While the Australian Government pushes ahead with its efforts to develop biometric technology to combat identity fraud at Australia's borders, doubts remain about the practicability of the technology.
The Government is committing $9.7 million in 2004-05 towards developing biometric technology to combat identity fraud at Australia's borders, including an allocation of $3.1 million to Customs to expand its automated face-recognition trial, SmartGate to a second international airport and additional users in 2004-05.
But the conservative US think tank The Heritage Foundation has just produced a legal memorandum on the security, legal, and policy implications of biometric technologies which concedes “legitimate public concern that biometric technology” can be misused to invade or violate personal privacy or other civil liberties.
The report concludes that while technology remains one of the US’s greatest advantages, it has not been fully and most effectively applied in support of US counterterrorism efforts. And it calls for appropriate safeguards to be included in the development and implementation of biometric systems with appropriate safeguards to help avoid repeating past mistakes.
And the US House of Representatives has been forced to delay for a year the deadline for 27 countries, including Australia, to provide their citizens with machine-readable, tamperproof passports.
The vote came after a wave of complaints — mostly from European nations with visa waiver agreements with the US — about their inability to meet the October 26, 2004, deadline for issuing the new biometric passports.
One day later a Department of Homeland Security (DHS) official told a Senate panel the US and the 27 other countries need at least another two years before they can hope to met the congressional mandate to include biometric features in their passports.
Assistant secretary of the Bureau of Consular Affairs Maura Harty told the committee, "We face complex technological and operational issues, including the security of the passport data on the chips and the international interoperability of readers and biometric passports."
She said the US did not even expect to receive large shipments of the 64k chips needed for "contactless chip" passports until the spring of next year.
"Like other governments, we expect deliveries to ramp up during 2005, but we ourselves will only be able to complete our transition to a biometric passport by the end of 2005," Harty said.
On the US side, State Department consular affairs spokesman Stuart Patt said last month that technical standards are being developed for the passports and the machines that can read them.
He said biometric US passports are not likely to be ready until the end of 2005.
The Heritage Foundation memorandum says its authors, Paul Rosenzweig, Alane Kochems, and Ari Schwartz, are convinced of the utility of biometric identification as a general matter.
“Biometric technologies have substantial potential to improve national security by providing a means to identify and verify people in many contexts. In many circumstances they will provide a substantially higher level of security beyond current means of identification. This will be of especial utility in controlling access to areas where security risks are especially high — airport tarmacs, critical infrastructure facilities, and the like,” the authors say.
But they concede implementation of biometric technologies for increasing national security raises numerous practical and policy questions and assert that it is critical that the right type of technology is chosen to meet the purpose and privacy requirements of a specific use.
“In order for biometric systems to provide security, it is necessary that people not have a false sense of security about them,” the authors write. “The weaknesses and flaws of the technologies must be acknowledged and countermeasures need to be considered. The systems cannot be seen as the ultimate security tool, and thus the perfect solution. Rather biometrics (in one layer, or many) are simply another tool in a layered approach to security. They are not a panacea — but they can play an important role in protecting America and should not be demonized as unacceptable technology.”
Amongst the principles designed to best enhance both liberty and security, the authors say, is that enrolment in biometric systems should be overt instead of covert, and that biometric systems are better used for verification rather than identification. That is, they are better suited for a one-to-one match assuring that the individual in question is who he says he is and has the requisite authorization to engage in the activity in question. Biometrics are both less practically useful, and more problematic as a matter of policy, when they are used in a one-to-many fashion to pierce an individual's anonymity without the justification inherent in, for example, seeking access to a particular location, they say.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.