Would a National Biometric Authentication Scheme Work?

Ian Lamont writes "The chair of Yale's CS department and Connecticut's former consumer protection commissioner are calling for the creation of a robust biometric authentication system on a national scale. They say the system would safeguard privacy and people's personal data far more effectively than paper-based IDs. They also reference the troubled Real ID program, saying that the debate has centered around forms of ID rather than the central issue of authentication. The authors further suggest that the debate has led to confusion between anonymity and privacy: 'Outside our homes, we have always lived in a public space where our open acts are no longer private. Anonymity has not changed that, but has provided an illusion of privacy and security. ... In public space, we engage in open acts where we have no expectation of privacy, as well as private acts that cannot take place within our homes and therefore require authenticating identity to carve a sphere of privacy.' The authors do not provide any suggestions for specific biometric technologies, nor do they discuss the role of the government in such a system. What do you think of a national or international biometrics-based authentication scheme? Is it feasible? How would it work? What safeguards need to be put in place?"

It would work to...

[PC and Sony Fanboy]

This would do a lot of things. It would a) keep tabs on anyone who was not american (potential terrorists!) b) keep tabs on problem individuals c) increase national security, because sex offenders could be tracked (and given poor service when they're trying to access govn't services. Not all are good, but not all are bad. Maybe we could just do this for category (c)? ... oh wait, they've tried tracking them. It didn't work. Why would it work on a national level?

Open acts not private?

[nurb432]

Perhaps not technically 100%, but you can expect a reasonable level of privacy/anonymity in public.

This could destroy that.

Are Fingerprints Unique

[MBCook]

The idea that every fingerprint is unique is a untestable hypothesis, since you'd have to fingerprint everyone ever born, right? We assume it's correct because we've never found examples of fingerprints that were identical.

So my question is this: if we were to fingerprint everyone in the US (all 300+ million of us)... does anyone think we might find that matching set? No one has ever done a fingerprint database of that size, right? With a quick search, I couldn't find out how many prints were in AFIS.

On the topic more directly, I'd say this would be nearly impossible. Ignoring the privacy concerns that people would use to try to stop thing going into effect... does anyone think we would be able to convince most/all of the 20 million or so illegal aliens in the US to do this? I would think you would run into the same problems in just about any other country, except somewhere like China.

That's what my Tbird was for.

[dotancohen]

In public space, we engage in open acts where we have no expectation of privacy, as well as private acts that cannot take place within our homes and therefore require authenticating identity to carve a sphere of privacy.

The private acts that I did in the sphere of privacy carved out by my '88 TurboCoupe did _not_ require federal authentication, thank you.

Wrong question, but here's the answer: No.

[postbigbang]

Just like in the UK, it'll work until it's cracked. Or the RFID data from passports. It is no business of the government who I am, or where I am without probable cause by a signed affidavit. There's a sufficient majority that would make sure that a national ID system is never used in the US that it's moot anyway. And for Larry Ellison and others that want to try it, they'll get laughed at, again, and just as loudly.

The question isn't unique IDs, it's tyranny. We hack tyranny first.

Re:And how well would that work?

[jamstar7]

When I was issued my Social Security card way back in the 60's, it said, in bold letters at the bottom of the card, "NOT FOR USE AS IDENTIFICATION".

That turned out well, didn't it?

commonly confused

[perlchild]

The summary talks about a common misconception, and manages to create another.

Authentication is when you identify(as in Identity) yourself, when you want to(say, to enter your home), or to get that 5% rebate at that place you like to eat at.

Anonymity is when someone else wants you to identify yourself, and you refuse.

Imputability is when someone's done something and 1) you want to Identify them properly, and 2) do something about some of the people you identify(presumably because something they did was wrong)

Anonymity is something private citizens like, in part because they don't much like imputability. That is when they do something, and it's not tied to their Identity.

Forcing someone to authenticate themselves is something the police, for one, likes, because
1) It prevents them from being blamed for mis-identifying someone
2) If they catch you doing something, and impute it once you authenticated yourself, they're fairly sure they impute it in such a way, it will follow you for a long long time(if they can impute your "identity" more on that later.

However, it has its drawbacks
1) If you authenticate yourself with falsified credentials, you get someone else blamed for your acts
2) It doesn't deal with the fact that you may be unable(damaged or lost credentials)/unwilling to identify yourself/automated systems may mis-indentify you

It doesn't solve the question of "Identity" itself either. Like when the no-fly list(falling under imputability) lists names(which can be the same for two people), leading to the same result as a falsified authentication.

Just a quick summary:

Identity: Who you are
Authentication: Proving who you are
Anonymity: Not having to say who you are
Imputability: Blaming who you are

The four are interlinked, but often confused, as in the article.

People interested in laws like RealID need to pay a lot more attention to distinctions between all four. Until the authentication part can be more more foolproof, the imputability is scary(you can be blamed for stuff you haven't done), the anonymity, well it's scary to those who'd rather deal with people they can identify(and therefore impute, think contracts to keep it in the white hat sphere). And the Identity, well that's the real problem. If you have a single, centralized database, any single mistaken Identity becomes life-altering, if not actually life-threatening(correcting someone's id with falsified credentials in order to make their lives a living hell? Yes, it can do that).

Does that bother you a little? I know it does me.

Re:What's the real subject here?

[Original Replica]

we need a secure scheme that provides both authentication and anonymity as appropriate.

The question of when anonymity is going to have very different answers depending on who you ask. Most law abiding citizens would object to being ID'ed dozens of times a day as they go about their business, but for a "track the terrorist" system this is what would have to happen, and is what DHS would want. Right now it's too blatantly oppressive and logistically difficult to ID everyone who walks into the subway or drives through a toll booth, but with biometrics + cctv this becomes entirely possible. It has all the totalitarian control of "your papers, please" in an unobtrusive, easy to ignore package. There are plenty of times in daily life when it is appropriate to need to provide a secure ID, but they are always when the person being IDed is a willing active participant in the process. If simply being able to see a person is enough for them to be confirmed (and location updated) against a national database, then we all lose that bit of participation and choice. And is not the ability to be an active willing participant in the function of our government the very heart of our Democracy?

Re:It would work to...

[Iron Condor]

Last I checked (1999 or there abouts), there were 535 members of congress, of which 29 had been accused of spousal abuse, 7 had been arrested of fraud, 19 had been accused of writing bad checks, 117 had bankrupted at least two businesses, 3 had been arrested for assault, 71 couldn't get a credit card due to bad credit, 14 had been arrested on drug-related charges, 8 had been arrested for shoplifting, 21 were defendants in then-ongoing lawsuits. In 1998 alone, 84 were stopped for drunk driving.

After all, in this society, once you're a criminal, you're permanently low class, you can't make up for it.

Sure looks to me as if we're quite happy to give people another chance.

Re:Theft of biometric tokens

[Anne Thwacks]

If a crim wants my biometric, they take my finger, eye whatever

The more efficient ones imply insert THEIR data against your name in the database index:

UPDATE biometric_data SET identity = 'fake_value' WHERE name='Your Name';

Its easy when you know how, and the go'mint computer can do zillions of transactions a second.