph reports on the CitizenCard scheme. We’ve repeatedly said we have no objections to authentification systems where the user is in charge. CitizenCard is voluntary, doesn’t directly share the data it holds, and is catering to the reasonable need of retailers to check legal ages. So why do we find it slightly creepy? Well, its own website says: Membership of the company is open to any commercial or non-profit organisation with a legitimate interest in the promotion of ID or proof-of-age. My emphasis: “the promotion of ID”. No wonder the Home Office approves. Getting youngsters used to showing ID on any occasion would certainly ease the transition to a national ID card. But behind the card there’s little similarity between the two schemes. CitizenCard is not a threat to freedom or privacy. If it works, the Government must explain why it is necessary to do things so differently–or […]

A million teenagers carry ID

Prompted by a warning about the security of certain products issued by Microsoft, VNUnet’s Alistair Dabbs asks: Will biometric security harm users?. He’s concerned about biometric security on consumer and business products, but the same arguments apply much more strongly to huge, heavily-used systems such as that proposed for UK ID control. Yet many people persist in believing that biometric access can be relied upon for security. Biometric data, I am told, is secure because it is “locked” to your body, while passwords can be acquired from you in underhand ways. The word “locked” is misleading, though. A determined hacker will always find a way, giving rise to some scary scenarios.

Will biometric security harm users?

Alexander Deane in Australia’s On-line Opinion puts the case against lucidly. The “War on Terror” has produced many strange political situations. In Britain, a left-wing government is now proposing this authoritarian measure: in Australia, a right-wing government is opposing it. In my opinion, the Howard Government is right, and the Blair Government is wrong. Here’s why. (He mis-quotes the ostensible cost of the scheme at “£50 billion”, though that may well be more realistic than the pared-down guestimate from the Home Office that so carefully excludes everyone else’s costs.)

Good Reasons to Reject ID Cards