Following Mayor Bloomberg’s remark that public housing should incorporate fingerprinting technology and rumors of Apple implementing this technology for the new iPhones, two experts discussed the state of biometric security and where we are headed with it. (PIX 11)

There’s a good video at the link. I removed the video from this post because of the annoying auto-play feature which comes with the embed code. The video at the link above does not autoplay.

UPDATE: An interesting take on the political part of the story that echoes our Technology-and-Policy theme… Bloomberg is Right and Wrong About Fingerprinting Public Housing Residents (Frontpage Mag)

Policy must precede technology

Some Ugandans may miss identity cards (New Vision)

In Mengo and Kisenyi suburbs, many non-indigenous Ugandans yesterday expressed disappointment when officials at the distribution centres demanded proof showing that they were registered Ugandans.

This group included Salim Uhuru, the NRM chairman of Kampala district and councillor of Kisenyi, who has since described the development as discrimination.

“When I reached the distribution table, I was told that I was not supposed to get the identity card. My name and photograph were in the register, but were marked ‘non-citizen’. I also noticed that this was the same case with every other person who was light skinned. This smells of discrimination of fellow countrymen on grounds of their skin colour,” he said.

The title of this post is a variation on the theme that technology is no substitute for managerial skill and wise policies (see here for similar thoughts). It looks like Uganda has some work to do in its ID management infrastructure as it seems that in important parts of the bureaucracy, no one is quite sure what a Ugandan is.

See also:
Poor ID Management Infrastructure Prevents Uganda Little League Baseball Team from World Series Participation

It’s obvious that Uganda has more than a fair helping of ID management challenges. The good news is that it has never been easier to overcome technical challenges. The bad news is that technology can’t force a consensus on who should get an ID.

‘Wired’ drops biometric fly into Senate’s immigration ointment

Wired threw the double whammy of “Biometric” and “National ID” into the middle of the Senate and national debate on overhauling the U.S. immigration system.

The article that touched it all this off is:

Biometric Database of All Adult Americans Hidden in Immigration Reform (Wired)

The immigration reform measure the Senate began debating yesterday would create a national biometric database of virtually every adult in the U.S., in what privacy groups fear could be the first step to a ubiquitous national identification system.

Organs on both sides of the American political scene — the left-leaning Daily Beast and the right-leaning Daily Caller — found the Wired piece wanting.

The Immigration Bill does not create a ‘biometric database of all adult Americans’ (Daily Beast)

The idea of the government creating a massive biometric database for virtually all adult Americans is indeed terrifying, and if the story was true, would be cause for genuine outrage

Fortunately, Wired’s assertion is false. Here are the facts: [ed. article continues]

‘Wired’s attack on immigration reform gets biometrics wrong (Daily Caller) 

Any E-Verify system that could actually prevent fraud will necessarily be more intrusive than the current system. In this case, an effort is being made to guarantee job applicants actually are who they say they are — that they are not merely stealing someone else’s social security number.

This is not to say we shouldn’t be vigilant in regards to protecting our civil liberties. There is a natural tension at play as immigration reformers work to create a system that actually prevents the employment of illegals who wish to skirt the law.

Both articles also run with a novel (to me) argument, potentially from the same source, that a face photo isn’t really biometric in nature.

Daily Beast:

That isn’t a “biometric” data set by any reasonable definition. As a Senate aide told me: [ed. cont’d]

Daily Caller:

There is also a semantics problem with the Wired story; photographs, I am told, don’t technically qualify as “biometrics.” 

That will come as quite a shock to many people who have been developing facial recognition algorithms for a decade or more and the thousands of people who use facial recognition technologies already. If drivers license-style photos of faces aren’t reasonably good proxies for unique identifiers, why do photo ID’s exist in the first place?

UPDATE:
David Bier writing at OpenMarket.org provides valuable commentary in Sorry, Daily Beast: E-Verify Will Be National ID.

This bit reinforces the point we made above:

Never mind how experts or the general public use the word, the phrase biometric identification has a specific legal definition. Under 46 USC 70123, “the term “biometric identification” means use of fingerprint and digital photography images and facial and iris scan technology and any other technology considered applicable by the Department of Homeland Security.” In other words, the government itself defines photographs as biometric identification. [ed. all emphasis and link in orig.]

The immigration debate: Entry & exit tracking

The topics we hit on in Who’s in my country? That’s a tough one. are addressed in more depth and from a United States perspective below.

I found the analogy in the brief excerpt below particularly apt.

Immigration reform: What to do about those who arrive legally but never leave? (Alaska Dispatch)

Build a statistical measure of the border’s security? Too complicated. Determine “operational control” over certain amounts of the American southern border? Too undefined. Establish certain levels of infrastructure and security personnel? Too expensive.

That’s part of the over-arching problem: with broad dysfunction in many parts of the immigration and border security system, it has been difficult to marshal the political will and financial resources to fix any one part without a broad overhaul.

“You have an automobile that has no tires, no wheels, no doors, no engine, and then, alright, great, you put two brand new tires on it [and ask] ‘Why doesn’t it work?’” says Rep. Mario Diaz-Balart (R) of Florida, a key House immigration reform negotiator.

UK: Immigration politics and biometrics

The United States isn’t the only place where immigration politics — and the role of biometrics — are coming to the fore. They’re very timely issues in the UK, as well.

WorkPermit.com covers Prime Minister David Cameron’s policy prescriptions like the dew covers Dixie, here: Cameron announces tough reforms to UK immigration.

The Guardian provides some analysis here: Immigrants’ residents permits: how would they work?

The repeated refusal of GPs, social housing officers and social security staff to act as immigration officers also means that if more robust residence tests are to be introduced for other EU nationals then an easy and authoritative way is needed of checking how long they have been in the country and what their immigration status is.

Ministers have confirmed that they are looking at plans to take fingerprints and other biometric data to be stored on a card with a photograph and electronic signature from new arrivals from next year.

It is within this context that the beleaguered UK Border Agency is being broken up (BBC). The UKBA is currently responsible for border protection, visa & passport issuance, asylum cases, immigration law enforcement, etc.

US Senate: Biometric worker ID sticker shock

Lindsey Graham: Federal ID for Workers Too Expensive (WLTX – Columbia, SC)

Senators working on a bipartisan immigration bill are likely abandoning the idea of requiring a new high-tech federal ID for workers because it’s too expensive.

Republican Sen. Lindsey Graham of South Carolina says cost estimates for the biometric ID card he favors came in higher than expected. The card was intended as a way to ensure employers don’t hire illegal workers.

India’s UID affecting the political dialogue elsewhere

The US political issue of whether or how best to confer some sort of legal status upon some individuals currently living within the United States without that legal status is getting a lot of attention. The United States’s last attempt at sweeping immigration reform was in 1986. Since then, it’s been baby steps.

The linked article provides more detail for why that might be, but the part that caught my eye is the basic formulation: “If India can execute a biometric project for over a billion people, it should be possible to apply biometrics to this, far less daunting, challenge.”

For example:
Michael Barone commentary: Stars are aligning for a law on immigration that might work (Columbus Dispatch)

So what are the reasons to think such legislation would produce different results from those of the 1986 law?

[…S]omething feasible now that wasn’t back then: an identity card linked to a database with biometric identification. India is now creating such a system for its 1.2 billion people. Why can’t we do that for many fewer immigrants and visa holders?

India’s UID project is giving the rest of the world confidence that long-neglected issues can be addressed through a combination of political will and new technology. I expect we’ll be seeing a lot more examples from around the world.

It’s not the tech, it’s the people: Senate Face Rec Hearings Edition

Here are a couple of news pieces on the hearing of the Privacy Subcommittee of the Judiciary Committee facial recognition and privacy.

Sen. Al Franken reads Facebook the riot act over facial recognition risks (All Voices)

The senator made some pointed criticisms to Facebook’s manager of privacy and public policy Rob Sherman. Sen. Franken noted how difficult it is for users to opt out of having their faces recognized by Facebook supercomputers. The privacy settings, he argued, are buried deep in a lengthy and frustrating process. “Right now, you have to go through six different screens to get (to the privacy opt-out),” Sen. Franken complained. “I’m not sure that’s ‘easy to use’.”

Regulation of Facial Recognition May Be Needed, US Senator Says (PC World)

The growing use of facial recognition technology raises serious privacy and civil liberties concerns, said Senator Al Franken, a Minnesota Democrat and chairman of the Senate Judiciary Committee’s privacy subcommittee. Franken, during a subcommittee hearing, called on the U.S. Federal Bureau of Investigation and Facebook to change the way they use facial recognition technology.

Biometric information, including facial features, is sensitive because it is unique and permanent, Franken said.

There are real privacy issues surrounding both government biometric surveillance and the transparency of private entities that use biometrics.

Dealing with the particulars of the hearing, though, it seems that if you’re mad at Facebook, deal with Facebook and that those worried about the government’s respect for the privacy of citizens would be best served arguing for limits to the government’s snooping power, regardless of the technical method used. 

See:
Surveillance requests to cellphone carriers surge and Twitter Gives User Info In 75% Of U.S. Inquiries. Google says it complied with about 65% of court orders and 47% of informal requests in the second half of 2011.

Of the methods Facebook uses to extract personal information from users, facial recognition is perhaps the best known.

Of the myriad technologies government uses to track citizens, facial recognition is among the least significant.

That won’t always be the case, so it’s good to to build consensus on the proper use of a new technology in an open and informed way, but it shouldn’t be hyped and used as a distraction from more pertinent privacy issues.

It’s not the tech, it’s the people.

Senate Subcommittee Discusses Facial Recognition

Unfortunately, there doesn’t seem to have been any mention of facial recognition technology’s usefulness a as a tool for protecting privacy.

The Senate Privacy Subcommittee of the Judiciary Committee held a hearing about facial recognition (CIO)

The Federal Trade Commission (FTC) testified before the subcommittee. Their press release on the occasion is here: FTC Testifies on Commercial Uses of Facial Recognition Technologies.

ID Rivalry Reignites in India

In the Dec. 6, 2011 post, India: How Much Fraud is Acceptable in NPR, UID, we touched on the philosophical differences between NPR and UID and the men behind the two efforts.

Home Minister P. Chidambaram’s biggest point has always been that his organization’s database, the National Population Register (NPR), is for Indian citizens only with a view toward issuing a citizenship card. His concern is that loose enrollment standards will lead to issuing the citizenship card to non-citizens and doing that exposes India to intolerable security risks.

The UIDAI, led by Nandan Nilekani is more concerned with providing everyone in India with a legitimate identity. The implicit assumption is that in a situation where a significant portion of the population will be unable to prove with scientific precision who they are (because they don’t have ID), you’re better off getting everyone an ID and then trying to sort things out later.

Prime Minister Manmohan Singh set the conditions for both efforts to proceed in parallel, sharing tasks and infrastructure (in areas such as de-duplication) when possible, and otherwise staying out of each other’s way.

Though he never really seemed to accept the legitimacy of the pro-UID point of view Chidambaram took his medicine on January 24, 2012, in essence proclaiming “Rivalry! What rivalry?” See: UID: Home Ministry Climb-down.

Three days later the truce was sealed. UID would enroll 600 million people in 16 of India’s 28 states, and the NPR would issue 600 million credentials elsewhere. See Compromise reached on Biometric ID in India (January 27) which predicted that the rivalry would soon heat up again.

…which brings us to today:
Chidambaram, Nilekani spar over collection of biometric data (Times of India)

Sources said the cabinet again discussed the issue on Thursday after Chidambaram recently wrote to the Prime Minister complaining that the NPR project had “come to a standstill” because of the UID scheme.

“The collection of photographs and biometrics has been facing hurdles at every step on account approach of the UIDAI, which, it seems, has failed to appreciate the core purpose of the National Population Register,” Chidambaram said in his letter.

He also slammed the UIDAI for allegedly not following the cabinet’s orders.

“Despite clear orders from the cabinet, the UIDAI is objecting to the conduct of NPR camps in certain states and is also refusing to accept the biometric data of NPR for de-duplication and generation of Aadhaar number,” he said.

Versions of this article are all over the news today. I chose this one from the Times of India for the quality of the discussion in the comment section.

Of course, all this is highly political. But as we say around here all the time: Biometrics is about people. That applies across the board. It applies to the relationship between the individual and the ID management system, and it applies to the political and managerial people who implement and operate ID management systems.

Politics will always play a part in national biometric deployments and they should. What’s interesting in this case is that the political battle isn’t between pro- and anti-biometrics forces. It’s between two giant biometric deployments and, yes, the people who run them.